fix(io): use atomic writes for .param, JSON, and settings files

All file-writing operations used a simple open("w") → write() pattern.
If the application crashes or power is lost mid-write, the target file
is left truncated or empty. This is especially dangerous for .param
files (incomplete parameter sets uploaded to a flight controller could
cause unpredictable behavior) and vehicle_components.json (corrupted
components file breaks all derived parameter computations on startup).

Add a safe_write() utility that writes to a temporary file in the same
directory, then atomically replaces the target via os.replace(). This
ensures the file is either fully written or untouched — never truncated.

Apply safe_write to the four most critical persistence paths:
- ParDict.export_to_param() — .param files
- FilesystemJSONWithSchema.save_json_data() — JSON data files
- ProgramSettings._set_settings_from_dict() — settings.json
- VehicleComponents.save_component_templates_to_file() — templates

Closes #1428

Signed-off-by: Yash Goel <yashhzd@users.noreply.github.com>

Author: yashhzd

ardupilot_methodic_configurator/backend_filesystem_json_with_schema.py

@@ -22,6 +22,7 @@
 from jsonschema import ValidationError, validate, validators
 
 from ardupilot_methodic_configurator import _
+from ardupilot_methodic_configurator.common_safe_file_io import safe_write
 
 
 class FilesystemJSONWithSchema:
@@ -124,11 +125,11 @@ def save_json_data(self, data: dict, data_dir: str) -> tuple[bool, str]:  # noqa
 
         filepath = os_path.join(data_dir, self.json_filename)
         try:
-            with open(filepath, "w", encoding="utf-8", newline="\n") as file:
-                json_str = json_dumps(data, indent=4)
-                # Strip the last newline to avoid double newlines
-                # This is to ensure compatibility with pre-commit's end-of-file-fixer
-                file.write(json_str.rstrip("\n") + "\n")
+            json_str = json_dumps(data, indent=4)
+            # Strip the last newline to avoid double newlines
+            # This is to ensure compatibility with pre-commit's end-of-file-fixer
+            content = json_str.rstrip("\n") + "\n"
+            safe_write(filepath, lambda f: f.write(content))
         except FileNotFoundError:
             msg = _("Directory '{}' not found").format(data_dir)
             logging_error(msg)

ardupilot_methodic_configurator/backend_filesystem_program_settings.py

@@ -34,6 +34,7 @@
 from platformdirs import site_config_dir, user_config_dir
 
 from ardupilot_methodic_configurator import _
+from ardupilot_methodic_configurator.common_safe_file_io import safe_write
 from ardupilot_methodic_configurator.data_model_recent_items_history_list import RecentItemsHistoryList
 
 # Platform detection constant to avoid repeated system calls
@@ -320,9 +321,7 @@ def _load_settings_from_file(settings_path: str) -> dict[str, Any]:
     @staticmethod
     def _set_settings_from_dict(settings: dict) -> None:
         settings_path = os_path.join(ProgramSettings._user_config_dir(), "settings.json")
-
-        with open(settings_path, "w", encoding="utf-8", newline="\n") as settings_file:
-            json_dump(settings, settings_file, indent=4)
+        safe_write(settings_path, lambda f: json_dump(settings, f, indent=4))
 
     @staticmethod
     def _is_template_directory(vehicle_dir: str) -> bool:

ardupilot_methodic_configurator/backend_filesystem_vehicle_components.py

@@ -27,6 +27,7 @@
 from ardupilot_methodic_configurator import _
 from ardupilot_methodic_configurator.backend_filesystem_json_with_schema import FilesystemJSONWithSchema
 from ardupilot_methodic_configurator.backend_filesystem_program_settings import ProgramSettings
+from ardupilot_methodic_configurator.common_safe_file_io import safe_write
 from ardupilot_methodic_configurator.data_model_template_overview import TemplateOverview
 from ardupilot_methodic_configurator.data_model_vehicle_components_json_schema import VehicleComponentsJsonSchema
 
@@ -264,8 +265,7 @@ def save_component_templates_to_file(self, templates_to_save: dict[str, list[dic
         templates = {**existing_templates, **templates_to_save} if existing_templates else templates_to_save
 
         try:
-            with open(filepath, "w", encoding="utf-8", newline="\n") as file:  # use Linux line endings even on Windows
-                json_dump(templates, file, indent=4)
+            safe_write(filepath, lambda f: json_dump(templates, f, indent=4))
             return False, normalized_filepath  # Success, return the filepath
         except FileNotFoundError:
             msg = _("File not found when writing to '{}': {}").format(normalized_filepath, _("Path not found"))

ardupilot_methodic_configurator/common_safe_file_io.py

@@ -0,0 +1,41 @@
+"""
+Crash-safe file writing utilities.
+
+Provides atomic write operations that prevent data corruption from
+crashes, power loss, or OS-level interruptions during file writes.
+
+SPDX-FileCopyrightText: 2024-2026 Amilcar do Carmo Lucas <amilcar.lucas@iav.de>
+
+SPDX-License-Identifier: GPL-3.0-or-later
+"""
+
+import os
+import tempfile
+from typing import IO, Callable
+
+
+def safe_write(filepath: str, write_func: Callable[[IO], None]) -> None:
+    """
+    Write to a temporary file, then atomically replace the target.
+
+    This ensures the target file is either fully written or untouched —
+    never truncated or empty due to a crash mid-write.
+
+    Args:
+        filepath: The target file path to write to.
+        write_func: A callable that receives an open file handle and writes content to it.
+
+    """
+    dir_name = os.path.dirname(filepath) or "."
+    fd, tmp_path = tempfile.mkstemp(dir=dir_name, suffix=".tmp")
+    try:
+        with os.fdopen(fd, "w", encoding="utf-8", newline="\n") as tmp_file:
+            write_func(tmp_file)
+        os.replace(tmp_path, filepath)  # atomic on POSIX, near-atomic on Windows
+    except BaseException:
+        with open(os.devnull, "w") as _:
+            try:
+                os.unlink(tmp_path)
+            except OSError:
+                pass
+        raise

ardupilot_methodic_configurator/data_model_par_dict.py

@@ -19,6 +19,7 @@
 from typing import Callable, Optional, Union
 
 from ardupilot_methodic_configurator import _
+from ardupilot_methodic_configurator.common_safe_file_io import safe_write
 
 # ArduPilot parameter names start with a capital letter and can have capital letters, numbers and _
 PARAM_NAME_REGEX = r"^[A-Z][A-Z_0-9]*$"
@@ -294,11 +295,14 @@ def export_to_param(
 
         """
         formatted_params = self._format_params(file_format)
-        with open(filename_out, "w", encoding="utf-8", newline="\n") as output_file:  # use Linux line endings even on Windows
+
+        def _write(output_file):  # type: ignore[no-untyped-def]
             if content_header:
                 output_file.write("\n".join(content_header) + "\n")
             output_file.writelines(line + "\n" for line in formatted_params)
 
+        safe_write(filename_out, _write)
+
     @staticmethod
     def print_out(formatted_params: list[str], name: str) -> None:
         """