fix(openai): honor OPENAI_BASE_URL when no provider config sets a baseUrl

[sunapi386]

Summary

The dynamic-model resolver in extensions/openai/openai-provider.ts hardcodes baseUrl: \"https://api.openai.com/v1\" for every default GPT entry. This silently overrides OPENAI_BASE_URL, so users running OpenClaw behind a LiteLLM/vLLM/local proxy get a 401 from api.openai.com even when the env var is set correctly — the discovered baseUrl wins via ?? discoveredModel.baseUrl in src/agents/pi-embedded-runner/model.ts:530.

The fix introduces resolveOpenAIDefaultBaseUrl() in extensions/openai/base-url.ts that returns process.env.OPENAI_BASE_URL (when non-empty) and falls back to https://api.openai.com/v1. The 5 hardcoded literals in the registry are replaced with the helper.

This mirrors the precedent of #55597 ("honor OPENAI_BASE_URL in whisper api skill") and matches what the OpenAI Node SDK already does — its constructor falls back to process.env.OPENAI_BASE_URL when baseURL is undefined.

Backwards compatibility

Provider-config baseUrl still takes precedence (the resolver consults providerConfig.baseUrl before discoveredModel.baseUrl at model.ts:530):

User has	Before	After
Nothing (default)	api.openai.com	api.openai.com (unchanged)
models.providers.openai.baseUrl in config	their config	their config (unchanged)
Only OPENAI_BASE_URL env var	api.openai.com (silent ignore)	env var honored
Both env var and config	config	config (unchanged)

No existing user is broken. Users who set the env var expecting it to work — like the OpenAI Node SDK's own behavior — now get the routing they expected.

Why not anthropic too

Anthropic's hardcoded fallback is in src/agents/anthropic-transport-stream.ts:474 rather than a model registry, and the discovery flow is shaped differently. Keeping this PR scoped to OpenAI to mirror the #55597 precedent and make review easy. Happy to follow up with an analogous Anthropic PR if this lands.

Test plan

• Added unit coverage in extensions/openai/base-url.test.ts (env unset, empty, whitespace, custom URL).
• pnpm test -- extensions/openai/base-url.test.ts passes (6 tests).
• CI run on upstream main.

[clawsweeper]

Codex review: needs real behavior proof before merge. Reviewed May 30, 2026, 12:52 AM ET / 04:52 UTC.

Summary
Review failed before ClawSweeper could summarize the requested change.

PR surface: Source +16, Tests +11, Docs +1. Total +28 across 4 files.

Reproducibility: unclear. The review failed before ClawSweeper could establish a reproduction path.

Review metrics: none identified.

Merge readiness
Overall: 🌊 off-meta tidepool
Proof: 🌊 off-meta tidepool
Patch quality: 🌊 off-meta tidepool
Result: rating does not apply to this item.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Risk before merge

• [P1] No close action taken because the review did not complete.

Maintainer options:

1. Decide the mitigation before merge
   Retry the Codex review after fixing the execution failure.
2. Pause or close
   Do not merge this PR until maintainers decide whether the risk is worth taking.

Next step before merge

• [P1] Review did not complete, so no work-lane recommendation was made.

Review details

Best possible solution:

Retry the Codex review after fixing the execution failure.

Do we have a high-confidence way to reproduce the issue?

Unclear. The review failed before ClawSweeper could establish a reproduction path.

Is this the best way to solve the issue?

Unclear. Retry the review first so ClawSweeper can evaluate the actual issue and fix direction.

AGENTS.md: unclear because the file could not be read completely.

Codex review notes: model gpt-5.5, reasoning high; reviewed against b9933b2ec119.

Label changes

Label changes:

• add rating: 🌊 off-meta tidepool: Overall readiness is 🌊 off-meta tidepool; proof is 🌊 off-meta tidepool and patch quality is 🌊 off-meta tidepool.

Label justifications:

• rating: 🌊 off-meta tidepool: Overall readiness is 🌊 off-meta tidepool; proof is 🌊 off-meta tidepool and patch quality is 🌊 off-meta tidepool.

Evidence reviewed

PR surface:

Source +16, Tests +11, Docs +1. Total +28 across 4 files.

View PR surface stats

Area	Files	Added	Removed	Net
Source	2	22	6	+16
Tests	1	11	0	+11
Docs	1	1	0	+1
Config	0	0	0	0
Generated	0	0	0	0
Other	0	0	0	0
Total	4	34	6	+28

What I checked:

• failure reason: codex execution failed.
• codex failure detail: Codex review failed for this PR with exit 1.
• codex stdout: Per-item Codex failure; continuing with the rest of the shard.

Likely related people:

• unknown: Codex failed before it could trace repository history. (role: review did not complete; confidence: low)

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

[openclaw-barnacle]

This pull request has been automatically marked as stale due to inactivity.
Please add updates or it will be closed.

[steipete]

Thanks for the PR. I landed the current-source version of this fix in #89347 / commit 732d697, with exact-head CI and focused provider/model proof recorded there.

Closing this as superseded by the merged maintainer batch.