Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
160 commits
Select commit Hold shift + click to select a range
c985718
wip: bridge upstream v1.17.9 overlay + install/structure reconciliati…
anandgupta42 Jun 23, 2026
eb2b92d
wip: v1.17.9 reconciliation — Log shim, import repoints, impact playb…
anandgupta42 Jun 23, 2026
9e43563
wip: v1.17.9 reconciliation — Effect-API compat wrappers + config-sch…
anandgupta42 Jun 23, 2026
4294cc9
wip: v1.17.9 reconciliation — altimate/ Tool-API surface green (check…
anandgupta42 Jun 24, 2026
2a22e6b
wip: v1.17.9 reconciliation — §4 re-home TUI customizations into pack…
anandgupta42 Jun 24, 2026
34c1f36
wip: v1.17.9 reconciliation — §4 re-home TUI batch 2 + line-streaming…
anandgupta42 Jun 24, 2026
96f6138
wip: v1.17.9 reconciliation — §4 app.tsx + UpgradeIndicator port (che…
anandgupta42 Jun 24, 2026
cc4502f
wip: v1.17.9 reconciliation — delete dead old-TUI tree (§3.4 part 1) …
anandgupta42 Jun 24, 2026
6e6b6d9
wip: v1.17.9 reconciliation — restore dropped hono dep (checkpoint 9)
anandgupta42 Jun 24, 2026
99ab746
wip: v1.17.9 reconciliation — moved-to-core util re-export shims (che…
anandgupta42 Jun 24, 2026
1b8fd97
feat: [v1.17.9] fork TUI features as host-registered plugins — ADR + …
anandgupta42 Jun 24, 2026
74f73fa
feat: [v1.17.9] port 4 fork TUI features to host-registered plugins (…
anandgupta42 Jun 24, 2026
1b691bd
feat: [v1.17.9] fully restore prompt-enhance via api.prompt.active() …
anandgupta42 Jun 24, 2026
2461250
wip: v1.17.9 reconciliation — 3 more moved-to-core util shims (checkp…
anandgupta42 Jun 24, 2026
3dd9e49
wip: v1.17.9 reconciliation — restore Auth/Env Promise wrappers (chec…
anandgupta42 Jun 24, 2026
a1085ba
fix: [v1.17.9] Env wrappers must be synchronous (checkpoint 16)
anandgupta42 Jun 24, 2026
8f39fda
wip: v1.17.9 reconciliation — Installation.VERSION re-export shim (ch…
anandgupta42 Jun 24, 2026
f8cc2f3
wip: v1.17.9 reconciliation — restore util/fn + repoint dropped @open…
anandgupta42 Jun 24, 2026
de952af
wip: v1.17.9 reconciliation — restore util/{context,abort,lock} + she…
anandgupta42 Jun 24, 2026
2f910be
wip: v1.17.9 reconciliation — restore bus/index.ts Bus namespace (che…
anandgupta42 Jun 24, 2026
38dd432
wip: v1.17.9 reconciliation — util/schema shim + branded-type make() …
anandgupta42 Jun 24, 2026
3a20a97
wip: v1.17.9 reconciliation — permission/project/filesystem/npm core …
anandgupta42 Jun 24, 2026
296ed79
wip: v1.17.9 reconciliation — delete stale old-TUI tests (checkpoint 23)
anandgupta42 Jun 24, 2026
5c96c2a
wip: v1.17.9 reconciliation — repoint moved .sql table-def imports to…
anandgupta42 Jun 24, 2026
41b969f
wip: v1.17.9 reconciliation — fix provider/session/server core files …
anandgupta42 Jun 24, 2026
6a8796d
wip: v1.17.9 reconciliation — 11 survivor files via 5-agent batch (ch…
anandgupta42 Jun 24, 2026
c7b7e23
wip: v1.17.9 reconciliation — server routes + tool/mcp/skill batch (c…
anandgupta42 Jun 24, 2026
205d76c
wip: v1.17.9 reconciliation — Service facades: Project/ShareNext/Sess…
anandgupta42 Jun 24, 2026
8aea81e
wip: v1.17.9 reconciliation — Service facades: Provider/Plugin/LLM/To…
anandgupta42 Jun 24, 2026
b0e3e66
wip: v1.17.9 reconciliation — long-tail survivor batch, src 248->52 (…
anandgupta42 Jun 24, 2026
16e6cff
wip: v1.17.9 reconciliation — packages/opencode/src is GREEN (checkpo…
anandgupta42 Jun 24, 2026
641e616
wip: v1.17.9 reconciliation — opencode TYPECHECK GREEN (0 errors) (ch…
anandgupta42 Jun 24, 2026
27fb94c
wip: v1.17.9 — start runtime circular-init fix (Layer.suspend) (check…
anandgupta42 Jun 24, 2026
45b2262
fix: [v1.17.9] resolve runtime circular-init via lazy LayerNode deps …
anandgupta42 Jun 24, 2026
b23baec
wip: v1.17.9 — broad Layer.suspend sweep (typecheck+TDZ green, KNOWN …
anandgupta42 Jun 24, 2026
9e5d731
fix: [v1.17.9] resolve bootstrap deadlock — agent runs end-to-end (ch…
anandgupta42 Jun 24, 2026
b2e0ad1
test: [v1.17.9] triage wave 1 — provider/plugin/install/branding/rele…
anandgupta42 Jun 24, 2026
cdfe5e0
fix+test: [v1.17.9] DB split-brain fix + wave-2 triage; revert ec36 c…
anandgupta42 Jun 24, 2026
3dd78c5
test: [v1.17.9] triage wave-1 complete — upstream/session/server/smal…
anandgupta42 Jun 24, 2026
e3f2514
docs+test: [v1.17.9] session behavioral triage + e2e harness (ckpt40)
anandgupta42 Jun 25, 2026
998bed0
docs: [v1.17.9] ship-readiness report (ckpt41)
anandgupta42 Jun 25, 2026
19c0eb1
test+docs: [v1.17.9] fork carry-forward guards (40 tests, 0 dropped) …
anandgupta42 Jun 25, 2026
4e8c4e6
test: [v1.17.9] 50 upstream-adversarial tests (UPI risks) + 2 minor b…
anandgupta42 Jun 25, 2026
34508c9
docs: [v1.17.9] finalize ship report + draft PR body (ckpt44 FINAL)
anandgupta42 Jun 25, 2026
70decf7
docs+test: [v1.17.9] per-case session-delta review (ckpt45)
anandgupta42 Jun 25, 2026
699a369
docs: [v1.17.9] finalize — session review + 132-run e2e (89%, ~95% tr…
anandgupta42 Jun 25, 2026
01d0aac
fix: [v1.17.9] fix-everything batch 1 — server v2-location, Account d…
anandgupta42 Jun 25, 2026
243ee69
docs: [v1.17.9] fix-everything outcome — server/account/bug fixed, sd…
anandgupta42 Jun 25, 2026
00a7035
docs: [v1.17.9] FINAL — suite 868->1, fix-everything complete (ckpt49)
anandgupta42 Jun 25, 2026
22e7513
docs: [v1.17.9] differential confidence audit (carry-forward / upstre…
anandgupta42 Jun 25, 2026
1f83919
chore+docs: [v1.17.9] marker hygiene (25 files) + autonomous accept-v…
anandgupta42 Jun 25, 2026
95d1680
fix: [v1.17.9] restore 8 dropped v1.17.9 session behaviors (autonomou…
anandgupta42 Jun 25, 2026
b80f2cb
docs: [v1.17.9] plan to cover the 46 remaining session todos (injecta…
anandgupta42 Jun 25, 2026
bdb3cef
docs: [v1.17.9] codex audit results + refreshed PR body (pre-PR)
anandgupta42 Jun 25, 2026
6beae93
fix: [v1.17.9] audit follow-ups — partial branding (215->198) + TaskT…
anandgupta42 Jun 25, 2026
2999398
fix: [v1.17.9] build.ts stale TUI worker entry path (cli/cmd/tui -> c…
anandgupta42 Jun 25, 2026
e92adcf
docs: [v1.17.9] overnight TUI inspection mandate plan
anandgupta42 Jun 25, 2026
2c3d2ed
fix: [v1.17.9] TUI /api routing flood + branding 198->0 + require-mar…
anandgupta42 Jun 25, 2026
117b6b0
fix: bump CI bun-version 1.3.10 -> 1.3.14 to match merged runtime req…
anandgupta42 Jun 25, 2026
86be045
fix: [v1.17.9] eliminate test-suite DB migration race (table `project…
anandgupta42 Jun 25, 2026
95ab133
fix: rebrand residual OpenCode leaks surfaced by TUI visual inspection
anandgupta42 Jun 25, 2026
600bf8b
docs: [v1.17.9] night-2 validation artifacts (DB-race fix, TUI visual…
anandgupta42 Jun 25, 2026
3a583c3
test: [v1.17.9] isolate Google Vertex ADC in preload (deterministic h…
anandgupta42 Jun 25, 2026
c2a7fa5
fix: [v1.17.9] lazy-load playwright-core so trace-viewer e2e skips cl…
anandgupta42 Jun 25, 2026
b3bee8c
docs: [v1.17.9] WS4 command + WS5 trace verification reports + second…
anandgupta42 Jun 25, 2026
761a660
fix: [v1.17.9] restore session tracing — read tracing config via serv…
anandgupta42 Jun 25, 2026
af23602
docs: [v1.17.9] mark tracing FIXED in secondary-findings; skill-list …
anandgupta42 Jun 25, 2026
14143ab
fix: [v1.17.9] restore `skill list` (read via server) + tracing/skill…
anandgupta42 Jun 25, 2026
cb9529a
docs: [v1.17.9] mark skill-list FIXED + record dispositions for remai…
anandgupta42 Jun 25, 2026
c905d0f
docs: [v1.17.9] PR body — add CLI instance-context (tracing + skill l…
anandgupta42 Jun 25, 2026
a3dc9f0
fix: [v1.17.9] align server auth default username to "opencode" (code…
anandgupta42 Jun 25, 2026
591e711
fix: [v1.17.9] root-fix InstanceRef ALS split — bootstrap provides on…
anandgupta42 Jun 25, 2026
1ab8421
test+fix: [v1.17.9] migration schema-fingerprint drift guard + close …
anandgupta42 Jun 25, 2026
87af8b3
test: [v1.17.9] derive resetDatabase tables from live schema + record…
anandgupta42 Jun 25, 2026
55b23f1
fix: [v1.17.9] name WorkspaceContext ALS "workspace" not "instance"
anandgupta42 Jun 25, 2026
d074d0f
fix: [v1.17.9] address codex PR #964 review comments (active-path sub…
anandgupta42 Jun 25, 2026
ad005a7
fix: [v1.17.9] stop log shim from flooding the TUI (quiet by default,…
anandgupta42 Jun 25, 2026
aa22364
test+docs: [v1.17.9] artifact-level detection for the missed-bug clas…
anandgupta42 Jun 25, 2026
f513e9d
docs: [v1.17.9] tracing RCA — rule out flushSync, point at Bun-worker…
anandgupta42 Jun 25, 2026
7a911be
docs: [v1.17.9] ship-readiness E2E + TUI-inspection playbook (the /go…
anandgupta42 Jun 25, 2026
50b295d
fix: [v1.17.9] restore TUI session tracing — sync finalize on the qui…
anandgupta42 Jun 25, 2026
34a7b9b
test: [v1.17.9] de-flake TraceConsumer session.deleted re-create test…
anandgupta42 Jun 25, 2026
630a4b2
fix: [v1.17.9] lowercase TUI wordmark ("altimate code", not "ALTIMATE…
anandgupta42 Jun 25, 2026
a43d9a5
test: [v1.17.9] de-flake M2 trace rename-race test (fixed-wait → poll…
anandgupta42 Jun 25, 2026
f5ecdd8
fix: [v1.17.9] finalizeSync applies maxFiles pruning on the sync shut…
anandgupta42 Jun 25, 2026
4c46533
fix: address Kilo review findings on PR #964 (v2-core security + migr…
anandgupta42 Jun 25, 2026
f647f6e
fix: three TUI/runtime issues from the Altimate Code Issues report
anandgupta42 Jun 26, 2026
0ae4c7a
fix: systemic TUI log-hygiene guard so logging stops regressing on up…
anandgupta42 Jun 26, 2026
d524947
fix: prune trace files by mtime, not filename — TUI session traces we…
anandgupta42 Jun 26, 2026
c60eb12
fix: worker console guard also intercepts console.* (Bun bypasses pro…
anandgupta42 Jun 26, 2026
70436fc
fix: revert TUI wordmark to the clean uppercase ALTIMATE CODE block font
anandgupta42 Jun 26, 2026
f6e79a4
fix: address codex deep-review findings (grep containment robustness,…
anandgupta42 Jun 26, 2026
056d375
fix: de-flake CI subprocess tests via prebuilt test CLI + larger spaw…
anandgupta42 Jun 26, 2026
b63660f
fix: address codex pass-2 findings (grep symlink-FILE bypass + publis…
anandgupta42 Jun 26, 2026
9fbe4d0
fix: CI de-flake — OPENCODE_TEST_CLI must be absolute (CI passed rela…
anandgupta42 Jun 26, 2026
b821039
fix: revert the v2-httpapi upgrade guard (broke its happy-path test; …
anandgupta42 Jun 26, 2026
65344da
fix: restore symlink-aware project boundary the v1.17.9 merge dropped…
anandgupta42 Jun 26, 2026
baa8ca9
fix: restore #209 sensitive-write guard dropped by the merge (shipped…
anandgupta42 Jun 26, 2026
ab7c8f5
test+docs: restore dropped path-traversal security tests + release-co…
anandgupta42 Jun 26, 2026
6e33598
fix: load builtin DE skills into the live registry (merge dropped the…
anandgupta42 Jun 26, 2026
fe9f996
fix: restore dropped --trace fork-fix + revert prebuilt-binary test d…
anandgupta42 Jun 26, 2026
3501636
fix: skip background @opencode-ai/plugin install under OPENCODE_PURE …
anandgupta42 Jun 26, 2026
7d664a7
fix(mcp): restore dropped MCP.remove + bunRun harness opt for error-p…
anandgupta42 Jun 26, 2026
e256ddf
fix(ci): run subprocess tests in a dedicated bounded pass (kill load-…
anandgupta42 Jun 26, 2026
89ded86
fix(ci): run subprocess tests via `bun run src` (not the binary) in t…
anandgupta42 Jun 26, 2026
09b068b
chore(acp): TEMP diagnostic — surface the cause behind the -32603 "di…
anandgupta42 Jun 26, 2026
59b27ad
fix(test): disable embedded web UI in subprocess test env (real root …
anandgupta42 Jun 26, 2026
7c0d7e2
chore: TEMP diagnostics — ubuntu-CI provider registration + acp cause
anandgupta42 Jun 26, 2026
1db1181
fix(test): use ripgrep (OPENCODE_DISABLE_FFF) in subprocess tests — r…
anandgupta42 Jun 26, 2026
1b98aca
test: guard MCP.remove presence + datamate wiring (regression for the…
anandgupta42 Jun 26, 2026
732a20d
fix: restore fork behaviors silently dropped by the v1.17.9 overlay m…
anandgupta42 Jun 29, 2026
34a11d7
fix(test): mcp-add asserts the altimate-code global config dir
anandgupta42 Jun 29, 2026
57584ed
fix: [storage] adopt core-owned schema on fresh installs (fresh-DB sh…
anandgupta42 Jun 29, 2026
8235149
chore: [release] remove internal merge/night-run scratch from the PR
anandgupta42 Jun 30, 2026
c44e0a9
fix: [merge] address two shipped-path review findings from the v1.17.…
anandgupta42 Jun 30, 2026
e29c065
fix: [merge] prevent fff SIGTRAP crash when TUI is launched from ~ or /
anandgupta42 Jun 30, 2026
284ff0f
docs: [merge] correct global config dir + complete the MCP CLI reference
anandgupta42 Jun 30, 2026
c224354
fix: [merge] load project tools from .altimate-code/tools, not only .…
anandgupta42 Jun 30, 2026
2f12ae3
docs: [merge] document .altimate-code/tools as the preferred custom-t…
anandgupta42 Jun 30, 2026
ea55ba9
fix: [merge] stop models echoing the date — carry it in <env>, not th…
anandgupta42 Jul 1, 2026
e695b53
fix: [merge] default thinking to hidden for upgraders too (not just f…
anandgupta42 Jul 1, 2026
fbf3976
test: [merge] re-enable 137 fork security/behavior tests disabled by …
anandgupta42 Jul 1, 2026
2df6c8f
fix: [merge] CRITICAL — `skill remove customize-opencode` could rm -r…
anandgupta42 Jul 1, 2026
b5715e7
fix: [merge] restore session-level diff so the modified-files sidebar…
anandgupta42 Jul 1, 2026
c87d59d
fix: [merge] restore read-only guard on `db <query>` (was able to DEL…
anandgupta42 Jul 1, 2026
ded1893
fix: [merge] MCP hardening — stderr-drain hang, OAuth-state leak, sil…
anandgupta42 Jul 1, 2026
6b11abd
test: [merge] make MCP discover/lifecycle tests hermetic (isolate hom…
anandgupta42 Jul 1, 2026
89eaf01
fix: [merge] restore ACP altimate-backend default-model preference
anandgupta42 Jul 1, 2026
cf62f1f
fix: [merge] idempotent DB migration adopt — stop "duplicate column" …
anandgupta42 Jul 1, 2026
c7c7f5e
fix: [merge] restore file diffs in shared sessions
anandgupta42 Jul 1, 2026
c75f793
fix: [merge] restore config env-interpolation telemetry
anandgupta42 Jul 1, 2026
555ac7f
fix: [merge] route /experimental/workspace to the HttpApi (was 500 vi…
anandgupta42 Jul 1, 2026
ab83ed5
fix: [#978] make reviewer mode usable — external reads prompt, bash a…
anandgupta42 Jul 2, 2026
a30e477
fix: [#973][#975] restore Ctrl+A/Ctrl+E in prompt + history recall fr…
anandgupta42 Jul 2, 2026
c4a474f
fix: [#971][#972][#974] dedupe /mcps autocomplete, surface MCP auth c…
anandgupta42 Jul 2, 2026
1794048
fix: [#976] clicking a truncated URL now opens the full URL
anandgupta42 Jul 2, 2026
98933b3
fix: restore `codesearch` for explore agent + gather `prompt.skills` …
anandgupta42 Jul 2, 2026
acb7a59
chore: extend altimate_change marker to cover move() signature (marke…
anandgupta42 Jul 2, 2026
01833e8
fix: close unclosed marker in db.ts + update reviewer pin tests to th…
anandgupta42 Jul 2, 2026
ae16338
feat: restore three fork behaviors deferred during the v1.17.9 re-hom…
anandgupta42 Jul 2, 2026
27c4905
fix: [upgrade] make migration-journal marking idempotent (stop per-la…
anandgupta42 Jul 2, 2026
972df32
test: add real-binary TUI journey suite (opt-in gate for interaction …
anandgupta42 Jul 2, 2026
00dde08
fix: [merge] restore dropped upstream behavioral refinements (audit f…
anandgupta42 Jul 2, 2026
7232b34
fix: [merge] restore fork-wanted refinements + branding (audit judgme…
anandgupta42 Jul 2, 2026
386e653
fix: [release] bump release.yml Bun 1.3.10 -> 1.3.14 (was release-blo…
anandgupta42 Jul 2, 2026
b0ade91
fix: [merge] restore 5 dropped upstream fixes + 3 unwired auth plugin…
anandgupta42 Jul 2, 2026
8c74589
fix: [security] make the #209 sensitive-write guard actually fire
anandgupta42 Jul 2, 2026
14a72bc
fix: [merge] preserve provider-executed flag on tool part metadata
anandgupta42 Jul 2, 2026
e3a160a
docs: [board] record E integration-seam findings + final disposition
anandgupta42 Jul 2, 2026
c357612
fix: [release] derive release version from the fork package, not upst…
anandgupta42 Jul 2, 2026
b7f5a61
feat: [release] enable safe beta releases (channel-from-tag + prerele…
anandgupta42 Jul 2, 2026
3b16acc
feat: add /release-beta skill — cut a beta to the npm beta channel (l…
anandgupta42 Jul 2, 2026
b57aa69
fix: [merge] 4 shipped-path bugs from PR review (fresh-install, data-…
anandgupta42 Jul 2, 2026
383eaf1
fix: [merge] 15 shipped-path bugs from proactive codex review (round 1)
anandgupta42 Jul 2, 2026
def7a55
fix: [merge] 8 shipped-path bugs from proactive codex review (round 2…
anandgupta42 Jul 2, 2026
e7ec6a9
fix: [security] MCP tools were executing with NO permission check
anandgupta42 Jul 2, 2026
3d48a58
fix: [merge] bot-review findings — config jsonc/cache, tui server-con…
anandgupta42 Jul 2, 2026
5e287ce
fix: [merge] round-3 findings — env-flag regressions + cli debug/impo…
anandgupta42 Jul 2, 2026
a26f586
fix: [merge] round-4 regression review — complete jsonc support + loc…
anandgupta42 Jul 2, 2026
6765d87
fix: [merge] upstream_fix: don't blank unresolved ${VAR} — fixes bedr…
anandgupta42 Jul 2, 2026
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
158 changes: 158 additions & 0 deletions .claude/commands/release-beta.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,158 @@
---
description: Cut a BETA (prerelease) of altimate-code to the npm `beta` channel. Existing `latest` users are NOT auto-upgraded — only opt-in beta testers get it. Use to soak a risky change (e.g. a big upstream merge) before promoting to `latest` with /release.
---

# Release altimate-code BETA

Cut a prerelease to the **`beta`** npm dist-tag. The whole point: **existing
stable (`latest`) users are never touched.** Only people who opted into the
beta channel (`npm i -g @altimateai/altimate-code@beta`, or a beta install)
receive it. Use this to dogfood a risky release before promoting it to
`latest` with `/release`.

## Why this is a separate skill (read once)

- `/release` tags a plain `vX.Y.Z` → the workflow publishes to **`latest`** →
**every existing user auto-upgrades on next launch.** For a big/risky change
that is exactly the "brick everyone if there's a bug" risk.
- A beta tag has a `-` suffix (`vX.Y.Z-beta.N`). `.github/workflows/release.yml`
derives `OPENCODE_CHANNEL` from the tag: a `-` → the **`beta`** channel →
`npm publish --tag beta`. The `latest` dist-tag is left pointing at the old
stable, so `latest` users do not move.
- The upgrade check (`cli/upgrade.ts`) is fail-safe and orders prerelease
identifiers, so a beta tester on `beta.1` auto-upgrades to `beta.2`, and any
beta upgrades to the eventual stable. This is verified by the round-trip below.

## Input

`$ARGUMENTS` = the target STABLE version this beta leads to (`patch` | `minor` |
`major`, or an explicit `X.Y.Z`). Default `minor` — a big upstream merge is not
a patch. The beta tag becomes `vX.Y.Z-beta.N`.

---

## Step 1 — Determine the beta version

```bash
# current published STABLE (the latest dist-tag)
npm view @altimateai/altimate-code dist-tags --json
```

- Base stable `X.Y.Z` from `$ARGUMENTS`:
- `patch`/empty → not typical for a beta; prefer `minor`.
- `minor` → bump minor of the current stable (0.8.10 → **0.9.0**).
- `major` → 0.8.10 → **1.0.0**.
- explicit `X.Y.Z` → use it.
- Find the next `-beta.N`: look at the current `beta` dist-tag. If it is already
`X.Y.Z-beta.M`, next is `beta.(M+1)`; otherwise start at `beta.1`.

```bash
# does a beta for this base already exist?
npm view @altimateai/altimate-code@beta version 2>/dev/null || echo "no beta yet"
```

Confirm with the user: **"Cutting beta `vX.Y.Z-beta.N`. This publishes to the
`beta` channel only — `latest` stays at `<current stable>`, so existing users
are NOT auto-upgraded. Proceed?"** Wait for an explicit yes.

## Step 2 — Ensure clean, correct base

```bash
git branch --show-current # expect main (or the branch you're betaing)
git status --short # must be clean
git fetch origin
git log HEAD..origin/$(git branch --show-current) --oneline # must be up to date
```
Stop if dirty, behind, or on an unexpected branch.

## Step 3 — Pre-tag gates (lighter than /release, but non-negotiable)

Betas soak in production, so they must at least build and pass CI. Do NOT skip:

```bash
# both packages typecheck
(cd packages/opencode && bun run typecheck)
(cd packages/tui && bun run typecheck)
# marker guard
bun run script/upstream/analyze.ts --markers --base main --strict
# PR/branch functional CI is green
gh pr checks <PR> --repo AltimateAI/altimate-code | grep -viE 'kilo|coderabbit|skipping'
```
If any functional gate is red, stop and fix first.

## Step 4 — Tag and push the beta

The `-beta.N` suffix is what routes to the beta channel. Do NOT omit it.

```bash
BETA_TAG="vX.Y.Z-beta.N"
git tag "$BETA_TAG"
git push origin "$BETA_TAG" # push the TAG (not necessarily main)
```

Note: unlike `/release`, do not `git push origin main` unless main already
contains this commit. A beta can be tagged on a branch or on main; the tag is
what triggers the workflow.

## Step 5 — Monitor the release workflow

```bash
gh run list --workflow=release.yml --repo AltimateAI/altimate-code --limit 1
gh run watch --repo AltimateAI/altimate-code
```
The workflow's native linux-x64 smoke + pre-publish smoke are the last gates.
If it fails, do NOT delete the tag — investigate (`gh run view --log-failed`).

## Step 6 — CRITICAL post-publish guard: confirm `latest` did NOT move

This is the safety assertion. After publish:

```bash
npm view @altimateai/altimate-code dist-tags --json
```

- `beta` MUST now be `X.Y.Z-beta.N`.
- `latest` MUST be UNCHANGED (still the previous stable, e.g. 0.8.10).

If `latest` moved to the beta version, **the beta leaked to all users** — treat
as an incident: publish a corrected `latest` dist-tag back to the last-good
stable immediately (`npm dist-tag add @altimateai/altimate-code@<good> latest`)
and investigate the channel derivation in release.yml.

## Step 7 — Verify the beta works AND can upgrade out (round-trip)

The whole reason for a beta is to prove the new codebase is safe — including
its own auto-upgrade — before stable users touch it.

```bash
# install the beta hermetically (does not touch your normal install if you use a temp prefix)
npm i -g @altimateai/altimate-code@beta # or an isolated prefix
altimate --version # reports X.Y.Z-beta.N
altimate agent list; altimate skill list # fork surfaces load
```

Dogfood real workflows on the beta. Then prove the **round-trip**: when you cut
`vX.Y.Z-beta.(N+1)`, a machine already on `beta.N` must auto-upgrade to it on
next launch (compareVersions orders betas). If it does, the updater on the new
codebase is proven — stable users can safely be promoted onto it.

## Step 8 — Promote to `latest` (separate, deliberate step)

Only after the beta has soaked and the round-trip is proven:

- Run **`/release {same bump}`** to cut the stable `vX.Y.Z` → `latest`. That is
the step that auto-upgrades existing users — and by then you've proven the
exact code and its updater on the beta channel.
- Do NOT move `latest` to a `-beta` version by hand; ship a clean stable tag.

---

## Hard rules

- The tag MUST contain `-beta.N`. A plain `vX.Y.Z` from this skill would hit
`latest` — never do that here.
- Never skip Step 6 (the `latest`-didn't-move assertion). It is the one check
that catches a channel-routing regression before it bricks everyone.
- npm publishes are effectively irreversible — get the explicit user yes at
Step 1 before tagging, and never publish credentials or move `latest` without
intent.
12 changes: 12 additions & 0 deletions .dockerignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
.git
.opencode
.sst
.turbo
.wrangler
node_modules
**/node_modules
**/.output
**/dist
**/.turbo
**/.vite
**/coverage
2 changes: 2 additions & 0 deletions .gitattributes
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
packages/core/migration/**/snapshot.json linguist-generated
packages/core/src/database/migration.gen.ts linguist-generated
47 changes: 17 additions & 30 deletions .github/TEAM_MEMBERS
Original file line number Diff line number Diff line change
@@ -1,30 +1,17 @@
aidtya
aloks98
altimateanas
anandgupta42
ankitksharma
anusha-sharma
arora-saurabh448
dvanaken
frasermarlow
gaurpulkit
govindpawa
jontsai
kulvirgit
mdesmet
mhallida
ppradnesh
rakendd
ralphstodomingo
ravik-aai
robertmaybin
sahrizvi
sanjaykr5
saravmajestic
sgvarsh
shreyastelkar
sourabhchrs93
suryaiyer95
tshreyas
vivekvenkatareddy
yukthagv
adamdotdevin
Brendonovich
fwang
Hona
iamdavidhill
jayair
jlongster
kitlangton
kommander
MrMushrooooom
nexxeln
R44VC0RP
rekram1-node
thdxr
simonklee
vimtor
starptech
47 changes: 47 additions & 0 deletions .github/meta/night-run/MERGE-VALIDATION-MATRIX.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
# Comprehensive merge validation — upstream v1.4.0→v1.17.9 bridge (PR #964)

Method: not spot-checks. The merge surface (3,254 upstream commits) reduces to a BOUNDED,
enumerable set validated by three contracts, each covered exhaustively.

## Surface (measured)
- 226 upstream-shared source files modified by the merge (exist in both v1.17.9 and HEAD)
- 293 fork-only source files
- 106 fork "altimate_change" behaviors present on main whose marker text wasn't found verbatim on HEAD

## Coverage matrix

| Contract | Question | Method | Result |
|---|---|---|---|
| C1: no dropped upstream code | did conflict-resolution revert upstream fixes? | 226 files reviewed by 11 subsystem agents; diff v1.17.9↔HEAD each | No ship-blocker. ~6 real MED/LOW refinement drops (below). High-value upstream fixes (Plan-Mode security, models-cache recovery, session-metadata migration identity, corrupt-message handler) present VERBATIM. |
| C2: no fork-feature loss | did fork customizations survive? | 106 candidate behaviors verified present-on-HEAD or dropped | Most false (path-restructure moved cli/cmd/tui→tui/src + reworded). Real drops: beginner-tips onboarding, internal-url inconsistency, minor branding. |
| C3: behavior | does the artifact work? | full suite + schema + upgrade + journey + real binary + CI | 10,555 tests pass (2 flaky, pass isolated); 19/19 schema tables parity; upgrade 16/16; journey 10 green; CI functional gates green. |

## REAL findings (all MED/LOW — none block ship), fork-wanted, verified by lead

| # | file | issue | sev | fix |
|---|------|-------|-----|-----|
| 1 | session/compaction.ts | tail-preserving compaction dead: consumers read `tail_start_id` (session.ts:775, message-v2.ts:1016) but no writer sets it on new compaction parts | MED | restore the writer that stamps `tail_start_id` when creating the compaction part |
| 2 | share/share-next.ts:152 | dropped `Effect.catchCause` on fullSync+flush → unhandled rejection on share-sync failure | MED | wrap fullSync/flush failures (log, don't throw) |
| 3 | session/llm.ts:214 | Copilot billing split-brain: `includeRawChunks` absent from streamText, but `copilotTotalNanoAiu`/`totalNanoAiu` consumers depend on it → Copilot billing metadata never populates | MED | pass `includeRawChunks: true` for the Copilot provider path |
| 4 | tui first-run (tips) | fork onboarding UX dropped: main had `BEGINNER_TIPS`/`isFirstTime`; HEAD has zero refs | MED | restore beginner-tips/first-time hint |
| 5 | util/filesystem.ts:131 | Windows path conversion lost: HEAD does only `realpathSync.native`; upstream also did `windowsPath()` (cygwin/gitbash/WSL) | LOW | restore windowsPath() normalization for win32 |
| 6 | session/retry.ts:71 | drops upstream's extra "retry 5xx even if SDK says non-retryable" guard | LOW | re-add the status-code 5xx retry guard |
| 7 | cli/cmd/mcp.ts:419 | CLI MCP installs default to opencode.json not altimate-code.json (both still discovered) | LOW | prefer altimate-code.json in CONFIG_FILENAMES |
| 8 | tui.ts:166 / runtime.ts:737 | internal worker url `opencode.internal` inconsistent with `altimate-code.internal` elsewhere (internal routing key, not user-visible) | LOW | unify the virtual-host string |
| — | footer/uninstall/upgrade/initialize.txt | unmarked fork branding + 1-2 "OpenCode config" strings | LOW | marker hygiene + branding fix |

## INTENTIONAL divergences (verified NOT bugs — fork deliberately differs)
- task.ts background subagents — marker: "hides disabled background mode"
- providers Alibaba/Venice/Azure-workflow/GitLab-Duo — moved to packages/core/src/plugin/provider/* or not shipped
- run.ts interactive/replay/demo — fork ships its own run command (executive/analyst modes, max-turns, tracing)
- plugin/index.ts loader + omitted upstream provider plugins — fork ships its own provider set
- server.ts move-session — actually PRESENT via httpapi control-plane group (false positive)

## FALSE positives (verified)
- agent.ts:524 safety-denial re-append — intended fail-safe (marker documents it)

## Verdict
Comprehensive review of the ENTIRE merge surface found NO ship-blocker (no crash, data-loss, or
security regression). ~6 medium + a few low fork-wanted refinements to restore. The merge correctly
adopted upstream v1.17.9 (fixes present verbatim, schema parity, upgrade path clean) and preserved
the fork (registries, agents, tools, DE features intact).
45 changes: 45 additions & 0 deletions .github/meta/night-run/RELEASE-EVALUATION-BOARD.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
# Release-Evaluation Board — final pre-release analysis (PR #964, v1.17.9 bridge)
7 independent perspectives (3 codex / 3 sonnet / 1 haiku) + Fable runtime probe + synthesis.
GOAL: dual preservation — don't lose FORK work, don't lose UPSTREAM work.

## Scorecard

| Perspective | Verdict | Findings |
|---|---|---|
| D Fork-feature preservation | **PASS** | All tools (101→102 superset), 9 agents, 13 warehouse drivers, 7 builtin skills, 8 commands, memory/tracing/telemetry/PII — present + WIRED. 0 new fork drops. |
| F Safety/security regression | **PASS** | All 5 shipped safety properties INTACT: DDL non-overridable, subagent deny-inheritance (#26597), sensitive-write #209 guard (edit.ts+write.ts), secret redaction, basic-auth username. No regression. |
| A Upstream-fix adoption (73 sampled) | 5 dropped | 1 HIGH-ish (processor providerExecuted), 4 MED/LOW upstream fixes reverted. |
| B Upgrade/format compat | 2 real | managed-TUI-config load dropped (MED), .json/.jsonc precedence inverted (LOW). Auth-username & thinking-default changes INTENTIONAL. DB/auth/session/cache formats back-compatible. |
| C Build/packaging/distribution | **1 HIGH ship-blocker** | release.yml pinned Bun 1.3.10 but build scripts require ^1.3.14 → tag releases fail. FIXED. |
| E Integration seams | 1 real | Azure/DigitalOcean/xAI upstream auth plugins in-tree but unwired in INTERNAL_PLUGINS (MED). Codex plugin = intentional fork keep. |
| G Branding | LOW polish | `.opencode/` paths in warehouse-list/skill-ops messages + `opencode.json` in provider dialogs should say altimate-code. Provider labels & auth-username default = intentional. |
| Fable runtime probe | **PASS** | Compiled binary: palette, agent-switch, shell-mode EXECUTE, /skills list, prompt round-trip all work — empirically confirms the resolved V2-premise review comments don't affect the shipped product. |

## Actions taken (all upstream-fix restorations, marked + tested)
- FIXED (HIGH ship-blocker): release.yml Bun 1.3.10 → 1.3.14 (all 4 pins).
- FIXED (Fable): run.ts in-process auth header (local run 401'd when OPENCODE_SERVER_PASSWORD set).
- FIXED (delegated): provider.ts Cloudflare unified apiKey; transform.ts Devstral toLowerCase; project.ts session-migration time_updated preservation (3 sites); config/tui.ts managed-config load + paths.ts json/jsonc precedence; plugin/index.ts wire Azure/DigitalOcean/xAI auth plugins.

## Flagged follow-up (NOT fixed — deliberate)
- processor.ts `providerExecuted` handling: shipped session doesn't use the provider-executed-tool flag (adapters capture it). MED — server-side provider tools (e.g. web search) not handled optimally. NOT fixed pre-release: the upstream change is entangled with GitLab-Duo approval code the fork doesn't ship; porting it blind risks core session processing. Needs a scoped follow-up.
- Branding LOW polish: optional, non-blocking.

## Dual-preservation verdict
- FORK preservation: CLEAN (D + F pass; nothing we built is lost or weakened).
- UPSTREAM preservation: the gaps were HERE — 5 dropped fixes + 3 unwired auth plugins + managed-config, now restored. This is the class my earlier fork-focused passes missed; the board's upstream-adoption + seam lenses caught them.

## Addendum — E (integration seams) full report
Enumerated the seam surface: 587 `@opencode-ai/*` import sites across 216 files in packages/opencode/src + 37 in packages/tui/src; 6 subsystem scopes audited.
- **Azure/DigitalOcean/xAI auth plugins unwired** (MED-HIGH) — FIXED (board commit b0ade919c7).
- **`openai/codex.ts` orphaned** (MED) — DOCUMENTED, not fixed. 0 consumers; fork deliberately uses its own `./codex` (BUILTIN). Harmless dead code; deleting an upstream file risks future-merge friction. Adopting its WebSocket/allowlist/dispose capabilities is a product decision, not a merge fix.
- **Dual-`Session`-module `getUsage` divergence** (MED-latent / LOW-active) — DOCUMENTED, not fixed. Live path is `processor.ts:326 → session/index.ts:830` (carries the OpenRouter cost fix); `session.ts:387` is the caller-less V2-migration copy. Not a live bug; session.ts is the not-shipped V2 surface.
- **OVERTURNED false-positive HIGH**: an earlier subagent claimed `fromPlugin` permission-gate bypass (ctx.ask became Effect → `await` no-ops). E traced the `legacyToInit`→bridged-`legacyCtx` layer (tool-zod-compat.ts:221) that makes ask Promise-based before the plugin runs — the gate runs correctly. Safety surface confirmed clean.
- Server / cli / effect / config / storage seam scopes: clean. Signature-skew class (`Adaptor.target()`) already fixed; 192 tracked `upstream_fix` markers + green typecheck catch compile-level skew.

## Final board disposition
- Ship-blocker: 1 (release.yml) — FIXED.
- Real dropped-upstream fixes/features: 6 + 3 auth plugins + run-auth — FIXED.
- Security (pre-existing): sensitive-write guard neutralization — FIXED.
- provider-executed metadata — FIXED (execution was already correct); settlement-telemetry field = scoped follow-up.
- Latent/dead-code in the not-shipped V2 surface (codex orphan, getUsage copy) — DOCUMENTED, deliberately not chased.
- Fork preservation + safety surface: PASS (nothing lost or weakened).
34 changes: 34 additions & 0 deletions .github/meta/night-run/UPGRADE-PATH-TEST.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
# Upgrade-path test: v0.8.10 → upstream/merge-v1.17.9 (PR #964)

Method: built BOTH binaries from source (v0.8.10 tag + branch). Isolated via XDG_*
temp dirs (v0.8.10 reads data dir from xdg-basedir, NOT OPENCODE_TEST_HOME — that
only overrides `home`). Booted v0.8.10 to create an authentic old-schema DB
(10 drizzle migrations; `session` but no `session_message`/`project_directory`;
session lacks metadata/cost/tokens_*/agent/model). Injected sentinel project +
session rows + a v0.8.10 config.json + auth.json. Booted the NEW binary against
the SAME isolated dir = the upgrade moment.

## Result: 16/16 assertions PASS + idempotent across 3 boots
Schema migrated forward: session.{metadata,cost,tokens_input,tokens_output,agent,
model} added; project_directory + session_message tables created; drizzle journal
advanced 10→11; NO "duplicate column" crash; TUI rendered clean.
Data preserved: sentinel project + session survived; session title byte-identical
(sha1 match); 0 rows lost. Config + auth.json carried over. integrity_check = ok
before and after.

## Minor finding — FIXED (commit 27c490515a) + verified
`__drizzle_migrations` grows by 1 row per launch: the `20260511173437_session-metadata`
entry is re-inserted every boot (markDrizzleEntriesApplied uses INSERT OR IGNORE but
the table has no UNIQUE constraint, so it never dedupes). DDL is guard-checked so it
never re-runs → no crash, no data change, ~50 bytes/launch. FIXED: markDrizzleEntriesApplied now INSERT...WHERE NOT EXISTS(name) + a guarded
dedupeDrizzleJournal self-heal. Re-verified end-to-end: fixed binary boots 3x
against a v0.8.10 DB with journal rows STABLE at 11 (was 11->12->13), no dup
names, integrity ok. Regression test test/storage/db-journal-idempotency.test.ts.

## Safety note
v0.8.10 honors OPENCODE_DISABLE_CHANNEL_DB and reads its data dir from XDG. An early
probe that set that flag without XDG isolation briefly opened the real
~/.local/share/altimate-code/opencode.db (1194 sessions) READ-only-ish — verified
intact (integrity ok, 1194 sessions preserved; v0.8.10 migrations are guarded/idempotent).
Correct isolation for old-binary tests = XDG_{DATA,CONFIG,STATE,CACHE}_HOME, not
OPENCODE_TEST_HOME.
Loading
Loading