@@ -713,8 +713,8 @@ Exceptions defined in this module all inherit from :exc:`SubprocessError`.
713713Security Considerations
714714-----------------------
715715
716- Unlike some other popen functions, thisimplementation willnever
717- implicitly call a system shell. This means that all characters,
716+ Unlike some other popen functions, thislibrary willnot
717+ implicitlychoose to call a system shell. This means that all characters,
718718including shell metacharacters, can safely be passed to child processes.
719719If the shell is invoked explicitly, via ``shell=True ``, it is the application's
720720responsibility to ensure that all whitespace and metacharacters are
@@ -726,6 +726,14 @@ When using ``shell=True``, the :func:`shlex.quote` function can be
726726used to properly escape whitespace and shell metacharacters in strings
727727that are going to be used to construct shell commands.
728728
729+ On Windows, batch files (:file: `*.bat ` or:file: `*.cmd `) may be launched by the
730+ operating system in a system shell regardless of the arguments passed to this
731+ library. This could result in arguments being parsed according to shell rules,
732+ but without any escaping added by Python. If you are intentionally launching a
733+ batch file with arguments from untrusted sources, consider passing
734+ ``shell=True `` to allow Python to escape special characters. See:gh: `114539 `
735+ for additional discussion.
736+
729737
730738Popen Objects
731739-------------