The StripQuotes command parser uses this regex to detect "wrapped" commands:
/^"(.+?)"$/.test(command)
This fires on any command string that both starts and ends with a " character — including perfectly valid shell commands like:
"/usr/local/bin/mytool" --flag "some value" --other "last arg"
The intent (supporting Windows where users write "cmd with spaces" as a single token) is reasonable, but the regex matches far too broadly. It cannot distinguish between:
"single wrapped token" ← intended target"/path/to/bin" --arg "quoted value" ← well-formed shell command that coincidentally starts and ends with "
When the latter is matched, slice(1, -1) produces:
/path/to/bin" --arg "quoted value
…which is unparseable by the shell, causing a not found error (exit code 127).
Suggested fix: Only strip quotes when the command is a single quoted token (no inner quotes), e.g.:
/^"([^"]+)"$/.test(command) // no inner double quotes
or more precisely, only strip when the token contains no whitespace:
/^"([^\s"]+)"$/.test(command)
This would safely handle "mytool" → mytool while leaving "/bin/tool" --arg "val" untouched.
Version: 9.2.1
The
StripQuotescommand parser uses this regex to detect "wrapped" commands:This fires on any command string that both starts and ends with a
"character — including perfectly valid shell commands like:The intent (supporting Windows where users write
"cmd with spaces"as a single token) is reasonable, but the regex matches far too broadly. It cannot distinguish between:"single wrapped token"← intended target"/path/to/bin" --arg "quoted value"← well-formed shell command that coincidentally starts and ends with"When the latter is matched,
slice(1, -1)produces:…which is unparseable by the shell, causing a
not founderror (exit code 127).Suggested fix: Only strip quotes when the command is a single quoted token (no inner quotes), e.g.:
or more precisely, only strip when the token contains no whitespace:
This would safely handle
"mytool"→mytoolwhile leaving"/bin/tool" --arg "val"untouched.Version: 9.2.1