feat(governance): Clippy lint policy scaffolding (PR 1 of stack)

[EffortlessSteven]

Summary

Base of a stacked rollout that turns Clippy into a governed engineering surface rather than ad-hoc settings in Cargo.toml. No lint behaviour changes in this PR — only policy infrastructure.

• policy/clippy-lints.toml — machine-readable ledger of active lints + planned Rust 1.94/1.95 flip cohorts
• policy/clippy-debt.toml — seed for tracked exceptions (owner / reason / lint / expires)
• policy/no-panic-allowlist.toml — semantic schema (path + family + selector) ported from the ripr v0.2 model
• policy/non-rust-allowlist.toml — TOML migration of the prior pipe-delimited non-Rust file policy
• docs/CLIPPY_POLICY.md — policy doc, suppression style (#[expect(..., reason = "...")]), BitNet-rs overlay, rollout schedule
• cargo xtask check-lint-policy — advisory by default, --strict available for CI once PR 2 lands

What the checker verifies today

1. Schema versions of all four policy/*.toml files.
2. MSRV agreement between policy/clippy-lints.toml, workspace.package.rust-version, and rust-toolchain.toml channel.
3. Every planned lint activates at the current MSRV or a future one (never past).
4. Debt entries have owner / reason / lint / expires, expiry is parseable, and not in the past.
5. Lint names use a recognised root (clippy::, rust::, rustc::, rustdoc::).

It deliberately does not yet:

• Walk the AST to enforce the no-panic allowlist (planned: xtask check-no-panic-family).
• Walk the file tree to enforce the non-Rust allowlist (planned: xtask check-file-policy).
• Diff policy/clippy-lints.toml against [workspace.lints] — that lands with PR 2 when the strict block is applied.

Stack plan

PR	Branch (planned)	Scope
1	claude/clippy-governance-system-HERR6 (this)	Governance scaffolding only. Zero lint behaviour change.
2	claude/clippy-strict-baseline-...	Replace all/pedantic/nursery with explicit lint set; remove allow-unwrap-in-tests / allow-expect-in-tests from clippy.toml; seed policy/clippy-debt.toml with the resulting violations (named owner + ≤90-day expiry); promote xtask check-lint-policy to CI gate.
3	claude/clippy-msrv-1.93-...	Bump MSRV 1.92 → 1.93 in rust-toolchain.toml, workspace.package.rust-version, and policy/clippy-lints.toml. Promote warn numeric lints → deny per crate.
4+	claude/clippy-1.94-cohort-... etc.	Activate planned activate_when_msrv = "1.94" / "1.95" cohorts when MSRV reaches each.

BitNet-rs overlay (encoded in policy/clippy-lints.toml)

• Panic / silent-failure / suppression-governance lints → deny at PR 2.
• unsafe_code → forbid, with a documented exception list for GPU backend crates (bitnet-kernels, bitnet-rocm, bitnet-cuda*, bitnet-metal, bitnet-vulkan, bitnet-opencl, bitnet-wgpu).
• Numeric correctness lints (cast_*, float_cmp) start at warn; arithmetic_side_effects stays warn indefinitely until kernel debt is triaged.
• Test carveouts (allow-unwrap-in-tests etc.) currently in clippy.toml → flagged as info today, scheduled for removal in PR 2.

Test plan

• cargo build --locked -p xtask --no-default-features — clean build
• cargo clippy --locked -p xtask --no-default-features --bin xtask --all-targets -- -D warnings — clean
• cargo fmt --all -- --check — clean
• cargo test --locked -p xtask --no-default-features --bin xtask lint_policy:: — 2 passed
• cargo run --locked -p xtask --no-default-features -- check-lint-policy — 1 info, 0 warnings, 0 errors
• cargo run --locked -p xtask --no-default-features -- check-lint-policy --strict — exit 0
• Manual review of policy schema before PR 2 begins seeding clippy-debt.toml

Why review this in isolation

PR 2 will produce a large set of debt entries when it removes the pedantic/nursery warn block in favour of the explicit list and drops the test carveouts. Landing the schema, doc, and checker first means PR 2's diff is "applied lint policy + reviewed debt list" rather than "lots of new files mixed with lint changes."

https://claude.ai/code/session_01B5tBepFTH4UCnpBqXGt4CC

---

Generated by Claude Code

[coderabbitai]

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 4496a3b2-7cd4-4881-bb30-ae0ad28f6612

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch claude/clippy-governance-system-HERR6

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Code Review

This pull request introduces a lint governance framework for the bitnet-rs workspace, including a formal policy document and TOML ledgers for tracking lints, technical debt, and allowlists. It also adds an xtask command to verify policy consistency. Feedback highlights that the new xtask implementation is missing required imports for the chrono and toml crates, which will lead to compilation errors.

[gemini-code-assist]

The chrono and toml crates are used in this file but are not imported. Please add the necessary imports to ensure the code compiles.

Suggested change

	use std::collections::BTreeSet;
	use std::fs;
	use std::path::{Path, PathBuf};
	use anyhow::{Context, Result, bail};
	use serde::Deserialize;
	use std::collections::BTreeSet;
	use std::fs;
	use std::path::{Path, PathBuf};
	use anyhow::{Context, Result, bail};
	use chrono::{NaiveDate, Utc};
	use serde::Deserialize;
	use toml;