invar-tools 1.2.0__py3-none-any.whl → 1.3.0__py3-none-any.whl

invar/core/postcondition_scope.py

@@ -0,0 +1,128 @@
+"""Postcondition scope validation for Guard. No I/O operations."""
+
+from __future__ import annotations
+
+import ast
+
+from deal import post, pre
+
+from invar.core.lambda_helpers import (
+    extract_func_param_names,
+    extract_used_names,
+    find_lambda,
+)
+from invar.core.models import FileInfo, RuleConfig, Severity, SymbolKind, Violation
+
+
+@pre(lambda node: isinstance(node, ast.expr))
+@post(lambda result: isinstance(result, set))
+def _extract_comprehension_bound_names(node: ast.expr) -> set[str]:
+    """Extract names bound by comprehensions (generator expressions, list comps, etc.).
+
+    Examples:
+        >>> import ast
+        >>> expr = ast.parse("all(v.rule for v in result)", mode="eval").body
+        >>> sorted(_extract_comprehension_bound_names(expr))
+        ['v']
+    """
+    bound: set[str] = set()
+    for child in ast.walk(node):
+        if isinstance(child, ast.comprehension):
+            # Extract bound variable(s) from the target
+            for name in ast.walk(child.target):
+                if isinstance(name, ast.Name):
+                    bound.add(name.id)
+    return bound
+
+
+@post(lambda result: isinstance(result, set))
+def _extract_used_names_from_expression(expression: str) -> set[str]:
+    """Extract free variable names from a lambda expression string.
+
+    Excludes comprehension-bound variables like 'v' in 'all(v.x for v in result)'.
+
+    Examples:
+        >>> sorted(_extract_used_names_from_expression("lambda result: len(result) > 0"))
+        ['len', 'result']
+        >>> _extract_used_names_from_expression("lambda x: x > 0")
+        {'x'}
+        >>> _extract_used_names_from_expression("not a lambda")
+        set()
+        >>> sorted(_extract_used_names_from_expression("lambda result: all(v.rule for v in result)"))
+        ['all', 'result']
+    """
+    if not expression.strip() or "lambda" not in expression:
+        return set()
+    try:
+        tree = ast.parse(expression, mode="eval")
+        lambda_node = find_lambda(tree)
+        if lambda_node is None:
+            return set()
+        # Extract all names from lambda body
+        all_names = extract_used_names(lambda_node.body)
+        # Subtract comprehension-bound names
+        bound_names = _extract_comprehension_bound_names(lambda_node.body)
+        return all_names - bound_names
+    except (SyntaxError, TypeError, ValueError):
+        return set()
+
+
+@post(lambda result: all(v.rule == "postcondition_scope_error" for v in result))
+def check_postcondition_scope(file_info: FileInfo, config: RuleConfig) -> list[Violation]:
+    """Check @post lambdas for references to function parameters.
+
+    @post lambdas cannot access function parameters (except via 'result').
+    They can access module-level imports and builtins via closure.
+
+    Examples:
+        >>> from invar.core.models import FileInfo, Symbol, SymbolKind, Contract, RuleConfig
+        >>> c = Contract(kind="post", expression="lambda result: result > x", line=5)
+        >>> s = Symbol(name="f", kind=SymbolKind.FUNCTION, line=1, end_line=10,
+        ...     signature="(x: int) -> int", contracts=[c])
+        >>> info = FileInfo(path="test.py", lines=10, symbols=[s], is_core=True)
+        >>> vs = check_postcondition_scope(info, RuleConfig())
+        >>> len(vs) == 1 and "x" in vs[0].message
+        True
+        >>> # Module imports are allowed
+        >>> c2 = Contract(kind="post", expression="lambda result: isinstance(result, Violation)", line=5)
+        >>> s2 = Symbol(name="g", kind=SymbolKind.FUNCTION, line=1, end_line=10,
+        ...     signature="(data: str) -> Violation", contracts=[c2])
+        >>> info2 = FileInfo(path="test.py", lines=10, symbols=[s2], is_core=True)
+        >>> check_postcondition_scope(info2, RuleConfig())
+        []
+    """
+    violations: list[Violation] = []
+    if not file_info.is_core:
+        return violations
+
+    for symbol in file_info.symbols:
+        if symbol.kind not in (SymbolKind.FUNCTION, SymbolKind.METHOD):
+            continue
+
+        # Extract function parameter names from signature
+        param_names = extract_func_param_names(symbol.signature) or []
+        # Exclude 'self', 'cls', and 'result' (valid in @post)
+        invalid_params = set(param_names) - {"self", "cls", "result"}
+
+        for contract in symbol.contracts:
+            if contract.kind != "post":
+                continue
+
+            used_names = _extract_used_names_from_expression(contract.expression)
+            # Check if any function parameters are used (they shouldn't be)
+            param_references = used_names & invalid_params
+
+            if param_references:
+                kind = "Method" if symbol.kind == SymbolKind.METHOD else "Function"
+                violations.append(
+                    Violation(
+                        rule="postcondition_scope_error",
+                        severity=Severity.ERROR,
+                        file=file_info.path,
+                        line=contract.line,
+                        message=f"{kind} '{symbol.name}' @post references function parameters: {', '.join(sorted(param_references))}",
+                        suggestion="@post lambdas can only use 'result', not function parameters",
+                    )
+                )
+
+    return violations

invar/core/property_gen.py

@@ -145,7 +145,7 @@ def generate_property_test(func: Callable) -> GeneratedTest | None:
     )
 
 
-@pre(lambda func_name, strategies: isinstance(func_name, str) and isinstance(strategies, dict))
+@pre(lambda func_name, strategies: len(func_name) > 0 and len(strategies) > 0)
 @post(lambda result: isinstance(result, str) and "@given" in result)
 def _generate_test_code(func_name: str, strategies: dict[str, str]) -> str:
     """
@@ -194,7 +194,10 @@ def _check_decorator_contracts(dec: ast.Call) -> tuple[bool, bool]:
     return has_pre, has_post
 
 
-@pre(lambda node: isinstance(node, (ast.FunctionDef, ast.AsyncFunctionDef)))
+@pre(lambda node: (
+    isinstance(node, (ast.FunctionDef, ast.AsyncFunctionDef)) and
+    hasattr(node, 'decorator_list')
+))
 @post(lambda result: isinstance(result, tuple) and len(result) == 2)
 def _get_function_contracts(node: ast.FunctionDef | ast.AsyncFunctionDef) -> tuple[bool, bool]:
     """Check function decorators for contracts, return (has_pre, has_post).
@@ -331,7 +334,7 @@ def build_test_function(
     return property_test
 
 
-@pre(lambda error_str: isinstance(error_str, str))
+@pre(lambda error_str: len(error_str) > 0)
 @post(lambda result: result is None or isinstance(result, int))
 def _extract_hypothesis_seed(error_str: str) -> int | None:
     """Extract Hypothesis seed from error message (DX-26).
@@ -354,7 +357,7 @@ def _extract_hypothesis_seed(error_str: str) -> int | None:
     return None
 
 
-@pre(lambda name, reason: isinstance(name, str) and isinstance(reason, str))
+@pre(lambda name, reason: len(name) > 0 and len(reason) > 0)
 @post(lambda result: isinstance(result, PropertyTestResult) and result.passed)
 def _skip_result(name: str, reason: str) -> PropertyTestResult:
     """Create a skip result (passed=True, 0 examples)."""
@@ -368,7 +371,7 @@ _SKIP_PATTERNS = (
 )
 
 
-@pre(lambda err_str, func_name, max_examples: isinstance(err_str, str))
+@pre(lambda err_str, func_name, max_examples: len(err_str) > 0 and len(func_name) > 0 and max_examples > 0)
 @post(lambda result: isinstance(result, PropertyTestResult))
 def _handle_test_exception(
     err_str: str, func_name: str, max_examples: int

invar/core/purity.py

@@ -13,7 +13,7 @@ from __future__ import annotations
 
 import ast
 
-from deal import pre
+from deal import post, pre
 
 from invar.core.models import FileInfo, RuleConfig, Severity, SymbolKind, Violation
 
@@ -284,7 +284,7 @@ def count_doctest_lines(node: ast.FunctionDef | ast.AsyncFunctionDef) -> int:
 # Rule checking functions
 
 
-@pre(lambda file_info, config: isinstance(file_info, FileInfo))
+@post(lambda result: all(v.rule == "internal_import" for v in result))  # Rule consistency
 def check_internal_imports(file_info: FileInfo, config: RuleConfig) -> list[Violation]:
     """
     Check for imports inside function bodies.
@@ -324,7 +324,7 @@ def check_internal_imports(file_info: FileInfo, config: RuleConfig) -> list[Viol
     return violations
 
 
-@pre(lambda file_info, config: isinstance(file_info, FileInfo))
+@post(lambda result: all(v.rule == "impure_call" for v in result))  # Rule consistency
 def check_impure_calls(file_info: FileInfo, config: RuleConfig) -> list[Violation]:
     """
     Check for calls to known impure functions.

invar/core/purity_heuristics.py

@@ -10,7 +10,7 @@ from __future__ import annotations
 import re
 from dataclasses import dataclass
 
-from deal import post, pre
+from deal import post
 
 # Name patterns suggesting impurity
 IMPURE_NAME_PATTERNS = [
@@ -75,8 +75,7 @@ class HeuristicResult:
     hints: list[str]
 
 
-@pre(lambda func_name, hints: isinstance(func_name, str) and isinstance(hints, list))
-@post(lambda result: isinstance(result, tuple) and len(result) == 2)
+@post(lambda result: len(result) == 2 and all(x >= 0 for x in result))  # Scores are non-negative
 def _analyze_name_patterns(func_name: str, hints: list[str]) -> tuple[int, int]:
     """Analyze function name for purity hints. Returns (impure_score, pure_score).
 
@@ -98,8 +97,7 @@ def _analyze_name_patterns(func_name: str, hints: list[str]) -> tuple[int, int]:
     return impure, pure
 
 
-@pre(lambda signature, hints: isinstance(hints, list))
-@post(lambda result: isinstance(result, tuple) and len(result) == 2)
+@post(lambda result: len(result) == 2 and all(x >= 0 for x in result))  # Scores are non-negative
 def _analyze_signature(signature: str | None, hints: list[str]) -> tuple[int, int]:
     """Analyze signature for purity hints. Returns (impure_score, pure_score).
 
@@ -122,8 +120,7 @@ def _analyze_signature(signature: str | None, hints: list[str]) -> tuple[int, in
     return impure, pure
 
 
-@pre(lambda docstring, hints: isinstance(hints, list))
-@post(lambda result: isinstance(result, int) and result >= 0)
+@post(lambda result: result >= 0)  # Impure score is non-negative
 def _analyze_docstring(docstring: str | None, hints: list[str]) -> int:
     """Analyze docstring for purity hints. Returns impure_score.
 
@@ -141,8 +138,7 @@ def _analyze_docstring(docstring: str | None, hints: list[str]) -> int:
     return 0
 
 
-@pre(lambda func_name, signature=None, docstring=None: isinstance(func_name, str))
-@post(lambda result: isinstance(result, HeuristicResult))
+@post(lambda result: 0.0 <= result.confidence <= 1.0)  # Confidence in [0, 1]
 def analyze_purity_heuristic(
     func_name: str,
     signature: str | None = None,

invar/core/references.py

@@ -17,8 +17,8 @@ from deal import post, pre
 from invar.core.models import FileInfo, PerceptionMap, SymbolKind, SymbolRefs
 
 
-@pre(lambda source, known_symbols: isinstance(source, str) and len(source) > 0)
-@post(lambda result: isinstance(result, list))
+@pre(lambda source, known_symbols: len(source) > 0 and len(known_symbols) > 0)  # Non-empty inputs
+@post(lambda result: all(isinstance(name, str) and line > 0 for name, line in result))  # Valid refs
 def find_references_in_source(source: str, known_symbols: set[str]) -> list[tuple[str, int]]:
     """
     Find references to known symbols in source code.
@@ -51,8 +51,7 @@ def find_references_in_source(source: str, known_symbols: set[str]) -> list[tupl
     return list(seen)
 
 
-@pre(lambda file_infos: isinstance(file_infos, list))
-@post(lambda result: isinstance(result, dict))
+@post(lambda result: all(isinstance(v, str) for v in result.values()))
 def build_symbol_table(file_infos: list[FileInfo]) -> dict[str, str]:
     """
     Build a mapping of symbol names to their defining file.
@@ -78,7 +77,7 @@ def build_symbol_table(file_infos: list[FileInfo]) -> dict[str, str]:
     return symbol_table
 
 
-@pre(lambda file_infos, sources: isinstance(file_infos, list))
+@post(lambda result: all("::" in k and v >= 0 for k, v in result.items()))  # Valid ref counts
 def count_cross_file_references(
     file_infos: list[FileInfo], sources: dict[str, str]
 ) -> dict[str, int]:
@@ -124,6 +123,8 @@ def count_cross_file_references(
 
 @pre(lambda file_infos, sources, project_root: (
     isinstance(file_infos, list) and
+    all(isinstance(fi, FileInfo) for fi in file_infos) and
+    isinstance(sources, dict) and
     isinstance(project_root, str) and len(project_root) > 0
 ))
 def build_perception_map(
@@ -172,8 +173,9 @@ def build_perception_map(
         )
     except Exception:
         # Handle CrossHair symbolic value validation failures
+        # Use safe literal value that always passes validation
         return PerceptionMap(
-            project_root="",
+            project_root="/",
             total_files=0,
             total_symbols=0,
             symbols=[],

invar/core/review_trigger.py

@@ -38,8 +38,7 @@ SECURITY_WORD_PATTERNS: tuple[str, ...] = (
 )
 
 
-@pre(lambda file_info: isinstance(file_info, FileInfo))
-@post(lambda result: isinstance(result, tuple) and len(result) == 3)
+@post(lambda result: len(result) == 3 and 0.0 <= result[0] <= 1.0)  # Ratio in [0, 1]
 def calculate_contract_ratio(file_info: FileInfo) -> tuple[float, int, int]:
     """
     Calculate contract coverage ratio for a file (DX-31).
@@ -88,7 +87,7 @@ def calculate_contract_ratio(file_info: FileInfo) -> tuple[float, int, int]:
     return (ratio, total, with_contracts)
 
 
-@pre(lambda file_info, config: isinstance(file_info, FileInfo))
+@post(lambda result: all(v.rule == "contract_quality_ratio" for v in result))
 def check_contract_quality_ratio(file_info: FileInfo, config: RuleConfig) -> list[Violation]:
     """
     Check contract coverage ratio in Core files (DX-30).
@@ -141,8 +140,7 @@ def check_contract_quality_ratio(file_info: FileInfo, config: RuleConfig) -> lis
     return violations
 
 
-@pre(lambda path: isinstance(path, str))
-@post(lambda result: isinstance(result, bool))
+# @invar:allow missing_contract: Boolean predicate, accepts empty string (doctest shows)
 def is_security_sensitive(path: str) -> bool:
     """
     Check if path indicates security-sensitive code (DX-31).
@@ -200,7 +198,7 @@ def is_security_sensitive(path: str) -> bool:
     return any(word in SECURITY_WORD_PATTERNS for word in words)
 
 
-@pre(lambda file_info, config: isinstance(file_info, FileInfo))
+@post(lambda result: all(v.rule == "review_suggested" for v in result))
 def check_review_suggested(file_info: FileInfo, config: RuleConfig) -> list[Violation]:
     """
     Suggest independent review when conditions warrant (DX-31).
@@ -296,3 +294,77 @@ def check_review_suggested(file_info: FileInfo, config: RuleConfig) -> list[Viol
         )
 
     return violations
+
+
+@pre(lambda escapes: all(len(e) == 3 for e in escapes))  # Validate tuple structure
+@post(lambda result: all(v.rule == "duplicate_escape_reason" for v in result))
+def check_duplicate_escape_reasons(
+    escapes: list[tuple[str, str, str]],
+) -> list[Violation]:
+    """
+    Detect duplicate escape hatch reasons across files (DX-33 Option E).
+
+    Warns when 3+ files share identical escape reason text,
+    suggesting a systematic issue that should be fixed at the root.
+
+    Args:
+        escapes: List of (file_path, rule, reason) tuples
+
+    Returns:
+        List of violations for duplicate reasons
+
+    Examples:
+        >>> check_duplicate_escape_reasons([])
+        []
+        >>> # 2 files with same reason - no warning (threshold is 3)
+        >>> escapes = [
+        ...     ("a.py", "rule", "same reason"),
+        ...     ("b.py", "rule", "same reason"),
+        ... ]
+        >>> check_duplicate_escape_reasons(escapes)
+        []
+        >>> # 3+ files with same reason - warning
+        >>> escapes = [
+        ...     ("a.py", "rule", "False positive - .get()"),
+        ...     ("b.py", "rule", "False positive - .get()"),
+        ...     ("c.py", "rule", "False positive - .get()"),
+        ... ]
+        >>> vs = check_duplicate_escape_reasons(escapes)
+        >>> len(vs) == 1
+        True
+        >>> "3 files" in vs[0].message
+        True
+        >>> "False positive" in vs[0].message
+        True
+    """
+    violations: list[Violation] = []
+
+    # Group by (reason) - normalize whitespace for comparison
+    reason_files: dict[str, list[str]] = {}
+    for file_path, _rule, reason in escapes:
+        normalized = reason.strip().lower()
+        if normalized not in reason_files:
+            reason_files[normalized] = []
+        reason_files[normalized].append(file_path)
+
+    # Check for duplicates (threshold: 3+ files)
+    for reason, files in reason_files.items():
+        if len(files) >= 3:
+            # Get original reason text from first occurrence
+            original_reason = next(
+                r for f, _, r in escapes if r.strip().lower() == reason
+            )
+            violations.append(
+                Violation(
+                    rule="duplicate_escape_reason",
+                    severity=Severity.WARNING,
+                    file="<project>",
+                    line=None,
+                    message=f'{len(files)} files share escape reason: "{original_reason}"',
+                    suggestion="Consider fixing the detection rule instead of adding escapes. "
+                    f"Files: {', '.join(sorted(set(files))[:5])}"
+                    + (f" (+{len(files) - 5} more)" if len(files) > 5 else ""),
+                )
+            )
+
+    return violations

invar/core/rule_meta.py

@@ -106,6 +106,14 @@ RULE_META: dict[str, RuleMeta] = {
         cannot_detect=("Runtime binding errors",),
         hint="Lambda must accept ALL function parameters (include defaults like x=10)",
     ),
+    "postcondition_scope_error": RuleMeta(
+        name="postcondition_scope_error",
+        severity=Severity.ERROR,
+        category=RuleCategory.CONTRACTS,
+        detects="@post lambda references function parameters (not available in postcondition)",
+        cannot_detect=("Indirect parameter access via closures",),
+        hint="@post can only use 'result', not function parameters like x, y",
+    ),
     "must_use_ignored": RuleMeta(
         name="must_use_ignored",
         severity=Severity.WARNING,

invar/core/rules.py

@@ -4,7 +4,7 @@ from __future__ import annotations
 
 from collections.abc import Callable
 
-from deal import post, pre
+from deal import post
 
 from invar.core.contracts import (
     check_empty_contracts,
@@ -12,21 +12,16 @@ from invar.core.contracts import (
     check_partial_contract,
     check_redundant_type_contracts,
     check_semantic_tautology,
-    check_skip_without_reason,  # DX-28
+    check_skip_without_reason,
 )
 from invar.core.entry_points import get_symbol_lines, has_allow_marker, is_entry_point
 from invar.core.extraction import format_extraction_hint
 from invar.core.models import FileInfo, RuleConfig, Severity, SymbolKind, Violation
 from invar.core.must_use import check_must_use
+from invar.core.postcondition_scope import check_postcondition_scope
 from invar.core.purity import check_impure_calls, check_internal_imports
-from invar.core.review_trigger import (
-    check_contract_quality_ratio,  # DX-30
-    check_review_suggested,  # DX-31
-)
-from invar.core.shell_architecture import (
-    check_shell_pure_logic,
-    check_shell_too_complex,
-)
+from invar.core.review_trigger import check_contract_quality_ratio, check_review_suggested
+from invar.core.shell_architecture import check_shell_pure_logic, check_shell_too_complex
 from invar.core.suggestions import format_suggestion_for_violation
 from invar.core.utils import get_excluded_rules
 
@@ -58,7 +53,6 @@ def _build_size_suggestion(base: str, extraction_hint: str, func_hint: str) -> s
     return f"{base}{func_hint}" if func_hint else base
 
 
-@pre(lambda file_info: isinstance(file_info, FileInfo))
 @post(lambda result: isinstance(result, str))
 def _get_func_hint(file_info: FileInfo) -> str:
     """Get top 5 largest functions as hint string."""
@@ -69,7 +63,7 @@ def _get_func_hint(file_info: FileInfo) -> str:
     return f" Functions: {', '.join(f'{n}({sz}L)' for n, sz in funcs)}" if funcs else ""
 
 
-@pre(lambda file_info, config: isinstance(file_info, FileInfo))
+@post(lambda result: all(v.rule in ("file_size", "file_size_warning") for v in result))
 def check_file_size(file_info: FileInfo, config: RuleConfig) -> list[Violation]:
     """
     Check if file exceeds maximum line count or warning threshold.
@@ -110,7 +104,7 @@ def check_file_size(file_info: FileInfo, config: RuleConfig) -> list[Violation]:
     return violations
 
 
-@pre(lambda file_info, config: isinstance(file_info, FileInfo))
+@post(lambda result: all(v.rule == "function_size" for v in result))
 def check_function_size(file_info: FileInfo, config: RuleConfig) -> list[Violation]:
     """
     Check if any function exceeds maximum line count.
@@ -158,7 +152,7 @@ def check_function_size(file_info: FileInfo, config: RuleConfig) -> list[Violati
     return violations
 
 
-@pre(lambda file_info, config: isinstance(file_info, FileInfo))
+@post(lambda result: all(v.rule == "forbidden_import" for v in result))
 def check_forbidden_imports(file_info: FileInfo, config: RuleConfig) -> list[Violation]:
     """
     Check for forbidden imports in Core files.
@@ -202,7 +196,7 @@ def check_forbidden_imports(file_info: FileInfo, config: RuleConfig) -> list[Vio
     return violations
 
 
-@pre(lambda file_info, config: isinstance(file_info, FileInfo))
+@post(lambda result: all(v.rule == "missing_contract" for v in result))
 def check_contracts(file_info: FileInfo, config: RuleConfig) -> list[Violation]:
     """
     Check that public Core functions have contracts.
@@ -223,9 +217,13 @@ def check_contracts(file_info: FileInfo, config: RuleConfig) -> list[Violation]:
     if not file_info.is_core or not config.require_contracts:
         return violations
 
+    source = file_info.source or ""
     for symbol in file_info.symbols:
         # Check all functions and methods - agent needs contracts everywhere
         if symbol.kind in (SymbolKind.FUNCTION, SymbolKind.METHOD) and not symbol.contracts:
+            # DX-22: Skip if @invar:allow marker present
+            if has_allow_marker(symbol, source, "missing_contract"):
+                continue
             kind_name = "Method" if symbol.kind == SymbolKind.METHOD else "Function"
             suggestion = format_suggestion_for_violation(symbol, "missing_contract")
             violations.append(
@@ -242,7 +240,7 @@ def check_contracts(file_info: FileInfo, config: RuleConfig) -> list[Violation]:
     return violations
 
 
-@pre(lambda file_info, config: isinstance(file_info, FileInfo))
+@post(lambda result: all(v.rule == "missing_doctest" for v in result))
 def check_doctests(file_info: FileInfo, config: RuleConfig) -> list[Violation]:
     """
     Check that contracted functions have doctest examples.
@@ -292,7 +290,7 @@ def check_doctests(file_info: FileInfo, config: RuleConfig) -> list[Violation]:
     return violations
 
 
-@pre(lambda file_info, config: isinstance(file_info, FileInfo))
+@post(lambda result: all(v.rule == "shell_result" for v in result))
 def check_shell_result(file_info: FileInfo, config: RuleConfig) -> list[Violation]:
     """
     Check that Shell functions with return values use Result[T, E].
@@ -344,7 +342,7 @@ def check_shell_result(file_info: FileInfo, config: RuleConfig) -> list[Violatio
     return violations
 
 
-@pre(lambda file_info, config: isinstance(file_info, FileInfo))
+@post(lambda result: all(v.rule == "entry_point_too_thick" for v in result))
 def check_entry_point_thin(file_info: FileInfo, config: RuleConfig) -> list[Violation]:
     """
     Check that entry points are thin (DX-23).
@@ -415,6 +413,7 @@ def get_all_rules() -> list[RuleFunc]:
         check_redundant_type_contracts,
         check_param_mismatch,
         check_partial_contract,
+        check_postcondition_scope,
         check_must_use,
         check_skip_without_reason,  # DX-28
         check_contract_quality_ratio,  # DX-30
@@ -462,7 +461,7 @@ def _apply_severity_override(v: Violation, overrides: dict[str, str]) -> Violati
     )
 
 
-@pre(lambda file_info, config: isinstance(file_info, FileInfo))
+@post(lambda result: all(v.rule and v.file for v in result) if result else True)
 def check_all_rules(file_info: FileInfo, config: RuleConfig) -> list[Violation]:
     """
     Run all rules against a file and collect violations.

invar/core/shell_analysis.py

@@ -93,8 +93,7 @@ COMPLEXITY_MARKER_PATTERN = re.compile(r"#\s*@shell_complexity\s*:")
 ORCHESTRATION_MARKER_PATTERN = re.compile(r"#\s*@shell_orchestration\s*:")
 
 
-@pre(lambda source: isinstance(source, str))
-@post(lambda result: isinstance(result, bool))
+# @invar:allow missing_contract: Boolean predicate, empty string is valid input
 def has_io_operations(source: str) -> bool:
     """
     Check if source code contains I/O operations.
@@ -112,8 +111,7 @@ def has_io_operations(source: str) -> bool:
     return any(indicator in source for indicator in IO_INDICATORS)
 
 
-@pre(lambda symbol, source: symbol is not None and isinstance(source, str))
-@post(lambda result: isinstance(result, bool))
+@pre(lambda symbol, source: symbol is not None)  # Symbol must exist
 def has_orchestration_marker(symbol: Symbol, source: str) -> bool:
     """
     Check if symbol has @shell_orchestration marker comment.
@@ -146,8 +144,7 @@ def has_orchestration_marker(symbol: Symbol, source: str) -> bool:
     return bool(ORCHESTRATION_MARKER_PATTERN.search(context))
 
 
-@pre(lambda symbol, source: symbol is not None and isinstance(source, str))
-@post(lambda result: isinstance(result, bool))
+@pre(lambda symbol, source: symbol is not None)  # Symbol must exist
 def has_complexity_marker(symbol: Symbol, source: str) -> bool:
     """
     Check if symbol has @shell_complexity marker comment.
@@ -181,8 +178,7 @@ def has_complexity_marker(symbol: Symbol, source: str) -> bool:
     return bool(COMPLEXITY_MARKER_PATTERN.search(context))
 
 
-@pre(lambda source: isinstance(source, str))
-@post(lambda result: isinstance(result, int) and result >= 0)
+@post(lambda result: result >= 0)  # Branch count is non-negative
 def count_branches(source: str) -> int:
     """
     Count the number of branches in source code.
@@ -225,8 +221,7 @@ def count_branches(source: str) -> int:
     return count
 
 
-@pre(lambda symbol, file_source: symbol is not None and isinstance(file_source, str))
-@post(lambda result: isinstance(result, str))
+@pre(lambda symbol, file_source: symbol is not None)  # Symbol must exist
 def get_symbol_source(symbol: Symbol, file_source: str) -> str:
     """
     Extract the source code for a specific symbol.

invar/core/shell_architecture.py

@@ -24,7 +24,7 @@ from invar.core.shell_analysis import (
 )
 
 
-@pre(lambda file_info, config: isinstance(file_info, FileInfo))
+@post(lambda result: all(v.rule == "shell_pure_logic" for v in result))
 def check_shell_pure_logic(file_info: FileInfo, config: RuleConfig) -> list[Violation]:
     """
     Check that Shell functions contain I/O operations (DX-22).
@@ -79,7 +79,7 @@ def check_shell_pure_logic(file_info: FileInfo, config: RuleConfig) -> list[Viol
     return violations
 
 
-@pre(lambda file_info, config: isinstance(file_info, FileInfo))
+@post(lambda result: all(v.rule == "shell_too_complex" for v in result))
 def check_shell_too_complex(file_info: FileInfo, config: RuleConfig) -> list[Violation]:
     """
     Check that Shell functions don't have excessive branching (DX-22).