Secure temp dir in NodeJS without dependencies
jimmywarting opened this issue · 0 comments
jimmywarting commented
I'm looking into ways to reduce the footprint from all dependencies to try and reduce the overall size.
One of them i looked into was if unique-string was really needed.
Lines 7 to 9 in 02f07ea
After reading up on some natives way of solving this problem i found this nice article that solves it in a very straight forward way:
https://advancedweb.hu/secure-tempfiles-in-nodejs-without-dependencies/
mkdtemp handles randomness and uniqueness without collision
import fs from 'fs'
import os from 'os'
import path from 'path'
// import uniqueString from 'unique-string';
// const configDirectory = xdgConfig || path.join(os.tmpdir(), uniqueString());
const configDirectory = xdgConfig || fs.mkdtempSync(fs.realpathSync(os.tmpdir()) + path.sep);