Credential-Zugriff
May access repository files, tool configs, and environment variables available to the agent session.
brew
Prüfe Installationswege, Executables, Metadaten und Sicherheitshinweise für opencode in AI-Agent-Workflows.
Agent-Sicherheit
opencode is an agent-facing coding tool that can read files and invoke local developer workflows.
May access repository files, tool configs, and environment variables available to the agent session.
Can trigger local tools that mutate Git, cloud, or package state.
Can generate code or commands that become release artifacts.
Run under containment and gate sensitive tool actions.
Use with scanned worktrees; require approval before commands that expose credentials or mutate remote systems.
Installation
brew install opencodelocal Homebrew formula metadata
sudo port install opencodeMacPorts ports tree · llm/opencode/Portfile · Quelle: api.github.com
nix profile install nixpkgs#opencodenixpkgs package indexes · pkgs/by-name/op/opencode/package.nix · Quelle: api.github.com
sudo pacman -S opencodeArch Linux sync databases · opencode · Quelle: geo.mirror.pkgbuild.com
choco install opencodeChocolatey community package catalog · opencode · Quelle: community.chocolatey.org
scoop install main/opencodeScoop official bucket manifest trees · bucket/opencode.json · Quelle: api.github.com
winget install --id SST.OpenCodeDesktop -eWindows Package Manager source index · SST.OpenCodeDesktop · Quelle: cdn.winget.microsoft.com
Überblick
AI coding agent, built for the terminal
Verlauf
OpenCode is an open-source AI coding agent distributed for terminal, IDE, and desktop workflows. The project positions the CLI as a coding assistant with a native terminal interface, LSP awareness, multi-session work, session sharing, and support for many model providers.
The official documentation and repository present OpenCode as a rapidly distributed developer tool rather than a project with a deeply documented pre-release history. Its packaging moved across the JavaScript ecosystem, Homebrew, Arch, Windows package managers, Nix, and a beta desktop app, which reflects the AI-coding-agent pattern of shipping a local CLI plus integrations rather than only a hosted service.
The repository installation notes distinguish the project-maintained Homebrew tap from the Homebrew core formula, saying the tap is recommended for faster updates while `brew install opencode` is maintained by Homebrew and updated less frequently. That distinction matters because the package in this batch is the Homebrew formula rather than the upstream tap.
OpenCode's own site makes large adoption claims, including GitHub stars, contributors, commits, and monthly developer usage. Those are project-published metrics rather than independent measurements, but they show how the project presents itself: as a mainstream open-source alternative in the coding-agent ecosystem.
Developers use `opencode` as an interactive agent for repository work: asking questions, requesting features, making code changes, undoing changes, and running parallel sessions. The docs list API keys as a prerequisite and describe use from a modern terminal emulator, with desktop and IDE forms for users who do not want only a TUI.
OpenCode is package-nerdy because it is a CLI front end over a fast-moving agent stack: releases must coordinate model-provider auth, terminal UI behavior, editor integration, desktop artifacts, and package managers that update at different speeds. Its Homebrew formula is part of a broader install matrix rather than the single canonical upstream channel.
Sicherheitslage
Für opencode wurde kein passendes lokales Secret-Handling-Manifest gefunden. Nucleus-Paketmetadaten bleiben hier veröffentlicht, damit künftige Abdeckung eine stabile Paket-URL hat.
Prüfe vor unbeaufsichtigter Agent-Nutzung, ob das Tool Klartext-Credentials liest, Remote-Zustand schreibt, Artefakte veröffentlicht oder Plugins ausführt.
local files
These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.
Credential-bearing paths to review before unattended agent runs.
~/Library/Application Support/opencode/auth.json~/Library/Application Support/opencode/account.json$XDG_DATA_HOME/opencode/auth.json$XDG_DATA_HOME/opencode/account.json~/.local/share/opencode/auth.json~/.local/share/opencode/account.jsonExecutables
| Befehl | Art | Sichtbarkeit | Hinweis |
|---|---|---|---|
opencode | cli | globales Executable |
Aktualität
Diese Signale trennen das Alter der Seitengenerierung, Aktivität des Paketmanagers und Upstream-Release-Vergleich. Versionsrückstand wird nur gemeldet, wenn eine Evidenz-URL und vergleichbare Versionen vorhanden sind.
Installationsmetadaten
| Paketschlüssel | brew:opencode |
|---|---|
| Version | 1.17.15 |
| Paketmanager | Homebrew |
| Paketmanager-Seite | https://formulae.brew.sh/formula/opencode |
| Homepage | https://opencode.ai |
| Repository | https://github.com/anomalyco/opencode |
| Upstream-Dokumentation | https://opencode.ai/docs |
| Lizenz | MIT |
| Quellarchiv | https://registry.npmjs.org/opencode-ai/-/opencode-ai-1.17.15.tgz |
| Zuletzt aktualisiert | 2026-07-08T16:55:07Z |
| Pulse | updated |
| Abhängigkeiten | node, ripgrep |
| Bottle | verfügbar (auf arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux) |
| Homebrew post-install | nicht definiert |
| Dienst | keiner deklariert |
Registry-Fakten
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | opencode |
| Version Scheme | 0 |
| Revision | 0 |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
Source-Datenbank-Treffer
Treffer stammen aus externen Paketmanager-Indizes und bleiben von lokalen Automic-Vault-Paketlinks getrennt.
opencode
nix profile install nixpkgs#opencodeopencode 1.17.3-1
The open source coding agent
https://github.com/anomalyco/opencode
sudo pacman -S opencodeopencode
sudo port install opencodeopencode
choco install opencodemain/opencode
scoop install main/opencodeSST.OpenCodeDesktop
winget install --id SST.OpenCodeDesktop -eSST.opencode
winget install --id SST.opencode -eQuellspur
Diese Seite wird von av-web aus dem privaten Paket-SQLite-Artefakt bereitgestellt, das scripts/generate-pkg-sqlite.py erstellt.
View the package source record on GitHub.