[Code Quality] ProtectedKeyProvider — three bare catch blocks (lines 256, 274, 310) swallow exceptions without binding the variable

[Christophe-Rogiers]

Severity: Info

File: src/Servy.Core/Security/ProtectedKeyProvider.cs

Lines: 256, 274-278, 310-314

Code snippet:

try
{
    using (var eventLog = new EventLog("Application"))
    {
        eventLog.Source = AppConfig.EventSource;
        eventLog.WriteEntry(...);
    }
}
catch { /* Silently ignore if direct event log creation fails */ }

Explanation:
Three of the EventLog-write try blocks use bare catch (no exception parameter, no logging). The Logger.Error/Warn line that follows still surfaces the message via the file logger, so the operational outcome is fine — but:

1. Bare catch { } triggers code-analyzer warnings (CA1031) and obscures what kinds of failures we actually see in the field. EventLog source registration on Windows fails for distinct reasons (missing source registration, EventLog quota full, permission denied) and silencing all of them prevents any postmortem signal.
2. Without binding the variable, we cannot even log a one-line debug breadcrumb if Logger is later configured at debug level.

Suggested fix:
Replace the three bare catches with catch (Exception eventLogEx) { Logger.Debug($"EventLog write failed (falling back to file logger): {eventLogEx.GetType().Name}"); } or similar. The user-visible behavior stays the same; the diagnosability improves.

🤖 Generated with Claude Code

[aelassas]

All fixed.