Overzealous escaping of + in Shellwords
Shellwords module is currently a little too conservative:
+ isn't a token in Bourne sh1, but
Shellwords escapes it anyways.
>> Shellwords.escape 'foo+bar' #=> "foo\\+bar"
>> Shellwords.escape 'foo+bar' #=> "foo+bar"
I'm reporting this on ruby 2.4.3, but it looks like ruby-trunk is also affected2.
Updated by jeremyevans0 (Jeremy Evans) 2 months ago
- Assignee set to knu (Akinori MUSHA)
- Status changed from Open to Assigned
- File shellwords-plus.patch shellwords-plus.patch added
While the current code is not really a bug (Shellwords.escape does not guarantee to only escape when required), I agree it makes sense not to escape +. From what I read, in addition to Bourne sh, neither bash nor ksh require escaping +. Attached is a patch that removes the escaping.