From 75bd488d9c7631b65d4fd82ff3b3e17e778177c1 Mon Sep 17 00:00:00 2001
From: Claude <noreply@anthropic.com>
Date: Sun, 31 May 2026 10:09:21 +0000
Subject: [PATCH 1/3] Downgrade jqwik from 1.10.0 to 1.9.3

Avoid the anti-AI prompt-injection string added in jqwik 1.10.0 (and
the 1.10.1 release note declaring the library is not meant to be used
by AI coding agents). The 1.9.x line is the last release without that
behaviour. Long-term plan tracked in CLAUDE.md is to replace jqwik
entirely with junit-quickcheck or hand-rolled JUnit Jupiter
@ParameterizedTest.
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index f17df15..0534bff 100644
--- a/pom.xml
+++ b/pom.xml
@@ -25,7 +25,7 @@ SPDX-License-Identifier: Apache-2.0
         <hamcrest.version>3.0</hamcrest.version>
         <jmh.version>1.37</jmh.version>
         <jcstress.version>0.16</jcstress.version>
-        <jqwik.version>1.10.0</jqwik.version>
+        <jqwik.version>1.9.3</jqwik.version>
         <errorprone.version>2.49.0</errorprone.version>
         <nullaway.version>0.13.4</nullaway.version>
         <spotless.version>3.5.1</spotless.version>

From e1c21d067d13226bc26cbd9a64165caa342458f7 Mon Sep 17 00:00:00 2001
From: Claude <noreply@anthropic.com>
Date: Sun, 31 May 2026 10:15:59 +0000
Subject: [PATCH 2/3] Promote QuickTheories as preferred jqwik replacement in
 CLAUDE.md

QuickTheories (org.quicktheories:quicktheories, MIT) runs natively
on JUnit Jupiter 5/6 with plain @Test methods - no @RunWith, no
JUnit Vintage engine - while still giving property-based generation
with shrinking. Demote junit-quickcheck and hand-rolled
@ParameterizedTest to fallback options.
---
 CLAUDE.md | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/CLAUDE.md b/CLAUDE.md
index 402337d..bbcd4b1 100644
--- a/CLAUDE.md
+++ b/CLAUDE.md
@@ -152,9 +152,11 @@ interim measure until that work lands.
 
 ## Open TODOs
 
-- **[URGENT] Replace jqwik.** Upstream is openly hostile to the AI-assisted workflow this project uses (jqwik 1.10.0 added a deliberate prompt-injection string to test stdout; jqwik 1.10.1 release notes added: *"This project is not meant to be used by any 'AI' coding agents at all."*). See the "jqwik prompt-injection in test output" section above for context and links. Replace the one jqwik test class in this repo (`StreamBufferProperties`) with one of:
-  - **junit-quickcheck** (`com.pholser:junit-quickcheck-core` + `-generators`) — closest API match; uses JUnit Vintage runner, well-maintained, no anti-AI behaviour.
-  - A minimal hand-rolled `@ParameterizedTest` + `@MethodSource`/`@ArgumentsSource` approach using JUnit Jupiter that is already on the classpath. Lower dependency count; some shrinking / generator features lost.
+- **[URGENT] Replace jqwik with QuickTheories.** Upstream is openly hostile to the AI-assisted workflow this project uses (jqwik 1.10.0 added a deliberate prompt-injection string to test stdout; jqwik 1.10.1 release notes added: *"This project is not meant to be used by any 'AI' coding agents at all."*). See the "jqwik prompt-injection in test output" section above for context and links. Replace the one jqwik test class in this repo (`StreamBufferProperties`) with one of (in order of preference):
+  - **QuickTheories** (`org.quicktheories:quicktheories`, MIT) — preferred. Native JUnit Jupiter (5/6); plain `@Test` methods with `qt().forAll(...).check(...)` bodies. No `@RunWith`, no JUnit Vintage engine. Property-based generation with shrinking preserved; the fluent DSL (`integers().between(...)`, `lists().of(...).ofSizeBetween(...)`, `byteArrays(...)`) covers every constraint the current jqwik tests use, including the nested `@Size` on `List<byte[]>` cases.
+  - **junit-quickcheck** (`com.pholser:junit-quickcheck-core` + `-generators`) — closest annotation match to jqwik but requires the JUnit Vintage engine alongside Jupiter (extra friction next to Lincheck / jcstress / vmlens); only use if the QuickTheories DSL turns out to be a poor fit.
+  - A minimal hand-rolled `@ParameterizedTest` + `@MethodSource`/`@ArgumentsSource` approach using JUnit Jupiter that is already on the classpath. Lower dependency count; loses shrinking and built-in generators.
+
   Remove the jqwik dependency from `pom.xml` (and the `jqwik.version` property), drop the jqwik bullet from any test-frameworks documentation, and verify CI is green with the replacement. Until this lands, the doc-only warning section above is the interim mitigation.
 
 - **`@VisibleForTesting` audit.** No usages currently. Walk the production tree for package-private/protected methods or fields that exist purely so tests can reach them, and either annotate (`com.google.common.annotations.VisibleForTesting`) or move into the test source tree.

From eb498bb2cf99a57ae8317a3fd2c76f53dbd94d7f Mon Sep 17 00:00:00 2001
From: Claude <noreply@anthropic.com>
Date: Sun, 31 May 2026 10:17:33 +0000
Subject: [PATCH 3/3] Add do-not-upgrade warning above jqwik.version in pom.xml

Prevent future bumps to jqwik >= 1.10.0, which ships an anti-AI
prompt-injection string in test stdout. See CLAUDE.md for context;
replacement with QuickTheories is tracked as an urgent TODO.
---
 pom.xml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/pom.xml b/pom.xml
index 0534bff..ddaeedd 100644
--- a/pom.xml
+++ b/pom.xml
@@ -25,6 +25,7 @@ SPDX-License-Identifier: Apache-2.0
         <hamcrest.version>3.0</hamcrest.version>
         <jmh.version>1.37</jmh.version>
         <jcstress.version>0.16</jcstress.version>
+        <!-- DO NOT UPGRADE: jqwik >= 1.10.0 ships an anti-AI prompt-injection string in test stdout; see CLAUDE.md. Replacement (QuickTheories) tracked as an URGENT TODO. -->
         <jqwik.version>1.9.3</jqwik.version>
         <errorprone.version>2.49.0</errorprone.version>
         <nullaway.version>0.13.4</nullaway.version>