rescript format -stdin: only create temp file if the name doesn't exist, and use mode 0o600

We should not accidentally overwrite a random file.

Author: BartSchuurmans

package-lock.json

@@ -126,7 +126,9 @@ function main(argv, rescript_exe, bsc_exe) {
         );
         (async function () {
           var content = await readStdin();
-          fs.writeFileSync(filename, content, "utf8");
+          var fd = fs.openSync(filename, "wx", 0o600);
+          fs.writeFileSync(fd, content, "utf8");
+          fs.closeSync(fd);
           process.addListener("exit", () => fs.unlinkSync(filename));
           child_process.execFile(
             bsc_exe,