Summary

TinyPEN's outgoing fetch() calls to RERUM have no timeout configured. If RERUM becomes slow (accepting connections but responding slowly), TinyPEN workers will block indefinitely waiting for a response.

Evidence

From code review: all fetch() calls to RERUM in routes/*.js use the default Node.js fetch with no AbortController or timeout option.

From load testing (Run 4, Phase 10d — Slow RERUM):

• Scaled RERUM to 1 worker, then sent 20 VUs of traffic through the full stack
• TinyPEN workers did not hang indefinitely in this test — but this is because a bottlenecked RERUM still responds (slowly), and a fully down RERUM returns connection refused in ~2.3s
• The dangerous scenario is a RERUM that accepts the TCP connection but never sends a response (e.g., stuck in a long MongoDB query or GC pause). In that case, TinyPEN workers would block forever with no recourse.

Impact

Under a slow-RERUM scenario, all 4 TinyPEN workers could become blocked waiting for responses, making TinyPEN completely unresponsive even though it's technically running. TPEN Services would then also hang waiting for TinyPEN.

Recommendation

Add AbortController with a 30-second timeout on all outgoing RERUM fetch calls:

const controller = new AbortController()
const timeout = setTimeout(() => controller.abort(), 30000)
try {
  const res = await fetch(url, { signal: controller.signal, ...options })
  // ...
} finally {
  clearTimeout(timeout)
}