"Derrick Stolee via GitGitGadget" <gitgitgadget@xxxxxxxxx> writes: > From: Derrick Stolee <derrickstolee@xxxxxxxxxx> > > The find_temp_filename() method was created in 53a50892be2 (bundle-uri: > create basic file-copy logic, 2022-08-09) and uses odb_mkstemp() to > create a temporary filename. The odb_mkstemp() method uses a strbuf in > its interface, but we do not need to continue carrying a strbuf > throughout the bundle URI code. What the patch does is not wrong per-se, but it is unfortunate that, even though we accepted a known-to-be-racy approach for expediency earlier, the first update to that is not to replace it with a non-racy and safe approach, but make it easier to use, encouraging use of the racy approach and give it an appearance of a clean code X-<.
