feat: UX parity with Claude Code (5 improvements)

.github/workflows/cd.yml

@@ -0,0 +1,243 @@
+name: CD
+
+on:
+  push:
+    branches: [main]
+    paths-ignore:
+      - "**.md"
+      - "**.txt"
+      - "assets/**"
+      - "docs/**"
+      - ".github/*.md"
+
+permissions:
+  contents: write
+
+jobs:
+  release:
+    name: Release
+    runs-on: ubuntu-latest
+    outputs:
+      tag: ${{ steps.next_version.outputs.tag }}
+      semver: ${{ steps.next_version.outputs.semver }}
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - uses: oven-sh/setup-bun@v2
+        with:
+          bun-version: "1.3.11"
+
+      - name: Install dependencies
+        run: bun install --frozen-lockfile
+
+      - name: Get latest CoBuilder tag
+        id: latest_tag
+        run: |
+          TAG=$(git tag --sort=-v:refname | grep -E '^cb-v[0-9]+\.[0-9]+\.[0-9]+$' | head -n1)
+          echo "tag=${TAG:-cb-v0.0.0}" >> "$GITHUB_OUTPUT"
+
+      - name: Determine next version and generate release notes
+        id: next_version
+        run: |
+          TAG="${{ steps.latest_tag.outputs.tag }}"
+          VERSION="${TAG#cb-v}"
+          MAJOR=$(echo "$VERSION" | cut -d. -f1)
+          MINOR=$(echo "$VERSION" | cut -d. -f2)
+          PATCH=$(echo "$VERSION" | cut -d. -f3)
+
+          if git rev-parse "$TAG" >/dev/null 2>&1; then
+            COMMITS=$(git log "${TAG}..HEAD" --pretty=format:"%s|||%H")
+          else
+            COMMITS=$(git log --pretty=format:"%s|||%H")
+          fi
+
+          SUBJECTS=$(echo "$COMMITS" | cut -d'|' -f1)
+
+          # Determine version bump
+          if echo "$SUBJECTS" | grep -qE '^.+(\(.+\))?!:|^BREAKING CHANGE'; then
+            MAJOR=$((MAJOR + 1)); MINOR=0; PATCH=0
+          elif echo "$SUBJECTS" | grep -qE '^feat(\(.+\))?:'; then
+            MINOR=$((MINOR + 1)); PATCH=0
+          else
+            PATCH=$((PATCH + 1))
+          fi
+
+          NEXT_TAG="cb-v${MAJOR}.${MINOR}.${PATCH}"
+          NEXT_DISPLAY="v${MAJOR}.${MINOR}.${PATCH}"
+          RELEASE_DATE=$(date -u +"%Y-%m-%d")
+
+          echo "tag=${NEXT_TAG}" >> "$GITHUB_OUTPUT"
+          echo "display=${NEXT_DISPLAY}" >> "$GITHUB_OUTPUT"
+          echo "semver=${MAJOR}.${MINOR}.${PATCH}" >> "$GITHUB_OUTPUT"
+          echo "prev_tag=${TAG}" >> "$GITHUB_OUTPUT"
+
+          # Strip conventional commit prefix and capitalize first letter
+          strip_prefix() {
+            echo "$1" | sed -E 's/^(feat|fix|chore|ci|docs|refactor|perf|test|style|build|revert)(\([^)]+\))?!?:[[:space:]]*//' | sed 's/\(.\)/\u\1/'
+          }
+
+          BREAKING=""
+          ADDED=""
+          FIXED=""
+          CHANGED=""
+          SECURITY=""
+
+          while IFS='|||' read -r subject hash; do
+            [[ -z "$subject" ]] && continue
+            CLEAN=$(strip_prefix "$subject")
+            if echo "$subject" | grep -qE '^.+(\(.+\))?!:|^BREAKING CHANGE'; then
+              BREAKING="${BREAKING}"$'\n'"- ${CLEAN}"
+            elif echo "$subject" | grep -qE '^feat(\(.+\))?:'; then
+              ADDED="${ADDED}"$'\n'"- ${CLEAN}"
+            elif echo "$subject" | grep -qE '^fix(\(.+\))?:'; then
+              FIXED="${FIXED}"$'\n'"- ${CLEAN}"
+            elif echo "$subject" | grep -qE '^(perf|refactor)(\(.+\))?:'; then
+              CHANGED="${CHANGED}"$'\n'"- ${CLEAN}"
+            elif echo "$subject" | grep -qE '^(security|sec)(\(.+\))?:'; then
+              SECURITY="${SECURITY}"$'\n'"- ${CLEAN}"
+            else
+              CHANGED="${CHANGED}"$'\n'"- ${CLEAN}"
+            fi
+          done <<< "$COMMITS"
+
+          NOTES="## CoBuilder ${NEXT_DISPLAY} — ${RELEASE_DATE}"$'\n'
+          [[ -n "$BREAKING" ]] && NOTES+=$'\n'"### ⚠️ Breaking Changes"$'\n'"${BREAKING}"$'\n'
+          [[ -n "$SECURITY" ]] && NOTES+=$'\n'"### 🔒 Security"$'\n'"${SECURITY}"$'\n'
+          [[ -n "$ADDED" ]]    && NOTES+=$'\n'"### Added"$'\n'"${ADDED}"$'\n'
+          [[ -n "$FIXED" ]]    && NOTES+=$'\n'"### Fixed"$'\n'"${FIXED}"$'\n'
+          [[ -n "$CHANGED" ]]  && NOTES+=$'\n'"### Changed"$'\n'"${CHANGED}"$'\n'
+          NOTES+=$'\n'"**Full Changelog**: https://github.com/CobuilderLabs/opencode/compare/${TAG}...${NEXT_TAG}"
+
+          echo "$NOTES" > /tmp/release-notes.md
+          cat /tmp/release-notes.md
+          echo "Next release: ${NEXT_TAG}"
+
+      - name: Update package version
+        run: |
+          cd packages/opencode
+          node -e "
+            const fs = require('fs');
+            const pkg = JSON.parse(fs.readFileSync('package.json', 'utf8'));
+            pkg.version = '${{ steps.next_version.outputs.semver }}';
+            fs.writeFileSync('package.json', JSON.stringify(pkg, null, 2) + '\n');
+          "
+
+      # Create release BEFORE build so build.ts can upload assets to it via gh release upload
+      - name: Create GitHub release (draft)
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          gh release create "${{ steps.next_version.outputs.tag }}" \
+            --title "CoBuilder ${{ steps.next_version.outputs.display }}" \
+            --notes-file /tmp/release-notes.md \
+            --draft
+
+      - name: Build and upload binaries
+        env:
+          OPENCODE_RELEASE: "1"
+          OPENCODE_VERSION: ${{ steps.next_version.outputs.semver }}
+          OPENCODE_CHANNEL: latest
+          COBUILDER_RELEASE_TAG: ${{ steps.next_version.outputs.tag }}
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GH_REPO: CobuilderLabs/opencode
+        run: |
+          cd packages/opencode
+          bun run build
+
+      - name: Publish release
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          gh release edit "${{ steps.next_version.outputs.tag }}" \
+            --draft=false \
+            --latest \
+            --repo CobuilderLabs/opencode
+
+  desktop-linux:
+    name: Desktop (Linux)
+    needs: release
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: oven-sh/setup-bun@v2
+        with:
+          bun-version: "1.3.11"
+
+      - name: Install dependencies
+        run: bun install --frozen-lockfile
+
+      - name: Set desktop version
+        run: |
+          cd packages/desktop-electron
+          node -e "
+            const fs = require('fs');
+            const pkg = JSON.parse(fs.readFileSync('package.json', 'utf8'));
+            pkg.version = '${{ needs.release.outputs.semver }}';
+            fs.writeFileSync('package.json', JSON.stringify(pkg, null, 2) + '\n');
+          "
+
+      - name: Build
+        run: cd packages/desktop-electron && bun run build
+        env:
+          OPENCODE_CHANNEL: prod
+
+      - name: Package
+        run: cd packages/desktop-electron && bun run package:linux -- --publish never
+        env:
+          OPENCODE_CHANNEL: prod
+
+      - name: Upload to release
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          gh release upload "${{ needs.release.outputs.tag }}" \
+            packages/desktop-electron/dist/*.AppImage \
+            packages/desktop-electron/dist/*.deb \
+            packages/desktop-electron/dist/*.rpm \
+            --repo CobuilderLabs/opencode --clobber
+
+  desktop-windows:
+    name: Desktop (Windows)
+    needs: release
+    runs-on: windows-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: oven-sh/setup-bun@v2
+        with:
+          bun-version: "1.3.11"
+
+      - name: Install dependencies
+        run: bun install --frozen-lockfile
+
+      - name: Set desktop version
+        run: |
+          cd packages/desktop-electron
+          node -e "
+            const fs = require('fs');
+            const pkg = JSON.parse(fs.readFileSync('package.json', 'utf8'));
+            pkg.version = '${{ needs.release.outputs.semver }}';
+            fs.writeFileSync('package.json', JSON.stringify(pkg, null, 2) + '\n');
+          "
+
+      - name: Build
+        run: cd packages/desktop-electron && bun run build
+        env:
+          OPENCODE_CHANNEL: prod
+
+      - name: Package
+        run: cd packages/desktop-electron && bun run package:win -- --publish never
+        env:
+          OPENCODE_CHANNEL: prod
+
+      - name: Upload to release
+        shell: bash
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          gh release upload "${{ needs.release.outputs.tag }}" \
+            packages/desktop-electron/dist/*.exe \
+            --repo CobuilderLabs/opencode --clobber

.github/workflows/ci.yml

@@ -0,0 +1,93 @@
+name: CI
+
+on:
+  pull_request:
+    branches: [main]
+    paths-ignore:
+      - "**.md"
+      - "**.txt"
+      - "assets/**"
+      - "docs/**"
+      - ".github/*.md"
+
+concurrency:
+  group: ci-${{ github.head_ref }}
+  cancel-in-progress: true
+
+jobs:
+  typecheck:
+    name: Typecheck
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: oven-sh/setup-bun@v2
+        with:
+          bun-version: "1.3.11"
+      - run: bun install --frozen-lockfile
+      - run: bun run typecheck
+
+  lint:
+    name: Lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: oven-sh/setup-bun@v2
+        with:
+          bun-version: "1.3.11"
+      - run: bun install --frozen-lockfile
+      - run: bun run --if-present lint
+
+  audit:
+    name: Dependency Audit
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: oven-sh/setup-bun@v2
+        with:
+          bun-version: "1.3.11"
+      - run: bun install --frozen-lockfile
+      - name: Audit dependencies
+        run: bun audit --audit-level moderate 2>/dev/null || npm audit --audit-level moderate
+        continue-on-error: true  # informational until baseline established
+
+  secret-scan:
+    name: Secret Scanning
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - name: TruffleHog scan
+        uses: trufflesecurity/trufflehog@main
+        with:
+          path: ./
+          base: ${{ github.event.pull_request.base.sha }}
+          head: ${{ github.event.pull_request.head.sha }}
+          extra_args: --only-verified
+
+  sast:
+    name: SAST (CodeQL)
+    runs-on: ubuntu-latest
+    permissions:
+      security-events: write
+    steps:
+      - uses: actions/checkout@v4
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v3
+        with:
+          languages: javascript-typescript
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v3
+
+  unit-test:
+    name: Unit Tests
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: oven-sh/setup-bun@v2
+        with:
+          bun-version: "1.3.11"
+      - run: bun install --frozen-lockfile
+      - name: Run tests
+        run: bun test --timeout 30000
+        continue-on-error: true  # informational until test suite is built out

.github/workflows/e2e.yml

@@ -0,0 +1,26 @@
+name: E2E
+
+on:
+  # Run automatically after a successful CD release
+  workflow_run:
+    workflows: [CD]
+    types: [completed]
+    branches: [main]
+  # Also allow manual runs
+  workflow_dispatch:
+
+jobs:
+  e2e:
+    name: End-to-end tests
+    # Only run if CD succeeded (or on manual trigger)
+    if: ${{ github.event_name == 'workflow_dispatch' || github.event.workflow_run.conclusion == 'success' }}
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install test dependencies
+        run: sudo apt-get update -qq && sudo apt-get install -y -qq expect git curl
+
+      - name: Run E2E test suite
+        run: bash test-e2e.sh
+        timeout-minutes: 10