Automic VaultAutomic Vault

brew

opencode mit Homebrew, chocolatey, MacPorts, Nix, pacman, scoop, winget installieren

Prüfe Installationswege, Executables, Metadaten und Sicherheitshinweise für opencode in AI-Agent-Workflows.

Agent-Sicherheit

Antwort zur Agent-Sicherheit

opencode is an agent-facing coding tool that can read files and invoke local developer workflows.

Credential-Zugriff

May access repository files, tool configs, and environment variables available to the agent session.

Änderungen an Remote-Zustand

Can trigger local tools that mutate Git, cloud, or package state.

Publish-/Artefakt-Risiko

Can generate code or commands that become release artifacts.

Empfohlene Kontrolle

Run under containment and gate sensitive tool actions.

Hinweise für Agent-Nutzung

Use with scanned worktrees; require approval before commands that expose credentials or mutate remote systems.

Installation

Weitere Installationsbefehle

macOS

Homebrewverifiziert · 100%
brew install opencode

local Homebrew formula metadata

MacPortsverifiziert · 94%
sudo port install opencode

MacPorts ports tree · llm/opencode/Portfile · Quelle: api.github.com

Linux

Nixverifiziert · 92%
nix profile install nixpkgs#opencode

nixpkgs package indexes · pkgs/by-name/op/opencode/package.nix · Quelle: api.github.com

Arch Linux pacmanverifiziert · 92%
sudo pacman -S opencode

Arch Linux sync databases · opencode · Quelle: geo.mirror.pkgbuild.com

Windows

Chocolateyverifiziert · 92%
choco install opencode

Chocolatey community package catalog · opencode · Quelle: community.chocolatey.org

Scoopverifiziert · 92%
scoop install main/opencode

Scoop official bucket manifest trees · bucket/opencode.json · Quelle: api.github.com

Windows Package Managerverifiziert · 92%
winget install --id SST.OpenCodeDesktop -e

Windows Package Manager source index · SST.OpenCodeDesktop · Quelle: cdn.winget.microsoft.com

Überblick

Paketzusammenfassung

AI coding agent, built for the terminal

Verlauf

Projektgeschichte und Nutzung

OpenCode is an open-source AI coding agent distributed for terminal, IDE, and desktop workflows. The project positions the CLI as a coding assistant with a native terminal interface, LSP awareness, multi-session work, session sharing, and support for many model providers.

Projektgeschichte

The official documentation and repository present OpenCode as a rapidly distributed developer tool rather than a project with a deeply documented pre-release history. Its packaging moved across the JavaScript ecosystem, Homebrew, Arch, Windows package managers, Nix, and a beta desktop app, which reflects the AI-coding-agent pattern of shipping a local CLI plus integrations rather than only a hosted service.

The repository installation notes distinguish the project-maintained Homebrew tap from the Homebrew core formula, saying the tap is recommended for faster updates while `brew install opencode` is maintained by Homebrew and updated less frequently. That distinction matters because the package in this batch is the Homebrew formula rather than the upstream tap.

Adoptionsgeschichte

OpenCode's own site makes large adoption claims, including GitHub stars, contributors, commits, and monthly developer usage. Those are project-published metrics rather than independent measurements, but they show how the project presents itself: as a mainstream open-source alternative in the coding-agent ecosystem.

Wie es verwendet wird

Developers use `opencode` as an interactive agent for repository work: asking questions, requesting features, making code changes, undoing changes, and running parallel sessions. The docs list API keys as a prerequisite and describe use from a modern terminal emulator, with desktop and IDE forms for users who do not want only a TUI.

Warum Paket-Nerds sich dafür interessieren

OpenCode is package-nerdy because it is a CLI front end over a fast-moving agent stack: releases must coordinate model-provider auth, terminal UI behavior, editor integration, desktop artifacts, and package managers that update at different speeds. Its Homebrew formula is part of a broader install matrix rather than the single canonical upstream channel.

Sicherheitslage

Noch keine Protected-Tool-Abdeckung gefunden

Für opencode wurde kein passendes lokales Secret-Handling-Manifest gefunden. Nucleus-Paketmetadaten bleiben hier veröffentlicht, damit künftige Abdeckung eine stabile Paket-URL hat.

Installationsverhalten

  • In den Formelmetadaten ist kein Homebrew-Post-install-Hook erfasst.
  • Homebrew-Bottle-Metadaten sind für 6 Plattformziele verfügbar.
  • Installiert mit 2 Laufzeitabhängigkeiten.

Empfohlene Prüfung

Prüfe vor unbeaufsichtigter Agent-Nutzung, ob das Tool Klartext-Credentials liest, Remote-Zustand schreibt, Artefakte veröffentlicht oder Plugins ausführt.

local files

Configuration and credential file locations

These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.

Credential files

Credential-bearing paths to review before unattended agent runs.

macOS
~/Library/Application Support/opencode/auth.json~/Library/Application Support/opencode/account.json
Unix
$XDG_DATA_HOME/opencode/auth.json$XDG_DATA_HOME/opencode/account.json~/.local/share/opencode/auth.json~/.local/share/opencode/account.json

Executables

Installierte Executables

BefehlArtSichtbarkeitHinweis
opencodecliglobales Executable

Aktualität

Version und Aktualität

Diese Signale trennen das Alter der Seitengenerierung, Aktivität des Paketmanagers und Upstream-Release-Vergleich. Versionsrückstand wird nur gemeldet, wenn eine Evidenz-URL und vergleichbare Versionen vorhanden sind.

Seite generiert2026-07-10
Manager-Version1.17.15
Manager aktualisiert2026-07-08
lokale DatenOK
Upstreamnot checked
neueste erkannte Versionnicht erkannt

https://opencode.ai

  • InfoRelease/tag comparison is only available for GitHub repositories.https://opencode.ainone Konfidenz

Installationsmetadaten

Paketmetadaten

Paketschlüsselbrew:opencode
Version1.17.15
PaketmanagerHomebrew
Paketmanager-Seitehttps://formulae.brew.sh/formula/opencode
Homepagehttps://opencode.ai
Repositoryhttps://github.com/anomalyco/opencode
Upstream-Dokumentationhttps://opencode.ai/docs
LizenzMIT
Quellarchivhttps://registry.npmjs.org/opencode-ai/-/opencode-ai-1.17.15.tgz
Zuletzt aktualisiert2026-07-08T16:55:07Z
Pulseupdated
Abhängigkeitennode, ripgrep
Bottleverfügbar (auf arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux)
Homebrew post-installnicht definiert
Dienstkeiner deklariert

Registry-Fakten

Details aus der Quelldatenbank

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Nameopencode
Version Scheme0
Revision0
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • stable

Source-Datenbank-Treffer

Andere Paketmanager-Einträge

Treffer stammen aus externen Paketmanager-Indizes und bleiben von lokalen Automic-Vault-Paketlinks getrennt.

Nix95%

opencode

nix profile install nixpkgs#opencode
  • normalized package name match
  • Abgeglichen nach: Opencode
nixpkgs package indexes · api.github.com · nixpkgs package indexes: pkgs/by-name/op/opencode/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1
pacman95%

opencode 1.17.3-1

The open source coding agent

https://github.com/anomalyco/opencode

sudo pacman -S opencode
  • License: MIT
  • Architecture: x86_64
  • 5 Abhängigkeiten
  • 2 optionale Abhängigkeiten
  • normalized package name match
  • Abgeglichen nach: Opencode
Arch Linux sync databases · geo.mirror.pkgbuild.com · Arch Linux sync databases: opencode from https://geo.mirror.pkgbuild.com/extra/os/x86_64/extra.db.tar.gz
MacPorts95%

opencode

sudo port install opencode
  • normalized package name match
  • Abgeglichen nach: Opencode
MacPorts ports tree · api.github.com · MacPorts ports tree: llm/opencode/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1
Chocolatey95%

opencode

choco install opencode
  • normalized package name match
  • Abgeglichen nach: Opencode
Chocolatey community package catalog · community.chocolatey.org · Chocolatey community package catalog: opencode from http://community.chocolatey.org/api/v2/Packages?$filter=IsLatestVersion&$select=Id&$top=1000&$skiptoken='11','office365homepremium'
Scoop95%

main/opencode

scoop install main/opencode
  • normalized package name match
  • Abgeglichen nach: Opencode
Scoop official bucket manifest trees · api.github.com · Scoop official bucket manifest trees: bucket/opencode.json from https://api.github.com/repos/ScoopInstaller/Main/git/trees/master?recursive=1
winget95%

SST.OpenCodeDesktop

winget install --id SST.OpenCodeDesktop -e
  • normalized package name match
  • Abgeglichen nach: Opencode
Windows Package Manager source index · cdn.winget.microsoft.com · Windows Package Manager source index: SST.OpenCodeDesktop from https://cdn.winget.microsoft.com/cache/source.msix
winget95%

SST.opencode

winget install --id SST.opencode -e
  • normalized package name match
  • Abgeglichen nach: Opencode
Windows Package Manager source index · cdn.winget.microsoft.com · Windows Package Manager source index: SST.opencode from https://cdn.winget.microsoft.com/cache/source.msix

Quellspur

Aus Repository-Daten generiert

Diese Seite wird von av-web aus dem privaten Paket-SQLite-Artefakt bereitgestellt, das scripts/generate-pkg-sqlite.py erstellt.

Verwendete Quellen

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated agent safety answer
  • curated configuration and credential file locations
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment