Summary
The cat function in crates/gitlawb-node/src/ipfs_pin.rs (introduced in 74b7a40 as part of the B1 fetch work) issues a reqwest::Client::new().post(...).send().await? with no explicit request timeout. A stalled or slow Kubo node can hang the handler indefinitely.
Suggested fix
Add a bounded timeout to the cat request, e.g.:
use std::time::Duration;
let resp = reqwest::Client::builder()
.timeout(Duration::from_secs(30))
.build()?
.post(&url)
.send()
.await?;The timeout value should be tunable (configurable constant or env-driven) to account for worst-case envelope size / read latency in production.
Context
Flagged during review of PR #40 (recipient-set blinding at rest). Deferred to address in the encrypted-replication lane.
Backlinks: #40 (comment)
/cc @beardthelion
Summary
The
catfunction incrates/gitlawb-node/src/ipfs_pin.rs(introduced in 74b7a40 as part of the B1 fetch work) issues areqwest::Client::new().post(...).send().await?with no explicit request timeout. A stalled or slow Kubo node can hang the handler indefinitely.Suggested fix
Add a bounded timeout to the
catrequest, e.g.:The timeout value should be tunable (configurable constant or env-driven) to account for worst-case envelope size / read latency in production.
Context
Flagged during review of PR #40 (recipient-set blinding at rest). Deferred to address in the encrypted-replication lane.
Backlinks: #40 (comment)
/cc @beardthelion