chore(main): release 0.2.0#326
Conversation
63c1abc to
34c3cdd
Compare
| [project] | ||
| name = "agentex" | ||
| version = "0.1.0" | ||
| version = "0.1.1" |
There was a problem hiding this comment.
The package versions were bumped here and in agentex/pyproject.toml, but uv.lock still records both workspace packages as 0.1.0 (agentex and agentex-backend). The Docker build copies that lockfile and runs uv sync --frozen --no-dev --package agentex-backend and uv export --frozen, so the release image path can fail the frozen-lock freshness check or install/export package metadata from the previous version. Regenerate and commit uv.lock with the 0.1.1 package versions.
Artifacts
Repro: lock metadata check script
- Contains supporting evidence from the run (text/x-python; charset=utf-8).
Repro: lock metadata check output showing stale package versions
- Keeps the command output available without making the summary code-heavy.
Repro: attempted frozen uv sync command output
- Keeps the command output available without making the summary code-heavy.
Repro: attempted frozen uv export command output
- Keeps the command output available without making the summary code-heavy.
Ran code and verified through T-Rex
Prompt To Fix With AI
This is a comment left during a code review.
Path: pyproject.toml
Line: 3
Comment:
**Regenerate the lockfile**
The package versions were bumped here and in `agentex/pyproject.toml`, but `uv.lock` still records both workspace packages as `0.1.0` (`agentex` and `agentex-backend`). The Docker build copies that lockfile and runs `uv sync --frozen --no-dev --package agentex-backend` and `uv export --frozen`, so the release image path can fail the frozen-lock freshness check or install/export package metadata from the previous version. Regenerate and commit `uv.lock` with the `0.1.1` package versions.
How can I resolve this? If you propose a fix, please make it concise.e158b69 to
d1cae87
Compare
✱ Stainless preview buildsThis PR will update the openapi python typescript Edit this comment to update them. They will appear in their respective SDK's changelogs. ✅ agentex-sdk-openapi studio · code · diff
✅ agentex-sdk-typescript studio · code · diff
⚡ agentex-sdk-python studio · conflict
This comment is auto-generated by GitHub Actions and is automatically kept up to date as you push. |
d1cae87 to
8a96c9c
Compare
c652fd6 to
056936e
Compare
| [project] | ||
| name = "agentex" | ||
| version = "0.1.0" | ||
| version = "0.2.0" |
There was a problem hiding this comment.
This release bumps the workspace package to 0.2.0, but uv.lock still records both agentex and agentex-backend as 0.1.0. The Docker image copies that lockfile and runs frozen uv export / uv sync for agentex-backend, so the release build can fail the frozen-lock check or install/export package metadata for the previous version instead of this release.
Artifacts
Repro: generated frozen uv check script
- Contains supporting evidence from the run (text/x-shellscript; charset=utf-8).
Repro: frozen uv command output showing stale lockfile validation failure
- Keeps the command output available without making the summary code-heavy.
Repro: uv 0.7.3 installation output used to run the frozen checks
- Keeps the command output available without making the summary code-heavy.
Ran code and verified through T-Rex
Prompt To Fix With AI
This is a comment left during a code review.
Path: pyproject.toml
Line: 3
Comment:
**Regenerate frozen lockfile**
This release bumps the workspace package to `0.2.0`, but `uv.lock` still records both `agentex` and `agentex-backend` as `0.1.0`. The Docker image copies that lockfile and runs frozen `uv export` / `uv sync` for `agentex-backend`, so the release build can fail the frozen-lock check or install/export package metadata for the previous version instead of this release.
How can I resolve this? If you propose a fix, please make it concise.| """Single source of the agentex contract version (bumped by release-please).""" | ||
|
|
||
| __version__ = "0.1.0" # x-release-please-version | ||
| __version__ = "0.2.0" # x-release-please-version |
There was a problem hiding this comment.
Update telemetry version defaults
The API version now comes from __version__ and is 0.2.0, but src/utils/otel_metrics.py still falls back to SERVICE_VERSION 0.1.0 and get_meter(..., version="0.1.0"). Internal callers use get_meter without passing a version, so deployments that do not set SERVICE_VERSION emit 0.2.0 service metrics under the old 0.1.0 version, which can make rollout dashboards and version comparisons incorrect.
Artifacts
Repro: Python harness that exercises telemetry version defaults with SERVICE_VERSION unset
- Contains supporting evidence from the run (text/x-python; charset=utf-8).
Repro: harness output showing package version 0.2.0 but telemetry resource and meter version 0.1.0
- Keeps the command output available without making the summary code-heavy.
Ran code and verified through T-Rex
Prompt To Fix With AI
This is a comment left during a code review.
Path: agentex/src/_version.py
Line: 3
Comment:
**Update telemetry version defaults**
The API version now comes from `__version__` and is `0.2.0`, but `src/utils/otel_metrics.py` still falls back to `SERVICE_VERSION` `0.1.0` and `get_meter(..., version="0.1.0")`. Internal callers use `get_meter` without passing a version, so deployments that do not set `SERVICE_VERSION` emit 0.2.0 service metrics under the old 0.1.0 version, which can make rollout dashboards and version comparisons incorrect.
How can I resolve this? If you propose a fix, please make it concise.34b20d7 to
c033407
Compare
991a96a to
851a14d
Compare
851a14d to
7ab092d
Compare
🤖 I have created a release beep boop
0.2.0 (2026-07-13)
Features
Bug Fixes
Documentation
This PR was generated with Release Please. See documentation.
Greptile Summary
This is a release-please-generated PR that cuts the
0.2.0release, bundling ~20 merged features and fixes (schedules, OIDC login, account picker, SSE improvements, aiohttp CVE patch, and more) into version and changelog artifacts.0.2.0in_version.py, bothpyproject.tomlfiles,openapi.yaml, and.release-please-manifest.json.pyproject.tomlraises theaiohttpoverride floor to>=3.14.1to clear 11 CVEs, butagentex/pyproject.toml's direct constraint remains>=3.10.9,<4, leaving standalone installs ofagentex-backendexposed to those same CVEs.uv.lockstill records both workspace packages as0.1.0and would need regeneration for a fully consistent release artifact.Confidence Score: 4/5
Safe to merge for workspace/Docker deployments; one incomplete security fix in the member package direct dependency is worth addressing before wider distribution.
The aiohttp CVE fix is only enforced through the workspace override in the root pyproject.toml. The agentex/pyproject.toml direct constraint still allows versions back to 3.10.9, so any out-of-workspace install of agentex-backend can resolve a vulnerable version. All other changes are clean version bumps and generated artifacts.
agentex/pyproject.toml — the aiohttp floor needs to be raised from >=3.10.9 to >=3.14.1 to match the workspace override and keep the CVE fix effective for all install paths.
Important Files Changed
Reviews (25): Last reviewed commit: "chore(main): release 0.2.0" | Re-trigger Greptile