shishantbiswas/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2026-06-07 15:08:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
12,434 Commits 1,148 Branches 344 Tags
1a774ab7ce99063a2e01beb94de3fcbccaf84dbe
Commit Graph

12434 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Cian Johnston 12496830d6 ci: add workflow for agentic issue triage (#19839) 
Adds a GH workflow to start a workspace with a pre-determined template,
perform a first pass over a given GitHub issue, and persist the changes
in a GCS bucket for later refining. Tested locally with `nektos/act`.

Co-authored-by: Mathias Fredriksson <mafredri@gmail.com>
 2025-09-22 13:29:18 +01:00
Spike Curtis 5c2b9a5b82 chore: refactor codersdk.Client creation with functional args (#19759) 
Adds ClientBuilder to build a codersdk.Client. This is a safer pattern than the current usage which modifies properties of the Client after creating it, opening us up to race conditions.

Refactors agentsdk to use the builder.
 2025-09-22 15:59:41 +04:00
dependabot[bot] 562ef68cd9 chore: bump github.com/hashicorp/terraform-json from 0.25.0 to 0.27.2 (#19908) 
Bumps
[github.com/hashicorp/terraform-json](https://github.com/hashicorp/terraform-json)
from 0.25.0 to 0.27.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/hashicorp/terraform-json/releases">github.com/hashicorp/terraform-json's
releases</a>.</em></p>
<blockquote>
<h2>v0.27.2</h2>
<p>NOTES / BUG FIXES</p>
<ul>
<li><code>UnmarshalLogMessage</code> to use <code>json.Number</code>
(instead of default <code>float64</code>) (<a
href="https://redirect.github.com/hashicorp/terraform-json/pull/178">#178</a>)
<ul>
<li>This avoids precision related problems when decoding numbers in JSON
data. This would impact only <code>0.27.1</code> consumers.</li>
</ul>
</li>
</ul>
<h2>v0.27.1</h2>
<h2>What's Changed</h2>
<h3>ENHANCEMENTS</h3>
<ul>
<li>Replace <code>json.RawMessage</code> with <code>any</code> for list
log messages by <a
href="https://github.com/dbanck"><code>@​dbanck</code></a> in <a
href="https://redirect.github.com/hashicorp/terraform-json/pull/177">hashicorp/terraform-json#177</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/hashicorp/terraform-json/compare/v0.27.0...v0.27.1">https://github.com/hashicorp/terraform-json/compare/v0.27.0...v0.27.1</a></p>
<h2>v0.27.0</h2>
<h2>What's Changed</h2>
<h3>ENHANCEMENTS</h3>
<ul>
<li>logging: Introduce types for structured UI messages +
<code>UnmarshalLogMessage()</code> by <a
href="https://github.com/radeksimko"><code>@​radeksimko</code></a> in <a
href="https://redirect.github.com/hashicorp/terraform-json/pull/167">hashicorp/terraform-json#167</a></li>
<li>logging: Add query related message types by <a
href="https://github.com/radeksimko"><code>@​radeksimko</code></a> in <a
href="https://redirect.github.com/hashicorp/terraform-json/pull/169">hashicorp/terraform-json#169</a></li>
<li>Add support for action schemas (unlinked) by <a
href="https://github.com/austinvalle"><code>@​austinvalle</code></a> in
<a
href="https://redirect.github.com/hashicorp/terraform-json/pull/166">hashicorp/terraform-json#166</a></li>
<li>Add support for action invocation within Plan JSON by <a
href="https://github.com/mutahhir"><code>@​mutahhir</code></a> in <a
href="https://redirect.github.com/hashicorp/terraform-json/pull/172">hashicorp/terraform-json#172</a></li>
<li>tf query: add identity version for the list_resource_found message
by <a href="https://github.com/dsa0x"><code>@​dsa0x</code></a> in <a
href="https://redirect.github.com/hashicorp/terraform-json/pull/176">hashicorp/terraform-json#176</a></li>
</ul>
<h3>INTERNAL</h3>
<ul>
<li>go: Bump to 1.25 by <a
href="https://github.com/radeksimko"><code>@​radeksimko</code></a> in <a
href="https://redirect.github.com/hashicorp/terraform-json/pull/168">hashicorp/terraform-json#168</a></li>
<li>Bump actions/checkout from 4.2.2 to 5.0.0 in the
github-actions-breaking group by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/hashicorp/terraform-json/pull/170">hashicorp/terraform-json#170</a></li>
<li>Bump github.com/zclconf/go-cty from 1.16.3 to 1.16.4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/hashicorp/terraform-json/pull/171">hashicorp/terraform-json#171</a></li>
<li>build(deps): bump actions/setup-go from 5.5.0 to 6.0.0 in the
github-actions-breaking group by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/hashicorp/terraform-json/pull/174">hashicorp/terraform-json#174</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/mutahhir"><code>@​mutahhir</code></a>
made their first contribution in <a
href="https://redirect.github.com/hashicorp/terraform-json/pull/172">hashicorp/terraform-json#172</a></li>
<li><a href="https://github.com/dsa0x"><code>@​dsa0x</code></a> made
their first contribution in <a
href="https://redirect.github.com/hashicorp/terraform-json/pull/176">hashicorp/terraform-json#176</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/hashicorp/terraform-json/compare/v0.26.0...v0.27.0">https://github.com/hashicorp/terraform-json/compare/v0.26.0...v0.27.0</a></p>
<h2>v0.26.0</h2>
<h2>ENHANCEMENTS:</h2>
<ul>
<li>Added: support for list resource by <a
href="https://github.com/anubhav-goel"><code>@​anubhav-goel</code></a>
in <a
href="https://redirect.github.com/hashicorp/terraform-json/pull/165">hashicorp/terraform-json#165</a></li>
</ul>
<h2>INTERNAL:</h2>
<ul>
<li>Bump actions/setup-go from 5.4.0 to 5.5.0 in the
github-actions-backward-compatible group by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/hashicorp/terraform-json/pull/161">hashicorp/terraform-json#161</a></li>
<li>github: Add PR template with required fields for PCI compliance by
<a href="https://github.com/xiehan"><code>@​xiehan</code></a> in <a
href="https://redirect.github.com/hashicorp/terraform-json/pull/162">hashicorp/terraform-json#162</a></li>
<li>Bump github.com/zclconf/go-cty from 1.16.2 to 1.16.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/hashicorp/terraform-json/pull/163">hashicorp/terraform-json#163</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/anubhav-goel"><code>@​anubhav-goel</code></a>
made their first contribution in <a
href="https://redirect.github.com/hashicorp/terraform-json/pull/165">hashicorp/terraform-json#165</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/hashicorp/terraform-json/commit/ef5e0b8eca1ba1231002598662be4ea6b8537173"><code>ef5e0b8</code></a>
UnmarshalLogMessage to use json.Number (<a
href="https://redirect.github.com/hashicorp/terraform-json/issues/178">#178</a>)</li>
<li><a
href="https://github.com/hashicorp/terraform-json/commit/3fe6fb24c20ef18182e01e2ef195288fbb45be90"><code>3fe6fb2</code></a>
Replace <code>json.RawMessage</code> for list log messages (<a
href="https://redirect.github.com/hashicorp/terraform-json/issues/177">#177</a>)</li>
<li><a
href="https://github.com/hashicorp/terraform-json/commit/739a5926eb30c50488beb49887a8ed6d648a888b"><code>739a592</code></a>
actions: remove action types from action schema (<a
href="https://redirect.github.com/hashicorp/terraform-json/issues/175">#175</a>)</li>
<li><a
href="https://github.com/hashicorp/terraform-json/commit/2eaedbecab678d315fab0b4ec89f650a913641fb"><code>2eaedbe</code></a>
tf query: add identity version for the list_resource_found message (<a
href="https://redirect.github.com/hashicorp/terraform-json/issues/176">#176</a>)</li>
<li><a
href="https://github.com/hashicorp/terraform-json/commit/2fd292250e8f5085966cbec4786a0961bb5eb071"><code>2fd2922</code></a>
Merge pull request <a
href="https://redirect.github.com/hashicorp/terraform-json/issues/172">#172</a>
from hashicorp/mutahhir/add-action-invocation</li>
<li><a
href="https://github.com/hashicorp/terraform-json/commit/b539674b30344f937e07516e82b1c700d73f4c57"><code>b539674</code></a>
Add ConfigUnknown field</li>
<li><a
href="https://github.com/hashicorp/terraform-json/commit/806b1a620df6e027c5a18afd0c079dfd31fe5338"><code>806b1a6</code></a>
Fix tests after type change</li>
<li><a
href="https://github.com/hashicorp/terraform-json/commit/23522f30fbc6b53352baccd22e0bd8de3b6d6ec6"><code>23522f3</code></a>
Change ConfigValues and ConfigSensitive to interfaces for redaction</li>
<li><a
href="https://github.com/hashicorp/terraform-json/commit/dd0e457bc673a4627c3334ebdd1b784f9eed32f6"><code>dd0e457</code></a>
Remove Action Invocation as a Resource Mode</li>
<li><a
href="https://github.com/hashicorp/terraform-json/commit/4643c0fb325f73f4d2d3286e4530c15f328e429d"><code>4643c0f</code></a>
format plan.json for test</li>
<li>Additional commits viewable in <a
href="https://github.com/hashicorp/terraform-json/compare/v0.25.0...v0.27.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/hashicorp/terraform-json&package-manager=go_modules&previous-version=0.25.0&new-version=0.27.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-22 11:30:30 +00:00
dependabot[bot] 8242fd2679 chore: bump github.com/brianvoe/gofakeit/v7 from 7.6.0 to 7.7.1 (#19907) 
Bumps
[github.com/brianvoe/gofakeit/v7](https://github.com/brianvoe/gofakeit)
from 7.6.0 to 7.7.1.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/brianvoe/gofakeit/commit/6fcd2f7ef84a956ff8835abe97767c45df26a693"><code>6fcd2f7</code></a>
address - alias and keyword updates to better target address</li>
<li><a
href="https://github.com/brianvoe/gofakeit/commit/12b7447d083a8a4ab261935f6ff95c7c1ce5fa40"><code>12b7447</code></a>
payment - remove redundent check</li>
<li><a
href="https://github.com/brianvoe/gofakeit/commit/de7423068163722b23f2b2376c31a406921f7ff5"><code>de74230</code></a>
person - added ein number</li>
<li><a
href="https://github.com/brianvoe/gofakeit/commit/69b8730a1a46703039afa73c686c37316dabb944"><code>69b8730</code></a>
payment - added alias</li>
<li>See full diff in <a
href="https://github.com/brianvoe/gofakeit/compare/v7.6.0...v7.7.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/brianvoe/gofakeit/v7&package-manager=go_modules&previous-version=7.6.0&new-version=7.7.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-22 11:30:05 +00:00
dependabot[bot] 8486795d51 ci: bump the github-actions group with 2 updates (#19909) 
Bumps the github-actions group with 2 updates:
[chromaui/action](https://github.com/chromaui/action) and
[tj-actions/changed-files](https://github.com/tj-actions/changed-files).

Updates `chromaui/action` from 13.1.4 to 13.2.0
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/chromaui/action/commit/20c7e42e1b2f6becd5d188df9acb02f3e2f51519"><code>20c7e42</code></a>
v13.2.0</li>
<li><a
href="https://github.com/chromaui/action/commit/8c981a1b5ed6804b29058a5a68ea818a4c954d16"><code>8c981a1</code></a>
v13.1.5</li>
<li>See full diff in <a
href="https://github.com/chromaui/action/compare/d0795df816d05c4a89c80295303970fddd247cce...20c7e42e1b2f6becd5d188df9acb02f3e2f51519">compare
view</a></li>
</ul>
</details>
<br />

Updates `tj-actions/changed-files` from
1ac60965030588f3b867cdd4a3900f37ec99970c to
4563c729c555b4141fac99c80f699f571219b836
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.5...v47.0.0">47.0.0</a>
- (2025-09-13)</h1>
<h2><!-- raw HTML omitted -->🚀 Features</h2>
<ul>
<li>Add any_added to outputs (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2567">#2567</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/c260d49a827b5eb266673bed7871c5d3ee9b5aef">c260d49</a>)
- (Jellyfrog)</li>
</ul>
<h2><!-- raw HTML omitted --> Remove</h2>
<ul>
<li>Commit and push step from build job (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2538">#2538</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/be393a90381e27c9fec2c8c2e02b00f005710145">be393a9</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2592">#2592</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
&lt;41898282+github-actions[bot]<a
href="https://github.com/users"><code>@​users</code></a>.noreply.github.com&gt;
(<a
href="https://github.com/tj-actions/changed-files/commit/3dbc1e181273d808ccff822a6e00cf18b6628ef0">3dbc1e1</a>)
- (github-actions[bot])</p>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2591">#2591</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
&lt;41898282+github-actions[bot]<a
href="https://github.com/users"><code>@​users</code></a>.noreply.github.com&gt;
(<a
href="https://github.com/tj-actions/changed-files/commit/b1ccff8c0892ad141d7d2de6f31e526a9dad931f">b1ccff8</a>)
- (github-actions[bot])</p>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2574">#2574</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
&lt;41898282+github-actions[bot]<a
href="https://github.com/users"><code>@​users</code></a>.noreply.github.com&gt;
(<a
href="https://github.com/tj-actions/changed-files/commit/050a3d3360d29711ee9d8210fc639d902d23ad07">050a3d3</a>)
- (github-actions[bot])</p>
<h2><!-- raw HTML omitted -->📚 Documentation</h2>
<ul>
<li>Update link to glob patterns (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2590">#2590</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/a892f50f7a7187bc288633c09230b09ce7ad8fd0">a892f50</a>)
- (Tonye Jack)</li>
<li>Add Jellyfrog as a contributor for code, and doc (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2573">#2573</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/f000a9b97f254f9590ff26f651cccde827ad36da">f000a9b</a>)
- (allcontributors[bot])</li>
</ul>
<h2><!-- raw HTML omitted -->🧪 Testing</h2>
<ul>
<li>Manual triggered workflows (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2637">#2637</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/c2ca2493190021783138cb8aac49bcee14b4bb89">c2ca249</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2>
<ul>
<li><strong>deps-dev:</strong> Bump jest from 30.0.5 to 30.1.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2655">#2655</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/9a6755550a331fdcc8ec45443738933f8fa22eea">9a67555</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump tj-actions/git-cliff from 2.1.0 to 2.2.0
(<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2660">#2660</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/b67e30df88f43e244f4e83775e5ad8335114fb95">b67e30d</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump github/codeql-action from 3.30.2 to
3.30.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2661">#2661</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/62aef422ffa195474d80d73387535cf4622b2824">62aef42</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump github/codeql-action from 3.29.11 to
3.30.2 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2659">#2659</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/e874f3cddd0f54ae776e6995ae6dae4cf40fd3d3">e874f3c</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump actions/setup-node from 4.4.0 to 5.0.0
(<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2656">#2656</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/8c14441336bb3d84fd6b7fa83b6d7201c740baf5">8c14441</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump <code>@​types/node</code> from
24.3.0 to 24.3.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2657">#2657</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/e995ac4be5be2bcb6e29556edc51fb63aca6b49b">e995ac4</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump <code>@​types/node</code> from
24.2.1 to 24.3.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2649">#2649</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/3b04099b21072562f07469c10deb182b24236ca9">3b04099</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump github/codeql-action from 3.29.9 to
3.29.11 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2651">#2651</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/e7b6c977e51984988e3cc1d6b18abe2a3ba8daaa">e7b6c97</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump tj-actions/git-cliff from 2.0.2 to 2.1.0
(<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2648">#2648</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/765d62bc041415a5b494ef13d02d566128b25973">765d62b</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump github/codeql-action from 3.29.8 to
3.29.9 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2647">#2647</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/2036da178f85576f1940fedb74bb93a36cd89ab7">2036da1</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump github/codeql-action from 3.29.7 to
3.29.8 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2644">#2644</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/239aef84a5502c79a1cea96e495d17588c66c659">239aef8</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump <code>@​types/node</code> from
24.2.0 to 24.2.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2645">#2645</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/a7d5f5f4919b6dbc6d3a3689887964361e8dd88f">a7d5f5f</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump actions/checkout from 4.2.2 to 5.0.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2646">#2646</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/5107f3abcc0c3737db51e2949f181e2c197d4d5b">5107f3a</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump <code>@​types/node</code> from
24.1.0 to 24.2.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2640">#2640</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/f963b3f3562b00b6d2dd25efc390eb04e51ef6c6">f963b3f</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump actions/download-artifact from 4.3.0 to
5.0.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2641">#2641</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/f956744105e18d78bba3844a1199ce43d6503017">f956744</a>)
- (dependabot[bot])</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tj-actions/changed-files/commit/4563c729c555b4141fac99c80f699f571219b836"><code>4563c72</code></a>
chore(deps-dev): bump <code>@​types/node</code> from 24.4.0 to 24.5.2
(<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2669">#2669</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/257f3acedc7e3cf12510ef211c6d89d140bd64aa"><code>257f3ac</code></a>
chore(deps-dev): bump <code>@​types/uuid</code> from 10.0.0 to 11.0.0
(<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2668">#2668</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/cac596ed08f1624de93e8c83fa36f0a0aff72311"><code>cac596e</code></a>
chore(deps-dev): bump <code>@​vercel/ncc</code> from 0.38.3 to 0.38.4
(<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2670">#2670</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/4fb6914af96ff7e05cc41c37b85b528daf830762"><code>4fb6914</code></a>
chore(deps-dev): bump ts-jest from 29.4.1 to 29.4.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2671">#2671</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/2371aa7cd265d2e8a0213dc9e2a70dfcfb8fa114"><code>2371aa7</code></a>
chore(deps-dev): bump <code>@​types/node</code> from 24.3.1 to 24.4.0
(<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2664">#2664</a>)</li>
<li>See full diff in <a
href="https://github.com/tj-actions/changed-files/compare/1ac60965030588f3b867cdd4a3900f37ec99970c...4563c729c555b4141fac99c80f699f571219b836">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-22 11:28:29 +00:00
Spike Curtis e2f5401fb2 test: add test database cleaner in subprocess (#19844) 
fixes https://github.com/coder/internal/issues/927

Adds a small subprocess that outlives the testing process to clean up any leaked test databases.
 2025-09-22 15:27:06 +04:00
Spike Curtis 596fdcba81 test: refactor dbtestutil to record database creation (#19843) 
relates to https://github.com/coder/internal/issues/927

Refactors dbtestutil to use a `Broker` struct to create test databases. Additionally uses a `coder_testing` database to record test databases that are created and when they are dropped.

This is in preparation for the PR above this in the stack which adds a "cleaner" subprocess that cleans out any databases that were left when the test process ends.
 2025-09-22 15:13:26 +04:00
Ethan e13fcaf865 refactor(scaletest): support exposing arbitrary metrics on scaletest runs (#19886) 
Relates to https://github.com/coder/internal/issues/889

The existing implementation for exposing read and written bytes was a little awkward - we're going to be adding a bunch of scaletest runners / load generators that *don't* transfer any bytes. This PR has the scaletest reports expose a map of arbitrary string-keyed metrics instead.

FWIW, the latest iteration of the scaletesting infrastructure doesn't parse these reports right now - they're just logged to stdout, so we're good to break the json schema here.
 2025-09-22 17:45:45 +10:00
Ethan d02ff5f9b2 refactor(scaletest): add runner for creating users (#19811) 
Closes https://github.com/coder/internal/issues/985

Simple refactor of the user creation logic into it's own test runner. This lets us create users independently of workspaces, for use in a bunch of load generators, including the Coder Connect load generator.

This PR creates the new runner, and has the existing `createworkspaces` runner use it.
 2025-09-22 17:35:36 +10:00
Ethan 6d9e29beb1 refactor(scaletest): generate user and workspace names if omitted (#19885) 
Relates to https://github.com/coder/internal/issues/985.

Some scaletest runners would autogenerate names if they weren't supplied on the config, while others required a name be supplied, and a name was autogenerated in the CLI command handler. This PR unifies the runners to make names and emails optional on each config, and generate them in the scaletest runner if omitted. 

The create user runner in the PR above in the stack will do this too.
 2025-09-22 17:25:47 +10:00
Asher 7f56212779 feat: add coder_workspace_port_forward MCP tool (#19863) 
Closes https://github.com/coder/internal/issues/784
 2025-09-21 15:12:57 -08:00
Bruno Quaresma d464360103 fix(site): resolve circular dependency between WorkspacesPage components (#19895) 
Move `ACTIVE_BUILD_STATUSES` constant from `WorkspacesPage.tsx` to a
module to break the circular dependency between `WorkspacesPage.tsx` and
`BatchUpdateModalForm.tsx`. This resolves the circular dependency lint
error and ensures proper code organization.

**Error:**
```
• Circular Dependencies
  1) src/pages/WorkspacesPage/WorkspacesPage.tsx -> src/pages/WorkspacesPage/BatchUpdateModalForm.tsx
```

---------

Co-authored-by: Claude <noreply@anthropic.com>
 2025-09-19 18:50:11 -03:00
Benraouane Soufiane f39cf3091c chore(site): add rustdesk icon (#19888) 2025-09-19 14:46:51 -06:00
Brett Kolodny 38ca98745b feat: add shared_with_group: and shared_with_user: filters to /workspaces endpoint (#19875) 
Adds shared_with_user and shared_with_group filters to the /workspaces
endpoint.

- `shared_with_user`: filters workspaces shared with a specific user.
Accepts a user UUID or username.
- `shared_with_group`: filters workspaces shared with a specific group.
Accepts:
  - a group UUID, or
  - `<organization name>/<group name>`, or
  - `<group name>` (resolved in the default organization).


Closes
[coder/internal#1004](https://github.com/coder/internal/issues/1004)
 2025-09-19 16:05:27 -04:00
david-fraley 40ffb79057 fix: update bitnami image (#19892) 2025-09-19 22:50:28 +05:00
david-fraley 738dbc6d47 fix: update bitnami to use legacy image (#19891) 2025-09-19 15:02:04 +00:00
Paweł Banaszewski 439b041780 feat: add best effort attempt to revoke oauth access token in external auth provider (#19775) 
Solves #15575
Adds OAuth access token revocation when unlinking external auth
provider. Due to revocation not being consistently implemented by
providers this is only best effort attempt. Unsuccessful revocation
won't influence link removal.
 2025-09-19 16:27:02 +02:00
Kacper Sawicki 0601cc8fa6 feat(site): display warnings in tasks page when wildcard is not configured (#19780) 
Closes #19739 

This PR adds warnings to Task page to alert users when wildcard is not
configured.

Admin:
<img width="1871" height="1209" alt="image"
src="https://github.com/user-attachments/assets/01beb885-5493-41ed-a266-58609bee5b8b"
/>

Member:
<img width="1713" height="1204" alt="image"
src="https://github.com/user-attachments/assets/53c2bae5-5e0f-458c-b761-633399bdf2f0"
/>
 2025-09-19 15:49:34 +02:00
Spike Curtis eb74d902bf test: fix TestServer cases that cancel before PostgreSQL work is done (#19872) 
fixes https://github.com/coder/internal/issues/946

Some tests tear down the server before we are done with PostgreSQL work, and the default `clitest` infrastructure fails the test if any errors like that are thrown. This PR modifies the tests like that to ignore postgreSQL errors like this.
 2025-09-19 15:14:48 +04:00
Thomas Kosiewski 4d8dc221bf chore: upgrade Node.js from 20.19.4 to 22.19.0 and update dependencies (#19870) 
# Update Node.js from 20.19.4 to 22.19.0

This PR updates Node.js from v20.19.4 to v22.19.0 across the codebase. The change includes:

- Updated Node.js version in GitHub Actions setup-node workflow
- Updated Node.js version in the dogfood Dockerfile
- Changed from `pkgs.nodejs_20` to `unstablePkgs.nodejs_22` in the Nix flake
- Updated the Node.js engine version constraints in package.json files to allow Node.js 22
- Updated Playwright from v1.47.0 to v1.50.1
- Updated tzdata dependency from v1.0.44 to v1.0.46
- Updated the flake.lock file with latest nixpkgs references

The PR also improves the error message for Playwright version mismatches by showing the actual versions in the error.
 2025-09-18 23:08:55 +02:00
Rowan Smith 623893708b feat: add helm var to support RBAC for deploying workspaces in extra namespaces (#19517) 
This is a feature to create Role & RoleBinding entries on a per
namespace basis to support deploying workspaces in separate namespace to
where Coder is deployed. The idea behind this is to avoid the creation
of custom RBAC entries or the use of ClusterRoles (in order to maintain
priciple of least privilege).

> If you have used AI to produce some or all of this PR, please ensure
you have read our [AI Contribution
guidelines](https://coder.com/docs/about/contributing/AI_CONTRIBUTING)
before submitting.

This is a blink assisted PR.

Example `helm template` without
`coder.serviceAccount.workspaceNamespaces` enabled (existing behaviour
as of current release) is below. Outcome = 1 x SA, 1 x Role, 1 x
RoleBinding, all in the coder (`.Release.Namespace`) namespace.
```
➜  coder git:(feat/helm_namespace_rbac_improvements) ✗ helm template -n coder coder . --set coder.image.tag=v2.25.1
---
...
---
# Source: coder/templates/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: coder-workspace-perms
  namespace: coder
rules:
  - apiGroups: [""]
    resources: ["pods"]
    verbs:
    - create
    - delete
    - deletecollection
    - get
    - list
    - patch
    - update
    - watch
  - apiGroups: [""]
    resources: ["persistentvolumeclaims"]
    verbs:
    - create
    - delete
    - deletecollection
    - get
    - list
    - patch
    - update
    - watch
  - apiGroups:
    - apps
    resources:
    - deployments
    verbs:
    - create
    - delete
    - deletecollection
    - get
    - list
    - patch
    - update
    - watch
---
# Source: coder/templates/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: "coder"
  namespace: coder
subjects:
  - kind: ServiceAccount
    name: "coder"
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: coder-workspace-perms
---
```

Example `helm template` *with*
`coder.serviceAccount.workspaceNamespaces` enabled is below. Outcome = 1
x SA, 1 x Role, 1 x RoleBinding, all in the coder (`.Release.Namespace`)
namespace PLUS a Role and RoleBinding in the `dev-ws` namespace with
each of the RoleBindings referencing the coder SA in the coder
(`.Release.Namespace`) namespace:

```
➜  coder git:(feat/helm_namespace_rbac_improvements) ✗ helm template -n coder coder . --set coder.image.tag=v2.25.1 --set-json 'coder.serviceAccount.workspaceNamespaces=[{"name":"dev-ws","workspacePerms":true,"enableDeployments":true,"extraRules":[]}]' 
---
...
---
# Source: coder/templates/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: coder-workspace-perms
  namespace: coder
rules:
  - apiGroups: [""]
    resources: ["pods"]
    verbs:
    - create
    - delete
    - deletecollection
    - get
    - list
    - patch
    - update
    - watch
  - apiGroups: [""]
    resources: ["persistentvolumeclaims"]
    verbs:
    - create
    - delete
    - deletecollection
    - get
    - list
    - patch
    - update
    - watch
  - apiGroups:
    - apps
    resources:
    - deployments
    verbs:
    - create
    - delete
    - deletecollection
    - get
    - list
    - patch
    - update
    - watch
---
# Source: coder/templates/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: coder-workspace-perms
  namespace: dev-ws
rules:
  - apiGroups: [""]
    resources: ["pods"]
    verbs:
    - create
    - delete
    - deletecollection
    - get
    - list
    - patch
    - update
    - watch
  - apiGroups: [""]
    resources: ["persistentvolumeclaims"]
    verbs:
    - create
    - delete
    - deletecollection
    - get
    - list
    - patch
    - update
    - watch
  - apiGroups:
    - apps
    resources:
    - deployments
    verbs:
    - create
    - delete
    - deletecollection
    - get
    - list
    - patch
    - update
    - watch
---
# Source: coder/templates/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: "coder"
  namespace: coder
subjects:
  - kind: ServiceAccount
    name: "coder"
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: coder-workspace-perms
---
# Source: coder/templates/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: "coder"
  namespace: dev-ws
subjects:
  - kind: ServiceAccount
    name: "coder"
    namespace: coder
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: coder-workspace-perms
---
```
 2025-09-18 14:27:04 +10:00
Michael Smith 8a6852f095 fix(site): revamp UI for batch-updating workspaces (#18895) 
Closes https://github.com/coder/coder/issues/18879
Builds on https://github.com/coder/coder/pull/18895

## Changes made
- Deleted `BatchUpdateConfirmation` component, replacing it with
`BatchUpdateModalForm`
- Added stories for the new component, trying to capture every variant I
could think of

## Screenshots
<img width="840" height="1059" alt="image"
src="https://github.com/user-attachments/assets/0fdac28e-19e8-4a14-a20a-fc1fd3758c81"
/>


## Notes
- There's too many problems to list, but look at the issue to see all
the problems we had with the old implementation
- It's definitely helpful to look at the stories to see all the things
the component is meant to cover
 2025-09-17 20:46:38 -04:00
Michael Smith 759746cbf1 fix(site): update useAgentLogs to make it more testable and add more tests (#19126) 
Take 2
Closes https://github.com/coder/internal/issues/644

## Changes made
- Updated how `useAgentLogs` was defined to make it easier to inject
specific data dependencies (basically making the hook more
unit-testable)
- Simplified the hook API to limit the amount of scope of data it needs
to work
- Added more test cases, and re-enabled the one test case we had
previously disabled
- Extracted our mock websocket code into a separate file, and added more
methods to it
- Updated all runtime code to accommodate new changes
 2025-09-17 19:58:02 -04:00
Michael Smith d3bf5065a0 chore(site): convert more components from Emotion to TailwindCSS (#19719) 
## Changes made
- Patched React `CSSProperties` type to add support for custom CSS
properties
- Updated several of the components in the `components` directory to
Tailwind
- Updated most of the `WorkspacePageBuildView` component to Tailwind to
account for CSS specificity changes
- Updated `Search` to address accessibility violation and removed all
MUI logic
- Updated `Search` stories (added new story, decoupled all stories from
single decorator)
- Updated `autoFocus` behavior in `SearchField`
- Updated the styling for `WorkspacePageBuildView` to make sure the tabs
had enough padding
- Fixed layout effect in `WorkspacePageBuildView` to fire correctly
 2025-09-17 18:55:25 -04:00
Steven Masley 679179f404 feat: scope allow_list to include resource_type (#19748) 
This feature allows the `allow_list` in the scopes to specify the `type`
 2025-09-17 08:32:14 -05:00
Steven Masley 3df9d8e902 test: set test flags from within an init to limit maximum test parallelism (#19575) 2025-09-17 08:24:19 -05:00
Ethan 356604eca6 chore(coderd/notifications): avoid generating warning logs for trivial enqueue failures (#19840) 
I noticed during a scaletest that many warning logs were being generated when enqueuing notifications. The error was:
```
failed to notify of workspace creation: notification is not enabled
```
I don't think we should be warning if automated notifications fail to send to users because they have them disabled.

To fix, we'll stop returning these errors.
 2025-09-17 18:17:18 +10:00
Marcin Tojek 8781499c3d chore: add nextflow icon (#19838) 
Related: https://github.com/coder/registry/pull/416
 2025-09-17 08:46:57 +02:00
ケイラ f5fac293dc fix(site): show available logs consistently on template creation page (#19832) 2025-09-16 14:33:57 -06:00
david-fraley ea718084ff docs: update Tasks Template Code (#19770) 2025-09-16 20:27:57 +00:00
ケイラ 8db82d25b3 chore: upgrade to react 19 (#19829) 2025-09-16 13:37:30 -06:00
Danny Kopping 422bba44d9 chore: add aibridge database resources & define RBAC policies (#19796) 
Closes https://github.com/coder/internal/issues/986
 2025-09-16 21:31:17 +02:00
Danny Kopping 348a2e0285 feat: add configs for external auth MCP usage + tool allow/denylist (#19794) 
Closes https://github.com/coder/internal/issues/988

The logic for allowing/denying tools can be found in https://github.com/coder/aibridge/pull/4/files#diff-330a6371a583dd8cadeed79b95499e3a87960ad8ea4d6a94061e8f88a44834c3 (`ProxyBase.filterAllowedTools`).
 2025-09-16 20:31:29 +02:00
Spike Curtis 655a36c392 test: fix TestAgentConnectionMonitor_PingTimeout race with mock assertions (#19836) 
Fixes https://github.com/coder/internal/issues/970

The test doesn't wait for `monitor()` to complete, and the mock database call that we assert takes place in a `defer` within `monitor()`. This allows the mock assertions to race with the defer and flake the test.

Solution is to explicitly wait for `monitor()` to complete before the end of the test, so that mock assertions (which happen in a `t.Cleanup()`) don't race.
 2025-09-16 21:54:50 +04:00
Spike Curtis 4fc0093388 fix: fix TestCloserStack_Timeout to wait for all asyncClosers (#19837) 
fixes https://github.com/coder/internal/issues/966


TestCloserStack_Timeout creates `asyncCloser`s which allow control over the exact timing and order of their close method returning. They also, as a final backstop will throw an error if the test context ends before they are unblocked.

TestCloserStack_Timeout unblocks all `asyncCloser`s in a defer and then ends the test. This defer _unblocks_ the running close goroutines, but does not wait for them to finish. Since the test context is canceled as soon as the test completes, this creates a race condition where the close goroutines can trigger the context cancelled  arm of the `select` statement.

The fix is to both unblock and wait for all close goroutines to complete before ending the test and cancelling the context.
 2025-09-16 21:53:50 +04:00
Brett Kolodny e6b04d1918 feat: add shared filter to workspaces query (#19807) 
Adds a `shared:<boolean>` search query to the `/workspaces [get]`
endpoint


https://github.com/user-attachments/assets/ccf84bd9-c1fd-4085-825b-2e3176a2d488

Closes
[coder/internal#972](https://github.com/coder/internal/issues/972)
 2025-09-16 12:37:39 -04:00
Danny Kopping 8487216548 chore: add aibridge configs & experiment (#19793) 2025-09-16 11:45:23 +02:00
Ethan 2695bb418a ci: reduce size of ci failure slack notification (#19835) 
The slack message will now look something like:

>  CI Failure in main
>
> View failure: Click here
>
> @.Blink Investigate this CI failure. Before starting, use your
workspace to read
https://gist.githubusercontent.com/ethanndickson/8dea9f1db3957ac1baf30ae8ce6f1a42/raw/da95920805456580499462a14b9a906d377414c5/blink-flake-instructions.md

(The prompt section is stored in a GHA variable so it can be modified
without committing.)
 2025-09-16 08:14:39 +00:00
Stephen Kirby 2f35deeb39 chore(docs): update release calendar for 2.26 mainline release (#19680) 
Co-authored-by: Atif Ali <atif@coder.com>
 2025-09-16 06:17:49 +00:00
Ethan 995b330250 test: avoid sharing deployment values between subtests (#19833) 
Blink didn't figure out a CI failure on main was caused by a data race; fixing it.


I've also updated the [blink prompt](https://gist.githubusercontent.com/ethanndickson/8dea9f1db3957ac1baf30ae8ce6f1a42/raw/060aea7fabb82bef0029a17dad9a5daee7940760/blink-flake-instructions.md).

https://github.com/coder/coder/actions/runs/17737809615
 2025-09-16 13:51:26 +10:00
david-fraley cda859363e docs: fix formatting issues (#19831) 2025-09-15 17:02:56 -05:00
Rowan Smith f40ae708d6 chore: fix grammar issue (#19810) 
fix a grammar issue.

Added an extra whitespace to the end / expanded the width of the table
to maintain space as adding the one char would have pushed `helps` hard
up against the table edge.

> If you have used AI to produce some or all of this PR, please ensure
you have read our [AI Contribution
guidelines](https://coder.com/docs/about/contributing/AI_CONTRIBUTING)
before submitting.

no AI

Co-authored-by: david-fraley <67079030+david-fraley@users.noreply.github.com>
 2025-09-15 21:33:56 +00:00
Asher c31768dfe7 fix: use filepath to construct mcp test write path (#19808) 
Hopefully fixes https://github.com/coder/internal/issues/993

```
  file path must be absolute: "/test/some/path"
```

Not sure if this is the right fix though, since I am not sure how this
only flakes rather than always failing. It looks like starting with `/`
should not be considered absolute in Windows, but then how did it ever
pass at all?
 2025-09-15 09:00:30 -08:00
Danny Kopping 18b0acab4d fix: correct MCP tools' input schemas (#19825) 
The input schemas of `coder_workspace_edit_file` and
`coder_workspace_edit_files` were violating the JSON Schemas of both
Anthropic and OpenAI.

Follow-up: we should add a test to ensure future compatibility with
these specs.

Signed-off-by: Danny Kopping <danny@coder.com>
 2025-09-15 17:56:44 +02:00
ケイラ 8ff4ba0c70 fix: scroll item list into view when opening MultiSelectCombobox (#19806) 2025-09-15 09:29:25 -06:00
blink-so[bot] c9a877a386 docs: remove beta references from dynamic parameters (#19714) 
Dynamic parameters are now GA as of v2.25.0, so this PR updates the
troubleshooting section to remove outdated beta references and clarify
current support.

**Changes:**
- Updated "Template variables not showing up" section to remove beta
references
- Clarified that template variables are fully supported in GA version
- Simplified troubleshooting guidance

Fixes the outdated documentation mentioned in the Slack thread.

---------

Co-authored-by: blink-so[bot] <211532188+blink-so[bot]@users.noreply.github.com>
Co-authored-by: bpmct <22407953+bpmct@users.noreply.github.com>
Co-authored-by: david-fraley <67079030+david-fraley@users.noreply.github.com>
 2025-09-15 15:11:22 +00:00
dependabot[bot] 4dc5d5c733 chore: bump github.com/gohugoio/hugo from 0.149.1 to 0.150.0 (#19826) 
Bumps [github.com/gohugoio/hugo](https://github.com/gohugoio/hugo) from
0.149.1 to 0.150.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/gohugoio/hugo/releases">github.com/gohugoio/hugo's
releases</a>.</em></p>
<blockquote>
<h2>v0.150.0</h2>
<p>The big new feature in this relase is the new <code>version</code>
config option on <a
href="https://gohugo.io/configuration/module/#version">Module
imports</a>, which allows you to set the requested module <a
href="https://go.dev/ref/mod#version-queries">version query</a> directly
in your Hugo configuration (e.g. <code>hugo.toml</code>). This is a
feature that have been requested by many, and I (<a
href="https://github.com/bep"><code>@​bep</code></a>) was reminded about
it by <a
href="https://discourse.gohugo.io/t/mounting-different-branches-tags-from-the-same-repository/55849/5">this
recent thread</a>, which also outlines a common use case for this:
Mounting multiple old versions/branches of API documentation into the
project.</p>
<h2>What's Changed</h2>
<ul>
<li>build(deps): bump golang.org/x/mod from 0.27.0 to 0.28.0 d1f6a1dc5
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]</li>
<li>modules: Add support for direct version module imports in hugo.toml
747cf4ad6 <a href="https://github.com/bep"><code>@​bep</code></a> <a
href="https://redirect.github.com/gohugoio/hugo/issues/13964">#13964</a></li>
<li>resources/page: Fix truncated summary logic d8774d7fc <a
href="https://github.com/jmooring"><code>@​jmooring</code></a> <a
href="https://redirect.github.com/gohugoio/hugo/issues/13967">#13967</a>
<a
href="https://redirect.github.com/gohugoio/hugo/issues/13968">#13968</a></li>
<li>config/security: Add PROGRAMDATA to the osenv allowlist 3b8947d82 <a
href="https://github.com/jmooring"><code>@​jmooring</code></a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/gohugoio/hugo/commit/3f5473b7d4e7377e807290c3acc89feeef1aaa71"><code>3f5473b</code></a>
releaser: Bump versions for release of 0.150.0</li>
<li><a
href="https://github.com/gohugoio/hugo/commit/d1f6a1dc595b3f456044d803c506fbbf36c5d45f"><code>d1f6a1d</code></a>
build(deps): bump golang.org/x/mod from 0.27.0 to 0.28.0</li>
<li><a
href="https://github.com/gohugoio/hugo/commit/747cf4ad657b6eaeffcd0c7b0a10a38980c7b54c"><code>747cf4a</code></a>
modules: Add support for direct version module imports in hugo.toml</li>
<li><a
href="https://github.com/gohugoio/hugo/commit/d8774d7fc34b12eb39dc85d0f7df797b13ab8fcc"><code>d8774d7</code></a>
resources/page: Fix truncated summary logic</li>
<li><a
href="https://github.com/gohugoio/hugo/commit/3b8947d8217621dbe42198263a27e04a2490ab81"><code>3b8947d</code></a>
config/security: Add PROGRAMDATA to the osenv allowlist</li>
<li><a
href="https://github.com/gohugoio/hugo/commit/321a66ef19ac25411bbbec926b7892be5ae55416"><code>321a66e</code></a>
releaser: Prepare repository for 0.150.0-DEV</li>
<li>See full diff in <a
href="https://github.com/gohugoio/hugo/compare/v0.149.1...v0.150.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/gohugoio/hugo&package-manager=go_modules&previous-version=0.149.1&new-version=0.150.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-15 14:15:22 +00:00
dependabot[bot] 32b72bf571 ci: bump the github-actions group with 3 updates (#19824) 
Bumps the github-actions group with 3 updates:
[step-security/harden-runner](https://github.com/step-security/harden-runner),
[tj-actions/changed-files](https://github.com/tj-actions/changed-files)
and [github/codeql-action](https://github.com/github/codeql-action).

Updates `step-security/harden-runner` from 2.13.0 to 2.13.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.13.1</h2>
<h2>What's Changed</h2>
<ul>
<li>
<p>Graceful handling of HTTP errors: Improved error handling when
fetching Harden Runner policies from the StepSecurity Policy Store API,
ensuring more reliable execution even in case of temporary network/API
issues.</p>
</li>
<li>
<p>Security updates for npm dependencies: Updated vulnerable npm package
dependencies to the latest secure versions.</p>
</li>
<li>
<p>Faster enterprise agent downloads: The enterprise agent is now
downloaded from GitHub Releases instead of packages.stepsecurity.io,
improving download speed and reliability.</p>
</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2.13.0...v2.13.1">https://github.com/step-security/harden-runner/compare/v2.13.0...v2.13.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a"><code>f4a75cf</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/588">#588</a>
from step-security/rc-26</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/95503d076c107b91d03775aee93f4cb86a134dda"><code>95503d0</code></a>
ci: remove code-review workflow</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/4b250a07397b4cabc038948e3d832967764db6b4"><code>4b250a0</code></a>
ci: add job to confirm dist is as expected</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/5b0ab6abcf4c643b4ddf49d19fdb13c5821d124b"><code>5b0ab6a</code></a>
update dependencies</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/d11f2c1d65a99d8b0f20925c425d4d932e6d3366"><code>d11f2c1</code></a>
fix bug where status code was not being preserved</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/b3fc98e4dfca39273624a95b9c5fd70d759997e5"><code>b3fc98e</code></a>
improve error handling for policy store sceanrio</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/92fc5d4bf78f09f5494523f3d8f2f85786fe757f"><code>92fc5d4</code></a>
update error message</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/b61b0a4938ef1a80f368fbb9a0abcf78846e15a4"><code>b61b0a4</code></a>
policy store improvements</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/e3d3f2baeacadcbf3b2ad500171dd444855d4577"><code>e3d3f2b</code></a>
use GitHub release instead of packages</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/646ac01e72c16075733090f55857fc2f2d9a7e7a"><code>646ac01</code></a>
update agent</li>
<li>Additional commits viewable in <a
href="https://github.com/step-security/harden-runner/compare/ec9f2d5744a09debf3a187a3f4f675c53b671911...f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a">compare
view</a></li>
</ul>
</details>
<br />

Updates `tj-actions/changed-files` from
8c14441336bb3d84fd6b7fa83b6d7201c740baf5 to
1ac60965030588f3b867cdd4a3900f37ec99970c
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.5...v47.0.0">47.0.0</a>
- (2025-09-13)</h1>
<h2><!-- raw HTML omitted -->🚀 Features</h2>
<ul>
<li>Add any_added to outputs (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2567">#2567</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/c260d49a827b5eb266673bed7871c5d3ee9b5aef">c260d49</a>)
- (Jellyfrog)</li>
</ul>
<h2><!-- raw HTML omitted --> Remove</h2>
<ul>
<li>Commit and push step from build job (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2538">#2538</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/be393a90381e27c9fec2c8c2e02b00f005710145">be393a9</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2592">#2592</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
&lt;41898282+github-actions[bot]<a
href="https://github.com/users"><code>@​users</code></a>.noreply.github.com&gt;
(<a
href="https://github.com/tj-actions/changed-files/commit/3dbc1e181273d808ccff822a6e00cf18b6628ef0">3dbc1e1</a>)
- (github-actions[bot])</p>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2591">#2591</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
&lt;41898282+github-actions[bot]<a
href="https://github.com/users"><code>@​users</code></a>.noreply.github.com&gt;
(<a
href="https://github.com/tj-actions/changed-files/commit/b1ccff8c0892ad141d7d2de6f31e526a9dad931f">b1ccff8</a>)
- (github-actions[bot])</p>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2574">#2574</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
&lt;41898282+github-actions[bot]<a
href="https://github.com/users"><code>@​users</code></a>.noreply.github.com&gt;
(<a
href="https://github.com/tj-actions/changed-files/commit/050a3d3360d29711ee9d8210fc639d902d23ad07">050a3d3</a>)
- (github-actions[bot])</p>
<h2><!-- raw HTML omitted -->📚 Documentation</h2>
<ul>
<li>Update link to glob patterns (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2590">#2590</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/a892f50f7a7187bc288633c09230b09ce7ad8fd0">a892f50</a>)
- (Tonye Jack)</li>
<li>Add Jellyfrog as a contributor for code, and doc (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2573">#2573</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/f000a9b97f254f9590ff26f651cccde827ad36da">f000a9b</a>)
- (allcontributors[bot])</li>
</ul>
<h2><!-- raw HTML omitted -->🧪 Testing</h2>
<ul>
<li>Manual triggered workflows (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2637">#2637</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/c2ca2493190021783138cb8aac49bcee14b4bb89">c2ca249</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2>
<ul>
<li><strong>deps-dev:</strong> Bump jest from 30.0.5 to 30.1.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2655">#2655</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/9a6755550a331fdcc8ec45443738933f8fa22eea">9a67555</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump tj-actions/git-cliff from 2.1.0 to 2.2.0
(<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2660">#2660</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/b67e30df88f43e244f4e83775e5ad8335114fb95">b67e30d</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump github/codeql-action from 3.30.2 to
3.30.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2661">#2661</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/62aef422ffa195474d80d73387535cf4622b2824">62aef42</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump github/codeql-action from 3.29.11 to
3.30.2 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2659">#2659</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/e874f3cddd0f54ae776e6995ae6dae4cf40fd3d3">e874f3c</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump actions/setup-node from 4.4.0 to 5.0.0
(<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2656">#2656</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/8c14441336bb3d84fd6b7fa83b6d7201c740baf5">8c14441</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump <code>@​types/node</code> from
24.3.0 to 24.3.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2657">#2657</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/e995ac4be5be2bcb6e29556edc51fb63aca6b49b">e995ac4</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump <code>@​types/node</code> from
24.2.1 to 24.3.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2649">#2649</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/3b04099b21072562f07469c10deb182b24236ca9">3b04099</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump github/codeql-action from 3.29.9 to
3.29.11 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2651">#2651</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/e7b6c977e51984988e3cc1d6b18abe2a3ba8daaa">e7b6c97</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump tj-actions/git-cliff from 2.0.2 to 2.1.0
(<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2648">#2648</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/765d62bc041415a5b494ef13d02d566128b25973">765d62b</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump github/codeql-action from 3.29.8 to
3.29.9 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2647">#2647</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/2036da178f85576f1940fedb74bb93a36cd89ab7">2036da1</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump github/codeql-action from 3.29.7 to
3.29.8 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2644">#2644</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/239aef84a5502c79a1cea96e495d17588c66c659">239aef8</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump <code>@​types/node</code> from
24.2.0 to 24.2.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2645">#2645</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/a7d5f5f4919b6dbc6d3a3689887964361e8dd88f">a7d5f5f</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump actions/checkout from 4.2.2 to 5.0.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2646">#2646</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/5107f3abcc0c3737db51e2949f181e2c197d4d5b">5107f3a</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump <code>@​types/node</code> from
24.1.0 to 24.2.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2640">#2640</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/f963b3f3562b00b6d2dd25efc390eb04e51ef6c6">f963b3f</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump actions/download-artifact from 4.3.0 to
5.0.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2641">#2641</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/f956744105e18d78bba3844a1199ce43d6503017">f956744</a>)
- (dependabot[bot])</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tj-actions/changed-files/commit/1ac60965030588f3b867cdd4a3900f37ec99970c"><code>1ac6096</code></a>
Upgraded to v47 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2663">#2663</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/24d32ffd492484c1d75e0c0b894501ddb9d30d62"><code>24d32ff</code></a>
upgrade: to node24 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2662">#2662</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/9a6755550a331fdcc8ec45443738933f8fa22eea"><code>9a67555</code></a>
chore(deps-dev): bump jest from 30.0.5 to 30.1.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2655">#2655</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/b67e30df88f43e244f4e83775e5ad8335114fb95"><code>b67e30d</code></a>
chore(deps): bump tj-actions/git-cliff from 2.1.0 to 2.2.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2660">#2660</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/62aef422ffa195474d80d73387535cf4622b2824"><code>62aef42</code></a>
chore(deps): bump github/codeql-action from 3.30.2 to 3.30.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2661">#2661</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/e874f3cddd0f54ae776e6995ae6dae4cf40fd3d3"><code>e874f3c</code></a>
chore(deps): bump github/codeql-action from 3.29.11 to 3.30.2 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2659">#2659</a>)</li>
<li>See full diff in <a
href="https://github.com/tj-actions/changed-files/compare/8c14441336bb3d84fd6b7fa83b6d7201c740baf5...1ac60965030588f3b867cdd4a3900f37ec99970c">compare
view</a></li>
</ul>
</details>
<br />

Updates `github/codeql-action` from 3.30.1 to 3.30.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.30.3</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.30.3 - 10 Sep 2025</h2>
<p>No user facing changes.</p>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.30.3/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.30.2</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.30.2 - 09 Sep 2025</h2>
<ul>
<li>Fixed a bug which could cause language autodetection to fail. <a
href="https://redirect.github.com/github/codeql-action/pull/3084">#3084</a></li>
<li>Experimental: The <code>quality-queries</code> input that was added
in <code>3.29.2</code> as part of an internal experiment is now
deprecated and will be removed in an upcoming version of the CodeQL
Action. It has been superseded by a new <code>analysis-kinds</code>
input, which is part of the same internal experiment. Do not use this in
production as it is subject to change at any time. <a
href="https://redirect.github.com/github/codeql-action/pull/3064">#3064</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.30.2/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<ul>
<li>We have improved the CodeQL Action's ability to validate that the
workflow it is used in does not use different versions of the CodeQL
Action for different workflow steps. Mixing different versions of the
CodeQL Action in the same workflow is unsupported and can lead to
unpredictable results. A warning will now be emitted from the
<code>codeql-action/init</code> step if different versions of the CodeQL
Action are detected in the workflow file. Additionally, an error will
now be thrown by the other CodeQL Action steps if they load a
configuration file that was generated by a different version of the
<code>codeql-action/init</code> step. <a
href="https://redirect.github.com/github/codeql-action/pull/3099">#3099</a>
and <a
href="https://redirect.github.com/github/codeql-action/pull/3100">#3100</a></li>
<li>We added support for reducing the size of dependency caches for Java
analyses, which will reduce cache usage and speed up workflows. This
will be enabled automatically at a later time. <a
href="https://redirect.github.com/github/codeql-action/pull/3107">#3107</a></li>
</ul>
<h2>3.30.3 - 10 Sep 2025</h2>
<p>No user facing changes.</p>
<h2>3.30.2 - 09 Sep 2025</h2>
<ul>
<li>Fixed a bug which could cause language autodetection to fail. <a
href="https://redirect.github.com/github/codeql-action/pull/3084">#3084</a></li>
<li>Experimental: The <code>quality-queries</code> input that was added
in <code>3.29.2</code> as part of an internal experiment is now
deprecated and will be removed in an upcoming version of the CodeQL
Action. It has been superseded by a new <code>analysis-kinds</code>
input, which is part of the same internal experiment. Do not use this in
production as it is subject to change at any time. <a
href="https://redirect.github.com/github/codeql-action/pull/3064">#3064</a></li>
</ul>
<h2>3.30.1 - 05 Sep 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.23.0. <a
href="https://redirect.github.com/github/codeql-action/pull/3077">#3077</a></li>
</ul>
<h2>3.30.0 - 01 Sep 2025</h2>
<ul>
<li>Reduce the size of the CodeQL Action, speeding up workflows by
approximately 4 seconds. <a
href="https://redirect.github.com/github/codeql-action/pull/3054">#3054</a></li>
</ul>
<h2>3.29.11 - 21 Aug 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.22.4. <a
href="https://redirect.github.com/github/codeql-action/pull/3044">#3044</a></li>
</ul>
<h2>3.29.10 - 18 Aug 2025</h2>
<p>No user facing changes.</p>
<h2>3.29.9 - 12 Aug 2025</h2>
<p>No user facing changes.</p>
<h2>3.29.8 - 08 Aug 2025</h2>
<ul>
<li>Fix an issue where the Action would autodetect unsupported languages
such as HTML. <a
href="https://redirect.github.com/github/codeql-action/pull/3015">#3015</a></li>
</ul>
<h2>3.29.7 - 07 Aug 2025</h2>
<p>This release rolls back 3.29.6 to address issues with language
autodetection. It is identical to 3.29.5.</p>
<h2>3.29.6 - 07 Aug 2025</h2>
<ul>
<li>The <code>cleanup-level</code> input to the <code>analyze</code>
Action is now deprecated. The CodeQL Action has written a limited amount
of intermediate results to the database since version 2.2.5, and now
automatically manages cleanup. <a
href="https://redirect.github.com/github/codeql-action/pull/2999">#2999</a></li>
<li>Update default CodeQL bundle version to 2.22.3. <a
href="https://redirect.github.com/github/codeql-action/pull/3000">#3000</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/192325c86100d080feab897ff886c34abd4c83a3"><code>192325c</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3104">#3104</a>
from github/update-v3.30.3-b660efdcf</li>
<li><a
href="https://github.com/github/codeql-action/commit/e68956d90b7fe2260904652cd8de5d73563e4944"><code>e68956d</code></a>
Update changelog for v3.30.3</li>
<li><a
href="https://github.com/github/codeql-action/commit/b660efdcfdfa893d74568cd884067ed18e8d6f88"><code>b660efd</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3103">#3103</a>
from github/mbg/fix/category-check</li>
<li><a
href="https://github.com/github/codeql-action/commit/e49458befe579c5a1088aacda9f2ae384da104ff"><code>e49458b</code></a>
Fix <code>runInterpretResultsFor</code> using the wrong
<code>AnalysisConfig</code> for <code>category</code> fix</li>
<li><a
href="https://github.com/github/codeql-action/commit/f374a62c8bedef779582aeb425a68f7798f2078c"><code>f374a62</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3098">#3098</a>
from github/kaspersv/increase-overlay-base-size-limit</li>
<li><a
href="https://github.com/github/codeql-action/commit/5efa438e92992578d794ae4ceed960bf81011677"><code>5efa438</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3101">#3101</a>
from github/mbg/public-repo-notice-in-pr-template</li>
<li><a
href="https://github.com/github/codeql-action/commit/8a84a62542ea24fd569eb5afdfb2507c25328ab9"><code>8a84a62</code></a>
Overlay: Increase size limit for cached overlay base database</li>
<li><a
href="https://github.com/github/codeql-action/commit/eb50a881d87eb8488328fefe024ae2f6add8384f"><code>eb50a88</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3097">#3097</a>
from github/redsun82/only-dump-sarif</li>
<li><a
href="https://github.com/github/codeql-action/commit/4c534612bf77788909753a5602e96710156f5758"><code>4c53461</code></a>
Tweak sarif dump log</li>
<li><a
href="https://github.com/github/codeql-action/commit/dae3742b0a3b9e08acc580e15ef74bdc454d650a"><code>dae3742</code></a>
Dump soon to be uploaded SARIF on request</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/f1f6e5f6af878fb37288ce1c627459e94dbf7d01...192325c86100d080feab897ff886c34abd4c83a3">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-15 12:40:44 +00:00
dependabot[bot] 4fde5f8588 chore: bump github.com/aws/aws-sdk-go-v2 from 1.38.1 to 1.39.0 (#19821) 
Bumps
[github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2)
from 1.38.1 to 1.39.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/648027edb8aeba036195538174a63cbccaca8c16"><code>648027e</code></a>
Release 2025-09-08</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/a3b9b7b1303ebf9fc1837f70253fe086d0ee72a2"><code>a3b9b7b</code></a>
Regenerated Clients</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/67dad834dcc6ab1c14a2b9935bd92bc1ff91ddd9"><code>67dad83</code></a>
Update endpoints model</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/2bfe86a2ca763380b5fb498feab0886d41b96dcc"><code>2bfe86a</code></a>
Update API model</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/59e7410f279040b4c186e149402eebf13c5e06d9"><code>59e7410</code></a>
add businessmetrics feature ID for env-based bearer token (<a
href="https://redirect.github.com/aws/aws-sdk-go-v2/issues/3182">#3182</a>)</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/1cdc15880e2f5087470b6f813eb0a5cd1451c95f"><code>1cdc158</code></a>
Patching override s3expire shape (<a
href="https://redirect.github.com/aws/aws-sdk-go-v2/issues/3180">#3180</a>)</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/1745ede8f69372b0e08c4a8bcc83d43e76caeb26"><code>1745ede</code></a>
Release 2025-09-05</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/f84de5375a6e97e530819caba27fa0c7bc773cd6"><code>f84de53</code></a>
Regenerated Clients</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/7cdaa318493e10d7ef9dd87eb1130b9806c48c98"><code>7cdaa31</code></a>
Update API model</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/498b5c42d5b3fc143fc3449665faa3635f468d09"><code>498b5c4</code></a>
remove service/sms (<a
href="https://redirect.github.com/aws/aws-sdk-go-v2/issues/3177">#3177</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/aws/aws-sdk-go-v2/compare/v1.38.1...v1.39.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/aws/aws-sdk-go-v2&package-manager=go_modules&previous-version=1.38.1&new-version=1.39.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-15 12:23:43 +00:00
dependabot[bot] 05f8ffd943 chore: bump github.com/valyala/fasthttp from 1.65.0 to 1.66.0 (#19822) 
Bumps [github.com/valyala/fasthttp](https://github.com/valyala/fasthttp)
from 1.65.0 to 1.66.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/valyala/fasthttp/releases">github.com/valyala/fasthttp's
releases</a>.</em></p>
<blockquote>
<h2>v1.66.0</h2>
<h2>What's Changed</h2>
<ul>
<li>chore(deps): bump securego/gosec from 2.22.7 to 2.22.8 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/valyala/fasthttp/pull/2056">valyala/fasthttp#2056</a></li>
<li>docs: add fasthttp-auth to related projects section by <a
href="https://github.com/FAUST-BENCHOU"><code>@​FAUST-BENCHOU</code></a>
in <a
href="https://redirect.github.com/valyala/fasthttp/pull/2057">valyala/fasthttp#2057</a></li>
<li>server: refactor to use atomic type by <a
href="https://github.com/cuiweixie"><code>@​cuiweixie</code></a> in <a
href="https://redirect.github.com/valyala/fasthttp/pull/2058">valyala/fasthttp#2058</a></li>
<li>chore(deps): bump actions/setup-go from 5 to 6 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/valyala/fasthttp/pull/2060">valyala/fasthttp#2060</a></li>
<li>Fix extra whitespace parsing in HTTP request lines to prevent cache
poisoning by <a
href="https://github.com/Copilot"><code>@​Copilot</code></a> in <a
href="https://redirect.github.com/valyala/fasthttp/pull/2061">valyala/fasthttp#2061</a></li>
<li>Drop Go 1.23 support by <a
href="https://github.com/erikdubbelboer"><code>@​erikdubbelboer</code></a>
in <a
href="https://redirect.github.com/valyala/fasthttp/pull/2065">valyala/fasthttp#2065</a></li>
<li>Add flushing support to fasthttpadaptor by <a
href="https://github.com/grivera64"><code>@​grivera64</code></a> in <a
href="https://redirect.github.com/valyala/fasthttp/pull/2054">valyala/fasthttp#2054</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/FAUST-BENCHOU"><code>@​FAUST-BENCHOU</code></a>
made their first contribution in <a
href="https://redirect.github.com/valyala/fasthttp/pull/2057">valyala/fasthttp#2057</a></li>
<li><a href="https://github.com/cuiweixie"><code>@​cuiweixie</code></a>
made their first contribution in <a
href="https://redirect.github.com/valyala/fasthttp/pull/2058">valyala/fasthttp#2058</a></li>
<li><a href="https://github.com/Copilot"><code>@​Copilot</code></a> made
their first contribution in <a
href="https://redirect.github.com/valyala/fasthttp/pull/2061">valyala/fasthttp#2061</a>
😄</li>
<li><a href="https://github.com/grivera64"><code>@​grivera64</code></a>
made their first contribution in <a
href="https://redirect.github.com/valyala/fasthttp/pull/2054">valyala/fasthttp#2054</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/valyala/fasthttp/compare/v1.65.0...v1.66.0">https://github.com/valyala/fasthttp/compare/v1.65.0...v1.66.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/valyala/fasthttp/commit/e04490f830dd9671b53e2359cddc79a23d7877f3"><code>e04490f</code></a>
Add flushing support to fasthttpadaptor (<a
href="https://redirect.github.com/valyala/fasthttp/issues/2054">#2054</a>)</li>
<li><a
href="https://github.com/valyala/fasthttp/commit/e9640b4d39215ac87fa85c171b26d745a40a8e99"><code>e9640b4</code></a>
Update benchmarks in readme</li>
<li><a
href="https://github.com/valyala/fasthttp/commit/4d25421ae55c9f5d28dc3731d9a51106a71b7254"><code>4d25421</code></a>
Drop Go 1.23 support (<a
href="https://redirect.github.com/valyala/fasthttp/issues/2065">#2065</a>)</li>
<li><a
href="https://github.com/valyala/fasthttp/commit/72dccd04fb1b6ec82f33b95fd8e069861a9872e7"><code>72dccd0</code></a>
Fix extra whitespace parsing in HTTP request lines to prevent cache
poisoning...</li>
<li><a
href="https://github.com/valyala/fasthttp/commit/8c7d2bc051dfc5d5d3d0c847a293622aad42641b"><code>8c7d2bc</code></a>
chore(deps): bump actions/setup-go from 5 to 6 (<a
href="https://redirect.github.com/valyala/fasthttp/issues/2060">#2060</a>)</li>
<li><a
href="https://github.com/valyala/fasthttp/commit/28b7880b32812a37f8272b2153d07b2df16e821e"><code>28b7880</code></a>
server: refactor to use atomic type (<a
href="https://redirect.github.com/valyala/fasthttp/issues/2058">#2058</a>)</li>
<li><a
href="https://github.com/valyala/fasthttp/commit/68d21ed0086a8a7794274a58c5284ab9cac45cdd"><code>68d21ed</code></a>
docs: add fasthttp-auth to related projects section (<a
href="https://redirect.github.com/valyala/fasthttp/issues/2057">#2057</a>)</li>
<li><a
href="https://github.com/valyala/fasthttp/commit/7ad0219d24bb082dca5e70e2bd221fe3dc5e4fb5"><code>7ad0219</code></a>
chore(deps): bump securego/gosec from 2.22.7 to 2.22.8 (<a
href="https://redirect.github.com/valyala/fasthttp/issues/2056">#2056</a>)</li>
<li>See full diff in <a
href="https://github.com/valyala/fasthttp/compare/v1.65.0...v1.66.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/valyala/fasthttp&package-manager=go_modules&previous-version=1.65.0&new-version=1.66.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-15 12:22:56 +00:00