I have to review how the library uses the list - instead of simply checking for equality it uses the items as regexes, and we probably need to do the same here.

Do we really need to copy-paste this? Can't we share the same JSON file across all of the places we use this?

We can move this to shared and use it in both identity and here. Just need to remember to add it to both Dockerfiles

Do you think we should also check holders for offensive words? in assign_holder(). They're not used for invite links, but just in case

I'd extract body if this if { .. } to a separate helper function fn validate_invite_link_blob_hash(blob_hash: &str) -> Result<(), BlobServiceError> and call it here validate_invite_link_blob_hash(&blob_hash)?;

Yeah, this code here only checks if invite_secret === "some bad word" (equality check)

@bartek is there a way of sharing it also with the keyserver?

I'm not sure if it makes sense. For invite link hash it is a good idea because these are accessible as URLs comm.app/invite/${secret} and we don't want these to be offensive. The holders aren't visible at all, so it should be fine to not have any additional validation for them. @ashoat what do you think?

We could potentially use a relative symlink

That reasoning makes sense to me

I think it would be more convenient to handle this as a separate diff - going to put up a followup

Created a task https://linear.app/comm/issue/ENG-6780/share-reserved-usernames-between-services and a diff https://phab.comm.dev/D11051 which makes the file shared between services. Sharing this file between keyserver and services is more complicated - created a task for it https://linear.app/comm/issue/ENG-6781/share-reserved-usernames-between-services-and-lib.