Whoops, you’re right. I suppose I should have no opinion on whether to deprecate it; I haven’t thought about it for over two decades…

On Thu, Apr 14, 2022 at 16:33 Jelle Zijlstra <jelle.zijlstra@gmail.com> wrote:


El jue, 14 abr 2022 a las 12:21, Damian Shaw (<damian.peter.shaw@gmail.com>) escribió:
> I searched grep.app and found no significant usage.

Maybe someone wants to inform mitmproxy?

It's a very popular tool and it comes up using that tool when searching for "import mailcap" using grep.app:

Thanks for catching that! I missed it because I mistakenly searched for '"import mailcap"' in quotes. It looks like mitmproxy isn't vulnerable to the security issue because it only passes a filename from mkstemp() to mailcap, and hopefully mkstemp filenames don't have shell metacharacters in them. However, if we deprecate mailcap mitmproxy will have to change their code.

El jue, 14 abr 2022 a las 13:33, Guido van Rossum (<guido@python.org>) escribió:
Probably because it’s not a top level module — it’s inside the email package.
It's in fact a top-level module.
 
_______________________________________________
Python-Dev mailing list -- python-dev@python.org
To unsubscribe send an email to python-dev-leave@python.org
https://mail.python.org/mailman3/lists/python-dev.python.org/
Message archived at https://mail.python.org/archives/list/python-dev@python.org/message/25FNDJBERE5PLBP3VX3JQ7ER2LNE2K2O/
Code of Conduct: http://python.org/psf/codeofconduct/
--
--Guido (mobile)