Desktop: Use the OS temp directory for CEF caches

[timon-schelling]

No description provided.

[gemini-code-assist]

Code Review

This pull request refactors CEF instance directory management by introducing a TempDir utility that leverages the Drop trait for automatic cleanup, replacing the previous manual implementation. It also adds global temporary directory cleanup on application startup and handles legacy data removal. Review feedback suggests improving the robustness of the directory clearing logic by avoiding panics, optimizing the generation of random suffixes, and preventing potential panics during the teardown of multithreaded contexts.

[cubic-dev-ai]

5 issues found across 8 files

Confidence score: 2/5

• There are multiple high-confidence, user-impacting risks in teardown and temp directory handling, so merge risk is elevated rather than minimal.
• Most severe: in desktop/src/dirs.rs, using create_dir_all for TempDir can adopt an existing directory and delete it on drop; switching to create_dir avoids that destructive behavior.
• desktop/src/cef/context/multithreaded.rs and desktop/src/dirs.rs still have panic paths (unwrap() in Drop, panic on temp cleanup read failure) that can crash shutdown/startup flows instead of failing gracefully.
• Pay close attention to desktop/src/dirs.rs, desktop/src/cef/context/multithreaded.rs, desktop/src/persist.rs, desktop/src/cef/context/singlethreaded.rs - teardown/cleanup paths can panic, skip cleanup, or leave stale cache/temp data.

Prompt for AI agents (unresolved issues)

Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.


<file name="desktop/src/dirs.rs">

<violation number="1" location="desktop/src/dirs.rs:14">
P2: Avoid panicking on temp cleanup read failures; log and return so startup can continue.</violation>

<violation number="2" location="desktop/src/dirs.rs:64">
P1: Use `create_dir` (not `create_dir_all`) so `TempDir` creation fails when the target path already exists; otherwise a pre-existing directory can be adopted and then deleted on drop.</violation>
</file>

<file name="desktop/src/persist.rs">

<violation number="1" location="desktop/src/persist.rs:123">
P2: The old CEF cache cleanup is gated behind successful state loading, so it is skipped on common early-return paths (missing/corrupt state file). Move this cleanup outside the success-only path so stale cache data is consistently removed.</violation>
</file>

<file name="desktop/src/cef/context/singlethreaded.rs">

<violation number="1" location="desktop/src/cef/context/singlethreaded.rs:15">
P2: Temp directory cleanup is now single-shot; if CEF still holds file handles during shutdown, cache directories can be left behind.</violation>
</file>

<file name="desktop/src/cef/context/multithreaded.rs">

<violation number="1" location="desktop/src/cef/context/multithreaded.rs:62">
P1: Avoid `unwrap()` in `Drop`; a channel disconnect here can panic during teardown.</violation>
</file>

_{Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.}