fix: add quoting to git bash arguments when containing special characters on windows

Signed-off-by: Chapman Pendery <[email protected]>

Author: cpendery

src/runtime/utils.ts

@@ -22,10 +22,28 @@ const getExecutionShell = async (): Promise<undefined | string> => {
   }
 };
 
+const bashSpecialCharacters = /[&|<>\s]/g;
+// escape whitespace & special characters in an argument when not quoted
+const shouldEscapeArg = (arg: string) => {
+  const hasSpecialCharacter = bashSpecialCharacters.test(arg);
+  const isSingleCharacter = arg.length === 1;
+  const isQuoted = (arg.startsWith(`"`) && arg.endsWith(`"`)) || (arg.startsWith(`'`) && arg.endsWith(`'`));
+  return hasSpecialCharacter && !isSingleCharacter && !isQuoted;
+};
+
+/* based on libuv process.c used by nodejs, only quotes are escaped for shells. if using git bash need to escape whitespace & special characters in an argument */
+const escapeArgs = (shell: string | undefined, args: string[]) => {
+  // only escape args for git bash
+  if (process.platform !== "win32" || shell == undefined) return args;
+  return args.map((arg) => (shouldEscapeArg(arg) ? `"${arg.replaceAll('"', '\\"')}"` : arg));
+};
+
 export const buildExecuteShellCommand =
   async (timeout: number): Promise<Fig.ExecuteCommandFunction> =>
   async ({ command, env, args, cwd }: Fig.ExecuteCommandInput): Promise<Fig.ExecuteCommandOutput> => {
-    const child = spawn(command, args, { cwd, env: { ...process.env, ...env, ISTERM: "1" }, shell: await getExecutionShell() });
+    const executionShell = await getExecutionShell();
+    const escapedArgs = escapeArgs(executionShell, args);
+    const child = spawn(command, escapedArgs, { cwd, env: { ...process.env, ...env, ISTERM: "1" }, shell: executionShell });
     setTimeout(() => child.kill("SIGKILL"), timeout);
     let stdout = "";
     let stderr = "";