El jue, 14 abr 2022 a las 12:21, Damian Shaw (<damian.peter.shaw@gmail.com>) escribió:
> I searched grep.app and found no significant usage.

Maybe someone wants to inform mitmproxy?

It's a very popular tool and it comes up using that tool when searching for "import mailcap" using grep.app:
https://grep.app/search?q=import%20mailcap
https://github.com/mitmproxy/mitmproxy/blob/main/mitmproxy/tools/console/master.py#L2

Thanks for catching that! I missed it because I mistakenly searched for '"import mailcap"' in quotes. It looks like mitmproxy isn't vulnerable to the security issue because it only passes a filename from mkstemp() to mailcap, and hopefully mkstemp filenames don't have shell metacharacters in them. However, if we deprecate mailcap mitmproxy will have to change their code.

El jue, 14 abr 2022 a las 13:33, Guido van Rossum (<guido@python.org>) escribió:
Probably because it’s not a top level module — it’s inside the email package.
It's in fact a top-level module.