rigortype 0.0.3 → 0.0.5

data/lib/rigor/inference/narrowing.rb

@@ -241,6 +241,55 @@ module Rigor
         narrow_class_dispatch(type, class_name, context)
       end
 
+      # Negation pair for `assert_value is ~refinement` /
+      # `predicate-if-* … is ~refinement` directives. Computes
+      # the complement of `refinement` within the current
+      # local's domain `current_type`.
+      #
+      # Carrier-by-carrier rules:
+      #
+      # - `Difference[base, Constant[v]]`. Complement of
+      #   `base \ {v}` within `current_type`. Walk the current
+      #   type's union members, keep each part disjoint from
+      #   `base`, and add the removed-value Constant once when
+      #   any current member covers it. `assert s is
+      #   ~non-empty-string` over `s: String | nil` narrows to
+      #   `Constant[""] | NilClass`.
+      # - `IntegerRange[a, b]` (v0.0.5+ slice). Complement is
+      #   the two open halves `int<min, a-1>` and
+      #   `int<b+1, max>`, each intersected with the
+      #   integer-domain parts of `current_type`. Non-integer
+      #   parts (nil, String, …) of a Union receiver survive
+      #   unchanged. `assert n is ~int<5, 10>` over `n:
+      #   Integer | nil` narrows to `int<min, 4> | int<11,
+      #   max> | NilClass`.
+      # - `Type::Intersection[M1, M2, …]` (v0.0.5+ slice). De
+      #   Morgan: `D \ (M1 ∩ M2) = (D \ M1) ∪ (D \ M2)`. Each
+      #   member's complement is computed independently within
+      #   `current_type` and the results are unioned. Members
+      #   the algebra cannot complement (Refined, non-Constant
+      #   Difference, …) contribute `current_type` itself, so
+      #   the union widens the answer to `current_type` —
+      #   sound but imprecise.
+      # - `Refined[base, predicate]`. Predicate complements are
+      #   not reducible to a finite carrier without a richer
+      #   shape (e.g. `~lowercase-string` is "uppercase OR
+      #   mixed-case"); `current_type` is returned unchanged.
+      def narrow_not_refinement(current_type, refinement_type)
+        case refinement_type
+        when Type::Difference
+          return current_type unless refinement_type.removed.is_a?(Type::Constant)
+
+          complement_difference(current_type, refinement_type)
+        when Type::IntegerRange
+          complement_integer_range(current_type, refinement_type)
+        when Type::Intersection
+          complement_intersection(current_type, refinement_type)
+        else
+          current_type
+        end
+      end
+
       # Public predicate analyser. Returns `[truthy_scope, falsey_scope]`,
       # always; when no narrowing rule matches the predicate node both
       # entries are the receiver scope unchanged.
@@ -321,6 +370,162 @@ module Rigor
       class << self
         private
 
+        # Complement of `Difference[base, Constant[v]]` within
+        # `current_type`. Walks the current type's union members,
+        # keeps each member disjoint from `base` (those values
+        # were never in the refinement to begin with), and adds
+        # the removed-value `Constant[v]` exactly once when any
+        # current member covers it. Members that are fully
+        # contained in the refinement (i.e. inside `base` and
+        # NOT equal to the removed value) are dropped — they are
+        # exactly the values the negation excludes.
+        def complement_difference(current_type, difference)
+          base = difference.base
+          removed = difference.removed
+          parts = current_type.is_a?(Type::Union) ? current_type.members : [current_type]
+
+          survivors = []
+          add_removed = false
+          parts.each do |part|
+            if base_disjoint?(base, part)
+              survivors << part
+            elsif part_covers_constant?(part, removed)
+              add_removed = true
+            end
+          end
+          survivors << removed if add_removed
+
+          return current_type if survivors.empty?
+
+          Type::Combinator.union(*survivors)
+        end
+
+        def base_disjoint?(base, part)
+          base.accepts(part, mode: :gradual).no?
+        end
+
+        def part_covers_constant?(part, constant)
+          result = part.accepts(constant, mode: :gradual)
+          result.yes? || result.maybe?
+        end
+
+        # Complement of an `IntegerRange[a, b]` within
+        # `current_type`. Splits the range complement into the
+        # two open halves `int<min, a-1>` and `int<b+1, max>`
+        # (skipping a half when its bound is infinity), then
+        # intersects each half with the integer-domain parts of
+        # `current_type`. Non-integer parts of a Union receiver
+        # (nil, String, …) survive unchanged.
+        # rubocop:disable Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity
+        def complement_integer_range(current_type, range)
+          halves = integer_range_complement_halves(range)
+          parts = current_type.is_a?(Type::Union) ? current_type.members : [current_type]
+
+          survivors = []
+          parts.each do |part|
+            if integer_member?(part)
+              halves.each do |half|
+                meet = intersect_integer_part(part, half)
+                survivors << meet unless meet.nil? || meet.is_a?(Type::Bot)
+              end
+            else
+              survivors << part
+            end
+          end
+
+          return current_type if survivors.empty?
+
+          Type::Combinator.union(*survivors)
+        end
+        # rubocop:enable Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity
+
+        # Returns the two open halves of an IntegerRange's
+        # complement: the left half `int<-∞, a-1>` (when `a` is
+        # finite) and the right half `int<b+1, ∞>` (when `b` is
+        # finite). Universal ranges (both bounds infinite) yield
+        # an empty array — the complement is empty.
+        def integer_range_complement_halves(range)
+          halves = []
+          left_max = range.min
+          right_min = range.max
+
+          if left_max.is_a?(Integer)
+            halves << Type::Combinator.integer_range(Type::IntegerRange::NEG_INFINITY, left_max - 1)
+          end
+          if right_min.is_a?(Integer)
+            halves << Type::Combinator.integer_range(right_min + 1, Type::IntegerRange::POS_INFINITY)
+          end
+          halves
+        end
+
+        def integer_member?(part)
+          case part
+          when Type::Constant then part.value.is_a?(Integer)
+          when Type::IntegerRange then true
+          when Type::Nominal then part.class_name == "Integer"
+          else false
+          end
+        end
+
+        # Intersect an integer-domain part with a complement
+        # half-range. For a Nominal[Integer] receiver the meet
+        # is the half itself; for an existing IntegerRange the
+        # meet narrows both bounds; for a Constant[Integer] the
+        # meet is the constant when the half covers it,
+        # otherwise nil.
+        def intersect_integer_part(part, half)
+          case part
+          when Type::Nominal
+            half
+          when Type::IntegerRange
+            integer_range_meet(part, half)
+          when Type::Constant
+            half.covers?(part.value) ? part : nil
+          end
+        end
+
+        def integer_range_meet(left, right)
+          low = numeric_to_bound([integer_bound_value(left.min), integer_bound_value(right.min)].max)
+          high = numeric_to_bound([integer_bound_value(left.max), integer_bound_value(right.max)].min)
+          return nil if integer_range_disjoint?(low, high)
+
+          Type::Combinator.integer_range(low, high)
+        end
+
+        def integer_bound_value(bound)
+          return -Float::INFINITY if bound == Type::IntegerRange::NEG_INFINITY
+          return Float::INFINITY if bound == Type::IntegerRange::POS_INFINITY
+
+          bound
+        end
+
+        def numeric_to_bound(value)
+          return Type::IntegerRange::NEG_INFINITY if value == -Float::INFINITY
+          return Type::IntegerRange::POS_INFINITY if value == Float::INFINITY
+
+          value.to_i
+        end
+
+        def integer_range_disjoint?(low, high)
+          return false if low == Type::IntegerRange::NEG_INFINITY
+          return false if high == Type::IntegerRange::POS_INFINITY
+
+          low > high
+        end
+
+        # De Morgan: `D \ (M1 ∩ M2 ∩ …) = (D \ M1) ∪ (D \ M2) ∪
+        # …`. Each member's complement is computed independently
+        # within `current_type` and the results are unioned.
+        # Members the algebra cannot complement contribute
+        # `current_type` itself, so the union widens to
+        # `current_type` overall — sound but imprecise.
+        def complement_intersection(current_type, intersection)
+          per_member = intersection.members.map do |member|
+            Narrowing.narrow_not_refinement(current_type, member)
+          end
+          Type::Combinator.union(*per_member)
+        end
+
         def falsey_value?(value)
           value.nil? || value == false
         end
@@ -1029,6 +1234,12 @@ module Rigor
         # the effect's `negative?` flag. Shared between
         # predicate-if-* and assert-if-* application paths.
         def narrow_for_effect(current, effect, environment)
+          if effect.respond_to?(:refinement?) && effect.refinement?
+            return narrow_not_refinement(current, effect.refinement_type) if effect.negative?
+
+            return effect.refinement_type
+          end
+
           if effect.negative?
             narrow_not_class(current, effect.class_name, exact: false, environment: environment)
           else

data/lib/rigor/inference/scope_indexer.rb

@@ -4,6 +4,7 @@ require "prism"
 
 require_relative "../scope"
 require_relative "../type"
+require_relative "narrowing"
 require_relative "statement_evaluator"
 
 module Rigor
@@ -475,16 +476,9 @@ module Rigor
 
         case node
         when Prism::ModuleNode, Prism::ClassNode
-          name = qualified_name_for(node.constant_path)
-          if name
-            full = (qualified_prefix + [name]).join("::")
-            singleton = Type::Combinator.singleton_of(full)
-            identity_table[node.constant_path] = singleton
-            discovered[full] = singleton
-            child_prefix = qualified_prefix + [name]
-            record_declarations(node.body, child_prefix, identity_table, discovered) if node.body
-            return
-          end
+          return if record_class_or_module?(node, qualified_prefix, identity_table, discovered)
+        when Prism::ConstantWriteNode
+          return if record_data_define_constant?(node, qualified_prefix, identity_table, discovered)
         end
 
         node.compact_child_nodes.each do |child|
@@ -492,6 +486,60 @@ module Rigor
         end
       end
 
+      def record_class_or_module?(node, qualified_prefix, identity_table, discovered)
+        name = qualified_name_for(node.constant_path)
+        return false unless name
+
+        full = (qualified_prefix + [name]).join("::")
+        singleton = Type::Combinator.singleton_of(full)
+        identity_table[node.constant_path] = singleton
+        discovered[full] = singleton
+        child_prefix = qualified_prefix + [name]
+        record_declarations(node.body, child_prefix, identity_table, discovered) if node.body
+        true
+      end
+
+      # Recognises `Const = Data.define(*Symbol) [do ... end]` and registers
+      # `Const` (qualified by the surrounding class/module path) as a
+      # discovered class. `Const.new(...)` then resolves to a fresh
+      # `Nominal[Const]` via `meta_new`, instead of the un-narrowed
+      # `Dynamic[top]` returned by the default `Class#new` envelope.
+      #
+      # The Data.define block body, if present, is recursed into so any
+      # nested class/module declarations in the override block (rare but
+      # legal) still feed the discovered table.
+      def record_data_define_constant?(node, qualified_prefix, identity_table, discovered)
+        return false unless data_define_call?(node.value)
+
+        full = (qualified_prefix + [node.name.to_s]).join("::")
+        discovered[full] = Type::Combinator.singleton_of(full)
+        record_declarations(node.value, qualified_prefix, identity_table, discovered)
+        true
+      end
+
+      # Recognises `Data.define(*Symbol)` and `Data.define(*Symbol) do ... end`
+      # at constant-write rvalue position. The receiver MUST be the bare
+      # `Data` constant (or `::Data`); other receivers (a local variable, a
+      # method call return) are rejected because their identity is not
+      # statically known.
+      def data_define_call?(node)
+        return false unless node.is_a?(Prism::CallNode)
+        return false unless node.name == :define
+        return false unless data_constant_receiver?(node.receiver)
+
+        args = node.arguments&.arguments || []
+        args.all?(Prism::SymbolNode)
+      end
+
+      def data_constant_receiver?(node)
+        case node
+        when Prism::ConstantReadNode
+          node.name == :Data
+        when Prism::ConstantPathNode
+          node.parent.nil? && node.name == :Data
+        end
+      end
+
       def qualified_name_for(constant_path_node)
         case constant_path_node
         when Prism::ConstantReadNode
@@ -515,6 +563,13 @@ module Rigor
       # Prism node the StatementEvaluator did not visit (i.e. expression-
       # interior nodes like the receiver/args of a CallNode). Those
       # nodes inherit their nearest recorded ancestor's scope.
+      #
+      # `IfNode` / `UnlessNode` are special-cased: the truthy and falsey
+      # branches each get their predicate's narrowed scope before
+      # recursing. This handles expression-position conditionals
+      # (e.g. `cache[k] = if cond; t; else; e; end` and conditionals
+      # nested as call arguments) which are typed by ExpressionTyper
+      # without going through `eval_if`'s narrowing path.
       def propagate(node, table, parent_scope)
         return unless node.is_a?(Prism::Node)
 
@@ -526,7 +581,28 @@ module Rigor
             parent_scope
           end
 
-        node.compact_child_nodes.each { |child| propagate(child, table, current_scope) }
+        case node
+        when Prism::IfNode
+          propagate_if_branches(node, table, current_scope)
+        when Prism::UnlessNode
+          propagate_unless_branches(node, table, current_scope)
+        else
+          node.compact_child_nodes.each { |child| propagate(child, table, current_scope) }
+        end
+      end
+
+      def propagate_if_branches(node, table, current_scope)
+        truthy_scope, falsey_scope = Narrowing.predicate_scopes(node.predicate, current_scope)
+        propagate(node.predicate, table, current_scope) if node.predicate
+        propagate(node.statements, table, truthy_scope) if node.statements
+        propagate(node.subsequent, table, falsey_scope) if node.subsequent
+      end
+
+      def propagate_unless_branches(node, table, current_scope)
+        truthy_scope, falsey_scope = Narrowing.predicate_scopes(node.predicate, current_scope)
+        propagate(node.predicate, table, current_scope) if node.predicate
+        propagate(node.statements, table, falsey_scope) if node.statements
+        propagate(node.else_clause, table, truthy_scope) if node.else_clause
       end
     end
     # rubocop:enable Metrics/ModuleLength

data/lib/rigor/inference/statement_evaluator.rb

@@ -894,6 +894,12 @@ module Rigor
       end
 
       def narrow_for_assert_effect(current_type, effect, environment)
+        if effect.refinement?
+          return Narrowing.narrow_not_refinement(current_type, effect.refinement_type) if effect.negative?
+
+          return effect.refinement_type
+        end
+
         if effect.negative?
           Narrowing.narrow_not_class(current_type, effect.class_name, exact: false, environment: environment)
         else

data/lib/rigor/rbs_extended.rb

@@ -50,10 +50,19 @@ module Rigor
     # when the directive uses the `~ClassName` form, in
     # which case the engine narrows AWAY from `class_name`
     # (`Narrowing.narrow_not_class`) instead of toward it.
-    PredicateEffect = Data.define(:edge, :target_kind, :target_name, :class_name, :negative) do
+    #
+    # `refinement_type` is non-nil when the right-hand side is
+    # a kebab-case refinement name (`non-empty-string`,
+    # `lowercase-string`, …) instead of a Capitalised class
+    # name. The narrowing tier substitutes the carrier for the
+    # current local type; `class_name` is then nil and
+    # `negative` is false (refinement-form directives do not
+    # support `~T` negation in v0.0.4).
+    PredicateEffect = Data.define(:edge, :target_kind, :target_name, :class_name, :negative, :refinement_type) do
       def truthy_only? = edge == :truthy_only
       def falsey_only? = edge == :falsey_only
       def negative? = negative == true
+      def refinement? = !refinement_type.nil?
     end
 
     # Returned for `assert` / `assert-if-true` /
@@ -71,11 +80,12 @@ module Rigor
     #
     # `negative` mirrors `PredicateEffect`: true when the
     # directive uses `~ClassName` syntax.
-    AssertEffect = Data.define(:condition, :target_kind, :target_name, :class_name, :negative) do
+    AssertEffect = Data.define(:condition, :target_kind, :target_name, :class_name, :negative, :refinement_type) do
       def always? = condition == :always
       def if_truthy_return? = condition == :if_truthy_return
       def if_falsey_return? = condition == :if_falsey_return
       def negative? = negative == true
+      def refinement? = !refinement_type.nil?
     end
 
     module_function
@@ -100,6 +110,14 @@ module Rigor
       effects.uniq
     end
 
+    # The right-hand side accepts either a Capitalised class
+    # name (with optional `~` negation, optional `::` prefix,
+    # qualified names) OR a kebab-case refinement payload
+    # routed through `Builtins::ImportedRefinements::Parser`
+    # (bare names, `name[T]`, `name<min, max>`). The two arms
+    # share the same overall directive shape; the parser
+    # detects which form matched by looking at the `class_name`
+    # vs `refinement` capture groups.
     PREDICATE_DIRECTIVE_PATTERN = /
       \A
       rigor:v1:(?<directive>predicate-if-(?:true|false))
@@ -107,7 +125,11 @@ module Rigor
       (?<target>self|[a-z_][a-zA-Z0-9_]*)
       \s+is\s+
       (?<negation>~?)
-      (?<class_name>(?:::)?[A-Z][A-Za-z0-9_]*(?:::[A-Z][A-Za-z0-9_]*)*)
+      (?:
+        (?<class_name>(?:::)?[A-Z][A-Za-z0-9_]*(?:::[A-Z][A-Za-z0-9_]*)*)
+        |
+        (?<refinement>[a-z][a-z0-9-]*(?:[\[<][^\]>]*[\]>])?)
+      )
       \s*
       \z
     /x
@@ -119,16 +141,18 @@ module Rigor
 
       directive = match[:directive].to_s
       target = match[:target].to_s
-      class_name = match[:class_name].to_s.sub(/\A::/, "")
       edge = directive == "predicate-if-true" ? :truthy_only : :falsey_only
-      target_kind = target == "self" ? :self : :parameter
-      target_name = target == "self" ? :self : target.to_sym
+      target_kind, target_name = target_fields(target)
+      class_name, refinement_type, negative = resolve_directive_rhs(match)
+      return nil if class_name.nil? && refinement_type.nil?
+
       PredicateEffect.new(
         edge: edge,
         target_kind: target_kind,
         target_name: target_name,
         class_name: class_name,
-        negative: match[:negation].to_s == "~"
+        negative: negative,
+        refinement_type: refinement_type
       )
     end
 
@@ -158,7 +182,11 @@ module Rigor
       (?<target>self|[a-z_][a-zA-Z0-9_]*)
       \s+is\s+
       (?<negation>~?)
-      (?<class_name>(?:::)?[A-Z][A-Za-z0-9_]*(?:::[A-Z][A-Za-z0-9_]*)*)
+      (?:
+        (?<class_name>(?:::)?[A-Z][A-Za-z0-9_]*(?:::[A-Z][A-Za-z0-9_]*)*)
+        |
+        (?<refinement>[a-z][a-z0-9-]*(?:[\[<][^\]>]*[\]>])?)
+      )
       \s*
       \z
     /x
@@ -180,18 +208,60 @@ module Rigor
       return nil if condition.nil?
 
       target = match[:target].to_s
-      class_name = match[:class_name].to_s.sub(/\A::/, "")
-      target_kind = target == "self" ? :self : :parameter
-      target_name = target == "self" ? :self : target.to_sym
+      target_kind, target_name = target_fields(target)
+      class_name, refinement_type, negative = resolve_directive_rhs(match)
+      return nil if class_name.nil? && refinement_type.nil?
+
       AssertEffect.new(
         condition: condition,
         target_kind: target_kind,
         target_name: target_name,
         class_name: class_name,
-        negative: match[:negation].to_s == "~"
+        negative: negative,
+        refinement_type: refinement_type
       )
     end
 
+    # Resolves the `class_name` / `refinement` alternation in
+    # the assert / predicate directive patterns. Returns
+    # `[class_name, refinement_type, negative]`:
+    #
+    # - Class-name arm matched: `class_name` is the resolved
+    #   string (leading `::` stripped), `refinement_type` is
+    #   nil, `negative` reflects the optional `~` prefix.
+    # - Refinement arm matched: `class_name` is nil,
+    #   `refinement_type` is the resolved `Rigor::Type`,
+    #   `negative` reflects the `~` prefix. v0.0.5 supports
+    #   refinement-form negation for the `Difference[base,
+    #   Constant]` shape (the narrowing tier computes the
+    #   complement decomposition); other refinement carriers
+    #   under negation fall back to the conservative
+    #   "current_type unchanged" answer.
+    # - Refinement payload unparseable: returns
+    #   `[nil, nil, false]` so callers can drop the directive
+    #   silently (fail-soft policy).
+    def resolve_directive_rhs(match)
+      negative = match[:negation].to_s == "~"
+      class_capture = match[:class_name]
+      return [class_capture.to_s.sub(/\A::/, ""), nil, negative] if class_capture
+
+      refinement_capture = match[:refinement]
+      return [nil, nil, false] if refinement_capture.nil?
+
+      type = Builtins::ImportedRefinements.parse(refinement_capture)
+      return [nil, nil, false] if type.nil?
+
+      [nil, type, negative]
+    end
+
+    def target_fields(target)
+      if target == "self"
+        %i[self self]
+      else
+        [:parameter, target.to_sym]
+      end
+    end
+
     # Reads the `rigor:v1:return: <kebab-name>` directive off
     # `RBS::Definition::Method#annotations`. The directive
     # overrides a method's RBS-declared return type with one of
@@ -238,11 +308,20 @@ module Rigor
       nil
     end
 
+    # The trailing payload supports the full refinement
+    # grammar in `Builtins::ImportedRefinements::Parser` —
+    # bare kebab-case names plus parameterised forms like
+    # `non-empty-array[Integer]`, `non-empty-hash[Symbol,
+    # Integer]`, and `int<5, 10>`. The directive head is
+    # consumed by the regex; the rest is forwarded to the
+    # refinement parser. Anything the parser cannot resolve
+    # falls back to nil so the call site keeps the
+    # RBS-declared return type.
     RETURN_DIRECTIVE_PATTERN = /
       \A
       rigor:v1:return:
       \s+
-      (?<refinement>[a-z][a-z0-9-]*)
+      (?<payload>\S(?:.*\S)?)
       \s*
       \z
     /x
@@ -252,7 +331,84 @@ module Rigor
       match = RETURN_DIRECTIVE_PATTERN.match(string)
       return nil if match.nil?
 
-      Builtins::ImportedRefinements.lookup(match[:refinement])
+      Builtins::ImportedRefinements.parse(match[:payload])
+    end
+
+    # Returned for `rigor:v1:param: <name> <refinement>`. The
+    # parameter name is a Ruby identifier (Symbol); the type
+    # is any `Rigor::Type` the refinement parser resolves
+    # (bare kebab-case name, parameterised form, or `int<...>`
+    # range — the same grammar the `return:` directive
+    # accepts).
+    ParamOverride = Data.define(:param_name, :type)
+
+    # Reads every `rigor:v1:param: <name> <refinement>`
+    # directive off `RBS::Definition::Method#annotations` and
+    # returns the resolved `ParamOverride` list. Annotations
+    # the parser cannot resolve (typo, unknown refinement, no
+    # `param:` directive at all) are silently dropped — the
+    # call site keeps the RBS-declared parameter type for
+    # those parameters. The reader accepts a nil method
+    # definition so call sites can pass through optional
+    # method lookups without a guard.
+    #
+    # Example annotation in an RBS file:
+    #
+    #   class Slug
+    #     %a{rigor:v1:param: id is non-empty-string}
+    #     def normalise: (::String id) -> String
+    #   end
+    #
+    # The RBS-declared type of `id` is `String`. The override
+    # tightens it to `non-empty-string` for argument-check
+    # purposes; passing a too-wide `Nominal[String]` argument
+    # is flagged as an argument-type mismatch at the call
+    # site.
+    def read_param_type_overrides(method_def)
+      return [] if method_def.nil?
+
+      annotations = method_def.annotations
+      return [] if annotations.nil? || annotations.empty?
+
+      annotations.filter_map { |annotation| parse_param_annotation(annotation.string) }
+    end
+
+    # Convenience reader for call sites that want to look up
+    # a single override by parameter name. Returns a frozen
+    # Hash<Symbol, Rigor::Type>; missing keys mean "use the
+    # RBS-declared type". Callers MUST treat the hash as
+    # read-only.
+    def param_type_override_map(method_def)
+      read_param_type_overrides(method_def).to_h { |o| [o.param_name, o.type] }.freeze
+    end
+
+    # The `is` glue word is optional so authors can write
+    # either `param: id is non-empty-string` (consistent with
+    # the existing `assert` / `predicate-if-*` directives) or
+    # the terser `param: id non-empty-string`. The trailing
+    # payload accepts the full refinement grammar in
+    # `Builtins::ImportedRefinements::Parser`.
+    PARAM_DIRECTIVE_PATTERN = /
+      \A
+      rigor:v1:param:
+      \s+
+      (?<param>[a-z_][a-zA-Z0-9_]*)
+      \s+
+      (?:is\s+)?
+      (?<payload>\S(?:.*\S)?)
+      \s*
+      \z
+    /x
+    private_constant :PARAM_DIRECTIVE_PATTERN
+
+    def parse_param_annotation(string)
+      match = PARAM_DIRECTIVE_PATTERN.match(string)
+      return nil if match.nil?
+
+      type = Builtins::ImportedRefinements.parse(match[:payload])
+      return nil if type.nil?
+
+      ParamOverride.new(param_name: match[:param].to_sym, type: type)
     end
   end
 end