7 éve · 79d62cc51c
--- a/src/Composer/Downloader/FossilDownloader.php
+++ b/src/Composer/Downloader/FossilDownloader.php
@@ -87,7 +87,7 @@ class FossilDownloader extends VcsDownloader
 
				      */
			
 
				     protected function getCommitLogs($fromReference, $toReference, $path)
			
 
				     {
			
 
				-        $command = sprintf('fossil timeline -t ci -W 0 -n 0 before %s', $toReference);
			
 
				+        $command = sprintf('fossil timeline -t ci -W 0 -n 0 before %s', ProcessExecutor::escape($toReference));
			
 
				 
			
 
				         if (0 !== $this->process->execute($command, $output, realpath($path))) {
			
 
				             throw new \RuntimeException('Failed to execute ' . $command . "\n\n" . $this->process->getErrorOutput());
			
--- a/src/Composer/Downloader/GitDownloader.php
+++ b/src/Composer/Downloader/GitDownloader.php
@@ -423,7 +423,7 @@ class GitDownloader extends VcsDownloader implements DvcsDownloaderInterface
 
				     protected function getCommitLogs($fromReference, $toReference, $path)
			
 
				     {
			
 
				         $path = $this->normalizePath($path);
			
 
				-        $command = sprintf('git log %s..%s --pretty=format:"%%h - %%an: %%s"', $fromReference, $toReference);
			
 
				+        $command = sprintf('git log %s..%s --pretty=format:"%%h - %%an: %%s"', ProcessExecutor::escape($fromReference), ProcessExecutor::escape($toReference));
			
 
				 
			
 
				         if (0 !== $this->process->execute($command, $output, $path)) {
			
 
				             throw new \RuntimeException('Failed to execute ' . $command . "\n\n" . $this->process->getErrorOutput());
			
--- a/src/Composer/Downloader/HgDownloader.php
+++ b/src/Composer/Downloader/HgDownloader.php
@@ -82,7 +82,7 @@ class HgDownloader extends VcsDownloader
 
				      */
			
 
				     protected function getCommitLogs($fromReference, $toReference, $path)
			
 
				     {
			
 
				-        $command = sprintf('hg log -r %s:%s --style compact', $fromReference, $toReference);
			
 
				+        $command = sprintf('hg log -r %s:%s --style compact', ProcessExecutor::escape($fromReference), ProcessExecutor::escape($toReference));
			
 
				 
			
 
				         if (0 !== $this->process->execute($command, $output, realpath($path))) {
			
 
				             throw new \RuntimeException('Failed to execute ' . $command . "\n\n" . $this->process->getErrorOutput());
			
--- a/src/Composer/Downloader/SvnDownloader.php
+++ b/src/Composer/Downloader/SvnDownloader.php
@@ -192,7 +192,7 @@ class SvnDownloader extends VcsDownloader
 
				             $fromRevision = preg_replace('{.*@(\d+)$}', '$1', $fromReference);
			
 
				             $toRevision = preg_replace('{.*@(\d+)$}', '$1', $toReference);
			
 
				 
			
 
				-            $command = sprintf('svn log -r%s:%s --incremental', $fromRevision, $toRevision);
			
 
				+            $command = sprintf('svn log -r%s:%s --incremental', ProcessExecutor::escape($fromRevision), ProcessExecutor::escape($toRevision));
			
 
				 
			
 
				             $util = new SvnUtil($baseUrl, $this->io, $this->config);
			
 
				             $util->setCacheCredentials($this->cacheCredentials);