Skip to content

Fix thread safety and resource leaks in DB class#51

Draft
Copilot wants to merge 4 commits intofix/resolve_vulnerabilitiesfrom
copilot/sub-pr-50
Draft

Fix thread safety and resource leaks in DB class#51
Copilot wants to merge 4 commits intofix/resolve_vulnerabilitiesfrom
copilot/sub-pr-50

Conversation

Copy link

Copilot AI commented Jan 20, 2026
edited
Loading

Addresses review feedback on src/db.py: class-level lock causes unnecessary serialization across DB instances, and connections leak when login=True.

Changes

  • Instance-level locking: Moved _lock from class to instance attribute. Each DB instance now has its own lock, eliminating cross-instance contention when operating on separate database files.

  • Resource leak fix: Connections created with login=True are now properly closed in finally blocks. Previously, temporary connections were never closed.

  • APSW compatibility: Removed cursor context managers (with cursor:). APSW cursors don't support the context manager protocol and are lightweight - they don't require explicit cleanup.

def __insert_or_delete(self, query, params, login=False):
    conn = None
    try:
        if login:
            conn = DB.__create_connection(self.__dbfile)
            cursor = conn.cursor()
        else:
            cursor = self.__conn.cursor()
        self.__log_and_execute(cursor, query, params)
        return 1
    except apsw.Error as err:
        log.exception("Database Error: %s" % err)
        return 0
    finally:
        if conn is not None:
            conn.close()  # Prevents resource leak

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

Copilot AI mentioned this pull request Jan 20, 2026
Open
10 tasks
Copilot AI and others added 3 commits January 20, 2026 18:37
@PhBouzid
fix: address review comments on db.py thread safety and resource leaks
129dec4 
Co-authored-by: PhBouzid <15084032+PhBouzid@users.noreply.github.com>
@PhBouzid
fix: remove APSW cursor context managers (not supported)
2cab9ba 
Co-authored-by: PhBouzid <15084032+PhBouzid@users.noreply.github.com>
@PhBouzid
chore: remove accidentally committed test.db and update gitignore
d5fd115 
Co-authored-by: PhBouzid <15084032+PhBouzid@users.noreply.github.com>
Copy link
Author

Copilot AI commented Jan 20, 2026

Just as a heads up, I was blocked by some firewall rules while working on your feedback. Expand below for details.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

  • sqlite.org
    • Triggering command: `/usr/bin/python3 /usr/bin/python3 -c
      exec(compile('''

This is <pip-setuptools-caller> -- a caller that pip uses to run setup.py

- It imports setuptools before invoking setup.py, to enable projects that directly

import from distutils.core to work with newer packaging standards.

#` (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

Copilot AI changed the title [WIP] Fix vulnerabilities in codebase Fix thread safety and resource leaks in DB class Jan 20, 2026
Copilot AI requested a review from PhBouzid January 20, 2026 18:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@PhBouzid PhBouzid Awaiting requested review from PhBouzid

Assignees

@PhBouzid PhBouzid

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@PhBouzid