feat: add SDK identification headers to all HTTP requests

[devin-ai-integration]

feat: add SDK identification headers to all HTTP requests

Summary

Adds three identification headers to every HTTP request made by the Python SDK so the backend can identify which SDK, language, and version originated each call:

Header	Value
hh-sdk-version	SDK __version__ (e.g. 1.0.0rc16), falls back to "unknown"
hh-sdk-language	python
hh-sdk-package	honeyhive

Approach: A new get_default_headers() method on APIConfig centralizes the standard header set (Content-Type, Accept, Authorization, and the three new SDK headers). Both the code-generation Jinja2 templates (httpx.jinja2, apiconfig_pydantic_2.jinja2) and the generated output were updated, so the headers survive future make generate runs. The CLI and tracer OTLP exporter were also updated directly.

Updates since last revision

• Added hh-sdk-language and hh-sdk-package headers alongside hh-sdk-version (per discussion about distinguishing Python honeyhive from TS honeyhive / @honeyhive/logger)
• Added 9 unit tests in tests_v2/unit/test_api_config_headers.py covering all header keys and values
• Simplified CHANGELOG to customer-facing language
• All prior fixes still apply: code-gen templates, graceful _get_sdk_version() fallback, Bearer None fix

Review & Testing Checklist for Human

• End-to-end header verification: Make a test API call against staging and inspect request headers on the backend to confirm all three hh-sdk-* headers appear with the expected values. CI doesn't exercise a real backend.
• Bearer when no token: When access_token is None, the Authorization header becomes "Bearer " (empty string after Bearer). Confirm the backend handles this gracefully — this is pre-existing behavior that was "Bearer None" before this PR.
• Template header_params path: The httpx.jinja2 template has a conditional {% if header_params|length > 0 %} block. No current endpoints use header params, so this path is untested. If a future OpenAPI spec adds header parameters, verify make generate still produces valid Python.

Notes

• The OTLP exporter path (tracer spans) uses a separate _get_sdk_version() helper since those headers have a different structure (X-Project, X-Source) and don't go through APIConfig.
• Requested by @skylarmb
• Link to Devin run

[devin-ai-integration]

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

• Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
• Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

• Disable automatic comment and CI monitoring

[snyk-io]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Licenses	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[claude]

Claude finished @devin-ai-integration[bot]'s task in 2m 12s —— View job

---

Reviewing PR #268

• Gather context and read changed files
• Review api_config.py changes (core logic)
• Review generated service files
• Review client.py, cli/main.py, and tracer changes
• Post inline comments for specific issues
• Post top-level review summary

Summary

Reviewed all 22 changed files. The centralization of headers into get_default_headers() is a clean improvement that removes ~490 lines of duplication.

Posted 3 inline comments covering:

1. Bearer None risk when access_token is None (minor bug)
2. Graceful degradation suggestion for the lazy __version__ import
3. Nit on _get_sdk_version() being a thin wrapper

Posted top-level review covering:

• Generated file durability risk (changes will be lost on next code gen)
• No tests added for the new header
• Confirmation of no backwards compatibility issues

[github-actions]

📚 Documentation preview built — Download artifact

Review instructions & validation status

How to Review

1. Download the artifact from the link above
2. Extract the files
3. Open index.html in your browser

Validation Status

• API validation: ✅ Passed
• Build process: ✅ Successful
• Import tests: ✅ All imports working

[claude]

Code Review Summary

Overall: Clean, well-scoped change. The centralization of headers into get_default_headers() is a net positive — it removes ~490 lines of duplication and makes future header additions trivial. The approach is sound.

What looks good

• Lazy import strategy is correct. __version__ is defined at the top of __init__.py (line 6, before any submodule imports), so the from honeyhive import __version__ inside get_default_headers() is safe from circular imports at call time.
• Consistent coverage — all 18 generated service files, client.py, CLI, and tracer OTLP exporter are updated.
• The PR description's review checklist is thorough and honest about risks.

Concerns

1. Generated file durability (medium risk): All _generated/services/*.py files were hand-edited. If there's a code generation step (e.g., openapi-python-generator or similar), these changes will be silently overwritten on next regeneration. Recommendation: Update the generator template or add a post-generation hook to emit api_config.get_default_headers() instead of inline headers. Otherwise this is a maintenance time-bomb.

2. No tests added: There are no unit tests for get_default_headers() or for verifying the hh-sdk-version header is present in requests. A simple test asserting the header key and value format would catch regressions — especially important given the generated file durability concern above.

3. Backwards compatibility: This PR is strictly additive (new header, no signature changes). No breaking changes detected.

Documentation

No documentation updates needed — this is an internal header not exposed in any public API.

See inline comments for specific code-level feedback.

[github-actions]

📚 Documentation preview built — Download artifact

Review instructions & validation status

How to Review

1. Download the artifact from the link above
2. Extract the files
3. Open index.html in your browser

Validation Status

• API validation: ✅ Passed
• Build process: ✅ Successful
• Import tests: ✅ All imports working

[devin-ai-integration]

✅ Devin Review: No Issues Found

Devin Review analyzed this PR and found no potential bugs to report.

View in Devin Review to see 5 additional findings.

[github-actions]

📚 Documentation preview built — Download artifact

Review instructions & validation status

How to Review

1. Download the artifact from the link above
2. Extract the files
3. Open index.html in your browser

Validation Status

• API validation: ✅ Passed
• Build process: ✅ Successful
• Import tests: ✅ All imports working

[github-actions]

📚 Documentation preview built — Download artifact

Review instructions & validation status

How to Review

1. Download the artifact from the link above
2. Extract the files
3. Open index.html in your browser

Validation Status

• API validation: ✅ Passed
• Build process: ✅ Successful
• Import tests: ✅ All imports working

[github-actions]

📚 Documentation preview built — Download artifact

Review instructions & validation status

How to Review

1. Download the artifact from the link above
2. Extract the files
3. Open index.html in your browser

Validation Status

• API validation: ✅ Passed
• Build process: ✅ Successful
• Import tests: ✅ All imports working

[skylarmb]

@claude approve with final review

[skylarmb]

@claude review the final diff and whether feedback was addressed

[claude]

Claude finished @skylarmb's task in 1m 42s —— View job

---

Reviewing PR #268 — Final diff and feedback resolution

• Gather context: read the full diff against base branch
• Check if previous review feedback was addressed
• Review new test file
• Post final review summary

Previous Feedback — Resolution Status

Feedback	Status	Details
Bearer None bug — get_access_token() returning None produced "Bearer None"	Addressed	Fixed with self.get_access_token() or '' in api_config.py:68. Test added at test_api_config_headers.py:42.
Graceful degradation — wrap lazy __version__ import in try/except	Addressed	_get_sdk_version() in both api_config.py:75-82 and initialization.py:50-57 uses try/except Exception with "unknown" fallback. CLI at main.py:347-351 also has the same pattern.
No tests — header behavior was untested	Addressed	9 tests added in tests_v2/unit/test_api_config_headers.py covering all header keys, values, version matching, and the Bearer None fix.
CHANGELOG too implementation-detailed	Addressed	Simplified to customer-facing language: lists the three hh-sdk-* headers without internal details.
Code-gen template durability — hand-edits to generated files would be lost on make generate	Addressed	Both apiconfig_pydantic_2.jinja2 and httpx.jinja2 templates were updated. Generated files match the template output, so make generate will preserve the changes.
_get_sdk_version() indirection nit — helper used once in tracer	Acknowledged	Kept as-is for consistency with api_config.py. Reasonable decision.
Add hh-sdk-language and hh-sdk-package headers	Addressed	All three headers present in api_config.py, initialization.py, and cli/main.py.

Final Diff Review

All feedback from both Claude and @skylarmb has been addressed. The final state of the code is clean:

• api_config.py: get_default_headers() returns all 6 headers (Content-Type, Accept, Authorization, hh-sdk-version, hh-sdk-language, hh-sdk-package). _get_sdk_version() is a module-level helper with graceful fallback.
• Templates: Both apiconfig_pydantic_2.jinja2 and httpx.jinja2 are in sync with the generated output. The httpx template uses headers = api_config.get_default_headers() cleanly on line 17.
• Generated services (18 files): All use api_config.get_default_headers() — no inline header dicts remain. Net deletion of ~490 lines of duplication.
• client.py: The two export/export_async methods that make direct httpx calls now use self._api_config.get_default_headers().
• cli/main.py: Includes all three hh-sdk-* headers with the same graceful version fallback pattern.
• initialization.py: OTLP exporter headers include all three hh-sdk-* headers via the local _get_sdk_version() helper.
• Tests: 9 unit tests in test_api_config_headers.py — well-structured, covers the key behaviors.
• CHANGELOG: Customer-facing, concise.

No new issues found. LGTM.

---