On 5/10/2020 4:04 PM, Steve Jorgensen wrote:
I totally get what you're saying. For the sake of simplicity, I thought that the 2 permissiveness options should be one that only prevents path traversal and one that is extremely conservative, omitting characters that are often safe and appropriate but may be unsafe in some cases.
In regard to dot files, those can be safe in some cases, but unsafe in others — writing to configuration files that will be read by shell helpers or editors, for instance.
I don't see how it's realistic to come up with a version that would fit in the stdlib, especially when the stdlib itself has no need for it. It seems like this would be best on PyPI, and I understand there's already at least a few examples of that. Eric