Directories glob patterns broken when used with --git-diff-filter

[ndench]

Question	Answer
Infection version	0.26.13
Test Framework version	PHPUnit 9.5.21
PHP version	8.1.18
Platform	Debian (docker)
Github Repo	-

We run infection only over a specific subset of the codebase which contains heavy business logic. This allows us to enforce a 100% MSI for critical code paths. We do this by using file glob patterns in the directories config section, eg. src/*/Core.

This was recently broken by #1697, specifically by adding the directories configuration to git diff command with escapeshellarg which results in the git diff command being changed to the following, which returns an empty list of changes.

git diff <commit sha> --diff-filter=AM --name-only --  'src/*/Core'

Is there any reason that we need escapeshellarg here? That's usually used to prevent untrusted data being executed, but it should only ever include data provided by the same user who is running the command right?

Alternatively, maybe the directories config property could support regex like excludes does?

phpunit.xml

<?xml version="1.0" encoding="UTF-8"?>

<!-- https://phpunit.de/manual/current/en/appendixes.configuration.html -->
<phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xsi:noNamespaceSchemaLocation="https://schema.phpunit.de/9.3/phpunit.xsd"
        backupGlobals="false"
        colors="true"
        bootstrap="config/bootstrap.php"
>
   <coverage>
       <include>
           <directory>./src/</directory>
       </include>
   </coverage>
   <php>
       <ini name="error_reporting" value="-1"/>
       <server name="APP_ENV" value="test" force="true"/>
       <server name="SHELL_VERBOSITY" value="-1"/>
   </php>

   <testsuites>
       <testsuite name="All">
           <directory>tests/</directory>
       </testsuite>

       <!-- Different test types you might run separately -->
       <testsuite name="Unit">
           <directory>tests/Unit/</directory>
       </testsuite>
       <testsuite name="Integration">
           <directory>tests/Integration/</directory>
       </testsuite>
       <testsuite name="Message">
           <directory>tests/Message/</directory>
       </testsuite>
       <testsuite name="Contract">
           <directory>tests/Contract/</directory>
       </testsuite>
       <testsuite name="Model">
           <directory>tests/Model</directory>
       </testsuite>
       <testsuite name="Task">
           <directory>tests/Task</directory>
       </testsuite>
       <testsuite name="Functional">
           <directory>tests/Functional/</directory>
       </testsuite>
   </testsuites>
</phpunit>

infection.json.dist

{
 "timeout": 30,
 "source": {
   "directories": [
     "src/Security",
     "src/*/Core",
     "src/*/Action",
     "src/Integrations/*/Action",
     "src/Integrations/*/Core",
     "src/*/Enum",
   ],
   "excludes": [
     "Migrations"
   ]
 },
 "testFrameworkOptions": "--testsuite=Unit",
 "mutators": {
   "@default": true,
   "IdenticalEqual" : false,
   "NotIdenticalNotEqual": false,
   "MBString": false
 },
 "logs": {
   "text": "build\/infection\/log.txt",
   "debug": "build\/infection\/debug.txt",
   "summary": "build\/infection\/summary.txt"
 }
}

Output with issue

[OK] No files in diff found, skipping mutation analysis.                                                               

[aurum86]

Having the same issue on similar scenario.

[maks-rafalko]

@aurum86 could you please provide details about your case? What is the infection.json5, how do you run infection (command line)?

I can't reproduce it. Mention escapeshellarg has been removed a while ago, so probably @aurum86 you have different issue