v1.14.39

Desktop

Bugfixes

• Respect HTTP_PROXY and related proxy environment variables in the desktop app.
• Return null instead of failing when the desktop app cannot read a stored value.

v1.14.38

Core

Bugfixes

• Embedded UI requests now work with arbitrary connect-src origins under the default CSP.

Desktop

Bugfixes

• Desktop now trusts system CA certificates for HTTPS connections.

v1.14.37

Core

Bugfixes

• Canceling a task now also cancels child subtask sessions.

Improvements

• Improved v2 session rendering with cleaner tool states, better compaction summaries, and more accurate timing.
• Warp a session into another workspace or back to the local project.

Desktop

Bugfixes

• Run the desktop migration on startup so existing installs transition correctly after the desktop packaging move.
• Stabilized the Windows titlebar when changing zoom levels.

v1.14.35

Core

Bugfixes

• Preserve diff patch boundaries so session diffs keep rendering correctly when file contents include diff --git text.

v1.14.34

Core

Improvements

• Add PTY connection tickets so authenticated terminal websockets work more reliably across clients.
• Add v2 session failure events so clients can detect and show failed runs.
• Improve shell command handling for Bash, PowerShell, and cmd sessions.

Bugfixes

• Return structured error bodies from the effect HTTP server instead of empty failures.
• Reload server auth environment variables correctly for each new HTTP listener.
• Stop worktree creation from hanging while bootstrap commands run.
• Fix Azure Anthropic model resolution when using the Anthropic SDK.
• Fix the web UI proxy so public manifest assets load and proxied responses do not break on transfer-encoding. (@OpeOginni)
• Allow Codex Spark models when signing in with Codex OAuth. (@Utkub24)
• Fix embedded UI serving from the standalone server build.
• Fix PTY websocket connections from Desktop when using the HttpApi server.
• Respect custom basic auth usernames in opencode clients.
• Prompt browsers for basic auth on protected server logins. (@OpeOginni)
• Show real server error messages in the CLI and SDK instead of bare {}.
• Prevent large diffs from using unbounded memory.
• Fix v2 session API responses to encode optional fields correctly.
• Fix pagination Link headers to use the real request host.

TUI

Improvements

• Add debug info to print environment and diagnostic details.

Bugfixes

• Add a --username option for basic-auth server connections. (@OpeOginni)
• Pass server auth through internal ACP connections.
• Show provider login errors from stderr instead of swallowing them.

Desktop

Bugfixes

• Prevent terminal reconnect loops after recovery failures.
• Preserve auth-token credentials when reopening the app.

Thank you to 4 community contributors:

• @PanAchy:
  • chore(opencode): exclude .map files from CLI binary build (#25500)
• @OpeOginni:
  • fix(httpapi): add basic auth challenge for browser login
  • fix(auth): add username option for basic auth in RunCommand (#25600)
  • fix(opencode): strip transfer-encoding in UI proxy and allow public manifest assets (#25698)
• @Utkub24:
  • fix: allow Codex Spark with Codex OAuth (#25640)
• @cgilly2fast:
  • chore(docs): rename firmware provider to frogbot (#25453)

v1.14.33

Core

• Fix issue with custom agents in plugins not loading

Thank you to 3 community contributors:

• @jerome-benoit:
  • fix(nix): remove stale packages/shared filter (#24930)
• @OpeOginni:
  • docs: CLI docs for current commands and flags (#25399)
• @HyeokjaeLee:
  • fix(instance): restore InstanceBootstrap init parameter for non-Effec… (#25449)

v1.14.32

Core

• Shell mode in the prompt stays editable, so backspace, cursor movement, and other editing keys work again.
• Fixed HTTP API workspace adapters losing instance context, which could break workspace create, sync, and routing flows.
• Fixed experimental workspace creation requests that omit extra.
• Fixed OpenAPI parameter schemas so generated clients match the public API.
• Unsupported image formats now fall back to text reads instead of being sent as image attachments. (@zeke)
• Agents can use the global temp directory without extra permission prompts.
• Fixed Bedrock sessions that include reasoning content when switching models.
• Session archive timestamps now reject non-finite values, avoiding invalid JSON in API payloads.

TUI

• Reduced startup theme flashing when using the system theme.
• The animated logo now avoids subpixel rendering on terminals without truecolor support.

Thank you to 2 community contributors:

• @luojiyin1987:
  • fix: correct documentation typos (#25260)
• @zeke:
  • fix(read): prevent unsupported image formats from being sending to provider (#21114)

v1.14.31

Core

• Azure setup now prompts for the resource name when needed and saves it with the API key.
• Task child sessions now preserve parent external_dir and deny permissions. (@remorses)
• Invalid remote MCP URLs now fail with a clear error instead of breaking setup.

Desktop

• Restoring saved messages no longer crashes the app when a model is missing.

Thank you to 1 community contributor:

• @remorses:
  • fix(opencode): preserve external_dir and deny parent permissions in task child sessions (#23290)

v1.14.30

Core

• Fixed missing sessions in Desktop caused by path mismatches, including recovery for existing stored data.
• Fixed Azure Responses defaults to avoid reasoning item ordering errors.
• Improved DeepSeek compatibility with providers that vary model naming.
• Added Mistral Medium 3.5 with reasoning support. (@rubdos)
• Made instruction precedence more predictable by applying global instructions before project and skill instructions.
• Reconnected editor context when switching to a session in another directory.
• Fixed forked sessions so compacted history stays intact. (@spark4862)
• Reduced memory growth in long-running bash tool usage.
• Sessions now filter to the current path by default, with a setting to show the whole project.
• Kept GitHub Copilot model variants in sync with the latest API capabilities.
• Fixed Zed selections with UTF-8 text so editor context uses the right ranges.

TUI

• Added a quick toggle for paste summaries.
• Invalid custom themes no longer crash the TUI on startup.

Thank you to 3 community contributors:

• @Vect0rM:
  • docs: add Atomic Chat provider section (#23069)
• @spark4862:
  • fix(session): remap compaction tail_start_id when forking (#24898)
• @rubdos:
  • feat: add Mistral Medium 3.5 with reasoning support (#24996)

v1.14.29

Core

• Sessions now keep a relative workspace path.
• Moonshot and Kimi tool schemas are sanitized to avoid rejected tool calls.
• MCP OAuth errors now match the native API more closely.
• Provider OAuth authorize errors now match the native API more closely.
• Shell cancellations now finish cleanly instead of leaving aborted commands in a bad state.
• Creating a session over HTTP now works with an empty request body.
• Workspace HTTP API routes are now mounted through the bridge.
• Tool streaming now defaults off for non-Anthropic models when using the Anthropic SDK.
• DeepSeek OpenAI-compatible setups now keep reasoning_content interleaved by default.
• The experimental LSP tool now forwards the workspace symbol query.
• Google Vertex now defaults tool call streaming off.

TUI

• Zed context polling stays responsive.
• Pressing Enter in dialogs now triggers the dialog instead of leaking through. (@CasualDeveloper)
• File context is clearer, can be turned off, and clears after sending.
• opencode agent create now writes a valid permissions.deny config. (@21pounder)

Desktop

• Per-workspace icon overrides now stay applied for subdirectories in the same repo.
• Sync state loading is more reliable for MCP, LSP, and workspace refreshes.

Thank you to 3 community contributors:

• @21pounder:
  • fix(opencode): agent create generates permissions field with deny ins… (#24482)
• @SeashoreShi:
  • docs: fix duplicated word in CLI env var table (#24614)
• @CasualDeveloper:
  • fix(tui): consume Enter in dialog useKeyboard handlers (#23390)