Skip to content

chore: port the ABI-FFI gate from Python to Julia (RSR-H4: no Python)#174

Merged
hyperpolymath merged 1 commit into
mainfrom
claude/abi-ffi-gate-julia
Jun 27, 2026
Merged

chore: port the ABI-FFI gate from Python to Julia (RSR-H4: no Python)#174
hyperpolymath merged 1 commit into
mainfrom
claude/abi-ffi-gate-julia

Conversation

@hyperpolymath

Copy link
Copy Markdown
Owner

Summary

Clears the one pre-existing red on the estate's governance / Language / package anti-pattern policy check. scripts/abi-ffi-gate.py was the repo's last Python file (RSR-H4 bans Python — Julia for scripts/data, Rust for systems), and the whole-tree scanner flags it. Rather than suppress the scanner, this ports the gate to Julia and removes the .py, so the check goes green and the ABI↔FFI conformance gate keeps doing its job.

(Follow-up to #173 — this is the cleanup of the lone pre-existing failure carried on #172/#173.)

Changes

  • scripts/abi-ffi-gate.jl (new) — a 1:1 Julia port of the former Python gate (Julia PCRE maps directly onto Python re). Same three checks, same messages, same exit codes:
    1. the Zig FFI carries no unrendered {{...}} template tokens;
    2. every %foreign "C:<name>" symbol in the ABI .idr sources is export fn-ed by the Zig FFI;
    3. the Idris resultToInt map and the Zig Result = enum(c_int) agree on names and values (Error/err unified).
  • .github/workflows/abi-ffi-gate.yml — the ABI ↔ FFI structural conformance job now installs the pinned Julia 1.11.5 release tarball (mirroring the adjacent zig-build job's pinned-tarball pattern) and runs julia scripts/abi-ffi-gate.jl.
  • scripts/abi-ffi-gate.py (removed) — the last Python file in the repo.

RSR Quality Checklist

Required

  • Tests pass — gate runs clean locally (julia 1.11.5); cargo/Zig/Idris surfaces untouched
  • Code is formatted — idiomatic Julia
  • Linter is clean
  • No banned language patterns — this PR removes the last Python file (RSR-H4)
  • No unsafe blocks without // SAFETY: — n/a
  • No banned functions
  • SPDX license header present on abi-ffi-gate.jl (MPL-2.0)
  • No secrets, credentials, or .env files

As Applicable

  • ABI/FFI changes validated — the conformance gate's behaviour is preserved (verified below)
  • State files / CHANGELOG — no released-version change

Testing

Verified locally with julia 1.11.5 against this tree:

# OK path is byte-identical to the Python it replaces:
$ diff <(python3 abi-ffi-gate.py) <(julia abi-ffi-gate.jl)   → identical
  ABI-FFI GATE: OK (verisimiser) — 24 ABI functions exported, 8 result codes match   (exit 0)

Adversarial (the gate must fail on drift) — each returns exit 1 with the right diagnosis:

Injected drift Result
null_pointer = 49 in the Zig enum ❌ "Result-code map differs (name or value)"
remove an export fn ❌ "1 ABI function(s) not exported by the Zig FFI"
add a {{PROJECT_NAME}} token to the Zig ❌ "Zig FFI has unrendered template tokens"

So the port is behaviour-equivalent and non-vacuous.

Screenshots

n/a (script + workflow)


🤖 Generated with Claude Code


Generated by Claude Code

`scripts/abi-ffi-gate.py` was the repo's last Python file, which the
estate-wide `governance / Language / package anti-pattern policy` check
flags (RSR-H4 bans Python — Julia for scripts/data, Rust for systems).
This replaces it with a faithful Julia port and removes the .py, so the
governance gate goes green without weakening the ABI↔FFI conformance check.

- `scripts/abi-ffi-gate.jl` — 1:1 translation (Julia PCRE maps onto Python
  `re`): same three checks (unrendered `{{...}}` tokens, every `%foreign
  "C:<name>"` ABI symbol is `export fn`-ed in Zig, and `resultToInt` ↔ Zig
  `Result enum` agree on names+values), same messages, same exit codes.
- `.github/workflows/abi-ffi-gate.yml` — the conformance job installs the
  pinned Julia 1.11.5 release tarball (mirroring the adjacent zig-build job's
  pinned-tarball pattern) and runs the .jl.

Verified locally with julia 1.11.5: on this tree the OK output is
byte-identical to the Python (`24 ABI functions exported, 8 result codes
match`), and three adversarial drifts (a changed result-code value, a missing
export, an injected `{{...}}` token) each fail with exit 1 — the gate is
behaviour-equivalent and non-vacuous.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01JdqVWGSSv36Ph8ZWvizGMp
@hyperpolymath hyperpolymath marked this pull request as ready for review June 27, 2026 21:47
@hyperpolymath hyperpolymath merged commit dd49dd3 into main Jun 27, 2026
31 checks passed
@hyperpolymath hyperpolymath deleted the claude/abi-ffi-gate-julia branch June 27, 2026 21:47
hyperpolymath added a commit that referenced this pull request Jun 27, 2026
## Summary

Follow-up to **#174**. That PR's `Install Julia` step pointed
`$GITHUB_PATH` at `/tmp/julia-1.11.5-linux-x86_64/bin`, but the official
Julia tarball extracts to `julia-1.11.5/`. The path never existed, so
the `ABI ↔ FFI structural conformance` gate silently ran on the runner's
**pre-installed** Julia and the 1.11.5 pin was a no-op — green today,
but wasteful (a ~150 MB download that's never used) and not reproducible
(it would break if the runner image ever drops Julia).

## Changes

- **`.github/workflows/abi-ffi-gate.yml`**
- `$GITHUB_PATH` → `/tmp/julia-1.11.5/bin` (the actual extracted
directory), so the pinned Julia is the one on `PATH`.
- `julia --version` echoed in the gate step, so the CI log shows the pin
is in effect (and any future regression is visible).

## RSR Quality Checklist

### Required

- [x] Tests pass — gate behaviour unchanged (verified against the same
tree under julia 1.11.5: `OK — 24 ABI functions exported, 8 result codes
match`)
- [x] Code is formatted — YAML validated locally
- [x] Linter is clean
- [x] No banned language patterns
- [x] No `unsafe` blocks — n/a
- [x] No banned functions
- [x] SPDX header unchanged
- [x] No secrets, credentials, or `.env` files

### As Applicable

- [x] ABI/FFI gate behaviour preserved (this only fixes *which* Julia
runs it)
- [ ] State files / CHANGELOG — no change

## Testing

The extracted directory name was confirmed directly: `tar -tzf
julia-1.11.5-linux-x86_64.tar.gz | head -1` → `julia-1.11.5/`, and
`/tmp/julia-1.11.5/bin/julia` is the real binary. The gate itself is
unchanged from #174 and still reports `ABI-FFI GATE: OK (verisimiser) —
24 ABI functions exported, 8 result codes match`.

## Screenshots

n/a (workflow only)

---

🤖 Generated with [Claude Code](https://claude.com/claude-code)


---
_Generated by [Claude
Code](https://claude.ai/code/session_01JdqVWGSSv36Ph8ZWvizGMp)_

Co-authored-by: Claude <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants