Skip to content

Describe revoked Ollama API keys accurately#1943

Merged
steipete merged 6 commits into
steipete:mainfrom
joeVenner:fix/ollama-api-retry
Jul 6, 2026
Merged

Describe revoked Ollama API keys accurately#1943
steipete merged 6 commits into
steipete:mainfrom
joeVenner:fix/ollama-api-retry

Conversation

@joeVenner

@joeVenner joeVenner commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

Summary

  • Describe rejected Ollama API keys as invalid or revoked rather than invalid or expired.
  • Document that Ollama keys currently do not expire and can be revoked from key settings.
  • Cover both 401 and 403 through the real API fetch mapping, including the final user-facing error text.

Basis

Ollama's current official authentication documentation states that API keys do not currently expire and can be revoked at any time: https://docs.ollama.com/api/authentication

The production fetcher already maps 401 and 403 to OllamaUsageError.apiUnauthorized; this change corrects that error's public description. The strengthened regression uses injected HTTP transport to exercise the bearer request, 401/403 mapping, and final localized message together without network access or credentials.

Validation

  • swift test --filter OllamaUsageFetcherTests — 18 tests passed
  • swift test --filter OllamaUsageFetcherRetryMappingTests — 7 tests / 8 cases passed
  • make check — passed with 0 format or lint violations
  • make test — all 49 current groups passed
  • Final aggregate autoreview — no accepted/actionable findings
  • Official lifecycle documentation re-verified on 2026-07-06

Live-proof boundary

No external provider or Keychain probe was run: repository policy requires explicit authorization for live provider credentials. The safe evidence is the official lifecycle documentation plus the exact 401/403 runtime mapping under injected transport.

Risk

Very low: one error string, focused tests, docs, and changelog only. Dependencies and credential handling are unchanged.

@joeVenner

Copy link
Copy Markdown
Contributor Author

@clawsweeper re-review

@clawsweeper

clawsweeper Bot commented Jul 6, 2026

Copy link
Copy Markdown

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

@clawsweeper

clawsweeper Bot commented Jul 6, 2026

Copy link
Copy Markdown

Codex review: needs real behavior proof before merge. Reviewed July 6, 2026, 5:27 PM ET / 21:27 UTC.

Summary
This branch changes Ollama unauthorized API-key copy from invalid/expired to invalid/revoked and adds a focused assertion plus docs/changelog text.

Reproducibility: yes. from source inspection: current main exposes OllamaUsageError.apiUnauthorized as Ollama API key is invalid or expired. I did not run live Ollama or Keychain validation because AGENTS.md avoids real account probes unless explicitly requested.

Review metrics: 1 noteworthy metric.

  • PR scope: 4 files changed, +9/-1. The diff is limited to one provider error string plus focused test, docs, and unreleased changelog coverage.

Merge readiness
Overall: 🧂 unranked krab
Proof: 🧂 unranked krab
Patch quality: 🦞 diamond lobster
Result: blocked until real behavior proof from a real setup is added.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Rank-up moves:

  • [P1] Add redacted terminal or app runtime output showing an unauthorized Ollama API-key path displaying Ollama API key is invalid or revoked..
  • Update the PR body after adding proof; a fresh ClawSweeper review should trigger automatically, or a maintainer can comment @clawsweeper re-review.

Proof guidance:

  • [P1] Needs real behavior proof before merge: The PR body shows deterministic test output only; add redacted terminal output, live CLI/app output, logs, or a screenshot/recording showing the revised unauthorized Ollama API-key message, then update the PR body to trigger re-review.

Risk before merge

  • [P1] The remaining merge blocker is proof, not code: the contributor should add redacted terminal output, logs, or an app/runtime screenshot that shows the revised unauthorized Ollama API-key message outside a unit test.

Maintainer options:

  1. Decide the mitigation before merge
    Land the narrow copy/docs/test update after contributor-supplied real behavior proof, while keeping endpoint-validation semantics with Verify Ollama API keys on an authenticated endpoint #1940.
  2. Pause or close
    Do not merge this PR until maintainers decide whether the risk is worth taking.

Next step before merge

  • [P1] No automated repair lane is appropriate because the remaining blocker is contributor-provided real behavior proof, not a code defect ClawSweeper can fix.

Security
Cleared: The diff changes copy, docs, a focused test, and changelog text without altering credential handling, dependencies, scripts, permissions, or network behavior.

Review details

Best possible solution:

Land the narrow copy/docs/test update after contributor-supplied real behavior proof, while keeping endpoint-validation semantics with #1940.

Do we have a high-confidence way to reproduce the issue?

Yes from source inspection: current main exposes OllamaUsageError.apiUnauthorized as Ollama API key is invalid or expired. I did not run live Ollama or Keychain validation because AGENTS.md avoids real account probes unless explicitly requested.

Is this the best way to solve the issue?

Yes for the code path: updating the single public error string with focused test and docs coverage is the narrow maintainable fix. It still needs real behavior proof before merge because the current proof is only a deterministic test run.

AGENTS.md: found and applied where relevant.

Codex review notes: model internal, reasoning high; reviewed against 63c69fdcc47f.

Label changes

Label justifications:

  • P2: This is a bounded Ollama provider error-message accuracy fix with limited blast radius and no data-loss, security, or availability impact.
  • rating: 🧂 unranked krab: Overall readiness is 🧂 unranked krab; proof is 🧂 unranked krab and patch quality is 🦞 diamond lobster.
  • status: 📣 needs proof: The PR needs real behavior proof before ClawSweeper can clear the contributor ask. Needs real behavior proof before merge: The PR body shows deterministic test output only; add redacted terminal output, live CLI/app output, logs, or a screenshot/recording showing the revised unauthorized Ollama API-key message, then update the PR body to trigger re-review.
Evidence reviewed

What I checked:

Likely related people:

  • steipete: GitHub commit metadata maps steipete to the merged commit that added Ollama API-key support and touched the fetcher, CLI, tests, and docs involved here. (role: introduced API-key behavior; confidence: high; commits: 9857e1de0bae; files: Sources/CodexBarCore/Providers/Ollama/OllamaUsageFetcher.swift, Tests/CodexBarTests/OllamaUsageFetcherRetryMappingTests.swift, docs/ollama.md)
  • ratulsarna: Recent history shows ratulsarna added Ollama retry-mapping coverage and was the committer on the original provider support commit. (role: adjacent Ollama auth/test contributor; confidence: medium; commits: 565ddca85a66, 27c1bb95770b; files: Sources/CodexBarCore/Providers/Ollama/OllamaUsageFetcher.swift, Tests/CodexBarTests/OllamaUsageFetcherRetryMappingTests.swift)
  • CryptoSageSnr: GitHub commit metadata maps CryptoSageSnr to the original Ollama provider support commit that created the provider implementation, tests, and docs later extended by API-key mode. (role: original provider introducer; confidence: medium; commits: 27c1bb95770b; files: Sources/CodexBarCore/Providers/Ollama/OllamaUsageFetcher.swift, Tests/CodexBarTests/OllamaUsageFetcherTests.swift, docs/ollama.md)
What the crustacean ranks mean
  • 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
  • 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
  • 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
  • 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
  • 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
  • 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
  • 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works
  • ClawSweeper keeps one durable marker-backed review comment per issue or PR.
  • Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
  • A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
  • PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
  • Maintainers can also comment @clawsweeper review to request a fresh review only.
  • Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
  • Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
  • Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.
Review history (5 earlier review cycles)
  • reviewed 2026-07-06T14:09:46.518Z sha c46ca4a :: needs real behavior proof before merge. :: none
  • reviewed 2026-07-06T17:04:22.582Z sha 109fce5 :: needs real behavior proof before merge. :: none
  • reviewed 2026-07-06T18:41:43.900Z sha 0174dda :: needs real behavior proof before merge. :: none
  • reviewed 2026-07-06T19:25:28.356Z sha 38e8b4f :: needs maintainer review before merge. :: none
  • reviewed 2026-07-06T21:20:43.753Z sha 718c6c3 :: needs maintainer review before merge. :: none

@clawsweeper clawsweeper Bot added rating: 🦪 silver shellfish Thin PR readiness signal; proof, validation, or implementation needs work. status: 📣 needs proof The PR needs real behavior proof before ClawSweeper can clear the contributor ask. P2 Normal priority bug or improvement with limited blast radius. labels Jul 6, 2026
@joeVenner joeVenner force-pushed the fix/ollama-api-retry branch from c46ca4a to 109fce5 Compare July 6, 2026 16:46
@joeVenner joeVenner changed the title Retry transient Ollama API failures Describe revoked Ollama API keys accurately Jul 6, 2026
@joeVenner

Copy link
Copy Markdown
Contributor Author

@clawsweeper re-review

@clawsweeper

clawsweeper Bot commented Jul 6, 2026

Copy link
Copy Markdown

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

@joeVenner

Copy link
Copy Markdown
Contributor Author

@clawsweeper re-review

@clawsweeper clawsweeper Bot added rating: 🧂 unranked krab Not merge-ready due to missing proof or serious correctness/safety concerns. and removed rating: 🦪 silver shellfish Thin PR readiness signal; proof, validation, or implementation needs work. labels Jul 6, 2026
@joeVenner

Copy link
Copy Markdown
Contributor Author

@clawsweeper re-review

1 similar comment
@joeVenner

Copy link
Copy Markdown
Contributor Author

@clawsweeper re-review

@clawsweeper

clawsweeper Bot commented Jul 6, 2026

Copy link
Copy Markdown

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

@joeVenner

Copy link
Copy Markdown
Contributor Author

@clawsweeper re-review

@clawsweeper

clawsweeper Bot commented Jul 6, 2026

Copy link
Copy Markdown

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

@joeVenner

Copy link
Copy Markdown
Contributor Author

@clawsweeper re-review

@joeVenner

Copy link
Copy Markdown
Contributor Author

@clawsweeper ready for maintainer review

@joeVenner

Copy link
Copy Markdown
Contributor Author

@clawsweeper I forgot to add the ready for maintainer review

@joeVenner

Copy link
Copy Markdown
Contributor Author

@clawsweeper address review

@joeVenner

Copy link
Copy Markdown
Contributor Author

@clawsweeper ready for review

@joeVenner

Copy link
Copy Markdown
Contributor Author

@clawsweeper ready

@joeVenner

Copy link
Copy Markdown
Contributor Author

@clawsweeper re-review

@clawsweeper

clawsweeper Bot commented Jul 6, 2026

Copy link
Copy Markdown

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

joeVenner and others added 3 commits July 6, 2026 15:48
The committed proof image was a 1x1 placeholder, not real evidence.
Executable test output in the PR description replaces it.
@steipete steipete force-pushed the fix/ollama-api-retry branch from 718c6c3 to 3af3289 Compare July 6, 2026 22:57
@steipete

steipete commented Jul 6, 2026

Copy link
Copy Markdown
Owner

Maintainer proof for exact head 3af3289ad3e71d4d42f06de2a0c6ef8eeb4b19d4:

  • Official Ollama authentication docs re-verified on 2026-07-06: API keys do not currently expire and can be revoked at any time. The invalid or revoked copy is accurate.
  • Deep review strengthened coverage from a bare enum-string assertion to the actual bearer fetch path: both 401 and 403 map through apiUnauthorized to the final localized message.
  • Public Model Identifier Gate: PASS.
  • Scope: 4 files, +8/-4; changelog credits @joeVenner; dependency manifests/locks unchanged.
  • Focused proof: OllamaUsageFetcherTests 18/18; OllamaUsageFetcherRetryMappingTests 7 tests / 8 cases.
  • Full local proof: make check passed; make test passed all 49 current groups; aggregate autoreview reported no accepted/actionable findings.
  • Live-proof boundary: no external provider or Keychain probe was run because repository policy requires explicit authorization. Safe evidence is the official provider documentation plus injected-transport execution of the production 401/403 mapping.
  • Exact-head CI: change detection, lint, GitGuardian, Linux arm64, and Linux x64 are green. Four hosted macOS shards remain capacity-queued; landing uses the established capacity-only policy backed by the exact-head local 49-group pass above.

Ready to merge this exact SHA.

@steipete steipete merged commit 093ed82 into steipete:main Jul 6, 2026
5 of 9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

P2 Normal priority bug or improvement with limited blast radius. rating: 🧂 unranked krab Not merge-ready due to missing proof or serious correctness/safety concerns. status: 📣 needs proof The PR needs real behavior proof before ClawSweeper can clear the contributor ask.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants