Breaking changes ❗

  • infra: Workspace assets created by Coder that were previously located at /opt/coder, such as code-server and coder-cli, have been moved to /var/tmp/coder
  • infra: Workspaces as code templates have been updated from version 0.1 to 0.2. Existing workspaces using version 0.1 templates can be rebuilt, but no new workspaces can be created using the old format.
  • web: The workspace as code Open in Coder embeddable button flow no longer includes a clone step; buttons created from prior versions will still work, but Coder will not clone the project. To automate project cloning, use workspace.configure.start
  • web: The embedded form for workspaces as code located at Manage > Admin > Templates no longer uses the following fields: Project Repository URL and Project Git Service

Features ✨

  • web: Introduced resource quotas to organizations. Resource quotas define the maximum resource utilization allowable for each member within an organization for which such quotas are enabled. Modify them at Manage > Organizations > Edit Organization
  • web: Added a reactivation step for returning users that had been marked as dormant. The reactivation step requires the user to agree to use a license seat
  • web: Added an admin setting controlling the maximum dev URL access level across all workspaces within the deployment. Modify the maximum dev URL access level at Manage > Admin > Infrastructure in the card titled Dev URL Access Permissions
  • web: The CVM option will be selected by default when creating a custom environment (if CVMs are enabled at the site level)
  • web: Improved display and support for errors returned by an Identity Provider (IdP) during sign-in
  • infra: Changed permissions of /home/coder/ and subdirectories to 755 in control plane containers to support OpenShift anyuid
  • infra: Workspace builds are now properly validated when setting policy templates
  • code-server: Upgraded code-server to 3.10.1

Bug fixes 🐛

  • web: Fixed issue where the Edit Workspace dialog showed the resource selectors as disabled while still allowing modifications
  • web: Fixed issue where the Edit Workspace dialog displayed resource allocation incorrectly if the workspace was initially built using a template
  • web: Updated validation logic so that workspaces with invalid names can no longer be created
  • web: Fixed issue causing web-based terminals to show two scrollbars and overflowing content when system banners are present
  • infra: Fixed issue causing workspace autostart to stop or fail intermittently
  • web: Fixed issue in the Audit Logs preventing users from clearing the filters
  • web: Added a .csv extension to exported audit logs

Security updates 🔐

  • web: Upgraded version of next to 10.2.0.
  • web: Upgraded and addressed CVE-2021-21306 in marked.
  • web: Upgraded and addressed Fix CVE-2021-23368 in postcss.
  • web: Client secret is now omitted from GET requests to OAuth configurations.
  • web: When authenticating with the CLI, a new API key is always generated.
  • web: Fixed authentication for the watch-update workspace endpoint. This was previously open to any authenticated user
  • web: Fixed issue where audit logs for workspace auto-off was always attributed to the site admin; the audit log has been corrected to display the user owning the workspace.
  • infra: Increased the minimum requirement for inbound and outbound connections to TLS 1.2
  • infra: Added debug logs to show TLS certificates
See an opportunity to improve our docs? Make an edit.