From 98dd6890f16ec7aae2db462121bd2ec5481835d6 Mon Sep 17 00:00:00 2001 From: Guillermo Date: Tue, 12 May 2026 20:32:42 +0200 Subject: [PATCH] docs: clarify get_cli_string shell quoting behavior --- src/dotenv/__init__.py | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/src/dotenv/__init__.py b/src/dotenv/__init__.py index dde24a01..e209228c 100644 --- a/src/dotenv/__init__.py +++ b/src/dotenv/__init__.py @@ -16,10 +16,12 @@ def get_cli_string( value: Optional[str] = None, quote: Optional[str] = None, ): - """Returns a string suitable for running as a shell script. + """Return a command string for invoking the dotenv CLI. - Useful for converting a arguments passed to a fabric task - to be passed to a `local` or `run` command. + This helper is intended for simple command construction and display. It does + not shell-escape arbitrary input. If you pass the returned string to a shell, + quote or validate any user-controlled values first. Prefer passing arguments as + a list to subprocess APIs when possible. """ command = ["dotenv"] if quote: