rado
apalache
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
rado
-
A dependently typed language for proofs that you can implement in one day
> in practice, what kind of proof are people building when building real world programs ?
Here's an example of a proof from a Turing machine simulator written in Idris [1]. The claim is that the length of the tape never decreases after taking a step.
The "claim" is stated in the type signature, and the "proof" is an implementation of that type. That's what "propositions as types" means. The whole thing looks like a regular function, except that it doesn't do anything and it never gets called. However, by virtue of having been accepted by the type-checker it verifies the claim about that piece of the program's behavior.
[1] https://github.com/nickdrozd/rado/blob/86790bbb218785e57ea88...
apalache
- Holiday protocols: secret Santa with Quint
-
Learn TLA+
Anyone know of some good free software TLA+ model checkers? The "Other Tooling" mentions one alternative checker, https://apalache.informal.systems/, but that's all I could find. Thanks.
- Apalache – Symbolic Model Checker for TLA+
-
A dependently typed language for proofs that you can implement in one day
> How are those types any different than outright stating a behavioral invariant?
Because the behavior of programs can't be verified without executing the program, but types can be checked purely based on syntax. There is way less source code than runtime states of any non-trivial program.
I've asked this same question many times, the TLA+ way is much more expressive and _simpler_. But model checking is a way harder problem than type checking, in general. SMT solvers make this line blurry - in fact, have you heard of the SMT-based model checker for TLA+, [Apalache](https://apalache.informal.systems/)?. I haven't tried it out, but that should be way faster than TLC which just brute forces the state-space exploration.
I'm totally with you about TLA+ style spec properties, but it's a big theoretical hurdle to cross before they could be as efficient as types.
- Apalache Release v0.15.1
- Apalache, a symbolic model checker for TLA+, v0.8.0 is released
What are some alternatives?
Formality - A modern proof language [Moved to: https://github.com/kind-lang/Kind]
tlaplus - TLC is a model checker for specifications written in TLA+. The TLA+Toolbox is an IDE for TLA+.
PomPom-Language - The cuteness implementation of a dependently typed language.
advent-of-tla - AoC goals in TLA+
BlockingQueue - Tutorial "Weeks of debugging can save you hours of TLA+". Each git commit introduces a new concept => check the git history!
ewd998 - Distributed termination detection on a ring, due to Shmuel Safra:
suslik - Synthesis of Heap-Manipulating Programs from Separation Logic
P - The P programming language.