[Python-Dev] Remove tempfile.mktemp() (original) (raw)
Antoine Pitrou solipsis at pitrou.net
Tue Mar 19 09:39:46 EDT 2019
- Previous message (by thread): [Python-Dev] Remove tempfile.mktemp()
- Next message (by thread): [Python-Dev] Remove tempfile.mktemp()
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Tue, 19 Mar 2019 15:32:25 +0200 Serhiy Storchaka <storchaka at gmail.com> wrote:
19.03.19 15:03, Stéphane Wirtel пише: > Suggestion and timeline: > > 3.8, we raise a PendingDeprecationWarning > * update the code > * update the documentation > * update the tests > (check a PendingDeprecationWarning if sys.versioninfo == 3.8) > > 3.9, we change PendingDeprecationWarning to DeprecationWarning > (check DeprecationWarning if sys.versioninfo == 3.9) > > 3.9+, we drop tempfile.mktemp()
This plan LGTM. Currently mkdir() is widely used in distutils, Sphinx, pip, setuptools, virtualenv, and many other third-party projects, so it will take time to fix all these places. But we should do this, because all this code likely contains security flaws.
The fact that many projects, including well-maintained ones such Sphinx or pip, use mktemp(), may be a hint that replacing it is not as easy as the people writing the Python documentation seem to think.
Regards
Antoine.
- Previous message (by thread): [Python-Dev] Remove tempfile.mktemp()
- Next message (by thread): [Python-Dev] Remove tempfile.mktemp()
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]