SpiceDB checks involving relations with caveats can result in no permission when permission is expected in github.com/authzed/spicedb
{ "review_status": "UNREVIEWED", "url": "https://pkg.go.dev/vuln/GO-2025-3744" }