v1.14.44

Core

Bugfixes

• Fixed upgrades failing for existing workspaces when adding the time_used field.

v1.14.43

Core

Bugfixes

• Keep provider and config API responses working when auth loaders add non-JSON options to providers.
• Include tool image attachments in ACP updates and session replays. (@SteffenDE)

Thank you to 1 community contributor:

• @SteffenDE:
  • fix(acp): include tool image attachments in updates (#25128)

v1.14.42

Core

Improvements

• Added HTTP API response compression for large non-streaming responses.
• Added the Scout agent for repo research, docs lookup, and dependency-source inspection.
• Added workspace sync so adapter-backed workspaces can be discovered and registered automatically.
• Added an interactive split-footer mode for opencode run.
• Simplified TUI keybinding config into a flat keybind format.
• Made duplicate worktree names fall back to the parent directory for clearer labels.

Bugfixes

• Fixed HTTP API auth responses to match the previous wire format for empty authorize results and share errors.
• Returned structured validation errors from the HTTP API.
• Rejected invalid permission and question IDs in the HTTP API.
• Included auth challenges on typed HTTP API 401 responses.
• Fixed the HTTP API OpenAPI document route.
• Fixed detached sessions so they are claimed by the source project again.
• Forwarded SIGINT, SIGTERM, and SIGHUP correctly when running through the npm shim. (@chubes4)
• Allowed skills without descriptions to load correctly.
• Required auth on effect HTTP API root routes. (@RajvardhanPatil07)
• Kept tool ordering stable so tool lists stop reshuffling between runs.
• Made retry dialogs more specific to the provider and failure reason.
• Fixed Gemini reasoning controls so supported effort levels and small-mode defaults match the model.
• Fixed Anthropic Opus 4.5 reasoning effort options.
• Limited OpenAI deep research models to the reasoning level they actually support.
• Fixed GPT-5 reasoning variants so the exposed effort options match each model family.

TUI

Improvements

• Show retrying sessions as active in the project sidebar. (@edemaine)

Bugfixes

• Fixed the sidebar message shown for language server state. (@Polo123456789)
• Sorted the session picker by full last-updated time instead of day buckets. (@Sleepful)
• Kept longer cleared prompts in draft history so they can be restored.

Desktop

Improvements

• Switched desktop updates to silent per-user install flow.

Thank you to 5 community contributors:

• @edemaine:
  • feat(desktop): working indicator on project sidebar (#26223)
• @RajvardhanPatil07:
  • fix(server): require auth for effect root routes (#26361)
• @chubes4:
  • fix(cli): forward signals from npm shim (#26259)
• @Sleepful:
  • fix(tui): sort session picker by full updated timestamp (#24725)
• @Polo123456789:
  • fix(sidebar): fix logic and missleading message #26469 (#26470)

v1.14.41

Core

Bugfixes

• Restored formatter output handling so formatting still works when formatters write to stdout or stderr. (@ferdinandyb)

Improvements

• Warping a session to another workspace can now carry over your uncommitted file changes.

TUI

Bugfixes

• Restored custom provider setup in /connect.

Desktop

Bugfixes

• Added a macOS Settings menu entry. (@jessedi0n)

Improvements

• Moved the desktop app's local server into a separate utility process for more reliable startup and shutdown.

Extensions

Improvements

• ACP clients now restore the last model, mode, and effort when loading sessions, and can close sessions cleanly.

Thank you to 4 community contributors:

• @carmithersh:
  • docs: add opencode-jfrog-plugin to ecosystem list for JFrog integration (#26019)
• @jessedi0n:
  • fix(desktop): add macOS settings menu entry (#26081)
• @ferdinandyb:
  • fix(format): restore stdout/stderr ignore for formatter processes (#26037)
• @YGoetschel:
  • fix: guard undefined contents in diff renderer to fix share viewer SSR crash (#21763)

v1.14.40

Core

Improvements

• Support .well-known/opencode configs that point to a separate remote config file.

Bugfixes

• Preserve assistant text when replaying signed reasoning blocks. (@edevil)
• Return consistent not-found errors for missing sessions.
• Apply CORS headers before auth so browser clients can reach legacy server endpoints.
• Fix serve, web, and ACP network options triggering runtime re-entry errors.
• Only show connected workspaces in warp flows, and carry the new directory into the session after warping.
• Restore web terminal CSP allowances.
• Sanitize invalid surrogate characters before provider transforms.
• Fix Cloudflare AI Gateway provider options for OpenAI-compatible models. (@NathanDrake2406)
• Use the current workspace with /new, including local-project warps.
• Keep editor selection context stable until it is sent.
• Retry server_is_overloaded API errors automatically.
• Restore Mistral Medium 3.5 variants so model selection works correctly.
• Show compaction summaries before retained tail messages.

TUI

Bugfixes

• Keep the selected model when model data refreshes.
• Fix /agent create to use the /agents path. (@OpeOginni)

Desktop

Improvements

• Allow trusted app windows to write to the clipboard without permission failures.

Bugfixes

• Ignore broken pipe (EPIPE) errors in desktop console logging.
• Stop auto-installing updates when quitting the app.
• Silence noisy browser API Sentry reports in production.
• Prevent sync bootstrap queries from failing during app startup.

Thank you to 6 community contributors:

• @OpeOginni:
  • fix(TUI): update agent create target path from "/agent" to "/agents" (#14427)
• @NathanDrake2406:
  • fix(cf-ai-gateway): route provider options through openaiCompatible key (#24432) (#25573)
• @imduchuyyy:
  • docs: update desktop app references from Tauri to Electron (#25965)
• @kill74:
  • docs: fix CLI attach section order (#25749)
• @zharinov:
  • fix(ui): preserve SVG tags in DOMPurify config for KaTeX math rendering (#25866)
• @edevil:
  • fix(provider): preserve assistant message content when reasoning blocks present (#21370)

v1.14.39

Desktop

Bugfixes

• Respect HTTP_PROXY and related proxy environment variables in the desktop app.
• Return null instead of failing when the desktop app cannot read a stored value.

v1.14.38

Core

Bugfixes

• Embedded UI requests now work with arbitrary connect-src origins under the default CSP.

Desktop

Bugfixes

• Desktop now trusts system CA certificates for HTTPS connections.

v1.14.37

Core

Bugfixes

• Canceling a task now also cancels child subtask sessions.

Improvements

• Improved v2 session rendering with cleaner tool states, better compaction summaries, and more accurate timing.
• Warp a session into another workspace or back to the local project.

Desktop

Bugfixes

• Run the desktop migration on startup so existing installs transition correctly after the desktop packaging move.
• Stabilized the Windows titlebar when changing zoom levels.

v1.14.35

Core

Bugfixes

• Preserve diff patch boundaries so session diffs keep rendering correctly when file contents include diff --git text.

v1.14.34

Core

Improvements

• Add PTY connection tickets so authenticated terminal websockets work more reliably across clients.
• Add v2 session failure events so clients can detect and show failed runs.
• Improve shell command handling for Bash, PowerShell, and cmd sessions.

Bugfixes

• Return structured error bodies from the effect HTTP server instead of empty failures.
• Reload server auth environment variables correctly for each new HTTP listener.
• Stop worktree creation from hanging while bootstrap commands run.
• Fix Azure Anthropic model resolution when using the Anthropic SDK.
• Fix the web UI proxy so public manifest assets load and proxied responses do not break on transfer-encoding. (@OpeOginni)
• Allow Codex Spark models when signing in with Codex OAuth. (@Utkub24)
• Fix embedded UI serving from the standalone server build.
• Fix PTY websocket connections from Desktop when using the HttpApi server.
• Respect custom basic auth usernames in opencode clients.
• Prompt browsers for basic auth on protected server logins. (@OpeOginni)
• Show real server error messages in the CLI and SDK instead of bare {}.
• Prevent large diffs from using unbounded memory.
• Fix v2 session API responses to encode optional fields correctly.
• Fix pagination Link headers to use the real request host.

TUI

Improvements

• Add debug info to print environment and diagnostic details.

Bugfixes

• Add a --username option for basic-auth server connections. (@OpeOginni)
• Pass server auth through internal ACP connections.
• Show provider login errors from stderr instead of swallowing them.

Desktop

Bugfixes

• Prevent terminal reconnect loops after recovery failures.
• Preserve auth-token credentials when reopening the app.

Thank you to 4 community contributors:

• @PanAchy:
  • chore(opencode): exclude .map files from CLI binary build (#25500)
• @OpeOginni:
  • fix(httpapi): add basic auth challenge for browser login
  • fix(auth): add username option for basic auth in RunCommand (#25600)
  • fix(opencode): strip transfer-encoding in UI proxy and allow public manifest assets (#25698)
• @Utkub24:
  • fix: allow Codex Spark with Codex OAuth (#25640)
• @cgilly2fast:
  • chore(docs): rename firmware provider to frogbot (#25453)