v0.49.2 — OAuth provider support in onboarding
Fixes the first-run onboarding wizard blocking users with OAuth-authenticated providers.
What was broken
Users with GitHub Copilot (copilot) or OpenAI Codex (openai-codex) configured as their provider couldn't get past the first-run wizard. The onboarding showed a misleading "no API key found" error — because these providers use OAuth tokens, not API keys. The underlying _status_from_runtime() function only knew about plain API-key providers and always returned provider_ready=False for anything else.
What changed
- New
_provider_oauth_authenticated()function inapi/onboarding.pycheckshermes_cli.auth.get_auth_status()first (authoritative, handles credential pools and token refresh), then falls back to reading~/.hermes/auth.jsondirectly for the known OAuth provider IDs (openai-codex,copilot,copilot-acp,qwen-oauth,nous). _status_from_runtime()now has anelsebranch for OAuth/unknown providers that calls the new function — soprovider_ready=Truewhen credentials exist.- The "provider incomplete" status note no longer tells OAuth users to supply an "API key". It now says: "Run 'hermes auth' or 'hermes model' in a terminal to complete setup, then reload the Web UI."
- 19 new tests in
tests/test_sprint34.py.
Closes #303 (openai-codex OAuth bypass), closes #304 (GitHub Copilot first-run page).
Full changelog: CHANGELOG.md