Skip to content

Releases: coder/coder

v2.35.2

Choose a tag to compare

@github-actions github-actions released this 14 Jul 08:13
Immutable release. Only release title and notes can be modified.
5c2838a

Changelog

Note

This is a mainline Coder release. We advise enterprise customers without a staging environment to install our latest stable release while we refine this version. Learn more about our Release Schedule.

Bug fixes

Documentation

Compare: v2.35.1...v2.35.2

Container image

  • docker pull ghcr.io/coder/coder:2.35.2

Install/upgrade

Refer to our docs to install or upgrade Coder, or use a release asset below.

v2.34.6

Choose a tag to compare

@github-actions github-actions released this 14 Jul 08:40
Immutable release. Only release title and notes can be modified.
660dc56

Stable (since July 14, 2026)

Changelog

Bug fixes

Compare: v2.34.5...v2.34.6

Container image

  • docker pull ghcr.io/coder/coder:2.34.6

Install/upgrade

Refer to our docs to install or upgrade Coder, or use a release asset below.

v2.35.1

Choose a tag to compare

@github-actions github-actions released this 07 Jul 19:16
Immutable release. Only release title and notes can be modified.
8b44bd6

Changelog

Note

This is a mainline Coder release. We advise enterprise customers without a staging environment to install our latest stable release while we refine this version. Learn more about our Release Schedule.

BREAKING CHANGES

  • Chat stream silence timeout error renamed (#25973)

    The Agents chat error kind startup_timeout has been renamed to stream_silence_timeout to reflect that the timeout now applies to any gap between provider stream parts, not just first-token startup.
    Migration: Clients matching on the startup_timeout error kind should update to stream_silence_timeout. This is a minor API-only change; the dashboard handles it automatically.

  • OIDC login rejects non-boolean or absent email_verified (#25713)

    The OIDC callback previously used a Go type assertion for email_verified that silently treated missing or string-typed values (e.g. "false") as verified. The check is now fail-closed: absent claims, unrecognized types, or non-truthy values are treated as unverified and rejected. The fix adds coerceEmailVerified() which handles bool, string ("true"/"false"/"1"/"0" via strconv.ParseBool), float64, json.Number, and integer variants.
    Migration: The migration is automatic for most of the deployments. However, if the IdP has non-static user IDs, then the admins may need to use the CODER_DANGEROUS_OIDC_SKIP_ISSUER_CHECKS. Please note that it is advised to not use this flag and allow for the automated migration to take care of things.

  • OIDC/GitHub email fallback restricted to first-time linking (#25712)

    findLinkedUser previously fell back to email-based lookup for all logins, not just first-time linking. An attacker who registers the victim's email at the IdP (with a different OIDC subject) could bypass linked_id and match to the victim's account. The fallback now returns no user when an existing user_link has a populated linked_id that differs from the current login. Accounts with empty (legacy, pre-migration) linked_id are unaffected and are backfilled on their next successful login.
    Migration: The most likely trigger is changing CODER_OIDC_ISSUER_URL (because linked_id is issuer||subject), or two IdP identities sharing one email. Affected users will see a 403 on login. Admins can use the new OIDC link repair CLI (coder exp oidc-link-repair) to re-link accounts. See also CODER_OIDC_INSECURE_EMAIL_FALLBACK for IdP broker scenarios (#26751).

  • HostnameSuffix and SSHConfigOptions validated at startup (#26154)

    Server-side validation has been added for CODER_CONFIGSSH_HOSTNAME_SUFFIX and CODER_SSH_CONFIG_OPTIONS. Invalid values will now cause coderd to exit with an error on startup. Client-side, coder config-ssh will also exit with an error if it detects invalid config. Relevant CLI reference: https://github.com/coder/coder/blob/2778abec4be28ff2f582e1d4b8c1d5adbb6ea1d5/docs/reference/cli/server.md#--ssh-config-options
    Migration: Review your CODER_CONFIGSSH_HOSTNAME_SUFFIX and CODER_SSH_CONFIG_OPTIONS values before upgrading. If they contain invalid characters or formatting, coderd will fail to start. Fix the values before or during the upgrade.

  • X-Forwarded-Host only trusted from configured proxies (#26204)

    X-Forwarded-Host was previously honored unconditionally for subdomain app routing. This allowed a share=authenticated app to forge the header and route requests to a victim's owner-only app. The header is now only trusted when the socket peer is in CODER_PROXY_TRUSTED_ORIGINS, matching the existing trust model for X-Forwarded-For and X-Forwarded-Proto.
    Migration: Deployments that rely on reverse proxies rewriting Host and forwarding the original in X-Forwarded-Host must configure CODER_PROXY_TRUSTED_ORIGINS with the proxy addresses. Without this, subdomain app routing will ignore X-Forwarded-Host and fall back to the received Host header.

  • AI provider name collision with settings routes prevented (#26688)

    The AI providers page has moved from /ai/settings/:providerId to /ai/settings/providers/:providerId (and /ai/settings/add to /ai/settings/providers/add). The old routes allowed a provider named models to collide with the static Models page. No backward-compatibility redirects were added because a catch-all redirect would reintroduce the collision.
    Migration: Update any bookmarked or automated links from /ai/settings/ to /ai/settings/providers/ and from /ai/settings/add to /ai/settings/providers/add.

  • Org membership required for user ACLs (#26852)

    Per-user ACL grants on org-scoped resources (templates, workspaces, chats) previously did not check organization membership. A user explicitly granted access retained it after being removed from the organization. The user-ACL rule now requires is_org_member, matching the existing group-ACL behavior.
    Migration: Users who have been removed from an organization but still have per-user ACL grants will lose access. Re-add them to the organization if access should be preserved.

  • Interceptions API and request logs view removed (#26213)

    The GET /api/v2/aibridge/interceptions endpoint, the coder aibridge interceptions list CLI command, and the Request Logs frontend page have been removed. These have been replaced by the session-based view. The /models, /clients, and /sessions endpoints remain.
    Migration: Switch any integrations using the interceptions API to the sessions API (/api/v2/aibridge/sessions). The sessions list page in the dashboard provides equivalent functionality.

  • Agents insights page removed (#26457)

    The /agents/settings/insights page and all of its backend support have been removed. The page had previously been hidden from navigation and was only reachable via deep link. Use the AI Gateway sessions page instead.
    Migration: No action needed unless you had bookmarked or automated links to /agents/settings/insights. Redirect to the AI Gateway sessions page.

SECURITY

  • Honor fixed lifetime for CLI API tokens (#26376)

Features

Updated Template Creation Process

The template creation process now uses a builder that allows users to pick a base template, select commonly used modules, and then set configuration for the template. This makes it faster to make templates, with less Terraform knowledge required.

Improvements

Coder Agents

Durable chat runtime

Chatd now uses a more reliable state machine for queues, retries, interrupts, streaming, and multi-replica operation. (#26270, #26345, #26344, #26478)

Pinned workspace context

Chats now use stable snapshots of workspace instructions, skills, and MCP context. The agent pushes context state over a new Agent API (v2.10), coderd persists snapshots and pins them per-chat, and prompt generation consumes the pinned context instead of live-reading it on every turn. The dashboard surfaces pinned context, grouped by directory, with sizes and full .mcp.json paths. (#25983, #26145, #26385, #26389, #26430, #26438, #26526, #26533, #26558, #26570, #26573, #26577, #26581, #26598, #26614, #26715)

Quality-of-life improvements
  • AI Gateway naming: Renamed user-facing "AI Bridge" surfaces to "AI Gateway" across the dashboard, API routes, docs, and swagger summaries. Added a migration guide for operators. (#26161, #26165, #26475, #26567, #26569, #26700, #26704, #26854)
  • Expanded provider support: Added or improved support for Bedrock cross-account AssumeRole with Role ARN UI (#26527, #26578), GitHub Copilot provider via UI (#25888), OpenCode client and session tracking (#26098, #26128), Codex hyphenated session-id header (#26346), and Opus 4.8 known model (#25839)
  • Centralized AI settings: Moved models, MCP servers, template allowlist, spend, instructions, lifecycle, and Coder Agents pages into a unified AI settings section. (#26615, #26624, #26625, #26642, #26692, #26800)
  • Better context visibility: The Agents UI now shows pinned context indicators, context sizes, full .mcp.json paths, and resources grouped by directory. (#26573, #26598, #26614)
  • Improved Agents workspace UI: Shared chats and agents appear in the sidebar (#26056, #26328), updated search dialog with filter pills (#25753), right-panel tabs for workspace apps and ports (now GA) (#26208, #26906), multiple terminal tabs (#26089), and desktop panel toolbar with zoom modes and pop-out window (#25585)
  • MCP Registry listing: Published the Coder MCP server to the official MCP Registry. (#21673)
  • Improved sub-agent orchestration tools (#26673)
  • Workspace skill directory returned from read_skill (#26713)
  • Tool output capped to fit the model context window (#26637)
  • Agent session env unified via EnvInfoer (#26099)

AI Governance

The Cost Control and Session Correlation projects are slated for future releases, but significant groundwork has been laid in 2.35.

Cost Control

User and group AI budget management, including override endpoints, effective budget resolution, cost recording on token usage, experiment flag, and dashboard UI for user/group budget columns and s...

Read more

v2.34.5

Choose a tag to compare

@github-actions github-actions released this 30 Jun 00:27
Immutable release. Only release title and notes can be modified.
c3dd41e

Changelog

Features

  • Add INSECURE oidc email fallback flag for IdP brokers (#26751, 8266eb0)

Bug fixes

  • Server: Enforce required external auth on workspace create (#26314, 98bca81)
  • Dashboard: Add a custom copy/paste menu to the web terminal (#26015, 9513245)
  • Examples: Remove vscode-desktop module from quickstart to avoid duplicate VS Code Desktop (#26789, 210bb5e) (@bpmct)
  • Dashboard: Show only parent agent apps in workspaces table (#26568, c3dd41e)

Documentation

Compare: v2.34.4...v2.34.5

Container image

  • docker pull ghcr.io/coder/coder:2.34.5

Install/upgrade

Refer to our docs to install or upgrade Coder, or use a release asset below.

v2.33.11

Choose a tag to compare

@github-actions github-actions released this 30 Jun 00:34
Immutable release. Only release title and notes can be modified.
0cfa936

Stable (since June 30, 2026)

Changelog

Features

  • Add INSECURE oidc email fallback flag for IdP brokers (#26751, 0cfa936)

Bug fixes

  • Server: Enforce required external auth on workspace create (#26314, 30f8b64)

Compare: v2.33.10...v2.33.11

Container image

  • docker pull ghcr.io/coder/coder:2.33.11

Install/upgrade

Refer to our docs to install or upgrade Coder, or use a release asset below.

v2.32.10

Choose a tag to compare

@github-actions github-actions released this 30 Jun 00:33
Immutable release. Only release title and notes can be modified.
a687e4c

Changelog

Features

  • Add INSECURE oidc email fallback flag for IdP brokers (#26751, 92e1a7e)

Bug fixes

  • Dashboard: Show only parent agent apps in workspaces table (#26568, a687e4c)

Compare: v2.32.9...v2.32.10

Container image

  • docker pull ghcr.io/coder/coder:2.32.10

Install/upgrade

Refer to our docs to install or upgrade Coder, or use a release asset below.

v2.34.4

Choose a tag to compare

@github-actions github-actions released this 27 Jun 16:51
Immutable release. Only release title and notes can be modified.
19d9274

Changelog

Security patches

Bug fixes

Chores

  • Skip failing azureidentity test while under investigation (#26545, d607e1f)

Compare: v2.34.3...v2.34.4

Container image

  • docker pull ghcr.io/coder/coder:2.34.4

Install/upgrade

Refer to our docs to install or upgrade Coder, or use a release asset below.

v2.33.10

Choose a tag to compare

@github-actions github-actions released this 27 Jun 17:20
Immutable release. Only release title and notes can be modified.
59d5253

Stable (since June 27, 2026)

Changelog

Security patches

Bug fixes

Chores

  • Skip failing azureidentity test while under investigation (#26545, 2c43c07)

Compare: v2.33.9...v2.33.10

Container image

  • docker pull ghcr.io/coder/coder:2.33.10

Install/upgrade

Refer to our docs to install or upgrade Coder, or use a release asset below.

v2.32.9

Choose a tag to compare

@github-actions github-actions released this 27 Jun 17:25
Immutable release. Only release title and notes can be modified.
784e2c1

Changelog

Security patches

Bug fixes

Chores

  • Skip failing azureidentity test while under investigation (#26545, cf72d85)

Compare: v2.32.8...v2.32.9

Container image

  • docker pull ghcr.io/coder/coder:2.32.9

Install/upgrade

Refer to our docs to install or upgrade Coder, or use a release asset below.

v2.29.19

Choose a tag to compare

@github-actions github-actions released this 27 Jun 17:21
Immutable release. Only release title and notes can be modified.
f8bdec5

Changelog

Security patches

Chores

  • Skip failing azureidentity test while under investigation (#26545, b76aed9)

Compare: v2.29.18...v2.29.19

Container image

  • docker pull ghcr.io/coder/coder:2.29.19

Install/upgrade

Refer to our docs to install or upgrade Coder, or use a release asset below.