- Added screenshot.png reference at top of README
- Added Web Dashboard section describing features
- Includes dashboard access information and default credentials

- Added description, context_length, architecture, pricing, top_provider, supported_parameters, and default_parameters fields
- Fixes crash when returning model data through API with OpenRouter metadata
- Aligns Model class with ProviderModelConfig, RotationConfig, and AutoselectConfig

- Add aisbf/kiro_parsers.py: AWS Event Stream parser for Kiro API responses
- Update kiro_converters_openai.py: Add build_kiro_payload_from_dict function
- Update kiro_converters.py: Minor fixes
- Update kiro_auth.py: Add AWS SSO OIDC authentication support
- Update handlers.py: Enhance streaming and error handling
- Update main.py: Add proxy headers middleware and configuration
- Update setup.py: Add version bump
- Add TODO.md: Comprehensive roadmap for caching and performance improvements

Features:
- Kiro AWS Event Stream parsing for non-streaming responses
- OpenAI-to-Kiro payload conversion
- AWS SSO OIDC authentication for Kiro
- Proxy headers middleware for reverse proxy support
- TODO roadmap with prioritized items for future development

- Avoid calling parser.get_tool_calls() during streaming loop
- Only call get_tool_calls() after all chunks are processed
- Send tool calls in separate chunk after content streaming completes
- Prevents empty arguments issue caused by premature finalization

- Updated validate_kiro_credentials() to handle both dict and object config access
- Added get_config_value() helper function for flexible config access
- Now correctly detects kiro-cli credentials from SQLite database
- Validation now works out of the box when kiro-cli is installed

- Added validate_kiro_credentials() function to check credential availability
- Validates kiro IDE credentials from ~/.config/Code/User/globalStorage/amazon.q/credentials.json
- Validates kiro-cli credentials from ~/.local/share/kiro-cli/data.sqlite3
- Integrated validation into get_provider_models() to exclude providers without credentials
- Added validation checks to all request endpoints (chat, audio, images, embeddings)
- Providers only appear in model listings and accept requests when credentials are valid
- Returns HTTP 403 when credentials are missing or invalid

- Updated base.html to use request.session instead of session
- Resolves jinja2.exceptions.UndefinedError: 'session' is undefined
- Completes Python 3.13 compatibility fix

- Create venv with --system-site-packages flag to access system aisbf
- Remove redundant aisbf package installation in venv
- Venv now only contains requirements.txt dependencies
- On upgrade detection, only update requirements.txt dependencies
- System-installed aisbf package is automatically accessible in venv

- Removed redundant 'session' parameter from all template responses
- request.session is already accessible in templates via request object
- Fixes TypeError: unhashable type: 'dict' in Jinja2 cache with Python 3.13

- Added check_package_upgrade() function to detect when aisbf package is upgraded
- Modified ensure_venv() to automatically update venv when package upgrade is detected
- Version tracking using .aisbf_version file in venv directory
- Ensures venv stays in sync with pip-installed package version

- Add button to easily create persistent hidden service directory
- Automatically fills in default path (~/.aisbf/tor_hidden_service)
- Includes confirmation dialog if path already exists
- Visual feedback on button click

- Add full TOR hidden service support for exposing AISBF over TOR network
- Create aisbf/tor.py module with TorHiddenService class
- Add TorConfig model to config.py for TOR configuration
- Update config/aisbf.json with TOR settings
- Integrate TOR service into main.py with startup/shutdown handlers
- Add TOR configuration UI to dashboard settings with real-time status
- Add get_tor_status MCP tool for monitoring TOR service
- Update README.md and DOCUMENTATION.md with TOR guides
- Add stem library dependency to requirements.txt
- Bump version to 0.5.0 in pyproject.toml
- Support both ephemeral and persistent hidden services
- All AISBF endpoints accessible over TOR network

- Add MCP features to README.md key features
- Add MCP configuration section to dashboard settings page
- Add MCP form handling in main.py dashboard_settings_save
- Add comprehensive MCP documentation to API_EXAMPLES.md

- Implement MCP server module (aisbf/mcp.py) with SSE and HTTP stream support
- Add two authentication levels: autoselect-only and fullconfig
- Add MCP configuration to config/aisbf.json (disabled by default)
- Add MCP endpoints to main.py: GET/POST /mcp, GET /mcp/tools, POST /mcp/tools/call
- Both token types give access to standard APIs (list_models, chat_completion)
- autoselect_tokens: access to autoselection/autorotation settings
- fullconfig_tokens: access to full system configuration including providers

This allows remote agents to configure the system and/or just the
autoselections/rotations, as well as make requests for models.

Proxy-Awareness:
- Added ProxyHeadersMiddleware to detect and handle reverse proxy headers
- Implemented get_base_url() and url_for() helper functions for proxy-aware URL generation
- Updated all RedirectResponse calls to use url_for()
- Updated templates/base.html to use url_for() for all links and fetch calls
- Added comprehensive nginx proxy configuration examples to DOCUMENTATION.md
- Supports X-Forwarded-Proto, X-Forwarded-Host, X-Forwarded-Port, X-Forwarded-Prefix, X-Forwarded-For headers
- Application now fully supports deployment behind reverse proxies with subpaths

Configurable Error Cooldown:
- Added error_cooldown field to Model class in aisbf/models.py
- Added error_cooldown to ProviderModelConfig in aisbf/config.py
- Added default_error_cooldown to ProviderConfig in aisbf/config.py
- Added default_error_cooldown to RotationConfig in aisbf/config.py
- Updated BaseProviderHandler.record_failure() in aisbf/providers.py to use cascading cooldown configuration
- Cooldown configuration follows cascading pattern: model-specific > provider default > system default (300 seconds)
- Updated DOCUMENTATION.md with error_cooldown configuration examples
- Updated AI.PROMPT with error_cooldown documentation

Both features are fully documented and ready for production use.

- Updated Key Features section to mention Kiro (Amazon Q Developer) alongside other providers
- Ensures Kiro is prominently featured in the project overview

- Updated README.md to list Kiro (Amazon Q Developer / AWS CodeWhisperer) as a supported provider
- Updated DOCUMENTATION.md Provider Support section with Kiro details
- Kiro provider uses native authentication (IDE credentials or CLI)
- Supports Claude models through Kiro with streaming, tool calling, and extended thinking

- Deleted KIRO_GATEWAY.md and KIRO_INTEGRATION.md
- AISBF has native Kiro support built-in via KiroProviderHandler
- No need for external kiro-gateway integration documentation

- Removed vendor/kiro-gateway submodule/directory as Kiro support is fully integrated into AISBF
- Updated KIRO_GATEWAY.md to reference external GitHub repository (https://github.com/jwadow/kiro-gateway)
- Updated AI.PROMPT to remove vendor directory reference
- Kiro integration remains fully functional through KiroProviderHandler

- Add bs4 to requirements.txt (required by debgpt)
- Pin protobuf to >=3.20,<4 to fix compatibility with electrum
- Resolves dependency conflicts

- Add pip_install() function that detects externally-managed-environment errors
- Automatically retry with --break-system-packages flag when needed
- Improves compatibility with modern Linux distributions that use PEP 668

- Implement intelligent 429 rate limit parsing in providers
  - Parse Retry-After and X-RateLimit-Reset headers
  - Extract wait time from response body fields
  - Parse error messages for time patterns
  - Automatically disable providers for exact duration specified

- Update aisbf.sh to read port from config file dynamically
  - Add get_port() function to parse aisbf.json
  - Remove hardcoded port 17765
  - Show port number when starting server

- Implement SHA256 password hashing for dashboard
  - Store password as hash in aisbf.json
  - Hash passwords during login validation
  - Hash passwords when updating settings

- Add templates to package distribution
  - Update setup.py to include dashboard templates
  - Update MANIFEST.in (already included templates)
  - Add aisbf.json to package

- Update documentation
  - Add OpenAI-compatible v1 endpoints to README
  - Add dashboard endpoints documentation
  - Create comprehensive API_EXAMPLES.md with examples in cURL, Python, and JavaScript

- Add GPL license headers to all template files
  - HTML templates in templates/ directory
  - JavaScript code in templates/base.html

All changes maintain backward compatibility while adding new features.

- Added jinja2 and itsdangerous dependencies to requirements.txt
- Created templates directory with base layout and dashboard pages
- Implemented login/logout with session-based authentication
- Added dashboard overview page showing server stats
- Added configuration editors for:
  - Providers (providers.json)
  - Rotations (rotations.json)
  - Autoselect (autoselect.json)
  - Condensation prompts (markdown files)
  - Server settings (aisbf.json)
- Dashboard accessible at /dashboard with configurable username/password
- Session middleware with secure random secret key
- Authentication middleware skips dashboard routes
- All config changes saved to ~/.aisbf/ directory
- Dashboard config loaded from aisbf.json (username, password)
- Default credentials: admin/admin

- Changed default port from 8000 to 17765 in config and code
- Added command-line argument parsing with argparse
- Added --config flag to specify custom config directory
- Added --host, --port flags to override config file settings
- Added --https, --ssl-cert, --ssl-key flags for HTTPS configuration
- Added --no-auth flag to disable authentication
- CLI arguments take precedence over config file
- Updated config.py to support custom config directories via AISBF_CONFIG_DIR env var
- Config and handlers are now initialized after CLI parsing to support --config flag

- Added example tokens array to demonstrate client authentication
- When auth.enabled is true, clients must use Bearer token in Authorization header
- Tokens are validated against the tokens array in aisbf.json

- Add HTTPS support with auto-generated self-signed certificates
- Add API token authentication middleware
- Update aisbf.json with protocol, SSL, and auth configuration
- Add system prompt loading method to ContextManager
- Update main() to support SSL certificates
- Add authentication check middleware for API endpoints

- Add max_context field to CondensationConfig
- Support 'internal' keyword for local HuggingFace model in condensation
- Add internal model initialization with temperature=0.3, top_p=0.8, repeat_penalty=1.1
- Create condensation system prompts (conversational, semantic)
- Add aisbf.json for server configuration (host, port, dashboard auth)
- Update main.py to read server config from aisbf.json
- Update providers.json with max_context example for condensation

- Changed autoselect prompt from single user message to system+user split
- System message contains the skill instructions
- User message contains the prompt and model list
- Set temperature to 0 for deterministic selection
- Added stop parameter: </aisbf_model_autoselection>
- Updated internal model handling to combine messages

- Centralized API key storage in providers.json only
- Added support for provider-only rotation entries (auto-selects random model)
- Added default settings hierarchy at provider and rotation levels
- Limited autoselect selection context to 10 messages or 8000 tokens
- Added support for direct provider models in autoselect (rotation/provider/model)
- Added 'internal' keyword for local HuggingFace model selection
- Updated requirements.txt with torch and transformers

- Integrated complete kiro-gateway conversion pipeline (1,522 lines)
- Added multi-source authentication (Kiro IDE, kiro-cli, env vars)
- Implemented full OpenAI <-> Kiro format conversion
- Added support for tools/function calling
- Added support for images/multimodal content
- Implemented message merging, validation, and role normalization
- Added KiroAuthManager for automatic token refresh
- Created comprehensive conversion modules:
  - aisbf/kiro_converters.py (core conversion logic)
  - aisbf/kiro_converters_openai.py (OpenAI adapter)
  - aisbf/kiro_models.py (data models)
  - aisbf/kiro_auth.py (authentication)
  - aisbf/kiro_utils.py (utilities)
- Updated KiroProviderHandler with full conversion pipeline
- Added kiro_config support to ProviderConfig
- Updated providers.json with clean Kiro examples
- Added comprehensive documentation (KIRO_INTEGRATION.md)
- Implemented model name prefixing across all providers (provider_id/model)

No external kiro-gateway server needed - all functionality built-in.

Fix Google provider tool formatting - pass function declarations directly instead of wrapping in dict

Changed line 511 to check list length instead of boolean evaluation.
This fixes the bug where tool calls extracted from Google chunks were not being
sent to clients because empty lists were being treated as falsy.

Before: 'tool_calls': delta_tool_calls if delta_tool_calls else None
After:  'tool_calls': delta_tool_calls if len(delta_tool_calls) > 0 else None