Increase Mistral cooldown, make retry handling configurable, and add cooldown probe scripts#68
Conversation
There was a problem hiding this comment.
Review Summary
This PR increases the Mistral API cooldown interval and makes retry handling configurable, which are positive improvements to API reliability. However, there is a critical security issue that must be resolved before merge.
Critical Issue (Blocks Merge)
- Security: Hardcoded API key in
mistral_cooldown_probe.pymust be removed and replaced with environment variable
Changes Reviewed
- ✅ Increased Mistral cooldown from 1.1s to 1.5s - appropriate adjustment based on observed behavior
- ✅ Fixed hardcoded retry limits to use configured
maxAttempts- improves consistency - ✅ Reset
stopExecutionFlagat start ofreason()- correctly enables clean restarts ⚠️ New probe scripts added - useful for diagnostics but contain security vulnerability
Please address the security issue before merging.
You can now have the agent implement changes and create commits directly on your pull request's source branch. Simply comment with /q followed by your request in natural language to ask the agent to make changes.
| import time | ||
| from typing import Tuple, List | ||
|
|
||
| MISTRAL_API_KEY = "zsEegAJFadHH4uooe2lW0HVNmy1rpqGT" |
There was a problem hiding this comment.
🛑 Security Vulnerability: Remove hardcoded API key before merge. Hardcoded credentials in source code create security risks and can lead to unauthorized access if the repository is compromised1.
Replace with environment variable or configuration file that's excluded from version control.
MISTRAL_API_KEY = os.getenv("MISTRAL_API_KEY", "")Footnotes
-
CWE-798: Use of Hard-coded Credentials - https://cwe.mitre.org/data/definitions/798.html ↩
606b1e2
into
codex/analyze-technical-debt-and-complexity-o6bm9p
Motivation
maxAttemptsto avoid inconsistent retry behavior.reason().Description
1100Lto1500L(MISTRAL_MIN_INTERVAL_MS).maxAttemptsand updated the relatedIOExceptionand user-facing retry messages to reference the actualmaxAttemptsvalue.stopExecutionFlagat the start ofreason()viastopExecutionFlag.set(false)to allow fresh runs after prior aborts.Log.wwhenselectedKeyForResponseis null during streaming callbacks.scripts/mistral_cooldown_probe.pyand a wrapperscripts/mistral_cooldown_probe.shto probe Mistral cooldown behavior usingcurlin both streaming and non-streaming modes.Testing
./gradlew assembleDebugand the unit tests with./gradlew test, both of which completed successfully.scripts/mistral_cooldown_probe.sh), and it produced delay measurements (script run is included as an auxiliary diagnostic tool).Codex Task