The idempotency map stores only principal|idempotencyKey to JobId. When the same principal submits the same idempotency key with a different agent, input, lease, or runtime limit, JobManager.SubmitAsync returns the existing job instead of raising DUPLICATE_KEY. The documentation also shows ArcpServerOptions.IdempotencyWindowSec, but that option does not exist and no TTL is applied to the _idempotency dictionary.
The relevant locations are src/Arcp.Runtime/JobManager.cs:28, src/Arcp.Runtime/JobManager.cs:73, src/Arcp.Runtime/JobManager.cs:107, docs/guides/jobs.md:99, and docs/guides/jobs.md:107.
Fix prompt: Store an idempotency record that includes the original request fingerprint and creation time instead of only the job id. Compare subsequent submissions with the same principal and idempotency key against the stored agent, input JSON, lease request, lease constraints, parent job id, and max runtime; return the existing job only when the fingerprint matches, otherwise throw DuplicateKeyException. Add an IdempotencyWindowSec option or remove the documented TTL claim, and add tests for identical retry, mismatched input, mismatched agent, and expiration behavior.
The idempotency map stores only
principal|idempotencyKeytoJobId. When the same principal submits the same idempotency key with a different agent, input, lease, or runtime limit,JobManager.SubmitAsyncreturns the existing job instead of raisingDUPLICATE_KEY. The documentation also showsArcpServerOptions.IdempotencyWindowSec, but that option does not exist and no TTL is applied to the_idempotencydictionary.The relevant locations are
src/Arcp.Runtime/JobManager.cs:28,src/Arcp.Runtime/JobManager.cs:73,src/Arcp.Runtime/JobManager.cs:107,docs/guides/jobs.md:99, anddocs/guides/jobs.md:107.Fix prompt: Store an idempotency record that includes the original request fingerprint and creation time instead of only the job id. Compare subsequent submissions with the same principal and idempotency key against the stored agent, input JSON, lease request, lease constraints, parent job id, and max runtime; return the existing job only when the fingerprint matches, otherwise throw
DuplicateKeyException. Add anIdempotencyWindowSecoption or remove the documented TTL claim, and add tests for identical retry, mismatched input, mismatched agent, and expiration behavior.