Given these assumptions described in code and docs:

• If there are spaces in the env var value, the value has to be quoted
• .env files are supposed to be sourcable by the shell

Given the value Foo ' Bar, how is it supposed to be defined in a .env file?

From the shell's perspective, this is the way to go, sourcing works (using bash):

MY_VAR='FOO '\'' BAR'

In PHP, escapeshellarg('FOO \' BAR') produces such an output.

But loading such a definition with Dotenv results in:

PHP Fatal error:  Uncaught Symfony\Component\Dotenv\Exception\FormatException: Invalid 
character in variable name in "/path/to/.env" at line 1.
...MY_VAR='BAR '\'' FOO'\n...
                  ^ line 1 offset 10 in /path/to/vendor/symfony/dotenv/Dotenv.php:334

On the other hand given the definition My_VAR='FOO '' BAR', loading with Dotenv result in FOO ' BAR whereas sourcing this by shell leads to FOO BAR.

This behavior can lead to some surprises when trying to write/generate .env files and wanting them to be loadable interchangeably by shell and Dotenv.

Side note: https://github.com/vlucas/phpdotenv behaves differently, My_VAR='FOO '' BAR' results in BAR, My_VAR='FOO \' BAR' results in FOO ' BAR.

An even more valid use case than a value with spaces and quotes is using generated passwords that may contain single/double quotes.