---
title: "AI Governance Reaches GA in 2.30 - Coder Changelog"
description: "## What's New in 2.30"
image: "/_next/static/media/OpenGraph.37da9236.jpg"
---

![Changelog Masthead Background](https://coder.com/_next/static/media/cde-masthead-bg.3328bdfa.jpg?w=3840&q=85)

[Back to changelog](https://coder.com/changelog)

v2.30February 3, 2026

# AI Governance Reaches GA in 2.30

## What's New in 2.30

Coder 2.30 delivers the general availability of AI Bridge and Agent Boundaries through Coder's AI Governance Add-On for Premium customers. This add-on helps organizations safely roll out AI tooling at scale. A future release of Coder will require the add-on license in order to continue using these features. Learn more [in our documentation](https://coder.com/docs/ai-coder/ai-governance).

### AI Bridge Now Generally Available

AI Bridge is Coder’s production-ready LLM gateway for auditing AI sessions, managing MCP servers, and enforcing policy across every AI tool your developers use.

What’s new in GA:

- **[Broader client compatibility](https://coder.com/docs/ai-coder/ai-bridge/clients)**: Govern AI traffic without reconfiguring every tool. With AI Proxy, a single environment variable in a template enables transparent, org-wide AI governance.
- **Expanded provider support**: Connect to Anthropic, OpenAI, or AWS Bedrock, including deployments behind corporate gateways.
- **Observability and monitoring**: Analyze costs and usage and debug issues with expanded audit logs, improved log formats, and UI improvements.

![Example: Grafana User Leaderboard](https://www.datocms-assets.com/19109/1772575315-grafana-user-leaderboard-1.png)

### Agent Boundaries Now Generally Available

Agent Boundaries brings enforceable, runtime network controls and audit logging to autonomous AI agents running inside Coder workspaces.

What’s new in GA:

- **Centralized audit logs**: Queryable logs for every agent HTTP request.
- **`Landjail` mode**: Run Agent Boundaries without requiring permission changes, expanding compatibility across environments.
- **Documented rules authoring**: Clear guidance for defining granular, enforceable network policies.

![Example of Agent Boundaries blocking a process](https://www.datocms-assets.com/19109/1772575315-example-of-agent-boundaries-blocking-a-process.png)

### Faster workspace starts for Terraform templates

- **Captured modules per template version**: Terraform modules are downloaded once at template version creation and reused on every workspace start.
- **Faster, more predictable startup times**: Reduces repeated network fetches, especially for complex or shared templates.
- **Consistent module versions**: Each workspace uses the same module code, minimizing unexpected changes and improving reproducibility.

### Shared Workspaces in Early Access

- **Secure, role-based access**: Invite trusted users or groups using their existing Coder accounts, with access fully auditable and ownership retained.
- **Real-time troubleshooting**: Bring support or teammates directly into the workspace to debug issues in real context.
- **Governed by platform policy**: Shared access respects existing template, organization, and deployment-level controls.

### Claude Code Module Update

- **Configurable binary path**: Supply a custom Claude Code binary instead of the default.
- **Enterprise-friendly deployments**: Enables usage in environments that cannot access public APIs or bundled binaries.
- **Improved security and compliance**: Supports stricter controls over tooling provenance and execution.

## Breaking Changes

- #21398 – Terraform modules, especially those pointing to Git branches, no longer auto-update on workspace start. Module updates now require creating or re-importing a template version.
- #21215 – Enable PKCE by Default for External OAuth Providers: Providers that don’t support PKCE must explicitly disable it using `CODER_EXTERNAL_AUTH_<N>_PKCE_METHODS=none`.
- #21194 – Update SFTP/SCP Default Directory: SFTP and SCP connections now use the agent’s configured directory instead of always defaulting to `$HOME`, matching SSH and rsync behavior; scripts that relied on `$HOME` may need to use explicit paths.
- #20791 – Remove Experimental AI Bridge API Endpoints: `/api/experimental/aibridge/*` endpoints have been removed now that AI Bridge is GA; all clients must use the stable `/api/v2/aibridge/*` routes instead.

View the full changelog [on GitHub](https://github.com/coder/coder/releases/tag/v2.30.0). If you have questions or feedback, join the conversation on [Discord](https://discord.gg/coder) or email us directly!