feat(agent): add LM Studio as first-class provider (salvage #17061)

[kshitijk4poor]

Summary

Salvage of #17061 by @rugvedS07 — promotes LM Studio from a "custom" provider alias to a first-class provider with JIT model loading, reasoning effort negotiation, and no-auth support.

Cherry-picked all 5 contributor commits onto current main with follow-up fixes from self-review.

What this PR does

From the contributor (#17061)

• First-class provider registration: PROVIDER_REGISTRY, HERMES_OVERLAYS, aliases (lmstudio, lm-studio, lm_studio) now resolve to "lmstudio" instead of "custom"
• Live model discovery via LM Studio's native /api/v1/models endpoint (filters embedding models)
• JIT model loading via POST /api/v1/models/load — automatically loads the selected model with at least 64K context if not already loaded with sufficient context, capped at max_context_length
• Reasoning effort negotiation — reads per-model capabilities.reasoning.allowed_options from LM Studio and clamps the user's reasoning config to what the model supports. Shared resolve_lmstudio_effort() keeps transport and summary paths in sync
• No-auth mode with LMSTUDIO_NOAUTH_PLACEHOLDER for users running LM Studio without auth enabled
• /model autocomplete with cached LM Studio model list (30s TTL, gated on LM Studio config)
• hermes status shows LM Studio reachability and model count
• Model validation via native API: distinguishes auth failure (401) from unreachable server from empty model list
• Context length handling: excludes LM Studio from persistent context cache (loaded context is transient — user can reload with different context_length anytime)
• Docs update for provider page
• 450+ tests covering reasoning effort clamping, provider resolution, credential resolution, model validation, picker probing

Follow-up fixes (from self-review)

Finding	Fix
Dead code: _lmstudio_loaded_context set but never read in run_agent.py	Removed — context_compressor.update_model() is the actual consumer
N+1 HTTP probe: empty reasoning options not cached → per-turn HTTP call for non-reasoning models	Added 60s TTL cache for empty results; non-empty cached permanently
Code duplication: URL-strip + auth-header + HTTP-call pattern repeated in 3 functions in models.py	Extracted _lmstudio_server_root(), _lmstudio_request_headers(), _lmstudio_fetch_raw_models() shared helpers
Pre-existing test flake: TUI test_make_agent_passes_resolved_provider	Relaxed target_model assertion to avoid module-cache ordering issue
Missing AUTHOR_MAP: rugved@lmstudio.ai	Added → rugvedS07

Scoped out from the original PR

Config version bump 22→23 removed. The original PR added a migration that wrote LM_API_KEY=dummy-lm-api-key to .env when provider: lmstudio was set in config.yaml. This is unnecessary — resolve_api_key_provider_credentials() already substitutes LMSTUDIO_NOAUTH_PLACEHOLDER at runtime when no key is found. The migration would write a fake credential to .env (which is for secrets only), confuse users who inspect it, and create a maintenance asymmetry if the placeholder value ever changes. The runtime fallback covers all code paths (CLI, gateway, TUI, cron, auxiliary_client).

runtime_provider.py base URL precedence change reverted. The original PR changed the base URL resolution for all api_key providers (not just LM Studio) — flipping priority from config > env > default to env > config > default when both model.base_url in config AND the provider-specific env var (e.g. GLM_BASE_URL, LM_BASE_URL, KIMI_BASE_URL) are set. This affected ~30 providers (ZAI, MiniMax, Kimi, DeepSeek, HF, NVIDIA, etc.) for the sake of one LM Studio edge case. Reverted to preserve the established contract — LM Studio works correctly with the original logic since resolve_api_key_provider_credentials already incorporates LM_BASE_URL into creds["base_url"], and saved model.base_url from config properly overrides the registry default.

API stability

All LM Studio endpoints used are officially documented v1 API (stable since LM Studio 0.4.0):

• GET /api/v1/models — model listing with capabilities
• POST /api/v1/models/load with context_length param
• capabilities.reasoning.allowed_options — documented since v0.3.16

No competing agent (Continue, Cline, OpenCode, Aider) implements JIT model loading or reasoning negotiation — this is novel.

Test plan

• 5351 passed, 0 new failures (29 failures all pre-existing on main)
• 450 PR-specific tests pass
• E2E: alias resolution, PROVIDER_REGISTRY, no-auth placeholder, env var override, HERMES_OVERLAYS, auto-detection skip, reasoning effort, model metadata cache bypass
• E2E: runtime_provider base_url precedence unchanged for ZAI, LM Studio
• Self-review: 3-agent parallel review → all criticals/warnings addressed
• CI (rely on GitHub CI for full suite)

Based on PR #17061 by @rugvedS07.