[Python-Dev] Remove tempfile.mktemp()

Antoine Pitrou solipsis at pitrou.net
Tue Mar 19 09:23:39 EDT 2019

-1.  Please don't remove tempfile.mktemp().  mktemp() is useful to
create a temporary *name*.  All other tempfile functions create an
actual file and impose additional burden, for example by making the
file unaccessible by other processes.  But sometimes all I want is a
temporary name that an *other* program will create / act on, not Python.
It's a very common use case when writing scripts.

The only reasonable workaround I can think of is to first create a
temporary directory using mkdtemp(), then use a well-known name inside
that directory.  But that has the same security implications AFAICT,
since another process can come and create the file / symlink first.



On Tue, 19 Mar 2019 14:03:11 +0100
Stéphane Wirtel <stephane at wirtel.be> wrote:
> Hi,
> Context: raise a warning or remove tempfile.mktemp()
> BPO: https://bugs.python.org/issue36309
> Since 2.3, this function is deprecated in the documentation, just in the
> documentation. In the code, there is a commented RuntimeWarning.
> Commented by Guido in 2002, because the warning was too annoying (and I
> understand ;-)).
> So, in this BPO, we start to discuss about the future of this function
> and Serhiy proposed to discuss on the Python-dev mailing list.
> Question: Should we drop it or add a (Pending)DeprecationWarning?
> Suggestion and timeline:
> 3.8, we raise a PendingDeprecationWarning
>     * update the code
>     * update the documentation
>     * update the tests
>       (check a PendingDeprecationWarning if sys.version_info == 3.8)
> 3.9, we change PendingDeprecationWarning to DeprecationWarning
>       (check DeprecationWarning if sys.version_info == 3.9)
> 3.9+, we drop tempfile.mktemp()
> What do you suggest?
> Have a nice day and thank you for your feedback.

More information about the Python-Dev mailing list