From 0fbd5ee30bda79b1c7fc8123a324f73d8e6f926e Mon Sep 17 00:00:00 2001
From: Andrey Chalkin <L2jLiga@gmail.com>
Date: Fri, 20 Aug 2021 12:01:45 +0700
Subject: [PATCH] disable Shell in subprocess call

---
 tasks/engines/fontforge/generate.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tasks/engines/fontforge/generate.py b/tasks/engines/fontforge/generate.py
index 2fbb4d5..01fde68 100644
--- a/tasks/engines/fontforge/generate.py
+++ b/tasks/engines/fontforge/generate.py
@@ -98,7 +98,7 @@ def generate(filename):
 # Hint the TTF file
 # ttfautohint is optional
 if args['autoHint'] and find_executable('ttfautohint'):
-    call('ttfautohint --symbol --fallback-script=latn --no-info "%(font)s.ttf" "%(font)s-hinted.ttf" && mv "%(font)s-hinted.ttf" "%(font)s.ttf"' % {'font': fontfile}, shell=True)
+    call('ttfautohint --symbol --fallback-script=latn --no-info "%(font)s.ttf" "%(font)s-hinted.ttf" && mv "%(font)s-hinted.ttf" "%(font)s.ttf"' % {'font': fontfile}, shell=False)
     f = fontforge.open(fontfile + '.ttf')
 
 # SVG
@@ -132,7 +132,7 @@ def generate(filename):
 # EOT
 if 'eot' in args['types']:
     # eotlitetool.py script to generate IE7-compatible .eot fonts
-    call('python "%(path)s/../../bin/eotlitetool.py" "%(font)s.ttf" --output "%(font)s.eot"' % {'path': scriptPath, 'font': fontfile}, shell=True)
+    call('python "%(path)s/../../bin/eotlitetool.py" "%(font)s.ttf" --output "%(font)s.eot"' % {'path': scriptPath, 'font': fontfile}, shell=False)
 
 # Delete TTF if not needed
 if ('ttf' not in args['types']) and woff2_generated: