OpenCode v1.14.46: Config Safety & API Query Fixes
OpenCode 1.14.46 adds a built-in config safety skill and fixes critical HTTP API query parameter bugs, legacy session loading, and a Plan Mode security bypass affecting subagent permissions.
TL;DR
- New built-in skill prevents config edits from breaking startup
- Fixed HTTP API query parameter handling across multiple endpoints
- Patched Plan Mode security bypass affecting subagent deny rules
- Resolved legacy session data loading failures
New
- customize-opencode skill — Built-in skill reduces risk of breaking OpenCode startup when editing config files
Fixed
- Numeric and boolean HTTP API query parameters now correctly reflected in OpenAPI spec and SDK types
- SDK type validation and runtime behavior now aligned for query parameter handling
- Legacy numeric values in sessions, diffs, and retry events no longer cause load failures
- Sessions with negative token counts that previously crashed message loads and Desktop startup
- MCP tool discovery failures when servers publish broken
outputSchemareferences - Workspace HTTP API query drift — workspace-routed endpoints now expose correct query parameters in OpenAPI and SDK
Breaking Changes
- Plan Mode security fix: subagents can no longer bypass parent-agent deny rules — review existing agent hierarchies if relying on previous behavior
Update: npm install opencode@1.14.46 or check the release page for other package managers.
Source: OpenCode
