fix: 4 Mythos-hardening fixes (parser spec-conformance + helper footguns)

[avrabe]

Summary

All four fixes surfaced by the second Mythos discover pass (5 agents on 5 tier-5 files yesterday), then filtered through 4 fresh-session validators (all 4 came back confirmed-but-no-uca — every bug had a downstream backstop).

Since no deployment hazard reaches the controlled process, this PR is scoped as hardening:

• Better diagnostic locality at the parser layer (instead of catching malformed AADL at HIR / analysis).
• Honest docstrings on helpers that would otherwise trap future contributors.

Fixes

1. Reject out in / in in / out out feature direction

crates/spar-parser/src/grammar/features.rs:65-82

AS-5506B §8.1: feature_direction ::= in | out | in out. Only in out is legal. Prior code accepted any {in,out} {in,out} pair. HIR extract_direction() normalized the unknown text to None (so analyses skipped the feature), but diagnostic locality was poor.

2. Reject non-refined connections without endpoints

crates/spar-parser/src/grammar/connections.rs:22-122

AS-5506B §9.2: non-refined connections must have source + arrow + destination. Prior code silently accepted c1 : port ;. compute_semantic_connections emitted a "missing endpoint" error later, but diagnostic locality was poor. Track refined to; require endpoints otherwise.

3. Extend classifier-rename resolution to .impl references

crates/spar-hir-def/src/resolver.rs:359-396

AS-5506D §4.2: a classifier alias names a type and can be used in any classifier-reference position, including alias.impl_name. Prior code gated rename handling on impl_name.is_none(), so MyAlias.i returned Unresolved despite a valid rename. Preserve impl_name through the rewrite. Feature-group aliases still only handle the no-impl case (feature groups have no implementations).

4. Document property_eval::eval_numeric / numeric_with_unit as magnitude-only

crates/spar-hir-def/src/property_eval.rs:115-168

Validator found these functions have zero external callers — every timing/size analysis in spar-analysis routes through property_accessors.rs which carries proper unit-factor tables. But the helper names are misleading: eval_numeric silently treats 5 ms and 5 ns as both 5.0; numeric_with_unit drops units on BinaryOp. Added prominent # Units are silently stripped docstring sections and #[doc(hidden)] so future contributors are directed at property_accessors.rs.

Test plan

• cargo test --workspace → 2,482 passed, 0 failed (+6 regression tests: 3 direction, 2 connection-endpoints, 1 classifier-rename-impl).
• rustup run nightly cargo clippy --workspace --all-targets -- -D warnings → clean.
• rustup run nightly cargo fmt --check → clean.
• New tests added:
  • crates/spar-syntax/tests/parser_tests.rs: out_in_feature_direction_is_rejected, in_in_feature_direction_is_rejected, in_out_feature_direction_still_accepted, connection_without_endpoints_is_rejected, refined_connection_may_omit_endpoints
  • crates/spar-hir-def/src/resolver.rs: classifier_renames_resolves_impl_reference

Pipeline context

Mythos discover + validate now has 5 confirmed findings from 10 files over two days. Today's pass yielded 0 UCAs — a valid outcome. The oracle gate + fresh-session validation doctrine (hallucinations cost more than silence) prevented shipping 4 speculative "urgent" PRs; the actual code changes ended up as hardening because spar's HIR + analysis layer already catches these.

Script templates + first-run ranking: see PR #133 / scripts/mythos/.

🤖 Generated with Claude Code

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!