Currently we query only the underlying host's memory usage for our
memory resource monitor. This PR changes that to check if the workspace
is in a container, and if so it queries the container's memory usage,
falling back to the host's memory usage if not.
Fixes an oversight in https://github.com/coder/coder/pull/17032
The FE has logic to replace the string `$SESSION_TOKEN` with a
newly-minted session token.
This adds corresponding logic to the `coder open app` command.
Bumps [next](https://github.com/vercel/next.js) from 14.2.23 to 14.2.25.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vercel/next.js/releases">next's
releases</a>.</em></p>
<blockquote>
<h2>v14.2.25</h2>
<blockquote>
<p>[!NOTE]<br />
This release is backporting bug fixes. It does <strong>not</strong>
include all pending features/changes on canary.
This release contains a security patch for <a
href="https://github.com/vercel/next.js/security/advisories/GHSA-f82v-jwr5-mffw">CVE-2025-29927</a>.</p>
</blockquote>
<h3>Core Changes</h3>
<ul>
<li>Update middleware request header (<a
href="https://redirect.github.com/vercel/next.js/issues/77202">#77202</a>)</li>
</ul>
<h3>Credits</h3>
<p>Huge thanks to <a
href="https://github.com/ijjk"><code>@ijjk</code></a> for helping!</p>
<h2>v14.2.24</h2>
<blockquote>
<p>[!NOTE]<br />
This release is backporting bug fixes. It does <strong>not</strong>
include all pending features/changes on canary.</p>
</blockquote>
<h3>Core Changes</h3>
<ul>
<li>fix: ensure lint worker errors aren't silenced (<a
href="https://redirect.github.com/vercel/next.js/issues/75779">#75779</a>)</li>
<li>add additional x-middleware-set-cookie filtering (<a
href="https://redirect.github.com/vercel/next.js/issues/75561">#75561</a>
& <a
href="https://redirect.github.com/vercel/next.js/issues/73482">#73482</a>)</li>
</ul>
<h3>Credits</h3>
<p>Huge thanks to <a
href="https://github.com/ztanner"><code>@ztanner</code></a> for
helping!</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d36a1f3c35"><code>d36a1f3</code></a>
v14.2.25</li>
<li><a
href="5fd3ae8f85"><code>5fd3ae8</code></a>
[backport] Update middleware request header (<a
href="https://redirect.github.com/vercel/next.js/issues/77202">#77202</a>)</li>
<li><a
href="756be15c4c"><code>756be15</code></a>
v14.2.24</li>
<li><a
href="ba6453d5ef"><code>ba6453d</code></a>
fix corepack keys</li>
<li><a
href="c482c2072f"><code>c482c20</code></a>
[backport v14] fix: ensure lint worker errors aren't silenced (<a
href="https://redirect.github.com/vercel/next.js/issues/75766">#75766</a>)
(<a
href="https://redirect.github.com/vercel/next.js/issues/75779">#75779</a>)</li>
<li><a
href="5791cb6778"><code>5791cb6</code></a>
[Backport v14] add additional x-middleware-set-cookie filtering (<a
href="https://redirect.github.com/vercel/next.js/issues/75561">#75561</a>)
(<a
href="https://redirect.github.com/vercel/next.js/issues/75">#75</a>...</li>
<li><a
href="8129a61880"><code>8129a61</code></a>
test: fix eslint plugin test (<a
href="https://redirect.github.com/vercel/next.js/issues/75687">#75687</a>)</li>
<li>See full diff in <a
href="https://github.com/vercel/next.js/compare/v14.2.23...v14.2.25">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts page](https://github.com/coder/coder/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [github.com/golang-jwt/jwt/v4](https://github.com/golang-jwt/jwt)
from 4.5.1 to 4.5.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/golang-jwt/jwt/releases">github.com/golang-jwt/jwt/v4's
releases</a>.</em></p>
<blockquote>
<h2>v4.5.2</h2>
<p>See <a
href="https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp">https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp</a></p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/golang-jwt/jwt/compare/v4.5.1...v4.5.2">https://github.com/golang-jwt/jwt/compare/v4.5.1...v4.5.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="2f0e9add62"><code>2f0e9ad</code></a>
Backporting 0951d18 to v4</li>
<li>See full diff in <a
href="https://github.com/golang-jwt/jwt/compare/v4.5.1...v4.5.2">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts page](https://github.com/coder/coder/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
**Issue:**
The UI was creating two web socket connections to receive notification
updates causing duplicated values.
**Cause:**
We were rendering the notification container twice. One for the desktop
nav and another for mobile.
**Fix:**
Only use one notification container for the nav.
**Improvements for later:**
I think would be better at some point to move the networking and data
logic into a provider but it would require testing and some tiny rework.
Since the actual fix works well, and it is not complex or difficult, I
think it is ok to stay with it until we require to load notifications in
more places.
Users need to see older notifications, so to make that happen, we added
a load more button at the end of the notifications list.
**Demo:**
https://github.com/user-attachments/assets/bd3d7964-a8f5-4164-8da0-9ba89ae88c9c
**What is missing?**
As you can notice, I didn't add tests for this feature. I tried, but I
didn't find a good solution for testing scroll events. However I was
able to get it working, but it was too cumbersome that I decided to
remove because of its maintenence burden.
This PR aims to allow clients to use different format for the title and
content of inbox notifications - on the watch endpoint.
This solution will help to have it working and formatted differently on
VSCode, WebUI ...
[Related to this issue](https://github.com/coder/internal/issues/523)
Fixes https://github.com/coder/coder/issues/17009
Adds a CLI command `coder open app <workspace> <app-slug>` that allows
opening arbitrary `coder_apps` via the CLI.
Users can optionally specify a region for workspace
applications.
This PR aimes to [fix this
issue](https://github.com/coder/internal/issues/448) -
The main idea is to remove greetings from templates stored in the DB -
and instead push it into the template for require methods - for now
SMTP.
Updating golden files is an unnecessary extra step in addition to gen
that is easily overlooked, leading to the developer noticing the issue
in CI leading to lost developer time waiting for tests to complete.
Add the `--github-user-id` option to `coder users list`, which makes the
command only return users with a matching GitHub user id. This will
enable https://github.com/coder/start-workspace-action to find a Coder
user that corresponds to a GitHub user requesting to start a workspace.
This change allows specifying devcontainers in terraform and plumbs it
through to the agent via agent manifest.
This will be used for autostarting devcontainers in a workspace.
Depends on coder/terraform-provider-coder#368
Updates #16423
When DeviceFlow with GitHub OAuth2 is configured, the
`api.GithubOAuth2Config.AuthCode` is
[overridden](b08c8c9e1e/coderd/userauth.go (L779))
and returns a value that doesn't pass the `IsGithubDotComURL` check.
This PR ensures the original `AuthCodeURL` method is used instead.
## Summary
- Add UserTailnetConnection struct to track desktop client connections
- Add new field to Snapshot struct for telemetry
- Data collection to be implemented in a future PR
relates to coder/nexus#197
[Resolve this issue](https://github.com/coder/internal/issues/506)
Add a mark-all-as-read endpoint which is marking as read all
notifications that are not read for the authenticated user.
Also adds the DB logic.
This PR closes https://github.com/coder/coder/issues/16953.
Reselecting a preset that was already the selected preset returned an
undefined option to the onSelect function. We then tried to read an
attribute of this undefined value. With this fix, we handle the
undefined option correctly.
When having a bunch of notifications and the user is scrolling down the
content it is helpful to keep the header visible so the user can easily
mark all of them as read if they want to.
After dogfooding the notifications we noticed that admins will probably
have a larger number of unread notifications everyday so with that in
mind we decided to increase the "truncate" rate from 9+ to 99+.
The workflow triggers when an issue is created or a comment is posted.
If the string "@coder" appears in the body of the issue or comment, a
Coder workspace owned by the issue creator or commentator will be
created with the parameters specified in the workflow.
Currently the `targets` column in `inbox_notifications` doesn't get
filled. This PR fixes that. Rather than give targets special treatment,
we should put it in the payload like everything else. This correctly
propagates notification targets to the inbox table without much code
change.
**Preview:**
<img width="479" alt="Screenshot 2025-03-18 at 10 38 25"
src="https://github.com/user-attachments/assets/2e4cb48e-3606-478c-a68d-13465789330b"
/>
[Figma
file](https://www.figma.com/design/5kRpzK8Qr1k38nNz7H0HSh/Inbox-notifications?node-id=1-2726&t=PUsQwLrwyzXUxhf1-0)
**This PR adds:**
- Notification widget in the navbar
- Show notifications
- Option to mark each notification as read
- Update notifications in realtime
**What is next?**
- Option to mark all the notifications as read at once
- Option to load previous notifications - Right now, it only shows the
latest 25 notifications
- Having custom icons for each type of notification
**And about tests?**
The notification widget components are well covered by the current
stories, but we definitely want to have e2e tests for it. However, in my
recent projects, I found more useful to ship the UI features first, get
feedback, change whatever needs to be changed, and then, add the e2e
tests to avoid major rework.
Related to https://github.com/coder/internal/issues/336
* Improves separation of concerns between `runDockerInspect` and
`convertDockerInspect`: `runDockerInspect` now just runs the command and
returns the output, while `convertDockerInspect` now does all of the
conversion and parsing logic.
* Improves testing of `convertDockerInspect` using real test fixtures.
* Fixes issue where the container port is returned instead of the host
port.
* Updates UI to link to correct host port. Container port is still
displayed in the button text, but the HostIP:HostPort is shown in a
popover.
* Adds stories for workspace agent UI
