Release 0.17.1

[github-actions]

Release readiness review (v0.17.0 -> TARGET 01c8cdf)

This is a release readiness report done by $final-release-review skill.

Diff

v0.17.0...01c8cdf

Release call:

🟢 GREEN LIGHT TO SHIP Patch release scope is dominated by targeted bug fixes with matching tests; no confirmed release-blocking regression, packaging break, data-loss issue, or unversioned breaking change was found.

Scope summary:

• 112 files changed (+4698/-1554); 6 added, 106 modified; key areas touched: src/agents/ runtime/model/realtime/sandbox/session/tracing fixes, tests/ coverage for the changed behavior, examples/ runner and sandbox/MCP examples, and docs/translations.
• Version bump is 0.17.0 -> 0.17.1 in pyproject.toml; dependencies only changed through lock metadata and no Python version or public dependency boundary changed.
• Commit range contains targeted fixes from e3746c52 through 01c8cdf7, ending with Bump version to 0.17.1.

Risk assessment (ordered by impact):

1. Sandbox GitRepo subpath validation now rejects unsafe subpaths

   • Risk: 🟡 MODERATE. Users relying on absolute, parent-traversing, Windows-style, or whitespace-only GitRepo.subpath values will now receive a structured GitSubpathError instead of proceeding to clone/copy.
   • Evidence: src/agents/sandbox/entries/artifacts.py adds _validate_subpath() before materialization and src/agents/sandbox/errors.py adds GIT_SUBPATH_ERROR; tests cover invalid subpaths and root aliases in tests/sandbox/test_entries.py.
   • Files: src/agents/sandbox/entries/artifacts.py, src/agents/sandbox/errors.py, tests/sandbox/test_entries.py
   • Action: Run uv run pytest tests/sandbox/test_entries.py -k git_repo; pass criteria: all GitRepo subpath/materialization tests pass.

2. Chat Completions feature validation behavior has new warning/error paths

   • Risk: 🟢 LOW. Default behavior remains ignore-and-warn for Responses-only features, while callers who opt into strict validation will now get UserError.
   • Evidence: OpenAIChatCompletionsModel adds strict_feature_validation=False, warns and drops prompt, previous_response_id, and conversation_id by default, and strict-mode tests cover both prompt and server-managed conversation state.
   • Files: src/agents/models/openai_chatcompletions.py, src/agents/models/openai_provider.py, src/agents/models/multi_provider.py, tests/models/test_openai_chatcompletions.py
   • Action: Run uv run pytest tests/models/test_openai_chatcompletions.py -k "prompt or server_managed_conversation_state"; pass criteria: warning/default and strict-mode tests pass.

3. Realtime constructor validation and lifecycle cleanup changed

   • Risk: 🟢 LOW. Invalid RealtimeAgent field types fail earlier, and closed sessions now wake waiting async iterators; valid existing usage should be unaffected.
   • Evidence: RealtimeAgent.__post_init__ now validates name, tools, handoffs, and instructions; RealtimeSession adds a close sentinel for waiting iterators; tests cover invalid field rejection and iterator shutdown.
   • Files: src/agents/realtime/agent.py, src/agents/realtime/session.py, tests/realtime/test_agent.py, tests/realtime/test_session.py
   • Action: Run uv run pytest tests/realtime/test_agent.py tests/realtime/test_session.py; pass criteria: all realtime agent/session tests pass.

4. Diff whitespace check reports one translated-doc trailing space

   • Risk: 🟢 LOW. This is release polish only unless CI enforces git diff --check; it has no runtime or packaging impact.
   • Evidence: git diff --check v0.17.0...01c8cdf79ca53cb77b8bd34394b7e995a77759b8 reports trailing whitespace in docs/ko/running_agents.md:518.
   • Files: docs/ko/running_agents.md
   • Action: Remove the trailing space and rerun git diff --check v0.17.0...01c8cdf79ca53cb77b8bd34394b7e995a77759b8; pass criteria: command exits 0 with no output.

Notes:

• Latest release tag was determined from local tags only with git tag -l 'v*' --sort=-v:refname | head -n1: v0.17.0.
• Target was current HEAD: 01c8cdf79ca53cb77b8bd34394b7e995a77759b8.
• Working tree was clean at review time.
• Local full verification (make format, make lint, make typecheck, make tests) was not run as part of this release review; recommendations above are targeted validation commands for the risk areas.