claude-dev-env 1.60.0 → 1.62.0

package/hooks/hooks_constants/orphan_css_class_constants.py

@@ -0,0 +1,40 @@
+"""Constants for the orphan-CSS-class check in code_rules_enforcer.
+
+A Python module that builds HTML emits ``class="..."`` attributes in string
+literals and pairs them with a ``<style>`` block whose selectors style those
+classes. When a class appears in the markup but no selector defines it, the
+markup carries a dead attribute or the style block is missing a rule. This
+module holds the patterns that pair the two halves and the package-scan
+budget that bounds the sibling read.
+"""
+
+import re
+
+__all__ = [
+    "CLASS_ATTRIBUTE_PATTERN",
+    "STYLE_BLOCK_PATTERN",
+    "CSS_CLASS_SELECTOR_PATTERN",
+    "PYTHON_MODULE_GLOB",
+    "MAX_ORPHAN_CSS_CLASS_ISSUES",
+    "MAX_SIBLING_MODULES_SCANNED",
+    "ORPHAN_CSS_CLASS_MESSAGE_SUFFIX",
+]
+
+CLASS_ATTRIBUTE_PATTERN: re.Pattern[str] = re.compile(r"""class\s*=\s*["']([^"']+)["']""")
+
+STYLE_BLOCK_PATTERN: re.Pattern[str] = re.compile(
+    r"<style[^>]*>(.*?)</style>", re.DOTALL | re.IGNORECASE
+)
+
+CSS_CLASS_SELECTOR_PATTERN: re.Pattern[str] = re.compile(r"\.(-?[_a-zA-Z][\w-]*)")
+
+PYTHON_MODULE_GLOB: str = "*.py"
+
+MAX_ORPHAN_CSS_CLASS_ISSUES: int = 10
+
+MAX_SIBLING_MODULES_SCANNED: int = 60
+
+ORPHAN_CSS_CLASS_MESSAGE_SUFFIX: str = (
+    "add a matching '.<class>' selector to the <style> block, "
+    "or drop the unused class attribute (CODE_RULES self-documenting markup)"
+)

package/hooks/validation/mypy_validator.py

@@ -69,13 +69,55 @@ def is_file_within_project(target_file: str, project_root: Path) -> bool:
         return False
 
 
-def build_mypy_command(relative_file_path: str) -> list[str]:
-    if IS_WINDOWS:
-        base_command = [sys.executable, "-m", "mypy"]
-    else:
-        base_command = ["mypy"]
+def discover_mypy_config(target_file: Path) -> Path | None:
+    """Return the nearest ancestor ``pyproject.toml`` that configures mypy.
+
+    Mypy applies a project's ``[tool.mypy]`` settings only when the config file
+    is on its invocation path; handing the discovered config to mypy lets a
+    check run from the repository root still honor the project's own import
+    resolution settings (such as ``ignore_missing_imports``) for a module that
+    imports its siblings by name. Reuses the validators-package walk-up so the
+    discovery logic lives in one place.
+
+    Args:
+        target_file: The Python file mypy will check.
+
+    Returns:
+        The nearest ancestor ``pyproject.toml`` declaring a ``[tool.mypy]``
+        table, or None when none exists above the file or the walk-up helper
+        cannot be imported.
+    """
+    validators_directory = os.path.join(
+        os.path.dirname(os.path.dirname(os.path.abspath(__file__))), "validators"
+    )
+    if validators_directory not in sys.path:
+        sys.path.insert(0, validators_directory)
+    try:
+        integration_module = importlib.import_module("mypy_integration")
+    except ImportError:
+        return None
+    discovered_config = integration_module.find_pyproject_with_mypy_config(target_file)
+    return discovered_config if isinstance(discovered_config, Path) else None
+
+
+def build_mypy_command(relative_file_path: str, mypy_config_file: Path | None) -> list[str]:
+    """Build the mypy command line for one file.
 
-    return base_command + [
+    Args:
+        relative_file_path: The target file path relative to the project root.
+        mypy_config_file: The ``pyproject.toml`` to pass via ``--config-file``,
+            or None to let mypy fall back to its own config discovery.
+
+    Returns:
+        The full mypy argument vector, including the interpreter prefix on
+        Windows and the config file when one was discovered.
+    """
+    base_command = [sys.executable, "-m", "mypy"] if IS_WINDOWS else ["mypy"]
+
+    config_arguments = (
+        ["--config-file", str(mypy_config_file)] if mypy_config_file is not None else []
+    )
+    return base_command + config_arguments + [
         "--no-error-summary",
         "--show-error-codes",
         "--no-color",
@@ -84,8 +126,18 @@ def build_mypy_command(relative_file_path: str) -> list[str]:
 
 
 def run_mypy(target_file: str, project_root: str) -> tuple[int, str]:
+    """Run mypy on one file from the project root and return its result.
+
+    Args:
+        target_file: The absolute path of the file to type-check.
+        project_root: The directory mypy runs from.
+
+    Returns:
+        The mypy exit code paired with its combined stdout and stderr text.
+    """
     relative_file_path = os.path.relpath(target_file, project_root)
-    mypy_command = build_mypy_command(relative_file_path)
+    mypy_config_file = discover_mypy_config(Path(target_file))
+    mypy_command = build_mypy_command(relative_file_path, mypy_config_file)
 
     completed_process = subprocess.run(
         mypy_command,

package/hooks/validation/test_mypy_validator.py

@@ -0,0 +1,94 @@
+"""Behavior tests for the mypy_validator config-discovery fix.
+
+The hook runs mypy from the project root, so without handing mypy the project's
+own ``[tool.mypy]`` config a module that imports its siblings by name draws a
+spurious ``import-not-found`` error. These tests drive the real production
+functions: ``discover_mypy_config`` walks up to the nearest configuring
+``pyproject.toml`` and ``run_mypy`` passes it through so the project's
+``ignore_missing_imports`` setting applies.
+"""
+
+import importlib.util
+from pathlib import Path
+from types import ModuleType
+
+HOOK_PATH = Path(__file__).resolve().parent / "mypy_validator.py"
+
+MODULE_WITH_SIBLING_IMPORT = (
+    "from sibling_only_resolvable_at_runtime import value\n\nx: int = value\n"
+)
+TOOL_MYPY_PYPROJECT = "[tool.mypy]\nignore_missing_imports = true\n"
+NON_MYPY_PYPROJECT = "[tool.ruff]\nline-length = 100\n"
+
+
+def _load_validator() -> ModuleType:
+    spec = importlib.util.spec_from_file_location("mypy_validator_under_test", HOOK_PATH)
+    assert spec is not None and spec.loader is not None
+    module = importlib.util.module_from_spec(spec)
+    spec.loader.exec_module(module)
+    return module
+
+
+def test_discover_mypy_config_finds_nearest_tool_mypy_pyproject(tmp_path: Path) -> None:
+    validator = _load_validator()
+    (tmp_path / "pyproject.toml").write_text(TOOL_MYPY_PYPROJECT, encoding="utf-8")
+    nested_module = tmp_path / "package" / "module.py"
+    nested_module.parent.mkdir(parents=True)
+    nested_module.write_text("value: int = 1\n", encoding="utf-8")
+
+    discovered = validator.discover_mypy_config(nested_module)
+
+    assert discovered is not None
+    assert discovered.resolve() == (tmp_path / "pyproject.toml").resolve()
+
+
+def test_discover_mypy_config_returns_none_without_tool_mypy(tmp_path: Path) -> None:
+    validator = _load_validator()
+    (tmp_path / "pyproject.toml").write_text(NON_MYPY_PYPROJECT, encoding="utf-8")
+    standalone_module = tmp_path / "module.py"
+    standalone_module.write_text("value: int = 1\n", encoding="utf-8")
+
+    assert validator.discover_mypy_config(standalone_module) is None
+
+
+def test_build_mypy_command_includes_config_file_when_present(tmp_path: Path) -> None:
+    validator = _load_validator()
+    config_file = tmp_path / "pyproject.toml"
+
+    command = validator.build_mypy_command("package/module.py", config_file)
+
+    assert "--config-file" in command
+    assert command[command.index("--config-file") + 1] == str(config_file)
+    assert command[-1] == "package/module.py"
+
+
+def test_build_mypy_command_omits_config_file_when_absent(tmp_path: Path) -> None:
+    validator = _load_validator()
+
+    command = validator.build_mypy_command("package/module.py", None)
+
+    assert "--config-file" not in command
+    assert command[-1] == "package/module.py"
+
+
+def test_run_mypy_suppresses_sibling_import_error_with_tool_mypy_config(tmp_path: Path) -> None:
+    validator = _load_validator()
+    (tmp_path / "pyproject.toml").write_text(TOOL_MYPY_PYPROJECT, encoding="utf-8")
+    importer_module = tmp_path / "importer.py"
+    importer_module.write_text(MODULE_WITH_SIBLING_IMPORT, encoding="utf-8")
+
+    exit_code, output = validator.run_mypy(str(importer_module), str(tmp_path))
+
+    assert exit_code == 0, output
+    assert "import-not-found" not in output
+
+
+def test_run_mypy_reports_import_error_without_tool_mypy_config(tmp_path: Path) -> None:
+    validator = _load_validator()
+    importer_module = tmp_path / "importer.py"
+    importer_module.write_text(MODULE_WITH_SIBLING_IMPORT, encoding="utf-8")
+
+    exit_code, output = validator.run_mypy(str(importer_module), str(tmp_path))
+
+    assert exit_code != 0
+    assert "import-not-found" in output

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "claude-dev-env",
-    "version": "1.60.0",
+    "version": "1.62.0",
     "description": "Claude Code development standards — rules, hooks, agents, commands, and skills",
     "type": "module",
     "bin": {

package/rules/orphan-css-class.md

@@ -0,0 +1,23 @@
+# Orphan CSS Class in Generated Markup
+
+**When this applies:** Any Write or Edit to a production `.py` file that builds HTML by emitting `class="..."` attributes inside string literals and pairs them with a `<style>` block — in the same file or in a companion module beside it.
+
+## Rule
+
+Every class name a markup string references has a matching `.<class>` selector in the `<style>` block. A class that appears in the markup but carries no selector anywhere is a dead attribute (or a missing rule): the markup names a style that the stylesheet never defines, so a reader who trusts the class to be styled is misled, and the attribute adds noise without effect.
+
+When you add a `class="..."` attribute, add its `.<class>` selector to the `<style>` block in the same change. When you drop a selector, drop the class attribute it styled.
+
+## What the gate checks
+
+The `check_orphan_css_classes` check in `code_rules_orphan_css_class.py` (wired into `code_rules_enforcer.py`) runs on every production Python write. It:
+
+1. Collects each class name referenced in a `class="..."` attribute across the file's string literals.
+2. Collects each class selector defined in a `<style>` block — both in the file under edit and in every Python module beside it (its own directory and immediate child directories), since a markup module commonly imports its style constant from a companion package directory.
+3. Flags each referenced class with no matching selector in that whole set.
+
+The check stays quiet for a file that emits no `class="..."` markup, and for a file whose markup has no `<style>` source nearby (its stylesheet lives outside the scan, so the gate cannot judge it). Test files are exempt, since a fixture may carry intentional orphan markup.
+
+## Why this is a hook, not a lint pass
+
+A class attribute with no matching selector reads as styled but renders unstyled. Native elements such as `<details>` stay functional without CSS, so the gap survives review as a cosmetic defect rather than a crash — exactly the class of issue that slips past a manual pass and lands as a deferred code-standard finding. Catching it at Write time keeps the markup and the stylesheet in step as each line is written.

package/skills/autoconverge/reference/gotchas.md

@@ -45,3 +45,14 @@ fails in a new way.
 - **`gh` token drift across accounts.** When a run touches more than one GitHub
   account, pin the token with `--user <login>`; `gh auth token` alone can return
   another account's token after a switch.
+
+- **The verified-commit gate can block the fix from landing.** The fix lens
+  commits and pushes through the `verified_commit_gate` hook, which denies a
+  `git commit`/`git push` until a `code-verifier` verdict covers the branch
+  surface. A run can reach a clean fix yet fail to land it — the push stays
+  blocked when no verdict is minted for that surface. A manual override exists:
+  a trailing `# verify-skip` comment on the commit or push command skips the
+  gate for that one command. Autoconverge must never apply that override on its
+  own. When landing a fix needs it, stop and tell the user the verified-commit
+  gate is blocking the push and that going forward needs either a `# verify-skip`
+  bypass or a switch to `/pr-converge`, then let the user decide.

package/skills/autoconverge/workflow/autoconverge_report_constants/render_report_constants.py

@@ -62,7 +62,6 @@ SCENE_FIELD_CAPTION = "caption"
 
 MEDIUM_TERMINAL = "terminal"
 MEDIUM_CODE = "code"
-MEDIUM_TEXT = "text"
 
 CATEGORY_BUG = "bug"
 CATEGORY_LABEL_BY_VALUE = {
@@ -216,6 +215,11 @@ HTML_STYLE_BLOCK = """\
   .cause { background:#fff; border:1px solid #e2e8f0; border-radius:10px; padding:14px 18px; margin-top:16px; font-size:14px; color:#475569; }
   .cause b { color:#0f172a; }
 
+  .appendix { background:#fff; border:1px solid #e2e8f0; border-radius:10px; padding:14px 18px; margin-top:16px; font-size:13px; color:#475569; }
+  .appendix summary { font-weight:600; color:#0f172a; cursor:pointer; }
+  .appendix-body { margin-top:10px; }
+  .appendix-item { font-family:'JetBrains Mono',monospace; font-size:12px; color:#475569; padding:5px 0; border-top:1px solid #f1f5f9; }
+
   footer { margin-top:40px; padding-top:16px; border-top:1px solid #e2e8f0; color:#94a3b8; font-size:12px; }
   footer code { background:#e2e8f0; padding:1px 6px; border-radius:4px; font-family:'JetBrains Mono',monospace; }
   @media (max-width:680px){ .pf-grid,.term-grid{grid-template-columns:1fr;} }

package/skills/autoconverge/workflow/converge.contract.test.mjs

@@ -14,8 +14,9 @@ const gotchasSource = readFileSync(
 function lensPromptBody(builderName) {
   const builderStart = convergeSource.indexOf(`function ${builderName}(`);
   assert.notEqual(builderStart, -1, `expected ${builderName} to exist`);
-  const nextBuilderStart = convergeSource.indexOf('\nfunction ', builderStart + 1);
-  const builderEnd = nextBuilderStart === -1 ? convergeSource.length : nextBuilderStart;
+  const nextBuilderMatch = /\n(?:async )?function /.exec(convergeSource.slice(builderStart + 1));
+  const builderEnd =
+    nextBuilderMatch === null ? convergeSource.length : builderStart + 1 + nextBuilderMatch.index;
   return convergeSource.slice(builderStart, builderEnd);
 }
 
@@ -67,8 +68,8 @@ test('gotchas doc states parallel lenses must avoid concurrent git operations',
   assert.match(gotchasSource, /fetch.*once.*before/i);
 });
 
-test('repair-convergence filters unresolved threads to bot authors and skips human threads', () => {
-  const repairPrompt = lensPromptBody('repairConvergence');
+test('repair-convergence edit step filters unresolved threads to bot authors and skips human threads', () => {
+  const repairPrompt = lensPromptBody('repairConvergenceEdit');
   assert.match(
     repairPrompt,
     /cursor.*claude.*copilot|copilot.*cursor.*claude|claude.*cursor.*copilot/is,
@@ -81,8 +82,8 @@ test('repair-convergence filters unresolved threads to bot authors and skips hum
   );
 });
 
-test('repair-convergence no longer instructs resolving every unresolved thread without an author filter', () => {
-  const repairPrompt = lensPromptBody('repairConvergence');
+test('repair-convergence edit step no longer instructs resolving every unresolved thread without an author filter', () => {
+  const repairPrompt = lensPromptBody('repairConvergenceEdit');
   assert.doesNotMatch(
     repairPrompt,
     /fetch every thread where isResolved is false/,
@@ -182,25 +183,213 @@ test('the CONVERGE branch re-resolves HEAD from GitHub on every entry', () => {
   assert.notEqual(resolveHeadIndex, -1, 'expected CONVERGE to re-resolve HEAD via resolveHead()');
 });
 
-test('fix prompt resolves threads by PRRT thread node id looked up from the comment databaseId', () => {
-  const fixPrompt = lensPromptBody('applyFixes');
-  assert.match(fixPrompt, /PRRT/, 'expected the thread node id form (PRRT_...) to be named');
+test('fix edit prompt resolves threads by PRRT thread node id looked up from the comment databaseId', () => {
+  const editPrompt = lensPromptBody('applyFixesEdit');
+  assert.match(editPrompt, /PRRT/, 'expected the thread node id form (PRRT_...) to be named');
   assert.match(
-    fixPrompt,
+    editPrompt,
     /databaseId/,
     'expected the GraphQL lookup matching comment databaseId to be named',
   );
   assert.match(
-    fixPrompt,
+    editPrompt,
     /not the numeric comment id/,
     'expected an explicit guard against passing the numeric comment id to resolve_thread',
   );
 });
 
-test('fix prompt does not pass the numeric comment id straight to resolve_thread', () => {
+test('fix edit prompt does not pass the numeric comment id straight to resolve_thread', () => {
   assert.doesNotMatch(
-    lensPromptBody('applyFixes'),
+    lensPromptBody('applyFixesEdit'),
     /then resolve that thread \(use the github MCP pull_request_review_write/,
     'resolve_thread and resolveReviewThread require a PRRT_... thread node id, not the comment id',
   );
 });
+
+test('the fix flow spawns a code-verifier step between the edit step and the commit step', () => {
+  const applyFixesBody = lensPromptBody('applyFixes');
+  const editIndex = applyFixesBody.indexOf('applyFixesEdit(');
+  const verifyIndex = applyFixesBody.indexOf('verifyFixesInWorkingTree(');
+  const commitIndex = applyFixesBody.indexOf('commitVerifiedFixes(');
+  assert.notEqual(editIndex, -1, 'expected applyFixes to call the edit step');
+  assert.notEqual(verifyIndex, -1, 'expected applyFixes to call the verify step');
+  assert.notEqual(commitIndex, -1, 'expected applyFixes to call the commit step');
+  assert.ok(
+    editIndex < verifyIndex && verifyIndex < commitIndex,
+    'expected the order edit -> verify -> commit so the verifier verdict binds the fixed working tree',
+  );
+});
+
+function constantBody(constantName) {
+  const constantStart = convergeSource.indexOf(`const ${constantName} =`);
+  assert.notEqual(constantStart, -1, `expected ${constantName} to exist`);
+  const nextConstantStart = convergeSource.indexOf('\nconst ', constantStart + 1);
+  const constantEnd = nextConstantStart === -1 ? convergeSource.length : nextConstantStart;
+  return convergeSource.slice(constantStart, constantEnd);
+}
+
+test('the shared verdict-fence steps name the binding-hash command and the verdict fence', () => {
+  const fenceSteps = constantBody('VERDICT_FENCE_STEPS');
+  assert.match(fenceSteps, /--manifest-hash/, 'expected the binding-hash command to be named');
+  assert.match(
+    fenceSteps,
+    /verification_verdict_store\.py/,
+    'expected the verdict-store script that computes the binding hash to be named',
+  );
+  assert.match(fenceSteps, /```verdict/, 'expected the verdict fence to be specified');
+  assert.match(fenceSteps, /manifest_sha256/, 'expected the verdict fence to carry manifest_sha256');
+});
+
+test('every verify step reuses the shared verdict-fence steps, uses code-verifier, and forbids edits', () => {
+  for (const verifyFunctionName of [
+    'verifyFixesInWorkingTree',
+    'verifyRepairChanges',
+    'verifyHardeningChanges',
+  ]) {
+    const verifyBody = lensPromptBody(verifyFunctionName);
+    assert.match(
+      verifyBody,
+      /VERDICT_FENCE_STEPS/,
+      `expected ${verifyFunctionName} to reuse the shared VERDICT_FENCE_STEPS`,
+    );
+    assert.match(
+      verifyBody,
+      /agentType:\s*'code-verifier'/,
+      `expected ${verifyFunctionName} to spawn the code-verifier agent type`,
+    );
+    assert.doesNotMatch(
+      verifyBody,
+      /schema:/,
+      `expected ${verifyFunctionName} to pass no schema so its verdict fence stays as assistant text`,
+    );
+    assert.match(
+      verifyBody,
+      /do no edits|make no edits|not edit|no file edits/i,
+      `expected ${verifyFunctionName} to be told to make no edits`,
+    );
+  }
+});
+
+test('the commit step is instructed to make no further file edits', () => {
+  const commitBody = lensPromptBody('commitVerifiedFixes');
+  assert.match(
+    commitBody,
+    /no (?:further |additional )?(?:file )?edits|do not edit|make no edits/i,
+    'expected the commit step to forbid further edits so the verified surface stays bound',
+  );
+  assert.match(
+    commitBody,
+    /agentType:\s*'clean-coder'/,
+    'expected the commit step to use clean-coder',
+  );
+});
+
+test('the repair flow spawns a code-verifier step between the edit step and the commit step', () => {
+  const repairBody = lensPromptBody('repairConvergence');
+  const editIndex = repairBody.indexOf('repairConvergenceEdit(');
+  const verifyIndex = repairBody.indexOf('verifyRepairChanges(');
+  const commitIndex = repairBody.indexOf('commitRepairFixes(');
+  assert.notEqual(editIndex, -1, 'expected repairConvergence to call the edit step');
+  assert.notEqual(verifyIndex, -1, 'expected repairConvergence to call the verify step');
+  assert.notEqual(commitIndex, -1, 'expected repairConvergence to call the commit step');
+  assert.ok(
+    editIndex < verifyIndex && verifyIndex < commitIndex,
+    'expected edit -> verify -> commit so the verifier verdict binds the repaired working tree',
+  );
+  assert.match(
+    repairBody,
+    /verdictPassed\(/,
+    'expected the verify verdict to gate the repair commit step',
+  );
+});
+
+test('the standards-deferral flow spawns a code-verifier step between the edit step and the commit step', () => {
+  const standardsBody = lensPromptBody('spawnStandardsFollowUp');
+  const editIndex = standardsBody.indexOf('standardsFollowUpEdit(');
+  const verifyIndex = standardsBody.indexOf('verifyHardeningChanges(');
+  const commitIndex = standardsBody.indexOf('commitHardeningPr(');
+  assert.notEqual(editIndex, -1, 'expected spawnStandardsFollowUp to call the edit step');
+  assert.notEqual(verifyIndex, -1, 'expected spawnStandardsFollowUp to call the verify step');
+  assert.notEqual(commitIndex, -1, 'expected spawnStandardsFollowUp to call the commit step');
+  assert.ok(
+    editIndex < verifyIndex && verifyIndex < commitIndex,
+    'expected edit -> verify -> commit so the verifier verdict binds the hardening working tree',
+  );
+  assert.match(
+    standardsBody,
+    /verdictPassed\(/,
+    'expected the verify verdict to gate the hardening commit step',
+  );
+});
+
+test('the repair and hardening commit steps forbid further edits and use clean-coder', () => {
+  for (const commitFunctionName of ['commitRepairFixes', 'commitHardeningPr']) {
+    const commitBody = lensPromptBody(commitFunctionName);
+    assert.match(
+      commitBody,
+      /no (?:further |additional )?(?:file )?edits|do not edit|make no edits/i,
+      `expected ${commitFunctionName} to forbid further edits so the verified surface stays bound`,
+    );
+    assert.match(
+      commitBody,
+      /agentType:\s*'clean-coder'/,
+      `expected ${commitFunctionName} to use clean-coder`,
+    );
+  }
+});
+
+test('the standards-deferral edit step stages the hardening change without committing', () => {
+  const editBody = lensPromptBody('standardsFollowUpEdit');
+  assert.match(
+    editBody,
+    /do not commit and do not push|NO commit and NO push|Do NOT commit/i,
+    'expected the standards edit step to leave the hardening change uncommitted',
+  );
+  assert.match(
+    editBody,
+    /agentType:\s*'clean-coder'/,
+    'expected the standards edit step to use clean-coder',
+  );
+});
+
+test('spawnStandardsFollowUp reports whether a hardening PR opened on every path', () => {
+  const body = lensPromptBody('spawnStandardsFollowUp');
+  const falseReturns = body.match(/hardeningPrOpened:\s*false/g) || [];
+  assert.ok(
+    falseReturns.length >= 2,
+    'expected both skip paths (no hardening staged, verify failed) to return hardeningPrOpened:false',
+  );
+  assert.match(
+    body,
+    /hardeningPrOpened:\s*true/,
+    'expected the commit path to return hardeningPrOpened:true',
+  );
+});
+
+test('the standards-deferral note names the hardening PR only when one opened', () => {
+  const noteBody = lensPromptBody('standardsDeferralNote');
+  assert.match(
+    noteBody,
+    /environment-hardening PR/,
+    'expected the opened-PR branch to name the hardening PR',
+  );
+  assert.match(
+    noteBody,
+    /no environment-hardening PR/i,
+    'expected the skip branch to state no hardening PR was opened',
+  );
+});
+
+test('both standards-deferral call sites build standardsNote from the spawnStandardsFollowUp outcome', () => {
+  const callSiteUses = convergeSource.match(/standardsNote = standardsDeferralNote\(/g) || [];
+  assert.equal(
+    callSiteUses.length,
+    2,
+    'expected both standards-deferral call sites to build standardsNote via standardsDeferralNote(...)',
+  );
+  assert.doesNotMatch(
+    convergeSource,
+    /standardsNote = `\$\{[^}]+\} code-standard finding\(s\) deferred to a follow-up fix issue plus an environment-hardening PR/,
+    'expected no unconditional hardening-PR claim in standardsNote',
+  );
+});