NORTHSET

Proof-of-Pass Receipt — M-019

CONTRIBUTOR SELF-RUN — NOT MAINTAINER VERIFICATION

Receipt ID
M-019
Run start
2026-07-13T20:15:31.047Z
Run finish
2026-07-13T20:17:01.848Z

Project

glideapps/quicktype

Work

Swift 5.9 warning about Hashable being deprecated · PR #2928

Verification execution

runtime: northset-oss executor v1
human operator: aeziz

Code

base
b11081470089ca0345117951033936405d874193
recorded patch commit
7a233c5bc4d165eb20288bd8748c6bb09356ea6e
declared metadata; not execution-bound
patch diff SHA-256
sha256:6f620bf548fc8a12cb1c45f3fc5c3dbde5d15ac90afaadd6cb5e1e59029ef1c5
bound to executed patch bytes

Environment

image reference
node@sha256:40ad9f3064e67d6860b4bc3fe1880b2953934fd6320ada990e45fe0efa6badd7
repository digest
node@sha256:40ad9f3064e67d6860b4bc3fe1880b2953934fd6320ada990e45fe0efa6badd7
network
phaseA:bridge,phaseB:none

Declared checks

Execution summary
1/1 declared command returned exit 0 in the recorded environment

  1. npm run test:unit -- test/unit/swift-json-null-hashable.test.ts

    exit 0 · 5.1s

unclassified executor time (derived residual) 1m25s

run wall (derived from recorded timestamps) 1m30s

PASS — 1/1 declared command

Every command listed returned exit 0 in the declared environment. Only the listed commands are in scope. Unlisted test, lint, typecheck, build, coverage, compiler, full-suite, and CI gates are not implied or recorded.

Public scope interpretation

The focused test inspects generated Swift output. It does not invoke a Swift compiler or run the full quicktype test suite.

Record details

payment
none · not merge-contingent
redactions
1 email
Bundle contents digest
sha256:94b543f5e5903302950564b67d36708109e6efd6d08c1f15e5c8e3d5ec2d28ef
Signed asset SHA-256
sha256:f27def37d665ff3f176b9c68a1f3226d84476372b935c7cacf90350c0835a991
Signed provenance recorded
verified 2026-07-14T14:21:48Z

NOT INCLUDED

  • Does not prove code quality
  • Does not prove security
  • The focused test inspects generated Swift output but does not invoke a Swift compiler.
  • Contributor self-run record of Northset's own contribution; not the maintainer's verification.

Signed bundle

Download signed bundle

Verify this receipt

gh attestation verify run-record-M-019-94b543f5e590.tar.gz --repo northset-oss/verification-pilot --signer-workflow northset-oss/verification-pilot/.github/workflows/attest-bundle.yml

Attestation confirms that Northset's signing workflow produced this exact bundle. The signer does not witness the recorded run, and verification does not turn it into maintainer verification.

QR → receipt page
Northset contributed this fix and ran its declared checks. Contributor self-run. Not maintainer verification.

Evidence of what ran — not a verdict that the code is good.

SELF-FUNDED FIELD-TESTING.

Committed patch.diff
diff --git a/packages/quicktype-core/src/language/Swift/SwiftRenderer.ts b/packages/quicktype-core/src/language/Swift/SwiftRenderer.ts
index b9fae90ee909e57d24a4024359a63cd5c1868689..fa77615b20ce065106f8613c645602ed7769d038 100644
--- a/packages/quicktype-core/src/language/Swift/SwiftRenderer.ts
+++ b/packages/quicktype-core/src/language/Swift/SwiftRenderer.ts
@@ -1185,12 +1185,10 @@ encoder.dateEncodingStrategy = .formatted(formatter)`);
 			return 0
 	}`);
 
-                if (this._options.swift5Support) {
-                    this.ensureBlankLine();
-                    this.emitMultiline(`    public func hash(into hasher: inout Hasher) {
+                this.ensureBlankLine();
+                this.emitMultiline(`    public func hash(into hasher: inout Hasher) {
 			// No-op
 	}`);
-                }
             }
 
             this.ensureBlankLine();
diff --git a/test/unit/swift-json-null-hashable.test.ts b/test/unit/swift-json-null-hashable.test.ts
new file mode 100644
index 0000000000000000000000000000000000000000..78c9cf92881410f9f37597320457f79031db9b25
--- /dev/null
+++ b/test/unit/swift-json-null-hashable.test.ts
@@ -0,0 +1,27 @@
+import {
+    InputData,
+    JSONSchemaInput,
+    quicktype,
+} from "../../packages/quicktype-core/src/index.js";
+import { expect, test } from "vitest";
+
+const schema = JSON.stringify({
+    type: "object",
+    properties: {
+        value: {},
+    },
+    required: ["value"],
+});
+
+test("emits hash(into:) for JSONNull by default", async () => {
+    const schemaInput = new JSONSchemaInput(undefined);
+    await schemaInput.addSource({ name: "TopLevel", schema });
+
+    const inputData = new InputData();
+    inputData.addInput(schemaInput);
+
+    const result = await quicktype({ inputData, lang: "swift" });
+    const output = result.lines.join("\n");
+
+    expect(output).toContain("public func hash(into hasher: inout Hasher)");
+});
Redacted stdout
=== cmd 1: npm run test:unit -- test/unit/swift-json-null-hashable.test.ts ===

> [REDACTED:email] test:unit
> vitest run test/unit/swift-json-null-hashable.test.ts


 RUN  v4.1.10 /workspace

 ✓ test/unit/swift-json-null-hashable.test.ts (1 test) 40ms

 Test Files  1 passed (1)
      Tests  1 passed (1)
   Start at  20:16:48
   Duration  3.37s (transform 2.59s, setup 0ms, import 3.08s, tests 40ms, environment 0ms)

Redacted stderr
=== cmd 1: npm run test:unit -- test/unit/swift-json-null-hashable.test.ts ===

- - - detach here - - -

External status

Mutable upstream observation; unattested and separate from the signed run record.

PR state
MERGED
Review signal
NONE
CI state
SUCCESS
Upstream updated at
2026-07-13T20:39:02Z
Observed at
2026-07-14T23:05:52.071Z
MERGED

Recorded upstream outcome · open linked record

FOR MAINTAINERS

Request a private run

Maintain an open-source project? Send Northset a PR already in your queue. We run its repository-declared checks in an isolated container and return the run record privately. We do not modify the PR. Nothing is published without your approval. Free during the pilot.

The issue form is public. Do not include secrets or private repository details there; use email instead.

Already onboarded? Add northset-verify to a PR to request a run on that PR.

Claims boundary

This page reports scoped proof-of-pass receipt evidence. It does not prove code quality, security, full CI coverage, production readiness, or maintainer approval. An attestation confirms bundle provenance; it does not broaden the receipt's claim.

Read the full Claims Boundary policy.