mirror of
https://github.com/coder/registry.git
synced 2026-06-02 20:48:14 +00:00
eb38bc3092d2e55904da30d0bef3ae1e19b439db
461 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
 blinkagent[bot]
|
eb38bc3092 |
ci: add variable naming lint to terraform validate (#766)
## Summary Terraform variable names should use underscores (`snake_case`), not hyphens. Hyphens are technically valid in HCL but are [deprecated and non-idiomatic](https://developer.hashicorp.com/terraform/language/values/variables). This PR adds a variable name check into the existing `terraform_validate.sh` script so it runs as part of the existing "Run Terraform Validate" CI step — no new scripts or workflow changes needed. ## Changes ### `scripts/terraform_validate.sh` — added `validate_variable_names()` - Scans `.tf` files in changed modules for `variable` declarations with hyphens - Fails with actionable fix suggestions (shows the snake_case alternative) - Runs after `terraform validate` in the same CI step ### Fix: `code-server` module — rename `machine-settings` → `machine_settings` - Renames the hyphenated variable and its reference in main.tf - Bumps version `1.4.2` → `1.4.3` - Updates all README examples --- Created on behalf of @matifali --------- Co-authored-by: blink-so[bot] <211532188+blink-so[bot]@users.noreply.github.com> Co-authored-by: DevCats <christofer@coder.com>release/coder/code-server/v1.4.3 |
||
|
Michael Suchacz
|
93e6094b1b |
fix: rename add-project to add_project in mux module (#765)
Terraform variable names should use underscores, not hyphens. Renames the `add-project` variable to `add_project` in the mux module. **Changes:** - `main.tf`: Renamed variable declaration and references - `README.md`: Updated example usage Bumped version: 1.3.0 → 1.3.1 --- Generated with [Mux](https://mux.coder.com) using Clauderelease/coder/mux/v1.3.1 |
||
|
blinkagent[bot]
|
6ec506e9b6 |
fix(dotfiles): allow tilde (~) in git repository URLs (#763)
## Description The URL validation regex in the dotfiles module was rejecting URLs containing tilde (`~`) characters, which are commonly used in Bitbucket Server for user repositories (e.g. `ssh://git@bitbucket.example.org:7999/~username/repo.git`). This adds `~` to the allowed character set in all three validation regexes (for `default_dotfiles_uri`, `dotfiles_uri`, and the `coder_parameter` validation). ## Type of Change - [ ] New module - [ ] New template - [x] Bug fix - [ ] Feature/enhancement - [ ] Documentation - [ ] Other ## Module Information **Path:** `registry/coder/modules/dotfiles` **New version:** `v1.3.1` **Breaking change:** [ ] Yes [x] No ## Testing & Validation - [x] Tests pass (`bun test`) - [x] Code formatted (`bun fmt`) - [ ] Changes tested locally ## Related Issues Fixes #762 Co-authored-by: blink-so[bot] <211532188+blink-so[bot]@users.noreply.github.com>release/coder/dotfiles/v1.3.1 |
||
|
Michael Suchacz
|
b794b1edd9 |
feat(mux): add package_manager and registry_url variables (#761)
## Summary Add two new customization variables to the Mux module so users can control how Mux is installed: ### `package_manager` (default: `"auto"`) Choose which Node package manager installs Mux: - **`auto`** (default) — auto-detects `npm` → `pnpm` → `bun` in order, falling back to a direct tarball download when none is available - **`npm`**, **`pnpm`**, **`bun`** — force a specific package manager (fails if not found on PATH) ### `registry_url` (default: `"https://registry.npmjs.org"`) Override the npm registry URL for private registries or mirrors. All previously hardcoded `registry.npmjs.org` references have been replaced with this variable. The `--registry` flag is passed to whichever package manager is used, and the tarball fallback path also uses it. ## Changes | File | What changed | |---|---| | `main.tf` | Added `package_manager` and `registry_url` variables with validation; pass both to template | | `run.sh` | Rewrote install logic: PM auto-detection loop, `case`/`esac` dispatch with PM-specific flags, replaced all hardcoded registry URLs with `${REGISTRY_URL}` | | `mux.tftest.hcl` | Added 6 new test cases: PM selection (npm/pnpm/bun), invalid PM validation, custom registry URL, trailing-slash stripping | | `main.test.ts` | Updated expected log messages to match new generic wording | | `README.md` | Updated description, added Custom Package Manager and Custom Registry examples, updated Notes section | ## Version Bumped **1.2.0 → 1.3.0** (minor: new backward-compatible features). ## Validation - ✅ `terraform validate` — clean - ✅ `terraform test` — **15 passed, 0 failed** - ✅ `terraform fmt` — clean --- Generated with [Mux](https://mux.coder.com) using Clauderelease/coder/mux/v1.3.0 |
||
|
Michael Suchacz
|
94e41d3780 |
Add arbitrary mux server command argument parsing (#738)
## Summary - add a new `additional_arguments` module variable to pass extra arguments to `mux server` - parse `additional_arguments` in `run.sh` with quoted-group support so values like paths with spaces are preserved - keep existing `add-project` behavior while allowing additional arbitrary flags - add Terraform and Bun tests covering `additional_arguments` behavior - document the new option in the module README and bump example version references to `1.2.0` ## Why The module previously only supported the `add-project` flag. This change lets users pass additional `mux server` arguments without waiting for new module variables. ## Validation - `shellcheck --severity=warning --format=gcc registry/coder/modules/mux/run.sh` - `terraform -chdir=registry/coder/modules/mux test -verbose` - `bun test registry/coder/modules/mux/main.test.ts` ## Breaking changes None. --- Generated with Mux (exec agent) using GPT-5.release/coder/mux/v1.2.0 |
||
|
Phorcys
|
480bf4b48c |
chore: update vscode-desktop-core module dependencies (#751)
## Description #750 follow-up ## Type of Change - [ ] New module - [ ] New template - [ ] Bug fix - [x] Feature/enhancement - [ ] Documentation - [ ] Otherrelease/cytoshahar/positron/v1.0.2 release/coder/windsurf/v1.3.1 release/coder/vscode-desktop/v1.2.1 release/coder/kiro/v1.2.1 release/coder/cursor/v1.4.1 release/coder/antigravity/v1.0.1 |
||
|
Phorcys
|
d8851492c0 |
fix: fix positron module slug and display name (#752)
## Description In https://github.com/coder/registry/pull/279, I had accidentally made the slug of the Positron Desktop app "cursor", and display name to be "Cursor Desktop". This PR fixes that. ## Type of Change - [ ] New module - [ ] New template - [x] Bug fix - [ ] Feature/enhancement - [ ] Documentation - [ ] Otherrelease/cytoshahar/positron/v1.0.1 |
||
|
Phorcys
|
186a779659 |
chore(registry/coder/modules): rename vscode-desktop-core input params (#750)
## Description Rename `web_app_*` suffix to `coder_app_*` ## Type of Change - [ ] New module - [ ] New template - [ ] Bug fix - [x] Feature/enhancement - [ ] Documentation - [ ] Otherrelease/coder/kasmvnc/v1.3.0 release/coder/vscode-desktop-core/v1.0.2 release/coder/agentapi/v2.1.1 |
||
|
Zach
|
8defcb2410 |
fix(agentapi): fix misleading attempt counter in wait-for-start script (#734)
The log message showed ($i/15) where $i ranged from 1-150, making it look like the counter overshot its maximum. This change extracts the iteration count into a max_attempts variable and uses it consistently. |
||
|
Katorly
|
14c43d9f29 | fix(coder/modules/jetbrains and coder-labs/modules/nextflow): fix typos in two documentations (#714) | ||
|
blinkagent[bot]
|
ac92895c50 |
docs(azure-linux): clarify resource lifecycle on stop vs delete (#713)
The existing README for the Azure Linux template only mentioned that the VM is ephemeral and the managed disk is persistent, but did not explain that the resource group, virtual network, subnet, and network interface also persist when a workspace is stopped. This led to confusion where users expected all Azure resources to be cleaned up on stop, when in reality only the VM is destroyed. ## Changes - Added the persistent networking/infrastructure resources to the resource list - Added "What happens on stop" section explaining which resources persist and why - Added "What happens on delete" section confirming all resources are cleaned up - Moved the existing note about ephemeral tools/files into a "Workspace restarts" subsection for clarity Created on behalf of @DevelopmentCats Co-authored-by: blink-so[bot] <211532188+blink-so[bot]@users.noreply.github.com> Co-authored-by: DevCats <christofer@coder.com> |
||
|
Rowan Smith
|
563dbc4a71 |
feat: add post_clone_script to dotfiles in order to support startup dependencies/coordination (#679)
## Description
Adds post_clone_script variable to the dotfiles module, enabling startup
coordination with other scripts that depend on dotfiles.
An example of how to use this, which assumes the PR has been merged:
```
module "dotfiles" {
count = data.coder_workspace.me.start_count
source = "registry.coder.com/coder/dotfiles/coder"
version = "1.3.0"
agent_id = coder_agent.main.id
default_dotfiles_uri = "https://github.com/someuser/somedotfiles"
post_clone_script = <<-EOF
coder exp sync start dotfiles && coder exp sync complete dotfiles
EOF
}
resource "coder_script" "personalize" {
count = data.coder_workspace.me.start_count
agent_id = coder_agent.main.id
display_name = "Personalize"
icon = "/icon/personalize.svg"
run_on_start = true
script = <<-EOF
trap 'coder exp sync complete personalize' EXIT
coder exp sync want personalize dotfiles
coder exp sync start personalize
SCRIPT="$HOME/.config/coderv2/dotfiles/personalize"
if [ -f "$SCRIPT" ] && [ -x "$SCRIPT" ]; then
$SCRIPT
fi
EOF
}
```
## Type of Change
- [ ] New module
- [ ] New template
- [ ] Bug fix
- [x] Feature/enhancement
- [ ] Documentation
- [ ] Other
## Module Information
**Path:** `registry/coder/modules/dotfiles`
**New version:** `v1.3.0`
**Breaking change:** [ ] Yes [x] No
## Testing & Validation
- [ ] Tests pass (`bun test`)
- [ ] Code formatted (`bun fmt`)
- [x] Changes tested locally
## Related Issues
#678
release/coder/dotfiles/v1.3.0
|
||
|
Michael Suchacz
|
39fec7ca82 |
🤖 feat: mux module — add per-workspace auth token for CSWSH protection (#728)
## Summary Add per-workspace authentication token wiring to the Mux Coder module, closing the last-mile deployment gap for cross-site WebSocket hijacking (CSWSH) protection identified in coder/security#120. ## Background When Mux runs as a Coder workspace app, it is accessible via Coder's subdomain proxy (e.g., `mux--ws--user.apps.coder.com`). Without an auth token, a malicious same-site origin (another user's workspace app on the same `*.coder.com` domain) can hijack the WebSocket session and execute arbitrary commands via the oRPC API. The Mux application itself already implements: - **Strict same-origin enforcement** for HTTP/CORS and WebSocket upgrades (coder/mux#2418) - **Auth token support** — the server reads `MUX_SERVER_AUTH_TOKEN` or `--auth-token`, and the browser frontend extracts `?token=` from the URL and persists it to localStorage What was missing was module-level token generation and browser/backend wiring. ## Implementation - **`random_password.mux_auth_token`** generates a 64-character token per module instance. - **Backend wiring:** `run.sh` launches mux with a process-scoped `MUX_SERVER_AUTH_TOKEN` environment variable. - **Frontend wiring:** `coder_app.mux.url` includes `?token=<secret>` so first launch from Coder passes the token to the browser for bootstrap/persistence. To avoid cross-instance breakage, this change intentionally does **not** use a shared `coder_env` key. Multiple `coder/mux` module instances can target the same `agent_id` (different `slug`/`port`), and a single global env key would collide. Process-scoped env keeps each instance's backend token aligned with its app URL token. ## Validation - `terraform fmt -check -diff` in `registry/coder/modules/mux` - `terraform test` in `registry/coder/modules/mux` (8 passed, 0 failed) - Updated tests now verify the URL token value (not just prefix) and verify the launch script sets `MUX_SERVER_AUTH_TOKEN` using the generated token. --- _Generated with `mux` • Model: `anthropic:claude-opus-4-6` • Thinking: `xhigh`_ <!-- mux-attribution: model=anthropic:claude-opus-4-6 thinking=xhigh -->release/coder/mux/v1.1.0 |
||
|
35C4n0r
|
c5ff4de9ed |
feat(coder/modules/agent-helper): add agent-helper module to help run scripts (#704)
## Description The Agent Helper module is a building block for modules that need to run multiple scripts in a specific order. It uses `coder exp sync` for dependency management and is designed for orchestrating pre-install, install, post-install, and start scripts. ## Type of Change - [x] New module - [ ] New template - [ ] Bug fix - [ ] Feature/enhancement - [ ] Documentation - [ ] Other ## Module Information <!-- Delete this section if not applicable --> **Path:** `registry/coder/modules/agent-helper` **New version:** `v1.0.0` **Breaking change:** [x] Yes [ ] No ## Testing & Validation - [x] Tests pass (`bun test`) - [x] Code formatted (`bun fmt`) - [x] Changes tested locally ## Related Issues Closes: https://github.com/coder/registry/issues/696 Closes: https://github.com/coder/registry/issues/698 --------- Co-authored-by: DevCats <christofer@coder.com> |
||
|
35C4n0r
|
a9a03b167c |
feat(coder-labs/modules/codex): bump agentapi version to v0.11.8 in codex (#727)
## Description - bump agentapi version to v0.11.8 in codex ## Type of Change - [ ] New module - [ ] New template - [ ] Bug fix - [x] Feature/enhancement - [ ] Documentation - [ ] Other ## Module Information <!-- Delete this section if not applicable --> **Path:** `registry/coder-labs/modules/codex` **New version:** `v4.1.1` **Breaking change:** [ ] Yes [x] No ## Testing & Validation - [x] Tests pass (`bun test`) - [x] Code formatted (`bun fmt`) - [x] Changes tested locally ## Related Issues <!-- Link related issues or write "None" if not applicable -->release/coder-labs/codex/v4.1.1 |
||
|
Riajul Islam
|
0449051828 |
feat(KasmVNC): allow share variable to be passed with default: owner (#709)
Co-authored-by: Atif Ali <atif@coder.com> |
||
|
DevCats
|
8e68c96633 |
fix: add validation to inputs in dot-files module (#703)
## Description Add's Validation to the dotfiles module in all input's to address security issue pointed out in https://github.com/coder/security/issues/119 <!-- Briefly describe what this PR does and why --> ## Type of Change - [ ] New module - [ ] New template - [X] Bug fix - [ ] Feature/enhancement - [ ] Documentation - [ ] Other ## Module Information <!-- Delete this section if not applicable --> **Path:** `registry/coder/modules/dotfiles` **New version:** `v1.2.4` **Breaking change:** [ ] Yes [X] No ## Testing & Validation - [Y] Tests pass (`bun test`) - [Y] Code formatted (`bun fmt`) - [ ] Changes tested locally ## Related Issues https://github.com/coder/security/issues/119 <!-- Link related issues or write "None" if not applicable --> --------- Co-authored-by: Jakub Domeracki <jakub@coder.com>release/coder/dotfiles/v1.2.4 |
||
|
DevCats
|
7e3e842aaa |
fix: temp-fix for not using coder_env to set path due to limitations (#699)
### Summary Temporary workaround for non-deterministic PATH handling when using `coder_env` across multiple modules ([coder/coder#21885](https://github.com/coder/coder/issues/21885)). ### Problem When multiple modules define `coder_env` with the same `name` (e.g., `PATH`), the final value is non-deterministic due to Go map iteration order. This caused PATH overwrites instead of appending, breaking Claude Code discovery in workspaces using multiple modules. ### Solution Replace `coder_env` PATH manipulation with script-based PATH handling: - **Install script**: Exports PATH and adds claude binary directory to shell profiles (`.profile`, `.bashrc`, `.zshrc`, fish) for interactive shell access - **Start script**: Exports PATH at script execution time - **Symlink**: Creates symlink in `CODER_SCRIPT_BIN_DIR` as additional fallback - **Validation**: Prevents invalid configuration where `claude_binary_path` is customized but `install_claude_code=true` (official installer doesn't support custom paths) ### Changes - Removed `coder_env` resource for PATH - Added PATH export to `install.sh` and `start.sh` - Added shell profile modifications for cross-shell compatibility (bash, zsh, fish) - Added variable validation for `claude_binary_path` ### Note This is a temporary fix until [coder/coder#21885](https://github.com/coder/coder/issues/21885) is resolved with a proper `merge_strategy` attribute for `coder_env`. ## Type of Change - [ ] New module - [ ] New template - [X] Bug fix - [ ] Feature/enhancement - [ ] Documentation - [ ] Other ## Module Information <!-- Delete this section if not applicable --> **Path:** `registry/coder/modules/claude-code` **New version:** `v4.7.5` **Breaking change:** [ ] Yes [X] No ## Testing & Validation - [X] Tests pass (`bun test`) - [X] Code formatted (`bun fmt`) - [X] Changes tested locally ## Related Issues ([coder/coder#21885](https://github.com/coder/coder/issues/21885))release/coder/claude-code/v4.7.5 |
||
|
Steven Masley
|
6ac4d70405 |
chore: add placeholder to git config inputs (#694)
Shows a placeholder of default values in the parameter input boxrelease/coder/git-config/v1.0.33 |
||
|
Harsh Singh Panwar
|
49a7985bc6 |
fix(coder/modules/jupyterlab): fix a typo (#689)
Closes https://github.com/coder/registry/issues/685 --------- Co-authored-by: Atif Ali <atif@coder.com> Co-authored-by: Muhammad Atif Ali <me@matifali.dev>release/coder/jupyterlab/v1.2.2 |
||
|
Andreas Skorczyk
|
08e68a2da4 |
Don't create CLAUDE_API_KEY coder_env if not set (#686)
## Description At the moment, the `CLAUDE_API_KEY` coder_env will always be created, even if the variable itself is not. This can lead to the environment variable being unset if it has been set outside of Terraform. With this PR, we make the `claude_api_key` coder_env conditional, so it will only be created if an API key has been set. ## Type of Change - [ ] New module - [ ] New template - [x] Bug fix - [ ] Feature/enhancement - [ ] Documentation - [ ] Other ## Module Information <!-- Delete this section if not applicable --> **Path:** `registry/coder/modules/claude-code/main.tf` **New version:** `v4.7.4` **Breaking change:** [ ] Yes [x] No ## Testing & Validation - [x] Tests pass (`bun test`) - [x] Code formatted (`bun fmt`) - [x] Changes tested locally ## Related Issues None --------- Co-authored-by: 35C4n0r <70096901+35C4n0r@users.noreply.github.com>release/coder/claude-code/v4.7.4 |
||
|
Atif Ali
|
66662db5aa |
fix(claude-code): fix example for using AI Bridge (#691)
Co-authored-by: 35C4n0r <70096901+35C4n0r@users.noreply.github.com>release/coder/claude-code/v4.7.3 |
||
|
35C4n0r
|
e25a972d7d |
fix(workflows/version-bump.yaml): fix typo in case statement (#687)
## Description - Fix typo in version bump workflow ## Type of Change - [ ] New module - [ ] New template - [x] Bug fix - [ ] Feature/enhancement - [ ] Documentation - [ ] Other ## Testing & Validation - [x] Tests pass (`bun test`) - [x] Code formatted (`bun fmt`) - [x] Changes tested locally |
||
|
35C4n0r
|
a10d5fa6a0 |
fix(coder/modules/claude-code): update terraform required version to >= 1.9 (#688)
## Description - Update terraform version for claude-code module. - Update coder version required in readme ## Type of Change - [ ] New module - [ ] New template - [x] Bug fix - [ ] Feature/enhancement - [ ] Documentation - [ ] Other ## Module Information <!-- Delete this section if not applicable --> **Path:** `registry/coder/modules/claude-code` **New version:** `v4.7.2` **Breaking change:** [ ] Yes [x] No ## Testing & Validation - [x] Tests pass (`bun test`) - [x] Code formatted (`bun fmt`) - [x] Changes tested locally ## Related Issues <!-- Link related issues or write "None" if not applicable -->release/coder/claude-code/v4.7.2 |
||
|
35C4n0r
|
360b3cd3ce |
feat(coder-labs/modules/codex): add support for aibridge (#655)
## Description - Add support for AI Bridge <!-- Briefly describe what this PR does and why --> ## Type of Change - [ ] New module - [ ] New template - [ ] Bug fix - [x] Feature/enhancement - [ ] Documentation - [ ] Other ## Module Information <!-- Delete this section if not applicable --> **Path:** `registry/coder-labs/modules/codex` **New version:** `v4.1.0` **Breaking change:** [ ] Yes [x] No ## Testing & Validation - [x] Tests pass (`bun test`) - [x] Code formatted (`bun fmt`) - [x] Changes tested locally ## Related Issues Closes: #650 --------- Co-authored-by: DevCats <christofer@coder.com> Co-authored-by: Atif Ali <atif@coder.com>release/coder-labs/codex/v4.1.0 |
||
|
Mathias Fredriksson
|
fa30191394 |
feat(coder/modules/agentapi): add log snapshot capture on shutdown (#676)
Captures the last 10 messages from AgentAPI when task workspaces stop, allowing users to view conversation history while the task is paused. The shutdown script fetches messages, builds a payload with last 10 messages, truncates to 64KB if needed (removes old messages first, then truncates content of the last message), and posts to the log snapshot endpoint. Gracefully handles non-task workspaces (skips), older Coder versions without the endpoint (logs and continues), and empty message sets. Enabled by default via task_log_snapshot variable. Task ID is automatically resolved from data.coder_task when available. Updates coder/internal#1257release/coder/agentapi/v2.1.0 |
||
|
35C4n0r
|
e4606c51f3 |
feat(coder/modules/claude-code): update claude to use binary installation for specific version pinning (#681)
## Description - Update claude-code module to use binary installation incase of specific version pinning unless use npm is specified. - Add a deprecation warning in the install script and readme for npm. ## Type of Change - [ ] New module - [ ] New template - [x] Bug fix - [ ] Feature/enhancement - [ ] Documentation - [ ] Other ## Module Information <!-- Delete this section if not applicable --> **Path:** `registry/coder/modules/claude-code` **New version:** `v4.7.1` **Breaking change:** [ ] Yes [x] No ## Testing & Validation - [x] Tests pass (`bun test`) - [x] Code formatted (`bun fmt`) - [x] Changes tested locally ## Related Issues <!-- Link related issues or write "None" if not applicable -->release/coder/claude-code/v4.7.1 |
||
|
Tao Chen
|
3b6246f256 |
[Template] SSH Linux - Add support for deploying Coder on existing Linux systems (bare-metal installation) (#605)
## Description <!-- Briefly describe what this PR does and why --> A draft that allow user connect existing linux system though coder by ssh ## Type of Change - [ ] New module - [x] New template - [ ] Bug fix - [ ] Feature/enhancement - [x] Documentation - [ ] Other ## Template Information <!-- Delete this section if not applicable --> **Path:** `registry/IamTaoChen/templates/ssh-linux` ## Testing & Validation - [ ] Tests pass (`bun test`) - [x] Code formatted (`bun fmt`) - [x] Changes tested locally ## Related Issues <!-- Link related issues or write "None" if not applicable --> --------- Co-authored-by: DevCats <christofer@coder.com> |
||
|
Yevhenii Shcherbina
|
b077dfafc8 | chore: set default boundary version to latest (#680) | ||
|
dependabot[bot]
|
6e0291cdb9 |
chore(deps): bump the github-actions group with 5 updates (#673)
Bumps the github-actions group with 5 updates: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `6.0.0` | `6.0.2` | | [coder/coder](https://github.com/coder/coder) | `2.29.1` | `2.29.2` | | [crate-ci/typos](https://github.com/crate-ci/typos) | `1.42.0` | `1.42.1` | | [actions/setup-go](https://github.com/actions/setup-go) | `6.1.0` | `6.2.0` | | [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action) | `0.3.0` | `0.4.1` | Updates `actions/checkout` from 6.0.0 to 6.0.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v6.0.2</h2> <h2>What's Changed</h2> <ul> <li>Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2355">actions/checkout#2355</a></li> <li>Fix tag handling: preserve annotations and explicit fetch-tags by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2356">actions/checkout#2356</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v6.0.1...v6.0.2">https://github.com/actions/checkout/compare/v6.0.1...v6.0.2</a></p> <h2>v6.0.1</h2> <h2>What's Changed</h2> <ul> <li>Update all references from v5 and v4 to v6 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2314">actions/checkout#2314</a></li> <li>Add worktree support for persist-credentials includeIf by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2327">actions/checkout#2327</a></li> <li>Clarify v6 README by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2328">actions/checkout#2328</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v6...v6.0.1">https://github.com/actions/checkout/compare/v6...v6.0.1</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>v6.0.2</h2> <ul> <li>Fix tag handling: preserve annotations and explicit fetch-tags by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2356">actions/checkout#2356</a></li> </ul> <h2>v6.0.1</h2> <ul> <li>Add worktree support for persist-credentials includeIf by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2327">actions/checkout#2327</a></li> </ul> <h2>v6.0.0</h2> <ul> <li>Persist creds to a separate file by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2286">actions/checkout#2286</a></li> <li>Update README to include Node.js 24 support details and requirements by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2248">actions/checkout#2248</a></li> </ul> <h2>v5.0.1</h2> <ul> <li>Port v6 cleanup to v5 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2301">actions/checkout#2301</a></li> </ul> <h2>v5.0.0</h2> <ul> <li>Update actions checkout to use node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li> </ul> <h2>v4.3.1</h2> <ul> <li>Port v6 cleanup to v4 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2305">actions/checkout#2305</a></li> </ul> <h2>v4.3.0</h2> <ul> <li>docs: update README.md by <a href="https://github.com/motss"><code>@motss</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li>Add internal repos for checking out multiple repositories by <a href="https://github.com/mouismail"><code>@mouismail</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li>Documentation update - add recommended permissions to Readme by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li>Adjust positioning of user email note and permissions heading by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li>Update CODEOWNERS for actions by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li> <li>Update package dependencies by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> </ul> <h2>v4.2.2</h2> <ul> <li><code>url-helper.ts</code> now leverages well-known environment variables by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li> <li>Expand unit test coverage for <code>isGhes</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li> </ul> <h2>v4.2.1</h2> <ul> <li>Check out other refs/* by commit if provided, fall back to ref by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li> </ul> <h2>v4.2.0</h2> <ul> <li>Add Ref and Commit outputs by <a href="https://github.com/lucacome"><code>@lucacome</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li> <li>Dependency updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>- <a href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>, <a href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li> </ul> <h2>v4.1.7</h2> <ul> <li>Bump the minor-npm-dependencies group across 1 directory with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li> <li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li> <li>Check out other refs/* by commit by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li> <li>Pin actions/checkout's own workflows to a known, good, stable version. by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li> </ul> <h2>v4.1.6</h2> <ul> <li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd"><code>de0fac2</code></a> Fix tag handling: preserve annotations and explicit fetch-tags (<a href="https://redirect.github.com/actions/checkout/issues/2356">#2356</a>)</li> <li><a href="https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49"><code>064fe7f</code></a> Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...</li> <li><a href="https://github.com/actions/checkout/commit/8e8c483db84b4bee98b60c0593521ed34d9990e8"><code>8e8c483</code></a> Clarify v6 README (<a href="https://redirect.github.com/actions/checkout/issues/2328">#2328</a>)</li> <li><a href="https://github.com/actions/checkout/commit/033fa0dc0b82693d8986f1016a0ec2c5e7d9cbb1"><code>033fa0d</code></a> Add worktree support for persist-credentials includeIf (<a href="https://redirect.github.com/actions/checkout/issues/2327">#2327</a>)</li> <li><a href="https://github.com/actions/checkout/commit/c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5"><code>c2d88d3</code></a> Update all references from v5 and v4 to v6 (<a href="https://redirect.github.com/actions/checkout/issues/2314">#2314</a>)</li> <li>See full diff in <a href="https://github.com/actions/checkout/compare/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3...de0fac2e4500dabe0009e67214ff5f5447ce83dd">compare view</a></li> </ul> </details> <br /> Updates `coder/coder` from 2.29.1 to 2.29.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/coder/coder/releases">coder/coder's releases</a>.</em></p> <blockquote> <h2>v2.29.2</h2> <h2>Changelog</h2> <blockquote> <p>[!NOTE] This is a mainline Coder release. We advise enterprise customers without a staging environment to install our <a href="https://github.com/coder/coder/releases/latest">latest stable release</a> while we refine this version. Learn more about our <a href="https://coder.com/docs/install/releases">Release Schedule</a>.</p> </blockquote> <h3>Features</h3> <ul> <li>CLI: Backport <a href="https://redirect.github.com/coder/coder/issues/21374">#21374</a> to 2.29 (<a href="https://redirect.github.com/coder/coder/issues/21561">#21561</a>, 2e2d0dde4)</li> </ul> <h3>Bug fixes</h3> <ul> <li>Backport update boundary version to 2.29 (<a href="https://redirect.github.com/coder/coder/issues/21290">#21290</a>) (<a href="https://redirect.github.com/coder/coder/issues/21575">#21575</a>, 2314e4a94)</li> <li>Backport migration fixes (<a href="https://redirect.github.com/coder/coder/issues/21611">#21611</a>, b5360a918)</li> </ul> <h3>Chores</h3> <ul> <li>Add antigravity to allowed protocols list (<a href="https://redirect.github.com/coder/coder/issues/20873">#20873</a>) (<a href="https://redirect.github.com/coder/coder/issues/21122">#21122</a>, bd76c602e)</li> </ul> <p>Compare: <a href="https://github.com/coder/coder/compare/v2.29.1...v2.29.2"><code>v2.29.1...v2.29.2</code></a></p> <h2>Container image</h2> <ul> <li><code>docker pull ghcr.io/coder/coder:v2.29.2</code></li> </ul> <h2>Install/upgrade</h2> <p>Refer to our docs to <a href="https://coder.com/docs/install">install</a> or <a href="https://coder.com/docs/install/upgrade">upgrade</a> Coder, or use a release asset below.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/coder/coder/commit/b5360a9180613328a62d64efcfaac5a31980c746"><code>b5360a9</code></a> fix: backport migration fixes (<a href="https://redirect.github.com/coder/coder/issues/21611">#21611</a>)</li> <li><a href="https://github.com/coder/coder/commit/2e2d0dde447d5e52a07e13ccc54631aec1867319"><code>2e2d0dd</code></a> feat(cli): backport <a href="https://redirect.github.com/coder/coder/issues/21374">#21374</a> to 2.29 (<a href="https://redirect.github.com/coder/coder/issues/21561">#21561</a>)</li> <li><a href="https://github.com/coder/coder/commit/2314e4a94ee53ef4616b1b856f1d0281103398fd"><code>2314e4a</code></a> fix: backport update boundary version to 2.29 (<a href="https://redirect.github.com/coder/coder/issues/21290">#21290</a>) (<a href="https://redirect.github.com/coder/coder/issues/21575">#21575</a>)</li> <li><a href="https://github.com/coder/coder/commit/bd76c602e4f0a9f5bc98c6d45e13115219c1d81d"><code>bd76c60</code></a> chore: add antigravity to allowed protocols list (<a href="https://redirect.github.com/coder/coder/issues/20873">#20873</a>) (<a href="https://redirect.github.com/coder/coder/issues/21122">#21122</a>)</li> <li>See full diff in <a href="https://github.com/coder/coder/compare/59cdd7e21f4d7da12567c0c29964d298fbf38f27...b5360a9180613328a62d64efcfaac5a31980c746">compare view</a></li> </ul> </details> <br /> Updates `crate-ci/typos` from 1.42.0 to 1.42.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/releases">crate-ci/typos's releases</a>.</em></p> <blockquote> <h2>v1.42.1</h2> <h2>[1.42.1] - 2026-01-19</h2> <h3>Fixes</h3> <ul> <li>Ignore hex literals with suffixes (e.g. <code>0xffffUL</code>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's changelog</a>.</em></p> <blockquote> <h1>Change Log</h1> <p>All notable changes to this project will be documented in this file.</p> <p>The format is based on <a href="https://keepachangelog.com/">Keep a Changelog</a> and this project adheres to <a href="https://semver.org/">Semantic Versioning</a>.</p> <!-- raw HTML omitted --> <h2>[Unreleased] - ReleaseDate</h2> <h2>[1.42.1] - 2026-01-19</h2> <h3>Fixes</h3> <ul> <li>Ignore hex literals with suffixes (e.g. <code>0xffffUL</code>)</li> </ul> <h2>[1.42.0] - 2026-01-07</h2> <h3>Features</h3> <ul> <li>Dictionary updates</li> </ul> <h2>[1.41.0] - 2025-12-31</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1431">December 2025</a> changes</li> </ul> <h2>[1.40.1] - 2025-12-29</h2> <h3>Fixes</h3> <ul> <li>Treat <code>incrementer</code> and <code>incrementor</code> the same for now</li> </ul> <h3>Fixes</h3> <ul> <li>Don't correct ITerm2</li> </ul> <h2>[1.40.0] - 2025-11-26</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1405">November 2025</a> changes</li> </ul> <h2>[1.39.2] - 2025-11-13</h2> <h3>Fixes</h3> <ul> <li>Don't offer <code>entry</code> as a correction for <code>entrys</code></li> </ul> <h2>[1.39.1] - 2025-11-12</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/crate-ci/typos/commit/65120634e79d8374d1aa2f27e54baa0c364fff5a"><code>6512063</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/2049566b9c8d1828af41b31f770bbc44d6b34eab"><code>2049566</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/cbc66c9a8518fdb8d78f6502705ffad9a58574c5"><code>cbc66c9</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1471">#1471</a> from epage/hex</li> <li><a href="https://github.com/crate-ci/typos/commit/207157952c1c5bb2f91d933d56924dcb674cd919"><code>2071579</code></a> fix(tokens): Ignore hex literals with suffixes</li> <li><a href="https://github.com/crate-ci/typos/commit/7300bb0964cb8a525429adbde59c6a4eeb27099e"><code>7300bb0</code></a> perf(token): Avoid switching to chars</li> <li><a href="https://github.com/crate-ci/typos/commit/01955c0f2a615c6f18fecd48a83fce416f520c38"><code>01955c0</code></a> perf(token): Prefer slices over characters</li> <li><a href="https://github.com/crate-ci/typos/commit/5d4cfab739a1567f49a71c421647370271da220f"><code>5d4cfab</code></a> test(cli): Show hex literal issue</li> <li><a href="https://github.com/crate-ci/typos/commit/3cee018e3f423e227a4df83b164d33084d6ee2be"><code>3cee018</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1468">#1468</a> from Wilfred/patch-1</li> <li><a href="https://github.com/crate-ci/typos/commit/a96a636d4eab2dee39e7046a61c94cf3171cbaad"><code>a96a636</code></a> Fix typo in ripsecrets link</li> <li><a href="https://github.com/crate-ci/typos/commit/837ad2701b39a6d960ea301041d309c10185efd6"><code>837ad27</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1467">#1467</a> from Wilfred/full_examples_in_reference</li> <li>Additional commits viewable in <a href="https://github.com/crate-ci/typos/compare/bb4666ad77b539a6b4ce4eda7ebb6de553704021...65120634e79d8374d1aa2f27e54baa0c364fff5a">compare view</a></li> </ul> </details> <br /> Updates `actions/setup-go` from 6.1.0 to 6.2.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-go/releases">actions/setup-go's releases</a>.</em></p> <blockquote> <h2>v6.2.0</h2> <h2>What's Changed</h2> <h3>Enhancements</h3> <ul> <li>Example for restore-only cache in documentation by <a href="https://github.com/aparnajyothi-y"><code>@aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-go/pull/696">actions/setup-go#696</a></li> <li>Update Node.js version in action.yml by <a href="https://github.com/ccoVeille"><code>@ccoVeille</code></a> in <a href="https://redirect.github.com/actions/setup-go/pull/691">actions/setup-go#691</a></li> <li>Documentation update of actions/checkout by <a href="https://github.com/deining"><code>@deining</code></a> in <a href="https://redirect.github.com/actions/setup-go/pull/683">actions/setup-go#683</a></li> </ul> <h3>Dependency updates</h3> <ul> <li>Upgrade js-yaml from 3.14.1 to 3.14.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-go/pull/682">actions/setup-go#682</a></li> <li>Upgrade <code>@actions/cache</code> to v5 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/setup-go/pull/695">actions/setup-go#695</a></li> <li>Upgrade actions/checkout from 5 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-go/pull/686">actions/setup-go#686</a></li> <li>Upgrade qs from 6.14.0 to 6.14.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-go/pull/703">actions/setup-go#703</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/ccoVeille"><code>@ccoVeille</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-go/pull/691">actions/setup-go#691</a></li> <li><a href="https://github.com/deining"><code>@deining</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-go/pull/683">actions/setup-go#683</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-go/compare/v6...v6.2.0">https://github.com/actions/setup-go/compare/v6...v6.2.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/setup-go/commit/7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5"><code>7a3fe6c</code></a> Bump qs from 6.14.0 to 6.14.1 (<a href="https://redirect.github.com/actions/setup-go/issues/703">#703</a>)</li> <li><a href="https://github.com/actions/setup-go/commit/b9adafd441833a027479ddd0db37eaece68d35cb"><code>b9adafd</code></a> Bump actions/checkout from 5 to 6 (<a href="https://redirect.github.com/actions/setup-go/issues/686">#686</a>)</li> <li><a href="https://github.com/actions/setup-go/commit/d73f6bcfc2b419b74f47075f8a487b40cc4680f8"><code>d73f6bc</code></a> README.md: correct to actions/checkout@v6 (<a href="https://redirect.github.com/actions/setup-go/issues/683">#683</a>)</li> <li><a href="https://github.com/actions/setup-go/commit/ae252ee6fb24babc50e89fc67c4aa608e69fbf8f"><code>ae252ee</code></a> Bump <code>@actions/cache</code> to v5 (<a href="https://redirect.github.com/actions/setup-go/issues/695">#695</a>)</li> <li><a href="https://github.com/actions/setup-go/commit/bf7446afafbce8902019569bc0aab5a59380c516"><code>bf7446a</code></a> Bump js-yaml from 3.14.1 to 3.14.2 (<a href="https://redirect.github.com/actions/setup-go/issues/682">#682</a>)</li> <li><a href="https://github.com/actions/setup-go/commit/02aadfee7f572f67453450365b688df2c3f95730"><code>02aadfe</code></a> Fix Node.js version in action.yml (<a href="https://redirect.github.com/actions/setup-go/issues/691">#691</a>)</li> <li><a href="https://github.com/actions/setup-go/commit/4aaadf42668403795cdfdb15b1c4250e9fed12b9"><code>4aaadf4</code></a> Example for restore-only cache in documentation (<a href="https://redirect.github.com/actions/setup-go/issues/696">#696</a>)</li> <li>See full diff in <a href="https://github.com/actions/setup-go/compare/4dc6199c7b1a012772edbd06daecab0f50c9053c...7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5">compare view</a></li> </ul> </details> <br /> Updates `zizmorcore/zizmor-action` from 0.3.0 to 0.4.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/zizmorcore/zizmor-action/releases">zizmorcore/zizmor-action's releases</a>.</em></p> <blockquote> <h2>v0.4.1</h2> <p>This version fixes an error in the 0.4.0 release that prevented non-relative use of the action.</p> <h2>What's Changed</h2> <ul> <li>Fix version file path by <a href="https://github.com/woodruffw"><code>@woodruffw</code></a> in <a href="https://redirect.github.com/zizmorcore/zizmor-action/pull/83">zizmorcore/zizmor-action#83</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/zizmorcore/zizmor-action/compare/v0.4.0...v0.4.1">https://github.com/zizmorcore/zizmor-action/compare/v0.4.0...v0.4.1</a></p> <h2>v0.4.0</h2> <p>This new version of <code>zizmor-action</code> brings two major changes:</p> <ul> <li> <p>The new <code>fail-on-no-inputs</code> option can be used to control whether <code>zizmor-action</code> fails if no inputs were collected by <code>zizmor</code>. The default remains <code>true</code>, reflecting the pre-existing behavior.</p> </li> <li> <p>The action's use of the official <code>zizmor</code> Docker images is now fully hash-checked internally, preventing accidental or malicious modification to the images. This also means that subsequent releases of <code>zizmor</code> will induce a release of this action, rather than the action always picking up the latest version by default.</p> </li> </ul> <h2>What's Changed</h2> <ul> <li>docs: extended permissions required for internal repos by <a href="https://github.com/AntoineSebert"><code>@AntoineSebert</code></a> in <a href="https://redirect.github.com/zizmorcore/zizmor-action/pull/61">zizmorcore/zizmor-action#61</a></li> <li>docs: clarify description of "token" to indicate it is only used for online audits by <a href="https://github.com/rmuir"><code>@rmuir</code></a> in <a href="https://redirect.github.com/zizmorcore/zizmor-action/pull/63">zizmorcore/zizmor-action#63</a></li> <li>Hash-check zizmor Docker images by <a href="https://github.com/woodruffw"><code>@woodruffw</code></a> in <a href="https://redirect.github.com/zizmorcore/zizmor-action/pull/68">zizmorcore/zizmor-action#68</a></li> <li>Add <code>fail-on-no-inputs</code> option by <a href="https://github.com/woodruffw"><code>@woodruffw</code></a> in <a href="https://redirect.github.com/zizmorcore/zizmor-action/pull/67">zizmorcore/zizmor-action#67</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/AntoineSebert"><code>@AntoineSebert</code></a> made their first contribution in <a href="https://redirect.github.com/zizmorcore/zizmor-action/pull/61">zizmorcore/zizmor-action#61</a></li> <li><a href="https://github.com/rmuir"><code>@rmuir</code></a> made their first contribution in <a href="https://redirect.github.com/zizmorcore/zizmor-action/pull/63">zizmorcore/zizmor-action#63</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/zizmorcore/zizmor-action/compare/v0.3.0...v0.4.0">https://github.com/zizmorcore/zizmor-action/compare/v0.3.0...v0.4.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/zizmorcore/zizmor-action/commit/135698455da5c3b3e55f73f4419e481ab68cdd95"><code>1356984</code></a> Fix version file path (<a href="https://redirect.github.com/zizmorcore/zizmor-action/issues/83">#83</a>)</li> <li><a href="https://github.com/zizmorcore/zizmor-action/commit/72469cf6cc7fbd7801d9b361f11f25c0b5fc9d42"><code>72469cf</code></a> Bump pins in README (<a href="https://redirect.github.com/zizmorcore/zizmor-action/issues/80">#80</a>)</li> <li><a href="https://github.com/zizmorcore/zizmor-action/commit/3aa7e2f1ad15075829ef5158ee06938ae12e1769"><code>3aa7e2f</code></a> Add fail-on-no-inputs tests (<a href="https://redirect.github.com/zizmorcore/zizmor-action/issues/79">#79</a>)</li> <li><a href="https://github.com/zizmorcore/zizmor-action/commit/92fc377b741151b893e77df75819fb34a198f677"><code>92fc377</code></a> Sync zizmor versions (<a href="https://redirect.github.com/zizmorcore/zizmor-action/issues/78">#78</a>)</li> <li><a href="https://github.com/zizmorcore/zizmor-action/commit/5aff8efe9fc7bea2f977d55dcc7c98923f22d887"><code>5aff8ef</code></a> Add <code>fail-on-no-inputs</code> option (<a href="https://redirect.github.com/zizmorcore/zizmor-action/issues/67">#67</a>)</li> <li><a href="https://github.com/zizmorcore/zizmor-action/commit/4d497b9cc8b9f59f4154478dffc4bab6a783fc69"><code>4d497b9</code></a> Sync zizmor versions (<a href="https://redirect.github.com/zizmorcore/zizmor-action/issues/75">#75</a>)</li> <li><a href="https://github.com/zizmorcore/zizmor-action/commit/5fa0711fa51dd83a19dbfcf0195cfb02e61571ef"><code>5fa0711</code></a> Fix sync-zizmor-versions (<a href="https://redirect.github.com/zizmorcore/zizmor-action/issues/69">#69</a>)</li> <li><a href="https://github.com/zizmorcore/zizmor-action/commit/c823f2c8e66ceac799af6d2d17b1d83b6d5a0177"><code>c823f2c</code></a> Hash-check zizmor Docker images (<a href="https://redirect.github.com/zizmorcore/zizmor-action/issues/68">#68</a>)</li> <li><a href="https://github.com/zizmorcore/zizmor-action/commit/706c51b5bce7adb027de71ab36d865f5d3fcc7b7"><code>706c51b</code></a> chore(deps): bump github/codeql-action in the github-actions group (<a href="https://redirect.github.com/zizmorcore/zizmor-action/issues/66">#66</a>)</li> <li><a href="https://github.com/zizmorcore/zizmor-action/commit/cb3d8e846e148d1111d90b03375b9c03deceda37"><code>cb3d8e8</code></a> chore(deps): bump actions/checkout in the github-actions group (<a href="https://redirect.github.com/zizmorcore/zizmor-action/issues/65">#65</a>)</li> <li>Additional commits viewable in <a href="https://github.com/zizmorcore/zizmor-action/compare/e639db99335bc9038abc0e066dfcd72e23d26fb4...135698455da5c3b3e55f73f4419e481ab68cdd95">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: DevCats <christofer@coder.com> |
||
|
Michael Suchacz
|
bd1c4c59cd |
feat(coder/modules/mux): update defaults and add-project (#677)
## Summary - Default `subdomain` to `true` so Mux uses subdomain routing by default. - Default `display_name` to `Mux`. - Make `add-project` optional (`null` by default) and pass `--add-project` to `mux server` when set. - Bump mux module README example version to `1.0.8`. ## Notes Changing the `subdomain` default may affect workspaces without wildcard subdomain support configured (they can explicitly set `subdomain = false`). ## Testing - `terraform validate` (registry/coder/modules/mux) - `terraform test -verbose` (registry/coder/modules/mux) --- Generated with Mux (AI coding agent).release/coder/mux/v1.0.8 |
||
|
Alfred
|
8d53725005 |
Fix(registry/Excellencedev/templates/hetzner-linux): Correctly select coder agent arch on Hetzner CAX ARM Instances (#672)
## Description hetzner-linux template allows CAX (ARM) instances but hardcodes coder agent to amd64 causing the wrong coder-agent to be pulled on CAX instance causing provisioning failure. Adding `architecture` to server_types response and mapping this to correct agent arch, with defaults back to amd64 for if this fails. No Fix, CAX Instance ``` Jan 25 16:03:48 coder-test-nofix-dev systemd[1]: Starting coder-agent.service - Coder Agent... Jan 25 16:03:53 coder-test-nofix-dev systemd[1]: Started coder-agent.service - Coder Agent. Jan 25 16:03:53 coder-test-nofix-dev coder-agent[2100]: + trap waitonexit EXIT Jan 25 16:03:53 coder-test-nofix-dev coder-agent[2101]: + mktemp -d -t coder.XXXXXX Jan 25 16:03:53 coder-test-nofix-dev coder-agent[2100]: + BINARY_DIR=/tmp/coder.6oHHHW Jan 25 16:03:53 coder-test-nofix-dev coder-agent[2100]: + BINARY_NAME=coder Jan 25 16:03:53 coder-test-nofix-dev coder-agent[2100]: + BINARY_URL=https://coder.domain/bin/coder-linux-amd64 Jan 25 16:03:53 coder-test-nofix-dev coder-agent[2100]: + cd /tmp/coder.6oHHHW Jan 25 16:03:53 coder-test-nofix-dev coder-agent[2100]: + : Jan 25 16:03:53 coder-test-nofix-dev coder-agent[2100]: + status= Jan 25 16:03:53 coder-test-nofix-dev coder-agent[2100]: + command -v curl Jan 25 16:03:53 coder-test-nofix-dev coder-agent[2100]: + curl -fsSL --compressed https://coder.domain/bin/coder-linux-amd64 -o coder Jan 25 16:04:02 coder-test-nofix-dev coder-agent[2100]: + break Jan 25 16:04:02 coder-test-nofix-dev coder-agent[2100]: + chmod +x coder Jan 25 16:04:02 coder-test-nofix-dev coder-agent[2100]: + [ -n ] Jan 25 16:04:02 coder-test-nofix-dev coder-agent[2100]: + export CODER_AGENT_AUTH=token Jan 25 16:04:02 coder-test-nofix-dev coder-agent[2100]: + export CODER_AGENT_URL=https://coder.domain/ Jan 25 16:04:02 coder-test-nofix-dev coder-agent[2133]: + ./coder --version Jan 25 16:04:02 coder-test-nofix-dev coder-agent[2134]: + head -n1 Jan 25 16:04:02 coder-test-nofix-dev coder-agent[2133]: /opt/coder/init: 90: ./coder: Exec format error Jan 25 16:04:02 coder-test-nofix-dev coder-agent[2100]: + output= Jan 25 16:04:02 coder-test-nofix-dev coder-agent[2136]: + echo Jan 25 16:04:02 coder-test-nofix-dev coder-agent[2137]: + grep -q Coder Jan 25 16:04:02 coder-test-nofix-dev coder-agent[2100]: + echo ERROR: Downloaded agent binary returned unexpected version output Jan 25 16:04:02 coder-test-nofix-dev coder-agent[2100]: ERROR: Downloaded agent binary returned unexpected version output Jan 25 16:04:02 coder-test-nofix-dev coder-agent[2100]: + echo coder --version output: "" Jan 25 16:04:02 coder-test-nofix-dev coder-agent[2100]: coder --version output: "" Jan 25 16:04:02 coder-test-nofix-dev coder-agent[2100]: + exit 2 Jan 25 16:04:02 coder-test-nofix-dev coder-agent[2100]: + waitonexit Jan 25 16:04:02 coder-test-nofix-dev coder-agent[2100]: + echo === Agent script exited with non-zero code (2). Sleeping 24h to preserve logs... Jan 25 16:04:02 coder-test-nofix-dev coder-agent[2100]: === Agent script exited with non-zero code (2). Sleeping 24h to preserve logs... Jan 25 16:04:02 coder-test-nofix-dev coder-agent[2100]: + sleep 86400 ``` Fix, CAX Instance ``` Jan 25 16:08:55 coder-ARM64TEST-dev systemd[1]: Starting coder-agent.service - Coder Agent... Jan 25 16:09:00 coder-ARM64TEST-dev systemd[1]: Started coder-agent.service - Coder Agent. Jan 25 16:09:00 coder-ARM64TEST-dev coder-agent[2044]: + trap waitonexit EXIT Jan 25 16:09:00 coder-ARM64TEST-dev coder-agent[2046]: + mktemp -d -t coder.XXXXXX Jan 25 16:09:00 coder-ARM64TEST-dev coder-agent[2044]: + BINARY_DIR=/tmp/coder.4j7W57 Jan 25 16:09:00 coder-ARM64TEST-dev coder-agent[2044]: + BINARY_NAME=coder Jan 25 16:09:00 coder-ARM64TEST-dev coder-agent[2044]: + BINARY_URL=https://coder.domain/bin/coder-linux-arm64 Jan 25 16:09:00 coder-ARM64TEST-dev coder-agent[2044]: + cd /tmp/coder.4j7W57 Jan 25 16:09:00 coder-ARM64TEST-dev coder-agent[2044]: + : Jan 25 16:09:00 coder-ARM64TEST-dev coder-agent[2044]: + status= Jan 25 16:09:00 coder-ARM64TEST-dev coder-agent[2044]: + command -v curl Jan 25 16:09:00 coder-ARM64TEST-dev coder-agent[2044]: + curl -fsSL --compressed https://coder.domain/bin/coder-linux-arm64 -o coder Jan 25 16:09:13 coder-ARM64TEST-dev coder-agent[2044]: + break Jan 25 16:09:13 coder-ARM64TEST-dev coder-agent[2044]: + chmod +x coder Jan 25 16:09:13 coder-ARM64TEST-dev coder-agent[2044]: + [ -n ] Jan 25 16:09:13 coder-ARM64TEST-dev coder-agent[2044]: + export CODER_AGENT_AUTH=token Jan 25 16:09:13 coder-ARM64TEST-dev coder-agent[2044]: + export CODER_AGENT_URL=https://coder.domain/ Jan 25 16:09:13 coder-ARM64TEST-dev coder-agent[2069]: + ./coder --version Jan 25 16:09:13 coder-ARM64TEST-dev coder-agent[2070]: + head -n1 Jan 25 16:09:13 coder-ARM64TEST-dev coder-agent[2044]: + output=Coder v2.29.2+b5360a9 Wed Jan 21 15:45:58 UTC 2026 Jan 25 16:09:13 coder-ARM64TEST-dev coder-agent[2076]: + echo Coder v2.29.2+b5360a9 Wed Jan 21 15:45:58 UTC 2026 Jan 25 16:09:13 coder-ARM64TEST-dev coder-agent[2077]: + grep -q Coder Jan 25 16:09:13 coder-ARM64TEST-dev coder-agent[2044]: + exec ./coder agent Jan 25 16:09:13 coder-ARM64TEST-dev coder-agent[2044]: 2026-01-25 16:09:13.467 [info] agent is starting now ``` ## Type of Change - [ ] New module - [ ] New template - [x] Bug fix - [ ] Feature/enhancement - [ ] Documentation - [ ] Other ## Template Information <!-- Delete this section if not applicable --> **Path:** `registry/Excellencedev/templates/hetzner-linux` ## Testing & Validation - [] Tests pass (`bun test`) - [] Code formatted (`bun fmt`) - [x] Changes tested locally ## Related Issues <!-- Link related issues or write "None" if not applicable --> |
||
|
Yevhenii Shcherbina
|
bd1a36b228 |
feat: use coder boundary subcommand (#674)
## Summary of Changes ### Feature: Add `coder boundary` subcommand support as default Adds `coder boundary` subcommand as the default method for running boundary eliminating the need to install boundary separately. **Changes:** 1. **New variable: `use_boundary_directly`** (default: `false`) - `false`: Uses `coder boundary` subcommand (default, no installation) - `true`: Installs boundary binary from release - `compile_boundary_from_source = true`: Compiles from source 2. **Fixed CAP_NET_ADMIN capability issue** - Copies `coder` binary to `coder-no-caps` to strip capabilities (required for boundary) 3. **Removed `boundary-run` wrapper** - no longer used **Files Modified:** - `scripts/start.sh` - main implementation - `main.tf` - added `use_boundary_directly` variable **Behavior:** - **Default**: Uses `coder boundary` subcommand (no installation needed) - **`use_boundary_directly = true`**: Installs boundary from release version - **`compile_boundary_from_source = true`**: Compiles boundary from source <!-- Briefly describe what this PR does and why --> ## Type of Change - [ ] New module - [ ] New template - [ ] Bug fix - [x] Feature/enhancement - [ ] Documentation - [ ] Other ## Module Information <!-- Delete this section if not applicable --> **Path:** `registry/coder/modules/claude-code` **New version:** `v4.7.0` **Breaking change:** [ ] Yes [X] No ## Testing & Validation - [ ] Tests pass (`bun test`) - [ ] Code formatted (`bun fmt`) - [ ] Changes tested locally ## Related Issues <!-- Link related issues or write "None" if not applicable -->release/coder/claude-code/v4.7.0 |
||
|
35C4n0r
|
01d6669708 |
feat(coder/modules/claude-code): add support for MCP server configurations from remote URLs (#668)
## Description
- add support for MCP server configurations from remote URLs
## Example
```json
mcp_remote_urls = [
"https://gist.githubusercontent.com/35C4n0r/cd8dce70360e5d22a070ae21893caed4/raw/",
"https://raw.githubusercontent.com/coder/coder/main/.mcp.json"
]
```
## Type of Change
- [ ] New module
- [ ] New template
- [ ] Bug fix
- [x] Feature/enhancement
- [ ] Documentation
- [ ] Other
## Module Information
<!-- Delete this section if not applicable -->
**Path:** `registry/coder/modules/claude-code`
**New version:** `v4.6.0`
**Breaking change:** [ ] Yes [x] No
## Testing & Validation
- [x] Tests pass (`bun test`)
- [x] Code formatted (`bun fmt`)
- [x] Changes tested locally
## Related Issues
Closes: #665
release/coder/claude-code/v4.6.0
|
||
|
Lukasz
|
01365fb61a |
feat: add zizmor workflow checks for GitHub Actions (#662)
## Description This PR adds a zizmor security scan to the CI pipeline to analyze new and existing GitHub Actions workflows under .github/workflows/. - Runs zizmor on PRs and fails the check when HIGH severity (or above) issues are found, so they can block merges. - Runs zizmor on main to produce security reporting (where applicable), keeping visibility into findings over time. - Intended to be added as a required status check so workflow-security regressions can’t land unnoticed. Reference: coder/registry#642 (comment) / zizmor-action ## Type of Change - [ ] New module - [ ] New template - [ ] Bug fix - [ ] Feature/enhancement - [ ] Documentation - [x] Other - CI / security tooling ## Testing & Validation - Validation via PR check - opened a test PR with a deliberately risky workflow and confirmed zizmor reports and blocks on HIGH findings ## Related Issues coder/registry#642 (comment) / zizmor-action |
||
|
Lukasz
|
ec57cb5c0f |
CI: Pin GitHub Actions and fix zizmor high-severity findings (#667)
## Description This PR fixes zizmor --min-severity high findings in our GitHub Actions workflows by: - Pinning all uses: references to immutable commit SHAs (replaces floating tags like @v6 / @main). - Pinning internal Terraform setup action usage (coder/coder/.github/actions/setup-tf@main) to a fixed ref/commit. - Pinning crate-ci/typos to a commit SHA. - Removing GitHub expression template expansion inside a run: block in version-bump.yaml (prevents template injection flagged by zizmor). ## Type of Change - [ ] New module - [ ] New template - [ ] Bug fix - [ ] Feature/enhancement - [ ] Documentation - [x] Other ## Module Information N/A ## Template Information N/A ## Testing & Validation - [ ] Tests pass (`bun test`) - [ ] Code formatted (`bun fmt`) - [x] Changes tested locally - zizmor .github/workflows/* --min-severity high ## Related Issues - coder/registry#642 - https://github.com/coder/registry/pull/662 |
||
|
Atif Ali
|
d21f55a322 |
chore: update AGENTS.md with commands and PR review checklist (#663)
## Description Updates AGENTS.md to be more concise (~36 lines) while adding missing commands and a PR review checklist based on recent PR feedback. ## Changes - **Commands section**: Added `bun run tftest`, `bun run tstest`, single test commands, and version-bump script - **Structure section**: Added note that URLs must be relative (from #639) - **Code Style section**: Added `tf` vs `hcl` guidance and relative icon paths - **New PR Review Checklist**: Based on patterns from recent PRs including: - Version bumping requirements (#661, #617) - Breaking changes documentation (#636) - Graceful error handling in scripts (#658) - Diagnostic logging for tests (#643) - **AI attribution requirement**: PRs should note model/tool used ## Type of Change - [ ] New module - [ ] New template - [ ] Bug fix - [ ] Feature/enhancement - [x] Documentation - [ ] Other --- Generated with [Amp](https://ampcode.com/threads/T-019bcb7e-2e92-76f2-a1aa-2023ecdb0763) using Claude Sonnet 4 |
||
|
35C4n0r
|
2e8870bcee |
feat(coder/modules/claude-code): add support for aibridge (#657)
## Description - Add support for AI Bridge ## Type of Change - [ ] New module - [ ] New template - [ ] Bug fix - [x] Feature/enhancement - [ ] Documentation - [ ] Other ## Module Information <!-- Delete this section if not applicable --> **Path:** `registry/coder/modules/claude-code` **New version:** `v4.5.0` **Breaking change:** [ ] Yes [x] No ## Testing & Validation - [x] Tests pass (`bun test`) - [x] Code formatted (`bun fmt`) - [x] Changes tested locally ## Related Issues Closes: #649 --------- Co-authored-by: Atif Ali <atif@coder.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>release/coder/claude-code/v4.5.0 |
||
|
Yevhenii Shcherbina
|
51676b6e62 |
fix: don't implicitly whitelist domains (#661)
- don't implicitly whitelist domains for boundary in claude-code module - bump claude-code module minor versionrelease/coder/claude-code/v4.4.2 |
||
|
Atif Ali
|
a21a4c11b8 | chore(jetbrains-fleet): add deprecation warning for Fleet discontinuation (#659) release/coder/jetbrains-fleet/v1.0.3 | ||
|
35C4n0r
|
b7229a8132 |
fix(coder/modules/claude-code): handle MCP server addition failures gracefully (#658)
## Description - handle MCP server addition failures gracefully - Update agentapi version to 0.11.8 <!-- Briefly describe what this PR does and why --> ## Type of Change - [ ] New module - [ ] New template - [x] Bug fix - [x] Feature/enhancement - [ ] Documentation - [ ] Other ## Module Information <!-- Delete this section if not applicable --> **Path:** `registry/coder/modules/claude-code` **New version:** `v4.4.1` **Breaking change:** [ ] Yes [x] No ## Testing & Validation - [x] Tests pass (`bun test`) - [x] Code formatted (`bun fmt`) - [x] Changes tested locally ## Related Issues Closes: #656release/coder/claude-code/v4.4.1 |
||
|
DevCats
|
44a8c66d94 |
chore: add input for path, and use coder_env for model in claude-code module (#617)
## Description Adds a `claude_path` variable to override the path that the `coder_env` sets for claude-code. Adds a `install_via_npm` variable to override the official installation and use npm to install claude-code ( this doesn't change any behaviour, simply just the options available to the user ) Model now uses `coder_env` to set the `ANTHROPIC_MODEL` env instead of using the `--model` cli flag which did not set the anthropic model globally in the workspace. Normal Usage -> Official Installer Specific Version Set -> NPM Install Install Via NPM -> NPM Install The idea with `claude_path` is that someone who wants to source claude another way can install it and utilize that install in the module. If install is true and a custom path is provided there is a tf precondition that will disallow this. <!-- Briefly describe what this PR does and why --> ## Type of Change - [ ] New module - [ ] New template - [ ] Bug fix - [X] Feature/enhancement - [ ] Documentation - [ ] Other ## Module Information <!-- Delete this section if not applicable --> **Path:** `registry/coder/modules/claude-code` **New version:** `v4.4.0` **Breaking change:** [ ] Yes [X] No ## Testing & Validation - [X] Tests pass (`bun test`) - [X] Code formatted (`bun fmt`) - [X] Changes tested locally ## Related Issues <!-- Link related issues or write "None" if not applicable -->release/coder/claude-code/v4.4.0 |
||
|
DevCats
|
2a40c07c3a |
feat(tests): add e2e test for code-server (#643)
## Description Adds e2e test for code-server that actually installs and health checks code-server <!-- Briefly describe what this PR does and why --> ## Type of Change - [ ] New module - [ ] New template - [ ] Bug fix - [ ] Feature/enhancement - [ ] Documentation - [X] Other ## Testing & Validation - [X] Tests pass (`bun test`) - [X] Code formatted (`bun fmt`) - [X] Changes tested locally ## Related Issues <!-- Link related issues or write "None" if not applicable --> |
||
|
Jakub Domeracki
|
836536eb97 |
chore: add CODEOWNERS and enforce approval for GHA Workflow changes (#654)
## Summary Adds a `CODEOWNERS` file to enforce code review requirements for GitHub Actions workflow changes. - Creates `CODEOWNERS` file designating `@jdomeracki-coder` as owner of `.github/` directory - All changes to GitHub Actions workflows (`.github/` directory) now require approval from the designated code owner - Improves security posture by preventing unauthorized modifications to CI/CD pipelines ## Why this change? GitHub Actions workflows have elevated privileges and can access repository secrets. Requiring explicit approval for workflow changes helps prevent: - Accidental or malicious modifications to CI/CD pipelines - Unauthorized access to secrets - Supply chain security vulnerabilities ## Test plan - [x] Verify CODEOWNERS file is properly formatted - [ ] Test that PRs modifying `.github/` directory require approval from `@jdomeracki-coder` - [ ] Confirm existing PRs not touching `.github/` continue to work normallyrelease/coder-labs/codex/v4.0.0 |
||
|
35C4n0r
|
44d1ae1d1d |
feat(coder-labs/modules/codex): update codex to use coder_ai_task (#653)
## Description - Minor maintenance and update codex to use coder_ai_task. ## Type of Change - [ ] New module - [ ] New template - [ ] Bug fix - [x] Feature/enhancement - [ ] Documentation - [ ] Other ## Module Information <!-- Delete this section if not applicable --> **Path:** `registry/coder-labs/modules/codex` **New version:** `v4.0.0` **Breaking change:** [x] Yes [ ] No ## Testing & Validation - [x] Tests pass (`bun test`) - [x] Code formatted (`bun fmt`) - [x] Changes tested locally ## Related Issues <!-- Link related issues or write "None" if not applicable --> --------- Co-authored-by: Atif Ali <atif@coder.com> |
||
|
dependabot[bot]
|
b91a697ce5 |
chore(deps): bump crate-ci/typos from 1.41.0 to 1.42.0 in the github-actions group (#651)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
Yevhenii Shcherbina
|
8aa54bbee3 |
feat: move boundary configuration to file (#640)
This pull request updates the `claude-code` module to version 4.3.0 and significantly simplifies the configuration and startup logic for the Boundary integration. The changes remove several Boundary-related configuration variables and options, streamlining both Terraform and shell script code. The documentation is updated to reflect these changes and the new version. **Boundary integration simplification:** * Removed multiple Boundary-related variables from `main.tf`, including log directory, log level, additional allowed URLs, proxy port, and pprof options, as well as their usage in the module and test files. (`registry/coder/modules/claude-code/main.tf` [[1]](diffhunk://#diff-e7adc2da34facfd5d16deb23876fca7ae4cb11c8a68a0cfbe37a044bb69932f0L213-L248) [[2]](diffhunk://#diff-e7adc2da34facfd5d16deb23876fca7ae4cb11c8a68a0cfbe37a044bb69932f0L377-L382); `registry/coder/modules/claude-code/main.tftest.hcl` [[3]](diffhunk://#diff-46ca9cfb5cdd077a9c42f7f62ab3f45583196a05edc29838eda0c6bd0ea63edcL198-L210) * Updated the Boundary startup logic in `start.sh` to remove handling and passing of the eliminated variables, resulting in a simpler and more maintainable script. (`registry/coder/modules/claude-code/scripts/start.sh` [[1]](diffhunk://#diff-decfa0cea699ba8bf5e89b60ee677c361d2e9cc8b4792ed54ac1da66b4bd9315L19-L23) [[2]](diffhunk://#diff-decfa0cea699ba8bf5e89b60ee677c361d2e9cc8b4792ed54ac1da66b4bd9315L39-L41) [[3]](diffhunk://#diff-decfa0cea699ba8bf5e89b60ee677c361d2e9cc8b4792ed54ac1da66b4bd9315L232-L260) **Documentation updates:** * Updated all usage examples in `README.md` to reference version 4.3.0 and reflect the new, simplified Boundary configuration. (`registry/coder/modules/claude-code/README.md` [[1]](diffhunk://#diff-3f433388cb775dcc77c38911e23acbd2eb64e26e26c25d46b045724dfe5136bbL16-R16) [[2]](diffhunk://#diff-3f433388cb775dcc77c38911e23acbd2eb64e26e26c25d46b045724dfe5136bbL48-R52) [[3]](diffhunk://#diff-3f433388cb775dcc77c38911e23acbd2eb64e26e26c25d46b045724dfe5136bbL75-R71) [[4]](diffhunk://#diff-3f433388cb775dcc77c38911e23acbd2eb64e26e26c25d46b045724dfe5136bbL111-R107) [[5]](diffhunk://#diff-3f433388cb775dcc77c38911e23acbd2eb64e26e26c25d46b045724dfe5136bbL133-R129) [[6]](diffhunk://#diff-3f433388cb775dcc77c38911e23acbd2eb64e26e26c25d46b045724dfe5136bbL206-R202) [[7]](diffhunk://#diff-3f433388cb775dcc77c38911e23acbd2eb64e26e26c25d46b045724dfe5136bbL263-R259) **Version bump:** * Bumped the module version from 4.2.9 to 4.3.0 throughout all documentation and configuration examples. (`registry/coder/modules/claude-code/README.md` [[1]](diffhunk://#diff-3f433388cb775dcc77c38911e23acbd2eb64e26e26c25d46b045724dfe5136bbL16-R16) [[2]](diffhunk://#diff-3f433388cb775dcc77c38911e23acbd2eb64e26e26c25d46b045724dfe5136bbL48-R52) [[3]](diffhunk://#diff-3f433388cb775dcc77c38911e23acbd2eb64e26e26c25d46b045724dfe5136bbL75-R71) [[4]](diffhunk://#diff-3f433388cb775dcc77c38911e23acbd2eb64e26e26c25d46b045724dfe5136bbL111-R107) [[5]](diffhunk://#diff-3f433388cb775dcc77c38911e23acbd2eb64e26e26c25d46b045724dfe5136bbL133-R129) [[6]](diffhunk://#diff-3f433388cb775dcc77c38911e23acbd2eb64e26e26c25d46b045724dfe5136bbL206-R202) [[7]](diffhunk://#diff-3f433388cb775dcc77c38911e23acbd2eb64e26e26c25d46b045724dfe5136bbL263-R259) --------- Co-authored-by: DevCats <christofer@coder.com>release/coder/claude-code/v4.3.0 |
||
|
imgbot[bot]
|
bbd18ac870 |
[ImgBot] Optimize images (#641)
## Beep boop. Your images are optimized! Your image file size has been reduced 🎉 <details> <summary> Details </summary> | File | Before | After | Percent reduction | |:--|:--|:--|:--| | /.icons/filebrowser.svg | 5.38kb | 3.08kb | 42.76% | | /.icons/nomad.svg | 0.38kb | 0.26kb | 31.79% | | /.icons/vault.svg | 0.49kb | 0.37kb | 24.31% | | /.icons/proxmox.svg | 12.52kb | 9.49kb | 24.23% | | /.icons/copyparty.svg | 8.28kb | 6.32kb | 23.71% | | /.icons/devcontainers.svg | 0.56kb | 0.44kb | 21.39% | | /.icons/openwebui.svg | 0.29kb | 0.23kb | 19.11% | | /.icons/scaleway.svg | 0.89kb | 0.77kb | 13.80% | | /.icons/perplexica.svg | 0.21kb | 0.19kb | 10.65% | | /.icons/positron.svg | 0.71kb | 0.64kb | 10.18% | | /.icons/azure.svg | 2.05kb | 1.86kb | 9.60% | | /.icons/lxc.svg | 1.22kb | 1.12kb | 8.01% | | /.icons/fleet.svg | 5.57kb | 5.23kb | 6.12% | | /.icons/gateway.svg | 4.20kb | 3.99kb | 4.86% | | /.icons/rustdesk.svg | 1.32kb | 1.26kb | 4.65% | | /.icons/tasks.svg | 0.44kb | 0.42kb | 4.42% | | /.icons/kasmvnc.svg | 0.80kb | 0.77kb | 4.27% | | /.icons/dotfiles.svg | 0.59kb | 0.56kb | 3.83% | | /.icons/vsphere.svg | 1.08kb | 1.04kb | 3.69% | | /.icons/rdp.svg | 4.63kb | 4.47kb | 3.40% | | /.icons/mux.svg | 1.75kb | 1.70kb | 2.46% | | /.icons/aws.svg | 3.22kb | 3.14kb | 2.34% | | /.icons/gemini.svg | 2.76kb | 2.71kb | 2.12% | | /.icons/kiro.svg | 1.21kb | 1.19kb | 1.69% | | /.icons/slack.svg | 1.00kb | 0.98kb | 1.37% | | /.icons/digital-ocean.svg | 0.93kb | 0.92kb | 1.15% | | /.icons/amazon-q.svg | 2.09kb | 2.07kb | 0.98% | | /.icons/akamai.svg | 0.83kb | 0.82kb | 0.94% | | /.icons/auto-dev-server.svg | 4.54kb | 4.49kb | 0.93% | | /.icons/desktop.svg | 0.53kb | 0.52kb | 0.93% | | /.icons/sourcegraph-amp.svg | 0.56kb | 0.56kb | 0.87% | | /.icons/nextflow.svg | 0.68kb | 0.67kb | 0.87% | | /registry/coder/.images/avatar.svg | 0.60kb | 0.59kb | 0.82% | | /.icons/coder.svg | 0.60kb | 0.59kb | 0.82% | | /.icons/electric-plug-emoji.svg | 0.24kb | 0.24kb | 0.81% | | /.icons/hetzner.svg | 5.47kb | 5.43kb | 0.80% | | /.icons/cmux.svg | 17.58kb | 17.46kb | 0.72% | | /.icons/box-emoji.svg | 4.62kb | 4.59kb | 0.66% | | /.icons/openai.svg | 2.89kb | 2.87kb | 0.61% | | /.icons/auggie.svg | 4.78kb | 4.75kb | 0.57% | | /.icons/airflow.svg | 3.24kb | 3.23kb | 0.57% | | /.icons/jetbrains.svg | 0.77kb | 0.76kb | 0.51% | | /.icons/git.svg | 0.78kb | 0.78kb | 0.50% | | /.icons/zed.svg | 0.88kb | 0.88kb | 0.44% | | /.icons/pgadmin.svg | 2.95kb | 2.94kb | 0.40% | | /registry/coder/.images/aws-devcontainer-architecture.svg | 123.63kb | 123.14kb | 0.39% | | /registry/coder/.images/gcp-devcontainer-architecture.svg | 123.63kb | 123.15kb | 0.39% | | /.icons/windsurf.svg | 1.11kb | 1.11kb | 0.35% | | /.icons/opencode.svg | 0.56kb | 0.56kb | 0.35% | | /.icons/folder.svg | 0.28kb | 0.28kb | 0.35% | | /registry/coder-labs/.images/avatar.svg | 3.69kb | 3.68kb | 0.32% | | /.icons/jupyter.svg | 6.50kb | 6.48kb | 0.32% | | /.icons/cloud-devops.svg | 35.08kb | 34.99kb | 0.26% | | /cmd/.icons/docker.svg | 1.14kb | 1.13kb | 0.26% | | /.icons/docker.svg | 1.14kb | 1.13kb | 0.26% | | /.icons/exoscale.svg | 0.42kb | 0.42kb | 0.23% | | /.icons/personalize.svg | 1.89kb | 1.89kb | 0.21% | | /cmd/.icons/goose.svg | 3.07kb | 3.07kb | 0.19% | | /.icons/goose.svg | 3.07kb | 3.07kb | 0.19% | | /.icons/nexus-repository.svg | 26.65kb | 26.60kb | 0.18% | | /.icons/claude.svg | 2.80kb | 2.80kb | 0.14% | | /.icons/kubernetes.svg | 7.54kb | 7.53kb | 0.09% | | /.icons/jfrog.svg | 6.76kb | 6.76kb | 0.04% | | /.icons/aider.svg | 14.16kb | 14.16kb | 0.03% | | /.icons/antigravity.svg | 2,346.99kb | 2,346.81kb | 0.01% | | | | | | | **Total :** | **2,827.25kb** | **2,816.16kb** | **0.39%** | </details> --- [📝 docs](https://imgbot.net/docs) | [:octocat: repo](https://github.com/imgbot/ImgBot) | [🙋🏾 issues](https://github.com/imgbot/ImgBot/issues) | [🏪 marketplace](https://github.com/marketplace/imgbot) <i>~Imgbot - Part of [Optimole](https://optimole.com/) family</i> Signed-off-by: ImgBotApp <ImgBotHelp@gmail.com> Co-authored-by: ImgBotApp <ImgBotHelp@gmail.com> |
||
|
Anis
|
82a76de3fc |
add vmware-linux template (#527)
## Description Add Vmware template to coder ## Type of Change - [ ] New module - [x] New template - [ ] Bug fix - [ ] Feature/enhancement - [ ] Documentation - [ ] Other ## Template Information <!-- Delete this section if not applicable --> **Path:** `registry/anis/templates/vmware-linux` ## Testing & Validation - [x] Tests pass (`bun test`) - [x] Code formatted (`bun fmt`) - [x] Changes tested locally https://github.com/user-attachments/assets/ffc787a8-4335-4602-a405-c475f0cad62b ## Related Issues Closes #211 /claim #211 <!-- Link related issues or write "None" if not applicable --> --------- Signed-off-by: Anis KHALFALLAH <khalfallah.anis@hotmail.com> Co-authored-by: DevCats <christofer@coder.com> |
||
|
35C4n0r
|
e8e3a4e642 |
feat(cmd/tests): update tests to fail on invalid and absolute urls (#639)
## Description Updated the tests: - We now don't accept absolute urls (http / https) - We only accept urls that start with `../../../../.icons/*` and exists <!-- Briefly describe what this PR does and why --> ## Type of Change - [ ] New module - [ ] New template - [x] Bug fix - [ ] Feature/enhancement - [ ] Documentation - [ ] Other ## Testing & Validation - [x] Tests pass (`bun test`) - [x] Code formatted (`bun fmt`) - [x] Changes tested locally --------- Co-authored-by: DevCats <christofer@coder.com> |