@oh-my-pi/pi-ai 14.1.0 → 14.1.1

package/CHANGELOG.md

@@ -2,6 +2,24 @@
 
 ## [Unreleased]
 
+## [14.1.1] - 2026-04-14
+
+### Added
+
+- Added `toolStrictMode` compatibility option (`"all_strict"` or `"none"`) to OpenAI-compatible model config to force tool schemas to be sent uniformly strict, uniformly non-strict, or keep mixed per-tool behavior
+
+### Changed
+
+- Changed Cerebras OpenAI-compatible providers to default `toolStrictMode` to `"all_strict"` unless explicitly overridden
+
+### Fixed
+
+- Fixed OpenAI Completions handling for providers that reject mixed `strict` flags by automatically retrying with non-strict tool schemas when an initial all-strict tool request fails with strict-format 400/422 errors
+- Fixed OpenAI-completions error reporting by including captured JSON error body details such as type, param, and code when a request fails without a body in the thrown SDK error
+- Fixed shell execution failure responses to preserve all result fields when sanitizing, preventing truncated metadata in stream results
+- Fixed context overflow detection to recognize `model_context_window_exceeded` from z.ai / GLM providers, preventing infinite retry loops when context window is exceeded ([#638](https://github.com/can1357/oh-my-pi/issues/638))
+- Fixed strict tool schema enforcement to preserve `additionalProperties: false` and required keys for reused nested object schemas, preventing invalid `todo_write` function schemas in Codex/OpenAI requests
+
 ## [14.1.0] - 2026-04-11
 ### Added
 
@@ -31,6 +49,7 @@
 
 ### Removed
 - Removed Copilot JWT proxy-ep base URL resolution (no longer needed with opencode auth).
+
 ## [14.0.3] - 2026-04-09
 
 ### Fixed

package/package.json

@@ -1,7 +1,7 @@
 {
 	"type": "module",
 	"name": "@oh-my-pi/pi-ai",
-	"version": "14.1.0",
+	"version": "14.1.1",
 	"description": "Unified LLM API with automatic model discovery and provider configuration",
 	"homepage": "https://github.com/can1357/oh-my-pi",
 	"author": "Can Boluk",
@@ -45,14 +45,15 @@
 		"@aws-sdk/client-bedrock-runtime": "^3",
 		"@bufbuild/protobuf": "^2.11",
 		"@google/genai": "^1.43",
-		"@oh-my-pi/pi-utils": "14.1.0",
+		"@oh-my-pi/pi-natives": "workspace:*",
+		"@oh-my-pi/pi-utils": "workspace:*",
 		"@sinclair/typebox": "^0.34",
 		"@smithy/node-http-handler": "^4.4",
 		"ajv": "^8.18",
 		"ajv-formats": "^3.0",
 		"openai": "^6.25",
 		"partial-json": "^0.1",
-		"zod": "^4.3"
+		"zod": "4.3.6"
 	},
 	"devDependencies": {
 		"@types/bun": "^1.3"

package/src/model-thinking.ts

@@ -289,13 +289,6 @@ function applyAnthropicCatalogPolicy(model: ApiModel<Api>, parsedModel: Anthropi
 		model.cost.cacheWrite = 6.25;
 	}
 
-	// GitHub Copilot Opus 4.6: discovery currently reports a stale 144K prompt window,
-	// but the model supports a 1M context window. Keep the bundled catalog truthful
-	// until Copilot fixes the upstream metadata.
-	if (model.provider === "github-copilot" && parsedModel.kind === "opus" && semverEqual(parsedModel.version, "4.6")) {
-		model.contextWindow = 1000000;
-	}
-
 	// Bedrock Opus 4.6: upstream metadata is stale for cache pricing and context.
 	if (model.provider === "amazon-bedrock" && parsedModel.kind === "opus" && semverEqual(parsedModel.version, "4.6")) {
 		model.cost.cacheRead = 0.5;

package/src/models.json

@@ -4594,8 +4594,8 @@
 				"cacheRead": 0,
 				"cacheWrite": 0
 			},
-			"contextWindow": 144000,
-			"maxTokens": 32000,
+			"contextWindow": 136000,
+			"maxTokens": 64000,
 			"headers": {
 				"User-Agent": "opencode/1.3.15"
 			},
@@ -4623,7 +4623,7 @@
 				"cacheRead": 0,
 				"cacheWrite": 0
 			},
-			"contextWindow": 160000,
+			"contextWindow": 168000,
 			"maxTokens": 32000,
 			"headers": {
 				"User-Agent": "opencode/1.3.15"
@@ -4651,8 +4651,8 @@
 				"cacheRead": 0,
 				"cacheWrite": 0
 			},
-			"contextWindow": 1000000,
-			"maxTokens": 64000,
+			"contextWindow": 168000,
+			"maxTokens": 32000,
 			"headers": {
 				"User-Agent": "opencode/1.3.15"
 			},
@@ -4680,7 +4680,7 @@
 				"cacheRead": 0,
 				"cacheWrite": 0
 			},
-			"contextWindow": 216000,
+			"contextWindow": 128000,
 			"maxTokens": 16000,
 			"headers": {
 				"User-Agent": "opencode/1.3.15"
@@ -4708,7 +4708,7 @@
 				"cacheRead": 0,
 				"cacheWrite": 0
 			},
-			"contextWindow": 144000,
+			"contextWindow": 168000,
 			"maxTokens": 32000,
 			"headers": {
 				"User-Agent": "opencode/1.3.15"
@@ -4736,7 +4736,7 @@
 				"cacheRead": 0,
 				"cacheWrite": 0
 			},
-			"contextWindow": 200000,
+			"contextWindow": 168000,
 			"maxTokens": 32000,
 			"headers": {
 				"User-Agent": "opencode/1.3.15"
@@ -4858,7 +4858,7 @@
 				"cacheRead": 0,
 				"cacheWrite": 0
 			},
-			"contextWindow": 128000,
+			"contextWindow": 136000,
 			"maxTokens": 64000,
 			"headers": {
 				"User-Agent": "opencode/1.3.15"
@@ -4919,7 +4919,7 @@
 				"cacheRead": 0,
 				"cacheWrite": 0
 			},
-			"contextWindow": 128000,
+			"contextWindow": 64000,
 			"maxTokens": 4096,
 			"headers": {
 				"User-Agent": "opencode/1.3.15"
@@ -4976,7 +4976,7 @@
 				"cacheRead": 0,
 				"cacheWrite": 0
 			},
-			"contextWindow": 264000,
+			"contextWindow": 128000,
 			"maxTokens": 64000,
 			"headers": {
 				"User-Agent": "opencode/1.3.15"
@@ -5004,7 +5004,7 @@
 				"cacheRead": 0,
 				"cacheWrite": 0
 			},
-			"contextWindow": 264000,
+			"contextWindow": 128000,
 			"maxTokens": 64000,
 			"headers": {
 				"User-Agent": "opencode/1.3.15"
@@ -5116,8 +5116,8 @@
 				"cacheRead": 0,
 				"cacheWrite": 0
 			},
-			"contextWindow": 264000,
-			"maxTokens": 64000,
+			"contextWindow": 272000,
+			"maxTokens": 128000,
 			"headers": {
 				"User-Agent": "opencode/1.3.15"
 			},
@@ -5200,7 +5200,7 @@
 				"cacheRead": 0,
 				"cacheWrite": 0
 			},
-			"contextWindow": 400000,
+			"contextWindow": 272000,
 			"maxTokens": 128000,
 			"headers": {
 				"User-Agent": "opencode/1.3.15"
@@ -5228,7 +5228,7 @@
 				"cacheRead": 0,
 				"cacheWrite": 0
 			},
-			"contextWindow": 400000,
+			"contextWindow": 272000,
 			"maxTokens": 128000,
 			"headers": {
 				"User-Agent": "opencode/1.3.15"
@@ -5256,7 +5256,7 @@
 				"cacheRead": 0,
 				"cacheWrite": 0
 			},
-			"contextWindow": 128000,
+			"contextWindow": 192000,
 			"maxTokens": 64000,
 			"headers": {
 				"User-Agent": "opencode/1.3.15"

package/src/provider-models/openai-compat.ts

@@ -173,31 +173,36 @@ function createBundledReferenceMap<TApi extends Api>(
 	return references;
 }
 
-function shouldReplaceGlobalReference(existing: Model<Api> | undefined, candidate: Model<Api>): boolean {
-	if (!existing) return true;
-	if (candidate.contextWindow !== existing.contextWindow) {
-		return candidate.contextWindow > existing.contextWindow;
-	}
-	if (candidate.maxTokens !== existing.maxTokens) {
-		return candidate.maxTokens > existing.maxTokens;
-	}
-	// When limits tie, prefer OpenAI as the canonical reference so generic OpenAI-family
-	// providers inherit OpenAI pricing/capabilities instead of Copilot-specific metadata.
-	return existing.provider !== "openai" && candidate.provider === "openai";
-}
-
-function createGlobalReferenceMap(): Map<string, Model<Api>> {
-	const references = new Map<string, Model<Api>>();
+/**
+ * Returns a lookup that resolves a model ID to a bundled reference, preferring
+ * the provider-specific entry over a cross-provider fallback. The global fallback
+ * picks the best entry across all providers (largest contextWindow, then maxTokens,
+ * then canonical OpenAI), but proxy providers (Copilot, nanogpt, etc.) impose their
+ * own limits that are typically lower than native provider limits, so the
+ * provider-specific entry must win.
+ */
+function createReferenceResolver<TApi extends Api>(
+	providerRefs: Map<string, Model<TApi>>,
+): (modelId: string) => Model<TApi> | undefined {
+	const globalRefs = new Map<string, Model<Api>>();
 	for (const provider of getBundledProviders()) {
 		for (const model of getBundledModels(provider as Parameters<typeof getBundledModels>[0])) {
 			const candidate = model as Model<Api>;
-			const existing = references.get(candidate.id);
-			if (shouldReplaceGlobalReference(existing, candidate)) {
-				references.set(candidate.id, candidate);
+			const existing = globalRefs.get(candidate.id);
+			if (!existing) {
+				globalRefs.set(candidate.id, candidate);
+			} else if (candidate.contextWindow !== existing.contextWindow) {
+				if (candidate.contextWindow > existing.contextWindow) globalRefs.set(candidate.id, candidate);
+			} else if (candidate.maxTokens !== existing.maxTokens) {
+				if (candidate.maxTokens > existing.maxTokens) globalRefs.set(candidate.id, candidate);
+			} else if (existing.provider !== "openai" && candidate.provider === "openai") {
+				// When limits tie, prefer OpenAI as canonical so generic OpenAI-family
+				// providers inherit OpenAI pricing/capabilities instead of proxy metadata.
+				globalRefs.set(candidate.id, candidate);
 			}
 		}
 	}
-	return references;
+	return (modelId: string) => providerRefs.get(modelId) ?? (globalRefs.get(modelId) as Model<TApi> | undefined);
 }
 
 function normalizeAnthropicBaseUrl(baseUrl: string | undefined, fallback: string): string {
@@ -1384,10 +1389,9 @@ export function nanoGptModelManagerOptions(
 ): ModelManagerOptions<"openai-completions"> {
 	const apiKey = config?.apiKey;
 	const baseUrl = config?.baseUrl ?? "https://nano-gpt.com/api/v1";
-	const references = createBundledReferenceMap<"openai-completions">(
-		"nanogpt" as Parameters<typeof getBundledModels>[0],
+	const resolveReference = createReferenceResolver(
+		createBundledReferenceMap<"openai-completions">("nanogpt" as Parameters<typeof getBundledModels>[0]),
 	);
-	const globalReferences = createGlobalReferenceMap();
 	return {
 		providerId: "nanogpt",
 		...(apiKey && {
@@ -1400,14 +1404,7 @@ export function nanoGptModelManagerOptions(
 					baseUrl,
 					apiKey,
 					mapModel: (entry, defaults) => {
-						const providerReference = references.get(defaults.id);
-						const globalReference = globalReferences.get(defaults.id);
-						const reference =
-							providerReference && globalReference
-								? providerReference.contextWindow >= globalReference.contextWindow
-									? providerReference
-									: globalReference
-								: (providerReference ?? globalReference);
+						const reference = resolveReference(defaults.id);
 						const mapped = mapWithBundledReference(entry, defaults, reference);
 						return { ...mapped, api: "openai-completions", provider: "nanogpt" };
 					},
@@ -1475,15 +1472,15 @@ function extractCopilotLimits(entry: OpenAICompatibleModelRecord): {
 
 export function githubCopilotModelManagerOptions(config?: GithubCopilotModelManagerConfig): ModelManagerOptions<Api> {
 	const rawApiKey = config?.apiKey;
-	const baseUrl = config?.baseUrl ?? "https://api.githubcopilot.com";
+	const configuredBaseUrl = config?.baseUrl ?? "https://api.githubcopilot.com";
 	const parsedApiKey = rawApiKey ? parseGitHubCopilotApiKey(rawApiKey) : undefined;
 	const apiKey = parsedApiKey?.accessToken;
-	const resolvedBaseUrl =
-		parsedApiKey?.enterpriseUrl && baseUrl.includes("githubcopilot.com")
+	const baseUrl =
+		parsedApiKey?.enterpriseUrl && configuredBaseUrl.includes("githubcopilot.com")
 			? getGitHubCopilotBaseUrl(parsedApiKey.enterpriseUrl)
-			: baseUrl;
-	const references = createBundledReferenceMap<Api>("github-copilot");
-	const globalReferences = createGlobalReferenceMap();
+			: configuredBaseUrl;
+	const providerRefs = createBundledReferenceMap<Api>("github-copilot");
+	const resolveReference = createReferenceResolver(providerRefs);
 	return {
 		providerId: "github-copilot",
 		...(apiKey && {
@@ -1491,7 +1488,7 @@ export function githubCopilotModelManagerOptions(config?: GithubCopilotModelMana
 				fetchOpenAICompatibleModels<Api>({
 					api: "openai-completions",
 					provider: "github-copilot",
-					baseUrl: resolvedBaseUrl,
+					baseUrl,
 					apiKey,
 					headers: OPENCODE_HEADERS,
 					mapModel: (
@@ -1499,26 +1496,18 @@ export function githubCopilotModelManagerOptions(config?: GithubCopilotModelMana
 						defaults: Model<Api>,
 						_context: OpenAICompatibleModelMapperContext<Api>,
 					): Model<Api> => {
-						const providerReference = references.get(defaults.id);
-						const globalReference = globalReferences.get(defaults.id) as Model<Api> | undefined;
-						const reference =
-							providerReference && globalReference
-								? providerReference.contextWindow >= globalReference.contextWindow
-									? providerReference
-									: globalReference
-								: (providerReference ?? globalReference);
+						const reference = resolveReference(defaults.id);
 						const copilotLimits = extractCopilotLimits(entry);
-						// Copilot currently exposes token limits under capabilities.limits.*.
-						// Keep OpenAI-compatible fields as outer fallbacks for forward compatibility if
-						// `/models` starts returning context_length/max_completion_tokens in the future.
+						// Copilot exposes token limits under capabilities.limits.*.
+						// max_prompt_tokens is the prompt capacity (what OMP calls contextWindow).
+						// max_context_window_tokens is the total window (prompt + output budget)
+						// and must NOT be used for contextWindow — it inflates the limit and
+						// breaks compaction thresholds, overflow detection, and promotion.
 						const contextWindow = toPositiveNumber(
 							entry.context_length,
 							toPositiveNumber(
-								copilotLimits.maxContextWindowTokens,
-								toPositiveNumber(
-									copilotLimits.maxPromptTokens,
-									reference?.contextWindow ?? defaults.contextWindow,
-								),
+								copilotLimits.maxPromptTokens,
+								reference?.contextWindow ?? defaults.contextWindow,
 							),
 						);
 						const maxTokens = toPositiveNumber(
@@ -1545,7 +1534,7 @@ export function githubCopilotModelManagerOptions(config?: GithubCopilotModelMana
 								name,
 								contextWindow,
 								maxTokens,
-								headers: { ...OPENCODE_HEADERS, ...(providerReference?.headers ?? {}) },
+								headers: { ...OPENCODE_HEADERS, ...(providerRefs.get(defaults.id)?.headers ?? {}) },
 								...(api === "openai-completions"
 									? {
 											compat: {

package/src/providers/cursor.ts

@@ -3,6 +3,7 @@ import * as fs from "node:fs/promises";
 import http2 from "node:http2";
 import { create, fromBinary, fromJson, type JsonValue, toBinary, toJson } from "@bufbuild/protobuf";
 import { ValueSchema } from "@bufbuild/protobuf/wkt";
+import { sanitizeText } from "@oh-my-pi/pi-natives";
 import { $env } from "@oh-my-pi/pi-utils";
 import { calculateCost } from "../models";
 import type {
@@ -105,6 +106,7 @@ import {
 	type ShellArgs,
 	ShellFailureSchema,
 	ShellRejectedSchema,
+	type ShellResult,
 	ShellResultSchema,
 	type ShellStream,
 	ShellStreamExitSchema,
@@ -674,6 +676,31 @@ function sendShellStreamEvent(
 	sendExecClientMessage(h2Request, execMsg, "shellStream", create(ShellStreamSchema, { event }));
 }
 
+function sanitizeShellExecResult(execResult: ShellResult): ShellResult {
+	const result = execResult.result;
+	if (!result) return execResult;
+
+	switch (result.case) {
+		case "success":
+		case "failure": {
+			const value = result.value;
+			return {
+				...execResult,
+				result: {
+					case: result.case,
+					value: {
+						...value,
+						stdout: value.stdout ? sanitizeText(value.stdout) : value.stdout,
+						stderr: value.stderr ? sanitizeText(value.stderr) : value.stderr,
+					},
+				},
+			} as ShellResult;
+		}
+		default:
+			return execResult;
+	}
+}
+
 async function handleShellStreamArgs(
 	args: ShellArgs,
 	execMsg: ExecServerMessage,
@@ -695,18 +722,95 @@ async function handleShellStreamArgs(
 
 	sendShellStreamEvent(h2Request, execMsg, { case: "start", value: create(ShellStreamStartSchema, {}) });
 
+	// Buffer for incomplete ANSI sequences across chunks
+	let stdoutBuffer = "";
+	let stderrBuffer = "";
+
+	const incompleteEscapeRegex = /\x1b(|\[|\[\d*|\[\?|\[\?\d*|\]\d*;?)$/;
+
+	const flushStdout = () => {
+		if (stdoutBuffer) {
+			let safeEnd = stdoutBuffer.length;
+			const match = stdoutBuffer.match(incompleteEscapeRegex);
+			if (match && match[0].length > 0) {
+				safeEnd = stdoutBuffer.length - match[0].length;
+			}
+			const toSend = stdoutBuffer.slice(0, safeEnd);
+			const remaining = stdoutBuffer.slice(safeEnd);
+			if (toSend) {
+				sendShellStreamEvent(h2Request, execMsg, {
+					case: "stdout",
+					value: create(ShellStreamStdoutSchema, { data: sanitizeText(toSend) }),
+				});
+			}
+			stdoutBuffer = remaining;
+		}
+	};
+
+	const flushStderr = () => {
+		if (stderrBuffer) {
+			let safeEnd = stderrBuffer.length;
+			const match = stderrBuffer.match(incompleteEscapeRegex);
+			if (match && match[0].length > 0) {
+				safeEnd = stderrBuffer.length - match[0].length;
+			}
+			const toSend = stderrBuffer.slice(0, safeEnd);
+			const remaining = stderrBuffer.slice(safeEnd);
+			if (toSend) {
+				sendShellStreamEvent(h2Request, execMsg, {
+					case: "stderr",
+					value: create(ShellStreamStderrSchema, { data: sanitizeText(toSend) }),
+				});
+			}
+			stderrBuffer = remaining;
+		}
+	};
+
+	let stdoutFlushTimer: NodeJS.Timeout | null = null;
+	let stderrFlushTimer: NodeJS.Timeout | null = null;
+
+	const scheduleStdoutFlush = () => {
+		if (!stdoutFlushTimer) {
+			stdoutFlushTimer = setTimeout(() => {
+				stdoutFlushTimer = null;
+				flushStdout();
+			}, 100);
+		}
+	};
+
+	const scheduleStderrFlush = () => {
+		if (!stderrFlushTimer) {
+			stderrFlushTimer = setTimeout(() => {
+				stderrFlushTimer = null;
+				flushStderr();
+			}, 100);
+		}
+	};
+
 	const streamCallbacks: CursorShellStreamCallbacks = {
 		onStdout(data: string) {
-			sendShellStreamEvent(h2Request, execMsg, {
-				case: "stdout",
-				value: create(ShellStreamStdoutSchema, { data }),
-			});
+			stdoutBuffer += data;
+			if (stdoutBuffer.includes("\n") || stdoutBuffer.length > 4096) {
+				if (stdoutFlushTimer) {
+					clearTimeout(stdoutFlushTimer);
+					stdoutFlushTimer = null;
+				}
+				flushStdout();
+			} else {
+				scheduleStdoutFlush();
+			}
 		},
 		onStderr(data: string) {
-			sendShellStreamEvent(h2Request, execMsg, {
-				case: "stderr",
-				value: create(ShellStreamStderrSchema, { data }),
-			});
+			stderrBuffer += data;
+			if (stderrBuffer.includes("\n") || stderrBuffer.length > 4096) {
+				if (stderrFlushTimer) {
+					clearTimeout(stderrFlushTimer);
+					stderrFlushTimer = null;
+				}
+				flushStderr();
+			} else {
+				scheduleStderrFlush();
+			}
 		},
 	};
 
@@ -730,10 +834,18 @@ async function handleShellStreamArgs(
 	// When using the batch handler (no shellStream), send buffered stdout/stderr
 	// after execution completes. With shellStream these were already sent in real time.
 	const sendBufferedOutput = !streamHandler;
-	sendShellStreamExitFromResult(h2Request, execMsg, execResult, sendBufferedOutput);
+	const sanitizedExecResult = sanitizeShellExecResult(execResult);
+
+	// Flush any remaining buffered output before sending results
+	if (stdoutFlushTimer) clearTimeout(stdoutFlushTimer);
+	if (stderrFlushTimer) clearTimeout(stderrFlushTimer);
+	flushStdout();
+	flushStderr();
+
+	sendShellStreamExitFromResult(h2Request, execMsg, sanitizedExecResult, sendBufferedOutput);
 	// Cursor can keep the turn pending when it receives only stream deltas.
 	// Send the final structured shellResult as completion acknowledgement.
-	sendExecClientMessage(h2Request, execMsg, "shellResult", execResult);
+	sendExecClientMessage(h2Request, execMsg, "shellResult", sanitizedExecResult);
 	sendExecClientStreamClose(h2Request, execMsg);
 
 	log("shellStream", "done", { elapsed: Date.now() - startTs });
@@ -742,7 +854,7 @@ async function handleShellStreamArgs(
 function sendShellStreamExitFromResult(
 	h2Request: http2.ClientHttp2Stream,
 	execMsg: ExecServerMessage,
-	execResult: { result: { case?: string; value?: any } },
+	execResult: ShellResult,
 	sendBufferedOutput: boolean,
 ): void {
 	const result = execResult.result;
@@ -753,13 +865,13 @@ function sendShellStreamExitFromResult(
 				if (value.stdout) {
 					sendShellStreamEvent(h2Request, execMsg, {
 						case: "stdout",
-						value: create(ShellStreamStdoutSchema, { data: value.stdout }),
+						value: create(ShellStreamStdoutSchema, { data: sanitizeText(value.stdout) }),
 					});
 				}
 				if (value.stderr) {
 					sendShellStreamEvent(h2Request, execMsg, {
 						case: "stderr",
-						value: create(ShellStreamStderrSchema, { data: value.stderr }),
+						value: create(ShellStreamStderrSchema, { data: sanitizeText(value.stderr) }),
 					});
 				}
 			}
@@ -779,13 +891,13 @@ function sendShellStreamExitFromResult(
 				if (value.stdout) {
 					sendShellStreamEvent(h2Request, execMsg, {
 						case: "stdout",
-						value: create(ShellStreamStdoutSchema, { data: value.stdout }),
+						value: create(ShellStreamStdoutSchema, { data: sanitizeText(value.stdout) }),
 					});
 				}
 				if (value.stderr) {
 					sendShellStreamEvent(h2Request, execMsg, {
 						case: "stderr",
-						value: create(ShellStreamStderrSchema, { data: value.stderr }),
+						value: create(ShellStreamStderrSchema, { data: sanitizeText(value.stderr) }),
 					});
 				}
 			}
@@ -970,7 +1082,8 @@ async function handleExecServerMessage(
 				reason => buildShellRejectedResult(normalizedArgs.command, normalizedArgs.workingDirectory, reason),
 				error => buildShellFailureResult(normalizedArgs.command, normalizedArgs.workingDirectory, error),
 			);
-			sendExecClientMessage(h2Request, execMsg, "shellResult", execResult);
+			const sanitizedExecResult = sanitizeShellExecResult(execResult);
+			sendExecClientMessage(h2Request, execMsg, "shellResult", sanitizedExecResult);
 			return;
 		}
 		case "shellStreamArgs": {

package/src/providers/openai-completions-compat.ts

@@ -1,13 +1,15 @@
 import type { Model, OpenAICompat } from "../types";
 
 type OpenAIReasoningEffort = "minimal" | "low" | "medium" | "high" | "xhigh";
+type ResolvedToolStrictMode = NonNullable<OpenAICompat["toolStrictMode"]> | "mixed";
 
 export type ResolvedOpenAICompat = Required<
-	Omit<OpenAICompat, "openRouterRouting" | "vercelGatewayRouting" | "extraBody">
+	Omit<OpenAICompat, "openRouterRouting" | "vercelGatewayRouting" | "extraBody" | "toolStrictMode">
 > & {
 	openRouterRouting?: OpenAICompat["openRouterRouting"];
 	vercelGatewayRouting?: OpenAICompat["vercelGatewayRouting"];
 	extraBody?: OpenAICompat["extraBody"];
+	toolStrictMode: ResolvedToolStrictMode;
 };
 
 function detectStrictModeSupport(provider: string, baseUrl: string): boolean {
@@ -109,6 +111,7 @@ export function detectOpenAICompat(model: Model<"openai-completions">, resolvedB
 		vercelGatewayRouting: undefined,
 		supportsStrictMode: detectStrictModeSupport(provider, baseUrl),
 		extraBody: undefined,
+		toolStrictMode: isCerebras ? "all_strict" : "mixed",
 	};
 }
 
@@ -151,5 +154,6 @@ export function resolveOpenAICompat(
 		vercelGatewayRouting: model.compat.vercelGatewayRouting ?? detected.vercelGatewayRouting,
 		supportsStrictMode: model.compat.supportsStrictMode ?? detected.supportsStrictMode,
 		extraBody: model.compat.extraBody,
+		toolStrictMode: model.compat.toolStrictMode ?? detected.toolStrictMode,
 	};
 }

package/src/providers/openai-completions.ts

@@ -31,7 +31,12 @@ import {
 } from "../types";
 import { createAbortSourceTracker } from "../utils/abort";
 import { AssistantMessageEventStream } from "../utils/event-stream";
-import { finalizeErrorMessage, type RawHttpRequestDump, rewriteCopilotAuthError } from "../utils/http-inspector";
+import {
+	type CapturedHttpErrorResponse,
+	finalizeErrorMessage,
+	type RawHttpRequestDump,
+	rewriteCopilotAuthError,
+} from "../utils/http-inspector";
 import {
 	createFirstEventWatchdog,
 	getOpenAIStreamIdleTimeoutMs,
@@ -42,6 +47,7 @@ import {
 import { parseStreamingJson } from "../utils/json-parse";
 import { parseGitHubCopilotApiKey } from "../utils/oauth/github-copilot";
 import { getKimiCommonHeaders } from "../utils/oauth/kimi";
+import { extractHttpStatusFromError } from "../utils/retry";
 import { adaptSchemaForStrict, NO_STRICT } from "../utils/schema";
 import { mapToOpenAICompletionsToolChoice } from "../utils/tool-choice";
 import {
@@ -126,6 +132,14 @@ type OpenAICompletionsSamplingParams = OpenAI.Chat.Completions.ChatCompletionCre
 	repetition_penalty?: number;
 };
 
+type AppliedToolStrictMode = "mixed" | "all_strict" | "none";
+type ToolStrictModeOverride = Exclude<ResolvedOpenAICompat["toolStrictMode"], "mixed"> | undefined;
+
+type BuiltOpenAICompletionTools = {
+	tools: OpenAI.Chat.Completions.ChatCompletionTool[];
+	toolStrictMode: AppliedToolStrictMode;
+};
+
 // LIMITATION: The think tag parser uses naive string matching for <think>/<thinking> tags.
 // If MiniMax models output these literal strings in code blocks, XML examples, or explanations,
 // they will be incorrectly consumed as thinking delimiters, truncating visible output.
@@ -177,6 +191,7 @@ export const streamOpenAICompletions: StreamFunction<"openai-completions"> = (
 	(async () => {
 		const startTime = Date.now();
 		let firstTokenTime: number | undefined;
+		let getCapturedErrorResponse: (() => CapturedHttpErrorResponse | undefined) | undefined;
 
 		const output: AssistantMessage = {
 			role: "assistant",
@@ -203,24 +218,42 @@ export const streamOpenAICompletions: StreamFunction<"openai-completions"> = (
 		try {
 			const apiKey = options?.apiKey || getEnvApiKey(model.provider) || "";
 			const idleTimeoutMs = getOpenAIStreamIdleTimeoutMs();
-			const { client, copilotPremiumRequests, baseUrl } = await createClient(
-				model,
-				context,
-				apiKey,
-				options?.headers,
-				options?.initiatorOverride,
-			);
-			const params = buildParams(model, context, options, baseUrl);
-			options?.onPayload?.(params);
-			rawRequestDump = {
-				provider: model.provider,
-				api: output.api,
-				model: model.id,
-				method: "POST",
-				url: `${baseUrl}/chat/completions`,
-				body: params,
+			const {
+				client,
+				copilotPremiumRequests,
+				baseUrl,
+				requestHeaders,
+				getCapturedErrorResponse: captureErrorResponse,
+				clearCapturedErrorResponse,
+			} = await createClient(model, context, apiKey, options?.headers, options?.initiatorOverride);
+			getCapturedErrorResponse = captureErrorResponse;
+			let appliedToolStrictMode: AppliedToolStrictMode = "mixed";
+			const createCompletionsStream = async (toolStrictModeOverride?: ToolStrictModeOverride) => {
+				clearCapturedErrorResponse();
+				const { params, toolStrictMode } = buildParams(model, context, options, baseUrl, toolStrictModeOverride);
+				appliedToolStrictMode = toolStrictMode;
+				options?.onPayload?.(params);
+				rawRequestDump = {
+					provider: model.provider,
+					api: output.api,
+					model: model.id,
+					method: "POST",
+					url: `${baseUrl}/chat/completions`,
+					headers: requestHeaders,
+					body: params,
+				};
+				return client.chat.completions.create(params, { signal: requestSignal });
 			};
-			const openaiStream = await client.chat.completions.create(params, { signal: requestSignal });
+			let openaiStream: AsyncIterable<ChatCompletionChunk>;
+			try {
+				openaiStream = await createCompletionsStream();
+			} catch (error) {
+				const capturedErrorResponse = getCapturedErrorResponse();
+				if (!shouldRetryWithoutStrictTools(error, capturedErrorResponse, appliedToolStrictMode, context.tools)) {
+					throw error;
+				}
+				openaiStream = await createCompletionsStream("none");
+			}
 			const firstEventWatchdog = createFirstEventWatchdog(
 				options?.streamFirstEventTimeoutMs ?? getStreamFirstEventTimeoutMs(idleTimeoutMs),
 				() => abortTracker.abortLocally(firstEventTimeoutAbortError),
@@ -513,7 +546,9 @@ export const streamOpenAICompletions: StreamFunction<"openai-completions"> = (
 			for (const block of output.content) delete (block as any).index;
 			const firstEventTimeoutError = abortTracker.getLocalAbortReason();
 			output.stopReason = abortTracker.wasCallerAbort() ? "aborted" : "error";
-			output.errorMessage = firstEventTimeoutError?.message ?? (await finalizeErrorMessage(error, rawRequestDump));
+			output.errorMessage =
+				firstEventTimeoutError?.message ??
+				(await finalizeErrorMessage(error, rawRequestDump, getCapturedErrorResponse?.()));
 			// Some providers via OpenRouter include extra details here.
 			const rawMetadata = (error as { error?: { metadata?: { raw?: string } } })?.error?.metadata?.raw;
 			if (rawMetadata) output.errorMessage += `\n${rawMetadata}`;
@@ -538,6 +573,9 @@ async function createClient(
 	client: OpenAI;
 	copilotPremiumRequests: number | undefined;
 	baseUrl: string | undefined;
+	requestHeaders: Record<string, string>;
+	getCapturedErrorResponse: () => CapturedHttpErrorResponse | undefined;
+	clearCapturedErrorResponse: () => void;
 }> {
 	if (!apiKey) {
 		if (!$env.OPENAI_API_KEY) {
@@ -573,6 +611,34 @@ async function createClient(
 		copilotPremiumRequests = copilot.premiumRequests;
 		baseUrl = resolveGitHubCopilotBaseUrl(model.baseUrl, rawApiKey) ?? model.baseUrl;
 	}
+	let capturedErrorResponse: CapturedHttpErrorResponse | undefined;
+	const wrappedFetch = Object.assign(
+		async (input: string | URL | Request, init?: RequestInit): Promise<Response> => {
+			const response = await fetch(input, init);
+			if (response.ok) {
+				capturedErrorResponse = undefined;
+				return response;
+			}
+			let bodyText: string | undefined;
+			let bodyJson: unknown;
+			try {
+				bodyText = await response.clone().text();
+				if (bodyText.trim().length > 0) {
+					try {
+						bodyJson = JSON.parse(bodyText);
+					} catch {}
+				}
+			} catch {}
+			capturedErrorResponse = {
+				status: response.status,
+				headers: response.headers,
+				bodyText,
+				bodyJson,
+			};
+			return response;
+		},
+		{ preconnect: fetch.preconnect },
+	);
 	return {
 		client: new OpenAI({
 			apiKey,
@@ -580,9 +646,15 @@ async function createClient(
 			dangerouslyAllowBrowser: true,
 			maxRetries: 5,
 			defaultHeaders: headers,
+			fetch: wrappedFetch,
 		}),
 		copilotPremiumRequests,
 		baseUrl,
+		requestHeaders: headers,
+		getCapturedErrorResponse: () => capturedErrorResponse,
+		clearCapturedErrorResponse: () => {
+			capturedErrorResponse = undefined;
+		},
 	};
 }
 
@@ -591,7 +663,8 @@ function buildParams(
 	context: Context,
 	options: OpenAICompletionsOptions | undefined,
 	resolvedBaseUrl?: string,
-) {
+	toolStrictModeOverride?: ToolStrictModeOverride,
+): { params: OpenAICompletionsSamplingParams; toolStrictMode: AppliedToolStrictMode } {
 	const compat = getCompat(model, resolvedBaseUrl);
 	const messages = convertMessages(model, context, compat);
 	maybeAddOpenRouterAnthropicCacheControl(model, messages);
@@ -607,6 +680,7 @@ function buildParams(
 		messages,
 		stream: true,
 	};
+	let toolStrictMode: AppliedToolStrictMode = "none";
 
 	if (compat.supportsUsageInStreaming !== false) {
 		(params as { stream_options?: { include_usage: boolean } }).stream_options = { include_usage: true };
@@ -647,7 +721,9 @@ function buildParams(
 	}
 
 	if (context.tools) {
-		params.tools = convertTools(context.tools, compat);
+		const builtTools = convertTools(context.tools, compat, toolStrictModeOverride);
+		params.tools = builtTools.tools;
+		toolStrictMode = builtTools.toolStrictMode;
 	} else if (hasToolHistory(context.messages)) {
 		// Anthropic (via LiteLLM/proxy) requires tools param when conversation has tool_calls/tool_results
 		params.tools = [];
@@ -697,7 +773,14 @@ function buildParams(
 		Object.assign(params, compat.extraBody);
 	}
 
-	return params;
+	return buildParamsResult(params, toolStrictMode);
+}
+
+function buildParamsResult(
+	params: OpenAICompletionsSamplingParams,
+	toolStrictMode: AppliedToolStrictMode,
+): { params: OpenAICompletionsSamplingParams; toolStrictMode: AppliedToolStrictMode } {
+	return { params, toolStrictMode };
 }
 
 function getOptionalNumberProperty(value: object, key: string): number | undefined {
@@ -1102,22 +1185,68 @@ export function convertMessages(
 	return params;
 }
 
-function convertTools(tools: Tool[], compat: ResolvedOpenAICompat): OpenAI.Chat.Completions.ChatCompletionTool[] {
-	return tools.map(tool => {
+function convertTools(
+	tools: Tool[],
+	compat: ResolvedOpenAICompat,
+	toolStrictModeOverride?: ToolStrictModeOverride,
+): BuiltOpenAICompletionTools {
+	const adaptedTools = tools.map(tool => {
 		const strict = !NO_STRICT && compat.supportsStrictMode !== false && tool.strict !== false;
 		const baseParameters = tool.parameters as unknown as Record<string, unknown>;
-		const { schema: parameters, strict: effectiveStrict } = adaptSchemaForStrict(baseParameters, strict);
+		const adapted = adaptSchemaForStrict(baseParameters, strict);
 		return {
-			type: "function",
-			function: {
-				name: tool.name,
-				description: tool.description || "",
-				parameters,
-				// Only include strict if provider supports it. Some reject unknown fields.
-				...(effectiveStrict && { strict: true }),
-			},
+			tool,
+			baseParameters,
+			parameters: adapted.schema,
+			strict: adapted.strict,
 		};
 	});
+
+	const requestedStrictMode = toolStrictModeOverride ?? compat.toolStrictMode;
+	const toolStrictMode =
+		requestedStrictMode === "none"
+			? "none"
+			: requestedStrictMode === "all_strict"
+				? adaptedTools.every(tool => tool.strict)
+					? "all_strict"
+					: "none"
+				: "mixed";
+
+	return {
+		tools: adaptedTools.map(({ tool, baseParameters, parameters, strict }) => {
+			const includeStrict = toolStrictMode === "all_strict" || (toolStrictMode === "mixed" && strict);
+			return {
+				type: "function",
+				function: {
+					name: tool.name,
+					description: tool.description || "",
+					parameters: includeStrict ? parameters : baseParameters,
+					// Only include strict if provider supports it. Some reject unknown fields.
+					...(includeStrict && { strict: true }),
+				},
+			};
+		}),
+		toolStrictMode,
+	};
+}
+
+function shouldRetryWithoutStrictTools(
+	error: unknown,
+	capturedErrorResponse: CapturedHttpErrorResponse | undefined,
+	toolStrictMode: AppliedToolStrictMode,
+	tools: Tool[] | undefined,
+): boolean {
+	if (!tools || tools.length === 0 || toolStrictMode !== "all_strict") {
+		return false;
+	}
+	const status = extractHttpStatusFromError(error) ?? capturedErrorResponse?.status;
+	if (status !== 400 && status !== 422) {
+		return false;
+	}
+	const messageParts = [error instanceof Error ? error.message : undefined, capturedErrorResponse?.bodyText]
+		.filter((value): value is string => typeof value === "string" && value.trim().length > 0)
+		.join("\n");
+	return /wrong_api_format|mixed values for 'strict'|tool[s]?\b.*strict|\bstrict\b.*tool/i.test(messageParts);
 }
 
 function mapStopReason(reason: ChatCompletionChunk.Choice["finish_reason"] | string): {

package/src/types.ts

@@ -483,6 +483,8 @@ export interface OpenAICompat {
 	extraBody?: Record<string, unknown>;
 	/** Whether the provider supports the `strict` field in tool definitions. Default: auto-detected per provider/baseUrl (conservative for unknown providers). */
 	supportsStrictMode?: boolean;
+	/** Whether tool schemas must be sent either all strict or all non-strict. Undefined keeps the existing per-tool mixed behavior. */
+	toolStrictMode?: "all_strict" | "none";
 }
 
 /**

package/src/utils/http-inspector.ts

@@ -13,6 +13,13 @@ export type RawHttpRequestDump = {
 	body?: unknown;
 };
 
+export type CapturedHttpErrorResponse = {
+	status: number;
+	headers?: Headers;
+	bodyText?: string;
+	bodyJson?: unknown;
+};
+
 type ErrorWithStatus = {
 	status?: unknown;
 };
@@ -44,8 +51,18 @@ export async function appendRawHttpRequestDumpFor400(
 export async function finalizeErrorMessage(
 	error: unknown,
 	rawRequestDump: RawHttpRequestDump | undefined,
+	capturedErrorResponse?: CapturedHttpErrorResponse,
 ): Promise<string> {
-	return appendRawHttpRequestDumpFor400(formatErrorMessageWithRetryAfter(error), error, rawRequestDump);
+	let message = formatErrorMessageWithRetryAfter(error, capturedErrorResponse?.headers);
+	const capturedMessage = formatCapturedHttpError(capturedErrorResponse);
+	if (capturedMessage) {
+		if (/\bstatus code\s*\(no body\)/i.test(message)) {
+			message = `${capturedErrorResponse?.status ?? "HTTP"} status code: ${capturedMessage}`;
+		} else if (!message.includes(capturedMessage)) {
+			message = `${message}\n${capturedMessage}`;
+		}
+	}
+	return appendRawHttpRequestDumpFor400(message, error, rawRequestDump);
 }
 
 export function withHttpStatus(error: unknown, status: number): Error {
@@ -96,3 +113,53 @@ function redactHeaders(headers: Record<string, string> | undefined): Record<stri
 	}
 	return redacted;
 }
+
+function formatCapturedHttpError(captured: CapturedHttpErrorResponse | undefined): string | undefined {
+	if (!captured) return undefined;
+	const bodyText = captured.bodyText?.trim();
+	if (!bodyText) return undefined;
+	const payload = parseCapturedErrorPayload(captured);
+	if (!payload) return bodyText;
+
+	const errorPayload = getObjectProperty(payload, "error") ?? payload;
+	const message = getStringProperty(errorPayload, "message") ?? getStringProperty(payload, "message") ?? bodyText;
+	const extras = [
+		getStringProperty(errorPayload, "type") ?? getStringProperty(payload, "type"),
+		getStringProperty(errorPayload, "param") ?? getStringProperty(payload, "param"),
+		getStringProperty(errorPayload, "code") ?? getStringProperty(payload, "code"),
+	]
+		.filter(Boolean)
+		.map((value, index) => {
+			if (index === 0) return `type=${value}`;
+			if (index === 1) return `param=${value}`;
+			return `code=${value}`;
+		});
+	return extras.length > 0 ? `${message} (${extras.join(" ")})` : message;
+}
+
+function parseCapturedErrorPayload(captured: CapturedHttpErrorResponse): Record<string, unknown> | undefined {
+	if (isObject(captured.bodyJson)) {
+		return captured.bodyJson;
+	}
+	if (!captured.bodyText) return undefined;
+	try {
+		const parsed = JSON.parse(captured.bodyText);
+		return isObject(parsed) ? parsed : undefined;
+	} catch {
+		return undefined;
+	}
+}
+
+function getObjectProperty(value: Record<string, unknown>, key: string): Record<string, unknown> | undefined {
+	const property = value[key];
+	return isObject(property) ? property : undefined;
+}
+
+function getStringProperty(value: Record<string, unknown>, key: string): string | undefined {
+	const property = value[key];
+	return typeof property === "string" && property.trim().length > 0 ? property : undefined;
+}
+
+function isObject(value: unknown): value is Record<string, unknown> {
+	return typeof value === "object" && value !== null && !Array.isArray(value);
+}

package/src/utils/overflow.ts

@@ -21,6 +21,7 @@ import type { AssistantMessage } from "../types";
  * - Kimi For Coding: "Your request exceeded model token limit: X (requested: Y)"
  * - Anthropic 413: "request_too_large" / "Request exceeds the maximum size" (payload too large)
  * - HTTP 413 variants: "Payload Too Large" / "Request Entity Too Large"
+ * - z.ai / GLM: Returns finish_reason: "model_context_window_exceeded" mapped to error message
  * - z.ai: Does NOT error, accepts overflow silently - handled via usage.input > contextWindow
  * - Ollama: Silently truncates input - not detectable via error message
  */
@@ -49,6 +50,7 @@ const OVERFLOW_PATTERNS = [
 	/payload too large/i, // Generic HTTP 413 variant
 	/entity too large/i, // Generic HTTP 413 variant
 	/\b413\b.*\b(request|payload|entity)\b.*\btoo large\b/i, // "413 Request Entity Too Large" variants
+	/model_context_window_exceeded/i, // z.ai non-standard finish_reason surfaced as error text
 ];
 /**
  * Check if an assistant message represents a context overflow error.

package/src/utils/schema/strict-mode.ts

@@ -88,8 +88,12 @@ function hasUnrepresentableStrictObjectMap(schema: Record<string, unknown>, seen
 export function sanitizeSchemaForStrictMode(
 	schema: Record<string, unknown>,
 	seen?: WeakSet<object>,
+	cache?: WeakMap<Record<string, unknown>, Record<string, unknown>>,
 ): Record<string, unknown> {
 	if (!seen) seen = new WeakSet();
+	if (!cache) cache = new WeakMap();
+	const cached = cache.get(schema);
+	if (cached) return cached;
 	if (seen.has(schema)) return {};
 	seen.add(schema);
 	const typeValue = schema.type;
@@ -98,8 +102,10 @@ export function sanitizeSchemaForStrictMode(
 		const schemaWithoutType = { ...schema };
 		delete schemaWithoutType.type;
 
-		const sanitizedWithoutType = sanitizeSchemaForStrictMode(schemaWithoutType, seen);
+		const sanitizedWithoutType = sanitizeSchemaForStrictMode(schemaWithoutType, seen, cache);
 		if (typeVariants.length === 0) {
+			cache.set(schema, sanitizedWithoutType);
+			seen.delete(schema);
 			return sanitizedWithoutType;
 		}
 
@@ -113,19 +119,25 @@ export function sanitizeSchemaForStrictMode(
 			if (variantType !== "array") {
 				delete variantSchema.items;
 			}
-			return sanitizeSchemaForStrictMode(variantSchema, seen);
+			return sanitizeSchemaForStrictMode(variantSchema, seen, cache);
 		});
 
 		if (variants.length === 1) {
+			cache.set(schema, variants[0] as Record<string, unknown>);
+			seen.delete(schema);
 			return variants[0] as Record<string, unknown>;
 		}
 
-		return {
+		const result = {
 			anyOf: variants,
 		};
+		cache.set(schema, result);
+		seen.delete(schema);
+		return result;
 	}
 
 	const sanitized: Record<string, unknown> = {};
+	cache.set(schema, sanitized);
 	for (const [key, value] of Object.entries(schema)) {
 		if (NON_STRUCTURAL_SCHEMA_KEYS.has(key) || key === "type" || key === "const" || key === "nullable") {
 			continue;
@@ -135,7 +147,7 @@ export function sanitizeSchemaForStrictMode(
 			const properties = Object.fromEntries(
 				Object.entries(value).map(([propertyName, propertySchema]) => [
 					propertyName,
-					isJsonObject(propertySchema) ? sanitizeSchemaForStrictMode(propertySchema, seen) : propertySchema,
+					isJsonObject(propertySchema) ? sanitizeSchemaForStrictMode(propertySchema, seen, cache) : propertySchema,
 				]),
 			);
 			sanitized.properties = properties;
@@ -144,10 +156,10 @@ export function sanitizeSchemaForStrictMode(
 
 		if (key === "items") {
 			if (isJsonObject(value)) {
-				sanitized.items = sanitizeSchemaForStrictMode(value, seen);
+				sanitized.items = sanitizeSchemaForStrictMode(value, seen, cache);
 			} else if (Array.isArray(value)) {
 				sanitized.items = value.map(entry =>
-					isJsonObject(entry) ? sanitizeSchemaForStrictMode(entry, seen) : entry,
+					isJsonObject(entry) ? sanitizeSchemaForStrictMode(entry, seen, cache) : entry,
 				);
 			} else {
 				sanitized.items = value;
@@ -156,7 +168,9 @@ export function sanitizeSchemaForStrictMode(
 		}
 
 		if (COMBINATOR_KEYS.includes(key as (typeof COMBINATOR_KEYS)[number]) && Array.isArray(value)) {
-			sanitized[key] = value.map(entry => (isJsonObject(entry) ? sanitizeSchemaForStrictMode(entry, seen) : entry));
+			sanitized[key] = value.map(entry =>
+				isJsonObject(entry) ? sanitizeSchemaForStrictMode(entry, seen, cache) : entry,
+			);
 			continue;
 		}
 
@@ -164,7 +178,9 @@ export function sanitizeSchemaForStrictMode(
 			sanitized[key] = Object.fromEntries(
 				Object.entries(value).map(([definitionName, definitionSchema]) => [
 					definitionName,
-					isJsonObject(definitionSchema) ? sanitizeSchemaForStrictMode(definitionSchema, seen) : definitionSchema,
+					isJsonObject(definitionSchema)
+						? sanitizeSchemaForStrictMode(definitionSchema, seen, cache)
+						: definitionSchema,
 				]),
 			);
 			continue;
@@ -221,9 +237,11 @@ export function sanitizeSchemaForStrictMode(
 
 	if (schema.nullable === true) {
 		const { nullable: _, ...withoutNullable } = sanitized;
+		seen.delete(schema);
 		return { anyOf: [withoutNullable, { type: "null" }] };
 	}
 
+	seen.delete(schema);
 	return sanitized;
 }
 
@@ -241,11 +259,23 @@ export function sanitizeSchemaForStrictMode(
  *   i.e. the node is not representable in strict mode. Prefer
  *   {@link tryEnforceStrictSchema} which catches this and degrades gracefully.
  */
-export function enforceStrictSchema(schema: Record<string, unknown>, seen?: WeakSet<object>): Record<string, unknown> {
+export function enforceStrictSchema(
+	schema: Record<string, unknown>,
+	seen?: WeakSet<object>,
+	cache?: WeakMap<Record<string, unknown>, Record<string, unknown>>,
+): Record<string, unknown> {
 	if (!seen) seen = new WeakSet();
-	if (seen.has(schema)) return schema;
+	if (!cache) cache = new WeakMap();
+	if (seen.has(schema)) {
+		throw new Error("Schema contains a circular object graph — cannot enforce strict mode");
+	}
+	const cached = cache.get(schema);
+	if (cached) {
+		return cached;
+	}
 	seen.add(schema);
 	const result = { ...schema };
+	cache.set(schema, result);
 	const isObjectType = result.type === "object";
 	if (isObjectType) {
 		result.additionalProperties = false;
@@ -263,7 +293,7 @@ export function enforceStrictSchema(schema: Record<string, unknown>, seen?: Weak
 			Object.entries(props).map(([key, value]) => {
 				const processed =
 					value != null && typeof value === "object" && !Array.isArray(value)
-						? enforceStrictSchema(value as Record<string, unknown>, seen)
+						? enforceStrictSchema(value as Record<string, unknown>, seen, cache)
 						: value;
 				// Optional property — wrap as nullable so strict mode accepts it
 				if (!originalRequired.has(key)) {
@@ -287,18 +317,18 @@ export function enforceStrictSchema(schema: Record<string, unknown>, seen?: Weak
 		if (Array.isArray(result.items)) {
 			result.items = result.items.map(entry =>
 				entry != null && typeof entry === "object" && !Array.isArray(entry)
-					? enforceStrictSchema(entry as Record<string, unknown>, seen)
+					? enforceStrictSchema(entry as Record<string, unknown>, seen, cache)
 					: entry,
 			);
 		} else {
-			result.items = enforceStrictSchema(result.items as Record<string, unknown>, seen);
+			result.items = enforceStrictSchema(result.items as Record<string, unknown>, seen, cache);
 		}
 	}
 	for (const key of COMBINATOR_KEYS) {
 		if (Array.isArray(result[key])) {
 			result[key] = (result[key] as unknown[]).map(entry =>
 				entry != null && typeof entry === "object" && !Array.isArray(entry)
-					? enforceStrictSchema(entry as Record<string, unknown>, seen)
+					? enforceStrictSchema(entry as Record<string, unknown>, seen, cache)
 					: entry,
 			);
 		}
@@ -310,7 +340,7 @@ export function enforceStrictSchema(schema: Record<string, unknown>, seen?: Weak
 				Object.entries(defs).map(([name, def]) => [
 					name,
 					def != null && typeof def === "object" && !Array.isArray(def)
-						? enforceStrictSchema(def as Record<string, unknown>, seen)
+						? enforceStrictSchema(def as Record<string, unknown>, seen, cache)
 						: def,
 				]),
 			);
@@ -326,6 +356,7 @@ export function enforceStrictSchema(schema: Record<string, unknown>, seen?: Weak
 	) {
 		throw new Error("Schema node has no type, combinator, or $ref — cannot enforce strict mode");
 	}
+	seen.delete(schema);
 	return result;
 }