v0.16.0 — Code Review Fixes: Correctness, Security, and Robustness
Full-codebase review sweep covering the core library, all four backends (local, cloud, fleetapi, tedapi), and the proxy server. 101 new regression tests (224 passing, up from 123). No public API signatures or return shapes changed. Hardware-verified against production proxies with proxy/regression_test.py: all 76 non-control endpoints byte-compatible across TEDAPI WiFi, v1r+WiFi hybrid, Cloud, and FleetAPI modes.
See docs/code-review-2026-07-03.md for the complete findings document.
P0 — Critical Bug Fixes
set_operation()/set_mode()no longer silently lowers battery reserve — reserve back-fill is now scale-aware per backend (raw for local, app-scale for cloud/fleetapi/tedapi) and guards against unreadable reservealerts(alertsonly=False)crash fixed —TypeErrorsince introduction; device alerts now returned as documented- FleetAPI token refresh wedge fixed — stuck
refreshingflag could permanently block the client; now lock-based with proper error handling - Proxy degradation-cache crash fixed —
/csvand/jsoncrashed withAttributeErrorduring gateway outages due to type collision in cache keys - TEDAPI
available_blocksalways 0 — was reading from wrong payload;PINV_GridStatealways None (copy-paste bug) - Cloud
set_grid_charging/set_grid_exportreturned raw tuple — now properly unpacked - Cloud
post_api_operationfailed on partial payloads /Falsereserve — ported fleetapi logic
P1 — Security Hardening
- Proxy DISABLED/ALLOWLIST matching no longer bypassable via query string
- Unallowlisted
/api/*paths no longer proxied to gateway with proxy's credentials - GET
/control/max_backupno longer performs unauthenticated cancel (CSRF hardening) - Constant-time token comparison; 4KB POST body cap;
/helpstored XSS fixed - Credential files (
.pypowerwall.auth,.pypowerwall.fleetapi,.powerwall, v1r keys/tokens) now created0600atomically - Tokens/secrets redacted from debug logs
P2 — Crash-Proofing
- 19 crash-on-None fixes across all backends and the proxy
- Failed
connect()no longer leaves facade raisingAttributeError - PW3 vitals None-guards; TEDAPI lock timeouts return cached data instead of raising
- Null
instant_powerhandling in/csv//aggregates - Python 3.12
ssl.wrap_socketreplacement
P3 — Performance
- Local negative caching now actually works (failing endpoints were re-requested every poll)
- Native lock timeouts (up to ~2s idle latency removed)
- FleetAPI reuses one HTTP/2 client and never re-sends POSTs after transmission (eliminates duplicate write commands)
- Proxy no longer holds stats lock across network calls; URI stats capped (was unbounded memory growth)
P4 — Consistency
- Documented
poll(raw=True)now works in local mode - TEDAPI
get_grid_export()default harmonized - Shared None-safe
lookup()and mock-data decorator inpypowerwall/helpers.py(ends three-way copy drift)
Documentation
- README/API.md corrected against the code (stale versions, broken examples, phantom parameters)
- New
AGENTS.mdandDESIGN.mdfor contributors and AI agents - New
proxy/regression_test.py— A/B endpoint comparison tool for hardware verification
Proxy t95
- Upgraded to pyPowerwall v0.16.0
- Security: query-string bypass, open proxy, CSRF, stored XSS all fixed
- Graceful degradation cache crash fixed
- SIGCHLD zombie reaping (t94 carried forward)
- Python 3.12 compatibility (
ssl.wrap_socket→ssl.SSLContext)
Full release notes: RELEASE.md and proxy/RELEASE.md