LCORE-544: Bump-up to version 0.2.0

[tisnik]

Description

Bump-up to version 0.2.0

Type of change

• Refactor
• New feature
• Bug fix
• CVE fix
• Optimization
• Documentation Update
• Configuration Update
• Bump-up service version
• Bump-up dependent library
• Bump-up library or tool used for development (does not change the final image)
• CI configuration change
• Konflux configuration change
• Unit tests improvement
• Integration tests improvement
• End to end tests improvement

Related Tickets & Documents

• Related Issue #LCORE-544

Summary by CodeRabbit

• Documentation

  • Updated all references to version 0.2.0 across README, deployment instructions, and getting started guide.
  • Refreshed installation output to reflect an expanded dependency set and new version.
  • OpenAPI specification now reports version 0.2.0.

• Chores

  • Bumped application version to 0.2.0.

[coderabbitai]

Walkthrough

Project version references updated from 0.1.3 to 0.2.0 across README, docs, OpenAPI metadata, and the Python version constant. Docs also refresh example outputs, including an expanded dependency list in getting_started.md. No functional code or API changes.

Changes

Cohort / File(s)	Summary of Changes
README badge README.md	Updated version badge tag from 0.1.3 to 0.2.0.
Docs: deployment & getting started docs/deployment_guide.md, docs/getting_started.md	Bumped image/version references to 0.2.0; refreshed sample outputs. getting_started adds a longer dependency list in example installation output. Text-only.
OpenAPI metadata docs/openapi.json	info.version updated to 0.2.0; added trailing newline. No endpoint/schema changes.
Code version constant src/version.py	__version__ updated from "0.1.3" to "0.2.0".

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Possibly related PRs

• Bump version to 0.1.1 #315 — Version bump touching README badge, docs/openapi.json, and src/version.py.
• LCORE-459: Bump-up to version 0.1.3 #345 — Similar project-wide version string updates across docs and src/version.py.
• LCORE-448: Bump-up to version 0.1.2 #326 — Updates package/service version in src/version.py and corresponding docs/README references.

Suggested reviewers

• umago

Poem

A nibble of numbers, a hop to two-dot-oh,
I twitch my whiskers—versions come and go.
Docs get a polish, badges shine anew,
OpenAPI whispers, “I’m versioned too!”
With gentle thumps, I sign this note: 🐇
Shipping the bump—carrot-ready, let’s float!

Tip

🔌 Remote MCP (Model Context Protocol) integration is now available!

Pro plan users can now connect to remote MCP servers from the Integrations page. Connect with popular remote MCPs such as Notion and Linear to add more context to your reviews and chats.

✨ Finishing Touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

• Visit our Status Page to check the current availability of CodeRabbit.
• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (2)

docs/deployment_guide.md (2)

403-404: Fix stray backtick in cp command.

The trailing backtick breaks copy/paste.

-cp examples/lightspeed-stack-lls-external.yaml lightspeed-stack.yaml`
+cp examples/lightspeed-stack-lls-external.yaml lightspeed-stack.yaml

---

617-632: docs/deployment_guide.md: Stable image tag 0.2.0 not found on Quay — action required
The manifest check for quay.io/lightspeed-core/lightspeed-stack:0.2.0 returned HTTP 404, indicating the tag does not exist. Update the docs or the registry so that users can pull the referenced image.

• File docs/deployment_guide.md, lines 617–632: the example podman pull …:0.2.0 should point to an existing tag or you must push the 0.2.0 image to quay.io.
• After fixing, re-run the manifest check or manually verify that curl -I https://quay.io/v2/lightspeed-core/lightspeed-stack/manifests/0.2.0 returns HTTP 200.

🧹 Nitpick comments (4)

docs/openapi.json (1)

1-2239: Consider defining securitySchemes and operation/global security to satisfy CKV_OPENAPI_4/5.

Static analysis flags the spec for lacking security definitions. If applicable to 0.2.0, add a bearer auth scheme and wire it to the endpoints that require auth (e.g., /v1/query, /v1/feedback, conversations). Keep “noop” deployments in mind—attach security at operation-level instead of globally if some endpoints must remain open.

Example snippet to incorporate (adapt as needed):

{
  "components": {
    "securitySchemes": {
      "BearerAuth": { "type": "http", "scheme": "bearer", "bearerFormat": "JWT" }
    }
  },
  "paths": {
    "/v1/query": {
      "post": {
        "security": [ { "BearerAuth": [] } ]
      }
    }
  }
  // Optionally, a top-level "security": [ { "BearerAuth": [] } ] if all endpoints require auth
}

docs/deployment_guide.md (1)

672-701: Unify Llama Stack version across docs (0.2.14 here vs 0.2.17 elsewhere).

This guide pins llama-stack==0.2.14, while docs/getting_started.md uses 0.2.17. Please align to a single recommended version or a supported range that matches MINIMAL/MAXIMAL_SUPPORTED_LLAMA_STACK_VERSION in src/constants.py for 0.2.0.

Options:

• Pick one version (e.g., 0.2.17) everywhere and validate it’s within the supported range.
• Or document a range (e.g., >=A, <B) consistent with the service’s compatibility gates.

Also applies to: 148-201

docs/getting_started.md (2)

64-64: Dependency snapshot reflects lightspeed-stack 0.2.0 — OK.

If you want to reduce doc churn on every bump, consider templating the version (e.g., ${LS_STACK_VERSION}) or annotating that exact versions in the sample output may differ.

---

27-45: Llama Stack pinned to 0.2.17 — ensure consistency with other docs.

README.md and deployment_guide pin 0.2.14, while this page uses 0.2.17. Please pick one recommended version (or a supported range) across the docs and confirm it’s within the service’s supported bounds.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between e2ec07f and 19da578.

📒 Files selected for processing (5)

• README.md (1 hunks)
• docs/deployment_guide.md (2 hunks)
• docs/getting_started.md (1 hunks)
• docs/openapi.json (2 hunks)
• src/version.py (1 hunks)

🧰 Additional context used

🧠 Learnings (1)

📚 Learning: 2025-08-18T10:56:55.349Z

Learnt from: matysek
PR: lightspeed-core/lightspeed-stack#292
File: pyproject.toml:0-0
Timestamp: 2025-08-18T10:56:55.349Z
Learning: The lightspeed-stack project intentionally uses a "generic image" approach, bundling many dependencies directly in the base runtime image to work for everyone, rather than using lean base images with optional dependency groups.

Applied to files:

• docs/deployment_guide.md

🪛 Checkov (3.2.334)

docs/openapi.json

[HIGH] 1-2240: Ensure that the global security field has rules defined

(CKV_OPENAPI_4)

---

[HIGH] 1-2240: Ensure that security operations is not empty.

(CKV_OPENAPI_5)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: build-pr
• GitHub Check: e2e_tests

🔇 Additional comments (4)

docs/openapi.json (2)

16-16: OpenAPI info.version bumped to 0.2.0 — aligned with the project version.

Matches src/version.py and the docs. LGTM.

---

2240-2240: Trailing newline/EOF formatting fix acknowledged.

No concerns.

src/version.py (2)

12-12: Single source of truth set to 0.2.0 — good.

This aligns with the declared release version.

---

1-12: No outdated version references found; 0.2.0 is consistently used throughout the repo.

All checks passed—there are no occurrences of “0.1.3,” and every reference to version “0.2.0” appears as expected in docs, tests, source files, and lockfiles. Feel free to resolve this comment.

[coderabbitai]

💡 Verification agent

🧩 Analysis chain

Pin to 0.2.0 is fine; consider linking the badge to “latest” to avoid future drift, and verify the 0.2.0 tag exists.

Keeping the badge image as “latest tag” while the link points to a fixed tag means every release requires touching this line. Linking to “releases/latest” avoids that churn. Also, please ensure the 0.2.0 release/tag is already published before merging.

Apply if you prefer a stable link to the latest release page:

-[![Tag](https://img.shields.io/github/v/tag/lightspeed-core/lightspeed-stack)](https://github.com/lightspeed-core/lightspeed-stack/releases/tag/0.2.0)
+[![Tag](https://img.shields.io/github/v/tag/lightspeed-core/lightspeed-stack)](https://github.com/lightspeed-core/lightspeed-stack/releases/latest)

Run to verify the tag exists:

---

🏁 Script executed:

#!/bin/bash
set -euo pipefail
TAG="0.2.0"
OWNER_REPO="lightspeed-core/lightspeed-stack"
resp=$(curl -sSf "https://api.github.com/repos/${OWNER_REPO}/releases/tags/${TAG}" || true)
if jq -e '.tag_name=="'"${TAG}"'"' >/dev/null <<<"$resp"; then
  echo "OK: release ${TAG} exists: $(jq -r .html_url <<<"$resp")"
else
  echo "ERROR: release ${TAG} not found" >&2
  exit 1
fi

Length of output: 348

---

Release tag “0.2.0” not found – please publish before merging

Our verification against the GitHub Releases API returned a 404 for tag 0.2.0, which means the badge link will be broken until the tag is actually created. Please ensure the 0.2.0 release (and corresponding tag) is published before merging this change.

• Location: README.md, line 9
• Current badge/link:

[![Tag](https://img.shields.io/github/v/tag/lightspeed-core/lightspeed-stack)](https://github.com/lightspeed-core/lightspeed-stack/releases/tag/0.2.0)

Optional: to avoid manual updates on future releases, you can point the link at the “latest” endpoint instead:

-[![Tag](https://img.shields.io/github/v/tag/lightspeed-core/lightspeed-stack)](https://github.com/lightspeed-core/lightspeed-stack/releases/tag/0.2.0)
+[![Tag](https://img.shields.io/github/v/tag/lightspeed-core/lightspeed-stack)](https://github.com/lightspeed-core/lightspeed-stack/releases/latest)

This ensures the badge always links to the newest release, preventing future churn.

🤖 Prompt for AI Agents

In README.md around line 9, the release tag referenced (0.2.0) does not exist so
the badge link will 404; either create and publish a GitHub release that creates
tag v0.2.0 (or 0.2.0 depending on your tag naming) before merging, or update the
badge link to use the releases/latest URL so it always points to the newest
release; ensure the link and badge remain consistent (if you publish 0.2.0, keep
the current link, otherwise change the link target to /releases/latest and keep
the badge URL as-is).