chore: re-apply altimate_change blocks after upstream merge

Re-applied 155 altimate_change marker blocks across 40 files that were
overwritten during the v1.2.27 upstream merge with unrelated histories.

https://claude.ai/code/session_01FVE7bSfST5rpzbEmUhNiBU

Author: claude

.upstream-merge-state.json

@@ -0,0 +1,39 @@
+{
+  "version": "v1.2.27",
+  "mergeBranch": "upstream/merge-v1.2.27",
+  "backupBranch": "backup/claude/merge-upstream-opencode-k1IdW-2026-03-21T20-42-04",
+  "baseBranch": "main",
+  "step": 7,
+  "versionSnapshot": {
+    "package.json": {
+      "type": "package.json",
+      "name": "opencode",
+      "version": ""
+    },
+    "packages/opencode/package.json": {
+      "type": "package.json",
+      "name": "@altimateai/altimate-code",
+      "version": "1.2.20"
+    },
+    "packages/plugin/package.json": {
+      "type": "package.json",
+      "name": "@opencode-ai/plugin",
+      "version": "1.2.20"
+    },
+    "packages/sdk/js/package.json": {
+      "type": "package.json",
+      "name": "@opencode-ai/sdk",
+      "version": "1.2.20"
+    },
+    "packages/script/package.json": {
+      "type": "package.json",
+      "name": "@opencode-ai/script",
+      "version": ""
+    },
+    "packages/util/package.json": {
+      "type": "package.json",
+      "name": "@opencode-ai/util",
+      "version": "1.2.20"
+    }
+  }
+}

packages/opencode/parsers-config.ts

@@ -215,6 +215,9 @@ export default {
     {
       filetype: "clojure",
       // temporarily using fork to fix issues
+      // altimate_change start — rebranded tree-sitter fork URL
+      wasm: "https://github.com/AltimateAI/tree-sitter-clojure/releases/download/v0.0.1/tree-sitter-clojure.wasm",
+      // altimate_change end
       wasm: "https://github.com/anomalyco/tree-sitter-clojure/releases/download/v0.0.1/tree-sitter-clojure.wasm",
       queries: {
         highlights: [

packages/opencode/src/acp/agent.ts

@@ -45,6 +45,9 @@ import { z } from "zod"
 import { LoadAPIKeyError } from "ai"
 import type { AssistantMessage, Event, OpencodeClient, SessionMessageResponse, ToolPart } from "@opencode-ai/sdk/v2"
 import { applyPatch } from "diff"
+// altimate_change start - yolo mode
+import { Flag } from "@/flag/flag"
+// altimate_change end
 
 type ModeOption = { id: string; name: string; description?: string }
 type ModelOption = { modelId: string; name: string }
@@ -188,6 +191,16 @@ export namespace ACP {
           const session = this.sessionManager.tryGet(permission.sessionID)
           if (!session) return
 
+          // altimate_change start - yolo mode: auto-approve without asking ACP client
+          if (Flag.ALTIMATE_CLI_YOLO) {
+            await this.sdk.permission.reply({
+              requestID: permission.id,
+              reply: "once",
+              directory: session.cwd,
+            })
+            return
+          }
+          // altimate_change end
           const prev = this.permissionQueues.get(permission.sessionID) ?? Promise.resolve()
           const next = prev
             .then(async () => {
@@ -520,6 +533,24 @@ export namespace ACP {
     async initialize(params: InitializeRequest): Promise<InitializeResponse> {
       log.info("initialize", { protocolVersion: params.protocolVersion })
 
+      // altimate_change start — branding: altimate auth
+      const authMethod: AuthMethod = {
+        description: "Run `altimate auth login` in the terminal",
+        name: "Login with altimate",
+        id: "altimate-login",
+      }
+
+      // If client supports terminal-auth capability, use that instead.
+      if (params.clientCapabilities?._meta?.["terminal-auth"] === true) {
+        authMethod._meta = {
+          "terminal-auth": {
+            command: "altimate",
+            args: ["auth", "login"],
+            label: "Altimate Code Login",
+          },
+        }
+      }
+      // altimate_change end
       const authMethod: AuthMethod = {
         description: "Run `opencode auth login` in the terminal",
         name: "Login with opencode",

packages/opencode/src/agent/agent.ts

@@ -14,6 +14,10 @@ import PROMPT_COMPACTION from "./prompt/compaction.txt"
 import PROMPT_EXPLORE from "./prompt/explore.txt"
 import PROMPT_SUMMARY from "./prompt/summary.txt"
 import PROMPT_TITLE from "./prompt/title.txt"
+// altimate_change start - import custom agent mode prompts
+import PROMPT_BUILDER from "../altimate/prompts/builder.txt"
+import PROMPT_ANALYST from "../altimate/prompts/analyst.txt"
+// altimate_change end
 import { PermissionNext } from "@/permission/next"
 import { mergeDeep, pipe, sortBy, values } from "remeda"
 import { Global } from "@/global"
@@ -61,6 +65,19 @@ export namespace Agent {
         "*": "ask",
         ...Object.fromEntries(whitelistedDirs.map((dir) => [dir, "allow"])),
       },
+      // altimate_change start - SQL write safety denials
+      sql_execute_write: {
+        "DROP DATABASE *": "deny",
+        "DROP SCHEMA *": "deny",
+        "TRUNCATE *": "deny",
+        "drop database *": "deny",
+        "drop schema *": "deny",
+        "truncate *": "deny",
+        "Drop Database *": "deny",
+        "Drop Schema *": "deny",
+        "Truncate *": "deny",
+      },
+      // altimate_change end
       question: "deny",
       plan_enter: "deny",
       plan_exit: "deny",
@@ -75,6 +92,72 @@ export namespace Agent {
     const user = PermissionNext.fromConfig(cfg.permission ?? {})
 
     const result: Record<string, Info> = {
+      // altimate_change start - 3 modes: builder, analyst, plan
+      builder: {
+        name: "builder",
+        description: "Create and modify dbt models, SQL, and data pipelines. Full read/write access.",
+        prompt: PROMPT_BUILDER,
+        options: {},
+        permission: PermissionNext.merge(
+          defaults,
+          PermissionNext.fromConfig({
+            question: "allow",
+            plan_enter: "allow",
+            sql_execute_write: "ask",
+          }),
+          userWithSafety,
+        ),
+        mode: "primary",
+        native: true,
+      },
+      analyst: {
+        name: "analyst",
+        description: "Read-only data exploration and analysis. Cannot modify files or run destructive SQL.",
+        prompt: PROMPT_ANALYST,
+        options: {},
+        permission: PermissionNext.merge(
+          defaults,
+          PermissionNext.fromConfig({
+            "*": "deny",
+            // SQL read tools
+            sql_execute: "allow", sql_validate: "allow", sql_analyze: "allow",
+            sql_translate: "allow", sql_optimize: "allow", lineage_check: "allow",
+            sql_explain: "allow", sql_format: "allow", sql_fix: "allow",
+            sql_autocomplete: "allow", sql_diff: "allow",
+            // SQL writes denied
+            sql_execute_write: "deny",
+            // Warehouse/schema/finops
+            warehouse_list: "allow", warehouse_test: "allow", warehouse_discover: "allow",
+            schema_inspect: "allow", schema_index: "allow", schema_search: "allow",
+            schema_cache_status: "allow", schema_detect_pii: "allow",
+            schema_tags: "allow", schema_tags_list: "allow",
+            finops_query_history: "allow", finops_analyze_credits: "allow",
+            finops_expensive_queries: "allow", finops_warehouse_advice: "allow",
+            finops_unused_resources: "allow", finops_role_grants: "allow",
+            finops_role_hierarchy: "allow", finops_user_roles: "allow",
+            // Core tools
+            altimate_core_validate: "allow", altimate_core_check: "allow",
+            altimate_core_rewrite: "allow",
+            // Read-only file access
+            read: "allow", grep: "allow", glob: "allow",
+            webfetch: "allow", websearch: "allow",
+            question: "allow", tool_lookup: "allow",
+            // Bash: last-match-wins — "*": "deny" MUST come first, then specific allows override
+            bash: {
+              "*": "deny",
+              "ls *": "allow", "grep *": "allow", "cat *": "allow",
+              "head *": "allow", "tail *": "allow", "find *": "allow", "wc *": "allow",
+              "dbt list *": "allow", "dbt ls *": "allow", "dbt debug *": "allow",
+            },
+            // Training
+            training_save: "allow", training_list: "allow", training_remove: "allow",
+          }),
+          userWithSafety,
+        ),
+        mode: "primary",
+        native: true,
+      },
+      // altimate_change end
       build: {
         name: "build",
         description: "The default agent. Executes tools based on configured permissions.",
@@ -260,6 +343,9 @@ export namespace Agent {
     return pipe(
       await state(),
       values(),
+      // altimate_change start - default agent is "builder" not "build"
+      sortBy([(x) => (cfg.default_agent ? x.name === cfg.default_agent : x.name === "builder"), "desc"]),
+      // altimate_change end
       sortBy([(x) => (cfg.default_agent ? x.name === cfg.default_agent : x.name === "build"), "desc"]),
     )
   }

packages/opencode/src/cli/cmd/providers.ts

@@ -253,6 +253,9 @@ export const ProvidersLoginCommand = cmd({
   builder: (yargs) =>
     yargs
       .positional("url", {
+        // altimate_change start — branding
+        describe: "altimate auth provider",
+        // altimate_change end
         describe: "opencode auth provider",
         type: "string",
       })

packages/opencode/src/cli/cmd/run.ts

@@ -229,6 +229,9 @@ export const RunCommand = cmd({
         array: true,
         default: [],
       })
+      // altimate_change start - activate tracer for session
+      if (tracer) Tracer.setActive(tracer)
+      // altimate_change end
       .option("command", {
         describe: "the command to run, use message for args",
         type: "string",
@@ -544,6 +547,30 @@ export const RunCommand = cmd({
           if (event.type === "permission.asked") {
             const permission = event.properties
             if (permission.sessionID !== sessionID) continue
+            // altimate_change start - yolo mode: auto-approve instead of auto-reject
+            const yolo = args.yolo || Flag.ALTIMATE_CLI_YOLO
+            if (yolo) {
+              UI.println(
+                UI.Style.TEXT_WARNING_BOLD + "!",
+                UI.Style.TEXT_NORMAL +
+                  `yolo mode: auto-approved ${permission.permission} (${permission.patterns.join(", ")})`,
+              )
+              await sdk.permission.reply({
+                requestID: permission.id,
+                reply: "once",
+              })
+            } else {
+              UI.println(
+                UI.Style.TEXT_WARNING_BOLD + "!",
+                UI.Style.TEXT_NORMAL +
+                  `permission requested: ${permission.permission} (${permission.patterns.join(", ")}); auto-rejecting`,
+              )
+              await sdk.permission.reply({
+                requestID: permission.id,
+                reply: "reject",
+              })
+            }
+            // altimate_change end
             UI.println(
               UI.Style.TEXT_WARNING_BOLD + "!",
               UI.Style.TEXT_NORMAL +