OpenCode v1.14.38: CSP & Certificate Trust Fixes
OpenCode v1.14.38 patches CSP handling for embedded UI and adds system CA certificate trust to the desktop client. Two focused bugfixes for web and desktop users.
TL;DR
- Embedded UI requests now respect arbitrary
connect-srcorigins under default CSP - Desktop client now trusts system CA certificates for HTTPS
- Two targeted bugfixes for web and desktop workflows
Fixed
- Embedded UI CSP handling — Embedded UI requests now work with arbitrary
connect-srcorigins under the default Content Security Policy. Fixes connectivity issues for users with custom CSP configurations. - Desktop HTTPS certificate validation — Desktop client now properly trusts system CA certificates for HTTPS connections. Resolves SSL/TLS verification failures on corporate networks and systems with custom certificate stores.
Update via: brew upgrade opencode or download the latest release from GitHub.
Source: OpenCode
