Expand description
§arkhe-subset-rust-check — Subset-Rust Purity Lint (E14.L1-Deny)
AST-level purity check for Action::compute bodies (E14.L1 — Compute
Determinism Closure, L1 realisation). Detects determinism-
breaking calls — clock / RNG / I/O / FFI — and bans unsafe blocks
and unsafe fn signatures inside the scanned function. Returns a
list of PurityViolations.
Macro arguments are scanned best-effort: each invocation’s tokens are
parsed as a comma-separated expression list and visited; when that
parse fails (non-expression DSLs), raw token trees are scanned for
::-joined ident sequences against the same deny rules. Ident
sequences directly after . are skipped, mirroring the AST visitor’s
method-call exclusion.
§Crate shape
Mirrors the arkhe-trait-default-check precedent: a syn-based lib
that runs on stable Rust, integrated via the #[arkhe_pure]
attribute macro shipped from arkhe-forge-macros. The macro path
catches violations at every cargo check. Coverage assertion
(“every Action::compute has the attribute”) is delegated to a
separate workspace-wide scan in arkhe-trait-default-check.
§Spec anchor
- E14 Compute Determinism Closure (MC) — Runtime axiom layer.
- E14.L1-Deny — L1
Action::computerealisation (this crate +#[arkhe_pure]).
Structs§
- Policy
- Purity policy — exact path deny, namespace prefix deny, macro-name
deny, and an
unsafeban (blocks +unsafe fnsignatures). The defaultdeny_compute_impuritypolicy covers the 4-rule deny scope (Clock + RNG + I/O + FFI). - Purity
Violation - One purity violation — a forbidden call site, prefix-matched namespace
access, denied macro invocation, or
unsafeblock /unsafe fnsignature inside the scanned function. Carries the matching deny-list entry plus a span label for diagnostic output.
Functions§
- check_
purity - Scan a function for E14.L1-Deny purity violations under
policy. - check_
purity_ default - Convenience wrapper — scan with the default
deny_compute_impuritypolicy.