Design update: prevent message "DESIGN REPLACE FAILED, CANNOT ADD ROLE, MAXIMUM NUMBER OF ENTRIES HAS BEEN REACHED"

this is an old one, but by chance I just stumbled upon it:

performed a manual design refresh in Notes (V. 12.0.2 FP3) where the target database's ACL holds 45 Roles, while the template only has 14. At the end of the (otherwise successful) design refresh I received a rather disturbing error message "Design refresh failed, Cannot add role, maximum number of entries has been reached".
As this apparently cannot be true (45 + 14 = 59 < 75) I slowly remembered having seen this a while ago. Thus deleted all roles from the template, and now the update worked.

Some additional google-ing brought up reports that it apparently also helps to make sure that the template matches the roles of the target database.

This entry (https://help.hcltechsw.com/dom_designer/11.0.1/basic/H_ABOUT_REFRESHING_A_DESIGN.html#ariaid-title4) in the official documentation quotes that a Design Refresh does NOT update the ACL, while Roles ARE updated.

I don't have a clue what once was the background behind that design decision but at least the outcome described here needs to be addressed, as in

a) prevent roles to be updated during a design refresh (I'd prefer that) or

b) do a merge of the roles table between source and target databases