• Embed a string directly into error details without wrapping punctuation. To avoid injection attacks that exploit quoting confusion, this must NEVER be used with data that is possibly attacker-controlled. As a further safeguard, we fall back to quoting any input that is not a string of sufficiently word-like parts separated by isolated spaces (rather than throwing an exception, which could hide the original problem for which explanatory details are being constructed---i.e., assert.details`...` should never be the source of a new exception, nor should an attempt to render its output, although we could instead decide to handle the latter by inline replacement similar to that of bestEffortStringify for producing rendered messages like (an object) was tagged "[Unsafe bare string]").

    Parameters

    • payload: any

      What to declassify

    • Optionalspaces: string | number

    Returns StringablePayload