@bitprophet Do you have any ideas on how to solve this? This is a critical severity issue to me, as it is simply impossible to run the application successfully without patching this library.

I assume the above diff is not going to be accepted as a PR, but I really don't understand why it is encoding stuff. It is receiving arbitrary data it knows nothing about and then assuming it can decode it with the system's default locale, which just seems crazy to me. It's also set to 'replace' which means half the bytes are just removed from the original value, so it just produces garbage.

Maybe an option to avoid encoding/decoding if encoding is set to None (or a sentinel value if None is expected to use the default) would work?

• I assume this is still a problem on the recently released major revision that does away with the python 2 shims and six? if you haven't tested there, please do!
• I think there might be other open tickets or PRs about this, probably worth searching around if you didn't already.
• IIRC the intent here is that the most common use cases involve human-focused text (eg a human typing into a terminal stdin which may need processing/responding to, or creating a StringIO for auto-playback) and in some of those cases we're being handed bytes-that-are-unicode.
• but I agree that we need to handle the pure binary transit case when it occurs - so there needs to be either a) a reliable method of detecting "bytes that happen to be valid unicode", such as a try/except, or b) a manual toggle for when a run() call is known to be expecting raw bytes / is not concerned with interactive passthrough / sudo password injection / etc.

• I assume this is still a problem on the recently released major revision that does away with the python 2 shims and six? if you haven't tested there, please do!

I can see the code is still there. But, can test it out later to double check.

* I think there might be other open tickets or PRs about this, probably worth searching around if you didn't already.

I didn't see any at the time, but another look suggests maybe #354 refers to the same problem.

* but I agree that we need to handle the pure binary transit case when it occurs - so there needs to be either a) a reliable method of detecting "bytes that happen to be valid unicode", such as a try/except, or b) a manual toggle for when a run() call is known to be expecting raw bytes / is not concerned with interactive passthrough / sudo password injection / etc.

I'm not sure how we'd do it automatically, a try/except could pass on one chunk of data and then fail on the next. I'm also not clear on what use cases are being solved by the encoding, but when using fabric it's clear to me that I'm just sending data through a pipe, so even if it was valid utf-8 there would be no point in decoding it just to encode it again. So, an explicit setting would be fine.
Does a None or sentinel value for the encoding parameter sound like a reasonable approach to toggle this behaviour?

Does a None or sentinel value for the encoding parameter sound like a reasonable approach to toggle this behaviour?

Yes, though we'd need to check to make sure that self.encoding and/or the config pipeline that sets it, doesn't allow a None default (tho yea in that case, a sentinel object() is probably fine.)