Use tempfile instead of tempdir #16
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "tempfile"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
tempdir is deprecated in favour of tempfile, and all of the function is available in tempfile 3.0.
In addition, tempdir depends on remove_dir_all, which suffers from a TOCTOU vulnerability in the version tempdir uses.
See
github.com/XAMPPRocky/remove_dir_all@7247a8b6eefor details on the vulnerability.@mikedilger Is it possible to get a release with this change in it?
I've pushed a 0.6.1 with all the fixes.
Version 0.7 probably coming soon with upgraded dependencies in incompatible ways.