refactor: use PI Codex Responses transport

[steipete]

Summary

• route explicit openai-codex/* Responses runs through PI native Codex Responses streaming instead of OpenClaw's custom Responses WebSocket stack
• delete the OpenClaw openai-ws-* transport, stale-terminal-event tests, WebSocket session cleanup hooks, and openaiWsWarmup config surface
• keep the integration behavior OpenClaw still owns: auth injection, run abort signals, PI session id propagation, and system-prompt cache boundary stripping
• update PI packages to 0.73.1 and refresh affected Codex prompt snapshots

Real behavior proof

Behavior or issue addressed: Explicit openai-codex/* Responses runs should no longer use OpenClaw's deleted custom OpenAI Responses WebSocket transport. They should resolve to PI native Codex Responses streaming while preserving OpenClaw-owned auth injection, abort signal propagation, session id propagation, and prompt-cache boundary stripping.

Real environment tested: Local OpenClaw PR checkout on refactor/pi-native-codex-responses with the updated dependency tree installed, running the production src/agents/pi-embedded-runner/stream-resolution.ts module through Node/tsx. This is not a mocked unit test runner; the probe imports the same production resolver used by embedded agent runs and substitutes only the final PI stream call to avoid a live OpenAI request with secrets.

Exact steps or command run after this patch: node --import tsx --input-type=module -e '<stream-resolution proof probe>' from the PR checkout. The probe resolved model { provider: "openai-codex", api: "openai-codex-responses", id: "gpt-5.5" }, invoked the returned stream with redacted auth, and printed the captured PI wrapper options/context.

Evidence after fix: copied terminal output from the after-fix probe:

{
  "head": "local",
  "strategy": "pi-native-codex-responses",
  "piAgentCore": "0.73.1",
  "customOpenClawWsPath": false,
  "wrappedOptions": {
    "sessionId": "live-proof-session",
    "signal": {},
    "apiKey": "redacted-live-token"
  },
  "strippedSystemPrompt": "alpha\nbeta"
}

Observed result after fix: The explicit OpenAI Codex Responses model resolves to pi-native-codex-responses; OpenClaw injects the redacted API key, run abort signal, and session id into the PI stream wrapper; and the system prompt cache boundary is stripped before PI receives the prompt. The custom OpenClaw WebSocket path is absent.

What was not tested: No live OpenAI network request was sent from the proof probe, to avoid exposing or consuming live credentials in the PR proof. The transport ownership and wrapper behavior are covered by the live production-module probe plus targeted tests and Testbox pnpm check:changed.

Verification

• pnpm test src/agents/pi-embedded-runner/stream-resolution.test.ts src/agents/pi-embedded-runner-extraparams.test.ts src/agents/pi-embedded-runner-extraparams-resolve.test.ts src/agents/transport-params-runtime-contract.test.ts src/agents/schema-normalization-runtime-contract.test.ts extensions/openai/openai-provider.test.ts src/agents/pi-embedded-runner/run/attempt.test.ts src/agents/pi-embedded-runner/compact.hooks.test.ts src/agents/pi-embedded-runner/run/attempt.spawn-workspace.context-engine.test.ts test/scripts/prompt-snapshots.test.ts
• pnpm test src/agents/transport-params-runtime-contract.test.ts
• pnpm exec oxfmt --check --threads=1 CHANGELOG.md docs/concepts/model-providers.md docs/providers/openai.md src/agents/pi-embedded-runner/stream-resolution.ts
• git diff --check origin/main...HEAD
• rg -n "openai-ws-|createOpenAIWebSocketStreamFn|releaseWsSession|hasWsSession|shouldUseOpenAIWebSocketTransport|openaiWsWarmup|WebSocket warm-up" src/agents extensions/openai docs src/proxy-capture test/helpers -g '*.ts' -g '*.md' -g '*.json' returned no matches
• node --import tsx --input-type=module -e '<stream-resolution proof probe>'
• Testbox tbx_01kr5xx5k7tvsj5n2tggj8q2s1: pnpm check:changed passed after the PI/Codex test and lint fixes

Refs #78055.
Supersedes #78142, #78146, #78147.

[clawsweeper]

Codex review: needs changes before merge.

Summary
The branch upgrades PI packages to 0.73.1, removes OpenClaw's custom OpenAI Responses WebSocket transport and warm-up config, routes explicit openai-codex Responses runs through PI-native streaming, and refreshes docs, tests, changelog, and prompt snapshots.

Reproducibility: not applicable. for this refactor PR. The blocking regression is source-reproducible from the PR resolver path plus the current boundary-aware transport/request-policy contract.

Real behavior proof
Sufficient (terminal): The PR body includes terminal output from a production stream-resolution.ts probe showing after-fix PI-native strategy selection, redacted auth injection, session id/signal propagation, and cache-boundary stripping; it does not cover the custom request-policy regression.

Next step before merge
There is a narrow repairable blocker: preserve OpenClaw boundary-aware transport for custom/request-policy Codex Responses routes while leaving the intended PI-native native-route behavior intact.

Security
Needs attention: Needs attention: the diff changes model network transport and currently bypasses OpenClaw's guarded provider request path for configurable Codex endpoints.

Review findings

• [P1] Preserve boundary-aware transport for custom Codex routes — src/agents/pi-embedded-runner/stream-resolution.ts:57-60

Review details

Best possible solution:

Gate PI-native Codex Responses to known native ChatGPT/Codex routes without custom request-policy requirements, and keep custom, proxied, TLS-overridden, or private-network-sensitive routes on OpenClaw's boundary-aware transport.

Do we have a high-confidence way to reproduce the issue?

Not applicable for this refactor PR. The blocking regression is source-reproducible from the PR resolver path plus the current boundary-aware transport/request-policy contract.

Is this the best way to solve the issue?

No, not as-is. The safer implementation is to use PI native streaming only when it preserves OpenClaw's request boundary, and otherwise fall back to the existing boundary-aware OpenAI Responses transport.

Full review comments:

• [P1] Preserve boundary-aware transport for custom Codex routes — src/agents/pi-embedded-runner/stream-resolution.ts:57-60
  This branch now returns the PI-native Codex stream for every default openai-codex/openai-codex-responses model before checking the model's endpoint/request policy. Current openai-codex still supports configured providerConfig.baseUrl, and OpenClaw's boundary-aware transport is where proxy/TLS/private-network policy and guarded fetch are applied; PI 0.73.1 opens its own WebSocket/direct fetch instead. Please gate this native path to known native ChatGPT/Codex endpoints with no custom request-policy needs, or fall back to createBoundaryAwareStreamFnForModel for custom routes.
  Confidence: 0.89

Overall correctness: patch is incorrect
Overall confidence: 0.86

Security concerns:

• [high] Provider request policy bypass — src/agents/pi-embedded-runner/stream-resolution.ts:57
  The PI-native Codex path uses PI's direct WebSocket/fetch implementation instead of OpenClaw's boundary-aware OpenAI transport, so custom openai-codex base URLs can miss configured proxy/TLS/private-network guard handling.
  Confidence: 0.87

Acceptance criteria:

• pnpm test src/agents/pi-embedded-runner/stream-resolution.test.ts src/agents/openai-transport-stream.test.ts extensions/openai/openai-codex-provider.test.ts extensions/openai/transport-policy.test.ts
• pnpm test src/agents/pi-embedded-runner-extraparams.test.ts src/agents/pi-embedded-runner-extraparams-resolve.test.ts src/agents/transport-params-runtime-contract.test.ts src/agents/schema-normalization-runtime-contract.test.ts extensions/openai/openai-provider.test.ts
• pnpm exec oxfmt --check --threads=1 src/agents/pi-embedded-runner/stream-resolution.ts src/agents/pi-embedded-runner/stream-resolution.test.ts extensions/openai/openai-codex-provider.test.ts extensions/openai/transport-policy.test.ts
• git diff --check origin/main...HEAD
• Testbox pnpm check:changed before merge because this PR touches shared agent transport, package versions, and prompt snapshots

What I checked:

• Live PR state: GitHub API reports the PR open at head b86b196e8a052ffeff12489d941c4748683b43d5, base e8483ea610f2cd034209d2cc05c29cff21ac4ad6, mergeable_state=unstable, and includes the protected maintainer label. (b86b196e8a05)
• PR native Codex routing: The PR selects pi-native-codex-responses for every default openai-codex/openai-codex-responses stream before reaching the boundary-aware fallback. (src/agents/pi-embedded-runner/stream-resolution.ts:57, b86b196e8a05)
• Current-main boundary contract: Current main keeps OpenAI-family embedded fallbacks on createBoundaryAwareStreamFnForModel, whose comment says OpenAI-family APIs stay there until PI native streams preserve the same OpenClaw request contract. (src/agents/provider-transport-stream.ts:138, e8483ea610f2)
• Provider request guard: OpenClaw's boundary-aware OpenAI transport uses buildGuardedModelFetch, resolving provider request policy, dispatcher/proxy/TLS settings, SSRF policy, timeout, and guarded fetch before issuing SDK requests. (src/agents/provider-transport-fetch.ts:317, e8483ea610f2)
• Config contract: Docs define models.providers.*.request as the model-provider HTTP request override surface for headers, auth, proxy, TLS, and private-network opt-in. Public docs: docs/gateway/config-tools.md. (docs/gateway/config-tools.md:460, e8483ea610f2)
• PI dependency contract: Published @mariozechner/pi-ai@0.73.1 Codex Responses uses options.transport, options.sessionId, and options.signal, but opens its own WebSocket and direct fetch(resolveCodexUrl(model.baseUrl)); it does not call OpenClaw's guarded provider fetch or request-policy resolver.

Likely related people:

• steipete: Recent current-main commits own the stream-resolution, provider guarded-fetch, OpenAI transport, and PI/Codex transport surfaces this PR changes. (role: recent maintainer and current PR author; confidence: high; commits: 6eae017dd614, cf511288b84b, 6f4272bd041a; files: src/agents/pi-embedded-runner/stream-resolution.ts, src/agents/provider-transport-stream.ts, src/agents/provider-transport-fetch.ts)
• vincentkoc: Earlier current-main history introduced and refined boundary-aware transport and prompt-cache transport gaps that the PR bypasses for Codex Responses. (role: original/adjacent transport owner; confidence: medium; commits: 1a13c34f5bc8, 64f28906de09, e250ea3668f6; files: src/agents/provider-transport-stream.ts, src/agents/pi-embedded-runner/stream-resolution.ts, src/agents/openai-ws-stream.ts)
• qas: The private-network provider request opt-in history is directly relevant to the request-policy path that must remain enforced for custom Codex endpoints. (role: provider request policy contributor; confidence: medium; commits: 71617ef2f056; files: src/agents/pi-embedded-runner/stream-resolution.ts, src/agents/openai-ws-stream.ts, docs/gateway/config-tools.md)
• arniesaha: Recent OpenAI Codex provider work specifically preserved providerConfig.baseUrl, the configuration shape affected by the PI-native routing change. (role: adjacent Codex provider config contributor; confidence: medium; commits: b83b2e3f1cb5; files: extensions/openai/openai-codex-provider.ts, extensions/openai/openai-codex-provider.test.ts)

Remaining risk / open question:

• The PR currently bypasses OpenClaw's guarded provider request path for configurable openai-codex Responses base URLs, including proxy/TLS/private-network policy handling.
• Some checks are still unstable or failing on the current head, including boundary-related jobs; the exact final CI state should gate merge after the code repair.
• The larger removal of OpenClaw's custom WebSocket stack and transfer of Codex Responses transport ownership to PI 0.73.1 still needs maintainer acceptance.

Codex review notes: model gpt-5.5, reasoning high; reviewed against e8483ea610f2.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 887d99300d

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Keep Codex responses on boundary-aware transport for custom routes

This new resolver selects the PI native Codex stream for every openai-codex/openai-codex-responses model as soon as the session stream is “default”, without checking endpoint/request-policy compatibility. That bypasses createBoundaryAwareStreamFnForModel (the OpenClaw path that enforces provider request policy, including guarded fetch behavior used for proxy/TLS/SSRF controls), so Codex models pointed at custom or private OpenAI-compatible base URLs can now run outside the expected transport policy. Please gate the native path by endpoint/policy compatibility (or fall back to boundary-aware transport when custom routing/policy is in play).

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: b86b196e8a

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Preserve boundary-aware stream for custom Codex endpoints

resolvePiNativeCodexResponsesStreamFn now routes every default openai-codex/openai-codex-responses run to PI native streaming without checking endpoint/request-policy compatibility, so runs using custom baseUrl or provider request overrides can bypass OpenClaw’s boundary-aware transport (proxy/TLS/guarded-fetch policy path). Fresh evidence in this commit: the old endpoint-class guard was removed with shouldUseOpenAIWebSocketTransport in attempt.thread-helpers.ts, and no equivalent check was added before returning the PI native stream here.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: d9b4a943c9

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Restore websocket routing for OpenAI Responses models

This call now resolves the embedded stream without any transport-routing inputs, so openai/openai-responses attempts can no longer take the WebSocket path and always fall back to the boundary-aware HTTP stream. Before this commit, shouldUseOpenAIWebSocketTransportForAttempt(...) handled transport intent (including explicit "websocket"), but after its removal the transport: "websocket" override is effectively ignored in this path and "auto" no longer does WebSocket-first for OpenAI Responses runs.

Useful? React with 👍 / 👎.