## Changelog

### Features

- Templates can now be deprecated in "template settings" to warn new users and prevent new workspaces from being created (#10745) (@Emyrk)
  ![Deprecated template](https://gist.github.com/assets/22407953/5883ff54-11a6-4af0-afd3-ad77be1c4dc2)
  > This is an [Enterprise feature](https://coder.com/docs/enterprise).
- Add user/settings page for managing external auth (#10945) (@Emyrk)
  ![External auth settings](https://gist.github.com/assets/22407953/99252719-7255-426e-ba88-55d08dd04586)
- Allow auditors to read template insights (#10860) (@johnstcn)
- Add support for custom permissions in Helm chart `rbac.yaml` file (#10590) (@lbi22)
- Add `workspace_id`, `owner_name` to agent manifest (#10199) (@szab100)
- Allow identity provider to return single string for roles/groups claim (#10993) (@Emyrk)
- Add endpoints to list all auth-ed external apps (#10944) (@Emyrk)
- Support v2 Tailnet API in AGPL coordinator (#11010) (@spikecurtis)
- Dormant workspaces now appear in the default workspaces list (#11053) (@sreya)
- Include server agent API version in buildinfo (#11057) (@spikecurtis)
- Restart stopped workspaces on `coder ssh` command (#11050) (@Emyrk)
- You can now specify an [allowlist for OIDC Groups](https://coder.com/docs/admin/auth#group-allowlist) (#11070) (@Emyrk)
- Display 'Deprecated' warning for agents using old API version (#11058) (@spikecurtis)
- Add support for `coder_env` resource to set environment variables within a workspace (#11102) (@mafredri)
- Handle session signals (#10842) (@mafredri)
- Allow specifying names of provisioner daemons (#11077) (@johnstcn)
- Preserve old agent logs (#10776) (@ammario)
- Store workspace proxy version in the database (#10790) (@johnstcn)
- Add `last_seen_at` and version to provisioner_daemons table (#11033) (@johnstcn)
- New layout for web-based template editor (#10912) (@BrunoQuaresma)
  ![Template editor layout](https://gist.github.com/assets/22407953/0351f0bd-6872-4186-a704-a403048e5758)
- Add `arm64` and `amd64` portable binaries to `winget` (#11030) (@matifali)
- Add claims to oauth link in db for debug (#10827) (@Emyrk)
- Change login screen layout (#10768) (@BrunoQuaresma)

### Bug fixes

- Automatically purge inactive provisioner daemons after 7 days (#10949) (@mtojek)
- All migrations run in a transaction to avoid broken migrations (#10966) (@coadler)
- Set `ignore_changes` on EC2 example templates (#10773) (@ericpaulsen)
- Stop redirecting DERP and replicasync http requests (#10752) (@spikecurtis)
- Prevent alt text from appearing if OIDC icon fail to load (#10792) (@Parkreiner)
- Fix insights metrics comparison (#10800) (@mtojek)
- Clarify language in orphan section of delete modal (#10764) (@Kira-Pilot)
- Prevent change in defaults if user unsets in template edit (#10793) (@Emyrk)
- Only update last_used_at when connection count > 0 (#10808) (@sreya)
- Update workspace cleanup flag names for template cmds (#10805) (@sreya)
- Give SSH stdio sessions a chance to close before closing netstack (#10815) (@spikecurtis)
- Preserve order of node reports in healthcheck (#10835) (@mtojek)
- Enable FeatureHighAvailability if it is licensed (#10834) (@spikecurtis)
- Skip autostart for suspended/dormant users (#10771) (@coadler)
- Display explicit 'retry' button(s) when a workspace fails (#10720) (@Parkreiner)
- Improve exit codes for agent/agentssh and cli/ssh (#10850) (@mafredri)
- Detect and retry reverse port forward on used port (#10844) (@spikecurtis)
- Document workspace filter query param correctly (#10894) (@Kira-Pilot)
- Hide groups in account page if not enabled (#10898) (@Parkreiner)
- Add spacing for yes/no prompts (#10907) (@f0ssel)
- Numerical validation grammar (#10924) (@ericpaulsen)
- Insert replica when removed by cleanup (#10917) (@f0ssel)
- Update autostart context to include querying users (#10929) (@sreya)
- Clear workspace name validation on field dirty (#10927) (@Kira-Pilot)
- Redirect to new url after template name update (#10926) (@Kira-Pilot)
- Do not allow selection of unsuccessful versions (#10941) (@f0ssel)
- Parse username/workspace correctly on `coder state pull --build` (#10973) (#10974) (@spikecurtis)
- Handle 404 on unknown top level routes (#10964) (@f0ssel)
- FIX `UpdateWorkspaceDormantDeletingAt` interval out of range (#11000) (@coadler)
- Create centralized PaginationContainer component (#10967) (@Parkreiner)
- Use database for user creation to prevent flake (#10992) (@f0ssel)
- Pass in time parameter to prevent flakes (#11023) (@f0ssel)
- Respect header flags in wsproxy server (#10985) (@deansheather)
- Update tailscale to include fix to prevent race (#11032) (@spikecurtis)
- Disable prefetches for audits table (#11040) (@Parkreiner)
- Increase default staleTime for paginated data (#11041) (@Parkreiner)
- Display app templates correctly in build preview (#10994) (@Kira-Pilot)
- Redirect unauthorized git users to login screen (#10995) (@Kira-Pilot)
- Use unique workspace owners over unique users (#11044) (@f0ssel)
- Avoid updating agent stats from deleted workspaces (#11026) (@f0ssel)
- Track JetBrains connections (#10968) (@code-asher)
- Handle no memory limit in `coder stat mem` (#11107) (@f0ssel)
- Provide helpful error when no login url specified (#11110) (@f0ssel)
- Return 403 when rebuilding workspace with require_active_version (#11114) (@sreya)
- Use provisionerd context when failing job on canceled acquire (#11118) (@spikecurtis)
- Ensure we are talking to coder on first user check (#11130) (@f0ssel)
- Prevent logging error for query cancellation in `watchWorkspaceAgentMetadata` (#10843) (@mafredri)
- Disable CODER_DERP_SERVER_STUN_ADDRESSES correctly (#10840) (@strike)
- Remove anchor links from headings in admin/healthcheck.md (#10975) (@johnstcn)
- Use mtime instead of atime (#10893) (#10892) (@johnstcn)
- Correctly interpret timezone based on offset in `formatOffset` (#10797) (@mafredri)
- Use correct default insights time for day interval (#10837) (@mafredri)
- Fix filter font size (#11028) (@BrunoQuaresma)
- Fix padding for loader (#11046) (@BrunoQuaresma)
- Fix template editor route (#11063) (@BrunoQuaresma)
- Use correct permission when determining orphan deletion privileges (#11143) (@sreya)

### Documentation

- Align CODER_HTTP_ADDRESS with document (#10779) (@JounQin)
- Migrate all deprecated `CODER_ADDRESS `to `CODER_HTTP_ADDRESS` (#10780) (@JounQin)
- Add documentation for template update policies (experimental) (#10804) (@sreya)
- Fix typo in additional-clusters.md (#10868) (@bpmct)
- Update FE guide (#10942) (@BrunoQuaresma)
- Add warning about Sysbox before installation (#10619) (@bartonip)
- Add license and template insights prometheus metrics (#11109) (@ericpaulsen)
- Add documentation for template update policies (#11145) (@sreya)

### Other changes

- Document suspended users not consuming seat (#11045) (@ericpaulsen)
- Fix small typo in docs/admin/configure (#11135) (@stirby)

Compare: [`v2.4.0...v2.5.0`](https://github.com/coder/coder/compare/v2.4.0...v2.5.0)

## Container image

- `docker pull ghcr.io/coder/coder:v2.5.0`

## Install/upgrade

Refer to our docs to [install](https://coder.com/docs/install) or [upgrade](https://coder.com/docs/admin/upgrade) Coder, or use a release asset below.