From 24255c6c52703cd45d39034647037fc5323caeae Mon Sep 17 00:00:00 2001 From: "glm-5.1" Date: Mon, 11 May 2026 01:59:07 +0000 Subject: [PATCH] feat(docs-cleanup-bugs): remove resolved Bugs section from call-protocol.md Remove the Bugs subsection from Source vs. Spec Drift since both bugs (checkAccess resource bypass and PendingRequestMap type name conflict) have been resolved. Update intro sentence to remove Bug mention. ADR-005 and ADR-006 drift tables remain intact. --- docs/architecture/call-protocol.md | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/docs/architecture/call-protocol.md b/docs/architecture/call-protocol.md index 6899ccb..90b76dc 100644 --- a/docs/architecture/call-protocol.md +++ b/docs/architecture/call-protocol.md @@ -309,7 +309,7 @@ This allows spec-only registration for scenarios where handlers are provided sep ## Source vs. Spec Drift -This section documents differences between the architecture spec (this document) and the current source code. Items marked **ADR-005** or **ADR-006** are planned changes not yet implemented. Items marked **Bug** are unintentional discrepancies. +This section documents differences between the architecture spec (this document) and the current source code. Items are planned changes not yet implemented. ### ADR-005 (Response Envelopes) — not yet implemented @@ -336,13 +336,6 @@ This section documents differences between the architecture spec (this document) | `execute()` return type | `Promise>` | `Promise` | | `execute()` error type | Throws `CallError` | Throws plain `Error` | -### Bugs - -| What | Description | -|------|-------------| -| `checkAccess()` resource check bypass | When `identity.resources` is `undefined` (falsy), the resource access check at `call.ts:248` (`if (resourceType && resourceAction && identity.resources)`) evaluates to `false` and falls through to `return true` — granting access even though `resourceType`/`resourceAction` are declared on the operation. This means an identity without any declared resources passes resource-level access control for operations that require it. ADR-006's default-deny rule (`ACCESS_DENIED` when required scopes/resources are missing) would fix this. | -| `PendingRequestMap` type name conflict | `src/env.ts` exports a `PendingRequestMap` **interface** (reduced signature: missing `deadline`, `identity` typed as `unknown`). `src/call.ts` exports the **class** `PendingRequestMap` which has the full signature. `src/index.ts` re-exports the interface as `PendingRequestMap` and the class as `PendingRequestMapClass`. This naming creates confusion — the documented `PendingRequestMap` refers to the class, but importing the type gives the reduced interface. | - ## References - [response-envelopes.md](response-envelopes.md) — `ResponseEnvelope` types, factory functions, detection, and integration points