Skip to content

Docs: is_process_trusted() silently returns True on framework load failure — behavior undocumented#221

Open
kumburovicbranko682-boop wants to merge 1 commit into
TomBadash:masterfrom
kumburovicbranko682-boop:contribai/docs/is-process-trusted-silently-returns-true
Open

Docs: is_process_trusted() silently returns True on framework load failure — behavior undocumented#221
kumburovicbranko682-boop wants to merge 1 commit into
TomBadash:masterfrom
kumburovicbranko682-boop:contribai/docs/is-process-trusted-silently-returns-true

Conversation

@kumburovicbranko682-boop

Copy link
Copy Markdown

Problem

The function is_process_trusted() is the public API callers use to decide whether to show accessibility permission prompts. Both the _load_frameworks and the main try/except paths return True on failure (lines ~43, ~95), meaning callers will believe accessibility is granted when ctypes loading or the trust check itself throws. This "fail open" design is intentional (so the app doesn't block on non-macOS platforms or broken frameworks), but it is not documented anywhere. A maintainer debugging a user report of "Mouser said permissions were fine but hooks don't work" has no indication that this is the cause. The module docstring and function docstring are both missing.

Severity: medium
File: core/accessibility.py

Solution

Add a docstring to is_process_trusted:

Changes

  • core/accessibility.py (modified)

Testing

  • Existing tests pass
  • Manual review completed
  • No new warnings/errors introduced

…ilure — behavior undocumented

The function is_process_trusted() is the public API callers use to decide whether to show accessibility permission prompts. Both the _load_frameworks and the main try/except paths return True on failure (lines ~43, ~95), meaning callers will believe accessibility is granted when ctypes loading or the trust check itself throws. This "fail open" design is intentional (so the app doesn't block on non-macOS platforms or broken frameworks), but it is not documented anywhere. A maintainer debugging a user report of "Mouser said permissions were fine but hooks don't work" has no indication that this is the cause. The module docstring and function docstring are both missing.


Affected files: accessibility.py

Signed-off-by: kumburovicbranko682-boop <295886834+kumburovicbranko682-boop@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant