GAP-003 — Add representative EXO and Teams probe commands¶
Status¶
Current status: Open.
Problem¶
The runtime ALC ownership probe can capture module behavior after bare Import-Module, but ExchangeOnlineManagement and MicrosoftTeams may not eagerly load the identity assemblies that matter until representative commands run.
Why this matters¶
DLLPickle’s preload/block classification depends on observed runtime ownership, not static package inventory alone. If EXO or Teams loads identity assemblies only after command execution, bare import probes can under-model default-ALC consumers and create false confidence.
Current evidence¶
docs/Architecture.mdsays static narrows but runtime decides.docs/Architecture.mdrecords that EXO/Teams ALC ownership is not yet captured because bareImport-Moduledoes not eagerly load their identity assemblies.
Desired end state¶
The runtime probe system supports representative -ProbeCommand execution for EXO and Teams, and the policy or tooling documents which probe commands establish ALC ownership for those modules.
Acceptance criteria¶
- [ ] Define safe, representative probe commands for ExchangeOnlineManagement and MicrosoftTeams.
- [ ] Update the relevant runtime probe tooling to support module-specific probe commands if it does not already.
- [ ] Record the selected probe commands in
build/dependency-policy.jsonor another authoritative policy/configuration file. - [ ] Add tests for probe-command configuration parsing and invocation behavior without requiring live authentication.
- [ ] Document which probes are CI-capable and which require maintainer-run/auth-tier validation.
- [ ] Update
docs/Architecture.md§7, §9, or §10 as needed. - [ ] Update
docs/gaps/README.mdand this file when resolved or superseded.
Implementation notes for Codex¶
- Do not invent authenticated commands that require production tenant access.
- Prefer no-op or discovery commands that are safe, read-only, and can be skipped or documented when authentication is unavailable.
- Keep CI-capable probes separate from maintainer-run auth-tier probes.
- Add structural tests for the tooling even if live EXO/Teams execution remains maintainer-run only.
- Do not mark this gap
resolvedunless the probe-command contract is documented and tested.
Resolution notes¶
Pending.