Shared memory and context tools for agentic work.
Code Rooms
{
"schema": "m1nd-bug-hunt-audit-result-v0",
"round_id": "bughunt-p-limit-tempo-20260514T145029Z",
"lane_id": "audit-05",
"instruction_mode": "direct",
"repo": "p-limit",
"model": "gpt-5-codex",
"started_at": "2026-05-14T14:50:42.655610+00:00",
"finished_at": "2026-05-14T15:15:25Z",
"findings": [
"title": "limitFunction() drops call arguments and receiver context",
"severity": "high",
"file": "index.js:121-124",
"symbol": "limitFunction",
"cause": "The wrapper returned by limitFunction is `() => limit(() => function_())`, so it never forwards the invocation arguments or the caller's `this` binding into the wrapped function.",
"impact": "Any limited function that expects parameters or method state silently runs with `undefined` inputs. Consumers get incorrect results even though concurrency limiting still appears to work.",
"evidence": [
"`index.js:124` returns a zero-argument arrow and calls `function_()` with no binding.",
"Focused probe output: `{\\\"argsResult\\\":[],\\\"thisResult\\\":\\\"missing:undefined\\\",...}` after calling `limitFunction(async (...args) => args, {concurrency: 1})(\"a\", 42)` and a limited method on an object with `{prefix: \"ok:\"}`.",
"`test.js:343-356` only exercises a zero-argument callback, so the broken argument/receiver path is untested."
],
"reproduction_or_test": "Run a Node probe that calls `limitFunction(async (...args) => args, {concurrency: 1})(\"a\", 42)` and a method-style callback; both come back without the original arguments/binding.",
"confidence": "high"
},
"title": "Options-form pLimit({concurrency}) unexpectedly enables rejectOnClear by default",
"file": "index.js:4-8",
"symbol": "pLimit",
"cause": "When the options object path is used, destructuring sets `rejectOnClear = true`, overriding the documented default of `false` whenever the property is omitted.",
"impact": "Code that constructs a limiter with `pLimit({concurrency: ...})` and later calls `clearQueue()` gets `AbortError` rejections from pending work even though the published contract says those rejections are opt-in.",
"`index.js:4-8` initializes `rejectOnClear` to `false` and then replaces it with `true` for missing options properties.",
"`index.d.ts:99-106` and `readme.md:46-58,149-155` document `rejectOnClear` defaulting to `false`.",
"Focused probe output: `{...,\\\"clearDefaultResult\\\":\\\"rejected:AbortError\\\",...}` after `const limit = pLimit({concurrency: 1}); limit.clearQueue();` on a pending task.",
"`test.js:257-273` verifies the options form but never calls `clearQueue()`, while `test.js:199-215` only covers the explicit `rejectOnClear: true` case."
"reproduction_or_test": "Create `const limit = pLimit({concurrency: 1})`, queue one running task and one pending task, `await Promise.resolve()`, call `limit.clearQueue()`, and await the pending promise: it rejects with `AbortError` instead of remaining unresolved.",
"title": "rejectOnClear validation accepts falsy non-boolean values",
"severity": "medium",
"file": "index.js:12-13",
"cause": "The validator only throws when `rejectOnClear` is truthy and non-boolean, so falsy invalid values like `0`, `''`, or `null` bypass validation entirely.",
"impact": "Misconfigured callers do not get the documented type error and instead silently fall back to the non-rejecting clearQueue path, which makes configuration bugs harder to catch and violates the declared boolean-only API.",
"`index.js:12-13` uses `if (rejectOnClear && typeof rejectOnClear !== 'boolean')`.",
"Focused probe output accepted all of `0`, `''`, and `null`: `{...,\\\"rejectOnClearAccepted\\\":[\\\"0\\\",\\\"\\\",\\\"null\\\"]}`.",
"`index.d.ts:99-106` and `readme.md:46-52,149-155` both declare `rejectOnClear` as a boolean option."
"reproduction_or_test": "Instantiate `pLimit({concurrency: 1, rejectOnClear: 0})`, `pLimit({concurrency: 1, rejectOnClear: ''})`, and `pLimit({concurrency: 1, rejectOnClear: null})`; all three are accepted instead of throwing `Expected `rejectOnClear` to be a boolean`.",
"title": "TypeScript forbids synchronous limitFunction callbacks that work at runtime",
"severity": "low",
"file": "index.d.ts:133-136",
"cause": "The published type signature restricts the callback return to `PromiseLike<ReturnType>`, even though the runtime path simply delegates through `pLimit` and accepts synchronous return values.",
"impact": "TypeScript consumers cannot use valid runtime patterns like `limitFunction(() => 123, {concurrency: 1})` without casts or wrapper async functions, so the typed API is narrower than the shipped behavior.",
"`index.d.ts:133-136` requires `PromiseLike<ReturnType>`.",
"`index.test-d.ts:24-29` intentionally codifies the mismatch with `expectError(limitFunction((_a: string) => 'x', {concurrency: 1}))`.",
"Runtime probe `limitFunction(() => 123, {concurrency: 1})()` printed `123` successfully."
"reproduction_or_test": "In JavaScript, call `await limitFunction(() => 123, {concurrency: 1})()` and observe it resolves to `123`; in TypeScript, the same callback is rejected by the published declaration file.",
}
"commands_run": [
"sed -n '1,240p' /Users/kle1nz/m1nd/docs/benchmarks/bug-hunt-rounds/bughunt-p-limit-tempo-20260514T145029Z/lane-prompts/audit-05.md",
"rg --files .",
"rg --files /Users/kle1nz/m1nd/docs/benchmarks/bug-hunt-rounds/bughunt-p-limit-tempo-20260514T145029Z | rg 'lane-result-template\\\\.json$'",
"sed -n '1,220p' package.json",
"sed -n '1,240p' index.js",
"sed -n '1,260p' test.js",
"sed -n '261,520p' test.js",
"sed -n '1,260p' index.d.ts",
"sed -n '1,260p' readme.md",
"find /Users/kle1nz/m1nd/docs/benchmarks/bug-hunt-rounds/bughunt-p-limit-tempo-20260514T145029Z -name 'lane-result-template.json' -print",
"node --input-type=module probe: limitFunction argument forwarding",
"sed -n '1,240p' /Users/kle1nz/m1nd/docs/benchmarks/bug-hunt-rounds/bughunt-p-limit-tempo-20260514T145029Z/lane-result-template.json",
"sed -n '1,220p' index.test-d.ts",
"node --input-type=module probe: limitFunction receiver preservation",
"node --input-type=module probe: limitFunction synchronous callback support",
"git log --oneline -- index.js index.d.ts test.js",
"node --input-type=module probe: pLimit({concurrency: 1}).clearQueue() default behavior",
"node --input-type=module probe: rejectOnClear falsy non-boolean validation",
"node --input-type=module probe: pLimit(null)",
"nl -ba index.js | sed -n '1,180p'",
"nl -ba index.d.ts | sed -n '1,220p'",
"nl -ba readme.md | sed -n '1,220p'",
"nl -ba test.js | sed -n '140,380p'",
"test -e /Users/kle1nz/m1nd/docs/benchmarks/bug-hunt-rounds/bughunt-p-limit-tempo-20260514T145029Z/lane-results/audit-05.json && echo exists || echo missing",
"test -e /Users/kle1nz/m1nd/docs/benchmarks/bug-hunt-rounds/bughunt-p-limit-tempo-20260514T145029Z/event-streams/audit-05.jsonl && echo exists || echo missing",
"sed -n '1,220p' /Users/kle1nz/m1nd/docs/benchmarks/bug-hunt-rounds/bughunt-p-limit-tempo-20260514T145029Z/lane-results/audit-05.json",
"tail -n 20 /Users/kle1nz/m1nd/docs/benchmarks/bug-hunt-rounds/bughunt-p-limit-tempo-20260514T145029Z/event-streams/audit-05.jsonl",
"date -u +\"%Y-%m-%dT%H:%M:%SZ\"",
"node --input-type=module probe: consolidated findings output",
"node --input-type=module validation: parse audit-05.json and audit-05.jsonl"
"files_inspected": [
"/Users/kle1nz/m1nd/docs/benchmarks/bug-hunt-rounds/bughunt-p-limit-tempo-20260514T145029Z/lane-prompts/audit-05.md",
"/Users/kle1nz/m1nd/docs/benchmarks/bug-hunt-rounds/bughunt-p-limit-tempo-20260514T145029Z/lane-result-template.json",
"package.json",
"index.js",
"test.js",
"index.d.ts",
"readme.md",
"index.test-d.ts",
"/Users/kle1nz/m1nd/docs/benchmarks/bug-hunt-rounds/bughunt-p-limit-tempo-20260514T145029Z/lane-results/audit-05.json",
"/Users/kle1nz/m1nd/docs/benchmarks/bug-hunt-rounds/bughunt-p-limit-tempo-20260514T145029Z/event-streams/audit-05.jsonl"
"m1nd_usage": [],
"temponizer_usage": [],
"agent_testimony": "Used direct local repo inspection plus focused `node --input-type=module` runtime probes only. I did not read operator-only artifacts, other lane prompts/results, or use any m1nd tooling/helper scripts.",
"notes": "I did not run the full `npm test` suite. The lane prompt explicitly allowed focused runtime probes, and the reproduced findings are all source-backed by `index.js`, the published docs/types, and the current test gaps.",
"non_claims": [
"auditor did not see the operator-only answer key",
"extra findings are unadjudicated until a judge validates them"
]