nushell/tests/shell
Braulio Valdivielso Martínez 1794ad51bd
Sanitize arguments to external commands a bit better (#4157)
* fix #4140

We are passing commands into a shell underneath but we were not
escaping arguments correctly. This new version of the code also takes
into consideration the ";" and "&" characters, which have special
meaning in shells.

We would probably benefit from a more robust way to join arguments to
shell programs. Python's stdlib has shlex.join, and perhaps we can
take that implementation as a reference.

* clean up escaping of posix shell args

I believe the right place to do escaping of arguments was in the
spawn_sh_command function. Note that this change prevents things like:

^echo "$(ls)"

from executing the ls command. Instead, this will just print

$(ls)

The regex has been taken from the python stdlib implementation of shlex.quote

* fix non-literal parameters and single quotes

* address clippy's comments

* fixup! address clippy's comments

* test that subshell commands are sanitized properly
2021-11-29 09:46:42 -06:00
..
environment nu-path crate refactor (#3730) 2021-08-28 15:59:09 +03:00
pipeline Sanitize arguments to external commands a bit better (#4157) 2021-11-29 09:46:42 -06:00
mod.rs nu-path crate refactor (#3730) 2021-08-28 15:59:09 +03:00