Deprecate confusing APIs like “os.path.commonprefix()”

The article argues that confusing APIs like Python’s os.path.commonprefix() should be deprecated because their misleading naming and placement cause developers to misuse them and introduce security vulnerabilities. It shows how decades of confusion around this function led to real path-traversal bugs and concludes that unsafe or misleading APIs should be replaced by clearer alternatives ...

https://sethmlarson.dev/deprecate-confusing-apis-like-os-path-commonprefix