Merge pull request #143 from sooth/codex/repl-memory-and-schema-hardening

[codex] fix: trim persisted tool results and sanitize MCP schemas

src/services/api/codexShim.test.ts

@@ -180,6 +180,47 @@ describe('Codex request translation', () => {
     ])
   })
 
+  test('sanitizes malformed enum/default values for Responses tool schemas', () => {
+    const tools = convertToolsToResponsesTools([
+      {
+        name: 'mcp__clientry__create_task',
+        description: 'Create a task',
+        input_schema: {
+          type: 'object',
+          properties: {
+            priority: {
+              type: 'integer',
+              description: 'Priority: 0=low, 1=medium, 2=high, 3=urgent',
+              default: true,
+              enum: [false, 0, 1, 2, 3],
+            },
+          },
+        },
+      },
+    ])
+
+    expect(tools).toEqual([
+      {
+        type: 'function',
+        name: 'mcp__clientry__create_task',
+        description: 'Create a task',
+        parameters: {
+          type: 'object',
+          properties: {
+            priority: {
+              type: 'integer',
+              description: 'Priority: 0=low, 1=medium, 2=high, 3=urgent',
+              enum: [0, 1, 2, 3],
+            },
+          },
+          required: ['priority'],
+          additionalProperties: false,
+        },
+        strict: true,
+      },
+    ])
+  })
+
   test('converts assistant tool use and user tool result into Responses items', () => {
     const items = convertAnthropicMessagesToResponsesInput([
       {

src/services/api/codexShim.ts

@@ -3,6 +3,7 @@ import type {
   ResolvedCodexCredentials,
   ResolvedProviderRequest,
 } from './providerConfig.js'
+import { sanitizeSchemaForOpenAICompat } from './openaiSchemaSanitizer.js'
 
 export interface AnthropicUsage {
   input_tokens: number
@@ -306,15 +307,8 @@ export function convertAnthropicMessagesToResponsesInput(
  * - Nested schemas (properties, items, anyOf/oneOf/allOf) are processed too
  */
 function enforceStrictSchema(schema: unknown): Record<string, unknown> {
-  if (!schema || typeof schema !== 'object' || Array.isArray(schema)) {
-    return (schema ?? {}) as Record<string, unknown>
-  }
+  const record = sanitizeSchemaForOpenAICompat(schema)
 
-  const record = { ...(schema as Record<string, unknown>) }
-
-  // Codex API strict schemas reject these JSON schema keywords
-  delete record.$schema
-  delete record.propertyNames
   // Codex Responses rejects JSON Schema's standard `uri` string format.
   // Keep URL validation in the tool layer and send a plain string here.
   if (record.format === 'uri') {

src/services/api/openaiSchemaSanitizer.ts

@@ -0,0 +1,216 @@
+function isSchemaRecord(value: unknown): value is Record<string, unknown> {
+  return value !== null && typeof value === 'object' && !Array.isArray(value)
+}
+
+function deepEqualJsonValue(a: unknown, b: unknown): boolean {
+  if (Object.is(a, b)) return true
+  if (typeof a !== typeof b) return false
+
+  if (Array.isArray(a) && Array.isArray(b)) {
+    return (
+      a.length === b.length &&
+      a.every((value, index) => deepEqualJsonValue(value, b[index]))
+    )
+  }
+
+  if (isSchemaRecord(a) && isSchemaRecord(b)) {
+    const aKeys = Object.keys(a)
+    const bKeys = Object.keys(b)
+    return (
+      aKeys.length === bKeys.length &&
+      aKeys.every(key => key in b && deepEqualJsonValue(a[key], b[key]))
+    )
+  }
+
+  return false
+}
+
+function matchesJsonSchemaType(type: string, value: unknown): boolean {
+  switch (type) {
+    case 'string':
+      return typeof value === 'string'
+    case 'number':
+      return typeof value === 'number' && Number.isFinite(value)
+    case 'integer':
+      return typeof value === 'number' && Number.isInteger(value)
+    case 'boolean':
+      return typeof value === 'boolean'
+    case 'object':
+      return value !== null && typeof value === 'object' && !Array.isArray(value)
+    case 'array':
+      return Array.isArray(value)
+    case 'null':
+      return value === null
+    default:
+      return true
+  }
+}
+
+function getJsonSchemaTypes(record: Record<string, unknown>): string[] {
+  const raw = record.type
+  if (typeof raw === 'string') {
+    return [raw]
+  }
+  if (Array.isArray(raw)) {
+    return raw.filter((value): value is string => typeof value === 'string')
+  }
+  return []
+}
+
+function schemaAllowsValue(schema: Record<string, unknown>, value: unknown): boolean {
+  if (Array.isArray(schema.anyOf)) {
+    return schema.anyOf.some(item =>
+      schemaAllowsValue(sanitizeSchemaForOpenAICompat(item), value),
+    )
+  }
+
+  if (Array.isArray(schema.oneOf)) {
+    return (
+      schema.oneOf.filter(item =>
+        schemaAllowsValue(sanitizeSchemaForOpenAICompat(item), value),
+      ).length === 1
+    )
+  }
+
+  if (Array.isArray(schema.allOf)) {
+    return schema.allOf.every(item =>
+      schemaAllowsValue(sanitizeSchemaForOpenAICompat(item), value),
+    )
+  }
+
+  if ('const' in schema && !deepEqualJsonValue(schema.const, value)) {
+    return false
+  }
+
+  if (Array.isArray(schema.enum)) {
+    if (!schema.enum.some(item => deepEqualJsonValue(item, value))) {
+      return false
+    }
+  }
+
+  const types = getJsonSchemaTypes(schema)
+  if (types.length > 0 && !types.some(type => matchesJsonSchemaType(type, value))) {
+    return false
+  }
+
+  return true
+}
+
+function sanitizeTypeField(record: Record<string, unknown>): void {
+  const allowed = new Set([
+    'string',
+    'number',
+    'integer',
+    'boolean',
+    'object',
+    'array',
+    'null',
+  ])
+
+  const raw = record.type
+  if (typeof raw === 'string') {
+    if (!allowed.has(raw)) delete record.type
+    return
+  }
+
+  if (!Array.isArray(raw)) return
+
+  const filtered = raw.filter(
+    (value, index): value is string =>
+      typeof value === 'string' &&
+      allowed.has(value) &&
+      raw.indexOf(value) === index,
+  )
+
+  if (filtered.length === 0) {
+    delete record.type
+  } else if (filtered.length === 1) {
+    record.type = filtered[0]
+  } else {
+    record.type = filtered
+  }
+}
+
+/**
+ * Sanitize loose/invalid JSON Schema into a form OpenAI-compatible providers
+ * are more likely to accept. This is intentionally defensive for external MCP
+ * servers that may advertise imperfect schemas.
+ */
+export function sanitizeSchemaForOpenAICompat(
+  schema: unknown,
+): Record<string, unknown> {
+  if (!isSchemaRecord(schema)) {
+    return {}
+  }
+
+  const record = { ...schema }
+
+  delete record.$schema
+  delete record.propertyNames
+
+  sanitizeTypeField(record)
+
+  if (isSchemaRecord(record.properties)) {
+    const sanitizedProps: Record<string, unknown> = {}
+    for (const [key, value] of Object.entries(record.properties)) {
+      sanitizedProps[key] = sanitizeSchemaForOpenAICompat(value)
+    }
+    record.properties = sanitizedProps
+  }
+
+  if ('items' in record) {
+    if (Array.isArray(record.items)) {
+      record.items = record.items.map(item =>
+        sanitizeSchemaForOpenAICompat(item),
+      )
+    } else {
+      record.items = sanitizeSchemaForOpenAICompat(record.items)
+    }
+  }
+
+  for (const key of ['anyOf', 'oneOf', 'allOf'] as const) {
+    if (Array.isArray(record[key])) {
+      record[key] = record[key].map(item =>
+        sanitizeSchemaForOpenAICompat(item),
+      )
+    }
+  }
+
+  if (Array.isArray(record.required) && isSchemaRecord(record.properties)) {
+    record.required = record.required.filter(
+      (value): value is string =>
+        typeof value === 'string' && value in record.properties,
+    )
+  }
+
+  const schemaWithoutEnum = { ...record }
+  delete schemaWithoutEnum.enum
+
+  if (Array.isArray(record.enum)) {
+    const filteredEnum = record.enum.filter(value =>
+      schemaAllowsValue(schemaWithoutEnum, value),
+    )
+    if (filteredEnum.length > 0) {
+      record.enum = filteredEnum
+    } else {
+      delete record.enum
+    }
+  }
+
+  const schemaWithoutConst = { ...record }
+  delete schemaWithoutConst.const
+  if ('const' in record && !schemaAllowsValue(schemaWithoutConst, record.const)) {
+    delete record.const
+  }
+
+  const schemaWithoutDefault = { ...record }
+  delete schemaWithoutDefault.default
+  if (
+    'default' in record &&
+    !schemaAllowsValue(schemaWithoutDefault, record.default)
+  ) {
+    delete record.default
+  }
+
+  return record
+}

src/services/api/openaiShim.test.ts

@@ -312,3 +312,77 @@ test('preserves Gemini tool call extra_content from streaming chunks', async ()
     },
   })
 })
+
+test('sanitizes malformed MCP tool schemas before sending them to OpenAI', async () => {
+  let requestBody: Record<string, unknown> | undefined
+
+  globalThis.fetch = (async (_input, init) => {
+    requestBody = JSON.parse(String(init?.body))
+
+    return new Response(
+      JSON.stringify({
+        id: 'chatcmpl-1',
+        model: 'gpt-4o',
+        choices: [
+          {
+            message: {
+              role: 'assistant',
+              content: 'ok',
+            },
+            finish_reason: 'stop',
+          },
+        ],
+        usage: {
+          prompt_tokens: 10,
+          completion_tokens: 1,
+          total_tokens: 11,
+        },
+      }),
+      {
+        headers: {
+          'Content-Type': 'application/json',
+        },
+      },
+    )
+  }) as FetchType
+
+  const client = createOpenAIShimClient({}) as OpenAIShimClient
+
+  await client.beta.messages.create({
+    model: 'gpt-4o',
+    system: 'test system',
+    messages: [{ role: 'user', content: 'hello' }],
+    tools: [
+      {
+        name: 'mcp__clientry__create_task',
+        description: 'Create a task',
+        input_schema: {
+          type: 'object',
+          properties: {
+            priority: {
+              type: 'integer',
+              description: 'Priority: 0=low, 1=medium, 2=high, 3=urgent',
+              default: true,
+              enum: [false, 0, 1, 2, 3],
+            },
+          },
+        },
+      },
+    ],
+    max_tokens: 64,
+    stream: false,
+  })
+
+  const parameters = (
+    requestBody?.tools as Array<{ function?: { parameters?: Record<string, unknown> } }>
+  )?.[0]?.function?.parameters
+  const properties = parameters?.properties as
+    | Record<string, { default?: unknown; enum?: unknown[]; type?: string }>
+    | undefined
+
+  expect(parameters?.additionalProperties).toBe(false)
+  expect(parameters?.required).toEqual(['priority'])
+  expect(properties?.priority?.type).toBe('integer')
+  expect(properties?.priority?.enum).toEqual([0, 1, 2, 3])
+  expect(properties?.priority).not.toHaveProperty('default')
+})

src/services/api/openaiShim.ts

@@ -39,6 +39,7 @@ import {
   resolveProviderRequest,
 } from './providerConfig.js'
 import { redactSecretValueForDisplay } from '../../utils/providerProfile.js'
+import { sanitizeSchemaForOpenAICompat } from './openaiSchemaSanitizer.js'
 
 const GITHUB_MODELS_DEFAULT_BASE = 'https://models.github.ai/inference'
 const GITHUB_API_VERSION = '2022-11-28'
@@ -270,11 +271,7 @@ function normalizeSchemaForOpenAI(
   schema: Record<string, unknown>,
   strict = true,
 ): Record<string, unknown> {
-  if (!schema || typeof schema !== 'object' || Array.isArray(schema)) {
-    return (schema ?? {}) as Record<string, unknown>
-  }
-
-  const record = { ...schema }
+  const record = sanitizeSchemaForOpenAICompat(schema)
 
   if (record.type === 'object' && record.properties) {
     const properties = record.properties as Record<string, Record<string, unknown>>