File fix_codecov_not_sanitizing_arguments.patch of Package python-codecov

diff -Nru codecov-2.0.15.orig/codecov/__init__.py codecov-2.0.15/codecov/__init__.py
--- codecov-2.0.15.orig/codecov/__init__.py	2018-01-29 16:52:04.000000000 +0100
+++ codecov-2.0.15/codecov/__init__.py	2022-07-14 09:40:32.295051740 +0200
@@ -38,6 +38,10 @@
 
 remove_token = re.compile(r'token=[^\&]+').sub
 
+def sanitize_arg(replacement, arg):
+    return re.sub(r'[\&]+', replacement, arg, 0, re.MULTILINE)
+
+
 ignored_path = re.compile(r'(/vendor)|'
                           r'(/js/generated/coverage)|'
                           r'(/__pycache__)|'
@@ -614,11 +618,11 @@
             )
             write('==> Processing gcov (disable by -X gcov)')
             cmd = "find %s %s -type f -name '*.gcno' %s -exec %s -pb %s {} +" % (
-                  (codecov.gcov_root or root),
+                  (sanitize_arg('', codecov.gcov_root or root)),
                   dont_search_here,
                   " ".join(map(lambda a: "-not -path '%s'" % a, codecov.gcov_glob)),
-                  (codecov.gcov_exec or ''),
-                  (codecov.gcov_args or ''))
+                  (sanitize_arg('', codecov.gcov_exec or '')),
+                  (sanitize_arg('', codecov.gcov_args or '')))
             write('    Executing gcov (%s)' % cmd)
             try_to_run(cmd)