App Limitations
Last Updated: 10 March 2026 (v4.1) · Verified against source code
We believe in transparency. This page documents every known limitation, platform constraint, and compliance boundary. Each limit has been verified against the actual source code.
Platform Limits (Atlassian Forge)
| Limit | Value | Notes |
|---|
| Function timeout | 25 seconds | Forge platform-enforced. We use batching to stay within this. |
| Runtime memory | 256 MB | Per function invocation. |
| Entity size | 10 KB per record | Forge KVS limit. Normal terms are well under this. |
| Query page size | 100 results | All queries use cursor pagination — no data silently dropped. |
| Confluence access | Read-only | The app never creates, modifies, or deletes your Confluence pages. |
Scanning
The scanner uses a map-reduce architecture to handle spaces of any size. Estimated scan times:
| Space Size | Estimated Time | Notes |
|---|
| Under 200 pages | < 10 seconds | Single batch, near-instant. |
| 200 – 1,000 pages | 30 – 60 seconds | Multiple chunks with progress bar. |
| 1,000 – 5,000 pages | 2 – 5 minutes | Typical enterprise space. Fully supported. |
| 5,000+ pages | 5 – 15 minutes | Large enterprise. Progress bar shows real-time status. |
| Limit | Value | Impact |
|---|
| Pages per space scan | Unlimited | Map-reduce architecture with paginated indexing. No artificial cap. Progress bar shows real-time status. |
| Term matching | Exact word-boundary | Matches whole words only. "AE" will not match "AEs", "adverse" will not match "adversely". |
| Auto-scan triggers | Create & update only | Page deletions, moves, and renames do not trigger a scan. |
| Scan history | Append-only snapshots | Each scan writes a snapshot alongside the latest result. Full scan history per page and per space. Fixed v4.1 |
| Index batch size | 5,000 pages per call | Paginated indexing at 250 pages per API call. Frontend loops until complete. |
| Scan batch size | 25 parallel | Pages fetched concurrently per chunk to stay within 25s timeout. |
| Context snippet | 80 characters | 40 characters before and after each match. |
Import & Export
| Limit | Value | Workaround |
|---|
| CSV import batch | 50 terms | Split larger files into multiple uploads. |
| Import status | All start as Draft | Imported terms must go through the approval workflow. |
| Export format | CSV only | PDF and XML export not available. CSV covers all data. |
| Export generation | Browser-side | Large glossaries (1000+ terms) may take several seconds to compile. |
Workflow
- No skip-state transitions: Terms must follow Draft → Review → Approved. You cannot go directly from Draft to Approved.
- Approved terms cannot be deleted: Must be deprecated first.
- Single space per term: Each term belongs to one space or "ALL". Multi-space assignment is not supported.
- Stale threshold: Fixed at 6 months. Not configurable per category.
- No undo/revert: Full version history is visible but there is no "revert to version N" action.
- Duplicate check on create only: Renaming an existing term does not check for name collisions.
Compliance Scope — What We Do and Don't Cover
This is a terminology management and compliance scanning tool. It is not a full QMS, e-signature platform, or regulatory submission system.
| Capability | Status | Details |
|---|
| Append-only audit trail | Yes | Every action recorded with user ID, timestamp, and change reason. |
| Four-eyes approval | Yes | Checks creator, submitter, and last editor. Another user must approve. |
| Mandatory change justification | Yes | Required on edits, status changes, and bulk operations. Not required on initial term creation. |
| E-signatures | No | Uses Atlassian account IDs, not cryptographic signatures (Part 11 Subpart C). |
| Role-based access (in-app) | Yes | Opt-in RBAC: designate term managers who can create, edit, approve, and delete. Others get read-only. Added v4.1 |
| Finding resolution workflow | Yes | Findings can be acknowledged, justified (with reason), or closed. Full resolution audit trail per page-term pair. Added v4.1 |
| Global activity log | Yes | Chronological view of all actions across all terms. Per-term history also available. |
| Compliance score | Basic | Single dimension (% approved). Does not factor review freshness or metadata completeness. |
| Webhooks / notifications | No | No external integrations. No email or Slack alerts on status changes. |
| Multi-language UI | No | English only. Term content can be any language. |
What We Honestly Claim
| Our Claim | Honest? | Caveat |
|---|
| "Append-only audit trail" | Yes | Deletions write a final audit entry before removal. |
| "Four-eyes approval" | Yes | Checks 3 fields: createdBy, submittedBy, updatedBy. |
| "No data leaves Atlassian" | Yes | Zero external calls. Verified in code and manifest. |
| "Mandatory change justification" | Yes | Enforced on edits, status changes, and bulk operations. Only gap: initial term creation. |
| "ALCOA+ aligned" | Yes | All ALCOA+ principles met including "Complete" (bulk ops now include change reasons). |
| "Compliance scanner" | Yes | Exact match only. Unlimited pages (map-reduce). No fuzzy matching. |
| "Finding resolution" | Yes | Acknowledge, justify, or close findings. Full resolution audit trail per page-term pair. |
| "Role-based access" | Yes | Opt-in term managers. Backend-enforced on all write resolvers. |
| "Scan history" | Yes | Append-only snapshots. Proves compliance state at any point in time. |
| "Display names" | Yes | Real names from Confluence API with graceful fallback to truncated account ID. |
Questions about limitations? Contact compliance-glossary@teamkit.dev.