@fuzdev/fuz_app 0.65.0 → 0.67.0

package/dist/testing/integration.d.ts

@@ -1,9 +1,9 @@
 import './assert_dev_env.js';
 import type { SessionOptions } from '../auth/session_cookie.js';
 import { type RpcEndpointsSuiteOption } from './rpc_helpers.js';
-import type { BackendCapabilities } from './cross_backend/capabilities.js';
+import type { AppSurfaceSpec } from '../http/surface.js';
+import { type BackendCapabilities } from './cross_backend/capabilities.js';
 import type { SetupTest } from './cross_backend/setup.js';
-import type { SurfaceSource } from './transports/surface_source.js';
 /**
  * Configuration for `describe_standard_integration_tests`.
  */
@@ -15,11 +15,16 @@ export interface StandardIntegrationTestOptions {
      */
     setup_test: SetupTest;
     /**
-     * Source of the app surface for route iteration and error-coverage
-     * scoping. Currently requires `kind: 'inline'` — the cross-process
-     * snapshot variant lands alongside the spawned-backend transport plumbing.
+     * App surface (with route specs + middleware specs) for route iteration
+     * and error-coverage scoping. The same shape feeds both in-process and
+     * cross-process tests — the test process always constructs the spec in
+     * TS (via `create_test_app_surface_spec` or a consumer's equivalent);
+     * cross-process-ness is a property of the transport + per-test fixture,
+     * not the schema source. The on-disk `auth_attack_surface.json` is an
+     * observability artifact for human inspection + gen-time drift gating,
+     * not the source the test runtime reads from.
      */
-    surface_source: SurfaceSource;
+    surface_source: AppSurfaceSpec;
     /** Backend capability declarations — companion to `fixture.in_process` narrowing. */
     capabilities: BackendCapabilities;
     /**
@@ -65,6 +70,22 @@ export interface StandardIntegrationTestOptions {
  * Each test group asserts that required routes exist, failing with a descriptive
  * message if the consumer's route specs are misconfigured.
  *
+ * The two signup-invite-edge-case tests call `invite_create_action_spec`
+ * (admin-gated) over the fixture's session, so consumers wiring signup +
+ * admin actions must thread `extra_keeper_roles: [ROLE_ADMIN]` through
+ * either `default_in_process_suite_options` or
+ * `default_cross_process_setup(handle, {extra_keeper_roles:
+ * [ROLE_ADMIN]})`. In both modes the fixture's `fixture.account` is the
+ * fresh keeper, and the extra-keeper-roles list grants the bootstrapped
+ * keeper additional roles inline (cross-process via `_testing_reset`'s
+ * bootstrap-time seeding; in-process via `bootstrap_test_keeper`) — no
+ * per-role RPC cost, no offer/accept round-trip. The tests run against
+ * the production `open_signup: false` default — the cross-process
+ * per-test secondary mint via `fixture.create_account()` is
+ * invite-gated (keeper drives `invite_create` before signup) so the
+ * harness doesn't need to flip the setting. Consumers that don't wire
+ * signup or `invite_create` silently skip these two tests.
+ *
  * @throws Error at setup time when `options.rpc_endpoints` is empty — the
  *   suite hard-fails via `require_rpc_endpoint_path` rather than running
  *   tests that would crash mid-suite trying to dispatch

package/dist/testing/integration.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"integration.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/testing/integration.ts"],"names":[],"mappings":"AAAA,OAAO,qBAAqB,CAAC;AAsB7B,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,2BAA2B,CAAC;AAO9D,OAAO,EAKN,KAAK,uBAAuB,EAC5B,MAAM,kBAAkB,CAAC;AAkB1B,OAAO,KAAK,EAAC,mBAAmB,EAAC,MAAM,iCAAiC,CAAC;AACzE,OAAO,KAAK,EAAC,SAAS,EAAC,MAAM,0BAA0B,CAAC;AACxD,OAAO,KAAK,EAAC,aAAa,EAAC,MAAM,gCAAgC,CAAC;AAElE;;GAEG;AACH,MAAM,WAAW,8BAA8B;IAC9C;;;;OAIG;IACH,UAAU,EAAE,SAAS,CAAC;IACtB;;;;OAIG;IACH,cAAc,EAAE,aAAa,CAAC;IAC9B,qFAAqF;IACrF,YAAY,EAAE,mBAAmB,CAAC;IAClC;;;;;OAKG;IACH,eAAe,EAAE,cAAc,CAAC,MAAM,CAAC,CAAC;IACxC;;;;;;;;;;;;OAYG;IACH,aAAa,EAAE,uBAAuB,CAAC;IACvC;;;;;;;OAOG;IACH,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC5B;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,eAAO,MAAM,mCAAmC,GAC/C,SAAS,8BAA8B,KACrC,IAy3CF,CAAC"}
+{"version":3,"file":"integration.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/testing/integration.ts"],"names":[],"mappings":"AAAA,OAAO,qBAAqB,CAAC;AAsB7B,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,2BAA2B,CAAC;AAO9D,OAAO,EAKN,KAAK,uBAAuB,EAC5B,MAAM,kBAAkB,CAAC;AAkB1B,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,oBAAoB,CAAC;AACvD,OAAO,EAAU,KAAK,mBAAmB,EAAC,MAAM,iCAAiC,CAAC;AAClF,OAAO,KAAK,EAAC,SAAS,EAAC,MAAM,0BAA0B,CAAC;AAGxD;;GAEG;AACH,MAAM,WAAW,8BAA8B;IAC9C;;;;OAIG;IACH,UAAU,EAAE,SAAS,CAAC;IACtB;;;;;;;;;OASG;IACH,cAAc,EAAE,cAAc,CAAC;IAC/B,qFAAqF;IACrF,YAAY,EAAE,mBAAmB,CAAC;IAClC;;;;;OAKG;IACH,eAAe,EAAE,cAAc,CAAC,MAAM,CAAC,CAAC;IACxC;;;;;;;;;;;;OAYG;IACH,aAAa,EAAE,uBAAuB,CAAC;IACvC;;;;;;;OAOG;IACH,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC5B;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AACH,eAAO,MAAM,mCAAmC,GAC/C,SAAS,8BAA8B,KACrC,IAy5CF,CAAC"}

package/dist/testing/integration.js

@@ -24,6 +24,8 @@ import { ApiError, ERROR_FORBIDDEN_ORIGIN } from '../http/error_schemas.js';
 import { is_public_auth } from '../http/auth_shape.js';
 import { account_verify_action_spec, account_session_list_action_spec, account_session_revoke_action_spec, account_session_revoke_all_action_spec, account_token_create_action_spec, account_token_list_action_spec, account_token_revoke_action_spec, } from '../auth/account_action_specs.js';
 import { invite_create_action_spec } from '../auth/admin_action_specs.js';
+import { test_if } from './cross_backend/capabilities.js';
+import { DEFAULT_TEST_PASSWORD } from './app_server.js';
 /**
  * Standard integration test suite for fuz_app auth routes.
  *
@@ -36,24 +38,35 @@ import { invite_create_action_spec } from '../auth/admin_action_specs.js';
  * Each test group asserts that required routes exist, failing with a descriptive
  * message if the consumer's route specs are misconfigured.
  *
+ * The two signup-invite-edge-case tests call `invite_create_action_spec`
+ * (admin-gated) over the fixture's session, so consumers wiring signup +
+ * admin actions must thread `extra_keeper_roles: [ROLE_ADMIN]` through
+ * either `default_in_process_suite_options` or
+ * `default_cross_process_setup(handle, {extra_keeper_roles:
+ * [ROLE_ADMIN]})`. In both modes the fixture's `fixture.account` is the
+ * fresh keeper, and the extra-keeper-roles list grants the bootstrapped
+ * keeper additional roles inline (cross-process via `_testing_reset`'s
+ * bootstrap-time seeding; in-process via `bootstrap_test_keeper`) — no
+ * per-role RPC cost, no offer/accept round-trip. The tests run against
+ * the production `open_signup: false` default — the cross-process
+ * per-test secondary mint via `fixture.create_account()` is
+ * invite-gated (keeper drives `invite_create` before signup) so the
+ * harness doesn't need to flip the setting. Consumers that don't wire
+ * signup or `invite_create` silently skip these two tests.
+ *
  * @throws Error at setup time when `options.rpc_endpoints` is empty — the
  *   suite hard-fails via `require_rpc_endpoint_path` rather than running
  *   tests that would crash mid-suite trying to dispatch
  *   `account_verify` / `account_session_*` / `account_token_*`.
  */
 export const describe_standard_integration_tests = (options) => {
-    if (options.surface_source.kind !== 'inline') {
-        throw new Error("describe_standard_integration_tests requires surface_source.kind === 'inline' — " +
-            'the cross-process snapshot variant lands with the spawned-backend transport');
-    }
-    const route_specs = options.surface_source.spec.route_specs;
+    const route_specs = options.surface_source.route_specs;
     // Hard-fail early so consumers see a clear setup error instead of a
     // confusing test failure when `rpc_endpoints` is missing. Factory-form
     // callers are resolved with a stub ctx purely to extract the endpoint
     // path; the running backend handles live dispatch.
     const rpc_endpoints_for_setup = resolve_rpc_endpoints_for_setup(options.rpc_endpoints, options.session_options);
     const rpc_path = require_rpc_endpoint_path(rpc_endpoints_for_setup);
-    void options.capabilities;
     describe('standard_integration', () => {
         const { cookie_name } = options.session_options;
         // Error coverage tracking across test groups
@@ -96,7 +109,7 @@ export const describe_standard_integration_tests = (options) => {
                     },
                     body: JSON.stringify({
                         username: fixture.account.username,
-                        password: 'test-password-123',
+                        password: DEFAULT_TEST_PASSWORD,
                     }),
                 });
                 assert.strictEqual(res.status, 200);
@@ -140,7 +153,7 @@ export const describe_standard_integration_tests = (options) => {
                     },
                     body: JSON.stringify({
                         username: 'nonexistent_user',
-                        password: 'test-password-123',
+                        password: DEFAULT_TEST_PASSWORD,
                     }),
                 });
                 assert.strictEqual(res.status, 401);
@@ -161,7 +174,7 @@ export const describe_standard_integration_tests = (options) => {
                     },
                     body: JSON.stringify({
                         username: `  ${fixture.account.username}  `,
-                        password: 'test-password-123',
+                        password: DEFAULT_TEST_PASSWORD,
                     }),
                 });
                 assert.strictEqual(res.status, 200);
@@ -184,7 +197,7 @@ export const describe_standard_integration_tests = (options) => {
                     },
                     body: JSON.stringify({
                         username: fixture.account.username,
-                        password: 'test-password-123',
+                        password: DEFAULT_TEST_PASSWORD,
                     }),
                 });
                 assert.strictEqual(login_res.status, 200);
@@ -273,7 +286,7 @@ export const describe_standard_integration_tests = (options) => {
                     },
                     body: JSON.stringify({
                         username: fixture.account.username,
-                        password: 'test-password-123',
+                        password: DEFAULT_TEST_PASSWORD,
                     }),
                 });
                 assert.strictEqual(res.status, 200);
@@ -291,7 +304,7 @@ export const describe_standard_integration_tests = (options) => {
             test('no cookie on protected route returns 401', async () => {
                 const fixture = await options.setup_test();
                 const res = await rpc_call_for_spec({
-                    app: { request: fixture.transport },
+                    app: { request: fixture.fresh_transport() },
                     path: rpc_path,
                     spec: account_verify_action_spec,
                     params: undefined,
@@ -310,9 +323,9 @@ export const describe_standard_integration_tests = (options) => {
                 });
                 assert.strictEqual(res.status, 401);
             });
-            test('expired cookie returns 401', async () => {
+            test_if(options.capabilities.in_process_only, 'expired cookie returns 401', async () => {
                 const fixture = await options.setup_test();
-                assert(fixture.in_process, 'expired-cookie generation requires in-process keyring');
+                assert(fixture.in_process);
                 const expired_cookie = await create_expired_test_cookie(fixture.keyring, options.session_options);
                 const res = await rpc_call_for_spec({
                     app: { request: fixture.transport },
@@ -409,7 +422,7 @@ export const describe_standard_integration_tests = (options) => {
                     method: 'POST',
                     headers,
                     body: JSON.stringify({
-                        current_password: 'test-password-123',
+                        current_password: DEFAULT_TEST_PASSWORD,
                         new_password: 'new-password-456',
                     }),
                 });
@@ -473,9 +486,9 @@ export const describe_standard_integration_tests = (options) => {
         });
         // --- 5. Origin verification ---
         describe('origin verification', () => {
-            test('evil origin is rejected with 403', async () => {
+            test_if(options.capabilities.in_process_only, 'evil origin is rejected with 403', async () => {
                 const fixture = await options.setup_test();
-                assert(fixture.in_process, 'manual cookie composition requires backend_internals');
+                assert(fixture.in_process);
                 // `verify_request_source` runs before the RPC dispatcher and returns a
                 // plain REST `{error}` body — not a JSON-RPC envelope. Skip `rpc_call`.
                 const res = await fixture.transport(rpc_path, {
@@ -507,9 +520,9 @@ export const describe_standard_integration_tests = (options) => {
                 });
                 assert.strictEqual(res.status, 200);
             });
-            test('no origin header is allowed (direct access)', async () => {
+            test_if(options.capabilities.in_process_only, 'no origin header is allowed (direct access)', async () => {
                 const fixture = await options.setup_test();
-                assert(fixture.in_process, 'manual cookie composition requires backend_internals');
+                assert(fixture.in_process);
                 // Probe the "no Origin / no Referer" path; `suppress_default_origin`
                 // skips the default `origin` header.
                 const res = await rpc_call_for_spec({
@@ -539,8 +552,11 @@ export const describe_standard_integration_tests = (options) => {
             });
             test('invalid bearer token returns 401', async () => {
                 const fixture = await options.setup_test();
+                // `origin: null` — bearer auth requires no browser-context
+                // indicator; the default `Origin: <base_url>` would silently
+                // discard the bearer cross-process.
                 const res = await rpc_call_for_spec({
-                    app: { request: fixture.transport },
+                    app: { request: fixture.fresh_transport({ origin: null }) },
                     path: rpc_path,
                     spec: account_verify_action_spec,
                     params: undefined,
@@ -552,9 +568,11 @@ export const describe_standard_integration_tests = (options) => {
             test('bearer token with Origin header is rejected', async () => {
                 const fixture = await options.setup_test();
                 const bearer_headers = fixture.create_bearer_headers();
-                // Without Origin — works.
+                // Without Origin — works. `origin: null` so the transport
+                // doesn't auto-add the default Origin (which would discard
+                // the bearer as browser-context cross-process).
                 const ok_res = await rpc_call_for_spec({
-                    app: { request: fixture.transport },
+                    app: { request: fixture.fresh_transport({ origin: null }) },
                     path: rpc_path,
                     spec: account_verify_action_spec,
                     params: undefined,
@@ -564,7 +582,7 @@ export const describe_standard_integration_tests = (options) => {
                 assert.strictEqual(ok_res.status, 200);
                 // With Origin — bearer silently discarded (browser context), falls through to no auth.
                 const res = await rpc_call_for_spec({
-                    app: { request: fixture.transport },
+                    app: { request: fixture.fresh_transport() },
                     path: rpc_path,
                     spec: account_verify_action_spec,
                     params: undefined,
@@ -587,9 +605,13 @@ export const describe_standard_integration_tests = (options) => {
                 });
                 assert.ok(create_res.ok, 'account_token_create should succeed');
                 const { token, id } = create_res.result;
-                // Verify token works
+                // Verify token works — fresh transport so the per-test session
+                // cookie in `fixture.transport`'s jar can't give a false pass
+                // when the bearer is the credential under test. `origin: null`
+                // so the transport doesn't auto-add a default Origin (which
+                // would discard the bearer as browser-context cross-process).
                 const use_res = await rpc_call_for_spec({
-                    app: { request: fixture.transport },
+                    app: { request: fixture.fresh_transport({ origin: null }) },
                     path: rpc_path,
                     spec: account_verify_action_spec,
                     params: undefined,
@@ -606,9 +628,10 @@ export const describe_standard_integration_tests = (options) => {
                     headers: fixture.create_session_headers(),
                 });
                 assert.ok(revoke_res.ok, 'account_token_revoke should succeed');
-                // Token should no longer work
+                // Token should no longer work — fresh transport same reason as
+                // the `use_res` call above.
                 const after_res = await rpc_call_for_spec({
-                    app: { request: fixture.transport },
+                    app: { request: fixture.fresh_transport({ origin: null }) },
                     path: rpc_path,
                     spec: account_verify_action_spec,
                     params: undefined,
@@ -805,7 +828,7 @@ export const describe_standard_integration_tests = (options) => {
                 const fixture = await options.setup_test();
                 const logout_route = find_auth_route(route_specs, '/logout', 'POST');
                 assert.ok(logout_route, 'Expected POST /logout route — ensure create_route_specs includes account routes');
-                const res = await fixture.transport(logout_route.path, {
+                const res = await fixture.fresh_transport()(logout_route.path, {
                     method: 'POST',
                     headers: {
                         host: 'localhost',
@@ -832,8 +855,13 @@ export const describe_standard_integration_tests = (options) => {
                 // against the shared endpoint path. The dispatcher runs auth before
                 // params validation, so any well-formed param body works — we just
                 // need each call to be type-correct wrt its spec.
+                //
+                // Fresh transport so the per-test session cookie in
+                // `fixture.transport`'s jar doesn't leak into these unauthed
+                // probes and convert their expected 401s into 200s.
+                const unauthed = fixture.fresh_transport();
                 const session_list = await rpc_call_for_spec({
-                    app: { request: fixture.transport },
+                    app: { request: unauthed },
                     path: rpc_path,
                     spec: account_session_list_action_spec,
                     params: undefined,
@@ -842,7 +870,7 @@ export const describe_standard_integration_tests = (options) => {
                 assert.strictEqual(session_list.status, 401);
                 error_collector.record(route_specs, 'POST', rpc_path, 401);
                 const session_revoke_all = await rpc_call_for_spec({
-                    app: { request: fixture.transport },
+                    app: { request: unauthed },
                     path: rpc_path,
                     spec: account_session_revoke_all_action_spec,
                     params: undefined,
@@ -851,7 +879,7 @@ export const describe_standard_integration_tests = (options) => {
                 assert.strictEqual(session_revoke_all.status, 401);
                 error_collector.record(route_specs, 'POST', rpc_path, 401);
                 const token_list = await rpc_call_for_spec({
-                    app: { request: fixture.transport },
+                    app: { request: unauthed },
                     path: rpc_path,
                     spec: account_token_list_action_spec,
                     params: undefined,
@@ -860,7 +888,7 @@ export const describe_standard_integration_tests = (options) => {
                 assert.strictEqual(token_list.status, 401);
                 error_collector.record(route_specs, 'POST', rpc_path, 401);
                 const token_create = await rpc_call_for_spec({
-                    app: { request: fixture.transport },
+                    app: { request: unauthed },
                     path: rpc_path,
                     spec: account_token_create_action_spec,
                     params: { name: 'unauth-probe' },
@@ -869,7 +897,7 @@ export const describe_standard_integration_tests = (options) => {
                 assert.strictEqual(token_create.status, 401);
                 error_collector.record(route_specs, 'POST', rpc_path, 401);
                 const verify = await rpc_call_for_spec({
-                    app: { request: fixture.transport },
+                    app: { request: unauthed },
                     path: rpc_path,
                     spec: account_verify_action_spec,
                     params: undefined,
@@ -880,7 +908,7 @@ export const describe_standard_integration_tests = (options) => {
                 // Also exercise POST /logout without auth (still REST)
                 const logout_route = find_auth_route(route_specs, '/logout', 'POST');
                 if (logout_route) {
-                    const res = await fixture.transport(logout_route.path, {
+                    const res = await unauthed(logout_route.path, {
                         method: 'POST',
                         headers: { host: 'localhost', 'content-type': 'application/json' },
                         body: JSON.stringify({}),
@@ -895,7 +923,7 @@ export const describe_standard_integration_tests = (options) => {
             test('401 responses contain no leaky fields', async () => {
                 const fixture = await options.setup_test();
                 const res = await rpc_call_for_spec({
-                    app: { request: fixture.transport },
+                    app: { request: fixture.fresh_transport() },
                     path: rpc_path,
                     spec: account_verify_action_spec,
                     params: undefined,
@@ -911,9 +939,9 @@ export const describe_standard_integration_tests = (options) => {
         });
         // --- 11. Expired credential rejection ---
         describe('expired credential rejection', () => {
-            test('expired session cookie returns 401', async () => {
+            test_if(options.capabilities.in_process_only, 'expired session cookie returns 401', async () => {
                 const fixture = await options.setup_test();
-                assert(fixture.in_process, 'expired-cookie generation requires in-process keyring');
+                assert(fixture.in_process);
                 const expired_cookie = await create_expired_test_cookie(fixture.keyring, options.session_options);
                 const res = await rpc_call_for_spec({
                     app: { request: fixture.transport },
@@ -924,9 +952,9 @@ export const describe_standard_integration_tests = (options) => {
                 });
                 assert.strictEqual(res.status, 401, 'Expired session cookie should be rejected');
             });
-            test('expired session cookie returns 401 on mutation route', async () => {
+            test_if(options.capabilities.in_process_only, 'expired session cookie returns 401 on mutation route', async () => {
                 const fixture = await options.setup_test();
-                assert(fixture.in_process, 'expired-cookie generation requires in-process keyring');
+                assert(fixture.in_process);
                 const logout_route = find_auth_route(route_specs, '/logout', 'POST');
                 assert.ok(logout_route, 'Expected POST /logout route — ensure create_route_specs includes account routes');
                 const expired_cookie = await create_expired_test_cookie(fixture.keyring, options.session_options);
@@ -950,7 +978,7 @@ export const describe_standard_integration_tests = (options) => {
                 const bearer_headers = fixture.create_bearer_headers({
                     'content-type': 'application/json',
                 });
-                const res = await fixture.transport(logout_route.path, {
+                const res = await fixture.fresh_transport()(logout_route.path, {
                     method: 'POST',
                     headers: { ...bearer_headers, origin: 'http://localhost:5173' },
                 });
@@ -964,7 +992,7 @@ export const describe_standard_integration_tests = (options) => {
                 const bearer_headers = fixture.create_bearer_headers({
                     'content-type': 'application/json',
                 });
-                const res = await fixture.transport(password_route.path, {
+                const res = await fixture.fresh_transport()(password_route.path, {
                     method: 'POST',
                     headers: { ...bearer_headers, referer: 'http://localhost:5173/admin' },
                 });
@@ -1004,7 +1032,7 @@ export const describe_standard_integration_tests = (options) => {
                     method: 'POST',
                     headers: fixture.create_session_headers({ 'content-type': 'application/json' }),
                     body: JSON.stringify({
-                        current_password: 'test-password-123',
+                        current_password: DEFAULT_TEST_PASSWORD,
                         new_password: 'new-password-456',
                     }),
                 });
@@ -1036,18 +1064,24 @@ export const describe_standard_integration_tests = (options) => {
                 // rather than fail.
                 if (!find_rpc_action(rpc_endpoints_for_setup, invite_create_action_spec.method))
                     return;
-                // Create an admin to manage invites
-                const admin = await fixture.create_account({
-                    username: 'invite_edge_admin',
-                    roles: ['admin'],
-                });
+                // Drive the admin-gated `invite_create` over the fixture's
+                // session. In both modes the fixture is the fresh keeper,
+                // holding `[ROLE_KEEPER, ROLE_ADMIN, ...extra_keeper_roles]`
+                // from the bootstrap-equivalent seed step — `extra_keeper_roles:
+                // [ROLE_ADMIN]` is technically redundant for the admin suite
+                // but harmless. `fixture.create_session_headers()` resolves to
+                // a session with admin role.
+                // `open_signup` stays at production default (`false`) across both
+                // in-process (per-test bootstrap default) and cross-process (the
+                // invite-gated `mint_account` flow doesn't need it flipped), so
+                // the assertion fires without any mid-test setting toggle.
                 // Create invite for alice@example.com via RPC
                 const invite_res = await rpc_call_for_spec({
                     app: { request: fixture.transport },
                     path: rpc_path,
                     spec: invite_create_action_spec,
                     params: { email: 'alice@example.com' },
-                    headers: { cookie: `${cookie_name}=${admin.session_cookie}` },
+                    headers: fixture.create_session_headers(),
                 });
                 assert.ok(invite_res.ok, `invite_create failed: ${invite_res.ok ? '' : JSON.stringify(invite_res.error)}`);
                 // Try to sign up with a different email — should fail (no matching invite)
@@ -1081,12 +1115,17 @@ export const describe_standard_integration_tests = (options) => {
                 // wire admin RPC actions can't exercise invites.
                 if (!find_rpc_action(rpc_endpoints_for_setup, invite_create_action_spec.method))
                     return;
-                // We need admin access — create an admin account
-                const admin = await fixture.create_account({
-                    username: 'signup_test_admin',
-                    roles: ['admin'],
-                });
-                const admin_headers = { cookie: `${cookie_name}=${admin.session_cookie}` };
+                // Drive admin-gated calls over the fixture's session — see the
+                // previous test's comment for the in-process / cross-process
+                // admin-resolution paths. This test creates a separate
+                // `existing_user` for the username-conflict assertion, so
+                // reusing the fixture's admin session for the invite-creating
+                // path has no cross-account-isolation impact on the test's intent.
+                const admin_headers = fixture.create_session_headers();
+                // Mint the conflict-test sibling account for the username-conflict
+                // assertion below. Both transports preserve hardcoded usernames
+                // now that fresh-keeper-per-test wipes the DB between tests.
+                const existing_user = await fixture.create_account({ username: 'existing_user' });
                 // Create an invite for a specific test email via RPC
                 const test_email = 'signup-test@example.com';
                 const invite_res = await rpc_call_for_spec({
@@ -1113,10 +1152,6 @@ export const describe_standard_integration_tests = (options) => {
                 });
                 assert.strictEqual(no_match_res.status, 403, 'Expected 403 for non-matching invite');
                 const no_match_body = await no_match_res.json();
-                // For conflict test: create a second account with a known username,
-                // then create an invite for a different email, then try signup with
-                // the invited email but the colliding username
-                const existing_user = await fixture.create_account({ username: 'existing_user' });
                 // Create invite for a different email via RPC
                 const conflict_email = 'conflict-test@example.com';
                 const invite2_res = await rpc_call_for_spec({

package/dist/testing/round_trip.d.ts

@@ -1,7 +1,7 @@
 import './assert_dev_env.js';
 import type { BackendCapabilities } from './cross_backend/capabilities.js';
 import type { SetupTest } from './cross_backend/setup.js';
-import type { SurfaceSource } from './transports/surface_source.js';
+import type { AppSurfaceSpec } from '../http/surface.js';
 /** Options for `describe_round_trip_validation`. */
 export interface RoundTripTestOptions {
     /**
@@ -12,11 +12,10 @@ export interface RoundTripTestOptions {
      */
     setup_test: SetupTest;
     /**
-     * Source of the app surface for route iteration. Currently requires
-     * `kind: 'inline'` — the cross-process snapshot variant lands alongside
-     * the spawned-backend transport plumbing.
+     * App surface (with route specs) for route iteration. Constructed in
+     * TS by the consumer; same shape for in-process and cross-process tests.
      */
-    surface_source: SurfaceSource;
+    surface_source: AppSurfaceSpec;
     /** Backend capability declarations — see `cross_backend/capabilities.ts`. */
     capabilities: BackendCapabilities;
     /** Routes to skip, in `'METHOD /path'` format. */

package/dist/testing/round_trip.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"round_trip.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/testing/round_trip.ts"],"names":[],"mappings":"AAAA,OAAO,qBAAqB,CAAC;AA0B7B,OAAO,KAAK,EAAC,mBAAmB,EAAC,MAAM,iCAAiC,CAAC;AACzE,OAAO,KAAK,EAAC,SAAS,EAAc,MAAM,0BAA0B,CAAC;AACrE,OAAO,KAAK,EAAC,aAAa,EAAC,MAAM,gCAAgC,CAAC;AAElE,oDAAoD;AACpD,MAAM,WAAW,oBAAoB;IACpC;;;;;OAKG;IACH,UAAU,EAAE,SAAS,CAAC;IACtB;;;;OAIG;IACH,cAAc,EAAE,aAAa,CAAC;IAC9B,6EAA6E;IAC7E,YAAY,EAAE,mBAAmB,CAAC;IAClC,kDAAkD;IAClD,WAAW,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IAC5B,+EAA+E;IAC/E,eAAe,CAAC,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;CACvD;AAED;;;;;;;;;;;GAWG;AACH,eAAO,MAAM,8BAA8B,GAAI,SAAS,oBAAoB,KAAG,IAmE9E,CAAC"}
+{"version":3,"file":"round_trip.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/testing/round_trip.ts"],"names":[],"mappings":"AAAA,OAAO,qBAAqB,CAAC;AA0B7B,OAAO,KAAK,EAAC,mBAAmB,EAAC,MAAM,iCAAiC,CAAC;AACzE,OAAO,KAAK,EAAC,SAAS,EAAc,MAAM,0BAA0B,CAAC;AACrE,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,oBAAoB,CAAC;AAEvD,oDAAoD;AACpD,MAAM,WAAW,oBAAoB;IACpC;;;;;OAKG;IACH,UAAU,EAAE,SAAS,CAAC;IACtB;;;OAGG;IACH,cAAc,EAAE,cAAc,CAAC;IAC/B,6EAA6E;IAC7E,YAAY,EAAE,mBAAmB,CAAC;IAClC,kDAAkD;IAClD,WAAW,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IAC5B,+EAA+E;IAC/E,eAAe,CAAC,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;CACvD;AAED;;;;;;;;;;;GAWG;AACH,eAAO,MAAM,8BAA8B,GAAI,SAAS,oBAAoB,KAAG,IA6D9E,CAAC"}

package/dist/testing/round_trip.js

@@ -33,11 +33,7 @@ import { resolve_valid_path, generate_valid_body } from './schema_generators.js'
  * with valid input are still validated against their declared error schemas.
  */
 export const describe_round_trip_validation = (options) => {
-    if (options.surface_source.kind !== 'inline') {
-        throw new Error("describe_round_trip_validation requires surface_source.kind === 'inline' — " +
-            'the cross-process snapshot variant lands with the spawned-backend transport');
-    }
-    const describe_time_specs = options.surface_source.spec.route_specs;
+    const describe_time_specs = options.surface_source.route_specs;
     const skip_set = new Set(options.skip_routes);
     // `capabilities` is currently unused by this suite (no in-process-only
     // reads, no transport-gated cases) but stays on the options for

package/dist/testing/rpc_helpers.d.ts

@@ -104,12 +104,18 @@ export type RpcCallResult = {
         data?: unknown;
     };
 };
+/**
+ * App shape accepted by `rpc_call`. Either a Hono-like object with a
+ * `.request(input, init)` method (in-process `TestApp.app` directly) or a
+ * bare `RpcTestTransport` callable (cross-process `fixture.transport`).
+ */
+export type RpcCallApp = {
+    request: (input: string, init: RequestInit) => Promise<Response> | Response;
+} | RpcTestTransport;
 /** Arguments for `rpc_call`. */
 export interface RpcCallArgs {
-    /** Hono-like app (anything with a `request(url, init)` method). */
-    app: {
-        request: (input: string, init: RequestInit) => Promise<Response> | Response;
-    };
+    /** Hono-like app or bare `RpcTestTransport` callable. */
+    app: RpcCallApp;
     /** RPC endpoint path, e.g. `'/api/rpc'`. */
     path: string;
     /** JSON-RPC method name. */

package/dist/testing/rpc_helpers.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"rpc_helpers.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/testing/rpc_helpers.ts"],"names":[],"mappings":"AAAA,OAAO,qBAAqB,CAAC;AAa7B,OAAO,EAAC,CAAC,EAAC,MAAM,KAAK,CAAC;AAEtB,OAAO,EAIN,KAAK,gBAAgB,EACrB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,KAAK,EAAC,yBAAyB,EAAC,MAAM,2BAA2B,CAAC;AACzE,OAAO,KAAK,EAAC,SAAS,EAAC,MAAM,0BAA0B,CAAC;AACxD,OAAO,KAAK,EAAC,qBAAqB,EAAE,mBAAmB,EAAE,eAAe,EAAC,MAAM,oBAAoB,CAAC;AACpG,OAAO,KAAK,EAAC,gBAAgB,EAAC,MAAM,yBAAyB,CAAC;AAC9D,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,2BAA2B,CAAC;AAG9D;;;;;;;;;GASG;AACH,MAAM,MAAM,uBAAuB,GAChC,KAAK,CAAC,eAAe,CAAC,GACtB,CAAC,CAAC,GAAG,EAAE,gBAAgB,KAAK,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC;AAEvD;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,eAAO,MAAM,+BAA+B,GAC3C,eAAe,uBAAuB,EACtC,iBAAiB,cAAc,CAAC,MAAM,CAAC,KACrC,KAAK,CAAC,eAAe,CAuBvB,CAAC;AAEF;;;;;;;;;;;GAWG;AACH,eAAO,MAAM,oBAAoB,GAChC,QAAQ,MAAM,EACd,SAAS,OAAO,EAChB,KAAI,MAAM,GAAG,MAAe,KAC1B,WAQF,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,kBAAkB,GAC9B,eAAe,MAAM,EACrB,QAAQ,MAAM,EACd,SAAS,OAAO,EAChB,KAAI,MAAM,GAAG,MAAe,KAC1B,MAMF,CAAC;AAEF;;;;;;;GAOG;AACH,eAAO,MAAM,6BAA6B,GACzC,MAAM,OAAO,EACb,gBAAgB,gBAAgB,KAC9B,IAUF,CAAC;AAEF;;;;;;;;GAQG;AACH,eAAO,MAAM,+BAA+B,GAAI,MAAM,OAAO,EAAE,gBAAgB,CAAC,CAAC,OAAO,KAAG,IAW1F,CAAC;AAIF;;;;GAIG;AACH,MAAM,MAAM,gBAAgB,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,KAAK,OAAO,CAAC,QAAQ,CAAC,CAAC;AAErF,2DAA2D;AAC3D,eAAO,MAAM,cAAc,GACzB,KAAK;IACL,OAAO,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,KAAK,OAAO,CAAC,QAAQ,CAAC,GAAG,QAAQ,CAAC;CAC5E,KAAG,gBAEmB,CAAC;AAEzB,yEAAyE;AACzE,MAAM,MAAM,aAAa,GACtB;IAAC,EAAE,EAAE,IAAI,CAAC;IAAC,MAAM,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,OAAO,CAAA;CAAC,GAC3C;IACA,EAAE,EAAE,KAAK,CAAC;IACV,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE;QAAC,IAAI,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAC;QAAC,IAAI,CAAC,EAAE,OAAO,CAAA;KAAC,CAAC;CACtD,CAAC;AAEL,gCAAgC;AAChC,MAAM,WAAW,WAAW;IAC3B,mEAAmE;IACnE,GAAG,EAAE;QAAC,OAAO,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,KAAK,OAAO,CAAC,QAAQ,CAAC,GAAG,QAAQ,CAAA;KAAC,CAAC;IACnF,4CAA4C;IAC5C,IAAI,EAAE,MAAM,CAAC;IACb,4BAA4B;IAC5B,MAAM,EAAE,MAAM,CAAC;IACf;;;;;OAKG;IACH,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,gFAAgF;IAChF,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACjC,wCAAwC;IACxC,EAAE,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IACrB,mFAAmF;IACnF,IAAI,CAAC,EAAE,MAAM,GAAG,KAAK,CAAC;IACtB;;;;;OAKG;IACH,uBAAuB,CAAC,EAAE,OAAO,CAAC;CAClC;AAcD;;;;;;;;;;;GAWG;AACH,eAAO,MAAM,QAAQ,GAAU,MAAM,WAAW,KAAG,OAAO,CAAC,aAAa,CA0DvE,CAAC;AAEF;;;;;;;GAOG;AACH,eAAO,MAAM,oBAAoB,GAChC,MAAM,IAAI,CAAC,WAAW,EAAE,yBAAyB,CAAC,KAChD,OAAO,CAAC,aAAa,CAAuD,CAAC;AAEhF;;;;;GAKG;AACH,MAAM,MAAM,oBAAoB,CAAC,KAAK,SAAS,yBAAyB,IACrE;IAAC,EAAE,EAAE,IAAI,CAAC;IAAC,MAAM,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAA;CAAC,GAC5D;IAAC,EAAE,EAAE,KAAK,CAAC;IAAC,MAAM,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE;QAAC,IAAI,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAC;QAAC,IAAI,CAAC,EAAE,OAAO,CAAA;KAAC,CAAA;CAAC,CAAC;AAEvF,mFAAmF;AACnF,MAAM,MAAM,kBAAkB,CAAC,KAAK,SAAS,yBAAyB,IAAI,IAAI,CAC7E,WAAW,EACX,QAAQ,GAAG,QAAQ,CACnB,GAAG;IACH,2GAA2G;IAC3G,IAAI,EAAE,KAAK,CAAC;IACZ,0CAA0C;IAC1C,MAAM,EAAE,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;CAChC,CAAC;AAEF;;;;;;;;;;;;;GAaG;AACH,eAAO,MAAM,iBAAiB,GAAU,KAAK,SAAS,yBAAyB,EAC9E,MAAM,kBAAkB,CAAC,KAAK,CAAC,KAC7B,OAAO,CAAC,oBAAoB,CAAC,KAAK,CAAC,CAarC,CAAC;AAEF;;;;;;;;GAQG;AACH,eAAO,MAAM,cAAc,GAAU,CAAC,EACrC,MAAM,WAAW,EACjB,eAAe,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,KACzB,OAAO,CAAC,CAAC,CAcX,CAAC;AAIF;;;;GAIG;AACH,eAAO,MAAM,eAAe,GAC3B,eAAe,aAAa,CAAC,eAAe,CAAC,EAC7C,QAAQ,MAAM,KACZ;IAAC,IAAI,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,SAAS,CAAA;CAAC,GAAG,SAOtC,CAAC;AAEF;;;;GAIG;AACH,eAAO,MAAM,eAAe,GAC3B,eAAe,aAAa,CAAC,qBAAqB,CAAC,EACnD,QAAQ,MAAM,KACZ;IAAC,IAAI,EAAE,MAAM,CAAC;IAAC,WAAW,EAAE,mBAAmB,CAAA;CAAC,GAAG,SAOrD,CAAC;AAEF;;;;;;;;;;;;;GAaG;AACH,eAAO,MAAM,yBAAyB,GACrC,eAAe,aAAa,CAAC,eAAe,CAAC,KAC3C,MAYF,CAAC"}
+{"version":3,"file":"rpc_helpers.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/testing/rpc_helpers.ts"],"names":[],"mappings":"AAAA,OAAO,qBAAqB,CAAC;AAa7B,OAAO,EAAC,CAAC,EAAC,MAAM,KAAK,CAAC;AAEtB,OAAO,EAIN,KAAK,gBAAgB,EACrB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,KAAK,EAAC,yBAAyB,EAAC,MAAM,2BAA2B,CAAC;AACzE,OAAO,KAAK,EAAC,SAAS,EAAC,MAAM,0BAA0B,CAAC;AACxD,OAAO,KAAK,EAAC,qBAAqB,EAAE,mBAAmB,EAAE,eAAe,EAAC,MAAM,oBAAoB,CAAC;AACpG,OAAO,KAAK,EAAC,gBAAgB,EAAC,MAAM,yBAAyB,CAAC;AAC9D,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,2BAA2B,CAAC;AAG9D;;;;;;;;;GASG;AACH,MAAM,MAAM,uBAAuB,GAChC,KAAK,CAAC,eAAe,CAAC,GACtB,CAAC,CAAC,GAAG,EAAE,gBAAgB,KAAK,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC;AAEvD;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,eAAO,MAAM,+BAA+B,GAC3C,eAAe,uBAAuB,EACtC,iBAAiB,cAAc,CAAC,MAAM,CAAC,KACrC,KAAK,CAAC,eAAe,CAuBvB,CAAC;AAEF;;;;;;;;;;;GAWG;AACH,eAAO,MAAM,oBAAoB,GAChC,QAAQ,MAAM,EACd,SAAS,OAAO,EAChB,KAAI,MAAM,GAAG,MAAe,KAC1B,WAQF,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,kBAAkB,GAC9B,eAAe,MAAM,EACrB,QAAQ,MAAM,EACd,SAAS,OAAO,EAChB,KAAI,MAAM,GAAG,MAAe,KAC1B,MAMF,CAAC;AAEF;;;;;;;GAOG;AACH,eAAO,MAAM,6BAA6B,GACzC,MAAM,OAAO,EACb,gBAAgB,gBAAgB,KAC9B,IAUF,CAAC;AAEF;;;;;;;;GAQG;AACH,eAAO,MAAM,+BAA+B,GAAI,MAAM,OAAO,EAAE,gBAAgB,CAAC,CAAC,OAAO,KAAG,IAW1F,CAAC;AAIF;;;;GAIG;AACH,MAAM,MAAM,gBAAgB,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,KAAK,OAAO,CAAC,QAAQ,CAAC,CAAC;AAErF,2DAA2D;AAC3D,eAAO,MAAM,cAAc,GACzB,KAAK;IACL,OAAO,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,KAAK,OAAO,CAAC,QAAQ,CAAC,GAAG,QAAQ,CAAC;CAC5E,KAAG,gBAEmB,CAAC;AAEzB,yEAAyE;AACzE,MAAM,MAAM,aAAa,GACtB;IAAC,EAAE,EAAE,IAAI,CAAC;IAAC,MAAM,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,OAAO,CAAA;CAAC,GAC3C;IACA,EAAE,EAAE,KAAK,CAAC;IACV,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE;QAAC,IAAI,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAC;QAAC,IAAI,CAAC,EAAE,OAAO,CAAA;KAAC,CAAC;CACtD,CAAC;AAEL;;;;GAIG;AACH,MAAM,MAAM,UAAU,GACnB;IAAC,OAAO,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,KAAK,OAAO,CAAC,QAAQ,CAAC,GAAG,QAAQ,CAAA;CAAC,GAC7E,gBAAgB,CAAC;AAEpB,gCAAgC;AAChC,MAAM,WAAW,WAAW;IAC3B,yDAAyD;IACzD,GAAG,EAAE,UAAU,CAAC;IAChB,4CAA4C;IAC5C,IAAI,EAAE,MAAM,CAAC;IACb,4BAA4B;IAC5B,MAAM,EAAE,MAAM,CAAC;IACf;;;;;OAKG;IACH,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,gFAAgF;IAChF,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACjC,wCAAwC;IACxC,EAAE,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IACrB,mFAAmF;IACnF,IAAI,CAAC,EAAE,MAAM,GAAG,KAAK,CAAC;IACtB;;;;;OAKG;IACH,uBAAuB,CAAC,EAAE,OAAO,CAAC;CAClC;AAcD;;;;;;;;;;;GAWG;AACH,eAAO,MAAM,QAAQ,GAAU,MAAM,WAAW,KAAG,OAAO,CAAC,aAAa,CA0DvE,CAAC;AAEF;;;;;;;GAOG;AACH,eAAO,MAAM,oBAAoB,GAChC,MAAM,IAAI,CAAC,WAAW,EAAE,yBAAyB,CAAC,KAChD,OAAO,CAAC,aAAa,CAAuD,CAAC;AAEhF;;;;;GAKG;AACH,MAAM,MAAM,oBAAoB,CAAC,KAAK,SAAS,yBAAyB,IACrE;IAAC,EAAE,EAAE,IAAI,CAAC;IAAC,MAAM,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAA;CAAC,GAC5D;IAAC,EAAE,EAAE,KAAK,CAAC;IAAC,MAAM,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE;QAAC,IAAI,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAC;QAAC,IAAI,CAAC,EAAE,OAAO,CAAA;KAAC,CAAA;CAAC,CAAC;AAEvF,mFAAmF;AACnF,MAAM,MAAM,kBAAkB,CAAC,KAAK,SAAS,yBAAyB,IAAI,IAAI,CAC7E,WAAW,EACX,QAAQ,GAAG,QAAQ,CACnB,GAAG;IACH,2GAA2G;IAC3G,IAAI,EAAE,KAAK,CAAC;IACZ,0CAA0C;IAC1C,MAAM,EAAE,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;CAChC,CAAC;AAEF;;;;;;;;;;;;;GAaG;AACH,eAAO,MAAM,iBAAiB,GAAU,KAAK,SAAS,yBAAyB,EAC9E,MAAM,kBAAkB,CAAC,KAAK,CAAC,KAC7B,OAAO,CAAC,oBAAoB,CAAC,KAAK,CAAC,CAarC,CAAC;AAEF;;;;;;;;GAQG;AACH,eAAO,MAAM,cAAc,GAAU,CAAC,EACrC,MAAM,WAAW,EACjB,eAAe,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,KACzB,OAAO,CAAC,CAAC,CAcX,CAAC;AAIF;;;;GAIG;AACH,eAAO,MAAM,eAAe,GAC3B,eAAe,aAAa,CAAC,eAAe,CAAC,EAC7C,QAAQ,MAAM,KACZ;IAAC,IAAI,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,SAAS,CAAA;CAAC,GAAG,SAOtC,CAAC;AAEF;;;;GAIG;AACH,eAAO,MAAM,eAAe,GAC3B,eAAe,aAAa,CAAC,qBAAqB,CAAC,EACnD,QAAQ,MAAM,KACZ;IAAC,IAAI,EAAE,MAAM,CAAC;IAAC,WAAW,EAAE,mBAAmB,CAAA;CAAC,GAAG,SAOrD,CAAC;AAEF;;;;;;;;;;;;;GAaG;AACH,eAAO,MAAM,yBAAyB,GACrC,eAAe,aAAa,CAAC,eAAe,CAAC,KAC3C,MAYF,CAAC"}

package/dist/testing/rpc_helpers.js

@@ -172,7 +172,7 @@ export const rpc_call = async (args) => {
             body: post.body,
         };
     }
-    const res = await app.request(url, init);
+    const res = await (typeof app === 'function' ? app(url, init) : app.request(url, init));
     const status = res.status;
     const body = await res.json();
     const success = JsonrpcResponse.safeParse(body);

package/dist/testing/rpc_round_trip.d.ts

@@ -1,19 +1,19 @@
 import './assert_dev_env.js';
+import type { AppSurfaceSpec } from '../http/surface.js';
 import { type RpcEndpointsSuiteOption } from './rpc_helpers.js';
 import type { BackendCapabilities } from './cross_backend/capabilities.js';
 import type { SetupTest } from './cross_backend/setup.js';
-import type { SurfaceSource } from './transports/surface_source.js';
 import type { SessionOptions } from '../auth/session_cookie.js';
 /** Options for `describe_rpc_round_trip_tests`. */
 export interface RpcRoundTripTestOptions {
     /** Per-test fixture-producing function (per-describe cadence). */
     setup_test: SetupTest;
     /**
-     * Source of the app surface for RPC endpoint enumeration. Currently
-     * requires `kind: 'inline'` — the cross-process snapshot variant lands
-     * alongside the spawned-backend transport plumbing.
+     * App surface (with route + RPC endpoint specs) for RPC endpoint
+     * enumeration. Constructed in TS by the consumer; same shape for
+     * in-process and cross-process tests.
      */
-    surface_source: SurfaceSource;
+    surface_source: AppSurfaceSpec;
     /** Backend capability declarations. */
     capabilities: BackendCapabilities;
     /**

package/dist/testing/rpc_round_trip.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"rpc_round_trip.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/testing/rpc_round_trip.ts"],"names":[],"mappings":"AAAA,OAAO,qBAAqB,CAAC;AA0B7B,OAAO,EAMN,KAAK,uBAAuB,EAC5B,MAAM,kBAAkB,CAAC;AAE1B,OAAO,KAAK,EAAC,mBAAmB,EAAC,MAAM,iCAAiC,CAAC;AACzE,OAAO,KAAK,EAAC,SAAS,EAAc,MAAM,0BAA0B,CAAC;AACrE,OAAO,KAAK,EAAC,aAAa,EAAC,MAAM,gCAAgC,CAAC;AAClE,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,2BAA2B,CAAC;AAE9D,mDAAmD;AACnD,MAAM,WAAW,uBAAuB;IACvC,kEAAkE;IAClE,UAAU,EAAE,SAAS,CAAC;IACtB;;;;OAIG;IACH,cAAc,EAAE,aAAa,CAAC;IAC9B,uCAAuC;IACvC,YAAY,EAAE,mBAAmB,CAAC;IAClC;;;;;OAKG;IACH,eAAe,EAAE,cAAc,CAAC,MAAM,CAAC,CAAC;IACxC;;;;;OAKG;IACH,aAAa,EAAE,uBAAuB,CAAC;IACvC,qDAAqD;IACrD,YAAY,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IAC7B,6EAA6E;IAC7E,eAAe,CAAC,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;CACvD;AA6BD;;;;;;;;;;;;;GAaG;AACH,eAAO,MAAM,6BAA6B,GAAI,SAAS,uBAAuB,KAAG,IAwHhF,CAAC"}
+{"version":3,"file":"rpc_round_trip.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/testing/rpc_round_trip.ts"],"names":[],"mappings":"AAAA,OAAO,qBAAqB,CAAC;AAwB7B,OAAO,KAAK,EAAC,cAAc,EAAsB,MAAM,oBAAoB,CAAC;AAE5E,OAAO,EAMN,KAAK,uBAAuB,EAC5B,MAAM,kBAAkB,CAAC;AAE1B,OAAO,KAAK,EAAC,mBAAmB,EAAC,MAAM,iCAAiC,CAAC;AACzE,OAAO,KAAK,EAAC,SAAS,EAAc,MAAM,0BAA0B,CAAC;AACrE,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,2BAA2B,CAAC;AAE9D,mDAAmD;AACnD,MAAM,WAAW,uBAAuB;IACvC,kEAAkE;IAClE,UAAU,EAAE,SAAS,CAAC;IACtB;;;;OAIG;IACH,cAAc,EAAE,cAAc,CAAC;IAC/B,uCAAuC;IACvC,YAAY,EAAE,mBAAmB,CAAC;IAClC;;;;;OAKG;IACH,eAAe,EAAE,cAAc,CAAC,MAAM,CAAC,CAAC;IACxC;;;;;OAKG;IACH,aAAa,EAAE,uBAAuB,CAAC;IACvC,qDAAqD;IACrD,YAAY,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IAC7B,6EAA6E;IAC7E,eAAe,CAAC,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;CACvD;AA6BD;;;;;;;;;;;;;GAaG;AACH,eAAO,MAAM,6BAA6B,GAAI,SAAS,uBAAuB,KAAG,IAkHhF,CAAC"}

package/dist/testing/rpc_round_trip.js

@@ -56,10 +56,6 @@ const pick_rpc_auth_headers = (method, keeper, authed_account, admin_account) =>
  * `action.spec.output`.
  */
 export const describe_rpc_round_trip_tests = (options) => {
-    if (options.surface_source.kind !== 'inline') {
-        throw new Error("describe_rpc_round_trip_tests requires surface_source.kind === 'inline' — " +
-            'the cross-process snapshot variant lands with the spawned-backend transport');
-    }
     const skip_set = new Set(options.skip_methods);
     // Resolve factory-form endpoints once for setup-time iteration (method
     // enumeration, surface lookup). The live dispatcher runs against
@@ -67,7 +63,7 @@ export const describe_rpc_round_trip_tests = (options) => {
     // `.input` / `.output` are ctx-independent, so the stub-resolved specs
     // match what the running backend serves.
     const rpc_endpoints_for_setup = resolve_rpc_endpoints_for_setup(options.rpc_endpoints, options.session_options);
-    const surface_rpc_endpoints = options.surface_source.spec.surface.rpc_endpoints;
+    const surface_rpc_endpoints = options.surface_source.surface.rpc_endpoints;
     void options.capabilities;
     describe('RPC round-trip validation', () => {
         let fixture;