shishantbiswas/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2026-06-06 14:38:23 +00:00
Code Issues Packages Projects Releases Wiki Activity
12,434 Commits 1,149 Branches 344 Tags
1a774ab7ce99063a2e01beb94de3fcbccaf84dbe
Commit Graph

12434 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Marcin Tojek 8ac54534f4 feat: skip deprecated:false in templates search bar (#20274) 
Fixes: https://github.com/coder/coder/issues/19746
 2025-10-14 20:58:13 +02:00
Bruno Quaresma 3dd3859ebf chore: add task feedback dialog component (#20252) 
Related to https://github.com/coder/coder/issues/20214

This PR aims to add only the FE component for capturing user feedback
from tasks. Once the BE work is completed (in a separate PR), this
component will be triggered after a task is deleted.

The goal is to develop this feature in parallel.

**Screenshot:**
<img width="1206" height="727" alt="Screenshot 2025-10-09 at 14 31 53"
src="https://github.com/user-attachments/assets/1f92026c-8f05-4535-bbd6-85c4b107c037"
/>
 2025-10-14 13:47:02 -03:00
Cian Johnston 9f229370e7 feat(coderd/database): add ListTasks query (#20282) 
Relates to https://github.com/coder/internal/issues/981

Adds a `ListTasks` query that allows filtering by OwnerID and OrganizationID.
 2025-10-14 17:33:30 +01:00
Sas Swart 06db58771f docs: add troubleshooting steps for prebuilt workspaces (#20231) 
This PR adds troubleshooting steps to guide Coder operators when they
suspect that prebuilds might have overwhelmed their deployments.

Closes https://github.com/coder/coder/issues/19490

---------

Co-authored-by: Susana Ferreira <susana@coder.com>
 2025-10-14 13:20:43 +02:00
Cian Johnston 9c6be5bfe7 ci(.github/workflows/traiage.yaml): explicitly fetch comments in gh cli invocation (#20288) 
Closes https://github.com/coder/internal/issues/1053

Updated the `gh` command to fetch issue description with explicit JSON
fields and formatting.

Validated with manual workflow run:
https://github.com/coder/coder/actions/runs/18492815891/job/52690197479

Agent picked up additional instruction from comments:
https://github.com/coder/coder/compare/cian/traiage-gh-20085-18492815891

<img width="1339" height="406" alt="Screenshot 2025-10-14 at 11 02 36"
src="https://github.com/user-attachments/assets/c3daf103-3d88-4f11-b5ee-d3596912aaa8"
/>
 2025-10-14 11:25:18 +01:00
Paweł Banaszewski 152103bf78 fix: add default value for RevokeURL property in external auth config for GitHub (#20272) 
This PR adds setting default value of `RevokeURL` property of external
auth config for GitHub.
 2025-10-14 09:28:10 +02:00
Danielle Maywood 9158e46bda chore: upgrade coder/clistat to v1.1.0 (#20280) 
Upgrades coder/clistat to v1.1.0. This version contains a significant
refactor to the cgroupv2 implementation that improves how we calculate
memory and cpu limits.
 2025-10-13 15:11:34 +01:00
dependabot[bot] 5c8176b7ff chore: bump google.golang.org/api from 0.251.0 to 0.252.0 (#20266) 
Bumps
[google.golang.org/api](https://github.com/googleapis/google-api-go-client)
from 0.251.0 to 0.252.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/googleapis/google-api-go-client/releases">google.golang.org/api's
releases</a>.</em></p>
<blockquote>
<h2>v0.252.0</h2>
<h2><a
href="https://github.com/googleapis/google-api-go-client/compare/v0.251.0...v0.252.0">0.252.0</a>
(2025-10-07)</h2>
<h3>Features</h3>
<ul>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3326">#3326</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/c9925454087ae745d966061b1e5e091236a23b73">c992545</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3328">#3328</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/b9b915b1d871407fd86912eaa5073dec1dd28cd0">b9b915b</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3330">#3330</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/fcb7723a725ee8eb73e0fb511c1d5b33c25ebd50">fcb7723</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3331">#3331</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/a67f44d16fb8ee506127e2d411b84e708d4fa4df">a67f44d</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3332">#3332</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/b9890fcd362e2b7fe6f2ec4b37257408d5f09edb">b9890fc</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3334">#3334</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/163216d91d6e20831b2cda5400aee0e587cfec18">163216d</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3336">#3336</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/2c4dd78944ebf9f04258ccea6800f57a7cdd8dae">2c4dd78</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md">google.golang.org/api's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/googleapis/google-api-go-client/compare/v0.251.0...v0.252.0">0.252.0</a>
(2025-10-07)</h2>
<h3>Features</h3>
<ul>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3326">#3326</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/c9925454087ae745d966061b1e5e091236a23b73">c992545</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3328">#3328</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/b9b915b1d871407fd86912eaa5073dec1dd28cd0">b9b915b</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3330">#3330</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/fcb7723a725ee8eb73e0fb511c1d5b33c25ebd50">fcb7723</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3331">#3331</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/a67f44d16fb8ee506127e2d411b84e708d4fa4df">a67f44d</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3332">#3332</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/b9890fcd362e2b7fe6f2ec4b37257408d5f09edb">b9890fc</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3334">#3334</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/163216d91d6e20831b2cda5400aee0e587cfec18">163216d</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3336">#3336</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/2c4dd78944ebf9f04258ccea6800f57a7cdd8dae">2c4dd78</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/88c288c3544fb39b71e48e545d4284f8ffe0c6a1"><code>88c288c</code></a>
chore(main): release 0.252.0 (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3327">#3327</a>)</li>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/2c4dd78944ebf9f04258ccea6800f57a7cdd8dae"><code>2c4dd78</code></a>
feat(all): auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3336">#3336</a>)</li>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/ceff1a1fca588d5f1e24d6ca53b8888d0c9175b2"><code>ceff1a1</code></a>
chore(all): update all (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3333">#3333</a>)</li>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/163216d91d6e20831b2cda5400aee0e587cfec18"><code>163216d</code></a>
feat(all): auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3334">#3334</a>)</li>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/b9890fcd362e2b7fe6f2ec4b37257408d5f09edb"><code>b9890fc</code></a>
feat(all): auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3332">#3332</a>)</li>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/a67f44d16fb8ee506127e2d411b84e708d4fa4df"><code>a67f44d</code></a>
feat(all): auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3331">#3331</a>)</li>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/4312741a471f572fe1ee6c0d00c9311265fc3e14"><code>4312741</code></a>
chore: update CODEOWNERS, remove blunderbuss (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3329">#3329</a>)</li>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/fcb7723a725ee8eb73e0fb511c1d5b33c25ebd50"><code>fcb7723</code></a>
feat(all): auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3330">#3330</a>)</li>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/b9b915b1d871407fd86912eaa5073dec1dd28cd0"><code>b9b915b</code></a>
feat(all): auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3328">#3328</a>)</li>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/c9925454087ae745d966061b1e5e091236a23b73"><code>c992545</code></a>
feat(all): auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3326">#3326</a>)</li>
<li>See full diff in <a
href="https://github.com/googleapis/google-api-go-client/compare/v0.251.0...v0.252.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=google.golang.org/api&package-manager=go_modules&previous-version=0.251.0&new-version=0.252.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-13 13:30:16 +00:00
dependabot[bot] 3d779c2093 chore: bump google.golang.org/grpc from 1.75.1 to 1.76.0 (#20277) 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from
1.75.1 to 1.76.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/grpc/grpc-go/releases">google.golang.org/grpc's
releases</a>.</em></p>
<blockquote>
<h2>Release 1.76.0</h2>
<h1>Dependencies</h1>
<ul>
<li>Minimum supported Go version is now 1.24 (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8509">#8509</a>)
<ul>
<li>Special Thanks: <a
href="https://github.com/kevinGC"><code>@​kevinGC</code></a></li>
</ul>
</li>
</ul>
<h1>Bug Fixes</h1>
<ul>
<li>client: Return status <code>INTERNAL</code> when a server sends zero
response messages for a unary or client-streaming RPC. (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8523">#8523</a>)</li>
<li>client: Fail RPCs with status <code>INTERNAL</code> instead of
<code>UNKNOWN</code> upon receiving http headers with status 1xx and
<code>END_STREAM</code> flag set. (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8518">#8518</a>)
<ul>
<li>Special Thanks: <a
href="https://github.com/vinothkumarr227"><code>@​vinothkumarr227</code></a></li>
</ul>
</li>
<li>pick_first: Fix race condition that could cause pick_first to get
stuck in <code>IDLE</code> state on backend address change. (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8615">#8615</a>)</li>
</ul>
<h1>New Features</h1>
<ul>
<li>credentials: Add <code>credentials/jwt</code> package providing
file-based JWT PerRPCCredentials (A97). (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8431">#8431</a>)
<ul>
<li>Special Thanks: <a
href="https://github.com/dimpavloff"><code>@​dimpavloff</code></a></li>
</ul>
</li>
</ul>
<h1>Performance Improvements</h1>
<ul>
<li>client: Improve HTTP/2 header size estimate to reduce
re-allocations. (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8547">#8547</a>)</li>
<li>encoding/proto: Avoid redundant message size calculation when
marshaling. (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8569">#8569</a>)
<ul>
<li>Special Thanks: <a
href="https://github.com/rs-unity"><code>@​rs-unity</code></a></li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/grpc/grpc-go/commit/d96c2ef4f3339142d20a47797d8a5a4fae948607"><code>d96c2ef</code></a>
Change version to 1.76.0 (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8584">#8584</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/79c553c64de01994d8b9dc0dcac6ed765ac7de50"><code>79c553c</code></a>
Cherry pick <a
href="https://redirect.github.com/grpc/grpc-go/issues/8610">#8610</a>,
<a href="https://redirect.github.com/grpc/grpc-go/issues/8615">#8615</a>
to v1.76.x (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8621">#8621</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/0513350812453ffc1fe7fd329817a16fb40a8cfe"><code>0513350</code></a>
client: minor improvements to log messages (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8564">#8564</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/ebaf486eab0fdf28996baf269064f83224538150"><code>ebaf486</code></a>
credentials: implement file-based JWT Call Credentials (part 1 for A97)
(<a
href="https://redirect.github.com/grpc/grpc-go/issues/8431">#8431</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/ca78c904b12dd41257291d6b9ba3309a18f0b277"><code>ca78c90</code></a>
xds/resolver_test: fix flaky test
ResolverBadServiceUpdate_NACKedWithoutCache...</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/83bead40c01c8c5b8407e4573203ab34dec76c78"><code>83bead4</code></a>
internal/buffer: set closed flag when closing channel in the Load method
(<a
href="https://redirect.github.com/grpc/grpc-go/issues/8575">#8575</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/0f45079e3826e866ff0d2034a8732c0a482e3170"><code>0f45079</code></a>
encoding/proto: enable use cached size option (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8569">#8569</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/8420f3ff9ce4617369e054cedb51fda6d45c3340"><code>8420f3f</code></a>
transport: avoid slice reallocation during header creation (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8547">#8547</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/b36320ef9aa22c1b3eedd607fec388fc61cc6583"><code>b36320e</code></a>
Revert &quot;stats/opentelemetry: record retry attempts from
clientStream (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8342">#8342</a>)&quot;...</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/c1222501e9eeb118d6f0df19fa9387fcb6e5a6a1"><code>c122250</code></a>
stats/opentelemetry: record retry attempts from clientStream (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8342">#8342</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/grpc/grpc-go/compare/v1.75.1...v1.76.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=google.golang.org/grpc&package-manager=go_modules&previous-version=1.75.1&new-version=1.76.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-13 13:14:01 +00:00
dependabot[bot] a10ca93c42 chore: bump alpine from 3.22.1 to 3.22.2 in /scripts (#20278) 
Bumps alpine from 3.22.1 to 3.22.2.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=alpine&package-manager=docker&previous-version=3.22.1&new-version=3.22.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-13 13:12:57 +00:00
dependabot[bot] 4a373ee6af chore: bump github.com/valyala/fasthttp from 1.66.0 to 1.67.0 (#20273) 
Bumps [github.com/valyala/fasthttp](https://github.com/valyala/fasthttp)
from 1.66.0 to 1.67.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/valyala/fasthttp/releases">github.com/valyala/fasthttp's
releases</a>.</em></p>
<blockquote>
<h2>v1.67.0</h2>
<p>Special thanks to the following security researchers who reported the
issues fixed in this release:</p>
<ul>
<li><a href="https://github.com/zer0yu"><code>@​zer0yu</code></a> (Enze
Wang)</li>
<li><a href="https://github.com/P3ngu1nW"><code>@​P3ngu1nW</code></a>
(Jingcheng Yang)</li>
<li><a href="https://github.com/9vvert"><code>@​9vvert</code></a> (Zehui
Miao)</li>
</ul>
<h2>What's Changed</h2>
<ul>
<li>Add DNS cache management methods for TCPDialer by <a
href="https://github.com/aabishkaryal"><code>@​aabishkaryal</code></a>
in <a
href="https://redirect.github.com/valyala/fasthttp/pull/2072">valyala/fasthttp#2072</a></li>
<li>Fix username:password@ validation in urls by <a
href="https://github.com/erikdubbelboer"><code>@​erikdubbelboer</code></a>
in <a
href="https://redirect.github.com/valyala/fasthttp/pull/2080">valyala/fasthttp#2080</a></li>
<li>Validate IPv6 addresses in urls by <a
href="https://github.com/erikdubbelboer"><code>@​erikdubbelboer</code></a>
in <a
href="https://redirect.github.com/valyala/fasthttp/pull/2079">valyala/fasthttp#2079</a></li>
<li>Validate schemes by <a
href="https://github.com/erikdubbelboer"><code>@​erikdubbelboer</code></a>
in <a
href="https://redirect.github.com/valyala/fasthttp/pull/2078">valyala/fasthttp#2078</a></li>
<li>Reject invalid hosts with multiple port delimiters by <a
href="https://github.com/erikdubbelboer"><code>@​erikdubbelboer</code></a>
in <a
href="https://redirect.github.com/valyala/fasthttp/pull/2077">valyala/fasthttp#2077</a></li>
<li>Reject backslash absolute URIs and cache parse errors by <a
href="https://github.com/erikdubbelboer"><code>@​erikdubbelboer</code></a>
in <a
href="https://redirect.github.com/valyala/fasthttp/pull/2075">valyala/fasthttp#2075</a></li>
<li>Reject bad ipv6 hostnames by <a
href="https://github.com/erikdubbelboer"><code>@​erikdubbelboer</code></a>
in <a
href="https://redirect.github.com/valyala/fasthttp/pull/2076">valyala/fasthttp#2076</a></li>
<li>Reimplement flushing support for fasthttpadaptor by <a
href="https://github.com/erikdubbelboer"><code>@​erikdubbelboer</code></a>
in <a
href="https://redirect.github.com/valyala/fasthttp/pull/2081">valyala/fasthttp#2081</a></li>
<li>chore(deps): bump securego/gosec from 2.22.8 to 2.22.9 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/valyala/fasthttp/pull/2073">valyala/fasthttp#2073</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/aabishkaryal"><code>@​aabishkaryal</code></a>
made their first contribution in <a
href="https://redirect.github.com/valyala/fasthttp/pull/2072">valyala/fasthttp#2072</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/valyala/fasthttp/compare/v1.66.0...v1.67.0">https://github.com/valyala/fasthttp/compare/v1.66.0...v1.67.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/valyala/fasthttp/commit/b26ff4866918a81247d8ce1cbfe07c7da63b2940"><code>b26ff48</code></a>
chore(deps): bump golang.org/x/net from 0.44.0 to 0.45.0 (<a
href="https://redirect.github.com/valyala/fasthttp/issues/2084">#2084</a>)</li>
<li><a
href="https://github.com/valyala/fasthttp/commit/19624506292b2f05ed08774d1f6c814340efb409"><code>1962450</code></a>
Fix copyTrailer</li>
<li><a
href="https://github.com/valyala/fasthttp/commit/2272d532e154f55d6a9cfe316109d2be850a6331"><code>2272d53</code></a>
Reimplement flushing support for fasthttpadaptor (<a
href="https://redirect.github.com/valyala/fasthttp/issues/2081">#2081</a>)</li>
<li><a
href="https://github.com/valyala/fasthttp/commit/a17ec74999fe7a1f9a46d09d644584e73e97f908"><code>a17ec74</code></a>
Reject bad ipv6 hostnames (<a
href="https://redirect.github.com/valyala/fasthttp/issues/2076">#2076</a>)</li>
<li><a
href="https://github.com/valyala/fasthttp/commit/f18eb9ef0c366b9ac212e41f4bce3378b215dbf2"><code>f18eb9e</code></a>
Reject backslash absolute URIs and cache parse errors (<a
href="https://redirect.github.com/valyala/fasthttp/issues/2075">#2075</a>)</li>
<li><a
href="https://github.com/valyala/fasthttp/commit/bed90bcf091dc56b3098fb57cbbc1ca931d5ea34"><code>bed90bc</code></a>
Reject invalid hosts with multiple port delimiters (<a
href="https://redirect.github.com/valyala/fasthttp/issues/2077">#2077</a>)</li>
<li><a
href="https://github.com/valyala/fasthttp/commit/d3fc68239107eb85a36b3baf0b9ca873cdf9b95f"><code>d3fc682</code></a>
Validate schemes (<a
href="https://redirect.github.com/valyala/fasthttp/issues/2078">#2078</a>)</li>
<li><a
href="https://github.com/valyala/fasthttp/commit/af41f54adbd2b47323ae0b1caf76e79cb3c2e824"><code>af41f54</code></a>
Validate IPv6 addresses in urls (<a
href="https://redirect.github.com/valyala/fasthttp/issues/2079">#2079</a>)</li>
<li><a
href="https://github.com/valyala/fasthttp/commit/75dcdb8bba3eac0eb091a68a5b401cf9755be0df"><code>75dcdb8</code></a>
Fix username:password@ validation in urls (<a
href="https://redirect.github.com/valyala/fasthttp/issues/2080">#2080</a>)</li>
<li><a
href="https://github.com/valyala/fasthttp/commit/ede09fad738b7c16784e37064f49f89c960ecbb0"><code>ede09fa</code></a>
Limit FuzzTestHeaderScanner body size</li>
<li>Additional commits viewable in <a
href="https://github.com/valyala/fasthttp/compare/v1.66.0...v1.67.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/valyala/fasthttp&package-manager=go_modules&previous-version=1.66.0&new-version=1.67.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-13 12:16:05 +00:00
Paweł Banaszewski 847058c56c fix: set default values for RevokeURL property in external auth configs (#20270) 
This PR adds logic that sets default values for `RevokeURL` in external
auth configs.
 2025-10-13 14:04:08 +02:00
dependabot[bot] 5ab72cce63 chore: bump github.com/gofrs/flock from 0.12.1 to 0.13.0 (#20269) 
Bumps [github.com/gofrs/flock](https://github.com/gofrs/flock) from
0.12.1 to 0.13.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/gofrs/flock/releases">github.com/gofrs/flock's
releases</a>.</em></p>
<blockquote>
<h2>v0.13.0</h2>
<h2>What's Changed</h2>
<p>Minimum Go version 1.24</p>
<ul>
<li>feat: add Stat method by <a
href="https://github.com/ferhatelmas"><code>@​ferhatelmas</code></a> in
<a
href="https://redirect.github.com/gofrs/flock/pull/127">gofrs/flock#127</a></li>
<li>chore(deps): bump golang.org/x/sys from 0.22.0 to 0.37.0</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/gofrs/flock/compare/v0.12.1...v0.13.0">https://github.com/gofrs/flock/compare/v0.12.1...v0.13.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/gofrs/flock/commit/bfec60bb026171031050af631b6dec974f14e9fa"><code>bfec60b</code></a>
chore(deps): bump golang.org/x/sys from 0.36.0 to 0.37.0 in the gomod
group (...</li>
<li><a
href="https://github.com/gofrs/flock/commit/7094284415ad11369be4662a7c12be25963b4ea5"><code>7094284</code></a>
chore: update linter</li>
<li><a
href="https://github.com/gofrs/flock/commit/8111aec69ca1501f26bb5198ed02673e87806e65"><code>8111aec</code></a>
feat: add Stat method (<a
href="https://redirect.github.com/gofrs/flock/issues/127">#127</a>)</li>
<li><a
href="https://github.com/gofrs/flock/commit/6f0f0ed4e14d546b238ae500710aba38b924e135"><code>6f0f0ed</code></a>
chore(deps): bump the github-actions group with 4 updates (<a
href="https://redirect.github.com/gofrs/flock/issues/126">#126</a>)</li>
<li><a
href="https://github.com/gofrs/flock/commit/fe44231e563ec57fda028bc2484140fb1f24a6d1"><code>fe44231</code></a>
chore(deps): bump golang.org/x/sys from 0.35.0 to 0.36.0 in the gomod
group (...</li>
<li><a
href="https://github.com/gofrs/flock/commit/f74f0fb0332646c6b3730bfe9cce6fc0badc52c6"><code>f74f0fb</code></a>
chore(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.1 in
the go...</li>
<li><a
href="https://github.com/gofrs/flock/commit/c1f6d161c8e3b29a4d612e34ff17b37d00d4cd2f"><code>c1f6d16</code></a>
chore(deps): bump golang.org/x/sys from 0.34.0 to 0.35.0 in the gomod
group (...</li>
<li><a
href="https://github.com/gofrs/flock/commit/c542c57ff5f6af1d62b6864144170b612731796a"><code>c542c57</code></a>
chore(deps): bump github/codeql-action from 3.29.2 to 3.29.5 in the
github-ac...</li>
<li><a
href="https://github.com/gofrs/flock/commit/425570ba9b698b04bb9506c4906f137fb34ac7e0"><code>425570b</code></a>
chore(deps): bump golang.org/x/sys from 0.33.0 to 0.34.0 in the gomod
group (...</li>
<li><a
href="https://github.com/gofrs/flock/commit/12753ea298e1aeb97f0881ff3fc07eabcb2b86e5"><code>12753ea</code></a>
chore(deps): bump github/codeql-action from 3.28.18 to 3.29.2 in the
github-a...</li>
<li>Additional commits viewable in <a
href="https://github.com/gofrs/flock/compare/v0.12.1...v0.13.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/gofrs/flock&package-manager=go_modules&previous-version=0.12.1&new-version=0.13.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-13 12:02:14 +00:00
dependabot[bot] fb86841071 chore: bump github.com/brianvoe/gofakeit/v7 from 7.7.1 to 7.8.0 (#20265) 
Bumps
[github.com/brianvoe/gofakeit/v7](https://github.com/brianvoe/gofakeit)
from 7.7.1 to 7.8.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/brianvoe/gofakeit/commit/6af983166ac57e4b39f11c665273d6e61339637d"><code>6af9831</code></a>
emoji - cleanup, organization and new function additions</li>
<li><a
href="https://github.com/brianvoe/gofakeit/commit/1399ba0ab2177c19f83432e20a619c26be517a35"><code>1399ba0</code></a>
generate - improve generate performance</li>
<li><a
href="https://github.com/brianvoe/gofakeit/commit/3840eaf8c61407e57a8e14382c0e81dfbde15402"><code>3840eaf</code></a>
internet - added url safe slug</li>
<li><a
href="https://github.com/brianvoe/gofakeit/commit/1332b941476e911422b8647d8d6b331de703513f"><code>1332b94</code></a>
airline - added airline functions</li>
<li><a
href="https://github.com/brianvoe/gofakeit/commit/ae44694fb1f7b11f8687ec0b292961e462ceb847"><code>ae44694</code></a>
readme - updated to reflect text updates</li>
<li><a
href="https://github.com/brianvoe/gofakeit/commit/e5a4d526a4e615eaa77b8361ceae4d0ba7ce71b1"><code>e5a4d52</code></a>
lorem ipsum - simplified usage and directly use sentence gen</li>
<li><a
href="https://github.com/brianvoe/gofakeit/commit/3890a67dc9728b7f8a0c0e390eab8e91e455eec1"><code>3890a67</code></a>
sentence - updated usage across repo</li>
<li><a
href="https://github.com/brianvoe/gofakeit/commit/ab13d69433d91d6521002017f30ee1c5b17893a0"><code>ab13d69</code></a>
hipster - updated to uppercase first character</li>
<li><a
href="https://github.com/brianvoe/gofakeit/commit/7b7ddf7db30dcdd4c562fdcb1c59049b29bb6641"><code>7b7ddf7</code></a>
hipster - updated to uppercase first character</li>
<li><a
href="https://github.com/brianvoe/gofakeit/commit/5e08f261402527fdba32e9f74187809cb3a5987b"><code>5e08f26</code></a>
template - update test usage</li>
<li>Additional commits viewable in <a
href="https://github.com/brianvoe/gofakeit/compare/v7.7.1...v7.8.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/brianvoe/gofakeit/v7&package-manager=go_modules&previous-version=7.7.1&new-version=7.8.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-13 11:57:31 +00:00
dependabot[bot] 51b0767429 chore: bump rust from 1219c0b to e4ae8ab in /dogfood/coder (#20267) 
Bumps rust from `1219c0b` to `e4ae8ab`.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=rust&package-manager=docker&previous-version=slim&new-version=slim)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-13 11:54:09 +00:00
Mathias Fredriksson a8f87c2625 feat(coderd): implement task to app linking (#20237) 
This change adds workspace build/agent/app linking to tasks and wires it
into `wsbuilder` and `provisionerdserver`.

Closes coder/internal#948
Closes coder/coder#20212
Closes coder/coder#19773
 2025-10-13 12:57:06 +03:00
Mathias Fredriksson 5dc57da6b4 fix(coderd/database): ensure task name uniqueness (#20236) 
This change ensures task names are unique per user the same way we do
for workspaces. This ensures we don't create tasks that are impossible
to start due to another task being named the same creating a workspace
name conflict.

Updates coder/internal#948
Supersedes coder/coder#20212
 2025-10-13 12:42:38 +03:00
Mathias Fredriksson 952c69f412 feat(coderd/database): add task status and status view (#20235) 
This change updates the `task_workspace_apps` table structure for
improved linking to workspace builds and adds queries to manage tasks
and a view to expose task status.

Updates coder/internal#948
Supersedes coder/coder#20212
Supersedes coder/coder#19773
 2025-10-13 12:25:58 +03:00
Mathias Fredriksson 299a54a99b feat(coderd): add tasks rbac object (#20234) 
This change adds RBAC for tasks.

Updates coder/internal#948
Supersedes coder/coder#20212
 2025-10-13 12:02:22 +03:00
dependabot[bot] d9f95f2285 chore: bump coder/git-clone/coder from 1.1.1 to 1.1.2 in /dogfood/coder (#20264) 
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=coder/git-clone/coder&package-manager=terraform&previous-version=1.1.1&new-version=1.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-13 00:31:27 +00:00
dependabot[bot] dd85d1fdd8 chore: bump coder/claude-code/coder from 3.0.1 to 3.1.0 in /dogfood/coder (#20263) 
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=coder/claude-code/coder&package-manager=terraform&previous-version=3.0.1&new-version=3.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-13 00:31:19 +00:00
Spike Curtis 2ded9d6a73 test: remove external compilation of db cleaner entirely (#20240) 
fixes https://github.com/coder/internal/issues/1026

Thru a (perhaps too-) clever hack of `init()` functions, I've managed to remove the need to separately compile the cleaner binary. This should fix the flakes we are seeing were the binary compilation takes 10s of seconds on macOS.  The cleaner is encorporated directly into the test binary and we self-exec as the subprocess.
 2025-10-10 10:02:03 +04:00
ケイラ 97cb19eeb5 chore: replace nexus-repository icon with an actual svg (#20251) 2025-10-09 13:55:55 -06:00
ケイラ caeff49aba chore: refactor roles to support multiple permission sets scoped by org id (#20186) 
In preparation for adding the "member" permission level, which will also
be grouped by org ID, do a bit of a refactor to make room for it and the
existing "org" level to live in the same `map`
 2025-10-09 11:08:34 -06:00
Hugo Dutka 6213b30f10 fix: replace http.DefaultClient in telemetry with dedicated client (#20247) 
Replaces a call to the http default client in telemetry.go. Looks like
it was missed in https://github.com/coder/coder/pull/20128.

Related to https://github.com/coder/internal/issues/1020 and
https://github.com/coder/internal/issues/645.
 2025-10-09 18:35:09 +02:00
Danielle Maywood 5d66f1f027 fix(provisioner): use sidebar app id instead of app id (#20246) 
In a previous PR we set SidebarApp.Id equal to the appID instead of the
sidebarAppID.
 2025-10-09 16:41:40 +01:00
Bruno Quaresma 8f2394c256 chore: replace MUI tables (#20201) 
I tried to break this work into smaller pieces, but since there are a
lot of dependent components, I decided to handle it in one larger chunk
and rely on Storybook to catch any bugs.

That said, let me know if you’d prefer a different approach!
 2025-10-09 10:09:37 -03:00
Thomas Kosiewski ed90ecf00e feat: add allow_list to resource-scoped API tokens (#19964) 
# Add API key allow_list for resource-scoped tokens

This PR adds support for API key allow lists, enabling tokens to be scoped to specific resources. The implementation:

1. Adds a new `allow_list` field to the `CreateTokenRequest` struct, allowing clients to specify resource-specific scopes when creating API tokens
2. Implements `APIAllowListTarget` type to represent resource targets in the format `<type>:<id>` with support for wildcards
3. Adds validation and normalization logic for allow lists to handle wildcards and deduplication
4. Integrates with RBAC by creating an `APIKeyEffectiveScope` that merges API key scopes with allow list restrictions
5. Updates API documentation and TypeScript types to reflect the new functionality

This feature enables creating tokens that are limited to specific resources (like workspaces or templates) by ID, making it possible to create more granular API tokens with limited access.
 2025-10-09 14:53:08 +02:00
Danielle Maywood f31e6e09ba chore(provisioner): support updated coder_ai_task resource (#20160) 
Closes https://github.com/coder/internal/issues/978

- Introduce `CODER_TASK_ID` and `CODER_TASK_PROMPT` to the provisioner
environment
- Make use of new `app_id` field in provider, with a fallback to
`sidebar_app.id` for backwards compatibility

**For now** I've left the `taskPrompt` and `taskID` as a TODO as we do
not yet create these values.
 2025-10-09 10:42:01 +01:00
Dean Sheather 8942b50872 fix: allow unhanger to unhang dormant workspaces (#20229) 2025-10-09 17:33:57 +11:00
Rishi Mondal c84ab728a8 chore: add nexus-repository icon (#20227) 2025-10-08 16:24:13 -06:00
Jaayden Halko 9935da86c6 chore: migrate appearanceform to Tailwind and shadcn (#20204) 2025-10-08 21:13:04 +01:00
Bruno Quaresma 4b8d73994f chore: migrate MUI icons to lucide-react (#20193) 2025-10-08 15:01:01 -03:00
DevCats e5d7f43c51 chore: add auto-dev-server-icon and set to monochromatic (#20219) 2025-10-08 12:58:56 -05:00
Bruno Quaresma 55be304e53 chore: replace remaining MUI buttons (#20200) 2025-10-08 13:39:47 -03:00
Jiachen Jiang 79736154db docs: add documentation for upcoming Agent Boundary feature (#20099) 
## PR Description
tbd @jcjiang 

See a preview at:
https://coder.com/docs/@boundaries-docs/ai-coder/agent-boundary

---------

Co-authored-by: David Fraley <davidiii@fraley.us>
Co-authored-by: david-fraley <67079030+david-fraley@users.noreply.github.com>
 2025-10-08 09:14:14 -07:00
david-fraley 6c5b741bed docs: list tasks CLI docs in manifest.json (#20220) 2025-10-08 17:32:21 +02:00
Cian Johnston fa82f841c7 chore(docs): add documentation for exp CLI commands (#20019) 
Updates task documentation with experimental CLI.
~Generated by Claude using `--help` output.~

Should be merged alongside https://github.com/coder/coder/pull/20020
 2025-10-08 13:43:44 +01:00
Spike Curtis 5807fe01e4 test: prevent TestAgent_ReconnectingPTY connection reporting check from interfering (#20210) 
When we added support for connection tracking in the Workspace agent, we modified the ReconnectingPTY tests to add an initial connection that we immediately hang up and check that connections are logged.

In the case of `screen`-based pty handling, hanging up the initial connection can race with the initial attachment to the `screen` process, and cause that process to exit early. This leaves subsequent connections to the same session ID to fail.

In this PR we just use different pty session IDs so that the initial connections we do to verify logging don't interfere with the rest of the test.

_Arguably_ it's a bug in our Reconnecting PTY code that hanging up immediately can leave the system in a weird state, but we do eventually recover and error out, so I don't think it's worth trying to fix.
 2025-10-08 16:23:46 +04:00
Spike Curtis e2076beb9f test: change to explicitly compiling dbcleaner on posix (#20206) 
relates to: https://github.com/coder/internal/issues/1026

On POSIX systems (macOS and Linux) we compile the dbcleaner binary into a temp directory. This allows us to explicitly separate the compilation step and report the time it takes. We suspect this might be a contributing factor in the above linked flakes we see on macOS.

This doesn't work on Windows because Go tests clean up the temp directory at the end of the test and the dbcleaner binary will still be executing. On Windows you cannot delete a file being executed nor the directory. However, we are not seeing any flakes on Windows so the old behavior seems to be OK.
 2025-10-08 16:18:02 +04:00
Spike Curtis f1d3f31c10 test: increase timeout in TestRun (scaletest/workspaceupdates) (#20211) 
fixes https://github.com/coder/internal/issues/1050

Extends the timeout on the affected test. It uses a postgres database, and so 15s timeout isn't enough to not flake with our test infra these days.
 2025-10-08 16:17:41 +04:00
Mathias Fredriksson 46e242e444 test(coderd/database/dbtestutil): add debug output to pg_dump failure (#20209) 2025-10-08 14:22:35 +03:00
Sas Swart 544f15523c fix: adjust workspace claims to be initiated by users (#20179) 
The prebuilds user never initiates a workspace claim autonomously. A
claim can only happen when a user attempts to create a workspace. When
listing prebuild provisioner jobs, it would not make sense to see jobs
related to users who are creating workspaces and have gotten a prebuilt
workspace. When cleaning up an overwhelmed provisioner queue, we should
not delete claims as they have humans waiting for them and are not part
of the thundering herd.

Therefore, this PR ensures that provisioner jobs that claim workspaces
are considered to be initiated by the user, not the prebuilds system.
 2025-10-08 10:40:54 +02:00
Atif Ali 037e6f06f5 docs: fix link to Grafana dashboard example for AI Bridge (#20205) 2025-10-08 08:25:18 +00:00
Mathias Fredriksson 8274251fe1 fix(.devcontainer): check if ssh folder exists in post_create (#19987) 2025-10-08 07:24:13 +00:00
Cian Johnston 63631b5b2b chore(coderd): aitasks: add internal-only api doc comments (#20020) 
Adds api doc comments calling out experimental status.

Should be merged alongside https://github.com/coder/coder/pull/20019
 2025-10-08 08:20:20 +01:00
Stephen Kirby d0f434b672 feat(docs): add bridge documentation for early access (#20188) 2025-10-07 22:36:05 -05:00
david-fraley be22c38161 docs: update release versions in docs (#20196) 2025-10-07 20:46:47 +00:00
Spike Curtis 65335bc7d4 feat: add cli command scaletest dynamic-parameters (#20034) 
part of https://github.com/coder/internal/issues/912

Adds CLI command `coder exp scaletest dynamic-parameters`

I've left out the configuration of tracing and timeouts for now. I think I want to do some refactoring of the scaletest CLI to make handling those flags take up less boiler plate.

I will add tracing and timeout flags in a follow up PR.
 2025-10-07 21:53:59 +04:00
Dean Sheather 0e0f0925e4 fix: use raw SVG for logo on static error page (#20189) 
Relates to #20185, #20029, #18878
 2025-10-08 00:48:17 +11:00