[pull] main from coder:main #103

pull · 2025-07-21T17:46:09Z

See Commits and Changes for more details.

Created by pull[bot] (v2.0.0-alpha.3)

Can you help keep this open source service alive? 💖 Please sponsor : )

#18932) Fixes coder/internal#521 This happened due to a race condition present in how `AwaitWorkspaceBuildJobCompleted` works. `AwaitWorkspaceBuildJobCompleted` works by waiting until `/api/v2/workspacesbuilds/{workspacebuild}/` returns a workspace build with `.Job.CompletedAt != nil`. The issue here is that _sometimes_ the returned `codersdk.WorkspaceBuild` can contain a build from _before_ a provisioner job completed, but contain the provisioner job from _after_ it completed. Let me demonstrate: Here we query the database for `database.WorkspaceBuild`. https://github.com/coder/coder/blob/a3f64f74f794c733126ad21cd1feb0801caf67c4/coderd/coderd.go#L1409-L1415 Inside of the `workspaceBuild` route handler, we call `workspaceBuildsData` https://github.com/coder/coder/blob/a3f64f74f794c733126ad21cd1feb0801caf67c4/coderd/workspacebuilds.go#L54 This then calls `GetProvisionerJobsByIDsWithQueuePosition` https://github.com/coder/coder/blob/a3f64f74f794c733126ad21cd1feb0801caf67c4/coderd/workspacebuilds.go#L852-L856 As these two calls happen _outside of a transaction_, the state of the world can change underneath. This can result in an in-progress workspace build having a completed provisioner job attached to it.

…18787) This PR starts running the full test suite on Windows and macOS in the nightly gauntlet, since the regular CI only runs agent and cli tests. The full suite is too slow to be run on every PR.

Bumps [github.com/mark3labs/mcp-go](https://github.com/mark3labs/mcp-go) from 0.33.0 to 0.34.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/mark3labs/mcp-go/releases">github.com/mark3labs/mcp-go's releases</a>.</em></p> <blockquote> <h2>v0.34.0</h2> <h2>What's Changed</h2> <ul> <li>fix(streamable_http): ensure graceful shutdown to prevent close reque… by <a href="https://github.com/sunerpy"><code>@sunerpy</code></a> in <a href="https://redirect.github.com/mark3labs/mcp-go/pull/477">mark3labs/mcp-go#477</a></li> <li>fix(streamble_http) SendNotification not work bug by <a href="https://github.com/Robin-ZMH"><code>@Robin-ZMH</code></a> in <a href="https://redirect.github.com/mark3labs/mcp-go/pull/473">mark3labs/mcp-go#473</a></li> <li>refactor: replace fmt.Errorf with TransportError wrapper by <a href="https://github.com/AdamShannag"><code>@AdamShannag</code></a> in <a href="https://redirect.github.com/mark3labs/mcp-go/pull/486">mark3labs/mcp-go#486</a></li> <li>fix <code>Content-Type: application/json; charset=utf-8</code> error by <a href="https://github.com/oldweipro"><code>@oldweipro</code></a> in <a href="https://redirect.github.com/mark3labs/mcp-go/pull/478">mark3labs/mcp-go#478</a></li> <li>feat: Inprocess sampling support by <a href="https://github.com/ezynda3"><code>@ezynda3</code></a> in <a href="https://redirect.github.com/mark3labs/mcp-go/pull/487">mark3labs/mcp-go#487</a></li> <li>feat: support in tool result handling & update example by <a href="https://github.com/CocaineCong"><code>@CocaineCong</code></a> in <a href="https://redirect.github.com/mark3labs/mcp-go/pull/467">mark3labs/mcp-go#467</a></li> <li>feat(logging): add support for send log message notifications and implemented the <code>SessionWithLogging</code> interface on <code>streamableHttpSession</code> by <a href="https://github.com/sunerpy"><code>@sunerpy</code></a> in <a href="https://redirect.github.com/mark3labs/mcp-go/pull/484">mark3labs/mcp-go#484</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/sunerpy"><code>@sunerpy</code></a> made their first contribution in <a href="https://redirect.github.com/mark3labs/mcp-go/pull/477">mark3labs/mcp-go#477</a></li> <li><a href="https://github.com/Robin-ZMH"><code>@Robin-ZMH</code></a> made their first contribution in <a href="https://redirect.github.com/mark3labs/mcp-go/pull/473">mark3labs/mcp-go#473</a></li> <li><a href="https://github.com/AdamShannag"><code>@AdamShannag</code></a> made their first contribution in <a href="https://redirect.github.com/mark3labs/mcp-go/pull/486">mark3labs/mcp-go#486</a></li> <li><a href="https://github.com/oldweipro"><code>@oldweipro</code></a> made their first contribution in <a href="https://redirect.github.com/mark3labs/mcp-go/pull/478">mark3labs/mcp-go#478</a></li> <li><a href="https://github.com/CocaineCong"><code>@CocaineCong</code></a> made their first contribution in <a href="https://redirect.github.com/mark3labs/mcp-go/pull/467">mark3labs/mcp-go#467</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/mark3labs/mcp-go/compare/v0.33.0...v0.34.0">https://github.com/mark3labs/mcp-go/compare/v0.33.0...v0.34.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mark3labs/mcp-go/commit/ffea75ff8133a2efec8ae549f0a5bc25cd27f8a4"><code>ffea75f</code></a> feat(logging): add support for send log message notifications and implemented...</li> <li><a href="https://github.com/mark3labs/mcp-go/commit/e859847efc844f904dac49f8220cb5c911ffed91"><code>e859847</code></a> feat: support in tool result handling & update example (<a href="https://redirect.github.com/mark3labs/mcp-go/issues/467">#467</a>)</li> <li><a href="https://github.com/mark3labs/mcp-go/commit/9c352bd3f37f776d3390b22957da4ad114f114b1"><code>9c352bd</code></a> feat: Inprocess sampling support (<a href="https://redirect.github.com/mark3labs/mcp-go/issues/487">#487</a>)</li> <li><a href="https://github.com/mark3labs/mcp-go/commit/78eb7a3c790dc7de26b9d61039a9527ef4022833"><code>78eb7a3</code></a> fix <code>Content-Type: application/json; charset=utf-8</code> error (<a href="https://redirect.github.com/mark3labs/mcp-go/issues/478">#478</a>)</li> <li><a href="https://github.com/mark3labs/mcp-go/commit/c8c52a8c25536b4cdc1ad7725338a5b0d336f13f"><code>c8c52a8</code></a> refactor: replace fmt.Errorf with TransportError wrapper (<a href="https://redirect.github.com/mark3labs/mcp-go/issues/486">#486</a>)</li> <li><a href="https://github.com/mark3labs/mcp-go/commit/65df1b095c8274f7cb0997fbd1a7bdbf12a2fc43"><code>65df1b0</code></a> fix(streamble_http) SendNotification not work bug (<a href="https://redirect.github.com/mark3labs/mcp-go/issues/473">#473</a>)</li> <li><a href="https://github.com/mark3labs/mcp-go/commit/2d479bb4995a6279223c524f27ad94bf7e7a30cd"><code>2d479bb</code></a> Merge pull request <a href="https://redirect.github.com/mark3labs/mcp-go/issues/477">#477</a> from sunerpy/main</li> <li><a href="https://github.com/mark3labs/mcp-go/commit/bee9f90bab8622796cb7e9348acdaaebcc3cd7ed"><code>bee9f90</code></a> fix(streamable_http): ensure graceful shutdown to prevent close request errors</li> <li><a href="https://github.com/mark3labs/mcp-go/commit/56f25011a0a97b4bb60e7742f017ce0ce098ae66"><code>56f2501</code></a> fix quick-start</li> <li>See full diff in <a href="https://github.com/mark3labs/mcp-go/compare/v0.33.0...v0.34.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/mark3labs/mcp-go&package-manager=go_modules&previous-version=0.33.0&new-version=0.34.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github.com/valyala/fasthttp](https://github.com/valyala/fasthttp) from 1.63.0 to 1.64.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/valyala/fasthttp/releases">github.com/valyala/fasthttp's releases</a>.</em></p> <blockquote> <h2>v1.64.0</h2> <h2>⚠️ Deprecation warning! ⚠️</h2> <p>In the next version of fasthttp headers delimited by just <code>\n</code> (instead of <code>\r\n</code>) are no longer supported!</p> <h2>What's Changed</h2> <ul> <li>Add warning for deprecated newline separator by <a href="https://github.com/erikdubbelboer"><code>@erikdubbelboer</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/2031">valyala/fasthttp#2031</a></li> <li>refact: eliminate duplication in Request/Response via struct embedding by <a href="https://github.com/ksw2000"><code>@ksw2000</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/2027">valyala/fasthttp#2027</a></li> <li>chore(deps): bump golang.org/x/sys from 0.33.0 to 0.34.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/valyala/fasthttp/pull/2034">valyala/fasthttp#2034</a></li> <li>chore(deps): bump golang.org/x/crypto from 0.39.0 to 0.40.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/valyala/fasthttp/pull/2036">valyala/fasthttp#2036</a></li> <li>chore(deps): bump golang.org/x/net from 0.41.0 to 0.42.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/valyala/fasthttp/pull/2035">valyala/fasthttp#2035</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/valyala/fasthttp/compare/v1.63.0...v1.64.0">https://github.com/valyala/fasthttp/compare/v1.63.0...v1.64.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/valyala/fasthttp/commit/b1a54c8de5720d048bc2cc9aef47903bda171a9e"><code>b1a54c8</code></a> chore(deps): bump golang.org/x/net from 0.41.0 to 0.42.0 (<a href="https://redirect.github.com/valyala/fasthttp/issues/2035">#2035</a>)</li> <li><a href="https://github.com/valyala/fasthttp/commit/7ac856f71f3b3f8a0df682af0d3d09c88bf0519b"><code>7ac856f</code></a> chore(deps): bump golang.org/x/crypto from 0.39.0 to 0.40.0 (<a href="https://redirect.github.com/valyala/fasthttp/issues/2036">#2036</a>)</li> <li><a href="https://github.com/valyala/fasthttp/commit/2a917b661a90127b84796d80fc30d4e70845ecfa"><code>2a917b6</code></a> chore(deps): bump golang.org/x/sys from 0.33.0 to 0.34.0 (<a href="https://redirect.github.com/valyala/fasthttp/issues/2034">#2034</a>)</li> <li><a href="https://github.com/valyala/fasthttp/commit/a3c9dab7573946aa0afcee62d94fbfb58e3c4c2c"><code>a3c9dab</code></a> Add warning for deprecated newline separator (<a href="https://redirect.github.com/valyala/fasthttp/issues/2031">#2031</a>)</li> <li><a href="https://github.com/valyala/fasthttp/commit/eb1f908d9764ef1a355bab13ed83ce7cfc5e793e"><code>eb1f908</code></a> refact: eliminate duplication in Request/Response via struct embedding (<a href="https://redirect.github.com/valyala/fasthttp/issues/2027">#2027</a>)</li> <li>See full diff in <a href="https://github.com/valyala/fasthttp/compare/v1.63.0...v1.64.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/valyala/fasthttp&package-manager=go_modules&previous-version=1.63.0&new-version=1.64.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…18942) Bumps the x group with 1 update: [golang.org/x/tools](https://github.com/golang/tools). Updates `golang.org/x/tools` from 0.34.0 to 0.35.0 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/golang/tools/commit/50ec2f15fda46d8960c1d871856265127b4dcce5"><code>50ec2f1</code></a> go.mod: update golang.org/x dependencies</li> <li><a href="https://github.com/golang/tools/commit/197c6c1b47160df25b9cd6598d88525c27a01e5a"><code>197c6c1</code></a> gopls/internal/mcp: more tuning of tools and prompts</li> <li><a href="https://github.com/golang/tools/commit/9563af690255d5b5f7802773c0853f1176130da4"><code>9563af6</code></a> gopls/internal/mcp: include module paths in workspace summaries</li> <li><a href="https://github.com/golang/tools/commit/88a4eb3018821e07f501b483e0f6f4eac4146198"><code>88a4eb3</code></a> gopls/internal/cmd: wait for startup log in TestMCPCommandHTTP</li> <li><a href="https://github.com/golang/tools/commit/4738c7c0b1a53ae0c0fa248a8c31d2a07922dc9b"><code>4738c7c</code></a> gopls/internal/cmd: avoid the use of channels in the sessions API</li> <li><a href="https://github.com/golang/tools/commit/ae1841752658d1d164b5926e72b2b0751fe5db17"><code>ae18417</code></a> gopls/internal/filewatcher: skip test for unsupported OS</li> <li><a href="https://github.com/golang/tools/commit/8391b17713e95ac9bc23d8de7c0303b11c4a190b"><code>8391b17</code></a> gopls/doc: document Zed editor</li> <li><a href="https://github.com/golang/tools/commit/778fe21d5d9f021763cced9defde671c6329d921"><code>778fe21</code></a> gopls/internal/util/tokeninternal: move from internal/tokeninternal</li> <li><a href="https://github.com/golang/tools/commit/0343b7064dcefd5b28e53395fa70768990cc71fb"><code>0343b70</code></a> internal/jsonrpc2/stack: move from internal/stack</li> <li><a href="https://github.com/golang/tools/commit/8c9f4cc0c2a00d508755a558cf73e0dab8d78863"><code>8c9f4cc</code></a> gopls/internal/filewatcher: refactor filewatcher to pass in handler func</li> <li>Additional commits viewable in <a href="https://github.com/golang/tools/compare/v0.34.0...v0.35.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golang.org/x/tools&package-manager=go_modules&previous-version=0.34.0&new-version=0.35.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…18832) Fixes coder/internal#715 Follow-up from #18717 Now that we've determined the updated query is safe, remove the duplication.

…d/coder (#18945) [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=coder/coder-login/coder&package-manager=terraform&previous-version=1.0.15&new-version=v1.0.30)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…der (#18943) [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=coder/dotfiles/coder&package-manager=terraform&previous-version=1.0.29&new-version=v1.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…#18944) [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=coder/cursor/coder&package-manager=terraform&previous-version=1.1.0&new-version=v1.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…oder (#18946) [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=coder/vscode-web/coder&package-manager=terraform&previous-version=1.2.0&new-version=v1.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…oder (#18947) [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=coder/git-clone/coder&package-manager=terraform&previous-version=1.0.18&new-version=v1.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…coder (#18957) [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=coder/personalize/coder&package-manager=terraform&previous-version=1.0.2&new-version=1.0.30)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…er-envbuilder (#18961) [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=coder/slackme/coder&package-manager=terraform&previous-version=1.0.2&new-version=v1.0.30)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

#18956) [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=coder/slackme/coder&package-manager=terraform&previous-version=1.0.2&new-version=1.0.30)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…/coder-envbuilder (#18959) [//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=coder/personalize/coder&package-manager=terraform&previous-version=1.0.2&new-version=v1.0.30)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

#18958) [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=coder/windsurf/coder&package-manager=terraform&previous-version=1.0.0&new-version=1.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…coder-envbuilder (#18960) [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=coder/code-server/coder&package-manager=terraform&previous-version=1.2.0&new-version=v1.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…/coder-envbuilder (#18963) [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=coder/filebrowser/coder&package-manager=terraform&previous-version=1.0.31&new-version=v1.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…der-envbuilder (#18965) [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=coder/dotfiles/coder&package-manager=terraform&previous-version=1.0.29&new-version=v1.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…d/coder-envbuilder (#18962) [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=coder/coder-login/coder&package-manager=terraform&previous-version=1.0.15&new-version=v1.0.30)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

) Updates the dogfood envbuilder template to pull modules from `dev.registry.coder.com` instead of `registry.coder.com` to match the regular dogfood template. This ensures consistency between both dogfood templates and uses the development registry for testing new module versions. Co-authored-by: blink-so[bot] <211532188+blink-so[bot]@users.noreply.github.com> Co-authored-by: matifali <10648092+matifali@users.noreply.github.com>

DanielleMaywood and others added 27 commits July 21, 2025 13:04

chore: run full macos and windows pg tests in the nightly gauntlet (#…

ceb4b97

…18787) This PR starts running the full test suite on Windows and macOS in the nightly gauntlet, since the regular CI only runs agent and cli tests. The full suite is too slow to be run on every PR.

chore: replace original GetPrebuiltWorkspaces with optimized version (#…

198d50d

…18832) Fixes coder/internal#715 Follow-up from #18717 Now that we've determined the updated query is safe, remove the duplication.

chore: add CodeRabbit config with disabled auto-reviews (#18949)

4ac6be6

chore: bump github.com/go-chi/chi/v5 from 5.1.0 to 5.2.2 (#18475)

e6b3b59

chore: remove site/ CODEOWNERS entry (#18954)

a9b110d

chore: update CLAUDE.md to discourage time.Sleep (#18967)

40a6367

pull bot locked and limited conversation to collaborators Jul 21, 2025

pull bot added the ⤵️ pull label Jul 21, 2025

pull bot merged commit 40a6367 into jango-blockchained:main Jul 21, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[pull] main from coder:main #103

[pull] main from coder:main #103

pull bot commented Jul 21, 2025 •

edited

Loading

Uh oh!

Uh oh!

[pull] main from coder:main #103

[pull] main from coder:main #103

Conversation

pull bot commented Jul 21, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Uh oh!

pull bot commented Jul 21, 2025 •

edited

Loading