Skip to content

docs: port §4.8.1 + §5.1 + L1 admit enumeration to main#182

Merged
hyperpolymath merged 1 commit into
mainfrom
docs/main-l1-enumeration
May 27, 2026
Merged

docs: port §4.8.1 + §5.1 + L1 admit enumeration to main#182
hyperpolymath merged 1 commit into
mainfrom
docs/main-l1-enumeration

Conversation

@hyperpolymath
Copy link
Copy Markdown
Owner

@hyperpolymath hyperpolymath commented May 27, 2026

Summary

Brings three doc-only improvements from the (now-superseded) design branch onto main. All are pure documentation; no source/proof changes.

What this PR adds

1. PRESERVATION-DESIGN.md §4.8.1 (from design-branch PR #170)

Records that path (3) — T_Var_*_L1 strengthening — landed via the m-indexed has_type_l1 in #176. Documents what it closes (source-level variable soundness gap) and what it does not (the lambda-rigidity gap in S_App_Step2 / S_Pair_Step2).

2. PRESERVATION-DESIGN.md §5.1 (from design-branch PR #172)

L1's lambda-rigidity gap closes at L2 Phase 2 via effect-typed TFun, not at L1. Documents:

  • The §5 table's "✓ (L1 fix)" cell flagged with (*conditional on §5.1*).
  • Why path (3) (T_Var strengthening) is necessary-not-sufficient.
  • Proposed effect-typed TFun signature: TFun T1 T2 (R_in : region_env) (R_out : region_env).
  • Why effect-typing is L2's job (typing-layer concern, not region-layer).
  • Sequencing: L2 Phase 2 follow-up to current T_Lam_L1_* rules.

3. docs/proof-debt.adoc — L1 admit enumeration (from design-branch PR #169)

Adds the eight current escape-hatch sites in Semantics_L1.v listed by file:line per the standards#203 trusted-base policy substring-match convention:

  • L343, L400, L412, L520 (region-shrink admits)
  • L608 (Axiom region_liveness_at_split_l1)
  • L632 (preservation_l1 Admitted)
  • L703 / L704 (lambda-rigidity admit + Admitted)

Plus the Echo.v K-closure note (from PR #173's main re-port).

Why this matters

Three independent improvements that the parallel-session #176 bundling didn't include. Each is small enough to ship as part of a single docs cleanup:

Companion PRs

Test plan

  • Asciidoc / Markdown lints (renders in GitHub preview)
  • All eight current L1 escape-hatch sites covered by file:line substring matches
  • §4.8.1 + §5.1 wording matches the design-branch versions
  • CI green (the doc changes shouldn't trigger any Coq build steps)

Refs design-branch PRs #169 / #170 / #172 / #173, PR #176 (L2 hybrid), PRs #180 and #181 (companion).

🤖 Generated with Claude Code

@hyperpolymath
docs: port §4.8.1 + §5.1 + L1 admit enumeration to main
2aebf63 
Brings three doc-only improvements from the design branch onto main:

1. PRESERVATION-DESIGN.md §4.8.1 (from design-branch PR #170 — T_Var
   strengthening landed via the m-indexed has_type_l1 in #176). Docs
   what §4.8 path (3) closes and what it does not.

2. PRESERVATION-DESIGN.md §5.1 (from design-branch PR #172) —
   L1's lambda-rigidity gap (S_App_Step2 / S_Pair_Step2 admits in
   preservation_l1) closes at L2 Phase 2 via effect-typed TFun.
   Documents the §5 table's "✓ (L1 fix)" cell as conditional, and
   explains why effect-typing is L2's job not L1's.

3. docs/proof-debt.adoc — adds the L1 admit enumeration that the
   design branch carried via PR #169. Eight current escape-hatch
   sites in Semantics_L1.v listed by file:line per the
   trusted-base policy substring-match convention. Plus the Echo.v
   K-closure note (from PR #173's main re-port).

No source/proof changes — pure documentation. Allows the
trusted-base reduction policy check to substring-match all
escape-hatch sites in Semantics_L1.v.

Refs design-branch PRs #169 / #170 / #172 / #173, PR #176 (L2 hybrid).
@hyperpolymath hyperpolymath force-pushed the docs/main-l1-enumeration branch from f32b687 to 2aebf63 Compare May 27, 2026 11:56
@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 27, 2026

🔍 Hypatia Security Scan

Findings: 38 issues detected

Severity Count
🔴 Critical 9
🟠 High 10
🟡 Medium 19

⚠️ Action Required: Critical security issues found!

View findings 
[
  {
    "reason": "Action hyperpolymath/standards/.github/workflows/governance-reusable.yml@main needs attention",
    "type": "unpinned_action",
    "file": "governance.yml",
    "action": "pin_sha",
    "rule_module": "workflow_audit",
    "severity": "high"
  },
  {
    "reason": "Admitted leaves proof hole (12 occurrences, CWE-704)",
    "type": "admitted",
    "file": "/home/runner/work/ephapax/ephapax/formal/Semantics_L1.v",
    "action": "flag",
    "rule_module": "code_safety",
    "severity": "critical"
  },
  {
    "reason": "Coq admit tactic leaves goal unproven (6 occurrences, CWE-704)",
    "type": "coq_admit_tactic",
    "file": "/home/runner/work/ephapax/ephapax/formal/Semantics_L1.v",
    "action": "flag",
    "rule_module": "code_safety",
    "severity": "critical"
  },
  {
    "reason": "User-defined Coq axiom -- not verified by kernel (2 occurrences, CWE-704)",
    "type": "coq_axiom",
    "file": "/home/runner/work/ephapax/ephapax/formal/Semantics_L1.v",
    "action": "flag",
    "rule_module": "code_safety",
    "severity": "medium"
  },
  {
    "reason": "Admitted leaves proof hole (3 occurrences, CWE-704)",
    "type": "admitted",
    "file": "/home/runner/work/ephapax/ephapax/formal/Semantics.v",
    "action": "flag",
    "rule_module": "code_safety",
    "severity": "critical"
  },
  {
    "reason": "Coq admit tactic leaves goal unproven (7 occurrences, CWE-704)",
    "type": "coq_admit_tactic",
    "file": "/home/runner/work/ephapax/ephapax/formal/Semantics.v",
    "action": "flag",
    "rule_module": "code_safety",
    "severity": "critical"
  },
  {
    "reason": "User-defined Coq axiom -- not verified by kernel (2 occurrences, CWE-704)",
    "type": "coq_axiom",
    "file": "/home/runner/work/ephapax/ephapax/formal/Semantics.v",
    "action": "flag",
    "rule_module": "code_safety",
    "severity": "medium"
  },
  {
    "reason": "believe_me undermines formal verification (1 occurrences, CWE-704)",
    "type": "believe_me",
    "file": "/home/runner/work/ephapax/ephapax/src/formal/Ephapax/Formal/RegionLinear.idr",
    "action": "flag",
    "rule_module": "code_safety",
    "severity": "critical"
  },
  {
    "reason": "assert_total bypasses totality checker (1 occurrences, CWE-704)",
    "type": "assert_total",
    "file": "/home/runner/work/ephapax/ephapax/src/formal/Ephapax/Formal/RegionLinear.idr",
    "action": "flag",
    "rule_module": "code_safety",
    "severity": "high"
  },
  {
    "reason": "expect() in hot path (1 occurrences, CWE-754)",
    "type": "expect_in_hot_path",
    "file": "/home/runner/work/ephapax/ephapax/src/ephapax-repl/src/lib.rs",
    "action": "flag",
    "rule_module": "code_safety",
    "severity": "medium"
  }
]

Powered by Hypatia Neurosymbolic CI/CD Intelligence

@hyperpolymath hyperpolymath merged commit f636912 into main May 27, 2026
17 checks passed
@hyperpolymath hyperpolymath deleted the docs/main-l1-enumeration branch May 27, 2026 12:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@hyperpolymath