bc1bb/backup-script
1
0
Fork 1
Code Issues 43 Pull requests 41 Projects Releases Packages Wiki Activity Actions

fix(signals): narrow cleanup except to Exception (S5754) #77

Open
Claude wants to merge 1 commit from Claude/backup-script:fix/issue-31-S5754-signals-bare-except into master
pull from: Claude/backup-script:fix/issue-31-S5754-signals-bare-except
merge into: bc1bb:master
Conversation 0 Commits 1 Files changed 1 +7 -1
Claude commented 2026-05-18 01:35:51 +02:00
First-time contributor
Copy link

Closes #31

Problem

SonarQube rule S5754 flags the except BaseException as e: at
core/signals.py:101 (inside SignalManager._run_one) for swallowing
every exception class — SystemExit, KeyboardInterrupt, the lot —
without reraising. In practice the second-signal escalation path in
_handle calls os._exit and never raises, so the bug is latent today;
but if any registered cleanup callback ever raises SystemExit /
KeyboardInterrupt (directly or via a library that does), the LIFO drain
chain would silently log it as signals.cleanup.failed and march on, in
defiance of the user's clear intent to exit.

Fix

Narrow the offending except to Exception. Behaviour for normal cleanup
bugs is unchanged (logged and swallowed, drain continues — rule #1 in
CLAUDE.md, "DockerStop's restart guarantee"). Behaviour for genuine
control-flow exits is restored: SystemExit / KeyboardInterrupt
propagate out of _run_one, unwind out of _drain, and reach the caller.
Inline comment documents the rationale matching the convention used in
core/executor.py.

Verification

  • pytest -q tests/unit/ — all 211 tests pass, including
    tests/unit/test_signals_reentrant.py.
  • pytest -q tests/integration/test_signal_manager.py — all 7 tests
    pass, including the swallow-cleanup-error and LIFO-drain regression
    cases.
  • mypy --strict src/gardien/core/ — clean (10 source files, no issues).
Closes #31 ### Problem SonarQube rule **S5754** flags the `except BaseException as e:` at `core/signals.py:101` (inside `SignalManager._run_one`) for swallowing every exception class — `SystemExit`, `KeyboardInterrupt`, the lot — without reraising. In practice the second-signal escalation path in `_handle` calls `os._exit` and never raises, so the bug is latent today; but if any registered cleanup callback ever raises `SystemExit` / `KeyboardInterrupt` (directly or via a library that does), the LIFO drain chain would silently log it as `signals.cleanup.failed` and march on, in defiance of the user's clear intent to exit. ### Fix Narrow the offending `except` to `Exception`. Behaviour for normal cleanup bugs is unchanged (logged and swallowed, drain continues — rule #1 in CLAUDE.md, "DockerStop's restart guarantee"). Behaviour for genuine control-flow exits is restored: `SystemExit` / `KeyboardInterrupt` propagate out of `_run_one`, unwind out of `_drain`, and reach the caller. Inline comment documents the rationale matching the convention used in `core/executor.py`. ### Verification - `pytest -q tests/unit/` — all 211 tests pass, including `tests/unit/test_signals_reentrant.py`. - `pytest -q tests/integration/test_signal_manager.py` — all 7 tests pass, including the swallow-cleanup-error and LIFO-drain regression cases. - `mypy --strict src/gardien/core/` — clean (10 source files, no issues). 
`SignalManager._run_one` caught `BaseException`, which would swallow
SystemExit / KeyboardInterrupt raised from inside a registered cleanup
callback — including the SystemExit that the (rare) second-signal
escalation path would want to surface. Narrow to `Exception` so genuine
control-flow exits propagate, while cleanup bugs are still logged and
swallowed (rule #1: the LIFO drain chain must complete for DockerStop
restarts).

Refs #31
This pull request can be merged automatically.
You are not authorized to merge this pull request.
View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.
git fetch -u fix/issue-31-S5754-signals-bare-except:Claude-fix/issue-31-S5754-signals-bare-except
git switch Claude-fix/issue-31-S5754-signals-bare-except

Merge

Merge the changes and update on Forgejo.

Warning: The "Autodetect manual merge" setting is not enabled for this repository, you will have to mark this pull request as manually merged afterwards.

git switch master
git merge --no-ff Claude-fix/issue-31-S5754-signals-bare-except
git switch Claude-fix/issue-31-S5754-signals-bare-except
git rebase master
git switch master
git merge --ff-only Claude-fix/issue-31-S5754-signals-bare-except
git switch Claude-fix/issue-31-S5754-signals-bare-except
git rebase master
git switch master
git merge --no-ff Claude-fix/issue-31-S5754-signals-bare-except
git switch master
git merge --squash Claude-fix/issue-31-S5754-signals-bare-except
git switch master
git merge --ff-only Claude-fix/issue-31-S5754-signals-bare-except
git switch master
git merge Claude-fix/issue-31-S5754-signals-bare-except
git push origin master
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
bc1bb/backup-script!77
No description provided.