Proxy completeness: Does the proxy capture ALL configuration? Check: max size/weight, expiration, key/value strength, weigher, loader, removal/eviction listener, ticker, scheduler, executor, initial capacity.
State transfer: Are entries serialized or only configuration? If entries: are expired entries filtered? async values handled? weak/soft refs dereferenced? If not: is this documented?
Deserialized consistency: Correct initial state for frequency sketch, timer wheel, drain status, deques, weight counters? Correct node types?
Cross-version compatibility: serialVersionUID present? Can older proxies deserialize in newer versions? Default values correct for missing fields?
Security: Can crafted serialized form create inconsistent state? Are inputs validated? Is the proxy pattern correctly implemented?
Edge cases:
- Serializing during in-flight operations
- Serializing with pending removal notifications
- LoadingCache with non-serializable CacheLoader
- AsyncCache with incomplete futures

For each defect: state the field/behavior affected, before/after across round-trip, severity (data loss, incorrect behavior, security risk).

المزيد من هذا المستودع

نفس المستودع

audit-adaptivity

ben-manes/caffeine

Audit the adaptive window hill-climber and region-resize logic for implementation defects (not algorithm quality)

2026-06-1717.7k

audit-jcache-conformance

ben-manes/caffeine

JSR-107 (JCache) spec-conformance audit

2026-06-1717.7k

audit-state-machine

ben-manes/caffeine

Audit explicit state machines (drain status, node lifecycle, async-value lifecycle) for illegal or missed transitions

2026-06-1717.7k

audit-temporal-walk

ben-manes/caffeine

Heavyweight history-mining bug audit. Walks the caffeine module's git history chronologically (oldest to HEAD), maintains a forward-tracked issue database, and surfaces concerns introduced by past commits that were never resolved. Catches bugs that snapshot mining cannot — half-fixes invisible from current state, latent+trigger pairs across multi-commit interactions, and partial refactors. Slow (model/effort-dependent; ~24h on Opus + max effort) and rare-run (every several months or before a major release).

2026-06-1717.7k

audit-sibling-divergence

ben-manes/caffeine

Differential audit comparing matched code paths that should behave identically. Spawns one auditor per sibling pair (sync/async, bounded/unbounded, view consistency, bulk vs single, generated node variants, read fast vs slow, adapter conformance) and requires a concrete witness scenario where the two paths diverge observably.

2026-06-0217.7k

audit-contract-drift

ben-manes/caffeine

Find places where documented API contracts and the implementation diverge

2026-04-2717.7k

name	audit-serialization
description	Audit serialization proxy correctness and round-trip safety
context	fork
agent	auditor
disable-model-invocation	true

Audit the serialization/deserialization behavior of the cache.

Proxy completeness: Does the proxy capture ALL configuration? Check: max size/weight, expiration, key/value strength, weigher, loader, removal/eviction listener, ticker, scheduler, executor, initial capacity.
State transfer: Are entries serialized or only configuration? If entries: are expired entries filtered? async values handled? weak/soft refs dereferenced? If not: is this documented?
Deserialized consistency: Correct initial state for frequency sketch, timer wheel, drain status, deques, weight counters? Correct node types?
Cross-version compatibility: serialVersionUID present? Can older proxies deserialize in newer versions? Default values correct for missing fields?
Security: Can crafted serialized form create inconsistent state? Are inputs validated? Is the proxy pattern correctly implemented?
Edge cases:
- Serializing during in-flight operations
- Serializing with pending removal notifications
- LoadingCache with non-serializable CacheLoader
- AsyncCache with incomplete futures

For each defect: state the field/behavior affected, before/after across round-trip, severity (data loss, incorrect behavior, security risk).