fix(agents): preserve reasoning_content replay across DeepSeek tier suffixes

[Pluviobyte]

Summary

• Strip well-known tier suffixes (-free, -paid, -trial) when building the REASONING_CONTENT_REPLAY_MODEL_IDS allowlist candidates so OpenCode Zen's deepseek-v4-flash-free (and any other tier-suffixed DeepSeek/MiMo/Kimi route) matches the base model id and keeps its DeepSeek-style reasoning_content replay.
• Out of scope: making isDeepSeek recognise OpenCode-native endpoints, adding an OpenCode Zen wrapStreamFn, or changing the replay sanitizer for non-DeepSeek-style providers. The minimal fix removes the 400 without expanding the replay contract.

Linked context

Closes #87575

Was this requested by a maintainer or owner?

No direct maintainer request; the issue is clawsweeper:fix-shape-clear + queueable-fix + source-repro, and the reporter included a 4-step root cause analysis that points at exactly this allowlist gap.

Real behavior proof (required for external PRs)

• Behavior or issue addressed: OpenCode Zen exposes DeepSeek V4 Flash Free as deepseek-v4-flash-free. The shared OpenAI-compatible replay sanitizer used the bare allowlist (deepseek-v4-flash, etc.) so the tier-suffixed id never matched. The follow-up request to DeepSeek therefore had reasoning_content stripped from the assistant turn and DeepSeek rejected it with 400: \reasoning_content` in the thinking mode must be passed back to the API`, deadlocking the session.

• Real environment tested: Local OpenClaw source checkout on Linux with Node v22.22.3, pnpm 11.2.2 via corepack.

• Exact steps or command run after this patch: Ran a local OpenClaw source smoke against the real buildOpenAICompletionsParams with an OpenCode-routed deepseek-v4-flash-free model and a transcript that includes a thinking block carrying reasoning_content, then re-ran the same smoke after git stash-ing this patch on the same branch.

• Evidence after fix: Copied console output from the smoke.

  Before-fix (patch stashed):

  === BEFORE-FIX BEHAVIOR ===
  assistant.reasoning_content present: false
  assistant keys: [ 'role', 'content' ]
  bug repro: DeepSeek API would reject follow-up since reasoning_content missing
  

  After-fix (patch restored):

  === AFTER-FIX BEHAVIOR ===
  assistant.reasoning_content present: true
  assistant.reasoning_content value: \"Need to answer politely.\"
  

• Observed result after fix: The OpenCode-routed deepseek-v4-flash-free follow-up assistant payload now carries the original reasoning_content instead of being stripped down to bare role+content. The same matching path keeps preserving other tier-suffixed routes (MiMo -free, Kimi K2 -free).

• What was not tested: A live OpenCode Zen call against https://opencode.ai/zen/v1. The fix is at the sanitizer boundary that consumes the same OpenAI-compatible request shape; the smoke exercises that boundary directly using the model+context the live provider produces.

• Proof limitations or environment constraints: The after-fix proof uses the real shared sanitizer in a local checkout but does not call the OpenCode Zen endpoint because this environment is not configured with OpenCode credentials. The reporter's 400 capture in the issue documents the upstream side of the same boundary.

• Before evidence (optional but encouraged): Captured above via git stash-ing this patch.

Tests and validation

Which commands did you run?

• PATH=\"\$HOME/.nvm/versions/node/v22.22.3/bin:\$PATH\" node scripts/test-projects.mjs src/agents/openai-transport-stream.test.ts
• PATH=\"\$HOME/.nvm/versions/node/v22.22.3/bin:\$PATH\" corepack pnpm exec oxfmt --check src/agents/openai-transport-stream.ts src/agents/openai-transport-stream.test.ts
• git diff --check

Outputs:

• openai-transport-stream.test.ts: Test Files 1 passed (1) / Tests 204 passed (204) — the existing reasoning replay coverage plus a new parameterised case for OpenCode Zen DeepSeek V4 Flash Free, OpenRouter MiMo V2 Pro Free, and OpenRouter Kimi K2 Thinking Free.
• oxfmt --check: All matched files use the correct format.

What regression coverage was added or updated?

Added an it.each([...]) block under buildOpenAICompletionsParams sanitizes reasoning replay fields that asserts reasoning_content survives the replay sanitizer for three tier-suffixed model ids while still stripping reasoning_details, reasoning, and reasoning_text. The before-fix smoke above demonstrates the new assertions would not have passed without this patch.

What failed before this fix, if known?

The OpenCode-routed deepseek-v4-flash-free follow-up assistant payload had reasoning_content stripped, so any DeepSeek API call after the first turn returned HTTP 400 and the session deadlocked.

If no test was added, why not?

N/A.

Risk checklist

Did user-visible behavior change? (Yes/No)

Yes (positive). Tier-suffixed DeepSeek-style routes can now complete multi-turn sessions instead of failing the second request with HTTP 400.

Did config, environment, or migration behavior change? (Yes/No)

No.

Did security, auth, secrets, network, or tool execution behavior change? (Yes/No)

No.

What is the highest-risk area?

A provider that ships a model id ending in -free/-paid/-trial that does not honour the DeepSeek-style replay contract would now receive reasoning_content it did not expect.

How is that risk mitigated?

The base id (after suffix strip) still has to be in REASONING_CONTENT_REPLAY_MODEL_IDS, which only lists DeepSeek V4, Kimi/MiMo, and friends that all document the same replay contract. The suffix list is intentionally narrow (three known tier markers) and only applied to allowlist candidate matching — the wire-level sanitizer behavior is unchanged for any base id that is not on the allowlist.

Current review state

What is the next action?

Await maintainer / ClawSweeper review on (a) whether suffix-stripping is preferred over enumerating every -free variant in the allowlist, and (b) whether the OpenCode Zen plugin should also wire wrapStreamFn for parity with opencode-go.

What is still waiting on author, maintainer, CI, or external proof?

A live OpenCode Zen call producing the 400 → success transition is still not provided from this environment.

Which bot or reviewer comments were addressed?

Initial PR; no PR comments yet.

AI-assisted: yes. I reviewed the touched code paths, designed the candidate-stripping change, and ran the focused validation commands above.

Made with Cursor

[clawsweeper]

Codex review: needs changes before merge. Reviewed May 28, 2026, 11:25 AM ET / 15:25 UTC.

Summary
The branch strips -free, -paid, and -trial tier suffixes before matching reasoning_content replay allowlist candidates, and adds focused sanitizer plus optional OpenCode Zen live coverage.

PR surface: Source +28, Tests +176. Total +204 across 3 files.

Reproducibility: yes. source-reproducible: current main only matches bare or colon-split replay IDs, so deepseek-v4-flash-free misses the DeepSeek V4 replay allowlist and loses reasoning_content at the shared OpenAI-compatible sanitizer boundary. The linked issue supplies the upstream 400 error from that missing field.

Review metrics: 1 noteworthy metric.

• Replay tier suffixes: 3 added. The PR makes -free, -paid, and -trial variants inherit allowlisted base-model replay behavior, which is a compatibility-sensitive provider payload change.

Merge readiness
Overall: 🦐 gold shrimp
Proof: 🐚 platinum hermit
Patch quality: 🦐 gold shrimp
Result: needs maintainer review before merge.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Rank-up moves:

• Mirror suffix matching in src/agents/transcript-policy.ts with focused regression coverage.
• Run the optional credentialed OpenCode Zen live test if maintainers require endpoint proof.

Risk before merge

• [P1] Merging expands reasoning_content preservation for -free, -paid, and -trial variants whose stripped base ID is already allowlisted; a provider that reuses one of those suffixes for a different wire contract would now receive reasoning_content.
• [P1] The transport sanitizer and new tests handle tier-suffixed IDs, but the separate strict OpenAI-compatible transcript replay policy does not yet mirror that suffix matching for historical replay on unowned routes.
• [P1] The supplied proof exercises the real sanitizer boundary with before/after terminal output, but it does not show a credentialed OpenCode Zen endpoint 400-to-success run.

Maintainer options:

1. Mirror transcript replay matching (recommended)
   Apply the same tier-suffix candidate logic to src/agents/transcript-policy.ts and add transcript-policy or session-history coverage for tier-suffixed replay-required IDs before merge.
2. Accept transport-only scope
   Maintainers may decide this PR intentionally fixes only OpenCode Zen transport payloads and leave unowned historical replay suffix handling for a later issue.
3. Require live OpenCode Zen proof
   If endpoint proof is required, run the new optional OpenCode Zen live test with redacted credentials before merging.

Copy recommended automerge instruction

@clawsweeper automerge

Special instructions:
Update strict OpenAI-compatible transcript replay matching to strip the same `-free`, `-paid`, and `-trial` tier suffixes used by the transport sanitizer, add focused transcript-policy/session-history regression coverage for tier-suffixed replay-required model IDs, and rerun the focused agent replay tests.

Next step before merge

• [P2] A narrow repair can mirror the suffix matcher in the transcript replay policy and add regression coverage without changing the PR's product direction.

Security
Cleared: The diff only changes provider replay matching and tests; it does not add dependencies, secrets handling, CI permissions, release scripts, or new code-execution paths.

Review findings

• [P2] Mirror suffix replay matching in transcript policy — src/agents/openai-transport-stream.ts:3430-3439

Review details

Best possible solution:

Land the suffix normalization after keeping the transcript replay policy in sync and making the compatibility semantics an explicit maintainer choice.

Do we have a high-confidence way to reproduce the issue?

Yes, source-reproducible: current main only matches bare or colon-split replay IDs, so deepseek-v4-flash-free misses the DeepSeek V4 replay allowlist and loses reasoning_content at the shared OpenAI-compatible sanitizer boundary. The linked issue supplies the upstream 400 error from that missing field.

Is this the best way to solve the issue?

Mostly yes: normalizing narrow tier suffixes is a small fix at the right transport boundary. It should also update the sibling transcript replay policy so historical strict OpenAI-compatible replay does not keep a conflicting source of truth.

Full review comments:

• [P2] Mirror suffix replay matching in transcript policy — src/agents/openai-transport-stream.ts:3430-3439
  This PR teaches the transport sanitizer that tier-suffixed MiMo/Kimi/DeepSeek IDs are replay-required, but src/agents/transcript-policy.ts still has its own candidate matcher without the tier-suffix strip. Strict OpenAI-compatible routes without a provider replay hook can still set dropReasoningFromHistory and remove reasoning_content from older replay turns before this transport code runs, leaving the new IDs only half fixed. Please share or mirror the suffix candidate logic and add transcript-policy/session-history coverage.
  Confidence: 0.86

Overall correctness: patch is incorrect
Overall confidence: 0.86

AGENTS.md: found and applied where relevant.

Codex review notes: model gpt-5.5, reasoning high; reviewed against 5216841a9e59.

Label changes

Label changes:

• add proof: sufficient: Contributor real behavior proof is sufficient. The PR body includes before/after terminal output from a local source smoke against the real buildOpenAICompletionsParams sanitizer, but no live OpenCode Zen endpoint run.
• add rating: 🦐 gold shrimp: Overall readiness is 🦐 gold shrimp; proof is 🐚 platinum hermit and patch quality is 🦐 gold shrimp.
• add status: ⏳ waiting on author: ClawSweeper has contributor-facing work open and is waiting for author action. Sufficient (terminal): The PR body includes before/after terminal output from a local source smoke against the real buildOpenAICompletionsParams sanitizer, but no live OpenCode Zen endpoint run.
• remove rating: 🐚 platinum hermit: Current PR rating is rating: 🦐 gold shrimp, so this older rating label is no longer current.
• remove status: 👀 ready for maintainer look: Current PR status label is status: ⏳ waiting on author.

Label justifications:

• P2: This is a normal-priority provider replay bug fix with bounded blast radius but real multi-turn session impact.
• merge-risk: 🚨 compatibility: The PR intentionally sends reasoning_content to additional tier-suffixed model IDs, which can affect providers whose suffix variants do not share the base model's replay contract.
• rating: 🦐 gold shrimp: Overall readiness is 🦐 gold shrimp; proof is 🐚 platinum hermit and patch quality is 🦐 gold shrimp.
• status: ⏳ waiting on author: ClawSweeper has contributor-facing work open and is waiting for author action. Sufficient (terminal): The PR body includes before/after terminal output from a local source smoke against the real buildOpenAICompletionsParams sanitizer, but no live OpenCode Zen endpoint run.
• proof: sufficient: Contributor real behavior proof is sufficient. The PR body includes before/after terminal output from a local source smoke against the real buildOpenAICompletionsParams sanitizer, but no live OpenCode Zen endpoint run.

Evidence reviewed

PR surface:

Source +28, Tests +176. Total +204 across 3 files.

View PR surface stats

Area	Files	Added	Removed	Net
Source	1	28	0	+28
Tests	2	176	0	+176
Docs	0	0	0	0
Config	0	0	0	0
Generated	0	0	0	0
Other	0	0	0	0
Total	3	204	0	+204

Acceptance criteria:

• [P1] node scripts/run-vitest.mjs src/agents/openai-transport-stream.test.ts src/agents/transcript-policy.test.ts.
• [P1] node scripts/run-vitest.mjs src/agents/embedded-agent-runner.sanitize-session-history.test.ts.
• [P1] corepack pnpm exec oxfmt --check src/agents/openai-transport-stream.ts src/agents/openai-transport-stream.test.ts src/agents/transcript-policy.ts src/agents/transcript-policy.test.ts src/agents/embedded-agent-runner.sanitize-session-history.test.ts.
• [P1] git diff --check.

What I checked:

• PR diff adds suffix normalization: The PR diff adds REASONING_CONTENT_REPLAY_TIER_SUFFIXES, strips those suffixes while building transport allowlist candidates, adds sanitizer regression coverage for OpenCode Zen, MiMo, and Kimi tier-suffixed IDs, and adds an optional OpenCode Zen live test. (src/agents/openai-transport-stream.ts:3398, 7685a75fb681)
• Current transport miss on main: Current main's transport allowlist includes bare replay-required model IDs and the candidate builder only checks the final path component plus colon parts, so deepseek-v4-flash-free does not match the deepseek-v4-flash allowlist entry. (src/agents/openai-transport-stream.ts:3386, 5216841a9e59)
• DeepSeek replay contract: The DeepSeek provider docs state that V4 thinking sessions expect replayed assistant messages from tool turns to include reasoning_content on follow-up requests. Public docs: docs/providers/deepseek.md. (docs/providers/deepseek.md:88, 5216841a9e59)
• Sibling transcript policy remains unsuffixed: The strict OpenAI-compatible transcript replay policy still has its own replay-required model-id candidate matcher without tier-suffix stripping, so unowned strict OpenAI-compatible historical replay can still drop reasoning for tier-suffixed IDs before transport shaping runs. (src/agents/transcript-policy.ts:169, 5216841a9e59)
• Prior replay matching changed both surfaces: The prior Kimi reasoning replay fix extended model-id matching in both src/agents/openai-transport-stream.ts and src/agents/transcript-policy.ts, which is the relevant sibling-surface precedent for this suffix matcher. (f8b7008f7c53)
• OpenCode provider context: The OpenCode Zen plugin registers the provider with passthrough replay hooks and no provider-local DeepSeek wrapper, so the shared OpenAI-compatible transport sanitizer remains the relevant boundary for the reported OpenCode Zen payload shape. (extensions/opencode/index.ts:35, 5216841a9e59)

Likely related people:

• steipete: Recent OpenClaw agent-runtime and OpenCode provider history points to this account, and the current PR head includes follow-up live-test commits from the same person. (role: recent area contributor; confidence: high; commits: bb46b79d3c14, 827b0de0ce74, 9e977d159039; files: src/agents/openai-transport-stream.ts, src/agents/transcript-policy.ts, extensions/opencode/index.ts)
• amknight: The Kimi reasoning replay fix in commit f8b7008f7c532838603faefd524935d53b8efb7b extended the same transport allowlist and transcript-policy matching surfaces used by this PR. (role: adjacent replay-fix contributor; confidence: medium; commits: f8b7008f7c53; files: src/agents/openai-transport-stream.ts, src/agents/transcript-policy.ts, extensions/kimi-coding/stream.ts)

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

[clawsweeper]

ClawSweeper PR egg: ✨ hatched 💎 rare Neon Review Wisp. Rarity: 💎 rare. Trait: guards the happy path.

Details

Share on X: post this hatch
Copy: My PR egg hatched a 💎 rare Neon Review Wisp in ClawSweeper.
Hatchability:

• Merged PRs are hatchable.
• Open PRs are hatchable when they are status: 👀 ready for maintainer look, status: 🚀 automerge armed, or labeled clawsweeper:automerge.
• Closed unmerged PRs are hatchable only when one of those hatchable labels is still present in the durable record.

About:

• Eggs appear after real-behavior proof passes. They are collectible flavor only.
• Review momentum changes the shell state: follow-up work warms it, re-review makes it wobble, and a clean final review lets it hatch.
• The hatch is seeded from this repository and PR number, so the same PR keeps the same creature; the reviewed head SHA can only change safe visual details.
• Rarity is just collectible sparkle: 🥚 common, 🌱 uncommon, 💎 rare, ✨ glimmer, and 🌈 legendary.

[steipete]

Verification before merge:

Behavior addressed: OpenCode Zen DeepSeek tier-suffixed model IDs now preserve replayed reasoning_content when thinking is enabled, instead of stripping it before the second turn.
Real environment tested: GitHub Actions repo secrets for OpenCode/OpenCode Zen, Blacksmith Testbox, local Node/Vitest.
Exact steps or command run after this patch:

• node scripts/run-vitest.mjs src/agents/openai-transport-stream.test.ts extensions/opencode/opencode.live.test.ts --run
• pnpm check:changed delegated to Blacksmith Testbox tbx_01ksqhwp5b75pqhb4abmf5dky2
• .agents/skills/autoreview/scripts/autoreview --mode branch --base origin/main
• focused live workflow OpenClaw Live And E2E Checks (Reusable) run 26583837284 with live_suite_filter=native-live-extensions-o-z-other
  Evidence after fix:
• Local focused Vitest: 2 files, 408 tests passed.
• Testbox changed check: exit 0.
• Autoreview: clean, no accepted/actionable findings.
• Live shard: validate_live_provider_suites (native-live-extensions-o-z-other) passed on SHA 7685a75fb681e5117bbf7b01070fd996203c1140.
• PR CI: required quality/security/build/type/lint checks green.
  Observed result after fix: extensions/opencode/opencode.live.test.ts passed live against deepseek-v4-flash-free, including replay after a tool call.
  What was not tested: no local OpenCode key was present, so live verification used GitHub repo secrets rather than a local OP-managed key.