fix: clean up codex inline model api fallback (#39753) (thanks @justinhuangcode)

CHANGELOG.md

@@ -14,6 +14,7 @@ Docs: https://docs.openclaw.ai
 - Mattermost replies: keep `root_id` pinned to the existing thread root when an agent replies inside a thread, while still using reply-target threading for top-level posts. (#27744) thanks @hnykda.
 - Agents/failover: detect Amazon Bedrock `Too many tokens per day` quota errors as rate limits across fallback, cron retry, and memory embeddings while keeping context-window `too many tokens per request` errors out of the rate-limit lane. (#39377) Thanks @gambletan.
 - Android/Play distribution: remove self-update, background location, `screen.record`, and background mic capture from the Android app, narrow the foreground service to `dataSync` only, and clean up the legacy `location.enabledMode=always` preference migration. (#39660) Thanks @obviyus.
+- Agents/openai-codex model resolution: fall through from inline `openai-codex` model entries without an `api` so GPT-5.4 keeps the codex transport and still preserves configured `baseUrl` and headers. (#39753) Thanks @justinhuangcode.
 
 ## 2026.3.7
 

apps/macos/Sources/OpenClaw/HostEnvSecurityPolicy.generated.swift

@@ -22,7 +22,7 @@ enum HostEnvSecurityPolicy {
         "PS4",
         "GCONV_PATH",
         "IFS",
-        "SSLKEYLOGFILE",
+        "SSLKEYLOGFILE"
     ]
 
     static let blockedOverrideKeys: Set<String> = [
@@ -50,17 +50,17 @@ enum HostEnvSecurityPolicy {
         "OPENSSL_ENGINES",
         "PYTHONSTARTUP",
         "WGETRC",
-        "CURL_HOME",
+        "CURL_HOME"
     ]
 
     static let blockedOverridePrefixes: [String] = [
         "GIT_CONFIG_",
-        "NPM_CONFIG_",
+        "NPM_CONFIG_"
     ]
 
     static let blockedPrefixes: [String] = [
         "DYLD_",
         "LD_",
-        "BASH_FUNC_",
+        "BASH_FUNC_"
     ]
 }

src/agents/pi-embedded-runner/model.test.ts

@@ -641,14 +641,12 @@ describe("resolveModel", () => {
   it("uses codex fallback when inline model omits api (#39682)", () => {
     mockOpenAICodexTemplateModel();
 
-    // When a user lists gpt-5.4 under openai-codex models without specifying
-    // an api, the inline match must not shadow the forward-compat resolver
-    // that supplies "openai-codex-responses".
     const cfg: OpenClawConfig = {
       models: {
         providers: {
           "openai-codex": {
             baseUrl: "https://custom.example.com",
+            headers: { "X-Custom-Auth": "token-123" },
             models: [{ id: "gpt-5.4" }],
           },
         },
@@ -659,6 +657,8 @@ describe("resolveModel", () => {
     expect(result.error).toBeUndefined();
     expect(result.model).toMatchObject({
       api: "openai-codex-responses",
+      baseUrl: "https://custom.example.com",
+      headers: { "X-Custom-Auth": "token-123" },
       id: "gpt-5.4",
       provider: "openai-codex",
     });

src/agents/pi-embedded-runner/model.ts

@@ -160,13 +160,8 @@ export function resolveModelWithRegistry(params: {
   const inlineMatch = inlineModels.find(
     (entry) => normalizeProviderId(entry.provider) === normalizedProvider && entry.id === modelId,
   );
-  if (inlineMatch) {
-    // When the inline model already carries a concrete api, use it as-is.
-    // Otherwise fall through so forward-compat resolvers can supply the
-    // correct api (e.g. "openai-codex-responses" for gpt-5.4).  #39682
-    if (inlineMatch.api) {
-      return normalizeModelCompat(inlineMatch as Model<Api>);
-    }
+  if (inlineMatch?.api) {
+    return normalizeModelCompat(inlineMatch as Model<Api>);
   }
 
   // Forward-compat fallbacks must be checked BEFORE the generic providerCfg fallback.