Breaking changes ❗
There are no breaking changes in 1.21.0.
- Satellites: Satellites are secondary Coder deployments provisioned to reduce
latency for developers. They keep traffic between the developer's machine and
the deployment in the same region, thereby reducing the need for traffic to
cross regions to/from the primary Coder deployment.
- infra: Added WebRTC service (including ICE server routes)
- web: Added ability to cancel the workspace build process after it's been
- web: Updated workspace status bar to better display workspace status (e.g.,
- web: Updated workspace providers management screen (Manage >
Providers) to include edit and delete options, as well as an organizations
- web: Added ability to specify Kubernetes
workspaces. This can be done via Manage > Providers; select the
provider of interest and click Edit.
- web: Added support for multiple SSH keys, allowing the addition of one SSH key
per OAuth application (e.g., GitHub, GitLab). Previously, Coder only supported
one SSH key across all deployments.
- infra: Renamed Kubernetes labels still referring to environments to
- infra: Added ability to write audit logs to the container's stdout/stderr.
- infra: Added SSH agent forwarding support when not using OpenSSH.
- web: Updated footer to display license information to site admins and site
- web: Updated system banners to remind site managers of license expiration when
3 days remain.
- web: New users authenticating via OIDC will see Coder using their preferred
username instead of an auto-generated username based on their email.
- infra: Added additional logging to OAuth processes.
- web: Changed Coder's JWE query parameter so that
token can be used as a
query parameter in dev URLs.
- web: Updated minimum disk size requirement when creating a workspace to 1 GB
and maximum disk size constraint to 8192 GB.
- web: Added ability to choose the SSH keygen algorithm Coder uses when
generating SSH keys.
- infra: Added ability to opt-in to OIDC's new refresh feature, allowing
Coder-issued API keys to inherit session timing limits and to use refresh
tokens to ensure continued access.
- infra: Improved speed of metrics query to improve metrics page performance.
- infra: Added
coderd.trustProxyIP to Helm chart to allow configuration of
- web: Added External Connect toggle to enable/disable SSH access and
external tunneling to workspaces (excludes dev URLs).
- web: Images tags now update asynchronously.
- web: The workspace provider ping functionality has been removed from the Coder
Bug fixes 🐛
- web: Fixed issue where dev URL session cookies were not using the root path.
- cli: Fixed issue with white border appearing in terminal windows.
- web: Fixed issue where audit log showed when the workspace deletion was
requested instead of when it was deleted.
- infra: Fixed API issue where routes returning daily active user metrics were
- web: Fixed issue where user deletion took an extended period of time (users
will now be deleted faster).
- web: Fixed issue where Safari users saw a blank screen during OIDC redirect.
- web: Fixed issue with failed user deletes; any failed deletes are retried, and
the username and email are immediately available after the user is deleted.
Security updates 🔐
- infra: CSRF tokens are now added to all non-GET, HEAD, OPTIONS, or TRACE HTTP
calls, while all POST, PATCH, DELETE calls required a CSRF token if using
cookie for authentication.
- infra: New keys are generated using the Ed25519 digital signature algorithm
instead of ECDSA.
- infra: Updated function to generate unbiased random strings for generating
secret values, such as API keys, default site admin passwords, auto-generated
passwords for password reset.
- infra: Added support for running Coder's control plane containers with
OpenShift's restricted security context constraints (SCC).
- web: Added functionality to strip extraneous cookies from dev URLs.
- infra: Added functionality to disable browser features not needed by Coder,
including accelerometer, autoplay, battery, camera, document domain,
geolocation, gyroscope, magnetometer, microphone, midi, payment, USB, VR,
screen wake/lock, and XR spatial tracking.
- web: Updated incorrect login message to be more generic.