fix: sanitize apply content before file edits

[yzlu0917]

Summary

• strip <think>...</think> blocks and Harmony protocol wrappers before apply/edit content is treated as file content
• sanitize apply payloads in the VS Code apply manager so search/replace, empty-file writes, and diff previews stop carrying leaked reasoning into files
• sanitize applyCodeBlock() input and add regression tests covering both <think> contamination and Harmony analysis/final channel output

Why

When upstream local-model stacks leak reasoning into the assistant content field, Continue's apply flow can treat that reasoning as the edit itself. In the worst case that means file edits and previews include model thoughts or Harmony control tokens instead of code.

This hardens the apply path against two concrete contamination patterns reported in #10783:

• <think>...</think> reasoning blocks
• Harmony-style analysis and final channel wrappers

Validation

• ran npm run vitest -- util/stripReasoningFromApplyContent.vitest.ts edit/lazy/applyCodeBlock.vitest.ts in core

Closes #10783

---

Summary by cubic

Sanitizes apply/edit content to strip <think> blocks and Harmony wrappers so model reasoning never gets written to files, previews, or search/replace results. Closes #10783.

• Bug Fixes
  • Added stripReasoningFromApplyContent() in core/util to remove <think> blocks and extract the Harmony final channel (and strip tokens).
  • Applied sanitization in core/edit/lazy/applyCodeBlock and extensions/vscode/src/apply/ApplyManager so deterministic apply, diff previews, search/replace, and empty-file writes use clean text.
  • Added unit tests for both contamination patterns.

^{Written for commit 5a511e6. Summary will update on new commits.}

[cubic-dev-ai]

No issues found across 5 files

[chatgpt-codex-connector]

💡 Codex Review

continue/core/llm/llms/Ollama.ts

Line 514 in 5a511e6

if (options.tools?.length && ollamaMessages.at(-1)?.role === "user") {

Skip Ollama tools when the model template lacks support

This now always attaches chatOptions.tools whenever tools are present and the last message is from the user, but the previous guard that suppressed tools for templates without .Tools support was removed. For Ollama models whose templates do not implement tool calling, /api/chat requests can fail instead of falling back to plain chat, which breaks tool-enabled conversations for those models.

---

continue/core/util/index.ts

Line 230 in 5a511e6

return processedText.replace(HARMONY_TOKEN_REGEX, "");

Do not strip Harmony tokens from normal file content

stripReasoningFromApplyContent is now run on every apply path and unconditionally removes literals like <|start|>, <|end|>, and <|message|> from the final text. If a user is intentionally editing prompt templates/tests/docs that contain these token strings, the applied file is silently corrupted because those literals are deleted even when the content is not a Harmony wrapper.

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".