Merge pull request #44910 from jonathanhefner/credentials-avoid-escap…

…ing-paths Avoid escaping paths when editing credentials
rails · May 9, 2022 · 38d5846 · 38d5846
2 parents f19e896 + 2f66df0
commit 38d5846
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/railties/lib/rails/commands/credentials/credentials_command.rb b/railties/lib/rails/commands/credentials/credentials_command.rb
@@ -92,7 +92,7 @@ def ensure_credentials_have_been_added
 
         def change_credentials_in_system_editor
           credentials.change do |tmp_path|
-            system("#{ENV["EDITOR"]} #{Shellwords.escape(tmp_path)}")
+            system(*Shellwords.split(ENV["EDITOR"]), tmp_path.to_s)
           end
         end
 

diff --git a/railties/test/commands/credentials_test.rb b/railties/test/commands/credentials_test.rb
@@ -36,7 +36,7 @@ class Rails::Command::CredentialsCommandTest < ActiveSupport::TestCase
   end
 
   test "edit command does not overwrite by default if credentials already exists" do
-    run_edit_command(editor: "eval echo api_key: abc >")
+    run_edit_command(editor: 'ruby -e "File.write ARGV[0], %(api_key: abc)"')
     assert_match(/api_key: abc/, run_show_command)
 
     run_edit_command