diff --git a/Classes/Config/Deployment.php b/Classes/Config/Deployment.php index 592dab6..db405f3 100644 --- a/Classes/Config/Deployment.php +++ b/Classes/Config/Deployment.php @@ -14,6 +14,7 @@ use RuntimeException; use function Deployer\get; use function Deployer\import; use function Deployer\parse; +use function Deployer\quote; use function Deployer\runLocally; use function Deployer\set; use function Deployer\testLocally; @@ -224,7 +225,7 @@ class Deployment protected function which(string $name): string { - $nameEscaped = escapeshellarg($name); + $nameEscaped = quote($name); // Try `command`, should cover all Bourne-like shells // Try `which`, should cover most other cases diff --git a/Classes/Tasks/Local.php b/Classes/Tasks/Local.php index a128cc7..40cdaf9 100644 --- a/Classes/Tasks/Local.php +++ b/Classes/Tasks/Local.php @@ -15,6 +15,7 @@ use function Deployer\get; use function Deployer\info; use function Deployer\output; use function Deployer\parse; +use function Deployer\quote; use function Deployer\runLocally; use function Deployer\set; use function Deployer\Support\escape_shell_argument; @@ -76,7 +77,7 @@ class Local extends AbstractTasks */ public function lock(): void { - $user = escapeshellarg(get('user')); + $user = quote(get('user')); $locked = runLocally("[ -f {{deploy_path}}/.dep/deploy.lock ] && echo +locked || echo $user > {{deploy_path}}/.dep/deploy.lock"); if ($locked === '+locked') { $lockedUser = runLocally("cat {{deploy_path}}/.dep/deploy.lock"); @@ -167,7 +168,7 @@ class Local extends AbstractTasks runLocally("cd {{release_path}}; $git clone --branch $target $repository ."); // Save git revision in REVISION file. - $rev = escapeshellarg(runLocally("cd {{release_path}}; $git rev-list $target -1")); + $rev = quote(runLocally("cd {{release_path}}; $git rev-list $target -1")); runLocally("echo $rev > {{release_path}}/REVISION"); } diff --git a/Classes/Tasks/Rsync.php b/Classes/Tasks/Rsync.php index 100579d..e9b929a 100644 --- a/Classes/Tasks/Rsync.php +++ b/Classes/Tasks/Rsync.php @@ -4,6 +4,7 @@ declare(strict_types=1); namespace Evoweb\DeployerConfig\Tasks; +use function Deployer\quote; use function Deployer\runLocally; use function Deployer\test; use function Deployer\testLocally; @@ -55,7 +56,7 @@ class Rsync extends AbstractTasks $this->set('rsync_default', $this->defaultConfig); - $this->set('rsync_dest', '{{user}}@{{hostname}}:\'{{remote_path}}/\''); + $this->set('rsync_dest', '{{remote_user}}@{{hostname}}:\'{{remote_path}}/\''); $this->set('rsync_config', $this->rsyncConfig(...)); @@ -94,7 +95,7 @@ class Rsync extends AbstractTasks {{rsync_flags}} \ {{rsync_options}} \ {{rsync_timeout}} \ - --exclude=' . escapeshellarg('shared') . ' \ + --exclude=' . quote('shared') . ' \ {{rsync_excludes_download}} \ {{rsync_includes}} \ {{rsync_filter}} \ @@ -123,7 +124,7 @@ class Rsync extends AbstractTasks {{rsync_options}} \ {{rsync_timeout}} \ {{rsync_includes}} \ - --exclude=' . escapeshellarg('shared/') . ' \ + --exclude=' . quote('shared/') . ' \ {{rsync_excludes_upload}} \ {{rsync_filter}} \ {{deploy_path}}/ {{rsync_dest}} @@ -176,7 +177,7 @@ class Rsync extends AbstractTasks $excludeFile = $config['exclude-file'] ?? ''; $excludesRsync = ''; foreach ($excludes as $exclude) { - $excludesRsync .= ' --exclude=' . escapeshellarg($exclude); + $excludesRsync .= ' --exclude=' . quote($exclude); } if ( @@ -185,7 +186,7 @@ class Rsync extends AbstractTasks && is_file($excludeFile) && is_readable($excludeFile) ) { - $excludesRsync .= ' --exclude-from=' . escapeshellarg($excludeFile); + $excludesRsync .= ' --exclude-from=' . quote($excludeFile); } return $excludesRsync; @@ -198,7 +199,7 @@ class Rsync extends AbstractTasks $excludeFile = $config['exclude-file'] ?? ''; $excludesRsync = ''; foreach ($excludes as $exclude) { - $excludesRsync .= ' --exclude=' . escapeshellarg($exclude); + $excludesRsync .= ' --exclude=' . quote($exclude); } if ( @@ -207,7 +208,7 @@ class Rsync extends AbstractTasks && is_file($excludeFile) && is_readable($excludeFile) ) { - $excludesRsync .= ' --exclude-from=' . escapeshellarg($excludeFile); + $excludesRsync .= ' --exclude-from=' . quote($excludeFile); } return $excludesRsync; @@ -220,7 +221,7 @@ class Rsync extends AbstractTasks $excludeFile = $config['exclude-file'] ?? ''; $excludesRsync = ''; foreach ($excludes as $exclude) { - $excludesRsync .= ' --exclude=' . escapeshellarg($exclude); + $excludesRsync .= ' --exclude=' . quote($exclude); } if ( @@ -229,7 +230,7 @@ class Rsync extends AbstractTasks && is_file($excludeFile) && is_readable($excludeFile) ) { - $excludesRsync .= ' --exclude-from=' . escapeshellarg($excludeFile); + $excludesRsync .= ' --exclude-from=' . quote($excludeFile); } return $excludesRsync; @@ -242,7 +243,7 @@ class Rsync extends AbstractTasks $includeFile = $config['include-file'] ?? ''; $includesRsync = ''; foreach ($includes as $include) { - $includesRsync .= ' --include=' . escapeshellarg($include); + $includesRsync .= ' --include=' . quote($include); } if ( !empty($includeFile) @@ -250,7 +251,7 @@ class Rsync extends AbstractTasks && is_file($includeFile) && is_readable($includeFile) ) { - $includesRsync .= ' --include-from=' . escapeshellarg($includeFile); + $includesRsync .= ' --include-from=' . quote($includeFile); } return $includesRsync; diff --git a/composer.json b/composer.json index 6966e67..70fc1ca 100644 --- a/composer.json +++ b/composer.json @@ -4,7 +4,7 @@ "type": "project", "require": { - "deployer/deployer": "^v7.5.0", + "deployer/deployer": "^v8.0.0", "phpdocumentor/reflection-docblock": "^5.3" },