This release fixes issues for SREs watching stability and regressions.
✓ No known CVEs patched in this version
Topics
+9 more
Affected surfaces
Summary
AI summaryUpdates What's fixed, Verified, and queued across a mixed release.
Changes in this release
| Type | Severity | Summary | CVE |
|---|---|---|---|
| Feature | Low |
Buy button now enables for 0 DTE trades by allowing `dte >= 0`. Buy button now enables for 0 DTE trades by allowing `dte >= 0`. Source: llm_adapter@2026-05-29 Confidence: high |
— |
| Performance | High |
/api/position endpoint is 60x faster, reducing latency from ~7 s to ~0.1 s. /api/position endpoint is 60x faster, reducing latency from ~7 s to ~0.1 s. Source: llm_adapter@2026-05-29 Confidence: high |
— |
| Bugfix | Medium |
WebSocket no longer dies with 'ping timeout' due to missing gevent monkey-patch. WebSocket no longer dies with 'ping timeout' due to missing gevent monkey-patch. Source: llm_adapter@2026-05-29 Confidence: high |
— |
Full changelog
Recommended upgrade for everyone on v0.1.2. Required if you trade 0 DTE.
What's fixed
WebSocket no longer dies with 'ping timeout'
The platform uses gevent for async, but gevent.monkey.patch_all() was never called. Result: every blocking alpaca-py REST call (which uses requests internally) froze the entire gevent event loop, including SocketIO's ping/pong heartbeats. Browsers saw WebSocket disconnected: ping timeout and entered a reconnect loop.
Fix: monkey-patch sockets at process start, before any module imports requests / urllib3. WebSocket now stays connected through normal trading activity.
/api/position is 60x faster
The trading engine was firing one broker.get_current_price() call per untracked broker position on every /api/position poll. For a user with 12 stock positions in their Alpaca account, that was 12 serial broker round-trips and ~6 seconds of wall time per call. Worse, it starved every other REST endpoint (including the ones that gate the Buy button's readiness check), so the trading UI would never finish loading.
Fix: use the current_price field already populated on the broker position object. No extra round-trips needed.
| Endpoint | Before | After |
|---|---|---|
| /api/position | ~7,000ms | ~100ms |
| /api/symbol/config/<sym> | ~27,000ms (queued behind /position) | ~900ms |
| /api/symbol/contracts/<sym> | ~16,000ms (queued) | ~150ms |
| /api/option/quote/<sym> | ~5,000ms (queued) | ~1,700ms |
Buy button now enables for 0 DTE trades
The readiness check required dte > 0, which silently disabled trading on 0-DTE contracts — one of the platform's primary use cases. The check is now dte >= 0; the panel-ready flag handles uninitialized state separately.
Symptom on v0.1.2: Buy / SL / TP pills greyed out forever, tooltip 'Trading controls are still loading', even though the chart and side panel had fully loaded.
How to upgrade
git pull
# restart the launcher and refresh your browser tab
If the running platform's been up since v0.1.2, restart it so gevent monkey-patches at boot (this can't be hot-applied to a running process).
Verified
- WebSocket stays connected across normal trading activity (no ping timeout)
- 10 parallel
/api/positioncalls all complete in under 1.3 seconds - Buy / SL / TP pills become active within ~3 seconds of page load
- 0 DTE trades can be placed (Buy enables with
dte = 0) - v0.1.1 + v0.1.2 security guarantees still hold (CSRF + CORS + origin checks all intact)
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About calesthio/OptionsCanvas
All releases →Beta — feedback welcome: [email protected]