@openwop/openwop-conformance 1.0.0 → 1.1.0

package/src/scenarios/replay-retention-expiry.test.ts

@@ -0,0 +1,178 @@
+/**
+ * Replay retention-expiry scenario per `spec/v1/replay.md` §"Retention
+ * and garbage collection."
+ *
+ * Verifies the normative `replay.md:246` requirement:
+ *
+ *   > If the source run still exists but the event range needed for
+ *   > `fromSeq` has expired, the host MUST reject the fork with
+ *   > `410 Gone` or `422 Unprocessable Entity` using the canonical
+ *   > error envelope. The error `details` SHOULD include `sourceRunId`,
+ *   > `fromSeq`, and the retention boundary when known.
+ *
+ * Forcing expiry is environmental (hosts don't standardize a force-
+ * expire endpoint — that's the same RFC 0009 Q#1 surface area). The
+ * scenario reads two operator-supplied env vars:
+ *
+ *   - `OPENWOP_TEST_EXPIRED_REPLAY_RUN_ID` — runId of a run whose
+ *     events past `fromSeq` are known-expired on the host under test.
+ *   - `OPENWOP_TEST_EXPIRED_REPLAY_FROM_SEQ` — the `fromSeq` to
+ *     fork against (defaults to 0; pre-expired ranges typically
+ *     start from the earliest event).
+ *
+ * When neither is supplied, the scenario asserts only that the
+ * `replay` capability advertisement is well-formed and that
+ * `retention` metadata (when present) types correctly. The
+ * 410/422 envelope assertion soft-skips.
+ *
+ * @see spec/v1/replay.md §"Retention and garbage collection"
+ * @see RFCS/0009-production-profile-conformance.md §C (parallel
+ *      retention-expiry pattern for run snapshots)
+ */
+
+import { describe, it, expect } from 'vitest';
+import { driver } from '../lib/driver.js';
+import { behaviorGate } from '../lib/behavior-gate.js';
+
+interface ReplayRetentionCaps {
+  windowSeconds?: number;
+}
+
+interface ReplayCaps {
+  supported?: boolean;
+  modes?: string[];
+  retention?: ReplayRetentionCaps;
+}
+
+const PROFILE = 'openwop-replay-fork';
+
+async function readReplayCaps(): Promise<ReplayCaps | undefined> {
+  // Per existing replay-fork.test.ts convention: `replay` lives at the
+  // top level of the discovery body, not under capabilities.*.
+  const disco = await driver.get('/.well-known/openwop', { authenticated: false });
+  if (disco.status !== 200) return undefined;
+  return (disco.json as { replay?: ReplayCaps }).replay;
+}
+
+function isProfileAdvertised(replay: ReplayCaps | undefined): boolean {
+  return replay?.supported === true && Array.isArray(replay.modes) && replay.modes.length > 0;
+}
+
+describe('replay-retention-expiry: capability shape', () => {
+  it('host advertising replay surfaces well-formed retention metadata when present', async () => {
+    const replay = await readReplayCaps();
+
+    if (!behaviorGate(PROFILE, isProfileAdvertised(replay))) {
+      return;
+    }
+
+    expect(replay?.supported, driver.describe(
+      'replay.md §"Retention and garbage collection"',
+      'replay.supported MUST be true when the host claims the openwop-replay-fork profile',
+    )).toBe(true);
+
+    expect(
+      Array.isArray(replay?.modes) && (replay?.modes?.length ?? 0) > 0,
+      driver.describe(
+        'profiles.md §`openwop-replay-fork`',
+        'replay.modes MUST be a non-empty array',
+      ),
+    ).toBe(true);
+
+    // retention metadata is OPTIONAL per replay.md (the spec requires
+    // hosts document retention; it doesn't yet require advertising
+    // the window in discovery). When advertised, type strictly.
+    if (replay?.retention?.windowSeconds !== undefined) {
+      expect(
+        Number.isInteger(replay.retention.windowSeconds) &&
+          replay.retention.windowSeconds >= 0,
+        driver.describe(
+          'replay.md §"Retention and garbage collection"',
+          'replay.retention.windowSeconds MUST be a non-negative integer when advertised',
+        ),
+      ).toBe(true);
+    }
+  });
+});
+
+describe('replay-retention-expiry: 410/422 on expired-range fork', () => {
+  it('POST /v1/runs/{expiredRunId}:fork returns 410 or 422 with canonical envelope', async () => {
+    const replay = await readReplayCaps();
+
+    if (!behaviorGate(PROFILE, isProfileAdvertised(replay))) {
+      return;
+    }
+
+    const expiredRunId = process.env.OPENWOP_TEST_EXPIRED_REPLAY_RUN_ID;
+    if (!expiredRunId) {
+      // eslint-disable-next-line no-console
+      console.warn(
+        '[replay-retention-expiry] OPENWOP_TEST_EXPIRED_REPLAY_RUN_ID not supplied; skipping envelope assertion (operator must produce a known-expired run id and pass it via env)',
+      );
+      return;
+    }
+
+    const fromSeqEnv = process.env.OPENWOP_TEST_EXPIRED_REPLAY_FROM_SEQ;
+    const fromSeq = fromSeqEnv ? Number.parseInt(fromSeqEnv, 10) : 0;
+    if (!Number.isFinite(fromSeq) || fromSeq < 0) {
+      // eslint-disable-next-line no-console
+      console.warn(
+        `[replay-retention-expiry] OPENWOP_TEST_EXPIRED_REPLAY_FROM_SEQ=${String(fromSeqEnv)} is not a non-negative integer; skipping`,
+      );
+      return;
+    }
+
+    // Pick a mode the host advertises. Per replay.md the envelope
+    // assertion applies regardless of mode — replay and branch both
+    // depend on the source event log past fromSeq.
+    const mode = replay?.modes?.[0] ?? 'replay';
+
+    const res = await driver.post(
+      `/v1/runs/${encodeURIComponent(expiredRunId)}:fork`,
+      { mode, fromSeq },
+    );
+
+    expect(
+      res.status === 410 || res.status === 422,
+      driver.describe(
+        'replay.md §"Retention and garbage collection"',
+        'fork against expired event range MUST return 410 Gone or 422 Unprocessable Entity',
+      ),
+    ).toBe(true);
+
+    const body = res.json as {
+      error?: string;
+      message?: string;
+      details?: {
+        sourceRunId?: string;
+        fromSeq?: number;
+        retentionBoundary?: string | number;
+      };
+    };
+
+    expect(typeof body.error, driver.describe(
+      'replay.md §"Retention and garbage collection"',
+      'expired-fork response MUST use the canonical error envelope ({error, message, details?})',
+    )).toBe('string');
+    expect((body.error ?? '').length).toBeGreaterThan(0);
+
+    expect(typeof body.message).toBe('string');
+    expect((body.message ?? '').length).toBeGreaterThan(0);
+
+    // details.{sourceRunId, fromSeq, retentionBoundary} are SHOULD —
+    // soft-check when present, MUST NOT mismatch when present.
+    if (body.details?.sourceRunId !== undefined) {
+      expect(body.details.sourceRunId, driver.describe(
+        'replay.md §"Retention and garbage collection"',
+        'details.sourceRunId (when present) MUST match the runId in the request path',
+      )).toBe(expiredRunId);
+    }
+
+    if (body.details?.fromSeq !== undefined) {
+      expect(body.details.fromSeq, driver.describe(
+        'replay.md §"Retention and garbage collection"',
+        'details.fromSeq (when present) MUST match the fromSeq supplied in the request body',
+      )).toBe(fromSeq);
+    }
+  });
+});

package/src/scenarios/restart-during-run.test.ts

@@ -0,0 +1,177 @@
+/**
+ * Restart-during-run scenario per spec/v1/scale-profiles.md
+ * §"Replay semantics" + spec/v1/storage-adapters.md §"Claim acquisition."
+ *
+ * Distinct from `staleClaim.test.ts` (which exercises *cross-process*
+ * claim transfer where two host processes share a DB):
+ *
+ *   - **staleClaim:** process A starts a run → SIGKILL → process B
+ *     (different PID, different port, same DB) takes over after TTL.
+ *     Models multi-host scale-out.
+ *   - **restart-during-run** (this file): process A starts a run →
+ *     SIGKILL → process A' (same port, same DB, fresh PID) takes
+ *     over after TTL. Models the single-host crash + supervisor-
+ *     restart pattern that most production deployments rely on.
+ *
+ * Both reduce to the same primitive — resume-on-startup picks up an
+ * orphaned claim — but the contract this scenario asserts is that the
+ * SECOND boot at the SAME port works, which is the more common
+ * production failure mode (a node-level supervisor like systemd, k8s,
+ * pm2 restarts the host process on crash).
+ *
+ * **`@multi-process`** — spawns child host processes via
+ * `child_process.spawn`. Opt-in via `OPENWOP_RUN_RESTART_DURING_RUN=1`.
+ *
+ * **`@timing-sensitive`** — relies on a short claim TTL.
+ *
+ * @see lib/multiProcess.ts — spawnHost helper
+ * @see examples/hosts/sqlite/src/server.ts — resume-on-startup
+ * @see spec/v1/production-profile.md §Durability (RFC 0009 — this
+ *      scenario satisfies the supervisor-restart predicate when the
+ *      host advertises capabilities.production.supported: true)
+ */
+
+import { describe, it, expect, afterEach } from 'vitest';
+import { mkdtempSync, rmSync } from 'node:fs';
+import { tmpdir } from 'node:os';
+import { join } from 'node:path';
+import { spawnHost, type SpawnedHost } from '../lib/multiProcess.js';
+
+const HOST_PACKAGE_DIR =
+  process.env.OPENWOP_RESTART_DURING_RUN_HOST_DIR ?? 'examples/hosts/sqlite';
+const RUN_THIS_SCENARIO = process.env.OPENWOP_RUN_RESTART_DURING_RUN === '1';
+
+const APIKEY = 'openwop-restart-during-run';
+const PORT = 4803;
+const CLAIM_TTL_MS = 2000;
+const HEARTBEAT_INTERVAL_MS = 500;
+
+interface RunSnapshot {
+  status?: string;
+  runId?: string;
+  endedAt?: string | null;
+}
+
+async function fetchSnapshot(
+  baseUrl: string,
+  apiKey: string,
+  runId: string,
+): Promise<RunSnapshot> {
+  const res = await fetch(`${baseUrl}/v1/runs/${encodeURIComponent(runId)}`, {
+    headers: { Authorization: `Bearer ${apiKey}` },
+  });
+  if (!res.ok) throw new Error(`GET /v1/runs/${runId} failed: ${res.status}`);
+  return (await res.json()) as RunSnapshot;
+}
+
+let workdir: string | null = null;
+const activeHosts: SpawnedHost[] = [];
+
+afterEach(async () => {
+  for (const h of activeHosts.splice(0)) {
+    await h.shutdown().catch(() => h.kill().catch(() => undefined));
+  }
+  if (workdir) {
+    rmSync(workdir, { recursive: true, force: true });
+    workdir = null;
+  }
+});
+
+describe.skipIf(!RUN_THIS_SCENARIO)(
+  'restart-during-run: SIGKILL + same-port restart resumes orphaned run',
+  () => {
+    it(
+      'mid-run SIGKILL on the host process; restart at the same port + DB resumes to terminal',
+      async () => {
+        workdir = mkdtempSync(join(tmpdir(), 'openwop-restart-during-run-'));
+        const dbPath = join(workdir, 'openwop-host.sqlite');
+
+        // ── Boot host A (the one we'll kill).
+        const hostA = await spawnHost({
+          packageDir: HOST_PACKAGE_DIR,
+          port: PORT,
+          apiKey: APIKEY,
+          dbPath,
+          claimTtlMs: CLAIM_TTL_MS,
+          heartbeatIntervalMs: HEARTBEAT_INTERVAL_MS,
+        });
+        activeHosts.push(hostA);
+        await hostA.ready();
+
+        // Start a long-running run (uses conformance-cancellable so we
+        // have time between create and kill).
+        const create = await fetch(`${hostA.baseUrl}/v1/runs`, {
+          method: 'POST',
+          headers: {
+            'Content-Type': 'application/json',
+            Authorization: `Bearer ${APIKEY}`,
+          },
+          body: JSON.stringify({
+            workflowId: 'conformance-cancellable',
+            inputs: { delaySeconds: 8 },
+          }),
+        });
+        expect(create.status).toBe(201);
+        const runId = (await create.json() as { runId: string }).runId;
+        expect(runId).toMatch(/^run-/);
+
+        // Wait a beat so host A writes `run.started` and at least one
+        // node.started before we kill it.
+        await new Promise((r) => setTimeout(r, 300));
+
+        // SIGKILL host A. Claim remains held in the DB until TTL
+        // expires.
+        await hostA.kill();
+        activeHosts.length = 0; // hostA is dead; don't try to shut down again
+
+        // Wait for the claim to go stale.
+        await new Promise((r) => setTimeout(r, CLAIM_TTL_MS + 500));
+
+        // ── Boot the replacement at the SAME port + SAME DB. This is
+        // the supervisor-restart pattern.
+        const hostA2 = await spawnHost({
+          packageDir: HOST_PACKAGE_DIR,
+          port: PORT,
+          apiKey: APIKEY,
+          dbPath,
+          claimTtlMs: CLAIM_TTL_MS,
+          heartbeatIntervalMs: HEARTBEAT_INTERVAL_MS,
+        });
+        activeHosts.push(hostA2);
+        await hostA2.ready();
+
+        // Poll until terminal. A successful restart-recovery means
+        // resume-on-startup re-acquired the claim and the executor
+        // completed the run.
+        const deadline = Date.now() + 30_000;
+        let terminal: RunSnapshot | null = null;
+        while (Date.now() < deadline) {
+          const snap = await fetchSnapshot(hostA2.baseUrl, APIKEY, runId);
+          if (
+            snap.status === 'completed' ||
+            snap.status === 'failed' ||
+            snap.status === 'cancelled'
+          ) {
+            terminal = snap;
+            break;
+          }
+          await new Promise((r) => setTimeout(r, 200));
+        }
+
+        expect(
+          terminal,
+          'run MUST reach terminal status on the restarted host within 30s',
+        ).not.toBeNull();
+        expect(
+          terminal?.status,
+          'restart-recovery MUST drive the run to a non-pending terminal status',
+        ).toMatch(/^(completed|failed|cancelled)$/);
+        // For the cancellable fixture, completed is the expected
+        // outcome — the workflow just exits the delay node and finishes.
+        expect(terminal?.status).toBe('completed');
+        expect(typeof terminal?.endedAt).toBe('string');
+      },
+      45_000,
+    );
+  },
+);

package/src/scenarios/spec-corpus-validity.test.ts

@@ -45,6 +45,7 @@ import {
   FIXTURES_DIR,
   FIXTURES_DOC_PATH,
   GO_TYPES_PATH,
+  LAYOUT,
   PYTHON_TYPES_PATH,
   README_PATH,
   SCENARIOS_DIR,
@@ -786,10 +787,13 @@ describe.skipIf(
 )(
   'spec-corpus: SDK HTTP error helpers match canonical REST vocabulary',
   () => {
+    // describe.skipIf still evaluates the body for test registration; defaults guard against null
+    // dirname() when sources are missing under the published-tarball layout. it() blocks below are
+    // skipped at run time, so the path values are never actually read.
     const sdkSources = {
-      typescript: TYPESCRIPT_RUN_HELPERS_PATH as string,
-      python: PYTHON_TYPES_PATH as string,
-      go: GO_TYPES_PATH as string,
+      typescript: TYPESCRIPT_RUN_HELPERS_PATH ?? '.',
+      python: PYTHON_TYPES_PATH ?? '.',
+      go: GO_TYPES_PATH ?? '.',
     };
     const sdkReadmes = {
       typescript: pathResolve(dirname(sdkSources.typescript), '..', 'README.md'),
@@ -1072,12 +1076,18 @@ describe.skipIf(V1_DIR === null)('spec-corpus: prose docs carry a Status: legend
 });
 
 describe.skipIf(V1_DIR === null || README_PATH === null)('spec-corpus: README document index matches spec/v1', () => {
-  const v1Dir = V1_DIR as string;
-  const readmePath = README_PATH as string;
+  // describe.skipIf skips test execution but still evaluates the describe callback at registration
+  // time. Guard each side-effecting read against null so the body registers cleanly under the
+  // published-tarball layout where V1_DIR / README_PATH resolve to null.
+  const v1Dir = V1_DIR;
+  const readmePath = README_PATH ?? '';
 
-  const proseFiles = readdirSync(v1Dir)
-    .filter((f) => f.endsWith('.md'))
-    .sort();
+  const proseFiles =
+    v1Dir === null
+      ? []
+      : readdirSync(v1Dir)
+          .filter((f) => f.endsWith('.md'))
+          .sort();
 
   it('README Total count equals the number of spec/v1 prose docs', () => {
     const index = extractReadmeDocumentIndex(readFileSync(readmePath, 'utf8'));
@@ -1109,8 +1119,10 @@ describe.skipIf(V1_DIR === null || README_PATH === null)('spec-corpus: README do
 });
 
 describe.skipIf(README_PATH === null)('spec-corpus: local Markdown links resolve', () => {
-  const repoRoot = dirname(README_PATH as string);
-  const markdownFiles = listMarkdownFilesRecursive(repoRoot);
+  // describe.skipIf skips test execution but still evaluates the body for registration; default
+  // to '.' so dirname() never receives null in the published-tarball layout.
+  const repoRoot = README_PATH === null ? '.' : dirname(README_PATH);
+  const markdownFiles = README_PATH === null ? [] : listMarkdownFilesRecursive(repoRoot);
 
   it('finds Markdown files to check', () => {
     expect(markdownFiles.length, 'repo checkout should contain Markdown docs').toBeGreaterThan(0);
@@ -1132,6 +1144,9 @@ describe.skipIf(README_PATH === null)('spec-corpus: local Markdown links resolve
         }
 
         const target = pathResolve(dirname(file), decoded);
+        // Published-tarball layout: the conformance README references ../spec/v1/... and other paths
+        // that resolve OUTSIDE the package boundary. Repo layout has the full tree available.
+        if (LAYOUT === 'published' && !target.startsWith(repoRoot)) continue;
         expect(
           existsSync(target),
           `${relFile} links to missing local target: ${link}`,
@@ -1142,21 +1157,29 @@ describe.skipIf(README_PATH === null)('spec-corpus: local Markdown links resolve
 });
 
 describe.skipIf(README_PATH === null)('spec-corpus: public docs avoid private implementation breadcrumbs', () => {
-  const repoRoot = dirname(README_PATH as string);
-  const publicTextFiles = [
-    README_PATH as string,
-    join(repoRoot, 'QUICKSTART.md'),
-    join(repoRoot, 'QUICKSTART-10MIN.md'),
-    join(repoRoot, 'sdk', 'typescript', 'README.md'),
-    join(repoRoot, 'sdk', 'python', 'README.md'),
-    join(repoRoot, 'sdk', 'go', 'README.md'),
-    ...(CONFORMANCE_README_PATH ? [CONFORMANCE_README_PATH] : []),
-    ...(FIXTURES_DOC_PATH ? [FIXTURES_DOC_PATH] : []),
-    ...listTextFilesRecursive(join(repoRoot, 'examples'), new Set(['.md', 'package.json'])),
-    ...readdirSync(join(repoRoot, 'SECURITY')).filter((f) => f.endsWith('.md') || f.endsWith('.yaml')).map((f) => join(repoRoot, 'SECURITY', f)),
-    ...(V1_DIR !== null ? readdirSync(V1_DIR).filter((f) => f.endsWith('.md')).map((f) => join(V1_DIR as string, f)) : []),
-    ...readdirSync(SCHEMAS_DIR).filter((f) => f.endsWith('.json')).map((f) => join(SCHEMAS_DIR, f)),
-  ].filter((path) => existsSync(path));
+  // describe.skipIf skips test execution but still evaluates the body for registration; guard each
+  // path read against null/missing-dir so the body never throws under the published-tarball layout.
+  const repoRoot = README_PATH === null ? '.' : dirname(README_PATH);
+  const securityDir = join(repoRoot, 'SECURITY');
+  const publicTextFiles =
+    README_PATH === null
+      ? []
+      : [
+          README_PATH,
+          join(repoRoot, 'QUICKSTART.md'),
+          join(repoRoot, 'QUICKSTART-10MIN.md'),
+          join(repoRoot, 'sdk', 'typescript', 'README.md'),
+          join(repoRoot, 'sdk', 'python', 'README.md'),
+          join(repoRoot, 'sdk', 'go', 'README.md'),
+          ...(CONFORMANCE_README_PATH ? [CONFORMANCE_README_PATH] : []),
+          ...(FIXTURES_DOC_PATH ? [FIXTURES_DOC_PATH] : []),
+          ...listTextFilesRecursive(join(repoRoot, 'examples'), new Set(['.md', 'package.json'])),
+          ...(existsSync(securityDir)
+            ? readdirSync(securityDir).filter((f) => f.endsWith('.md') || f.endsWith('.yaml')).map((f) => join(securityDir, f))
+            : []),
+          ...(V1_DIR !== null ? ((v1Dir: string) => readdirSync(v1Dir).filter((f) => f.endsWith('.md')).map((f) => join(v1Dir, f)))(V1_DIR) : []),
+          ...readdirSync(SCHEMAS_DIR).filter((f) => f.endsWith('.json')).map((f) => join(SCHEMAS_DIR, f)),
+        ].filter((path) => existsSync(path));
 
   const banned = [
     { label: 'private workflow-runtime paths', pattern: /services\/workflow-runtime/ },
@@ -1231,7 +1254,12 @@ describe.skipIf(FIXTURES_DOC_PATH === null)('spec-corpus: fixtures.json catalog
       /^\|[^\n]*(PROPOSED|impl pending)[^\n]*\n/gm,
       '',
     );
-    const idRegex = /\bconformance-[a-z][a-z0-9-]*\b/g;
+    // Match `conformance-<id>` only at a real fixture-id boundary —
+    // require the preceding character to NOT be `[a-z0-9-]`, so that
+    // longer strings like `openwop-conformance-canary-secret` do NOT
+    // false-match `conformance-canary-secret` as a fixture id. The
+    // negative lookbehind keeps the regex JS-compatible.
+    const idRegex = /(?<![a-z0-9-])conformance-[a-z][a-z0-9-]*\b/g;
     const cited = new Set<string>();
     let m: RegExpExecArray | null;
     while ((m = idRegex.exec(docWithoutProposed)) !== null) {

package/src/scenarios/staleClaim.test.ts

@@ -25,6 +25,9 @@
  *
  * @see lib/multiProcess.ts — spawnHost helper
  * @see examples/hosts/sqlite/src/server.ts — heartbeat + resume
+ * @see spec/v1/production-profile.md §Durability (RFC 0009 — this
+ *      scenario satisfies the durable-restart predicate when the
+ *      host advertises capabilities.production.supported: true)
  */
 
 import { describe, it, expect, afterEach } from 'vitest';

package/src/scenarios/wasm-pack-abi-version-rejection.test.ts

@@ -1,23 +1,35 @@
 /**
  * RFC 0008 §Conformance — scenario 6/6: ABI version mismatch.
  *
- * Verifies that a host refuses to load a WASM pack whose declared ABI
- * version is not in the host's advertised `abiVersions[]`. The host's
- * loader MUST surface a recognizable `unsupported_abi_version` error
- * (or equivalent) and MUST NOT silently dispatch to the pack's
- * `openwop_node_invoke`.
+ * Two-part scenario per RFCS/0008-wasm-abi.md §H (ABI version handshake):
  *
- * Driving this end-to-end requires a pack with a deliberately wrong
- * ABI version. That pack is filed as v1.x follow-up (an
- * `examples/packs/abi-mismatch/`). The framework here asserts the
- * shape of the host's advertisement so future scenarios can rely on it.
+ *   1. **Discovery shape (observational, always-on)** — host advertises
+ *      `capabilities.nodePackRuntimes.wasm.abiVersions[]` as a non-empty
+ *      array of positive integers including v1.
+ *   2. **Positive path (loadedPacks-gated)** — when the host advertises
+ *      `capabilities.nodePackRuntimes.wasm.loadedPacks[]` AND lists the
+ *      well-behaved reference pack (proving the loader pipeline runs),
+ *      the misbehaving-abi pack at `examples/packs/rust-misbehaving-abi/`
+ *      — which declares `openwop_abi_version() == 999` — MUST NOT
+ *      appear in `loadedPacks[]`. ABI 999 is outside any host's
+ *      `abiVersions[]`, so a conformant host MUST reject the pack at
+ *      load time per RFC 0008 §H.
  *
- * @see RFCS/0008-wasm-abi.md §H (abiVersions array)
+ * The `loadedPacks[]` discovery field is the wire-observable signal:
+ * load-time rejection happens before any node-invoke surface, so the
+ * conformance suite needs a discovery-level affordance to verify the
+ * rejection took effect. Hosts that don't advertise `loadedPacks[]`
+ * soft-skip the positive path.
+ *
+ * @see RFCS/0008-wasm-abi.md §H (ABI version handshake)
  */
 
 import { describe, it, expect } from 'vitest';
 import { driver } from '../lib/driver.js';
 
+const MISBEHAVING_PACK_NAME = 'vendor.openwop.misbehaving-abi';
+const WELL_BEHAVED_PACK_NAME = 'vendor.openwop.rust-hello';
+
 describe('wasm-pack-abi-version-rejection: host advertises supported ABI versions', () => {
   it('abiVersions[] contains positive integers; loader rejects unsupported versions', async () => {
     const disco = await driver.get('/.well-known/openwop');
@@ -45,3 +57,48 @@ describe('wasm-pack-abi-version-rejection: host advertises supported ABI version
     }
   });
 });
+
+describe('wasm-pack-abi-version-rejection: positive path via misbehaving pack', () => {
+  it('misbehaving-abi pack (declares ABI 999) MUST NOT appear in loadedPacks[]', async () => {
+    const disco = await driver.get('/.well-known/openwop');
+    const wasm =
+      (disco.json as {
+        capabilities?: {
+          nodePackRuntimes?: {
+            wasm?: { supported?: boolean; loadedPacks?: unknown };
+          };
+        };
+      }).capabilities?.nodePackRuntimes?.wasm;
+
+    if (!wasm?.supported) return;
+
+    if (!Array.isArray(wasm.loadedPacks)) {
+      // eslint-disable-next-line no-console
+      console.warn(
+        '[wasm-pack-abi-version-rejection] host does not advertise capabilities.nodePackRuntimes.wasm.loadedPacks[]; skipping positive path. ' +
+          'Hosts MAY advertise loadedPacks[] to surface ABI rejection observably (RFC 0008 §H + Track 7).',
+      );
+      return;
+    }
+
+    // Soft-skip when the well-behaved reference pack isn't loaded. If
+    // loadedPacks[] doesn't include rust-hello, we can't distinguish
+    // "the loader pipeline runs but rejected misbehaving-abi" from
+    // "the loader doesn't run at all on this host."
+    if (!wasm.loadedPacks.includes(WELL_BEHAVED_PACK_NAME)) {
+      // eslint-disable-next-line no-console
+      console.warn(
+        `[wasm-pack-abi-version-rejection] reference pack ${WELL_BEHAVED_PACK_NAME} not in loadedPacks[]; ` +
+          'skipping positive path (build examples/packs/rust-hello first or run against a host that ships it).',
+      );
+      return;
+    }
+
+    // Core assertion: ABI 999 pack MUST NOT be in loadedPacks[]
+    // regardless of filesystem state. The host's loader rejected it.
+    expect(wasm.loadedPacks.includes(MISBEHAVING_PACK_NAME), driver.describe(
+      'RFCS/0008-wasm-abi.md §H',
+      `host MUST reject packs whose declared ABI is not in abiVersions[]; ${MISBEHAVING_PACK_NAME} declares 999 and MUST NOT appear in loadedPacks[]`,
+    )).toBe(false);
+  });
+});