Skip to content

Replace api_key with credentials #799

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 18 commits into
base: main
Choose a base branch
from
Open

Replace api_key with credentials #799

wants to merge 18 commits into from
+563 −246

Conversation

@hadley
Copy link
Member

@hadley hadley commented Oct 21, 2025
edited
Loading

credentials is a zero-arg callback that returns the API key (or list of other headers). It is called dynamically so that secrets are never stored in the provider object and hence can't accidentally be serialised to disk.

Includes fixes for batch_*() to improve provider hashing and provide an escape hatch if I get the hashing wrong.

Fixes #613

To do:

  • Extract out as_credentials(api_key, credentials, function_name)
  • Call credentials once to check that it returns the right type of thing
  • Use ellmer_req_credentials() in all providers and extend it to optionally take just a string too (need to supply header name in argument)
  • Update once Improve provider hashing for batch_chat_*() #802 is merged

hadley added a commit that referenced this pull request Oct 22, 2025
@hadley
Improve provider hashing for batch_chat_*()
437aee2 
Rather than hashing the complete provider object, we should just hash the most critical components. This trades a little safety for convenience; I don't think there are likely to be too many cases where you re-call `batch_chat()` with a subtly different provider object and this makes it more likely that you can retrieve results stored with a different version of ellmer. I've also added an escape hatch so you can use chats saved by ellmer 0.3.0 in ellmer 0.4.0

Extracted out from #799.
@hadley hadley mentioned this pull request Oct 22, 2025
Merged
hadley added a commit that referenced this pull request Oct 23, 2025
@hadley
Improve provider hashing for batch_chat_*() (#802)
517e0f0 
Rather than hashing the complete provider object, we should just hash the most critical components. This trades a little safety for convenience; I don't think there are likely to be too many cases where you re-call `batch_chat()` with a subtly different provider object and this makes it more likely that you can retrieve results stored with a different version of ellmer. I've also added an escape hatch so you can use chats saved by ellmer 0.3.0 in ellmer 0.4.0

Extracted out from #799.
@hadley hadley mentioned this pull request Oct 24, 2025
Closed
@cpsievert cpsievert mentioned this pull request Oct 24, 2025
Open
@hadley hadley requested a review from gadenbuie October 24, 2025 18:32
@hadley
Copy link
Member Author

hadley commented Oct 24, 2025

@gadenbuie this is a massive PR but you don't need to review it in detail. I think what would be most useful is if you looked at the changes to a couple of chat_ functions and read through the new utils-auth.R to see if it makes sense. I'd also appreciate your comments on whether or not I've motivated the change well, i.e. do you understand the benefits of this approach? (I haven't documented it in huge detail mostly because I don't think many users will need this, but it's very useful to have an as escape hatch we can suggest as needed.)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gadenbuie gadenbuie Awaiting requested review from gadenbuie

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Deprecate api_key arguments

1 participant

@hadley