From feb1276ef87720b4dffeef8f05a9c50478f4d6fd Mon Sep 17 00:00:00 2001
From: Jonas Finnemann Jensen <jonasfj@google.com>
Date: Tue, 5 Mar 2019 16:18:15 +0100
Subject: [PATCH] Fix #28 -- escaping arguments as mentioned in TODO

---
 lib/src/command_runner.dart | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/lib/src/command_runner.dart b/lib/src/command_runner.dart
index e7b0691f7..25f20f631 100644
--- a/lib/src/command_runner.dart
+++ b/lib/src/command_runner.dart
@@ -180,8 +180,13 @@ class PubCommandRunner extends CommandRunner {
       if (topLevelResults['trace']) {
         log.dumpTranscript();
       } else if (!isUserFacingException(error)) {
-        // TODO(23505): Implement proper shell escaping, not a partial hack.
-        protectArgument(String x) => x.contains(' ') ? '"$x"' : x;
+        // Escape the argument for users to copy-paste in bash.
+        // Wrap with single quotation, and use '\'' to insert single quote, as
+        // long as we have no spaces this doesn't create a new argument.
+        protectArgument(String x) =>
+            RegExp(r'^[a-zA-Z0-9-_]+$').stringMatch(x) == null
+                ? "'${x.replaceAll("'", r"'\''")}'"
+                : x;
         log.error("""
 This is an unexpected error. Please run