Replace escapeshellarg with quote across the codebase

Author: antonmedv

contrib/crontab.php

@@ -24,7 +24,6 @@
 
 namespace Deployer;
 
-use function Deployer\Support\escape_shell_argument;
 
 // Get path to bin
 set('bin/crontab', function () {
@@ -137,7 +136,7 @@ function setRemoteCrontab(array $lines): void
     }
 
     foreach ($lines as $line) {
-        run("echo " . escape_shell_argument($line) . " >> $tmpCrontabPath");
+        run("echo " . quote($line) . " >> $tmpCrontabPath");
     }
 
     run("$sudo {{bin/crontab}} " . $tmpCrontabPath);

contrib/rsync.php

@@ -141,10 +141,10 @@
     $excludeFile = $config['exclude-file'];
     $excludesRsync = '';
     foreach ($excludes as $exclude) {
-        $excludesRsync .= ' --exclude=' . escapeshellarg($exclude);
+        $excludesRsync .= ' --exclude=' . quote($exclude);
     }
     if (!empty($excludeFile) && file_exists($excludeFile) && is_file($excludeFile) && is_readable($excludeFile)) {
-        $excludesRsync .= ' --exclude-from=' . escapeshellarg($excludeFile);
+        $excludesRsync .= ' --exclude-from=' . quote($excludeFile);
     }
 
     return $excludesRsync;
@@ -156,10 +156,10 @@
     $includeFile = $config['include-file'];
     $includesRsync = '';
     foreach ($includes as $include) {
-        $includesRsync .= ' --include=' . escapeshellarg($include);
+        $includesRsync .= ' --include=' . quote($include);
     }
     if (!empty($includeFile) && file_exists($includeFile) && is_file($includeFile) && is_readable($includeFile)) {
-        $includesRsync .= ' --include-from=' . escapeshellarg($includeFile);
+        $includesRsync .= ' --include-from=' . quote($includeFile);
     }
 
     return $includesRsync;

recipe/deploy/lock.php

@@ -6,7 +6,7 @@
 
 desc('Locks deploy');
 task('deploy:lock', function () {
-    $user = escapeshellarg(get('user'));
+    $user = quote(get('user'));
     $locked = run("[ -f {{deploy_path}}/.dep/deploy.lock ] && echo +locked || echo $user > {{deploy_path}}/.dep/deploy.lock");
     if ($locked === '+locked') {
         $lockedUser = run("cat {{deploy_path}}/.dep/deploy.lock");

recipe/deploy/release.php

@@ -5,7 +5,6 @@
 use Deployer\Exception\Exception;
 use Symfony\Component\Console\Helper\Table;
 
-use function Deployer\Support\escape_shell_argument;
 
 // The name of the release.
 set('release_name', function () {
@@ -126,7 +125,7 @@
     ];
 
     // Save metainfo about release.
-    $json = escape_shell_argument(json_encode($metainfo));
+    $json = quote(json_encode($metainfo));
     run("echo $json >> .dep/releases_log");
 
     // Make new release.

recipe/deploy/update_code.php

@@ -82,13 +82,13 @@
 
     if ($strategy === 'local_archive') {
         $gitRoot = runLocally("$git rev-parse --show-toplevel");
-        runLocally("$git -C " . escapeshellarg($gitRoot) . " archive $targetWithDir -o archive.tar");
+        runLocally("$git -C " . quote($gitRoot) . " archive $targetWithDir -o archive.tar");
         upload("$gitRoot/archive.tar", '{{release_path}}/archive.tar');
         run("tar -xf {{release_path}}/archive.tar -C {{release_path}}");
         run("rm {{release_path}}/archive.tar");
         unlink("$gitRoot/archive.tar");
 
-        $rev = escapeshellarg(runLocally("git rev-list $target -1"));
+        $rev = quote(runLocally("git rev-list $target -1"));
     } else {
         $repository = get('repository');
 
@@ -130,7 +130,7 @@
             throw new ConfigurationException(parse("Unknown `update_code_strategy` option: {{update_code_strategy}}."));
         }
 
-        $rev = escapeshellarg(run("$git rev-list $target -1"));
+        $rev = quote(run("$git rev-list $target -1"));
     }
 
     // Save git revision in REVISION file.

recipe/provision/nodejs.php

@@ -2,7 +2,6 @@
 
 namespace Deployer;
 
-use function Deployer\Support\escape_shell_argument;
 
 set('node_version', '--lts');
 
@@ -33,6 +32,6 @@
     run('chmod +x /usr/local/bin/fnm');
 
     run('fnm install {{node_version}}');
-    run("echo " . escape_shell_argument('eval "`fnm env`"') . " >> /etc/profile.d/fnm.sh");
+    run("echo " . quote('eval "`fnm env`"') . " >> /etc/profile.d/fnm.sh");
 })
     ->oncePerNode();

src/Host/Host.php

@@ -288,7 +288,7 @@ public function connectionString(): string
 
     public function connectionOptionsString(): string
     {
-        return implode(' ', array_map('escapeshellarg', $this->connectionOptionsArray()));
+        return implode(' ', array_map('Deployer\quote', $this->connectionOptionsArray()));
     }
 
     /**

src/Ssh/SshClient.php

@@ -46,7 +46,7 @@ public function run(Host $host, string $command, RunParams $params): string
         if ($this->output->isDebug()) {
             $sshString = $ssh[0];
             for ($i = 1; $i < count($ssh); $i++) {
-                $sshString .= ' ' . escapeshellarg((string) $ssh[$i]);
+                $sshString .= ' ' . \Deployer\quote((string) $ssh[$i]);
             }
             $this->output->writeln("[$host] $sshString");
         }

src/Support/helpers.php

@@ -10,6 +10,8 @@
 
 namespace Deployer\Support;
 
+use function Deployer\quote;
+
 function array_flatten(array $array): array
 {
     $flatten = [];
@@ -58,7 +60,7 @@ function env_stringify(array $array): string
 {
     return implode(' ', array_map(
         function ($key, $value) {
-            return sprintf("%s=%s", $key, escapeshellarg((string) $value));
+            return sprintf("%s=%s", $key, quote((string) $value));
         },
         array_keys($array),
         $array,

src/Utility/Rsync.php

@@ -18,6 +18,7 @@
 use Symfony\Component\Process\Exception\ProcessFailedException;
 use Symfony\Component\Process\Process;
 
+use function Deployer\quote;
 use function Deployer\writeln;
 
 class Rsync
@@ -76,7 +77,7 @@ function (string $value) {
 
         $commandString = $command[0];
         for ($i = 1; $i < count($command); $i++) {
-            $commandString .= ' ' . escapeshellarg($command[$i]);
+            $commandString .= ' ' . quote($command[$i]);
         }
         if ($this->output->isVerbose()) {
             $this->output->writeln("[$host] $commandString");