Hello
I've finally found some time to check your PR#176 Tamás... Here are my
comments and answers (also to previous messages).
https://github.com/apache/maven-resolver/pull/176
>
> So here is some implementation "demo" (that could be made into extension
> point), as explained in Draft PR descript
Description:
In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline
class can emit double-quoted strings without proper escaping, allowing shell
injection attacks.
This issue is being tracked as MSHARED-297
References:
https://issues.apache.org/jira/browse/MSHARED-297
http
