Skip to content

Add Process.capture #16630

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
ysbaddaden wants to merge 2 commits into
base: master
Choose a base branch
from
Draft

Add Process.capture #16630

ysbaddaden wants to merge 2 commits into from
+145 −102

Conversation

@ysbaddaden
Copy link
Collaborator

@ysbaddaden ysbaddaden commented Feb 3, 2026

Introduces the Process.capture method that executes a command, captures its standard output, and returns it or raises an exception when the command fails (unsuccessful exit status).

The method provides a safer replacement to the command operator (aka backticks) that has the following issues:

  1. requires the command be executed in a shell, which in turn requires manual escapes and is prone to command injection;

  2. doesn't check the exit status... while callers don't check it either, and errors get unnoticed.

The method is kept simple on purpose: it expects a command to always succeed (happy path) and to print to its standard output. Anything else (capture output + error, merge error -> output, act on error status) are better handled by .new and .run.

Example:

path = ARGV[0]
output = Process.capture("ls", {"-al", path})

NOTE: please discuss the design in #7171.

This draft PR also provides a commit that refactors the compiler/std specs to replace all usages of the command operator and shell: true arg, so we can evaluate the benefits of the change. It shall indeed be extracted into a follow-up PR.

Closes #7171.
Related to #16614.

@ysbaddaden ysbaddaden self-assigned this Feb 3, 2026
@ysbaddaden ysbaddaden mentioned this pull request Feb 3, 2026
Open
ysbaddaden
ysbaddaden commented Feb 3, 2026
View reviewed changes
@ysbaddaden ysbaddaden force-pushed the feature/process-capture-output branch from c5145db to b8b3b97 Compare February 3, 2026 15:16
@ysbaddaden
Add Process.capture
bd63137 
This is a safer alternative to the command operator (or backtick
operator) with no need for a shell intermediary and that raises when the
command failed (non successful exit code) so we don't have to check the
process status (but can do so with `$!`).
@ysbaddaden ysbaddaden force-pushed the feature/process-capture-output branch from ca3484e to 221fb72 Compare February 5, 2026 10:12
@ysbaddaden
Specs: avoid command operator and shell:true
fd521da 
Prefer explicit and safer calls to `Process.capture` and `Process.new`.
@ysbaddaden ysbaddaden force-pushed the feature/process-capture-output branch from 221fb72 to fd521da Compare February 5, 2026 13:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@ysbaddaden ysbaddaden

Labels

kind:feature topic:stdlib:runtime

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

A safe alternative for capturing child process output

1 participant

@ysbaddaden