TokenPak

Release

TokenPak v1.5.1 — TIP Spend Guard OSS

v1.5.1 · May 8, 2026

Headline: Proxy-side pre-send circuit breaker that blocks runaway LLM spend before it hits the provider.

TIP Spend Guard

Available out of the box at enabled: true with sensible defaults:

  • block at $10 / 500K tokens per request (holds request, prompts user)
  • session-cumulative at $10 / 1h (death-by-1000-cuts defense)
  • hard-block at $50 / 1M tokens (immutable, cannot be bypassed)

When the guard fires you get HTTP 402 with structured tokenpak_spend_guard_blocked JSON. Release with a Yes-reply or [TIP: allow=once max=\$X] directive prefix. Headless agents can pre-declare.

Wire contract: Standard 29 — TIP Spend Guard Agent Contract. User guide: docs/spend-guard.md.

Acceptance lock proven

tests/test_spend_guard_spike_replay.py replays the actual 2026-05-07 09:28-10:56 trace (384 requests, $99.67 total). With the guard + reflexive 'no':

  • Block fires at minute 09:38:12, running cost $9.85
  • Total forwarded: ~$9.85 vs actual $99.67 — 91% reduction

Also in this release

  • Validator fix: tokenpak start now correctly accepts ANTHROPIC_API_KEY env var bypass.
  • CI hygiene: hostname genericization in 15 files; determinism workflow tolerant of skip-only state.

PRs

  • #97 (TSG-OSS, initiative 2026-05-07-tip-spend-guard-oss)
  • #99 (CI hygiene)
  • #100 (release merge)
  • #98 (validator fix, closed as subsumed)

149 spend-guard tests + 40 validator tests, all green.

pip install -U tokenpak

— The TokenPak team

PyPI publish — manual recovery (2026-05-08 12:22:33 UTC)

Auto-publish workflow Release TokenPak failed at the test gate due to optional-deps imports (fastapi, numpy, provider_health, tokenpak.companion.mcp_server) — pre-existing infrastructure debt from the 2026-04-28 packaging-extras-split, not introduced by this release. A follow-up addresses the release-workflow test gate.

Recovery per feedback_release_path_hardening recovery path: clean wheel + sdist built from git archive v1.5.1 at SHA 6f9315a1dd107ebf22a31b4d0bbb5fa852f2b910, manual twine upload with a maintainer-held PYPI_TOKEN. The maintainer authorized the manual upload with explicit per-instance scope.

artifact size sha256
tokenpak-1.5.1-py3-none-any.whl 2,581,571 374790285bd84a31c9d107937635de2df5f971156394ce8bac1d887643c8eb2e
tokenpak-1.5.1.tar.gz 2,811,160 eb1f42da8a135fb26e3a1841fe99904584603d1a2b7afd01773185dfd3965631

Verification: PyPI JSON API confirms 1.5.1 as latest; remote SHA256 matches local for both artifacts; pip install tokenpak==1.5.1 in isolated venv succeeds and importlib.metadata.version('tokenpak') returns 1.5.1.

pip install -U tokenpak and pip install tokenpak==1.5.1 both work as expected.

Full notes on GitHub PyPI package CHANGELOG
← All releases