fix(ipc): foundation review remediation

[charlielye]

Addresses the full ipc-codegen/ipc-runtime review (68 findings across wire correctness, runtime lifecycle, codegen policy, dead code, test rigor, and docs).

Runtime (ipc-runtime)

• NAPI lifecycle: native close() (poll thread joined, was detached/UAF), TSFN acquire leak on destroy (Node could never exit), TSFN release/call race, sync call() deadline (hung forever on dead server)
• Zero-length responses: C++ server skipped the frame while TS sent it — cross-language deadlock; now always sent, IPC_OK len 0 distinguished from errors in the C ABI and rust/zig bindings
• uint64→uint32 ns timeout truncation (timeouts ≥4.3s silently wrapped); UDS now honors timeouts (SO_RCVTIMEO/SNDTIMEO); wait_for_data(0) poll semantics unified Linux/macOS
• Max-frame guards on receive in all languages; short-write loops; crash/parent-death cleanup (no more leaked sockets//dev/shm files); shared constants header + TS mirror (5s connect budget, 4MiB rings, backlog)
• New test suites: cpp gtest additions, rust 3, ts 7; docs corrected (shm/README rewritten to the current API)

Codegen (ipc-codegen)

• Schema validation: required *ErrorResponse {message}, count + misorder pairing guards, duplicate commands, reserved words, identifier collisions, >20-field check, resolvable string refs — with a unit test suite in test_cmds
• Unified error policy: all four generated servers wrap handler failures into the schema error variant (the ErrorResponse vs EchoErrorResponse fallback divergence is gone); framing errors return decodable errors instead of empty bytes
• Zig server redesigned: comptime handler injection (was implement-me stubs inside a DO-NOT-EDIT file, never compiled by anything); zig client surfaces server error messages
• --strip-method-prefix gates all languages uniformly (callers updated in the dependent PRs); --skeleton deleted (broken in all 4 languages, no consumers); CLI value validation
• Wire fixes: rust Option<bytes>/[bytes;N] serde attrs (encoded as int arrays before), TS u64 bigint bridging both directions + bin32 length guards, zig tolerance for non-negative int64 encodings, union ordering emitted in schema order
• C++ PrimAlias nominal wrapper so non-bin32 aliases survive schema reflection; get_*_schema_as_json() now reflects to the bare committable document; the reflection test asserts the schema→generated→reflected round trip is identity (was reflecting a hand-copy that masked drift)
• SERIALIZATION_FIELDS → IPC_CODEGEN_SERIALIZATION_FIELDS (moved down from the avm-binary PR; avoids colliding with bb's macro)
• try/catch keyword macros under BB_NO_EXCEPTIONS scoped to the msgpack include only (was ill-formed once std headers followed)

Tests

• Golden corpus extended to 22 cases including the first EchoErrorResponse golden; new cpp and zig golden runners (corpus now byte-verified in all 4 languages)
• Echo schema gained EchoBlobs (optional bytes + fixed byte arrays) and EchoFail; every client tests the error path, optional-absent, and u64 >2^32 over live IPC; cpp client checks survive NDEBUG
• ts example typechecked (tsc --noEmit); generated SyncApi exercised over SHM; FFI backends compile-checked (rust feature, zig stub link)

Full suite: 36/36 test_cmds green (4×22 goldens, 16 UDS + 12 SHM matrix combos, reflection, ts_package, schema tests); wsdb package builds end-to-end against the new codegen.

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	npm/​@​types/​node@​22.19.21

View full report

[charlielye]

Folded into the foundation PR #23610 (foundation + review fixes + JSONC schema format are now a single squashed commit). Superseding this PR; branch will be deleted.