This should fix https://notabug.org/ploum/offpunk/issues/9 . This
involves a few closely-related changes to subprogram execution:
- If a path, url or file contents were being passed using `cat` or
`echo`, the code was changed to pass the file/string on stdin. This
also makes several pipelines into single programs and should allow for
the removal of `shell=True` in the future.
- For `file`, `xdg-open` and `less`, which either can't accept their
input on stdin or otherwise use the path, the paths are now being
escaped with `shlex.quote()`.
- Finally, the environment variable $LESSHISTFILE is now being set in
python code, where escaping is not necessary.
Notably, the argument to `grep` in `less_cmd()` is not quoted in this
commit, since I was unsure of how it was meant to be used. If the
argument is not already quoted, this should probably be passed through
`shlex.quote()`.
This does not do the following, which may be desired:
- This does not disable `shell=True` anywhere, since `subprocess.run()`
requires the command to be already split into a list of strings. I
think this would just require a `shlex.split()` in `run()` when this
is disabled, but it may require more thought.
- Some of the invoked programs (with the notable exception of `echo` and
`xdg-open`) support the use of "--" to prevent any following arguments
from being treated as program flags if they start with "-". I don't
believe there are any paths that start with "-", but it may make sense
to include this where possible.
I have briefly tested this commit, but it touches quite a few code
paths, so there might be bugs that I missed.
Fixes a crash when trying to look up the contents of the current index
using `ls` command whenever there is no current page loaded by making a
current item a requirement.