mirror of
https://github.com/coder/coder.git
synced 2026-06-02 20:48:20 +00:00
dependabot[bot]
df929467f6
Bumps [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) from 1.11.0 to 1.17.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/open-policy-agent/opa/releases">github.com/open-policy-agent/opa's releases</a>.</em></p> <blockquote> <h2>v1.16.2</h2> <p>This release updates the version of Go used to build the OPA binaries and images to 1.26.3; addressing <a href="https://groups.google.com/g/golang-announce/c/qcCIEXso47M">a number of vulnerabilities</a>.</p> <h2>v1.16.1</h2> <p>This is a patch release addressing a regression in the plugin manager that may cause the service to hang on shutdown (<a href="https://redirect.github.com/open-policy-agent/opa/pull/8590">#8590</a>).</p> <h2>v1.16.0</h2> <blockquote> <p>[!WARNING]</p> <p>A regression has been found in the plugin manager, which may cause the service to hang on shutdown. Users are advised to go directly to v1.16.1.</p> </blockquote> <p>This release contains a mix of new features, performance improvements, and bugfixes. Notably:</p> <ul> <li>New <code>uri.parse</code> and <code>uri.is_valid</code> built-in functions</li> <li>Data API Request/Response Metadata</li> <li>Prometheus metrics exported via OTLP</li> <li>Formatter improvements</li> </ul> <blockquote> <p><strong><em>NOTE:</em></strong></p> <p>In v1.15.x, OPA was dropping logs for bundle downloads, <code>print()</code> calls and other plugin-originated logs. Users are advised to update, v1.16.0 fixes this bug in (<a href="https://redirect.github.com/open-policy-agent/opa/pull/8544">#8544</a>).</p> </blockquote> <h3>New <code>uri.parse</code> and <code>uri.is_valid</code> built-in functions (<a href="https://redirect.github.com/open-policy-agent/opa/issues/8263">#8263</a>)</h3> <p>Two new <a href="https://www.openpolicyagent.org/docs/policy-reference/builtins">built-in functions</a> have been added: <code>uri.parse</code> for parsing a given URI, and <code>uri.is_valid</code> for verifying the structure of a given URI.</p> <h4>uri.parse</h4> <p>Parses a URI and returns an object containing its components according to <a href="https://www.rfc-editor.org/rfc/rfc3986.html">RFC 3986</a>. Empty components are omitted.</p> <pre lang="rego"><code>package example <p>test_uri if { uri.parse("<a href="https://example.com:8080/api?q=1#top">https://example.com:8080/api?q=1#top</a>") == { "scheme": "https", "hostname": "example.com", "port": "8080", "path": "/api", "raw_path": "/api", "raw_query": "q=1", "fragment": "top", } } </code></pre></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md">github.com/open-policy-agent/opa's changelog</a>.</em></p> <blockquote> <h2>1.17.0</h2> <p>This release contains a mix of new features, performance improvements, and bugfixes. Notably:</p> <ul> <li>A new <code>future.keywords.not</code> import that adds improved semantics to the <code>not</code> keyword.</li> <li>Rule Labels in Decision Logs</li> <li>Published json schema for IR and bundle manifest</li> <li>Dropped automaxprocs and x/net dependencies</li> </ul> <h3>Improved Negation Semantics (<a href="https://redirect.github.com/open-policy-agent/opa/issues/8387">#8387</a>)</h3> <p>This OPA release introduces a new <a href="https://www.openpolicyagent.org/docs/policy-reference/keywords/not#improved-negation-semantics"><code>future.keywords.not</code> import</a> that fixes a long-standing semantic issue with negation in Rego.</p> <p>Without the import, the compiler expands a negated composite expression like <code>not f(g(input.x))</code> into a series of sub-expressions evaluated <em>before</em> the <code>not</code>:</p> <pre><code>__local0__ = input.x g(__local0__, __local1__) not f(__local1__) </code></pre> <p>If any sub-expression fails — for example, <code>input.x</code> is undefined or <code>g</code> produces an undefined result — the entire rule fails rather than the <code>not</code> succeeding. This is unintuitive: the user's intent is "the condition does not hold," but an undefined intermediate value causes a silent failure instead of the expected <code>not</code> result.</p> <p>With <code>import future.keywords.not</code>, composite-expression negation wraps the full compiler expansion in an implicit body:</p> <pre><code>not { __local0__ = input.x; g(__local0__, __local1__); f(__local1__) } </code></pre> <p>Now, if <em>any</em> sub-expression is undefined or fails, the body is unsatisfiable and the <code>not</code> expression succeeds; matching the intuition that "the condition does not hold."</p> <blockquote> <p><strong><em>NOTE:</em></strong></p> <p>Users are recommended to import <code>future.keywords.not</code> whenever the <code>not</code> keyword is used in a policy.</p> </blockquote> <p>Authored by <a href="https://github.com/johanfylling"><code>@johanfylling</code></a></p> <h3>Rule Labels in Decision Logs (<a href="https://redirect.github.com/open-policy-agent/opa/issues/2089">#2089</a>)</h3> <p>Rule annotations now support a <code>labels</code> field. Labels from all successfully evaluated rules are collected and included in each decision log entry as a top-level <code>rule_labels</code></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/open-policy-agent/opa/commit/64a3625d33bc6ad8e7c40df03b76ce2fb3ab4d21"><code>64a3625</code></a> Release v1.17.0 (<a href="https://redirect.github.com/open-policy-agent/opa/issues/8710">#8710</a>)</li> <li><a href="https://github.com/open-policy-agent/opa/commit/68c9de5da00ea9d631c50327c709d5d7e8844bba"><code>68c9de5</code></a> benchmarks: tweak per-PR benchmark regression check based on pr-check</li> <li><a href="https://github.com/open-policy-agent/opa/commit/7fe3066154b7780eac16c290475f8506573a427f"><code>7fe3066</code></a> server: remove dead code (s.partials) (<a href="https://redirect.github.com/open-policy-agent/opa/issues/8708">#8708</a>)</li> <li><a href="https://github.com/open-policy-agent/opa/commit/37830be801a9ce4ec6d23df33f645bb6095f3043"><code>37830be</code></a> ast,storage/inmem: Add <code>inmem.NewFromASTObject</code> and add missing string case t...</li> <li><a href="https://github.com/open-policy-agent/opa/commit/1661f22ba399e94d08d8fb85218580a61779bdc4"><code>1661f22</code></a> ast: add some schema $ref tests</li> <li><a href="https://github.com/open-policy-agent/opa/commit/3e22f562f1e370973c1b6750eff11d06fe554c70"><code>3e22f56</code></a> benchmarks: only run for go changes</li> <li><a href="https://github.com/open-policy-agent/opa/commit/13aaeabce2221217cb6c175b269475803740fad2"><code>13aaeab</code></a> benchmarks: move env vars, remove zizmor-ignore comment</li> <li><a href="https://github.com/open-policy-agent/opa/commit/93e170868ac37f87696adfc2d7f672a0f1814936"><code>93e1708</code></a> benchmarks: fix PR message, skip tests</li> <li><a href="https://github.com/open-policy-agent/opa/commit/4ce3991901eed5b622a21f2f629029727e192ba7"><code>4ce3991</code></a> benchmarks: use go tool machinery, add benchstat</li> <li><a href="https://github.com/open-policy-agent/opa/commit/41df8df4a26d8de7a81bf4c5d78cb94f10a108d5"><code>41df8df</code></a> benchmarks: use benchlab for per-PR feedback</li> <li>Additional commits viewable in <a href="https://github.com/open-policy-agent/opa/compare/v1.11.0...v1.17.0">compare view</a></li> </ul> </details> <br /> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Coder is a self-hosted platform for cloud development environments and AI coding agents. Workspaces are defined with Terraform, connected through a secure Wireguard® tunnel, and automatically shut down when not used. Coder Agents runs a native AI coding agent whose loop executes in the control plane on your infrastructure, with no API keys in workspaces.
- Define cloud development environments in Terraform
- EC2 VMs, Kubernetes Pods, Docker Containers, etc.
- Automatically shutdown idle resources to save on costs
- Onboard developers in seconds instead of days
- Delegate coding work to AI agents on your infrastructure
- Bring any model (Anthropic, OpenAI, Google, Bedrock, self-hosted)
- No LLM credentials in workspaces, user identity on every action
- Centralized model governance, cost tracking, and audit logging
Quickstart
The most convenient way to try Coder is to install it on your local machine and experiment with provisioning cloud development environments using Docker (works on Linux, macOS, and Windows).
# First, install Coder
curl -L https://coder.com/install.sh | sh
# Start the Coder server (caches data in ~/.cache/coder)
coder server
# Navigate to http://localhost:3000 to create your initial user,
# create a Docker template and provision a workspace
Install
The easiest way to install Coder is to use the
install script for Linux
and macOS. For Windows, use the latest ..._installer.exe file from GitHub
Releases.
curl -L https://coder.com/install.sh | sh
You can run the install script with --dry-run to see the commands that will be used to install without executing them. Run the install script with --help for additional flags.
See install for additional methods.
Once installed, you can start a production deployment with a single command:
# Automatically sets up an external access URL on *.try.coder.app
coder server
# Requires a PostgreSQL instance (version 13 or higher) and external access URL
coder server --postgres-url <url> --access-url <url>
Use coder --help to get a list of flags and environment variables. See the install guides for a complete tutorial.
Documentation
Browse the documentation or visit a specific section below:
- Workspaces: Workspaces contain the IDEs, dependencies, and configuration information needed for software development
- Templates: Templates are written in Terraform and describe the infrastructure for workspaces
- Coder Agents: Delegate coding work to AI agents running on your self-hosted infrastructure
- Administration: Learn how to operate Coder
- Premium: Learn about paid features built for large teams
- IDEs: Connect your existing editor to a workspace
Support
Feel free to open an issue if you have questions, run into bugs, or have a feature request.
Join our Discord to provide feedback on in-progress features and chat with the community using Coder!
Integrations
New integrations are always in progress. Open an issue to request one. Contributions are welcome in any official or community repository.
Official
- Coder Registry: Templates, modules, and integrations for common development environments
- VS Code Extension: Open any Coder workspace in VS Code with a single click
- JetBrains Toolbox Plugin: Open any Coder workspace from JetBrains Toolbox with a single click
- JetBrains Gateway Plugin: Open any Coder workspace in JetBrains Gateway with a single click
- Dev Containers: Build development environments using
devcontainer.jsonon Docker, Kubernetes, and OpenShift - Kubernetes Log Stream: Stream Kubernetes Pod events to the Coder startup logs
- Self-Hosted VS Code Extension Marketplace: A private extension marketplace that works in restricted or airgapped networks integrating with code-server.
- GitHub Actions: An action to set up the Coder CLI in GitHub workflows
Community
- Community Templates: Community-contributed workspace templates in the Coder Registry
- Community Modules: Community-contributed modules to extend Coder templates
- Provision Coder with Terraform: Provision Coder on Google GKE, Azure AKS, AWS EKS, DigitalOcean DOKS, IBMCloud K8s, OVHCloud K8s, and Scaleway K8s Kapsule with Terraform
- Coder Template GitHub Action: A GitHub Action that updates Coder templates
- Discord: Chat with the community and provide feedback on in-progress features
Contributing
New contributors are always welcome. If you are new to the Coder codebase, see the contribution guide to get started.
Hiring
Apply on the careers page if you are interested in joining the team.