PyPI - spawnllm - Versions diffs - 0.5.1__tar.gz → 0.5.2__tar.gz - Mend

spawnllm 0.5.1tar.gz → 0.5.2tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (28) hide show

{spawnllm-0.5.1 → spawnllm-0.5.2}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: spawnllm
-Version: 0.5.1
+Version: 0.5.2
 Summary: Subshell + MLX LLM-calling backends (Claude/Codex CLI, local MLX) shared across tools.
 Keywords:
 Author: Yasyf Mohamedali

{spawnllm-0.5.1 → spawnllm-0.5.2}/pyproject.toml RENAMED Viewed

@@ -1,7 +1,7 @@
 [project]
 name = "spawnllm"
 # Inert sentinel: the real version is set from the release tag (uv version --frozen).
-version = "0.5.1"
+version = "0.5.2"
 description = "Subshell + MLX LLM-calling backends (Claude/Codex CLI, local MLX) shared across tools."
 readme = "README.md"
 license = "MIT"

{spawnllm-0.5.1 → spawnllm-0.5.2}/spawnllm/backends/base.py RENAMED Viewed

@@ -129,8 +129,13 @@ class LlmBackend(ABC):
         """
     @abstractmethod
-    def env(self) -> dict[str, str]:
-        """Return extra environment variables for the invocation, merged over the inherited environment."""
+    def env(self, spec: RunSpec) -> dict[str, str]:
+        """Return extra environment variables for the invocation, merged over the inherited environment.
+        Args:
+            spec: The configured run, so a backend can scope env overrides to
+                `spec.isolated` (e.g. a fresh config home only when isolating).
+        """
     @abstractmethod
     def is_authenticated(self, *, timeout: int) -> bool:
@@ -292,7 +297,7 @@ class CliBackend(LlmBackend):
                 rr = await acapture_cli(
                     inv.argv,
                     input=inv.stdin,
-                    env=os.environ | self.env() | (spec.env or {}),
+                    env=os.environ | self.env(spec) | (spec.env or {}),
                     cwd=spec.cwd,
                     timeout=spec.timeout,
                 )
@@ -311,7 +316,7 @@ class CliBackend(LlmBackend):
                 rr = capture_cli(
                     inv.argv,
                     input=inv.stdin,
-                    env=os.environ | self.env() | (spec.env or {}),
+                    env=os.environ | self.env(spec) | (spec.env or {}),
                     cwd=spec.cwd,
                     timeout=spec.timeout,
                 )

{spawnllm-0.5.1 → spawnllm-0.5.2}/spawnllm/backends/claude.py RENAMED Viewed

@@ -2,8 +2,12 @@
 from __future__ import annotations
+import atexit
 import json
+import shutil
 import subprocess
+import tempfile
+from pathlib import Path
 from typing import TYPE_CHECKING, ClassVar
 from spawnllm.backends.base import CliBackend
@@ -58,6 +62,8 @@ class ClaudeCliBackend(CliBackend):
     binary: ClassVar[str] = "claude"
     install_hint: ClassVar[str] = "curl -fsSL https://claude.ai/install.sh | bash"
+    _isolated_config_dir: str | None = None
     def build_command(self, spec: RunSpec) -> list[str]:
         """Build the `claude -p` argv for one stdin-prompted invocation.
@@ -151,15 +157,50 @@ class ClaudeCliBackend(CliBackend):
             return event["result"] if isinstance(event.get("result"), str) else "claude reported an error"
         return None
-    def env(self) -> dict[str, str]:
-        """Return no extra environment variables; the `claude` CLI runs with the inherited environment.
+    def env(self, spec: RunSpec) -> dict[str, str]:
+        """Point an isolated run at a fresh, host-free `CLAUDE_CONFIG_DIR`; otherwise add nothing.
+        Defense in depth behind the argv flags: a config home seeded with nothing
+        but the account pointer and OAuth token means plugin and
+        `~/.claude.json`-driven loading finds no host settings, plugins, or hooks
+        even if a flag is ever dropped.
+        Args:
+            spec: The configured run; `spec.isolated` gates the override.
-        Isolation is flag-only (`--setting-sources ""`/`--strict-mcp-config`). A fresh
-        `CLAUDE_CONFIG_DIR` would log the CLI out: the keychain token is keyed to the
-        `oauthAccount` recorded in `~/.claude.json`, absent from a relocated dir.
-        (`CLAUDE_CODE_SIMPLE=1` likewise breaks claude.ai keychain auth.)
+        Returns:
+            `{"CLAUDE_CONFIG_DIR": <isolated dir>}` for an isolated run, else `{}`.
+        """
+        if not spec.isolated:
+            return {}
+        return {"CLAUDE_CONFIG_DIR": self._isolated_dir()}
+    def _isolated_dir(self) -> str:
+        """Return the process-lifetime isolated config home, creating and seeding it once.
+        The home is a fresh temp dir seeded with only the two auth-bearing files:
+        `~/.claude.json` minus its `mcpServers` block (the active-account pointer,
+        with no host MCP servers leaking even absent `--strict-mcp-config`) and
+        `~/.claude/.credentials.json` (the claude.ai OAuth token, which lives in
+        the config home — relocating it without this copy logs the run out). Host
+        `settings.json`, plugins, and hooks are never copied. The dir is cached on
+        the backend and removed at interpreter exit.
         """
-        return {}
+        if self._isolated_config_dir is not None:
+            return self._isolated_config_dir
+        config_dir = Path(tempfile.mkdtemp(prefix="spawnllm-claude-config-"))
+        home = Path.home()
+        account_path = home / ".claude.json"
+        if account_path.exists():
+            account = json.loads(account_path.read_text())
+            account.pop("mcpServers", None)
+            (config_dir / ".claude.json").write_text(json.dumps(account))
+        credentials_path = home / ".claude" / ".credentials.json"
+        if credentials_path.exists():
+            shutil.copyfile(credentials_path, config_dir / ".credentials.json")
+        atexit.register(shutil.rmtree, config_dir, ignore_errors=True)
+        self._isolated_config_dir = str(config_dir)
+        return self._isolated_config_dir
     def is_authenticated(self, *, timeout: int) -> bool:
         """Report whether `claude auth status` exits cleanly, i.e. a claude.ai login is stored.

{spawnllm-0.5.1 → spawnllm-0.5.2}/spawnllm/backends/codex.py RENAMED Viewed

@@ -128,7 +128,7 @@ class CodexCliBackend(CliBackend):
         return json.dumps(to_strict_json_schema(model))
-    def env(self) -> dict[str, str]:
+    def env(self, _spec: RunSpec) -> dict[str, str]:
         """Return no extra environment variables; `--ignore-user-config` isolates config while `CODEX_HOME` keeps auth.
         `codex` keeps `auth.json` in `CODEX_HOME`, so relocating it would strand a

{spawnllm-0.5.1 → spawnllm-0.5.2}/spawnllm/backends/gemini.py RENAMED Viewed

@@ -30,7 +30,7 @@ class GeminiFamilyBackend(CliBackend, ABC):
     api_key_envs: ClassVar[tuple[str, ...]]
-    def env(self) -> dict[str, str]:
+    def env(self, _spec: RunSpec) -> dict[str, str]:
         """Return no extra environment variables.
         Gemini-family CLIs read settings and OAuth from the same config home (`~/.gemini`,

{spawnllm-0.5.1 → spawnllm-0.5.2}/spawnllm/backends/mlx.py RENAMED Viewed

@@ -52,7 +52,7 @@ class MlxBackend(LlmBackend):
         """Return the `structured_output` from a stream-json result event, else `raw` parsed as JSON."""
         return structured_value(raw)
-    def env(self) -> dict[str, str]:
+    def env(self, _spec: RunSpec) -> dict[str, str]:
         """Return no extra environment variables; MLX runs in-process with nothing to isolate."""
         return {}