@oh-my-pi/pi-ai 16.0.6 → 16.0.7

package/CHANGELOG.md

@@ -2,6 +2,17 @@
 
 ## [Unreleased]
 
+## [16.0.7] - 2026-06-18
+
+### Changed
+
+- Switched Google OAuth callback hostname from `localhost` to `127.0.0.1` to prevent IPv6 loopback fallback delays and proxy routing interception.
+
+### Fixed
+
+- Fixed OpenCode Go usage reporting to synthesize `/usage` limits from OMP-observed request costs for the 5h, weekly, and monthly provider caps. ([#2942](https://github.com/can1357/oh-my-pi/issues/2942))
+- Fixed MiniMax Anthropic-compatible requests to serialize adaptive thinking without an invalid Anthropic `output_config.effort` tier ([#2928](https://github.com/can1357/oh-my-pi/issues/2928)).
+
 ## [16.0.6] - 2026-06-18
 
 ### Added

package/dist/types/auth-storage.d.ts

@@ -11,7 +11,7 @@ import { Database } from "bun:sqlite";
 import type { ApiKeyResolver } from "./auth-retry";
 import type { OAuthController, OAuthCredentials, OAuthProviderId } from "./registry/oauth/types";
 import type { Provider } from "./types";
-import type { CredentialRankingStrategy, UsageHistoryEntry, UsageHistoryQuery, UsageLogger, UsageProvider, UsageReport } from "./usage";
+import type { CredentialRankingStrategy, UsageCostHistoryEntry, UsageCostHistoryQuery, UsageHistoryEntry, UsageHistoryQuery, UsageLogger, UsageProvider, UsageReport } from "./usage";
 import { type CodexResetConsumeCode, type CodexResetCredit } from "./usage/openai-codex-reset";
 export type ApiKeyCredential = {
     type: "api_key";
@@ -233,6 +233,10 @@ export interface AuthCredentialStore {
      * skipped — the broker host records into its own database instead.
      */
     recordUsageSnapshots?(entries: UsageHistoryEntry[]): void;
+    /** Append observed request costs for providers without upstream usage APIs. */
+    recordUsageCosts?(entries: UsageCostHistoryEntry[]): void;
+    /** Read observed request costs, oldest first. */
+    listUsageCosts?(query?: UsageCostHistoryQuery): UsageCostHistoryEntry[];
     /** Read recorded usage-limit snapshots, oldest first. */
     listUsageHistory?(query?: UsageHistoryQuery): UsageHistoryEntry[];
     /**
@@ -689,6 +693,12 @@ export declare class AuthStorage {
      * store has no durable history (e.g. a broker-backed remote store).
      */
     listUsageHistory(query?: UsageHistoryQuery): UsageHistoryEntry[];
+    /** Record one observed provider request cost for later local usage aggregation. */
+    recordUsageCost(provider: Provider, costUsd: number, options?: {
+        sessionId?: string;
+        recordedAt?: number;
+        baseUrl?: string;
+    }): boolean;
     ingestUsageHeaders(provider: Provider, headers: Record<string, string>, options?: {
         sessionId?: string;
         baseUrl?: string;
@@ -944,6 +954,8 @@ export declare class SqliteAuthCredentialStore implements AuthCredentialStore {
     cleanExpiredCache(): void;
     recordUsageSnapshots(entries: UsageHistoryEntry[]): void;
     listUsageHistory(query?: UsageHistoryQuery): UsageHistoryEntry[];
+    recordUsageCosts(entries: UsageCostHistoryEntry[]): void;
+    listUsageCosts(query?: UsageCostHistoryQuery): UsageCostHistoryEntry[];
     /**
      * Save OAuth credentials for a provider.
      * Preserves unrelated identities and replaces only the matching credential.

package/dist/types/index.d.ts

@@ -36,6 +36,7 @@ export * from "./usage/kimi";
 export * from "./usage/minimax-code";
 export * from "./usage/openai-codex";
 export * from "./usage/openai-codex-reset";
+export * from "./usage/opencode-go";
 export * from "./usage/zai";
 export * from "./utils/anthropic-auth";
 export * from "./utils/event-stream";

package/dist/types/providers/anthropic.d.ts

@@ -68,7 +68,8 @@ export declare function deriveClaudeDeviceId(installId: string, accountId?: stri
 export declare function resolveAnthropicMetadataUserId(userId: unknown, isOAuthToken: boolean, sessionId?: string, accountId?: string): string | undefined;
 export declare const applyClaudeToolPrefix: (name: string) => string;
 export declare const stripClaudeToolPrefix: (name: string) => string;
-export type AnthropicEffort = "low" | "medium" | "high" | "xhigh" | "max";
+export type AnthropicOutputEffort = "low" | "medium" | "high" | "xhigh" | "max";
+export type AnthropicEffort = AnthropicOutputEffort | "adaptive";
 export type AnthropicThinkingDisplay = "summarized" | "omitted";
 export interface AnthropicOptions extends StreamOptions {
     /**
@@ -90,11 +91,13 @@ export interface AnthropicOptions extends StreamOptions {
     requestModelId?: string;
     /**
      * Effort level for adaptive thinking.
-     * Controls how much thinking Claude allocates:
+     * Controls how much Claude allocates, or uses "adaptive" for MiniMax's
+     * binary adaptive-thinking tag:
      * - "max": Always thinks with no constraints
      * - "high": Always thinks, deep reasoning (default)
      * - "medium": Moderate thinking, may skip for simple queries
      * - "low": Minimal thinking, skips for simple tasks
+     * - "adaptive": Sends `thinking.type: "adaptive"` without `output_config.effort`
      * Ignored for older models.
      */
     effort?: AnthropicEffort;

package/dist/types/usage/opencode-go.d.ts

@@ -0,0 +1,2 @@
+import type { UsageProvider } from "../usage";
+export declare const opencodeGoUsageProvider: UsageProvider;

package/dist/types/usage.d.ts

@@ -108,6 +108,23 @@ export interface UsageHistoryQuery {
     /** Inclusive lower bound on {@link UsageHistoryEntry.recordedAt} (epoch ms). */
     sinceMs?: number;
 }
+/** One observed provider request cost, attributed to the credential that made it. */
+export interface UsageCostHistoryEntry {
+    /** Epoch ms the request completed. */
+    recordedAt: number;
+    provider: Provider;
+    /** Stable credential identity key (account/email/project/secret derived). */
+    accountKey: string;
+    /** Estimated request cost in USD. */
+    costUsd: number;
+}
+/** Filter for reading observed request costs. */
+export interface UsageCostHistoryQuery {
+    provider?: string;
+    accountKey?: string;
+    /** Inclusive lower bound on {@link UsageCostHistoryEntry.recordedAt} (epoch ms). */
+    sinceMs?: number;
+}
 export declare const usageUnitSchema: import("arktype/internal/variants/string.ts").StringType<"bytes" | "minutes" | "percent" | "requests" | "tokens" | "unknown" | "usd", {}>;
 export declare const usageStatusSchema: import("arktype/internal/variants/string.ts").StringType<"exhausted" | "ok" | "unknown" | "warning", {}>;
 export declare const usageWindowSchema: import("arktype/internal/variants/object.ts").ObjectType<{
@@ -231,6 +248,8 @@ export interface UsageCredential {
 export interface UsageFetchParams {
     provider: Provider;
     credential: UsageCredential;
+    /** Stable credential identity key derived by the auth storage layer. */
+    accountKey?: string;
     baseUrl?: string;
     signal?: AbortSignal;
 }
@@ -239,6 +258,8 @@ export interface UsageFetchContext {
     fetch: FetchImpl;
     logger?: UsageLogger;
     retryWait?: (delayMs: number, signal?: AbortSignal) => Promise<void>;
+    /** Observed request-cost history for providers without upstream usage APIs. */
+    listUsageCosts?: (query?: UsageCostHistoryQuery) => UsageCostHistoryEntry[];
 }
 /** Provider implementation for fetching usage information. */
 export interface UsageProvider {
@@ -247,6 +268,8 @@ export interface UsageProvider {
     /** Parse provider rate-limit response headers (lowercased keys) into a usage report, if supported. */
     parseRateLimitHeaders?(headers: Record<string, string>, now?: number): UsageReport | null;
     supports?(params: UsageFetchParams): boolean;
+    /** True when fetchUsage contacts upstream and can authenticate the credential for health checks. */
+    validatesCredentials?: boolean;
 }
 /** Request context used when ranking usage for a specific model. */
 export interface CredentialRankingContext {

package/package.json

@@ -1,7 +1,7 @@
 {
 	"type": "module",
 	"name": "@oh-my-pi/pi-ai",
-	"version": "16.0.6",
+	"version": "16.0.7",
 	"description": "Unified LLM API with automatic model discovery and provider configuration",
 	"homepage": "https://omp.sh",
 	"author": "Can Boluk",
@@ -38,8 +38,8 @@
 	},
 	"dependencies": {
 		"@bufbuild/protobuf": "^2.12.0",
-		"@oh-my-pi/pi-catalog": "16.0.6",
-		"@oh-my-pi/pi-utils": "16.0.6",
+		"@oh-my-pi/pi-catalog": "16.0.7",
+		"@oh-my-pi/pi-utils": "16.0.7",
 		"arktype": "^2.2.0",
 		"partial-json": "^0.1.7",
 		"zod": "^4"

package/src/auth-storage.ts

@@ -21,6 +21,8 @@ import type { Provider } from "./types";
 import type {
 	CredentialRankingContext,
 	CredentialRankingStrategy,
+	UsageCostHistoryEntry,
+	UsageCostHistoryQuery,
 	UsageCredential,
 	UsageFetchContext,
 	UsageFetchParams,
@@ -44,6 +46,7 @@ import {
 	consumeCodexResetCredit,
 	listCodexResetCredits,
 } from "./usage/openai-codex-reset";
+import { opencodeGoUsageProvider } from "./usage/opencode-go";
 import { zaiUsageProvider } from "./usage/zai";
 
 const USAGE_RANKING_METRIC_EPSILON = 1e-9;
@@ -300,6 +303,10 @@ export interface AuthCredentialStore {
 	 * skipped — the broker host records into its own database instead.
 	 */
 	recordUsageSnapshots?(entries: UsageHistoryEntry[]): void;
+	/** Append observed request costs for providers without upstream usage APIs. */
+	recordUsageCosts?(entries: UsageCostHistoryEntry[]): void;
+	/** Read observed request costs, oldest first. */
+	listUsageCosts?(query?: UsageCostHistoryQuery): UsageCostHistoryEntry[];
 	/** Read recorded usage-limit snapshots, oldest first. */
 	listUsageHistory?(query?: UsageHistoryQuery): UsageHistoryEntry[];
 	/**
@@ -491,6 +498,7 @@ const DEFAULT_USAGE_PROVIDERS: UsageProvider[] = [
 	googleGeminiCliUsageProvider,
 	claudeUsageProvider,
 	zaiUsageProvider,
+	opencodeGoUsageProvider,
 	githubCopilotUsageProvider,
 ];
 
@@ -1986,7 +1994,11 @@ export class AuthStorage {
 			typeof timeoutMs === "number" && Number.isFinite(timeoutMs) && timeoutMs > 0
 				? AbortSignal.timeout(timeoutMs)
 				: undefined;
-		let params: UsageRequestDescriptor & { signal?: AbortSignal } = { ...request, signal: timeoutSignal };
+		let params: UsageFetchParams = {
+			...request,
+			accountKey: this.#buildUsageCacheIdentity(request.credential),
+			signal: timeoutSignal,
+		};
 
 		if (
 			request.credential.type === "oauth" &&
@@ -2009,8 +2021,10 @@ export class AuthStorage {
 					const refreshedCredential = this.#mergeRefreshedUsageCredential(request.credential, refreshed);
 					this.#persistRefreshedUsageCredential(request.provider, request.credential, refreshedCredential);
 					params = {
-						...params,
+						...request,
 						credential: refreshedCredential,
+						accountKey: this.#buildUsageCacheIdentity(refreshedCredential),
+						signal: timeoutSignal,
 					};
 				} catch (error) {
 					const errorMsg = String(error);
@@ -2068,6 +2082,7 @@ export class AuthStorage {
 			return await providerImpl.fetchUsage(params, {
 				fetch: this.#usageFetch,
 				logger: this.#usageLogger,
+				listUsageCosts: query => this.#store.listUsageCosts?.(query) ?? [],
 			});
 		} catch (error) {
 			logger.debug("AuthStorage usage fetch failed", {
@@ -2166,6 +2181,64 @@ export class AuthStorage {
 		return this.#store.listUsageHistory?.(query) ?? [];
 	}
 
+	/** Record one observed provider request cost for later local usage aggregation. */
+	recordUsageCost(
+		provider: Provider,
+		costUsd: number,
+		options?: { sessionId?: string; recordedAt?: number; baseUrl?: string },
+	): boolean {
+		if (!Number.isFinite(costUsd) || costUsd <= 0) return false;
+		const record = this.#store.recordUsageCosts;
+		if (!record) return false;
+		const credential = this.#resolveObservedUsageCredential(provider, options?.sessionId);
+		if (!credential) return false;
+		const entry: UsageCostHistoryEntry = {
+			recordedAt: options?.recordedAt ?? Date.now(),
+			provider,
+			accountKey: this.#buildUsageCacheIdentity(credential),
+			costUsd,
+		};
+		try {
+			record.call(this.#store, [entry]);
+			const cacheKey = this.#buildUsageReportCacheKey({
+				provider,
+				credential,
+				baseUrl: options?.baseUrl,
+			});
+			const existing = this.#usageCache.getStale<UsageReport | null>(cacheKey);
+			this.#usageCache.set(cacheKey, { value: existing?.value ?? null, expiresAt: Date.now() - 1 });
+			return true;
+		} catch (error) {
+			this.#usageLogger?.debug("usage cost record failed", {
+				provider,
+				error: String(error),
+			});
+			return false;
+		}
+	}
+
+	#resolveObservedUsageCredential(provider: Provider, sessionId?: string): UsageCredential | undefined {
+		const entries = this.#getStoredCredentials(provider);
+		const sessionCredential = this.#getSessionCredential(provider, sessionId);
+		if (sessionCredential) {
+			const credential = entries[sessionCredential.index]?.credential;
+			if (credential) {
+				return credential.type === "api_key"
+					? { type: "api_key", apiKey: credential.key }
+					: this.#buildUsageCredential(credential);
+			}
+		}
+		if (entries.length === 1) {
+			const credential = entries[0]!.credential;
+			return credential.type === "api_key"
+				? { type: "api_key", apiKey: credential.key }
+				: this.#buildUsageCredential(credential);
+		}
+		const envKey = getEnvApiKey(provider);
+		if (envKey) return { type: "api_key", apiKey: envKey };
+		return undefined;
+	}
+
 	ingestUsageHeaders(
 		provider: Provider,
 		headers: Record<string, string>,
@@ -2574,7 +2647,11 @@ export class AuthStorage {
 		const timeoutMs = options?.timeoutMs ?? this.#usageRequestTimeoutMs;
 		const completionProbe = options?.completionProbe;
 		const completionTimeoutMs = options?.completionTimeoutMs ?? timeoutMs;
-		const ctx: UsageFetchContext = { fetch: this.#usageFetch, logger: this.#usageLogger };
+		const ctx: UsageFetchContext = {
+			fetch: this.#usageFetch,
+			logger: this.#usageLogger,
+			listUsageCosts: query => this.#store.listUsageCosts?.(query) ?? [],
+		};
 
 		const results: CredentialHealthResult[] = [];
 		for (const row of stored) {
@@ -2600,7 +2677,11 @@ export class AuthStorage {
 
 			const timeoutSignal = AbortSignal.timeout(timeoutMs);
 			const probeSignal = options?.signal ? AbortSignal.any([options.signal, timeoutSignal]) : timeoutSignal;
-			let params: UsageFetchParams & { signal: AbortSignal } = { ...initialRequest, signal: probeSignal };
+			let params: UsageFetchParams & { signal: AbortSignal } = {
+				...initialRequest,
+				accountKey: this.#buildUsageCacheIdentity(initialRequest.credential),
+				signal: probeSignal,
+			};
 			let refreshError: string | undefined;
 
 			// Refresh expired OAuth before probing — without this an expired access
@@ -2630,7 +2711,11 @@ export class AuthStorage {
 							initialRequest.credential,
 							refreshedCredential,
 						);
-						params = { ...params, credential: refreshedCredential };
+						params = {
+							...params,
+							credential: refreshedCredential,
+							accountKey: this.#buildUsageCacheIdentity(refreshedCredential),
+						};
 					} catch (error) {
 						refreshError = `oauth refresh failed: ${error instanceof Error ? error.message : String(error)}`;
 					}
@@ -2651,6 +2736,8 @@ export class AuthStorage {
 				base.reason = `no usage probe configured for provider ${row.provider}`;
 			} else if (providerImpl.supports && !providerImpl.supports(initialRequest)) {
 				base.reason = `usage probe does not support ${cred.type} credentials for ${row.provider}`;
+			} else if (providerImpl.validatesCredentials === false) {
+				base.reason = `usage probe for ${row.provider} does not validate credentials`;
 			} else {
 				try {
 					const report = await providerImpl.fetchUsage(params, ctx);
@@ -4409,6 +4496,8 @@ export class SqliteAuthCredentialStore implements AuthCredentialStore {
 	#upsertCacheStmt: Statement;
 	#deleteExpiredCacheStmt: Statement;
 	#insertUsageHistoryStmt: Statement;
+	#insertUsageCostStmt: Statement;
+	#listUsageCostsStmt: Statement;
 	#lastUsageHistoryStmt: Statement;
 	#listUsageHistoryStmt: Statement;
 	#updateUsageHistoryStmt: Statement;
@@ -4463,6 +4552,12 @@ export class SqliteAuthCredentialStore implements AuthCredentialStore {
 		this.#listUsageHistoryStmt = this.#db.prepare(
 			"SELECT recorded_at, provider, account_key, email, account_id, limit_id, label, window_label, used_fraction, status, resets_at FROM usage_history WHERE recorded_at >= ? AND (? IS NULL OR provider = ?) ORDER BY recorded_at ASC",
 		);
+		this.#insertUsageCostStmt = this.#db.prepare(
+			"INSERT INTO usage_cost_history (recorded_at, provider, account_key, cost_usd) VALUES (?, ?, ?, ?)",
+		);
+		this.#listUsageCostsStmt = this.#db.prepare(
+			"SELECT recorded_at, provider, account_key, cost_usd FROM usage_cost_history WHERE recorded_at >= ? AND (? IS NULL OR provider = ?) AND (? IS NULL OR account_key = ?) ORDER BY recorded_at ASC",
+		);
 	}
 
 	static async open(dbPath: string = getAgentDbPath()): Promise<SqliteAuthCredentialStore> {
@@ -4543,6 +4638,14 @@ export class SqliteAuthCredentialStore implements AuthCredentialStore {
 				resets_at INTEGER
 			);
 			CREATE INDEX IF NOT EXISTS idx_usage_history_series ON usage_history(provider, account_key, limit_id, recorded_at);
+			CREATE TABLE IF NOT EXISTS usage_cost_history (
+				id INTEGER PRIMARY KEY AUTOINCREMENT,
+				recorded_at INTEGER NOT NULL,
+				provider TEXT NOT NULL,
+				account_key TEXT NOT NULL,
+				cost_usd REAL NOT NULL
+			);
+			CREATE INDEX IF NOT EXISTS idx_usage_cost_history_lookup ON usage_cost_history(provider, account_key, recorded_at);
 			CREATE INDEX IF NOT EXISTS idx_usage_history_recorded ON usage_history(recorded_at);
 		`);
 
@@ -5024,6 +5127,42 @@ export class SqliteAuthCredentialStore implements AuthCredentialStore {
 			return [];
 		}
 	}
+	recordUsageCosts(entries: UsageCostHistoryEntry[]): void {
+		try {
+			for (const entry of entries) {
+				this.#insertUsageCostStmt.run(entry.recordedAt, entry.provider, entry.accountKey, entry.costUsd);
+			}
+		} catch {
+			// Cost history is best-effort; never break request persistence.
+		}
+	}
+
+	listUsageCosts(query?: UsageCostHistoryQuery): UsageCostHistoryEntry[] {
+		try {
+			const provider = query?.provider ?? null;
+			const accountKey = query?.accountKey ?? null;
+			const rows = this.#listUsageCostsStmt.all(
+				query?.sinceMs ?? 0,
+				provider,
+				provider,
+				accountKey,
+				accountKey,
+			) as Array<{
+				recorded_at: number;
+				provider: string;
+				account_key: string;
+				cost_usd: number;
+			}>;
+			return rows.map(row => ({
+				recordedAt: row.recorded_at,
+				provider: row.provider as Provider,
+				accountKey: row.account_key,
+				costUsd: row.cost_usd,
+			}));
+		} catch {
+			return [];
+		}
+	}
 
 	// ─── Convenience methods for CLI ────────────────────────────────────────
 

package/src/index.ts

@@ -36,6 +36,7 @@ export * from "./usage/kimi";
 export * from "./usage/minimax-code";
 export * from "./usage/openai-codex";
 export * from "./usage/openai-codex-reset";
+export * from "./usage/opencode-go";
 export * from "./usage/zai";
 export * from "./utils/anthropic-auth";
 export * from "./utils/event-stream";

package/src/providers/anthropic.ts

@@ -1003,7 +1003,8 @@ function convertContentBlocks(
 	return blocks;
 }
 
-export type AnthropicEffort = "low" | "medium" | "high" | "xhigh" | "max";
+export type AnthropicOutputEffort = "low" | "medium" | "high" | "xhigh" | "max";
+export type AnthropicEffort = AnthropicOutputEffort | "adaptive";
 export type AnthropicThinkingDisplay = "summarized" | "omitted";
 
 export interface AnthropicOptions extends StreamOptions {
@@ -1026,11 +1027,13 @@ export interface AnthropicOptions extends StreamOptions {
 	requestModelId?: string;
 	/**
 	 * Effort level for adaptive thinking.
-	 * Controls how much thinking Claude allocates:
+	 * Controls how much Claude allocates, or uses "adaptive" for MiniMax's
+	 * binary adaptive-thinking tag:
 	 * - "max": Always thinks with no constraints
 	 * - "high": Always thinks, deep reasoning (default)
 	 * - "medium": Moderate thinking, may skip for simple queries
 	 * - "low": Minimal thinking, skips for simple tasks
+	 * - "adaptive": Sends `thinking.type: "adaptive"` without `output_config.effort`
 	 * Ignored for older models.
 	 */
 	effort?: AnthropicEffort;
@@ -1650,13 +1653,16 @@ export const streamAnthropic: StreamFunction<"anthropic-messages"> = (
 				// `output_config.effort` ships on thinking-on requests AND on the
 				// thinking-off adaptive pin (adaptive-only models get effort:"low" so
 				// the toggle cannot 400); the beta must accompany the field in both.
+				// MiniMax uses `thinking.type:"adaptive"` itself as the control surface,
+				// so the sentinel "adaptive" value intentionally sends no output_config.
 				const sendsAdaptiveEffortPin =
 					options?.thinkingEnabled === false &&
 					model.thinking?.mode === "anthropic-adaptive" &&
-					!model.compat.disableAdaptiveThinking;
+					!model.compat.disableAdaptiveThinking &&
+					!usesAdaptiveThinkingTagOnly(model);
 				if (
 					model.reasoning &&
-					(options?.thinkingEnabled || sendsAdaptiveEffortPin) &&
+					((options?.thinkingEnabled && options.effort !== "adaptive") || sendsAdaptiveEffortPin) &&
 					!extraBetas.includes(effortBeta)
 				) {
 					extraBetas.push(effortBeta);
@@ -2783,11 +2789,22 @@ function enforceCacheControlLimit(params: MessageCreateParamsStreaming, maxBreak
 	}
 }
 
+function usesAdaptiveThinkingTagOnly(model: Model<"anthropic-messages">): boolean {
+	const thinking = model.thinking;
+	if (thinking?.mode !== "anthropic-adaptive") return false;
+	const effortMap = thinking.effortMap;
+	if (!effortMap) return false;
+	for (const effort of thinking.efforts) {
+		if (effortMap[effort] !== "adaptive") return false;
+	}
+	return thinking.efforts.length > 0;
+}
+
 function resolveAnthropicAdaptiveEffort(
 	model: Model<"anthropic-messages">,
 	options: AnthropicOptions,
 ): AnthropicEffort | undefined {
-	if (options.effort) return options.effort;
+	if (options.effort) return usesAdaptiveThinkingTagOnly(model) ? "adaptive" : options.effort;
 	const requestedEffort = options.reasoning;
 	if (!requestedEffort) return undefined;
 	return mapEffortToAnthropicAdaptiveEffort(model, requestedEffort);
@@ -2854,7 +2871,7 @@ function buildParams(
 
 	// Pre-compute thinking + output_config effort.
 	let thinking: MessageCreateParamsStreaming["thinking"] | undefined;
-	let outputConfigEffort: AnthropicEffort | undefined;
+	let outputConfigEffort: AnthropicOutputEffort | undefined;
 	if (model.reasoning) {
 		if (options?.thinkingEnabled) {
 			const mode = model.thinking?.mode;
@@ -2872,18 +2889,22 @@ function buildParams(
 					adaptive.display = options.thinkingDisplay ?? "summarized";
 				}
 				thinking = adaptive;
-				if (effort) outputConfigEffort = effort;
+				if (effort && effort !== "adaptive") outputConfigEffort = effort;
 			} else {
 				thinking = {
 					type: "enabled",
 					budget_tokens: options.thinkingBudgetTokens || 1024,
 					display: options.thinkingDisplay ?? "summarized",
 				};
-				if (mode === "anthropic-budget-effort" && effort) outputConfigEffort = effort;
+				if (mode === "anthropic-budget-effort" && effort && effort !== "adaptive") outputConfigEffort = effort;
 			}
 		} else if (options?.thinkingEnabled === false) {
 			const compat = model.compat;
-			if (model.thinking?.mode === "anthropic-adaptive" && !compat.disableAdaptiveThinking) {
+			if (
+				model.thinking?.mode === "anthropic-adaptive" &&
+				!compat.disableAdaptiveThinking &&
+				!usesAdaptiveThinkingTagOnly(model)
+			) {
 				// Adaptive-only Claude models (Opus 4.6+, Sonnet 4.6+, Fable/Mythos 5) reject
 				// `thinking.type: "disabled"` — adaptive thinking cannot be switched off.
 				// Omit the thinking field (the API defaults to adaptive) and pin the

package/src/registry/oauth/google-oauth-shared.ts

@@ -39,7 +39,11 @@ export class GoogleOAuthFlow extends OAuthCallbackFlow {
 	private readonly config: GoogleOAuthFlowConfig;
 
 	constructor(ctrl: OAuthController, config: GoogleOAuthFlowConfig) {
-		super(ctrl, config.callbackPort, config.callbackPath);
+		super(ctrl, {
+			preferredPort: config.callbackPort,
+			callbackPath: config.callbackPath,
+			callbackHostname: "127.0.0.1",
+		});
 		this.config = config;
 	}
 

package/src/registry/oauth/kimi.ts

@@ -75,15 +75,20 @@ let getDeviceId = (): string => {
 	return deviceId;
 };
 
+function sanitizeHeaderValue(value: string, fallback = ""): string {
+	const sanitized = value.replace(/[^\x20-\x7E]/g, "").trim();
+	return sanitized || fallback;
+}
+
 export let getKimiCommonHeaders = () => {
 	const headers = Object.freeze({
 		"User-Agent": `KimiCLI/${packageJson.version}`,
 		"X-Msh-Platform": "kimi_cli",
 		"X-Msh-Version": packageJson.version,
-		"X-Msh-Device-Name": os.hostname(),
-		"X-Msh-Device-Model": getDeviceModel(),
-		"X-Msh-Os-Version": os.version(),
-		"X-Msh-Device-Id": getDeviceId(),
+		"X-Msh-Device-Name": sanitizeHeaderValue(os.hostname(), "unknown"),
+		"X-Msh-Device-Model": sanitizeHeaderValue(getDeviceModel(), "unknown"),
+		"X-Msh-Os-Version": sanitizeHeaderValue(os.version(), "unknown"),
+		"X-Msh-Device-Id": sanitizeHeaderValue(getDeviceId(), "unknown"),
 	});
 	getKimiCommonHeaders = () => headers;
 	return headers;

package/src/usage/opencode-go.ts

@@ -0,0 +1,89 @@
+import type { UsageCostHistoryEntry, UsageLimit, UsageProvider, UsageWindow } from "../usage";
+
+const OPENCODE_GO_PROVIDER = "opencode-go";
+const HOUR_MS = 60 * 60 * 1000;
+const DAY_MS = 24 * HOUR_MS;
+const OPENCODE_GO_LIMITS = [
+	{ id: "rolling-5h", label: "5 Hour", durationMs: 5 * HOUR_MS, limitUsd: 12 },
+	{ id: "weekly", label: "Weekly", durationMs: 7 * DAY_MS, limitUsd: 30 },
+	{ id: "monthly", label: "Monthly", durationMs: 30 * DAY_MS, limitUsd: 60 },
+] as const;
+
+function sumWindowCosts(entries: UsageCostHistoryEntry[], sinceMs: number): { used: number; resetsAt?: number } {
+	let used = 0;
+	let firstRecordedAt: number | undefined;
+	for (const entry of entries) {
+		if (entry.recordedAt < sinceMs) continue;
+		used += entry.costUsd;
+		if (firstRecordedAt === undefined || entry.recordedAt < firstRecordedAt) {
+			firstRecordedAt = entry.recordedAt;
+		}
+	}
+	return { used, resetsAt: firstRecordedAt };
+}
+
+function resolveStatus(usedFraction: number): UsageLimit["status"] {
+	if (usedFraction >= 1) return "exhausted";
+	if (usedFraction >= 0.8) return "warning";
+	return "ok";
+}
+
+function buildWindowLimit(
+	limit: (typeof OPENCODE_GO_LIMITS)[number],
+	entries: UsageCostHistoryEntry[],
+	nowMs: number,
+): UsageLimit {
+	const sinceMs = nowMs - limit.durationMs;
+	const windowCost = sumWindowCosts(entries, sinceMs);
+	const used = Number(windowCost.used.toFixed(6));
+	const usedFraction = used / limit.limitUsd;
+	const window: UsageWindow = {
+		id: limit.id,
+		label: limit.label,
+		durationMs: limit.durationMs,
+	};
+	if (windowCost.resetsAt !== undefined) {
+		window.resetsAt = windowCost.resetsAt + limit.durationMs;
+	}
+	return {
+		id: limit.id,
+		label: `${limit.label} limit`,
+		scope: {
+			provider: OPENCODE_GO_PROVIDER,
+			windowId: limit.id,
+		},
+		window,
+		amount: {
+			used,
+			limit: limit.limitUsd,
+			remaining: Math.max(0, limit.limitUsd - used),
+			usedFraction,
+			remainingFraction: Math.max(0, 1 - usedFraction),
+			unit: "usd",
+		},
+		status: resolveStatus(usedFraction),
+		notes: ["OMP-observed spend only; OpenCode usage outside OMP is not included."],
+	};
+}
+
+export const opencodeGoUsageProvider: UsageProvider = {
+	id: OPENCODE_GO_PROVIDER,
+	supports: params => params.provider === OPENCODE_GO_PROVIDER && params.credential.type === "api_key",
+	validatesCredentials: false,
+	async fetchUsage(params, ctx) {
+		if (params.provider !== OPENCODE_GO_PROVIDER || params.credential.type !== "api_key") return null;
+		const nowMs = Date.now();
+		const sinceMs = nowMs - OPENCODE_GO_LIMITS[OPENCODE_GO_LIMITS.length - 1]!.durationMs;
+		const entries =
+			ctx.listUsageCosts?.({ provider: OPENCODE_GO_PROVIDER, accountKey: params.accountKey, sinceMs }) ?? [];
+		return {
+			provider: OPENCODE_GO_PROVIDER,
+			fetchedAt: nowMs,
+			limits: OPENCODE_GO_LIMITS.map(limit => buildWindowLimit(limit, entries, nowMs)),
+			metadata: {
+				planType: "OpenCode Go",
+				source: "omp-observed-request-costs",
+			},
+		};
+	},
+};

package/src/usage.ts

@@ -134,6 +134,24 @@ export interface UsageHistoryQuery {
 	/** Inclusive lower bound on {@link UsageHistoryEntry.recordedAt} (epoch ms). */
 	sinceMs?: number;
 }
+/** One observed provider request cost, attributed to the credential that made it. */
+export interface UsageCostHistoryEntry {
+	/** Epoch ms the request completed. */
+	recordedAt: number;
+	provider: Provider;
+	/** Stable credential identity key (account/email/project/secret derived). */
+	accountKey: string;
+	/** Estimated request cost in USD. */
+	costUsd: number;
+}
+
+/** Filter for reading observed request costs. */
+export interface UsageCostHistoryQuery {
+	provider?: string;
+	accountKey?: string;
+	/** Inclusive lower bound on {@link UsageCostHistoryEntry.recordedAt} (epoch ms). */
+	sinceMs?: number;
+}
 
 // ─── Zod schemas (wire-shape validation for the broker `/v1/usage` endpoint) ─
 
@@ -217,6 +235,8 @@ export interface UsageCredential {
 export interface UsageFetchParams {
 	provider: Provider;
 	credential: UsageCredential;
+	/** Stable credential identity key derived by the auth storage layer. */
+	accountKey?: string;
 	baseUrl?: string;
 	signal?: AbortSignal;
 }
@@ -226,6 +246,8 @@ export interface UsageFetchContext {
 	fetch: FetchImpl;
 	logger?: UsageLogger;
 	retryWait?: (delayMs: number, signal?: AbortSignal) => Promise<void>;
+	/** Observed request-cost history for providers without upstream usage APIs. */
+	listUsageCosts?: (query?: UsageCostHistoryQuery) => UsageCostHistoryEntry[];
 }
 
 /** Provider implementation for fetching usage information. */
@@ -235,6 +257,8 @@ export interface UsageProvider {
 	/** Parse provider rate-limit response headers (lowercased keys) into a usage report, if supported. */
 	parseRateLimitHeaders?(headers: Record<string, string>, now?: number): UsageReport | null;
 	supports?(params: UsageFetchParams): boolean;
+	/** True when fetchUsage contacts upstream and can authenticate the credential for health checks. */
+	validatesCredentials?: boolean;
 }
 
 /** Request context used when ranking usage for a specific model. */