Update SDK with multipart boundary fix

[chiang-daniel]

Copies the patched generated SDK from kiln_server PR https://github.com/Kiln-AI/kiln_server/pull/211 and adds regression tests for the multipart boundary fix.

The regenerated SDK no longer hardcodes Content-Type headers on multipart endpoints, letting httpx auto-generate a safe boundary. This prevents multipart parse failures when zip payloads happen to contain the boundary string.

New test file with 7 tests that build real httpx multipart requests through the SDK and verify the zip content survives a round-trip even with adversarial payloads like +++, ------, and fake Content-Disposition headers.

🤖 Generated with Claude Code

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: d1294447-1589-41eb-b37e-0f08e52b01ee

📥 Commits

Reviewing files that changed from the base of the PR and between 4bc2275 and c3fe7d5.

⛔ Files ignored due to path filters (10)

• app/desktop/studio_server/api_client/kiln_ai_server_client/api/jobs/start_sample_job_v1_jobs_sample_job_start_post.py is excluded by !app/desktop/studio_server/api_client/kiln_ai_server_client/**
• app/desktop/studio_server/api_client/kiln_ai_server_client/models/__init__.py is excluded by !app/desktop/studio_server/api_client/kiln_ai_server_client/**
• app/desktop/studio_server/api_client/kiln_ai_server_client/models/chat_completion_assistant_message_param_wrapper.py is excluded by !app/desktop/studio_server/api_client/kiln_ai_server_client/**
• app/desktop/studio_server/api_client/kiln_ai_server_client/models/chat_session_list_item.py is excluded by !app/desktop/studio_server/api_client/kiln_ai_server_client/**
• app/desktop/studio_server/api_client/kiln_ai_server_client/models/kiln_base_model.py is excluded by !app/desktop/studio_server/api_client/kiln_ai_server_client/**
• app/desktop/studio_server/api_client/kiln_ai_server_client/models/message_usage.py is excluded by !app/desktop/studio_server/api_client/kiln_ai_server_client/**
• app/desktop/studio_server/api_client/kiln_ai_server_client/models/task_output.py is excluded by !app/desktop/studio_server/api_client/kiln_ai_server_client/**
• app/desktop/studio_server/api_client/kiln_ai_server_client/models/task_output_rating.py is excluded by !app/desktop/studio_server/api_client/kiln_ai_server_client/**
• app/desktop/studio_server/api_client/kiln_ai_server_client/models/task_run.py is excluded by !app/desktop/studio_server/api_client/kiln_ai_server_client/**
• app/desktop/studio_server/api_client/kiln_ai_server_client/models/usage.py is excluded by !app/desktop/studio_server/api_client/kiln_ai_server_client/**

📒 Files selected for processing (1)

• app/desktop/studio_server/test_multipart_boundary.py

---

Walkthrough

This PR adds a comprehensive test module that regression-tests multipart boundary encoding for file uploads. It creates helper utilities to build and extract multipart requests, then validates that the SDK's multipart encoding correctly handles both normal and adversarial zip contents, including payloads containing delimiter-like strings.

Changes

Multipart Boundary Encoding Tests

Layer / File(s)	Summary
Test helpers and utilities app/desktop/studio_server/test_multipart_boundary.py	_make_zip_with_content creates in-memory zip files, _read_httpx_stream reads streaming request bodies, _build_multipart_request constructs httpx.Request objects from SDK multipart bodies, and _extract_zip_from_multipart parses multipart boundaries to recover zip payloads.
Regression tests app/desktop/studio_server/test_multipart_boundary.py	Tests verify that _get_kwargs does not hardcode Content-Type (preserving boundary negotiation), multipart roundtrips preserve zip contents including edge cases like "+++", and adversarial payloads containing multipart-like delimiters and header strings do not corrupt the extracted zip.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰 A zip goes in, boundary stays tight,
Through multipart plains, it journeys right.
Delimiters dance, yet nothing breaks—
This roundtrip test for safety's sake! ✨📦

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Description check	❓ Inconclusive	The description provides context about the changes and mentions the related kiln_server PR, but is missing the required template sections including CLA confirmation and checklists.	Add missing template sections: CLA confirmation statement and completion of the checklists (tests run locally, new tests documented).

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title is related to the changeset but is overly broad; it mentions the 'multipart boundary fix' in the SDK but doesn't convey that the PR primarily adds regression tests for this fix.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch dchiang/test-multipart

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Code Review

This pull request introduces the MessageUsage model to track token usage and cost, updates existing models to integrate it, replaces dateutil.parser.isoparse with datetime.datetime.fromisoformat, and adds a new test suite for multipart boundary handling. Feedback highlights a compatibility issue with datetime.datetime.fromisoformat parsing UTC timestamps ending in 'Z' on Python versions prior to 3.11, and suggests improvements to the test helpers to ensure robust header parsing and prevent false matches on binary payloads.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

[github-actions]

📊 Coverage Report

Overall Coverage: 92%

Diff: origin/main...HEAD

No lines with coverage information in this diff.

---

• 📊 HTML Coverage Report - Interactive coverage report
• 📈 Diff Coverage Report - Detailed diff analysis
• Github Actions Run - View the full coverage report