ci: make CI genuinely green — rust-ci toolchain pin + canonical Julia ABI-FFI gate#50
Merged
Merged
Conversation
New module K9iser.ABI.Semantics proves the repo's headline property
("Wrap configs into self-validating K9 contracts"): a config that
SATISFIES a "must"-contract (a required key present whose value lies
within an inclusive numeric range) provably validates, and a config that
VIOLATES it (missing key OR out-of-range value) provably does not.
- Faithful model: Config = assoc list (Key, Nat); Contract = key + [lo,hi].
- Headline proposition `Validates c cfg` has constructors only for the
satisfying case (resolver equation + InRange via propositional LTE);
no constructor exists for a missing key or out-of-range value.
- Sound + complete `decValidates : Dec (Validates c cfg)` and `decInRange`.
- Certifier `certify` into the ABI Result code, with `certifySound` and
`certifyComplete`.
- Positive control `goodValidates` (replicas=5 in [1,10]) and two negative
controls: `badRangeNotValidates` (replicas=0) and `missingNotValidates`.
ABI builds clean (exit 0, zero warnings). A deliberately false witness
for the out-of-range config is rejected by idris2 (non-vacuity verified).
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01A6PSzJWpRxtzGDjUCEh7Mx
Add a second, deeper machine-checked theorem over the existing Layer-2
Semantics model, raising the Idris2 ABI to Layer 3. Proves how config
validation behaves under CONJUNCTION of K9 contracts, distinct from the
Layer-2 single-contract soundness/completeness:
- ValidatesBoth / ValidatesAll: binary and n-ary conjunction over the
existing Validates proposition.
- validatesAndIff / validatesAllConsIff: decomposition isomorphisms
(real witness round-trips, = Refl).
- validatesBothSym: commutativity of conjunction.
- decValidatesAll: sound + complete decision, built compositionally
from the Layer-2 decValidates.
- validatesAllAppend{Fwd,Bwd}: distribution of conjunction over list
append (induction on the bundle).
- validatesAllWeaken: monotonicity / downward-closure.
- certifyAll{,Sound,Complete}: certifier into the ABI Result code.
- Positive controls (twoValidatesBoth / twoValidatesBundle) and
negative / non-vacuity controls (mixedNotBoth / mixedNotBundle),
all machine-checked; resolver equations proved via resolveHead /
resolveSkip lemmas (String decEq does not reduce definitionally).
No believe_me / postulate / assert_total / sorry. %default total.
Registered last in k9iser-abi.ipkg. Clean build, zero warnings;
a deliberately-false ValidatesAll over the out-of-range config is
rejected by the type checker (non-vacuity confirmed).
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01A6PSzJWpRxtzGDjUCEh7Mx
Prove resultToInt is a sound wire encoding: a faithful decoder intToResult with resultRoundTrip (lossless), injectivity derived from the round-trip, positive decode controls, and a machine-checked non-vacuity control (distinct codes have distinct ints). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01A6PSzJWpRxtzGDjUCEh7Mx
Assemble the prior proof layers into a single inhabited certificate value, K9iser.ABI.Capstone.abiContractDischarged : ABISound, tying manifest -> flagship (Layer 2 goodValidates) -> deeper invariant (Layer 3 twoValidatesBundle) -> FFI seam (Layer 4 resultToIntInjective) into one end-to-end soundness statement. Built purely from existing exported witnesses; no new domain theorem, no escape hatches. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01A6PSzJWpRxtzGDjUCEh7Mx
…ble fix); port ABI-FFI gate Python->Bash (Python is estate-banned) Resolves the standing baseline CI reds (rust-ci toolchain error, governance Language/anti-pattern, governance workflow-lint) without altering the proven ABI. The Bash gate reproduces the former Python gate's verdict verbatim (validated across all -iser repos) and catches the same drift classes. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01A6PSzJWpRxtzGDjUCEh7Mx
…simiser) in place of the interim Bash port
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Make CI genuinely green. The shared rust-ci pin on
mainpredates standards#439, so the SHA-pinneddtolnay/rust-toolchainstep errors out before the job runs. This bumps the pin so rust-ci actually runs and replaces the estate-banned Python ABI-FFI gate with the canonical Julia gate (matchesverisimiser). The Rust sources are already fmt + clippy(-D warnings) clean.Changes
rust-ci-reusable.ymlpind135b05→8dc2bf0(currentstandardsHEAD; includes #439 toolchain fix + #441/#442).scripts/abi-ffi-gate.py(Python banned estate-wide); addscripts/abi-ffi-gate.jl(behaviour-identical Julia port); workflow installs Julia 1.11.5. Matchesverisimiser's canonical gate.RSR Quality Checklist
Required
cargo test --locked --all-targets)cargo fmt --all -- --check)cargo clippy --locked --all-targets -- -D warnings).envfiles includedAs Applicable
Testing
Verified locally with the toolchain CI uses (cargo 1.94.1, rustfmt 1.8.0):
cargo fmt --check,clippy -D warnings,cargo check --locked,cargo test --lockedall pass.🤖 Generated with Claude Code
Generated by Claude Code