[Merged by Bors] - feat(Tactic/Linter): lint unwanted unicode

[adomasbaliuka]

Extends the text-based style linter that checks all unicode characters. Provides automatic replacements for some disallowed characters.

Unicode is very versatile and useful for Lean and Mathlib.
However, it is also very complex and few people have a thorough understanding of all its pitfalls (I don't claim to be one of them).
In order to avoid unpleasant surprises going forward, both accidental and malicious, we should keep track of which Unicode characters are allowed in Mathlib.

In programming and cybersecurity, there are many known issues and attacks concerning unicode.
Many open source repositories have been hit by such attacks, which are becoming ever more frequent due to the use of automation using e.g. large language models.
Some notable ones:

• homograph attacks: confusion caused by use of distinct characters which look the same (we probably don't want to fully address this and this PR does not attempt to)
• Trojan Source: abuse of bidirectional characters. Characters used by languages with right-to-left reading direction can cause code to be displayed differently than it is parsed. (This PR tries to address this)
• Exploits involving Private Use Area characters, e.g. GlassWorm. (This PR tries to address this)

See also unicode code source handling and Programming with Unicode for further details and guidelines.

Co-authored-by: Michael Rothgang @grunweg
Co-authored-by: Jon Eugster @joneugster

---

Continues work from #16215 (due to PRs now being made from forks).

Discussed at Zulip

Note: the script was added due to reviewer comment in #16215. Perhaps that is overkill here.

• depends on: [Merged by Bors] - feat(Tactic/Linter): Add more unicode replacements #36811

[github-actions]

PR summary 10fc8c0fdd

Import changes for modified files

No significant changes to the import graph

Import changes for all files

Files	Import difference

---

Declarations diff

+ ASCII.allowed
+ ASCII.allowedWhitespace
+ ASCII.printable
+ Char.allowedNonAscii
+ Char.isAscii
+ Char.manuallyExcluded
+ allLinterDefinedCharacterLists
+ isPrivateUseAreaChar
+ main
+ othersInMathlib
+ reprCharsChunked
+ withVSCodeAbbrev

You can run this locally as follows

## summary with just the declaration names:
./scripts/pr_summary/declarations_diff.sh <optional_commit>

## more verbose report:
./scripts/pr_summary/declarations_diff.sh long <optional_commit>

The doc-module for scripts/pr_summary/declarations_diff.sh contains some details about this script.

---

No changes to technical debt.

You can run this locally as

./scripts/reporting/technical-debt-metrics.sh pr_summary

• The relative value is the weighted sum of the differences with weight given by the inverse of the current value of the statistic.
• The absolute value is the relative value divided by the total sum of the inverses of the current values (i.e. the weighted average of the differences).

---

⚠️ Scripts folder reminder

This PR adds files under scripts/.
Please consider whether each added script belongs in this repository or in leanprover-community/mathlib-ci.

A script belongs in mathlib-ci if it is a CI automation script that interacts with GitHub (e.g. managing labels, posting comments, triggering bots), runs from a trusted external checkout in CI, or requires access to secrets.

A script belongs in this repository (scripts/) if it is a developer or maintainer tool to be run locally, a code maintenance or analysis utility, a style linting tool, or a data file used by the library's own linters.

See the mathlib-ci README for more details.

Added scripts files:

• scripts/extract-unique-nonascii.lean

[adomasbaliuka]

The remaining error is

error: Mathlib/RingTheory/Spectrum/Prime/Polynomial.lean:28: This line contains a bad unicode character '̲' (U+0332).

where I'm not sure what to do.
It is used in a comment to underline a variable name, indicating that it refers to multiple variables of a polynomial.
Either we allow that character, or find another notation for that place which also makes sense.

Another question @joneugster is whether we want to enable text-variant-selectors for some characters, such as the errors. I put a TODO in the code at that point.

[mathlib-dependent-issues]

This PR/issue depends on:

• [Merged by Bors] - feat(Tactic/Linter): Add more unicode replacements #36811
  By Dependent Issues (🤖). Happy coding!

[mathlib-merge-conflicts]

This pull request has conflicts, please merge master and resolve them.

[adomasbaliuka]

Just as an example of what this PR is supposed to help avoid:

While updating the proof for disallowed_of_replaceable, I came across a misprinting of a goal involving U+202B:

[joneugster]

Thank you!

Overall, with the script to autogenerate the list, a check to remove redundant symbols from the hand-curated list (see comment), and some information to the user how to add new symbols (see comment) I think this is a very reasonable addition!

I've validated that the script works and outputs the list included in this PR!

[adomasbaliuka]

I don't understand the CI failure...

[bryangingechen]

I think you just have to merge master; we just merged a PR adding a new CI job and a fix to a broken check in previous master.

[grunweg]

The webpage PR looks good to me, as does the proposed sequence of events.

[adomasbaliuka]

This is on the "maintainer merge" queue with some more changes having happened after it was put on the queue.

In my view, these additional changes are done and this PR can now be merged.

[Vierkantor]

bors d=@grunweg

[mathlib-bors]

✌️ grunweg can now approve this pull request. To approve and merge a pull request, simply reply with bors r+. More detailed instructions are available here.

[grunweg]

Thanks for your perseverance - let's get this merged!
bors merge

[mathlib-bors]

Build failed (retrying...):

• ci (staging) / Lint style

[mathlib-bors]

Build failed:

• ci (staging) / Post-Build Step

Fix if necessary, and then someone with permission can run bors r+ or bors retry.

[grunweg]

Once more with feeling:
bors merge

[mathlib-bors]

Pull request successfully merged into master.

Build succeeded:

• ci (staging) / Build
• ci (staging) / Lint style
• ci (staging) / Post-Build Step
• ci (staging) / Post-CI job

[grunweg]

I just merged the webpage PR: I'll happily merge a follow-up PR tomorrow linking to the style guide.