[Process] Recommend double quotes with placeholders

Chris McGehee · Chris McGehee · commit 916ff7a3ad3e · 2022-01-26T20:26:50.000-08:00
diff --git a/src/Symfony/Component/Process/Process.php b/src/Symfony/Component/Process/Process.php
@@ -180,6 +180,9 @@ public function __construct($command, string $cwd = null, array $env = null, $in
      *   $process = Process::fromShellCommandline('my_command "$MY_VAR"');
      *   $process->run(null, ['MY_VAR' => $theValue]);
      *
+     * It is also recommended to use double quotes around placeholders. This will help ensure the value
+     * of the placeholder is passed as a single argument which can help avoid security issues.
+     *
      * @param string         $command The command line to pass to the shell of the OS
      * @param string|null    $cwd     The working directory or null to use the working dir of the current PHP process
      * @param array|null     $env     The environment variables or null to use the same environment as the current PHP process
