AlgoScan

Exercises every warning-emitting branch in statically_failing_op.py (both the top-level `_check` match arms and the three helpers' immediate-form / stack-form / None-fallthrough paths). Hits 100% line coverage of the validator via a single test case:

  coverage run -m pytest tests/test_compile.py -k statically_failing_ops -o addopts=""
  coverage report -m --include="src/puya/ir/validation/statically_failing_op.py"

Overlaps deliberately with a handful of the existing regression_tests cases since this is targeted at coverage completeness rather than regression pinning.

Post-destructuring IR pass that emits a compile-time warning when an AVM op is statically known to fail at runtime given its constant arguments. Mirrors the guard conditions that `intrinsic_simplification` uses to bail out of folding.

Covers:
- arithmetic: +, -, *, /, %, exp (overflow / underflow / div-by-zero / 0**0)
- shifts: shl, shr (amount >= 64)
- conversion: btoi (len > 8), bzero (len > 4096)
- extract / extract3 / extract_uint{16,32,64}
- substring / substring3
- replace2 / replace3
- getbit / setbit (uint64 and bytes variants)
- getbyte / setbyte

Handles both immediate-form and stack-arg form where the AVM op has both (e.g. extract vs extract3).

The identity fold is only valid when `b` is boolean (0 or 1), since AVM `||` always returns 0 or 1. Guard with `bool_context` so the fold still applies where we know `b` is bool-typed.

The intrinsic simplifier folds `0 || b` and `b || 0` to `b` unconditionally, but this is only valid when `b` is boolean (0 or 1) — AVM `||` always returns 0 or 1. For non-bool `b`, the fold produces the wrong value.

This is only reachable from AWST (not Algorand Python source), so the test uses an LLM generated AWST JSON test case.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

Currently, neither Algorand Python nor puya-ts emit non-boolean operands for these ops.

The intrinsic simplifier uses Python's `and`/`or` to fold AVM `&&`/`||`, which returns operand values instead of 0/1 for non-boolean constants. For example, `int(5 and 3)` returns 3, but AVM `&&` returns 1.

This is only reachable from AWST (not Algorand Python source), so the test uses an LLM generated AWST JSON test case.

Currently, neither Algorand Python nor puya-ts emit non-boolean operands for these ops.

The intrinsic simplifier uses Python's `and`/`or` to fold AVM `&&`/`||`, which returns operand values instead of 0/1 for non-boolean constants. For example, `int(5 and 3)` returns 3, but AVM `&&` returns 1.

This is only reachable from AWST (not Algorand Python source), so the test uses a hand-crafted AWST JSON test case.

Updates the requirements on [eslint](https://github.com/eslint/eslint) to permit the latest version.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](https://github.com/eslint/eslint/compare/v10.2.0...v10.2.1)

---
updated-dependencies:
- dependency-name: eslint
  dependency-version: 10.2.1
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>

Three related fixes:

1. Extract folding now checks len(source) < S+L before slicing,
   preventing Python's silent truncation from masking the AVM panic.

2. Substring folding now checks S <= E <= len(source) using a chained
   comparison, adding the missing upper bound check.

3. _get_bytes_length_safe now inductively verifies the source length
   before trusting an extract instruction's immediate length. Without
   this, a secondary optimization path could fold using an incorrect
   length even after the direct fold guard fires.

The intrinsic simplifier folds extract and substring even when the indices are out of bounds, silently truncating the result. The AVM panics in these cases.

Three separate contracts (ExtractLengthOOB, ExtractStartOOB, SubstringEndOOB) allow the on-chain tests to verify each error message independently.