Fix circuit breaker probe lockup, cache key collision, evaluators leak, and HOCON list corruption (#107)

Author: EtaCassiopeia

core/src/main/scala/zio/openfeature/FeatureFlagRegistry.scala

@@ -74,10 +74,7 @@ final private class FeatureFlagRegistryLive(
           case Some(client) =>
             client
               .setProvider(provider)
-              .tapBoth(
-                _ => ZIO.unit,
-                _ => providers.update(_ + (domain -> provider))
-              )
+              .tap(_ => providers.update(_ + (domain -> provider)))
           case None =>
             providers.update(_ + (domain -> provider))
         }

core/src/main/scala/zio/openfeature/FeatureFlagsLive.scala

@@ -36,11 +36,26 @@ final private[openfeature] class FeatureFlagsLive(
     // Read provider name dynamically so events after a provider swap use the new name
     def currentMetadata(runtime: Runtime[Any]): ProviderMetadata = {
       val name = Unsafe.unsafe { implicit u =>
-        runtime.unsafe.run(providerNameRef.get).getOrThrowFiberFailure()
+        runtime.unsafe
+          .run(
+            providerNameRef.get.catchAllCause(c =>
+              ZIO.logErrorCause("event bridge: providerNameRef.get", c).as("unknown")
+            )
+          )
+          .getOrElse(_ => "unknown")
       }
       ProviderMetadata(name)
     }
 
+    // Run an event-publish effect from a Java SDK thread. Failures are logged via the ZIO logger
+    // rather than thrown, so the Java SDK's event dispatch thread is never killed by a defect.
+    def runHandler(runtime: Runtime[Any], label: String)(effect: UIO[Unit]): Unit =
+      Unsafe.unsafe { implicit u =>
+        runtime.unsafe
+          .run(effect.catchAllCause(c => ZIO.logErrorCause(s"event bridge: $label", c)))
+          .getOrElse(_ => ())
+      }
+
     ZIO.runtime[Any].flatMap { runtime =>
       def extractEventMetadata(details: EventDetails): FlagMetadata =
         try {
@@ -49,57 +64,47 @@ final private[openfeature] class FeatureFlagsLive(
           else convertImmutableMetadata(javaMeta)
         } catch { case _: Exception => FlagMetadata.empty }
 
-      val readyHandler: java.util.function.Consumer[EventDetails] = details =>
-        Unsafe.unsafe { implicit u =>
-          val em = extractEventMetadata(details)
-          runtime.unsafe
-            .run(
-              state.statusRef.set(ProviderStatus.Ready) *>
-                state.eventHub.publish(ProviderEvent.Ready(currentMetadata(runtime), em))
-            )
-            .getOrThrowFiberFailure()
-          onReady.foreach(_.countDown())
-        }
+      val readyHandler: java.util.function.Consumer[EventDetails] = details => {
+        val em = extractEventMetadata(details)
+        runHandler(runtime, "PROVIDER_READY")(
+          state.statusRef.set(ProviderStatus.Ready) *>
+            state.eventHub.publish(ProviderEvent.Ready(currentMetadata(runtime), em)).unit
+        )
+        onReady.foreach(_.countDown())
+      }
 
-      val errorHandler: java.util.function.Consumer[EventDetails] = details =>
-        Unsafe.unsafe { implicit u =>
-          val error     = new RuntimeException(Option(details.getMessage).getOrElse("Provider error"))
-          val errorCode = Option(details.getErrorCode).map(ErrorCodeConverter.fromJava)
-          val em        = extractEventMetadata(details)
-          runtime.unsafe
-            .run(
-              state.statusRef.set(ProviderStatus.Error) *>
-                state.eventHub.publish(
-                  ProviderEvent.Error(error, currentMetadata(runtime), errorCode, Option(details.getMessage), em)
-                )
-            )
-            .getOrThrowFiberFailure()
-        }
+      val errorHandler: java.util.function.Consumer[EventDetails] = details => {
+        val error     = new RuntimeException(Option(details.getMessage).getOrElse("Provider error"))
+        val errorCode = Option(details.getErrorCode).map(ErrorCodeConverter.fromJava)
+        val em        = extractEventMetadata(details)
+        runHandler(runtime, "PROVIDER_ERROR")(
+          state.statusRef.set(ProviderStatus.Error) *>
+            state.eventHub
+              .publish(ProviderEvent.Error(error, currentMetadata(runtime), errorCode, Option(details.getMessage), em))
+              .unit
+        )
+      }
 
-      val staleHandler: java.util.function.Consumer[EventDetails] = details =>
-        Unsafe.unsafe { implicit u =>
-          val reason = Option(details.getMessage).getOrElse("Provider stale")
-          val em     = extractEventMetadata(details)
-          runtime.unsafe
-            .run(
-              state.statusRef.set(ProviderStatus.Stale) *>
-                state.eventHub.publish(ProviderEvent.Stale(reason, currentMetadata(runtime), em))
-            )
-            .getOrThrowFiberFailure()
-        }
+      val staleHandler: java.util.function.Consumer[EventDetails] = details => {
+        val reason = Option(details.getMessage).getOrElse("Provider stale")
+        val em     = extractEventMetadata(details)
+        runHandler(runtime, "PROVIDER_STALE")(
+          state.statusRef.set(ProviderStatus.Stale) *>
+            state.eventHub.publish(ProviderEvent.Stale(reason, currentMetadata(runtime), em)).unit
+        )
+      }
 
-      val configHandler: java.util.function.Consumer[EventDetails] = details =>
-        Unsafe.unsafe { implicit u =>
-          val flags = Option(details.getFlagsChanged)
-            .map(_.asScala.toSet)
-            .getOrElse(Set.empty[String])
-          val em = extractEventMetadata(details)
-          runtime.unsafe
-            .run(
-              state.eventHub.publish(ProviderEvent.ConfigurationChanged(flags, currentMetadata(runtime), em))
-            )
-            .getOrThrowFiberFailure()
-        }
+      val configHandler: java.util.function.Consumer[EventDetails] = details => {
+        val flags = Option(details.getFlagsChanged)
+          .map(_.asScala.toSet)
+          .getOrElse(Set.empty[String])
+        val em = extractEventMetadata(details)
+        runHandler(runtime, "PROVIDER_CONFIGURATION_CHANGED")(
+          state.eventHub
+            .publish(ProviderEvent.ConfigurationChanged(flags, currentMetadata(runtime), em))
+            .unit
+        )
+      }
 
       for {
         _ <- ZIO.succeed {
@@ -790,8 +795,12 @@ final private[openfeature] class FeatureFlagsLive(
         ZIO.attempt {
           val jCtx   = toJavaHookContext(ctx)
           val jHints = hints.values.map { case (k, v) => k -> v.asInstanceOf[Object] }.asJava
-          val ex     = err.cause.getOrElse(new RuntimeException(err.message))
-          hook.error(jCtx, ex.asInstanceOf[Exception], jHints)
+          val ex: Exception = err.cause match {
+            case Some(e: Exception) => e
+            case Some(t)            => new RuntimeException(t.getMessage, t)
+            case None               => new RuntimeException(err.message)
+          }
+          hook.error(jCtx, ex, jHints)
         }.ignore
 
       override def finallyAfter(

core/src/main/scala/zio/openfeature/Hook.scala

@@ -279,39 +279,41 @@ object FeatureHook {
         }
       } yield None
 
-    private def elapsed(ctx: HookContext): Duration = {
-      val end   = java.lang.System.nanoTime()
-      val start = ctx.hookData.get(startTimeKey).getOrElse(end)
-      Duration.fromNanos(end - start)
-    }
+    private def elapsed(ctx: HookContext): UIO[Duration] =
+      Clock.nanoTime.map { end =>
+        val start = ctx.hookData.get(startTimeKey).getOrElse(end)
+        Duration.fromNanos(end - start)
+      }
 
     override def after[A](ctx: HookContext, details: FlagResolution[A], hints: HookHints): UIO[Unit] =
       afterLevel match {
         case Some(level) =>
-          val duration = elapsed(ctx)
-          val annotations = baseAnnotations(ctx) ++ contextAnnotations(ctx) ++ Set(
-            zio.LogAnnotation("flag.value", String.valueOf(details.value)),
-            zio.LogAnnotation("flag.reason", details.reason.toString),
-            zio.LogAnnotation("flag.duration_ms", duration.toMillis.toString)
-          ) ++ details.variant.map(v => zio.LogAnnotation("flag.variant", v)).toSet
-          annotate(annotations)(
-            logAtLevel(level, s"Flag '${ctx.flagKey}' = ${details.value} (${details.reason}, ${duration.toMillis}ms)")
-          )
+          elapsed(ctx).flatMap { duration =>
+            val annotations = baseAnnotations(ctx) ++ contextAnnotations(ctx) ++ Set(
+              zio.LogAnnotation("flag.value", String.valueOf(details.value)),
+              zio.LogAnnotation("flag.reason", details.reason.toString),
+              zio.LogAnnotation("flag.duration_ms", duration.toMillis.toString)
+            ) ++ details.variant.map(v => zio.LogAnnotation("flag.variant", v)).toSet
+            annotate(annotations)(
+              logAtLevel(level, s"Flag '${ctx.flagKey}' = ${details.value} (${details.reason}, ${duration.toMillis}ms)")
+            )
+          }
         case None => ZIO.unit
       }
 
     override def error(ctx: HookContext, err: FeatureFlagError, hints: HookHints): UIO[Unit] =
       errorLevel match {
         case Some(level) =>
-          val duration = elapsed(ctx)
-          val annotations = baseAnnotations(ctx) ++ contextAnnotations(ctx) ++ Set(
-            zio.LogAnnotation("flag.error", err.message),
-            zio.LogAnnotation("flag.error.type", err.getClass.getSimpleName),
-            zio.LogAnnotation("flag.duration_ms", duration.toMillis.toString)
-          )
-          annotate(annotations)(
-            logAtLevel(level, s"Flag '${ctx.flagKey}' evaluation failed: ${err.message}")
-          )
+          elapsed(ctx).flatMap { duration =>
+            val annotations = baseAnnotations(ctx) ++ contextAnnotations(ctx) ++ Set(
+              zio.LogAnnotation("flag.error", err.message),
+              zio.LogAnnotation("flag.error.type", err.getClass.getSimpleName),
+              zio.LogAnnotation("flag.duration_ms", duration.toMillis.toString)
+            )
+            annotate(annotations)(
+              logAtLevel(level, s"Flag '${ctx.flagKey}' evaluation failed: ${err.message}")
+            )
+          }
         case None => ZIO.unit
       }
   }
@@ -366,19 +368,19 @@ object FeatureHook {
         _ = ctx.hookData.set(startTimeKey, now)
       } yield None
 
-    override def after[A](ctx: HookContext, details: FlagResolution[A], hints: HookHints): UIO[Unit] = {
-      val end      = java.lang.System.nanoTime()
-      val start    = ctx.hookData.get(startTimeKey).getOrElse(end)
-      val duration = Duration.fromNanos(end - start)
-      onSuccess(ctx, details, duration)
-    }
+    override def after[A](ctx: HookContext, details: FlagResolution[A], hints: HookHints): UIO[Unit] =
+      Clock.nanoTime.flatMap { end =>
+        val start    = ctx.hookData.get(startTimeKey).getOrElse(end)
+        val duration = Duration.fromNanos(end - start)
+        onSuccess(ctx, details, duration)
+      }
 
-    override def error(ctx: HookContext, err: FeatureFlagError, hints: HookHints): UIO[Unit] = {
-      val end      = java.lang.System.nanoTime()
-      val start    = ctx.hookData.get(startTimeKey).getOrElse(end)
-      val duration = Duration.fromNanos(end - start)
-      onError(ctx, err, duration)
-    }
+    override def error(ctx: HookContext, err: FeatureFlagError, hints: HookHints): UIO[Unit] =
+      Clock.nanoTime.flatMap { end =>
+        val start    = ctx.hookData.get(startTimeKey).getOrElse(end)
+        val duration = Duration.fromNanos(end - start)
+        onError(ctx, err, duration)
+      }
   }
 
   def contextValidator(

core/src/main/scala/zio/openfeature/internal/ContextConverter.scala

@@ -76,8 +76,13 @@ private[openfeature] object ContextConverter {
     else if (value.isString) AttributeValue.StringValue(value.asString())
     else if (value.isNumber) {
       val num = value.asDouble()
-      if (num == num.toLong.toDouble) AttributeValue.IntValue(num.toInt)
-      else AttributeValue.DoubleValue(num)
+      // Long.MaxValue.toDouble rounds up to 2^63 (strictly greater than Long.MaxValue), so .toLong on
+      // out-of-range doubles silently saturates. Strict `<` on the upper bound rejects the saturation point.
+      if (num == num.toLong.toDouble && num >= Long.MinValue.toDouble && num < Long.MaxValue.toDouble) {
+        val asLong = num.toLong
+        if (asLong >= Int.MinValue && asLong <= Int.MaxValue) AttributeValue.IntValue(asLong.toInt)
+        else AttributeValue.LongValue(asLong)
+      } else AttributeValue.DoubleValue(num)
     } else if (value.isList) {
       val list = value.asList().asScala.map(valueToAttribute).toList
       AttributeValue.ListValue(list)

core/src/main/scala/zio/openfeature/internal/FeatureFlagsState.scala

@@ -22,9 +22,10 @@ object FeatureFlagsState {
       fiberCtxRef    <- FiberRef.make(EvaluationContext.empty)
       transactionRef <- FiberRef.make[Option[TransactionState]](None)
       hooksRef       <- Ref.make(List.empty[FeatureHook])
-      eventHub       <- Hub.unbounded[ProviderEvent]
-      statusRef      <- Ref.make[ProviderStatus](ProviderStatus.NotReady)
-      trackRec       <- Ref.make(List.empty[(String, EvaluationContext, Option[TrackingEventDetails])])
+      // Bounded; subscribers reconcile via current state on next evaluation, so dropping intermediate events is safe.
+      eventHub  <- Hub.dropping[ProviderEvent](256)
+      statusRef <- Ref.make[ProviderStatus](ProviderStatus.NotReady)
+      trackRec  <- Ref.make(List.empty[(String, EvaluationContext, Option[TrackingEventDetails])])
     } yield FeatureFlagsState(
       globalCtxRef,
       clientCtxRef,

core/src/test/scala/zio/openfeature/HookSpec.scala

@@ -352,18 +352,14 @@ object HookSpec extends ZIOSpecDefault {
           result <- hook.before(makeHookContext(), HookHints.empty)
         } yield assertTrue(result.isEmpty)
       },
-      test("logging hook after logs info") {
+      test("logging hook after completes without error") {
         val hook       = FeatureHook.logging(logBefore = false, logAfter = true, logError = false)
         val resolution = FlagResolution.default("test", true)
-        for {
-          _ <- hook.after(makeHookContext(), resolution, HookHints.empty)
-        } yield assertTrue(true)
+        hook.after(makeHookContext(), resolution, HookHints.empty).as(assertCompletes)
       },
-      test("logging hook error logs error") {
+      test("logging hook error completes without error") {
         val hook = FeatureHook.logging(logBefore = false, logAfter = false, logError = true)
-        for {
-          _ <- hook.error(makeHookContext(), FeatureFlagError.FlagNotFound("test"), HookHints.empty)
-        } yield assertTrue(true)
+        hook.error(makeHookContext(), FeatureFlagError.FlagNotFound("test"), HookHints.empty).as(assertCompletes)
       },
       test("logging hook all disabled") {
         val hook       = FeatureHook.logging(logBefore = false, logAfter = false, logError = false)
@@ -386,22 +382,22 @@ object HookSpec extends ZIOSpecDefault {
         assertTrue(result.isEmpty) &&
           assertTrue(hookCtx.hookData.get(TypedKey[Long]("structuredLogging.startTime")).isDefined)
       },
-      test("after completes successfully") {
+      test("after completes and reads start time from hookData") {
         val hook       = FeatureHook.structuredLogging()
         val hookCtx    = makeHookContext()
         val resolution = FlagResolution.default("test", true)
         for {
           _ <- hook.before(hookCtx, HookHints.empty)
           _ <- hook.after(hookCtx, resolution, HookHints.empty)
-        } yield assertTrue(true)
+        } yield assertTrue(hookCtx.hookData.get(TypedKey[Long]("structuredLogging.startTime")).isDefined)
       },
-      test("error completes successfully") {
+      test("error completes and reads start time from hookData") {
         val hook    = FeatureHook.structuredLogging()
         val hookCtx = makeHookContext()
         for {
           _ <- hook.before(hookCtx, HookHints.empty)
           _ <- hook.error(hookCtx, FeatureFlagError.FlagNotFound("test"), HookHints.empty)
-        } yield assertTrue(true)
+        } yield assertTrue(hookCtx.hookData.get(TypedKey[Long]("structuredLogging.startTime")).isDefined)
       },
       test("disabled levels skip logging but still track start time") {
         val hook       = FeatureHook.structuredLogging(beforeLevel = None, afterLevel = None, errorLevel = None)
@@ -426,7 +422,7 @@ object HookSpec extends ZIOSpecDefault {
         for {
           _ <- hook.before(hookCtx, HookHints.empty)
           _ <- hook.after(hookCtx, resolution, HookHints.empty)
-        } yield assertTrue(true)
+        } yield assertTrue(hookCtx.hookData.get(TypedKey[Long]("structuredLogging.startTime")).isDefined)
       },
       test("redactKeys hides sensitive values while preserving others") {
         val hook =