docs: HF token auth + CI egress; release 1.1.0#60
Conversation
Surface the #56/#57/#58 feature set to users and gate the release: - README "Authentication" subsection — env token (HF_TOKEN, then HUGGING_FACE_HUB_TOKEN), huggingface.co-only scope, never logged/telemetered (only the token_present boolean), CI snippet with secrets.HF_TOKEN, and an LFS-CDN egress note. - Telemetry & Privacy: disclose the new cli_error http_status bucket and token_present boolean; reaffirm the token value is never collected. - CHANGELOG: neutral 1.1.0 entry. - Bump version 1.0.7 -> 1.1.0.
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: af3105649a
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| aisbom scan hf://your-org/private-model | ||
| ``` | ||
|
|
||
| The token is sent **only** to `huggingface.co` as a bearer credential on the model-metadata requests; it is dropped on the redirect to the presigned LFS CDN and is never attached to any other host. It is **never written to logs and never included in telemetry** — the only token-related field we emit is a `token_present` boolean (whether *a* token was set), never the value itself. See [Telemetry & Privacy](#telemetry--privacy). |
There was a problem hiding this comment.
This privacy/security wording is too narrow for the behavior in aisbom.remote: after the model tree request, RemoteStream._fetch_size() and RemoteStream.read() also add _auth_headers(self.url) to the huggingface.co/.../resolve/... Range requests before the cross-host CDN redirect strips auth. In environments that review where bearer credentials are sent, documenting only “model-metadata requests” understates the actual same-host file resolve/range requests; please update the docs to mention both metadata and resolve/range requests to huggingface.co.
Useful? React with 👍 / 👎.
1 participant
Documents the HF token auth + status-aware fetch-error feature set (#56/#57/#58) in the public README and bumps to 1.1.0 — the release-gate slice.
Changes
HF_TOKEN→HUGGING_FACE_HUB_TOKENprecedence,huggingface.co-only token scope (dropped on the LFS-CDN redirect), "never logged or in telemetry — only thetoken_presentboolean" line, CI snippet withsecrets.HF_TOKEN, and an egress note (HTTPS tohuggingface.co+ its LFS CDN).cli_errorhttp_statusbucket andtoken_presentboolean; reaffirms the token value is never collected.1.1.0entry.1.0.7 → 1.1.0.Verification
poetry run pytest --cov=aisbom --cov-fail-under=85→ 227 passed, 88.72% (in the slice-59 worktree offorigin/main).The actual
gh release create(PyPI publish +@v1float + changelog regen) is run separately after merge.