Module path 

Path security utilities to prevent directory traversal attacks

Enums

PathSecurityError

Functions

normalize_path

Normalize a path by resolving . and .. components in memory This function does not access the filesystem and works on non-existent paths

safe_join

Safely join a user-provided path to a root directory Validates that the result stays within the root

sanitize_path_component

Sanitize a path component by removing or replacing dangerous characters Allows only alphanumeric characters, hyphens, underscores, and dots

validate_path_component

Validate and sanitize a user-provided path component Returns an error if the component contains path traversal attempts

validate_path_within_root

Validate that a path stays within the allowed root directory This prevents directory traversal attacks