Fix Kilo OAuth2 500 errors with retry logic:
- Root cause: Vercel edge node cdg1 returning 500 errors
- Added retry logic with exponential backoff (3 attempts)
- Logs Vercel edge node ID to track which node handles request
- Retries automatically route to different edge nodes
- Delays: 1s, 2s, 4s between retries

Add detailed request/response logging for Kilo OAuth2:
- Log exact request URL, headers, and body
- Log httpx version being used
- Log complete response status, headers, and body
- This will help diagnose the 500 error difference between local and remote

Add explicit headers to Kilo OAuth2 device auth request:
- Added Content-Length: 0 header
- Added User-Agent header
- Attempting to fix 500 error on remote servers

Fix Kilo OAuth2 device auth for remote servers:
- Changed from data={} to explicit content=b'' with Content-Type header
- This ensures proper form-urlencoded POST request format
- Fixes 500 error when calling from remote servers behind nginx

- Added version number to debug startup message
- Fixed Kilo OAuth2 device auth endpoint (form encoding)
- Fixed dashboard save endpoints (rotations/autoselect)
- Fixed analytics page template syntax error
- Fixed Kilo provider model prefetch at startup
- Added favicon to PyPI package

Fixes:
- Kilo OAuth2 device auth endpoint now uses form encoding instead of JSON
- Final fix for Kilo device auth 500 Internal Server Error

Fixes:
- Kilo OAuth2 device auth initiation 500 error (missing empty json payload)
- Kilo provider model prefetch at startup for OAuth2 credentials
- Rotations save endpoint 500 error
- Autoselect save endpoint config shadowing bug
- Analytics page Jinja2 TemplateSyntaxError

Fixes:
- Kilo provider model prefetch at startup for OAuth2 credentials
- Rotations save endpoint 500 error (form parameter mismatch, config shadowing)
- Autoselect save endpoint config shadowing bug
- Analytics page Jinja2 TemplateSyntaxError (missing closing parenthesis)
- FormData JSON serialization in validation error handler

v0.99.7 - Fixed undefined provider_key variable bug in OAuth2 handlers, fixed config shadowing bug in rotations save handler

- Remove automatic model detection during provider save operations
- OAuth2 providers now only show models when 'Get Models from Provider' is clicked
- Users have full control over when models are fetched and saved
- Bump version to 0.99.6

- Fixed malformed url_for() calls with extra quotes in providers.html
- Corrected uploadCodexFile function JavaScript syntax
- Fixed remaining hardcoded OAuth2 URLs
- All JavaScript template syntax errors resolved
- Updated version in setup.py, pyproject.toml, aisbf/__init__.py, and PYPI.md
- Added changelog entry for 0.99.5

- Fixed malformed url_for() calls in uploadCodexFile function (extra quotes)
- Fixed hardcoded /dashboard/claude/auth/complete URL to use url_for()
- All JavaScript syntax errors resolved for proper template rendering

- Fixed OAuth2 authentication endpoints not respecting reverse proxy subpaths
- Updated all OAuth2 JavaScript fetch calls to use url_for() instead of hardcoded /dashboard/ paths
- Fixed Claude, Kilo, Codex, and Qwen OAuth2 authentication flows for reverse proxy deployments
- Fixed file upload endpoints, rate limits data endpoint, user management endpoints, and autoselect save endpoint
- OAuth2 authentication buttons now work correctly behind nginx reverse proxy with /aisbf/ location
- Updated version in setup.py, pyproject.toml, aisbf/__init__.py, and PYPI.md
- Added changelog entry for 0.99.4

- Fixed malformed Jinja2 template syntax in user_providers.html causing download link issues
- Corrected URL generation for authentication file download links
- Fixed extension download link in providers.html template
- All template syntax errors resolved for proper dashboard rendering
- Updated version in setup.py, pyproject.toml, aisbf/__init__.py, and PYPI.md
- Added changelog entry for 0.99.3

- Fixed Jinja2 template syntax errors in dashboard templates
- Updated version in pyproject.toml, setup.py, and aisbf/__init__.py
- Updated PYPI.md and CHANGELOG.md with new version

- Corrected nested template tags in dashboard templates
- All fetch() calls and URL generations now use proper url_for syntax
- Templates should render correctly now

- Fix login redirect after authentication not respecting proxy subpaths
- Modified url_for function to return relative URLs when behind reverse proxy
- Updated login form action and template URLs to use url_for
- Fixed JavaScript fetch calls in providers and rotations templates
- Bumped version to 0.99.1 in all configuration files
- Updated CHANGELOG.md and PYPI.md with new version

- Implemented complete OAuth2 Device Authorization Grant with PKCE (S256)
- Added aisbf/auth/qwen.py for OAuth2 authentication
- Added aisbf/providers/qwen.py for OpenAI-compatible DashScope API
- Cross-process token synchronization with file locking
- Automatic token refresh with 30-second expiry buffer
- Optional API key mode (bypass OAuth2)
- Dashboard integration ready
- Free tier: 1,000 requests/day, 60 requests/minute
- Available models: qwen-plus, qwen-turbo, qwen-max, coder-model
- Updated documentation in AI.PROMPT, README.md, and CHANGELOG.md
- Version bumped to 0.99.0