fix(api): address API consistency and usability issues across public surface#24
Conversation
- Add QueueError::InvalidReceipt variant to distinguish invalid/expired receipt handles from MessageNotFound (spec assertion #6 now matchable) - Update AWS and Azure providers to use InvalidReceipt instead of MessageNotFound for malformed/expired receipt handles - Re-export AwsError, AwsSqsProvider, AwsSessionProvider and AzureError from crate root, consistent with all other provider types - Remove SendOptions and ReceiveOptions from crate-root re-exports as no public API method currently accepts them (avoids misleading callers) - Rename Message::with_ttl to with_time_to_live to match SendOptions naming - Remove SessionSupport::Unsupported variant (no provider returns it) - Add #[serde(skip)] to AwsSqsConfig::secret_access_key to prevent accidental serialisation of credentials in plain text - Add cross-reference doc comments between QueueClient::receive_message and accept_session to guide users to the right API path
|
Claude finished @pvandervelde's task in 2m 13s —— View job PR Review: fix(api): address API consistency and usability issues
Overall this is a well-motivated, well-scoped PR that brings the codebase into alignment with the spec. The error distinction, security fix, and naming cleanup are all correct. One gap and a few minor issues noted below. In-Memory Provider Inconsistency (Gap)The PR fixes Assertion 6 ( In // Check if receipt is expired
if inflight.lock_expires_at <= now {
queue.in_flight.remove(receipt.handle());
return Err(QueueError::MessageNotFound { // ← should be InvalidReceipt
receipt: receipt.handle().to_string(),
});
}Same pattern in Additionally, Azure's
|
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## master #24 +/- ##
==========================================
- Coverage 50.30% 50.29% -0.02%
==========================================
Files 10 10
Lines 3417 3418 +1
Branches 3417 3418 +1
==========================================
Hits 1719 1719
- Misses 1652 1653 +1
Partials 46 46 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
- Extend InvalidReceipt to in-memory provider: complete_message and abandon_message (and their session equivalents) now return InvalidReceipt for expired or unrecognised receipt handles, consistent with the AWS and Azure providers and spec assertions #6 and #13 - Remove redundant InvalidReceipt arm from retry_after (already covered by the wildcard; its presence implied false uniqueness vs other non-transient variants) - Reformat lib.rs pub use providers block to match surrounding style - Document #[serde(skip)] on AwsSqsConfig::secret_access_key so callers know the field will be None after deserialization and must be supplied at runtime
|
Claude finished @pvandervelde's task in 54s —— View job PR Review: fix(api): address PR review feedback
All four items from the previous review have been correctly addressed in commit In-Memory Provider Inconsistency — Fixed All seven
The
The explicit
The
One Observation (Non-blocking)The What Remains Outstanding from Prior ReviewThe The implementation is correct and complete relative to the previous review feedback. All tests pass (334 unit tests). This PR is ready to merge. |
|
Claude finished @pvandervelde's task in 51s —— View job PR Review: fix(api): address API consistency and usability issues
Commit
All items from the prior two review rounds are complete. This PR is ready to merge. |
Resolves several API shape inconsistencies and a spec/code mismatch identified in a usability review of the public crate surface, covering error types, re-exports, naming, and serialization safety.
What Changed
QueueError::InvalidReceipt— new variant added toerror.rsto distinguish invalid or expired receipt handles fromMessageNotFound. All AWS and Azure provider code paths that previously returnedMessageNotFoundfor bad/expired handles now returnInvalidReceipt.AwsError,AwsSqsProvider,AwsSessionProvider, andAzureErrorare now re-exported fromproviders/mod.rsandlib.rs, consistent with every other provider type.SendOptions/ReceiveOptionsremoved from crate root — neither type is accepted by any current public API method; re-exporting them misled callers into thinking they could be used.Message::with_ttlrenamed towith_time_to_live— aligns with the identical method onSendOptionsso the same concept has one name.SessionSupport::Unsupportedremoved — no provider returns this variant; it inflated the API surface and created false expectations for match arms.AwsSqsConfig::secret_access_keymarked#[serde(skip)]— prevents the AWS secret key from being emitted in plain text when aQueueConfigis serialized (mirrors the existingAzureAuthMethodapproach).QueueClient::receive_messageandaccept_sessionnow each point to the other with a# Notesection to guide users to the correct API for their ordering requirements.Why
A usability review (
spec-feedback.md) identified four major and three minor issues with the public API:InvalidReceiptwas referenced in the spec (docs/spec/assertions.mdassertion chore(config): migrate Renovate config - autoclosed #6,docs/spec/architecture.md) but the variant did not exist, making it impossible to write spec-conformant tests.queue_runtime::providers::AwsError) unlike every other provider.AzureErrorwas similarly missing fromproviders/mod.rsdespite being used in tests.SendOptions/ReceiveOptionsbeing re-exported but unusable was a misleading dead end for callers.with_ttlandwith_time_to_livenaming inconsistency created friction when moving betweenMessageandSendOptions.SessionSupport::Unsupportedhad no reachable production code paths.secret_access_keywas serializable in plain text, a security concern absent from every other credential field in the codebase.How
InvalidReceipt { receipt: String }toQueueErrorand updatedis_transient/retry_afterto handle it (non-transient, no retry delay).AwsError::InvalidReceipt→QueueError::InvalidReceiptand updated all inlineMessageNotFoundreturns in AWS/Azure provider methods that check receipt handle format or respond to HTTP 410 GONE / 404 NOT FOUND on lock operations.providers/mod.rsto re-exportAzureErroralongside the existing Azure types; extended thepub use providers::{...}block inlib.rsto include all six previously-missing types.SendOptionsandReceiveOptionsfrom thepub use message::{...}block inlib.rs(types remain usable via themessagemodule path for future API evolution).Message::with_ttl→with_time_to_liveinmessage.rsand updated all six call sites across test files.SessionSupport::Unsupportedfromprovider.rsand narrowed thematches!guard inclient_tests.rs.#[serde(skip)]toAwsSqsConfig::secret_access_key; field value must now be supplied at runtime (consistent withAzureAuthMethod::ClientSecretwhich is already skipped).Testing Evidence
aws_tests.rs,azure_tests.rs,client_tests.rs,memory_tests.rs, andrabbitmq_tests.rsto reflect renamed methods, corrected error variants (InvalidReceiptinstead ofMessageNotFound), and removal ofSessionSupport::Unsupportedfrom match arms.cargo test).cargo checkconfirmed clean compilation with no errors; pre-existing dead-code andassert!(true)warnings inaws_tests.rsare unrelated to this change.Reviewer Guidance
Message::with_ttlis renamed towith_time_to_live— any caller outside this crate using that method will need updating.SessionSupport::Unsupportedis removed — any externalmatchonSessionSupportwill need to drop that arm.SendOptionsandReceiveOptionsare no longer re-exported from the crate root (still accessible viaqueue_runtime::message::SendOptions).AwsSqsConfig::secret_access_keyserde skip: callers who were round-tripping aQueueConfigthrough serialization and relying on the key being preserved must now supply it separately. Verify this is acceptable for any config-management use cases.QueueError::InvalidReceiptvsMessageNotFound: review the provider-level call sites to confirm the semantic distinction is applied consistently —InvalidReceiptfor bad/expired handles,MessageNotFoundfor genuinely absent messages.AzureError,AwsError,AwsSqsProvider,AwsSessionProviderare now part of the stable public API surface; confirm the semver implications are acceptable before merging.