legion-llm 0.7.5 → 0.7.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 14ea97502e51c6baf291165f3e36bbf37b28b93eb119ad750e6157089b0058c6
-  data.tar.gz: 6881a3b870cbdb2b7f7bbc2ce3af39b7331f27aefd48e742073a5c1149a8d0bf
+  metadata.gz: 2856c4fbdb896cc947ca9e64e1f16240db499ce49edb92d1a775009de9405a7b
+  data.tar.gz: dde486aca3ebfefec431e4ac4578db846a2fcd597a118657ba44cfca05245cc6
 SHA512:
-  metadata.gz: 83d59e98b5fe417f762bdf7aec41c8bdbe10246db47d9f9dcf620a9c5b7bc97768a0f05a13e5865a30400fb37c018ee019047fd68ddf717d760b213dd36c58e2
-  data.tar.gz: 43897c5332b7c641812f3e75981b1712a5d5262f607ce55bf8cd49f27c04a6a62f4bddd3d5f6abd8c0adc634a41b60e9b894383a211955ae1197d09d9c16bfb3
+  metadata.gz: 96435d5a198f879241b1c04c2c17cd0caf2afd2ae3751c2efd6c416e19c3513bbfe3c3612289a4014fed6f461e9c801451e6fd767fa23c62075cd908cdb6f676
+  data.tar.gz: 4978d31e8be17eadb107ac10481f1089ed32bb5403e60e1f5320510b6d93c7f73a1880d063ac55e05144dab64998839f7280c8e9271378adceaf08b41b4a35d8

data/CHANGELOG.md

@@ -2,6 +2,19 @@
 
 ## [Unreleased]
 
+## [0.7.6] - 2026-04-14
+
+### Added
+- `DaemonUnavailableError < LLMError` error class for fleet fail-closed semantics
+- Metering wired as explicit pipeline executor step (`:metering` in STEPS)
+- Router `exclude:` parameter — provider-keyed hash for anti-bias model exclusion (step 4.6 in `select_candidates`)
+- `thinking:` forwarded to RubyLLM provider via `ruby_llm_chat_options`
+
+### Fixed
+- Tool injection suppression: `tools: []` (explicit empty array) now skips `inject_registry_tools` — prevents 60+ MCP tools from being injected into fleet LLM calls
+- RBAC fail-closed for fleet: callers with `agent.id` starting with `fleet:` are blocked when RBAC is unavailable (scoped, does not affect non-fleet callers)
+- `exclude:` normalized defensively — `nil` or non-Hash values treated as empty
+
 ## [0.7.5] - 2026-04-14
 
 ### Added

data/lib/legion/llm/errors.rb

@@ -41,5 +41,7 @@ module Legion
     end
 
     class TokenBudgetExceeded < LLMError; end
+
+    class DaemonUnavailableError < LLMError; end
   end
 end

data/lib/legion/llm/pipeline/executor.rb

@@ -28,11 +28,12 @@ module Legion
         include Steps::TokenBudget
         include Steps::PromptCache
         include Steps::Debate
+        include Steps::Metering
 
         STEPS = %i[
           tracing_init idempotency conversation_uuid context_load
           rbac classification billing gaia_advisory tier_assignment rag_context trigger_match skill_injector tool_discovery
-          routing request_normalization token_budget provider_call response_normalization
+          routing request_normalization token_budget provider_call response_normalization metering
           debate confidence_scoring tool_calls context_store post_response knowledge_capture response_return
         ].freeze
 
@@ -43,7 +44,7 @@ module Legion
         ].freeze
 
         POST_PROVIDER_STEPS = %i[
-          response_normalization debate confidence_scoring tool_calls context_store post_response knowledge_capture response_return
+          response_normalization metering debate confidence_scoring tool_calls context_store post_response knowledge_capture response_return
         ].freeze
 
         ASYNC_SAFE_STEPS = %i[post_response knowledge_capture response_return].freeze
@@ -724,10 +725,12 @@ module Legion
         end
 
         def ruby_llm_chat_options
-          {
+          opts = {
             model:    @resolved_model,
             provider: @resolved_provider
-          }.compact
+          }
+          opts[:thinking] = @request.thinking if @request.thinking
+          opts.compact
         end
 
         def inject_ruby_llm_tools(session)
@@ -735,6 +738,10 @@ module Legion
             session.with_tool(tool)
           end
 
+          # nil means caller did not specify tools — inject registry tools as normal.
+          # An explicit empty array [] means caller opted out of registry injection.
+          return if @request.tools.is_a?(Array) && @request.tools.empty?
+
           inject_registry_tools(session)
         end
 
@@ -923,6 +930,29 @@ module Legion
           @enrichments = normalized
         end
 
+        def step_metering
+          input_tokens  = @raw_response.respond_to?(:input_tokens)  ? @raw_response.input_tokens.to_i  : 0
+          output_tokens = @raw_response.respond_to?(:output_tokens) ? @raw_response.output_tokens.to_i : 0
+          tier = @audit.dig(:'routing:provider_selection', :data, :tier)
+          latency_ms = if @timestamps[:provider_start] && @timestamps[:provider_end]
+                         ((@timestamps[:provider_end] - @timestamps[:provider_start]) * 1000).round
+                       else
+                         0
+                       end
+          event = Steps::Metering.build_event(
+            provider:      @resolved_provider,
+            model_id:      @resolved_model,
+            tier:          tier,
+            input_tokens:  input_tokens,
+            output_tokens: output_tokens,
+            latency_ms:    latency_ms
+          )
+          Steps::Metering.publish_or_spool(event)
+        rescue StandardError => e
+          @warnings << "metering error: #{e.message}"
+          handle_exception(e, level: :warn, operation: 'llm.pipeline.step_metering')
+        end
+
         def step_context_store
           conv_id = @request.conversation_id
           return unless conv_id

data/lib/legion/llm/pipeline/request.rb

@@ -21,7 +21,7 @@ module Legion
             schema_version:   kwargs.fetch(:schema_version, '1.0.0'),
             system:           kwargs[:system],
             messages:         kwargs.fetch(:messages, []),
-            tools:            kwargs.fetch(:tools, []),
+            tools:            kwargs.key?(:tools) ? kwargs[:tools] : nil,
             tool_choice:      kwargs.fetch(:tool_choice, { mode: :auto }),
             routing:          kwargs.fetch(:routing, { provider: nil, model: nil }),
             tokens:           kwargs.fetch(:tokens, { max: 4096 }),
@@ -79,7 +79,7 @@ module Legion
             messages:         messages,
             system:           kwargs[:system],
             routing:          routing,
-            tools:            kwargs.fetch(:tools, []),
+            tools:            kwargs.key?(:tools) ? kwargs[:tools] : nil,
             tool_choice:      kwargs[:tool_choice] || { mode: :auto },
             stream:           kwargs.fetch(:stream, false),
             generation:       kwargs[:generation] || {},

data/lib/legion/llm/pipeline/steps/rbac.rb

@@ -13,6 +13,14 @@ module Legion
             start_time = Time.now
 
             unless defined?(::Legion::Rbac)
+              if fleet_caller?
+                msg = 'RBAC unavailable: fleet callers require RBAC enforcement (fail-closed)'
+                log.error("[llm][rbac] fleet_blocked request_id=#{@request.id} reason=rbac_unavailable")
+                record_rbac_audit(:failure, msg, start_time)
+                record_rbac_timeline("denied: #{msg}")
+                raise Legion::LLM::PipelineError.new("403 Forbidden: #{msg}", step: :rbac)
+              end
+
               @warnings << 'RBAC unavailable, permitting request without enforcement'
               log.info("[llm][rbac] unavailable request_id=#{@request.id} action=permit_without_enforcement")
               record_rbac_audit(:success, 'permitted (rbac unavailable)', start_time)
@@ -20,26 +28,28 @@ module Legion
               return
             end
 
-            principal = build_rbac_principal
-            caller_id = extract_rbac_caller_id
-            log.info("[llm][rbac] authorize request_id=#{@request.id} caller=#{caller_id}")
-            ::Legion::Rbac.authorize!(principal: principal, action: :use, resource: 'llm/pipeline')
+            begin
+              principal = build_rbac_principal
+              caller_id = extract_rbac_caller_id
+              log.info("[llm][rbac] authorize request_id=#{@request.id} caller=#{caller_id}")
+              ::Legion::Rbac.authorize!(principal: principal, action: :use, resource: 'llm/pipeline')
 
-            log.info("[llm][rbac] permitted request_id=#{@request.id} caller=#{caller_id}")
-            record_rbac_audit(:success, "permitted caller=#{caller_id}", start_time)
-            record_rbac_timeline("permitted caller=#{caller_id}")
-          rescue ::Legion::Rbac::AccessDenied => e
-            log.warn("[llm][rbac] denied request_id=#{@request.id} error=#{e.message}")
-            record_rbac_audit(:failure, e.message, start_time)
-            record_rbac_timeline("denied: #{e.message}")
-            handle_exception(e, level: :warn, operation: 'llm.pipeline.steps.rbac.denied', request_id: @request.id)
-            raise Legion::LLM::PipelineError.new("403 Forbidden: #{e.message}", step: :rbac)
-          rescue StandardError => e
-            log.error("[llm][rbac] failed request_id=#{@request.id} error=#{e.message}")
-            record_rbac_audit(:failure, "error: #{e.message}", start_time)
-            record_rbac_timeline("error: #{e.message}")
-            handle_exception(e, level: :error, operation: 'llm.pipeline.steps.rbac', request_id: @request.id)
-            raise Legion::LLM::PipelineError.new("rbac error: #{e.message}", step: :rbac)
+              log.info("[llm][rbac] permitted request_id=#{@request.id} caller=#{caller_id}")
+              record_rbac_audit(:success, "permitted caller=#{caller_id}", start_time)
+              record_rbac_timeline("permitted caller=#{caller_id}")
+            rescue ::Legion::Rbac::AccessDenied => e
+              log.warn("[llm][rbac] denied request_id=#{@request.id} error=#{e.message}")
+              record_rbac_audit(:failure, e.message, start_time)
+              record_rbac_timeline("denied: #{e.message}")
+              handle_exception(e, level: :warn, operation: 'llm.pipeline.steps.rbac.denied', request_id: @request.id)
+              raise Legion::LLM::PipelineError.new("403 Forbidden: #{e.message}", step: :rbac)
+            rescue StandardError => e
+              log.error("[llm][rbac] failed request_id=#{@request.id} error=#{e.message}")
+              record_rbac_audit(:failure, "error: #{e.message}", start_time)
+              record_rbac_timeline("error: #{e.message}")
+              handle_exception(e, level: :error, operation: 'llm.pipeline.steps.rbac', request_id: @request.id)
+              raise Legion::LLM::PipelineError.new("rbac error: #{e.message}", step: :rbac)
+            end
           end
 
           private
@@ -54,6 +64,15 @@ module Legion
             )
           end
 
+          def fleet_caller?
+            agent_ids = [
+              @request.agent&.dig(:id),
+              @request.caller&.dig(:agent, :id)
+            ]
+
+            agent_ids.any? { |agent_id| agent_id.is_a?(String) && agent_id.start_with?('fleet:') }
+          end
+
           def extract_rbac_caller_id
             @request.caller&.dig(:requested_by, :id) ||
               @request.caller&.dig(:requested_by, :identity) ||

data/lib/legion/llm/prompt.rb

@@ -10,8 +10,8 @@ module Legion
       # When provider/model are passed explicitly, they take precedence over routing.
       def dispatch(message, # rubocop:disable Metrics/ParameterLists
                    intent: nil,
-                   exclude: {}, # rubocop:disable Lint/UnusedMethodArgument -- forwarded to Router.resolve in WS-00E
                    tier: nil,
+                   exclude: {},
                    provider: nil,
                    model: nil,
                    schema: nil,
@@ -30,8 +30,8 @@ module Legion
         resolved_provider = provider
         resolved_model = model
 
-        if resolved_provider.nil? && resolved_model.nil? && defined?(Router) && Router.routing_enabled?
-          resolution = Router.resolve(intent: intent, tier: tier)
+        if resolved_provider.nil? && resolved_model.nil? && defined?(Router) && Router.routing_enabled? && (intent || tier)
+          resolution = Router.resolve(intent: intent, tier: tier, exclude: exclude)
           resolved_provider = resolution&.provider
           resolved_model = resolution&.model
         end

data/lib/legion/llm/router.rb

@@ -22,14 +22,14 @@ module Legion
         # @param model    [String, nil] explicit model override
         # @param provider [Symbol, nil] explicit provider override
         # @return [Resolution, nil]
-        def resolve(intent: nil, tier: nil, model: nil, provider: nil)
+        def resolve(intent: nil, tier: nil, model: nil, provider: nil, exclude: {})
           return explicit_resolution(tier, provider, model) if tier
 
           return nil unless routing_enabled? && intent
 
           merged = merge_defaults(intent)
           rules = load_rules
-          candidates = select_candidates(rules, merged)
+          candidates = select_candidates(rules, merged, exclude: exclude)
           best = pick_best(candidates)
           resolution = best&.to_resolution
 
@@ -42,12 +42,12 @@ module Legion
           resolution || arbitrage_fallback(intent)
         end
 
-        def resolve_chain(intent: nil, tier: nil, model: nil, provider: nil, max_escalations: nil)
+        def resolve_chain(intent: nil, tier: nil, model: nil, provider: nil, max_escalations: nil, exclude: {})
           max = max_escalations || escalation_max_attempts
           return chain_from_defaults(model, provider, max) unless routing_enabled? && (intent || tier)
           return EscalationChain.new(resolutions: [explicit_resolution(tier, provider, model)], max_attempts: max) if tier
 
-          chain_from_intent(intent, max)
+          chain_from_intent(intent, max, exclude: exclude)
         end
 
         def health_tracker
@@ -131,7 +131,7 @@ module Legion
           raw.map { |h| Rule.from_hash(h.transform_keys(&:to_sym)) }
         end
 
-        def select_candidates(rules, intent)
+        def select_candidates(rules, intent, exclude: {})
           log.debug("Router: selecting candidates from #{rules.size} rules")
 
           # 1. Collect constraints from constraint rules that match the intent
@@ -151,8 +151,12 @@ module Legion
           # 4.5 Reject Ollama rules where model is not pulled or doesn't fit
           discovered = unconstrained.reject { |r| excluded_by_discovery?(r) }
 
+          # 4.6 Reject rules matching caller-provided exclude list
+          normalized_exclude = exclude.is_a?(Hash) ? exclude : {}
+          not_excluded = normalized_exclude.empty? ? discovered : discovered.reject { |r| excluded_by_caller?(r, normalized_exclude) }
+
           # 5. Filter by tier availability
-          final = discovered.select { |r| tier_available?(r.target[:tier] || r.target['tier']) }
+          final = not_excluded.select { |r| tier_available?(r.target[:tier] || r.target['tier']) }
 
           log.debug("Router: #{final.size} candidates after filtering (started with #{rules.size})")
 
@@ -204,6 +208,21 @@ module Legion
           {}
         end
 
+        def excluded_by_caller?(rule, exclude)
+          return false if exclude.nil? || exclude.empty?
+
+          target   = rule.target || {}
+          provider = (target[:provider] || target['provider'])&.to_sym
+          model    = target[:model]    || target['model']
+          tier     = (target[:tier]    || target['tier'])&.to_sym
+
+          return true if exclude[:provider] && provider == exclude[:provider].to_sym
+          return true if exclude[:model]    && model    == exclude[:model]
+          return true if exclude[:tier]     && tier     == exclude[:tier].to_sym
+
+          false
+        end
+
         def privacy_mode?
           if Legion.const_defined?('Settings', false) && Legion::Settings.respond_to?(:enterprise_privacy?)
             Legion::Settings.enterprise_privacy?
@@ -272,10 +291,10 @@ module Legion
           EscalationChain.new(resolutions: [res], max_attempts: max)
         end
 
-        def chain_from_intent(intent, max)
+        def chain_from_intent(intent, max, exclude: {})
           merged     = intent ? merge_defaults(intent) : {}
           rules      = load_rules
-          candidates = select_candidates(rules, merged)
+          candidates = select_candidates(rules, merged, exclude: exclude)
           sorted     = candidates.sort_by { |r| -effective_priority(r) }
           resolutions = sorted.map(&:to_resolution)
           resolutions = build_fallback_chain(sorted.first, sorted, resolutions) if sorted.first&.fallback

data/lib/legion/llm/version.rb

@@ -2,6 +2,6 @@
 
 module Legion
   module LLM
-    VERSION = '0.7.5'
+    VERSION = '0.7.6'
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: legion-llm
 version: !ruby/object:Gem::Version
-  version: 0.7.5
+  version: 0.7.6
 platform: ruby
 authors:
 - Esity