diff --git a/git/index/base.py b/git/index/base.py
index 10f8b8b25..797e54e13 100644
--- a/git/index/base.py
+++ b/git/index/base.py
@@ -4,6 +4,7 @@
# This module is part of GitPython and is released under
# the BSD License: http://www.opensource.org/licenses/bsd-license.php
+from ast import Delete
import glob
from io import BytesIO
import os
@@ -351,7 +352,10 @@ def from_tree(cls, repo: "Repo", *treeish: Treeish, **kwargs: Any) -> "IndexFile
# tmp file created in git home directory to be sure renaming
# works - /tmp/ dirs could be on another device
- tmp_index = tempfile.mktemp("", "", repo.git_dir)
+
+ # OpenRefactory Warning: The method 'tempfile.mktemp' creates temporary file in an insecure way.
+ # use 'NamedTemporaryFile' instead of using 'mktemp' to create temporary file
+ tmp_index = tempfile.NamedTemporaryFile("", "", repo.git_dir).name
arg_list.append("--index-output=%s" % tmp_index)
arg_list.extend(treeish)
diff --git a/git/index/util.py b/git/index/util.py
index bfc7fadd6..a3aac43de 100644
--- a/git/index/util.py
+++ b/git/index/util.py
@@ -40,7 +40,9 @@ class TemporaryFileSwap(object):
def __init__(self, file_path: PathLike) -> None:
self.file_path = file_path
- self.tmp_file_path = str(self.file_path) + tempfile.mktemp("", "", "")
+ # OpenRefactory Warning: The method 'tempfile.mktemp' creates temporary file in an insecure way.
+ # use 'NamedTemporaryFile' instead of using 'mktemp' to create temporary file
+ self.tmp_file_path = str(self.file_path) + tempfile.NamedTemporaryFile("", "", "").name
# it may be that the source does not exist
try:
os.rename(self.file_path, self.tmp_file_path)
pFad - Phonifier reborn
Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.
Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.
Alternative Proxies:
Alternative Proxy
pFad Proxy
pFad v3 Proxy
pFad v4 Proxy