fix: address PR review — add PATCH to CORS methods, fix semaphore leak

acartag7 · acartag7 · commit 441483ca7fe6 · 2026-03-11T21:38:40.000+01:00
- CORS: add PATCH to allow_methods (assignment rules + agent
  registrations use PATCH routes)
- Evaluate semaphore: use asyncio.shield + done callback so the
  semaphore slot stays acquired until the worker thread actually
  exits, not when the HTTP timeout fires
diff --git a/src/edictum_server/main.py b/src/edictum_server/main.py
@@ -122,9 +122,7 @@ async def _worker_monitor(app: FastAPI) -> None:
             workers = app.state.background_workers
             if workers["approval_timeout"].done():
                 logger.warning("Restarting crashed approval_timeout worker")
-                workers["approval_timeout"] = asyncio.create_task(
-                    _approval_timeout_worker(app)
-                )
+                workers["approval_timeout"] = asyncio.create_task(_approval_timeout_worker(app))
             if workers["partition"].done():
                 logger.warning("Restarting crashed partition worker")
                 workers["partition"] = asyncio.create_task(_partition_worker())
@@ -405,7 +403,7 @@ async def lifespan(app: FastAPI) -> AsyncGenerator[None, None]:
     CORSMiddleware,
     allow_origins=[o.strip() for o in _settings.cors_origins.split(",") if o.strip()],
     allow_credentials=True,
-    allow_methods=["GET", "POST", "PUT", "DELETE", "OPTIONS"],
+    allow_methods=["GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"],
     allow_headers=["Content-Type", "X-Requested-With", "Authorization", "X-Edictum-Agent-Id"],
 )
 
@@ -456,17 +454,14 @@ async def lifespan(app: FastAPI) -> AsyncGenerator[None, None]:
 
 # --- Validation error handler: strip Pydantic internals ----------------------
 @app.exception_handler(RequestValidationError)
-async def validation_error_handler(
-    _request: Request, exc: RequestValidationError
-) -> JSONResponse:
+async def validation_error_handler(_request: Request, exc: RequestValidationError) -> JSONResponse:
     """Return 422 with sanitized error details.
 
     Strips ``ctx`` and ``type`` fields from Pydantic errors to avoid
     leaking framework internals (L4 finding).
     """
     sanitized = [
-        {"loc": e.get("loc", []), "msg": e.get("msg", "Validation error")}
-        for e in exc.errors()
+        {"loc": e.get("loc", []), "msg": e.get("msg", "Validation error")} for e in exc.errors()
     ]
     return JSONResponse(status_code=422, content={"detail": sanitized})
 
diff --git a/src/edictum_server/routes/evaluate.py b/src/edictum_server/routes/evaluate.py
@@ -42,24 +42,39 @@ async def evaluate(
             status_code=429,
             detail="Too many concurrent evaluations. Try again shortly.",
         ) from exc
+
+    # Create thread task independently so we can track it after timeout.
+    # shield() prevents wait_for from cancelling the inner task, letting
+    # the done-callback fire and release the semaphore when the thread
+    # actually finishes — not when the HTTP response is sent.
+    thread_task = asyncio.ensure_future(
+        asyncio.to_thread(
+            evaluate_contracts,
+            yaml_content=body.yaml_content,
+            tool_name=body.tool_name,
+            tool_args=body.tool_args,
+            environment=body.environment,
+            principal_input=body.principal,
+        )
+    )
     try:
-        return await asyncio.wait_for(
-            asyncio.to_thread(
-                evaluate_contracts,
-                yaml_content=body.yaml_content,
-                tool_name=body.tool_name,
-                tool_args=body.tool_args,
-                environment=body.environment,
-                principal_input=body.principal,
-            ),
+        result = await asyncio.wait_for(
+            asyncio.shield(thread_task),
             timeout=_EVALUATE_TIMEOUT_SECONDS,
         )
     except TimeoutError as exc:
+        # Thread still running — release semaphore only when it finishes.
+        thread_task.add_done_callback(lambda _: _EVALUATE_SEMAPHORE.release())
         raise HTTPException(
             status_code=422,
             detail="Evaluation timed out — contract bundle may be too complex.",
         ) from exc
     except ValueError as exc:
+        _EVALUATE_SEMAPHORE.release()
         raise HTTPException(status_code=422, detail=str(exc)) from exc
-    finally:
+    except BaseException:
+        _EVALUATE_SEMAPHORE.release()
+        raise
+    else:
         _EVALUATE_SEMAPHORE.release()
+        return result
