refactor: address PR review comments

- Remove speculative seccomp comment from CI workflow
- Use .node-version file for Node.js version in Alpine CI
- Remove [env] CC wrapper vars from .cargo/config.toml and CI sed
- Revert O_DIRECTORY check in seccomp handler; instead consume a dir
  entry in the rust_std test so getdents64 fires
- Fix misleading "musl does not support cdylib" comment; update fspy
  README with musl section
- Revert to plain #[ctor::ctor] in command_for_fn! macro; remove
  linkme distributed slice infrastructure and subprocess_dispatch_ctor
- Keep /proc/self/cmdline fallback for musl arg reading in init_impl
- Remove all requires_fspy from snapshot toml files and Rust code

https://claude.ai/code/session_01Cqj3gbQjb7yFe49f1tfwYv

Author: claude

.cargo/config.toml

@@ -11,9 +11,3 @@ rustflags = ["-C", "linker=.cargo/zigcc-x86_64-unknown-linux-musl"]
 
 [target.aarch64-unknown-linux-musl]
 rustflags = ["-C", "linker=.cargo/zigcc-aarch64-unknown-linux-musl"]
-
-# CC wrappers for crates with C build scripts (e.g. stackalloc via cc-rs).
-# The linker flags above only cover rustc linking; cc-rs needs its own compiler.
-[env]
-CC_x86_64_unknown_linux_musl = { value = ".cargo/zigcc-x86_64-unknown-linux-musl", relative = true }
-CC_aarch64_unknown_linux_musl = { value = ".cargo/zigcc-aarch64-unknown-linux-musl", relative = true }

.github/workflows/ci.yml

@@ -140,26 +140,24 @@ jobs:
     runs-on: ubuntu-latest
     container:
       image: alpine:3.21
-      # fspy uses seccomp user notifications which require unconfined seccomp
-      # fspy uses seccomp user notifications and shared memory IPC
       options: --security-opt seccomp=unconfined --shm-size=256m
     steps:
       - name: Install Alpine dependencies
         shell: sh {0}
         run: apk add --no-cache bash curl git musl-dev gcc g++ python3
 
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        with:
+          persist-credentials: false
+          submodules: true
+
       # Alpine's Node.js package is compiled without TypeScript type-stripping.
       # Install the official Node.js musl binary which includes full TypeScript support.
       - name: Install Node.js from official distribution
         run: |
-          NODE_VERSION=$(curl -fsSL https://unofficial-builds.nodejs.org/download/release/index.json | python3 -c "import sys,json; print(next(d['version'] for d in json.load(sys.stdin) if d['version'].startswith('v22.')))")
+          NODE_VERSION=v$(cat .node-version)
           curl -fsSL "https://unofficial-builds.nodejs.org/download/release/${NODE_VERSION}/node-${NODE_VERSION}-linux-x64-musl.tar.gz" | tar -xz -C /usr/local --strip-components=1
 
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
-          submodules: true
-
       - name: Install Rust
         run: |
           curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain nightly-2026-03-05
@@ -171,11 +169,9 @@ jobs:
           pnpm install
 
       # Remove the zig cross-compilation config from .cargo/config.toml — in Alpine,
-      # the system cc is already musl-based, so no cross-compilation linker or CC is needed.
+      # the system cc is already musl-based, so no cross-compilation linker is needed.
       - name: Remove zig linker config for native musl
-        run: |
-          sed -i '/\[target.*musl\]/,/^$/d' .cargo/config.toml
-          sed -i '/\[env\]/,/^$/d' .cargo/config.toml
+        run: sed -i '/\[target.*musl\]/,/^$/d' .cargo/config.toml
 
       - run: cargo test --no-fail-fast
 

Cargo.lock

@@ -71,7 +71,6 @@ diff-struct = "0.5.3"
 directories = "6.0.0"
 elf = { version = "0.8.0", default-features = false }
 flate2 = "1.0.35"
-linkme = "0.3"
 fspy = { path = "crates/fspy" }
 fspy_detours_sys = { path = "crates/fspy_detours_sys" }
 fspy_preload_unix = { path = "crates/fspy_preload_unix", artifact = "cdylib" }

Cargo.toml

@@ -48,7 +48,6 @@ tempfile = { workspace = true }
 anyhow = { workspace = true }
 csv-async = { workspace = true }
 ctor = { workspace = true }
-linkme = { workspace = true }
 subprocess_test = { workspace = true, features = ["fspy"] }
 test-log = { workspace = true }
 tokio = { workspace = true, features = ["rt-multi-thread", "macros", "fs", "io-std"] }
@@ -72,4 +71,4 @@ workspace = true
 doctest = false
 
 [package.metadata.cargo-shear]
-ignored = ["ctor", "linkme", "fspy_test_bin"]
+ignored = ["ctor", "fspy_test_bin"]

crates/fspy/Cargo.toml

@@ -2,7 +2,7 @@
 
 Run a command and capture all the paths it tries to access.
 
-## macOS/Linux implementation
+## macOS/Linux (glibc) implementation
 
 It uses `DYLD_INSERT_LIBRARIES` on macOS and `LD_PRELOAD` on Linux to inject a shared library that intercepts file system calls.
 The injection process is almost identical on both platforms other than the environment variable name. The implementation is in `src/unix`.
@@ -11,6 +11,10 @@ The injection process is almost identical on both platforms other than the envir
 
 For fully static binaries (such as `esbuild`), `LD_PRELOAD` does not work. In this case, `seccomp_unotify` is used to intercept direct system calls. The handler is implemented in `src/unix/syscall_handler`.
 
+## Linux musl implementation
+
+On musl targets, only `seccomp_unotify`-based tracking is used (no preload library).
+
 ## Windows implementation
 
 It uses [Detours](https://github.com/microsoft/Detours) to intercept file system calls. The implementation is in `src/windows`.

crates/fspy/README.md

@@ -45,8 +45,8 @@ const PRELOAD_CDYLIB_BINARY: &[u8] = include_bytes!(env!("CARGO_CDYLIB_FILE_FSPY
 impl SpyImpl {
     /// Initialize the fs access spy by writing the preload library on disk.
     ///
-    /// On musl targets, the preload library is not available (musl does not support cdylib),
-    /// so only seccomp-based tracking is used.
+    /// On musl targets, we don't build a preload library —
+    /// only seccomp-based tracking is used.
     pub fn init_in(#[cfg_attr(target_env = "musl", allow(unused))] dir: &Path) -> io::Result<Self> {
         #[cfg(not(target_env = "musl"))]
         let preload_path = {

crates/fspy/src/unix/mod.rs

@@ -57,15 +57,14 @@ impl SyscallHandler {
             }
             path = Cow::Owned(resolved_path);
         }
-        let mut mode = match flags & libc::O_ACCMODE {
-            libc::O_RDWR => AccessMode::READ | AccessMode::WRITE,
-            libc::O_WRONLY => AccessMode::WRITE,
-            _ => AccessMode::READ,
-        };
-        if flags & libc::O_DIRECTORY != 0 {
-            mode.insert(AccessMode::READ_DIR);
-        }
-        self.arena.add(PathAccess { mode, path: path.as_os_str().into() });
+        self.arena.add(PathAccess {
+            mode: match flags & libc::O_ACCMODE {
+                libc::O_RDWR => AccessMode::READ | AccessMode::WRITE,
+                libc::O_WRONLY => AccessMode::WRITE,
+                _ => AccessMode::READ,
+            },
+            path: path.as_os_str().into(),
+        });
         Ok(())
     }
 

crates/fspy/src/unix/syscall_handler/mod.rs

@@ -52,7 +52,8 @@ async fn readdir() -> anyhow::Result<()> {
 
     let accesses = track_fn!(tmpdir_path.to_str().unwrap().to_owned(), |tmpdir_path: String| {
         std::env::set_current_dir(tmpdir_path).unwrap();
-        let _ = std::fs::read_dir("hello_dir");
+        // Consume at least one entry so that getdents64 fires on seccomp targets.
+        let _ = std::fs::read_dir("hello_dir").unwrap().next();
     })
     .await?;
     assert_contains(&accesses, tmpdir_path.join("hello_dir").as_path(), AccessMode::READ_DIR);

crates/fspy/tests/rust_std.rs

@@ -1,5 +1,3 @@
-subprocess_test::subprocess_dispatch_ctor!();
-
 use std::path::{Path, PathBuf, StripPrefixError};
 
 use fspy::{AccessMode, PathAccessIterable};