Conversation
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.
| opts = append([]option.RequestOption{option.WithHeader("Accept", "text/event-stream")}, opts...) | ||
| if id == "" { | ||
| err = errors.New("missing required id parameter") | ||
| return |
There was a problem hiding this comment.
FollowStreaming returns nil stream on empty id
Medium Severity
When id is empty, FollowStreaming sets err but then does a bare return, yielding a nil *ssestream.Stream. Any caller that uses the returned stream (e.g., calling Next(), Err(), or Close()) will hit a nil pointer dereference and panic. The normal error path correctly passes errors through ssestream.NewStream, which stores the error and makes Next() return false safely — but the empty-id early return bypasses NewStream entirely.
|
🤖 Release is at https://github.com/kernel/kernel-go-sdk/releases/tag/v0.31.1 🌻 |
1 participant
Automated Release PR
0.31.1 (2026-02-06)
Full Changelog: v0.31.0...v0.31.1
Chores
This pull request is managed by Stainless's GitHub App.
The semver version number is based on included commit messages. Alternatively, you can manually set the version number in the title of this pull request.
For a better experience, it is recommended to use either rebase-merge or squash-merge when merging this pull request.
🔗 Stainless website
📚 Read the docs
🙋 Reach out for help or questions
Note
Medium Risk
Adds a sizable new API surface (managed auth flows + SSE streaming) and changes public models/enums and endpoint paths, which may impact consumers upgrading or relying on previous values/URLs, though the legacy auth APIs remain available as deprecated wrappers.
Overview
Introduces a new Managed Auth Connections surface (
client.Auth.Connections) for creating, querying, listing, deleting, and driving login flows (Login,Submit) plus SSE streaming updates viaFollowStreaming, with new request/response models and flow-state unions.Marks the legacy
AgentAuth/AgentAuthInvocationendpoints as deprecated in favor of/auth/connections, updates auth models (credential reference object, removesauto_logintype, adds password as an MFA option, and addslinked_mfa_typeon discovered fields), and documents default allowed SSO/OAuth domains.Updates Credential Providers to use
org/credential_providerspaths, makesnamerequired on create and present on models, and addsListItemsplus item/list response types; updates docs/tests accordingly. Also bumps release metadata/versioning to0.31.1and regeneratesapi.md.Written by Cursor Bugbot for commit 5eb46b9. This will update automatically on new commits. Configure here.