ruact 0.0.2 → 0.0.4

data/spec/ruact/server_spec.rb

@@ -0,0 +1,180 @@
+# frozen_string_literal: true
+
+# Story 9.1 — unit surface of the `Ruact::Server` concern (route-driven
+# redesign, Phase A). Pins:
+#
+#   - AC1 "and nothing else": including the concern installs EXACTLY two
+#     `rescue_from` handlers + one prepended before_action, adds no public
+#     instance methods, and registers nothing in the v1 registries (codegen
+#     exposure is Story 9.3's job — the concern is a pure marker + salvage
+#     host until then).
+#   - AC2 / D3: the `__ruact_function_call?` predicate matrix — the single
+#     named discrimination point Story 9.2 reuses. Keyed on the raw `Accept`
+#     header containing `application/json` (what the 8.1 runtime sends on
+#     every `_makeRef` fetch); deliberately NOT `request.format`, which is
+#     influenced by path extensions and `params[:format]`.
+#
+# Request-cycle behavior (error chain, upload guard) is pinned by
+# `server_rescue_request_spec.rb` / `server_upload_request_spec.rb`.
+
+require "action_controller/railtie"
+
+require "spec_helper"
+require "open3"
+
+require "ruact/server"
+
+module ServerConcernUnitSupport
+  # Baseline for "nothing else" comparisons.
+  class PlainController < ActionController::Base
+  end
+
+  class ConcernController < ActionController::Base
+    include Ruact::Server
+  end
+end
+
+RSpec.describe Ruact::Server, :story_9_1 do
+  describe "Story 9.1 — installation surface (AC1: the salvaged chains and nothing else)" do
+    it "installs exactly the two salvaged rescue_from handlers, in the v1 registration order" do
+      # Pitfall #1 parity: StandardError first, explicit
+      # InvalidAuthenticityToken second — the later registration wins the
+      # most-recently-registered walk, preempting Rails' default
+      # handle_unverified_request for CSRF failures.
+      expect(ServerConcernUnitSupport::PlainController.rescue_handlers).to eq([])
+      expect(ServerConcernUnitSupport::ConcernController.rescue_handlers.map(&:first)).to eq(
+        ["StandardError", "ActionController::InvalidAuthenticityToken"]
+      )
+    end
+
+    it "prepends the upload guard as the FIRST before_action (Pitfall #4 ordering)" do
+      before_filters = ServerConcernUnitSupport::ConcernController
+                       ._process_action_callbacks
+                       .select { |callback| callback.kind == :before }
+                       .map(&:filter)
+      expect(before_filters.first).to eq(:__ruact_enforce_upload_limit!)
+    end
+
+    it "adds NO public instance methods to the host (predicate + handlers are private)" do
+      added = ServerConcernUnitSupport::ConcernController.public_instance_methods -
+              ServerConcernUnitSupport::PlainController.public_instance_methods
+      expect(added).to eq([])
+    end
+
+    it "registers nothing in the v1 registries (codegen exposure is Story 9.3, not 9.1)" do
+      expect(Ruact.action_registry.entries).to be_empty
+      expect(Ruact.query_registry.entries).to be_empty
+    end
+
+    it "keeps INHERITED host rescue_from handlers more recent than its own (review patch)",
+       :aggregate_failures do
+      # Rails resolves handlers by walking `rescue_handlers` from the most
+      # recently registered entry backwards. The concern therefore places its
+      # entries at the FRONT of the array, so every host handler — inherited
+      # from a parent class or declared after the include — stays more recent
+      # and keeps precedence.
+      parent = Class.new(ActionController::Base) do
+        rescue_from ArgumentError, with: :host_handler
+      end
+      child = Class.new(parent) { include Ruact::Server }
+      expect(child.rescue_handlers.map(&:first)).to eq(
+        ["StandardError", "ActionController::InvalidAuthenticityToken", "ArgumentError"]
+      )
+      # The parent's own registry is untouched (class_attribute write lands
+      # on the child only).
+      expect(parent.rescue_handlers.map(&:first)).to eq(["ArgumentError"])
+    end
+  end
+
+  describe "Story 9.1 — standalone load path (review patch)" do
+    it "a direct require \"ruact/server\" resolves Ruact.config and the error constants" do
+      lib = File.expand_path("../../lib", __dir__)
+      script = <<~RUBY
+        require "ruact/server"
+        exit 1 unless defined?(Ruact::Server)
+        exit 2 unless defined?(Ruact::UploadTooLargeError)
+        exit 3 unless Ruact.config.respond_to?(:max_upload_bytes)
+        exit 4 unless defined?(Ruact::ServerFunctions::ErrorRendering)
+      RUBY
+      _stdout, stderr, status = Open3.capture3(RbConfig.ruby, "-I", lib, "-e", script)
+      expect(status).to be_success, "standalone require failed (exit #{status.exitstatus}): #{stderr}"
+    end
+  end
+
+  # Simplified Story 9.1 contract — the runtime sends the exact
+  # `Accept: application/json` shape, and that exact header is the only
+  # JSON-Accept signal this concern recognizes.
+  describe "Story 9.1 — __ruact_json_accept? exact-header matrix" do
+    let(:controller) { ServerConcernUnitSupport::ConcernController.new }
+
+    def stub_accept_header(value)
+      request = instance_double(ActionDispatch::Request)
+      allow(request).to receive(:headers).and_return({ "Accept" => value })
+      allow(controller).to receive(:request).and_return(request)
+    end
+
+    it "is true for the runtime's exact shape (Accept: application/json)" do
+      stub_accept_header("application/json")
+      expect(controller.send(:__ruact_json_accept?)).to be(true)
+    end
+
+    it "is false for a composite Accept header" do
+      stub_accept_header("application/json, text/plain, */*")
+      expect(controller.send(:__ruact_json_accept?)).to be(false)
+    end
+
+    it "is false for browser navigation Accept headers" do
+      stub_accept_header("text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8")
+      expect(controller.send(:__ruact_json_accept?)).to be(false)
+    end
+
+    it "is false for Flight requests (Accept: text/x-component)" do
+      stub_accept_header("text/x-component")
+      expect(controller.send(:__ruact_json_accept?)).to be(false)
+    end
+
+    it "is false when the Accept header is absent (strict boolean, not nil)" do
+      stub_accept_header(nil)
+      expect(controller.send(:__ruact_json_accept?)).to be(false)
+    end
+  end
+
+  # Review patch (2026-06-08) — `__ruact_function_call?` is now the SEMANTIC
+  # predicate Story 9.2 reuses: a JSON-Accept request that is ALSO non-GET/HEAD
+  # (function calls are non-GET by the verb rule, epic contract decision #1).
+  # The verb gate moved off the error-renderer and into the predicate itself,
+  # so 9.2 inherits the correct contract from one place.
+  describe "Story 9.1 — __ruact_function_call? semantic predicate (verb-gated, review patch)" do
+    let(:controller) { ServerConcernUnitSupport::ConcernController.new }
+
+    def stub_request(accept:, verb: "POST")
+      request = instance_double(
+        ActionDispatch::Request,
+        headers: { "Accept" => accept },
+        get?: verb == "GET",
+        head?: verb == "HEAD"
+      )
+      allow(controller).to receive(:request).and_return(request)
+    end
+
+    it "is true for a non-GET JSON request (THE Story 9.2 discrimination point)" do
+      stub_request(accept: "application/json", verb: "POST")
+      expect(controller.send(:__ruact_function_call?)).to be(true)
+    end
+
+    it "is false for a GET carrying Accept: application/json (verb rule — not a function call)" do
+      stub_request(accept: "application/json", verb: "GET")
+      expect(controller.send(:__ruact_function_call?)).to be(false)
+    end
+
+    it "is false for a HEAD carrying Accept: application/json" do
+      stub_request(accept: "application/json", verb: "HEAD")
+      expect(controller.send(:__ruact_function_call?)).to be(false)
+    end
+
+    it "is false for a non-GET request without a JSON Accept (Bucket-1 form submit)" do
+      stub_request(accept: "text/html", verb: "POST")
+      expect(controller.send(:__ruact_function_call?)).to be(false)
+    end
+  end
+end

data/spec/ruact/server_upload_request_spec.rb

@@ -0,0 +1,311 @@
+# frozen_string_literal: true
+
+# Story 9.1 — request-cycle + unit spec for the Story 8.5 upload guard
+# RE-ANCHORED on the `Ruact::Server` concern (its final, v2 home). Replaces
+# `server_functions/endpoint_controller_upload_spec.rb` (removed in the same
+# commit — AC5). Pins, against REAL host-controller routes:
+#
+#   - oversized multipart → 413 + structured `upload_limit` payload through
+#     the concern's salvaged chain (inventory A7, A14, B7, B9, B11)
+#   - guard fires BEFORE CSRF verification on correctly ordered hosts —
+#     413, not 403 (B6 / Pitfall #4)
+#   - the three carve-outs: nil limit (B2), content-type allowlist (B3),
+#     absent Content-Length (B4); off-by-one equal-passes (B5)
+#   - D1: the 413 renders structured for native form submits too (no
+#     function-call Accept header) — the documented UploadTooLargeError
+#     exception to the re-raise rule
+#   - D2: GET/HEAD requests skip the guard entirely (C5)
+#   - small uploads reach the action as ActionDispatch::Http::UploadedFile
+#     with metadata + mixed non-file fields intact (transplant sanity)
+#
+# Mounts on the shared Story-7.9 Rails app; deliberately independent of the
+# v1 `server_functions/dispatch_request_spec.rb` (demolished in Story 9.9).
+
+require "action_controller/railtie"
+require "action_view/railtie"
+
+require "spec_helper"
+require "rack/test"
+require "tempfile"
+
+require "ruact/server"
+
+require_relative "controller_request_spec" unless defined?(ControllerRequestSpecSupport)
+
+SERVER_UPLOAD_SPEC_PNG_PATH =
+  File.expand_path("../support/fixtures/pixel.png", __dir__).freeze
+SERVER_UPLOAD_SPEC_PNG_BYTES = File.binread(SERVER_UPLOAD_SPEC_PNG_PATH).freeze
+
+module ServerUploadSpecSupport
+  class UploadsServerController < ActionController::Base
+    include Ruact::Server
+
+    def create_upload
+      uploaded = params[:cover]
+      render json: {
+        "title" => params[:title].to_s,
+        "uploaded_class" => uploaded.class.name,
+        "original_filename" => uploaded.respond_to?(:original_filename) ? uploaded.original_filename : nil,
+        "byte_size" => uploaded.respond_to?(:read) ? uploaded.read.bytesize : nil
+      }
+    end
+  end
+
+  # CSRF-enforcing host for the Pitfall #4 ordering proof (B6) — forgery is
+  # flipped on per-example via the class-level `allow_forgery_protection`.
+  class ForgeryUploadsServerController < ActionController::Base
+    include Ruact::Server
+
+    protect_from_forgery with: :exception
+
+    def create_protected_upload
+      render json: { "ok" => true }
+    end
+  end
+end
+
+if defined?(ControllerRequestSpecSupport) &&
+   !ControllerRequestSpecSupport.instance_variable_get(:@__ruact_server_upload_routes_appended)
+  ControllerRequestSpecSupport.instance_variable_set(:@__ruact_server_upload_routes_appended, true)
+  ControllerRequestSpecSupport.app_class.routes.append do
+    post "/server_upload",           to: "server_upload_spec_support/uploads_server#create_upload"
+    post "/server_upload/protected", to: "server_upload_spec_support/forgery_uploads_server#create_protected_upload"
+  end
+end
+
+RSpec.describe "Story 9.1: Ruact::Server concern — salvaged upload guard", :story_9_1 do
+  include Rack::Test::Methods
+
+  let(:app_class) { ControllerRequestSpecSupport.app_class }
+  let(:app)       { app_class.instance }
+
+  let(:function_call_accept) { { "HTTP_ACCEPT" => "application/json" } }
+
+  before do
+    Rails.logger = Logger.new(IO::NULL)
+    ControllerRequestSpecSupport.boot!
+  end
+
+  def with_oversized_tempfile
+    large = Tempfile.new(["big", ".bin"])
+    large.binmode
+    large.write("x" * 4096) # 4 KB > the 1 KB caps below
+    large.rewind
+    yield large
+  ensure
+    large.close
+    large.unlink
+  end
+
+  def cap_max_upload_bytes(value)
+    # spec_helper's global before-hook resets @config; re-prime AFTER it so
+    # the tight cap sticks for the example body (same dance as the v1 spec).
+    Ruact.instance_variable_set(:@config, nil)
+    Ruact.instance_variable_set(:@configured_at_least_once, false)
+    Ruact.configure { |c| c.max_upload_bytes = value }
+  end
+
+  describe "transplant sanity — small multipart upload reaches the action" do
+    it "params[:cover] arrives as ActionDispatch::Http::UploadedFile with metadata; mixed fields intact" do
+      post "/server_upload",
+           {
+             "title" => "My Post",
+             "cover" => Rack::Test::UploadedFile.new(SERVER_UPLOAD_SPEC_PNG_PATH, "image/png")
+           },
+           function_call_accept
+      expect(last_response.status).to eq(200)
+      body = JSON.parse(last_response.body)
+      expect(body.fetch("uploaded_class")).to eq("ActionDispatch::Http::UploadedFile")
+      expect(body.fetch("original_filename")).to eq("pixel.png")
+      expect(body.fetch("byte_size")).to eq(SERVER_UPLOAD_SPEC_PNG_BYTES.bytesize)
+      expect(body.fetch("title")).to eq("My Post")
+    end
+  end
+
+  describe "oversized multipart → 413 + structured upload_limit payload (A7/A14/B7/B9/B11)" do
+    before { cap_max_upload_bytes(1024) }
+
+    it "function-call request: 413 with discriminator, real action_name, and the dev-only upload_limit block" do
+      with_oversized_tempfile do |large|
+        post "/server_upload",
+             {
+               "title" => "Too big",
+               "cover" => Rack::Test::UploadedFile.new(large.path, "application/octet-stream")
+             },
+             function_call_accept
+        expect(last_response.status).to eq(413)
+        body = JSON.parse(last_response.body)
+        expect(body).to include(
+          "_ruact_server_action_error" => true,
+          "error_class" => "Ruact::UploadTooLargeError",
+          # A14 — the controller's REAL action name, no registry-symbol
+          # fallback dance (the v1 path_parameters[:name] fallback is gone).
+          "action_name" => "create_upload"
+        )
+        expect(body.fetch("upload_limit")).to include("limit_bytes" => 1024)
+        # B7 — received_bytes is the WIRE Content-Length: file bytes PLUS
+        # multipart boundary + field overhead.
+        expect(body.fetch("upload_limit").fetch("received_bytes")).to be > 4096
+      end
+    end
+
+    it "D1 — a native form submit (no function-call Accept) ALSO gets the structured 413" do
+      # UploadTooLargeError is the documented exception to the re-raise rule:
+      # the guard only exists on requests that opted into the concern, and a
+      # meaningful 413 beats a re-raised 500 for every caller shape.
+      with_oversized_tempfile do |large|
+        post "/server_upload",
+             {
+               "title" => "Too big, browser shape",
+               "cover" => Rack::Test::UploadedFile.new(large.path, "application/octet-stream")
+             }
+        expect(last_response.status).to eq(413)
+        body = JSON.parse(last_response.body)
+        expect(body.fetch("_ruact_server_action_error")).to be(true)
+        expect(body.fetch("error_class")).to eq("Ruact::UploadTooLargeError")
+      end
+    end
+  end
+
+  describe "guard fires BEFORE CSRF verification (B6 / Pitfall #4)" do
+    around do |example|
+      previous = ServerUploadSpecSupport::ForgeryUploadsServerController.allow_forgery_protection
+      ServerUploadSpecSupport::ForgeryUploadsServerController.allow_forgery_protection = true
+      example.run
+    ensure
+      ServerUploadSpecSupport::ForgeryUploadsServerController.allow_forgery_protection = previous
+    end
+
+    before { cap_max_upload_bytes(1024) }
+
+    it "oversized request WITHOUT a CSRF token returns 413, not 403" do
+      with_oversized_tempfile do |large|
+        post "/server_upload/protected",
+             {
+               "title" => "Too big, no token",
+               "cover" => Rack::Test::UploadedFile.new(large.path, "application/octet-stream")
+             },
+             function_call_accept
+        expect(last_response.status).to eq(413)
+        expect(JSON.parse(last_response.body).fetch("error_class")).to eq("Ruact::UploadTooLargeError")
+      end
+    end
+  end
+
+  describe "carve-out — max_upload_bytes = nil disables the gem-side guard (B2)" do
+    before { cap_max_upload_bytes(nil) }
+
+    it "a body of any size flows through to the action" do
+      with_oversized_tempfile do |large|
+        post "/server_upload",
+             {
+               "title" => "no cap",
+               "cover" => Rack::Test::UploadedFile.new(large.path, "application/octet-stream")
+             },
+             function_call_accept
+        expect(last_response.status).to eq(200)
+        expect(JSON.parse(last_response.body).fetch("uploaded_class")).to eq("ActionDispatch::Http::UploadedFile")
+      end
+    end
+  end
+
+  describe "carve-out — application/json bypasses the guard (B3, request-cycle)" do
+    before { cap_max_upload_bytes(1024) }
+
+    it "a 4 KB JSON body passes the guard and reaches the action" do
+      payload = { "title" => "big json", "blob" => "x" * 4096 }
+      post "/server_upload", payload.to_json,
+           { "CONTENT_TYPE" => "application/json", "HTTP_ACCEPT" => "application/json" }
+      expect(last_response.status).to eq(200)
+      # No file in a JSON body — the action reports the params leaf class.
+      expect(JSON.parse(last_response.body).fetch("uploaded_class")).to eq("NilClass")
+    end
+  end
+
+  # Unit-level coverage of the short-circuit branches — directly against a
+  # host controller instance, mirroring the v1 unit block but with the
+  # concern's D2 verb gate in play (request.get? / request.head?).
+  describe "Unit — __ruact_enforce_upload_limit! short-circuits (B2–B5, C5/D2)" do
+    let(:controller) { ServerUploadSpecSupport::UploadsServerController.new }
+
+    def with_max_upload_bytes(value)
+      cap_max_upload_bytes(value)
+      yield
+    ensure
+      Ruact.instance_variable_set(:@config, nil)
+      Ruact.instance_variable_set(:@configured_at_least_once, false)
+    end
+
+    def stub_request(content_type:, content_length:, http_method: "POST")
+      request = instance_double(
+        ActionDispatch::Request,
+        content_length: content_length,
+        get?: http_method == "GET",
+        head?: http_method == "HEAD"
+      )
+      allow(request).to receive(:content_mime_type)
+        .and_return(content_type ? Mime::Type.lookup(content_type) : nil)
+      allow(controller).to receive(:request).and_return(request)
+    end
+
+    it "B4 — nil Content-Length (chunked transfer) bypasses the guard" do
+      with_max_upload_bytes(1024) do
+        stub_request(content_type: "multipart/form-data", content_length: nil)
+        expect { controller.send(:__ruact_enforce_upload_limit!) }.not_to raise_error
+      end
+    end
+
+    it "B2 — max_upload_bytes = nil bypasses the guard even with oversized Content-Length" do
+      with_max_upload_bytes(nil) do
+        stub_request(content_type: "multipart/form-data", content_length: 10 * 1024 * 1024)
+        expect { controller.send(:__ruact_enforce_upload_limit!) }.not_to raise_error
+      end
+    end
+
+    it "B3 — application/json content type bypasses the guard" do
+      with_max_upload_bytes(1024) do
+        stub_request(content_type: "application/json", content_length: 10 * 1024 * 1024)
+        expect { controller.send(:__ruact_enforce_upload_limit!) }.not_to raise_error
+      end
+    end
+
+    it "B3 — missing content type (nil) bypasses the guard" do
+      with_max_upload_bytes(1024) do
+        stub_request(content_type: nil, content_length: 10_000)
+        expect { controller.send(:__ruact_enforce_upload_limit!) }.not_to raise_error
+      end
+    end
+
+    it "B3/B8 — application/x-www-form-urlencoded is subject to the guard" do
+      with_max_upload_bytes(1024) do
+        stub_request(content_type: "application/x-www-form-urlencoded", content_length: 2048)
+        expect { controller.send(:__ruact_enforce_upload_limit!) }
+          .to raise_error(Ruact::UploadTooLargeError) do |error|
+            expect(error.received_bytes).to eq(2048)
+            expect(error.limit_bytes).to eq(1024)
+          end
+      end
+    end
+
+    it "B5 — Content-Length exactly equal to the limit passes the guard (off-by-one)" do
+      with_max_upload_bytes(1024) do
+        stub_request(content_type: "multipart/form-data", content_length: 1024)
+        expect { controller.send(:__ruact_enforce_upload_limit!) }.not_to raise_error
+      end
+    end
+
+    it "C5/D2 — a GET request skips the guard even with an oversized multipart body" do
+      with_max_upload_bytes(1024) do
+        stub_request(content_type: "multipart/form-data", content_length: 10 * 1024 * 1024, http_method: "GET")
+        expect { controller.send(:__ruact_enforce_upload_limit!) }.not_to raise_error
+      end
+    end
+
+    it "C5/D2 — a HEAD request skips the guard" do
+      with_max_upload_bytes(1024) do
+        stub_request(content_type: "multipart/form-data", content_length: 10 * 1024 * 1024, http_method: "HEAD")
+        expect { controller.send(:__ruact_enforce_upload_limit!) }.not_to raise_error
+      end
+    end
+  end
+end

data/spec/ruact/view_helper_spec.rb

@@ -5,42 +5,48 @@ require "active_support/core_ext/string/output_safety"
 
 module Ruact
   RSpec.describe ViewHelper do
+    let(:render_context) { RenderContext.new }
     let(:helper_obj) do
       obj = Object.new
       obj.extend(described_class)
+      obj.instance_variable_set(:@ruact_render_context, render_context)
       obj
     end
 
-    before { ComponentRegistry.start }
-    after  { ComponentRegistry.reset }
-
-    describe "#__rsc_component__" do
-      it "registers the component in ComponentRegistry and returns an HTML comment" do
-        result = helper_obj.__rsc_component__("NavBar", { "currentUser" => 1 })
-        expect(result).to match(/<!-- __RSC_\d+__ -->/)
-        expect(ComponentRegistry.components.length).to eq(1)
-        expect(ComponentRegistry.components.first[:name]).to eq("NavBar")
-        expect(ComponentRegistry.components.first[:props]).to eq({ "currentUser" => 1 })
+    describe "#__ruact_component__" do
+      it "registers the component in the render context and returns an HTML comment" do
+        result = helper_obj.__ruact_component__("NavBar", { "currentUser" => 1 })
+        expect(result).to match(/<!-- __RUACT_\d+__ -->/)
+        expect(render_context.components.length).to eq(1)
+        expect(render_context.components.first[:name]).to eq("NavBar")
+        expect(render_context.components.first[:props]).to eq({ "currentUser" => 1 })
       end
 
       it "returns an html_safe string so ActionView does not escape the comment" do
-        result = helper_obj.__rsc_component__("Button", {})
+        result = helper_obj.__ruact_component__("Button", {})
         expect(result).to be_html_safe
       end
 
       it "uses incrementing token numbers for successive registrations" do
-        token0 = helper_obj.__rsc_component__("Foo", {})
-        token1 = helper_obj.__rsc_component__("Bar", {})
-        expect(token0).to include("__RSC_0__")
-        expect(token1).to include("__RSC_1__")
+        token0 = helper_obj.__ruact_component__("Foo", {})
+        token1 = helper_obj.__ruact_component__("Bar", {})
+        expect(token0).to include("__RUACT_0__")
+        expect(token1).to include("__RUACT_1__")
       end
 
       it "passes props through to the registry entry" do
-        helper_obj.__rsc_component__("LikeButton", { "postId" => 42, "label" => "Like" })
-        entry = ComponentRegistry.components.first
+        helper_obj.__ruact_component__("LikeButton", { "postId" => 42, "label" => "Like" })
+        entry = render_context.components.first
         expect(entry[:props]["postId"]).to eq(42)
         expect(entry[:props]["label"]).to eq("Like")
       end
+
+      it "raises a clear error when called outside a ruact_render flow" do
+        bare = Object.new
+        bare.extend(described_class)
+        expect { bare.__ruact_component__("NavBar", {}) }
+          .to raise_error(Ruact::Error, /__ruact_component__ called outside a ruact_render flow/)
+      end
     end
   end
 end

data/spec/spec_helper.rb

@@ -1,9 +1,36 @@
 # frozen_string_literal: true
 
+require "simplecov"
+require "simplecov-lcov"
+
+SimpleCov::Formatter::LcovFormatter.config do |c|
+  c.report_with_single_file = true
+  c.single_report_path = "coverage/lcov.info"
+end
+
+SimpleCov.start do
+  enable_coverage :branch
+  primary_coverage :line
+  formatter SimpleCov::Formatter::MultiFormatter.new(
+    [
+      SimpleCov::Formatter::HTMLFormatter,
+      SimpleCov::Formatter::LcovFormatter
+    ]
+  )
+  add_filter %r{^/spec/}
+  add_filter %r{^/bin/}
+  add_filter %r{lib/generators/.+/templates/}
+  add_filter "lib/ruact/version.rb"
+end
+
 require "logger"
 require "ruact"
 
-Dir[File.join(__dir__, "support", "**", "*.rb")].each { |f| require f }
+Dir[File.join(__dir__, "support", "**", "*.rb")].each do |f|
+  next if f.end_with?("_spec.rb") # spec files are loaded by the RSpec runner; avoid double registration
+
+  require f
+end
 
 RSpec.configure do |config|
   config.order = :random
@@ -13,4 +40,28 @@ RSpec.configure do |config|
   config.mock_with :rspec do |mocks|
     mocks.verify_partial_doubles = true
   end
+
+  # Story 7.3: Ruact.config is a frozen singleton with a boot-state flag for the
+  # re-configuration warning. Reset both before every example so the boot flag
+  # cannot leak between specs — otherwise the AC3 warning may fire into a
+  # Rails.logger that has become a per-example RSpec double from an earlier
+  # spec, producing "originally created in one example but has leaked" failures
+  # under random order.
+  config.before do
+    Ruact.instance_variable_set(:@config, nil)
+    Ruact.instance_variable_set(:@configured_at_least_once, false)
+    # Story 8.0a: both server-function registries are lazy-initialized module
+    # singletons. Wipe them between examples so register/clear specs in one file
+    # cannot bleed entries into another under random order.
+    Ruact.instance_variable_set(:@action_registry, nil)
+    Ruact.instance_variable_set(:@query_registry, nil)
+    # Story 9.3: specs that set `Rails.logger = instance_double(Logger)` (e.g.
+    # railtie_spec, configuration_spec) leave a per-example double on the global
+    # after they finish; rspec then refuses to call it from the NEXT example.
+    # That was harmless until the codegen/rake paths began reading `Rails.logger`
+    # (the `[ruact] codegen: exposing …` line). Reset it to a real, silent logger
+    # before every example so no leaked double survives — examples that need a
+    # specific logger set their own in their own `before` (which runs after this).
+    Rails.logger = Logger.new(IO::NULL) if defined?(Rails) && Rails.respond_to?(:logger=)
+  end
 end