fix(anthropic): preserve pi-ai default betas when injecting anthropic-beta header

[minupla]

Problem

After #19769 was reported, updating to v2026.2.17 causes all Anthropic API calls to fail with HTTP 401 when using an OAuth token (sk-ant-oat-*).

Root cause: When the context1m feature injects anthropic-beta via options.headers, pi-ai's mergeHeaders uses Object.assign (last-wins). This overwrites createClient's hardcoded defaultHeaders["anthropic-beta"], stripping required betas like oauth-2025-04-20. Without that beta, Anthropic rejects OAuth Bearer auth with a 401.

Fix

• Detect token type by checking for the sk-ant-oat prefix
• Pre-seed the appropriate pi-ai default betas (PI_AI_DEFAULT_ANTHROPIC_BETAS or PI_AI_OAUTH_ANTHROPIC_BETAS) before merging custom betas
• Deduplicate with Set to avoid duplicate entries

Tests

Added a test case covering the OAuth token path with context1m enabled, verifying that oauth-2025-04-20 and claude-code-20250219 survive the header merge.

Fixes #19769

Greptile Summary

Fixes a critical regression where context1m feature injection of the anthropic-beta header via options.headers would overwrite pi-ai's hardcoded defaultHeaders["anthropic-beta"] (due to Object.assign last-wins in pi-ai's mergeHeaders), stripping required betas like oauth-2025-04-20 and causing HTTP 401 for OAuth token users.

• Adds PI_AI_DEFAULT_ANTHROPIC_BETAS and PI_AI_OAUTH_ANTHROPIC_BETAS constants mirroring pi-ai's internal defaults, pre-seeded into the merged beta header to prevent overwrite
• Detects OAuth tokens at runtime via options?.apiKey prefix matching to select the appropriate beta set
• Deduplicates betas with Set to avoid redundant entries
• Adds test coverage for the OAuth token path with context1m enabled
• Note: The hardcoded beta constants duplicate pi-ai internals and will need updating if the library changes its defaults — this coupling is documented in code comments

Confidence Score: 4/5

• This PR is a targeted, well-tested fix for a critical OAuth authentication regression and is safe to merge.
• The fix correctly addresses the root cause (Object.assign last-wins overwriting critical betas), has good test coverage for both OAuth and standard API key paths, and the implementation is straightforward. The one concern is the hardcoded duplication of pi-ai's internal beta constants, which creates a maintenance coupling — but this is clearly documented and is the pragmatic solution given the upstream library's design.
• src/agents/pi-embedded-runner/extra-params.ts — hardcoded beta constants will need updating if pi-ai changes its defaults

_{Last reviewed commit: 4b2db90}

_{(2/5) Greptile learns from your feedback when you react with thumbs up/down!}

Context used:

• Context from dashboard - CLAUDE.md (source)
• Context from dashboard - AGENTS.md (source)

[minupla]

The protocol:check failure appears to be a pre-existing drift on main unrelated to this PR — it's flagging a missing threadid field in GatewayModels.swift that was added in a recent commit but hasn't been reflected in the generated Swift protocol models yet. Our changes only touch src/agents/pi-embedded-runner/extra-params.ts and the corresponding e2e test file. Happy to rebase once that's resolved upstream if needed.

[Takhoffman]

PR #19789 - fix(anthropic): preserve pi-ai default betas when injecting anthropic-beta header (#19789)

Merged via squash.

• Merge commit: 10dab4f
• Verified: pnpm build, pnpm check, pnpm test:macmini
• Changes made:
  M CHANGELOG.md
  M src/agents/pi-embedded-runner-extraparams.e2e.test.ts
  M src/agents/pi-embedded-runner/extra-params.ts
• Why these changes were made:
  Fix v2026.2.17: Anthropic auth fails with OAuth error #19769 by preserving pi-ai default Anthropic OAuth beta headers when context1m injects anthropic-beta, preventing OAuth 401 regressions.
• Changelog: CHANGELOG.md updated=true required=true opt_out=false

Thanks @minupla!