Sonar: Upgrade and Secure Temp File Creation
sonar:python/secure-tempfile-S5445​
Importance | Review Guidance | Requires Scanning Tool |
---|---|---|
High | Merge Without Review | Yes (Sonar) |
This codemod acts upon the following Sonar rules: python:S5445.
This codemod replaces all tempfile.mktemp
calls to the more secure tempfile.mkstemp
.
The Python tempfile documentation is explicit
that tempfile.mktemp
should be deprecated to avoid an unsafe and unexpected race condition.
The changes from this codemod look like this:
import tempfile
- tempfile.mktemp(...)
+ tempfile.mkstemp(...)
If you have feedback on this codemod, please let us know!
F.A.Q.​
Why is this codemod marked as Merge Without Review?​
We believe this codemod is safe and will cause no unexpected errors.
Codemod Settings​
N/A