https://github.com/python/cpython/commit/276b9f2ea2da29313619eacfc677e6e907a67889 commit: 276b9f2ea2da29313619eacfc677e6e907a67889 branch: 3.12 author: Miss Islington (bot) <[email protected]> committer: sethmlarson <[email protected]> date: 2026-02-03T14:29:02Z summary:
[3.12] gh-74453: Add stronger security warning to os.path.commonprefix gh-74453: Add stronger security warning to os.path.commonprefix (GH-144401) (cherry picked from commit 4e15b8d95da9a0f58ad58283979c37e43ff61229) Co-authored-by: Seth Michael Larson <[email protected]> files: M Doc/library/os.path.rst diff --git a/Doc/library/os.path.rst b/Doc/library/os.path.rst index 4208c7293876ba..fb6ac3eab92e8f 100644 --- a/Doc/library/os.path.rst +++ b/Doc/library/os.path.rst @@ -93,15 +93,17 @@ the :mod:`glob` module.) .. function:: commonprefix(list) - Return the longest path prefix (taken character-by-character) that is a - prefix of all paths in *list*. If *list* is empty, return the empty string + Return the longest string prefix (taken character-by-character) that is a + prefix of all strings in *list*. If *list* is empty, return the empty string (``''``). - .. note:: + .. warning:: This function may return invalid paths because it works a - character at a time. To obtain a valid path, see - :func:`commonpath`. + character at a time. + If you need a **common path prefix**, then the algorithm + implemented in this function is not secure. Use + :func:`commonpath` for finding a common path prefix. :: _______________________________________________ Python-checkins mailing list -- [email protected] To unsubscribe send an email to [email protected] https://mail.python.org/mailman3//lists/python-checkins.python.org Member address: [email protected]
