Description
npm i -g opencode-ai@latest works on my corporate macOS machine, but opencode upgrade fails.
The machine uses an internal npm registry hosted in Artifactory. Authentication is configured in .npmrc, and the token/auth flow is backed by macOS Keychain. In other words, normal npm commands work because npm honors the existing .npmrc setup.
opencode upgrade appears to bypass npm's auth handling when it checks for the latest version, so it fails against the internal registry with a 401.
Observed error:
Error: Unexpected error, check log file at /User/xxxxx/.local/share/opencode/log/2026-04-19T133736.log for more deails
StatusCode: non 2xx status code (401 GET https://artifactory.xxxxxx.com/artifactory/api/npm/npm-internalfacing/opencode-ai/latest)
That behaviour breaks in environments where npm CLI can authenticate successfully using .npmrc, but a raw HTTP client cannot.
This likely affects more than just the upgrade, because there are other scenarios where I noticed 401 - while adding a new plugin to opencode.json, I have also seen the patch tool returning ~ Preparing patch... NPMInstallFailedError
Expected behaviour
Opencode should never bypass npm's auth/config handling for npm commands(npm, pnpm, bun).
For example, opencode upgrade should use an auth-aware mechanism such as:
- npm-config-aware API that honors .npmrc, registry auth, and corporate credential setup.
Plugins
None
OpenCode version
1.4.11
Steps to reproduce
- Use a corporate/internal npm registry as the default npm registry. Might be able to reproduce without the internal npm registry, just by creating the npm auth token and adding it to Keychain or by adding the token to the .npmrc with
always-auth=true and strict-ssl=true.
- Configure authentication in .npmrc so standard npm commands work.
- Confirm
npm i -g opencode-ai@latest works.
- Run
opencode upgrade.
- Observe a 401 from the internal registry on
GET <registry>/apencode-ai/latest.
Screenshot and/or share link
No response
Operating System
MacOS 24.4.1
Terminal
Ghostty
Description
npm i -g opencode-ai@latestworks on my corporate macOS machine, butopencode upgradefails.The machine uses an internal npm registry hosted in Artifactory. Authentication is configured in .npmrc, and the token/auth flow is backed by macOS Keychain. In other words, normal npm commands work because npm honors the existing .npmrc setup.
opencode upgradeappears to bypass npm's auth handling when it checks for the latest version, so it fails against the internal registry with a 401.Observed error:
That behaviour breaks in environments where npm CLI can authenticate successfully using .npmrc, but a raw HTTP client cannot.
This likely affects more than just the upgrade, because there are other scenarios where I noticed 401 - while adding a new plugin to opencode.json, I have also seen the patch tool returning
~ Preparing patch... NPMInstallFailedErrorExpected behaviour
Opencode should never bypass npm's auth/config handling for npm commands(npm, pnpm, bun).
For example,
opencode upgradeshould use an auth-aware mechanism such as:Plugins
None
OpenCode version
1.4.11
Steps to reproduce
always-auth=trueandstrict-ssl=true.npm i -g opencode-ai@latestworks.opencode upgrade.GET <registry>/apencode-ai/latest.Screenshot and/or share link
No response
Operating System
MacOS 24.4.1
Terminal
Ghostty