From c417336fbbe1e900ac15525f9275082fdaa76f02 Mon Sep 17 00:00:00 2001
From: Joey Hess <joeyh@joeyh.name>
Date: Wed, 5 Apr 2023 19:37:21 -0400
Subject: [PATCH] todo

---
 doc/todo/terminal_escapes_in_filenames.mdwn | 25 +++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 doc/todo/terminal_escapes_in_filenames.mdwn

diff --git a/doc/todo/terminal_escapes_in_filenames.mdwn b/doc/todo/terminal_escapes_in_filenames.mdwn
new file mode 100644
index 0000000000..c12e74308d
--- /dev/null
+++ b/doc/todo/terminal_escapes_in_filenames.mdwn
@@ -0,0 +1,25 @@
+    touch $(echo -e "\e[31mfoo\e[0m")
+    git-annex add
+    git-annex find
+
+That displays "foo" in red twice. Compare with behavior of git commands that
+display that filename, which display it escaped.
+
+git-annex should probably do the same (except in json output which is
+already escaped).
+
+git porcelain also accepts the escaped form of files as input, necessary for
+round-tripping though. git-annex currently does not. (git plumbing doesn't
+either)
+
+While terminals mostly protect against escape sequences doing very bad
+things, there are security holes in terminals still being found.
+
+Of course, such files in git repos can also be exploited by other commands
+eg `echo *`. 
+
+So this does not seem like a security hole in git-annex, but it would be
+useful defense in depth against terminal security holes, and also good to
+behave more like git.
+
+--[[Joey]]