Pre-existing governance/CI failures unrelated to feature PRs (ReScript anti-pattern, Hypatia baseline format, workflow audit)

[hyperpolymath]

Splitting these out of #84 (test-coverage work) so feature PRs aren't blocked by inherited main failures. All of the below reproduce on main and are independent of any single PR's diff.

1. governance / Language / package anti-pattern policy — failing

Flags committed ReScript (.res) files as a banned language ("use AffineScript instead"):

• frontier-practices/agents/{Blue,Green,Indigo,Orange,Red,Violet,Yellow}Agent.res, frontier-practices/agents/Types.res
• frontier-practices/tools/RevealSystem.res

Options: port to AffineScript, or add an exemption via .hypatia-ignore / inline # hypatia:ignore cicd_rules/banned_language_file pragma if these are intentionally ReScript.

2. governance / Validate Hypatia baseline — failing

The validator (jq fallback in the hyperpolymath/standards reusable workflow) requires .hypatia-baseline.json to be an array of finding objects:

type == "array" and all(.[]; has("severity") and has("rule_module") and has("type") and (has("file") or has("file_pattern")))

The committed .hypatia-baseline.json is an object ({ "_comment": ..., "fingerprints": [] }), so type == "array" is false and the step exits 1. The baseline format and the validator's expected schema have diverged — they need reconciling (update the baseline to the array schema, or align the validator/schema in hyperpolymath/standards).

3. Hypatia scan workflow_audit findings (advisory comment on PRs)

• unpinned_action: governance.yml uses hyperpolymath/standards/.github/workflows/governance-reusable.yml@main (not SHA-pinned). Note the repo's own hooks/validate-sha-pins.sh also flags this.
• missing_timeout_minutes on several workflows: cflite_batch.yml, cflite_pr.yml, checker-scaling.yml, codeql.yml, governance.yml, hypatia-scan.yml. (The new coverage.yml finding has already been addressed in test: conformance suite, workspace coverage CI, and testing roadmap #84.)

Suggested actions

• Decide ReScript files: port to AffineScript or exempt via .hypatia-ignore
• Reconcile .hypatia-baseline.json shape with the validator schema
• SHA-pin the reusable governance workflow (or document why @main is required)
• Add timeout-minutes to the listed workflows

https://claude.ai/code/session_014uKLLhZiAGNayhLjdxGXUx

[hyperpolymath]

4. checker-scaling / scaling (ubuntu-latest) — flaky / runner-sensitive

Observed failing on PR #84, but the failure is not caused by that PR (its diff is identical to main for crates/my-lang/src/checker.rs and tests/checker_alloc_scaling.rs).

The #14 allocation-scaling guard checker_allocation_is_linear_in_chain_depth measures per-level checker allocation across chain depths and asserts the cost stays roughly linear. On the GitHub ubuntu-latest runner it measured a 3.57× deepest/shallowest ratio, tripping the guard:

depth   bytes        bytes/level
16      59548        3721.8
32      332353       10386.0
64      936436       14631.8
96      1274760      13278.8
ratio (deepest/shallowest) = 3.57   -> FAILED

Locally (release, 3 consecutive runs) the same test passes with the ratio under threshold. So the assertion is sensitive to the runner's allocator behaviour rather than to a code regression — i.e. a brittle/flaky guard that can fail on main under the same conditions.

Suggested action (needs an allocator/threshold owner — out of scope for unrelated PRs):

• Make the linearity guard robust to allocator variance (e.g. compare against a tolerance band / amortised growth rather than a raw deepest/shallowest ratio, average over repeats, or pin the global allocator for the measurement), or mark it #[ignore] in CI until hardened.

https://claude.ai/code/session_014uKLLhZiAGNayhLjdxGXUx

---

Generated by Claude Code

[hyperpolymath]

Scope update — two items resolved by #83

Cross-referencing the open work: PR #83 already addresses two of the items here, so this tracker narrows accordingly.

• ✅ Item 2 (Validate Hypatia baseline) — proofs + docs: AffineScript alignment, echo-type integration foundation, CI fix #83 converts .hypatia-baseline.json to a valid array, which is what the standards validator's jq -e 'type == "array"' check requires.
• ✅ Item 1 (ReScript anti-pattern) — proofs + docs: AffineScript alignment, echo-type integration foundation, CI fix #83 adds a rationale'd frontier-practices/ exemption to .hypatia-ignore (consistent with the existing playground/ and dialects/ entries).

Still open after #83:

• Item 3 — workflow audit: add timeout-minutes to cflite_batch.yml, cflite_pr.yml, checker-scaling.yml, codeql.yml, governance.yml, hypatia-scan.yml, mirror.yml; and SHA-pin (or document @main for) the standards governance reusable workflow.
• Flaky #14 allocation-scaling guard (scaling (ubuntu-latest)) — harden against runner-allocator variance.

The repeatable automation to stop these recurring is designed in #87; the one-off mechanical timeout fixes can land as a small follow-up PR.

---

Generated by Claude Code