2026-05-13 13:29:50 -07:00
|
|
|
import { execFile } from 'node:child_process';
|
2026-05-10 23:12:26 +02:00
|
|
|
import { writeFile } from 'node:fs/promises';
|
2026-05-13 08:42:38 -04:00
|
|
|
import { promisify } from 'node:util';
|
chore(workspace): gate dead-code with knip production mode (#196)
* refactor(workspace): relocate @ktx/llm source into packages/cli/src/llm
* refactor(workspace): rewrite @ktx/llm imports to relative paths
* refactor(workspace): fold internal packages into cli
* chore(workspace): gate dead-code with knip production mode
Turn on production-mode knip plus an autofix run in pre-commit and the
`pnpm dead-code` script, document the `/** @internal */` convention for
test-only exports in AGENTS.md, annotate test-only exports across the
CLI with that JSDoc, and drop dead exports/wrappers the new gate
surfaced (e.g. `cli-project.ts`, `lookerRuntimeSourceToFileAdapterSource`,
`createLocalScanEnrichmentProvidersFromConfig`,
`PGLITE_OWNER_PROCESS_BACKEND_CAPABILITIES`, stale type re-exports).
Replace the loose `ignoreIssues` allowlist in `knip.json` with explicit
production entries so cross-package barrel leaks are caught.
* refactor(cli): delete internal barrel index.ts files
The 34 `index.ts` re-export barrels inside `packages/cli/src/` were
holdovers from the pre-fold multi-workspace structure. Post-fold-in they
served no production purpose: external consumers go through the single
package main entry, and in-repo callers mostly imported through them
only because the path was short. Internally, knip flagged most barrel
re-exports as production-dead (only reached via tests).
This change:
- Deletes every internal barrel except `packages/cli/src/index.ts`
(the published package entry).
- Rewrites ~270 source/test files to import each name directly from
the file that defines it.
- Moves `tools/warehouse-verification/index.ts` to
`create-warehouse-verification-tools.ts` (the function it defined
locally) and updates its single consumer.
- Renames `search/backend-conformance.ts` → `.test-utils.ts` to match
the existing test-helper file convention.
- Deletes 13 dead test-only chains (dbt-descriptions/*,
live-database/extracted-schema, live-database/structural-sync,
relationship-* feedback/review chain) plus their tests and a
cascading orphan integration test.
- Updates test mocks that pointed at deleted barrel paths
(notion-client, connector barrels in scan/local-scan-connectors
tests) to mock the source files instead.
- Points the maintainer benchmark script
(`scripts/relationship-benchmark-report.mjs`) at source files
instead of `dist/context/scan/index.js`.
- Drops the barrel `!` entries from `knip.json`; adds explicit
production entries only for the benchmark code reached via dist by
the maintainer script.
Net: 413 files changed, ~1.2k insertions, ~9.4k deletions.
`pnpm run dead-code` (Biome + knip default + knip production) and
`pnpm run type-check` are clean; 2277 tests pass.
* refactor(workspace): rename @ktx/cli to @kaelio/ktx and pack it directly
Promote the CLI workspace package to the public name `@kaelio/ktx` and
drop the separate `scripts/build-public-npm-package.mjs` wrapper. The
CLI package is now publishable in place (`publishConfig.access: public`,
`provenance: true`), so artifact packing uses `pnpm pack` against
`packages/cli/` instead of assembling a parallel package tree.
Updates all workspace filter invocations, docs, tests, and release
readiness checks to reference the new package name, and folds the
tarball-name helper into `scripts/public-npm-release-metadata.mjs`.
* docs: align "agent clients" and "data agents" terminology
Replace "client agents" with "agent clients" and "database agents" with
"data agents" across AGENTS.md, README.md, the docs-site copy, and the
matching setup-agents test description, matching the canonical
vocabulary in docs/terminology.md.
Also moves packages/cli/tsconfig.json's tsBuildInfoFile from
node_modules/.cache/ to dist/.tsbuildinfo so incremental builds survive
node_modules reinstalls.
* refactor(release): single source of truth for package version
Make packages/cli/package.json the single source of truth for the
@kaelio/ktx version. publicNpmPackageVersion() now reads it directly,
so artifact filenames, release-readiness checks, and the Python wheel
version all derive from one field. The duplicate
release-policy.json.publicNpmPackageVersion is removed.
Previously the two fields could drift: tarballs were named
kaelio-ktx-0.4.1.tgz while internally containing
@kaelio/ktx@0.0.0-private.
- update-public-release-version.mjs rewrites both Python pyproject.toml
files (ktx-daemon, ktx-sl) alongside the npm package.jsons,
normalizing the version for PEP 440 (e.g. 0.1.0-rc.2 -> 0.1.0rc2).
- semantic-release-config.cjs adds the two pyproject.toml files to
@semantic-release/git assets so the release commit back to main
carries every version source in lockstep.
- The six "?? '0.0.0-private'" fallback literals across the CLI are
replaced with "?? getKtxCliPackageInfo().version", and
createDefaultKtxMcpServer makes its version arg required.
- docs/release.md describes the actual commit-back model: the dev tree
always reflects the most recent release; no sentinel pin to
maintain.
Verified: pnpm run artifacts:build now produces
kaelio-ktx-0.4.1.tgz and kaelio_ktx-0.4.1-py3-none-any.whl with
@kaelio/ktx@0.4.1 inside. Full type-check, dead-code, and
2287 vitests + 173 script tests pass.
* refactor(cli): inject embedding provider resolution and detect sentence-transformers runtime
Make resolveProjectEmbeddingProvider and runtimeIo injectable in ingest and
scan command entrypoints so tests can stub them, and teach
resolvePublicIngestRuntimeRequirements to flag the local-embeddings runtime
feature when ktx.yaml selects sentence-transformers.
* chore(cli): mark buildLocalStatsStatus and LocalStatsStatus as @internal
Both symbols are consumed only by status-project.test.ts. Annotating with
/** @internal */ keeps knip's production-mode check clean without changing
runtime behavior.
* fix(cli): use real package metadata in print-command-tree
The stubbed package name embedded a forbidden product identifier that
tripped the boundary check in CI. Read the metadata from package.json
instead — keeps the rendered tree unchanged and removes a duplicate
source of truth.
* feat(cli): show embedding coverage in `ktx status`, drop duplicate disk counts
Inline `(N embedded)` next to the Wiki scope counts and Semantic-layer
source counts, computed with `SUM(embedding_json IS NOT NULL)` over
`knowledge_pages` and `local_sl_sources`. Rename the "Knowledge" label to
"Wiki" (canonical per `docs/terminology.md`) and rename the matching
`localStats.knowledgePages` field to `localStats.wikiPages`.
Drop `wiki=N md` and `semantic-layer=N yaml` from the Disk row — those
duplicated the per-surface rows above. Disk now reports only actual byte
usage (db, cache, raw-sources). The unused `wikiGlobalMarkdownCount` /
`semanticLayerYamlCount` fields, the `isMarkdownEntry` / `isYamlEntry`
helpers, and the `filter` arg on `summarizeDir` are removed.
2026-05-21 15:28:58 +02:00
|
|
|
import { resolveLocalKtxLlmConfig } from './context/llm/local-config.js';
|
|
|
|
|
import { runClaudeCodeAuthProbe } from './context/llm/claude-code-runtime.js';
|
feat: add codex llm backend for ktx runtime work (#253)
* feat: add codex sdk runner foundation
* feat: parse codex runtime events
* feat: expose codex runtime mcp tools
* feat: add codex llm runtime
* feat: wire codex llm backend
* test: avoid Array.fromAsync in codex runner test
* docs: document codex llm backend
* fix: tighten codex runtime config ownership
* fix: use codex sdk env and thread options
* fix: parse codex sdk event shapes
* test: add codex backend live smoke
* docs: clarify codex backend isolation
* fix: drive codex loop metrics from mcp events
* fix: enforce codex local step budget
* docs: disclose codex isolation limits
* fix: count all codex agent steps and stream step callbacks live
The agent-loop step budget only counted completed mcp_tool_call items, so
built-in command_execution steps (which the public Codex SDK/CLI surface can
still expose) never decremented the budget, letting ingest/reconciliation run
past stepBudget until Codex stopped on its own. onStepFinish was also replayed
only after the whole stream drained, so live work_unit_step / reconciliation
progress appeared stuck until the Codex process exited.
collectEvents is now the single live step accumulator: it counts every
completed agent-action item via a shared isCompletedAgentStep predicate
(command_execution, mcp_tool_call, file_change, web_search), fires onStepFinish
as each step completes, and enforces the budget on that broader count. A
no-tool turn still counts as one step. toolFailures stays MCP-specific, since a
non-zero command exit is normal agent exploration, not a loop failure.
* test: align ingest llm-guard assertions with codex backend
The skip-llm ingest guard message now lists codex as a valid backend and
mentions a Claude Code/Codex session plus a codex setup hint, but this slow
suite test still asserted the pre-codex wording. Update it to match the
production message (already covered by the local-bundle-runtime unit test) and
add the codex setup-line assertion.
* fix: treat codex error:null tool calls as success
The Codex SDK serializes error: null on successful mcp_tool_call items, so
the failure check (item.error !== undefined) flagged every successful tool
call as failed with the empty-payload default "Codex turn failed". This
killed every ingest work unit under the codex backend before it could
produce a patch.
Key on status === 'failed' (authoritative, always set) and only treat a
populated error object as a failure. Add a regression test built from a
verbatim real-SDK event capture.
* fix: default codex backend to gpt-5.5 and report real probe errors
The previous default gpt-5.3-codex is an API-key-only model that the OpenAI
API rejects under ChatGPT-account (subscription) auth, so codex status/setup
failed with a misleading "authentication is not usable" message even though
auth was fine.
- Default codex model is now gpt-5.5 (works on both subscription and API-key
auth); the curated setup picker offers gpt-5.5 / gpt-5.4 / gpt-5.4-mini and
keeps free-form entry for account-specific ids (e.g. gpt-5.3-codex-spark).
- runCodexAuthProbe now distinguishes "model not available" from an auth
failure and surfaces the real API error: collectEvents retains stream
events when the SDK throws on a non-zero exit, and the API error JSON
envelope is unwrapped to its human-readable message.
- The Codex isolation warning now renders inside the clack setup frame.
- Docs updated to gpt-5.5 with a note that *-codex ids require API-key auth.
* fix: require llm.models.default in status and match codex probe remediation
Status reported a project ready when a non-none LLM backend was configured
without llm.models.default, but the runtime (resolveModelSlots) hard-requires
it, so ingest/scan/memory threw after `ktx status` said the project was usable.
buildLlmStatus now fails for any non-none backend missing models.default and no
longer invents a fallback model for claude-code/codex.
Codex probe failures now carry a category-matched fix: a model-access failure
steers the user at llm.models.default instead of the auth/install remediation.
runCodexAuthProbe returns the fix and status consumes it; the message stays
self-sufficient so setup output is unchanged.
Docs: README now lists the codex backend and local Codex auth; ktx-setup.mdx
states --llm-model only accepts codex/default or gpt-*/codex-* ids.
Repaired four doctor fixtures that configured a backend without models.default
(the now-correctly-blocked config) and added coverage for the new behavior.
2026-06-02 13:57:11 +02:00
|
|
|
import { formatCodexIsolationWarning } from './context/llm/codex-isolation.js';
|
|
|
|
|
import { runCodexAuthProbe } from './context/llm/codex-runtime.js';
|
|
|
|
|
import { DEFAULT_CODEX_MODEL } from './context/llm/codex-models.js';
|
chore(workspace): gate dead-code with knip production mode (#196)
* refactor(workspace): relocate @ktx/llm source into packages/cli/src/llm
* refactor(workspace): rewrite @ktx/llm imports to relative paths
* refactor(workspace): fold internal packages into cli
* chore(workspace): gate dead-code with knip production mode
Turn on production-mode knip plus an autofix run in pre-commit and the
`pnpm dead-code` script, document the `/** @internal */` convention for
test-only exports in AGENTS.md, annotate test-only exports across the
CLI with that JSDoc, and drop dead exports/wrappers the new gate
surfaced (e.g. `cli-project.ts`, `lookerRuntimeSourceToFileAdapterSource`,
`createLocalScanEnrichmentProvidersFromConfig`,
`PGLITE_OWNER_PROCESS_BACKEND_CAPABILITIES`, stale type re-exports).
Replace the loose `ignoreIssues` allowlist in `knip.json` with explicit
production entries so cross-package barrel leaks are caught.
* refactor(cli): delete internal barrel index.ts files
The 34 `index.ts` re-export barrels inside `packages/cli/src/` were
holdovers from the pre-fold multi-workspace structure. Post-fold-in they
served no production purpose: external consumers go through the single
package main entry, and in-repo callers mostly imported through them
only because the path was short. Internally, knip flagged most barrel
re-exports as production-dead (only reached via tests).
This change:
- Deletes every internal barrel except `packages/cli/src/index.ts`
(the published package entry).
- Rewrites ~270 source/test files to import each name directly from
the file that defines it.
- Moves `tools/warehouse-verification/index.ts` to
`create-warehouse-verification-tools.ts` (the function it defined
locally) and updates its single consumer.
- Renames `search/backend-conformance.ts` → `.test-utils.ts` to match
the existing test-helper file convention.
- Deletes 13 dead test-only chains (dbt-descriptions/*,
live-database/extracted-schema, live-database/structural-sync,
relationship-* feedback/review chain) plus their tests and a
cascading orphan integration test.
- Updates test mocks that pointed at deleted barrel paths
(notion-client, connector barrels in scan/local-scan-connectors
tests) to mock the source files instead.
- Points the maintainer benchmark script
(`scripts/relationship-benchmark-report.mjs`) at source files
instead of `dist/context/scan/index.js`.
- Drops the barrel `!` entries from `knip.json`; adds explicit
production entries only for the benchmark code reached via dist by
the maintainer script.
Net: 413 files changed, ~1.2k insertions, ~9.4k deletions.
`pnpm run dead-code` (Biome + knip default + knip production) and
`pnpm run type-check` are clean; 2277 tests pass.
* refactor(workspace): rename @ktx/cli to @kaelio/ktx and pack it directly
Promote the CLI workspace package to the public name `@kaelio/ktx` and
drop the separate `scripts/build-public-npm-package.mjs` wrapper. The
CLI package is now publishable in place (`publishConfig.access: public`,
`provenance: true`), so artifact packing uses `pnpm pack` against
`packages/cli/` instead of assembling a parallel package tree.
Updates all workspace filter invocations, docs, tests, and release
readiness checks to reference the new package name, and folds the
tarball-name helper into `scripts/public-npm-release-metadata.mjs`.
* docs: align "agent clients" and "data agents" terminology
Replace "client agents" with "agent clients" and "database agents" with
"data agents" across AGENTS.md, README.md, the docs-site copy, and the
matching setup-agents test description, matching the canonical
vocabulary in docs/terminology.md.
Also moves packages/cli/tsconfig.json's tsBuildInfoFile from
node_modules/.cache/ to dist/.tsbuildinfo so incremental builds survive
node_modules reinstalls.
* refactor(release): single source of truth for package version
Make packages/cli/package.json the single source of truth for the
@kaelio/ktx version. publicNpmPackageVersion() now reads it directly,
so artifact filenames, release-readiness checks, and the Python wheel
version all derive from one field. The duplicate
release-policy.json.publicNpmPackageVersion is removed.
Previously the two fields could drift: tarballs were named
kaelio-ktx-0.4.1.tgz while internally containing
@kaelio/ktx@0.0.0-private.
- update-public-release-version.mjs rewrites both Python pyproject.toml
files (ktx-daemon, ktx-sl) alongside the npm package.jsons,
normalizing the version for PEP 440 (e.g. 0.1.0-rc.2 -> 0.1.0rc2).
- semantic-release-config.cjs adds the two pyproject.toml files to
@semantic-release/git assets so the release commit back to main
carries every version source in lockstep.
- The six "?? '0.0.0-private'" fallback literals across the CLI are
replaced with "?? getKtxCliPackageInfo().version", and
createDefaultKtxMcpServer makes its version arg required.
- docs/release.md describes the actual commit-back model: the dev tree
always reflects the most recent release; no sentinel pin to
maintain.
Verified: pnpm run artifacts:build now produces
kaelio-ktx-0.4.1.tgz and kaelio_ktx-0.4.1-py3-none-any.whl with
@kaelio/ktx@0.4.1 inside. Full type-check, dead-code, and
2287 vitests + 173 script tests pass.
* refactor(cli): inject embedding provider resolution and detect sentence-transformers runtime
Make resolveProjectEmbeddingProvider and runtimeIo injectable in ingest and
scan command entrypoints so tests can stub them, and teach
resolvePublicIngestRuntimeRequirements to flag the local-embeddings runtime
feature when ktx.yaml selects sentence-transformers.
* chore(cli): mark buildLocalStatsStatus and LocalStatsStatus as @internal
Both symbols are consumed only by status-project.test.ts. Annotating with
/** @internal */ keeps knip's production-mode check clean without changing
runtime behavior.
* fix(cli): use real package metadata in print-command-tree
The stubbed package name embedded a forbidden product identifier that
tripped the boundary check in CI. Read the metadata from package.json
instead — keeps the rendered tree unchanged and removes a duplicate
source of truth.
* feat(cli): show embedding coverage in `ktx status`, drop duplicate disk counts
Inline `(N embedded)` next to the Wiki scope counts and Semantic-layer
source counts, computed with `SUM(embedding_json IS NOT NULL)` over
`knowledge_pages` and `local_sl_sources`. Rename the "Knowledge" label to
"Wiki" (canonical per `docs/terminology.md`) and rename the matching
`localStats.knowledgePages` field to `localStats.wikiPages`.
Drop `wiki=N md` and `semantic-layer=N yaml` from the Disk row — those
duplicated the per-surface rows above. Disk now reports only actual byte
usage (db, cache, raw-sources). The unused `wikiGlobalMarkdownCount` /
`semanticLayerYamlCount` fields, the `isMarkdownEntry` / `isYamlEntry`
helpers, and the `filter` arg on `summarizeDir` are removed.
2026-05-21 15:28:58 +02:00
|
|
|
import { resolveKtxConfigReference } from './context/core/config-reference.js';
|
|
|
|
|
import { type KtxProjectConfig, type KtxProjectLlmConfig, serializeKtxProjectConfig } from './context/project/config.js';
|
|
|
|
|
import { loadKtxProject } from './context/project/project.js';
|
|
|
|
|
import { markKtxSetupStateStepComplete } from './context/project/setup-config.js';
|
2026-06-08 15:30:48 +02:00
|
|
|
import { type KtxModelRole, KTX_MODEL_ROLES, type KtxLlmConfig } from './llm/types.js';
|
chore(workspace): gate dead-code with knip production mode (#196)
* refactor(workspace): relocate @ktx/llm source into packages/cli/src/llm
* refactor(workspace): rewrite @ktx/llm imports to relative paths
* refactor(workspace): fold internal packages into cli
* chore(workspace): gate dead-code with knip production mode
Turn on production-mode knip plus an autofix run in pre-commit and the
`pnpm dead-code` script, document the `/** @internal */` convention for
test-only exports in AGENTS.md, annotate test-only exports across the
CLI with that JSDoc, and drop dead exports/wrappers the new gate
surfaced (e.g. `cli-project.ts`, `lookerRuntimeSourceToFileAdapterSource`,
`createLocalScanEnrichmentProvidersFromConfig`,
`PGLITE_OWNER_PROCESS_BACKEND_CAPABILITIES`, stale type re-exports).
Replace the loose `ignoreIssues` allowlist in `knip.json` with explicit
production entries so cross-package barrel leaks are caught.
* refactor(cli): delete internal barrel index.ts files
The 34 `index.ts` re-export barrels inside `packages/cli/src/` were
holdovers from the pre-fold multi-workspace structure. Post-fold-in they
served no production purpose: external consumers go through the single
package main entry, and in-repo callers mostly imported through them
only because the path was short. Internally, knip flagged most barrel
re-exports as production-dead (only reached via tests).
This change:
- Deletes every internal barrel except `packages/cli/src/index.ts`
(the published package entry).
- Rewrites ~270 source/test files to import each name directly from
the file that defines it.
- Moves `tools/warehouse-verification/index.ts` to
`create-warehouse-verification-tools.ts` (the function it defined
locally) and updates its single consumer.
- Renames `search/backend-conformance.ts` → `.test-utils.ts` to match
the existing test-helper file convention.
- Deletes 13 dead test-only chains (dbt-descriptions/*,
live-database/extracted-schema, live-database/structural-sync,
relationship-* feedback/review chain) plus their tests and a
cascading orphan integration test.
- Updates test mocks that pointed at deleted barrel paths
(notion-client, connector barrels in scan/local-scan-connectors
tests) to mock the source files instead.
- Points the maintainer benchmark script
(`scripts/relationship-benchmark-report.mjs`) at source files
instead of `dist/context/scan/index.js`.
- Drops the barrel `!` entries from `knip.json`; adds explicit
production entries only for the benchmark code reached via dist by
the maintainer script.
Net: 413 files changed, ~1.2k insertions, ~9.4k deletions.
`pnpm run dead-code` (Biome + knip default + knip production) and
`pnpm run type-check` are clean; 2277 tests pass.
* refactor(workspace): rename @ktx/cli to @kaelio/ktx and pack it directly
Promote the CLI workspace package to the public name `@kaelio/ktx` and
drop the separate `scripts/build-public-npm-package.mjs` wrapper. The
CLI package is now publishable in place (`publishConfig.access: public`,
`provenance: true`), so artifact packing uses `pnpm pack` against
`packages/cli/` instead of assembling a parallel package tree.
Updates all workspace filter invocations, docs, tests, and release
readiness checks to reference the new package name, and folds the
tarball-name helper into `scripts/public-npm-release-metadata.mjs`.
* docs: align "agent clients" and "data agents" terminology
Replace "client agents" with "agent clients" and "database agents" with
"data agents" across AGENTS.md, README.md, the docs-site copy, and the
matching setup-agents test description, matching the canonical
vocabulary in docs/terminology.md.
Also moves packages/cli/tsconfig.json's tsBuildInfoFile from
node_modules/.cache/ to dist/.tsbuildinfo so incremental builds survive
node_modules reinstalls.
* refactor(release): single source of truth for package version
Make packages/cli/package.json the single source of truth for the
@kaelio/ktx version. publicNpmPackageVersion() now reads it directly,
so artifact filenames, release-readiness checks, and the Python wheel
version all derive from one field. The duplicate
release-policy.json.publicNpmPackageVersion is removed.
Previously the two fields could drift: tarballs were named
kaelio-ktx-0.4.1.tgz while internally containing
@kaelio/ktx@0.0.0-private.
- update-public-release-version.mjs rewrites both Python pyproject.toml
files (ktx-daemon, ktx-sl) alongside the npm package.jsons,
normalizing the version for PEP 440 (e.g. 0.1.0-rc.2 -> 0.1.0rc2).
- semantic-release-config.cjs adds the two pyproject.toml files to
@semantic-release/git assets so the release commit back to main
carries every version source in lockstep.
- The six "?? '0.0.0-private'" fallback literals across the CLI are
replaced with "?? getKtxCliPackageInfo().version", and
createDefaultKtxMcpServer makes its version arg required.
- docs/release.md describes the actual commit-back model: the dev tree
always reflects the most recent release; no sentinel pin to
maintain.
Verified: pnpm run artifacts:build now produces
kaelio-ktx-0.4.1.tgz and kaelio_ktx-0.4.1-py3-none-any.whl with
@kaelio/ktx@0.4.1 inside. Full type-check, dead-code, and
2287 vitests + 173 script tests pass.
* refactor(cli): inject embedding provider resolution and detect sentence-transformers runtime
Make resolveProjectEmbeddingProvider and runtimeIo injectable in ingest and
scan command entrypoints so tests can stub them, and teach
resolvePublicIngestRuntimeRequirements to flag the local-embeddings runtime
feature when ktx.yaml selects sentence-transformers.
* chore(cli): mark buildLocalStatsStatus and LocalStatsStatus as @internal
Both symbols are consumed only by status-project.test.ts. Annotating with
/** @internal */ keeps knip's production-mode check clean without changing
runtime behavior.
* fix(cli): use real package metadata in print-command-tree
The stubbed package name embedded a forbidden product identifier that
tripped the boundary check in CI. Read the metadata from package.json
instead — keeps the rendered tree unchanged and removes a duplicate
source of truth.
* feat(cli): show embedding coverage in `ktx status`, drop duplicate disk counts
Inline `(N embedded)` next to the Wiki scope counts and Semantic-layer
source counts, computed with `SUM(embedding_json IS NOT NULL)` over
`knowledge_pages` and `local_sl_sources`. Rename the "Knowledge" label to
"Wiki" (canonical per `docs/terminology.md`) and rename the matching
`localStats.knowledgePages` field to `localStats.wikiPages`.
Drop `wiki=N md` and `semantic-layer=N yaml` from the Disk row — those
duplicated the per-surface rows above. Disk now reports only actual byte
usage (db, cache, raw-sources). The unused `wikiGlobalMarkdownCount` /
`semanticLayerYamlCount` fields, the `isMarkdownEntry` / `isYamlEntry`
helpers, and the `filter` arg on `summarizeDir` are removed.
2026-05-21 15:28:58 +02:00
|
|
|
import { type KtxLlmHealthCheckResult, runKtxLlmHealthCheck } from './llm/model-health.js';
|
2026-05-16 12:06:34 +02:00
|
|
|
import {
|
|
|
|
|
formatClaudeCodePromptCachingWarning,
|
|
|
|
|
ignoredClaudeCodePromptCachingFields,
|
|
|
|
|
} from './claude-code-prompt-caching.js';
|
2026-05-13 13:29:50 -07:00
|
|
|
import { createClackSpinner, type KtxCliSpinner } from './clack.js';
|
2026-05-10 23:51:24 +02:00
|
|
|
import type { KtxCliIo } from './cli-runtime.js';
|
2026-05-13 17:01:48 +02:00
|
|
|
import { withTextInputNavigation } from './prompt-navigation.js';
|
2026-05-10 23:12:26 +02:00
|
|
|
import { envCredentialReference, writeProjectLocalSecretReference } from './setup-secrets.js';
|
2026-05-13 17:01:48 +02:00
|
|
|
import {
|
|
|
|
|
createKtxSetupPromptAdapter,
|
|
|
|
|
type KtxSetupPromptOption,
|
|
|
|
|
} from './setup-prompts.js';
|
2026-05-10 23:12:26 +02:00
|
|
|
|
2026-05-13 19:49:49 -04:00
|
|
|
const ESC = String.fromCharCode(0x1b);
|
|
|
|
|
|
|
|
|
|
function yellow(text: string): string {
|
|
|
|
|
return `${ESC}[33m${text}${ESC}[39m`;
|
|
|
|
|
}
|
|
|
|
|
|
2026-05-10 23:51:24 +02:00
|
|
|
export interface KtxSetupModelArgs {
|
2026-05-10 23:12:26 +02:00
|
|
|
projectDir: string;
|
|
|
|
|
inputMode: 'auto' | 'disabled';
|
2026-05-13 08:42:38 -04:00
|
|
|
llmBackend?: KtxSetupLlmBackend;
|
2026-05-10 23:12:26 +02:00
|
|
|
anthropicApiKeyEnv?: string;
|
|
|
|
|
anthropicApiKeyFile?: string;
|
2026-05-13 08:42:38 -04:00
|
|
|
vertexProject?: string;
|
|
|
|
|
vertexLocation?: string;
|
2026-05-10 23:12:26 +02:00
|
|
|
forcePrompt?: boolean;
|
|
|
|
|
showPromptInstructions?: boolean;
|
|
|
|
|
skipLlm: boolean;
|
|
|
|
|
}
|
|
|
|
|
|
2026-05-10 23:51:24 +02:00
|
|
|
export type KtxSetupModelResult =
|
2026-05-10 23:12:26 +02:00
|
|
|
| { status: 'ready'; projectDir: string }
|
|
|
|
|
| { status: 'skipped'; projectDir: string }
|
|
|
|
|
| { status: 'back'; projectDir: string }
|
|
|
|
|
| { status: 'missing-input'; projectDir: string }
|
|
|
|
|
| { status: 'failed'; projectDir: string };
|
|
|
|
|
|
feat: add codex llm backend for ktx runtime work (#253)
* feat: add codex sdk runner foundation
* feat: parse codex runtime events
* feat: expose codex runtime mcp tools
* feat: add codex llm runtime
* feat: wire codex llm backend
* test: avoid Array.fromAsync in codex runner test
* docs: document codex llm backend
* fix: tighten codex runtime config ownership
* fix: use codex sdk env and thread options
* fix: parse codex sdk event shapes
* test: add codex backend live smoke
* docs: clarify codex backend isolation
* fix: drive codex loop metrics from mcp events
* fix: enforce codex local step budget
* docs: disclose codex isolation limits
* fix: count all codex agent steps and stream step callbacks live
The agent-loop step budget only counted completed mcp_tool_call items, so
built-in command_execution steps (which the public Codex SDK/CLI surface can
still expose) never decremented the budget, letting ingest/reconciliation run
past stepBudget until Codex stopped on its own. onStepFinish was also replayed
only after the whole stream drained, so live work_unit_step / reconciliation
progress appeared stuck until the Codex process exited.
collectEvents is now the single live step accumulator: it counts every
completed agent-action item via a shared isCompletedAgentStep predicate
(command_execution, mcp_tool_call, file_change, web_search), fires onStepFinish
as each step completes, and enforces the budget on that broader count. A
no-tool turn still counts as one step. toolFailures stays MCP-specific, since a
non-zero command exit is normal agent exploration, not a loop failure.
* test: align ingest llm-guard assertions with codex backend
The skip-llm ingest guard message now lists codex as a valid backend and
mentions a Claude Code/Codex session plus a codex setup hint, but this slow
suite test still asserted the pre-codex wording. Update it to match the
production message (already covered by the local-bundle-runtime unit test) and
add the codex setup-line assertion.
* fix: treat codex error:null tool calls as success
The Codex SDK serializes error: null on successful mcp_tool_call items, so
the failure check (item.error !== undefined) flagged every successful tool
call as failed with the empty-payload default "Codex turn failed". This
killed every ingest work unit under the codex backend before it could
produce a patch.
Key on status === 'failed' (authoritative, always set) and only treat a
populated error object as a failure. Add a regression test built from a
verbatim real-SDK event capture.
* fix: default codex backend to gpt-5.5 and report real probe errors
The previous default gpt-5.3-codex is an API-key-only model that the OpenAI
API rejects under ChatGPT-account (subscription) auth, so codex status/setup
failed with a misleading "authentication is not usable" message even though
auth was fine.
- Default codex model is now gpt-5.5 (works on both subscription and API-key
auth); the curated setup picker offers gpt-5.5 / gpt-5.4 / gpt-5.4-mini and
keeps free-form entry for account-specific ids (e.g. gpt-5.3-codex-spark).
- runCodexAuthProbe now distinguishes "model not available" from an auth
failure and surfaces the real API error: collectEvents retains stream
events when the SDK throws on a non-zero exit, and the API error JSON
envelope is unwrapped to its human-readable message.
- The Codex isolation warning now renders inside the clack setup frame.
- Docs updated to gpt-5.5 with a note that *-codex ids require API-key auth.
* fix: require llm.models.default in status and match codex probe remediation
Status reported a project ready when a non-none LLM backend was configured
without llm.models.default, but the runtime (resolveModelSlots) hard-requires
it, so ingest/scan/memory threw after `ktx status` said the project was usable.
buildLlmStatus now fails for any non-none backend missing models.default and no
longer invents a fallback model for claude-code/codex.
Codex probe failures now carry a category-matched fix: a model-access failure
steers the user at llm.models.default instead of the auth/install remediation.
runCodexAuthProbe returns the fix and status consumes it; the message stays
self-sufficient so setup output is unchanged.
Docs: README now lists the codex backend and local Codex auth; ktx-setup.mdx
states --llm-model only accepts codex/default or gpt-*/codex-* ids.
Repaired four doctor fixtures that configured a backend without models.default
(the now-correctly-blocked config) and added coverage for the new behavior.
2026-06-02 13:57:11 +02:00
|
|
|
export type KtxSetupLlmBackend = 'anthropic' | 'vertex' | 'claude-code' | 'codex';
|
2026-05-13 08:42:38 -04:00
|
|
|
|
chore(workspace): gate dead-code with knip production mode (#196)
* refactor(workspace): relocate @ktx/llm source into packages/cli/src/llm
* refactor(workspace): rewrite @ktx/llm imports to relative paths
* refactor(workspace): fold internal packages into cli
* chore(workspace): gate dead-code with knip production mode
Turn on production-mode knip plus an autofix run in pre-commit and the
`pnpm dead-code` script, document the `/** @internal */` convention for
test-only exports in AGENTS.md, annotate test-only exports across the
CLI with that JSDoc, and drop dead exports/wrappers the new gate
surfaced (e.g. `cli-project.ts`, `lookerRuntimeSourceToFileAdapterSource`,
`createLocalScanEnrichmentProvidersFromConfig`,
`PGLITE_OWNER_PROCESS_BACKEND_CAPABILITIES`, stale type re-exports).
Replace the loose `ignoreIssues` allowlist in `knip.json` with explicit
production entries so cross-package barrel leaks are caught.
* refactor(cli): delete internal barrel index.ts files
The 34 `index.ts` re-export barrels inside `packages/cli/src/` were
holdovers from the pre-fold multi-workspace structure. Post-fold-in they
served no production purpose: external consumers go through the single
package main entry, and in-repo callers mostly imported through them
only because the path was short. Internally, knip flagged most barrel
re-exports as production-dead (only reached via tests).
This change:
- Deletes every internal barrel except `packages/cli/src/index.ts`
(the published package entry).
- Rewrites ~270 source/test files to import each name directly from
the file that defines it.
- Moves `tools/warehouse-verification/index.ts` to
`create-warehouse-verification-tools.ts` (the function it defined
locally) and updates its single consumer.
- Renames `search/backend-conformance.ts` → `.test-utils.ts` to match
the existing test-helper file convention.
- Deletes 13 dead test-only chains (dbt-descriptions/*,
live-database/extracted-schema, live-database/structural-sync,
relationship-* feedback/review chain) plus their tests and a
cascading orphan integration test.
- Updates test mocks that pointed at deleted barrel paths
(notion-client, connector barrels in scan/local-scan-connectors
tests) to mock the source files instead.
- Points the maintainer benchmark script
(`scripts/relationship-benchmark-report.mjs`) at source files
instead of `dist/context/scan/index.js`.
- Drops the barrel `!` entries from `knip.json`; adds explicit
production entries only for the benchmark code reached via dist by
the maintainer script.
Net: 413 files changed, ~1.2k insertions, ~9.4k deletions.
`pnpm run dead-code` (Biome + knip default + knip production) and
`pnpm run type-check` are clean; 2277 tests pass.
* refactor(workspace): rename @ktx/cli to @kaelio/ktx and pack it directly
Promote the CLI workspace package to the public name `@kaelio/ktx` and
drop the separate `scripts/build-public-npm-package.mjs` wrapper. The
CLI package is now publishable in place (`publishConfig.access: public`,
`provenance: true`), so artifact packing uses `pnpm pack` against
`packages/cli/` instead of assembling a parallel package tree.
Updates all workspace filter invocations, docs, tests, and release
readiness checks to reference the new package name, and folds the
tarball-name helper into `scripts/public-npm-release-metadata.mjs`.
* docs: align "agent clients" and "data agents" terminology
Replace "client agents" with "agent clients" and "database agents" with
"data agents" across AGENTS.md, README.md, the docs-site copy, and the
matching setup-agents test description, matching the canonical
vocabulary in docs/terminology.md.
Also moves packages/cli/tsconfig.json's tsBuildInfoFile from
node_modules/.cache/ to dist/.tsbuildinfo so incremental builds survive
node_modules reinstalls.
* refactor(release): single source of truth for package version
Make packages/cli/package.json the single source of truth for the
@kaelio/ktx version. publicNpmPackageVersion() now reads it directly,
so artifact filenames, release-readiness checks, and the Python wheel
version all derive from one field. The duplicate
release-policy.json.publicNpmPackageVersion is removed.
Previously the two fields could drift: tarballs were named
kaelio-ktx-0.4.1.tgz while internally containing
@kaelio/ktx@0.0.0-private.
- update-public-release-version.mjs rewrites both Python pyproject.toml
files (ktx-daemon, ktx-sl) alongside the npm package.jsons,
normalizing the version for PEP 440 (e.g. 0.1.0-rc.2 -> 0.1.0rc2).
- semantic-release-config.cjs adds the two pyproject.toml files to
@semantic-release/git assets so the release commit back to main
carries every version source in lockstep.
- The six "?? '0.0.0-private'" fallback literals across the CLI are
replaced with "?? getKtxCliPackageInfo().version", and
createDefaultKtxMcpServer makes its version arg required.
- docs/release.md describes the actual commit-back model: the dev tree
always reflects the most recent release; no sentinel pin to
maintain.
Verified: pnpm run artifacts:build now produces
kaelio-ktx-0.4.1.tgz and kaelio_ktx-0.4.1-py3-none-any.whl with
@kaelio/ktx@0.4.1 inside. Full type-check, dead-code, and
2287 vitests + 173 script tests pass.
* refactor(cli): inject embedding provider resolution and detect sentence-transformers runtime
Make resolveProjectEmbeddingProvider and runtimeIo injectable in ingest and
scan command entrypoints so tests can stub them, and teach
resolvePublicIngestRuntimeRequirements to flag the local-embeddings runtime
feature when ktx.yaml selects sentence-transformers.
* chore(cli): mark buildLocalStatsStatus and LocalStatsStatus as @internal
Both symbols are consumed only by status-project.test.ts. Annotating with
/** @internal */ keeps knip's production-mode check clean without changing
runtime behavior.
* fix(cli): use real package metadata in print-command-tree
The stubbed package name embedded a forbidden product identifier that
tripped the boundary check in CI. Read the metadata from package.json
instead — keeps the rendered tree unchanged and removes a duplicate
source of truth.
* feat(cli): show embedding coverage in `ktx status`, drop duplicate disk counts
Inline `(N embedded)` next to the Wiki scope counts and Semantic-layer
source counts, computed with `SUM(embedding_json IS NOT NULL)` over
`knowledge_pages` and `local_sl_sources`. Rename the "Knowledge" label to
"Wiki" (canonical per `docs/terminology.md`) and rename the matching
`localStats.knowledgePages` field to `localStats.wikiPages`.
Drop `wiki=N md` and `semantic-layer=N yaml` from the Disk row — those
duplicated the per-surface rows above. Disk now reports only actual byte
usage (db, cache, raw-sources). The unused `wikiGlobalMarkdownCount` /
`semanticLayerYamlCount` fields, the `isMarkdownEntry` / `isYamlEntry`
helpers, and the `filter` arg on `summarizeDir` are removed.
2026-05-21 15:28:58 +02:00
|
|
|
/** @internal */
|
2026-05-10 23:51:24 +02:00
|
|
|
export interface KtxSetupModelPromptAdapter {
|
2026-05-13 17:01:48 +02:00
|
|
|
select(options: { message: string; options: KtxSetupPromptOption[] }): Promise<string>;
|
2026-05-22 14:22:11 +02:00
|
|
|
autocomplete(options: {
|
|
|
|
|
message: string;
|
|
|
|
|
placeholder?: string;
|
|
|
|
|
options: KtxSetupPromptOption[];
|
|
|
|
|
}): Promise<string>;
|
2026-05-10 23:12:26 +02:00
|
|
|
text(options: { message: string; placeholder?: string }): Promise<string | undefined>;
|
|
|
|
|
password(options: { message: string }): Promise<string | undefined>;
|
|
|
|
|
cancel(message: string): void;
|
|
|
|
|
}
|
|
|
|
|
|
2026-05-10 23:51:24 +02:00
|
|
|
export interface KtxSetupModelDeps {
|
2026-05-10 23:12:26 +02:00
|
|
|
env?: NodeJS.ProcessEnv;
|
2026-05-10 23:51:24 +02:00
|
|
|
prompts?: KtxSetupModelPromptAdapter;
|
|
|
|
|
healthCheck?: (config: KtxLlmConfig) => Promise<KtxLlmHealthCheckResult>;
|
2026-05-16 12:06:34 +02:00
|
|
|
claudeCodeAuthProbe?: (input: {
|
|
|
|
|
projectDir: string;
|
|
|
|
|
model: string;
|
|
|
|
|
env?: NodeJS.ProcessEnv;
|
|
|
|
|
}) => Promise<{ ok: true } | { ok: false; message: string }>;
|
feat: add codex llm backend for ktx runtime work (#253)
* feat: add codex sdk runner foundation
* feat: parse codex runtime events
* feat: expose codex runtime mcp tools
* feat: add codex llm runtime
* feat: wire codex llm backend
* test: avoid Array.fromAsync in codex runner test
* docs: document codex llm backend
* fix: tighten codex runtime config ownership
* fix: use codex sdk env and thread options
* fix: parse codex sdk event shapes
* test: add codex backend live smoke
* docs: clarify codex backend isolation
* fix: drive codex loop metrics from mcp events
* fix: enforce codex local step budget
* docs: disclose codex isolation limits
* fix: count all codex agent steps and stream step callbacks live
The agent-loop step budget only counted completed mcp_tool_call items, so
built-in command_execution steps (which the public Codex SDK/CLI surface can
still expose) never decremented the budget, letting ingest/reconciliation run
past stepBudget until Codex stopped on its own. onStepFinish was also replayed
only after the whole stream drained, so live work_unit_step / reconciliation
progress appeared stuck until the Codex process exited.
collectEvents is now the single live step accumulator: it counts every
completed agent-action item via a shared isCompletedAgentStep predicate
(command_execution, mcp_tool_call, file_change, web_search), fires onStepFinish
as each step completes, and enforces the budget on that broader count. A
no-tool turn still counts as one step. toolFailures stays MCP-specific, since a
non-zero command exit is normal agent exploration, not a loop failure.
* test: align ingest llm-guard assertions with codex backend
The skip-llm ingest guard message now lists codex as a valid backend and
mentions a Claude Code/Codex session plus a codex setup hint, but this slow
suite test still asserted the pre-codex wording. Update it to match the
production message (already covered by the local-bundle-runtime unit test) and
add the codex setup-line assertion.
* fix: treat codex error:null tool calls as success
The Codex SDK serializes error: null on successful mcp_tool_call items, so
the failure check (item.error !== undefined) flagged every successful tool
call as failed with the empty-payload default "Codex turn failed". This
killed every ingest work unit under the codex backend before it could
produce a patch.
Key on status === 'failed' (authoritative, always set) and only treat a
populated error object as a failure. Add a regression test built from a
verbatim real-SDK event capture.
* fix: default codex backend to gpt-5.5 and report real probe errors
The previous default gpt-5.3-codex is an API-key-only model that the OpenAI
API rejects under ChatGPT-account (subscription) auth, so codex status/setup
failed with a misleading "authentication is not usable" message even though
auth was fine.
- Default codex model is now gpt-5.5 (works on both subscription and API-key
auth); the curated setup picker offers gpt-5.5 / gpt-5.4 / gpt-5.4-mini and
keeps free-form entry for account-specific ids (e.g. gpt-5.3-codex-spark).
- runCodexAuthProbe now distinguishes "model not available" from an auth
failure and surfaces the real API error: collectEvents retains stream
events when the SDK throws on a non-zero exit, and the API error JSON
envelope is unwrapped to its human-readable message.
- The Codex isolation warning now renders inside the clack setup frame.
- Docs updated to gpt-5.5 with a note that *-codex ids require API-key auth.
* fix: require llm.models.default in status and match codex probe remediation
Status reported a project ready when a non-none LLM backend was configured
without llm.models.default, but the runtime (resolveModelSlots) hard-requires
it, so ingest/scan/memory threw after `ktx status` said the project was usable.
buildLlmStatus now fails for any non-none backend missing models.default and no
longer invents a fallback model for claude-code/codex.
Codex probe failures now carry a category-matched fix: a model-access failure
steers the user at llm.models.default instead of the auth/install remediation.
runCodexAuthProbe returns the fix and status consumes it; the message stays
self-sufficient so setup output is unchanged.
Docs: README now lists the codex backend and local Codex auth; ktx-setup.mdx
states --llm-model only accepts codex/default or gpt-*/codex-* ids.
Repaired four doctor fixtures that configured a backend without models.default
(the now-correctly-blocked config) and added coverage for the new behavior.
2026-06-02 13:57:11 +02:00
|
|
|
codexAuthProbe?: (input: { projectDir: string; model: string }) => Promise<{ ok: true } | { ok: false; message: string }>;
|
2026-05-13 08:42:38 -04:00
|
|
|
readGcloudProject?: () => Promise<string | undefined>;
|
|
|
|
|
listGcloudProjects?: () => Promise<GcloudProjectChoice[]>;
|
2026-05-13 13:29:50 -07:00
|
|
|
spinner?: () => KtxCliSpinner;
|
2026-05-10 23:12:26 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const ANTHROPIC_CREDENTIAL_PROMPT_CONTEXT =
|
2026-05-10 23:51:24 +02:00
|
|
|
'KTX uses the key to verify Anthropic model access now and to run ingest agents that turn schemas, SQL, ' +
|
|
|
|
|
'BI metadata, and docs into semantic-layer sources and wiki context. ktx.yaml stores an env: or file: ' +
|
2026-05-10 23:12:26 +02:00
|
|
|
'reference, not the raw key.';
|
|
|
|
|
|
2026-05-13 08:42:38 -04:00
|
|
|
const VERTEX_PROJECT_PROMPT_CONTEXT =
|
|
|
|
|
'KTX stores the selected Google Cloud project ID in ktx.yaml and uses Application Default Credentials for ' +
|
|
|
|
|
'access. Project visibility depends on the signed-in Google account and organization permissions.';
|
|
|
|
|
const DEFAULT_VERTEX_LOCATION = 'us-east5';
|
|
|
|
|
|
2026-06-08 15:30:48 +02:00
|
|
|
type KtxSetupModelPreset = Record<KtxModelRole, string>;
|
|
|
|
|
|
|
|
|
|
const ANTHROPIC_PRESET = {
|
|
|
|
|
default: 'claude-sonnet-4-6',
|
|
|
|
|
triage: 'claude-haiku-4-5',
|
|
|
|
|
candidateExtraction: 'claude-sonnet-4-6',
|
|
|
|
|
curator: 'claude-opus-4-7',
|
|
|
|
|
reconcile: 'claude-opus-4-7',
|
|
|
|
|
repair: 'claude-haiku-4-5',
|
|
|
|
|
} satisfies KtxSetupModelPreset;
|
|
|
|
|
|
|
|
|
|
const CLAUDE_CODE_PRESET = {
|
|
|
|
|
default: 'sonnet',
|
|
|
|
|
triage: 'haiku',
|
|
|
|
|
candidateExtraction: 'sonnet',
|
|
|
|
|
curator: 'opus',
|
|
|
|
|
reconcile: 'opus',
|
|
|
|
|
repair: 'haiku',
|
|
|
|
|
} satisfies KtxSetupModelPreset;
|
|
|
|
|
|
|
|
|
|
const CODEX_PRESET = {
|
|
|
|
|
default: DEFAULT_CODEX_MODEL,
|
|
|
|
|
triage: DEFAULT_CODEX_MODEL,
|
|
|
|
|
candidateExtraction: DEFAULT_CODEX_MODEL,
|
|
|
|
|
curator: DEFAULT_CODEX_MODEL,
|
|
|
|
|
reconcile: DEFAULT_CODEX_MODEL,
|
|
|
|
|
repair: DEFAULT_CODEX_MODEL,
|
|
|
|
|
} satisfies KtxSetupModelPreset;
|
|
|
|
|
|
|
|
|
|
const MODEL_PRESETS = {
|
|
|
|
|
anthropic: ANTHROPIC_PRESET,
|
|
|
|
|
vertex: ANTHROPIC_PRESET,
|
|
|
|
|
'claude-code': CLAUDE_CODE_PRESET,
|
|
|
|
|
codex: CODEX_PRESET,
|
|
|
|
|
} satisfies Record<KtxSetupLlmBackend, KtxSetupModelPreset>;
|
|
|
|
|
|
|
|
|
|
function presetForBackend(backend: KtxSetupLlmBackend): KtxSetupModelPreset {
|
|
|
|
|
return MODEL_PRESETS[backend];
|
2026-05-10 23:12:26 +02:00
|
|
|
}
|
|
|
|
|
|
2026-06-08 15:30:48 +02:00
|
|
|
const execFileAsync = promisify(execFile);
|
2026-05-10 23:12:26 +02:00
|
|
|
|
2026-05-13 08:42:38 -04:00
|
|
|
type ChooseBackendResult =
|
|
|
|
|
| { status: 'ready'; backend: KtxSetupLlmBackend; prompted: boolean }
|
2026-06-09 12:06:05 +02:00
|
|
|
| { status: 'back' }
|
|
|
|
|
| { status: 'missing-input' };
|
2026-05-13 08:42:38 -04:00
|
|
|
|
|
|
|
|
type VertexConfigChoice =
|
|
|
|
|
| {
|
|
|
|
|
status: 'ready';
|
|
|
|
|
refs: { project?: string; location: string };
|
|
|
|
|
values: { project?: string; location: string };
|
|
|
|
|
}
|
|
|
|
|
| { status: 'back' | 'missing-input' };
|
|
|
|
|
|
|
|
|
|
interface GcloudProjectChoice {
|
|
|
|
|
projectId: string;
|
|
|
|
|
name?: string;
|
|
|
|
|
}
|
|
|
|
|
|
2026-05-10 23:51:24 +02:00
|
|
|
function createPromptAdapter(): KtxSetupModelPromptAdapter {
|
2026-05-13 17:01:48 +02:00
|
|
|
return createKtxSetupPromptAdapter({ selectCancelValue: 'back' });
|
2026-05-10 23:12:26 +02:00
|
|
|
}
|
|
|
|
|
|
2026-05-13 08:42:38 -04:00
|
|
|
async function defaultReadGcloudProject(): Promise<string | undefined> {
|
|
|
|
|
try {
|
|
|
|
|
const { stdout } = await execFileAsync('gcloud', ['config', 'get-value', 'project'], { encoding: 'utf8' });
|
|
|
|
|
const value = stdout.trim();
|
|
|
|
|
return value && value !== '(unset)' ? value : undefined;
|
|
|
|
|
} catch {
|
|
|
|
|
return undefined;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async function defaultListGcloudProjects(): Promise<GcloudProjectChoice[]> {
|
2026-05-13 19:49:49 -04:00
|
|
|
const { stdout } = await execFileAsync('gcloud', ['projects', 'list', '--format=json(projectId,name)'], {
|
|
|
|
|
encoding: 'utf8',
|
|
|
|
|
});
|
|
|
|
|
const parsed = JSON.parse(stdout.trim() || '[]') as unknown;
|
|
|
|
|
if (!Array.isArray(parsed)) {
|
2026-05-13 08:42:38 -04:00
|
|
|
return [];
|
|
|
|
|
}
|
2026-05-13 19:49:49 -04:00
|
|
|
|
|
|
|
|
return parsed
|
|
|
|
|
.map((item): GcloudProjectChoice | undefined => {
|
|
|
|
|
if (!item || typeof item !== 'object') {
|
|
|
|
|
return undefined;
|
|
|
|
|
}
|
|
|
|
|
const record = item as { projectId?: unknown; name?: unknown };
|
|
|
|
|
if (typeof record.projectId !== 'string' || !record.projectId.trim()) {
|
|
|
|
|
return undefined;
|
|
|
|
|
}
|
|
|
|
|
const name = typeof record.name === 'string' && record.name.trim() ? record.name.trim() : undefined;
|
|
|
|
|
return {
|
|
|
|
|
projectId: record.projectId.trim(),
|
|
|
|
|
...(name ? { name } : {}),
|
|
|
|
|
};
|
|
|
|
|
})
|
|
|
|
|
.filter((project): project is GcloudProjectChoice => Boolean(project));
|
2026-05-13 08:42:38 -04:00
|
|
|
}
|
|
|
|
|
|
2026-05-12 01:05:28 +02:00
|
|
|
export function isKtxSetupLlmConfigReady(config: KtxProjectLlmConfig): boolean {
|
|
|
|
|
let resolved: KtxLlmConfig | null;
|
|
|
|
|
try {
|
|
|
|
|
resolved = resolveLocalKtxLlmConfig(config, process.env);
|
|
|
|
|
} catch {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
if (!resolved) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (resolved.backend === 'vertex') {
|
|
|
|
|
return typeof resolved.vertex?.location === 'string' && resolved.vertex.location.trim().length > 0;
|
|
|
|
|
}
|
|
|
|
|
|
feat: add codex llm backend for ktx runtime work (#253)
* feat: add codex sdk runner foundation
* feat: parse codex runtime events
* feat: expose codex runtime mcp tools
* feat: add codex llm runtime
* feat: wire codex llm backend
* test: avoid Array.fromAsync in codex runner test
* docs: document codex llm backend
* fix: tighten codex runtime config ownership
* fix: use codex sdk env and thread options
* fix: parse codex sdk event shapes
* test: add codex backend live smoke
* docs: clarify codex backend isolation
* fix: drive codex loop metrics from mcp events
* fix: enforce codex local step budget
* docs: disclose codex isolation limits
* fix: count all codex agent steps and stream step callbacks live
The agent-loop step budget only counted completed mcp_tool_call items, so
built-in command_execution steps (which the public Codex SDK/CLI surface can
still expose) never decremented the budget, letting ingest/reconciliation run
past stepBudget until Codex stopped on its own. onStepFinish was also replayed
only after the whole stream drained, so live work_unit_step / reconciliation
progress appeared stuck until the Codex process exited.
collectEvents is now the single live step accumulator: it counts every
completed agent-action item via a shared isCompletedAgentStep predicate
(command_execution, mcp_tool_call, file_change, web_search), fires onStepFinish
as each step completes, and enforces the budget on that broader count. A
no-tool turn still counts as one step. toolFailures stays MCP-specific, since a
non-zero command exit is normal agent exploration, not a loop failure.
* test: align ingest llm-guard assertions with codex backend
The skip-llm ingest guard message now lists codex as a valid backend and
mentions a Claude Code/Codex session plus a codex setup hint, but this slow
suite test still asserted the pre-codex wording. Update it to match the
production message (already covered by the local-bundle-runtime unit test) and
add the codex setup-line assertion.
* fix: treat codex error:null tool calls as success
The Codex SDK serializes error: null on successful mcp_tool_call items, so
the failure check (item.error !== undefined) flagged every successful tool
call as failed with the empty-payload default "Codex turn failed". This
killed every ingest work unit under the codex backend before it could
produce a patch.
Key on status === 'failed' (authoritative, always set) and only treat a
populated error object as a failure. Add a regression test built from a
verbatim real-SDK event capture.
* fix: default codex backend to gpt-5.5 and report real probe errors
The previous default gpt-5.3-codex is an API-key-only model that the OpenAI
API rejects under ChatGPT-account (subscription) auth, so codex status/setup
failed with a misleading "authentication is not usable" message even though
auth was fine.
- Default codex model is now gpt-5.5 (works on both subscription and API-key
auth); the curated setup picker offers gpt-5.5 / gpt-5.4 / gpt-5.4-mini and
keeps free-form entry for account-specific ids (e.g. gpt-5.3-codex-spark).
- runCodexAuthProbe now distinguishes "model not available" from an auth
failure and surfaces the real API error: collectEvents retains stream
events when the SDK throws on a non-zero exit, and the API error JSON
envelope is unwrapped to its human-readable message.
- The Codex isolation warning now renders inside the clack setup frame.
- Docs updated to gpt-5.5 with a note that *-codex ids require API-key auth.
* fix: require llm.models.default in status and match codex probe remediation
Status reported a project ready when a non-none LLM backend was configured
without llm.models.default, but the runtime (resolveModelSlots) hard-requires
it, so ingest/scan/memory threw after `ktx status` said the project was usable.
buildLlmStatus now fails for any non-none backend missing models.default and no
longer invents a fallback model for claude-code/codex.
Codex probe failures now carry a category-matched fix: a model-access failure
steers the user at llm.models.default instead of the auth/install remediation.
runCodexAuthProbe returns the fix and status consumes it; the message stays
self-sufficient so setup output is unchanged.
Docs: README now lists the codex backend and local Codex auth; ktx-setup.mdx
states --llm-model only accepts codex/default or gpt-*/codex-* ids.
Repaired four doctor fixtures that configured a backend without models.default
(the now-correctly-blocked config) and added coverage for the new behavior.
2026-06-02 13:57:11 +02:00
|
|
|
return (
|
|
|
|
|
resolved.backend === 'anthropic' ||
|
|
|
|
|
resolved.backend === 'gateway' ||
|
|
|
|
|
resolved.backend === 'claude-code' ||
|
|
|
|
|
resolved.backend === 'codex'
|
|
|
|
|
);
|
2026-05-12 01:05:28 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function hasUsableConfiguredLlm(config: KtxProjectConfig): boolean {
|
|
|
|
|
return isKtxSetupLlmConfigReady(config.llm);
|
2026-05-10 23:12:26 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function buildProjectLlmConfig(
|
2026-05-10 23:51:24 +02:00
|
|
|
existing: KtxProjectLlmConfig,
|
2026-05-13 08:42:38 -04:00
|
|
|
provider:
|
|
|
|
|
| { backend: 'anthropic'; credentialRef: string }
|
2026-05-16 12:06:34 +02:00
|
|
|
| { backend: 'vertex'; vertex: { project?: string; location: string } }
|
feat: add codex llm backend for ktx runtime work (#253)
* feat: add codex sdk runner foundation
* feat: parse codex runtime events
* feat: expose codex runtime mcp tools
* feat: add codex llm runtime
* feat: wire codex llm backend
* test: avoid Array.fromAsync in codex runner test
* docs: document codex llm backend
* fix: tighten codex runtime config ownership
* fix: use codex sdk env and thread options
* fix: parse codex sdk event shapes
* test: add codex backend live smoke
* docs: clarify codex backend isolation
* fix: drive codex loop metrics from mcp events
* fix: enforce codex local step budget
* docs: disclose codex isolation limits
* fix: count all codex agent steps and stream step callbacks live
The agent-loop step budget only counted completed mcp_tool_call items, so
built-in command_execution steps (which the public Codex SDK/CLI surface can
still expose) never decremented the budget, letting ingest/reconciliation run
past stepBudget until Codex stopped on its own. onStepFinish was also replayed
only after the whole stream drained, so live work_unit_step / reconciliation
progress appeared stuck until the Codex process exited.
collectEvents is now the single live step accumulator: it counts every
completed agent-action item via a shared isCompletedAgentStep predicate
(command_execution, mcp_tool_call, file_change, web_search), fires onStepFinish
as each step completes, and enforces the budget on that broader count. A
no-tool turn still counts as one step. toolFailures stays MCP-specific, since a
non-zero command exit is normal agent exploration, not a loop failure.
* test: align ingest llm-guard assertions with codex backend
The skip-llm ingest guard message now lists codex as a valid backend and
mentions a Claude Code/Codex session plus a codex setup hint, but this slow
suite test still asserted the pre-codex wording. Update it to match the
production message (already covered by the local-bundle-runtime unit test) and
add the codex setup-line assertion.
* fix: treat codex error:null tool calls as success
The Codex SDK serializes error: null on successful mcp_tool_call items, so
the failure check (item.error !== undefined) flagged every successful tool
call as failed with the empty-payload default "Codex turn failed". This
killed every ingest work unit under the codex backend before it could
produce a patch.
Key on status === 'failed' (authoritative, always set) and only treat a
populated error object as a failure. Add a regression test built from a
verbatim real-SDK event capture.
* fix: default codex backend to gpt-5.5 and report real probe errors
The previous default gpt-5.3-codex is an API-key-only model that the OpenAI
API rejects under ChatGPT-account (subscription) auth, so codex status/setup
failed with a misleading "authentication is not usable" message even though
auth was fine.
- Default codex model is now gpt-5.5 (works on both subscription and API-key
auth); the curated setup picker offers gpt-5.5 / gpt-5.4 / gpt-5.4-mini and
keeps free-form entry for account-specific ids (e.g. gpt-5.3-codex-spark).
- runCodexAuthProbe now distinguishes "model not available" from an auth
failure and surfaces the real API error: collectEvents retains stream
events when the SDK throws on a non-zero exit, and the API error JSON
envelope is unwrapped to its human-readable message.
- The Codex isolation warning now renders inside the clack setup frame.
- Docs updated to gpt-5.5 with a note that *-codex ids require API-key auth.
* fix: require llm.models.default in status and match codex probe remediation
Status reported a project ready when a non-none LLM backend was configured
without llm.models.default, but the runtime (resolveModelSlots) hard-requires
it, so ingest/scan/memory threw after `ktx status` said the project was usable.
buildLlmStatus now fails for any non-none backend missing models.default and no
longer invents a fallback model for claude-code/codex.
Codex probe failures now carry a category-matched fix: a model-access failure
steers the user at llm.models.default instead of the auth/install remediation.
runCodexAuthProbe returns the fix and status consumes it; the message stays
self-sufficient so setup output is unchanged.
Docs: README now lists the codex backend and local Codex auth; ktx-setup.mdx
states --llm-model only accepts codex/default or gpt-*/codex-* ids.
Repaired four doctor fixtures that configured a backend without models.default
(the now-correctly-blocked config) and added coverage for the new behavior.
2026-06-02 13:57:11 +02:00
|
|
|
| { backend: 'claude-code' }
|
|
|
|
|
| { backend: 'codex' },
|
2026-06-08 15:30:48 +02:00
|
|
|
models: KtxSetupModelPreset,
|
2026-05-10 23:51:24 +02:00
|
|
|
): KtxProjectLlmConfig {
|
2026-05-16 12:06:34 +02:00
|
|
|
if (provider.backend === 'claude-code') {
|
|
|
|
|
return {
|
|
|
|
|
provider: { backend: 'claude-code' },
|
2026-06-08 15:30:48 +02:00
|
|
|
models,
|
2026-05-16 12:06:34 +02:00
|
|
|
promptCaching: existing.promptCaching,
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
|
feat: add codex llm backend for ktx runtime work (#253)
* feat: add codex sdk runner foundation
* feat: parse codex runtime events
* feat: expose codex runtime mcp tools
* feat: add codex llm runtime
* feat: wire codex llm backend
* test: avoid Array.fromAsync in codex runner test
* docs: document codex llm backend
* fix: tighten codex runtime config ownership
* fix: use codex sdk env and thread options
* fix: parse codex sdk event shapes
* test: add codex backend live smoke
* docs: clarify codex backend isolation
* fix: drive codex loop metrics from mcp events
* fix: enforce codex local step budget
* docs: disclose codex isolation limits
* fix: count all codex agent steps and stream step callbacks live
The agent-loop step budget only counted completed mcp_tool_call items, so
built-in command_execution steps (which the public Codex SDK/CLI surface can
still expose) never decremented the budget, letting ingest/reconciliation run
past stepBudget until Codex stopped on its own. onStepFinish was also replayed
only after the whole stream drained, so live work_unit_step / reconciliation
progress appeared stuck until the Codex process exited.
collectEvents is now the single live step accumulator: it counts every
completed agent-action item via a shared isCompletedAgentStep predicate
(command_execution, mcp_tool_call, file_change, web_search), fires onStepFinish
as each step completes, and enforces the budget on that broader count. A
no-tool turn still counts as one step. toolFailures stays MCP-specific, since a
non-zero command exit is normal agent exploration, not a loop failure.
* test: align ingest llm-guard assertions with codex backend
The skip-llm ingest guard message now lists codex as a valid backend and
mentions a Claude Code/Codex session plus a codex setup hint, but this slow
suite test still asserted the pre-codex wording. Update it to match the
production message (already covered by the local-bundle-runtime unit test) and
add the codex setup-line assertion.
* fix: treat codex error:null tool calls as success
The Codex SDK serializes error: null on successful mcp_tool_call items, so
the failure check (item.error !== undefined) flagged every successful tool
call as failed with the empty-payload default "Codex turn failed". This
killed every ingest work unit under the codex backend before it could
produce a patch.
Key on status === 'failed' (authoritative, always set) and only treat a
populated error object as a failure. Add a regression test built from a
verbatim real-SDK event capture.
* fix: default codex backend to gpt-5.5 and report real probe errors
The previous default gpt-5.3-codex is an API-key-only model that the OpenAI
API rejects under ChatGPT-account (subscription) auth, so codex status/setup
failed with a misleading "authentication is not usable" message even though
auth was fine.
- Default codex model is now gpt-5.5 (works on both subscription and API-key
auth); the curated setup picker offers gpt-5.5 / gpt-5.4 / gpt-5.4-mini and
keeps free-form entry for account-specific ids (e.g. gpt-5.3-codex-spark).
- runCodexAuthProbe now distinguishes "model not available" from an auth
failure and surfaces the real API error: collectEvents retains stream
events when the SDK throws on a non-zero exit, and the API error JSON
envelope is unwrapped to its human-readable message.
- The Codex isolation warning now renders inside the clack setup frame.
- Docs updated to gpt-5.5 with a note that *-codex ids require API-key auth.
* fix: require llm.models.default in status and match codex probe remediation
Status reported a project ready when a non-none LLM backend was configured
without llm.models.default, but the runtime (resolveModelSlots) hard-requires
it, so ingest/scan/memory threw after `ktx status` said the project was usable.
buildLlmStatus now fails for any non-none backend missing models.default and no
longer invents a fallback model for claude-code/codex.
Codex probe failures now carry a category-matched fix: a model-access failure
steers the user at llm.models.default instead of the auth/install remediation.
runCodexAuthProbe returns the fix and status consumes it; the message stays
self-sufficient so setup output is unchanged.
Docs: README now lists the codex backend and local Codex auth; ktx-setup.mdx
states --llm-model only accepts codex/default or gpt-*/codex-* ids.
Repaired four doctor fixtures that configured a backend without models.default
(the now-correctly-blocked config) and added coverage for the new behavior.
2026-06-02 13:57:11 +02:00
|
|
|
if (provider.backend === 'codex') {
|
|
|
|
|
return {
|
|
|
|
|
provider: { backend: 'codex' },
|
2026-06-08 15:30:48 +02:00
|
|
|
models,
|
feat: add codex llm backend for ktx runtime work (#253)
* feat: add codex sdk runner foundation
* feat: parse codex runtime events
* feat: expose codex runtime mcp tools
* feat: add codex llm runtime
* feat: wire codex llm backend
* test: avoid Array.fromAsync in codex runner test
* docs: document codex llm backend
* fix: tighten codex runtime config ownership
* fix: use codex sdk env and thread options
* fix: parse codex sdk event shapes
* test: add codex backend live smoke
* docs: clarify codex backend isolation
* fix: drive codex loop metrics from mcp events
* fix: enforce codex local step budget
* docs: disclose codex isolation limits
* fix: count all codex agent steps and stream step callbacks live
The agent-loop step budget only counted completed mcp_tool_call items, so
built-in command_execution steps (which the public Codex SDK/CLI surface can
still expose) never decremented the budget, letting ingest/reconciliation run
past stepBudget until Codex stopped on its own. onStepFinish was also replayed
only after the whole stream drained, so live work_unit_step / reconciliation
progress appeared stuck until the Codex process exited.
collectEvents is now the single live step accumulator: it counts every
completed agent-action item via a shared isCompletedAgentStep predicate
(command_execution, mcp_tool_call, file_change, web_search), fires onStepFinish
as each step completes, and enforces the budget on that broader count. A
no-tool turn still counts as one step. toolFailures stays MCP-specific, since a
non-zero command exit is normal agent exploration, not a loop failure.
* test: align ingest llm-guard assertions with codex backend
The skip-llm ingest guard message now lists codex as a valid backend and
mentions a Claude Code/Codex session plus a codex setup hint, but this slow
suite test still asserted the pre-codex wording. Update it to match the
production message (already covered by the local-bundle-runtime unit test) and
add the codex setup-line assertion.
* fix: treat codex error:null tool calls as success
The Codex SDK serializes error: null on successful mcp_tool_call items, so
the failure check (item.error !== undefined) flagged every successful tool
call as failed with the empty-payload default "Codex turn failed". This
killed every ingest work unit under the codex backend before it could
produce a patch.
Key on status === 'failed' (authoritative, always set) and only treat a
populated error object as a failure. Add a regression test built from a
verbatim real-SDK event capture.
* fix: default codex backend to gpt-5.5 and report real probe errors
The previous default gpt-5.3-codex is an API-key-only model that the OpenAI
API rejects under ChatGPT-account (subscription) auth, so codex status/setup
failed with a misleading "authentication is not usable" message even though
auth was fine.
- Default codex model is now gpt-5.5 (works on both subscription and API-key
auth); the curated setup picker offers gpt-5.5 / gpt-5.4 / gpt-5.4-mini and
keeps free-form entry for account-specific ids (e.g. gpt-5.3-codex-spark).
- runCodexAuthProbe now distinguishes "model not available" from an auth
failure and surfaces the real API error: collectEvents retains stream
events when the SDK throws on a non-zero exit, and the API error JSON
envelope is unwrapped to its human-readable message.
- The Codex isolation warning now renders inside the clack setup frame.
- Docs updated to gpt-5.5 with a note that *-codex ids require API-key auth.
* fix: require llm.models.default in status and match codex probe remediation
Status reported a project ready when a non-none LLM backend was configured
without llm.models.default, but the runtime (resolveModelSlots) hard-requires
it, so ingest/scan/memory threw after `ktx status` said the project was usable.
buildLlmStatus now fails for any non-none backend missing models.default and no
longer invents a fallback model for claude-code/codex.
Codex probe failures now carry a category-matched fix: a model-access failure
steers the user at llm.models.default instead of the auth/install remediation.
runCodexAuthProbe returns the fix and status consumes it; the message stays
self-sufficient so setup output is unchanged.
Docs: README now lists the codex backend and local Codex auth; ktx-setup.mdx
states --llm-model only accepts codex/default or gpt-*/codex-* ids.
Repaired four doctor fixtures that configured a backend without models.default
(the now-correctly-blocked config) and added coverage for the new behavior.
2026-06-02 13:57:11 +02:00
|
|
|
promptCaching: existing.promptCaching,
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
|
2026-05-13 08:42:38 -04:00
|
|
|
if (provider.backend === 'vertex') {
|
|
|
|
|
return {
|
|
|
|
|
provider: {
|
|
|
|
|
backend: 'vertex',
|
|
|
|
|
vertex: provider.vertex,
|
|
|
|
|
},
|
2026-06-08 15:30:48 +02:00
|
|
|
models,
|
2026-05-13 08:42:38 -04:00
|
|
|
promptCaching: { ...(existing.promptCaching ?? {}), enabled: true, vertexFallbackTo5m: true },
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
|
2026-05-10 23:12:26 +02:00
|
|
|
return {
|
|
|
|
|
provider: {
|
|
|
|
|
backend: 'anthropic',
|
2026-05-13 08:42:38 -04:00
|
|
|
anthropic: { api_key: provider.credentialRef },
|
2026-05-10 23:12:26 +02:00
|
|
|
},
|
2026-06-08 15:30:48 +02:00
|
|
|
models,
|
2026-05-10 23:12:26 +02:00
|
|
|
promptCaching: { ...(existing.promptCaching ?? {}), enabled: true },
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
|
2026-05-13 08:42:38 -04:00
|
|
|
function buildAnthropicHealthConfig(credentialValue: string, model: string): KtxLlmConfig {
|
2026-05-10 23:12:26 +02:00
|
|
|
return {
|
|
|
|
|
backend: 'anthropic',
|
|
|
|
|
anthropic: { apiKey: credentialValue },
|
|
|
|
|
modelSlots: { default: model },
|
|
|
|
|
promptCaching: { enabled: true },
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
|
2026-05-13 08:42:38 -04:00
|
|
|
function buildVertexHealthConfig(vertex: { project?: string; location: string }, model: string): KtxLlmConfig {
|
|
|
|
|
return {
|
|
|
|
|
backend: 'vertex',
|
|
|
|
|
vertex,
|
|
|
|
|
modelSlots: { default: model },
|
|
|
|
|
promptCaching: { enabled: true, vertexFallbackTo5m: true },
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
|
2026-05-13 13:29:50 -07:00
|
|
|
type LlmHealthProvider = 'Anthropic API' | 'Vertex AI';
|
|
|
|
|
|
|
|
|
|
function llmHealthCheckStartText(provider: LlmHealthProvider, model: string): string {
|
|
|
|
|
return `Checking ${provider} LLM (${model}).`;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function startLlmHealthCheckProgress(
|
|
|
|
|
spinner: KtxCliSpinner,
|
|
|
|
|
message: string,
|
|
|
|
|
): { succeed(msg: string): void; fail(msg: string): void } {
|
|
|
|
|
spinner.start(message);
|
|
|
|
|
return {
|
|
|
|
|
succeed(msg: string) {
|
|
|
|
|
spinner.stop(msg);
|
|
|
|
|
},
|
|
|
|
|
fail(msg: string) {
|
|
|
|
|
spinner.error(msg);
|
|
|
|
|
},
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async function runLlmHealthCheckWithProgress(
|
|
|
|
|
config: KtxLlmConfig,
|
|
|
|
|
provider: LlmHealthProvider,
|
|
|
|
|
model: string,
|
|
|
|
|
healthCheck: (config: KtxLlmConfig) => Promise<KtxLlmHealthCheckResult>,
|
|
|
|
|
deps: KtxSetupModelDeps,
|
|
|
|
|
): Promise<KtxLlmHealthCheckResult> {
|
|
|
|
|
const progress = startLlmHealthCheckProgress(
|
|
|
|
|
(deps.spinner ?? createClackSpinner)(),
|
|
|
|
|
llmHealthCheckStartText(provider, model),
|
|
|
|
|
);
|
|
|
|
|
let health: KtxLlmHealthCheckResult;
|
|
|
|
|
try {
|
|
|
|
|
health = await healthCheck(config);
|
|
|
|
|
} catch (error) {
|
|
|
|
|
progress.fail('LLM test failed');
|
|
|
|
|
throw error;
|
|
|
|
|
}
|
|
|
|
|
if (health.ok) {
|
|
|
|
|
progress.succeed(`LLM test passed (${provider}, ${model})`);
|
|
|
|
|
} else {
|
|
|
|
|
progress.fail('LLM test failed');
|
|
|
|
|
}
|
|
|
|
|
return health;
|
|
|
|
|
}
|
|
|
|
|
|
2026-05-13 08:42:38 -04:00
|
|
|
function formatVertexHealthFailure(message: string, vertex: { project?: string; location: string }): string {
|
|
|
|
|
const trimmed = message.trim() || 'unknown error';
|
|
|
|
|
if (!/(forbidden|permission|permission_denied|403)/i.test(trimmed)) {
|
|
|
|
|
return trimmed;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return (
|
|
|
|
|
`${trimmed}. Check that Vertex AI API is enabled for project ${vertex.project ?? '(unknown)'}, ` +
|
|
|
|
|
`Anthropic Claude model access is enabled for location ${vertex.location}, and that your Application Default ` +
|
|
|
|
|
'Credentials principal has Vertex AI User (roles/aiplatform.user) or equivalent permissions.'
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
2026-05-10 23:12:26 +02:00
|
|
|
async function chooseCredentialRef(
|
2026-05-10 23:51:24 +02:00
|
|
|
args: KtxSetupModelArgs,
|
|
|
|
|
io: KtxCliIo,
|
|
|
|
|
deps: KtxSetupModelDeps,
|
2026-05-10 23:12:26 +02:00
|
|
|
): Promise<{ status: 'ready'; ref: string; value: string } | { status: 'back' | 'missing-input' }> {
|
|
|
|
|
const env = deps.env ?? process.env;
|
|
|
|
|
if (args.anthropicApiKeyEnv) {
|
|
|
|
|
const ref = envCredentialReference(args.anthropicApiKeyEnv);
|
2026-05-10 23:51:24 +02:00
|
|
|
const value = resolveKtxConfigReference(ref, env);
|
2026-05-10 23:12:26 +02:00
|
|
|
if (!value) {
|
|
|
|
|
io.stderr.write(`Missing Anthropic API key: ${args.anthropicApiKeyEnv} is not set.\n`);
|
|
|
|
|
return { status: 'missing-input' };
|
|
|
|
|
}
|
|
|
|
|
return { status: 'ready', ref, value };
|
|
|
|
|
}
|
|
|
|
|
if (args.anthropicApiKeyFile) {
|
|
|
|
|
const ref = `file:${args.anthropicApiKeyFile}`;
|
|
|
|
|
let value: string | undefined;
|
|
|
|
|
try {
|
2026-05-10 23:51:24 +02:00
|
|
|
value = resolveKtxConfigReference(ref, env);
|
2026-05-10 23:12:26 +02:00
|
|
|
} catch {
|
|
|
|
|
value = undefined;
|
|
|
|
|
}
|
|
|
|
|
if (!value) {
|
|
|
|
|
io.stderr.write(`Missing Anthropic API key file: ${args.anthropicApiKeyFile}\n`);
|
|
|
|
|
return { status: 'missing-input' };
|
|
|
|
|
}
|
|
|
|
|
return { status: 'ready', ref, value };
|
|
|
|
|
}
|
|
|
|
|
if (args.inputMode === 'disabled') {
|
2026-06-09 12:06:05 +02:00
|
|
|
io.stderr.write(
|
|
|
|
|
'Missing Anthropic API key for --llm-backend anthropic: pass --anthropic-api-key-env or --anthropic-api-key-file ' +
|
|
|
|
|
'(or use --llm-backend claude-code or --llm-backend codex for local subscription auth).\n',
|
|
|
|
|
);
|
2026-05-10 23:12:26 +02:00
|
|
|
return { status: 'missing-input' };
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const prompts = deps.prompts ?? createPromptAdapter();
|
|
|
|
|
if (args.showPromptInstructions !== false) {
|
|
|
|
|
io.stdout.write(
|
2026-05-12 15:46:56 -07:00
|
|
|
'│ Use Up/Down to move, Enter to confirm the current selection, choose Back to return to the previous step, Ctrl+C to exit.\n',
|
2026-05-10 23:12:26 +02:00
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
while (true) {
|
|
|
|
|
const choice = await prompts.select({
|
2026-05-10 23:51:24 +02:00
|
|
|
message: `How should KTX find your Anthropic API key?\n\n${ANTHROPIC_CREDENTIAL_PROMPT_CONTEXT}`,
|
2026-05-10 23:12:26 +02:00
|
|
|
options: [
|
|
|
|
|
{ value: 'paste', label: 'Paste a key and save it as a local secret file' },
|
2026-06-04 14:11:08 +02:00
|
|
|
{ value: 'env', label: 'Use ANTHROPIC_API_KEY from the environment' },
|
2026-05-10 23:12:26 +02:00
|
|
|
{ value: 'back', label: 'Back' },
|
|
|
|
|
],
|
|
|
|
|
});
|
|
|
|
|
if (choice === 'back') {
|
|
|
|
|
return { status: 'back' };
|
|
|
|
|
}
|
|
|
|
|
if (choice === 'paste') {
|
|
|
|
|
io.stdout.write(
|
2026-05-12 15:46:56 -07:00
|
|
|
'│ KTX will save the key in .ktx/secrets/anthropic-api-key with local file permissions, then write a file: reference in ktx.yaml.\n',
|
2026-05-10 23:12:26 +02:00
|
|
|
);
|
|
|
|
|
const value = await prompts.password({ message: withTextInputNavigation('Anthropic API key') });
|
|
|
|
|
if (value === undefined) {
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
if (!value.trim()) {
|
|
|
|
|
return { status: 'missing-input' };
|
|
|
|
|
}
|
|
|
|
|
const ref = await writeProjectLocalSecretReference({
|
|
|
|
|
projectDir: args.projectDir,
|
|
|
|
|
fileName: 'anthropic-api-key',
|
|
|
|
|
value,
|
|
|
|
|
});
|
|
|
|
|
return { status: 'ready', ref, value: value.trim() };
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const ref = envCredentialReference('ANTHROPIC_API_KEY');
|
2026-05-10 23:51:24 +02:00
|
|
|
const value = resolveKtxConfigReference(ref, env);
|
2026-05-10 23:12:26 +02:00
|
|
|
if (!value) {
|
|
|
|
|
io.stderr.write('Missing Anthropic API key: ANTHROPIC_API_KEY is not set.\n');
|
|
|
|
|
return { status: 'missing-input' };
|
|
|
|
|
}
|
|
|
|
|
return { status: 'ready', ref, value };
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2026-05-13 08:42:38 -04:00
|
|
|
function requestedBackend(args: KtxSetupModelArgs): KtxSetupLlmBackend | undefined {
|
|
|
|
|
if (args.llmBackend) {
|
|
|
|
|
return args.llmBackend;
|
|
|
|
|
}
|
|
|
|
|
if (args.vertexProject || args.vertexLocation) {
|
|
|
|
|
return 'vertex';
|
|
|
|
|
}
|
2026-06-08 15:30:48 +02:00
|
|
|
if (args.anthropicApiKeyEnv || args.anthropicApiKeyFile) {
|
2026-05-13 08:42:38 -04:00
|
|
|
return 'anthropic';
|
|
|
|
|
}
|
|
|
|
|
return undefined;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async function chooseBackend(
|
|
|
|
|
args: KtxSetupModelArgs,
|
|
|
|
|
io: KtxCliIo,
|
|
|
|
|
deps: KtxSetupModelDeps,
|
|
|
|
|
): Promise<ChooseBackendResult> {
|
|
|
|
|
const explicit = requestedBackend(args);
|
|
|
|
|
if (explicit) {
|
|
|
|
|
return { status: 'ready', backend: explicit, prompted: false };
|
|
|
|
|
}
|
|
|
|
|
if (args.inputMode === 'disabled') {
|
2026-06-09 12:06:05 +02:00
|
|
|
// No safe default exists: anthropic/vertex need credentials and claude-code/codex
|
|
|
|
|
// need local auth, so non-interactive setup must be told which backend to use rather
|
|
|
|
|
// than silently picking one that cannot self-configure.
|
|
|
|
|
io.stderr.write(
|
|
|
|
|
'Missing LLM backend: pass --llm-backend with one of anthropic, vertex, claude-code, codex.\n' +
|
|
|
|
|
' claude-code, codex — use your local subscription auth (no API key)\n' +
|
|
|
|
|
' anthropic — also pass --anthropic-api-key-env or --anthropic-api-key-file\n' +
|
|
|
|
|
' vertex — also pass --vertex-project (and optionally --vertex-location)\n',
|
|
|
|
|
);
|
|
|
|
|
return { status: 'missing-input' };
|
2026-05-13 08:42:38 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const prompts = deps.prompts ?? createPromptAdapter();
|
|
|
|
|
if (args.showPromptInstructions !== false) {
|
|
|
|
|
io.stdout.write(
|
|
|
|
|
'│ Use Up/Down to move, Enter to confirm the current selection, choose Back to return to the previous step, Ctrl+C to exit.\n',
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
const choice = await prompts.select({
|
|
|
|
|
message: 'Which LLM provider should KTX use?',
|
2026-05-17 19:15:09 +02:00
|
|
|
options: [
|
|
|
|
|
{ value: 'claude-code', label: 'Claude subscription (Pro/Max)' },
|
feat: add codex llm backend for ktx runtime work (#253)
* feat: add codex sdk runner foundation
* feat: parse codex runtime events
* feat: expose codex runtime mcp tools
* feat: add codex llm runtime
* feat: wire codex llm backend
* test: avoid Array.fromAsync in codex runner test
* docs: document codex llm backend
* fix: tighten codex runtime config ownership
* fix: use codex sdk env and thread options
* fix: parse codex sdk event shapes
* test: add codex backend live smoke
* docs: clarify codex backend isolation
* fix: drive codex loop metrics from mcp events
* fix: enforce codex local step budget
* docs: disclose codex isolation limits
* fix: count all codex agent steps and stream step callbacks live
The agent-loop step budget only counted completed mcp_tool_call items, so
built-in command_execution steps (which the public Codex SDK/CLI surface can
still expose) never decremented the budget, letting ingest/reconciliation run
past stepBudget until Codex stopped on its own. onStepFinish was also replayed
only after the whole stream drained, so live work_unit_step / reconciliation
progress appeared stuck until the Codex process exited.
collectEvents is now the single live step accumulator: it counts every
completed agent-action item via a shared isCompletedAgentStep predicate
(command_execution, mcp_tool_call, file_change, web_search), fires onStepFinish
as each step completes, and enforces the budget on that broader count. A
no-tool turn still counts as one step. toolFailures stays MCP-specific, since a
non-zero command exit is normal agent exploration, not a loop failure.
* test: align ingest llm-guard assertions with codex backend
The skip-llm ingest guard message now lists codex as a valid backend and
mentions a Claude Code/Codex session plus a codex setup hint, but this slow
suite test still asserted the pre-codex wording. Update it to match the
production message (already covered by the local-bundle-runtime unit test) and
add the codex setup-line assertion.
* fix: treat codex error:null tool calls as success
The Codex SDK serializes error: null on successful mcp_tool_call items, so
the failure check (item.error !== undefined) flagged every successful tool
call as failed with the empty-payload default "Codex turn failed". This
killed every ingest work unit under the codex backend before it could
produce a patch.
Key on status === 'failed' (authoritative, always set) and only treat a
populated error object as a failure. Add a regression test built from a
verbatim real-SDK event capture.
* fix: default codex backend to gpt-5.5 and report real probe errors
The previous default gpt-5.3-codex is an API-key-only model that the OpenAI
API rejects under ChatGPT-account (subscription) auth, so codex status/setup
failed with a misleading "authentication is not usable" message even though
auth was fine.
- Default codex model is now gpt-5.5 (works on both subscription and API-key
auth); the curated setup picker offers gpt-5.5 / gpt-5.4 / gpt-5.4-mini and
keeps free-form entry for account-specific ids (e.g. gpt-5.3-codex-spark).
- runCodexAuthProbe now distinguishes "model not available" from an auth
failure and surfaces the real API error: collectEvents retains stream
events when the SDK throws on a non-zero exit, and the API error JSON
envelope is unwrapped to its human-readable message.
- The Codex isolation warning now renders inside the clack setup frame.
- Docs updated to gpt-5.5 with a note that *-codex ids require API-key auth.
* fix: require llm.models.default in status and match codex probe remediation
Status reported a project ready when a non-none LLM backend was configured
without llm.models.default, but the runtime (resolveModelSlots) hard-requires
it, so ingest/scan/memory threw after `ktx status` said the project was usable.
buildLlmStatus now fails for any non-none backend missing models.default and no
longer invents a fallback model for claude-code/codex.
Codex probe failures now carry a category-matched fix: a model-access failure
steers the user at llm.models.default instead of the auth/install remediation.
runCodexAuthProbe returns the fix and status consumes it; the message stays
self-sufficient so setup output is unchanged.
Docs: README now lists the codex backend and local Codex auth; ktx-setup.mdx
states --llm-model only accepts codex/default or gpt-*/codex-* ids.
Repaired four doctor fixtures that configured a backend without models.default
(the now-correctly-blocked config) and added coverage for the new behavior.
2026-06-02 13:57:11 +02:00
|
|
|
{ value: 'codex', label: 'Codex subscription' },
|
2026-05-17 19:15:09 +02:00
|
|
|
{ value: 'anthropic', label: 'Anthropic API key' },
|
|
|
|
|
{ value: 'vertex', label: 'Google Vertex AI for Anthropic Claude' },
|
|
|
|
|
{ value: 'back', label: 'Back' },
|
|
|
|
|
],
|
2026-05-13 08:42:38 -04:00
|
|
|
});
|
|
|
|
|
if (choice === 'back') {
|
|
|
|
|
return { status: 'back' };
|
|
|
|
|
}
|
2026-05-16 12:06:34 +02:00
|
|
|
return {
|
|
|
|
|
status: 'ready',
|
feat: add codex llm backend for ktx runtime work (#253)
* feat: add codex sdk runner foundation
* feat: parse codex runtime events
* feat: expose codex runtime mcp tools
* feat: add codex llm runtime
* feat: wire codex llm backend
* test: avoid Array.fromAsync in codex runner test
* docs: document codex llm backend
* fix: tighten codex runtime config ownership
* fix: use codex sdk env and thread options
* fix: parse codex sdk event shapes
* test: add codex backend live smoke
* docs: clarify codex backend isolation
* fix: drive codex loop metrics from mcp events
* fix: enforce codex local step budget
* docs: disclose codex isolation limits
* fix: count all codex agent steps and stream step callbacks live
The agent-loop step budget only counted completed mcp_tool_call items, so
built-in command_execution steps (which the public Codex SDK/CLI surface can
still expose) never decremented the budget, letting ingest/reconciliation run
past stepBudget until Codex stopped on its own. onStepFinish was also replayed
only after the whole stream drained, so live work_unit_step / reconciliation
progress appeared stuck until the Codex process exited.
collectEvents is now the single live step accumulator: it counts every
completed agent-action item via a shared isCompletedAgentStep predicate
(command_execution, mcp_tool_call, file_change, web_search), fires onStepFinish
as each step completes, and enforces the budget on that broader count. A
no-tool turn still counts as one step. toolFailures stays MCP-specific, since a
non-zero command exit is normal agent exploration, not a loop failure.
* test: align ingest llm-guard assertions with codex backend
The skip-llm ingest guard message now lists codex as a valid backend and
mentions a Claude Code/Codex session plus a codex setup hint, but this slow
suite test still asserted the pre-codex wording. Update it to match the
production message (already covered by the local-bundle-runtime unit test) and
add the codex setup-line assertion.
* fix: treat codex error:null tool calls as success
The Codex SDK serializes error: null on successful mcp_tool_call items, so
the failure check (item.error !== undefined) flagged every successful tool
call as failed with the empty-payload default "Codex turn failed". This
killed every ingest work unit under the codex backend before it could
produce a patch.
Key on status === 'failed' (authoritative, always set) and only treat a
populated error object as a failure. Add a regression test built from a
verbatim real-SDK event capture.
* fix: default codex backend to gpt-5.5 and report real probe errors
The previous default gpt-5.3-codex is an API-key-only model that the OpenAI
API rejects under ChatGPT-account (subscription) auth, so codex status/setup
failed with a misleading "authentication is not usable" message even though
auth was fine.
- Default codex model is now gpt-5.5 (works on both subscription and API-key
auth); the curated setup picker offers gpt-5.5 / gpt-5.4 / gpt-5.4-mini and
keeps free-form entry for account-specific ids (e.g. gpt-5.3-codex-spark).
- runCodexAuthProbe now distinguishes "model not available" from an auth
failure and surfaces the real API error: collectEvents retains stream
events when the SDK throws on a non-zero exit, and the API error JSON
envelope is unwrapped to its human-readable message.
- The Codex isolation warning now renders inside the clack setup frame.
- Docs updated to gpt-5.5 with a note that *-codex ids require API-key auth.
* fix: require llm.models.default in status and match codex probe remediation
Status reported a project ready when a non-none LLM backend was configured
without llm.models.default, but the runtime (resolveModelSlots) hard-requires
it, so ingest/scan/memory threw after `ktx status` said the project was usable.
buildLlmStatus now fails for any non-none backend missing models.default and no
longer invents a fallback model for claude-code/codex.
Codex probe failures now carry a category-matched fix: a model-access failure
steers the user at llm.models.default instead of the auth/install remediation.
runCodexAuthProbe returns the fix and status consumes it; the message stays
self-sufficient so setup output is unchanged.
Docs: README now lists the codex backend and local Codex auth; ktx-setup.mdx
states --llm-model only accepts codex/default or gpt-*/codex-* ids.
Repaired four doctor fixtures that configured a backend without models.default
(the now-correctly-blocked config) and added coverage for the new behavior.
2026-06-02 13:57:11 +02:00
|
|
|
backend: choice === 'vertex' || choice === 'claude-code' || choice === 'codex' ? choice : 'anthropic',
|
2026-05-16 12:06:34 +02:00
|
|
|
prompted: true,
|
|
|
|
|
};
|
2026-05-13 08:42:38 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function resolveProvidedVertexRef(
|
|
|
|
|
label: 'project' | 'location',
|
|
|
|
|
ref: string,
|
|
|
|
|
env: NodeJS.ProcessEnv,
|
|
|
|
|
io: KtxCliIo,
|
|
|
|
|
): { status: 'ready'; ref: string; value: string } | { status: 'missing-input' } {
|
|
|
|
|
let value: string | undefined;
|
|
|
|
|
try {
|
|
|
|
|
value = resolveKtxConfigReference(ref, env);
|
|
|
|
|
} catch {
|
|
|
|
|
value = undefined;
|
|
|
|
|
}
|
|
|
|
|
if (!value) {
|
|
|
|
|
io.stderr.write(`Missing Vertex AI ${label}: ${ref} could not be resolved.\n`);
|
|
|
|
|
return { status: 'missing-input' };
|
|
|
|
|
}
|
|
|
|
|
return { status: 'ready', ref, value };
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function normalizeGcloudProjectId(projectId: string | undefined): string | undefined {
|
|
|
|
|
const trimmed = projectId?.trim();
|
|
|
|
|
return trimmed ? trimmed : undefined;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function orderGcloudProjects(projects: GcloudProjectChoice[], currentProject: string | undefined): GcloudProjectChoice[] {
|
|
|
|
|
const ordered: GcloudProjectChoice[] = [];
|
|
|
|
|
const seen = new Set<string>();
|
|
|
|
|
const addProject = (project: GcloudProjectChoice) => {
|
|
|
|
|
const projectId = normalizeGcloudProjectId(project.projectId);
|
|
|
|
|
if (!projectId || seen.has(projectId)) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
seen.add(projectId);
|
|
|
|
|
const name = normalizeGcloudProjectId(project.name);
|
|
|
|
|
ordered.push({
|
|
|
|
|
projectId,
|
|
|
|
|
...(name ? { name } : {}),
|
|
|
|
|
});
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
if (currentProject) {
|
|
|
|
|
addProject(projects.find((project) => project.projectId.trim() === currentProject) ?? { projectId: currentProject });
|
|
|
|
|
}
|
|
|
|
|
for (const project of projects) {
|
|
|
|
|
addProject(project);
|
|
|
|
|
}
|
|
|
|
|
return ordered;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function formatGcloudProjectLabel(project: GcloudProjectChoice, currentProject: string | undefined): string {
|
|
|
|
|
const name = project.name && project.name !== project.projectId ? ` - ${project.name}` : '';
|
|
|
|
|
const current = project.projectId === currentProject ? ' (current gcloud project)' : '';
|
|
|
|
|
return `${project.projectId}${name}${current}`;
|
|
|
|
|
}
|
|
|
|
|
|
2026-05-13 19:49:49 -04:00
|
|
|
function formatGcloudProjectListFailure(error: unknown): string {
|
|
|
|
|
const stderr = typeof (error as { stderr?: unknown })?.stderr === 'string' ? (error as { stderr: string }).stderr : '';
|
|
|
|
|
const message = error instanceof Error ? error.message : '';
|
|
|
|
|
const details = `${stderr}\n${message}`;
|
|
|
|
|
const reason = /reauthentication failed|cannot prompt/i.test(details)
|
|
|
|
|
? 'gcloud needs reauthentication before it can list projects.'
|
|
|
|
|
: 'gcloud returned an error while listing projects.';
|
|
|
|
|
return [
|
|
|
|
|
`Could not list Google Cloud projects with gcloud: ${reason}`,
|
|
|
|
|
'Run `gcloud auth login --update-adc` in another terminal, then choose Retry loading Google Cloud projects.',
|
|
|
|
|
]
|
|
|
|
|
.map((line) => yellow(line))
|
|
|
|
|
.join('\n');
|
|
|
|
|
}
|
|
|
|
|
|
2026-05-13 08:42:38 -04:00
|
|
|
async function chooseInteractiveVertexProject(
|
|
|
|
|
currentProject: string | undefined,
|
|
|
|
|
io: KtxCliIo,
|
|
|
|
|
deps: KtxSetupModelDeps,
|
|
|
|
|
): Promise<{ status: 'ready'; ref: string; value: string } | { status: 'back' | 'missing-input' }> {
|
|
|
|
|
const prompts = deps.prompts ?? createPromptAdapter();
|
2026-05-13 19:49:49 -04:00
|
|
|
while (true) {
|
|
|
|
|
let projects: GcloudProjectChoice[] = [];
|
|
|
|
|
let listFailed = false;
|
|
|
|
|
let listFailureMessage: string | undefined;
|
|
|
|
|
try {
|
|
|
|
|
projects = await (deps.listGcloudProjects ?? defaultListGcloudProjects)();
|
|
|
|
|
} catch (error) {
|
|
|
|
|
listFailed = true;
|
|
|
|
|
listFailureMessage = formatGcloudProjectListFailure(error);
|
|
|
|
|
}
|
2026-05-13 08:42:38 -04:00
|
|
|
|
2026-05-13 19:49:49 -04:00
|
|
|
const orderedProjects = orderGcloudProjects(projects, currentProject);
|
|
|
|
|
if (orderedProjects.length === 0 && !listFailed) {
|
|
|
|
|
io.stdout.write('│ gcloud did not return any visible Google Cloud projects. Enter a project ID manually or choose Back.\n');
|
|
|
|
|
}
|
2026-05-13 08:42:38 -04:00
|
|
|
|
2026-05-22 14:22:11 +02:00
|
|
|
const choice = await prompts.autocomplete({
|
2026-05-13 19:49:49 -04:00
|
|
|
message: `Which Google Cloud project should KTX use for Vertex AI?\n\n${[
|
|
|
|
|
VERTEX_PROJECT_PROMPT_CONTEXT,
|
|
|
|
|
listFailureMessage,
|
|
|
|
|
]
|
|
|
|
|
.filter((value): value is string => Boolean(value))
|
|
|
|
|
.join('\n\n')}`,
|
2026-05-22 14:22:11 +02:00
|
|
|
placeholder: 'Type to search projects',
|
2026-05-13 19:49:49 -04:00
|
|
|
options: [
|
|
|
|
|
...orderedProjects.map((project) => ({
|
|
|
|
|
value: project.projectId,
|
|
|
|
|
label: formatGcloudProjectLabel(project, currentProject),
|
|
|
|
|
})),
|
|
|
|
|
...(listFailed ? [{ value: 'retry', label: 'Retry loading Google Cloud projects' }] : []),
|
|
|
|
|
{ value: 'manual', label: 'Enter a project ID manually' },
|
|
|
|
|
{ value: 'back', label: 'Back' },
|
|
|
|
|
],
|
2026-05-13 08:42:38 -04:00
|
|
|
});
|
2026-05-13 19:49:49 -04:00
|
|
|
if (choice === 'back') {
|
2026-05-13 08:42:38 -04:00
|
|
|
return { status: 'back' };
|
|
|
|
|
}
|
2026-05-13 19:49:49 -04:00
|
|
|
if (choice === 'retry') {
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
if (choice === 'manual') {
|
|
|
|
|
const manual = await prompts.text({
|
|
|
|
|
message: withTextInputNavigation('Google Cloud project ID'),
|
|
|
|
|
placeholder: currentProject ?? orderedProjects[0]?.projectId,
|
|
|
|
|
});
|
|
|
|
|
if (manual === undefined) {
|
|
|
|
|
return { status: 'back' };
|
|
|
|
|
}
|
|
|
|
|
const project = normalizeGcloudProjectId(manual);
|
|
|
|
|
return project ? { status: 'ready', ref: project, value: project } : { status: 'missing-input' };
|
|
|
|
|
}
|
2026-05-13 08:42:38 -04:00
|
|
|
|
2026-05-13 19:49:49 -04:00
|
|
|
return { status: 'ready', ref: choice, value: choice };
|
|
|
|
|
}
|
2026-05-13 08:42:38 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async function chooseVertexConfig(
|
|
|
|
|
args: KtxSetupModelArgs,
|
|
|
|
|
io: KtxCliIo,
|
|
|
|
|
deps: KtxSetupModelDeps,
|
|
|
|
|
): Promise<VertexConfigChoice> {
|
|
|
|
|
const env = deps.env ?? process.env;
|
|
|
|
|
let projectRef: string | undefined;
|
|
|
|
|
let projectValue: string | undefined;
|
|
|
|
|
let gcloudProject: string | undefined;
|
|
|
|
|
|
|
|
|
|
if (args.vertexProject) {
|
|
|
|
|
const project = resolveProvidedVertexRef('project', args.vertexProject, env, io);
|
|
|
|
|
if (project.status !== 'ready') {
|
|
|
|
|
return { status: project.status };
|
|
|
|
|
}
|
|
|
|
|
projectRef = project.ref;
|
|
|
|
|
projectValue = project.value;
|
|
|
|
|
} else if (env.GOOGLE_VERTEX_PROJECT?.trim()) {
|
|
|
|
|
projectRef = envCredentialReference('GOOGLE_VERTEX_PROJECT');
|
|
|
|
|
projectValue = env.GOOGLE_VERTEX_PROJECT.trim();
|
|
|
|
|
} else {
|
|
|
|
|
gcloudProject = normalizeGcloudProjectId(await (deps.readGcloudProject ?? defaultReadGcloudProject)());
|
|
|
|
|
if (args.inputMode === 'disabled') {
|
|
|
|
|
if (gcloudProject) {
|
|
|
|
|
projectRef = gcloudProject;
|
|
|
|
|
projectValue = gcloudProject;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
const project = await chooseInteractiveVertexProject(gcloudProject, io, deps);
|
|
|
|
|
if (project.status !== 'ready') {
|
|
|
|
|
return { status: project.status };
|
|
|
|
|
}
|
|
|
|
|
projectRef = project.ref;
|
|
|
|
|
projectValue = project.value;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
let locationRef: string | undefined;
|
|
|
|
|
let locationValue: string | undefined;
|
|
|
|
|
if (args.vertexLocation) {
|
|
|
|
|
const location = resolveProvidedVertexRef('location', args.vertexLocation, env, io);
|
|
|
|
|
if (location.status !== 'ready') {
|
|
|
|
|
return { status: location.status };
|
|
|
|
|
}
|
|
|
|
|
locationRef = location.ref;
|
|
|
|
|
locationValue = location.value;
|
|
|
|
|
} else if (env.GOOGLE_VERTEX_LOCATION?.trim()) {
|
|
|
|
|
locationRef = envCredentialReference('GOOGLE_VERTEX_LOCATION');
|
|
|
|
|
locationValue = env.GOOGLE_VERTEX_LOCATION.trim();
|
|
|
|
|
} else {
|
|
|
|
|
locationRef = DEFAULT_VERTEX_LOCATION;
|
|
|
|
|
locationValue = DEFAULT_VERTEX_LOCATION;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!projectRef || !projectValue) {
|
|
|
|
|
io.stderr.write(
|
|
|
|
|
'Missing Vertex AI project: run `gcloud config set project PROJECT_ID`, pass --vertex-project, or set GOOGLE_VERTEX_PROJECT.\n',
|
|
|
|
|
);
|
|
|
|
|
return { status: 'missing-input' };
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!locationRef || !locationValue) {
|
|
|
|
|
io.stderr.write('Missing Vertex AI location: pass --vertex-location.\n');
|
|
|
|
|
return { status: 'missing-input' };
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return {
|
|
|
|
|
status: 'ready',
|
|
|
|
|
refs: {
|
|
|
|
|
...(projectRef ? { project: projectRef } : {}),
|
|
|
|
|
location: locationRef,
|
|
|
|
|
},
|
|
|
|
|
values: {
|
|
|
|
|
...(projectValue ? { project: projectValue } : {}),
|
|
|
|
|
location: locationValue,
|
|
|
|
|
},
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async function persistLlmConfig(
|
|
|
|
|
projectDir: string,
|
|
|
|
|
provider:
|
|
|
|
|
| { backend: 'anthropic'; credentialRef: string }
|
2026-05-16 12:06:34 +02:00
|
|
|
| { backend: 'vertex'; vertex: { project?: string; location: string } }
|
feat: add codex llm backend for ktx runtime work (#253)
* feat: add codex sdk runner foundation
* feat: parse codex runtime events
* feat: expose codex runtime mcp tools
* feat: add codex llm runtime
* feat: wire codex llm backend
* test: avoid Array.fromAsync in codex runner test
* docs: document codex llm backend
* fix: tighten codex runtime config ownership
* fix: use codex sdk env and thread options
* fix: parse codex sdk event shapes
* test: add codex backend live smoke
* docs: clarify codex backend isolation
* fix: drive codex loop metrics from mcp events
* fix: enforce codex local step budget
* docs: disclose codex isolation limits
* fix: count all codex agent steps and stream step callbacks live
The agent-loop step budget only counted completed mcp_tool_call items, so
built-in command_execution steps (which the public Codex SDK/CLI surface can
still expose) never decremented the budget, letting ingest/reconciliation run
past stepBudget until Codex stopped on its own. onStepFinish was also replayed
only after the whole stream drained, so live work_unit_step / reconciliation
progress appeared stuck until the Codex process exited.
collectEvents is now the single live step accumulator: it counts every
completed agent-action item via a shared isCompletedAgentStep predicate
(command_execution, mcp_tool_call, file_change, web_search), fires onStepFinish
as each step completes, and enforces the budget on that broader count. A
no-tool turn still counts as one step. toolFailures stays MCP-specific, since a
non-zero command exit is normal agent exploration, not a loop failure.
* test: align ingest llm-guard assertions with codex backend
The skip-llm ingest guard message now lists codex as a valid backend and
mentions a Claude Code/Codex session plus a codex setup hint, but this slow
suite test still asserted the pre-codex wording. Update it to match the
production message (already covered by the local-bundle-runtime unit test) and
add the codex setup-line assertion.
* fix: treat codex error:null tool calls as success
The Codex SDK serializes error: null on successful mcp_tool_call items, so
the failure check (item.error !== undefined) flagged every successful tool
call as failed with the empty-payload default "Codex turn failed". This
killed every ingest work unit under the codex backend before it could
produce a patch.
Key on status === 'failed' (authoritative, always set) and only treat a
populated error object as a failure. Add a regression test built from a
verbatim real-SDK event capture.
* fix: default codex backend to gpt-5.5 and report real probe errors
The previous default gpt-5.3-codex is an API-key-only model that the OpenAI
API rejects under ChatGPT-account (subscription) auth, so codex status/setup
failed with a misleading "authentication is not usable" message even though
auth was fine.
- Default codex model is now gpt-5.5 (works on both subscription and API-key
auth); the curated setup picker offers gpt-5.5 / gpt-5.4 / gpt-5.4-mini and
keeps free-form entry for account-specific ids (e.g. gpt-5.3-codex-spark).
- runCodexAuthProbe now distinguishes "model not available" from an auth
failure and surfaces the real API error: collectEvents retains stream
events when the SDK throws on a non-zero exit, and the API error JSON
envelope is unwrapped to its human-readable message.
- The Codex isolation warning now renders inside the clack setup frame.
- Docs updated to gpt-5.5 with a note that *-codex ids require API-key auth.
* fix: require llm.models.default in status and match codex probe remediation
Status reported a project ready when a non-none LLM backend was configured
without llm.models.default, but the runtime (resolveModelSlots) hard-requires
it, so ingest/scan/memory threw after `ktx status` said the project was usable.
buildLlmStatus now fails for any non-none backend missing models.default and no
longer invents a fallback model for claude-code/codex.
Codex probe failures now carry a category-matched fix: a model-access failure
steers the user at llm.models.default instead of the auth/install remediation.
runCodexAuthProbe returns the fix and status consumes it; the message stays
self-sufficient so setup output is unchanged.
Docs: README now lists the codex backend and local Codex auth; ktx-setup.mdx
states --llm-model only accepts codex/default or gpt-*/codex-* ids.
Repaired four doctor fixtures that configured a backend without models.default
(the now-correctly-blocked config) and added coverage for the new behavior.
2026-06-02 13:57:11 +02:00
|
|
|
| { backend: 'claude-code' }
|
|
|
|
|
| { backend: 'codex' },
|
2026-06-08 15:30:48 +02:00
|
|
|
models: KtxSetupModelPreset,
|
2026-05-13 08:42:38 -04:00
|
|
|
): Promise<void> {
|
2026-05-10 23:51:24 +02:00
|
|
|
const project = await loadKtxProject({ projectDir });
|
2026-05-13 13:55:21 +02:00
|
|
|
const config = {
|
|
|
|
|
...project.config,
|
2026-06-08 15:30:48 +02:00
|
|
|
llm: buildProjectLlmConfig(project.config.llm, provider, models),
|
2026-05-13 13:55:21 +02:00
|
|
|
scan: {
|
|
|
|
|
...project.config.scan,
|
|
|
|
|
enrichment: {
|
2026-05-13 08:42:38 -04:00
|
|
|
...project.config.scan.enrichment,
|
|
|
|
|
mode: 'llm' as const,
|
2026-05-10 23:12:26 +02:00
|
|
|
},
|
2026-05-13 08:42:38 -04:00
|
|
|
},
|
|
|
|
|
};
|
2026-05-10 23:51:24 +02:00
|
|
|
await writeFile(project.configPath, serializeKtxProjectConfig(config), 'utf-8');
|
2026-05-12 16:26:23 -07:00
|
|
|
await markKtxSetupStateStepComplete(projectDir, 'llm');
|
2026-05-10 23:12:26 +02:00
|
|
|
}
|
|
|
|
|
|
2026-05-13 08:42:38 -04:00
|
|
|
function buildInteractiveRetryArgs(args: KtxSetupModelArgs, backend?: KtxSetupLlmBackend): KtxSetupModelArgs {
|
2026-05-10 23:12:26 +02:00
|
|
|
return {
|
|
|
|
|
projectDir: args.projectDir,
|
|
|
|
|
inputMode: args.inputMode,
|
2026-05-13 08:42:38 -04:00
|
|
|
...(backend ?? args.llmBackend ? { llmBackend: backend ?? args.llmBackend } : {}),
|
|
|
|
|
showPromptInstructions: false,
|
2026-05-10 23:12:26 +02:00
|
|
|
skipLlm: args.skipLlm,
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
|
2026-06-08 15:30:48 +02:00
|
|
|
type PresetModelValidationResult = { ok: true } | { ok: false; message: string };
|
|
|
|
|
|
|
|
|
|
function distinctPresetModels(preset: KtxSetupModelPreset): string[] {
|
|
|
|
|
const models: string[] = [];
|
|
|
|
|
const seen = new Set<string>();
|
|
|
|
|
for (const role of KTX_MODEL_ROLES) {
|
|
|
|
|
const model = preset[role];
|
|
|
|
|
if (!seen.has(model)) {
|
|
|
|
|
seen.add(model);
|
|
|
|
|
models.push(model);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return models;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function rolesUsingModel(preset: KtxSetupModelPreset, model: string): KtxModelRole[] {
|
|
|
|
|
return KTX_MODEL_ROLES.filter((role) => preset[role] === model);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function formatPresetFallbackWarning(roles: KtxModelRole[], unavailableModel: string, anchorModel: string): string {
|
|
|
|
|
return `LLM model ${unavailableModel} is unavailable for ${roles.join(', ')}; using ${anchorModel} for those roles.`;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async function validatePresetModels(
|
|
|
|
|
preset: KtxSetupModelPreset,
|
|
|
|
|
validateModel: (model: string) => Promise<PresetModelValidationResult>,
|
|
|
|
|
io: KtxCliIo,
|
|
|
|
|
): Promise<{ status: 'ready'; models: KtxSetupModelPreset } | { status: 'failed'; message: string }> {
|
|
|
|
|
const anchorModel = preset.default;
|
|
|
|
|
const degraded = { ...preset };
|
|
|
|
|
const models = distinctPresetModels(preset);
|
|
|
|
|
|
|
|
|
|
const anchorResult = await validateModel(anchorModel);
|
|
|
|
|
if (!anchorResult.ok) {
|
|
|
|
|
return { status: 'failed', message: anchorResult.message };
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for (const model of models) {
|
|
|
|
|
if (model === anchorModel) {
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
const result = await validateModel(model);
|
|
|
|
|
if (result.ok) {
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
const affectedRoles = rolesUsingModel(degraded, model);
|
|
|
|
|
for (const role of affectedRoles) {
|
|
|
|
|
degraded[role] = anchorModel;
|
|
|
|
|
}
|
|
|
|
|
io.stderr.write(`${formatPresetFallbackWarning(affectedRoles, model, anchorModel)}\n`);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return { status: 'ready', models: degraded };
|
|
|
|
|
}
|
|
|
|
|
|
2026-05-10 23:51:24 +02:00
|
|
|
export async function runKtxSetupAnthropicModelStep(
|
|
|
|
|
args: KtxSetupModelArgs,
|
|
|
|
|
io: KtxCliIo,
|
|
|
|
|
deps: KtxSetupModelDeps = {},
|
|
|
|
|
): Promise<KtxSetupModelResult> {
|
2026-05-10 23:12:26 +02:00
|
|
|
if (args.skipLlm) {
|
2026-05-12 16:58:09 -07:00
|
|
|
io.stdout.write('│ LLM setup skipped.\n');
|
2026-05-10 23:12:26 +02:00
|
|
|
return { status: 'skipped', projectDir: args.projectDir };
|
|
|
|
|
}
|
|
|
|
|
|
2026-05-10 23:51:24 +02:00
|
|
|
const project = await loadKtxProject({ projectDir: args.projectDir });
|
2026-05-10 23:12:26 +02:00
|
|
|
if (
|
|
|
|
|
args.forcePrompt !== true &&
|
2026-05-12 01:05:28 +02:00
|
|
|
hasUsableConfiguredLlm(project.config) &&
|
2026-05-13 08:42:38 -04:00
|
|
|
!args.llmBackend &&
|
2026-05-10 23:12:26 +02:00
|
|
|
!args.anthropicApiKeyEnv &&
|
|
|
|
|
!args.anthropicApiKeyFile &&
|
2026-05-13 08:42:38 -04:00
|
|
|
!args.vertexProject &&
|
|
|
|
|
!args.vertexLocation
|
2026-05-10 23:12:26 +02:00
|
|
|
) {
|
2026-05-12 16:58:09 -07:00
|
|
|
io.stdout.write(`│ LLM ready: yes (${project.config.llm.models.default})\n`);
|
2026-05-10 23:12:26 +02:00
|
|
|
return { status: 'ready', projectDir: args.projectDir };
|
|
|
|
|
}
|
|
|
|
|
|
2026-05-10 23:51:24 +02:00
|
|
|
const healthCheck = deps.healthCheck ?? ((config: KtxLlmConfig) => runKtxLlmHealthCheck(config));
|
2026-05-10 23:12:26 +02:00
|
|
|
let attemptArgs = args;
|
|
|
|
|
|
|
|
|
|
while (true) {
|
2026-05-13 08:42:38 -04:00
|
|
|
const backendChoice = await chooseBackend(attemptArgs, io, deps);
|
|
|
|
|
if (backendChoice.status !== 'ready') {
|
|
|
|
|
return { status: backendChoice.status, projectDir: args.projectDir };
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const backendArgs = backendChoice.prompted
|
|
|
|
|
? ({ ...attemptArgs, llmBackend: backendChoice.backend, showPromptInstructions: false } satisfies KtxSetupModelArgs)
|
|
|
|
|
: attemptArgs;
|
|
|
|
|
|
|
|
|
|
if (backendChoice.backend === 'vertex') {
|
|
|
|
|
const vertex = await chooseVertexConfig(backendArgs, io, deps);
|
|
|
|
|
if (vertex.status === 'back' && backendChoice.prompted) {
|
|
|
|
|
attemptArgs = buildInteractiveRetryArgs(args);
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
if (vertex.status !== 'ready') {
|
|
|
|
|
return { status: vertex.status, projectDir: args.projectDir };
|
|
|
|
|
}
|
|
|
|
|
|
2026-06-08 15:30:48 +02:00
|
|
|
const preset = presetForBackend('vertex');
|
|
|
|
|
const validation = await validatePresetModels(
|
|
|
|
|
preset,
|
|
|
|
|
async (model) =>
|
|
|
|
|
runLlmHealthCheckWithProgress(
|
|
|
|
|
buildVertexHealthConfig(vertex.values, model),
|
|
|
|
|
'Vertex AI',
|
|
|
|
|
model,
|
|
|
|
|
healthCheck,
|
|
|
|
|
deps,
|
|
|
|
|
),
|
|
|
|
|
io,
|
|
|
|
|
);
|
|
|
|
|
if (validation.status !== 'ready') {
|
|
|
|
|
io.stderr.write(
|
|
|
|
|
`Vertex AI Anthropic model health check failed: ${formatVertexHealthFailure(validation.message, vertex.values)}\n`,
|
|
|
|
|
);
|
|
|
|
|
if (args.inputMode === 'disabled') {
|
|
|
|
|
return { status: 'failed', projectDir: args.projectDir };
|
|
|
|
|
}
|
|
|
|
|
io.stderr.write('Choose a different Vertex AI project or location, or Back.\n');
|
2026-05-13 08:42:38 -04:00
|
|
|
attemptArgs = buildInteractiveRetryArgs(args, backendChoice.backend);
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
|
2026-06-08 15:30:48 +02:00
|
|
|
await persistLlmConfig(args.projectDir, { backend: 'vertex', vertex: vertex.refs }, validation.models);
|
|
|
|
|
io.stdout.write(`│ LLM ready: yes (${validation.models.default})\n`);
|
|
|
|
|
return { status: 'ready', projectDir: args.projectDir };
|
2026-05-13 08:42:38 -04:00
|
|
|
}
|
|
|
|
|
|
2026-05-16 12:06:34 +02:00
|
|
|
if (backendChoice.backend === 'claude-code') {
|
2026-06-08 15:30:48 +02:00
|
|
|
const preset = presetForBackend('claude-code');
|
2026-05-16 12:06:34 +02:00
|
|
|
const probe = deps.claudeCodeAuthProbe ?? runClaudeCodeAuthProbe;
|
2026-06-08 15:30:48 +02:00
|
|
|
const validation = await validatePresetModels(
|
|
|
|
|
preset,
|
|
|
|
|
async (model) => probe({ projectDir: args.projectDir, model, env: deps.env ?? process.env }),
|
|
|
|
|
io,
|
|
|
|
|
);
|
|
|
|
|
if (validation.status !== 'ready') {
|
|
|
|
|
io.stderr.write(`${validation.message}\n`);
|
2026-05-16 12:06:34 +02:00
|
|
|
return { status: 'failed', projectDir: args.projectDir };
|
|
|
|
|
}
|
|
|
|
|
const warning = formatClaudeCodePromptCachingWarning(
|
|
|
|
|
ignoredClaudeCodePromptCachingFields(
|
2026-06-08 15:30:48 +02:00
|
|
|
buildProjectLlmConfig(project.config.llm, { backend: 'claude-code' }, validation.models),
|
2026-05-16 12:06:34 +02:00
|
|
|
),
|
|
|
|
|
);
|
|
|
|
|
if (warning) {
|
|
|
|
|
io.stderr.write(`${warning}\n`);
|
|
|
|
|
}
|
2026-06-08 15:30:48 +02:00
|
|
|
await persistLlmConfig(args.projectDir, { backend: 'claude-code' }, validation.models);
|
|
|
|
|
io.stdout.write(`│ LLM ready: yes (${validation.models.default})\n`);
|
2026-05-16 12:06:34 +02:00
|
|
|
return { status: 'ready', projectDir: args.projectDir };
|
|
|
|
|
}
|
|
|
|
|
|
feat: add codex llm backend for ktx runtime work (#253)
* feat: add codex sdk runner foundation
* feat: parse codex runtime events
* feat: expose codex runtime mcp tools
* feat: add codex llm runtime
* feat: wire codex llm backend
* test: avoid Array.fromAsync in codex runner test
* docs: document codex llm backend
* fix: tighten codex runtime config ownership
* fix: use codex sdk env and thread options
* fix: parse codex sdk event shapes
* test: add codex backend live smoke
* docs: clarify codex backend isolation
* fix: drive codex loop metrics from mcp events
* fix: enforce codex local step budget
* docs: disclose codex isolation limits
* fix: count all codex agent steps and stream step callbacks live
The agent-loop step budget only counted completed mcp_tool_call items, so
built-in command_execution steps (which the public Codex SDK/CLI surface can
still expose) never decremented the budget, letting ingest/reconciliation run
past stepBudget until Codex stopped on its own. onStepFinish was also replayed
only after the whole stream drained, so live work_unit_step / reconciliation
progress appeared stuck until the Codex process exited.
collectEvents is now the single live step accumulator: it counts every
completed agent-action item via a shared isCompletedAgentStep predicate
(command_execution, mcp_tool_call, file_change, web_search), fires onStepFinish
as each step completes, and enforces the budget on that broader count. A
no-tool turn still counts as one step. toolFailures stays MCP-specific, since a
non-zero command exit is normal agent exploration, not a loop failure.
* test: align ingest llm-guard assertions with codex backend
The skip-llm ingest guard message now lists codex as a valid backend and
mentions a Claude Code/Codex session plus a codex setup hint, but this slow
suite test still asserted the pre-codex wording. Update it to match the
production message (already covered by the local-bundle-runtime unit test) and
add the codex setup-line assertion.
* fix: treat codex error:null tool calls as success
The Codex SDK serializes error: null on successful mcp_tool_call items, so
the failure check (item.error !== undefined) flagged every successful tool
call as failed with the empty-payload default "Codex turn failed". This
killed every ingest work unit under the codex backend before it could
produce a patch.
Key on status === 'failed' (authoritative, always set) and only treat a
populated error object as a failure. Add a regression test built from a
verbatim real-SDK event capture.
* fix: default codex backend to gpt-5.5 and report real probe errors
The previous default gpt-5.3-codex is an API-key-only model that the OpenAI
API rejects under ChatGPT-account (subscription) auth, so codex status/setup
failed with a misleading "authentication is not usable" message even though
auth was fine.
- Default codex model is now gpt-5.5 (works on both subscription and API-key
auth); the curated setup picker offers gpt-5.5 / gpt-5.4 / gpt-5.4-mini and
keeps free-form entry for account-specific ids (e.g. gpt-5.3-codex-spark).
- runCodexAuthProbe now distinguishes "model not available" from an auth
failure and surfaces the real API error: collectEvents retains stream
events when the SDK throws on a non-zero exit, and the API error JSON
envelope is unwrapped to its human-readable message.
- The Codex isolation warning now renders inside the clack setup frame.
- Docs updated to gpt-5.5 with a note that *-codex ids require API-key auth.
* fix: require llm.models.default in status and match codex probe remediation
Status reported a project ready when a non-none LLM backend was configured
without llm.models.default, but the runtime (resolveModelSlots) hard-requires
it, so ingest/scan/memory threw after `ktx status` said the project was usable.
buildLlmStatus now fails for any non-none backend missing models.default and no
longer invents a fallback model for claude-code/codex.
Codex probe failures now carry a category-matched fix: a model-access failure
steers the user at llm.models.default instead of the auth/install remediation.
runCodexAuthProbe returns the fix and status consumes it; the message stays
self-sufficient so setup output is unchanged.
Docs: README now lists the codex backend and local Codex auth; ktx-setup.mdx
states --llm-model only accepts codex/default or gpt-*/codex-* ids.
Repaired four doctor fixtures that configured a backend without models.default
(the now-correctly-blocked config) and added coverage for the new behavior.
2026-06-02 13:57:11 +02:00
|
|
|
if (backendChoice.backend === 'codex') {
|
2026-06-08 15:30:48 +02:00
|
|
|
const preset = presetForBackend('codex');
|
feat: add codex llm backend for ktx runtime work (#253)
* feat: add codex sdk runner foundation
* feat: parse codex runtime events
* feat: expose codex runtime mcp tools
* feat: add codex llm runtime
* feat: wire codex llm backend
* test: avoid Array.fromAsync in codex runner test
* docs: document codex llm backend
* fix: tighten codex runtime config ownership
* fix: use codex sdk env and thread options
* fix: parse codex sdk event shapes
* test: add codex backend live smoke
* docs: clarify codex backend isolation
* fix: drive codex loop metrics from mcp events
* fix: enforce codex local step budget
* docs: disclose codex isolation limits
* fix: count all codex agent steps and stream step callbacks live
The agent-loop step budget only counted completed mcp_tool_call items, so
built-in command_execution steps (which the public Codex SDK/CLI surface can
still expose) never decremented the budget, letting ingest/reconciliation run
past stepBudget until Codex stopped on its own. onStepFinish was also replayed
only after the whole stream drained, so live work_unit_step / reconciliation
progress appeared stuck until the Codex process exited.
collectEvents is now the single live step accumulator: it counts every
completed agent-action item via a shared isCompletedAgentStep predicate
(command_execution, mcp_tool_call, file_change, web_search), fires onStepFinish
as each step completes, and enforces the budget on that broader count. A
no-tool turn still counts as one step. toolFailures stays MCP-specific, since a
non-zero command exit is normal agent exploration, not a loop failure.
* test: align ingest llm-guard assertions with codex backend
The skip-llm ingest guard message now lists codex as a valid backend and
mentions a Claude Code/Codex session plus a codex setup hint, but this slow
suite test still asserted the pre-codex wording. Update it to match the
production message (already covered by the local-bundle-runtime unit test) and
add the codex setup-line assertion.
* fix: treat codex error:null tool calls as success
The Codex SDK serializes error: null on successful mcp_tool_call items, so
the failure check (item.error !== undefined) flagged every successful tool
call as failed with the empty-payload default "Codex turn failed". This
killed every ingest work unit under the codex backend before it could
produce a patch.
Key on status === 'failed' (authoritative, always set) and only treat a
populated error object as a failure. Add a regression test built from a
verbatim real-SDK event capture.
* fix: default codex backend to gpt-5.5 and report real probe errors
The previous default gpt-5.3-codex is an API-key-only model that the OpenAI
API rejects under ChatGPT-account (subscription) auth, so codex status/setup
failed with a misleading "authentication is not usable" message even though
auth was fine.
- Default codex model is now gpt-5.5 (works on both subscription and API-key
auth); the curated setup picker offers gpt-5.5 / gpt-5.4 / gpt-5.4-mini and
keeps free-form entry for account-specific ids (e.g. gpt-5.3-codex-spark).
- runCodexAuthProbe now distinguishes "model not available" from an auth
failure and surfaces the real API error: collectEvents retains stream
events when the SDK throws on a non-zero exit, and the API error JSON
envelope is unwrapped to its human-readable message.
- The Codex isolation warning now renders inside the clack setup frame.
- Docs updated to gpt-5.5 with a note that *-codex ids require API-key auth.
* fix: require llm.models.default in status and match codex probe remediation
Status reported a project ready when a non-none LLM backend was configured
without llm.models.default, but the runtime (resolveModelSlots) hard-requires
it, so ingest/scan/memory threw after `ktx status` said the project was usable.
buildLlmStatus now fails for any non-none backend missing models.default and no
longer invents a fallback model for claude-code/codex.
Codex probe failures now carry a category-matched fix: a model-access failure
steers the user at llm.models.default instead of the auth/install remediation.
runCodexAuthProbe returns the fix and status consumes it; the message stays
self-sufficient so setup output is unchanged.
Docs: README now lists the codex backend and local Codex auth; ktx-setup.mdx
states --llm-model only accepts codex/default or gpt-*/codex-* ids.
Repaired four doctor fixtures that configured a backend without models.default
(the now-correctly-blocked config) and added coverage for the new behavior.
2026-06-02 13:57:11 +02:00
|
|
|
const probe = deps.codexAuthProbe ?? runCodexAuthProbe;
|
2026-06-08 15:30:48 +02:00
|
|
|
const validation = await validatePresetModels(preset, async (model) => probe({ projectDir: args.projectDir, model }), io);
|
|
|
|
|
if (validation.status !== 'ready') {
|
|
|
|
|
io.stderr.write(`${validation.message}\n`);
|
feat: add codex llm backend for ktx runtime work (#253)
* feat: add codex sdk runner foundation
* feat: parse codex runtime events
* feat: expose codex runtime mcp tools
* feat: add codex llm runtime
* feat: wire codex llm backend
* test: avoid Array.fromAsync in codex runner test
* docs: document codex llm backend
* fix: tighten codex runtime config ownership
* fix: use codex sdk env and thread options
* fix: parse codex sdk event shapes
* test: add codex backend live smoke
* docs: clarify codex backend isolation
* fix: drive codex loop metrics from mcp events
* fix: enforce codex local step budget
* docs: disclose codex isolation limits
* fix: count all codex agent steps and stream step callbacks live
The agent-loop step budget only counted completed mcp_tool_call items, so
built-in command_execution steps (which the public Codex SDK/CLI surface can
still expose) never decremented the budget, letting ingest/reconciliation run
past stepBudget until Codex stopped on its own. onStepFinish was also replayed
only after the whole stream drained, so live work_unit_step / reconciliation
progress appeared stuck until the Codex process exited.
collectEvents is now the single live step accumulator: it counts every
completed agent-action item via a shared isCompletedAgentStep predicate
(command_execution, mcp_tool_call, file_change, web_search), fires onStepFinish
as each step completes, and enforces the budget on that broader count. A
no-tool turn still counts as one step. toolFailures stays MCP-specific, since a
non-zero command exit is normal agent exploration, not a loop failure.
* test: align ingest llm-guard assertions with codex backend
The skip-llm ingest guard message now lists codex as a valid backend and
mentions a Claude Code/Codex session plus a codex setup hint, but this slow
suite test still asserted the pre-codex wording. Update it to match the
production message (already covered by the local-bundle-runtime unit test) and
add the codex setup-line assertion.
* fix: treat codex error:null tool calls as success
The Codex SDK serializes error: null on successful mcp_tool_call items, so
the failure check (item.error !== undefined) flagged every successful tool
call as failed with the empty-payload default "Codex turn failed". This
killed every ingest work unit under the codex backend before it could
produce a patch.
Key on status === 'failed' (authoritative, always set) and only treat a
populated error object as a failure. Add a regression test built from a
verbatim real-SDK event capture.
* fix: default codex backend to gpt-5.5 and report real probe errors
The previous default gpt-5.3-codex is an API-key-only model that the OpenAI
API rejects under ChatGPT-account (subscription) auth, so codex status/setup
failed with a misleading "authentication is not usable" message even though
auth was fine.
- Default codex model is now gpt-5.5 (works on both subscription and API-key
auth); the curated setup picker offers gpt-5.5 / gpt-5.4 / gpt-5.4-mini and
keeps free-form entry for account-specific ids (e.g. gpt-5.3-codex-spark).
- runCodexAuthProbe now distinguishes "model not available" from an auth
failure and surfaces the real API error: collectEvents retains stream
events when the SDK throws on a non-zero exit, and the API error JSON
envelope is unwrapped to its human-readable message.
- The Codex isolation warning now renders inside the clack setup frame.
- Docs updated to gpt-5.5 with a note that *-codex ids require API-key auth.
* fix: require llm.models.default in status and match codex probe remediation
Status reported a project ready when a non-none LLM backend was configured
without llm.models.default, but the runtime (resolveModelSlots) hard-requires
it, so ingest/scan/memory threw after `ktx status` said the project was usable.
buildLlmStatus now fails for any non-none backend missing models.default and no
longer invents a fallback model for claude-code/codex.
Codex probe failures now carry a category-matched fix: a model-access failure
steers the user at llm.models.default instead of the auth/install remediation.
runCodexAuthProbe returns the fix and status consumes it; the message stays
self-sufficient so setup output is unchanged.
Docs: README now lists the codex backend and local Codex auth; ktx-setup.mdx
states --llm-model only accepts codex/default or gpt-*/codex-* ids.
Repaired four doctor fixtures that configured a backend without models.default
(the now-correctly-blocked config) and added coverage for the new behavior.
2026-06-02 13:57:11 +02:00
|
|
|
return { status: 'failed', projectDir: args.projectDir };
|
|
|
|
|
}
|
|
|
|
|
// Prefix the clack gutter so the warning sits inside the setup frame
|
|
|
|
|
// instead of breaking out of it; kept on stderr for scripted runs.
|
|
|
|
|
io.stderr.write(`│ ${formatCodexIsolationWarning()}\n`);
|
2026-06-08 15:30:48 +02:00
|
|
|
await persistLlmConfig(args.projectDir, { backend: 'codex' }, validation.models);
|
|
|
|
|
io.stdout.write(`│ LLM ready: yes (codex, ${validation.models.default})\n`);
|
feat: add codex llm backend for ktx runtime work (#253)
* feat: add codex sdk runner foundation
* feat: parse codex runtime events
* feat: expose codex runtime mcp tools
* feat: add codex llm runtime
* feat: wire codex llm backend
* test: avoid Array.fromAsync in codex runner test
* docs: document codex llm backend
* fix: tighten codex runtime config ownership
* fix: use codex sdk env and thread options
* fix: parse codex sdk event shapes
* test: add codex backend live smoke
* docs: clarify codex backend isolation
* fix: drive codex loop metrics from mcp events
* fix: enforce codex local step budget
* docs: disclose codex isolation limits
* fix: count all codex agent steps and stream step callbacks live
The agent-loop step budget only counted completed mcp_tool_call items, so
built-in command_execution steps (which the public Codex SDK/CLI surface can
still expose) never decremented the budget, letting ingest/reconciliation run
past stepBudget until Codex stopped on its own. onStepFinish was also replayed
only after the whole stream drained, so live work_unit_step / reconciliation
progress appeared stuck until the Codex process exited.
collectEvents is now the single live step accumulator: it counts every
completed agent-action item via a shared isCompletedAgentStep predicate
(command_execution, mcp_tool_call, file_change, web_search), fires onStepFinish
as each step completes, and enforces the budget on that broader count. A
no-tool turn still counts as one step. toolFailures stays MCP-specific, since a
non-zero command exit is normal agent exploration, not a loop failure.
* test: align ingest llm-guard assertions with codex backend
The skip-llm ingest guard message now lists codex as a valid backend and
mentions a Claude Code/Codex session plus a codex setup hint, but this slow
suite test still asserted the pre-codex wording. Update it to match the
production message (already covered by the local-bundle-runtime unit test) and
add the codex setup-line assertion.
* fix: treat codex error:null tool calls as success
The Codex SDK serializes error: null on successful mcp_tool_call items, so
the failure check (item.error !== undefined) flagged every successful tool
call as failed with the empty-payload default "Codex turn failed". This
killed every ingest work unit under the codex backend before it could
produce a patch.
Key on status === 'failed' (authoritative, always set) and only treat a
populated error object as a failure. Add a regression test built from a
verbatim real-SDK event capture.
* fix: default codex backend to gpt-5.5 and report real probe errors
The previous default gpt-5.3-codex is an API-key-only model that the OpenAI
API rejects under ChatGPT-account (subscription) auth, so codex status/setup
failed with a misleading "authentication is not usable" message even though
auth was fine.
- Default codex model is now gpt-5.5 (works on both subscription and API-key
auth); the curated setup picker offers gpt-5.5 / gpt-5.4 / gpt-5.4-mini and
keeps free-form entry for account-specific ids (e.g. gpt-5.3-codex-spark).
- runCodexAuthProbe now distinguishes "model not available" from an auth
failure and surfaces the real API error: collectEvents retains stream
events when the SDK throws on a non-zero exit, and the API error JSON
envelope is unwrapped to its human-readable message.
- The Codex isolation warning now renders inside the clack setup frame.
- Docs updated to gpt-5.5 with a note that *-codex ids require API-key auth.
* fix: require llm.models.default in status and match codex probe remediation
Status reported a project ready when a non-none LLM backend was configured
without llm.models.default, but the runtime (resolveModelSlots) hard-requires
it, so ingest/scan/memory threw after `ktx status` said the project was usable.
buildLlmStatus now fails for any non-none backend missing models.default and no
longer invents a fallback model for claude-code/codex.
Codex probe failures now carry a category-matched fix: a model-access failure
steers the user at llm.models.default instead of the auth/install remediation.
runCodexAuthProbe returns the fix and status consumes it; the message stays
self-sufficient so setup output is unchanged.
Docs: README now lists the codex backend and local Codex auth; ktx-setup.mdx
states --llm-model only accepts codex/default or gpt-*/codex-* ids.
Repaired four doctor fixtures that configured a backend without models.default
(the now-correctly-blocked config) and added coverage for the new behavior.
2026-06-02 13:57:11 +02:00
|
|
|
return { status: 'ready', projectDir: args.projectDir };
|
|
|
|
|
}
|
|
|
|
|
|
2026-05-13 08:42:38 -04:00
|
|
|
const credential = await chooseCredentialRef(backendArgs, io, deps);
|
|
|
|
|
if (credential.status === 'back' && backendChoice.prompted) {
|
|
|
|
|
attemptArgs = buildInteractiveRetryArgs(args);
|
|
|
|
|
continue;
|
|
|
|
|
}
|
2026-05-10 23:12:26 +02:00
|
|
|
if (credential.status !== 'ready') {
|
|
|
|
|
return { status: credential.status, projectDir: args.projectDir };
|
|
|
|
|
}
|
|
|
|
|
|
2026-06-08 15:30:48 +02:00
|
|
|
const preset = presetForBackend('anthropic');
|
|
|
|
|
const validation = await validatePresetModels(
|
|
|
|
|
preset,
|
|
|
|
|
async (model) =>
|
|
|
|
|
runLlmHealthCheckWithProgress(
|
|
|
|
|
buildAnthropicHealthConfig(credential.value, model),
|
|
|
|
|
'Anthropic API',
|
|
|
|
|
model,
|
|
|
|
|
healthCheck,
|
|
|
|
|
deps,
|
|
|
|
|
),
|
|
|
|
|
io,
|
|
|
|
|
);
|
|
|
|
|
if (validation.status !== 'ready') {
|
|
|
|
|
io.stderr.write(`Anthropic model health check failed: ${validation.message}\n`);
|
2026-05-10 23:12:26 +02:00
|
|
|
if (args.inputMode === 'disabled') {
|
|
|
|
|
return { status: 'failed', projectDir: args.projectDir };
|
|
|
|
|
}
|
|
|
|
|
io.stderr.write('Choose a different credential source or Back.\n');
|
2026-05-13 08:42:38 -04:00
|
|
|
attemptArgs = buildInteractiveRetryArgs(args, backendChoice.backend);
|
2026-05-10 23:12:26 +02:00
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
|
2026-06-08 15:30:48 +02:00
|
|
|
await persistLlmConfig(args.projectDir, { backend: 'anthropic', credentialRef: credential.ref }, validation.models);
|
|
|
|
|
io.stdout.write(`│ LLM ready: yes (${validation.models.default})\n`);
|
|
|
|
|
return { status: 'ready', projectDir: args.projectDir };
|
2026-05-10 23:12:26 +02:00
|
|
|
}
|
|
|
|
|
}
|