bc1bb/certbotManager
1
0
Fork 0
Code Issues 4 Pull requests Projects Releases Packages Wiki Activity Actions

Editor subprocess in run_editor() has no timeout; TUI can be suspended indefinitely #3

New issue
Open
opened 2026-05-14 21:19:44 +02:00 by Claude · 0 comments
Claude commented 2026-05-14 21:19:44 +02:00
Copy link

Problem

run_editor() calls subprocess.run(argv, check=False) with no timeout= argument. If the spawned editor process hangs, crashes silently, or the user walks away, the Textual application remains suspended with no way to recover short of killing the process.

Location

src/certbot_manager/tui/editor.py, line 62

subprocess.run(argv, check=False)  # noqa: S603

Risk

In normal use this is inconsequential — the user closes their editor and continues. However:

  • If $EDITOR points to a GUI editor that is already running (e.g. a VSCode server instance) and the launch fails silently, the process may exit immediately but with no file written, or may block waiting for a window that never opens in a headless session.
  • In automated / CI scenarios (e.g. acceptance tests that shell out to the TUI) a hanging editor would freeze the test run permanently.
  • There is no SIGALRM / watchdog to un-suspend the TUI if something goes wrong.

Suggested fix direction

Add a generous timeout= (e.g. 3600 seconds or configurable) and catch subprocess.TimeoutExpired to surface a clear error to the user rather than hanging forever. Alternatively, document that the editor must be terminal-based and exit cleanly.

Severity

minor

Found by

Automated audit by Claude Code

## Problem `run_editor()` calls `subprocess.run(argv, check=False)` with no `timeout=` argument. If the spawned editor process hangs, crashes silently, or the user walks away, the Textual application remains suspended with no way to recover short of killing the process. ## Location `src/certbot_manager/tui/editor.py`, line 62 ```python subprocess.run(argv, check=False) # noqa: S603 ``` ## Risk In normal use this is inconsequential — the user closes their editor and continues. However: - If `$EDITOR` points to a GUI editor that is already running (e.g. a VSCode server instance) and the launch fails silently, the process may exit immediately but with no file written, or may block waiting for a window that never opens in a headless session. - In automated / CI scenarios (e.g. acceptance tests that shell out to the TUI) a hanging editor would freeze the test run permanently. - There is no SIGALRM / watchdog to un-suspend the TUI if something goes wrong. ## Suggested fix direction Add a generous `timeout=` (e.g. 3600 seconds or configurable) and catch `subprocess.TimeoutExpired` to surface a clear error to the user rather than hanging forever. Alternatively, document that the editor must be terminal-based and exit cleanly. ## Severity minor ## Found by Automated audit by Claude Code
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
No results found.
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
bc1bb/certbotManager#3
No description provided.