onkernel · stainless-app · Dec 18, 2025 · Dec 19, 2025 · Dec 20, 2025 · Dec 20, 2025
diff --git a/.release-please-manifest.json b/.release-please-manifest.json
@@ -1,3 +1,3 @@
 {
-  ".": "0.24.0"
+  ".": "0.25.0"
 }
diff --git a/.stats.yml b/.stats.yml
@@ -1,4 +1,4 @@
 configured_endpoints: 89
-openapi_spec_url: https://storage.googleapis.com/stainless-sdk-openapi-specs/kernel%2Fkernel-13214b99e392aab631aa1ca99b6a51a58df81e34156d21b8d639bea779566123.yml
-openapi_spec_hash: a88d175fc3980de3097ac1411d8dcbff
+openapi_spec_url: https://storage.googleapis.com/stainless-sdk-openapi-specs/kernel%2Fkernel-2cf104c4b88159c6a50713b019188f83983748b9cacec598089cf9068dc5b1cd.yml
+openapi_spec_hash: 84ea30ae65ad7ebcc04d2f3907d1e73b
 config_hash: 179f33af31ece83563163d5b3d751d13
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,23 @@
 # Changelog
 
+## 0.25.0 (2025-12-20)
+
+Full Changelog: [v0.24.0...v0.25.0](https://github.com/onkernel/kernel-python-sdk/compare/v0.24.0...v0.25.0)
+
+### Features
+
+* Enhance AuthAgentInvocation with step and last activity tracking ([99b8057](https://github.com/onkernel/kernel-python-sdk/commit/99b80574482322b22a5bd1ce79762471330f4945))
+
+
+### Bug Fixes
+
+* use async_to_httpx_files in patch method ([b103991](https://github.com/onkernel/kernel-python-sdk/commit/b1039911a4b2b47df0087821aae2cb0ddc374de2))
+
+
+### Chores
+
+* **internal:** add `--fix` argument to lint script ([73e0e46](https://github.com/onkernel/kernel-python-sdk/commit/73e0e4621186edb18b05514b14a638d62a0e5d14))
+
 ## 0.24.0 (2025-12-17)
 
 Full Changelog: [v0.23.0...v0.24.0](https://github.com/onkernel/kernel-python-sdk/compare/v0.23.0...v0.24.0)

diff --git a/pyproject.toml b/pyproject.toml
@@ -1,6 +1,6 @@
 [project]
 name = "kernel"
-version = "0.24.0"
+version = "0.25.0"
 description = "The official Python library for the kernel API"
 dynamic = ["readme"]
 license = "Apache-2.0"

diff --git a/scripts/lint b/scripts/lint
@@ -4,8 +4,13 @@ set -e
 
 cd "$(dirname "$0")/.."
 
-echo "==> Running lints"
-rye run lint
+if [ "$1" = "--fix" ]; then
+  echo "==> Running lints with --fix"
+  rye run fix:ruff
+else
+  echo "==> Running lints"
+  rye run lint
+fi
 
 echo "==> Making sure it imports"
 rye run python -c 'import kernel'
diff --git a/src/kernel/_base_client.py b/src/kernel/_base_client.py
@@ -1774,7 +1774,7 @@ async def patch(
         options: RequestOptions = {},
     ) -> ResponseT:
         opts = FinalRequestOptions.construct(
-            method="patch", url=path, json_data=body, files=to_httpx_files(files), **options
+            method="patch", url=path, json_data=body, files=await async_to_httpx_files(files), **options
         )
         return await self.request(cast_to, opts)
 

diff --git a/src/kernel/_version.py b/src/kernel/_version.py
@@ -1,4 +1,4 @@
 # File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
 
 __title__ = "kernel"
-__version__ = "0.24.0"  # x-release-please-version
+__version__ = "0.25.0"  # x-release-please-version
diff --git a/src/kernel/resources/agents/auth/invocations.py b/src/kernel/resources/agents/auth/invocations.py
@@ -116,10 +116,9 @@ def retrieve(
         extra_body: Body | None = None,
         timeout: float | httpx.Timeout | None | NotGiven = not_given,
     ) -> AgentAuthInvocationResponse:
-        """Returns invocation details including app_name and target_domain.
-
-        Uses the JWT
-        returned by the exchange endpoint, or standard API key or JWT authentication.
+        """
+        Returns invocation details including status, app_name, and target_domain.
+        Supports both API key and JWT (from exchange endpoint) authentication.
 
         Args:
           extra_headers: Send extra headers
@@ -155,7 +154,7 @@ def discover(
         """
         Inspects the target site to detect logged-in state or discover required fields.
         Returns 200 with success: true when fields are found, or 4xx/5xx for failures.
-        Requires the JWT returned by the exchange endpoint.
+        Supports both API key and JWT (from exchange endpoint) authentication.
 
         Args:
           login_url: Optional login page URL. If provided, will override the stored login URL for
@@ -233,7 +232,8 @@ def submit(
     ) -> AgentAuthSubmitResponse:
         """
         Submits field values for the discovered login form and may return additional
-        auth fields or success. Requires the JWT returned by the exchange endpoint.
+        auth fields or success. Supports both API key and JWT (from exchange endpoint)
+        authentication.
 
         Args:
           field_values: Values for the discovered login fields
@@ -342,10 +342,9 @@ async def retrieve(
         extra_body: Body | None = None,
         timeout: float | httpx.Timeout | None | NotGiven = not_given,
     ) -> AgentAuthInvocationResponse:
-        """Returns invocation details including app_name and target_domain.
-
-        Uses the JWT
-        returned by the exchange endpoint, or standard API key or JWT authentication.
+        """
+        Returns invocation details including status, app_name, and target_domain.
+        Supports both API key and JWT (from exchange endpoint) authentication.
 
         Args:
           extra_headers: Send extra headers
@@ -381,7 +380,7 @@ async def discover(
         """
         Inspects the target site to detect logged-in state or discover required fields.
         Returns 200 with success: true when fields are found, or 4xx/5xx for failures.
-        Requires the JWT returned by the exchange endpoint.
+        Supports both API key and JWT (from exchange endpoint) authentication.
 
         Args:
           login_url: Optional login page URL. If provided, will override the stored login URL for
@@ -461,7 +460,8 @@ async def submit(
     ) -> AgentAuthSubmitResponse:
         """
         Submits field values for the discovered login form and may return additional
-        auth fields or success. Requires the JWT returned by the exchange endpoint.
+        auth fields or success. Supports both API key and JWT (from exchange endpoint)
+        authentication.
 
         Args:
           field_values: Values for the discovered login fields

diff --git a/src/kernel/types/agents/agent_auth_invocation_response.py b/src/kernel/types/agents/agent_auth_invocation_response.py
@@ -20,5 +20,8 @@ class AgentAuthInvocationResponse(BaseModel):
     status: Literal["IN_PROGRESS", "SUCCESS", "EXPIRED", "CANCELED"]
     """Invocation status"""
 
+    step: Literal["initialized", "discovering", "awaiting_input", "submitting", "completed", "expired"]
+    """Current step in the invocation workflow"""
+
     target_domain: str
     """Target domain for authentication"""
diff --git a/src/kernel/types/agents/auth_agent_invocation_create_response.py b/src/kernel/types/agents/auth_agent_invocation_create_response.py
@@ -13,7 +13,7 @@
 class AuthAgentAlreadyAuthenticated(BaseModel):
     """Response when the agent is already authenticated."""
 
-    status: Literal["already_authenticated"]
+    status: Literal["ALREADY_AUTHENTICATED"]
     """Indicates the agent is already authenticated and no invocation was created."""
 
 
@@ -32,7 +32,7 @@ class AuthAgentInvocationCreated(BaseModel):
     invocation_id: str
     """Unique identifier for the invocation."""
 
-    status: Literal["invocation_created"]
+    status: Literal["INVOCATION_CREATED"]
     """Indicates an invocation was created."""
 
 

diff --git a/src/kernel/types/agents/reauth_response.py b/src/kernel/types/agents/reauth_response.py
@@ -11,7 +11,7 @@
 class ReauthResponse(BaseModel):
     """Response from triggering re-authentication"""
 
-    status: Literal["reauth_started", "already_authenticated", "cannot_reauth"]
+    status: Literal["REAUTH_STARTED", "ALREADY_AUTHENTICATED", "CANNOT_REAUTH"]
     """Result of the re-authentication attempt"""
 
     invocation_id: Optional[str] = None