chore(deps): bump openai from 4.104.0 to 6.21.0

[dependabot]

Bumps openai from 4.104.0 to 6.21.0.

Release notes

Sourced from openai's releases.

v6.21.0

6.21.0 (2026-02-10)

Full Changelog: v6.20.0...v6.21.0

Features

• api: support for images in batch api (017ba1c)

v6.20.0

6.20.0 (2026-02-10)

Full Changelog: v6.19.0...v6.20.0

Features

• api: skills and hosted shell (e4bdd62)

v6.19.0

6.19.0 (2026-02-09)

Full Changelog: v6.18.0...v6.19.0

Features

• api: responses context_management (40e7671)

v6.18.0

6.18.0 (2026-02-05)

Full Changelog: v6.17.0...v6.18.0

Features

• api: image generation actions for responses; ResponseFunctionCallArgumentsDoneEvent.name (d373c32)

Bug Fixes

• client: avoid memory leak with abort signals (b449f36)
• client: avoid removing abort listener too early (1c045f7)
• client: undo change to web search Find action (8259b45)
• client: update type for find_in_page action (9aa8d98)

Chores

• client: do not parse responses with empty content-length (4a118fa)
• client: restructure abort controller binding (a4d7151)
• internal: fix pagination internals not accepting option promises (6677905)

... (truncated)

Changelog

Sourced from openai's changelog.

6.21.0 (2026-02-10)

Full Changelog: v6.20.0...v6.21.0

Features

• api: support for images in batch api (017ba1c)

6.20.0 (2026-02-10)

Full Changelog: v6.19.0...v6.20.0

Features

• api: skills and hosted shell (e4bdd62)

6.19.0 (2026-02-09)

Full Changelog: v6.18.0...v6.19.0

Features

• api: responses context_management (40e7671)

6.18.0 (2026-02-05)

Full Changelog: v6.17.0...v6.18.0

Features

• api: image generation actions for responses; ResponseFunctionCallArgumentsDoneEvent.name (d373c32)

Bug Fixes

• client: avoid memory leak with abort signals (b449f36)
• client: avoid removing abort listener too early (1c045f7)
• client: undo change to web search Find action (8259b45)
• client: update type for find_in_page action (9aa8d98)

Chores

• client: do not parse responses with empty content-length (4a118fa)
• client: restructure abort controller binding (a4d7151)
• internal: fix pagination internals not accepting option promises (6677905)

6.17.0 (2026-01-28)

Full Changelog: v6.16.0...v6.17.0

... (truncated)

Commits

• 2ffe3ea release: 6.21.0
• 8cfe66e feat(api): support for images in batch api
• 66188cd release: 6.20.0
• 64bc0b4 feat(api): skills and hosted shell
• fb5a9be release: 6.19.0
• 1b19311 feat(api): responses context_management
• c205a79 codegen metadata
• 69d2b01 release: 6.18.0
• bf5a096 chore(internal): fix pagination internals not accepting option promises
• aa24028 fix(client): avoid removing abort listener too early
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by apcha-oai, a new releaser for openai since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[chatgpt-codex-connector]

Codex usage limits have been reached for code reviews. Please check with the admins of this repo to increase the limits by adding credits.
Credits must be used to enable repository wide code reviews.

[augmentcode]

🤖 Augment PR Summary

Summary: Updates the project’s OpenAI Node SDK dependency to a newer major release.

Changes:

• Bumped openai from ^4.104.0 to ^6.21.0 in package.json
• Updated the npm lockfile to resolve the new SDK version

Technical Notes: This is a major-version upgrade, so runtime/API compatibility for existing OpenAI integration points should be validated via tests or a quick smoke run.

_{🤖 Was this summary useful? React with 👍 or 👎}

[augmentcode]

Review completed. 1 suggestions posted.

Comment augment review to trigger a new review at any time.

[augmentcode]

openai is being bumped across major versions (v4 → v6); consider double-checking that current usage patterns (e.g., new OpenAI({ apiKey }) and client.chat.completions.create(...) in the AgentOps scripts) still behave as expected under v6, and that any CI / smoke tests cover this path.

Severity: medium

_{🤖 Was this useful? React with 👍 or 👎, or 🚀 if it prevented an incident/outage.}

[greptile-apps]

Greptile Summary

This PR bumps the openai SDK from 4.104.0 to a newer v6 version. The PR title indicates 6.21.0, but package.json specifies ^6.27.0, which resolves to 6.27.0 in the lockfile.

Key observations:

• The openai v6 SDK removed Node.js polyfill dependencies (node-fetch, abort-controller, agentkeepalive, etc.) in favour of native platform APIs, which is compatible with the project's Node.js >= 22.0.0 requirement
• Existing call sites (agentops/runner/lib/llm/provider.ts:123 and agentops/scripts/test-api-keys.ts:69) use the standard client.chat.completions.create() API, which is supported in v6. The response shape (choices[0].message.content, usage.prompt_tokens, usage.completion_tokens) remains unchanged.
• The langsmith@0.5.8 optional peer dependency correctly references openai@6.27.0, which is compatible with langsmith ^0.5.2
• The zod peer-dependency range for openai changed from ^3.23.8 to ^3.25 || ^4.0; the project's zod@^3.25.76 satisfies this range

Concern: The version mismatch between the PR description (6.21.0) and the actual installed version (^6.27.0) should be clarified to ensure the correct version was tested.

Confidence Score: 3/5

• Safe for the core LLM call paths, but confidence is reduced due to the two-major-version skip and version mismatch between PR description and actual installed version.
• The OpenAI SDK v4→v6 jump is large, but the existing call sites are simple and use only the standard client.chat.completions.create() API with common parameters (model, messages, max_tokens), which remain compatible. Response shapes are unchanged. The project's Node.js ≥22.0.0 requirement supports native fetch. However, the two-major-version skip (missing v5 migration path) without explicit testing coverage, combined with the discrepancy between the PR title (6.21.0) and actual version (^6.27.0), warrants confidence at 3/5. Running the test suite would increase confidence.
• No files require special attention beyond running the test suite (pnpm test and pnpm test:agentic) to validate the LLM integration against v6.27.0.

Sequence Diagram

sequenceDiagram
    participant App as agentops/runner
    participant Provider as provider.ts (callOpenAI)
    participant SDK as openai@6.27.0 SDK
    participant API as api.openai.com

    App->>Provider: callLLM(config, prompt, context)
    Provider->>SDK: new OpenAI({ apiKey })
    Provider->>SDK: client.chat.completions.create({ model, messages, max_tokens })
    Note over SDK: v6: uses native fetch<br/>(no node-fetch polyfill)
    SDK->>API: POST /v1/chat/completions
    API-->>SDK: { choices, usage }
    SDK-->>Provider: ChatCompletion response
    Provider-->>App: LLMResponse { content, usage }

Loading

Comments Outside Diff (1)

1. package.json, line 85 (link)

   Version mismatch: The PR title states "bump openai from 4.104.0 to 6.21.0", but package.json specifies ^6.27.0, which the lockfile resolves to 6.27.0. The caret range ^6.27.0 means any future 6.x.x patch/minor release will be pulled in on the next pnpm install, expanding the scope beyond the described target of 6.21.0.

   If the intent is to pin to a specific validated version, consider using an exact version specifier (e.g., "openai": "6.27.0" instead of "openai": "^6.27.0"). At minimum, confirm that 6.27.0 (the actual resolved version) has been tested and validated against the codebase.

_{Last reviewed commit: f1542f4}

[greptile-apps]

_{2 files reviewed, 1 comment}

_{Edit Code Review Agent Settings | Greptile}

[greptile-apps]

Major version bump from 4.x to 6.x - verify all OpenAI API calls still work. The basic client.chat.completions.create() usage in agentops/runner/lib/llm/provider.ts:123 and agentops/scripts/test-api-keys.ts:69 appears compatible with v6, but run the test suite to confirm.

Prompt To Fix With AI

This is a comment left during a code review.
Path: package.json
Line: 79:79

Comment:
Major version bump from 4.x to 6.x - verify all OpenAI API calls still work. The basic `client.chat.completions.create()` usage in `agentops/runner/lib/llm/provider.ts:123` and `agentops/scripts/test-api-keys.ts:69` appears compatible with v6, but run the test suite to confirm.

How can I resolve this? If you propose a fix, please make it concise.

[greptile-apps]

Version mismatch: PR title says 6.21.0, package.json specifies ^6.25.0

The PR description claims this bumps openai to 6.21.0, but package.json has been updated to ^6.25.0, which the lockfile resolves to 6.25.0. The caret range ^6.25.0 will automatically pull in any future 6.x.x releases on the next npm install, expanding the scope beyond what the PR describes.

If the intent is to pin to the validated version, consider using an exact version:

Suggested change

	"openai": "^6.25.0",
	"openai": "6.25.0",

At minimum, confirm that 6.25.0 (the actual installed version) has been validated against the codebase, as it differs from the described target of 6.21.0.

Prompt To Fix With AI

This is a comment left during a code review.
Path: package.json
Line: 79

Comment:
**Version mismatch: PR title says `6.21.0`, package.json specifies `^6.25.0`**

The PR description claims this bumps `openai` to `6.21.0`, but `package.json` has been updated to `^6.25.0`, which the lockfile resolves to `6.25.0`. The caret range `^6.25.0` will automatically pull in any future `6.x.x` releases on the next `npm install`, expanding the scope beyond what the PR describes.

If the intent is to pin to the validated version, consider using an exact version:

```suggestion
    "openai": "6.25.0",
```

At minimum, confirm that `6.25.0` (the actual installed version) has been validated against the codebase, as it differs from the described target of `6.21.0`.

How can I resolve this? If you propose a fix, please make it concise.

[greptile-apps]

Additional Comments (2)

agentops/runner/lib/llm/provider.ts
max_tokens is deprecated in OpenAI SDK v6 — use max_completion_tokens instead

The OpenAI SDK v6 deprecates the max_tokens parameter for chat.completions.create() in favour of max_completion_tokens. This will continue to work at runtime but may trigger deprecation warnings in strict TypeScript builds.

Update to:

    max_completion_tokens: 4096,

The corresponding usage in agentops/scripts/test-api-keys.ts:71 should also be updated.

Prompt To Fix With AI

This is a comment left during a code review.
Path: agentops/runner/lib/llm/provider.ts
Line: 126

Comment:
**`max_tokens` is deprecated in OpenAI SDK v6 — use `max_completion_tokens` instead**

The OpenAI SDK v6 deprecates the `max_tokens` parameter for `chat.completions.create()` in favour of `max_completion_tokens`. This will continue to work at runtime but may trigger deprecation warnings in strict TypeScript builds.

Update to:

```suggestion
    max_completion_tokens: 4096,
```

The corresponding usage in `agentops/scripts/test-api-keys.ts:71` should also be updated.

How can I resolve this? If you propose a fix, please make it concise.

---

agentops/scripts/test-api-keys.ts
max_tokens is deprecated in OpenAI SDK v6 — use max_completion_tokens instead

The OpenAI SDK v6 deprecates the max_tokens parameter for chat.completions.create() in favour of max_completion_tokens. This will continue to work at runtime but may trigger deprecation warnings in strict TypeScript builds.

Update to:

      max_completion_tokens: 10,

Prompt To Fix With AI

This is a comment left during a code review.
Path: agentops/scripts/test-api-keys.ts
Line: 71

Comment:
**`max_tokens` is deprecated in OpenAI SDK v6 — use `max_completion_tokens` instead**

The OpenAI SDK v6 deprecates the `max_tokens` parameter for `chat.completions.create()` in favour of `max_completion_tokens`. This will continue to work at runtime but may trigger deprecation warnings in strict TypeScript builds.

Update to:

```suggestion
      max_completion_tokens: 10,
```

How can I resolve this? If you propose a fix, please make it concise.