-
Notifications
You must be signed in to change notification settings - Fork 1
fix: use shlex for more robust shell escaping #3
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: main
Are you sure you want to change the base?
Conversation
📝 WalkthroughWalkthroughThe change updates the Changes
Tip ⚡🧪 Multi-step agentic review comment chat (experimental)
📜 Recent review detailsConfiguration used: CodeRabbit UI 📒 Files selected for processing (1)
🚧 Files skipped from review as they are similar to previous changes (1)
🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
Initially I was using a simple regex for escaping single quotes; this is copied over from the original apptainer implementation in what I believe it's an attempt at defending against shell injection via provided commands. It seems `shlex.quote` is a more robust function call to try to properly parse strings that can be safely used as shell command line. Do note that `shlex.quote()` is only designed for POSIX-compliant shells.
5334701
to
ea77d4a
Compare
Initially I was using a simple regex for escaping single quotes; this is copied over from the original apptainer implementation in what I believe it's an attempt at defending against shell injection via provided commands.
It seems
shlex.quote
is a more robust function call to try to properly parse strings that can be safely used as shell command line.Do note that
shlex.quote()
is only designed for POSIX-compliant shells.Summary by CodeRabbit