@vellumai/assistant 0.6.4 → 0.6.5

package/src/__tests__/trust-store.test.ts

@@ -2,6 +2,8 @@ import { mkdirSync, readFileSync, rmSync, writeFileSync } from "node:fs";
 import { dirname, join } from "node:path";
 import { beforeEach, describe, expect, mock, test } from "bun:test";
 
+import { ruleScope } from "@vellumai/ces-contracts";
+
 // Create a temp directory for the trust file
 const testDir = process.env.VELLUM_WORKSPACE_DIR!;
 
@@ -129,27 +131,13 @@ describe("Trust Store", () => {
       expect(userRules[2].priority).toBe(0);
     });
 
-    test("accepts allowHighRisk option and persists it", () => {
-      const rule = addRule("bash", "sudo *", "everywhere", "allow", 100, {
-        allowHighRisk: true,
-      });
-      expect(rule.allowHighRisk).toBe(true);
-      // Verify it persists to disk
-      clearCache();
-      const rules = getAllRules();
-      const found = rules.find((r) => r.id === rule.id);
-      expect(found).toBeDefined();
-      expect(found!.allowHighRisk).toBe(true);
-    });
-
-    test("addRule without allowHighRisk option does not set the field", () => {
-      const rule = addRule("bash", "git *", "/tmp");
-      expect(rule.allowHighRisk).toBeUndefined();
-      // Verify on disk
-      const raw = JSON.parse(readFileSync(trustPath, "utf-8"));
-      const diskRule = raw.rules.find((r: { id: string }) => r.id === rule.id);
-      expect(diskRule).toBeDefined();
-      expect(diskRule).not.toHaveProperty("allowHighRisk");
+    test("allowHighRisk option is stripped during normalization", () => {
+      // allowHighRisk is no longer persisted — the parser strips it.
+      const rule = addRule("bash", "sudo *", "everywhere", "allow", 100);
+      // Verify the field is not on the rule
+      expect(
+        (rule as unknown as Record<string, unknown>).allowHighRisk,
+      ).toBeUndefined();
     });
 
     test("at same priority deny rules sort before allow rules", () => {
@@ -176,7 +164,7 @@ describe("Trust Store", () => {
       expect(found!.executionTarget).toBe("sandbox");
     });
 
-    test("accepts all contextual options together (target, allowHighRisk)", () => {
+    test("accepts executionTarget option (allowHighRisk no longer supported)", () => {
       const rule = addRule(
         "risky_tool",
         "risky_tool:*",
@@ -184,18 +172,16 @@ describe("Trust Store", () => {
         "allow",
         100,
         {
-          allowHighRisk: true,
           executionTarget: "host",
         },
       );
-      expect(rule.allowHighRisk).toBe(true);
       expect(rule.executionTarget).toBe("host");
 
-      // Verify on disk
+      // Verify on disk — allowHighRisk should not appear
       const raw = JSON.parse(readFileSync(trustPath, "utf-8"));
       const diskRule = raw.rules.find((r: { id: string }) => r.id === rule.id);
       expect(diskRule).toBeDefined();
-      expect(diskRule.allowHighRisk).toBe(true);
+      expect(diskRule).not.toHaveProperty("allowHighRisk");
       expect(diskRule.executionTarget).toBe("host");
     });
 
@@ -305,6 +291,56 @@ describe("Trust Store", () => {
       expect(updated.priority).toBe(100);
       expect(updated.createdAt).toBe(rule.createdAt);
     });
+
+    test("does not set userModifiedAt on non-default rules", () => {
+      const rule = addRule("bash", "git *", "/tmp");
+      const updated = updateRule(rule.id, { decision: "deny" });
+      expect(updated.userModifiedAt).toBeUndefined();
+    });
+
+    test("sets userModifiedAt when updating a default rule", () => {
+      const before = Date.now();
+      const updated = updateRule("default:ask-host_bash-global", {
+        decision: "allow",
+      });
+      expect(updated.userModifiedAt).toBeGreaterThanOrEqual(before);
+      expect(updated.userModifiedAt).toBeLessThanOrEqual(Date.now());
+    });
+
+    test("persists userModifiedAt to disk for default rules", () => {
+      updateRule("default:ask-host_bash-global", { decision: "allow" });
+      clearCache();
+      const rules = getAllRules();
+      const found = rules.find((r) => r.id === "default:ask-host_bash-global");
+      expect(found).toBeDefined();
+      expect(found!.userModifiedAt).toBeGreaterThan(0);
+    });
+
+    test("does not set userModifiedAt on no-op default rule update", () => {
+      // Updating a default rule with values identical to the template
+      // should NOT set userModifiedAt — the rule hasn't actually diverged.
+      const updated = updateRule("default:ask-host_bash-global", {
+        decision: "ask",
+      });
+      expect(updated.userModifiedAt).toBeUndefined();
+    });
+
+    test("clears userModifiedAt when default rule is reset to template values", () => {
+      // First, modify the rule to diverge from the template
+      updateRule("default:ask-host_bash-global", { decision: "allow" });
+      let found = getAllRules().find(
+        (r) => r.id === "default:ask-host_bash-global",
+      )!;
+      expect(found.userModifiedAt).toBeGreaterThan(0);
+
+      // Now reset it back to the template value
+      updateRule("default:ask-host_bash-global", { decision: "ask" });
+      found = getAllRules().find(
+        (r) => r.id === "default:ask-host_bash-global",
+      )!;
+      // userModifiedAt should be cleared since rule matches template again
+      expect(found.userModifiedAt).toBeUndefined();
+    });
   });
 
   // ── findMatchingRule ────────────────────────────────────────────
@@ -724,9 +760,12 @@ describe("Trust Store", () => {
           rule.id === "default:allow-bash-rm-bootstrap" ||
           rule.id === "default:allow-bash-rm-updates"
         ) {
-          expect(rule.scope).toBe(testDir);
+          expect(ruleScope(rule)).toBe(testDir);
         } else {
-          expect(rule.scope).toBe("everywhere");
+          // Non-scoped tool families (managed skill tools, skill_load) no
+          // longer carry an explicit scope field after normalization, but
+          // ruleScope() returns "everywhere" for rules without scope.
+          expect(ruleScope(rule)).toBe("everywhere");
         }
       }
     });
@@ -740,23 +779,6 @@ describe("Trust Store", () => {
       ].sort();
       expect(defaultTools).toEqual([
         "bash",
-        "browser_attach",
-        "browser_click",
-        "browser_close",
-        "browser_detach",
-        "browser_extract",
-        "browser_fill_credential",
-        "browser_hover",
-        "browser_navigate",
-        "browser_press_key",
-        "browser_screenshot",
-        "browser_scroll",
-        "browser_select_option",
-        "browser_snapshot",
-        "browser_status",
-        "browser_type",
-        "browser_wait_for",
-        "browser_wait_for_download",
         "computer_use_click",
         "computer_use_drag",
         "computer_use_key",
@@ -911,7 +933,6 @@ describe("Trust Store", () => {
       expect(match).not.toBeNull();
       expect(match!.id).toBe("default:allow-bash-rm-bootstrap");
       expect(match!.decision).toBe("allow");
-      expect(match!.allowHighRisk).toBe(true);
       // Outside workspace, the bootstrap rule doesn't match — without
       // IS_CONTAINERIZED there is no catch-all bash allow rule either.
       const other = findHighestPriorityRule(
@@ -932,7 +953,6 @@ describe("Trust Store", () => {
       expect(match).not.toBeNull();
       expect(match!.id).toBe("default:allow-bash-rm-updates");
       expect(match!.decision).toBe("allow");
-      expect(match!.allowHighRisk).toBe(true);
       // Outside workspace, should NOT match the updates rule — without
       // IS_CONTAINERIZED there is no catch-all bash allow rule either.
       const other = findHighestPriorityRule(
@@ -1053,7 +1073,8 @@ describe("Trust Store", () => {
       expect(skillLoadRule!.tool).toBe("skill_load");
       expect(skillLoadRule!.pattern).toBe("skill_load:*");
       expect(skillLoadRule!.decision).toBe("allow");
-      expect(skillLoadRule!.scope).toBe("everywhere");
+      // skill_load is a non-scoped tool — template omits scope
+      expect(skillLoadRule!.scope).toBeUndefined();
     });
 
     test("findHighestPriorityRule matches default allow for skill_load", () => {
@@ -1079,58 +1100,6 @@ describe("Trust Store", () => {
       expect(match!.decision).toBe("allow");
     });
 
-    // ── default allow: browser tools ────────────────────────────
-
-    test("all browser tools have default allow rules", () => {
-      const templates = getDefaultRuleTemplates();
-      const browserTools = [
-        "browser_navigate",
-        "browser_snapshot",
-        "browser_screenshot",
-        "browser_close",
-        "browser_attach",
-        "browser_detach",
-        "browser_click",
-        "browser_type",
-        "browser_press_key",
-        "browser_scroll",
-        "browser_select_option",
-        "browser_hover",
-        "browser_wait_for",
-        "browser_extract",
-        "browser_wait_for_download",
-        "browser_fill_credential",
-        "browser_status",
-      ];
-
-      for (const tool of browserTools) {
-        const rule = templates.find(
-          (t) => t.id === `default:allow-${tool}-global`,
-        );
-        expect(rule).toBeDefined();
-        expect(rule!.tool).toBe(tool);
-        // browser_navigate uses standalone "**" because its candidates
-        // contain URLs with "/" that single "*" cannot match.
-        const expectedPattern =
-          tool === "browser_navigate" ? "**" : `${tool}:*`;
-        expect(rule!.pattern).toBe(expectedPattern);
-        expect(rule!.decision).toBe("allow");
-        expect(rule!.scope).toBe("everywhere");
-      }
-    });
-
-    test("browser tool default rules match via findHighestPriorityRule", () => {
-      // Use a candidate without slashes so the `browser_snapshot:*` pattern
-      // matches (minimatch `*` does not cross `/` boundaries).
-      const result = findHighestPriorityRule(
-        "browser_snapshot",
-        ["browser_snapshot:"],
-        "/tmp",
-      );
-      expect(result).toBeDefined();
-      expect(result!.decision).toBe("allow");
-    });
-
     test("no default ask rules exist for file_read on skill source paths", () => {
       const rules = getAllRules();
       // There should be no default rules with IDs matching file_read for skill sources
@@ -1167,16 +1136,80 @@ describe("Trust Store", () => {
       expect(match!.id).toBe("default:ask-file_edit-managed-skills");
       expect(match!.decision).toBe("ask");
     });
+
+    // ── userModifiedAt and backfill migration ──────────────────────
+
+    test("default rules without userModifiedAt are migrated when template changes", () => {
+      // First load backfills defaults
+      getAllRules();
+      // Manually alter a default rule on disk to simulate a template change
+      // (the rule on disk has old values, template has new ones)
+      const raw = JSON.parse(readFileSync(trustPath, "utf-8"));
+      const idx = raw.rules.findIndex(
+        (r: { id: string }) => r.id === "default:ask-host_bash-global",
+      );
+      expect(idx).toBeGreaterThanOrEqual(0);
+      // Manually set an old priority to simulate the rule diverging from template
+      raw.rules[idx].priority = 9999;
+      writeFileSync(trustPath, JSON.stringify(raw, null, 2));
+      clearCache();
+      const rules = getAllRules();
+      const found = rules.find((r) => r.id === "default:ask-host_bash-global");
+      expect(found).toBeDefined();
+      // Should be migrated back to the template priority (50)
+      expect(found!.priority).toBe(50);
+    });
+
+    test("default rules with userModifiedAt are preserved during backfill migration", () => {
+      // First load backfills defaults
+      getAllRules();
+      // Modify the rule via updateRule to set userModifiedAt
+      updateRule("default:ask-host_bash-global", { decision: "allow" });
+      // Verify userModifiedAt is set
+      let rules = getAllRules();
+      let found = rules.find((r) => r.id === "default:ask-host_bash-global");
+      expect(found).toBeDefined();
+      expect(found!.userModifiedAt).toBeGreaterThan(0);
+      expect(found!.decision).toBe("allow");
+
+      // Now simulate a template change by altering what the template expects:
+      // on disk the rule has decision=allow + userModifiedAt, but the template
+      // would try to migrate it back to decision=ask. Since userModifiedAt is
+      // set, backfillDefaults should skip it.
+      clearCache();
+      rules = getAllRules();
+      found = rules.find((r) => r.id === "default:ask-host_bash-global");
+      expect(found).toBeDefined();
+      // The user's override should be preserved
+      expect(found!.decision).toBe("allow");
+      expect(found!.userModifiedAt).toBeGreaterThan(0);
+    });
+
+    test("userModifiedAt survives round-trip through disk", () => {
+      getAllRules(); // backfill
+      updateRule("default:ask-host_bash-global", { priority: 999 });
+      const before = getAllRules().find(
+        (r) => r.id === "default:ask-host_bash-global",
+      )!;
+      expect(before.userModifiedAt).toBeGreaterThan(0);
+
+      // Round-trip through disk
+      clearCache();
+      const after = getAllRules().find(
+        (r) => r.id === "default:ask-host_bash-global",
+      )!;
+      expect(after.userModifiedAt).toBe(before.userModifiedAt);
+      expect(after.priority).toBe(999);
+    });
   });
 
   // ── trust rule schema v3 (PR 14) ──────────────────────────────
 
   describe("trust rule schema v3 (PR 14)", () => {
-    test("new rules can include v3 optional fields", () => {
+    test("new rules can include v3 optional fields (executionTarget)", () => {
       const rule = addRule("bash", "git *", "/tmp");
-      // Manually set v3 optional fields on the rule and persist
+      // Manually set v3 optional field on the rule and persist
       rule.executionTarget = "/usr/local/bin/node";
-      rule.allowHighRisk = true;
       // Re-persist the updated rules
       const rules = getAllRules().map((r) => (r.id === rule.id ? rule : r));
       // Write directly to verify round-trip
@@ -1187,7 +1220,6 @@ describe("Trust Store", () => {
       const found = reloaded.find((r) => r.id === rule.id);
       expect(found).toBeDefined();
       expect(found!.executionTarget).toBe("/usr/local/bin/node");
-      expect(found!.allowHighRisk).toBe(true);
     });
 
     test("trust file persists with version 3", () => {
@@ -1222,7 +1254,6 @@ describe("Trust Store", () => {
           priority: 100,
           createdAt: 7000,
           executionTarget: "/usr/bin/node",
-          allowHighRisk: false,
         },
         {
           id: "v3-without-options",
@@ -1242,7 +1273,6 @@ describe("Trust Store", () => {
       const withOptions = rules.find((r) => r.id === "v3-with-options");
       expect(withOptions).toBeDefined();
       expect(withOptions!.executionTarget).toBe("/usr/bin/node");
-      expect(withOptions!.allowHighRisk).toBe(false);
 
       // Rule without optional fields should remain without them
       const withoutOptions = rules.find((r) => r.id === "v3-without-options");
@@ -1528,7 +1558,7 @@ describe("Trust Store", () => {
 
     test("single-star wildcard matches flat candidates only", () => {
       // "network_request:*" won't match URLs with slashes — consistent
-      // with the behavior of web_fetch:* and browser_navigate:* patterns.
+      // with the behavior of web_fetch:* patterns.
       addRule("network_request", "network_request:*", "everywhere");
       const noSlashMatch = findHighestPriorityRule(
         "network_request",
@@ -1630,7 +1660,7 @@ describe("Trust Store", () => {
       expect(rule!.decision).toBe("allow");
     });
 
-    test("scope restricts network_request rule matching", () => {
+    test("network_request rules match regardless of working directory (URL tools ignore scope)", () => {
       addRule(
         "network_request",
         "network_request:https://api.example.com/*",
@@ -1643,12 +1673,15 @@ describe("Trust Store", () => {
       );
       expect(inScope).not.toBeNull();
 
+      // URL tools (network_request) do not support scope — the rule matches
+      // regardless of working directory because scope is stripped during
+      // normalization.
       const outOfScope = findHighestPriorityRule(
         "network_request",
         ["network_request:https://api.example.com/*"],
         "/tmp/other",
       );
-      expect(outOfScope).toBeNull();
+      expect(outOfScope).not.toBeNull();
     });
   });
 });
@@ -1678,3 +1711,303 @@ describe("computer-use tool trust rule matching", () => {
     }
   });
 });
+
+// ── canonical parser normalization-on-load ─────────────────────────────────
+
+describe("canonical parser normalization-on-load", () => {
+  beforeEach(() => {
+    clearCache();
+    try {
+      rmSync(trustPath);
+    } catch {
+      /* may not exist */
+    }
+  });
+
+  test("URL rule with executionTarget is stripped on load and re-saved", () => {
+    // A URL rule (web_fetch) should not carry executionTarget — the canonical
+    // parser strips it and marks the file for re-save.
+    mkdirSync(dirname(trustPath), { recursive: true });
+    writeFileSync(
+      trustPath,
+      JSON.stringify({
+        version: 3,
+        rules: [
+          {
+            id: "url-rule-with-et",
+            tool: "web_fetch",
+            pattern: "web_fetch:https://example.com/*",
+            scope: "everywhere",
+            decision: "allow",
+            priority: 100,
+            createdAt: 1000,
+            executionTarget: "/usr/bin/node",
+          },
+        ],
+      }),
+    );
+    clearCache();
+    const rules = getAllRules();
+    const found = rules.find((r) => r.id === "url-rule-with-et");
+    expect(found).toBeDefined();
+    // executionTarget should have been stripped by the canonical parser
+    expect(found).not.toHaveProperty("executionTarget");
+
+    // Verify the re-save persisted the normalized rule
+    const disk = JSON.parse(readFileSync(trustPath, "utf-8"));
+    const diskRule = disk.rules.find(
+      (r: { id: string }) => r.id === "url-rule-with-et",
+    );
+    expect(diskRule).toBeDefined();
+    expect(diskRule).not.toHaveProperty("executionTarget");
+  });
+
+  test("URL rule with allowHighRisk is stripped on load (normalized)", () => {
+    mkdirSync(dirname(trustPath), { recursive: true });
+    writeFileSync(
+      trustPath,
+      JSON.stringify({
+        version: 3,
+        rules: [
+          {
+            id: "url-rule-with-ahr",
+            tool: "web_fetch",
+            pattern: "**",
+            scope: "everywhere",
+            decision: "allow",
+            priority: 100,
+            createdAt: 2000,
+            allowHighRisk: true,
+          },
+        ],
+      }),
+    );
+    clearCache();
+    const rules = getAllRules();
+    const found = rules.find((r) => r.id === "url-rule-with-ahr");
+    expect(found).toBeDefined();
+    // allowHighRisk is stripped during normalization
+    expect(
+      (found as unknown as Record<string, unknown>).allowHighRisk,
+    ).toBeUndefined();
+  });
+
+  test("scoped rule preserves executionTarget but strips allowHighRisk on load", () => {
+    mkdirSync(dirname(trustPath), { recursive: true });
+    writeFileSync(
+      trustPath,
+      JSON.stringify({
+        version: 3,
+        rules: [
+          {
+            id: "scoped-rule-with-opts",
+            tool: "bash",
+            pattern: "npm *",
+            scope: "/tmp",
+            decision: "allow",
+            priority: 100,
+            createdAt: 3000,
+            executionTarget: "/usr/local/bin/node",
+            allowHighRisk: true,
+          },
+        ],
+      }),
+    );
+    clearCache();
+    const rules = getAllRules();
+    const found = rules.find((r) => r.id === "scoped-rule-with-opts");
+    expect(found).toBeDefined();
+    expect((found as { executionTarget?: string }).executionTarget).toBe(
+      "/usr/local/bin/node",
+    );
+    // allowHighRisk is stripped during normalization
+    expect(
+      (found as unknown as Record<string, unknown>).allowHighRisk,
+    ).toBeUndefined();
+  });
+
+  test("normalization on v2 file triggers re-save as v3", () => {
+    mkdirSync(dirname(trustPath), { recursive: true });
+    writeFileSync(
+      trustPath,
+      JSON.stringify({
+        version: 2,
+        rules: [
+          {
+            id: "v2-url-rule",
+            tool: "network_request",
+            pattern: "network_request:https://api.test.com/*",
+            scope: "everywhere",
+            decision: "allow",
+            priority: 100,
+            createdAt: 4000,
+            executionTarget: "stale-value",
+          },
+        ],
+      }),
+    );
+    clearCache();
+    getAllRules();
+
+    // File should be re-saved as v3 with normalized rules
+    const disk = JSON.parse(readFileSync(trustPath, "utf-8"));
+    expect(disk.version).toBe(3);
+    const diskRule = disk.rules.find(
+      (r: { id: string }) => r.id === "v2-url-rule",
+    );
+    expect(diskRule).toBeDefined();
+    expect(diskRule).not.toHaveProperty("executionTarget");
+  });
+});
+
+// ── optional-scope matching fallback ──────────────────────────────────────
+
+describe("optional-scope matching fallback", () => {
+  beforeEach(() => {
+    clearCache();
+    try {
+      rmSync(trustPath);
+    } catch {
+      /* may not exist */
+    }
+  });
+
+  test("rule with missing scope is normalized to everywhere and matches any dir", () => {
+    // Simulate a persisted rule that somehow lacks a scope field —
+    // the canonical parser normalizes it to "everywhere".
+    mkdirSync(dirname(trustPath), { recursive: true });
+    writeFileSync(
+      trustPath,
+      JSON.stringify({
+        version: 3,
+        rules: [
+          {
+            id: "no-scope-rule",
+            tool: "bash",
+            pattern: "echo *",
+            decision: "allow",
+            priority: 200,
+            createdAt: 5000,
+          },
+        ],
+      }),
+    );
+    clearCache();
+    const rules = getAllRules();
+    const found = rules.find((r) => r.id === "no-scope-rule");
+    expect(found).toBeDefined();
+    expect(found!.scope).toBe("everywhere");
+
+    // Should match any working directory since scope defaults to everywhere
+    const match = findHighestPriorityRule(
+      "bash",
+      ["echo hello"],
+      "/any/random/dir",
+    );
+    expect(match).not.toBeNull();
+    expect(match!.id).toBe("no-scope-rule");
+  });
+
+  test("rule with empty-string scope is normalized to everywhere", () => {
+    mkdirSync(dirname(trustPath), { recursive: true });
+    writeFileSync(
+      trustPath,
+      JSON.stringify({
+        version: 3,
+        rules: [
+          {
+            id: "empty-scope-rule",
+            tool: "bash",
+            pattern: "ls *",
+            scope: "",
+            decision: "allow",
+            priority: 200,
+            createdAt: 6000,
+          },
+        ],
+      }),
+    );
+    clearCache();
+    const rules = getAllRules();
+    const found = rules.find((r) => r.id === "empty-scope-rule");
+    expect(found).toBeDefined();
+    // The ruleScope helper treats "" as "everywhere"
+    const match = findHighestPriorityRule(
+      "bash",
+      ["ls -la"],
+      "/some/other/dir",
+    );
+    expect(match).not.toBeNull();
+    expect(match!.id).toBe("empty-scope-rule");
+  });
+});
+
+// ── unknown-version no-overwrite semantics ────────────────────────────────
+
+describe("unknown-version no-overwrite semantics", () => {
+  beforeEach(() => {
+    clearCache();
+    try {
+      rmSync(trustPath);
+    } catch {
+      /* may not exist */
+    }
+  });
+
+  test("unknown version file is never overwritten even if normalization would apply", () => {
+    mkdirSync(dirname(trustPath), { recursive: true });
+    // A future version file with rules that would normally be normalized —
+    // the unknown-version guard must prevent any disk writes.
+    const originalContent = JSON.stringify({
+      version: 9999,
+      rules: [
+        {
+          id: "future-url-rule",
+          tool: "web_fetch",
+          pattern: "web_fetch:https://future.io/*",
+          scope: "everywhere",
+          decision: "allow",
+          priority: 50,
+          createdAt: 7000,
+          executionTarget: "should-be-stripped-but-file-not-overwritten",
+        },
+      ],
+    });
+    writeFileSync(trustPath, originalContent);
+    clearCache();
+    const rules = getAllRules();
+    // Defaults should be present in-memory
+    const defaults = rules.filter((r) => r.id.startsWith("default:"));
+    expect(defaults).toHaveLength(NUM_DEFAULTS);
+    // The on-disk file must NOT be overwritten
+    const diskContent = readFileSync(trustPath, "utf-8");
+    expect(diskContent).toBe(originalContent);
+  });
+
+  test("unknown version returns only in-memory defaults, not file rules", () => {
+    mkdirSync(dirname(trustPath), { recursive: true });
+    writeFileSync(
+      trustPath,
+      JSON.stringify({
+        version: 42,
+        rules: [
+          {
+            id: "v42-rule",
+            tool: "bash",
+            pattern: "dangerous *",
+            scope: "everywhere",
+            decision: "allow",
+            priority: 500,
+            createdAt: 8000,
+          },
+        ],
+      }),
+    );
+    clearCache();
+    const rules = getAllRules();
+    // The file's rules should NOT appear in the loaded set
+    expect(rules.find((r) => r.id === "v42-rule")).toBeUndefined();
+    // Only defaults should be present
+    expect(rules.every((r) => r.id.startsWith("default:"))).toBe(true);
+  });
+});