Add a few reserved usernames

src/Entity/User.php

@@ -12,6 +12,7 @@
 
 namespace App\Entity;
 
+use App\Validator\NotReservedWord;
 use Doctrine\Common\Collections\ArrayCollection;
 use Doctrine\Common\Collections\Collection;
 use Doctrine\Common\Collections\Selectable;
@@ -43,6 +44,7 @@ class User implements UserInterface, TwoFactorInterface, BackupCodeInterface, Eq
     #[Assert\Length(min: 2, max: 191, groups: ['Profile', 'Registration'])]
     #[Assert\Regex(pattern: '{^[^/"\r\n><#\[\]]{2,100}$}')]
     #[Assert\NotBlank(groups: ['Profile', 'Registration'])]
+    #[NotReservedWord(groups: ['Profile', 'Registration'])]
     private string $username;
 
     #[ORM\Column(type: 'string', name: 'username_canonical', length: 191, unique: true)]

src/Validator/NotReservedWord.php

@@ -0,0 +1,27 @@
+<?php declare(strict_types=1);
+
+/*
+ * This file is part of Packagist.
+ *
+ * (c) Jordi Boggiano <j.boggiano@seld.be>
+ *     Nils Adermann <naderman@naderman.de>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace App\Validator;
+
+use Attribute;
+use Symfony\Component\Validator\Constraint;
+
+#[Attribute(Attribute::TARGET_PROPERTY)]
+class NotReservedWord extends Constraint
+{
+    public string $message = 'This is a reserved word.';
+
+    public function getTargets(): string
+    {
+        return self::PROPERTY_CONSTRAINT;
+    }
+}

src/Validator/NotReservedWordValidator.php

@@ -0,0 +1,51 @@
+<?php declare(strict_types=1);
+
+/*
+ * This file is part of Packagist.
+ *
+ * (c) Jordi Boggiano <j.boggiano@seld.be>
+ *     Nils Adermann <naderman@naderman.de>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace App\Validator;
+
+use App\Entity\User;
+use Symfony\Component\Form\Form;
+use Symfony\Component\Validator\Constraint;
+use Symfony\Component\Validator\ConstraintValidator;
+use Symfony\Component\Validator\Exception\UnexpectedTypeException;
+
+class NotReservedWordValidator extends ConstraintValidator
+{
+    public function validate(mixed $value, Constraint $constraint): void
+    {
+        if (!$constraint instanceof NotReservedWord) {
+            throw new UnexpectedTypeException($constraint, NotReservedWord::class);
+        }
+
+        if (!is_string($value)) {
+            return;
+        }
+
+        $reservedWords = [
+            'composer',
+            'packagist',
+            'php',
+            'automation', // used to describe background workers doing things automatically in audit log
+        ];
+
+        foreach ($reservedWords as $reservedWord) {
+            if ($reservedWord === mb_strtolower($value)) {
+                $this->context
+                    ->buildViolation($constraint->message)
+                    ->addViolation();
+
+                return;
+            }
+        }
+
+    }
+}