valknar/llmx
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4b2e4a1d483a2692edc122c8c7f73252ee964ce1
llmx/llmx-rs/execpolicy/src/program.rs
Sebastian Krüger 3c7efc58c8 feat: Complete LLMX v0.1.0 - Rebrand from Codex with LiteLLM Integration 
This release represents a comprehensive transformation of the codebase from Codex to LLMX,
enhanced with LiteLLM integration to support 100+ LLM providers through a unified API.

## Major Changes

### Phase 1: Repository & Infrastructure Setup
- Established new repository structure and branching strategy
- Created comprehensive project documentation (CLAUDE.md, LITELLM-SETUP.md)
- Set up development environment and tooling configuration

### Phase 2: Rust Workspace Transformation
- Renamed all Rust crates from `codex-*` to `llmx-*` (30+ crates)
- Updated package names, binary names, and workspace members
- Renamed core modules: codex.rs → llmx.rs, codex_delegate.rs → llmx_delegate.rs
- Updated all internal references, imports, and type names
- Renamed directories: codex-rs/ → llmx-rs/, codex-backend-openapi-models/ → llmx-backend-openapi-models/
- Fixed all Rust compilation errors after mass rename

### Phase 3: LiteLLM Integration
- Integrated LiteLLM for multi-provider LLM support (Anthropic, OpenAI, Azure, Google AI, AWS Bedrock, etc.)
- Implemented OpenAI-compatible Chat Completions API support
- Added model family detection and provider-specific handling
- Updated authentication to support LiteLLM API keys
- Renamed environment variables: OPENAI_BASE_URL → LLMX_BASE_URL
- Added LLMX_API_KEY for unified authentication
- Enhanced error handling for Chat Completions API responses
- Implemented fallback mechanisms between Responses API and Chat Completions API

### Phase 4: TypeScript/Node.js Components
- Renamed npm package: @codex/codex-cli → @valknar/llmx
- Updated TypeScript SDK to use new LLMX APIs and endpoints
- Fixed all TypeScript compilation and linting errors
- Updated SDK tests to support both API backends
- Enhanced mock server to handle multiple API formats
- Updated build scripts for cross-platform packaging

### Phase 5: Configuration & Documentation
- Updated all configuration files to use LLMX naming
- Rewrote README and documentation for LLMX branding
- Updated config paths: ~/.codex/ → ~/.llmx/
- Added comprehensive LiteLLM setup guide
- Updated all user-facing strings and help text
- Created release plan and migration documentation

### Phase 6: Testing & Validation
- Fixed all Rust tests for new naming scheme
- Updated snapshot tests in TUI (36 frame files)
- Fixed authentication storage tests
- Updated Chat Completions payload and SSE tests
- Fixed SDK tests for new API endpoints
- Ensured compatibility with Claude Sonnet 4.5 model
- Fixed test environment variables (LLMX_API_KEY, LLMX_BASE_URL)

### Phase 7: Build & Release Pipeline
- Updated GitHub Actions workflows for LLMX binary names
- Fixed rust-release.yml to reference llmx-rs/ instead of codex-rs/
- Updated CI/CD pipelines for new package names
- Made Apple code signing optional in release workflow
- Enhanced npm packaging resilience for partial platform builds
- Added Windows sandbox support to workspace
- Updated dotslash configuration for new binary names

### Phase 8: Final Polish
- Renamed all assets (.github images, labels, templates)
- Updated VSCode and DevContainer configurations
- Fixed all clippy warnings and formatting issues
- Applied cargo fmt and prettier formatting across codebase
- Updated issue templates and pull request templates
- Fixed all remaining UI text references

## Technical Details

**Breaking Changes:**
- Binary name changed from `codex` to `llmx`
- Config directory changed from `~/.codex/` to `~/.llmx/`
- Environment variables renamed (CODEX_* → LLMX_*)
- npm package renamed to `@valknar/llmx`

**New Features:**
- Support for 100+ LLM providers via LiteLLM
- Unified authentication with LLMX_API_KEY
- Enhanced model provider detection and handling
- Improved error handling and fallback mechanisms

**Files Changed:**
- 578 files modified across Rust, TypeScript, and documentation
- 30+ Rust crates renamed and updated
- Complete rebrand of UI, CLI, and documentation
- All tests updated and passing

**Dependencies:**
- Updated Cargo.lock with new package names
- Updated npm dependencies in llmx-cli
- Enhanced OpenAPI models for LLMX backend

This release establishes LLMX as a standalone project with comprehensive LiteLLM
integration, maintaining full backward compatibility with existing functionality
while opening support for a wide ecosystem of LLM providers.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
Co-Authored-By: Sebastian Krüger <support@pivoine.art>
2025-11-12 20:40:44 +01:00

248 lines
7.8 KiB
Rust
Raw Blame History

use serde::Serialize;
use std::collections::HashMap;
use std::collections::HashSet;
use crate::ArgType;
use crate::ExecCall;
use crate::arg_matcher::ArgMatcher;
use crate::arg_resolver::PositionalArg;
use crate::arg_resolver::resolve_observed_args_with_patterns;
use crate::error::Error;
use crate::error::Result;
use crate::opt::Opt;
use crate::opt::OptMeta;
use crate::valid_exec::MatchedFlag;
use crate::valid_exec::MatchedOpt;
use crate::valid_exec::ValidExec;
#[derive(Debug)]
pub struct ProgramSpec {
pub program: String,
pub system_path: Vec<String>,
pub option_bundling: bool,
pub combined_format: bool,
pub allowed_options: HashMap<String, Opt>,
pub arg_patterns: Vec<ArgMatcher>,
forbidden: Option<String>,
required_options: HashSet<String>,
should_match: Vec<Vec<String>>,
should_not_match: Vec<Vec<String>>,
}
impl ProgramSpec {
pub fn new(
program: String,
system_path: Vec<String>,
option_bundling: bool,
combined_format: bool,
allowed_options: HashMap<String, Opt>,
arg_patterns: Vec<ArgMatcher>,
forbidden: Option<String>,
should_match: Vec<Vec<String>>,
should_not_match: Vec<Vec<String>>,
) -> Self {
let required_options = allowed_options
.iter()
.filter_map(|(name, opt)| {
if opt.required {
Some(name.clone())
} else {
None
}
})
.collect();
Self {
program,
system_path,
option_bundling,
combined_format,
allowed_options,
arg_patterns,
forbidden,
required_options,
should_match,
should_not_match,
}
}
}
#[derive(Clone, Debug, Eq, PartialEq, Serialize)]
pub enum MatchedExec {
Match { exec: ValidExec },
Forbidden { cause: Forbidden, reason: String },
}
#[derive(Clone, Debug, Eq, PartialEq, Serialize)]
pub enum Forbidden {
Program {
program: String,
exec_call: ExecCall,
},
Arg {
arg: String,
exec_call: ExecCall,
},
Exec {
exec: ValidExec,
},
}
impl ProgramSpec {
// TODO(mbolin): The idea is that there should be a set of rules defined for
// a program and the args should be checked against the rules to determine
// if the program should be allowed to run.
pub fn check(&self, exec_call: &ExecCall) -> Result<MatchedExec> {
let mut expecting_option_value: Option<(String, ArgType)> = None;
let mut args = Vec::<PositionalArg>::new();
let mut matched_flags = Vec::<MatchedFlag>::new();
let mut matched_opts = Vec::<MatchedOpt>::new();
for (index, arg) in exec_call.args.iter().enumerate() {
if let Some(expected) = expecting_option_value {
// If we are expecting an option value, then the next argument
// should be the value for the option.
// This had better not be another option!
let (name, arg_type) = expected;
if arg.starts_with("-") {
return Err(Error::OptionFollowedByOptionInsteadOfValue {
program: self.program.clone(),
option: name,
value: arg.clone(),
});
}
matched_opts.push(MatchedOpt::new(&name, arg, arg_type)?);
expecting_option_value = None;
} else if arg == "--" {
return Err(Error::DoubleDashNotSupportedYet {
program: self.program.clone(),
});
} else if arg.starts_with("-") {
match self.allowed_options.get(arg) {
Some(opt) => {
match &opt.meta {
OptMeta::Flag => {
matched_flags.push(MatchedFlag { name: arg.clone() });
// A flag does not expect an argument: continue.
continue;
}
OptMeta::Value(arg_type) => {
expecting_option_value = Some((arg.clone(), arg_type.clone()));
continue;
}
}
}
None => {
// It could be an --option=value style flag...
}
}
return Err(Error::UnknownOption {
program: self.program.clone(),
option: arg.clone(),
});
} else {
args.push(PositionalArg {
index,
value: arg.clone(),
});
}
}
if let Some(expected) = expecting_option_value {
let (name, _arg_type) = expected;
return Err(Error::OptionMissingValue {
program: self.program.clone(),
option: name,
});
}
let matched_args =
resolve_observed_args_with_patterns(&self.program, args, &self.arg_patterns)?;
// Verify all required options are present.
let matched_opt_names: HashSet<String> = matched_opts
.iter()
.map(|opt| opt.name().to_string())
.collect();
if !matched_opt_names.is_superset(&self.required_options) {
let mut options = self
.required_options
.difference(&matched_opt_names)
.map(String::from)
.collect::<Vec<_>>();
options.sort();
return Err(Error::MissingRequiredOptions {
program: self.program.clone(),
options,
});
}
let exec = ValidExec {
program: self.program.clone(),
flags: matched_flags,
opts: matched_opts,
args: matched_args,
system_path: self.system_path.clone(),
};
match &self.forbidden {
Some(reason) => Ok(MatchedExec::Forbidden {
cause: Forbidden::Exec { exec },
reason: reason.clone(),
}),
None => Ok(MatchedExec::Match { exec }),
}
}
pub fn verify_should_match_list(&self) -> Vec<PositiveExampleFailedCheck> {
let mut violations = Vec::new();
for good in &self.should_match {
let exec_call = ExecCall {
program: self.program.clone(),
args: good.clone(),
};
match self.check(&exec_call) {
Ok(_) => {}
Err(error) => {
violations.push(PositiveExampleFailedCheck {
program: self.program.clone(),
args: good.clone(),
error,
});
}
}
}
violations
}
pub fn verify_should_not_match_list(&self) -> Vec<NegativeExamplePassedCheck> {
let mut violations = Vec::new();
for bad in &self.should_not_match {
let exec_call = ExecCall {
program: self.program.clone(),
args: bad.clone(),
};
if self.check(&exec_call).is_ok() {
violations.push(NegativeExamplePassedCheck {
program: self.program.clone(),
args: bad.clone(),
});
}
}
violations
}
}
#[derive(Debug, Eq, PartialEq)]
pub struct PositiveExampleFailedCheck {
pub program: String,
pub args: Vec<String>,
pub error: Error,
}
#[derive(Debug, Eq, PartialEq)]
pub struct NegativeExamplePassedCheck {
pub program: String,
pub args: Vec<String>,
}
Reference in New Issue View Git Blame Copy Permalink