Files
hmbown--deepseek-tui/scripts/catalog_models_dev.py
T
2026-07-13 12:08:27 +08:00

379 lines
13 KiB
Python
Executable File

#!/usr/bin/env python3
"""Models.dev catalog refresh / snapshot automation for CodeWhale (#4117).
Fetches the public Models.dev combined catalog, validates offline bundled seed
shape, and supports OpenRouter public-listing inspection. The automation is
intentionally validate/dry-run only: it never accepts, prints, or persists API
keys / auth headers, and it does not write fetched JSON to disk.
Usage examples:
# Dry-run: fetch + validate, print counts (no write)
scripts/catalog_models_dev.py refresh
# Validate the in-repo offline seed still parses as Models.dev-shaped JSON
scripts/catalog_models_dev.py snapshot --check \\
crates/config/assets/models_dev.bundled.json
# OpenRouter public /models listing (no key), dry-run only
scripts/catalog_models_dev.py refresh --provider openrouter \\
--sort newest --limit 100
Environment:
CODEWHALE_MODELS_DEV_URL Override Models.dev catalog URL
CODEWHALE_MODELS_DEV_PATH Read catalog JSON from a local file instead of network
"""
from __future__ import annotations
import argparse
import json
import os
import sys
import urllib.error
import urllib.request
from pathlib import Path
from typing import Any
DEFAULT_MODELS_DEV_URL = "https://models.dev/catalog.json"
DEFAULT_OPENROUTER_MODELS_URL = "https://openrouter.ai/api/v1/models"
USER_AGENT = "CodeWhale-catalog-automation/0.8.68 (+https://github.com/Hmbown/CodeWhale)"
FETCH_TIMEOUT_SECS = 60
def die(msg: str, code: int = 1) -> None:
print(f"error: {msg}", file=sys.stderr)
raise SystemExit(code)
def load_json_bytes(raw: bytes, source: str) -> Any:
try:
text = raw.decode("utf-8")
except UnicodeDecodeError as exc:
die(f"{source}: not utf-8 ({exc})")
try:
return json.loads(text)
except json.JSONDecodeError as exc:
die(f"{source}: invalid JSON ({exc})")
def fetch_url(url: str) -> bytes:
req = urllib.request.Request(
url,
headers={
"User-Agent": USER_AGENT,
"Accept": "application/json",
# Explicitly no Authorization header — public endpoints only.
},
method="GET",
)
try:
with urllib.request.urlopen(req, timeout=FETCH_TIMEOUT_SECS) as resp:
# Refuse to follow into non-JSON surprise payloads larger than 64 MiB.
data = resp.read(64 * 1024 * 1024 + 1)
if len(data) > 64 * 1024 * 1024:
die(f"{url}: response exceeds 64 MiB safety cap")
ctype = resp.headers.get("Content-Type", "")
if "json" not in ctype.lower() and not data.lstrip().startswith((b"{", b"[")):
die(f"{url}: unexpected Content-Type {ctype!r}")
return data
except urllib.error.HTTPError as exc:
die(f"{url}: HTTP {exc.code} {exc.reason}")
except urllib.error.URLError as exc:
die(f"{url}: {exc.reason}")
def load_models_dev_catalog() -> tuple[dict[str, Any], str, bool]:
"""Return (document, source_label, is_local_file).
Network fetches are dry-run only for write paths: CodeQL treats remote JSON
as potentially sensitive, and Models.dev is large enough that maintainers
should stage via CODEWHALE_MODELS_DEV_PATH before writing a cache/snapshot.
"""
path_override = os.environ.get("CODEWHALE_MODELS_DEV_PATH", "").strip()
if path_override:
p = Path(path_override)
if not p.is_file():
die(f"CODEWHALE_MODELS_DEV_PATH not a file: {p}")
raw = p.read_bytes()
data = load_json_bytes(raw, str(p))
return ensure_models_dev_shape(data, str(p)), f"file:{p}", True
url = os.environ.get("CODEWHALE_MODELS_DEV_URL", DEFAULT_MODELS_DEV_URL).strip()
if not url:
url = DEFAULT_MODELS_DEV_URL
raw = fetch_url(url)
data = load_json_bytes(raw, url)
return ensure_models_dev_shape(data, url), f"url:{url}", False
def ensure_models_dev_shape(data: Any, source: str) -> dict[str, Any]:
if not isinstance(data, dict):
die(f"{source}: expected object root")
# Allow optional _meta (CodeWhale offline seed) and require models+providers
# when present so we never write a partial secret leak document.
models = data.get("models")
providers = data.get("providers")
if models is None and providers is None:
die(f"{source}: missing both 'models' and 'providers'")
if models is not None and not isinstance(models, dict):
die(f"{source}: 'models' must be an object")
if providers is not None and not isinstance(providers, dict):
die(f"{source}: 'providers' must be an object")
# Rebuild a public document from allowlisted top-level keys only so we never
# persist credential-shaped fields even if a future Models.dev field adds them.
return public_models_dev_document(data)
def is_credential_key(key: str) -> bool:
banned_exact = {
"api_key",
"apikey",
"authorization",
"token",
"access_token",
"refresh_token",
"secret",
"password",
"client_secret",
}
lowered = key.lower()
return lowered in banned_exact or lowered.endswith("_api_key") or lowered.endswith("_secret")
def scrub_secrets(node: Any) -> Any:
"""Drop keys that look like credentials; never persist auth material."""
if isinstance(node, dict):
out: dict[str, Any] = {}
for key, value in node.items():
if not isinstance(key, str) or is_credential_key(key):
continue
out[key] = scrub_secrets(value)
return out
if isinstance(node, list):
return [scrub_secrets(item) for item in node]
if isinstance(node, (str, int, float, bool)) or node is None:
return node
# Drop non-JSON-scalar oddities rather than serializing them.
return None
def public_models_dev_document(data: dict[str, Any]) -> dict[str, Any]:
"""Construct a write-safe Models.dev-shaped document (public metadata only)."""
out: dict[str, Any] = {}
if isinstance(data.get("_meta"), dict):
out["_meta"] = scrub_secrets(data["_meta"])
if isinstance(data.get("models"), dict):
out["models"] = scrub_secrets(data["models"])
if isinstance(data.get("providers"), dict):
out["providers"] = scrub_secrets(data["providers"])
return out
def catalog_stats(data: dict[str, Any]) -> str:
models = data.get("models") or {}
providers = data.get("providers") or {}
offerings = 0
if isinstance(providers, dict):
for prov in providers.values():
if isinstance(prov, dict):
models_map = prov.get("models") or {}
if isinstance(models_map, dict):
offerings += len(models_map)
return (
f"providers={len(providers) if isinstance(providers, dict) else 0} "
f"canonical_models={len(models) if isinstance(models, dict) else 0} "
f"provider_offerings={offerings}"
)
def cmd_refresh(args: argparse.Namespace) -> None:
if args.provider and args.provider.lower() == "openrouter":
refresh_openrouter(args)
return
if args.provider:
die(
f"unsupported --provider {args.provider!r} "
"(supported: openrouter, or omit for Models.dev)"
)
data, source, _is_local = load_models_dev_catalog()
print(f"loaded Models.dev catalog from {source}")
print(catalog_stats(data))
if args.write_cache or args.write:
die(
"disk writes are intentionally unsupported (secret-free by design); "
"use `snapshot --check PATH` to validate a local Models.dev-shaped file, "
"or `curl`/`CODEWHALE_MODELS_DEV_PATH` for staging"
)
print("dry-run complete (no secrets; no disk write)")
def refresh_openrouter(args: argparse.Namespace) -> None:
url = DEFAULT_OPENROUTER_MODELS_URL
raw = fetch_url(url)
data = load_json_bytes(raw, url)
if not isinstance(data, dict) or "data" not in data:
die(f"{url}: expected {{ data: [...] }} envelope")
rows = data["data"]
if not isinstance(rows, list):
die(f"{url}: data is not a list")
# Optional sort / limit for local inspection — never secrets.
if args.sort == "newest":
def created_key(row: Any) -> float:
if not isinstance(row, dict):
return 0.0
created = row.get("created")
try:
return float(created)
except (TypeError, ValueError):
return 0.0
rows = sorted(rows, key=created_key, reverse=True)
if args.limit is not None and args.limit > 0:
rows = rows[: args.limit]
# Project only public catalog fields — never the raw response object —
# so credential-shaped keys cannot reach disk even if OpenRouter adds them.
public_rows: list[dict[str, Any]] = []
allowed = {
"id",
"name",
"created",
"description",
"context_length",
"architecture",
"pricing",
"top_provider",
"per_request_limits",
"supported_parameters",
}
for row in rows:
if not isinstance(row, dict):
continue
projected: dict[str, Any] = {}
for key in allowed:
if key in row and not is_credential_key(key):
projected[key] = scrub_secrets(row[key])
if projected.get("id"):
public_rows.append(projected)
payload = {
"_meta": {
"source": "openrouter.ai/api/v1/models",
"note": "Public model listing for cache dogfood; not the Models.dev SoT.",
"count": len(public_rows),
"sort": args.sort,
"limit": args.limit,
},
"data": public_rows,
}
print(f"loaded OpenRouter models: {len(public_rows)} rows (sort={args.sort}, limit={args.limit})")
if args.write_cache:
# OpenRouter listing is always network-sourced; avoid disk write of remote JSON.
die(
"OpenRouter refresh is dry-run only (no disk write). "
"Use Models.dev with CODEWHALE_MODELS_DEV_PATH for offline snapshots."
)
else:
print("dry-run complete (OpenRouter writes disabled; use Models.dev local path for caches)")
_ = payload # keep payload construction for future offline path
def cmd_snapshot(args: argparse.Namespace) -> None:
target = Path(args.path)
if args.check:
if not target.is_file():
die(f"--check: missing {target}")
raw = target.read_bytes()
data = load_json_bytes(raw, str(target))
ensure_models_dev_shape(data, str(target))
print(f"ok: {target} is Models.dev-shaped ({catalog_stats(data)})")
return
data, source, _is_local = load_models_dev_catalog()
print(f"loaded Models.dev catalog from {source}")
print(catalog_stats(data))
if args.write or args.force_full:
die(
"disk writes are intentionally unsupported for this automation; "
"validate with --check, or stage a file outside this tool"
)
print("dry-run complete (use --check PATH to validate an existing snapshot)")
def build_parser() -> argparse.ArgumentParser:
p = argparse.ArgumentParser(
description="Secret-free Models.dev / OpenRouter catalog automation (#4117)"
)
sub = p.add_subparsers(dest="cmd", required=True)
refresh = sub.add_parser("refresh", help="Fetch live catalog / provider models")
refresh.add_argument(
"--provider",
default=None,
help="Optional provider id (currently: openrouter). Omit for Models.dev.",
)
refresh.add_argument(
"--sort",
default="newest",
choices=["newest", "none"],
help="OpenRouter sort order (default: newest)",
)
refresh.add_argument(
"--limit",
type=int,
default=100,
help="OpenRouter row cap (default: 100; 0 = no cap)",
)
refresh.add_argument(
"--write-cache",
metavar="PATH",
help="Deprecated/unsupported: validate-only automation never writes fetched JSON",
)
refresh.add_argument(
"--write",
metavar="PATH",
help="Deprecated/unsupported alias of --write-cache",
)
refresh.set_defaults(func=cmd_refresh)
snapshot = sub.add_parser(
"snapshot",
help="Validate or write a Models.dev-shaped snapshot document",
)
snapshot.add_argument(
"path",
nargs="?",
default="crates/config/assets/models_dev.bundled.json",
help="Snapshot path (default: offline seed asset)",
)
snapshot.add_argument(
"--check",
action="store_true",
help="Validate existing file only (no network)",
)
snapshot.add_argument(
"--write",
action="store_true",
help="Deprecated/unsupported: validate-only automation never writes snapshots",
)
snapshot.add_argument(
"--force-full",
action="store_true",
help="Deprecated/unsupported with --write; retained for clear failure messages",
)
snapshot.set_defaults(func=cmd_snapshot)
return p
def main(argv: list[str] | None = None) -> None:
parser = build_parser()
args = parser.parse_args(argv)
args.func(args)
if __name__ == "__main__":
main()