augur icon indicating copy to clipboard operation
augur copied to clipboard
verified publisher icon chaoss

Database Connection Leaks in API Routes and CLI Commands

Open shlokgilda opened this issue 1 month ago • 2 comments

Description: Three database connection leaks might cause "too many clients" errors. Sessions are created but never closed.

Affected files:

  1. augur/api/routes/dei.py:112 - dei_report() endpoint never closes session
  2. augur/api/routes/dei.py:39 - dei_track_repo() endpoint lacks exception handling for session cleanup
  3. augur/application/cli/user.py:67 - reset_password() command never closes session

Code locations:

Issue 1: augur/api/routes/dei.py:112-132

def dei_report(application: ClientApplication):
    session = DatabaseSession(logger, engine=current_app.engine)
    # ... operations ...
    return send_file(report.resolve())  # Missing session.close()

Issue 2: augur/api/routes/dei.py:39-101

def dei_track_repo(application: ClientApplication):
    session = DatabaseSession(logger, engine=current_app.engine)  # No context manager
    # ... 60+ lines of operations ...
    session.close()  # Line 99 - not reached if exception occurs

Issue 3: augur/application/cli/user.py:67-78

def reset_password(username, password):
    session = Session()
    # ... operations ...
    session.commit()
    return click.echo("Password updated")  # Missing session.close()

Note: Initial scan performed using Claude Code to identify potential database leaks across the codebase. I've manually verified these by reviewing the actual code.

shlokgilda avatar Nov 12 '25 19:11 shlokgilda

This seems very related to #3392

MoralCode avatar Nov 12 '25 20:11 MoralCode

Yep. After noticing #3392, I asked Claude Code to scan the codebase for further database connection leaks (verified outputs myself though.) I can open a PR for this if you also think these are issues.

shlokgilda avatar Nov 12 '25 20:11 shlokgilda