Skip to content

Release 0.17.3#3417

Merged
seratch merged 1 commit into
mainfrom
release/v0.17.3
May 19, 2026
Merged

Release 0.17.3#3417
seratch merged 1 commit into
mainfrom
release/v0.17.3

Conversation

@github-actions
Copy link
Copy Markdown
Contributor

@github-actions github-actions Bot commented May 15, 2026
edited by seratch
Loading

Release PR for 0.17.3.

Release readiness review (v0.17.2 -> TARGET ac5a79f)

This is a release readiness report done by $final-release-review skill.

Diff

v0.17.2...ac5a79f

Release call:

🟢 GREEN LIGHT TO SHIP No confirmed release-blocking regression found; the main runtime risks are covered by focused tests and the version bump is present in the reviewed release-candidate shape.

Scope summary:

  • 175 files changed (+6435/-6400); key areas touched: translated docs, release/CI workflows, memory optional imports, realtime tool-call handling, sandbox mount security, MCP Streamable HTTP defaults, trace redaction, voice streaming, and pyproject.toml version bump to 0.17.3.

Risk assessment (ordered by impact):

  1. MCP Streamable HTTP redirect default changed

    • Risk: 🟡 MODERATE. MCP servers that require HTTP redirects may now fail unless callers provide a custom httpx_client_factory.
    • Evidence: src/agents/mcp/server.py changes default httpx.AsyncClient(follow_redirects=False), and tests/mcp/test_streamable_http_client_factory.py now asserts follow_redirects is False.
    • Files: src/agents/mcp/server.py, tests/mcp/test_streamable_http_client_factory.py
    • Action: Validate at least one known Streamable HTTP MCP deployment that previously redirected; pass criteria is either no required redirect dependency or a documented/custom factory path for redirecting endpoints.

  2. Realtime tool-call dedupe/retry path is substantially refactored

    • Risk: 🟡 MODERATE. Async realtime tool output retries and duplicate call IDs are side-effect-sensitive, so regressions could duplicate tool execution or drop cached outputs.
    • Evidence: src/agents/realtime/session.py adds active/completed call tracking and cached pending tool outputs; new tests cover duplicate IDs, approval races, send-failure retries, and rejection races.
    • Files: src/agents/realtime/session.py, tests/realtime/test_session.py
    • Action: Keep tests/realtime/test_session.py in the release validation set; pass criteria observed locally as part of the focused suite.

  3. Release branch state differs from remote release branch

    • Risk: 🟢 LOW. The local reviewed candidate contains origin/main plus the 0.17.3 bump, while origin/release/v0.17.3 is still behind that local shape.
    • Evidence: local release/v0.17.3 is ahead 10, behind 1; origin/main is f6ba91b12, local target is ac5a79f27, and pyproject.toml at local target is 0.17.3.
    • Files: pyproject.toml, uv.lock
    • Action: Before tagging, confirm the PR merge commit contains both f6ba91b12 runtime changes and pyproject.toml version 0.17.3; pass criteria is git show <merge_sha>:pyproject.toml showing version = "0.17.3".

  4. Trace config redaction narrows exported model settings

    • Risk: 🟢 LOW. This intentionally removes request extras from trace payloads, which may reduce diagnostic detail but lowers credential exposure risk.
    • Evidence: ModelSettings.to_traceable_dict() omits extra_headers, extra_query, extra_body, and extra_args; tests assert those fields do not appear in trace config.
    • Files: src/agents/model_settings.py, src/agents/models/_trace.py, tests/models/test_trace_config.py
    • Action: Ensure release notes mention trace payload sanitization if users rely on provider-specific extras in traces; pass criteria is a short release-note bullet or explicit omission decision.

Notes:

  • Tags and origin/main were freshly fetched. Latest release tag resolved via the skill helper as v0.17.2.
  • Focused verification run: 245 passed in 0.78s after removing local proxy env vars. The first run exposed only a local SOCKS proxy environment issue, not a code failure.
  • Working tree is clean after restoring the uv.lock rewrite caused by local uv resolution.
  • I did not run the full $code-change-verification stack; this review assumes CI covers the full mandatory stack per the skill guidance.

@github-actions github-actions Bot added this to the 0.17.x milestone May 15, 2026
chatgpt-codex-connector[bot]
chatgpt-codex-connector Bot reviewed May 15, 2026
View reviewed changes
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 4418c7b4d5

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

Comment thread uv.lock Outdated
@seratch seratch force-pushed the release/v0.17.3 branch from 4418c7b to ac5a79f Compare May 19, 2026 00:31
@seratch seratch merged commit 17f7cae into main May 19, 2026
9 checks passed
@seratch seratch deleted the release/v0.17.3 branch May 19, 2026 01:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

Assignees

No one assigned

Labels

project

Projects

None yet

Milestone

0.17.x

Development

Successfully merging this pull request may close these issues.

1 participant

@seratch