Skip to content

Releases: NeapolitanIcecream/loreley

v0.7.9-alpha

02 Apr 15:00
@NeapolitanIcecream NeapolitanIcecream
v0.7.9-alpha
d5b9f86

Choose a tag to compare

View all tags
v0.7.9-alpha Pre-release
Pre-release

v0.7.9-alpha

This alpha release packages the changes landed after v0.7.8-alpha.

Use it if you need Loreley to run reliably against OpenAI-compatible gateways that issue short-lived dynamic API keys instead of long-lived static credentials.

Highlights

  • Dynamic OpenAI-compatible API key support via OPENAI_DYNAMIC_API_KEY_PROVIDER. Internal SDK paths now share a process-local cached token that refreshes before expiry, while Kilocode planning/coding subprocesses fetch a fresh one-shot token immediately before each launch.
  • Safer dynamic-auth validation and preflight. Scheduler/worker startup now validates provider references, rejects unsupported async/opaque providers, tolerates broken provider imports as normal failed checks, and warns when dynamic token TTLs are shorter than configured Kilocode timeouts.
  • Retry and fallback hardening across long-running paths. Embedding batches, Kilocode launches, and trajectory chunk summarization now preserve their existing retry/fallback semantics when dynamic key lookup is temporarily unavailable.
  • Better Kilocode credential precedence. Explicit backend KILO_OPENAI_API_KEY overrides still win, inherited stale process env no longer masks fresh runtime tokens, and backend-specific key resolution failures now surface through the normal planning/coding retry path.

Upgrade Notes

No database reset required

This release does not change the database schema or instance metadata version.

New configuration knobs

Review these settings when you enable dynamic OpenAI auth:

  • OPENAI_DYNAMIC_API_KEY_PROVIDER
  • OPENAI_DYNAMIC_API_KEY_TTL_SECONDS
  • OPENAI_DYNAMIC_API_KEY_REFRESH_SKEW_SECONDS

See Configuration for details and examples.

Operational notes

  • Dynamic auth only supports one token per Kilocode subprocess launch. Loreley does not rotate credentials inside an already-running Kilocode CLI process.
  • If you already inject a backend-specific KILO_OPENAI_API_KEY, Loreley will preserve that explicit override instead of replacing it with the shared dynamic token.
  • When dynamic auth is enabled with Kilocode, preflight warns if OPENAI_DYNAMIC_API_KEY_TTL_SECONDS is shorter than the configured planning/coding timeouts.

See Scheduler and Worker for the updated preflight expectations.

Validation

  • CI continues to run uv run pytest.
  • Local validation for this release candidate: 392 passed in 16.31s.

Recommended Release Summary

  • Add dynamic OpenAI-compatible API key support for short-lived tokens.
  • Harden preflight, retry, and fallback behavior around transient token-provider failures.
  • Preserve explicit Kilocode API-key overrides while still refreshing shared internal SDK auth.
Loading