from __future__ import annotations import json import pytest from src.services.dependency_drift_check_plan import load_latest_dependency_drift_check_plan def test_load_latest_dependency_drift_check_plan_reads_newest_file(tmp_path): older = _snapshot(generated_at="2026-06-03T00:00:00+08:00", completion=98) newer = _snapshot(generated_at="2026-06-04T00:00:00+08:00", completion=99) (tmp_path / "dependency_drift_check_plan_2026-06-03.json").write_text( json.dumps(older), encoding="utf-8", ) (tmp_path / "dependency_drift_check_plan_2026-06-04.json").write_text( json.dumps(newer), encoding="utf-8", ) loaded = load_latest_dependency_drift_check_plan(tmp_path) assert loaded["generated_at"] == "2026-06-04T00:00:00+08:00" assert loaded["program_status"]["overall_completion_percent"] == 99 assert loaded["rollups"]["total_external_source_candidates"] == 2 assert loaded["operation_boundaries"]["schedule_activation_allowed"] is False def test_dependency_drift_check_plan_requires_read_only_mode(tmp_path): snapshot = _snapshot() snapshot["program_status"]["read_only_mode"] = False (tmp_path / "dependency_drift_check_plan_2026-06-04.json").write_text( json.dumps(snapshot), encoding="utf-8", ) with pytest.raises(ValueError, match="read_only_mode"): load_latest_dependency_drift_check_plan(tmp_path) def test_dependency_drift_check_plan_requires_blocked_operations(tmp_path): snapshot = _snapshot() snapshot["operation_boundaries"]["external_cve_lookup_allowed"] = True (tmp_path / "dependency_drift_check_plan_2026-06-04.json").write_text( json.dumps(snapshot), encoding="utf-8", ) with pytest.raises(ValueError, match="operation boundaries"): load_latest_dependency_drift_check_plan(tmp_path) def test_dependency_drift_check_plan_requires_cadence_rollup_consistency(tmp_path): snapshot = _snapshot() snapshot["rollups"]["total_cadence_items"] = 999 (tmp_path / "dependency_drift_check_plan_2026-06-04.json").write_text( json.dumps(snapshot), encoding="utf-8", ) with pytest.raises(ValueError, match="total_cadence_items"): load_latest_dependency_drift_check_plan(tmp_path) def test_dependency_drift_check_plan_requires_local_check_rollup_consistency(tmp_path): snapshot = _snapshot() snapshot["rollups"]["read_only_local_check_ids"] = [] (tmp_path / "dependency_drift_check_plan_2026-06-04.json").write_text( json.dumps(snapshot), encoding="utf-8", ) with pytest.raises(ValueError, match="read_only_local_check_ids"): load_latest_dependency_drift_check_plan(tmp_path) def test_dependency_drift_check_plan_requires_source_rollup_consistency(tmp_path): snapshot = _snapshot() snapshot["rollups"]["approval_required_source_ids"] = [] (tmp_path / "dependency_drift_check_plan_2026-06-04.json").write_text( json.dumps(snapshot), encoding="utf-8", ) with pytest.raises(ValueError, match="approval_required_source_ids"): load_latest_dependency_drift_check_plan(tmp_path) def test_dependency_drift_check_plan_requires_design_only_cadence_consistency(tmp_path): snapshot = _snapshot() snapshot["rollups"]["design_only_cadence_ids"] = [] (tmp_path / "dependency_drift_check_plan_2026-06-04.json").write_text( json.dumps(snapshot), encoding="utf-8", ) with pytest.raises(ValueError, match="design_only_cadence_ids"): load_latest_dependency_drift_check_plan(tmp_path) def test_dependency_drift_check_plan_fails_when_missing(tmp_path): with pytest.raises(FileNotFoundError): load_latest_dependency_drift_check_plan(tmp_path) def _snapshot( *, generated_at: str = "2026-06-04T00:00:00+08:00", completion: int = 99, ) -> dict: return { "schema_version": "dependency_drift_check_plan_v1", "generated_at": generated_at, "program_status": { "overall_completion_percent": completion, "current_priority": "P1", "current_task_id": "P1-205", "next_task_id": "P1-206", "read_only_mode": True, }, "source_refs": ["docs/evaluations/dependency_risk_policy_2026-06-04.json"], "rollups": { "total_cadence_items": 2, "total_local_checks": 2, "total_external_source_candidates": 2, "by_domain": {"python": 1, "cve": 1, "agent_market": 1}, "read_only_local_check_ids": [ "python_manifest_drift_local_check", "agent_market_snapshot_freshness_local_check", ], "approval_required_source_ids": [ "osv_advisory_candidate", "agent_official_release_candidate", ], "design_only_cadence_ids": [ "daily_repo_drift_readonly", "weekly_agent_market_watch_review", ], }, "cadence_policy": { "timezone": "Asia/Taipei", "items": [ _cadence("daily_repo_drift_readonly", "python", "hermes", "design_only"), _cadence( "weekly_agent_market_watch_review", "agent_market", "nemotron", "blocked_until_approval", ), ], }, "local_check_plan": [ _local_check("python_manifest_drift_local_check", "python", "hermes"), _local_check("agent_market_snapshot_freshness_local_check", "agent_market", "nemotron"), ], "external_source_candidates": [ _external_source("osv_advisory_candidate", "cve", "openclaw"), _external_source("agent_official_release_candidate", "agent_market", "nemotron"), ], "notification_policy": { "success_notification": "quiet", "failure_notification": "failure-only", "operator_review_trigger": "approval required", }, "operation_boundaries": { "read_only_plan_allowed": True, "schedule_activation_allowed": False, "workflow_write_allowed": False, "external_cve_lookup_allowed": False, "external_license_lookup_allowed": False, "registry_lookup_allowed": False, "agent_market_external_lookup_allowed": False, "sdk_installation_allowed": False, "paid_api_call_allowed": False, "package_installation_allowed": False, "package_upgrade_allowed": False, "lockfile_write_allowed": False, "docker_build_allowed": False, "image_pull_allowed": False, "image_rebuild_allowed": False, "registry_push_allowed": False, "shadow_or_canary_allowed": False, "production_routing_allowed": False, }, "approval_boundaries": { "sdk_installation_allowed": False, "paid_api_call_allowed": False, "shadow_or_canary_allowed": False, "production_routing_allowed": False, "destructive_operation_allowed": False, }, } def _cadence(cadence_id: str, domain: str, owner_agent: str, activation_status: str) -> dict: return { "cadence_id": cadence_id, "domain": domain, "frequency": "weekly", "activation_status": activation_status, "owner_agent": owner_agent, "allowed_now": ["read-only design"], "blocked_now": ["external lookup"], "planned_output": "future snapshot", "failure_notification": "failure-only", } def _local_check(check_id: str, domain: str, owner_agent: str) -> dict: return { "check_id": check_id, "domain": domain, "status": "read_only_design", "owner_agent": owner_agent, "frequency": "weekly", "input_refs": ["docs/evaluations/dependency_risk_policy_2026-06-04.json"], "planned_output": "future snapshot", "allowed_now": ["read committed files"], "blocked_now": ["external lookup"], "acceptance_criteria": ["no writes"], } def _external_source(source_id: str, domain: str, owner_agent: str) -> dict: return { "source_id": source_id, "domain": domain, "source_type": "candidate", "approval_status": "approval_required", "auth_required": False, "cost_profile": "free_public_candidate", "rate_limit_risk": "medium", "cache_policy": "cache", "data_retention_policy": "minimal metadata", "permitted_after_approval": ["read-only lookup"], "blocked_now": ["external lookup"], "owner_agent": owner_agent, "evidence_refs": ["docs/evaluations/dependency_risk_policy_2026-06-04.json"], }