feat: add nanoda external type checker support #145
Conversation
This PR adds support for verifying Lean projects with nanoda, an independent Lean 4 type checker written in Rust. New inputs: - `nanoda`: Enable nanoda verification (default: false) - `nanoda-allow-sorry`: Permit sorryAx axiom (default: true) - `nanoda-on-main-only`: Only run on push to main, not PRs (default: true) New output: - `nanoda-status`: SUCCESS | FAILURE | "" Also adds a reusable workflow `nanoda-daily.yml` for scheduled daily verification with configurable notifications (GitHub issue, webhook, or Zulip). 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
austinletson
left a comment
austinletson
left a comment
There was a problem hiding this comment.
Looks good to me other than a few quesetions.
Love checking MathLib in 17 minutes on a GitHub runner!
| CONFIG_FILE="_nanoda_config.json" | ||
|
|
||
| # Build permitted_axioms array | ||
| PERMITTED_AXIOMS='["propext", "Classical.choice", "Quot.sound", "Lean.trustCompiler"' |
There was a problem hiding this comment.
Why is Lean.trustCompiler included here by default? Isn't it and native_decide not allowed in Mathlib?
There was a problem hiding this comment.
Lean.trustCompiler is required because Init includes Lean.reduceBool and Lean.reduceNat, which are opaque declarations that reference Lean.trustCompiler in their definitions. Even though they're opaque, their definitions are still type-checked, so any project importing Init will transitively depend on Lean.trustCompiler.
This does NOT allow native_decide proofs through - those use Lean.ofReduceBool or Lean.ofReduceNat, which are not in the permitted list. So nanoda would still catch any native_decide usage.
As Robin Arnez noted: "To Nanoda, Lean.trustCompiler is just an axiom that asserts that True is true" - it's harmless because nanoda doesn't support compiler evaluation anyway.
See the discussion at https://leanprover.zulipchat.com/#narrow/stream/287929-mathlib4/topic/Why%20does%20the%20daily%20Nanoda%20check%20allow%20%60Lean.trustCompiler%60%3F
Resolves TODO - leanprover/lean4export#11 was merged on 2026-01-07. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Resolve CHANGELOG.md conflict - nanoda features go under Unreleased, v1.4.0 already released with test-args and elan fix. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
Users should control nanoda execution through workflow events instead,
which is more explicit and idiomatic. For example:
nanoda: ${{ github.event_name == 'push' }}
This avoids confusion and gives users full control over when nanoda runs.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Move cleanup into trap handler so temporary directories are removed even when nanoda verification fails (fixes re-run failures on self-hosted runners) - Add validation step for zulip-org-url and zulip-api-key inputs when notify is set to 'zulip', matching the webhook validation Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add --fail to curl so HTTP errors are not silently ignored - Add always() to Zulip validation so it runs even when nanoda fails Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Remove references to nanoda-on-main-only input from README (was removed in 8865ac2) - Allow leading whitespace when detecting package name in lakefile.lean Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Always close log group (::endgroup::) on both success and failure - Check for pre-existing directories before cloning to prevent data loss - Fix misleading notifications when Zulip config is invalid but verification succeeded Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 2 potential issues.
Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.
|
|
||
| # Step 2: Clone and build lean4export | ||
| echo "Cloning and building lean4export..." | ||
| git clone --depth 1 https://github.com/leanprover/lean4export.git _lean4export |
There was a problem hiding this comment.
Wrong repository URL for lean4export
High Severity
The PR description states the implementation "Uses kim-em/lean4export fork with fix for nonDep normalization (pending leanprover/lean4export#11)", but the code clones from https://github.com/leanprover/lean4export.git instead. If the referenced fix hasn't been merged to the upstream repository, nanoda verification will fail on projects that depend on the nonDep normalization fix.
| uses: zulip/github-actions-zulip/send-message@e4c8f27c732ba9bd98ac6be0583096dea82feea5 | ||
| with: | ||
| api-key: ${{ secrets.zulip-api-key }} | ||
| email: 'github-bot@${{ inputs.zulip-org-url }}' |
There was a problem hiding this comment.
Hardcoded Zulip bot email prevents custom bot names
Medium Severity
The Zulip bot email is hardcoded as github-bot@${{ inputs.zulip-org-url }}, assuming all users have a bot named github-bot. Zulip bot email addresses depend on the name chosen during bot creation. Users with differently-named bots (e.g., ci-bot, notifications-bot) will experience authentication failures when attempting to use Zulip notifications.
Additional Locations (1)
2 participants
This PR adds support for verifying Lean projects with nanoda, an independent Lean 4 type checker written in Rust.
New Inputs
nanoda"false"nanoda-allow-sorry"true"nanoda-on-main-only"true"New Output
nanoda-status:"SUCCESS"|"FAILURE"|""Reusable Daily Workflow
Also adds
.github/workflows/nanoda-daily.yml- a reusable workflow for scheduled daily verification with configurable notifications:Implementation Notes
kim-em/lean4exportfork with fix for nonDep normalization (pending fix: normalize nonDep flag for letE expressions lean4export#11)ammkrn/nanoda_libdebug branch with kernel compatibility fixesTesting
Successfully tested on:
🤖 Prepared with Claude Code