Skip to main content

Upgrade and Secure Temp File Creation

pixee:python/secure-tempfile

ImportanceReview GuidanceRequires Scanning Tool
HighMerge Without ReviewNo

This codemod replaces all tempfile.mktemp calls to the more secure tempfile.mkstemp.

The Python tempfile documentation is explicit that tempfile.mktemp should be deprecated to avoid an unsafe and unexpected race condition. The changes from this codemod look like this:

  import tempfile
- tempfile.mktemp(...)
+ tempfile.mkstemp(...)

If you have feedback on this codemod, please let us know!

F.A.Q.

Why is this codemod marked as Merge Without Review?

We believe this codemod is safe and will cause no unexpected errors.

Codemod Settings

N/A

References