fix: preserve Hugging Face token in session to avoid repeated prompt (#142)#366
fix: preserve Hugging Face token in session to avoid repeated prompt (#142)#366umran666 wants to merge 4 commits into
Conversation
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces caching for the Hugging Face access token in src/heretic/main.py to avoid prompting the user repeatedly during a session. Feedback suggests that if an upload fails after token validation, the cached token will persist, preventing the user from correcting or switching the token without restarting the CLI. It is recommended to clear the cached token or only cache it upon a successful upload.
Important
The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.
| continue | ||
|
|
||
| user = huggingface_hub.whoami(token) | ||
| huggingface_token = token |
There was a problem hiding this comment.
If an upload attempt fails after the token is validated (for example, if push_to_hub fails due to write permission issues, a rate limit, or a network glitch), huggingface_token remains cached. On subsequent upload attempts, the CLI will reuse this cached token without prompting the user, making it impossible to switch to a different token or retry with a corrected one without restarting the entire CLI session (which would discard all completed optimization trials).
To prevent this, consider wrapping the upload process in a try...except block to clear the cached token if any error occurs, or only caching the token once the entire upload process has completed successfully.
Example structure:
try:
# ... upload logic ...
print(f"Model uploaded to [bold]{repo_id}[/].")
huggingface_token = token
except Exception as error:
huggingface_token = None
raise error
|
See #148 for comparison, and the multiple caveats I raised in that PR. |
|
Thanks for the pointer! I've refactored the PR to match the behavior you sketched out in #148. The token validation is now wrapped in a loop that checks the cached/system token first, displays the account, and asks whether to proceed or switch. If anything fails or the user decides to switch, it prompts for a new token and re-validates. |
|
Thanks, I'm going to prepare the 1.4 release over the next few days and then review this PR in detail afterwards. |
2 participants
Currently, when using the interactive menu to save/upload model trials, users are prompted to enter their Hugging Face access token for every single upload attempt. This becomes repetitive if uploading multiple trials, pushing both the adapter and merged model, or retrying after a failed upload.
This PR introduces a session-level token cache that persists the credentials only for the duration of the CLI session. To keep it secure and avoid saving bad inputs, the token is cached only after it is successfully validated byhuggingface_hub.whoami(). Subsequent uploads in the same run reuse the cached token without persisting it to disk.