chore: rebrand user-facing references to Altimate Code#134
Merged
anandgupta42 merged 11 commits intomainfrom Mar 15, 2026
Merged
chore: rebrand user-facing references to Altimate Code#134anandgupta42 merged 11 commits intomainfrom
anandgupta42 merged 11 commits intomainfrom
Conversation
Comprehensive rebranding of user-facing surfaces while preserving internal code names for upstream compatibility: - URLs: `opencode.ai` → `altimate.ai` - GitHub org: `anomalyco/opencode` → `AltimateAI/altimate-code` - Product name: "OpenCode" → "Altimate Code" in UI, prompts, docs - CLI binary: `opencode` → `altimate-code` in install scripts, nix - npm package: `opencode-ai` → `@altimateai/altimate-code` - Extensions: VSCode rebranded - Social: X handle → `@Altimateinc` - Brew tap: `AltimateAI/tap/altimate-code` - Container registry: `ghcr.io/AltimateAI` - All 20 localized READMEs Preserved internal names: `@opencode-ai/` scope, `packages/opencode/` dir, `OPENCODE_*` env vars, `.opencode/` config paths Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
Thanks for your contribution! This PR doesn't have a linked issue. All PRs must reference an existing issue. Please:
See CONTRIBUTING.md for details. |
|
This PR doesn't fully meet our contributing guidelines and PR template. What needs to be fixed:
Please edit this PR description to address the above within 2 hours, or it will be automatically closed. If you believe this was flagged incorrectly, please let a maintainer know. |
![sentry[bot]](https://avatars.githubusercontent.com/in/12637?s=60&v=4){kind=small}
infra/stage.ts
Outdated
Comment on lines
1
to
7
| export const domain = (() => { | ||
| if ($app.stage === "production") return "opencode.ai" | ||
| if ($app.stage === "dev") return "dev.opencode.ai" | ||
| return `${$app.stage}.dev.opencode.ai` | ||
| if ($app.stage === "production") return "altimate.ai" | ||
| if ($app.stage === "dev") return "dev.altimate.ai" | ||
| return `${$app.stage}.dev.altimate.ai` | ||
| })() | ||
|
|
||
| export const zoneID = "430ba34c138cfb5360826c4909f99be8" |
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
- `.github/workflows/beta.yml`: "Install OpenCode" → "Install Altimate Code",
`bun i -g opencode-ai` → `bun i -g @altimateai/altimate-code`
- `.github/actions/setup-git-committer/action.yml`: descriptions updated
from "OpenCode GitHub App" → "Altimate Code GitHub App"
- `github/index.ts`: `spawn('opencode')` → `spawn('altimate-code')`
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
| } else { | ||
| const oidcToken = await core.getIDToken("opencode-github-action") | ||
| response = await fetch("https://api.opencode.ai/exchange_github_app_token", { | ||
| const oidcToken = await core.getIDToken("altimate-code-github-action") |
There was a problem hiding this comment.
Bug: The OIDC token audience was updated to "altimate-code-github-action" on the client, but the server-side validation still expects the old "opencode-github-action" audience, causing authentication failures.
Severity: CRITICAL
Suggested Fix
Update the EXPECTED_AUDIENCE constant in the server-side code (e.g., in packages/function/src/api.ts) to match the new audience string used by the client: "altimate-code-github-action".
Prompt for AI Agent
Review the code at the location below. A potential bug has been identified by an AI
agent.
Verify if this is a real issue. If it is, propose a fix; if not, explain why it's not
valid.
Location: github/index.ts#L385
Potential issue: The GitHub Action client code was updated to request an OIDC token with
the audience `"altimate-code-github-action"`. However, the server-side validation logic
was not updated as part of this rebranding PR and still expects the old audience,
`"opencode-github-action"`. The `jwtVerify` function performs strict audience matching,
so this mismatch will cause token validation to fail. As a result, all GitHub Action
runs using OIDC authentication will fail with a 403 Forbidden error, rendering the
integration non-functional.
nix/desktop.nix
Outdated
| postFixup = lib.optionalString stdenv.hostPlatform.isLinux '' | ||
| mv $out/bin/OpenCode $out/bin/opencode-desktop | ||
| sed -i 's|^Exec=OpenCode$|Exec=opencode-desktop|' $out/share/applications/OpenCode.desktop | ||
| mv "$out/bin/Altimate Code" $out/bin/altimate-code-desktop |
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
Comprehensive automation for merging upstream OpenCode releases into the Altimate Code fork, inspired by Kilo-Org/kilocode's approach. Key scripts: - `merge.ts` — 11-step merge orchestration with auto-conflict resolution, branding transforms, version preservation, and `--continue` support - `analyze.ts` — `altimate_change` marker integrity audit + branding leak detection (CI-friendly exit codes) - `list-versions.ts` — upstream tag listing with merge status indicators - `verify-restructure.ts` — branch comparison verification Transforms (10 files): - Core branding engine with preservation-aware product name handling - `keepOurs` / `skipFiles` / lock file conflict auto-resolution - Specialized transforms for `package.json`, Nix, Tauri, i18n, extensions, web docs, workflows, and build scripts Configuration: - All branding rules in TypeScript (`utils/config.ts`) for type safety - URL, GitHub, registry, email, app ID, social, npm, brew mappings - Preserve patterns protect internal refs (`@opencode-ai/`, `OPENCODE_`) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
script/upstream/merge.ts
Outdated
Comment on lines
+754
to
+756
| const versionSnapshot = snapshotVersions() | ||
|
|
||
| await postMergeTransforms(config, state.version, versionSnapshot) |
There was a problem hiding this comment.
Bug: In the merge script's --continue flow, package versions are snapshotted after the merge commit, causing the version restoration logic to silently fail and not revert upstream version bumps.
Severity: MEDIUM
Suggested Fix
Persist the versionSnapshot in the MergeState file when the merge process is paused due to conflicts. When resuming with --continue, load this pre-merge snapshot from the state file instead of creating a new one. This will provide the postMergeTransforms function with the correct pre-merge versions to restore.
Prompt for AI Agent
Review the code at the location below. A potential bug has been identified by an AI
agent.
Verify if this is a real issue. If it is, propose a fix; if not, explain why it's not
valid.
Location: script/upstream/merge.ts#L754-L756
Potential issue: When resuming a merge with the `--continue` flag after resolving
conflicts, the script takes a snapshot of package versions *after* the merge is
committed. The original pre-merge versions are not persisted in the state file. As a
result, when the `restoreVersions` logic runs, it compares the post-merge versions on
disk with a post-merge snapshot, finds no differences, and silently fails to restore the
original package versions. This leads to unintended upstream version bumps being kept,
contrary to the script's documented purpose.
…style cleanup) Remove upstream platform packages (app, console, containers, desktop, desktop-electron, docs, enterprise, extensions, function, identity, slack, storybook, ui, web), translated READMEs, upstream-only workflows, nix packaging (nix/, flake.nix, flake.lock), SST infra (sst.config.ts, sst-env.d.ts), specs/, and .signpath/ config. - Update workspaces from `packages/*` glob to explicit package list - Remove unused catalog entries and devDependencies (sst, @aws-sdk/client-s3) - Remove unused scripts (dev:desktop, dev:web, dev:storybook) - Remove `electron` from trustedDependencies - Remove `@opencode-ai/app#test` task from turbo.json - Update merge-config.json and config.ts skipFiles with new patterns Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Reorganized around the step-by-step workflow someone would follow when doing an upstream merge. Covers fork strategy, prerequisites, the full merge process, configuration reference, and troubleshooting. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
… guard tests Add 141 tests across 3 test files to prevent regressions: - `branding.test.ts` (33 tests): Verify all user-facing surfaces show Altimate branding — package metadata, CLI entry points, logo, welcome banner, install script, GitHub Action, VSCode extension, postinstall, and a full codebase leak scanner for `opencode.ai`/`anomalyco`/`opncd.ai` - `build-integrity.test.ts` (19 tests): Verify workspace config, turbo.json validity, package dependencies, binary entry points, skip/keepOurs consistency, and no orphaned package references - `upstream-guard.test.ts` (89 tests): Verify skipFiles/keepOurs config completeness, deleted upstream packages stay deleted, branding rules coverage, preserve patterns, and no upstream artifacts reappear Fix 14 upstream branding leaks found by the tests: - Replace `opencode.ai` URLs with `altimate.ai` in config.ts, retry.ts, dialog-provider.tsx, oauth-provider.ts, migrate-tui-config.ts - Replace `opncd.ai` with `altimate.ai` in share-next.ts and import.ts - Replace "OpenCode Go" with "Altimate Code Go" in dialog-provider.tsx Add CI enforcement: - New `branding-check.yml` workflow with branding audit + test jobs - Add `branding` job to existing `ci.yml` for PR checks Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
This pull request has been automatically closed because it was not updated to meet our contributing guidelines within the 2-hour window. Feel free to open a new pull request that follows our guidelines. |
The branding unit tests already run as part of the existing `typescript` CI job via `bun test`. A separate workflow and branding audit on every commit is overkill — the `analyze.ts --branding` audit is a merge-time tool, not a per-commit check. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
This pull request has been automatically closed because it was not updated to meet our contributing guidelines within the 2-hour window. Feel free to open a new pull request that follows our guidelines. |
Contributor
Author
|
Addressing Sentry bot review comments:
|
The `--continue` handler was re-snapshotting versions after the merge commit, capturing upstream versions instead of our pre-merge versions. Now the snapshot is saved in `.upstream-merge-state.json` and restored when resuming. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
This pull request has been automatically closed because it was not updated to meet our contributing guidelines within the 2-hour window. Feel free to open a new pull request that follows our guidelines. |
Collaborator
Multi-Model Code Review:
|
| # | Issue | Location |
|---|---|---|
| 4 | isUpgrade variable name misleading (logic is correct — fires on fresh install too) |
welcome.ts:38 |
| 5 | User-agent hardcoded to "claude-cli/2.1.2" instead of Installation.VERSION |
anthropic.ts:155 |
| 6 | Token refresh error detected via brittle string matching | message-v2.ts:888 |
NITs
| # | Issue | Location |
|---|---|---|
| 7 | Hardcoded repo "AltimateAI/altimate-code" — could be a constant |
feedback-submit.ts:111 |
| 8 | Error swallowed without logging in gh --version catch |
feedback-submit.ts:52 |
| 9 | extractChangelog("0.0.0") parses full changelog when only latest section is used |
welcome.ts:55 |
Positive Observations
- Branding tests (842 lines) — CI guardrails against upstream branding leaks. Universally praised.
- Upstream merge tooling — production-grade with dry-run,
--continue, auto-conflict resolution. - Feedback tool tests (747 lines) — comprehensive coverage.
- OAuth retry — proper 4xx/5xx distinction with backoff.
- Welcome banner — fully wrapped in try/catch, can never break the CLI.
Missing Tests
- Anthropic system prompt rewriting regex
- OAuth callback server edge cases (timeout, CSRF, port-in-use)
- Upstream merge transform unit tests
Convergence Summary
| Issue | Gemini | Kimi | Grok | MiniMax | GLM-5 | Qwen | Claude |
|---|---|---|---|---|---|---|---|
| #1 XSS | MAJOR | MAJOR | MAJOR | MAJOR | MAJOR | MAJOR | MAJOR |
| #2 Branding | MAJOR | MAJOR | MAJOR | MAJOR | MAJOR | MAJOR | MAJOR |
| #3 Regex | MAJOR | MAJOR | MAJOR | MAJOR | MAJOR | — | MAJOR |
| #4 isUpgrade | NIT | MINOR | NIT | MINOR | MINOR | ||
| Verdict | APPROVE | APPROVE | APPROVE | APPROVE* | CHANGES* | CHANGES* | APPROVE |
*MiniMax/GLM-5/Qwen corrections incorporated.
Finding Attribution
| Issue | Origin | Type |
|---|---|---|
| XSS in OAuth error pages | Claude | Unique |
| Branding leaks in OAuth | Kimi, MiniMax, GLM-5, Qwen | Consensus |
| Anthropic regex without word boundaries | Claude | Unique |
| Welcome banner naming | Claude, Gemini | Consensus |
| User-agent hardcoded | Claude | Unique |
| Token refresh string matching | Gemini | Unique |
- Fix XSS in OAuth error page: escape HTML in error parameter - Fix branding: `client_name` and HTML titles/text in OAuth pages now show "Altimate Code" instead of "OpenCode" - Fix Anthropic plugin regex: add word boundaries (`\b`) to prevent replacing "opencode" inside URLs, paths, and identifiers Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
anandgupta42
added a commit
that referenced
this pull request
Mar 17, 2026
* chore: rebrand all user-facing references from OpenCode to Altimate Code
Comprehensive rebranding of user-facing surfaces while preserving
internal code names for upstream compatibility:
- URLs: `opencode.ai` → `altimate.ai`
- GitHub org: `anomalyco/opencode` → `AltimateAI/altimate-code`
- Product name: "OpenCode" → "Altimate Code" in UI, prompts, docs
- CLI binary: `opencode` → `altimate-code` in install scripts, nix
- npm package: `opencode-ai` → `@altimateai/altimate-code`
- Extensions: VSCode rebranded
- Social: X handle → `@Altimateinc`
- Brew tap: `AltimateAI/tap/altimate-code`
- Container registry: `ghcr.io/AltimateAI`
- All 20 localized READMEs
Preserved internal names: `@opencode-ai/` scope, `packages/opencode/`
dir, `OPENCODE_*` env vars, `.opencode/` config paths
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: additional user-facing branding fixes missed from upstream rebase
- `.github/workflows/beta.yml`: "Install OpenCode" → "Install Altimate Code",
`bun i -g opencode-ai` → `bun i -g @altimateai/altimate-code`
- `.github/actions/setup-git-committer/action.yml`: descriptions updated
from "OpenCode GitHub App" → "Altimate Code GitHub App"
- `github/index.ts`: `spawn('opencode')` → `spawn('altimate-code')`
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat: add upstream merge automation tooling
Comprehensive automation for merging upstream OpenCode releases into
the Altimate Code fork, inspired by Kilo-Org/kilocode's approach.
Key scripts:
- `merge.ts` — 11-step merge orchestration with auto-conflict resolution,
branding transforms, version preservation, and `--continue` support
- `analyze.ts` — `altimate_change` marker integrity audit + branding
leak detection (CI-friendly exit codes)
- `list-versions.ts` — upstream tag listing with merge status indicators
- `verify-restructure.ts` — branch comparison verification
Transforms (10 files):
- Core branding engine with preservation-aware product name handling
- `keepOurs` / `skipFiles` / lock file conflict auto-resolution
- Specialized transforms for `package.json`, Nix, Tauri, i18n,
extensions, web docs, workflows, and build scripts
Configuration:
- All branding rules in TypeScript (`utils/config.ts`) for type safety
- URL, GitHub, registry, email, app ID, social, npm, brew mappings
- Preserve patterns protect internal refs (`@opencode-ai/`, `OPENCODE_`)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* chore: remove upstream-only packages, workflows, and artifacts (Kilo-style cleanup)
Remove upstream platform packages (app, console, containers, desktop,
desktop-electron, docs, enterprise, extensions, function, identity,
slack, storybook, ui, web), translated READMEs, upstream-only workflows,
nix packaging (nix/, flake.nix, flake.lock), SST infra (sst.config.ts,
sst-env.d.ts), specs/, and .signpath/ config.
- Update workspaces from `packages/*` glob to explicit package list
- Remove unused catalog entries and devDependencies (sst, @aws-sdk/client-s3)
- Remove unused scripts (dev:desktop, dev:web, dev:storybook)
- Remove `electron` from trustedDependencies
- Remove `@opencode-ai/app#test` task from turbo.json
- Update merge-config.json and config.ts skipFiles with new patterns
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* chore: remove upstream SST `infra/` directory and add to skipFiles
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* docs: rewrite upstream merge README as a practical runbook
Reorganized around the step-by-step workflow someone would follow
when doing an upstream merge. Covers fork strategy, prerequisites,
the full merge process, configuration reference, and troubleshooting.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* test: add comprehensive branding, build integrity, and upstream merge guard tests
Add 141 tests across 3 test files to prevent regressions:
- `branding.test.ts` (33 tests): Verify all user-facing surfaces show
Altimate branding — package metadata, CLI entry points, logo, welcome
banner, install script, GitHub Action, VSCode extension, postinstall,
and a full codebase leak scanner for `opencode.ai`/`anomalyco`/`opncd.ai`
- `build-integrity.test.ts` (19 tests): Verify workspace config, turbo.json
validity, package dependencies, binary entry points, skip/keepOurs
consistency, and no orphaned package references
- `upstream-guard.test.ts` (89 tests): Verify skipFiles/keepOurs config
completeness, deleted upstream packages stay deleted, branding rules
coverage, preserve patterns, and no upstream artifacts reappear
Fix 14 upstream branding leaks found by the tests:
- Replace `opencode.ai` URLs with `altimate.ai` in config.ts, retry.ts,
dialog-provider.tsx, oauth-provider.ts, migrate-tui-config.ts
- Replace `opncd.ai` with `altimate.ai` in share-next.ts and import.ts
- Replace "OpenCode Go" with "Altimate Code Go" in dialog-provider.tsx
Add CI enforcement:
- New `branding-check.yml` workflow with branding audit + test jobs
- Add `branding` job to existing `ci.yml` for PR checks
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* chore: remove separate branding CI workflow — tests run with `bun test`
The branding unit tests already run as part of the existing `typescript`
CI job via `bun test`. A separate workflow and branding audit on every
commit is overkill — the `analyze.ts --branding` audit is a merge-time
tool, not a per-commit check.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: persist version snapshot in merge state for `--continue` flow
The `--continue` handler was re-snapshotting versions after the merge
commit, capturing upstream versions instead of our pre-merge versions.
Now the snapshot is saved in `.upstream-merge-state.json` and restored
when resuming.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: address code review — XSS, branding leaks, regex safety
- Fix XSS in OAuth error page: escape HTML in error parameter
- Fix branding: `client_name` and HTML titles/text in OAuth pages
now show "Altimate Code" instead of "OpenCode"
- Fix Anthropic plugin regex: add word boundaries (`\b`) to prevent
replacing "opencode" inside URLs, paths, and identifiers
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* ci: retry CI run
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What does this PR do?
Rebrands all user-facing references from OpenCode/anomalyco to Altimate Code/AltimateAI across the non-packages codebase while preserving internal code names for upstream compatibility.
Type of change
Issue for this PR
N/A — maintenance/branding task
How did you verify your code works?
rgthat noopencode.ai,anomalyco, oraltimate-code.shreferences remain in non-packages filesChecklist
Scope: 49 files changed (non-packages only —
.opencode/andpackages/excluded)Changes include:
opencode.ai→altimate.aianomalyco/opencode→AltimateAI/altimate-codeopencode→altimate-codein install script, nix configsopencode-ai→@altimateai/altimate-code@AltimateincAltimateAI/tap/altimate-codeghcr.io/AltimateAIPreserved (internal):
@opencode-ai/npm scope,packages/opencode/directory,OPENCODE_*env vars,.opencode/config paths🤖 Generated with Claude Code