Prefer using tempfile.NamedTemporaryFile instead. According to the official Python documentation, the tempfile.mktemp function is considered unsafe and should be avoided. This is because the generated file name may initially point to a non-existent file, and by the time you attempt to create it, another process may have already created a file with the same name, leading to potential conflicts.
Apply with the Grit CLI
grit apply replace_tempfile
Replace tempfile.mktemp ⇒ tempfile.NamedTemporaryFile
BEFORE
import tempfile as tf # BAD: tempfile-insecure x = tempfile.mktemp() # BAD: tempfile-insecure x = tempfile.mktemp(dir="/tmp")
AFTER
import tempfile as tf # BAD: tempfile-insecure x = tempfile.NamedTemporaryFile(delete=False) # BAD: tempfile-insecure x = tempfile.NamedTemporaryFile(dir="/tmp", delete=False)