Release readiness review (v0.17.0 -> TARGET 46b9ad0)

This is a release readiness report done by $final-release-review skill.

Diff

v0.17.0...46b9ad0

Release call:

🟢 GREEN LIGHT TO SHIP No confirmed release-blocking regression, packaging break, data-loss issue, or unversioned breaking API change was found in the v0.17.0...TARGET diff.

Scope summary:

• 148 files changed (+7071/-1727); key areas touched: Chat Completions compatibility/streaming, Realtime session handling, sandbox archive/Git hardening, memory session corruption handling, tracing robustness, usage accounting, examples automation, release/docs translations, and broad regression test coverage.

Risk assessment (ordered by impact):

No material risks identified.

1. Sandbox extraction and GitRepo validation hardening

   • Risk: 🟡 MODERATE. Previously accepted unsafe or ambiguous sandbox archive/Git subpath inputs may now fail earlier, which is appropriate for a patch security hardening but can affect edge-case users.
   • Evidence: SandboxArchiveLimits and archive input/member/extracted-size checks were added; GitRepo.subpath now rejects absolute paths, parent traversal, Windows paths, and whitespace-only paths; tests cover invalid subpaths and archive limit behavior.
   • Files: src/agents/run_config.py, src/agents/sandbox/session/archive_ops.py, src/agents/sandbox/session/archive_extraction.py, src/agents/sandbox/entries/artifacts.py, tests/sandbox/test_extract.py, tests/sandbox/test_entries.py
   • Action: Before tagging, confirm release notes or GitHub release text mention the sandbox hardening behavior; pass criteria is that users have a clear migration note for rejected GitRepo.subpath values and opt-in archive limits.

2. Chat Completions unsupported Responses-feature handling

   • Risk: 🟢 LOW. Chat Completions now warns and ignores unsupported prompt, previous_response_id, conversation_id, custom tool calls, and nonzero/multiple stream choices by default, with strict failure behind an explicit opt-in.
   • Evidence: OpenAIProvider(strict_feature_validation=...) and MultiProvider(openai_strict_feature_validation=...) are keyword-only additions; tests cover default warn-and-ignore behavior and strict-mode UserError paths.
   • Files: src/agents/models/openai_chatcompletions.py, src/agents/models/chatcmpl_stream_handler.py, src/agents/models/openai_provider.py, src/agents/models/multi_provider.py, tests/models/test_openai_chatcompletions.py, tests/models/test_openai_chatcompletions_stream.py
   • Action: Run uv run pytest tests/models/test_openai_chatcompletions.py tests/models/test_openai_chatcompletions_stream.py; pass criteria is all Chat Completions compatibility tests pass.

3. Realtime session lifecycle and validation changes

   • Risk: 🟢 LOW. Realtime event iterators are now explicitly woken on close and RealtimeAgent validates core fields in __post_init__, reducing hangs and surfacing invalid setup earlier.
   • Evidence: Close sentinels and waiter tracking were added in RealtimeSession; RealtimeAgent.__post_init__ validates name, tools, handoffs, and instructions; tests cover close wakeup, unknown tool calls, transcript preservation, and validation.
   • Files: src/agents/realtime/session.py, src/agents/realtime/agent.py, src/agents/realtime/config.py, tests/realtime/test_session.py, tests/realtime/test_agent.py
   • Action: Run uv run pytest tests/realtime; pass criteria is all realtime tests pass without iterator hangs.

4. Memory/session corruption handling and usage accounting fixes

   • Risk: 🟢 LOW. Session backends now skip corrupt newest rows/items during pop_item, and usage aggregation preserves pre-existing request-level token details.
   • Evidence: SQLite, async SQLite, Dapr, MongoDB, Redis, and SQLAlchemy session tests were added or updated for corrupt item skipping; Usage.add now prefers existing request_usage_entries.
   • Files: src/agents/memory/sqlite_session.py, src/agents/extensions/memory/*.py, src/agents/usage.py, tests/memory/test_session.py, tests/extensions/memory/*.py, tests/test_usage.py
   • Action: Run uv run pytest tests/memory tests/extensions/memory tests/test_usage.py; pass criteria is all session and usage tests pass.

5. Tracing exporter resilience

   • Risk: 🟢 LOW. Batch trace export now drops a failed batch and keeps the worker alive, which changes failure handling from worker death to logged non-fatal loss of that batch.
   • Evidence: _export_batches catches exporter exceptions and logs a non-fatal error; tests assert the worker survives and later batches export.
   • Files: src/agents/tracing/processors.py, tests/test_trace_processor.py
   • Action: Run uv run pytest tests/test_trace_processor.py; pass criteria is the exporter-exception regression test passes.

Notes:

• Latest local release tag used: v0.17.0.
• TARGET used: 46b9ad0423e7d3ba3eb1aa6d081cb71a8138ef4b.
• Working tree status was clean.
• Local verification was not run as part of this release review; this report assumes CI has or will run the repository’s required make format, make lint, make typecheck, and make tests stack.