chore: honest chunk-audit guard docs + >cap bumpAccess test (#189)#190
Merged
Conversation
…mpAccess test (#189) The chunk-audit guard exempts an entire file once it contains any chunked() call, so a new un-chunked sibling IN(...) list in a file that already chunks (memory.ts, dump.ts, aging.ts, dedup.ts) is not caught. Three descriptions (AGENTS.md, chunk.ts note, test header) oversold this as a full invariant. Chosen the honest-docs option over tightening: a per-statement guard robust enough to pass dump.ts (chunk var bound two hops from chunked()) yet catch a planted same-file bypass would need data-flow analysis — overkill and a false-positive risk for a risk:low meta-test. - Soften AGENTS.md / chunk.ts note / test header to state the file-granular limitation explicitly (DRY-consistent wording). - LOW: add a >cap bumpAccess integration test asserting all ids are bumped across chunk boundaries within the single transaction. Closes #189
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
Hardening from the RedTeam gate on PR #185 (issue #189).
MED — chunk-audit guard is file-granular; docs oversell it.
tests/lib/chunk-audit.test.tsexempts an entire file from the input-scaled-placeholder check once that file contains anychunked(call. A new un-chunkedIN (...)added to a file that already chunks (memory.ts,dump.ts,aging.ts,dedup.ts) is therefore not caught. Three descriptions (AGENTS.md Key-Conventions entry, thechunk.tsaudit note, the test header) claimed a stronger invariant than the guard delivers.Chose the issue's option 2 (honest docs) over tightening the guard. A per-statement guard robust enough to pass
dump.ts— where the chunk var is bound two hops fromchunked()(const chunks = chunked(loaIds)→for (const chunk of chunks)→chunk.map(() => '?')) — yet still flag a planted same-file bypass would require real data-flow analysis. That is overkill, and a CI-breaking false-positive risk, for a risk:low meta-test. So all three descriptions now state the file-granular limitation explicitly (kept DRY-consistent).LOW — no >cap integration test for bumpAccess chunking.
Added a test that builds
SQLITE_SAFE_CHUNK_SIZE * 2 + 1rows (spans three chunks) and asserts every id lands ataccess_count === 1— proving no id is dropped at a chunk boundary and the multi-chunk bump commits atomically within its single transaction.Verification
bun run lint(tsc --noEmit) cleanbun testgreen: 1190 pass, 0 failtests/lib/bump-access.test.ts+tests/lib/chunk-audit.test.tspass (14 tests)Closes #189