2840fdcb54
feat(agent): add agent socket API ( #20717 )
...
relates to: https://github.com/coder/internal/issues/1094
This is number 2 of 5 pull requests in an effort to add agent script
ordering. It adds a drpc API that is exposed via a local socket. This
API serves access to a lightweight DAG based dependency manager that was
inspired by systemd.
In follow-up PRs:
* This unit manager will be plumbed into the workspace agent struct.
* CLI commands will use this agentsocket api to express dependencies
between coder scripts
I used an LLM to produce some of these changes, but I have conducted
thorough self review and consider this contribution to be ready for an
external reviewer.
2025-11-21 13:09:27 +02:00
5a7d4f69f6
feat: add configurable retention for aibridge ( #20828 )
...
Closes https://github.com/coder/internal/issues/1134
---------
Signed-off-by: Danny Kopping <danny@coder.com >
2025-11-21 11:35:36 +02:00
83966e346a
fix(site): hide empty tasks list when templates are empty ( #20845 )
...
When there are no task templates, only the empty templates
prompt is displayed, and the tasks section (including controls and
table) is hidden.
2025-11-21 09:29:11 +00:00
3fe29ecf89
docs: fix ANTHROPIC_BASE_URL example in AI Bridge client docs ( #20853 )
2025-11-21 10:38:06 +02:00
ddcc841bdc
fix: set a default for presets to match the app default ( #20848 )
2025-11-20 10:55:07 -08:00
d004710a74
feat: add prebuild invalidation via last_invalidated_at timestamp ( #20582 )
...
Updates #17917
2025-11-20 17:12:25 +01:00
c2319e5b4e
fix: prevent tooltip appearing on dropdown open ( #20765 )
...
The tooltip inside CopyButton inside Userdropdown is appearing
automatically when the dropdown is opened. This feels a bit janky and
the goal of this fix is to only show the tooltip content when the user
hovers the copy button.
https://github.com/user-attachments/assets/2e41da8d-08c5-476b-b0fc-a40d4f8e3d6c
2025-11-20 08:38:07 -05:00
0cd33d1abb
chore(docs/admin/users): fix typo in headless auth page ( #20841 )
2025-11-20 11:25:54 +01:00
426cc98f7c
fix(site/src/modules/apps): distinguish JB Toolbox from Gateway ( #20830 )
...
Edits the "To use <APP>, you need to have Jetbrains Toolbox installed"
error message to vary based on JetBrains Toolbox vs. Gateway.
---------
Co-authored-by: Jake Howell <jake@hwll.me >
2025-11-20 09:54:42 +00:00
007f2df079
fix: use API, not request context to insert audit/connection logs ( #20829 )
...
Fixes : #20744
Upsert audit and connection log entries with a context derived from the API context, rather than the individual request so that we don't error out if the request is canceled or the client hangs up (e.g. if we return an error).
2025-11-20 13:01:50 +04:00
48b8e22502
fix: add Windows stub for CacheTFProviders ( #20840 )
...
Fixes https://github.com/coder/internal/issues/1119
## Description
The `CacheTFProviders` function in `testutil/terraform_cache.go` was
only available on Linux and macOS due to the `//go:build linux ||
darwin` build tag. This caused a compile error on Windows when
`enterprise/coderd/workspaces_test.go` tried to call it:
```
enterprise\coderd\workspaces_test.go:3403:28: undefined: testutil.CacheTFProviders
```
## Changes
1. Added `testutil/terraform_cache_windows.go` with a Windows-specific
stub implementation that returns an empty string
2. Updated `downloadProviders` helper in
`enterprise/coderd/workspaces_test.go` to handle empty paths gracefully
## Behavior
- On Linux/macOS: Terraform providers are cached as before
- On Windows: Provider caching is skipped, tests download providers
normally during `terraform init`
## Testing
This should fix the Windows nightly gauntlet failure. The test will
still run on Windows, just without provider caching optimization.
Co-authored-by: blink-so[bot] <211532188+blink-so[bot]@users.noreply.github.com>
2025-11-20 07:52:07 +00:00
18bef5ea2f
chore: bump golang.org/x/crypto from 0.44.0 to 0.45.0 ( #20838 )
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from
0.44.0 to 0.45.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/golang/crypto/commit/4e0068c0098be10d7025c99ab7c50ce454c1f0f9 "><code>4e0068c</code></a>
go.mod: update golang.org/x dependencies</li>
<li><a
href="https://github.com/golang/crypto/commit/e79546e28b85ea53dd37afe1c4102746ef553b9c "><code>e79546e</code></a>
ssh: curb GSSAPI DoS risk by limiting number of specified OIDs</li>
<li><a
href="https://github.com/golang/crypto/commit/f91f7a7c31bf90b39c1de895ad116a2bacc88748 "><code>f91f7a7</code></a>
ssh/agent: prevent panic on malformed constraint</li>
<li><a
href="https://github.com/golang/crypto/commit/2df4153a0311bdfea44376e0eb6ef2faefb0275b "><code>2df4153</code></a>
acme/autocert: let automatic renewal work with short lifetime certs</li>
<li><a
href="https://github.com/golang/crypto/commit/bcf6a849efcf4702fa5172cb0998b46c3da1e989 "><code>bcf6a84</code></a>
acme: pass context to request</li>
<li><a
href="https://github.com/golang/crypto/commit/b4f2b62076abeee4e43fb59544dac565715fbf1e "><code>b4f2b62</code></a>
ssh: fix error message on unsupported cipher</li>
<li><a
href="https://github.com/golang/crypto/commit/79ec3a51fcc7fbd2691d56155d578225ccc542e2 "><code>79ec3a5</code></a>
ssh: allow to bind to a hostname in remote forwarding</li>
<li>See full diff in <a
href="https://github.com/golang/crypto/compare/v0.44.0...v0.45.0 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts page](https://github.com/coder/coder/network/alerts ).
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-20 00:41:43 +00:00
b4cb490c72
chore: enable debug logs over playwright ( #20784 )
2025-11-19 15:27:40 -09:00
7615c2792b
chore: add positron icon ( #20780 )
...
Co-authored-by: ケイラ <mckayla@hey.com >
2025-11-19 16:19:54 -06:00
753e125758
chore(site): add storybook stories for task initialization states ( #20760 )
...
Adds a Storybook story to visualize the task initialization states
(workspace pending/starting, agent connecting/starting) that were
recently added.
<img width="2310" height="1600" alt="Screenshot 2025-11-17 at 18 58 55"
src="https://github.com/user-attachments/assets/16471dcf-2f7d-41d2-beba-2cf0c84c9bf0 "
/>
Follow-up from PR: https://github.com/coder/coder/pull/20692
2025-11-19 18:30:14 +00:00
17edeeaf04
fix(site): fix flaky Chromatic tests ( #20808 )
...
## Problem
The `OrgsSortedAlphabetically` test from
`OrganizationSidebarView.stories.tsx` was failing on Chromatic. Test
logic was attempting to verify organization sorting order
programmatically. This was identified in the Chromatic build of PR:
https://www.chromatic.com/build?appId=624de63c6aacee003aa84340&number=26015
After fixing this test, two additional tests started failing:
* `VanillaJavascriptError ` from `GlobalErrorBoundary.stories.tsx`: Test
was making incorrect assertions about stack trace content
* `MarkAllNotificationsAsReadError` from
`NotificationsInbox.stories.tsx`: Test was flaky due to competing
WebSocket error messages
## Solution
These are Chromatic snapshot tests, so implementation details (like
sorting order or exact error message content) are already validated by
the visual snapshots. Programmatic assertions were causing flakiness and
are redundant.
2025-11-19 18:17:12 +00:00
500c17e257
feat(agent): add agent unit manager ( #20715 )
...
relates to: https://github.com/coder/internal/issues/1094
This is number 1 of 5 pull requests in an effort to add agent script
ordering. It adds a unit manager, which uses an underlying DAG and a
list of subscribers to inform units when their dependencies have changed
in status.
In follow-up PRs:
* This unit manager will be plumbed into the workspace agent struct.
* It will then be exposed to users via a new socket based drpc API
* The agentsocket API will then become accessible via CLI commands that
allow coder scripts to express their dependencies on one another.
This is an experimental feature. There may be ways to improve the
efficiency of the manager struct, but it is more important to validate
this feature with customers before we invest in such optimizations.
See the tests for examples of how units may communicate with one
another. Actual CLI usage will be analogous.
I used an LLM to produce some of these changes, but I have conducted
thorough self review and consider this contribution to be ready for an
external reviewer.
2025-11-19 19:03:37 +02:00
35b9df86b3
chore(docs): document preset description and icon fields ( #20705 )
...
Closes https://github.com/coder/coder/issues/20599
Generated by Claude Code, reviewed by me.
2025-11-19 10:02:43 -06:00
aff208048e
feat: fix build timeline to include entire stage timings ( #20805 )
...
Measure entire stage durations for each terraform cmd execution
2025-11-19 09:35:33 -06:00
a10c5ff381
chore: protect build timings insert for invalid enums ( #20821 )
...
Database insert errors will fail the transaction. So this error is
fatal. Properly return it for a better error call stack, and not just
hiding the error in the logs.
2025-11-19 09:34:19 -06:00
f6556fce9f
test(coderd/workspaceapps/apptest): fix lastusedat assertion for all test ( #20827 )
...
The test flake can be verified by setting `ReportInterval` to a really
low value, like `100 * time.Millisecond`.
We now set it to a really high value to avoid triggering flush without
manually calling the function in test. This can easily happen because
the default value is 30s and we run tests in parallel. The assertion
typically happens such that:
[use workspace] -> [fetch previous last used] -> [flush]
-> [fetch new last used]
When this edge case is triggered:
[use workspace] -> [report interval flush]
-> [fetch previous last used] -> [flush] -> [fetch new last used]
In this case, both the previous and new last used will be the same,
breaking the test assertion.
Fixes coder/internal#960
Fixes coder/internal#975
2025-11-19 15:10:59 +02:00
8e22cd707a
feat(site): add startup script error alerts to Task Page ( #20820 )
...
Refactors Task page UI to show startup script errors as compact warning
buttons in the topbar.
Closes https://github.com/coder/coder/issues/20418
2025-11-19 11:44:22 +00:00
8ee6e9457e
fix: wait for build in task status load generator ( #20800 )
...
Wait for the External workspace build job to complete before attempting to pull its credentials from Coder. This resolves a race in the load generator.
2025-11-19 10:35:31 +04:00
0bbb7dd0a3
feat: add cleanup to task-status load test runner ( #20799 )
...
Implement Cleanup in the task status Runner, to delete the external workspaces created.
2025-11-19 10:24:30 +04:00
5ea1353d46
feat: add exp scaletest task-status command ( #20761 )
...
Adds `coder exp scaletest task-status` subcommand to generate task status update load on the Coder server.
2025-11-19 10:13:32 +04:00
52f8143ad3
fix: rename AI Governance to AI Bridge ( #20790 )
...
This pull-request simply renames our `AI Governance` feature to `AI
Bridge` whilst we evaluate the future of how we want to render the
governance of AI related features.
2025-11-19 16:47:06 +11:00
085370ec6d
chore: add "positron:" to allowed external app protocols ( #20803 )
...
<!--
If you have used AI to produce some or all of this PR, please ensure you
have read our [AI Contribution
guidelines](https://coder.com/docs/about/contributing/AI_CONTRIBUTING )
before submitting.
-->
2025-11-19 14:11:56 +11:00
c12bba40ad
fix(enterprise/cli): preserve actual error when getting provisioner key details ( #20813 )
...
Fixes #20781
Previously, when `GetProvisionerKey()` failed, the actual error was
swallowed:
```
error: unable to get provisioner key details
```
Now the actual error is preserved using error wrapping, so users can see
the real cause (e.g., 404 Not Found, connection refused, invalid key,
etc.):
```
error: unable to get provisioner key details: GET https://...: 404 Not Found
```
This makes it much easier to diagnose configuration issues.
---
*Generated by [mux](https://cmux.io )*
2025-11-19 02:09:16 +11:00
158243d146
fix: add cache for terraform installer files ( #20776 )
...
Replaces not working mocks by simple proxy that caches terraform files using test
cache
https://github.com/coder/coder/blob/16b8e6072fd84f45404e3f84bb2b6fea2424b090/testutil/cache.go#L13
Fixes: https://github.com/coder/internal/issues/1126
2025-11-18 09:52:44 +01:00
eb644732d7
feat: enable boundary on dogfood ( #20766 )
...
Enable boundary on dogfood.
Allowed domains are specified in config.yaml file.
2025-11-17 16:59:24 -05:00
a83328c1f0
docs: improve boundary docs ( #20806 )
...
Update docs for boundary v0.2.0 release.
2025-11-17 15:41:59 -05:00
a2728439ff
docs: add API key scopes documentation ( #20742 )
...
## Description
Adds a brief section to the API & Session Tokens documentation
explaining API key scopes.
## Changes
- Added "API Key Scopes" section to
`docs/admin/users/sessions-tokens.md`
- Includes overview of scope functionality and security benefits
- Documents scope format (`resource:action`) and wildcard usage
- Provides CLI examples for creating scoped tokens
- Lists common scope examples with descriptions
## Motivation
Users need documentation on how to create and use scoped API tokens for
improved security by limiting token permissions to only necessary
operations.
## Testing
- Reviewed documentation formatting
- Verified markdown structure
- Confirmed examples are accurate
2025-11-17 11:34:01 -06:00
16b8e6072f
fix: set codersdk.Task current_state during task initialization ( #20692 )
...
## Problem
With the new tasks data model, a task starts with an `initializing`
status. However, the API returns `current_state: null` to represent the
agent state, causing the frontend to display "No message available".
This PR updates `codersdk.Task` to return a `current_state` when the
task is initializing with meaningful messages about what's happening
during task initialization.
**Previous message**
<img width="2764" height="288" alt="Screenshot 2025-11-07 at 09 06 13"
src="https://github.com/user-attachments/assets/feec9f15-91ca-4378-8565-5f9de062d11a "
/>
**New message**
<img width="2726" height="226" alt="Screenshot 2025-11-12 at 11 00 15"
src="https://github.com/user-attachments/assets/2f9bee3e-7ac4-4382-b1c3-1d06bbc2906e "
/>
## Changes
- Populate `current_state` with descriptive initialization messages when
task status is `initializing` and no valid app status exists for the
current build
- **dbfake**: Fix `WorkspaceBuild` builder to properly handle
pending/running jobs by linking tasks without requiring agent/app
resources
**Note:** UI Storybook changes to reflect these new messages will be
addressed in a follow-up PR.
Closes: https://github.com/coder/internal/issues/1063
2025-11-17 13:24:12 +00:00
355150072b
chore: bump ubuntu from 0950623 to 104ae83 in /dogfood/coder ( #20797 )
...
Bumps ubuntu from `0950623` to `104ae83`.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-17 12:23:50 +00:00
ad3e8885e4
chore: bump rust from d9ba801 to cef0ec9 in /dogfood/coder ( #20798 )
...
Bumps rust from `d9ba801` to `cef0ec9`.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-17 12:23:46 +00:00
0b0813e30c
ci: bump the github-actions group with 3 updates ( #20796 )
...
Bumps the github-actions group with 3 updates:
[crate-ci/typos](https://github.com/crate-ci/typos ),
[peter-evans/repository-dispatch](https://github.com/peter-evans/repository-dispatch )
and [github/codeql-action](https://github.com/github/codeql-action ).
Updates `crate-ci/typos` from 1.39.0 to 1.39.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/crate-ci/typos/releases ">crate-ci/typos's
releases</a>.</em></p>
<blockquote>
<h2>v1.39.2</h2>
<h2>[1.39.2] - 2025-11-13</h2>
<h3>Fixes</h3>
<ul>
<li>Don't offer <code>entry</code> as a correction for
<code>entrys</code></li>
</ul>
<h2>v1.39.1</h2>
<h2>[1.39.1] - 2025-11-12</h2>
<h3>Features</h3>
<ul>
<li>Make <code>--help</code> more vibrant</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md ">crate-ci/typos's
changelog</a>.</em></p>
<blockquote>
<h1>Change Log</h1>
<p>All notable changes to this project will be documented in this
file.</p>
<p>The format is based on <a href="https://keepachangelog.com/ ">Keep a
Changelog</a>
and this project adheres to <a href="https://semver.org/ ">Semantic
Versioning</a>.</p>
<!-- raw HTML omitted -->
<h2>[Unreleased] - ReleaseDate</h2>
<h2>[1.39.2] - 2025-11-13</h2>
<h3>Fixes</h3>
<ul>
<li>Don't offer <code>entry</code> as a correction for
<code>entrys</code></li>
</ul>
<h2>[1.39.1] - 2025-11-12</h2>
<h3>Features</h3>
<ul>
<li>Make <code>--help</code> more vibrant</li>
</ul>
<h2>[1.39.0] - 2025-10-31</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1383 ">October
2025</a> changes</li>
</ul>
<h3>Fixes</h3>
<ul>
<li>When a typo is pluralized, prefer pluralized corrections</li>
</ul>
<h2>[1.38.1] - 2025-10-07</h2>
<h3>Fixes</h3>
<ul>
<li>Ignore common golang identifiers</li>
</ul>
<h2>[1.38.0] - 2025-10-06</h2>
<h3>Features</h3>
<ul>
<li>Update type list</li>
</ul>
<h3>Fixes</h3>
<ul>
<li>Don't correct <code>typ</code></li>
<li>Consistently error on unused config fields</li>
</ul>
<h2>[1.37.3] - 2025-10-06</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/crate-ci/typos/commit/626c4bedb751ce0b7f03262ca97ddda9a076ae1c "><code>626c4be</code></a>
chore: Release</li>
<li><a
href="https://github.com/crate-ci/typos/commit/c6b458db05d00c3037bc9a1102b84febc9fff2f4 "><code>c6b458d</code></a>
docs: Update changelog</li>
<li><a
href="https://github.com/crate-ci/typos/commit/eed04198a67af7f32b16141261aa8f911cba1f5f "><code>eed0419</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1423 ">#1423</a>
from epage/entrys</li>
<li><a
href="https://github.com/crate-ci/typos/commit/40383f41a2f90743ef28b8c8b1c2d5a42b7651a0 "><code>40383f4</code></a>
fix(dict): Don't offer 'entry' as a correction for 'entrys'</li>
<li><a
href="https://github.com/crate-ci/typos/commit/1af53e3774f068183ffd0c7193eb061a2b65a531 "><code>1af53e3</code></a>
chore: Release</li>
<li><a
href="https://github.com/crate-ci/typos/commit/e5d291b81a9bd645c218da268c94df78b6e5e605 "><code>e5d291b</code></a>
docs: Update changelog</li>
<li><a
href="https://github.com/crate-ci/typos/commit/55474f5ff9f9a923f4e1a218c9b39271517d847e "><code>55474f5</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1417 ">#1417</a>
from starsep/colorful_help</li>
<li><a
href="https://github.com/crate-ci/typos/commit/78b93759507833a789853c44a1d9a767fcd15024 "><code>78b9375</code></a>
feat: Enable colors for typos --help</li>
<li><a
href="https://github.com/crate-ci/typos/commit/308f8f5788c91e7d099279f046cdbc3662956dcd "><code>308f8f5</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1409 ">#1409</a>
from crate-ci/renovate/actions-download-artifact-6.x</li>
<li><a
href="https://github.com/crate-ci/typos/commit/cf03418f507191943e33099ce6ba74c4c79b0257 "><code>cf03418</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1410 ">#1410</a>
from crate-ci/renovate/actions-setup-python-6.x</li>
<li>Additional commits viewable in <a
href="https://github.com/crate-ci/typos/compare/07d900b8fa1097806b8adb6391b0d3e0ac2fdea7...626c4bedb751ce0b7f03262ca97ddda9a076ae1c ">compare
view</a></li>
</ul>
</details>
<br />
Updates `peter-evans/repository-dispatch` from 4.0.0 to 4.0.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/peter-evans/repository-dispatch/releases ">peter-evans/repository-dispatch's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.1</h2>
<h2>What's Changed</h2>
<ul>
<li>build(deps): bump peter-evans/repository-dispatch from 3 to 4 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/peter-evans/repository-dispatch/pull/428 ">peter-evans/repository-dispatch#428</a></li>
<li>build(deps-dev): bump <code>@types/node</code> from 18.19.127 to
18.19.129 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/peter-evans/repository-dispatch/pull/429 ">peter-evans/repository-dispatch#429</a></li>
<li>build(deps): bump the github-actions group with 3 updates by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/peter-evans/repository-dispatch/pull/431 ">peter-evans/repository-dispatch#431</a></li>
<li>build(deps-dev): bump <code>@types/node</code> from 18.19.129 to
18.19.130 in the npm group by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/peter-evans/repository-dispatch/pull/432 ">peter-evans/repository-dispatch#432</a></li>
<li>Fix node version in actions.yml by <a
href="https://github.com/peter-evans "><code>@peter-evans</code></a> in
<a
href="https://redirect.github.com/peter-evans/repository-dispatch/pull/433 ">peter-evans/repository-dispatch#433</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/peter-evans/repository-dispatch/compare/v4.0.0...v4.0.1 ">https://github.com/peter-evans/repository-dispatch/compare/v4.0.0...v4.0.1 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/peter-evans/repository-dispatch/commit/28959ce8df70de7be546dd1250a005dd32156697 "><code>28959ce</code></a>
Fix node version in actions.yml (<a
href="https://redirect.github.com/peter-evans/repository-dispatch/issues/433 ">#433</a>)</li>
<li><a
href="https://github.com/peter-evans/repository-dispatch/commit/25d29c2bbf9b1fd1e3e924e485d754498fdc84fd "><code>25d29c2</code></a>
build(deps-dev): bump <code>@types/node</code> in the npm group (<a
href="https://redirect.github.com/peter-evans/repository-dispatch/issues/432 ">#432</a>)</li>
<li><a
href="https://github.com/peter-evans/repository-dispatch/commit/830136c66487b256600fec7788578990092647bc "><code>830136c</code></a>
build(deps): bump the github-actions group with 3 updates (<a
href="https://redirect.github.com/peter-evans/repository-dispatch/issues/431 ">#431</a>)</li>
<li><a
href="https://github.com/peter-evans/repository-dispatch/commit/2c856c63feddee6147cab2f38801935b6a59a765 "><code>2c856c6</code></a>
ci: update dependabot config</li>
<li><a
href="https://github.com/peter-evans/repository-dispatch/commit/66739071c2122a05106fc2a2c306fdaf33bb9cda "><code>6673907</code></a>
build(deps-dev): bump <code>@types/node</code> from 18.19.127 to
18.19.129 (<a
href="https://redirect.github.com/peter-evans/repository-dispatch/issues/429 ">#429</a>)</li>
<li><a
href="https://github.com/peter-evans/repository-dispatch/commit/952a211c1efd1abc91cf289f80655b4692ba8cff "><code>952a211</code></a>
build(deps): bump peter-evans/repository-dispatch from 3 to 4 (<a
href="https://redirect.github.com/peter-evans/repository-dispatch/issues/428 ">#428</a>)</li>
<li>See full diff in <a
href="https://github.com/peter-evans/repository-dispatch/compare/5fc4efd1a4797ddb68ffd0714a238564e4cc0e6f...28959ce8df70de7be546dd1250a005dd32156697 ">compare
view</a></li>
</ul>
</details>
<br />
Updates `github/codeql-action` from 4.31.2 to 4.31.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases ">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.31.3</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases ">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>4.31.3 - 13 Nov 2025</h2>
<ul>
<li>CodeQL Action v3 will be deprecated in December 2026. The Action now
logs a warning for customers who are running v3 but could be running v4.
For more information, see <a
href="https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/ ">Upcoming
deprecation of CodeQL Action v3</a>.</li>
<li>Update default CodeQL bundle version to 2.23.5. <a
href="https://redirect.github.com/github/codeql-action/pull/3288 ">#3288</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v4.31.3/CHANGELOG.md ">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md ">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases ">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>4.31.3 - 13 Nov 2025</h2>
<ul>
<li>CodeQL Action v3 will be deprecated in December 2026. The Action now
logs a warning for customers who are running v3 but could be running v4.
For more information, see <a
href="https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/ ">Upcoming
deprecation of CodeQL Action v3</a>.</li>
<li>Update default CodeQL bundle version to 2.23.5. <a
href="https://redirect.github.com/github/codeql-action/pull/3288 ">#3288</a></li>
</ul>
<h2>4.31.2 - 30 Oct 2025</h2>
<p>No user facing changes.</p>
<h2>4.31.1 - 30 Oct 2025</h2>
<ul>
<li>The <code>add-snippets</code> input has been removed from the
<code>analyze</code> action. This input has been deprecated since CodeQL
Action 3.26.4 in August 2024 when this removal was announced.</li>
</ul>
<h2>4.31.0 - 24 Oct 2025</h2>
<ul>
<li>Bump minimum CodeQL bundle version to 2.17.6. <a
href="https://redirect.github.com/github/codeql-action/pull/3223 ">#3223</a></li>
<li>When SARIF files are uploaded by the <code>analyze</code> or
<code>upload-sarif</code> actions, the CodeQL Action automatically
performs post-processing steps to prepare the data for the upload.
Previously, these post-processing steps were only performed before an
upload took place. We are now changing this so that the post-processing
steps will always be performed, even when the SARIF files are not
uploaded. This does not change anything for the
<code>upload-sarif</code> action. For <code>analyze</code>, this may
affect Advanced Setup for CodeQL users who specify a value other than
<code>always</code> for the <code>upload</code> input. <a
href="https://redirect.github.com/github/codeql-action/pull/3222 ">#3222</a></li>
</ul>
<h2>4.30.9 - 17 Oct 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.23.3. <a
href="https://redirect.github.com/github/codeql-action/pull/3205 ">#3205</a></li>
<li>Experimental: A new <code>setup-codeql</code> action has been added
which is similar to <code>init</code>, except it only installs the
CodeQL CLI and does not initialize a database. Do not use this in
production as it is part of an internal experiment and subject to change
at any time. <a
href="https://redirect.github.com/github/codeql-action/pull/3204 ">#3204</a></li>
</ul>
<h2>4.30.8 - 10 Oct 2025</h2>
<p>No user facing changes.</p>
<h2>4.30.7 - 06 Oct 2025</h2>
<ul>
<li>[v4+ only] The CodeQL Action now runs on Node.js v24. <a
href="https://redirect.github.com/github/codeql-action/pull/3169 ">#3169</a></li>
</ul>
<h2>3.30.6 - 02 Oct 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.23.2. <a
href="https://redirect.github.com/github/codeql-action/pull/3168 ">#3168</a></li>
</ul>
<h2>3.30.5 - 26 Sep 2025</h2>
<ul>
<li>We fixed a bug that was introduced in <code>3.30.4</code> with
<code>upload-sarif</code> which resulted in files without a
<code>.sarif</code> extension not getting uploaded. <a
href="https://redirect.github.com/github/codeql-action/pull/3160 ">#3160</a></li>
</ul>
<h2>3.30.4 - 25 Sep 2025</h2>
<ul>
<li>We have improved the CodeQL Action's ability to validate that the
workflow it is used in does not use different versions of the CodeQL
Action for different workflow steps. Mixing different versions of the
CodeQL Action in the same workflow is unsupported and can lead to
unpredictable results. A warning will now be emitted from the
<code>codeql-action/init</code> step if different versions of the CodeQL
Action are detected in the workflow file. Additionally, an error will
now be thrown by the other CodeQL Action steps if they load a
configuration file that was generated by a different version of the
<code>codeql-action/init</code> step. <a
href="https://redirect.github.com/github/codeql-action/pull/3099 ">#3099</a>
and <a
href="https://redirect.github.com/github/codeql-action/pull/3100 ">#3100</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/014f16e7ab1402f30e7c3329d33797e7948572db "><code>014f16e</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3293 ">#3293</a>
from github/update-v4.31.3-8c10e89c7</li>
<li><a
href="https://github.com/github/codeql-action/commit/14d898ef09787f3258d7542ed62ad3da38295b68 "><code>14d898e</code></a>
Update changelog for v4.31.3</li>
<li><a
href="https://github.com/github/codeql-action/commit/8c10e89c78c754f211c440ce6999ed8668811c3b "><code>8c10e89</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3288 ">#3288</a>
from github/update-bundle/codeql-bundle-v2.23.5</li>
<li><a
href="https://github.com/github/codeql-action/commit/9777b01a4952c6266ad795197c2dd702065a6d19 "><code>9777b01</code></a>
Merge branch 'main' into update-bundle/codeql-bundle-v2.23.5</li>
<li><a
href="https://github.com/github/codeql-action/commit/456a74a6faf33b08baa780e0bf31b41fabd1ca35 "><code>456a74a</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3289 ">#3289</a>
from github/mbg/ci/setup-dotnet</li>
<li><a
href="https://github.com/github/codeql-action/commit/3fac49c14012959fab197865a1813bffe8a04dd1 "><code>3fac49c</code></a>
Update remaining workflows</li>
<li><a
href="https://github.com/github/codeql-action/commit/38a3a7258f252b705a070bd91df7a72a50d61318 "><code>38a3a72</code></a>
Enable <code>installDotNet</code> in all workflows that analyse C#</li>
<li><a
href="https://github.com/github/codeql-action/commit/58c9eb6c034b7054387301aa21926d94da049b69 "><code>58c9eb6</code></a>
Add <code>global.json</code></li>
<li><a
href="https://github.com/github/codeql-action/commit/f20e02164a8bd2f32913932752d67ee2bbf22246 "><code>f20e021</code></a>
Add support for adding <code>setup-dotnet</code> steps to
<code>sync.sh</code></li>
<li><a
href="https://github.com/github/codeql-action/commit/8d3d4001e38901ebbee39c134163b67198c956f7 "><code>8d3d400</code></a>
Add changelog note</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/0499de31b99561a6d14a36a5f662c2a54f91beee...014f16e7ab1402f30e7c3329d33797e7948572db ">compare
view</a></li>
</ul>
</details>
<br />
<details>
<summary>Most Recent Ignore Conditions Applied to This Pull
Request</summary>
| Dependency Name | Ignore Conditions |
| --- | --- |
| crate-ci/typos | [>= 1.30.a, < 1.31] |
</details>
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-17 12:19:23 +00:00
430c8c2dd2
chore: bump github.com/anthropics/anthropic-sdk-go from 1.17.0 to 1.18.0 ( #20795 )
...
Bumps
[github.com/anthropics/anthropic-sdk-go](https://github.com/anthropics/anthropic-sdk-go )
from 1.17.0 to 1.18.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anthropics/anthropic-sdk-go/releases ">github.com/anthropics/anthropic-sdk-go's
releases</a>.</em></p>
<blockquote>
<h2>v1.18.0</h2>
<h2>1.18.0 (2025-11-14)</h2>
<p>Full Changelog: <a
href="https://github.com/anthropics/anthropic-sdk-go/compare/v1.17.0...v1.18.0 ">v1.17.0...v1.18.0</a></p>
<h3>Features</h3>
<ul>
<li><strong>api:</strong> add support for structured outputs beta (<a
href="https://github.com/anthropics/anthropic-sdk-go/commit/fb9cfb4e4b571d5fec7da9874610aa8820aee80c ">fb9cfb4</a>)</li>
</ul>
<h3>Chores</h3>
<ul>
<li>bump gjson version (<a
href="https://github.com/anthropics/anthropic-sdk-go/commit/69b5e0e40757884bece66397fb6ca769f4e00118 ">69b5e0e</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/anthropics/anthropic-sdk-go/blob/main/CHANGELOG.md ">github.com/anthropics/anthropic-sdk-go's
changelog</a>.</em></p>
<blockquote>
<h2>1.18.0 (2025-11-14)</h2>
<p>Full Changelog: <a
href="https://github.com/anthropics/anthropic-sdk-go/compare/v1.17.0...v1.18.0 ">v1.17.0...v1.18.0</a></p>
<h3>Features</h3>
<ul>
<li><strong>api:</strong> add support for structured outputs beta (<a
href="https://github.com/anthropics/anthropic-sdk-go/commit/fb9cfb4e4b571d5fec7da9874610aa8820aee80c ">fb9cfb4</a>)</li>
</ul>
<h3>Chores</h3>
<ul>
<li>bump gjson version (<a
href="https://github.com/anthropics/anthropic-sdk-go/commit/69b5e0e40757884bece66397fb6ca769f4e00118 ">69b5e0e</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/anthropics/anthropic-sdk-go/commit/f4266c4d6cb52f0efd239777f322db2387168334 "><code>f4266c4</code></a>
release: 1.18.0</li>
<li><a
href="https://github.com/anthropics/anthropic-sdk-go/commit/e3776089b6095d27726c31d82a8e2c9f12bd0cf1 "><code>e377608</code></a>
feat(api): add support for structured outputs beta</li>
<li><a
href="https://github.com/anthropics/anthropic-sdk-go/commit/fc01187b262243230c5f5a89c08d835d65b17c6d "><code>fc01187</code></a>
codegen metadata</li>
<li><a
href="https://github.com/anthropics/anthropic-sdk-go/commit/4e9c5a8a928a43e81a133a18ef0396907d833c6a "><code>4e9c5a8</code></a>
codegen metadata</li>
<li>See full diff in <a
href="https://github.com/anthropics/anthropic-sdk-go/compare/v1.17.0...v1.18.0 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-17 12:15:11 +00:00
1c15534c98
chore: bump the x group with 6 updates ( #20792 )
...
[//]: # (dependabot-start)
⚠️ **Dependabot is rebasing this PR** ⚠️
Rebasing might not happen immediately, so don't worry if this takes some
time.
Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.
---
[//]: # (dependabot-end)
Bumps the x group with 6 updates:
| Package | From | To |
| --- | --- | --- |
| [golang.org/x/crypto](https://github.com/golang/crypto ) | `0.43.0` |
`0.44.0` |
| [golang.org/x/mod](https://github.com/golang/mod ) | `0.29.0` |
`0.30.0` |
| [golang.org/x/net](https://github.com/golang/net ) | `0.46.0` |
`0.47.0` |
| [golang.org/x/term](https://github.com/golang/term ) | `0.36.0` |
`0.37.0` |
| [golang.org/x/text](https://github.com/golang/text ) | `0.30.0` |
`0.31.0` |
| [golang.org/x/tools](https://github.com/golang/tools ) | `0.38.0` |
`0.39.0` |
Updates `golang.org/x/crypto` from 0.43.0 to 0.44.0
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/golang/crypto/commit/122a78f140d9d3303ed3261bc374bbbca149140f "><code>122a78f</code></a>
go.mod: update golang.org/x dependencies</li>
<li><a
href="https://github.com/golang/crypto/commit/c0531f9c34514ad5c5551e2d6ce569ca673a8afd "><code>c0531f9</code></a>
all: eliminate vet diagnostics</li>
<li><a
href="https://github.com/golang/crypto/commit/0997000b45e3a40598272081bcad03ffd21b8adb "><code>0997000</code></a>
all: fix some comments</li>
<li><a
href="https://github.com/golang/crypto/commit/017a1aaa2d993492ef6f74ebe7c87f33d82d3717 "><code>017a1aa</code></a>
chacha20poly1305: panic on dst and additionalData overlap</li>
<li><a
href="https://github.com/golang/crypto/commit/cf29fa96f8b66328e59829f064539321159bfa5b "><code>cf29fa9</code></a>
sha3: make it mostly a wrapper around crypto/sha3</li>
<li><a
href="https://github.com/golang/crypto/commit/0b7aa0cfb07b6b13ead990b67cb3cb8639871f90 "><code>0b7aa0c</code></a>
ssh: use reflect.TypeFor instead of reflect.TypeOf</li>
<li><a
href="https://github.com/golang/crypto/commit/1faea2975ced2153e5086c1ee135f983db10150a "><code>1faea29</code></a>
all: fix some typos in comment</li>
<li>See full diff in <a
href="https://github.com/golang/crypto/compare/v0.43.0...v0.44.0 ">compare
view</a></li>
</ul>
</details>
<br />
Updates `golang.org/x/mod` from 0.29.0 to 0.30.0
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/golang/mod/commit/7416265ac6eca137286fb2adcc87f9feec458b4c "><code>7416265</code></a>
go.mod: update golang.org/x dependencies</li>
<li><a
href="https://github.com/golang/mod/commit/5517a715a62aaf2d2ab02e64ce67586c60767e8f "><code>5517a71</code></a>
all: fix some comments</li>
<li><a
href="https://github.com/golang/mod/commit/b6cdd1a97c6a688a6a842cdc667ec2e68174ba9d "><code>b6cdd1a</code></a>
modfile: use reflect.TypeFor instead of reflect.TypeOf</li>
<li>See full diff in <a
href="https://github.com/golang/mod/compare/v0.29.0...v0.30.0 ">compare
view</a></li>
</ul>
</details>
<br />
Updates `golang.org/x/net` from 0.46.0 to 0.47.0
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/golang/net/commit/9a296438e54dff851a45667aa645a97003b44db5 "><code>9a29643</code></a>
go.mod: update golang.org/x dependencies</li>
<li><a
href="https://github.com/golang/net/commit/07cefd8a6bb170785052142a96034f2b2f7115bc "><code>07cefd8</code></a>
context: deprecate</li>
<li><a
href="https://github.com/golang/net/commit/5ac9daca088ab4f378d7df849f6c7d28bea86071 "><code>5ac9dac</code></a>
publicsuffix: don't treat ip addresses as domain names</li>
<li><a
href="https://github.com/golang/net/commit/d1f64cc67036f272ea900194674afcf71eb3e816 "><code>d1f64cc</code></a>
quic: use testing/synctest</li>
<li><a
href="https://github.com/golang/net/commit/fff0469cf57f71bea0cbc4cc8cbfb8f92be7a417 "><code>fff0469</code></a>
http2: document that RFC 7540 prioritization does not work with small
payloads</li>
<li><a
href="https://github.com/golang/net/commit/f35e3a4dd2a34d1d47fac5b66210a40e2d374a79 "><code>f35e3a4</code></a>
http2: fix weight overflow in RFC 7540 write scheduler</li>
<li><a
href="https://github.com/golang/net/commit/89adc90ac46a688eeda3a4a95b71acf073bd059c "><code>89adc90</code></a>
http2: fix typo referring to RFC 9218 as RFC 9128 instead</li>
<li><a
href="https://github.com/golang/net/commit/8d76a2c082f6f995c2ef1ce8a0d56f2e33b48092 "><code>8d76a2c</code></a>
quic: don't defer MAX_STREAMS frames indefinitely</li>
<li><a
href="https://github.com/golang/net/commit/027f8b700eb72af5c0175a945535a42670628351 "><code>027f8b7</code></a>
quic: fix expected ACK Delay in client's ACK after HANDSHAKE_DONE</li>
<li><a
href="https://github.com/golang/net/commit/dec9fe711ec1385a2aa169a3f8145d295abcca16 "><code>dec9fe7</code></a>
dns/dnsmessage: update SVCB packing to prohibit name compression</li>
<li>Additional commits viewable in <a
href="https://github.com/golang/net/compare/v0.46.0...v0.47.0 ">compare
view</a></li>
</ul>
</details>
<br />
Updates `golang.org/x/term` from 0.36.0 to 0.37.0
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/golang/term/commit/1231d5465be98a7c5f01140358c142d365d4fbb6 "><code>1231d54</code></a>
go.mod: update golang.org/x dependencies</li>
<li><a
href="https://github.com/golang/term/commit/3475bc8ef1a53c8b2f1fa69d5f804135ca97f035 "><code>3475bc8</code></a>
term: fix some comments</li>
<li>See full diff in <a
href="https://github.com/golang/term/compare/v0.36.0...v0.37.0 ">compare
view</a></li>
</ul>
</details>
<br />
Updates `golang.org/x/text` from 0.30.0 to 0.31.0
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/golang/text/commit/e7ff6b3572e1a83c072ef150c985f86603986e1b "><code>e7ff6b3</code></a>
go.mod: update golang.org/x dependencies</li>
<li><a
href="https://github.com/golang/text/commit/fbf012b8c1140cde0210e241356553d0000332e8 "><code>fbf012b</code></a>
all: use reflect.TypeFor instead of reflect.TypeOf</li>
<li>See full diff in <a
href="https://github.com/golang/text/compare/v0.30.0...v0.31.0 ">compare
view</a></li>
</ul>
</details>
<br />
Updates `golang.org/x/tools` from 0.38.0 to 0.39.0
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/golang/tools/commit/034e59c473362f8f2be47694d98fd3f12a1ad497 "><code>034e59c</code></a>
internal/analysis/analyzerutil: fix FileUsesGoVersion</li>
<li><a
href="https://github.com/golang/tools/commit/076bd8052bceea0f0fdb90b2ec9205c8cbf5b00d "><code>076bd80</code></a>
gopls/internal/filewatcher: retry directory reading upon failure</li>
<li><a
href="https://github.com/golang/tools/commit/605803fb4494b25a23ab310776fea0fa1250f5c8 "><code>605803f</code></a>
go/analysis/passes/loopclosure: simplify using IsMethodNamed</li>
<li><a
href="https://github.com/golang/tools/commit/2c6e03f2da11279a147c887c2babfa5daa8f8f02 "><code>2c6e03f</code></a>
internal/testenv: allow Apple diff too</li>
<li><a
href="https://github.com/golang/tools/commit/82112c070f1367acf2fd846c2db5eb4208995893 "><code>82112c0</code></a>
gopls/internal/settings: correct git issue for fieldalignment
warning</li>
<li><a
href="https://github.com/golang/tools/commit/1f978562b5d8e9396610d2b52f5e6c7584eb6eef "><code>1f97856</code></a>
go.mod: update golang.org/x dependencies</li>
<li><a
href="https://github.com/golang/tools/commit/c24121c97d900d2a5ba384cc97dedf0de3e18f34 "><code>c24121c</code></a>
go/analysis/passes/modernize: stditerators: even better name
heuristic</li>
<li><a
href="https://github.com/golang/tools/commit/edb958762845d4f1feb4ec79582b2ea8b02533be "><code>edb9587</code></a>
go/analysis/passes/modernize: stditerators: better name heuristic</li>
<li><a
href="https://github.com/golang/tools/commit/2f6a4f9b3cb8896e8e9cd7c18d610299d0e92b32 "><code>2f6a4f9</code></a>
go/analysis/passes/modernize: forvar: handle "if v := v; cond
{"</li>
<li><a
href="https://github.com/golang/tools/commit/efd8c43777a5aace999c8162ee81f4b8c9c0695c "><code>efd8c43</code></a>
go/analysis: don't apply fixes to generated files</li>
<li>Additional commits viewable in <a
href="https://github.com/golang/tools/compare/v0.38.0...v0.39.0 ">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-17 12:14:53 +00:00
04cf5f8690
chore: bump google.golang.org/api from 0.255.0 to 0.256.0 ( #20794 )
...
Bumps
[google.golang.org/api](https://github.com/googleapis/google-api-go-client )
from 0.255.0 to 0.256.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/googleapis/google-api-go-client/releases ">google.golang.org/api's
releases</a>.</em></p>
<blockquote>
<h2>v0.256.0</h2>
<h2><a
href="https://github.com/googleapis/google-api-go-client/compare/v0.255.0...v0.256.0 ">0.256.0</a>
(2025-11-10)</h2>
<h3>Features</h3>
<ul>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3366 ">#3366</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/997c613e70ddbf1483e4212641cb09db86f7716b ">997c613</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3368 ">#3368</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/57e958d22096bca64db83dc7888f248f0d8a6bc4 ">57e958d</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3369 ">#3369</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/5d436f7172766d9dab04cfcf3dd0e5054228a084 ">5d436f7</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3370 ">#3370</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/140a610ace04e635f919acf8f7a5441d1d4546b9 ">140a610</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3371 ">#3371</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/39a2bc07bfc4693cf0a99de0fe70807783471e99 ">39a2bc0</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md ">google.golang.org/api's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/googleapis/google-api-go-client/compare/v0.255.0...v0.256.0 ">0.256.0</a>
(2025-11-10)</h2>
<h3>Features</h3>
<ul>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3366 ">#3366</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/997c613e70ddbf1483e4212641cb09db86f7716b ">997c613</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3368 ">#3368</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/57e958d22096bca64db83dc7888f248f0d8a6bc4 ">57e958d</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3369 ">#3369</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/5d436f7172766d9dab04cfcf3dd0e5054228a084 ">5d436f7</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3370 ">#3370</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/140a610ace04e635f919acf8f7a5441d1d4546b9 ">140a610</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3371 ">#3371</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/39a2bc07bfc4693cf0a99de0fe70807783471e99 ">39a2bc0</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/811ba14d5fc1b87bd0058d49b80293164db986fa "><code>811ba14</code></a>
chore(main): release 0.256.0 (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3367 ">#3367</a>)</li>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/11afd811cc00001a2691e5086db1824d94c141cb "><code>11afd81</code></a>
chore(all): update all (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3372 ">#3372</a>)</li>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/39a2bc07bfc4693cf0a99de0fe70807783471e99 "><code>39a2bc0</code></a>
feat(all): auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3371 ">#3371</a>)</li>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/140a610ace04e635f919acf8f7a5441d1d4546b9 "><code>140a610</code></a>
feat(all): auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3370 ">#3370</a>)</li>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/5d436f7172766d9dab04cfcf3dd0e5054228a084 "><code>5d436f7</code></a>
feat(all): auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3369 ">#3369</a>)</li>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/57e958d22096bca64db83dc7888f248f0d8a6bc4 "><code>57e958d</code></a>
feat(all): auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3368 ">#3368</a>)</li>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/997c613e70ddbf1483e4212641cb09db86f7716b "><code>997c613</code></a>
feat(all): auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3366 ">#3366</a>)</li>
<li>See full diff in <a
href="https://github.com/googleapis/google-api-go-client/compare/v0.255.0...v0.256.0 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-17 12:14:37 +00:00
897286f335
test: fix flake in scaletest/workspaceupdates/TestRun ( #20773 )
...
Closes https://github.com/coder/internal/issues/1127
In the workspace updates scaletest load generator, we end the test once all clients have seen a workspace update for their workspace. These workspace updates are generated when the workspace is created, NOT when the workspace build has finished.
This means when the runner goes to clean up the workspaces, they may still be building. The runner attempts to address this by cancelling the build, but that fails with a 403 since the runner users don't have permission.
The fix is to simply always wait for the build to finish, regardless of whether we were able to successfully cancel it.
In this test it's probably faster to just wait for the build to finish then the overhead of cancelling it, so that's what I've gone with here.
2025-11-17 12:00:07 +11:00
5ee39e88a3
chore: rename cmux to mux in the dogfood template ( #20787 )
...
<!--
If you have used AI to produce some or all of this PR, please ensure you
have read our [AI Contribution
guidelines](https://coder.com/docs/about/contributing/AI_CONTRIBUTING )
before submitting.
-->
2025-11-16 00:49:06 +01:00
fa314fe7e5
fix(coderd/database): rename duplicate migration 397 to 398 ( #20783 )
...
Fix duplicate migration from #20683 .
2025-11-14 18:05:29 +00:00
1483fd11ff
fix(coderd/database): improve task status in tasks_with_status view ( #20683 )
...
This change restructures the `tasks_with_status` view query to:
- Improve debuggability by adding a `status_debug` column to better
understand the outcome
- Reduce clutter from `bool_or`, `bool_and` which are aggregate
functions that did not actually have serve a purpose (each join is 0-1
rows)
- Improve agent lifecycle state coverage, `start_timeout` and
`start_error` were omitted
- These states are easy to trigger even in a perfectly functioning
workspace/task so we now rely on app health to report whether or not
there was an issue
- Mark canceling and canceled workspace build jobs as error state
- Agent stop states were implicitly `unknown`, now there are explicit (I
initially considered `error`, could go either way)
2025-11-14 19:52:26 +02:00
6067aa3aa1
fix: correctly set touched for autofill dynamic parameters ( #20769 )
...
this resolves #20187
This bug was introduced in PR https://github.com/coder/coder/pull/18894
in CreateWorkspacePageViewExperimental.tsx
This PR made a change so that the entire parameter was used instead of
just the parameter name to mark an autofilled parameter as touched.
The fix here is to just use the parameter name.
2025-11-14 17:09:06 +00:00
f23836d426
chore: add more scopes to the curated catalog ( #20746 )
...
Just noticed when writing docs. These are probably obvious scopes to
allow
2025-11-14 08:30:10 -06:00
da9214e212
chore: add opencode icon ( #20670 )
...
Co-authored-by: 35C4n0r <work.jkmr@gmail.com >
2025-11-14 13:07:20 +00:00
79d46769fe
chore: remove warning for non-trackable workspace builds in metrics ( #20775 )
...
Previously, `UpdateWorkspaceTimingsMetrics` would log a warning for
workspace builds that aren't tracked (restarts, stops, subsequent builds
after creation). This was noisy since these are legitimate operations,
not errors.
`UpdateWorkspaceTimingsMetrics` is specifically designed to track only
workspace creation, prebuild creation, and prebuild claim timings.
Related with: https://github.com/coder/coder/pull/20772
2025-11-14 12:26:32 +00:00
86c4948445
chore: add timing flag context to warn message ( #20772 )
...
`prometheus.provisionerd_server_metrics: unsupported workspace timing
flags` appears in the logs, but without knowledge of the available flags
it's not possible to troubleshoot this.
Signed-off-by: Danny Kopping <danny@coder.com >
2025-11-14 10:10:53 +00:00
6bafbb7bc5
feat(cli): add prebuilds scaletest command ( #20600 )
...
Closes https://github.com/coder/internal/issues/914
2025-11-14 18:08:14 +11:00
b31d09865e
feat(scaletest): add runner for prebuilds ( #20571 )
...
Relates to https://github.com/coder/internal/issues/914
Adds a runner for scaletesting prebuilds. The runner uploads a no-op template with prebuilds, watches for the corresponding workspaces to be created, and then does the same to tear them down. I didn't originally plan on having metrics for the teardown, but I figured we might as well as it's still the same prebuilds reconciliation loop mechanism being tested.
2025-11-14 17:57:22 +11:00
Sas Swart