feat: Complete LLMX v0.1.0 - Rebrand from Codex with LiteLLM Integration

This release represents a comprehensive transformation of the codebase from Codex to LLMX,
enhanced with LiteLLM integration to support 100+ LLM providers through a unified API.

## Major Changes

### Phase 1: Repository & Infrastructure Setup
- Established new repository structure and branching strategy
- Created comprehensive project documentation (CLAUDE.md, LITELLM-SETUP.md)
- Set up development environment and tooling configuration

### Phase 2: Rust Workspace Transformation
- Renamed all Rust crates from `codex-*` to `llmx-*` (30+ crates)
- Updated package names, binary names, and workspace members
- Renamed core modules: codex.rs → llmx.rs, codex_delegate.rs → llmx_delegate.rs
- Updated all internal references, imports, and type names
- Renamed directories: codex-rs/ → llmx-rs/, codex-backend-openapi-models/ → llmx-backend-openapi-models/
- Fixed all Rust compilation errors after mass rename

### Phase 3: LiteLLM Integration
- Integrated LiteLLM for multi-provider LLM support (Anthropic, OpenAI, Azure, Google AI, AWS Bedrock, etc.)
- Implemented OpenAI-compatible Chat Completions API support
- Added model family detection and provider-specific handling
- Updated authentication to support LiteLLM API keys
- Renamed environment variables: OPENAI_BASE_URL → LLMX_BASE_URL
- Added LLMX_API_KEY for unified authentication
- Enhanced error handling for Chat Completions API responses
- Implemented fallback mechanisms between Responses API and Chat Completions API

### Phase 4: TypeScript/Node.js Components
- Renamed npm package: @codex/codex-cli → @valknar/llmx
- Updated TypeScript SDK to use new LLMX APIs and endpoints
- Fixed all TypeScript compilation and linting errors
- Updated SDK tests to support both API backends
- Enhanced mock server to handle multiple API formats
- Updated build scripts for cross-platform packaging

### Phase 5: Configuration & Documentation
- Updated all configuration files to use LLMX naming
- Rewrote README and documentation for LLMX branding
- Updated config paths: ~/.codex/ → ~/.llmx/
- Added comprehensive LiteLLM setup guide
- Updated all user-facing strings and help text
- Created release plan and migration documentation

### Phase 6: Testing & Validation
- Fixed all Rust tests for new naming scheme
- Updated snapshot tests in TUI (36 frame files)
- Fixed authentication storage tests
- Updated Chat Completions payload and SSE tests
- Fixed SDK tests for new API endpoints
- Ensured compatibility with Claude Sonnet 4.5 model
- Fixed test environment variables (LLMX_API_KEY, LLMX_BASE_URL)

### Phase 7: Build & Release Pipeline
- Updated GitHub Actions workflows for LLMX binary names
- Fixed rust-release.yml to reference llmx-rs/ instead of codex-rs/
- Updated CI/CD pipelines for new package names
- Made Apple code signing optional in release workflow
- Enhanced npm packaging resilience for partial platform builds
- Added Windows sandbox support to workspace
- Updated dotslash configuration for new binary names

### Phase 8: Final Polish
- Renamed all assets (.github images, labels, templates)
- Updated VSCode and DevContainer configurations
- Fixed all clippy warnings and formatting issues
- Applied cargo fmt and prettier formatting across codebase
- Updated issue templates and pull request templates
- Fixed all remaining UI text references

## Technical Details

**Breaking Changes:**
- Binary name changed from `codex` to `llmx`
- Config directory changed from `~/.codex/` to `~/.llmx/`
- Environment variables renamed (CODEX_* → LLMX_*)
- npm package renamed to `@valknar/llmx`

**New Features:**
- Support for 100+ LLM providers via LiteLLM
- Unified authentication with LLMX_API_KEY
- Enhanced model provider detection and handling
- Improved error handling and fallback mechanisms

**Files Changed:**
- 578 files modified across Rust, TypeScript, and documentation
- 30+ Rust crates renamed and updated
- Complete rebrand of UI, CLI, and documentation
- All tests updated and passing

**Dependencies:**
- Updated Cargo.lock with new package names
- Updated npm dependencies in llmx-cli
- Enhanced OpenAPI models for LLMX backend

This release establishes LLMX as a standalone project with comprehensive LiteLLM
integration, maintaining full backward compatibility with existing functionality
while opening support for a wide ecosystem of LLM providers.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
Co-Authored-By: Sebastian Krüger <support@pivoine.art>

llmx-rs/linux-sandbox/tests/all.rs

@@ -0,0 +1,3 @@
+// Single integration test binary that aggregates all test modules.
+// The submodules live in `tests/suite/`.
+mod suite;

llmx-rs/linux-sandbox/tests/suite/landlock.rs

@@ -0,0 +1,238 @@
+#![cfg(target_os = "linux")]
+use llmx_core::config::types::ShellEnvironmentPolicy;
+use llmx_core::error::LlmxErr;
+use llmx_core::error::SandboxErr;
+use llmx_core::exec::ExecParams;
+use llmx_core::exec::SandboxType;
+use llmx_core::exec::process_exec_tool_call;
+use llmx_core::exec_env::create_env;
+use llmx_core::protocol::SandboxPolicy;
+use std::collections::HashMap;
+use std::path::PathBuf;
+use tempfile::NamedTempFile;
+
+// At least on GitHub CI, the arm64 tests appear to need longer timeouts.
+
+#[cfg(not(target_arch = "aarch64"))]
+const SHORT_TIMEOUT_MS: u64 = 200;
+#[cfg(target_arch = "aarch64")]
+const SHORT_TIMEOUT_MS: u64 = 5_000;
+
+#[cfg(not(target_arch = "aarch64"))]
+const LONG_TIMEOUT_MS: u64 = 1_000;
+#[cfg(target_arch = "aarch64")]
+const LONG_TIMEOUT_MS: u64 = 5_000;
+
+#[cfg(not(target_arch = "aarch64"))]
+const NETWORK_TIMEOUT_MS: u64 = 2_000;
+#[cfg(target_arch = "aarch64")]
+const NETWORK_TIMEOUT_MS: u64 = 10_000;
+
+fn create_env_from_core_vars() -> HashMap<String, String> {
+    let policy = ShellEnvironmentPolicy::default();
+    create_env(&policy)
+}
+
+#[expect(clippy::print_stdout, clippy::expect_used, clippy::unwrap_used)]
+async fn run_cmd(cmd: &[&str], writable_roots: &[PathBuf], timeout_ms: u64) {
+    let cwd = std::env::current_dir().expect("cwd should exist");
+    let sandbox_cwd = cwd.clone();
+    let params = ExecParams {
+        command: cmd.iter().copied().map(str::to_owned).collect(),
+        cwd,
+        timeout_ms: Some(timeout_ms),
+        env: create_env_from_core_vars(),
+        with_escalated_permissions: None,
+        justification: None,
+        arg0: None,
+    };
+
+    let sandbox_policy = SandboxPolicy::WorkspaceWrite {
+        writable_roots: writable_roots.to_vec(),
+        network_access: false,
+        // Exclude tmp-related folders from writable roots because we need a
+        // folder that is writable by tests but that we intentionally disallow
+        // writing to in the sandbox.
+        exclude_tmpdir_env_var: true,
+        exclude_slash_tmp: true,
+    };
+    let sandbox_program = env!("CARGO_BIN_EXE_llmx-linux-sandbox");
+    let llmx_linux_sandbox_exe = Some(PathBuf::from(sandbox_program));
+    let res = process_exec_tool_call(
+        params,
+        SandboxType::LinuxSeccomp,
+        &sandbox_policy,
+        sandbox_cwd.as_path(),
+        &llmx_linux_sandbox_exe,
+        None,
+    )
+    .await
+    .unwrap();
+
+    if res.exit_code != 0 {
+        println!("stdout:\n{}", res.stdout.text);
+        println!("stderr:\n{}", res.stderr.text);
+        panic!("exit code: {}", res.exit_code);
+    }
+}
+
+#[tokio::test]
+async fn test_root_read() {
+    run_cmd(&["ls", "-l", "/bin"], &[], SHORT_TIMEOUT_MS).await;
+}
+
+#[tokio::test]
+#[should_panic]
+async fn test_root_write() {
+    let tmpfile = NamedTempFile::new().unwrap();
+    let tmpfile_path = tmpfile.path().to_string_lossy();
+    run_cmd(
+        &["bash", "-lc", &format!("echo blah > {tmpfile_path}")],
+        &[],
+        SHORT_TIMEOUT_MS,
+    )
+    .await;
+}
+
+#[tokio::test]
+async fn test_dev_null_write() {
+    run_cmd(
+        &["bash", "-lc", "echo blah > /dev/null"],
+        &[],
+        // We have seen timeouts when running this test in CI on GitHub,
+        // so we are using a generous timeout until we can diagnose further.
+        LONG_TIMEOUT_MS,
+    )
+    .await;
+}
+
+#[tokio::test]
+async fn test_writable_root() {
+    let tmpdir = tempfile::tempdir().unwrap();
+    let file_path = tmpdir.path().join("test");
+    run_cmd(
+        &[
+            "bash",
+            "-lc",
+            &format!("echo blah > {}", file_path.to_string_lossy()),
+        ],
+        &[tmpdir.path().to_path_buf()],
+        // We have seen timeouts when running this test in CI on GitHub,
+        // so we are using a generous timeout until we can diagnose further.
+        LONG_TIMEOUT_MS,
+    )
+    .await;
+}
+
+#[tokio::test]
+#[should_panic(expected = "Sandbox(Timeout")]
+async fn test_timeout() {
+    run_cmd(&["sleep", "2"], &[], 50).await;
+}
+
+/// Helper that runs `cmd` under the Linux sandbox and asserts that the command
+/// does NOT succeed (i.e. returns a non‑zero exit code) **unless** the binary
+/// is missing in which case we silently treat it as an accepted skip so the
+/// suite remains green on leaner CI images.
+#[expect(clippy::expect_used)]
+async fn assert_network_blocked(cmd: &[&str]) {
+    let cwd = std::env::current_dir().expect("cwd should exist");
+    let sandbox_cwd = cwd.clone();
+    let params = ExecParams {
+        command: cmd.iter().copied().map(str::to_owned).collect(),
+        cwd,
+        // Give the tool a generous 2-second timeout so even slow DNS timeouts
+        // do not stall the suite.
+        timeout_ms: Some(NETWORK_TIMEOUT_MS),
+        env: create_env_from_core_vars(),
+        with_escalated_permissions: None,
+        justification: None,
+        arg0: None,
+    };
+
+    let sandbox_policy = SandboxPolicy::new_read_only_policy();
+    let sandbox_program = env!("CARGO_BIN_EXE_llmx-linux-sandbox");
+    let llmx_linux_sandbox_exe: Option<PathBuf> = Some(PathBuf::from(sandbox_program));
+    let result = process_exec_tool_call(
+        params,
+        SandboxType::LinuxSeccomp,
+        &sandbox_policy,
+        sandbox_cwd.as_path(),
+        &llmx_linux_sandbox_exe,
+        None,
+    )
+    .await;
+
+    let output = match result {
+        Ok(output) => output,
+        Err(LlmxErr::Sandbox(SandboxErr::Denied { output })) => *output,
+        _ => {
+            panic!("expected sandbox denied error, got: {result:?}");
+        }
+    };
+
+    dbg!(&output.stderr.text);
+    dbg!(&output.stdout.text);
+    dbg!(&output.exit_code);
+
+    // A completely missing binary exits with 127.  Anything else should also
+    // be non‑zero (EPERM from seccomp will usually bubble up as 1, 2, 13…)
+    // If—*and only if*—the command exits 0 we consider the sandbox breached.
+
+    if output.exit_code == 0 {
+        panic!(
+            "Network sandbox FAILED - {cmd:?} exited 0\nstdout:\n{}\nstderr:\n{}",
+            output.stdout.text, output.stderr.text
+        );
+    }
+}
+
+#[tokio::test]
+async fn sandbox_blocks_curl() {
+    assert_network_blocked(&["curl", "-I", "http://openai.com"]).await;
+}
+
+#[tokio::test]
+async fn sandbox_blocks_wget() {
+    assert_network_blocked(&["wget", "-qO-", "http://openai.com"]).await;
+}
+
+#[tokio::test]
+async fn sandbox_blocks_ping() {
+    // ICMP requires raw socket – should be denied quickly with EPERM.
+    assert_network_blocked(&["ping", "-c", "1", "8.8.8.8"]).await;
+}
+
+#[tokio::test]
+async fn sandbox_blocks_nc() {
+    // Zero‑length connection attempt to localhost.
+    assert_network_blocked(&["nc", "-z", "127.0.0.1", "80"]).await;
+}
+
+#[tokio::test]
+async fn sandbox_blocks_ssh() {
+    // Force ssh to attempt a real TCP connection but fail quickly.  `BatchMode`
+    // avoids password prompts, and `ConnectTimeout` keeps the hang time low.
+    assert_network_blocked(&[
+        "ssh",
+        "-o",
+        "BatchMode=yes",
+        "-o",
+        "ConnectTimeout=1",
+        "github.com",
+    ])
+    .await;
+}
+
+#[tokio::test]
+async fn sandbox_blocks_getent() {
+    assert_network_blocked(&["getent", "ahosts", "openai.com"]).await;
+}
+
+#[tokio::test]
+async fn sandbox_blocks_dev_tcp_redirection() {
+    // This syntax is only supported by bash and zsh. We try bash first.
+    // Fallback generic socket attempt using /bin/sh with bash‑style /dev/tcp.  Not
+    // all images ship bash, so we guard against 127 as well.
+    assert_network_blocked(&["bash", "-c", "echo hi > /dev/tcp/127.0.0.1/80"]).await;
+}

llmx-rs/linux-sandbox/tests/suite/mod.rs

@@ -0,0 +1,2 @@
+// Aggregates all former standalone integration tests as modules.
+mod landlock;