Techly NewsGet the app

Get the latest tech news

Safe Shell String Interpolation


Posted on March 22, 2025

The obvious solution is to use execFile rather than exec and pass the arguments directly to the command with no shells parsing user input. This allows you to safely do string interpolation with untrusted user input on shell commands! It allows you to write structs extending ExpressibleByStringInterpolation in a similar fashion to JavaScript's tagged templates.

Get the Android app

Or read this on Hacker News

« Derivatives and Logarithms of 3D Transforms
The M3 gamble: How Apple's bet shaped its silicon future »