Escape command-line input (`quote`)

chrissimpkins / crypto

Simple symmetric GPG file encryption and decryption

http://chrissimpkins.github.io/crypto

MIT License

48 stars 27 forks source link

Escape command-line input (`quote`) #15

Closed chrisidefix closed 9 years ago

chrisidefix commented 9 years ago

As discussed in issue #8 command-line input should be quote(d) before passing it to a shell, which otherwise can be a serious security concern. This introduced shellescape as a dependency to deal with this problem in a way compatible with Python 2.x and 3.x (Note: right now shellescape may need to be fixed for Python 3.x).

chrissimpkins commented 9 years ago

commit message means: removing .idea from git - I didn't actually delete it

I intended to add it to the .gitignore file so that it isn't pushed anyways. It contains my local PyCharm settings and doesn't need to be in the repository.

chrissimpkins commented 9 years ago

Note: right now shellescape may need to be fixed for Python 3.x

The Python 3 issue was fixed in shellescape v3.4.1 which is now live on PyPI

chrisidefix commented 9 years ago

Looks good to me. Should probably first be merged into development branch.

chrissimpkins commented 9 years ago

Will merge it today. Working on the tests locally and will push everything up