Use recommended way to create temporary files #256
Conversation
8701af5 to
f0e6522
Compare
|
@marcjansen I change some things and now the tests are working. |
|
Awesome! |
|
|
||
| pc["1"]["inputs"]["rules"] = rules_file | ||
| atexit.register(remove_rules_file, rules_file) | ||
| # TODO should we use dir=self.temp_file_path |
There was a problem hiding this comment.
Can this comment be removed as self.temp_file_path is set or is this a question whether or not it makes sense to use it?
There was a problem hiding this comment.
I think it makes sense to use it and will remove the comment
There was a problem hiding this comment.
I can also take over, in case you want me to
There was a problem hiding this comment.
@marcjansen yes you can do it yourself
3deede7 to
95fb7df
Compare
The function `mktemp` has been deprecated since Python 2.3 and the replacement `NamedTemporaryFile` should be used to ensure that no other process accidentially writes to the file we expect to be unique for us. This addresses a common weakness "CWE-377: Insecure Temporary File" see e.g. https://cwe.mitre.org/data/definitions/377.html for more information.
95fb7df to
7deb4d0
Compare
Co-authored-by: Anika Weinmann <[email protected]>
7deb4d0 to
daca667
Compare
|
Thanks for the great help @anikaweinmann, much appreciated! Also thanks for the review, @griembauer and @anikaweinmann. I'll merge now. |
The function
mktemphas been deprecated since Python 2.3 and the replacementNamedTemporaryFileshould be used to ensure that no other process accidentially writes to the file we expect to be unique for us.This addresses a common weakness "CWE-377: Insecure Temporary File" see e.g. https://cwe.mitre.org/data/definitions/377.html for more information.
This is not ready for review yet, as there are multiple instances where we use
mktemp. Once I see how the build reacts to this, the others will follow.