Chris Rorvick <chris@xxxxxxxxxxx> writes: > outdir needs to be quoted in the formatted string, i.e.: > > "%s | (cd '%s' >/dev/null ..." The issue is real, but I am afraid that the above is not sufficient because outdir can contain single quotes. I think other places that call out to external processes share the same issue of being careless about quoting in general. Doesn't Python come with a standard subprocess module that lets you spawn external programs safely, similar to the way Perl's list form open(), e.g. "open($fh, "-|", 'git', @args)", works? -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html