lex-llm 0.2.0 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e89cf3b81ab7c122b0a4ffd99da2dda0cdc7c79258c43aa06291b8008985815a
-  data.tar.gz: 8a7e3da631d4595fd4a57de32a6bcdd13004313a00a653bf2b0fd347e85bbd20
+  metadata.gz: b88b067707ad4bb1e77ecfd7881d3eb19c81ee5b721c410a45406b7f221bce3d
+  data.tar.gz: 22a02b744c5a5748c2f768cd8ec1d9ecf97f70145313a8bad1c8f3f92b1c0266
 SHA512:
-  metadata.gz: 11e4dac6953ab61572d539c2e5c7cea634ab96388ba654392ea4b64365bab694f0e420acaf0a098ced97613240b89122fc3e8b5b186e4e78b77d37feca8ffbfd
-  data.tar.gz: cb0224a1f4130f2783b17464cc182b2b01b6feee21e35246b99a73b568e68d64f1191b39d59a0f82d333cac0df9b15ab86e710269b44141d0039a0997b008340
+  metadata.gz: a71c9d5d57eba8a72dc72eecb85eb93fdc1137f49af391e7829fdba2930a0c849118cae5afa9ac4e8ba3ed02b1eb3c108c1d9ba799bd78f0bf699f8812efc7aa
+  data.tar.gz: 4ed8982d220363c9cf9d151c0004d17430ddb800e57e7915e6e065e94510c87a5988e469458fa60587f2a6ba156eac75b0440881c705b9fe3de0fb5772c06a49

data/CHANGELOG.md

@@ -1,5 +1,14 @@
 # Changelog
 
+## 0.3.0 - 2026-05-01
+
+- Add CredentialSources helper: read-only probes for env vars, ~/.claude/settings.json, ~/.codex/auth.json, Legion::Settings, socket/HTTP probes, SHA-256 credential dedup
+- Add AutoRegistration mixin: shared discover_instances/register_discovered_instances/rediscover! for lex-llm-* provider self-registration into Call::Registry
+- Delete Provider.register, .resolve, .for, .providers, .local_providers, .remote_providers, .configured_providers, .configured_remote_providers — replaced by Call::Registry
+- Delete Configuration.register_provider_options — providers accept plain Hash config via new HashConfig wrapper
+- Provider#initialize accepts plain Hash in addition to Configuration objects
+- Models module uses Call::Registry with namespace-scanning fallback for standalone usage
+
 ## 0.2.0 - 2026-04-30
 
 - Promote ModelInfo Data.define value object with immutable fields: instance, parameter_count, parameter_size, quantization, size_bytes, modalities_input, modalities_output

data/lib/legion/extensions/llm/auto_registration.rb

@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+
+module Legion
+  module Extensions
+    module Llm
+      # Mixin that lex-llm-* provider modules `extend` to get shared
+      # registration boilerplate.  The provider only needs to override
+      # `discover_instances` — everything else is handled here.
+      #
+      # Prerequisites on the extending module:
+      #   - `PROVIDER_FAMILY` constant (Symbol, e.g. :ollama)
+      #   - `provider_class` singleton method returning the Provider subclass
+      module AutoRegistration
+        # Override in each provider.  Returns { instance_id => config_hash }.
+        def discover_instances
+          {}
+        end
+
+        # Calls discover_instances, creates a LexLLMAdapter for each,
+        # and registers into Call::Registry.
+        #
+        # Strips :tier and :capabilities from config before passing to
+        # the adapter (these are metadata, not connection config).
+        #
+        # Guarded: no-op when Legion::LLM::Call::Registry is not loaded.
+        def register_discovered_instances
+          return unless defined?(Legion::LLM::Call::Registry)
+
+          instances = discover_instances
+          instances.each do |instance_id, config|
+            registry_config = config.except(:tier, :capabilities)
+            adapter = Legion::LLM::Call::LexLLMAdapter.new(
+              self::PROVIDER_FAMILY, provider_class, instance_config: registry_config
+            )
+            Legion::LLM::Call::Registry.register(
+              self::PROVIDER_FAMILY, adapter, instance: instance_id
+            )
+          end
+        rescue StandardError => e
+          log.warn "[#{self::PROVIDER_FAMILY}] self-registration failed: #{e.message}" if respond_to?(:log)
+        end
+
+        # Deregisters all instances for this provider and re-runs discovery.
+        #
+        # Guarded: no-op when Legion::LLM::Call::Registry is not loaded.
+        def rediscover!
+          return unless defined?(Legion::LLM::Call::Registry)
+
+          Legion::LLM::Call::Registry.deregister_provider(self::PROVIDER_FAMILY)
+          register_discovered_instances
+        end
+      end
+    end
+  end
+end

data/lib/legion/extensions/llm/configuration.rb

@@ -16,10 +16,6 @@ module Legion
             defaults[key] = default
           end
 
-          def register_provider_options(options)
-            Array(options).each { |key| option(key, nil) }
-          end
-
           def options
             option_keys.dup
           end
@@ -32,8 +28,8 @@ module Legion
         end
 
         # System-level options are declared here.
-        # Provider-specific options are declared in each provider class via
-        # `self.configuration_options` and registered through Provider.register.
+        # Provider-specific options are declared in each provider extension via
+        # `self.configuration_options`.
         option :default_model, nil
         option :default_embedding_model, nil
         option :default_moderation_model, nil

data/lib/legion/extensions/llm/credential_sources.rb

@@ -0,0 +1,246 @@
+# frozen_string_literal: true
+
+require 'digest'
+require 'uri'
+
+module Legion
+  module Extensions
+    module Llm
+      # Read-only helpers that provider gems use to probe common credential
+      # locations (env vars, Claude config, Codex auth, Legion settings, and
+      # network probes).  All methods are pure readers — the calling provider
+      # decides what to do with the result.
+      module CredentialSources
+        CLAUDE_SETTINGS = File.expand_path('~/.claude/settings.json')
+        CLAUDE_PROJECT  = File.join(Dir.pwd, '.claude', 'settings.json')
+        CODEX_AUTH      = File.expand_path('~/.codex/auth.json')
+
+        # --- public helpers ------------------------------------------------
+
+        # Fetch an environment variable, stripping whitespace.
+        # Returns nil when the variable is unset or blank.
+        def env(key)
+          val = ENV.fetch(key, nil)
+          return nil if val.nil?
+
+          stripped = val.strip
+          stripped.empty? ? nil : stripped
+        end
+
+        # Merged Claude config (user-level + project-level).  Project settings
+        # override user settings.  Memoized for the lifetime of the process.
+        def claude_config
+          @claude_config ||= merge_claude_configs
+        end
+
+        # Read a single key from the merged Claude config, trying both symbol
+        # and string variants.
+        def claude_config_value(key)
+          cfg = claude_config
+          cfg[key.to_sym] || cfg[key.to_s]
+        end
+
+        # Read a key from the :env hash inside Claude config, trying both
+        # symbol and string variants.
+        def claude_env_value(key)
+          env_hash = claude_config_value(:env)
+          return nil unless env_hash.is_a?(Hash)
+
+          env_hash[key.to_sym] || env_hash[key.to_s]
+        end
+
+        # Read the bearer token from ~/.codex/auth.json when auth_mode is
+        # "chatgpt" and the JWT is not expired.
+        def codex_token
+          data = read_json(CODEX_AUTH)
+          mode = data[:auth_mode] || data['auth_mode']
+          return nil unless mode == 'chatgpt'
+
+          token = data[:bearer_token] || data['bearer_token']
+          return nil if token.nil? || token.to_s.strip.empty?
+          return nil unless token_valid?(token)
+
+          token
+        end
+
+        # Read the OPENAI_API_KEY from ~/.codex/auth.json.
+        def codex_openai_key
+          data = read_json(CODEX_AUTH)
+          val = data[:OPENAI_API_KEY] || data['OPENAI_API_KEY']
+          return nil if val.nil?
+
+          stripped = val.to_s.strip
+          stripped.empty? ? nil : stripped
+        end
+
+        # Dig into Legion::Settings, returning nil if the module is not loaded
+        # or the path doesn't exist.
+        def setting(*path)
+          return nil unless defined?(::Legion::Settings)
+
+          ::Legion::Settings.dig(*path)
+        rescue StandardError
+          nil
+        end
+
+        # TCP connect probe with a short timeout.  Returns true if the port
+        # is reachable, false otherwise.
+        def socket_open?(host, port, timeout: 0.1)
+          require 'socket'
+
+          addr = Socket.sockaddr_in(port, host)
+          sock = Socket.new(Socket::AF_INET, Socket::SOCK_STREAM, 0)
+          sock.setsockopt(Socket::SOL_SOCKET, Socket::SO_REUSEADDR, true)
+
+          begin
+            sock.connect_nonblock(addr)
+          rescue IO::WaitWritable
+            return false unless sock.wait_writable(timeout)
+
+            begin
+              sock.connect_nonblock(addr)
+            rescue Errno::EISCONN
+              # already connected — success
+            end
+          end
+          true
+        rescue StandardError
+          false
+        ensure
+          sock&.close
+        end
+
+        # HTTP GET probe via Faraday.  Returns true only on a 2xx status.
+        def http_ok?(url, path:, timeout: 2)
+          require 'faraday'
+
+          conn = Faraday.new(url: url) do |f|
+            f.options.timeout = timeout
+            f.options.open_timeout = timeout
+          end
+          response = conn.get(path)
+          response.status >= 200 && response.status < 300
+        rescue StandardError
+          false
+        ensure
+          conn&.close if conn.respond_to?(:close)
+        end
+
+        # Deduplicate credential configs by the SHA-256 of their credential
+        # value (api_key / bearer_token / access_token).  First source wins.
+        # Entries without a credential value are always kept.
+        def dedup_credentials(candidates)
+          seen = {}
+          result = {}
+
+          candidates.each do |instance_id, config|
+            hash = credential_hash(config)
+            if hash.nil?
+              result[instance_id] = config
+            elsif !seen.key?(hash)
+              seen[hash] = instance_id
+              result[instance_id] = config
+            end
+          end
+
+          result
+        end
+
+        # SHA-256 hex digest of the first credential value found in the config
+        # hash (checks api_key, bearer_token, access_token in order).
+        # Returns nil when no credential field is present.
+        def credential_hash(config)
+          val = config[:api_key] || config['api_key'] ||
+                config[:bearer_token] || config['bearer_token'] ||
+                config[:access_token] || config['access_token']
+          return nil if val.nil?
+
+          Digest::SHA256.hexdigest(val.to_s)
+        end
+
+        # Returns true when the URL points to localhost / 127.0.0.1 / ::1.
+        def localhost?(url)
+          return false if url.nil?
+
+          uri = URI.parse(url.to_s)
+          host = uri.host
+          return false if host.nil?
+
+          normalized = host.delete_prefix('[').delete_suffix(']')
+          %w[localhost 127.0.0.1 ::1].include?(normalized)
+        rescue URI::InvalidURIError
+          false
+        end
+
+        module_function :env, :claude_config, :claude_config_value,
+                        :claude_env_value, :codex_token, :codex_openai_key,
+                        :setting, :socket_open?, :http_ok?,
+                        :dedup_credentials, :credential_hash, :localhost?
+
+        # --- private helpers -----------------------------------------------
+
+        # Merge user-level (~/.claude/settings.json) and project-level
+        # (.claude/settings.json) Claude configs.  Project overrides user.
+        def merge_claude_configs
+          user = read_json(CLAUDE_SETTINGS)
+          project = read_json(CLAUDE_PROJECT)
+          deep_merge(user, project)
+        end
+
+        # Read and parse a JSON file.  Returns an empty hash on any error.
+        def read_json(path)
+          return {} unless File.exist?(path)
+
+          raw = File.read(path)
+          return {} if raw.strip.empty?
+
+          if defined?(::Legion::JSON)
+            ::Legion::JSON.parse(raw, symbolize_names: true)
+          else
+            ::JSON.parse(raw, symbolize_names: true)
+          end
+        rescue StandardError
+          {}
+        end
+
+        # JWT expiry check.  Decodes the base64 payload segment and checks
+        # that exp > now.  Returns true on any parse error (benefit of the
+        # doubt).
+        def token_valid?(token)
+          return true if token.nil?
+
+          require 'base64'
+          require 'json'
+
+          parts = token.to_s.split('.')
+          return true unless parts.length >= 2
+
+          payload = ::JSON.parse(Base64.urlsafe_decode64(parts[1]))
+          exp = payload['exp']
+          return true if exp.nil?
+
+          exp.to_i > Time.now.to_i
+        rescue StandardError
+          true
+        end
+
+        # Simple recursive hash merge (project values override user values).
+        def deep_merge(base, override)
+          base.merge(override) do |_key, old_val, new_val|
+            if old_val.is_a?(Hash) && new_val.is_a?(Hash)
+              deep_merge(old_val, new_val)
+            else
+              new_val
+            end
+          end
+        end
+
+        module_function :merge_claude_configs, :read_json,
+                        :token_valid?, :deep_merge
+
+        private_class_method :merge_claude_configs, :read_json,
+                             :token_valid?, :deep_merge
+      end
+    end
+  end
+end

data/lib/legion/extensions/llm/models.rb

@@ -37,6 +37,27 @@ module Legion
         class << self
           include Legion::Logging::Helper
 
+          # Discover provider classes from the Llm namespace.
+          # Each lex-llm-* extension defines a module under Legion::Extensions::Llm
+          # that responds to `provider_class` and has a `PROVIDER_FAMILY` constant.
+          def scan_provider_classes
+            Legion::Extensions::Llm.constants(false).filter_map do |const_name|
+              mod = Legion::Extensions::Llm.const_get(const_name, false)
+              next unless mod.is_a?(Module) && mod.respond_to?(:provider_class) &&
+                          mod.const_defined?(:PROVIDER_FAMILY, false)
+
+              [mod::PROVIDER_FAMILY.to_sym, mod.provider_class]
+            end.to_h
+          end
+
+          # Resolve a single provider class by slug.
+          # Returns nil when the provider is unknown.
+          def resolve_provider_class(name)
+            return nil if name.nil?
+
+            scan_provider_classes[name.to_sym]
+          end
+
           def instance
             @instance ||= new
           end
@@ -71,15 +92,12 @@ module Legion
             @instance = new(merged_models)
           end
 
-          def fetch_provider_models(remote_only: true) # rubocop:disable Metrics/PerceivedComplexity
+          def fetch_provider_models(remote_only: true)
             config = Legion::Extensions::Llm.config
-            provider_classes = remote_only ? Provider.remote_providers.values : Provider.providers.values
-            configured_classes = if remote_only
-                                   Provider.configured_remote_providers(config)
-                                 else
-                                   Provider.configured_providers(config)
-                                 end
-            configured = configured_classes.select { |klass| provider_classes.include?(klass) }
+            all_providers = scan_provider_classes.values
+            provider_classes = remote_only ? all_providers.reject(&:local?) : all_providers
+            configured = provider_classes.select { |klass| klass.configured?(config) }
+
             result = {
               models: [],
               fetched_providers: [],
@@ -87,18 +105,13 @@ module Legion
               failed: []
             }
 
-            provider_classes.each do |provider_class|
-              next if remote_only && provider_class.local?
-              next unless provider_class.configured?(config)
-
-              begin
-                result[:models].concat(provider_class.new(config).list_models)
-                result[:fetched_providers] << provider_class.slug
-              rescue StandardError => e
-                handle_exception(e, level: :warn, handled: true,
-                                    operation: 'llm.models.fetch_provider_models')
-                result[:failed] << { name: provider_class.name, slug: provider_class.slug, error: e }
-              end
+            configured.each do |provider_class|
+              result[:models].concat(provider_class.new(config).list_models)
+              result[:fetched_providers] << provider_class.slug
+            rescue StandardError => e
+              handle_exception(e, level: :warn, handled: true,
+                                  operation: 'llm.models.fetch_provider_models')
+              result[:failed] << { name: provider_class.name, slug: provider_class.slug, error: e }
             end
 
             result[:fetched_providers].uniq!
@@ -112,7 +125,7 @@ module Legion
 
           def resolve(model_id, provider: nil, assume_exists: false, config: nil) # rubocop:disable Metrics/PerceivedComplexity
             config ||= Legion::Extensions::Llm.config
-            provider_class = provider ? Provider.providers[provider.to_sym] : nil
+            provider_class = provider ? resolve_provider_class(provider) : nil
 
             if provider_class
               temp_instance = provider_class.new(config)
@@ -136,8 +149,8 @@ module Legion
               model ||= Model::Info.default(model_id, provider_instance.slug)
             else
               model = Models.find model_id, provider
-              provider_class = Provider.providers[model.provider.to_sym] || raise(Error,
-                                                                                  "Unknown provider: #{model.provider}")
+              provider_class = resolve_provider_class(model.provider) || raise(Error,
+                                                                               "Unknown provider: #{model.provider}")
               provider_instance = provider_class.new(config)
             end
             [model, provider_instance]
@@ -486,7 +499,7 @@ module Legion
         end
 
         def provider_resolved_model_id(model_id, provider)
-          provider_class = Provider.resolve(provider)
+          provider_class = self.class.resolve_provider_class(provider)
           return model_id unless provider_class
 
           provider_class.resolve_model_id(model_id, config: Legion::Extensions::Llm.config)

data/lib/legion/extensions/llm/provider.rb

@@ -3,6 +3,27 @@
 module Legion
   module Extensions
     module Llm
+      # Lightweight wrapper that lets a plain Hash behave like a Configuration
+      # object, responding to method-style accessors (e.g. +config.api_key+).
+      class HashConfig
+        def initialize(hash)
+          @data = hash.transform_keys(&:to_sym)
+        end
+
+        def respond_to_missing?(name, include_private = false)
+          @data.key?(name.to_sym) || super
+        end
+
+        def method_missing(name, *args)
+          key = name.to_sym
+          if name.to_s.end_with?('=')
+            @data[name.to_s.chomp('=').to_sym] = args.first
+          elsif @data.key?(key)
+            @data[key]
+          end
+        end
+      end
+
       # Base class for LLM providers.
       class Provider
         include Streaming
@@ -11,7 +32,7 @@ module Legion
         attr_reader :config, :connection
 
         def initialize(config)
-          @config = config
+          @config = config.is_a?(Hash) ? HashConfig.new(config) : config
           ensure_configured!
           @connection = Connection.new(self, @config)
         end
@@ -338,50 +359,6 @@ module Legion
           def configured?(config)
             configuration_requirements.all? { |req| config.send(req) }
           end
-
-          # @deprecated Use the extension registry instead. Will be removed in 1.0.
-          def register(name, provider_class)
-            providers[name.to_sym] = provider_class
-            Legion::Extensions::Llm::Configuration.register_provider_options(provider_class.configuration_options)
-          end
-
-          # @deprecated Use the extension registry instead. Will be removed in 1.0.
-          def resolve(name)
-            return nil if name.nil?
-
-            providers[name.to_sym]
-          end
-
-          # @deprecated Use the extension registry instead. Will be removed in 1.0.
-          def for(model)
-            model_info = Models.find(model)
-            resolve model_info.provider
-          end
-
-          # @deprecated Use the extension registry instead. Will be removed in 1.0.
-          def providers
-            @providers ||= {}
-          end
-
-          def local_providers
-            providers.select { |_slug, provider_class| provider_class.local? }
-          end
-
-          def remote_providers
-            providers.select { |_slug, provider_class| provider_class.remote? }
-          end
-
-          def configured_providers(config)
-            providers.select do |_slug, provider_class|
-              provider_class.configured?(config)
-            end.values
-          end
-
-          def configured_remote_providers(config)
-            providers.select do |_slug, provider_class|
-              provider_class.remote? && provider_class.configured?(config)
-            end.values
-          end
         end
 
         private

data/lib/legion/extensions/llm/version.rb

@@ -3,7 +3,7 @@
 module Legion
   module Extensions
     module Llm
-      VERSION = '0.2.0'
+      VERSION = '0.3.0'
     end
   end
 end

data/lib/legion/extensions/llm.rb

@@ -31,6 +31,8 @@ module Legion
         'ui' => 'UI'
       )
       loader.ignore("#{__dir__}/llm/version.rb")
+      loader.ignore("#{__dir__}/llm/auto_registration.rb")
+      loader.ignore("#{__dir__}/llm/credential_sources.rb")
       loader.ignore("#{__dir__}/llm/transport/exchanges")
       loader.ignore("#{__dir__}/llm/transport/messages")
       loader.push_dir("#{__dir__}/llm", namespace: self)
@@ -85,7 +87,7 @@ module Legion
         end
 
         def providers
-          Provider.providers.values
+          Models.scan_provider_classes.values
         end
 
         def configure
@@ -131,6 +133,8 @@ module Legion
         ProviderSettings.build(...)
       end
 
+      require_relative 'llm/auto_registration'
+      require_relative 'llm/credential_sources'
       loader.eager_load
     end
   end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: lex-llm
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.3.0
 platform: ruby
 authors:
 - LegionIO
@@ -201,12 +201,14 @@ files:
 - lib/legion/extensions/llm/aliases.json
 - lib/legion/extensions/llm/aliases.rb
 - lib/legion/extensions/llm/attachment.rb
+- lib/legion/extensions/llm/auto_registration.rb
 - lib/legion/extensions/llm/chat.rb
 - lib/legion/extensions/llm/chunk.rb
 - lib/legion/extensions/llm/configuration.rb
 - lib/legion/extensions/llm/connection.rb
 - lib/legion/extensions/llm/content.rb
 - lib/legion/extensions/llm/context.rb
+- lib/legion/extensions/llm/credential_sources.rb
 - lib/legion/extensions/llm/embedding.rb
 - lib/legion/extensions/llm/error.rb
 - lib/legion/extensions/llm/image.rb