mirror of
https://github.com/coder/coder.git
synced 2026-06-02 20:48:20 +00:00
c5f1a2fccf9e4ac4432311f702b6b74dcb771f03
13599 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
 Kayla はな
|
c5f1a2fccf | feat: make service accounts a Premium feature (#24020) | ||
|
Jake Howell
|
655d647d40 |
fix: resolve style not passing in <LogLine /> (#24111)
This pull-request resolves an regression where the spread was overriding the required styles from the `react-window` virtualised rows. This was causing the scroll to act a little crazy. |
||
|
Kyle Carberry
|
f3f0a2c553 |
fix(enterprise/coderd/x/chatd): harden TestSubscribeRelayEstablishedMidStream against CI flakes (#24108)
Fixes coder/internal#1455 Three changes to eliminate the timing-sensitive flake in `TestSubscribeRelayEstablishedMidStream`: 1. **Reduce `PendingChatAcquireInterval` from `time.Hour` to `time.Second`.** The primary trigger is still `signalWake()` from `SendMessage`, but a short fallback poll ensures the worker picks up the pending chat even under heavy CI goroutine scheduling contention. 2. **Increase context timeout from `WaitLong` (25s) to `WaitSuperLong` (60s).** The worker pipeline (model resolution, message loading, LLM call) involves multiple DB round-trips that can be slow when PostgreSQL is shared with many parallel test packages. 3. **Add a status-polling loop while waiting for the streaming request.** If the worker errors out during chat processing, the test now fails immediately with the error status and message instead of silently timing out. > Generated by Coder Agents |
||
|
Garrett Delfosse
|
5453a6c6d6 |
fix(scripts/releaser): simplify branch regex and fix changelog range (#23947)
Two fixes for the release script: **1. Branch regex cleanup** — Simplified to only match `release/X.Y`. Removed support for `release/X.Y.Z` and `release/X.Y-rc.N` branch formats. RCs are now tagged from main (not from release branches), and the three-segment `release/X.Y.Z` format will not be used going forward. **2. Changelog range for first release on a new minor** — When no tags match the branch's major.minor, the commit range fell back to `HEAD` (entire git history, ~13k lines of changelog). Now computes `git merge-base` with the previous minor's release branch (e.g. `origin/release/2.32`) as the changelog starting point. This works even when that branch has no tags pushed yet. Falls back to the latest reachable tag from a previous minor if the branch doesn't exist. |
||
|
Jake Howell
|
21c08a37d7 |
feat: de-mui <LogLine /> and <Logs /> (#24043)
Migrated LogLine and Logs components from Emotion CSS-in-JS to Tailwind CSS classes. - Replaced Emotion `css` prop and theme-based styling with Tailwind utility classes in `LogLine` and `LogLinePrefix` components - Converted CSS-in-JS styles object to conditional Tailwind classes using the `cn` utility function - Updated log level styling (error, debug, warn) to use Tailwind classes with design token references - Migrated the Logs container component styling from Emotion to Tailwind classes - Removed Emotion imports and theme dependencies |
||
|
Jake Howell
|
2bd261fbbf |
fix: cleanup useKebabMenu code (#24042)
Refactored the tab overflow hook by renaming `useTabOverflowKebabMenu` to `useKebabMenu` and removing the configurable `alwaysVisibleTabsCount` parameter. - Renamed `useTabOverflowKebabMenu` to `useKebabMenu` and moved it to a new file - Removed the `alwaysVisibleTabsCount` parameter and hardcoded it to 1 tab as `ALWAYS_VISIBLE_TABS_COUNT` - Removed the `utils/index.ts` export file for the Tabs component - Updated the import in `AgentRow.tsx` to use the new hook name and removed the `alwaysVisibleTabsCount` prop - Refactored the internal logic to use a more functional approach with `reduce` instead of imperative loops - Added better performance optimizations to prevent unnecessary re-renders |
||
|
Kyle Carberry
|
cffc68df58 | feat(site): render read_skill body as markdown (#24069) | ||
|
Jake Howell
|
6e5335df1e |
feat: implement new workspace download logs dropdown (#23963)
This PR improves the agent log download functionality by replacing the single download button with a comprehensive dropdown menu system. - Replaced single download button with a dropdown menu offering multiple download options - Added ability to download all logs or individual log sources separately - Updated download button to show chevron icon indicating dropdown functionality - Enhanced download options with appropriate icons for each log source <img width="370" height="305" alt="image" src="https://github.com/user-attachments/assets/ddf025f5-f936-499a-9165-6e81b62d6860" /> |
||
|
Kyle Carberry
|
16265e834e |
chore: update fantasy fork to use github.com/coder/fantasy (#24100)
Moves the `charm.land/fantasy` replace directive from `github.com/kylecarbs/fantasy` to `github.com/coder/fantasy`, pointing at the same `cj/go1.25` branch and commit (`112927d9b6d8`). > Generated by Coder Agents |
||
|
Zach
|
565a15bc9b |
feat: update user secrets queries for REST API and injection (#23998)
Update queries as prep work for user secrets API development: - Switch all lookups and mutations from ID-based to user_id + name - Split list query into metadata-only (for API responses) and with-values (for provisioner/agent) - Add partial update support using CASE WHEN pattern for write-only value fields - Include value_key_id in create for dbcrypt encryption support - Update dbauthz wrappers and remove stale methods from dbmetrics |
||
|
Ethan
|
76a2cb1af5 |
fix(site/src/pages/AgentsPage): reset provider form after create (#23975)
Previously, after creating a provider config in the agents provider editor, the Save changes button stayed enabled for the lifetime of the mounted form. The form kept the pre-create local baseline, so the freshly-saved values still looked dirty. Key `ProviderForm` by provider config identity so React remounts the form when a config is created and re-establishes the pristine state from the saved provider values. |
||
|
Kyle Carberry
|
684f21740d |
perf(coderd): batch chat heartbeat queries into single UPDATE per interval (#24037)
## Summary
Replaces N per-chat heartbeat goroutines with a single centralized
heartbeat loop that issues one `UPDATE` per 30s interval for all running
chats on a worker.
## Problem
Each running chat spawned a dedicated goroutine that issued an
individual `UPDATE chats SET heartbeat_at = NOW() WHERE id = $1 AND
worker_id = $2 AND status = 'running'` query every 30 seconds. At 10,000
concurrent chats this produces **~333 DB queries/second** just for
heartbeats, plus ~333 `ActivityBumpWorkspace` CTE queries/second from
`trackWorkspaceUsage`.
## Solution
New `UpdateChatHeartbeats` (plural) SQL query replaces the old singular
`UpdateChatHeartbeat`:
```sql
UPDATE chats
SET heartbeat_at = @now::timestamptz
WHERE worker_id = @worker_id::uuid
AND status = 'running'::chat_status
RETURNING id;
```
A single `heartbeatLoop` goroutine on the `Server`:
1. Ticks every `chatHeartbeatInterval` (30s)
2. Issues one batch UPDATE for all registered chats
3. Detects stolen/completed chats via set-difference (equivalent of old
`rows == 0`)
4. Calls `trackWorkspaceUsage` for surviving chats
`processChat` registers an entry in the heartbeat registry instead of
spawning a goroutine.
## Impact
| Metric | Before (10K chats) | After (10K chats) |
|---|---|---|
| Heartbeat queries/sec | ~333 | ~0.03 (1 per 30s per replica) |
| Heartbeat goroutines | 10,000 | 1 |
| Self-interrupt detection | Per-chat `rows==0` | Batch set-difference |
---
> 🤖 Generated by Coder Agents
<details><summary>Implementation notes</summary>
- Uses `@now` parameter instead of `NOW()` so tests with `quartz.Mock`
can control timestamps.
- `heartbeatEntry` stores `context.CancelCauseFunc` + workspace state
for the centralized loop.
- `recoverStaleChats` is unaffected — it reads `heartbeat_at` which is
still updated.
- The old singular `UpdateChatHeartbeat` is removed entirely.
- `dbauthz` wrapper uses system-level `rbac.ResourceChat` authorization
(same pattern as `AcquireChats`).
</details>
|
||
|
George K
|
86ca61d6ca |
perf: cap count queries and emit native UUID comparisons for audit/connection logs (#23835)
Audit and connection log pages were timing out due to expensive COUNT(*) queries over large tables. This commit adds opt-in count capping: requests can return a `count_cap` field signaling that the count was truncated at a threshold, avoiding full table scans that caused page timeouts. Text-cast UUID comparisons in regosql-generated authorization queries also contributed to the slowdown by preventing index usage for connection and audit log queries. These now emit native UUID operators. Frontend changes handle the capped state in usePaginatedQuery and PaginationWidget, optionally displaying a capped count in the pagination UI (e.g. "Showing 2,076 to 2,100 of 2,000+ logs") Related to: https://linear.app/codercom/issue/PLAT-31/connectionaudit-log-performance-issue |
||
|
Jake Howell
|
f0521cfa3c |
fix: resolve <LogLine /> storybook flake (#24084)
This pull-request ensures we have a stable test where the content doesn't change every time we have a new storybook artifact by setting it to a consistent date. Closes https://github.com/coder/internal/issues/1454 |
||
|
Danielle Maywood
|
0c5d189aff | fix(site): stabilize mutation callbacks for React Compiler memoization (#24089) | ||
|
Michael Suchacz
|
d7c8213eee |
fix(coderd/x/chatd/mcpclient): deterministic external MCP tool ordering (#24075)
> This PR was authored by Mux on behalf of Mike. External MCP tools returned by `ConnectAll` were ordered by goroutine completion, making the tool list nondeterministic across chat turns. This broke prompt-cache stability since tools are serialized in order. Sort tools by their model-visible name after all connections complete, matching the existing pattern in workspace MCP tools (`agent/x/agentmcp/manager.go`). Also guards against a nil-client panic in cleanup when a connected server contributes zero tools after filtering. |
||
|
Cian Johnston
|
63924ac687 |
fix(site): use async findByLabelText in ProviderAccordionCards story (#24087)
- Use async `findByLabelText` instead of sync `getByLabelText` in `ProviderAccordionCards` story - Same bug fixed in #23999 for three other stories but missed for this one > 🤖 Written by a Coder Agent. Will be reviewed by a human. |
||
|
dependabot[bot]
|
6c47e9ea23 |
ci: bump the github-actions group with 3 updates (#24085)
Bumps the github-actions group with 3 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner), [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) and [github/codeql-action](https://github.com/github/codeql-action). Updates `step-security/harden-runner` from 2.16.0 to 2.16.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.16.1</h2> <h2>What's Changed</h2> <p>Enterprise tier: Added support for direct IP addresses in the allow list Community tier: Migrated Harden Runner telemetry to a new endpoint</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2.16.0...v2.16.1">https://github.com/step-security/harden-runner/compare/v2.16.0...v2.16.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/fe104658747b27e96e4f7e80cd0a94068e53901d"><code>fe10465</code></a> v2.16.1 (<a href="https://redirect.github.com/step-security/harden-runner/issues/654">#654</a>)</li> <li>See full diff in <a href="https://github.com/step-security/harden-runner/compare/fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594...fe104658747b27e96e4f7e80cd0a94068e53901d">compare view</a></li> </ul> </details> <br /> Updates `dependabot/fetch-metadata` from 2.5.0 to 3.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dependabot/fetch-metadata/releases">dependabot/fetch-metadata's releases</a>.</em></p> <blockquote> <h2>v3.0.0</h2> <p>The breaking change is requiring Node.js version v24 as the Actions runtime.</p> <h2>What's Changed</h2> <ul> <li>feat: Parse versions from metadata links by <a href="https://github.com/ppkarwasz"><code>@ppkarwasz</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/632">dependabot/fetch-metadata#632</a></li> <li>Upgrade actions core and actions github packages by <a href="https://github.com/truggeri"><code>@truggeri</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/649">dependabot/fetch-metadata#649</a></li> <li>docs: Add notes for using <code>alert-lookup</code> with App Token by <a href="https://github.com/sue445"><code>@sue445</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/656">dependabot/fetch-metadata#656</a></li> <li>feat!: update Node.js version to v24 by <a href="https://github.com/sturman"><code>@sturman</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/671">dependabot/fetch-metadata#671</a></li> <li>Switch build tooling from ncc to esbuild by <a href="https://github.com/truggeri"><code>@truggeri</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/676">dependabot/fetch-metadata#676</a></li> <li>Add --legal-comments=none to esbuild build commands by <a href="https://github.com/jeffwidman"><code>@jeffwidman</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/679">dependabot/fetch-metadata#679</a></li> <li>Bump tsconfig target from es2022 to es2024 by <a href="https://github.com/jeffwidman"><code>@jeffwidman</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/680">dependabot/fetch-metadata#680</a></li> <li>Remove vestigial outDir from tsconfig.json by <a href="https://github.com/jeffwidman"><code>@jeffwidman</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/681">dependabot/fetch-metadata#681</a></li> <li>Switch tsconfig module resolution to bundler by <a href="https://github.com/jeffwidman"><code>@jeffwidman</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/682">dependabot/fetch-metadata#682</a></li> <li>Remove skipLibCheck from tsconfig.json by <a href="https://github.com/jeffwidman"><code>@jeffwidman</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/683">dependabot/fetch-metadata#683</a></li> <li>Add typecheck step to CI by <a href="https://github.com/jeffwidman"><code>@jeffwidman</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/685">dependabot/fetch-metadata#685</a></li> <li>Enable noImplicitAny in tsconfig.json by <a href="https://github.com/jeffwidman"><code>@jeffwidman</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/684">dependabot/fetch-metadata#684</a></li> <li>Upgrade <code>@actions/core</code> to ^3.0.0 by <a href="https://github.com/truggeri"><code>@truggeri</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/677">dependabot/fetch-metadata#677</a></li> <li>Upgrade <code>@actions/github</code> to ^9.0.0 and <code>@octokit/request-error</code> to ^7.1.0 by <a href="https://github.com/truggeri"><code>@truggeri</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/678">dependabot/fetch-metadata#678</a></li> <li>Bump qs from 6.14.0 to 6.14.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/651">dependabot/fetch-metadata#651</a></li> <li>Bump hono from 4.11.1 to 4.11.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/652">dependabot/fetch-metadata#652</a></li> <li>Bump hono from 4.11.4 to 4.11.7 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/653">dependabot/fetch-metadata#653</a></li> <li>Bump hono from 4.11.7 to 4.12.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/657">dependabot/fetch-metadata#657</a></li> <li>Bump qs from 6.14.1 to 6.14.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/655">dependabot/fetch-metadata#655</a></li> <li>Bump <code>@modelcontextprotocol/sdk</code> from 1.25.1 to 1.26.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/654">dependabot/fetch-metadata#654</a></li> <li>Bump <code>@hono/node-server</code> from 1.19.9 to 1.19.10 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/665">dependabot/fetch-metadata#665</a></li> <li>Bump hono from 4.12.2 to 4.12.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/664">dependabot/fetch-metadata#664</a></li> <li>Bump minimatch from 3.1.2 to 3.1.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/667">dependabot/fetch-metadata#667</a></li> <li>Bump hono from 4.12.5 to 4.12.7 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/668">dependabot/fetch-metadata#668</a></li> <li>Bump actions/create-github-app-token from 2.2.1 to 3.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/669">dependabot/fetch-metadata#669</a></li> <li>Bump flatted from 3.3.3 to 3.4.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/670">dependabot/fetch-metadata#670</a></li> <li>build(deps-dev): bump picomatch from 2.3.1 to 2.3.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/674">dependabot/fetch-metadata#674</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/ppkarwasz"><code>@ppkarwasz</code></a> made their first contribution in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/632">dependabot/fetch-metadata#632</a></li> <li><a href="https://github.com/truggeri"><code>@truggeri</code></a> made their first contribution in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/649">dependabot/fetch-metadata#649</a></li> <li><a href="https://github.com/sue445"><code>@sue445</code></a> made their first contribution in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/656">dependabot/fetch-metadata#656</a></li> <li><a href="https://github.com/sturman"><code>@sturman</code></a> made their first contribution in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/671">dependabot/fetch-metadata#671</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/dependabot/fetch-metadata/compare/v2...v3.0.0">https://github.com/dependabot/fetch-metadata/compare/v2...v3.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dependabot/fetch-metadata/commit/ffa630c65fa7e0ecfa0625b5ceda64399aea1b36"><code>ffa630c</code></a> v3.0.0 (<a href="https://redirect.github.com/dependabot/fetch-metadata/issues/686">#686</a>)</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/ec8fff2ea0f40ccdbdcd1fea69759029f2990807"><code>ec8fff2</code></a> Merge pull request <a href="https://redirect.github.com/dependabot/fetch-metadata/issues/674">#674</a> from dependabot/dependabot/npm_and_yarn/picomatch-2.3.2</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/caf48bddf9ab5175bbd568425ea999bab03f1147"><code>caf48bd</code></a> build(deps-dev): bump picomatch from 2.3.1 to 2.3.2</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/13d82742f9de94226254782b8662a39878795272"><code>13d8274</code></a> Upgrade <code>@actions/github</code> to ^9.0.0 and <code>@octokit/request-error</code> to ^7.1.0 (<a href="https://redirect.github.com/dependabot/fetch-metadata/issues/678">#678</a>)</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/b60309944845001ba168d4947b0c43c4bc94be74"><code>b603099</code></a> Upgrade <code>@actions/core</code> from ^1.11.1 to ^3.0.0 (<a href="https://redirect.github.com/dependabot/fetch-metadata/issues/677">#677</a>)</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/c5dc5b174070a3760ba36f0638aa6be896c4c7c9"><code>c5dc5b1</code></a> Enable noImplicitAny in tsconfig.json (<a href="https://redirect.github.com/dependabot/fetch-metadata/issues/684">#684</a>)</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/a183f3c7985054f86eba6dd1ad07cde0067cc4f7"><code>a183f3c</code></a> Add typecheck step to CI (<a href="https://redirect.github.com/dependabot/fetch-metadata/issues/685">#685</a>)</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/5e175645c2bdda348d0b48d730d38c537356a153"><code>5e17564</code></a> Remove skipLibCheck from tsconfig.json (<a href="https://redirect.github.com/dependabot/fetch-metadata/issues/683">#683</a>)</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/bb56eeb32acd8595e47fb3529ce5816589d912fe"><code>bb56eeb</code></a> Switch tsconfig module resolution to bundler (<a href="https://redirect.github.com/dependabot/fetch-metadata/issues/682">#682</a>)</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/3632e3d8b773dac47f843a97c7536d0ce4e73de4"><code>3632e3d</code></a> Remove vestigial outDir from tsconfig.json (<a href="https://redirect.github.com/dependabot/fetch-metadata/issues/681">#681</a>)</li> <li>Additional commits viewable in <a href="https://github.com/dependabot/fetch-metadata/compare/21025c705c08248db411dc16f3619e6b5f9ea21a...ffa630c65fa7e0ecfa0625b5ceda64399aea1b36">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 4.31.9 to 4.35.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v4.35.1</h2> <ul> <li>Fix incorrect minimum required Git version for <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a>: it should have been 2.36.0, not 2.11.0. <a href="https://redirect.github.com/github/codeql-action/pull/3781">#3781</a></li> </ul> <h2>v4.35.0</h2> <ul> <li>Reduced the minimum Git version required for <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a> from 2.38.0 to 2.11.0. <a href="https://redirect.github.com/github/codeql-action/pull/3767">#3767</a></li> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1">2.25.1</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3773">#3773</a></li> </ul> <h2>v4.34.1</h2> <ul> <li>Downgrade default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3">2.24.3</a> due to issues with a small percentage of Actions and JavaScript analyses. <a href="https://redirect.github.com/github/codeql-action/pull/3762">#3762</a></li> </ul> <h2>v4.34.0</h2> <ul> <li>Added an experimental change which disables TRAP caching when <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a> is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. <a href="https://redirect.github.com/github/codeql-action/pull/3569">#3569</a></li> <li>We are rolling out improved incremental analysis to C/C++ analyses that use build mode <code>none</code>. We expect this rollout to be complete by the end of April 2026. <a href="https://redirect.github.com/github/codeql-action/pull/3584">#3584</a></li> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0">2.25.0</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3585">#3585</a></li> </ul> <h2>v4.33.0</h2> <ul> <li> <p>Upcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. <a href="https://redirect.github.com/github/codeql-action/pull/3562">#3562</a></p> <p>To opt out of this change:</p> <ul> <li><strong>Repositories owned by an organization:</strong> Create a custom repository property with the name <code>github-codeql-file-coverage-on-prs</code> and the type "True/false", then set this property to <code>true</code> in the repository's settings. For more information, see <a href="https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization">Managing custom properties for repositories in your organization</a>. Alternatively, if you are using an advanced setup workflow, you can set the <code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable to <code>true</code> in your workflow.</li> <li><strong>User-owned repositories using default setup:</strong> Switch to an advanced setup workflow and set the <code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable to <code>true</code> in your workflow.</li> <li><strong>User-owned repositories using advanced setup:</strong> Set the <code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable to <code>true</code> in your workflow.</li> </ul> </li> <li> <p>Fixed <a href="https://redirect.github.com/github/codeql-action/issues/3555">a bug</a> which caused the CodeQL Action to fail loading repository properties if a "Multi select" repository property was configured for the repository. <a href="https://redirect.github.com/github/codeql-action/pull/3557">#3557</a></p> </li> <li> <p>The CodeQL Action now loads <a href="https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization">custom repository properties</a> on GitHub Enterprise Server, enabling the customization of features such as <code>github-codeql-disable-overlay</code> that was previously only available on GitHub.com. <a href="https://redirect.github.com/github/codeql-action/pull/3559">#3559</a></p> </li> <li> <p>Once <a href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private package registries</a> can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. <a href="https://redirect.github.com/github/codeql-action/pull/3563">#3563</a></p> </li> <li> <p>Fixed the retry mechanism for database uploads. Previously this would fail with the error "Response body object should not be disturbed or locked". <a href="https://redirect.github.com/github/codeql-action/pull/3564">#3564</a></p> </li> <li> <p>A warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. <a href="https://redirect.github.com/github/codeql-action/pull/3570">#3570</a></p> </li> </ul> <h2>v4.32.6</h2> <ul> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3">2.24.3</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3548">#3548</a></li> </ul> <h2>v4.32.5</h2> <ul> <li>Repositories owned by an organization can now set up the <code>github-codeql-disable-overlay</code> custom repository property to disable <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis for CodeQL</a>. First, create a custom repository property with the name <code>github-codeql-disable-overlay</code> and the type "True/false" in the organization's settings. Then in the repository's settings, set this property to <code>true</code> to disable improved incremental analysis. For more information, see <a href="https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization">Managing custom properties for repositories in your organization</a>. This feature is not yet available on GitHub Enterprise Server. <a href="https://redirect.github.com/github/codeql-action/pull/3507">#3507</a></li> <li>Added an experimental change so that when <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a> fails on a runner — potentially due to insufficient disk space — the failure is recorded in the Actions cache so that subsequent runs will automatically skip improved incremental analysis until something changes (e.g. a larger runner is provisioned or a new CodeQL version is released). We expect to roll this change out to everyone in March. <a href="https://redirect.github.com/github/codeql-action/pull/3487">#3487</a></li> <li>The minimum memory check for improved incremental analysis is now skipped for CodeQL 2.24.3 and later, which has reduced peak RAM usage. <a href="https://redirect.github.com/github/codeql-action/pull/3515">#3515</a></li> <li>Reduced log levels for best-effort private package registry connection check failures to reduce noise from workflow annotations. <a href="https://redirect.github.com/github/codeql-action/pull/3516">#3516</a></li> <li>Added an experimental change which lowers the minimum disk space requirement for <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a>, enabling it to run on standard GitHub Actions runners. We expect to roll this change out to everyone in March. <a href="https://redirect.github.com/github/codeql-action/pull/3498">#3498</a></li> <li>Added an experimental change which allows the <code>start-proxy</code> action to resolve the CodeQL CLI version from feature flags instead of using the linked CLI bundle version. We expect to roll this change out to everyone in March. <a href="https://redirect.github.com/github/codeql-action/pull/3512">#3512</a></li> <li>The previously experimental changes from versions 4.32.3, 4.32.4, 3.32.3 and 3.32.4 are now enabled by default. <a href="https://redirect.github.com/github/codeql-action/pull/3503">#3503</a>, <a href="https://redirect.github.com/github/codeql-action/pull/3504">#3504</a></li> </ul> <h2>v4.32.4</h2> <ul> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.2">2.24.2</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3493">#3493</a></li> <li>Added an experimental change which improves how certificates are generated for the authentication proxy that is used by the CodeQL Action in Default Setup when <a href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private package registries are configured</a>. This is expected to generate more widely compatible certificates and should have no impact on analyses which are working correctly already. We expect to roll this change out to everyone in February. <a href="https://redirect.github.com/github/codeql-action/pull/3473">#3473</a></li> <li>When the CodeQL Action is run <a href="https://docs.github.com/en/code-security/how-tos/scan-code-for-vulnerabilities/troubleshooting/troubleshooting-analysis-errors/logs-not-detailed-enough#creating-codeql-debugging-artifacts-for-codeql-default-setup">with debugging enabled in Default Setup</a> and <a href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private package registries are configured</a>, the "Setup proxy for registries" step will output additional diagnostic information that can be used for troubleshooting. <a href="https://redirect.github.com/github/codeql-action/pull/3486">#3486</a></li> <li>Added a setting which allows the CodeQL Action to enable network debugging for Java programs. This will help GitHub staff support customers with troubleshooting issues in GitHub-managed CodeQL workflows, such as Default Setup. This setting can only be enabled by GitHub staff. <a href="https://redirect.github.com/github/codeql-action/pull/3485">#3485</a></li> <li>Added a setting which enables GitHub-managed workflows, such as Default Setup, to use a <a href="https://github.com/dsp-testing/codeql-cli-nightlies">nightly CodeQL CLI release</a> instead of the latest, stable release that is used by default. This will help GitHub staff support customers whose analyses for a given repository or organization require early access to a change in an upcoming CodeQL CLI release. This setting can only be enabled by GitHub staff. <a href="https://redirect.github.com/github/codeql-action/pull/3484">#3484</a></li> </ul> <h2>v4.32.3</h2> <ul> <li>Added experimental support for testing connections to <a href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private package registries</a>. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for Default Setup. <a href="https://redirect.github.com/github/codeql-action/pull/3466">#3466</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <ul> <li>The undocumented TRAP cache cleanup feature that could be enabled using the <code>CODEQL_ACTION_CLEANUP_TRAP_CACHES</code> environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the <code>trap-caching: false</code> input to the <code>init</code> Action. <a href="https://redirect.github.com/github/codeql-action/pull/3795">#3795</a></li> <li>The Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. <a href="https://redirect.github.com/github/codeql-action/pull/3789">#3789</a></li> <li>Python analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. <a href="https://redirect.github.com/github/codeql-action/pull/3794">#3794</a></li> </ul> <h2>4.35.1 - 27 Mar 2026</h2> <ul> <li>Fix incorrect minimum required Git version for <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a>: it should have been 2.36.0, not 2.11.0. <a href="https://redirect.github.com/github/codeql-action/pull/3781">#3781</a></li> </ul> <h2>4.35.0 - 27 Mar 2026</h2> <ul> <li>Reduced the minimum Git version required for <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a> from 2.38.0 to 2.11.0. <a href="https://redirect.github.com/github/codeql-action/pull/3767">#3767</a></li> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1">2.25.1</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3773">#3773</a></li> </ul> <h2>4.34.1 - 20 Mar 2026</h2> <ul> <li>Downgrade default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3">2.24.3</a> due to issues with a small percentage of Actions and JavaScript analyses. <a href="https://redirect.github.com/github/codeql-action/pull/3762">#3762</a></li> </ul> <h2>4.34.0 - 20 Mar 2026</h2> <ul> <li>Added an experimental change which disables TRAP caching when <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a> is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. <a href="https://redirect.github.com/github/codeql-action/pull/3569">#3569</a></li> <li>We are rolling out improved incremental analysis to C/C++ analyses that use build mode <code>none</code>. We expect this rollout to be complete by the end of April 2026. <a href="https://redirect.github.com/github/codeql-action/pull/3584">#3584</a></li> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0">2.25.0</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3585">#3585</a></li> </ul> <h2>4.33.0 - 16 Mar 2026</h2> <ul> <li> <p>Upcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. <a href="https://redirect.github.com/github/codeql-action/pull/3562">#3562</a></p> <p>To opt out of this change:</p> <ul> <li><strong>Repositories owned by an organization:</strong> Create a custom repository property with the name <code>github-codeql-file-coverage-on-prs</code> and the type "True/false", then set this property to <code>true</code> in the repository's settings. For more information, see <a href="https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization">Managing custom properties for repositories in your organization</a>. Alternatively, if you are using an advanced setup workflow, you can set the <code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable to <code>true</code> in your workflow.</li> <li><strong>User-owned repositories using default setup:</strong> Switch to an advanced setup workflow and set the <code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable to <code>true</code> in your workflow.</li> <li><strong>User-owned repositories using advanced setup:</strong> Set the <code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable to <code>true</code> in your workflow.</li> </ul> </li> <li> <p>Fixed <a href="https://redirect.github.com/github/codeql-action/issues/3555">a bug</a> which caused the CodeQL Action to fail loading repository properties if a "Multi select" repository property was configured for the repository. <a href="https://redirect.github.com/github/codeql-action/pull/3557">#3557</a></p> </li> <li> <p>The CodeQL Action now loads <a href="https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization">custom repository properties</a> on GitHub Enterprise Server, enabling the customization of features such as <code>github-codeql-disable-overlay</code> that was previously only available on GitHub.com. <a href="https://redirect.github.com/github/codeql-action/pull/3559">#3559</a></p> </li> <li> <p>Once <a href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private package registries</a> can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. <a href="https://redirect.github.com/github/codeql-action/pull/3563">#3563</a></p> </li> <li> <p>Fixed the retry mechanism for database uploads. Previously this would fail with the error "Response body object should not be disturbed or locked". <a href="https://redirect.github.com/github/codeql-action/pull/3564">#3564</a></p> </li> <li> <p>A warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. <a href="https://redirect.github.com/github/codeql-action/pull/3570">#3570</a></p> </li> </ul> <h2>4.32.6 - 05 Mar 2026</h2> <ul> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3">2.24.3</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3548">#3548</a></li> </ul> <h2>4.32.5 - 02 Mar 2026</h2> <ul> <li>Repositories owned by an organization can now set up the <code>github-codeql-disable-overlay</code> custom repository property to disable <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis for CodeQL</a>. First, create a custom repository property with the name <code>github-codeql-disable-overlay</code> and the type "True/false" in the organization's settings. Then in the repository's settings, set this property to <code>true</code> to disable improved incremental analysis. For more information, see <a href="https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization">Managing custom properties for repositories in your organization</a>. This feature is not yet available on GitHub Enterprise Server. <a href="https://redirect.github.com/github/codeql-action/pull/3507">#3507</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/c10b8064de6f491fea524254123dbe5e09572f13"><code>c10b806</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3782">#3782</a> from github/update-v4.35.1-d6d1743b8</li> <li><a href="https://github.com/github/codeql-action/commit/c5ffd0683786820677d054e3505e1c5bb4b8c227"><code>c5ffd06</code></a> Update changelog for v4.35.1</li> <li><a href="https://github.com/github/codeql-action/commit/d6d1743b8ec7ecd94f78ad1ce4cb3d8d2ba58001"><code>d6d1743</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3781">#3781</a> from github/henrymercer/update-git-minimum-version</li> <li><a href="https://github.com/github/codeql-action/commit/65d2efa7333ad65f97cc54be40f4cd18630f884c"><code>65d2efa</code></a> Add changelog note</li> <li><a href="https://github.com/github/codeql-action/commit/2437b20ab31021229573a66717323dd5c6ce9319"><code>2437b20</code></a> Update minimum git version for overlay to 2.36.0</li> <li><a href="https://github.com/github/codeql-action/commit/ea5f71947c021286c99f61cc426a10d715fe4434"><code>ea5f719</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3775">#3775</a> from github/dependabot/npm_and_yarn/node-forge-1.4.0</li> <li><a href="https://github.com/github/codeql-action/commit/45ceeea896ba2293e10982f871198d1950ee13d6"><code>45ceeea</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3777">#3777</a> from github/mergeback/v4.35.0-to-main-b8bb9f28</li> <li><a href="https://github.com/github/codeql-action/commit/24448c98434f429f901d27db7ddae55eec5cc1c4"><code>24448c9</code></a> Rebuild</li> <li><a href="https://github.com/github/codeql-action/commit/7c510606312e5c68ac8b27c009e5254f226f5dfa"><code>7c51060</code></a> Update changelog and version after v4.35.0</li> <li><a href="https://github.com/github/codeql-action/commit/b8bb9f28b8d3f992092362369c57161b755dea45"><code>b8bb9f2</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3776">#3776</a> from github/update-v4.35.0-0078ad667</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/5d4e8d1aca955e8d8589aabd499c5cae939e33c7...c10b8064de6f491fea524254123dbe5e09572f13">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
Danielle Maywood
|
aede045549 | chore: bump @biomejs/biome from 2.2 to 2.4.10 (#24074) | ||
|
dependabot[bot]
|
2ea08aa168 |
chore: bump github.com/gohugoio/hugo from 0.159.2 to 0.160.0 (#24081)
Bumps [github.com/gohugoio/hugo](https://github.com/gohugoio/hugo) from 0.159.2 to 0.160.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/gohugoio/hugo/releases">github.com/gohugoio/hugo's releases</a>.</em></p> <blockquote> <h2>v0.160.0</h2> <p>Now you can inject <a href="https://gohugo.io/functions/css/build/#vars">CSS vars</a>, e.g. from the configuration, into your stylesheets when building with <a href="https://gohugo.io/functions/css/build/">css.Build</a>. Also, now all the render hooks has a <a href="https://gohugo.io/render-hooks/links/#position">.Position</a> method, now also more accurate and effective.</p> <h2>Bug fixes</h2> <ul> <li>Fix some recently introduced Position issues 4e91e14c <a href="https://github.com/bep"><code>@bep</code></a> <a href="https://redirect.github.com/gohugoio/hugo/issues/14710">#14710</a></li> <li>markup/goldmark: Fix double-escaping of ampersands in link URLs dc9b51d2 <a href="https://github.com/bep"><code>@bep</code></a> <a href="https://redirect.github.com/gohugoio/hugo/issues/14715">#14715</a></li> <li>tpl: Fix stray quotes from partial decorator in script context 43aad711 <a href="https://github.com/bep"><code>@bep</code></a> <a href="https://redirect.github.com/gohugoio/hugo/issues/14711">#14711</a></li> </ul> <h2>Improvements</h2> <ul> <li>all: Replace NewIntegrationTestBuilder with Test/TestE/TestRunning 481baa08 <a href="https://github.com/bep"><code>@bep</code></a></li> <li>tpl/css: Support <a href="https://github.com/import"><code>@import</code></a> "hugo:vars" for CSS custom properties in css.Build 5d09b5e3 <a href="https://github.com/bep"><code>@bep</code></a> <a href="https://redirect.github.com/gohugoio/hugo/issues/14699">#14699</a></li> <li>Improve and extend .Position handling in Goldmark render hooks 303e443e <a href="https://github.com/bep"><code>@bep</code></a> <a href="https://redirect.github.com/gohugoio/hugo/issues/14663">#14663</a></li> <li>markup/goldmark: Clean up test 638262ce <a href="https://github.com/bep"><code>@bep</code></a></li> </ul> <h2>Dependency Updates</h2> <ul> <li>build(deps): bump github.com/magefile/mage from 1.16.1 to 1.17.1 bf6e35a7 <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot]</li> <li>build(deps): bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4 0eda24e6 <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot]</li> <li>build(deps): bump golang.org/x/image from 0.37.0 to 0.38.0 beb57a68 <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot]</li> </ul> <h2>Documentation</h2> <ul> <li>readme: Revise edition descriptions and installation instructions 9f1f1be0 <a href="https://github.com/jmooring"><code>@jmooring</code></a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/gohugoio/hugo/commit/652fc5acddf94e0501f778e196a8b630566b39ad"><code>652fc5a</code></a> releaser: Bump versions for release of 0.160.0</li> <li><a href="https://github.com/gohugoio/hugo/commit/bf6e35a7557bb31b0e38b29eb10b94e03afa0d8a"><code>bf6e35a</code></a> build(deps): bump github.com/magefile/mage from 1.16.1 to 1.17.1</li> <li><a href="https://github.com/gohugoio/hugo/commit/4e91e14cb0152f6e6bd216c0cd2f0913e6e17325"><code>4e91e14</code></a> Fix some recently introduced Position issues</li> <li><a href="https://github.com/gohugoio/hugo/commit/dc9b51d2e2fa1bfc2b7c68c01417bb7ae2c9c6a2"><code>dc9b51d</code></a> markup/goldmark: Fix double-escaping of ampersands in link URLs</li> <li><a href="https://github.com/gohugoio/hugo/commit/481baa08968e29e2a2771e9d6022c9f995b2fc11"><code>481baa0</code></a> all: Replace NewIntegrationTestBuilder with Test/TestE/TestRunning</li> <li><a href="https://github.com/gohugoio/hugo/commit/43aad7118da6f8365d9cdb4aaada1878ce68fb98"><code>43aad71</code></a> tpl: Fix stray quotes from partial decorator in script context</li> <li><a href="https://github.com/gohugoio/hugo/commit/9f1f1be0be2e5b8280e16df647d838c538edb9c2"><code>9f1f1be</code></a> readme: Revise edition descriptions and installation instructions</li> <li><a href="https://github.com/gohugoio/hugo/commit/0eda24e65fdde77878a17d9583c5f2bce4f3d437"><code>0eda24e</code></a> build(deps): bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4</li> <li><a href="https://github.com/gohugoio/hugo/commit/5d09b5e32a4d0e9b3fe8797c91804f6a7804bb5a"><code>5d09b5e</code></a> tpl/css: Support <a href="https://github.com/import"><code>@import</code></a> "hugo:vars" for CSS custom properties in css.Build</li> <li><a href="https://github.com/gohugoio/hugo/commit/303e443ea7ba5c22dc5d2b5df5d7c5392b0dcc3a"><code>303e443</code></a> Improve and extend .Position handling in Goldmark render hooks</li> <li>Additional commits viewable in <a href="https://github.com/gohugoio/hugo/compare/v0.159.2...v0.160.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
d4b9248202 |
chore: bump github.com/valyala/fasthttp from 1.69.0 to 1.70.0 (#24080)
Bumps [github.com/valyala/fasthttp](https://github.com/valyala/fasthttp) from 1.69.0 to 1.70.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/valyala/fasthttp/releases">github.com/valyala/fasthttp's releases</a>.</em></p> <blockquote> <h2>v1.70.0</h2> <h2>What's Changed</h2> <ul> <li>Go 1.26 and golangci-lint updates by <a href="https://github.com/erikdubbelboer"><code>@erikdubbelboer</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/2146">valyala/fasthttp#2146</a></li> <li>Add WithLimit methods for uncompression by <a href="https://github.com/erikdubbelboer"><code>@erikdubbelboer</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/2147">valyala/fasthttp#2147</a></li> <li>Honor Root for fs.FS and normalize fs-style roots by <a href="https://github.com/erikdubbelboer"><code>@erikdubbelboer</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/2145">valyala/fasthttp#2145</a></li> <li>Sanitize header values in all setter paths to prevent CRLF injection by <a href="https://github.com/erikdubbelboer"><code>@erikdubbelboer</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/2162">valyala/fasthttp#2162</a></li> <li>Add ServeFileLiteral, ServeFSLiteral and SendFileLiteral by <a href="https://github.com/erikdubbelboer"><code>@erikdubbelboer</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/2163">valyala/fasthttp#2163</a></li> <li>Prevent chunk extension request smuggling by <a href="https://github.com/erikdubbelboer"><code>@erikdubbelboer</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/2165">valyala/fasthttp#2165</a></li> <li>Validate request URI format during header parsing to reject malformed requests by <a href="https://github.com/erikdubbelboer"><code>@erikdubbelboer</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/2168">valyala/fasthttp#2168</a></li> <li>HTTP1/1 requires exactly one Host header by <a href="https://github.com/erikdubbelboer"><code>@erikdubbelboer</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/2164">valyala/fasthttp#2164</a></li> <li>Strict HTTP version validation and simplified first line parsing by <a href="https://github.com/erikdubbelboer"><code>@erikdubbelboer</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/2167">valyala/fasthttp#2167</a></li> <li>Only normalize pre-colon whitespace for HTTP headers by <a href="https://github.com/erikdubbelboer"><code>@erikdubbelboer</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/2172">valyala/fasthttp#2172</a></li> <li>fs: reject '..' path segments in rewritten paths by <a href="https://github.com/erikdubbelboer"><code>@erikdubbelboer</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/2173">valyala/fasthttp#2173</a></li> <li>fasthttpproxy: reject CRLF in HTTP proxy CONNECT target by <a href="https://github.com/erikdubbelboer"><code>@erikdubbelboer</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/2174">valyala/fasthttp#2174</a></li> <li>fasthttpproxy: scope proxy auth cache to GetDialFunc by <a href="https://github.com/erikdubbelboer"><code>@erikdubbelboer</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/2144">valyala/fasthttp#2144</a></li> <li>feat: enhance performance by <a href="https://github.com/ReneWerner87"><code>@ReneWerner87</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/2135">valyala/fasthttp#2135</a></li> <li>export ErrConnectionClosed by <a href="https://github.com/pjebs"><code>@pjebs</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/2152">valyala/fasthttp#2152</a></li> <li>fix: detect master process death in prefork children by <a href="https://github.com/meruiden"><code>@meruiden</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/2158">valyala/fasthttp#2158</a></li> <li>return prev values by <a href="https://github.com/pjebs"><code>@pjebs</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/2123">valyala/fasthttp#2123</a></li> <li>docs: added httpgo to related projects by <a href="https://github.com/MUlt1mate"><code>@MUlt1mate</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/2169">valyala/fasthttp#2169</a></li> <li>chore(deps): bump actions/upload-artifact from 6 to 7 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/valyala/fasthttp/pull/2149">valyala/fasthttp#2149</a></li> <li>chore(deps): bump github.com/andybalholm/brotli from 1.2.0 to 1.2.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/valyala/fasthttp/pull/2170">valyala/fasthttp#2170</a></li> <li>chore(deps): bump github.com/klauspost/compress from 1.18.2 to 1.18.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/valyala/fasthttp/pull/2129">valyala/fasthttp#2129</a></li> <li>chore(deps): bump github.com/klauspost/compress from 1.18.3 to 1.18.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/valyala/fasthttp/pull/2140">valyala/fasthttp#2140</a></li> <li>chore(deps): bump github.com/klauspost/compress from 1.18.4 to 1.18.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/valyala/fasthttp/pull/2166">valyala/fasthttp#2166</a></li> <li>chore(deps): bump golang.org/x/crypto from 0.47.0 to 0.48.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/valyala/fasthttp/pull/2139">valyala/fasthttp#2139</a></li> <li>chore(deps): bump golang.org/x/net from 0.48.0 to 0.49.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/valyala/fasthttp/pull/2128">valyala/fasthttp#2128</a></li> <li>chore(deps): bump golang.org/x/net from 0.49.0 to 0.50.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/valyala/fasthttp/pull/2138">valyala/fasthttp#2138</a></li> <li>chore(deps): bump golang.org/x/sys from 0.39.0 to 0.40.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/valyala/fasthttp/pull/2125">valyala/fasthttp#2125</a></li> <li>chore(deps): bump golang.org/x/sys from 0.40.0 to 0.41.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/valyala/fasthttp/pull/2137">valyala/fasthttp#2137</a></li> <li>chore(deps): bump securego/gosec from 2.22.11 to 2.23.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/valyala/fasthttp/pull/2142">valyala/fasthttp#2142</a></li> <li>Update securego/gosec from 2.23.0 to 2.25.0 by <a href="https://github.com/erikdubbelboer"><code>@erikdubbelboer</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/2161">valyala/fasthttp#2161</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/MUlt1mate"><code>@MUlt1mate</code></a> made their first contribution in <a href="https://redirect.github.com/valyala/fasthttp/pull/2169">valyala/fasthttp#2169</a></li> <li><a href="https://github.com/meruiden"><code>@meruiden</code></a> made their first contribution in <a href="https://redirect.github.com/valyala/fasthttp/pull/2158">valyala/fasthttp#2158</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/valyala/fasthttp/compare/v1.69.0...v1.70.0">https://github.com/valyala/fasthttp/compare/v1.69.0...v1.70.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/valyala/fasthttp/commit/534461ad123bfbcc1190d29cb3553a19b72d2845"><code>534461a</code></a> fasthttpproxy: reject CRLF in HTTP proxy CONNECT target (<a href="https://redirect.github.com/valyala/fasthttp/issues/2174">#2174</a>)</li> <li><a href="https://github.com/valyala/fasthttp/commit/267e740f5657cb606d35de3ca54df55b2625508c"><code>267e740</code></a> fs: reject '..' path segments in rewritten paths (<a href="https://redirect.github.com/valyala/fasthttp/issues/2173">#2173</a>)</li> <li><a href="https://github.com/valyala/fasthttp/commit/a95a1ad11ceeb1726740070ab464b8d22d3278d8"><code>a95a1ad</code></a> Only normalize pre-colon whitespace for HTTP headers (<a href="https://redirect.github.com/valyala/fasthttp/issues/2172">#2172</a>)</li> <li><a href="https://github.com/valyala/fasthttp/commit/ab8c2aceea3da871f9f901e595425fd144d1790f"><code>ab8c2ac</code></a> fix: detect master process death in prefork children (<a href="https://redirect.github.com/valyala/fasthttp/issues/2158">#2158</a>)</li> <li><a href="https://github.com/valyala/fasthttp/commit/c4569c5fbb7b0142cb2607dbb170f6efcec96894"><code>c4569c5</code></a> feat: enhance performance (<a href="https://redirect.github.com/valyala/fasthttp/issues/2135">#2135</a>)</li> <li><a href="https://github.com/valyala/fasthttp/commit/beab280ed3f7be24111fe5b452564be647370ee7"><code>beab280</code></a> chore(deps): bump github.com/andybalholm/brotli from 1.2.0 to 1.2.1 (<a href="https://redirect.github.com/valyala/fasthttp/issues/2170">#2170</a>)</li> <li><a href="https://github.com/valyala/fasthttp/commit/82254a7addc61a494b6a504fb0c65871a9c0444f"><code>82254a7</code></a> Normalize framing header names with pre-colon whitespace</li> <li><a href="https://github.com/valyala/fasthttp/commit/611132707f1d75db30a7f3347092e36bcd87094e"><code>6111327</code></a> Strict HTTP version validation and simplified first line parsing (<a href="https://redirect.github.com/valyala/fasthttp/issues/2167">#2167</a>)</li> <li><a href="https://github.com/valyala/fasthttp/commit/eb38f5fc140be062aa5acbbeb97571e538a4e781"><code>eb38f5f</code></a> HTTP1/1 requires exactly one Host header (<a href="https://redirect.github.com/valyala/fasthttp/issues/2164">#2164</a>)</li> <li><a href="https://github.com/valyala/fasthttp/commit/7d90713bda6f90f398f42dced466942912b44fd6"><code>7d90713</code></a> Validate request URI format during header parsing to reject malformed request...</li> <li>Additional commits viewable in <a href="https://github.com/valyala/fasthttp/compare/v1.69.0...v1.70.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
fd6c623560 |
chore: bump google.golang.org/api from 0.273.0 to 0.274.0 (#24079)
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.273.0 to 0.274.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/googleapis/google-api-go-client/releases">google.golang.org/api's releases</a>.</em></p> <blockquote> <h2>v0.274.0</h2> <h2><a href="https://github.com/googleapis/google-api-go-client/compare/v0.273.1...v0.274.0">0.274.0</a> (2026-04-02)</h2> <h3>Features</h3> <ul> <li><strong>all:</strong> Auto-regenerate discovery clients (<a href="https://redirect.github.com/googleapis/google-api-go-client/issues/3555">#3555</a>) (<a href="https://github.com/googleapis/google-api-go-client/commit/0e634ae13e626c6082c534eda8c03d5d3e673605">0e634ae</a>)</li> </ul> <h2>v0.273.1</h2> <h2><a href="https://github.com/googleapis/google-api-go-client/compare/v0.273.0...v0.273.1">0.273.1</a> (2026-03-31)</h2> <h3>Bug Fixes</h3> <ul> <li>Merge duplicate x-goog-request-params header (<a href="https://redirect.github.com/googleapis/google-api-go-client/issues/3547">#3547</a>) (<a href="https://github.com/googleapis/google-api-go-client/commit/2008108eb50215407a945afc2db9c45998c42bbe">2008108</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md">google.golang.org/api's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/googleapis/google-api-go-client/compare/v0.273.1...v0.274.0">0.274.0</a> (2026-04-02)</h2> <h3>Features</h3> <ul> <li><strong>all:</strong> Auto-regenerate discovery clients (<a href="https://redirect.github.com/googleapis/google-api-go-client/issues/3555">#3555</a>) (<a href="https://github.com/googleapis/google-api-go-client/commit/0e634ae13e626c6082c534eda8c03d5d3e673605">0e634ae</a>)</li> </ul> <h2><a href="https://github.com/googleapis/google-api-go-client/compare/v0.273.0...v0.273.1">0.273.1</a> (2026-03-31)</h2> <h3>Bug Fixes</h3> <ul> <li>Merge duplicate x-goog-request-params header (<a href="https://redirect.github.com/googleapis/google-api-go-client/issues/3547">#3547</a>) (<a href="https://github.com/googleapis/google-api-go-client/commit/2008108eb50215407a945afc2db9c45998c42bbe">2008108</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/googleapis/google-api-go-client/commit/6c759a2bb66da9db49027475e4e76301b8d063df"><code>6c759a2</code></a> chore(main): release 0.274.0 (<a href="https://redirect.github.com/googleapis/google-api-go-client/issues/3556">#3556</a>)</li> <li><a href="https://github.com/googleapis/google-api-go-client/commit/0e634ae13e626c6082c534eda8c03d5d3e673605"><code>0e634ae</code></a> feat(all): auto-regenerate discovery clients (<a href="https://redirect.github.com/googleapis/google-api-go-client/issues/3555">#3555</a>)</li> <li><a href="https://github.com/googleapis/google-api-go-client/commit/0f75259689c5e80bd73e6e7018dbb9ec0dfd7d48"><code>0f75259</code></a> chore: embargo aiplatform:v1beta1 temporarily (<a href="https://redirect.github.com/googleapis/google-api-go-client/issues/3554">#3554</a>)</li> <li><a href="https://github.com/googleapis/google-api-go-client/commit/550f00c8f854c300c59f266cc0ddd60568ccfe20"><code>550f00c</code></a> chore(main): release 0.273.1 (<a href="https://redirect.github.com/googleapis/google-api-go-client/issues/3551">#3551</a>)</li> <li><a href="https://github.com/googleapis/google-api-go-client/commit/da01f6aec8d3dd7914c6be434ce3bf26c1903396"><code>da01f6a</code></a> chore(deps): bump github.com/go-git/go-git/v5 (<a href="https://redirect.github.com/googleapis/google-api-go-client/issues/3552">#3552</a>)</li> <li><a href="https://github.com/googleapis/google-api-go-client/commit/2008108eb50215407a945afc2db9c45998c42bbe"><code>2008108</code></a> fix: merge duplicate x-goog-request-params header (<a href="https://redirect.github.com/googleapis/google-api-go-client/issues/3547">#3547</a>)</li> <li>See full diff in <a href="https://github.com/googleapis/google-api-go-client/compare/v0.273.0...v0.274.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
99da498679 |
chore: bump rust from 1d0000a to a08d20a in /dogfood/coder (#24083)
Bumps rust from `1d0000a` to `a08d20a`. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
a20b817c28 |
chore: bump ubuntu from 5e5b128 to eb29ed2 in /dogfood/coder (#24082)
Bumps ubuntu from `5e5b128` to `eb29ed2`. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
Cian Johnston
|
d5a1792f07 |
feat: track chat file associations with chat_file_links on chats (#23537)
Needed by #23833 Adds a `chat_file_links` association table to track which files are associated with each chat. - `AppendChatFileIDs` query links a file to a chat with deduplication - `GetChatFileMetadataByIDs` query returns lightweight file metadata by IDs - Tool-created files (e.g. `propose_plan`) are linked to the chat after insert - User-uploaded files are linked to the chat when the referencing message is sent - Single-chat GET endpoint hydrates `files: ChatFileMetadata[]` on the response > 🤖 Created by Coder Agents and massaged into shape by a human. |
||
|
Danielle Maywood
|
beb99c17de | fix(site): prevent chat messages from disappearing and duplicating (#23995) | ||
|
Danielle Maywood
|
8913f9f5c1 | fix(site): remove non-null assertion on optional chain in ExternalAuthPage (#24073) | ||
|
Kyle Carberry
|
acd5f01b4b |
fix: use GreaterOrEqual for step runtime assertion in chatloop test (#24067)
Fixes https://github.com/coder/internal/issues/1418 The `TestRun_ActiveToolsPrepareBehavior` test asserts `persistedStep.Runtime > 0`, but on Windows the timer resolution (~15ms) means the in-memory mock model can complete within the same clock tick, producing a measured duration of `0s`. Change the assertion from `require.Greater` to `require.GreaterOrEqual` so that a legitimately measured zero duration on low-resolution clocks does not cause a flake. > Generated by Coder Agents |
||
|
Kyle Carberry
|
6c62d8f5e6 |
fix(coderd/x/chatd): fix flaky TestAwaitSubagentCompletion/CompletesViaPubsub (#24066)
## Fix flaky TestAwaitSubagentCompletion/CompletesViaPubsub Fixes coder/internal#1435 ### Root Cause During `createParentChildChats`, the processor publishes notifications on `ChatStreamNotifyChannel(child.ID)` via PostgreSQL `LISTEN/NOTIFY`. After `drainInflight()` returns, these stale notifications can still be buffered in the pgListener's `NotifyChan()`. When `awaitSubagentCompletion` subscribes and a stale notification is dispatched between `setChatStatus(Waiting)` and `insertAssistantMessage`, `checkSubagentCompletion` sees `done=true` (status is `Waiting`) but returns an empty report because the message hasn't been committed yet. ### Fix Swap the order: insert the assistant message **before** transitioning the status to `Waiting`. This guarantees the report is committed before the status makes the chat appear complete to `checkSubagentCompletion`. ### Verification - 50 consecutive runs of the specific test: all pass - 10 runs of the full `TestAwaitSubagentCompletion` suite: all pass - 20 runs with `-race`: all pass > Generated by Coder Agents |
||
|
dependabot[bot]
|
5000f15021 |
chore: bump the coder-modules group across 2 directories with 1 update (#24061)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
44be5a0d1e |
chore: update kreuzwerker/docker requirement from ~> 3.6 to ~> 4.0 in /dogfood/coder (#24062)
Updates the requirements on [kreuzwerker/docker](https://github.com/kreuzwerker/terraform-provider-docker) to permit the latest version. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/kreuzwerker/terraform-provider-docker/releases">kreuzwerker/docker's releases</a>.</em></p> <blockquote> <h1>v4.0.0</h1> <p><strong>Please read <a href="https://github.com/kreuzwerker/terraform-provider-docker/blob/master/docs/v3_v4_migration.md">https://github.com/kreuzwerker/terraform-provider-docker/blob/master/docs/v3_v4_migration.md</a></strong></p> <p>This is a major release with potential breaking changes. For most users, however, no changes to terraform code are needed.</p> <h2>What's Changed</h2> <h3>New Features</h3> <ul> <li>feat: Add muxing to introduce new plugin framework by <a href="https://github.com/Junkern"><code>@Junkern</code></a> in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/838">kreuzwerker/terraform-provider-docker#838</a></li> <li>Feature: Multiple enhancements by <a href="https://github.com/Junkern"><code>@Junkern</code></a> in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/854">kreuzwerker/terraform-provider-docker#854</a></li> <li>Feat: Make buildx builder default by <a href="https://github.com/Junkern"><code>@Junkern</code></a> in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/855">kreuzwerker/terraform-provider-docker#855</a></li> <li>Feature: Add new docker container attributes by <a href="https://github.com/Junkern"><code>@Junkern</code></a> in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/857">kreuzwerker/terraform-provider-docker#857</a></li> <li>feat: add selinux_relabel attribute to docker_container volumes by <a href="https://github.com/Junkern"><code>@Junkern</code></a> in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/883">kreuzwerker/terraform-provider-docker#883</a></li> <li>feat: Add CDI device support by <a href="https://github.com/jdon"><code>@jdon</code></a> in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/762">kreuzwerker/terraform-provider-docker#762</a></li> <li>feat: Implement proper parsing of GPU device requests when using gpus… by <a href="https://github.com/Junkern"><code>@Junkern</code></a> in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/881">kreuzwerker/terraform-provider-docker#881</a></li> </ul> <h3>Fixes</h3> <ul> <li>fix(deps): update module golang.org/x/sync to v0.19.0 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/828">kreuzwerker/terraform-provider-docker#828</a></li> <li>fix(deps): update module github.com/hashicorp/terraform-plugin-log to v0.10.0 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/823">kreuzwerker/terraform-provider-docker#823</a></li> <li>fix(deps): update module github.com/morikuni/aec to v1.1.0 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/829">kreuzwerker/terraform-provider-docker#829</a></li> <li>fix(deps): update module google.golang.org/protobuf to v1.36.11 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/830">kreuzwerker/terraform-provider-docker#830</a></li> <li>fix(deps): update module github.com/sirupsen/logrus to v1.9.4 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/836">kreuzwerker/terraform-provider-docker#836</a></li> <li>chore: Add deprecation for docker_service.networks_advanced.name by <a href="https://github.com/Junkern"><code>@Junkern</code></a> in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/837">kreuzwerker/terraform-provider-docker#837</a></li> <li>fix: Refactor docker container state handling to properly restart whe… by <a href="https://github.com/Junkern"><code>@Junkern</code></a> in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/841">kreuzwerker/terraform-provider-docker#841</a></li> <li>fix: docker container stopped ports by <a href="https://github.com/Junkern"><code>@Junkern</code></a> in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/842">kreuzwerker/terraform-provider-docker#842</a></li> <li>fix: correctly set docker_container devices by <a href="https://github.com/Junkern"><code>@Junkern</code></a> in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/843">kreuzwerker/terraform-provider-docker#843</a></li> <li>fix(deps): update module github.com/katbyte/terrafmt to v0.5.6 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/844">kreuzwerker/terraform-provider-docker#844</a></li> <li>fix(deps): update module github.com/hashicorp/terraform-plugin-sdk/v2 to v2.38.2 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/847">kreuzwerker/terraform-provider-docker#847</a></li> <li>fix: Use DOCKER_CONFIG env same way as with docker cli by <a href="https://github.com/Junkern"><code>@Junkern</code></a> in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/849">kreuzwerker/terraform-provider-docker#849</a></li> <li>Fix: calculation of Dockerfile path in docker_image build by <a href="https://github.com/Junkern"><code>@Junkern</code></a> in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/853">kreuzwerker/terraform-provider-docker#853</a></li> <li>chore(deps): update actions/checkout action to v6 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/825">kreuzwerker/terraform-provider-docker#825</a></li> <li>chore(deps): update hashicorp/setup-terraform action to v4 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/860">kreuzwerker/terraform-provider-docker#860</a></li> <li>fix(deps): update module github.com/hashicorp/terraform-plugin-go to v0.30.0 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/861">kreuzwerker/terraform-provider-docker#861</a></li> <li>fix(deps): update module github.com/hashicorp/terraform-plugin-framework to v1.18.0 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/862">kreuzwerker/terraform-provider-docker#862</a></li> <li>fix(deps): update module github.com/hashicorp/terraform-plugin-mux to v0.22.0 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/863">kreuzwerker/terraform-provider-docker#863</a></li> <li>fix(deps): update module github.com/hashicorp/terraform-plugin-sdk/v2 to v2.39.0 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/864">kreuzwerker/terraform-provider-docker#864</a></li> <li>chore(deps): update docker/setup-docker-action action to v5 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/866">kreuzwerker/terraform-provider-docker#866</a></li> <li>chore(deps): update dependency golangci/golangci-lint to v2.10.1 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/869">kreuzwerker/terraform-provider-docker#869</a></li> <li>fix(deps): update module golang.org/x/sync to v0.20.0 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/872">kreuzwerker/terraform-provider-docker#872</a></li> <li>Prevent <code>docker_registry_image</code> panic on registries returning nil body without digest header by <a href="https://github.com/Copilot"><code>@Copilot</code></a> in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/880">kreuzwerker/terraform-provider-docker#880</a></li> <li>fix: Handle size_bytes in tmpfs_options in docker_service by <a href="https://github.com/Junkern"><code>@Junkern</code></a> in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/882">kreuzwerker/terraform-provider-docker#882</a></li> <li>chore(deps): update dependency golangci/golangci-lint to v2.11.4 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/871">kreuzwerker/terraform-provider-docker#871</a></li> <li>fix: tests for healthcheck is not required for docker container resource by <a href="https://github.com/vnghia"><code>@vnghia</code></a> in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/834">kreuzwerker/terraform-provider-docker#834</a></li> <li>chore: Prepare 4.0.0 release by <a href="https://github.com/Junkern"><code>@Junkern</code></a> in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/884">kreuzwerker/terraform-provider-docker#884</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/kreuzwerker/terraform-provider-docker/blob/master/CHANGELOG.md">kreuzwerker/docker's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/kreuzwerker/terraform-provider-docker/compare/v3.9.0...v4.0.0">v4.0.0</a> (2026-04-03)</h2> <h3>Chore</h3> <ul> <li>Add deprecation for docker_service.networks_advanced.name (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/837">#837</a>)</li> </ul> <h3>Feat</h3> <ul> <li>add selinux_relabel attribute to docker_container volumes (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/883">#883</a>)</li> <li>Implement proper parsing of GPU device requests when using gpus… (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/881">#881</a>)</li> <li>Add CDI device support (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/762">#762</a>)</li> <li>Add muxing to introduce new plugin framework (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/838">#838</a>)</li> </ul> <h3>Feat</h3> <ul> <li>Make buildx builder default (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/855">#855</a>)</li> </ul> <h3>Feature</h3> <ul> <li>Add new docker container attributes (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/857">#857</a>)</li> <li>Multiple enhancements (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/854">#854</a>)</li> </ul> <h3>Fix</h3> <ul> <li>tests for healthcheck is not required for docker container resource (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/834">#834</a>)</li> <li>Handle size_bytes in tmpfs_options in docker_service (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/882">#882</a>)</li> <li>Use DOCKER_CONFIG env same way as with docker cli (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/849">#849</a>)</li> <li>correctly set docker_container devices (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/843">#843</a>)</li> <li>docker container stopped ports (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/842">#842</a>)</li> <li>Refactor docker container state handling to properly restart when exited (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/841">#841</a>)</li> </ul> <h3>Fix</h3> <ul> <li>calculation of Dockerfile path in docker_image build (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/853">#853</a>)</li> </ul> <p><!-- raw HTML omitted --><!-- raw HTML omitted --></p> <h2><a href="https://github.com/kreuzwerker/terraform-provider-docker/compare/v3.8.0...v3.9.0">v3.9.0</a> (2025-11-09)</h2> <h3>Chore</h3> <ul> <li>Prepare release v3.9.0 (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/821">#821</a>)</li> <li>Add file requested by hashicorp (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/813">#813</a>)</li> <li>Prepare release v3.8.0 (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/806">#806</a>)</li> </ul> <h3>Feat</h3> <ul> <li>Implement caching of docker provider (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/808">#808</a>)</li> </ul> <h3>Fix</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/kreuzwerker/terraform-provider-docker/commit/b7296b7ec5af2f1c7516077d7056d563a1da774e"><code>b7296b7</code></a> chore: Prepare 4.0.0 release (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/884">#884</a>)</li> <li><a href="https://github.com/kreuzwerker/terraform-provider-docker/commit/b25e44ac7b3ede532d307fc6abe6daf39c7d6d56"><code>b25e44a</code></a> feat: add selinux_relabel attribute to docker_container volumes (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/883">#883</a>)</li> <li><a href="https://github.com/kreuzwerker/terraform-provider-docker/commit/83b9e13b64fb78923ef88a8baeeece4611f61930"><code>83b9e13</code></a> fix: tests for healthcheck is not required for docker container resource (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/834">#834</a>)</li> <li><a href="https://github.com/kreuzwerker/terraform-provider-docker/commit/5f4cbc5673699b01c31801ba6154e9f1243a6af0"><code>5f4cbc5</code></a> chore(deps): update dependency golangci/golangci-lint to v2.11.4 (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/871">#871</a>)</li> <li><a href="https://github.com/kreuzwerker/terraform-provider-docker/commit/83a89ad5a139bb9bffe11cef3b14b98f28109b36"><code>83a89ad</code></a> fix: Handle size_bytes in tmpfs_options in docker_service (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/882">#882</a>)</li> <li><a href="https://github.com/kreuzwerker/terraform-provider-docker/commit/57d8be485145db54678b2773d38f1dd7c9927cda"><code>57d8be4</code></a> feat: Implement proper parsing of GPU device requests when using gpus… (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/881">#881</a>)</li> <li><a href="https://github.com/kreuzwerker/terraform-provider-docker/commit/e63d18d450f11e3293fa14b52cb20ee3f11b2cba"><code>e63d18d</code></a> Prevent <code>docker_registry_image</code> panic on registries returning nil body withou...</li> <li><a href="https://github.com/kreuzwerker/terraform-provider-docker/commit/8bac991400ae971425d61be5c6e442a1b3f8515c"><code>8bac991</code></a> feat: Add CDI device support (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/762">#762</a>)</li> <li><a href="https://github.com/kreuzwerker/terraform-provider-docker/commit/5c3c660fb54e52ccfd82b76ceb685bc82aed7885"><code>5c3c660</code></a> fix(deps): update module golang.org/x/sync to v0.20.0 (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/872">#872</a>)</li> <li><a href="https://github.com/kreuzwerker/terraform-provider-docker/commit/75cba1d6ef1b76777443035f0f96c19b5c974553"><code>75cba1d</code></a> chore(deps): update dependency golangci/golangci-lint to v2.10.1 (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/869">#869</a>)</li> <li>Additional commits viewable in <a href="https://github.com/kreuzwerker/terraform-provider-docker/compare/v3.6.0...v4.0.0">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
3ca2aae9ca |
chore: update kreuzwerker/docker requirement from ~> 3.0 to ~> 4.0 in /dogfood/coder-envbuilder (#24063)
Updates the requirements on [kreuzwerker/docker](https://github.com/kreuzwerker/terraform-provider-docker) to permit the latest version. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/kreuzwerker/terraform-provider-docker/releases">kreuzwerker/docker's releases</a>.</em></p> <blockquote> <h1>v4.0.0</h1> <p><strong>Please read <a href="https://github.com/kreuzwerker/terraform-provider-docker/blob/master/docs/v3_v4_migration.md">https://github.com/kreuzwerker/terraform-provider-docker/blob/master/docs/v3_v4_migration.md</a></strong></p> <p>This is a major release with potential breaking changes. For most users, however, no changes to terraform code are needed.</p> <h2>What's Changed</h2> <h3>New Features</h3> <ul> <li>feat: Add muxing to introduce new plugin framework by <a href="https://github.com/Junkern"><code>@Junkern</code></a> in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/838">kreuzwerker/terraform-provider-docker#838</a></li> <li>Feature: Multiple enhancements by <a href="https://github.com/Junkern"><code>@Junkern</code></a> in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/854">kreuzwerker/terraform-provider-docker#854</a></li> <li>Feat: Make buildx builder default by <a href="https://github.com/Junkern"><code>@Junkern</code></a> in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/855">kreuzwerker/terraform-provider-docker#855</a></li> <li>Feature: Add new docker container attributes by <a href="https://github.com/Junkern"><code>@Junkern</code></a> in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/857">kreuzwerker/terraform-provider-docker#857</a></li> <li>feat: add selinux_relabel attribute to docker_container volumes by <a href="https://github.com/Junkern"><code>@Junkern</code></a> in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/883">kreuzwerker/terraform-provider-docker#883</a></li> <li>feat: Add CDI device support by <a href="https://github.com/jdon"><code>@jdon</code></a> in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/762">kreuzwerker/terraform-provider-docker#762</a></li> <li>feat: Implement proper parsing of GPU device requests when using gpus… by <a href="https://github.com/Junkern"><code>@Junkern</code></a> in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/881">kreuzwerker/terraform-provider-docker#881</a></li> </ul> <h3>Fixes</h3> <ul> <li>fix(deps): update module golang.org/x/sync to v0.19.0 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/828">kreuzwerker/terraform-provider-docker#828</a></li> <li>fix(deps): update module github.com/hashicorp/terraform-plugin-log to v0.10.0 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/823">kreuzwerker/terraform-provider-docker#823</a></li> <li>fix(deps): update module github.com/morikuni/aec to v1.1.0 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/829">kreuzwerker/terraform-provider-docker#829</a></li> <li>fix(deps): update module google.golang.org/protobuf to v1.36.11 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/830">kreuzwerker/terraform-provider-docker#830</a></li> <li>fix(deps): update module github.com/sirupsen/logrus to v1.9.4 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/836">kreuzwerker/terraform-provider-docker#836</a></li> <li>chore: Add deprecation for docker_service.networks_advanced.name by <a href="https://github.com/Junkern"><code>@Junkern</code></a> in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/837">kreuzwerker/terraform-provider-docker#837</a></li> <li>fix: Refactor docker container state handling to properly restart whe… by <a href="https://github.com/Junkern"><code>@Junkern</code></a> in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/841">kreuzwerker/terraform-provider-docker#841</a></li> <li>fix: docker container stopped ports by <a href="https://github.com/Junkern"><code>@Junkern</code></a> in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/842">kreuzwerker/terraform-provider-docker#842</a></li> <li>fix: correctly set docker_container devices by <a href="https://github.com/Junkern"><code>@Junkern</code></a> in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/843">kreuzwerker/terraform-provider-docker#843</a></li> <li>fix(deps): update module github.com/katbyte/terrafmt to v0.5.6 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/844">kreuzwerker/terraform-provider-docker#844</a></li> <li>fix(deps): update module github.com/hashicorp/terraform-plugin-sdk/v2 to v2.38.2 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/847">kreuzwerker/terraform-provider-docker#847</a></li> <li>fix: Use DOCKER_CONFIG env same way as with docker cli by <a href="https://github.com/Junkern"><code>@Junkern</code></a> in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/849">kreuzwerker/terraform-provider-docker#849</a></li> <li>Fix: calculation of Dockerfile path in docker_image build by <a href="https://github.com/Junkern"><code>@Junkern</code></a> in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/853">kreuzwerker/terraform-provider-docker#853</a></li> <li>chore(deps): update actions/checkout action to v6 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/825">kreuzwerker/terraform-provider-docker#825</a></li> <li>chore(deps): update hashicorp/setup-terraform action to v4 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/860">kreuzwerker/terraform-provider-docker#860</a></li> <li>fix(deps): update module github.com/hashicorp/terraform-plugin-go to v0.30.0 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/861">kreuzwerker/terraform-provider-docker#861</a></li> <li>fix(deps): update module github.com/hashicorp/terraform-plugin-framework to v1.18.0 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/862">kreuzwerker/terraform-provider-docker#862</a></li> <li>fix(deps): update module github.com/hashicorp/terraform-plugin-mux to v0.22.0 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/863">kreuzwerker/terraform-provider-docker#863</a></li> <li>fix(deps): update module github.com/hashicorp/terraform-plugin-sdk/v2 to v2.39.0 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/864">kreuzwerker/terraform-provider-docker#864</a></li> <li>chore(deps): update docker/setup-docker-action action to v5 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/866">kreuzwerker/terraform-provider-docker#866</a></li> <li>chore(deps): update dependency golangci/golangci-lint to v2.10.1 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/869">kreuzwerker/terraform-provider-docker#869</a></li> <li>fix(deps): update module golang.org/x/sync to v0.20.0 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/872">kreuzwerker/terraform-provider-docker#872</a></li> <li>Prevent <code>docker_registry_image</code> panic on registries returning nil body without digest header by <a href="https://github.com/Copilot"><code>@Copilot</code></a> in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/880">kreuzwerker/terraform-provider-docker#880</a></li> <li>fix: Handle size_bytes in tmpfs_options in docker_service by <a href="https://github.com/Junkern"><code>@Junkern</code></a> in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/882">kreuzwerker/terraform-provider-docker#882</a></li> <li>chore(deps): update dependency golangci/golangci-lint to v2.11.4 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/871">kreuzwerker/terraform-provider-docker#871</a></li> <li>fix: tests for healthcheck is not required for docker container resource by <a href="https://github.com/vnghia"><code>@vnghia</code></a> in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/834">kreuzwerker/terraform-provider-docker#834</a></li> <li>chore: Prepare 4.0.0 release by <a href="https://github.com/Junkern"><code>@Junkern</code></a> in <a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/884">kreuzwerker/terraform-provider-docker#884</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/kreuzwerker/terraform-provider-docker/blob/master/CHANGELOG.md">kreuzwerker/docker's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/kreuzwerker/terraform-provider-docker/compare/v3.9.0...v4.0.0">v4.0.0</a> (2026-04-03)</h2> <h3>Chore</h3> <ul> <li>Add deprecation for docker_service.networks_advanced.name (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/837">#837</a>)</li> </ul> <h3>Feat</h3> <ul> <li>add selinux_relabel attribute to docker_container volumes (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/883">#883</a>)</li> <li>Implement proper parsing of GPU device requests when using gpus… (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/881">#881</a>)</li> <li>Add CDI device support (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/762">#762</a>)</li> <li>Add muxing to introduce new plugin framework (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/838">#838</a>)</li> </ul> <h3>Feat</h3> <ul> <li>Make buildx builder default (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/855">#855</a>)</li> </ul> <h3>Feature</h3> <ul> <li>Add new docker container attributes (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/857">#857</a>)</li> <li>Multiple enhancements (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/854">#854</a>)</li> </ul> <h3>Fix</h3> <ul> <li>tests for healthcheck is not required for docker container resource (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/834">#834</a>)</li> <li>Handle size_bytes in tmpfs_options in docker_service (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/882">#882</a>)</li> <li>Use DOCKER_CONFIG env same way as with docker cli (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/849">#849</a>)</li> <li>correctly set docker_container devices (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/843">#843</a>)</li> <li>docker container stopped ports (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/842">#842</a>)</li> <li>Refactor docker container state handling to properly restart when exited (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/841">#841</a>)</li> </ul> <h3>Fix</h3> <ul> <li>calculation of Dockerfile path in docker_image build (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/853">#853</a>)</li> </ul> <p><!-- raw HTML omitted --><!-- raw HTML omitted --></p> <h2><a href="https://github.com/kreuzwerker/terraform-provider-docker/compare/v3.8.0...v3.9.0">v3.9.0</a> (2025-11-09)</h2> <h3>Chore</h3> <ul> <li>Prepare release v3.9.0 (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/821">#821</a>)</li> <li>Add file requested by hashicorp (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/813">#813</a>)</li> <li>Prepare release v3.8.0 (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/806">#806</a>)</li> </ul> <h3>Feat</h3> <ul> <li>Implement caching of docker provider (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/808">#808</a>)</li> </ul> <h3>Fix</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/kreuzwerker/terraform-provider-docker/commit/b7296b7ec5af2f1c7516077d7056d563a1da774e"><code>b7296b7</code></a> chore: Prepare 4.0.0 release (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/884">#884</a>)</li> <li><a href="https://github.com/kreuzwerker/terraform-provider-docker/commit/b25e44ac7b3ede532d307fc6abe6daf39c7d6d56"><code>b25e44a</code></a> feat: add selinux_relabel attribute to docker_container volumes (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/883">#883</a>)</li> <li><a href="https://github.com/kreuzwerker/terraform-provider-docker/commit/83b9e13b64fb78923ef88a8baeeece4611f61930"><code>83b9e13</code></a> fix: tests for healthcheck is not required for docker container resource (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/834">#834</a>)</li> <li><a href="https://github.com/kreuzwerker/terraform-provider-docker/commit/5f4cbc5673699b01c31801ba6154e9f1243a6af0"><code>5f4cbc5</code></a> chore(deps): update dependency golangci/golangci-lint to v2.11.4 (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/871">#871</a>)</li> <li><a href="https://github.com/kreuzwerker/terraform-provider-docker/commit/83a89ad5a139bb9bffe11cef3b14b98f28109b36"><code>83a89ad</code></a> fix: Handle size_bytes in tmpfs_options in docker_service (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/882">#882</a>)</li> <li><a href="https://github.com/kreuzwerker/terraform-provider-docker/commit/57d8be485145db54678b2773d38f1dd7c9927cda"><code>57d8be4</code></a> feat: Implement proper parsing of GPU device requests when using gpus… (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/881">#881</a>)</li> <li><a href="https://github.com/kreuzwerker/terraform-provider-docker/commit/e63d18d450f11e3293fa14b52cb20ee3f11b2cba"><code>e63d18d</code></a> Prevent <code>docker_registry_image</code> panic on registries returning nil body withou...</li> <li><a href="https://github.com/kreuzwerker/terraform-provider-docker/commit/8bac991400ae971425d61be5c6e442a1b3f8515c"><code>8bac991</code></a> feat: Add CDI device support (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/762">#762</a>)</li> <li><a href="https://github.com/kreuzwerker/terraform-provider-docker/commit/5c3c660fb54e52ccfd82b76ceb685bc82aed7885"><code>5c3c660</code></a> fix(deps): update module golang.org/x/sync to v0.20.0 (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/872">#872</a>)</li> <li><a href="https://github.com/kreuzwerker/terraform-provider-docker/commit/75cba1d6ef1b76777443035f0f96c19b5c974553"><code>75cba1d</code></a> chore(deps): update dependency golangci/golangci-lint to v2.10.1 (<a href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/869">#869</a>)</li> <li>Additional commits viewable in <a href="https://github.com/kreuzwerker/terraform-provider-docker/compare/v3.0.0...v4.0.0">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
david-fraley
|
01080302a5 |
feat: add onboarding info fields to first user setup (#23829)
Add optional demographic and newsletter preference fields to the first user setup page, and redesign the setup form using non-MUI components ## New fields **Newsletter preferences** (opt-in checkboxes): - **Marketing updates** — product announcements, tips, best practices - **Release & security updates** — new releases, patches, security advisories ## Frontend redesign Migrated the setup page from MUI to the shadcn/ui design system used across the rest of the app: - Replaced MUI `TextField`, `MenuItem`, `Checkbox`, `Autocomplete` with `Input`, `Label`, `Select`, and `Checkbox` from `#/components` - Switched from Emotion `css` props to Tailwind utility classes - Left-aligned header, widened form container to 500px - Updated copy: "30-day trial", "Learn more", "Help us make Coder better" - Side-by-side layouts for first/last name, phone/country - Moved privacy policy text to always-visible onboarding section - Removed "Number of developers" field from trial section ### Implementation notes - The `onboarding_info` payload is fire-and-forget via `Telemetry.Report()` — not stored in the database - Country picker switched from MUI Autocomplete to Radix Select for design consistency - GitHub OAuth button preserved — conditionally rendered when `authMethods.github.enabled` - NewPasswordField is meant to be a drop in replacement for the MUI PasswordField ### References - #23989 - #24021 - #24014 - #24018 --------- Co-authored-by: Tracy Johnson <tracy@coder.com> Co-authored-by: Jeremy Ruppel <jeremy.ruppel@gmail.com> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> Co-authored-by: Jeremy Ruppel <jeremyruppel@users.noreply.github.com> Co-authored-by: Kayla はな <mckayla@hey.com> |
||
|
Sushant P
|
61d6c728b9 |
docs: adding a tutorial for persistent shared workspaces (#23738)
Co-authored-by: Jiachen Jiang <jcjiang42@gmail.com> |
||
|
Kyle Carberry
|
648787e739 |
feat: expose busy_behavior on chat message API (#24054)
The backend (`chatd.go`) already fully implements both `"queue"` and `"interrupt"` busy behaviors for `SendMessage`, and the `message_agent` subagent tool already leverages both internally. However the HTTP API hardcoded `"queue"` and the SDK had no way for callers to request interrupt-on-send. This adds a `ChatBusyBehavior` enum type to the SDK and an optional `busy_behavior` field on `CreateChatMessageRequest`. The HTTP handler validates the field and passes it through to `chatd.SendMessage`. Default remains `"queue"` for full backward compatibility. <details><summary>Implementation notes</summary> - `codersdk/chats.go`: New `ChatBusyBehavior` type with `ChatBusyBehaviorQueue` and `ChatBusyBehaviorInterrupt` constants. Added `BusyBehavior` field to `CreateChatMessageRequest` with `enums` tag for codegen. - `coderd/exp_chats.go`: `postChatMessages` now reads `req.BusyBehavior`, maps SDK constants to `chatd.SendMessageBusyBehavior*`, returns 400 on invalid values. - `site/src/api/typesGenerated.ts`: Auto-generated via `make gen`. - No frontend behavior changes — the field is available but unused by the UI. </details> > [!NOTE] > Generated by Coder Agents |
||
|
blinkagent[bot]
|
d2950e7615 |
docs: document that license validation works offline (#24013)
## What Documents that Coder license keys are validated locally using cryptographic signatures and do not require an outbound connection to Coder's servers. This is a common question from customers evaluating Coder for air-gapped environments. ## Changes - **`docs/admin/licensing/index.md`**: Added an "Offline license validation" section explaining that license keys are signed JWTs validated locally with no phone-home requirement. - **`docs/install/airgap.md`**: Added a "License validation" row to the air-gapped comparison table, confirming no changes are needed for offline license validation and linking to the licensing docs. ## Why While the air-gapped docs state that "all Coder features are supported" offline, there was no explicit mention that the license itself doesn't require connectivity. This is a frequent question from security-conscious and air-gapped customers. --------- Co-authored-by: blink-so[bot] <211532188+blink-so[bot]@users.noreply.github.com> Co-authored-by: Matyas Danter <mdanter@gmail.com> |
||
|
Jake Howell
|
df8f695e84 |
fix: update logline prefix to use timestamp (#23966)
This change replaces the line number display in agent logs with formatted timestamps. The `AgentLogLine` component now shows timestamps in `HH:mm:ss.SSS` format using dayjs instead of sequential line numbers. The component no longer requires `number` and `maxLineNumber` props, and the associated styling for line number formatting has been removed. This is a global change.. but I don't think its one that will do much damage. |
||
|
Jake Howell
|
8bb48ffdda |
feat: implement kebab menu overflow to <Tabs /> (#23959)
Added `data-slot` attributes to all Tabs components for better CSS targeting and component identification. Replaced generic button selectors with data-slot attribute selectors in tab styling variants. Implemented `useTabOverflowKebabMenu` hook to handle tab overflow scenarios by measuring tab widths and determining which tabs should be hidden in a dropdown menu when container space is limited. Enhanced the AgentRow logs section with: - Tab overflow handling using a kebab menu (three dots) for tabs that don't fit - Copy logs button with visual feedback using CheckIcon animation - Download logs functionality for selected tab content with proper filename generation - Improved layout with flex containers and proper spacing Few props and components updates * Added `overflowKebabMenu` prop to TabsList component to enable `flex-nowrap` behavior when overflow handling is active. * Created `<DownloadSelectedAgentLogsButton />` component to replace the previous download functionality, now working with filtered log content based on selected tab. https://github.com/user-attachments/assets/af48ca39-c906-4a11-a891-0d4399eee827 |
||
|
Kyle Carberry
|
4cfbf544a0 |
feat: add per-chat system prompt option (#24053)
Adds a `system_prompt` field to `CreateChatRequest` that allows API consumers to provide custom instructions when creating a chat. The per-chat prompt is stored as a separate system message (`role=system`, `visibility=model`) in the `chat_messages` table, inserted between the deployment system prompt and the workspace awareness message. Also moves deployment system prompt resolution from the HTTP handler (`resolvedChatSystemPrompt`) into `chatd.CreateChat` where it belongs. The handler no longer assembles system prompts — `CreateOptions.SystemPrompt` is now purely the per-chat user prompt, and the deployment prompt is resolved internally by chatd. No database schema changes required. **Message insertion order:** 1. Deployment system prompt (resolved by chatd, existing) 2. Per-chat user system prompt (new, from `CreateOptions.SystemPrompt`) 3. Workspace awareness (existing) 4. Initial user message (existing) 🤖 Generated with [Coder Agents](https://coder.com/agents) |
||
|
Kyle Carberry
|
a2ce74f398 |
feat: add total_runtime_ms to chat cost analytics endpoints (#24050)
Surface the aggregated `runtime_ms` from `chat_messages` through all
four cost analytics queries (summary, per-model, per-chat, per-user).
This is the key billing metric for agent compute time.
The per-chat breakdown already groups by `root_chat_id`, so subagent
runtime is automatically rolled up under the parent chat — no additional
query changes needed.
<details>
<summary>Implementation details</summary>
**SQL** (`coderd/database/queries/chats.sql`): Added
`COALESCE(SUM(cm.runtime_ms), 0)::bigint AS total_runtime_ms` to
`GetChatCostSummary`, `GetChatCostPerModel`, `GetChatCostPerChat`, and
`GetChatCostPerUser`.
**Go SDK** (`codersdk/chats.go`): Added `TotalRuntimeMs int64` to
`ChatCostSummary`, `ChatCostModelBreakdown`, `ChatCostChatBreakdown`,
and `ChatCostUserRollup`.
**Handler** (`coderd/exp_chats.go`): Wired the new field through all
converter functions and the response assembly.
**Tests** (`coderd/exp_chats_test.go`): Updated fixture to seed non-zero
`runtime_ms` values and added assertions for the new field at summary,
per-model, and per-chat levels.
</details>
> 🤖 Generated by Coder Agents
|
||
|
Jake Howell
|
0060dee222 |
fix: remove all mui <IconButton /> instances (#24045)
This pull-request removes all instances of `<IconButton />` being imported from `@mui/material/IconButton`. This means that we've removed one whole dependency from MUI and replaced all instances with the local variant. |
||
|
blinkagent[bot]
|
5ff1058f30 |
feat: add AWS PRM user-agent attribution for partner revenue tracking (#23138)
Sets `AWS_SDK_UA_APP_ID` in the Terraform provisioner environment so that all AWS API calls made during workspace builds include Coder's AWS Partner Revenue Measurement (PRM) attribution in the user-agent header. This enables AWS to attribute resource usage driven by Coder back to us as an AWS partner across all deployments. ## How it works - `provisionEnv()` now unconditionally sets `AWS_SDK_UA_APP_ID=APN_1.1/pc_cdfmjwn8i6u8l9fwz8h82e4w3$` in the environment passed to `terraform plan` and `terraform apply` - The Terraform AWS provider picks this up and appends it to the user-agent header on every AWS API call - If a customer has already set `AWS_SDK_UA_APP_ID` in their environment (e.g. via `coder.env`), we don't override it - Templates that don't use the AWS provider are unaffected — the env var is simply ignored ## Notes - The product code is hardcoded in the source. It may be worth obfuscating this value (e.g. via `-ldflags -X` at build time) to keep it out of the public repo, though it is technically a public identifier. - This covers user-agent attribution only. Resource-level `aws-apn-id` tags for cost allocation are a separate effort that requires template changes. ## References - [AWS SDK Application ID docs](https://docs.aws.amazon.com/sdkref/latest/guide/feature-appid.html) - [AWS PRM Automated User Agent](https://prm.partner.aws.dev/automated-user-agent.html) (partner login required) --------- Co-authored-by: blink-so[bot] <211532188+blink-so[bot]@users.noreply.github.com> Co-authored-by: DevCats <christofer@coder.com> |
||
|
Kyle Carberry
|
500fc5e2a4 |
feat: polish model config form UI (#24047)
Polishes the AI model configuration form (add/edit model) with tighter
layout and better input affordances.
**Frontend changes:**
- Replace "Unset" with "Default" in select dropdowns to communicate
system fallback
- Show pricing fields inline instead of behind a collapsible toggle
- Use flat section dividers (`border-t`) instead of bordered fieldsets
- Move field descriptions into info-icon tooltips to fix input
misalignment
- Add InputGroup adornments: `$` prefix + `/1M` suffix on pricing,
`tokens` suffix on token fields, `%` suffix on compression threshold,
range placeholders on temperature/penalty fields
- Shorter pricing labels (Input, Output, Cache Read, Cache Write)
- Compact JSON textareas (1-row height, resizable)
- Smart grid layouts by field type (3-col provider, 4-col pricing, 3-col
advanced)
- Boolean fields render as a segmented control (Default · On · Off)
instead of a dropdown
**Backend changes:**
- Add `enum` tags to OpenAI `service_tier`
(`auto,default,flex,scale,priority`) and `reasoning_summary`
(`auto,concise,detailed`) so they render as select dropdowns instead of
free-text inputs
> 🤖 Generated by Coder Agents
|
||
|
Jake Howell
|
baba9e6ede |
feat: disallow auditors from editing <NotificationsPage /> settings (#22382)
Auditors are still able to access and read this page but they won't be aren't able to update any of the content, we should show that to them. Should also be noted that this page isn't shown to the user in the sidebar when they are an Auditor. |
||
|
Jake Howell
|
b36619b905 |
feat: implement tabs for agent logs (#23952)
This PR adds log source tabs to the workspace agent logs panel so users can quickly focus on specific log streams instead of scanning one combined feed. It also updates the shared tabs trigger behavior to explicitly use `type="button"` when rendered as a native button, preventing unintended form submission behavior. - Adds per-source tabs in `AgentRow` with an **All Logs** default view. - Shows only log sources that currently have output, with source icons and sorted labels. - Filters rendered log lines based on the active tab while preserving existing log streaming/scroll behavior. - Refines the logs container layout/styling for the new tabbed UI. - Updates `TabsTrigger` to safely default button type when not using `asChild`. https://github.com/user-attachments/assets/9b3e7a9d-72e3-4c12-aba2-2b70cdbc04c1 |
||
|
Kyle Carberry
|
937f50f0ae |
fix: show message action tooltips at bottom on agents page (#24041)
The CopyButton tooltip on `/agents` defaulted to top (Radix default),
while the Edit button already used `side="bottom"`. This adds an
optional `tooltipSide` prop to `CopyButton` and passes `"bottom"` in the
agents `ConversationTimeline` so both tooltips appear below the buttons
consistently.
## Changes
- `CopyButton`: added optional `tooltipSide` prop, forwarded to
`<TooltipContent side={tooltipSide}>`
- `ConversationTimeline`: passed `tooltipSide="bottom"` to the
copy-message `CopyButton`
> Generated by Coder Agents
|
||
|
Kyle Carberry
|
a16755dd66 |
fix: prevent stale REST status from dropping streamed parts (#24040)
The `useEffect` that syncs `chatRecord.status` from React Query unconditionally overwrites the store's `chatStatus`. The `chat(chatId)` query has no `staleTime` (defaults to 0), so it refetches on window focus, remount, etc. If the REST response catches a transient `"pending"` status (e.g. between multi-step tool-call cycles), it regresses `chatStatus` from `"running"` to `"pending"`. Since `shouldApplyMessagePart()` drops ALL parts when status is `"pending"` or `"waiting"`, every incoming `message_part` event is silently discarded — not even buffered. Parts are visible on the WebSocket but nothing renders, and the UI shows "Response is taking longer than expected". A page reload fixes it because a fresh REST fetch returns the current status. **Fix:** Add `wsStatusReceivedRef` — once the WebSocket delivers a status event, it becomes the authoritative source and REST refetches can no longer overwrite it. This mirrors the existing `wsQueueUpdateReceivedRef` pattern already used for queued messages. The ref resets on chat change. > Generated with [Coder Agents](https://coder.com/agents) |
||
|
Kyle Carberry
|
8bdc35f91f |
refactor(site): unify message copy/edit UX across user and assistant messages (#24039)
Aligns the copy/edit action bar so both user and assistant messages use
the same hover-to-reveal pattern.
## Changes
- Replace bifurcated copy UX (inline `afterResponseSlot` for assistant,
floating toolbar for user) with a single unified action bar using
`CopyButton` + optional edit `Button`
- Remove `BlockList` `afterResponseSlot` prop and related machinery
- Remove per-message `copyHovered`/`useClipboard` state and left-border
highlight effect
- Remove `lastAssistantPerTurnIds`/`isTurnActive` computation — all
messages with content get actions on hover
- Hide actions on mid-chain assistant messages (only last in consecutive
chain shows buttons)
- Reduce inter-message gap from `gap-3` to `gap-2`
- Shrink action buttons to `size-6` for tighter vertical spacing
- Add 8px sticky top offset for user messages
> 🤖 Generated by Coder Agents
|
||
|
Kyle Carberry
|
5b32c4d79d |
fix: prevent stdio MCP server subprocess from dying after connect (#24035)
## Problem
MCP servers configured in `.mcp.json` with stdio transport are
discovered successfully (tools appear) but die immediately after
connection, making all tool calls fail.
## Root Cause
In `connectServer`, the subprocess is spawned with `connectCtx` — a
30-second timeout context whose `cancel()` is deferred:
```go
connectCtx, cancel := context.WithTimeout(ctx, connectTimeout)
defer cancel()
if err := c.Start(connectCtx); err != nil { ... }
```
The mcp-go stdio transport calls `exec.CommandContext(connectCtx, ...)`.
When `connectServer` returns, `cancel()` fires, and
`exec.CommandContext` sends SIGKILL to the subprocess. The process
immediately becomes a zombie.
Confirmed by checking `/proc/<pid>/status` after context cancellation:
```
State: Z (zombie)
```
## Fix
Pass the parent `ctx` (which is `a.gracefulCtx` — the agent's long-lived
context) to `c.Start()`. `connectCtx` continues to bound only the
`Initialize()` handshake. The subprocess is cleaned up when the Manager
is closed or the parent context is canceled.
## Regression Test
Added `TestConnectServer_StdioProcessSurvivesConnect` which:
- Spawns a real subprocess (re-execs the test binary as a fake MCP
server)
- Calls `connectServer` and lets it return (internal `connectCtx` gets
canceled)
- Verifies the subprocess is still alive by calling `ListTools`
The test **fails** on the old code with `transport error: context
deadline exceeded` and **passes** with the fix.
> Generated with [Coder Agents](https://coder.com/agents)
|
||
|
Kyle Carberry
|
8625543413 |
feat(coderd/x/chatd): parallelize ConvertMessagesWithFiles with g2 errgroup (#24034)
## Summary Move `ConvertMessagesWithFiles` into the `g2` errgroup so prompt conversion runs concurrently with instruction persistence, user prompt resolution, MCP server connections, and workspace MCP tool discovery. ## Problem In `runChat`, the setup before the first LLM `Stream()` call is sequential across two errgroups: ``` g.Wait() // model + messages + MCP configs ConvertMessagesWithFiles() // sequential — blocked on g2 starting g2.Wait() // instructions + user prompt + MCP connect + workspace MCP ``` `ConvertMessagesWithFiles` can take non-trivial time on conversations with file attachments (batch DB resolution), and it was blocking g2 from starting. ## Fix `ConvertMessagesWithFiles` only reads the `messages` slice (available after `g.Wait()`) and resolves file references via the database. No g2 task reads or writes the `prompt` variable. This makes it safe to overlap with g2: ``` g.Wait() g2.Wait() // now includes ConvertMessagesWithFiles in parallel ``` The `InsertSystem` call for parent chats and the `promptErr` check are deferred to after `g2.Wait()`, preserving correctness. <details><summary>Decision log</summary> - `ConvertMessagesWithFiles` is read-only on `messages` — no mutation, safe for concurrent access - `prompt` and `promptErr` are written only by the conversion goroutine, read only after `g2.Wait()` — no data race - Error from prompt conversion is checked immediately after `g2.Wait()`, before any code that uses `prompt` - `chatloop.Run` now uses `:=` instead of `=` since the prior `err` declaration from `prompt, err :=` was removed </details> > Generated by Coder Agents |