qmax-code is now open source

All posts

Today we’re flipping qmax-code — the Go + Charm terminal agent that drives the QualityMax test loop — to fully public on GitHub.

Quality-Max/qmax-code

Go · AI-powered terminal agent · Claude orchestration over the QualityMax API

Open on GitHub →

If you’ve been using qmax-code from the install script, nothing changes for you — same binary, same install command, same QualityMax API key. What changes is that you can now read every line of what the agent does: how it composes the Claude conversation, which tools it exposes, how the auth keychain works, how it talks to the QualityMax REST API.

Why now

Two reasons. The first is technical — AI coding agents that touch your filesystem, your git repository, and your test runner shouldn’t be a black box. After the Claude Code source leak, we wrote about how the industry is securing these things in the wrong direction. The honest answer to “is your agent doing what it claims” is: read the source.

The second is product — the QualityMax bet has always been the platform (the project graph, the test database, the AI review gates, the SAST + tech-debt scanners, the multi-model router). qmax-code is the local thin client that talks to that platform. It always made more sense as a fork-friendly Go binary anyone can audit than as a guarded artifact behind a download wall. We picked the Functional Source License (FSL-1.1-ALv2) for the release — source-available today, plain Apache 2.0 two years from each release. More on that below.

What’s in the repo

The full source for the v1.13 binary you already have on your machine. Highlights:

agent.go — the Claude API agentic loop with tool-use, streaming, and conversation history.
tools.go — 20+ tool definitions that map 1:1 to QualityMax operations: list_test_cases, generate_test_code, run_test, check_test_status, crawl_site, and the rest.
api_client.go — direct REST client against app.qualitymax.io. Standalone — no qmax CLI or SDK required.
auth.go — OS-keychain-backed token storage and the qmax-code login flow.
terminal.go — the cat ASCII banner, tool icons, readline, and color palette.
context.go — per-session context loaded from ~/.qmax/config.json.

If you want to know exactly what the agent does on your machine before running it, that file list is your map.

Forking is encouraged

The thing we hope happens: someone forks qmax-code, swaps the API client out for their own internal QA service, and ends up with a Claude-driven terminal agent for their company’s test infrastructure. The tool registry is the interesting part — everything else is wiring.

If you build something on top of qmax-code, drop a note in Discussions or send a PR. Bug reports go in Issues.

Already running qmax-code?

The install script and the binary it pulls in haven’t changed. You’re running the same agent — you can now just git clone the source and audit it.

Two minutes to install from source

If you want to build it yourself instead of using the install script:

# Install Go 1.21+ first, then:
git clone https://github.com/Quality-Max/qmax-code.git
cd qmax-code
go install ./...

# Or the prebuilt binary, same as before:
curl -sL https://qualitymax.io/static/install-qmax-code.txt | bash

qmax-code> /login
# Paste your API key from app.qualitymax.io/settings

Then point it at a project and start a session. Same flow as the install-script version — the binary just happens to be one you can rebuild yourself now.

About the license

qmax-code is published under the Functional Source License v1.1 with Apache 2.0 as the future license (FSL-1.1-ALv2). In practical terms: read it, fork it, modify it, run it inside your company — that’s all fine. The one thing the license forbids is using it to build a directly competing product. Two years after each release, that restriction lifts and the code becomes plain Apache 2.0. FSL was created by the Sentry team for exactly this kind of source-available release.

Roadmap

The roadmap that’s already in the repo:

Plugin tools. Today the 20-tool registry is hardcoded in tools.go. We’re moving to a config-driven plugin loader so a fork can add custom QA tools without patching core.
Local model routing. v1.12 already routes between Ollama endpoints and Claude. The endpoint config is currently in ~/.qmax-code/config.json — we want it in the repo as a sample config so first-time setup is one file copy.
Telemetry opt-in. The current binary sends zero telemetry; we’ll add an explicit opt-in flag for users who want to share anonymous tool-call distributions to help us prioritise improvements.

If any of those interests you, the issues are tagged good-first-issue and help-wanted.

Star the repo, send a PR, fork it

qmax-code is published under FSL-1.1-ALv2 (converts to Apache 2.0 in 2 years). The whole agent — tool registry, Claude loop, terminal UI — is yours to read, fork, and improve.

View on GitHub → qmax-code features →

qmax-code isnow open source