From 3d55423deb2d85f42ed3f371a7a4ca905d6cf9f1 Mon Sep 17 00:00:00 2001
From: Girish Ramakrishnan <girish@cloudron.io>
Date: Wed, 18 Mar 2026 14:26:35 +0530
Subject: [PATCH] Fix usage of safe()

---
 src/acme2.js            |  2 +-
 src/apptask.js          |  2 +-
 src/backupformat/tgz.js |  4 ++--
 src/dns.js              |  6 +++---
 src/services.js         | 14 +++++++-------
 src/updater.js          |  2 +-
 6 files changed, 15 insertions(+), 15 deletions(-)

diff --git a/src/acme2.js b/src/acme2.js
index 98d8b4d1b..d55e10279 100644
--- a/src/acme2.js
+++ b/src/acme2.js
@@ -471,7 +471,7 @@ Acme2.prototype.acmeFlow = async function () {
         const challenge = await this.prepareChallenge(cn, authorization);
         await this.notifyChallengeReady(challenge);
         await this.waitForChallenge(challenge);
-        await safe(this.cleanupChallenge(cn, challenge), { log });
+        await safe(this.cleanupChallenge(cn, challenge), { debug: log });
     }
 
     const csr = await openssl.createCsr(this.key, this.cn, this.altNames);
diff --git a/src/apptask.js b/src/apptask.js
index 0ec566caa..3dbba2eee 100644
--- a/src/apptask.js
+++ b/src/apptask.js
@@ -867,7 +867,7 @@ async function run(appId, args, progressCallback) {
             log('run: update aborted because backup failed');
             await safe(updateApp(app, { installationState: apps.ISTATE_INSTALLED, error: null, health: null }, { log }));
         } else {
-            await safe(updateApp(app, { installationState: apps.ISTATE_ERROR, error: makeTaskError(error, app) }), { log });
+            await safe(updateApp(app, { installationState: apps.ISTATE_ERROR, error: makeTaskError(error, app) }), { debug: log });
         }
 
         throw error;
diff --git a/src/backupformat/tgz.js b/src/backupformat/tgz.js
index 45027c26b..62e3619b1 100644
--- a/src/backupformat/tgz.js
+++ b/src/backupformat/tgz.js
@@ -74,7 +74,7 @@ function addEntryToPack(pack, header, options) {
 
         if (options?.input) {
             const ensureFileSizeStream = new EnsureFileSizeStream({ name: header.name, size: header.size });
-            safe(stream.pipeline(options.input, ensureFileSizeStream, packEntry), { log }); // background. rely on pack.entry callback for promise completion
+            safe(stream.pipeline(options.input, ensureFileSizeStream, packEntry), { debug: log }); // background. rely on pack.entry callback for promise completion
         }
     });
 }
@@ -163,7 +163,7 @@ async function tarPack(dataLayout, encryption, uploader, progressCallback) {
 
     let fileCount = 0;
     for (const localPath of dataLayout.localPaths()) {
-        const [error, stats] = await safe(addPathToPack(pack, localPath, dataLayout), { log });
+        const [error, stats] = await safe(addPathToPack(pack, localPath, dataLayout), { debug: log });
         if (error) break; // the pipeline will error and we will retry the whole packing all over
         fileCount += stats.fileCount;
     }
diff --git a/src/dns.js b/src/dns.js
index 0f2fd9b05..23900a185 100644
--- a/src/dns.js
+++ b/src/dns.js
@@ -263,14 +263,14 @@ async function registerLocations(locations, options, progressCallback) {
                 await registerLocation(location, options, 'A', ipv4);
             } else {
                 const [aError, aValues] = await safe(getDnsRecords(location.subdomain, location.domain, 'A'));
-                if (!aError && aValues.length) await safe(removeDnsRecords(location.subdomain, location.domain, 'A', aValues), { log });
+                if (!aError && aValues.length) await safe(removeDnsRecords(location.subdomain, location.domain, 'A', aValues), { debug: log });
             }
 
             if (ipv6) {
                 await registerLocation(location, options, 'AAAA', ipv6);
             } else {
                 const [aaaaError, aaaaValues] = await safe(getDnsRecords(location.subdomain, location.domain, 'AAAA'));
-                if (!aaaaError && aaaaValues.length) await safe(removeDnsRecords(location.subdomain, location.domain, 'AAAA', aaaaValues), { log });
+                if (!aaaaError && aaaaValues.length) await safe(removeDnsRecords(location.subdomain, location.domain, 'AAAA', aaaaValues), { debug: log });
             }
         });
     }
@@ -364,7 +364,7 @@ async function startSyncDnsRecords(options) {
     assert.strictEqual(typeof options, 'object');
 
     const taskId = await tasks.add(tasks.TASK_SYNC_DNS_RECORDS, [ options ]);
-    safe(tasks.startTask(taskId, {}), { log }); // background
+    safe(tasks.startTask(taskId, {}), { debug: log }); // background
     return taskId;
 }
 
diff --git a/src/services.js b/src/services.js
index a0de9db44..4f63422f8 100644
--- a/src/services.js
+++ b/src/services.js
@@ -237,7 +237,7 @@ async function stopUnusedServices() {
     for (const name of LAZY_SERVICES) {
         if (usedAddons.has(name)) continue;
         log(`stopUnusedServices: stopping ${name} (no apps use it)`);
-        await safe(docker.stopContainer(name), { log });
+        await safe(docker.stopContainer(name), { debug: log });
     }
 }
 
@@ -1766,7 +1766,7 @@ async function applyServiceLimits() {
             changed = true;
         }
 
-        safe(applyMemoryLimit(id), { log });
+        safe(applyMemoryLimit(id), { debug: log });
     }
 
     if (changed) await settings.setJson(settings.SERVICES_CONFIG_KEY, servicesConfig);
@@ -1783,7 +1783,7 @@ async function applyServiceLimits() {
             await apps.update(app.id, { servicesConfig: app.servicesConfig });
         }
 
-        safe(applyMemoryLimit(`redis:${app.id}`), { log });
+        safe(applyMemoryLimit(`redis:${app.id}`), { debug: log });
     }
 }
 
@@ -1877,7 +1877,7 @@ async function rebuildService(id, auditSource) {
         // nothing to rebuild for now.
     }
 
-    safe(applyMemoryLimit(id), { log }); // do this in background. ok to fail
+    safe(applyMemoryLimit(id), { debug: log }); // do this in background. ok to fail
 
     await eventlog.add(eventlog.ACTION_SERVICE_REBUILD, auditSource, { id });
 }
@@ -1916,9 +1916,9 @@ async function configureService(id, data, auditSource) {
 
     // do this in background
     if (needsRebuild) {
-        safe(rebuildService(id, auditSource), { log });
+        safe(rebuildService(id, auditSource), { debug: log });
     } else {
-        safe(applyMemoryLimit(id), { log });
+        safe(applyMemoryLimit(id), { debug: log });
     }
 
     await eventlog.add(eventlog.ACTION_SERVICE_CONFIGURE, auditSource, { id, data });
@@ -1950,7 +1950,7 @@ async function startServices(existingInfra, progressCallback) {
         await fn(existingInfra);
     }
 
-    safe(applyServiceLimits(), { log });
+    safe(applyServiceLimits(), { debug: log });
 }
 
 async function teardownOauth(app, options) {
diff --git a/src/updater.js b/src/updater.js
index 6302ece26..5c83f0ed5 100644
--- a/src/updater.js
+++ b/src/updater.js
@@ -382,7 +382,7 @@ async function checkForUpdates(options) {
     // check app updates
     const result = await apps.list();
     for (const app of result) {
-        await safe(checkAppUpdate(app, options), { log });
+        await safe(checkAppUpdate(app, options), { debug: log });
     }
 
     // raise notifications here because the updatechecker runs regardless of auto-updater cron job