shishantbiswas/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2026-06-07 06:58:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
12,434 Commits 1,148 Branches 344 Tags
1a774ab7ce99063a2e01beb94de3fcbccaf84dbe
Commit Graph

12434 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Hugo Dutka a02d1c1e59 docs: document how to start a remote MCP Coder server (#19150) 
Document how to start a remote MCP Coder server. Addresses
https://github.com/coder/internal/issues/823.
 2025-08-04 18:53:12 +02:00
Phorcys 75749efec7 chore: update diagrams to meet new branding (#19164) 2025-08-04 16:52:51 +00:00
Jon Ayers 8a8c13382e feat: update form-data dependency to 4.0.4 (#19128) 2025-08-04 12:42:50 -04:00
dependabot[bot] 06eaa006ea chore: bump github.com/prometheus/client_golang from 1.22.0 to 1.23.0 (#19159) 
Bumps
[github.com/prometheus/client_golang](https://github.com/prometheus/client_golang)
from 1.22.0 to 1.23.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/prometheus/client_golang/releases">github.com/prometheus/client_golang's
releases</a>.</em></p>
<blockquote>
<h2>v1.23.0 - 2025-07-30</h2>
<ul>
<li>[CHANGE] Minimum required Go version is now 1.23, only the two
latest Go versions are supported from now on. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1812">#1812</a></li>
<li>[FEATURE] Add WrapCollectorWith and WrapCollectorWithPrefix <a
href="https://redirect.github.com/prometheus/client_golang/issues/1766">#1766</a></li>
<li>[FEATURE] Add exemplars for native histograms <a
href="https://redirect.github.com/prometheus/client_golang/issues/1686">#1686</a></li>
<li>[ENHANCEMENT] exp/api: Bubble up status code from writeResponse <a
href="https://redirect.github.com/prometheus/client_golang/issues/1823">#1823</a></li>
<li>[ENHANCEMENT] collector/go: Update runtime metrics for Go v1.23 and
v1.24 <a
href="https://redirect.github.com/prometheus/client_golang/issues/1833">#1833</a></li>
<li>[BUGFIX] exp/api: client prompt return on context cancellation <a
href="https://redirect.github.com/prometheus/client_golang/issues/1729">#1729</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md">github.com/prometheus/client_golang's
changelog</a>.</em></p>
<blockquote>
<h2>1.23.0 / 2025-07-30</h2>
<ul>
<li>[CHANGE] Minimum required Go version is now 1.23, only the two
latest Go versions are supported from now on. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1812">#1812</a></li>
<li>[FEATURE] Add WrapCollectorWith and WrapCollectorWithPrefix <a
href="https://redirect.github.com/prometheus/client_golang/issues/1766">#1766</a></li>
<li>[FEATURE] Add exemplars for native histograms <a
href="https://redirect.github.com/prometheus/client_golang/issues/1686">#1686</a></li>
<li>[ENHANCEMENT] exp/api: Bubble up status code from writeResponse <a
href="https://redirect.github.com/prometheus/client_golang/issues/1823">#1823</a></li>
<li>[ENHANCEMENT] collector/go: Update runtime metrics for Go v1.23 and
v1.24 <a
href="https://redirect.github.com/prometheus/client_golang/issues/1833">#1833</a></li>
<li>[BUGFIX] exp/api: client prompt return on context cancellation <a
href="https://redirect.github.com/prometheus/client_golang/issues/1729">#1729</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/prometheus/client_golang/commit/e4b2208dd8cb6d1425f00250db842ec3c1e8749e"><code>e4b2208</code></a>
Cut v1.23.0 (<a
href="https://redirect.github.com/prometheus/client_golang/issues/1848">#1848</a>)</li>
<li><a
href="https://github.com/prometheus/client_golang/commit/d9492afd3a6f2e9782a7fc10363281bfd5b743bb"><code>d9492af</code></a>
cut v1.23.0-rc.1 (<a
href="https://redirect.github.com/prometheus/client_golang/issues/1842">#1842</a>)</li>
<li><a
href="https://github.com/prometheus/client_golang/commit/aeae8a0b4f54a8fa720d19b88638a2d048596f82"><code>aeae8a0</code></a>
Cut v1.23.0-rc.0 (<a
href="https://redirect.github.com/prometheus/client_golang/issues/1837">#1837</a>)</li>
<li><a
href="https://github.com/prometheus/client_golang/commit/b157309b723f0b8588ea604bb78dbbba196803f2"><code>b157309</code></a>
Update common Prometheus files (<a
href="https://redirect.github.com/prometheus/client_golang/issues/1832">#1832</a>)</li>
<li><a
href="https://github.com/prometheus/client_golang/commit/a704e287f467b79744c30af996b7d710d4c6900d"><code>a704e28</code></a>
build(deps): bump the github-actions group with 3 updates (<a
href="https://redirect.github.com/prometheus/client_golang/issues/1826">#1826</a>)</li>
<li><a
href="https://github.com/prometheus/client_golang/commit/c7743110ad2c599de3d8c23682d978a12f9f36d1"><code>c774311</code></a>
Fix errNotImplemented reference (<a
href="https://redirect.github.com/prometheus/client_golang/issues/1835">#1835</a>)</li>
<li><a
href="https://github.com/prometheus/client_golang/commit/db4db7bb0065a76c75b7df6f61d2cf183ecfc473"><code>db4db7b</code></a>
Update runtime metrics for Go v1.23 and v1.24 (<a
href="https://redirect.github.com/prometheus/client_golang/issues/1833">#1833</a>)</li>
<li><a
href="https://github.com/prometheus/client_golang/commit/99d380ebfe865ae2c973c80184bc97ac0d98f083"><code>99d380e</code></a>
Update common Prometheus files (<a
href="https://redirect.github.com/prometheus/client_golang/issues/1831">#1831</a>)</li>
<li><a
href="https://github.com/prometheus/client_golang/commit/f3ef320dcde30f31188c577ad71e6480e91bf464"><code>f3ef320</code></a>
Merge pull request <a
href="https://redirect.github.com/prometheus/client_golang/issues/1828">#1828</a>
from prometheus/dependabot/go_modules/exp/github.com...</li>
<li><a
href="https://github.com/prometheus/client_golang/commit/520c91ae841ff7264b5379fe85e6215fc62734a6"><code>520c91a</code></a>
build(deps): bump github.com/prometheus/common in /exp</li>
<li>Additional commits viewable in <a
href="https://github.com/prometheus/client_golang/compare/v1.22.0...v1.23.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/prometheus/client_golang&package-manager=go_modules&previous-version=1.22.0&new-version=1.23.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-04 15:57:47 +00:00
dependabot[bot] 83aafd8238 chore: bump google.golang.org/grpc from 1.73.0 to 1.74.2 (#19158) 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from
1.73.0 to 1.74.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/grpc/grpc-go/releases">google.golang.org/grpc's
releases</a>.</em></p>
<blockquote>
<h2>Release 1.74.2</h2>
<h1>New Features</h1>
<ul>
<li>grpc: introduce new <code>DialOptions</code> and
<code>ServerOptions</code> (<code>WithStaticStreamWindowSize</code>,
<code>WithStaticConnWindowSize</code>,
<code>StaticStreamWindowSize</code>, <code>StaticConnWindowSize</code>)
that force fixed window sizes for all HTTP/2 connections. By default,
gRPC uses dynamic sizing of these windows based upon a BDP estimation
algorithm. The existing options (<code>WithInitialWindowSize</code>,
etc) also disable BDP estimation, but this behavior will be changed in a
following release. (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8283">#8283</a>)</li>
</ul>
<h1>API Changes</h1>
<ul>
<li>balancer: add <code>ExitIdle</code> method to <code>Balancer</code>
interface. Earlier, implementing this method was optional. (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8367">#8367</a>)</li>
</ul>
<h1>Behavior Changes</h1>
<ul>
<li>xds: Remove the <code>GRPC_EXPERIMENTAL_ENABLE_LEAST_REQUEST</code>
environment variable that allows disabling the least request balancer
with xDS. Least request was made available by default with xDS in
v1.72.0. (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8248">#8248</a>)
<ul>
<li>Special Thanks: <a
href="https://github.com/atollena"><code>@​atollena</code></a></li>
</ul>
</li>
<li>server: allow 0s grpc-timeout header values, which older gRPC-Java
versions could send. This restores the behavior of grpc-go before
v1.73.0. (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8439">#8439</a>)</li>
</ul>
<h1>Bug Fixes</h1>
<ul>
<li>googledirectpath: avoid logging the error message <code>Attempt to
set a bootstrap configuration...</code> when creating multiple
directpath channels. (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8419">#8419</a>)</li>
</ul>
<h1>Performance Improvements</h1>
<ul>
<li>transport: reduce heap allocations by pooling objects and avoiding
method-to-closure conversions. (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8361">#8361</a>)</li>
<li>transport: reduce heap allocations by re-using
<code>mem.Reader</code> objects. (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8360">#8360</a>)</li>
</ul>
<h1>Documentation</h1>
<ul>
<li>examples: add examples to demonstrate enabling experimental metrics
using the OpenTelemetry plugin. (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8388">#8388</a>)
<ul>
<li>Special Thanks: <a
href="https://github.com/vinothkumarr227"><code>@​vinothkumarr227</code></a></li>
</ul>
</li>
</ul>
<h2>Release 1.74.1</h2>
<p>Version 1.74.1 retracts release v1.74.0 and itself. Release 1.74.0
was accidentally tagged on the wrong commit and should not be used.
Version 1.73.0 should be used until 1.74.2 is released.</p>
<p>Release 1.74.0 was accidentally tagged on the wrong commit and should
not be used. Version 1.73.0 should be used until 1.74.1 is released.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/grpc/grpc-go/commit/e9e00cb28e350d6440145d883d1d6cf675f3c0f3"><code>e9e00cb</code></a>
Change version to 1.74.2 (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8470">#8470</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/bd7cb0a95b518e3f987cccbc44b4ba9a0e51eb80"><code>bd7cb0a</code></a>
Change version to 1.74.2-dev (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8461">#8461</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/002a22c03ed5cb1068ab800fc329c1f199037b63"><code>002a22c</code></a>
Change version to 1.74.1 (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8455">#8455</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/6e8e7e48d13e1891e0f3b5df22f16746edb6e788"><code>6e8e7e4</code></a>
Retract v1.74.0 and v1.74.1 (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8457">#8457</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/48c9e4d1eee9b075a1855dadc24f66157dbf60b3"><code>48c9e4d</code></a>
Change version to 1.74.1-dev (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8408">#8408</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/b8b6cffbb2a9c5dc41fd7ab902b4a0cc37c05b19"><code>b8b6cff</code></a>
Change version to 1.74.0 (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8407">#8407</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/077e2c37bd9f14b1300e3d1feedd431d105895c0"><code>077e2c3</code></a>
Cherry-pick <a
href="https://redirect.github.com/grpc/grpc-go/issues/8411">#8411</a>,
<a
href="https://redirect.github.com/grpc/grpc-go/issues/8419">#8419</a>,
<a
href="https://redirect.github.com/grpc/grpc-go/issues/8422">#8422</a>,
<a href="https://redirect.github.com/grpc/grpc-go/issues/8445">#8445</a>
and <a
href="https://redirect.github.com/grpc/grpc-go/issues/8451">#8451</a> to
v1.74.x (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8454">#8454</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/b34f845d7056a2e052ddb4e99d9d691bf69159bf"><code>b34f845</code></a>
server: allow 0s grpc-timeout header values, as java is known to be able
to s...</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/1787f9427568898e905841f40798bbb78c8dd52c"><code>1787f94</code></a>
xdsclient: export genericResourceTypeDecoder (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8406">#8406</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/15299ccca32bba47c533b0a8e8ba2564a29d71db"><code>15299cc</code></a>
xdsclient: make a function to return the supported resource type
implementati...</li>
<li>Additional commits viewable in <a
href="https://github.com/grpc/grpc-go/compare/v1.73.0...v1.74.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=google.golang.org/grpc&package-manager=go_modules&previous-version=1.73.0&new-version=1.74.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-04 15:46:34 +00:00
dependabot[bot] 1ae5cac7b6 chore: bump github.com/aws/aws-sdk-go-v2/config from 1.29.14 to 1.30.2 (#19154) 
Bumps
[github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2)
from 1.29.14 to 1.30.2.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/383fd26928547348efed0ee1f8914d9e7a1b0287"><code>383fd26</code></a>
Release 2024-07-10</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/4a055f9d9e17eb7ef2206e8e37ba98d661d13e6a"><code>4a055f9</code></a>
Regenerated Clients</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/e3457953351e6993f57f5ab8e373af8af70be45b"><code>e345795</code></a>
Update endpoints model</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/52a10ac239cc1aab2d070fbb004f6445ca0ddcc0"><code>52a10ac</code></a>
Update API model</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/adab0de9e4ae75aee4f894c99fd1e2ce2de0035e"><code>adab0de</code></a>
remove unused jmespath dependency from main module (<a
href="https://redirect.github.com/aws/aws-sdk-go-v2/issues/2707">#2707</a>)</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/0e07cc82b25692dce8f68e0b5bd0d0c5cdbcd279"><code>0e07cc8</code></a>
Release 2024-07-09</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/5e3583451cd8a91dbca2cc22672c2cfa0c7860cf"><code>5e35834</code></a>
Regenerated Clients</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/a2a28a1eec2a1b6f12f813e4900430a9cc79b6c2"><code>a2a28a1</code></a>
Update endpoints model</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/f5489732257180b7c19456abb050214c2f5cac26"><code>f548973</code></a>
Update API model</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/e7aad565a65dab9b37da7b49c1c79a699c49d85e"><code>e7aad56</code></a>
Release 2024-07-08</li>
<li>Additional commits viewable in <a
href="https://github.com/aws/aws-sdk-go-v2/compare/config/v1.29.14...v1.30.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/aws/aws-sdk-go-v2/config&package-manager=go_modules&previous-version=1.29.14&new-version=1.30.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-04 15:34:39 +00:00
dependabot[bot] 181c2f00ae chore: bump github.com/coreos/go-oidc/v3 from 3.14.1 to 3.15.0 (#19156) 
Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc)
from 3.14.1 to 3.15.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/coreos/go-oidc/releases">github.com/coreos/go-oidc/v3's
releases</a>.</em></p>
<blockquote>
<h2>v3.15.0</h2>
<h2>What's Changed</h2>
<ul>
<li>oidc: verify the ID Token's signature before processing claims by <a
href="https://github.com/ericchiang"><code>@​ericchiang</code></a> in <a
href="https://redirect.github.com/coreos/go-oidc/pull/464">coreos/go-oidc#464</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/coreos/go-oidc/compare/v3.14.1...v3.15.0">https://github.com/coreos/go-oidc/compare/v3.14.1...v3.15.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/coreos/go-oidc/commit/8d1e57e7e7fb4db0bac61cc200d43846ba071977"><code>8d1e57e</code></a>
oidc: verify the ID Token's signature before processing claims</li>
<li>See full diff in <a
href="https://github.com/coreos/go-oidc/compare/v3.14.1...v3.15.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/coreos/go-oidc/v3&package-manager=go_modules&previous-version=3.14.1&new-version=3.15.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-04 15:29:10 +00:00
dependabot[bot] ce9b20867d chore: bump github.com/fergusstrange/embedded-postgres from 1.31.0 to 1.32.0 (#19155) 
Bumps
[github.com/fergusstrange/embedded-postgres](https://github.com/fergusstrange/embedded-postgres)
from 1.31.0 to 1.32.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/fergusstrange/embedded-postgres/releases">github.com/fergusstrange/embedded-postgres's
releases</a>.</em></p>
<blockquote>
<h2>v1.32.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Ensure target directories exist before extraction and add test for
runtime path creation by <a
href="https://github.com/fergusstrange"><code>@​fergusstrange</code></a>
in <a
href="https://redirect.github.com/fergusstrange/embedded-postgres/pull/158">fergusstrange/embedded-postgres#158</a></li>
<li>Add support for Postgres 17 and update default version by <a
href="https://github.com/fergusstrange"><code>@​fergusstrange</code></a>
in <a
href="https://redirect.github.com/fergusstrange/embedded-postgres/pull/159">fergusstrange/embedded-postgres#159</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/fergusstrange/embedded-postgres/compare/v1.31.0...v1.32.0">https://github.com/fergusstrange/embedded-postgres/compare/v1.31.0...v1.32.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/fergusstrange/embedded-postgres/commit/0c7d03d6005dda276bcf9041c9be89ebe86c34e1"><code>0c7d03d</code></a>
Add support for Postgres 17 and update default version (<a
href="https://redirect.github.com/fergusstrange/embedded-postgres/issues/159">#159</a>)</li>
<li><a
href="https://github.com/fergusstrange/embedded-postgres/commit/bab016e3d52239a871b12798f6ddbeefc9d2045a"><code>bab016e</code></a>
Ensure target directories exist before extraction and add test for
runtime pa...</li>
<li>See full diff in <a
href="https://github.com/fergusstrange/embedded-postgres/compare/v1.31.0...v1.32.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/fergusstrange/embedded-postgres&package-manager=go_modules&previous-version=1.31.0&new-version=1.32.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-04 15:26:10 +00:00
dependabot[bot] b4f241391b chore: bump github.com/aws/aws-sdk-go-v2 from 1.36.4 to 1.37.1 (#19151) 
Bumps
[github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2)
from 1.36.4 to 1.37.1.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/67148dbe156c9519ccc35f7e46f1df7367c67b81"><code>67148db</code></a>
Release 2025-07-30</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/b21029eeb2699fcba879fd3639464fbb887c0178"><code>b21029e</code></a>
Regenerated Clients</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/6c2dde6522c75df1cfeb807e6f7823f644298d78"><code>6c2dde6</code></a>
Update endpoints model</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/7b710ac3e2a805dc0c2efa8bead2abb66bfe6169"><code>7b710ac</code></a>
Update API model</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/179df1ca8e873d6374f4739e6bab67f3ed62a3c0"><code>179df1c</code></a>
update CONTRIBUTING.md</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/456e51a2895e2ce6c712cebacebb10ad5a8f359e"><code>456e51a</code></a>
fix changelog</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/4ce8fece3fe625af2d8db3d673fcc8265af50485"><code>4ce8fec</code></a>
Join errors when retry token is unavailable (<a
href="https://redirect.github.com/aws/aws-sdk-go-v2/issues/3121">#3121</a>)</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/1eea3dbe07dffcef2fdba6f8e2206b32b91d8a83"><code>1eea3db</code></a>
Release 2025-07-29</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/b63d556f10e3a6a6a48458eeaf5b288feef79c58"><code>b63d556</code></a>
Regenerated Clients</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/1258955cdd238d60ed14ed5ce44cedd6e514f41c"><code>1258955</code></a>
Update endpoints model</li>
<li>Additional commits viewable in <a
href="https://github.com/aws/aws-sdk-go-v2/compare/v1.36.4...v1.37.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/aws/aws-sdk-go-v2&package-manager=go_modules&previous-version=1.36.4&new-version=1.37.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-04 15:21:27 +00:00
Danielle Maywood b8e2344ef5 chore(agent/agentcontainers): disable project autostart by default (#19114) 
We disable the logic that allows autostarting discovered devcontainers
by default. We want this behavior to be opt-in rather than opt-out.

---------

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-08-04 16:21:13 +01:00
dependabot[bot] 8f538d4412 chore: bump github.com/mark3labs/mcp-go from 0.34.0 to 0.36.0 (#19152) 
Bumps [github.com/mark3labs/mcp-go](https://github.com/mark3labs/mcp-go)
from 0.34.0 to 0.36.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/mark3labs/mcp-go/releases">github.com/mark3labs/mcp-go's
releases</a>.</em></p>
<blockquote>
<h2>Release v0.36.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Add defs field to ToolsInputSchema by <a
href="https://github.com/ostafen"><code>@​ostafen</code></a> in <a
href="https://redirect.github.com/mark3labs/mcp-go/pull/488">mark3labs/mcp-go#488</a></li>
<li>Remove <code>sampling_server</code> binary file by <a
href="https://github.com/JeffreyCA"><code>@​JeffreyCA</code></a> in <a
href="https://redirect.github.com/mark3labs/mcp-go/pull/512">mark3labs/mcp-go#512</a></li>
<li>chore: remove comments related to JSON-Batching by <a
href="https://github.com/cryo-zd"><code>@​cryo-zd</code></a> in <a
href="https://redirect.github.com/mark3labs/mcp-go/pull/514">mark3labs/mcp-go#514</a></li>
<li>feat: support structured content and output schema by <a
href="https://github.com/pottekkat"><code>@​pottekkat</code></a> in <a
href="https://redirect.github.com/mark3labs/mcp-go/pull/460">mark3labs/mcp-go#460</a></li>
<li>Hide error log when it's not useful by <a
href="https://github.com/dgageot"><code>@​dgageot</code></a> in <a
href="https://redirect.github.com/mark3labs/mcp-go/pull/517">mark3labs/mcp-go#517</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/ostafen"><code>@​ostafen</code></a> made
their first contribution in <a
href="https://redirect.github.com/mark3labs/mcp-go/pull/488">mark3labs/mcp-go#488</a></li>
<li><a href="https://github.com/JeffreyCA"><code>@​JeffreyCA</code></a>
made their first contribution in <a
href="https://redirect.github.com/mark3labs/mcp-go/pull/512">mark3labs/mcp-go#512</a></li>
<li><a href="https://github.com/dgageot"><code>@​dgageot</code></a> made
their first contribution in <a
href="https://redirect.github.com/mark3labs/mcp-go/pull/517">mark3labs/mcp-go#517</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/mark3labs/mcp-go/compare/v0.35.0...v0.36.0">https://github.com/mark3labs/mcp-go/compare/v0.35.0...v0.36.0</a></p>
<h2>Release v0.35.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Http headers by <a
href="https://github.com/adityamj"><code>@​adityamj</code></a> in <a
href="https://redirect.github.com/mark3labs/mcp-go/pull/480">mark3labs/mcp-go#480</a></li>
<li>fix: check if resp is nil on error for initialize methods by <a
href="https://github.com/pottekkat"><code>@​pottekkat</code></a> in <a
href="https://redirect.github.com/mark3labs/mcp-go/pull/492">mark3labs/mcp-go#492</a></li>
<li>Fix race condition in stdio.SendRequest with canceled context by <a
href="https://github.com/ezynda3"><code>@​ezynda3</code></a> in <a
href="https://redirect.github.com/mark3labs/mcp-go/pull/503">mark3labs/mcp-go#503</a></li>
<li>Embed client capabilities into the Session by <a
href="https://github.com/ardaguclu"><code>@​ardaguclu</code></a> in <a
href="https://redirect.github.com/mark3labs/mcp-go/pull/491">mark3labs/mcp-go#491</a></li>
<li>enhc(server): allow adding multiple resource templates at once by <a
href="https://github.com/rafaeljusto"><code>@​rafaeljusto</code></a> in
<a
href="https://redirect.github.com/mark3labs/mcp-go/pull/483">mark3labs/mcp-go#483</a></li>
<li>Get rid of binary file. by <a
href="https://github.com/wkoszek"><code>@​wkoszek</code></a> in <a
href="https://redirect.github.com/mark3labs/mcp-go/pull/505">mark3labs/mcp-go#505</a></li>
<li>feat: implement protocol version negotiation by <a
href="https://github.com/ezynda3"><code>@​ezynda3</code></a> in <a
href="https://redirect.github.com/mark3labs/mcp-go/pull/502">mark3labs/mcp-go#502</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/adityamj"><code>@​adityamj</code></a>
made their first contribution in <a
href="https://redirect.github.com/mark3labs/mcp-go/pull/480">mark3labs/mcp-go#480</a></li>
<li><a href="https://github.com/ardaguclu"><code>@​ardaguclu</code></a>
made their first contribution in <a
href="https://redirect.github.com/mark3labs/mcp-go/pull/491">mark3labs/mcp-go#491</a></li>
<li><a
href="https://github.com/rafaeljusto"><code>@​rafaeljusto</code></a>
made their first contribution in <a
href="https://redirect.github.com/mark3labs/mcp-go/pull/483">mark3labs/mcp-go#483</a></li>
<li><a href="https://github.com/wkoszek"><code>@​wkoszek</code></a> made
their first contribution in <a
href="https://redirect.github.com/mark3labs/mcp-go/pull/505">mark3labs/mcp-go#505</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/mark3labs/mcp-go/compare/v0.34.0...v0.35.0">https://github.com/mark3labs/mcp-go/compare/v0.34.0...v0.35.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/mark3labs/mcp-go/commit/cf352645f0aee9b9fb3dc1f735e7c5c9419a1a56"><code>cf35264</code></a>
Merge pull request <a
href="https://redirect.github.com/mark3labs/mcp-go/issues/517">#517</a>
from dgageot/remote-context-cancelled-log</li>
<li><a
href="https://github.com/mark3labs/mcp-go/commit/8f9d5387d8726529763739007590b2baa380bdd2"><code>8f9d538</code></a>
feat: support structured content and output schema (<a
href="https://redirect.github.com/mark3labs/mcp-go/issues/460">#460</a>)</li>
<li><a
href="https://github.com/mark3labs/mcp-go/commit/a43b1048c0c78263858b33129575e9b6c04dad4c"><code>a43b104</code></a>
chore: remove comments related to JSON-Batching (<a
href="https://redirect.github.com/mark3labs/mcp-go/issues/514">#514</a>)</li>
<li><a
href="https://github.com/mark3labs/mcp-go/commit/e327695b8b1f5d84c28959fde844f67c432eb3de"><code>e327695</code></a>
Hide error when it's not useful</li>
<li><a
href="https://github.com/mark3labs/mcp-go/commit/617fcf1f1599ba269e22490d291c77f0fa6a2894"><code>617fcf1</code></a>
Remove <code>sampling_server</code> binary file (<a
href="https://redirect.github.com/mark3labs/mcp-go/issues/512">#512</a>)</li>
<li><a
href="https://github.com/mark3labs/mcp-go/commit/5ad6c8d86c75da25113c8a2f843cbbc0a994ba03"><code>5ad6c8d</code></a>
Add defs field to ToolsInputSchema (<a
href="https://redirect.github.com/mark3labs/mcp-go/issues/488">#488</a>)</li>
<li><a
href="https://github.com/mark3labs/mcp-go/commit/3964d510cd31aada6eb553fc3d286d4842a28a56"><code>3964d51</code></a>
feat: implement protocol version negotiation (<a
href="https://redirect.github.com/mark3labs/mcp-go/issues/502">#502</a>)</li>
<li><a
href="https://github.com/mark3labs/mcp-go/commit/38ac77cf9f42386f1beea4f224fa45eb9b08a926"><code>38ac77c</code></a>
Get rid of binary file. (<a
href="https://redirect.github.com/mark3labs/mcp-go/issues/505">#505</a>)</li>
<li><a
href="https://github.com/mark3labs/mcp-go/commit/722d95462707280068b05f33fbd6f5ec5dba6228"><code>722d954</code></a>
enhc(server): allow adding multiple resource templates at once (<a
href="https://redirect.github.com/mark3labs/mcp-go/issues/483">#483</a>)</li>
<li><a
href="https://github.com/mark3labs/mcp-go/commit/cc3f765e152630f88f224c4ba3fe867bc5bef598"><code>cc3f765</code></a>
Embed client capabilities into the Session (<a
href="https://redirect.github.com/mark3labs/mcp-go/issues/491">#491</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/mark3labs/mcp-go/compare/v0.34.0...v0.36.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/mark3labs/mcp-go&package-manager=go_modules&previous-version=0.34.0&new-version=0.36.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-04 15:21:04 +00:00
dependabot[bot] 5df3bf713c ci: bump the github-actions group with 6 updates (#19149) 
Bumps the github-actions group with 6 updates:

| Package | From | To |
| --- | --- | --- |
|
[step-security/harden-runner](https://github.com/step-security/harden-runner)
| `2.12.2` | `2.13.0` |
| [chromaui/action](https://github.com/chromaui/action) | `13.1.2` |
`13.1.3` |
|
[google-github-actions/auth](https://github.com/google-github-actions/auth)
| `2.1.11` | `2.1.12` |
|
[tj-actions/changed-files](https://github.com/tj-actions/changed-files)
| `055970845dd036d7345da7399b7e89f2e10f2b04` |
`c2ca2493190021783138cb8aac49bcee14b4bb89` |
| [tj-actions/branch-names](https://github.com/tj-actions/branch-names)
| `8.2.1` | `9.0.2` |
| [github/codeql-action](https://github.com/github/codeql-action) |
`3.29.3` | `3.29.5` |

Updates `step-security/harden-runner` from 2.12.2 to 2.13.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.13.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Improved job markdown summary</li>
<li>Https monitoring for all domains (included with the enterprise
tier)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.13.0">https://github.com/step-security/harden-runner/compare/v2...v2.13.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/ec9f2d5744a09debf3a187a3f4f675c53b671911"><code>ec9f2d5</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/565">#565</a>
from step-security/rc-24</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/04bcbc31cfcefe0cf4720832008735021cec5ec4"><code>04bcbc3</code></a>
update agent</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/7c7a56fcaa124ab72fff1cc3e81257f264fd7317"><code>7c7a56f</code></a>
feat: get job summary from API</li>
<li>See full diff in <a
href="https://github.com/step-security/harden-runner/compare/v2.12.2...ec9f2d5744a09debf3a187a3f4f675c53b671911">compare
view</a></li>
</ul>
</details>
<br />

Updates `chromaui/action` from 13.1.2 to 13.1.3
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/chromaui/action/commit/58d9ffb36c90c97a02d061544ecc849cc4a242a9"><code>58d9ffb</code></a>
v13.1.3</li>
<li>See full diff in <a
href="https://github.com/chromaui/action/compare/4d8ebd13658d795114f8051e25c28d66f14886c6...58d9ffb36c90c97a02d061544ecc849cc4a242a9">compare
view</a></li>
</ul>
</details>
<br />

Updates `google-github-actions/auth` from 2.1.11 to 2.1.12
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google-github-actions/auth/releases">google-github-actions/auth's
releases</a>.</em></p>
<blockquote>
<h2>v2.1.12</h2>
<h2>What's Changed</h2>
<ul>
<li>Add retries for getIDToken by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/auth/pull/502">google-github-actions/auth#502</a></li>
<li>Release: v2.1.12 by <a
href="https://github.com/google-github-actions-bot"><code>@​google-github-actions-bot</code></a>
in <a
href="https://redirect.github.com/google-github-actions/auth/pull/503">google-github-actions/auth#503</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google-github-actions/auth/compare/v2.1.11...v2.1.12">https://github.com/google-github-actions/auth/compare/v2.1.11...v2.1.12</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/google-github-actions/auth/commit/b7593ed2efd1c1617e1b0254da33b86225adb2a5"><code>b7593ed</code></a>
Release: v2.1.12 (<a
href="https://redirect.github.com/google-github-actions/auth/issues/503">#503</a>)</li>
<li><a
href="https://github.com/google-github-actions/auth/commit/c1ee334b4fb145a02e9d8343bb2e9f0dd06e586b"><code>c1ee334</code></a>
Add retries for getIDToken (<a
href="https://redirect.github.com/google-github-actions/auth/issues/502">#502</a>)</li>
<li>See full diff in <a
href="https://github.com/google-github-actions/auth/compare/140bb5113ffb6b65a7e9b937a81fa96cf5064462...b7593ed2efd1c1617e1b0254da33b86225adb2a5">compare
view</a></li>
</ul>
</details>
<br />

Updates `tj-actions/changed-files` from
055970845dd036d7345da7399b7e89f2e10f2b04 to
c2ca2493190021783138cb8aac49bcee14b4bb89
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.4...v46.0.5">46.0.5</a>
- (2025-04-09)</h1>
<h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2>
<ul>
<li><strong>deps:</strong> Bump yaml from 2.7.0 to 2.7.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2520">#2520</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/ed68ef82c095e0d48ec87eccea555d944a631a4c">ed68ef8</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump typescript from 5.8.2 to 5.8.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2516">#2516</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/a7bc14b808f23d3b467a4079c69a81f1a4500fd5">a7bc14b</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump <code>@​types/node</code> from
22.13.11 to 22.14.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2517">#2517</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/3d751f6b6d84071a17e1b9cf4ed79a80a27dd0ab">3d751f6</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump eslint-plugin-prettier from 5.2.3 to
5.2.6 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2519">#2519</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/e2fda4ec3cb0bc2a353843cae823430b3124db8f">e2fda4e</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump ts-jest from 29.2.6 to 29.3.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2518">#2518</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/0bed1b1132ec4879a39a2d624cf82a00d0bcfa48">0bed1b1</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump github/codeql-action from 3.28.12 to
3.28.15 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2530">#2530</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/68024587dc36f49685c96d59d3f1081830f968bb">6802458</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump tj-actions/branch-names from 8.0.1 to
8.1.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2521">#2521</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/cf2e39e86bf842d1f9bc5bca56c0a6b207cca792">cf2e39e</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump tj-actions/verify-changed-files from
20.0.1 to 20.0.4 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2523">#2523</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/6abeaa506a419f85fa9e681260b443adbeebb3d4">6abeaa5</a>)
- (dependabot[bot])</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded to v46.0.4 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2511">#2511</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
&lt;41898282+github-actions[bot]<a
href="https://github.com/users"><code>@​users</code></a>.noreply.github.com&gt;
(<a
href="https://github.com/tj-actions/changed-files/commit/6f67ee9ac810f0192ea7b3d2086406f97847bcf9">6f67ee9</a>)
- (github-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.3...v46.0.4">46.0.4</a>
- (2025-04-03)</h1>
<h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2>
<ul>
<li>Bug modified_keys and changed_key outputs not set when no changes
detected (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2509">#2509</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/6cb76d07bee4c9772c6882c06c37837bf82a04d3">6cb76d0</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->📚 Documentation</h2>
<ul>
<li>Update readme (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2508">#2508</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/b74df86ccb65173a8e33ba5492ac1a2ca6b216fd">b74df86</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded to v46.0.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2506">#2506</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
&lt;41898282+github-actions[bot]<a
href="https://github.com/users"><code>@​users</code></a>.noreply.github.com&gt;
Co-authored-by: Tonye Jack <a
href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a
href="https://github.com/tj-actions/changed-files/commit/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99">27ae6b3</a>)
- (github-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.2...v46.0.3">46.0.3</a>
- (2025-03-23)</h1>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2501">#2501</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
&lt;41898282+github-actions[bot]<a
href="https://github.com/users"><code>@​users</code></a>.noreply.github.com&gt;
(<a
href="https://github.com/tj-actions/changed-files/commit/41e0de576a0f2b64d9f06f2773f539109e55a70a">41e0de5</a>)
- (github-actions[bot])</p>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2499">#2499</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
&lt;41898282+github-actions[bot]<a
href="https://github.com/users"><code>@​users</code></a>.noreply.github.com&gt;
(<a
href="https://github.com/tj-actions/changed-files/commit/945787811a795cd840a1157ac590dd7827a05c8e">9457878</a>)
- (github-actions[bot])</p>
<h2><!-- raw HTML omitted -->📚 Documentation</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tj-actions/changed-files/commit/c2ca2493190021783138cb8aac49bcee14b4bb89"><code>c2ca249</code></a>
test: manual triggered workflows (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2637">#2637</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/94d97fe3f88298bf8b2f2db6fa2ab150f3c1ab77"><code>94d97fe</code></a>
chore(deps): bump tj-actions/branch-names from 9.0.1 to 9.0.2 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2636">#2636</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/18b05b98fcd9dc0bd3870d7a6571535999ba0c3f"><code>18b05b9</code></a>
chore(deps): bump github/codeql-action from 3.29.4 to 3.29.5 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2635">#2635</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/db8d0bfea5a44e51abd5dc1454386c668ae901f9"><code>db8d0bf</code></a>
chore(deps): bump tj-actions/git-cliff from 1.5.0 to 2.0.2 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2632">#2632</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/0e2e8f70c5c6854ee9ff9f94bc2f1b9e7fcead78"><code>0e2e8f7</code></a>
chore(deps): bump tj-actions/branch-names from 8.2.1 to 9.0.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2633">#2633</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/5f2e971c1fcf53fda99e27a542f5e79cff0e7059"><code>5f2e971</code></a>
chore(deps-dev): bump <code>@​types/node</code> from 24.0.15 to 24.1.0
(<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2626">#2626</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/498cf3f89140b3c7b8353c5ae1354765717026ad"><code>498cf3f</code></a>
chore(deps-dev): bump jest from 30.0.4 to 30.0.5 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2627">#2627</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/8378ac87b7b199cd230495c133c4f6b19215e757"><code>8378ac8</code></a>
chore(deps): bump github/codeql-action from 3.29.3 to 3.29.4 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2628">#2628</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/4bfe3cb5bd6f0db4dc8668c4d6bef45ccf2b8ab5"><code>4bfe3cb</code></a>
chore(deps): bump nrwl/nx-set-shas from 4.3.0 to 4.3.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2630">#2630</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/a0370f61698fcac830a08949da9fdf96ea0f3ab7"><code>a0370f6</code></a>
chore(deps): bump github/codeql-action from 3.29.2 to 3.29.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2625">#2625</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tj-actions/changed-files/compare/055970845dd036d7345da7399b7e89f2e10f2b04...c2ca2493190021783138cb8aac49bcee14b4bb89">compare
view</a></li>
</ul>
</details>
<br />

Updates `tj-actions/branch-names` from 8.2.1 to 9.0.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/branch-names/releases">tj-actions/branch-names's
releases</a>.</em></p>
<blockquote>
<h2>v9.0.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Upgraded to v9.0.1 by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/424">tj-actions/branch-names#424</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tj-actions/branch-names/compare/v9...v9.0.2">https://github.com/tj-actions/branch-names/compare/v9...v9.0.2</a></p>
<h2>v9.0.1</h2>
<h2>What's Changed</h2>
<ul>
<li>build(deps): bump tj-actions/git-cliff from 1.5.0 to 2.0.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/422">tj-actions/branch-names#422</a></li>
<li>build(deps): bump codacy/codacy-analysis-cli-action from 4.4.5 to
4.4.7 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/421">tj-actions/branch-names#421</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tj-actions/branch-names/compare/v9.0.0...v9.0.1">https://github.com/tj-actions/branch-names/compare/v9.0.0...v9.0.1</a></p>
<h2>v9.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Upgraded to v8.2.1 by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/417">tj-actions/branch-names#417</a></li>
<li>chore: update action.yml by <a
href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/418">tj-actions/branch-names#418</a></li>
<li>Updated README.md by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/419">tj-actions/branch-names#419</a></li>
<li>security: fix unsafe outputs by <a
href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/420">tj-actions/branch-names#420</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tj-actions/branch-names/compare/v8...v9.0.0">https://github.com/tj-actions/branch-names/compare/v8...v9.0.0</a></p>
<h2>v9</h2>
<h1>Changes in v9.0.2</h1>
<h2>What's Changed</h2>
<ul>
<li>Upgraded to v9.0.1 by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/424">tj-actions/branch-names#424</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tj-actions/branch-names/compare/v9...v9.0.2">https://github.com/tj-actions/branch-names/compare/v9...v9.0.2</a></p>
<hr />
<h1>Changes in v9.0.1</h1>
<h2>What's Changed</h2>
<ul>
<li>build(deps): bump tj-actions/git-cliff from 1.5.0 to 2.0.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/422">tj-actions/branch-names#422</a></li>
<li>build(deps): bump codacy/codacy-analysis-cli-action from 4.4.5 to
4.4.7 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/421">tj-actions/branch-names#421</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tj-actions/branch-names/compare/v9.0.0...v9.0.1">https://github.com/tj-actions/branch-names/compare/v9.0.0...v9.0.1</a></p>
<hr />
<h1>Changes in v9.0.0</h1>
<h2>What's Changed</h2>
<ul>
<li>Upgraded to v8.2.1 by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/417">tj-actions/branch-names#417</a></li>
<li>chore: update action.yml by <a
href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/418">tj-actions/branch-names#418</a></li>
<li>Updated README.md by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/419">tj-actions/branch-names#419</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/branch-names/blob/main/HISTORY.md">tj-actions/branch-names's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h1><a
href="https://github.com/tj-actions/branch-names/compare/v9.0.1...v9.0.2">9.0.2</a>
- (2025-07-31)</h1>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Update update-readme.yml (<a
href="https://github.com/tj-actions/branch-names/commit/5250492686b253f06fa55861556d1027b067aeb5">5250492</a>)
- (Tonye Jack)</li>
<li>Update update-readme.yml (<a
href="https://github.com/tj-actions/branch-names/commit/a2bc4958de72a5590a03c317bcb11581ae7866e7">a2bc495</a>)
- (Tonye Jack)</li>
<li>Update README.md (<a
href="https://github.com/tj-actions/branch-names/commit/169ddc10b28b8cbc75996ee56c1dbf4448ca6f06">169ddc1</a>)
- (Tonye Jack)</li>
<li>Update README.md (<a
href="https://github.com/tj-actions/branch-names/commit/4d35052be347a49c829b8a8e9855f40f14a00be6">4d35052</a>)
- (Tonye Jack)</li>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/423">#423</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
&lt;41898282+github-actions[bot]<a
href="https://github.com/users"><code>@​users</code></a>.noreply.github.com&gt;
(<a
href="https://github.com/tj-actions/branch-names/commit/6be34a848cdd6067dda01ded8bd9b0853bbe3b23">6be34a8</a>)
- (github-actions[bot])</p>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded from v9.0.0 -&gt; v9.0.1 (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/424">#424</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
&lt;41898282+github-actions[bot]<a
href="https://github.com/users"><code>@​users</code></a>.noreply.github.com&gt;
(<a
href="https://github.com/tj-actions/branch-names/commit/c0714e7ecc0a7baec34a69b87df070fa6a823e7f">c0714e7</a>)
- (github-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/branch-names/compare/v9.0.0...v9.0.1">9.0.1</a>
- (2025-07-26)</h1>
<h2><!-- raw HTML omitted -->👷 CI/CD</h2>
<ul>
<li><strong>deps:</strong> Bump codacy/codacy-analysis-cli-action from
4.4.5 to 4.4.7 (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/421">#421</a>)
(<a
href="https://github.com/tj-actions/branch-names/commit/386e117ea34339627a40843704a60a3bc9359234">386e117</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump tj-actions/git-cliff from 1.5.0 to 2.0.2
(<a
href="https://redirect.github.com/tj-actions/branch-names/issues/422">#422</a>)
(<a
href="https://github.com/tj-actions/branch-names/commit/2114174008e541048c2313bfc2c296a484785f14">2114174</a>)
- (dependabot[bot])</li>
</ul>
<h1><a
href="https://github.com/tj-actions/branch-names/compare/v8.2.1...v9.0.0">9.0.0</a>
- (2025-07-25)</h1>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/419">#419</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
&lt;41898282+github-actions[bot]<a
href="https://github.com/users"><code>@​users</code></a>.noreply.github.com&gt;
(<a
href="https://github.com/tj-actions/branch-names/commit/f904073f20285d3ff38d2dedb647c7e81ab9ccc6">f904073</a>)
- (github-actions[bot])</p>
<h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2>
<ul>
<li>Update action.yml (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/418">#418</a>)
(<a
href="https://github.com/tj-actions/branch-names/commit/c81796132291bcac45a405bba3ff42c5c0c2a3e2">c817961</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->🛡️ Security</h2>
<ul>
<li>Fix unsafe outputs (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/420">#420</a>)
(<a
href="https://github.com/tj-actions/branch-names/commit/e497ceb8ccd43fd9573cf2e375216625bc411d1f">e497ceb</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded from v8.2.0 -&gt; v8.2.1 (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/417">#417</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
&lt;41898282+github-actions[bot]<a
href="https://github.com/users"><code>@​users</code></a>.noreply.github.com&gt;
(<a
href="https://github.com/tj-actions/branch-names/commit/46ae71df6d27dd78ff96d2aaf0a59411f9c19e4e">46ae71d</a>)
- (github-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/branch-names/compare/v8.2.0...v8.2.1">8.2.1</a>
- (2025-04-11)</h1>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tj-actions/branch-names/commit/5250492686b253f06fa55861556d1027b067aeb5"><code>5250492</code></a>
Update update-readme.yml</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/a2bc4958de72a5590a03c317bcb11581ae7866e7"><code>a2bc495</code></a>
Update update-readme.yml</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/169ddc10b28b8cbc75996ee56c1dbf4448ca6f06"><code>169ddc1</code></a>
Update README.md</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/4d35052be347a49c829b8a8e9855f40f14a00be6"><code>4d35052</code></a>
Update README.md</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/c0714e7ecc0a7baec34a69b87df070fa6a823e7f"><code>c0714e7</code></a>
Upgraded from v9.0.0 -&gt; v9.0.1 (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/424">#424</a>)</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/6be34a848cdd6067dda01ded8bd9b0853bbe3b23"><code>6be34a8</code></a>
Updated README.md (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/423">#423</a>)</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/386e117ea34339627a40843704a60a3bc9359234"><code>386e117</code></a>
build(deps): bump codacy/codacy-analysis-cli-action from 4.4.5 to 4.4.7
(<a
href="https://redirect.github.com/tj-actions/branch-names/issues/421">#421</a>)</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/2114174008e541048c2313bfc2c296a484785f14"><code>2114174</code></a>
build(deps): bump tj-actions/git-cliff from 1.5.0 to 2.0.2 (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/422">#422</a>)</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/e497ceb8ccd43fd9573cf2e375216625bc411d1f"><code>e497ceb</code></a>
security: fix unsafe outputs (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/420">#420</a>)</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/f904073f20285d3ff38d2dedb647c7e81ab9ccc6"><code>f904073</code></a>
Updated README.md (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/419">#419</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tj-actions/branch-names/compare/dde14ac574a8b9b1cedc59a1cf312788af43d8d8...5250492686b253f06fa55861556d1027b067aeb5">compare
view</a></li>
</ul>
</details>
<br />

Updates `github/codeql-action` from 3.29.3 to 3.29.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.29.5</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.29.5 - 29 Jul 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.22.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2986">#2986</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.29.5/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.29.4</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.29.4 - 23 Jul 2025</h2>
<p>No user facing changes.</p>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.29.4/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.29.5 - 29 Jul 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.22.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2986">#2986</a></li>
</ul>
<h2>3.29.4 - 23 Jul 2025</h2>
<p>No user facing changes.</p>
<h2>3.29.3 - 21 Jul 2025</h2>
<p>No user facing changes.</p>
<h2>3.29.2 - 30 Jun 2025</h2>
<ul>
<li>Experimental: When the <code>quality-queries</code> input for the
<code>init</code> action is provided with an argument, separate
<code>.quality.sarif</code> files are produced and uploaded for each
language with the results of the specified queries. Do not use this in
production as it is part of an internal experiment and subject to change
at any time. <a
href="https://redirect.github.com/github/codeql-action/pull/2935">#2935</a></li>
</ul>
<h2>3.29.1 - 27 Jun 2025</h2>
<ul>
<li>Fix bug in PR analysis where user-provided <code>include</code>
query filter fails to exclude non-included queries. <a
href="https://redirect.github.com/github/codeql-action/pull/2938">#2938</a></li>
<li>Update default CodeQL bundle version to 2.22.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2950">#2950</a></li>
</ul>
<h2>3.29.0 - 11 Jun 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.22.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li>
<li>Bump minimum CodeQL bundle version to 2.16.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li>
</ul>
<h2>3.28.21 - 28 July 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.20 - 21 July 2025</h2>
<ul>
<li>Remove support for combining SARIF files from a single upload for
GHES 3.18, see <a
href="https://github.blog/changelog/2024-05-06-code-scanning-will-stop-combining-runs-from-a-single-upload/">the
changelog post</a>. <a
href="https://redirect.github.com/github/codeql-action/pull/2959">#2959</a></li>
</ul>
<h2>3.28.19 - 03 Jun 2025</h2>
<ul>
<li>The CodeQL Action no longer includes its own copy of the extractor
for the <code>actions</code> language, which is currently in public
preview.
The <code>actions</code> extractor has been included in the CodeQL CLI
since v2.20.6. If your workflow has enabled the <code>actions</code>
language <em>and</em> you have pinned
your <code>tools:</code> property to a specific version of the CodeQL
CLI earlier than v2.20.6, you will need to update to at least CodeQL
v2.20.6 or disable
<code>actions</code> analysis.</li>
<li>Update default CodeQL bundle version to 2.21.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2910">#2910</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/51f77329afa6477de8c49fc9c7046c15b9a4e79d"><code>51f7732</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2997">#2997</a>
from github/update-v3.29.5-80a09d7b0</li>
<li><a
href="https://github.com/github/codeql-action/commit/8e90243ddbe0de3f12f4fa361675387b7f94c48d"><code>8e90243</code></a>
Update changelog for v3.29.5</li>
<li><a
href="https://github.com/github/codeql-action/commit/80a09d7b0b5468297f127c81b43cb7335eed0f30"><code>80a09d7</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2996">#2996</a>
from github/dependabot/npm_and_yarn/npm-240ab9fad0</li>
<li><a
href="https://github.com/github/codeql-action/commit/8388115dc8d6af25bf915cc8455a7d6a77253970"><code>8388115</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2994">#2994</a>
from github/mergeback/changelog/v3.28.21</li>
<li><a
href="https://github.com/github/codeql-action/commit/401ecaf503b1a19fc0fbd253cc5afe7759870068"><code>401ecaf</code></a>
Merge branch 'main' into mergeback/changelog/v3.28.21</li>
<li><a
href="https://github.com/github/codeql-action/commit/ab5c0c5fa56442a68c2d51b194ccc93faaaaa639"><code>ab5c0c5</code></a>
Merge branch 'main' into dependabot/npm_and_yarn/npm-240ab9fad0</li>
<li><a
href="https://github.com/github/codeql-action/commit/cd264d4dcdc5ee89d8590821e29c66a1bdcaa968"><code>cd264d4</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2986">#2986</a>
from github/update-bundle/codeql-bundle-v2.22.2</li>
<li><a
href="https://github.com/github/codeql-action/commit/4599055b1e273f63344615ade2c46c852c6d5c63"><code>4599055</code></a>
Merge branch 'main' into update-bundle/codeql-bundle-v2.22.2</li>
<li><a
href="https://github.com/github/codeql-action/commit/fd7ad511e6bd5985ebbc84944e0e173d39a968b8"><code>fd7ad51</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2971">#2971</a>
from github/update-supported-enterprise-server-versions</li>
<li><a
href="https://github.com/github/codeql-action/commit/ac0c9bfe1e34d6a76860325c1b4abe8208ce98a6"><code>ac0c9bf</code></a>
Merge branch 'main' into
update-supported-enterprise-server-versions</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/d6bbdef45e766d081b84a2def353b0055f728d3e...51f77329afa6477de8c49fc9c7046c15b9a4e79d">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-04 14:57:47 +00:00
Jon Ayers 2a2851e494 chore: check integrity of Go in Dockefile (#19130) 2025-08-04 08:27:27 -04:00
Jon Ayers 40dbc557bd fix: ignore goroutine leak for protocol lookup on windows (#19131) 2025-08-04 08:26:56 -04:00
Hugo Dutka 79cd80e5ca feat: add MCP tools for ChatGPT (#19102) 
Addresses https://github.com/coder/internal/issues/772.

Adds the toolset query parameter to the `/api/experimental/mcp/http` endpoint, which, when set to "chatgpt", exposes new `fetch` and `search` tools compatible with ChatGPT, as described in the
[ChatGPT docs](https://platform.openai.com/docs/mcp). These tools are
exposed in isolation because in my usage I found that ChatGPT refuses to
connect to Coder if it sees additional MCP tools.

<img width="1248" height="908" alt="Screenshot 2025-07-30 at 16 36 56"
src="https://github.com/user-attachments/assets/ca31e57b-d18b-4998-9554-7a96a141527a"
/>
 2025-08-04 14:11:22 +02:00
Spike Curtis d4b44185da chore: add database dump and dbfake logging (#19144) 
relates to  #778

Somehow in `TestWorkspaceAgent` the agent with the test instance identifier is not being added to the database, or is getting deleted.

I'm adding some additional logging to `dbfake` and setting the affected tests to dump postgres on error, to see if we can get to the bottom of the issue.
 2025-08-04 13:22:04 +04:00
Spike Curtis e80f91e900 chore: add small scenario to scaletest (#19110) 
Relaxes the `terraform` version constraint to be at least 1.9, since
1.12 is installed in our Dogfood image

Adds a `small` scenario to keep costs down while we continue to develop
capabilities.
 2025-08-04 10:04:44 +04:00
Ethan b95cf47f99 ci: set valid xcode version in release script (#19143) 
16.0.0 was yanked from the macOS runners, so this will likely need cherry picking into the upcoming release branch.

We've already checked everything builds fine on #19125.

In a few releases we'll stop building the dylib and also therefore remove xcode as a dependency on coder/coder altogether.
 2025-08-04 15:01:24 +10:00
Ethan decd9b7818 ci: conditionally disable spotlight indexing on nightly gauntlet (#19142) 
Same as #19124
 2025-08-04 15:01:01 +10:00
dependabot[bot] 719c9cc409 chore: bump coder/filebrowser/coder from 1.1.1 to 1.1.2 in /dogfood/coder-envbuilder (#19140) 
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=coder/filebrowser/coder&package-manager=terraform&previous-version=1.1.1&new-version=1.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-04 01:22:36 +00:00
dependabot[bot] c849a9579d chore: bump coder/filebrowser/coder from 1.1.1 to 1.1.2 in /dogfood/coder (#19139) 
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=coder/filebrowser/coder&package-manager=terraform&previous-version=1.1.1&new-version=1.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-04 01:14:08 +00:00
dependabot[bot] a512f1a055 chore: bump coder/dotfiles/coder from 1.2.0 to 1.2.1 in /dogfood/coder (#19138) 
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=coder/dotfiles/coder&package-manager=terraform&previous-version=1.2.0&new-version=1.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-04 01:14:00 +00:00
dependabot[bot] b605569929 chore: bump coder/slackme/coder from 1.0.30 to 1.0.31 in /dogfood/coder (#19136) 
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=coder/slackme/coder&package-manager=terraform&previous-version=1.0.30&new-version=1.0.31)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-04 01:10:46 +00:00
dependabot[bot] 206b5683f9 chore: bump coder/coder-login/coder from 1.0.30 to 1.0.31 in /dogfood/coder-envbuilder (#19137) 
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=coder/coder-login/coder&package-manager=terraform&previous-version=1.0.30&new-version=1.0.31)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-04 01:10:31 +00:00
dependabot[bot] e8ca4f8cf4 chore: bump coder/zed/coder from 1.0.0 to 1.0.1 in /dogfood/coder (#19135) 
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=coder/zed/coder&package-manager=terraform&previous-version=1.0.0&new-version=1.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-04 01:07:55 +00:00
dependabot[bot] 369a74a566 chore: bump coder/coder-login/coder from 1.0.30 to 1.0.31 in /dogfood/coder (#19134) 
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=coder/coder-login/coder&package-manager=terraform&previous-version=1.0.30&new-version=1.0.31)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-04 01:06:53 +00:00
dependabot[bot] 9626a2bafe chore: bump coder/personalize/coder from 1.0.30 to 1.0.31 in /dogfood/coder-envbuilder (#19133) 
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=coder/personalize/coder&package-manager=terraform&previous-version=1.0.30&new-version=1.0.31)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-04 01:06:14 +00:00
dependabot[bot] 0c761792ae chore: bump coder/personalize/coder from 1.0.30 to 1.0.31 in /dogfood/coder (#19132) 
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=coder/personalize/coder&package-manager=terraform&previous-version=1.0.30&new-version=1.0.31)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-04 01:05:17 +00:00
Jon Ayers c9ed0dd927 chore: pin dependencies in Dockerfiles (#19129) 2025-08-03 18:26:41 -04:00
Cian Johnston 0d7cc5c156 ci: bump xcode version to 16.1.0 (#19125) 2025-08-03 20:53:04 +01:00
Cian Johnston 6a35400f67 ci: conditionally disable spotlight indexing (#19124) 
Work around for following issue:
```
Run sudo mdutil -a -i off
  sudo mdutil -a -i off
  sudo mdutil -X /
  sudo launchctl bootout system /System/Library/LaunchDaemons/com.apple.metadata.mds.plist
  shell: /bin/bash -e {0}
4 files/directories removed
Boot-out failed: 5: Input/output error
```

This can happen if spotlight has already been disabled.
 2025-08-02 18:23:46 +01:00
Garrett Delfosse 6ba4b5bbc9 docs: update module registry URLs to correct path structure (#18681) 
## Summary
- Updated documentation references to use the correct registry path
structure
- Changed URLs from incorrect paths to the correct format:
  - Modules main page: registry.coder.com/modules
  - Specific modules: registry.coder.com/modules/coder/{module-name}

## Test plan
- Verify that all documentation links to modules point to the correct
URL structure

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Edward Angert <EdwardAngert@users.noreply.github.com>
 2025-08-02 06:03:15 +05:00
Danielle Maywood a185d3a2c3 fix(site): ensure notification settings page follows RBAC correctly (#19097) 
Ensure template admin and user admins are able to see the correct
notification groups on the notification settings page.

---------

Co-authored-by: ケイラ <mckayla@hey.com>
 2025-07-31 21:20:27 +01:00
Eric Paulsen 8b43503aaf docs: remove deprecated JFrog Xray integration documentation (#19113) 2025-07-31 18:46:39 +01:00
ケイラ 1cffd11619 feat: add workspace sharing page (#19107) 2025-07-31 15:05:09 +00:00
Danielle Maywood ddb5b87815 chore(agent/agentcontainers): test current prebuilds integration (#19074) 
As it turns out, prebuilds + devcontainers appear to already work
together. This PR has created a test that simulates a prebuild claim
happening to `agentcontainers.API`, to see how we handle it.
 2025-07-31 15:31:44 +01:00
ケイラ ed62ddc38e chore: add workspace-sharing experiment (#19106) 2025-07-31 07:52:57 -06:00
Danielle Maywood cc4f8da6e1 fix(agent/agentcontainers): fix devcontainer integration tests (#19109) 
It appears we accidentally merged a change that broke our devcontainer
integration tests https://github.com/coder/coder/pull/18570.
 2025-07-31 13:24:23 +01:00
Benjamin Peinhardt e4dc2d9418 fix: add constraint and runtime check for provisioner logs size limit (#18893) 
This PR sets a constraint of 1MB on the provisioner job logs written to
the database. This is consistent with the constraint we place on
workspace agent logs:
https://github.com/coder/coder/blob/4ac6be6d835dc36c242e35a26b584b784040bf28/coderd/database/dump.sql#L2030

It also adds a message printed to the front end about the provisioner
log overflow, and updates the message printed to the front end when
workspace startup logs exceed the max, as it was causing some customers
to think their startup script had failed to run.
 2025-07-30 19:09:53 -05:00
ケイラ eeb0bbefb9 feat: implement acl for workspaces (#19094) 2025-07-30 17:02:51 -06:00
Callum Styan d736af1fa3 fix: handle potential DB conflict due to concurrent upload requests in postFile (#19005) 
This issue manifests when users have multiple templates which rely on
the same files, for example see:
https://github.com/coder/coder/issues/17442

---------

Signed-off-by: Callum Styan <callumstyan@gmail.com>
 2025-07-30 13:55:30 -07:00
Callum Styan ffbfaf2a6f feat: allow bypassing current CORS magic based on template config (#18706) 
Solves https://github.com/coder/coder/issues/15096

This is a slight rework/refactor of the earlier PRs from @dannykopping
and @Emyrk:
- https://github.com/coder/coder/pull/15669
- https://github.com/coder/coder/pull/15684
- https://github.com/coder/coder/pull/17596

Rather than having a per-app CORS behaviour setting and additionally a
template level setting for ports, this PR adds a single template level
CORS behaviour setting that is then used by all apps/ports for
workspaces created from that template.

The main changes are in `proxy.go` and `request.go` to:
a) get the CORS behaviour setting from the template
b) have `HandleSubdomain` bypass the CORS middleware handler if the
selected behaviour is `passthru`
c) in `proxyWorkspaceApp`, do not modify the response if the selected
behaviour is `passthru`

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Added support for configuring CORS behavior ("simple" or "passthru")
at the template level for all shared ports.
* Introduced a new "CORS Behavior" setting in the template creation and
settings forms.
* API endpoints and responses now include the optional `cors_behavior`
property for templates.
* Workspace apps and proxy now honor the specified CORS behavior,
enabling conditional CORS middleware application.
* Enhanced workspace app tests with comprehensive scenarios covering
CORS behaviors and authentication states.

* **Bug Fixes**
  * None.

* **Documentation**
* Updated API and admin documentation to describe the new
`cors_behavior` property and its usage.
* Added examples and schema references for CORS behavior in relevant API
docs.

* **Tests**
* Extended automated tests to cover different CORS behavior scenarios
for templates and workspace apps.

* **Chores**
* Updated audit logging to track changes to the `cors_behavior` field on
templates.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Signed-off-by: Callum Styan <callumstyan@gmail.com>
 2025-07-30 13:42:39 -07:00
Susana Ferreira 96e32d60a2 chore(site): add preset combobox to dynamic parameters page (#19100) 
## Description

This PR updates the `CreateWorkspacePageViewExperimental` page to use
the `Combobox` React component for preset selection. This aligns it with
the implementation used in the standard `CreateWorkspacePageView`,
ensuring consistency in UI behavior and component usage across both
pages.

<img width="2084" height="792" alt="Screenshot 2025-07-30 at 13 58 23"
src="https://github.com/user-attachments/assets/b8e4ed37-9c59-499f-b4e3-7aaca847eaa1"
/>

Related to `CreateWorkspacePageView` changes:
https://github.com/coder/coder/pull/19063
 2025-07-30 18:02:59 +01:00
Edward Angert 998fbdfbb3 docs: use CODER_LOG_FILTER instead of CODER_VERBOSE (#19105) 
closes #18833

replace suggestions to use the now-deprecated `CODER_VERBOSE` with more
specific `CODER_LOG_FILTER`

thanks @UnicornyRainbow!

---------

Co-authored-by: EdwardAngert <17991901+EdwardAngert@users.noreply.github.com>
 2025-07-30 12:35:45 -04:00
Edward Angert 428ec351fe docs: add code-server/vs code web comparison table (#19104) 
closes #18815 

adds a doc with comparison table and links to main documentation for
code-server


[preview](https://coder.com/docs/@18815-code-server-vs/user-guides/workspace-access/code-server)

---------

Co-authored-by: EdwardAngert <17991901+EdwardAngert@users.noreply.github.com>
 2025-07-30 12:35:27 -04:00
Sas Swart f256a23a77 feat: validate presets on template import (#18844) 
Typos and other errors often result in invalid presets in a template.
Coder would import these broken templates and present them to users when
they create workspaces. An unsuspecting user who chooses a broken preset
would then experience a failed workspace build with no obvious error
message.

This PR adds additional validation beyond what is possible in the
Terraform provider schema. Coder will now present a more helpful error
message to template authors when they upload a new template version:

<img width="1316" height="286" alt="Screenshot 2025-07-14 at 12 22 49"
src="https://github.com/user-attachments/assets/7f5f778f-d9ae-487a-95e2-f6f1ca604a9c"
/>

The frontend warning is less helpful right now, but I'd like to address
that in a follow-up since I need frontend help:

<img width="1102" height="616" alt="image"
src="https://github.com/user-attachments/assets/e838ffc8-ef4f-428d-9280-74fa0c491666"
/>

closes https://github.com/coder/coder/issues/17333


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **New Features**
* Improved validation and error reporting for template presets,
providing clearer feedback when presets cannot be parsed or reference
undefined parameters.

* **Bug Fixes**
* Enhanced error handling during template version creation to better
detect and report issues with presets.

* **Tests**
* Added new tests to verify validation of both valid and invalid
Terraform presets during template version creation.
* Improved test reliability by enabling dynamic control over error
injection in database-related tests.

* **Chores**
* Updated a dependency to the latest version for improved stability and
features.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
 2025-07-30 15:28:56 +02:00
Cian Johnston 26d232da6f fix(site): hide preset selector in TasksPage if no presets available (#19099) 2025-07-30 11:18:12 +01:00
Susana Ferreira 101351f502 chore: update dogfood coder template presets with description and icon (#19084) 
## Description

This PR updates the dogfood template presets to include a description
and a icon.
Requires [terraform-provider-coder
v2.9.0](https://github.com/coder/terraform-provider-coder/releases/tag/v2.9.0).

Related to:
* https://github.com/coder/coder/pull/18977
* https://github.com/coder/coder/pull/19063
 2025-07-30 11:00:33 +01:00
Susana Ferreira 44d9356985 fix(site): remove redundant alt text to prevent duplicated accessible names (#19087) 
## Description

Removes the redundant `alt` text in the `Combobox` component to prevent
screen readers from announcing duplicated names (e.g. "Rust Rust").

## Changes
* Remove redundant `alt` text from `Combobox` `ExternalImage`
* Update `Combobox` tests accordingly

Related to:
https://github.com/coder/coder/pull/19063#discussion_r2240459424
 2025-07-30 09:54:43 +01:00
ケイラ 4bced62bf1 chore: add site/ CODEOWNERS (#19086) 2025-07-29 12:26:32 -06:00