Desktop: Add support for opening files through the already-running Graphite executable on Windows and Linux#4117
Open
Desktop: Add support for opening files through the already-running Graphite executable on Windows and Linux#4117
Conversation
…aphite executable on Windows and Linux
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
1 issue found across 8 files
Confidence score: 2/5
- I’m rating this as high risk because
desktop/src/instance_ipc.rsusesfrom_encoded_bytes_uncheckedon IPC-provided bytes, and that violates the function’s documented safety contract. - The reported impact is concrete: a local process can send malformed bytes and potentially trigger undefined behavior, which is a serious stability/security concern.
- Confidence is reasonably strong (severity 8/10, confidence 7/10), so this looks like a real merge blocker rather than a speculative edge case.
- Pay close attention to
desktop/src/instance_ipc.rs- unchecked reconstruction from untrusted IPC bytes can lead to undefined behavior.
Prompt for AI agents (unresolved issues)
Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.
<file name="desktop/src/instance_ipc.rs">
<violation number="1" location="desktop/src/instance_ipc.rs:143">
P1: `from_encoded_bytes_unchecked` is used on IPC-provided bytes, but its safety contract explicitly forbids reconstructing from arbitrary/network-sent bytes. A local process can send invalid data and trigger undefined behavior. Prefer a safe encoding (e.g., UTF-8) with validation or otherwise validate the bytes before conversion.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Code Review
This pull request implements single-instance file-open handoff for Windows and Linux, allowing a secondary process to forward file paths to a running instance via local IPC. It introduces the interprocess crate and a new instance_ipc module to handle communication. Feedback was provided regarding the importance of handling the result of thread spawning in the IPC listener to prevent silent failures.
Comment on lines
+79
to
+93
| let _ = thread::Builder::new().name("graphite-instance-ipc".into()).spawn(move || { | ||
| for connection in listener.incoming() { | ||
| match connection { | ||
| Ok(mut stream) => match read_paths(&mut stream) { | ||
| Ok(paths) if !paths.is_empty() => { | ||
| tracing::info!("Received {} file path(s) from secondary instance", paths.len()); | ||
| scheduler.schedule(AppEvent::AddLaunchDocuments(paths)); | ||
| } | ||
| Ok(_) => {} | ||
| Err(error) => tracing::error!("Failed to read paths from secondary instance: {error}"), | ||
| }, | ||
| Err(error) => tracing::error!("Instance IPC accept failed: {error}"), | ||
| } | ||
| } | ||
| }); |
Contributor
There was a problem hiding this comment.
The spawn method on thread::Builder returns a Result which is marked with #[must_use]. Ignoring it will cause a compiler warning and means that if the thread fails to spawn, the error will be silently ignored. It's better to handle this potential error, for example by logging it.
if let Err(error) = thread::Builder::new().name("graphite-instance-ipc".into()).spawn(move || {
for connection in listener.incoming() {
match connection {
Ok(mut stream) => match read_paths(&mut stream) {
Ok(paths) if !paths.is_empty() => {
tracing::info!("Received {} file path(s) from secondary instance", paths.len());
scheduler.schedule(AppEvent::AddLaunchDocuments(paths));
}
Ok(_) => {}
Err(error) => tracing::error!("Failed to read paths from secondary instance: {error}"),
},
Err(error) => tracing::error!("Instance IPC accept failed: {error}"),
}
}
}) {
tracing::error!("Failed to spawn instance IPC listener thread: {error}");
}
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.