chore(deps): bump openai from 4.104.0 to 6.27.0

[dependabot]

Bumps openai from 4.104.0 to 6.27.0.

Release notes

Sourced from openai's releases.

v6.27.0

6.27.0 (2026-03-05)

Full Changelog: v6.26.0...v6.27.0

Features

• api: The GA ComputerTool now uses the CompuerTool class. The 'computer_use_preview' tool is moved to ComputerUsePreview (0206188)

Chores

• internal: improve import alias names (9cc2478)

v6.26.0

6.26.0 (2026-03-05)

Full Changelog: v6.25.0...v6.26.0

Features

• api: gpt-5.4, tool search tool, and new computer tool (1d1e5a9)

Bug Fixes

• api: internal schema fixes (6b401ad)
• api: manual updates (2b54919)
• api: readd phase (4a0cf29)
• api: remove phase from message types, prompt_cache_key param in responses (088fca6)

Chores

• internal: codegen related update (6a0aa9e)
• internal: codegen related update (b2a4299)
• internal: move stringifyQuery implementation to internal function (f9f4660)
• internal: reduce warnings (7e19492)

v6.25.0

6.25.0 (2026-02-24)

Full Changelog: v6.24.0...v6.25.0

Features

• api: add phase (e32b853)

Bug Fixes

... (truncated)

Changelog

Sourced from openai's changelog.

6.27.0 (2026-03-05)

Full Changelog: v6.26.0...v6.27.0

Features

• api: The GA ComputerTool now uses the CompuerTool class. The 'computer_use_preview' tool is moved to ComputerUsePreview (0206188)

Chores

• internal: improve import alias names (9cc2478)

6.26.0 (2026-03-05)

Full Changelog: v6.25.0...v6.26.0

Features

• api: gpt-5.4, tool search tool, and new computer tool (1d1e5a9)

Bug Fixes

• api: internal schema fixes (6b401ad)
• api: manual updates (2b54919)
• api: readd phase (4a0cf29)
• api: remove phase from message types, prompt_cache_key param in responses (088fca6)

Chores

• internal: codegen related update (6a0aa9e)
• internal: codegen related update (b2a4299)
• internal: move stringifyQuery implementation to internal function (f9f4660)
• internal: reduce warnings (7e19492)

6.25.0 (2026-02-24)

Full Changelog: v6.24.0...v6.25.0

Features

• api: add phase (e32b853)

Bug Fixes

• api: fix phase enum (2ffe1be)
• api: phase docs (7fdfa38)

... (truncated)

Commits

• 09de6c0 release: 6.27.0
• 0aeb1b5 feat(api): The GA ComputerTool now uses the CompuerTool class. The 'computer_...
• 3cf5bc2 chore(internal): improve import alias names
• 6a89ced release: 6.26.0
• e2b122f feat(api): gpt-5.4, tool search tool, and new computer tool
• 583240f chore(internal): codegen related update
• e53097f chore(internal): reduce warnings
• 1da125d chore(internal): codegen related update
• 67137ac codegen metadata
• 8605a10 fix(api): internal schema fixes
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by apcha-oai, a new releaser for openai since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[chatgpt-codex-connector]

Codex usage limits have been reached for code reviews. Please check with the admins of this repo to increase the limits by adding credits.
Credits must be used to enable repository wide code reviews.

[augmentcode]

🤖 Augment PR Summary

Summary: Updates the OpenAI Node SDK dependency to a newer major release.

Changes:

• Bumped openai from ^4.104.0 to ^6.27.0 (with corresponding lockfile update)

_{🤖 Was this summary useful? React with 👍 or 👎}

[augmentcode]

Review completed. 1 suggestion posted.

Comment augment review to trigger a new review at any time.

[augmentcode]

This bumps openai across a major version (4 → 6); can you confirm the existing SDK call sites (e.g. new OpenAI(...); client.chat.completions.create(...) in agentops/runner/lib/llm/provider.ts and agentops/scripts/test-api-keys.ts) are still compatible and covered by CI/runtime smoke tests? Major SDK releases sometimes remove/rename endpoints or change request/response shapes in ways that won’t show up until runtime.

Severity: medium

_{🤖 Was this useful? React with 👍 or 👎, or 🚀 if it prevented an incident/outage.}

[greptile-apps]

Greptile Summary

This PR bumps openai from 4.104.0 to 6.32.0 (the PR title cites 6.27.0, but the resolved version is 6.32.0). This is a two-major-version jump that spans the v5 breaking release cycle.

• API compatibility: The two files that consume the openai package (agentops/runner/lib/llm/provider.ts and agentops/scripts/test-api-keys.ts) use only stable, unchanged APIs — new OpenAI({ apiKey }), client.chat.completions.create(), response.choices[0].message.content, and response.usage.prompt_tokens / response.usage.completion_tokens. These surfaces are preserved across v4 → v5 → v6 for Chat Completions.
• Dependency footprint: The v6 snapshot in the lockfile drops the legacy polyfill stack (node-fetch, abort-controller, form-data-encoder, agentkeepalive, etc.) in favour of the native Fetch API. This is safe because the project already enforces engines.node >=22.
• Zod peer dep: The updated peer dependency range (^3.25 || ^4.0) is compatible with the pinned zod@3.25.76 in the lockfile.
• Version discrepancy: The specifier pinned in package.json is ^6.32.0, not ^6.27.0 as stated in the PR title — see inline comment.

Confidence Score: 4/5

• Safe to merge after confirming tests pass; existing code uses only stable Chat Completions APIs that are unchanged across the version jump.
• The upgrade spans two major versions (v4 → v6), which warrants caution, but the actual API surface consumed by this codebase (chat.completions.create, constructor, response shape) has not changed. The removal of legacy polyfill deps is compatible with the Node >=22 requirement. The only outstanding concern is the minor version mismatch between the PR title and the resolved lockfile version.
• No files require special attention beyond confirming the test suite passes against the new SDK version.

Important Files Changed

Filename	Overview
package.json	Bumps openai from ^4.104.0 to ^6.32.0 — a two-major-version jump; the PR title references 6.27.0 but the pinned specifier and lockfile resolve to 6.32.0.
pnpm-lock.yaml	Lockfile updated to openai 6.32.0; the v6 snapshot drops several legacy dependencies (node-fetch, abort-controller, form-data-encoder, etc.) in favour of the native Fetch API, which is safe given the project's engines.node >=22 requirement.

Sequence Diagram

sequenceDiagram
    participant App as agentops/runner
    participant Provider as provider.ts
    participant SDK as openai SDK (v6.32.0)
    participant API as OpenAI API

    App->>Provider: callLLM(config, prompt, context)
    Provider->>Provider: config.provider === 'openai'?
    Provider->>SDK: new OpenAI({ apiKey })
    Provider->>SDK: client.chat.completions.create({ model, messages, max_tokens })
    SDK->>API: POST /v1/chat/completions (native Fetch)
    API-->>SDK: { choices, usage }
    SDK-->>Provider: response
    Provider->>Provider: response.choices[0].message.content
    Provider->>Provider: response.usage.prompt_tokens / completion_tokens
    Provider-->>App: LLMResponse { content, usage }

Loading

Comments Outside Diff (1)

1. package.json, line 89 (link)

   Version mismatch between PR title and installed version

   The PR title and description refer to 6.27.0, but the package.json specifier is ^6.32.0 and the lockfile resolves to 6.32.0. This is likely because Dependabot generated the title when 6.27.0 was the latest release and the semver range later resolved to 6.32.0 — but it means the PR description does not accurately reflect what will actually be installed. Worth confirming the intended target version before merging.

Prompt To Fix All With AI

This is a comment left during a code review.
Path: package.json
Line: 89

Comment:
**Version mismatch between PR title and installed version**

The PR title and description refer to `6.27.0`, but the `package.json` specifier is `^6.32.0` and the lockfile resolves to `6.32.0`. This is likely because Dependabot generated the title when 6.27.0 was the latest release and the semver range later resolved to 6.32.0 — but it means the PR description does not accurately reflect what will actually be installed. Worth confirming the intended target version before merging.

How can I resolve this? If you propose a fix, please make it concise.

_{Last reviewed commit: "chore(deps): bump op..."}

[roomote-v0]

Rooviewer   Follow task

Taking a look at your PR now. Will share feedback shortly!