fix(model-picker): exclude providers with empty credential pool entries

The auth check in list_authenticated_providers used mere key presence in credential_pool to conclude a provider is authenticated. An empty entry (pool_store key with no actual credentials) caused providers like ollama-cloud to appear as authenticated in the model picker even when no OLLAMA_API_KEY was set. The user's picker then offered nemotron-3-super under Ollama Cloud; selecting it routed every subsequent turn to https://ollama.com/v1, which rejected the requests with HTTP 400. Fix: drop the pool_store key-existence check from both section 2 (HERMES_OVERLAYS) and section 2b (CANONICAL_PROVIDERS). The following load_pool().has_credentials() call already handles the legitimate pooled- credential case; checking for an empty key just ahead of it was redundant and actively harmful.
2026-05-05 02:31:47 +00:00 · 2026-04-26 13:48:16 +05:30 · 2026-04-26 13:48:16 +05:30 · 46072425fe
commit 46072425fe
parent c8ecb56f27
1 changed files with 2 additions and 10 deletions
--- a/hermes_cli/model_switch.py
+++ b/hermes_cli/model_switch.py
@ -1264,11 +1264,7 @@ def list_authenticated_providers(
                from hermes_cli.auth import _load_auth_store
                store = _load_auth_store()
                providers_store = store.get("providers", {})
-                pool_store = store.get("credential_pool", {})
-                if store and (
-                    pid in providers_store or hermes_slug in providers_store
-                    or pid in pool_store or hermes_slug in pool_store
-                ):
+                if store and (pid in providers_store or hermes_slug in providers_store):
                    has_creds = True
            except Exception as exc:
                logger.debug("Auth store check failed for %s: %s", pid, exc)
@ -1364,11 +1360,7 @@ def list_authenticated_providers(
                from hermes_cli.auth import _load_auth_store
                _cp_store = _load_auth_store()
                _cp_providers_store = _cp_store.get("providers", {})
-                _cp_pool_store = _cp_store.get("credential_pool", {})
-                if _cp_store and (
-                    _cp.slug in _cp_providers_store
-                    or _cp.slug in _cp_pool_store
-                ):
+                if _cp_store and _cp.slug in _cp_providers_store:
                    _cp_has_creds = True
            except Exception:
                pass