Skip to content

Commit 65fe7d0

Browse files
committed
docs(adapter/sqs): PR #923 round-3 — drop stale buildBatchSendRecord doc + note residual edge
claude[bot] approved round-2; these are the two non-blocking nits it raised: - Remove the stale first paragraph of buildBatchSendRecord's doc comment (it referenced a *sqsAPIError return that no longer exists and duplicated the accurate description that follows). - Document the residual edge in the design doc: if attempt 1 commits and a concurrent SetQueueAttributes tightens a limit before the retry, the retry re-validates and reports the (already-stored) entry as failed — an inconsistent client view within the at-least-once contract, never a double-send. No code change. No functional change.
1 parent ac3e128 commit 65fe7d0

2 files changed

Lines changed: 13 additions & 5 deletions

File tree

adapter/sqs_messages_batch.go

Lines changed: 0 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -403,10 +403,6 @@ func (s *SQSServer) resolveFreshFifoSnapshot(ctx context.Context, queueName stri
403403
return meta, dedupID, delay, nil
404404
}
405405

406-
// buildBatchSendRecord runs every per-entry validation a single
407-
// SendMessage would, but returns the *sqsAPIError so the batch path
408-
// can drop the entry into Failed[] instead of failing the whole
409-
// request.
410406
// buildBatchSendRecord builds one standard-queue batch entry's record. It splits
411407
// two concerns that must NOT be conflated:
412408
//

docs/design/2026_06_03_partial_dynamodb_onephase_dedup.md

Lines changed: 13 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -357,7 +357,19 @@ every replica applying the same log entry.
357357
every attempt (`buildSendRecordWithIdentity`), so the retry overwrites the
358358
same keys idempotently. This needs **no** FSM probe / `PrevCommitTS` / gate —
359359
the keys become content-stable, so re-applying is a plain idempotent
360-
overwrite. Tests: `adapter/sqs_batch_send_dedup_test.go`.
360+
overwrite. The identity also pins `AvailableAtMillis` (vis-key input) and the
361+
per-entry validation re-runs against the current meta on every attempt, so a
362+
mid-retry `SetQueueAttributes` neither shifts the vis key (codex P2 round-1)
363+
nor lets a now-too-large body through (codex P2 round-2). Tests:
364+
`adapter/sqs_batch_send_dedup_test.go`.
365+
- **Residual edge (within at-least-once, no action):** if attempt 1
366+
*commits* (committed-but-conflicted) and a concurrent `SetQueueAttributes`
367+
tightens a limit (e.g. lowers `MaximumMessageSize`) before the retry, the
368+
retry's re-validation rejects the entry into `Failed[]` even though it is
369+
already in the queue — an inconsistent client view (message stored, client
370+
told it failed) but never a double-send. This is within the SQS
371+
standard-queue at-least-once contract; distinguishing committed-vs-not
372+
would need a dedup probe, which is out of proportion for this corner.
361373

362374
## Milestones
363375

0 commit comments

Comments
 (0)