@@ -377,7 +377,7 @@ export class SSHRuntime implements Runtime {
377377 let originUrl : string | null = null ;
378378 try {
379379 using proc = execAsync (
380- `cd ${ JSON . stringify ( projectPath ) }
380+ `cd ${ shescape . quote ( projectPath ) }
381381 ) ;
382382 const { stdout } = await proc . result ;
383383 const url = stdout . trim ( ) ;
@@ -394,7 +394,7 @@ export class SSHRuntime implements Runtime {
394394 initLogger . logStep ( `Creating git bundle...` ) ;
395395 await new Promise < void > ( ( resolve , reject ) => {
396396 const sshArgs = this . buildSSHArgs ( true ) ;
397- const command = `cd ${ JSON . stringify ( projectPath ) } ${ sshArgs . join ( " " ) } ${ bundleTempPath } ;
397+ const command = `cd ${ shescape . quote ( projectPath ) } ${ sshArgs . join ( " " ) } ${ bundleTempPath } ;
398398
399399 log . debug ( `Creating bundle: ${ command } ) ;
400400 const bashPath = findBashPath ( ) ;
@@ -449,7 +449,7 @@ export class SSHRuntime implements Runtime {
449449 if ( originUrl ) {
450450 initLogger . logStep ( `Setting origin remote to ${ originUrl } ) ;
451451 const setOriginStream = await this . exec (
452- `git -C ${ cloneDestPath } ${ JSON . stringify ( originUrl ) } ,
452+ `git -C ${ cloneDestPath } ${ shescape . quote ( originUrl ) } ,
453453 {
454454 cwd : "~" ,
455455 timeout : 10 ,
@@ -663,7 +663,7 @@ export class SSHRuntime implements Runtime {
663663 // We create new branches from HEAD instead of the trunkBranch name to avoid issues
664664 // where the local repo's trunk name doesn't match the cloned repo's default branch
665665 initLogger . logStep ( `Checking out branch: ${ branchName } ) ;
666- const checkoutCmd = `(git checkout ${ JSON . stringify ( branchName ) } ${ JSON . stringify ( branchName ) } ;
666+ const checkoutCmd = `(git checkout ${ shescape . quote ( branchName ) } ${ shescape . quote ( branchName ) } ;
667667
668668 const checkoutStream = await this . exec ( checkoutCmd , {
669669 cwd : workspacePath , // Use the full workspace path for git operations
0 commit comments