The files don't have quotes.
http://cgit.drupalcode.org/omega/tree/omega/starterkits/default/js?h=7.x-4.x

The filename must be escaped in the shell command, like with escapeshellarg. Not doing so will cause problems for files that contain spaces or other potentially unsafe characters (such as '{'). For example,
  exec("stat --format=%G " . escapeshellarg($entry));
The fact that the escaped version has quotes is simply because that's the easiest way to make a string safe.

The quotes you're seeing mentioned somewhere are probably indicative of either PHP code (quotes form a string) or an actual shell command (author escaped the filename).

the quotes I AM seeing are when I do ls -al in a bash shell. see below

the filename ON the filesystem has leading and trailing quotes, as I said.

i tried escapeshellarg() but it simply puts in backslashes in front
of the quotes, which of course, creates a filename that does not exist.

drwxr-xr-x  2 james apache 4096 Apr 10 19:21 .
drwxr-xr-x 10 james apache 4096 Apr 10 19:21 ..
-rw-r--r--  1 james apache 2900 Apr 10 19:21 '{{ THEME SANITIZED }}.behaviors.js'

obviously, the quotes are there...

Well that's not how the files are bundled. Where did you download it from?

As for the backslashes, those are supposed to be there. That's how escaping works.
https://www.shellscript.sh/escape.html

Besides, I couldn't reproduce what you're describing anyways. And though this is Linux, I can't imagine it being any different on OSX.

# ls -la
total 4
drwxrwxrwx 2 root root  0 Apr 18 22:33 .
drwxrwxrwx 2 root root  0 Apr 18 22:32 ..
-rw-rw-rw- 1 root root  0 Apr 18 22:32 'foo'
-rw-rw-rw- 1 root root 85 Apr 18 22:33 test.php
# cat test.php
<?php

$h = opendir(".");
while ($f = readdir($h)) {
        var_dump($f);
}
closedir($h);

# ~/php/PHP-7.1.4/bin/php test.php
string(1) "."
string(2) ".."
string(5) "'foo'"
string(8) "test.php"

actually, running it all on fedora 25, sorry about that typo

strange. downloaded from drupal.org as far as i remember.
its weird, I know. cant ever recall seeing a filename with 
quotes in it. i know about backslashes. used those with
fortran in 1975. 

Entry before: {{ THEME SANITIZED }}.behaviors.js     (quotes trimmed by readdir() )
Entry after: \'{{ THEME SANITIZED }}.behaviors.js\'  (after using addslashes() )
perhaps echo() and var_dump() use different methods. var_dump using getc/putc ? echo not ?

echo will output a thing as it is with no modifications, besides converting it to a string if it isn't one already. var_dump, being a debugging tool, will output using a representation that makes it easier to know what the thing's exact type and value is; strings will have quotes around them to signify that they are strings, for instance.

As you can see, readdir is not stripping quotes because there are no quotes to begin with. You have code that is adding the quotes somewhere, then on top of it apparently using addslashes which will escape the quotes with backslashes. I don't know why the code is doing any of that but I'm confident it should not be.

Like I said, you need to be using escapeshellarg to put strings into shell commands. It does all the work for you - don't put quotes around the string yourself, don't addslashes yourself.

Nonsense - the quotes you see in ls - la are added by ls itself when the file name contains spaces and are a quoting so that noobs can copy and paste 

Just type "ls - la | cat" and you see what a non-interactive shell sees

RTFM escapeshellargs

> Nonsense - the quotes you see in ls - la are added by ls itself when the file
> name contains spaces and are a quoting so that noobs can copy and paste
[citation needed]

# touch "'foo'"
# touch '"bar"'
# touch 'with spaces'
# ls -la
total 4
drwxrwxrwx 2 root root 0 Apr 18 23:53 .
drwx------ 2 root root 0 Apr 18 23:49 ..
-rw-rw-rw- 1 root root 0 Apr 18 23:53 "bar"
-rw-rw-rw- 1 root root 0 Apr 18 23:53 'foo'
-rw-rw-rw- 1 root root 0 Apr 18 23:53 with spaces
# ls -la | cat
total 4
drwxrwxrwx 2 root root 0 Apr 18 23:53 .
drwx------ 2 root root 0 Apr 18 23:49 ..
-rw-rw-rw- 1 root root 0 Apr 18 23:53 "bar"
-rw-rw-rw- 1 root root 0 Apr 18 23:53 'foo'
-rw-rw-rw- 1 root root 0 Apr 18 23:53 with spaces
# ls -laQ
total 4
drwxrwxrwx 2 root root 0 Apr 18 23:53 "."
drwx------ 2 root root 0 Apr 18 23:49 ".."
-rw-rw-rw- 1 root root 0 Apr 18 23:53 "\"bar\""
-rw-rw-rw- 1 root root 0 Apr 18 23:53 "'foo'"
-rw-rw-rw- 1 root root 0 Apr 18 23:53 "with spaces"

requinix@php.net: you missed the "actually, running it all on fedora 25" and most likely you use some outdated stuff like Debian

here you go:
https://bugzilla.redhat.com/show_bug.cgi?id=1361694
https://unix.stackexchange.com/questions/258679/why-is-ls-suddenly-wrapping-items-with-spaces-in-single-quotes

[harry@rh:/downloads]$ /bin/ls -la
insgesamt 132
drwxrwxrwt   2 root  root       122880 19. Apr 10:01 .
drwxr-xr-x+ 36 harry root         4096 16. Mär 15:44 ..
-rw-r-----   1 harry verwaltung      0 19. Apr 10:01 'with spaces'

[harry@rh:/downloads]$ /bin/ls -la | cat
insgesamt 132
drwxrwxrwt   2 root  root       122880 19. Apr 10:01 .
drwxr-xr-x+ 36 harry root         4096 16. Mär 15:44 ..
-rw-r-----   1 harry verwaltung      0 19. Apr 10:01 with spaces

Then that would explain why OP thought the filename had quotes.

...wow, that's a stupid decision.

well, whatever theme he is using - i would stop to use anything from that developer which did not get the basics that a filename on webservers only should have [a-z][0-9]-_ meaning no special chars, no spaces, no uppercase letters

anyways the "ls" out put is to help noobs copy&paste

stat with spaces
versus
stat 'with spaces'

however, it's not uncommon that outputs of interactive shells are different than what scripts really see (colors, automatic paging and so on) - hence pipe it through "cat" leads to get the non-interactive version because of the pipe

escapeshellarg() works. after it adds back single quotes around the file then stat works. using echo shows the single quotes are added back. but as i said below, readdir() is stripping the quotes, otherwise, I would not need to use escapeshellarg.
as someone said below, its better not to use quotes in filenames ..

James. There are no quotes in the filename. Not at all. ls is lying to you.

> escapeshellarg() works. after it adds back single quotes around the file

there is nothing to add BACK because there was nothing

> using echo shows the single quotes are added back

no

> but as i said below, readdir() is stripping the quotes, 

DAMNED there are no quotes in the filename, read the responses you got here and try to understand at least the basics 

> otherwise, I would not need to use escapeshellarg

DAMNED you ALWAYS have to use escapeshellarg() when you supply soemting as shell param BECAUSE it filename could contain a space or special chars which are DANGEROUS and could pe interpreted by the caller in unpredicatable ways

SIMPLE EXAMPLE:
file is called '-rf *' and yes YOU CAN create such file by "touch \*" - guess what happens with passthru("rm /folder/$file");