[eskit] Command bus: consider graceful drain timeout on Close() #25

New issue

Open

opened 2026-02-24 03:06:06 +00:00 by ash · 0 comments

ash commented

2026-02-24 03:06:06 +00:00

Owner

Context

Red team audit 2026-02-24 found and fixed a panic: send on closed channel race in command.InProcessBus.

Concern

The current fix uses context cancellation to stop workers on Close(). Workers drain buffered envelopes with ErrBusClosed. However, there is no configurable drain timeout — if a handler is stuck (e.g., slow DB), Close() blocks forever on b.wg.Wait().

Suggestion

Add a WithShutdownTimeout(d time.Duration) option that caps how long Close() waits for in-flight handlers before force-killing worker goroutines.

Severity: Low (only affects shutdown path)

## Context Red team audit 2026-02-24 found and fixed a panic: send on closed channel race in command.InProcessBus. ## Concern The current fix uses context cancellation to stop workers on Close(). Workers drain buffered envelopes with ErrBusClosed. However, there is no configurable drain timeout — if a handler is stuck (e.g., slow DB), Close() blocks forever on b.wg.Wait(). ## Suggestion Add a WithShutdownTimeout(d time.Duration) option that caps how long Close() waits for in-flight handlers before force-killing worker goroutines. Severity: Low (only affects shutdown path)