Skip to content

docs: refresh AFFIRMATION to main HEAD (checked_add resolved, abi-conformance required)#41

Merged
hyperpolymath merged 1 commit into
mainfrom
docs/affirmation-refresh-2026-06-16
Jun 16, 2026
Merged

docs: refresh AFFIRMATION to main HEAD (checked_add resolved, abi-conformance required)#41
hyperpolymath merged 1 commit into
mainfrom
docs/affirmation-refresh-2026-06-16

Conversation

@hyperpolymath

@hyperpolymath hyperpolymath commented Jun 16, 2026

Copy link
Copy Markdown
Owner

Summary

A fresh AFFIRMATION snapshot, re-stamped at main HEAD after #39 + #40. The previous affirmation (merged in #39) is anchored to a82bb31, where checked_add genuinely was a wrapping misnomer — that frozen snapshot was left intact. This refresh re-anchors to 70d9f65 and folds in what changed since:

  • checked_add finding RESOLVED — now genuinely checked (overflow traps); the metamorphic oracle is the checked (not wrapping) one.
  • abi-conformance is now a required status check on main.
  • Re-anchored to 70d9f65; parent == anchor.

Verification (re-run on main this commit, 2026-06-16T15:03:15Z)

  • just proof-check-all → exit 0 (10 gated artifacts)
  • just abi-conformance → 15/15 (2 guests)
  • mix test → 30/30 (OTP 25)

🤖 Generated with Claude Code

@hyperpolymath @claude
docs: refresh AFFIRMATION.adoc to main HEAD (70d9f65) — checked_add r…
d136ef8 
…esolved

Re-stamp the honesty snapshot at main after #39 + #40: re-anchored to 70d9f65, gates re-run green this moment (proof-check-all exit 0, abi-conformance 15/15, mix test 30/30). checked_add finding now RESOLVED (genuinely checked, overflow traps); abi-conformance is now a REQUIRED check; the metamorphic oracle is the checked (not wrapping) one. Supersedes the a82bb31 snapshot, which correctly described checked_add as wrapping at that earlier anchor.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@github-actions

github-actions Bot commented Jun 16, 2026

Copy link
Copy Markdown

🔍 Hypatia Security Scan

Findings: 54 issues detected

Severity Count
🔴 Critical 5
🟠 High 23
🟡 Medium 26

⚠️ Action Required: Critical security issues found!

View findings 
[
  {
    "reason": "Action actions/checkout@v4 needs attention",
    "type": "unpinned_action",
    "file": "rust-guest-verify.yml",
    "action": "pin_sha",
    "rule_module": "workflow_audit",
    "severity": "medium"
  },
  {
    "reason": "Issue in rust-guest-verify.yml",
    "type": "missing_timeout_minutes",
    "file": "rust-guest-verify.yml",
    "action": "flag",
    "rule_module": "workflow_audit",
    "severity": "medium"
  },
  {
    "reason": "Issue in scorecard-enforcer.yml",
    "type": "scorecard_publish_with_run_step",
    "file": "scorecard-enforcer.yml",
    "action": "split_scorecard_publish_job",
    "rule_module": "workflow_audit",
    "severity": "high"
  },
  {
    "reason": "Issue in instant-sync.yml",
    "type": "secret_action_without_presence_gate",
    "file": "instant-sync.yml",
    "action": "peter-evans/repository-dispatch",
    "rule_module": "workflow_audit",
    "severity": "high"
  },
  {
    "reason": "Issue in scorecard.yml",
    "type": "scorecard_wrapper_missing_job_permissions",
    "file": "scorecard.yml",
    "action": "flag",
    "rule_module": "workflow_audit",
    "severity": "high"
  },
  {
    "reason": "Issue in codeql.yml",
    "type": "codeql_missing_actions_language",
    "file": "codeql.yml",
    "action": "flag",
    "rule_module": "workflow_audit",
    "severity": "medium"
  },
  {
    "reason": "Python file detected -- banned language",
    "type": "banned_language_file",
    "file": "/home/runner/work/snifs/snifs/benches/assert_safer.py",
    "action": "flag",
    "rule_module": "cicd_rules",
    "severity": "critical"
  },
  {
    "reason": "Python file detected -- banned language",
    "type": "banned_language_file",
    "file": "/home/runner/work/snifs/snifs/verification/tools/abi_conformance.py",
    "action": "flag",
    "rule_module": "cicd_rules",
    "severity": "critical"
  },
  {
    "reason": "unsafe block -- requires SAFETY comment (4 occurrences, CWE-676)",
    "type": "unsafe_block",
    "file": "/home/runner/work/snifs/snifs/rust/crates/snif-abi/src/lib.rs",
    "action": "flag",
    "rule_module": "code_safety",
    "severity": "medium"
  },
  {
    "reason": "unsafe block -- requires SAFETY comment (1 occurrences, CWE-676)",
    "type": "unsafe_block",
    "file": "/home/runner/work/snifs/snifs/rust/crates/demo-guest/src/lib.rs",
    "action": "flag",
    "rule_module": "code_safety",
    "severity": "medium"
  }
]

Powered by Hypatia Neurosymbolic CI/CD Intelligence

@hyperpolymath hyperpolymath merged commit 73e3b72 into main Jun 16, 2026
11 of 13 checks passed
@hyperpolymath hyperpolymath deleted the docs/affirmation-refresh-2026-06-16 branch June 16, 2026 15:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@hyperpolymath