Update SECURITY.md and README project structure#8
Merged
Conversation
Add GitHub private vulnerability reporting as primary security channel (now enabled in repo settings). Keep email as backup. Expand scripts/ entry in README project structure to list individual validation scripts. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
aallan
added a commit
that referenced
this pull request
May 11, 2026
Three further findings from CodeRabbit's review of `067817b` — one
🟠 Major correctness mirror, two 🟡 Minor quality fixes.
CR-6 (`TESTING.md:9`) — 🟡
The "lines of test code" prose count in the overview table read
~35,939; the actual `find tests -name "test_*.py" -type f -exec
wc -l {} +` aggregate is 50,638. My running deltas correctly
tracked incremental changes but preserved an already-incorrect
baseline. `scripts/check_doc_counts.py` only validates the
total-tests + file-count fields against live counts (regex over
prose at lines 121-130), not the per-file line-count tail of the
"Tests" row — so the drift wasn't caught locally. Updated to
~50,638.
CR-7 (`tests/test_codegen.py::TestGenericMonoSuffixFromSlotRef604`)
— 🟡
The existing `test_template_warning_suppressed_when_mono_clone_compiles`
covered only the positive path. An over-broad suppressor that
dropped *all* forall-decl warnings would pass that test silently.
Added a sibling negative-control test
`test_template_warning_NOT_suppressed_when_generic_never_called`:
defines `private forall<T> fn unused_generic(@t -> @t)` that's
never called; asserts an `[E604]` template warning DOES fire for
it (no mono clone exists for an uncalled generic, so the
suppression's `compiled_mono_bases & forall_decl_names`
intersection is empty for this fn). Pin protects the targeted-
not-blanket suppression semantics.
CR-8 (`vera/wasm/calls.py::_infer_fn_alias_type_args_wasm`) — 🟠
The monomorphiser's `_infer_fn_alias_type_args` (in
`vera/codegen/monomorphize.py`) has an `elif isinstance(
arg_return, ast.FnType): alias_mapping[ret.name] = "Fn"` branch
that handles higher-order aliases (callable arg returns another
function). The WASM-side mirror was missing that branch. In
that case the return-type var stayed unbound, fell back to
`"Bool"` at result-building time, and `_resolve_generic_call`
rewrote the call to a mangled name that did NOT match the mono
clone Pass 1.5 registered. Added the matching branch with a
comment cross-referencing the monomorphiser-side binding and
explaining the failure mode without it (e.g. a `type Lifter<F> =
fn(Int -> F) effects(pure)` called with a fn-returning AnonFn).
Validation
- mypy: clean (59 source files)
- pytest: 3,795 passed, 14 skipped (was 3,794 + 1 new test)
- e602 gate: 116 files clean, 6 allowlist matched, 0 stale
- doc-counts: consistent
Refs #604 #655 #659
Co-Authored-By: Claude <noreply@anthropic.invalid>
aallan
added a commit
that referenced
this pull request
May 13, 2026
Following user direction to pull all 7 deferred pr-review findings into this PR rather than file a follow-up. The 4 small code fixes (items 2/3/5/8) plus 2 new test files (items 6/7) land here. Code fixes: - **#2 ModuleCall path-drop** (`vera/wasm/inference.py:289-292` and `:~973`) — both `_infer_expr_wasm_type::ModuleCall` and `_infer_vera_type::ModuleCall` previously synthesised a fake `ast.FnCall(name=expr.name, args=expr.args)` for dispatch, silently dropping `expr.path: tuple[str, ...]`. If a regression ever flowed a ModuleCall to either helper, the fake-FnCall lookup could match a same-name local fn from a different module — silent wrong-answer rather than safe failure. Now both return `None` so the unknown-type surfaces cleanly. - **#3 AnonFn placeholder** (`vera/wasm/inference.py:~967`) — `_infer_vera_type::AnonFn` previously returned the literal string `"Fn"` as a placeholder. No callsite recognised `"Fn"` as a real Vera type; downstream type-arg mangling paths (`vera/wasm/calls.py:1525,1533`) would feed it into mangled names like `option_map$Int_Fn`. Now returns `None` for the same reason. - **#5 Factually wrong "closure pipeline" comments** (`vera/codegen/compilability.py:~236, ~393`, both WALKER_ COVERAGE checklists + inline pre-branch comments) — the `AnonFn` defensive branches were described as "masked today by closure pipeline running its own scan", but pr-review surfaced that `vera/codegen/closures.py::_compile_lifted_ closure` does NOT call `_scan_io_ops` or `_scan_body_for_state_handlers` on lifted bodies. The AnonFn branch is the PRIMARY defence, not redundant. Comments now state this directly. - **#8 Dead `is not None` guards** (`vera/wasm/inference.py:~954, ~961`) — `Block.expr` and `HandleExpr.body.expr` are non- Optional in the AST schema (`vera/ast.py:470, 481`). The guards in the `_infer_vera_type` defensive branches were unreachable defensive code. Removed; direct calls now. Test additions: - **#6 Synthetic-AST tests for defensive branches** (`tests/test_walker_defensive_branches_597.py`, 21 tests, 296 lines) — direct AST invocation pinning each of the 11 defensive branches plus the 5 pr-review fixes. Without these the defensive branches have 0% coverage (`coverage run` confirmed) — a future refactor breaking one would land silently. - **#7 Unit tests for the enforcement script** (`tests/test_check_walker_coverage_597.py`, 12 tests, 255 lines) — pins the script's parsing logic: Expr subclass extraction, isinstance flattening (incl. tuple form), checklist-block anchoring (incl. CR-3 regression test: `# Foo → bar` outside the WALKER_COVERAGE block must not be counted), section-header tolerance, auto-discovery invariants, end-to-end exit code. CHANGELOG/HISTORY: - Extended the v0.0.151 entry with two new sub-sections under "Fixed" (pr-review follow-ups) and a new "Tests" section documenting the two regression-test files. Doc counts (auto-validated by `check_doc_counts.py`): - TESTING.md total: 3,827 → 3,860 tests (+33), 29 → 31 files - TESTING.md table: two new rows for the test files - ROADMAP.md: 3,827 → 3,860 - README.md: 3,827 → 3,860 Validation: - `pytest tests/ -q` → 3,846 passed, 14 skipped (+33 net new) - `mypy vera/` → clean - `python scripts/check_walker_coverage.py` → 9 walkers cover all 29 Expr subclasses (clean) - `python scripts/check_doc_counts.py` → consistent across all surfaces Refs #597 #668 Co-Authored-By: Claude <noreply@anthropic.invalid>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Test plan
🤖 Generated with Claude Code