[po] auto sync

github-actions[bot] · github-actions[bot] · commit 03ee2572dcd4 · 2024-04-21T07:56:10.000Z
diff --git a/.stat.json b/.stat.json
@@ -1 +1 @@
-{"translation": "95.05%", "updated_at": "2024-04-21T06:56:33Z"}
+{"translation": "95.06%", "updated_at": "2024-04-21T07:56:10Z"}
diff --git a/library/subprocess.po b/library/subprocess.po
@@ -1169,6 +1169,10 @@ msgid ""
 "vulnerabilities. On :ref:`some platforms <shlex-quote-warning>`, it is "
 "possible to use :func:`shlex.quote` for this escaping."
 msgstr ""
+"不同于某些其他的 popen 函数，这个库将不会隐式地选择调用系统 shell。 这意味着所有字符，包括 shell 元字符都可以被安全地传递给子进程。"
+" 如果 shell 是通过 ``shell=True`` 被显式地发起调用的，则应用程序要负责确保所有空白符和元字符被适当地转义以避免 `shell "
+"注入 <https://en.wikipedia.org/wiki/Shell_injection#Shell_injection>`_ 安全漏洞。 在"
+" :ref:`某些平台 <shlex-quote-warning>` 上，可以使用 :func:`shlex.quote` 来执行这种转义。"
 
 #: ../../library/subprocess.rst:767
 msgid ""
@@ -1180,6 +1184,10 @@ msgid ""
 "consider passing ``shell=True`` to allow Python to escape special "
 "characters. See :gh:`114539` for additional discussion."
 msgstr ""
+"在 Windows 上，批处理文件 (:file:`*.bat` 或 :file:`*.cmd`) 可以在系统 shell "
+"中通过操作系统调用来启动而忽略传给该库的参数。 这可能导致根据 shell 规则来解析参数，而没有任何 Python 添加的转义。 "
+"如果你想要附带来自不受信任源的参数启动批处理文件，请考虑传入 ``shell=True`` 以允许 Python 转义特殊字符。 请参阅 "
+":gh:`114539` 了解相关讨论。"
 
 #: ../../library/subprocess.rst:777
 msgid "Popen Objects"

Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-{"translation": "95.05%", "updated_at": "2024-04-21T06:56:33Z"}`
	`1`	`+{"translation": "95.06%", "updated_at": "2024-04-21T07:56:10Z"}`