Closed
Description
Symfony version(s) affected: symfony/process 4.1.0
Description
May not be a bug but the docs imply that the string form for Process command is the equivalent to the array form:
When a string command is passed to new Process() the arguments are not escaped, but when the array form is used they are correctly escaped. This example is on windows so ^ is an escape char.
As a result the string form of the same command is not portable whereas the array form is.
<?php
namespace Test;
use PHPUnit\Framework\TestCase;
use Symfony\Component\Process\Process;
require 'vendor/autoload.php';
class Test extends TestCase
{
public function testStringsNotEscaped()
{
$px = new Process('composer require ^7.1');
$py = new Process(['composer', 'require', '^7.1']);
$this->assertSame($px->getCommandLine(), $py->getCommandLine());
}
}$ vendor/bin/phpunit Test.php
PHPUnit 7.2.4 by Sebastian Bergmann and contributors.
F 1 / 1 (100%)
Time: 46 ms, Memory: 2.00MB
There was 1 failure:
1) Test\Test::testStringsNotEscaped
Failed asserting that two strings are identical.
--- Expected
+++ Actual
@@ @@
-'composer require ^7.1'
+'composer require ""^^"7.1"'
C:\server\root\oss\process\Test.php:17
FAILURES!
Tests: 1, Assertions: 1, Failures: 1.