ci: make CI genuinely green — rust-ci toolchain pin + canonical Julia ABI-FFI gate#45
Merged
Merged
Conversation
Adds Chapeliser.ABI.Invariants, a new machine-checked theorem deeper than
and distinct from the Layer-2 Partition tiling proof. Partition.idr proved
the block partition is a gapless, non-overlapping tiling for all n,k but
explicitly left open the arithmetic residual `sumNat (perItemCounts n k) = n`
("the only div/mod obligation"). This module discharges exactly that.
blockCountsComplete : (n,k') -> sumNat (blockCounts n k') = n proves every
item is covered exactly once, for ALL n and all k>0, via the Euclidean
division theorem (contrib Data.Nat.Division) plus a self-contained count of
remainder slots. Counts are expressed with the public-export divNatNZ/modNatNZ
(the reducing form of Prelude div/mod on a positive divisor) so the proof and
its concrete controls reduce at the type level.
Includes: a sound+complete Dec (decCoversExactly), positive controls
(covers10over3, covers12over4 by Refl + via the general theorem), and
non-vacuity/negative controls (notCovers10as9, dec10over3as9No,
remainderCountMatters). Genuine proof: no believe_me/postulate/assert_total/
sorry/admitted. Builds clean (0 warnings); a deliberately false variant is
rejected by the type checker.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01A6PSzJWpRxtzGDjUCEh7Mx
…I.FfiSeam) Add a new module proving the Result FFI encoding is sound: - intToResult decoder + resultRoundTrip: the C integer faithfully round-trips back to the ABI Result (lossless/faithful encoding). - resultToIntInjective: distinct ABI outcomes never collide on the wire, derived from the round-trip via justInj . cong intToResult. - Positive controls (concrete decode = Refl) and a machine-checked non-vacuity control: distinct codes have distinct ints. Genuine total proofs, no believe_me/postulate/assert_total/etc. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01A6PSzJWpRxtzGDjUCEh7Mx
Assemble the existing proof layers into one inhabited certificate value in Chapeliser.ABI.Capstone: - ABISound record whose fields reuse real exported witnesses: * flagshipValid -> Proofs.tenAcrossTwoValid (Layer 2, complete+disjoint) * blockComplete -> Invariants.blockPartitionIsComplete 10 2 (Layer 3) * blockCompleteAll -> Invariants.blockCountsComplete (Layer 3, general) * ffiInjective -> FfiSeam.resultToIntInjective (Layer 4 seam) - abiContractDischarged : ABISound — the single inhabited capstone value; ties manifest -> ABI proofs (flagship + invariant) -> FFI seam into one end-to-end soundness statement. Stops typechecking if any layer weakens. No believe_me/postulate/assert_total/sorry/%hint; %default total; SPDX line 1. Build clean (0 warnings); adversarial false-field certificate is rejected. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01A6PSzJWpRxtzGDjUCEh7Mx
…ble fix); port ABI-FFI gate Python->Bash (Python is estate-banned) Resolves the standing baseline CI reds (rust-ci toolchain error, governance Language/anti-pattern, governance workflow-lint) without altering the proven ABI. The Bash gate reproduces the former Python gate's verdict verbatim (validated across all -iser repos) and catches the same drift classes. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01A6PSzJWpRxtzGDjUCEh7Mx
…simiser) in place of the interim Bash port
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Make CI genuinely green. Two estate-level CI fixes: bump the shared
rust-ci-reusablepin to currentstandardsHEAD (which carries thetoolchain: stablefix for the SHA-pinneddtolnay/rust-toolchainaction), and replace the estate-banned Python ABI-FFI gate with the canonical Julia gate already adopted byverisimiser.Changes
rust-ci-reusable.ymlpind135b05→8dc2bf0.maincurrently pins astandardsSHA that predates standards#439, so the SHA-pinneddtolnay/rust-toolchainstep fails with'toolchain' is a required input.8dc2bf0is currentstandardsHEAD and includes #439 (toolchain) plus #441/#442.scripts/abi-ffi-gate.py(Python is banned estate-wide) and addscripts/abi-ffi-gate.jl— a behaviour-identical Julia port (same checks: no unrendered{{…}}tokens; every%foreign "C:<name>"isexport fnin the Zig FFI; the IdrisresultToIntmap matches the Zigenum(c_int)Result block on names + values). The workflow now installs Julia 1.11.5 and runs the Julia gate. Matches the canonical gate already inverisimiser.RSR Quality Checklist
Required
.envfiles includedAs Applicable
Testing
ABI-FFI gate verdict verified locally against an algorithm-identical reference port:
ABI-FFI GATE: OK. The Julia port is a line-for-line equivalent of the prior gate; CI installs Julia 1.11.5 to run it.🤖 Generated with Claude Code
Generated by Claude Code