(#2410) Warn on unbalanced quotes in package arguments for upgrades

AdmiringWorm · AdmiringWorm · commit f5bf08661226 · 2025-06-18T10:18:20.000+02:00
Add detection of unbalanced single or double quotes in package arguments
during install, upgrade, and uninstall commands. Emit warnings to alert
users that failures may be related to these potentially problematic
arguments. For upgrades and uninstalls, include troubleshooting advice
to run `choco info` with local-only flag.

Add a test verifying upgrade behavior when package parameters contain
single quotes and remembered arguments are enabled, ensuring warnings
and diagnostic messages appear as expected.

NOTE: Install and uninstall warnings and diagnostics are for future
implementations, and will not be shown during normal execution today.
diff --git a/src/chocolatey/infrastructure.app/services/NugetService.cs b/src/chocolatey/infrastructure.app/services/NugetService.cs
@@ -1980,6 +1980,41 @@ protected virtual ChocolateyConfiguration SetConfigFromRememberedArguments(Choco
             }
 
             var originalConfig = config.DeepCopy();
+
+            if (CountCharacter(packageArgumentsUnencrypted, '\'') % 2 != 0 || CountCharacter(packageArgumentsUnencrypted, '"') % 2 != 0)
+            {
+                if (config.CommandName.IsEqualTo("install"))
+                {
+                    // Install normally do not have any remembered arguments,
+                    // but we add this for future warnings if it becomes supported.
+                    this.Log().Warn(@"Potentially problematic package or install arguments detected.
+Install failures may be related to this issue.
+");
+                }
+                else if (config.CommandName.IsEqualTo("upgrade"))
+                {
+                    this.Log().Warn(@"Potentially problematic package or install arguments detected.
+Upgrade failures may be related to this issue.
+
+To troubleshoot, run: `choco info {0} --local-only` and review the package
+and argument details.
+",
+                        config.PackageNames);
+                }
+                else if (config.CommandName.IsEqualTo("uninstall"))
+                {
+                    // Remembered arguments are not used during uninstallations,
+                    // but we add it here for future warnings if it becomes added.
+                    this.Log().Warn(@"Potentially problematic package or uninstall arguments detected.
+Uninstall failures may be related to this issue.
+
+To troubleshoot, run: `choco info {0} --local-only` and review the package
+and argument details.
+",
+                        config.PackageNames);
+                }
+            }
+
             // this changes config globally
             ConfigurationOptions.OptionSet.Parse(packageArguments);
 
@@ -2007,6 +2042,26 @@ protected virtual ChocolateyConfiguration SetConfigFromRememberedArguments(Choco
             return originalConfig;
         }
 
+        private int CountCharacter(string value, char character)
+        {
+            if (string.IsNullOrWhiteSpace(value))
+            {
+                return 0;
+            }
+
+            var characterCount = 0;
+
+            for (var i = 0; i < value.Length; i++)
+            {
+                if (value[i] == character)
+                {
+                    characterCount++;
+                }
+            }
+
+            return characterCount;
+        }
+
         private bool HasMissingDependency(PackageResult package, List<PackageResult> allLocalPackages)
         {
             foreach (var dependency in package.PackageMetadata.DependencyGroups.SelectMany(d => d.Packages))
diff --git a/tests/pester-tests/commands/choco-upgrade.Tests.ps1 b/tests/pester-tests/commands/choco-upgrade.Tests.ps1
@@ -834,6 +834,29 @@ To upgrade a local, or remote file, you may use:
         }
     }
 
+    Context 'Upgrading a package using a single quote in the parameters and remembering arguments' -Tag Arguments {
+        BeforeAll {
+            Restore-ChocolateyInstallSnapshot
+
+            Enable-ChocolateyFeature -Name "useRememberedArgumentsForUpgrades"
+
+            $null = Invoke-Choco install test-environment --package-parameters="/Comment:It's Great! /SubmittedBy:Kim" --version 0.9
+            $Output = Invoke-Choco upgrade test-environment
+        }
+
+        It "Exits successfully (0)" {
+            $Output.ExitCode | Should -Be 0 -Because $Output.String
+        }
+
+        It "Should warn about possible upgrade failure" {
+            $Output.Lines | Should -Contain "Upgrade failures may be related to this issue." -Because $Output.String
+        }
+
+        It "Should give diagnostic information" {
+            $Output.Lines | Should -Contain "To troubleshoot, run: ``choco info test-environment --local-only`` and review the package" -Because $Output.String
+        }
+    }
+
     Context 'Upgrading a package using double-dash arguments in package arguments' -Tag Arguments {
         BeforeAll {
             Restore-ChocolateyInstallSnapshot
