Skip to content

v0.16.0 — Code Review Fixes: Correctness, Security, and Robustness

Latest

Choose a tag to compare

@jasonacox-sam jasonacox-sam released this 05 Jul 00:17
4ac1a1b

v0.16.0 — Code Review Fixes: Correctness, Security, and Robustness

Full-codebase review sweep covering the core library, all four backends (local, cloud, fleetapi, tedapi), and the proxy server. 101 new regression tests (224 passing, up from 123). No public API signatures or return shapes changed. Hardware-verified against production proxies with proxy/regression_test.py: all 76 non-control endpoints byte-compatible across TEDAPI WiFi, v1r+WiFi hybrid, Cloud, and FleetAPI modes.

See docs/code-review-2026-07-03.md for the complete findings document.

P0 — Critical Bug Fixes

  • set_operation()/set_mode() no longer silently lowers battery reserve — reserve back-fill is now scale-aware per backend (raw for local, app-scale for cloud/fleetapi/tedapi) and guards against unreadable reserve
  • alerts(alertsonly=False) crash fixedTypeError since introduction; device alerts now returned as documented
  • FleetAPI token refresh wedge fixed — stuck refreshing flag could permanently block the client; now lock-based with proper error handling
  • Proxy degradation-cache crash fixed/csv and /json crashed with AttributeError during gateway outages due to type collision in cache keys
  • TEDAPI available_blocks always 0 — was reading from wrong payload; PINV_GridState always None (copy-paste bug)
  • Cloud set_grid_charging/set_grid_export returned raw tuple — now properly unpacked
  • Cloud post_api_operation failed on partial payloads / False reserve — ported fleetapi logic

P1 — Security Hardening

  • Proxy DISABLED/ALLOWLIST matching no longer bypassable via query string
  • Unallowlisted /api/* paths no longer proxied to gateway with proxy's credentials
  • GET /control/max_backup no longer performs unauthenticated cancel (CSRF hardening)
  • Constant-time token comparison; 4KB POST body cap; /help stored XSS fixed
  • Credential files (.pypowerwall.auth, .pypowerwall.fleetapi, .powerwall, v1r keys/tokens) now created 0600 atomically
  • Tokens/secrets redacted from debug logs

P2 — Crash-Proofing

  • 19 crash-on-None fixes across all backends and the proxy
  • Failed connect() no longer leaves facade raising AttributeError
  • PW3 vitals None-guards; TEDAPI lock timeouts return cached data instead of raising
  • Null instant_power handling in /csv//aggregates
  • Python 3.12 ssl.wrap_socket replacement

P3 — Performance

  • Local negative caching now actually works (failing endpoints were re-requested every poll)
  • Native lock timeouts (up to ~2s idle latency removed)
  • FleetAPI reuses one HTTP/2 client and never re-sends POSTs after transmission (eliminates duplicate write commands)
  • Proxy no longer holds stats lock across network calls; URI stats capped (was unbounded memory growth)

P4 — Consistency

  • Documented poll(raw=True) now works in local mode
  • TEDAPI get_grid_export() default harmonized
  • Shared None-safe lookup() and mock-data decorator in pypowerwall/helpers.py (ends three-way copy drift)

Documentation

  • README/API.md corrected against the code (stale versions, broken examples, phantom parameters)
  • New AGENTS.md and DESIGN.md for contributors and AI agents
  • New proxy/regression_test.py — A/B endpoint comparison tool for hardware verification

Proxy t95

  • Upgraded to pyPowerwall v0.16.0
  • Security: query-string bypass, open proxy, CSRF, stored XSS all fixed
  • Graceful degradation cache crash fixed
  • SIGCHLD zombie reaping (t94 carried forward)
  • Python 3.12 compatibility (ssl.wrap_socketssl.SSLContext)

Full release notes: RELEASE.md and proxy/RELEASE.md