fix(syn): use AST-based bytemuck serialization detection

[raushan728]

Replace string-based bytemuck detection with AST parsing. Only bytemuck::Pod sets safe serialization; only bytemuck::Unsafe sets unsafe serialization. Unqualified and non-Pod derives are ignored to prevent false positives from unrelated crates.

[vercel]

@raushan728 is attempting to deploy a commit to the Solana Foundation Team on Vercel.

A member of the Team first needs to authorize it.

[0x4ka5h]

can you fix the CI?

[raushan728]

can you fix the CI?

I will fix it today. I looked at it yesterday, but I had my college exams going on

[raushan728]

@0x4ka5h Thanks for the patience! Could you take a look at the updated approach when you get a chance?

[raushan728]

@0x4ka5h I'm a bit confused about the fmt issue. My local nightly rustfmt wants __erase last, but CI wants it first different nightly versions sorting differently. I've manually fixed it to match what CI expects

raushan@DESKTOP-RU5BVRN:~/anchor$ cargo +nightly fmt -- --check
Diff in /home/raushan/anchor/lang/src/lib.rs:62:
     anchor_attribute_event::{emit, event},
     anchor_attribute_program::{declare_program, instruction, program},
     anchor_derive_accounts::Accounts,
-    anchor_derive_serde::{__erase, AnchorDeserialize, AnchorSerialize},
+    anchor_derive_serde::{AnchorDeserialize, AnchorSerialize, __erase},
     anchor_derive_space::InitSpace,
     borsh::ser::BorshSerialize as AnchorSerialize,
     const_crypto::ed25519::derive_program_address,

The TransactionExpiredTimeoutError in the misc test appears to be a flaky network timeout. Could you please re-run jobs?

[jamie-osec]

For future reference, CI uses the latest nightly version, and this setting changed recently.

[raushan728]

@jamie-osec ido-pool failures are just timing/network flakes, can you re-run?

[jamie-osec]

I think we should revert the unqualified matchers i.e. derives must have bytemuck::. Please try and keep the semantics as similar as possible

[raushan728]

I think we should revert the unqualified matchers i.e. derives must have bytemuck::. Please try and keep the semantics as similar as possible

Done, restricted to bytemuck:: namespaced derives only.

[jamie-osec]

I'm not sure where unsafe_impl_pod has come from; isn't this code to handle the specifically generated fake derive(bytemuck::Unsafe)? This is still a significant change to semantics
https://github.com/solana-foundation/anchor/blob/cfeec7dc7581e5180d7c01d0bcba12c7bbe04740/lang/attribute/account/src/lib.rs#L602

[raushan728]

Thanks you @jamie-osec to point me I removed is_unsafe_impl_pod entirely simplified to
has_unsafe_segment only since bytemuck::Unsafe is the only generated derive

[0x4ka5h]

cc. @jamie-osec needs second review here