npm - claude-dev-env - Versions diffs - 1.60.0 → 1.62.0 - Mend

claude-dev-env 1.60.0 → 1.62.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (41) hide show

package/hooks/blocking/test_verification_verdict_store.py CHANGED Viewed

@@ -6,6 +6,7 @@ path the verified_commit_gate hook runs.
 """
 import importlib.util
+import json
 import pathlib
 import subprocess
 import sys
@@ -25,6 +26,8 @@ store_spec.loader.exec_module(store_module)
 is_verification_exempt_diff = store_module.is_verification_exempt_diff
 resolve_merge_base = store_module.resolve_merge_base
 branch_surface_manifest = store_module.branch_surface_manifest
+manifest_sha256 = store_module.manifest_sha256
+workflow_verdict_covers_surface = store_module.workflow_verdict_covers_surface
 constants_spec = importlib.util.spec_from_file_location(
     "verified_commit_constants",
@@ -276,3 +279,212 @@ def test_production_change_is_gated_on_nonstandard_default_branch(
         encoding="utf-8",
     )
     assert _exemption_for(work_dir) is False
+MATCHING_MANIFEST_SHA256 = "a" * 64
+OTHER_MANIFEST_SHA256 = "b" * 64
+VERIFIER_AGENT_TYPE = "code-verifier"
+def _verdict_transcript_text(is_all_pass: bool, bound_manifest_sha256: str) -> str:
+    verdict_record = {
+        "all_pass": is_all_pass,
+        "findings": [],
+        "manifest_sha256": bound_manifest_sha256,
+    }
+    assistant_text = (
+        "Verification complete.\n\n```verdict\n"
+        + json.dumps(verdict_record)
+        + "\n```\n"
+    )
+    assistant_entry = {
+        "type": "assistant",
+        "message": {"content": [{"type": "text", "text": assistant_text}]},
+    }
+    return json.dumps(assistant_entry) + "\n"
+def _write_agent_transcript(
+    subagents_dir: pathlib.Path,
+    agent_id: str,
+    agent_type: str,
+    transcript_text: str,
+    should_write_sidecar: bool,
+) -> None:
+    workflow_dir = subagents_dir / "workflows" / "wf_x"
+    workflow_dir.mkdir(parents=True, exist_ok=True)
+    (workflow_dir / f"agent-{agent_id}.jsonl").write_text(
+        transcript_text, encoding="utf-8"
+    )
+    if should_write_sidecar:
+        (workflow_dir / f"agent-{agent_id}.meta.json").write_text(
+            json.dumps({"agentType": agent_type}), encoding="utf-8"
+        )
+def _session_transcript_path(tmp_path: pathlib.Path, session_id: str) -> pathlib.Path:
+    session_root = tmp_path / "projects" / "demo"
+    session_root.mkdir(parents=True)
+    transcript_path = session_root / f"{session_id}.jsonl"
+    transcript_path.write_text("", encoding="utf-8")
+    return transcript_path
+def test_workflow_verdict_covers_surface_true_for_matching_passing_verifier(
+    tmp_path: pathlib.Path,
+) -> None:
+    transcript_path = _session_transcript_path(tmp_path, "sess1")
+    subagents_dir = tmp_path / "projects" / "demo" / "sess1" / "subagents"
+    _write_agent_transcript(
+        subagents_dir,
+        "01",
+        VERIFIER_AGENT_TYPE,
+        _verdict_transcript_text(True, MATCHING_MANIFEST_SHA256),
+        should_write_sidecar=True,
+    )
+    assert (
+        workflow_verdict_covers_surface(
+            str(transcript_path), MATCHING_MANIFEST_SHA256
+        )
+        is True
+    )
+def test_workflow_verdict_covers_surface_false_for_nonmatching_hash(
+    tmp_path: pathlib.Path,
+) -> None:
+    transcript_path = _session_transcript_path(tmp_path, "sess1")
+    subagents_dir = tmp_path / "projects" / "demo" / "sess1" / "subagents"
+    _write_agent_transcript(
+        subagents_dir,
+        "01",
+        VERIFIER_AGENT_TYPE,
+        _verdict_transcript_text(True, OTHER_MANIFEST_SHA256),
+        should_write_sidecar=True,
+    )
+    assert (
+        workflow_verdict_covers_surface(
+            str(transcript_path), MATCHING_MANIFEST_SHA256
+        )
+        is False
+    )
+def test_workflow_verdict_covers_surface_false_for_all_pass_false(
+    tmp_path: pathlib.Path,
+) -> None:
+    transcript_path = _session_transcript_path(tmp_path, "sess1")
+    subagents_dir = tmp_path / "projects" / "demo" / "sess1" / "subagents"
+    _write_agent_transcript(
+        subagents_dir,
+        "01",
+        VERIFIER_AGENT_TYPE,
+        _verdict_transcript_text(False, MATCHING_MANIFEST_SHA256),
+        should_write_sidecar=True,
+    )
+    assert (
+        workflow_verdict_covers_surface(
+            str(transcript_path), MATCHING_MANIFEST_SHA256
+        )
+        is False
+    )
+def test_workflow_verdict_covers_surface_false_for_non_verifier_sidecar(
+    tmp_path: pathlib.Path,
+) -> None:
+    transcript_path = _session_transcript_path(tmp_path, "sess1")
+    subagents_dir = tmp_path / "projects" / "demo" / "sess1" / "subagents"
+    _write_agent_transcript(
+        subagents_dir,
+        "01",
+        "clean-coder",
+        _verdict_transcript_text(True, MATCHING_MANIFEST_SHA256),
+        should_write_sidecar=True,
+    )
+    assert (
+        workflow_verdict_covers_surface(
+            str(transcript_path), MATCHING_MANIFEST_SHA256
+        )
+        is False
+    )
+def test_workflow_verdict_covers_surface_false_for_missing_sidecar(
+    tmp_path: pathlib.Path,
+) -> None:
+    transcript_path = _session_transcript_path(tmp_path, "sess1")
+    subagents_dir = tmp_path / "projects" / "demo" / "sess1" / "subagents"
+    _write_agent_transcript(
+        subagents_dir,
+        "01",
+        VERIFIER_AGENT_TYPE,
+        _verdict_transcript_text(True, MATCHING_MANIFEST_SHA256),
+        should_write_sidecar=False,
+    )
+    assert (
+        workflow_verdict_covers_surface(
+            str(transcript_path), MATCHING_MANIFEST_SHA256
+        )
+        is False
+    )
+def test_workflow_verdict_covers_surface_false_for_missing_subagents_dir(
+    tmp_path: pathlib.Path,
+) -> None:
+    transcript_path = _session_transcript_path(tmp_path, "sess1")
+    assert (
+        workflow_verdict_covers_surface(
+            str(transcript_path), MATCHING_MANIFEST_SHA256
+        )
+        is False
+    )
+def test_workflow_verdict_covers_surface_true_when_transcript_is_under_subagents(
+    tmp_path: pathlib.Path,
+) -> None:
+    subagents_dir = tmp_path / "projects" / "demo" / "sess1" / "subagents"
+    _write_agent_transcript(
+        subagents_dir,
+        "01",
+        VERIFIER_AGENT_TYPE,
+        _verdict_transcript_text(True, MATCHING_MANIFEST_SHA256),
+        should_write_sidecar=True,
+    )
+    caller_transcript_path = (
+        subagents_dir / "workflows" / "wf_x" / "agent-00.jsonl"
+    )
+    caller_transcript_path.write_text("", encoding="utf-8")
+    assert (
+        workflow_verdict_covers_surface(
+            str(caller_transcript_path), MATCHING_MANIFEST_SHA256
+        )
+        is True
+    )
+def test_manifest_hash_cli_prints_live_surface_hash(tmp_path: pathlib.Path) -> None:
+    work_dir = _make_repo_with_origin(tmp_path)
+    (work_dir / "src" / "app.py").write_text(
+        "def add(left: int, right: int) -> int:\n    return left - right\n",
+        encoding="utf-8",
+    )
+    merge_base_sha = resolve_merge_base(str(work_dir))
+    assert merge_base_sha is not None
+    surface_manifest_text = branch_surface_manifest(str(work_dir), merge_base_sha)
+    assert surface_manifest_text is not None
+    expected_hash = manifest_sha256(surface_manifest_text)
+    completed_process = subprocess.run(
+        [
+            sys.executable,
+            str(_HOOK_DIR / "verification_verdict_store.py"),
+            "--manifest-hash",
+            str(work_dir),
+        ],
+        check=True,
+        capture_output=True,
+        text=True,
+    )
+    assert completed_process.stdout.strip() == expected_hash

package/hooks/blocking/test_verified_commit_gate.py CHANGED Viewed

@@ -6,8 +6,11 @@ decide what to gate.
 """
 import importlib.util
+import io
+import json
 import os
 import pathlib
+import subprocess
 import sys
 import pytest
@@ -25,6 +28,22 @@ assert gate_spec.loader is not None
 gate_module = importlib.util.module_from_spec(gate_spec)
 gate_spec.loader.exec_module(gate_module)
 gated_repo_directories = gate_module.gated_repo_directories
+deny_reason_for_directory = gate_module.deny_reason_for_directory
+gate_main = gate_module.main
+store_spec = importlib.util.spec_from_file_location(
+    "verification_verdict_store",
+    _HOOK_DIR / "verification_verdict_store.py",
+)
+assert store_spec is not None
+assert store_spec.loader is not None
+store_module = importlib.util.module_from_spec(store_spec)
+store_spec.loader.exec_module(store_module)
+resolve_merge_base = store_module.resolve_merge_base
+branch_surface_manifest = store_module.branch_surface_manifest
+manifest_sha256 = store_module.manifest_sha256
+PRODUCTION_SOURCE = "def add(left: int, right: int) -> int:\n    return left + right\n"
 def test_plain_git_commit_is_gated() -> None:
@@ -366,3 +385,143 @@ def test_git_verb_inside_gh_comment_body_is_not_gated() -> None:
     assert gated_repo_directories(
         'gh pr comment -b "please git commit your work"', "/d"
     ) == []
+def _run_git(repo_dir: pathlib.Path, *git_arguments: str) -> None:
+    subprocess.run(
+        ["git", "-C", str(repo_dir), *git_arguments],
+        check=True,
+        capture_output=True,
+        text=True,
+    )
+def _make_gated_repo(tmp_path: pathlib.Path) -> pathlib.Path:
+    origin_dir = tmp_path / "origin.git"
+    work_dir = tmp_path / "work"
+    work_dir.mkdir()
+    subprocess.run(
+        ["git", "init", "--bare", "--initial-branch=main", str(origin_dir)],
+        check=True,
+        capture_output=True,
+        text=True,
+    )
+    _run_git(work_dir, "init", "--initial-branch=main")
+    _run_git(work_dir, "config", "user.email", "tests@example.com")
+    _run_git(work_dir, "config", "user.name", "Gate Tests")
+    (work_dir / "app.py").write_text(PRODUCTION_SOURCE, encoding="utf-8")
+    _run_git(work_dir, "add", "-A")
+    _run_git(work_dir, "commit", "-m", "base")
+    _run_git(work_dir, "remote", "add", "origin", str(origin_dir))
+    _run_git(work_dir, "push", "-u", "origin", "main")
+    (work_dir / "app.py").write_text(
+        "def add(left: int, right: int) -> int:\n    return left - right\n",
+        encoding="utf-8",
+    )
+    return work_dir
+def _live_surface_hash(work_dir: pathlib.Path) -> str:
+    merge_base_sha = resolve_merge_base(str(work_dir))
+    assert merge_base_sha is not None
+    surface_manifest_text = branch_surface_manifest(str(work_dir), merge_base_sha)
+    assert surface_manifest_text is not None
+    return manifest_sha256(surface_manifest_text)
+def _write_workflow_verdict(
+    transcript_path: pathlib.Path, bound_manifest_sha256: str
+) -> None:
+    subagents_dir = transcript_path.with_suffix("") / "subagents"
+    workflow_dir = subagents_dir / "workflows" / "wf_x"
+    workflow_dir.mkdir(parents=True)
+    verdict_record = {
+        "all_pass": True,
+        "findings": [],
+        "manifest_sha256": bound_manifest_sha256,
+    }
+    assistant_text = (
+        "Verification complete.\n\n```verdict\n"
+        + json.dumps(verdict_record)
+        + "\n```\n"
+    )
+    assistant_entry = {
+        "type": "assistant",
+        "message": {"content": [{"type": "text", "text": assistant_text}]},
+    }
+    (workflow_dir / "agent-01.jsonl").write_text(
+        json.dumps(assistant_entry) + "\n", encoding="utf-8"
+    )
+    (workflow_dir / "agent-01.meta.json").write_text(
+        json.dumps({"agentType": "code-verifier"}), encoding="utf-8"
+    )
+def _isolate_home(monkeypatch: pytest.MonkeyPatch, fake_home: pathlib.Path) -> None:
+    home_text = str(fake_home)
+    monkeypatch.setenv("HOME", home_text)
+    monkeypatch.setenv("USERPROFILE", home_text)
+    monkeypatch.delenv("HOMEDRIVE", raising=False)
+    monkeypatch.delenv("HOMEPATH", raising=False)
+def test_workflow_verdict_allows_commit_without_a_minted_verdict_file(
+    monkeypatch: pytest.MonkeyPatch, tmp_path: pathlib.Path
+) -> None:
+    fake_home = tmp_path / "home"
+    fake_home.mkdir()
+    _isolate_home(monkeypatch, fake_home)
+    work_dir = _make_gated_repo(tmp_path)
+    live_surface_hash = _live_surface_hash(work_dir)
+    transcript_path = tmp_path / "projects" / "demo" / "sess1.jsonl"
+    transcript_path.parent.mkdir(parents=True)
+    transcript_path.write_text("", encoding="utf-8")
+    _write_workflow_verdict(transcript_path, live_surface_hash)
+    assert (
+        deny_reason_for_directory(str(work_dir), str(transcript_path)) is None
+    )
+def test_no_verdict_of_either_kind_denies_the_commit(
+    monkeypatch: pytest.MonkeyPatch, tmp_path: pathlib.Path
+) -> None:
+    fake_home = tmp_path / "home"
+    fake_home.mkdir()
+    _isolate_home(monkeypatch, fake_home)
+    work_dir = _make_gated_repo(tmp_path)
+    transcript_path = tmp_path / "projects" / "demo" / "sess1.jsonl"
+    transcript_path.parent.mkdir(parents=True)
+    transcript_path.write_text("", encoding="utf-8")
+    deny_reason = deny_reason_for_directory(str(work_dir), str(transcript_path))
+    assert deny_reason is not None
+    assert "VERIFIED_COMMIT_GATE" in deny_reason
+def _run_gate_main(
+    monkeypatch: pytest.MonkeyPatch, command_text: str, work_dir: pathlib.Path
+) -> None:
+    payload_text = json.dumps(
+        {
+            "tool_name": "Bash",
+            "tool_input": {"command": command_text},
+            "cwd": str(work_dir),
+            "transcript_path": "",
+        }
+    )
+    monkeypatch.setattr(sys, "stdin", io.StringIO(payload_text))
+    gate_main()
+def test_verification_bypass_marker_allows_an_otherwise_gated_commit(
+    monkeypatch: pytest.MonkeyPatch,
+    capsys: pytest.CaptureFixture[str],
+    tmp_path: pathlib.Path,
+) -> None:
+    fake_home = tmp_path / "home"
+    fake_home.mkdir()
+    _isolate_home(monkeypatch, fake_home)
+    work_dir = _make_gated_repo(tmp_path)
+    _run_gate_main(monkeypatch, "git commit -m x", work_dir)
+    assert "VERIFIED_COMMIT_GATE" in capsys.readouterr().out
+    _run_gate_main(monkeypatch, "git commit -m x # verify-skip", work_dir)
+    assert capsys.readouterr().out == ""

package/hooks/blocking/test_verifier_verdict_minter.py CHANGED Viewed

@@ -1,18 +1,17 @@
 """Tests for the agent-type gate in verifier_verdict_minter.
-The minter mints a verdict only for a code-verifier stop event. The live
-SubagentStop payload names the stopping subagent by ``agent_id`` and carries
-no flat agent-type key, so the minter recovers the spawning agent type from
-the parent transcript: it walks the parent transcript for the completion
-record whose ``agentId`` matches the payload and reads that record's sibling
-``agentType``. These tests build a faithful parent transcript and assert the
-minter gates on the resolved type and on the shared MINTING_AGENT_TYPE
-constant, so a rename in config propagates to the minter without a second
-edit. One test proves that only a structured ``agentType`` key resolves: a
-text block that merely quotes the identity keys mints nothing. A further test
-holds the shipped settings.json to the minter docstring's anti-forgery claim:
-the main session is denied writes to the verdict directory, so only this hook
-can mint a passing verdict.
+The minter mints a verdict only for a code-verifier stop event. The
+SubagentStop payload names the stopping subagent's own transcript
+(``agent_transcript_path``), which sits beside a harness-written
+``agent-<id>.meta.json`` sidecar naming the spawning ``agentType``. These
+tests build that sidecar and assert the minter gates on the resolved type and
+on the shared MINTING_AGENT_TYPE constant, so a rename in config propagates to
+the minter without a second edit. A malformed or non-string sidecar resolves
+nothing, and an absent sidecar mints nothing — the main session writes neither
+the transcript nor the sidecar, so it cannot forge a passing verdict. A
+further test holds the shipped settings.json to the minter docstring's
+anti-forgery claim: the main session is denied writes to the verdict
+directory, so only this hook can mint a passing verdict.
 """
 import importlib.util
@@ -21,8 +20,6 @@ import pathlib
 import subprocess
 import sys
-import pytest
 _HOOK_DIR = pathlib.Path(__file__).parent
 if str(_HOOK_DIR) not in sys.path:
     sys.path.insert(0, str(_HOOK_DIR))
@@ -51,100 +48,83 @@ constants_spec.loader.exec_module(constants_module)
 MINTING_AGENT_TYPE = constants_module.MINTING_AGENT_TYPE
-def _write_parent_transcript(transcript_file: pathlib.Path, agent_id: str, agent_type: str) -> None:
-    spawn_record = {
-        "type": "assistant",
-        "message": {
-            "content": [
-                {
-                    "type": "tool_use",
-                    "name": "Task",
-                    "input": {"subagent_type": agent_type, "description": "Verify"},
-                    "agentId": agent_id,
-                    "agentType": agent_type,
-                    "content": [{"type": "text", "text": "verification complete"}],
-                }
-            ]
-        },
-    }
-    transcript_file.write_text(json.dumps(spawn_record) + "\n", encoding="utf-8")
+def _write_sidecar(agent_transcript_file: pathlib.Path, agent_type: str) -> None:
+    sidecar_file = agent_transcript_file.with_name(f"{agent_transcript_file.stem}.meta.json")
+    sidecar_file.write_text(
+        json.dumps({"agentType": agent_type, "description": "Verify"}) + "\n",
+        encoding="utf-8",
+    )
-def test_resolves_subagent_type_from_parent_transcript(tmp_path: pathlib.Path) -> None:
-    transcript_file = tmp_path / "parent.jsonl"
-    _write_parent_transcript(transcript_file, "agent-7", MINTING_AGENT_TYPE)
-    payload = {"agent_id": "agent-7", "transcript_path": str(transcript_file)}
+def test_resolves_subagent_type_from_sidecar(tmp_path: pathlib.Path) -> None:
+    agent_transcript = tmp_path / "agent-7.jsonl"
+    agent_transcript.write_text("", encoding="utf-8")
+    _write_sidecar(agent_transcript, MINTING_AGENT_TYPE)
+    payload = {"agent_transcript_path": str(agent_transcript)}
     assert resolved_subagent_type(payload) == MINTING_AGENT_TYPE
-def test_resolves_none_when_agent_id_absent_from_transcript(
-    tmp_path: pathlib.Path,
-) -> None:
-    transcript_file = tmp_path / "parent.jsonl"
-    _write_parent_transcript(transcript_file, "agent-7", MINTING_AGENT_TYPE)
-    payload = {"agent_id": "different-agent", "transcript_path": str(transcript_file)}
+def test_resolves_none_when_sidecar_absent(tmp_path: pathlib.Path) -> None:
+    agent_transcript = tmp_path / "agent-7.jsonl"
+    agent_transcript.write_text("", encoding="utf-8")
+    payload = {"agent_transcript_path": str(agent_transcript)}
     assert resolved_subagent_type(payload) is None
-def test_resolves_type_when_record_arrives_after_first_read(
-    tmp_path: pathlib.Path, monkeypatch: pytest.MonkeyPatch
-) -> None:
-    transcript_file = tmp_path / "parent.jsonl"
-    transcript_file.write_text("", encoding="utf-8")
+def test_resolves_none_when_agent_transcript_path_empty() -> None:
+    assert resolved_subagent_type({"agent_transcript_path": ""}) is None
+    assert resolved_subagent_type({}) is None
-    def write_record_on_first_sleep(_seconds: float) -> None:
-        if transcript_file.read_text(encoding="utf-8"):
-            return
-        _write_parent_transcript(transcript_file, "agent-7", MINTING_AGENT_TYPE)
-    monkeypatch.setattr(minter_module.time, "sleep", write_record_on_first_sleep)
-    payload = {"agent_id": "agent-7", "transcript_path": str(transcript_file)}
-    assert resolved_subagent_type(payload) == MINTING_AGENT_TYPE
+def test_resolves_none_when_sidecar_names_no_string_type(tmp_path: pathlib.Path) -> None:
+    agent_transcript = tmp_path / "agent-7.jsonl"
+    agent_transcript.write_text("", encoding="utf-8")
+    sidecar_file = agent_transcript.with_name("agent-7.meta.json")
+    sidecar_file.write_text(json.dumps({"agentType": 123}), encoding="utf-8")
+    payload = {"agent_transcript_path": str(agent_transcript)}
+    assert resolved_subagent_type(payload) is None
-def test_quoted_agent_type_in_text_block_does_not_resolve(
-    tmp_path: pathlib.Path,
-) -> None:
-    transcript_file = tmp_path / "parent.jsonl"
-    forged_entry = {
-        "type": "assistant",
-        "message": {
-            "content": [
-                {
-                    "type": "text",
-                    "text": json.dumps({"agentId": "agent-7", "agentType": MINTING_AGENT_TYPE}),
-                }
-            ]
-        },
-    }
-    transcript_file.write_text(json.dumps(forged_entry) + "\n", encoding="utf-8")
-    payload = {"agent_id": "agent-7", "transcript_path": str(transcript_file)}
+def test_unparseable_sidecar_resolves_nothing(tmp_path: pathlib.Path) -> None:
+    agent_transcript = tmp_path / "agent-7.jsonl"
+    agent_transcript.write_text("", encoding="utf-8")
+    sidecar_file = agent_transcript.with_name("agent-7.meta.json")
+    sidecar_file.write_text("{not valid json", encoding="utf-8")
+    payload = {"agent_transcript_path": str(agent_transcript)}
+    assert resolved_subagent_type(payload) is None
+def test_invalid_utf8_sidecar_resolves_nothing(tmp_path: pathlib.Path) -> None:
+    agent_transcript = tmp_path / "agent-7.jsonl"
+    agent_transcript.write_text("", encoding="utf-8")
+    sidecar_file = agent_transcript.with_name("agent-7.meta.json")
+    sidecar_file.write_bytes(b'{"agentType": "\xff\xfe bad"}')
+    payload = {"agent_transcript_path": str(agent_transcript)}
+    assert resolved_subagent_type(payload) is None
+def test_non_object_json_sidecar_resolves_nothing(tmp_path: pathlib.Path) -> None:
+    agent_transcript = tmp_path / "agent-7.jsonl"
+    agent_transcript.write_text("", encoding="utf-8")
+    sidecar_file = agent_transcript.with_name("agent-7.meta.json")
+    sidecar_file.write_text(json.dumps(["agentType", "code-verifier"]), encoding="utf-8")
+    payload = {"agent_transcript_path": str(agent_transcript)}
     assert resolved_subagent_type(payload) is None
 def test_non_verifier_agent_type_mints_nothing(tmp_path: pathlib.Path) -> None:
-    transcript_file = tmp_path / "parent.jsonl"
-    _write_parent_transcript(transcript_file, "agent-7", "general-purpose")
-    payload = {
-        "agent_id": "agent-7",
-        "transcript_path": str(transcript_file),
-        "agent_transcript_path": "",
-        "cwd": ".",
-    }
+    agent_transcript = tmp_path / "agent-7.jsonl"
+    agent_transcript.write_text("", encoding="utf-8")
+    _write_sidecar(agent_transcript, "general-purpose")
+    payload = {"agent_transcript_path": str(agent_transcript)}
     assert mint_for_payload(payload) is None
-def test_minting_agent_type_passes_the_agent_type_gate(
-    tmp_path: pathlib.Path,
-) -> None:
-    transcript_file = tmp_path / "parent.jsonl"
-    _write_parent_transcript(transcript_file, "agent-7", MINTING_AGENT_TYPE)
-    payload = {
-        "agent_id": "agent-7",
-        "transcript_path": str(transcript_file),
-        "agent_transcript_path": "",
-        "cwd": ".",
-    }
+def test_verifier_type_without_a_verdict_mints_nothing(tmp_path: pathlib.Path) -> None:
+    agent_transcript = tmp_path / "agent-7.jsonl"
+    agent_transcript.write_text("", encoding="utf-8")
+    _write_sidecar(agent_transcript, MINTING_AGENT_TYPE)
+    payload = {"agent_transcript_path": str(agent_transcript)}
     assert mint_for_payload(payload) is None
@@ -165,9 +145,7 @@ def test_clean_verifier_verdict_mints_a_verdict_file(tmp_path: pathlib.Path) ->
     repo_root = tmp_path / "repo"
     repo_root.mkdir()
     _init_repo_with_upstream_and_edit(repo_root)
-    transcript_file = tmp_path / "parent.jsonl"
-    _write_parent_transcript(transcript_file, "agent-7", MINTING_AGENT_TYPE)
-    agent_transcript = tmp_path / "agent.jsonl"
+    agent_transcript = tmp_path / "agent-7.jsonl"
     agent_transcript.write_text(
         json.dumps(
             {
@@ -185,17 +163,18 @@ def test_clean_verifier_verdict_mints_a_verdict_file(tmp_path: pathlib.Path) ->
         + "\n",
         encoding="utf-8",
     )
+    _write_sidecar(agent_transcript, MINTING_AGENT_TYPE)
     payload = {
-        "agent_id": "agent-7",
-        "transcript_path": str(transcript_file),
         "agent_transcript_path": str(agent_transcript),
         "cwd": str(repo_root),
+        "agent_id": "a02b9583eedc74093",
     }
     verdict_path = mint_for_payload(payload)
     try:
         assert verdict_path is not None
         verdict_record = json.loads(verdict_path.read_text(encoding="utf-8"))
         assert verdict_record["all_pass"] is True
+        assert verdict_record["minted_from_agent_id"] == "a02b9583eedc74093"
     finally:
         if verdict_path is not None and verdict_path.exists():
             verdict_path.unlink()