There's absolutely no reason to avoid using shell_quote listed in the parent post.

The "issues" identified:

• No mention of lack of backwards compatibility with shells from 1979.

  A 7th edition Bourne shell surely is a bourne shell, right?

  It's perfectly legit to avoid mentioning it doesn't work with shells from 1979. For reference, Perl only came out in 1987, Perl modules were only introduced in 1994 (I think), and String::ShellQuote only came out in 1997. Mentioning lack of support for a 44 year old shell would only add noise and decrease the quality of the documentation.

  NOT AN ISSUE.

• Mishandling undefined values

  Personally, I would not accept an undefined value, because probably something went wrong in the caller if we get undefined parameters.

  Fair. It doesn't even warn. This isn't a bug, but this module should be a bit more thorough given the security implications.

  WANTED IMPROVEMENT. There are backwards compatibility issues with making this improvement.

• shell_quote_best_effort doesn't make much sense

  shell_quote_best_effort() just ignores all errors and returns whatever survived the backend function. If errors occured, that may be plain wrong. At least, this behaviour is documented

  Yeah, but this has nothing to do with shell_quote.

  NOT AN ISSUE. Don't use a sub that's documented to produce garbage.

• ! shouldn't be whitelisted

  "!" should better not be in that whitelist.

  I agree, though the chance of it being harmful is effectively nil since ! is only significant in interactive shells.

  NEEDS TO BE FIXED, and it's trivial to fix, but it's never going to matter.

I shall file tickets for the two issues shortly.