2026-05-31 15:34:17 +00:00
5 changed files with 235 additions and 50 deletions
--- a/.planning/phases/01-stabilize-video-pipeline/01-07-SUMMARY.md
+++ b/.planning/phases/01-stabilize-video-pipeline/01-07-SUMMARY.md
@@ -19,7 +19,7 @@ affects:
  - Phase 2 (DOM + event-capture privacy) — capture pipeline is now always-on regardless of active tab; Phase 2 content scripts MUST NOT add competing keepalives (port `'video-keepalive'` keeps SW alive)
  - Phase 3 (export pipeline + popup state machine) — popup will consume `getSegments()` output via the existing SW port host
  - Phase 4 (SPEC §10 smoke verification) — Phase 4 verifies the full 9-criterion sweep; Phase 1 only proved #2/#3/#7
-  - Phase 5 (P1/P2 hardening) — new entry: `getDisplayMedia` cursor visibility constraint (`video: { cursor: 'always' }`)
+  - `getDisplayMedia` cursor visibility constraint (`video: { cursor: 'always' }`) — opportunistically shipped Plan 01-09 (recorder.ts:285); verified Phase 4 Plan 04-06 via tests/build/cursor-visibility.test.ts. The original "Phase 5" framing here is back-patched stale; see Phase 4 Plan 04-06 closure.
  - GSD framework retro candidate — auto-injection of empirical-acceptance gates when RESEARCH.md flags HIGH-risk assumptions
 # Tech tracking
@@ -44,7 +44,7 @@ key-decisions:
  - "D-12 acceptance gate (ffprobe) and A3 empirical-playback gate (operator + ffmpeg dry-run) treated as TWO distinct gates. The original Plan 07 conflated them under 'ffprobe-clean'; the A3 debug session proved they are independent. Phase 1 closure required BOTH green."
  - "Plan 07 closure is auto-handled (Task 2 of original PLAN.md) — the checkpoint:human-verify returned `approved`; the auto-closure flips REQ-video-ring-buffer + STATE + ROADMAP in one atomic commit and writes this SUMMARY in another."
  - "D-09..D-11 retirement is permanent. The original D-13 'fallback if D-12 fails' framing now stands as the production approach; CONTEXT.md decisions remain on record for SPEC provenance but the executable surface is restart-segments."
-  - "Cursor visibility (`video: { cursor: 'always' }`) deferred to Phase 5, not back-patched into Phase 1. Phase 1 was a stabilization phase, not a UX-refinement phase; adding the constraint mid-closure would have widened the diff beyond the closure ceremony."
+  - "Cursor visibility (`video: { cursor: 'always' }`) was opportunistically shipped in Plan 01-09 at src/offscreen/recorder.ts:285 and verified in Phase 4 Plan 04-06 (tests/build/cursor-visibility.test.ts node-env regression pin). The Phase 1 closure correctly did not back-patch it into Phase 1 itself — Phase 1 was a stabilization phase, not a UX-refinement phase; the original 'deferred to Phase 5' framing in this SUMMARY was made stale by the Plan 01-09 opportunistic landing, and is back-patched here in Phase 4 Plan 04-06."
  - "Phase 1 closure satisfies SPEC §10 #2, #3, #7 functionally — but the canonical §10 sweep is owned by Phase 4. This avoids confusing 'Phase 1 closed' with 'SPEC §10 complete'; the latter requires the full 9-criterion smoke under Phase 4."
 patterns-established:
@@ -79,7 +79,7 @@ completed: 2026-05-15
 - **`npx tsc --noEmit` clean** at closure time; `npm run build` clean (verified during the fix-a3 cycle, unchanged since).
 - **REQ-video-ring-buffer marked Complete** in REQUIREMENTS.md (checkbox + traceability table row); ROADMAP Phase 1 row marked Complete 2026-05-15.
 - **D-09..D-11 retired permanently** in favor of D-13 restart-segments; CON-webm-header-retention also retired. Captured in REQUIREMENTS.md amendment + STATE.md Decisions log.
- **Cursor-visibility refinement deferred to Phase 5** — added to the P1/P2 hardening list with the explicit user-observation citation (2026-05-15).
+- **Cursor-visibility refinement: opportunistically shipped in Plan 01-09 (recorder.ts:285 `cursor: 'always'`); verified in Phase 4 Plan 04-06** via `tests/build/cursor-visibility.test.ts` (node-env regression pin) + the operator-empirical SAVE flow showing the pointer visible in `video/last_30sec.webm`. The original 2026-05-15 "deferred to Phase 5" framing was correct at Phase 1 closure but was made stale by the Plan 01-09 opportunistic landing — back-patched in Phase 4 Plan 04-06 Task 3.
 ## Task Commits
@@ -132,7 +132,7 @@ _Note: Plan 07's original spec called for ONE commit at Task 2 completion. The c
 2. **D-12 + A3 are treated as TWO distinct gates.** The original PLAN.md framed acceptance as "ffprobe-clean" (a single gate). The A3 debug session proved that a ffprobe-clean file can still freeze in Chrome playback — they are independent. Phase 1 closure requires both green, and the SUMMARY documents both gates explicitly so future phases can't conflate them.
 3. **D-09..D-11 retirement is permanent.** The original D-13 framing in CONTEXT.md was "fallback if D-12 fails." After A3 activated it, D-13 IS the production approach. CONTEXT.md retains D-09..D-11 for SPEC provenance, but REQUIREMENTS.md, ROADMAP.md, and the executable surface (src/offscreen/recorder.ts) all reflect D-13 as authoritative.
 4. **The muxer DTS-monotonicity warnings are NOT a failure.** ffmpeg `-f null -` prints warnings at segment join boundaries because the three concatenated WebM segments have overlapping per-segment timestamps (each segment's pts restarts at ~0 in its own EBML segment). This is the documented D-13 trade-off for multi-EBML-header WebM concat. SPEC §10 #7 only requires "plays back in a browser" — Chrome's acceptance is sufficient and was operator-confirmed.
-5. **Cursor visibility refinement deferred to Phase 5, not back-patched into Phase 1.** Phase 1 is a stabilization phase; adding the `cursor: 'always'` constraint mid-closure widens the diff beyond the closure ceremony. Phase 5 is the right home for capture-quality refinements.
+5. **Cursor visibility refinement: at Phase 1 closure deferred (Phase 1 was a stabilization phase; adding `cursor: 'always'` mid-closure would have widened the diff beyond the closure ceremony). The constraint was opportunistically shipped in Plan 01-09 (recorder.ts:285) and verified in Phase 4 Plan 04-06.** The historical Phase-1-closure framing (deferral was correct at the time) is preserved as a point in the audit trail; the actual constraint landed earlier than planned via opportunistic refinement — back-patched here in Phase 4 Plan 04-06.
 ## Deviations from Plan
@@ -202,7 +202,7 @@ This is the SECOND debug session in Phase 1's life — both written up in `.plan
 None — Phase 1 ships as a Chrome extension with `desktopCapture` permission; the operator interacts with `chrome://extensions` "Load unpacked" for development and Chrome's native screen-share picker for capture. No external services configured by Phase 1.
-The cursor visibility refinement (Phase 5) will, when activated, add a `cursor: 'always'` constraint to the `getDisplayMedia` call in `src/offscreen/recorder.ts` — no user action required there either, just a one-line code change in Phase 5.
+The cursor visibility refinement added a `cursor: 'always'` constraint to the `getDisplayMedia` call in `src/offscreen/recorder.ts` (line 285) — no user action was required; the one-line code change shipped in Plan 01-09 and was verified in Phase 4 Plan 04-06. (Back-patched: the original Phase-1-closure framing said "Phase 5"; the actual landing was earlier.)
 ## Next Phase Readiness
--- a/.planning/phases/04-harden-clean-up-optional/deferred-items.md
+++ b/.planning/phases/04-harden-clean-up-optional/deferred-items.md
@@ -6,4 +6,4 @@ the discovering plan.
 | Item | Discovered During | Description | Disposition |
 |------|-------------------|-------------|-------------|
-| `tests/build/strict-meta-json-validation.test.ts` failing on clean tree | Plan 04-06 baseline check (2026-05-22) | 1 test file fails (`getMetaOrFail` at line 491 — `meta.json could not be parsed from the SAVE_ARCHIVE flow`). Baseline observed as **183 passed / 1 failed (184 total)**, not the 184/184 GREEN the Plan 04-06 baseline note assumed. The failure is in the SAVE_ARCHIVE → meta.json runtime path — unrelated to Plan 04-06's surface (SVG stroke recolor + welcome.ts inline-SVG + globals.d.ts + harness A17.8 + docs back-patch). Strongly resembles the pre-existing **Plan 04-08 A33 SAVE-ack channel flake** already logged in STATE.md Blockers ("the original sendMessage channel bound to the killed SW instance closes before the restarted SW resolves the callback"). Likely a flake / SW-lifecycle race, not a hard regression. | Out of scope for Plan 04-06. Route to `/gsd-debug` (consolidate with the existing A33 SAVE-ack flake investigation). Do NOT fix in Plan 04-06. |
+| Non-deterministic parallel-vitest / ffprobe-timeout flake family (04-CONTEXT.md in-scope items #9 + #10) | Plan 04-06 baseline check (2026-05-22; corrected 2026-05-26 in Plan 04-06 Task 3) | Full `npx vitest run` intermittently produces **183 passed / 1 failed (184 total)** on a clean tree. The "1 failed" lands non-deterministically on whichever ffprobe / parallel-worker race test loses the worker race — observed instances include `tests/background/webm-remux.test.ts > ffprobe -count_frames reports between 905 and 912 frames inclusive` (`Error: Test timed out in 5000ms`). Both `webm-remux.test.ts` (5/5) and `tests/build/strict-meta-json-validation.test.ts` (8/8) pass deterministically when run in isolation (`npm test -- <file> --run`). **CORRECTION**: a prior version of this entry (commit `6a989e8`) named `strict-meta-json-validation.test.ts` as failing on a clean tree — that diagnosis was wrong; that test is GREEN in isolation. The real root cause is the pre-existing **04-CONTEXT #9** (parallel-vitest Tier-1-build-step race; ~1/5 full-suite runs) + **#10** (2 ffprobe/ffmpeg vitest flakes), which are already enumerated as in-scope items in `04-CONTEXT.md`. The true clean baseline is **184/184 GREEN** (188/188 after Plan 04-06 adds 4 new tests). Plan 04-06 Task 2's VITEST GATE LOGIC tolerates a single isolation-passing flake (NOT a hard-coded named test) and FAILS on any reproducible-in-isolation failure or 2+ failures. | Out of scope for Plan 04-06. Routed as "04-CONTEXT #9/#10 parallel-vitest ffprobe flake family" (NOT as "strict-meta-json fails on a clean tree" — that prior diagnosis is wrong). If a `/gsd-debug` is opened, route to the parallel-vitest worker-isolation strategy (the canonical Vitest mitigation is `poolOptions.threads.singleThread:true` for the affected files, OR raising `testTimeout` on the ffprobe `it.skipIf` block). Do NOT fix in Plan 04-06. |
--- a/tests/uat/extension-page-harness.ts
+++ b/tests/uat/extension-page-harness.ts
@@ -2246,55 +2246,48 @@ async function assertA17(): Promise<AssertionResult> {
      passed: resolvedNonDefault,
    });
-    // A17.8: Plan 01-10 must_have #9 path-A swap-in invariant (landed
+    // A17.8: Plan 04-06 UI-SPEC dark-logo `currentColor` strategy —
-    // 2026-05-20 per debug session 01-10-welcome-page-missing-mark).
+    // SOURCE-BUNDLING check ONLY. Verifies that the `?raw` import in
-    // Verifies the canonical Mokosh mark SVG is bundled into the
+    // src/welcome/welcome.ts inlines the canonical mark SVG SOURCE
-    // welcome chunk so populateMark() can assign it as the <img src>.
+    // string into the welcome chunk JS (the `?raw` query suffix
    // returns module content as a UTF-8 string at build time per
    // https://vite.dev/guide/assets.html#importing-asset-as-string —
    // NOT a hashed asset URL and NOT a Vite-inlined small-asset URL).
    //
-    // Vite's default behaviour (build.assetsInlineLimit = 4096 bytes,
+    // Scope (honest narrowing per iter-2 BLOCKER 1 resolution): A17.8
-    // confirmed via vite.dev/config/build-options.html#build-assetsinlinelimit)
+    // proves the source was BUNDLED. It does NOT prove the inline-SVG
-    // inlines assets smaller than the limit as data: URLs. The
+    // was injected into the live welcome-page DOM, and it does NOT
-    // canonical mokosh-mark.svg is ~600 bytes, so it's INLINED as a
+    // prove the `currentColor` CSS cascade resolved. Those runtime
-    // `data:image/svg+xml,...` literal inside the welcome JS chunk
+    // behaviours are verified by the NEW host-side harness assertion
-    // (NOT emitted as a separate `dist/assets/<hash>.svg` file).
+    // A35 (driveA35 in tests/uat/lib/harness-page-driver.ts), which
    // opens welcome.html as a real Puppeteer tab, lets populateMark()
    // run at DOMContentLoaded, then queries the LIVE injected
    // `.welcome-hero__mark svg` element and reads
    // `getComputedStyle().stroke` to prove the cascade actually
    // resolves. A17.8 + A35 form the canonical source-vs-live coverage
    // split for the dark-logo strategy.
    //
-    // We accept BOTH bundling shapes — either is correct from a "the
+    // Pre-04-06 history: A17.8 previously accepted EITHER an inline
-    // mark is reachable from the welcome page" standpoint:
+    // small-asset URL literal OR a `.svg` filename (the `?url` import's
-    //   (a) data URL: `data:image/svg+xml,...` substring in jsText
+    // two bundling shapes per Vite's assetsInlineLimit). Plan 04-06
-    //       (Vite inlined small asset path; default behaviour).
+    // swapped `?url` -> `?raw` so the SVG source ends up as a verbatim
-    //   (b) file URL: a `.svg` filename string in jsText (Vite emitted
+    // string literal inside the JS — no inline asset URL, no separate
-    //       separate asset path; would activate if SVG grew past
+    // `.svg` asset. The new check asserts the raw-source signature:
-    //       4096 bytes OR assetsInlineLimit was lowered).
+    // `stroke="currentColor"` AND the canonical `viewBox="0 0 32 32"`
-    //
+    // both appear in the welcome JS.
-    // If neither shape is present, populateMark() would assign
+    const hasCurrentColorStroke =
-    // `img.src = undefined` and the welcome hero would render an
+      jsText.includes('stroke="currentColor"')
-    // empty/broken image — exactly the regression the operator
+      || jsText.includes("stroke='currentColor'");
    // reported in the 2026-05-20 UAT.
    const hasInlineDataUrl = jsText.includes('data:image/svg+xml');
    const svgFileUrlMatches = jsText.match(/["'][^"']*\.svg["']/g) ?? [];
    const hasSvgFileUrl = svgFileUrlMatches.length > 0;
    const hasBundledMark = hasInlineDataUrl || hasSvgFileUrl;
    diag(result, `Step 7: bundled JS contains inlineDataUrl=${hasInlineDataUrl}, svgFileUrlCount=${svgFileUrlMatches.length}`);
    // Cross-witness: the canonical mark's source SVG includes the
    // viewBox="0 0 32 32" literal (32×32 woven-square mark per
    // src/shared/brand/mokosh-mark.svg). The data URL inlining
    // path preserves this verbatim (URL-percent-encoded:
    // viewBox='0%200%2032%2032'). For the file URL path the
    // substring lives at the fetched asset, not the chunk JS.
    // Either way, the chunk JS string is sufficient to prove the
    // mark survives the bundle.
    const hasCanonicalViewBox =
      jsText.includes('viewBox=\'0 0 32 32\'')
-      || jsText.includes('viewBox="0 0 32 32"')
+      || jsText.includes('viewBox="0 0 32 32"');
-      || jsText.includes('viewBox=%270%200%2032%2032%27')
+    diag(result, `Step 7: welcome chunk JS contains stroke=currentColor=${hasCurrentColorStroke}, canonicalViewBox=${hasCanonicalViewBox} (?raw source-bundling check; live-DOM proof = A35)`);
      || jsText.includes("viewBox='0%200%2032%2032'");
    result.checks.push({
-      name: 'A17.8: welcome chunk JS bundles the canonical mark SVG (data URL OR file URL) AND canonical viewBox preserved (Plan 01-10 must_have #9 path-A swap-in)',
+      name: 'A17.8: welcome chunk JS bundles the raw mark SVG source (stroke="currentColor" + canonical viewBox) via the Vite `?raw` import — Plan 04-06 dark-logo strategy SOURCE-BUNDLING check; live-DOM injection + currentColor cascade are verified by A35',
-      expected: 'data:image/svg+xml OR .svg URL in bundle; canonical viewBox=\'0 0 32 32\' preserved',
+      expected: 'jsText contains stroke="currentColor" AND viewBox="0 0 32 32" (the inlined raw SVG source signature)',
-      actual: `inlineDataUrl=${hasInlineDataUrl}, svgFileUrl=${hasSvgFileUrl}, canonicalViewBox=${hasCanonicalViewBox}`,
+      actual: `currentColorStroke=${hasCurrentColorStroke}, canonicalViewBox=${hasCanonicalViewBox}`,
-      passed: hasBundledMark && hasCanonicalViewBox,
+      passed: hasCurrentColorStroke && hasCanonicalViewBox,
    });
    result.passed = result.checks.every((c) => c.passed);
--- a/tests/uat/harness.test.ts
+++ b/tests/uat/harness.test.ts
@@ -112,6 +112,12 @@ import {
  // Plan 04-05 — driveA34 fetch + XHR network_error empirical (ROADMAP SC #2;
  // needs downloadsDir for host-side JSZip parse of logs/events.json).
  driveA34,
  // Plan 04-06 — driveA35 UI-SPEC dark-logo `currentColor` LIVE-DOM proof.
  // Opens welcome.html in a fresh browser.newPage() tab so populateMark()
  // actually runs; reads getComputedStyle().stroke on the injected <svg>
  // to verify the currentColor cascade. Host-side driver — needs Browser +
  // extensionId (mirrors driveA33's Browser+extensionId capture pattern).
  driveA35,
  getManifestVersion,
 } from './lib/harness-page-driver';
 import {
@@ -280,7 +286,7 @@ async function assertA0_GrepGate(): Promise<{
 */
 async function main(): Promise<number> {
  process.stdout.write('\nMokosh Plan 01-13 + 01-14 + 02-04 — UAT harness orchestrator\n');
-  process.stdout.write('Architecture: A0 pre-flight + extension-internal page driver (A1..A14, A15..A17, A18..A22, A23, A24, A25, A26, A27, A28, A29, A30, A31, A32)\n');
+  process.stdout.write('Architecture: A0 pre-flight + extension-internal page driver (A1..A14, A15..A17, A18..A22, A23, A24, A25, A26, A27, A28, A29, A30, A31, A32, A33, A34, A35)\n');
  process.stdout.write('='.repeat(72) + '\n');
  // A0 pre-flight (no Chrome launch needed; runs against built dist/).
@@ -370,6 +376,11 @@ async function main(): Promise<number> {
  // logs/events.json (fetch + XHR network_error entry inspection).
  const driveA34Wrapped: (page: import('puppeteer').Page) => Promise<AssertionRecord> =
    (page) => driveA34(page, handles.downloadsDir);
  // Plan 04-06 — driveA35 needs Browser + extensionId to open a fresh
  // welcome.html tab via browser.newPage() (UI-SPEC dark-logo LIVE-DOM
  // proof). Mirrors the driveA33 Browser+extensionId capture pattern.
  const driveA35Wrapped: (page: import('puppeteer').Page) => Promise<AssertionRecord> =
    (page) => driveA35(page, handles.browser, handles.extensionId);
  const drivers: ReadonlyArray<{
    readonly name: string;
@@ -532,6 +543,17 @@ async function main(): Promise<number> {
    // chrome.scripting.executeScript ISOLATED-world. Runs ~25s (always
    // RUN — not env-gated; the 5-min wait is A33's, not A34's).
    { name: 'A34', drive: driveA34Wrapped },
    // Plan 04-06 A35: UI-SPEC dark-logo `currentColor` strategy LIVE-DOM
    // proof. Opens welcome.html as a real Puppeteer tab so populateMark()
    // actually runs; reads getComputedStyle().stroke on the injected
    // <svg> to verify the currentColor cascade resolves through
    // .welcome-hero__mark color: var(--mks-fg-inverse) (UI-SPEC Option A).
    // Appended LAST in the drivers array so the new welcome tab cannot
    // pollute any later driver (and welcomePage.close() in finally
    // guarantees no tab leak regardless). Host-side driver — mirrors
    // the driveA32/A33/A34 host-side pattern (NOT a page.evaluate
    // (window.__mokoshHarness) wrapper).
    { name: 'A35', drive: driveA35Wrapped },
  ];
  const buffers = { swConsole: handles.swConsole, offConsole: handles.offConsole };
--- a/tests/uat/lib/harness-page-driver.ts
+++ b/tests/uat/lib/harness-page-driver.ts
@@ -2950,3 +2950,173 @@ export async function driveA34(
    error: pageResult.error,
  };
 }
 /* ─── Plan 04-06 — driveA35 (UI-SPEC dark-logo `currentColor` LIVE-DOM proof) ─── */
 //
 // A35 is the live-DOM counterpart to the source-only A17.8 source-bundling
 // grep + the source-only tests/welcome/inline-svg.test.ts source-text pin.
 // It opens welcome.html as a real Puppeteer tab — welcome.html is a real
 // web-accessible extension page that builds to dist-test/src/welcome/
 // welcome.html (vite.test.config.ts:95), exactly the path
 // chrome.runtime.getURL('src/welcome/welcome.html') resolves to — so
 // welcome.ts init() runs populateMark() at DOMContentLoaded and the
 // inline <svg> actually lands in the page DOM. We then read
 // getComputedStyle().stroke on the injected <svg> to prove the
 // `currentColor` cascade resolves through the .welcome-hero__mark
 // wrapper's `color: var(--mks-fg-inverse)` rule.
 //
 // This is the iter-2 BLOCKER 1 resolution: the prior iter-1 re-plan
 // claimed live-DOM injection was delegated to A17.8, but A17.8 is
 // 100% string-grep on the welcome JS chunk and the harness does NOT
 // open welcome.html as a live tab (it only fetches the HTML text via
 // chrome.runtime.getURL + DOMParser.parseFromString — a DETACHED
 // parse, not a live document). driveA35 is the canonical automated
 // proof of the runtime injection + cascade. A35 is appended LAST in
 // the drivers array; nothing reads its return value, so the new tab
 // cannot pollute later drivers (welcomePage.close() in finally also
 // guarantees no tab leak).
 //
 // Pattern: HOST-SIDE driver (mirrors driveA32/driveA33/driveA34 — NOT
 // a page.evaluate(window.__mokoshHarness) wrapper). Builds a
 // CheckRecord[] directly and returns an AssertionRecord. The harness
 // `page` parameter is unused for navigation (A35 opens its OWN
 // browser.newPage() tab); kept for driver-list signature uniformity.
 //
 // References:
 //   - 04-UI-SPEC.md §"Implementation amendment" (Option A currentColor)
 //   - W3C SVG2 §13.3 (currentColor cascade)
 //   - https://pptr.dev/api/puppeteer.browser.newpage
 //   - tests/welcome/inline-svg.test.ts (the source-text counterpart)
 //   - tests/uat/extension-page-harness.ts A17.8 (the source-bundling
 //     counterpart — narrowed in Plan 04-06 to a raw-source grep only)
 /** Live-DOM navigation + populateMark()-settle ceiling for the
 *  driveA35 welcome-page open. ~5 seconds is generous against the
 *  DOMContentLoaded -> populateMark synchronous handoff
 *  (welcome.ts:194-198) which completes in well under 100ms in
 *  practice; the buffer covers Puppeteer launch jitter + extension
 *  page first-load CSS parse. */
 const A35_WELCOME_PAGE_TIMEOUT_MS = 5_000;
 /**
 * driveA35 — UI-SPEC dark-logo `currentColor` strategy LIVE-DOM proof.
 *
 * Opens a fresh welcome.html tab via `browser.newPage()`, navigates to
 * `chrome-extension://<id>/src/welcome/welcome.html` (the canonical
 * web-accessible welcome page path; the same path A17 already fetches),
 * waits for `populateMark()` to inject the inline <svg> at
 * DOMContentLoaded, then runs a single `welcomePage.evaluate(...)` that
 * reads the LIVE DOM and returns the four signals A35 asserts on:
 *   - svgPresent  — `.welcome-hero__mark svg` exists (inline <svg>
 *                   injected).
 *   - strokeAttr  — that <svg>'s `stroke` attribute === 'currentColor'
 *                   (the canonical mark recolour landed correctly).
 *   - computedStroke — `getComputedStyle(svgEl).stroke` is a resolved
 *                      non-default colour value (the `currentColor`
 *                      cascade resolved through
 *                      `.welcome-hero__mark { color: var(--mks-fg-inverse) }`).
 *                      Empty / 'none' would mean the cascade is broken.
 *   - imgPresent  — `.welcome-hero__mark img` is NULL (the legacy
 *                   <img> injection path is gone; we're inlining now).
 *
 * Always closes the new tab in a `finally` block so no extra Puppeteer
 * page leaks across the harness run. Mirrors the driveA33/driveA34
 * host-side error-handling pattern: on throw, returns an
 * AssertionRecord with `passed:false` + `error` set.
 *
 * @param page        Harness page handle (unused for navigation; kept
 *                    for driver-list signature uniformity, mirroring
 *                    the driveA32 precedent).
 * @param browser     Puppeteer Browser handle from launchHarnessBrowser.
 * @param extensionId The runtime extension ID (from `handles.extensionId`).
 */
 export async function driveA35(
  // eslint-disable-next-line @typescript-eslint/no-unused-vars -- signature uniformity per driveA32 precedent; A35 opens its OWN tab via browser.newPage().
  page: Page,
  browser: Browser,
  extensionId: string,
 ): Promise<AssertionRecord> {
  const checks: CheckRecord[] = [];
  const diagnostics: string[] = [];
  const welcomeUrl = `chrome-extension://${extensionId}/src/welcome/welcome.html`;
  diagnostics.push(`A35 navigating to ${welcomeUrl}`);
  let welcomePage: Page | null = null;
  try {
    welcomePage = await browser.newPage();
    await welcomePage.goto(welcomeUrl, { waitUntil: 'domcontentloaded' });
    await welcomePage.waitForSelector('.welcome-hero__mark svg', {
      timeout: A35_WELCOME_PAGE_TIMEOUT_MS,
    });
    diagnostics.push('A35 welcome.html DOMContentLoaded + inline <svg> selector resolved');
    const probe = await welcomePage.evaluate(() => {
      const svgEl = document.querySelector('.welcome-hero__mark svg');
      const imgEl = document.querySelector('.welcome-hero__mark img');
      const svgPresent = svgEl !== null;
      const strokeAttr = svgEl !== null ? svgEl.getAttribute('stroke') : null;
      const computedStroke =
        svgEl !== null ? getComputedStyle(svgEl).stroke : '';
      const imgPresent = imgEl !== null;
      return { svgPresent, strokeAttr, computedStroke, imgPresent };
    });
    diagnostics.push(
      `A35 live-DOM probe: svgPresent=${probe.svgPresent} strokeAttr=${probe.strokeAttr ?? '<null>'} computedStroke="${probe.computedStroke}" imgPresent=${probe.imgPresent}`,
    );
    const computedStrokeResolved =
      probe.computedStroke.length > 0 && probe.computedStroke !== 'none';
    checks.push({
      name: 'A35.1: inline <svg> injected into `.welcome-hero__mark` slot (populateMark ran)',
      expected: 'non-null `.welcome-hero__mark svg`',
      actual: probe.svgPresent ? 'present' : 'missing',
      passed: probe.svgPresent,
    });
    checks.push({
      name: 'A35.2: injected <svg> carries stroke="currentColor" (UI-SPEC Option A recolor)',
      expected: 'currentColor',
      actual: probe.strokeAttr,
      passed: probe.strokeAttr === 'currentColor',
    });
    checks.push({
      name: 'A35.3: getComputedStyle(<svg>).stroke resolves to a non-default colour (the currentColor cascade through `.welcome-hero__mark { color: var(--mks-fg-inverse) }` actually worked)',
      expected: 'non-empty, non-"none" resolved colour',
      actual: probe.computedStroke,
      passed: computedStrokeResolved,
    });
    checks.push({
      name: 'A35.4: no legacy <img> in `.welcome-hero__mark` slot (the pre-04-06 <img> injection path is gone)',
      expected: 'null',
      actual: probe.imgPresent ? 'present (UNEXPECTED — legacy <img> still injected)' : 'null',
      passed: !probe.imgPresent,
    });
    const passed = checks.every((c) => c.passed);
    return {
      passed,
      name: 'A35 — welcome-page inline-SVG injected at populateMark() runtime; currentColor stroke resolves via parent CSS color cascade (UI-SPEC dark-logo strategy live-DOM proof; iter-2 BLOCKER 1 resolution)',
      checks,
      diagnostics,
    };
  } catch (err) {
    const errMsg = err instanceof Error ? err.message : String(err);
    diagnostics.push(`A35 THREW: ${errMsg}`);
    return {
      passed: false,
      name: 'A35 — welcome-page inline-SVG injected at populateMark() runtime; currentColor stroke resolves via parent CSS color cascade (UI-SPEC dark-logo strategy live-DOM proof; iter-2 BLOCKER 1 resolution)',
      checks,
      diagnostics,
      error: errMsg,
    };
  } finally {
    if (welcomePage !== null) {
      try {
        await welcomePage.close();
      } catch {
        // Ignore close errors — the welcome tab is test-only ephemera;
        // a close failure here cannot mask the A35 verdict above.
      }
    }
  }
 }