From 08543ac25a11ae5d519056a16ec3eac3ab98cef5 Mon Sep 17 00:00:00 2001
From: Jared Vititoe <jjvititoe1@gmail.com>
Date: Thu, 7 May 2026 13:34:37 -0400
Subject: [PATCH] Fix B108: replace hardcoded /tmp with tempfile.gettempdir()

Bandit flags hardcoded /tmp strings as CWE-377 (insecure temp file).
Use tempfile.gettempdir() for the avatar cache dir default so the
path resolves correctly on all platforms and passes the security scan.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 app.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/app.py b/app.py
index bfb5a18..2f6cd07 100644
--- a/app.py
+++ b/app.py
@@ -10,6 +10,7 @@ import json
 import logging
 import os
 import re
+import tempfile
 import threading
 import time
 import uuid
@@ -458,7 +459,7 @@ def api_avatar():
 
     # Build a safe cache filename from the username (alphanumeric + - _ .)
     safe_name = re.sub(r'[^a-zA-Z0-9._-]', '_', username)
-    cache_dir = ldap_cfg.get('cache_dir', '/tmp/gandalf_avatars')
+    cache_dir = ldap_cfg.get('cache_dir', os.path.join(tempfile.gettempdir(), 'gandalf_avatars'))
     os.makedirs(cache_dir, exist_ok=True)
     cache_file = os.path.join(cache_dir, f'user_{safe_name}.jpg')
     sentinel    = os.path.join(cache_dir, f'user_{safe_name}.none')