Breaking changes ❗
There are no breaking changes in 1.21.0.
- Satellites: Satellites are secondary Coder deployments provisioned to reduce latency for developers. They keep traffic between the developer's machine and the deployment in the same region, thereby reducing the need for traffic to cross regions to/from the primary Coder deployment.
- infra: Added WebRTC service (including ICE server routes)
- web: Added ability to cancel the workspace build process after it's been started.
- web: Updated workspace status bar to better display workspace status (e.g., "Creating workspace").
- web: Updated workspace providers management screen (Manage > Providers) to include edit and delete options, as well as an organizations selector.
- web: Added ability to specify Kubernetes
nodeSelectorfor workspaces. This can be done via Manage > Providers; select the provider of interest and click Edit.
- web: Added support for multiple SSH keys, allowing the addition of one SSH key per OAuth application (e.g., GitHub, GitLab). Previously, Coder only supported one SSH key across all deployments.
- infra: Renamed Kubernetes labels still referring to environments to workspaces.
- infra: Added ability to write audit logs to the container's stdout/stderr.
- infra: Added SSH agent forwarding support when not using OpenSSH.
- web: Updated footer to display license information to site admins and site managers.
- web: Updated system banners to remind site managers of license expiration when 3 days remain.
- web: New users authenticating via OIDC will see Coder using their preferred username instead of an auto-generated username based on their email.
- infra: Added additional logging to OAuth processes.
- web: Changed Coder's JWE query parameter so that
tokencan be used as a query parameter in dev URLs.
- web: Updated minimum disk size requirement when creating a workspace to 1 GB and maximum disk size constraint to 8192 GB.
- web: Added ability to choose the SSH keygen algorithm Coder uses when generating SSH keys.
- infra: Added ability to opt-in to OIDC's new refresh feature, allowing Coder-issued API keys to inherit session timing limits and to use refresh tokens to ensure continued access.
- infra: Improved speed of metrics query to improve metrics page performance.
- infra: Added
coderd.trustProxyIPto Helm chart to allow configuration of Real IP.
- web: Added External Connect toggle to enable/disable SSH access and external tunneling to workspaces (excludes dev URLs).
- web: Images tags now update asynchronously.
- web: The workspace provider ping functionality has been removed from the Coder UI.
Bug fixes 🐛
- web: Fixed issue where dev URL session cookies were not using the root path.
- cli: Fixed issue with white border appearing in terminal windows.
- web: Fixed issue where audit log showed when the workspace deletion was requested instead of when it was deleted.
- infra: Fixed API issue where routes returning daily active user metrics were incorrect.
- web: Fixed issue where user deletion took an extended period of time (users will now be deleted faster).
- web: Fixed issue where Safari users saw a blank screen during OIDC redirect.
- web: Fixed issue with failed user deletes; any failed deletes are retried, and the username and email are immediately available after the user is deleted.
Security updates 🔐
- infra: CSRF tokens are now added to all non-GET, HEAD, OPTIONS, or TRACE HTTP
calls, while all POST, PATCH, DELETE calls required a CSRF token if using
- infra: New keys are generated using the Ed25519 digital signature algorithm instead of ECDSA.
- infra: Updated function to generate unbiased random strings for generating secret values, such as API keys, default site admin passwords, auto-generated passwords for password reset.
- infra: Added support for running Coder's control plane containers with OpenShift's restricted security context constraints (SCC).
- web: Added functionality to strip extraneous cookies from dev URLs.
- infra: Added functionality to disable browser features not needed by Coder, including accelerometer, autoplay, battery, camera, document domain, geolocation, gyroscope, magnetometer, microphone, midi, payment, USB, VR, screen wake/lock, and XR spatial tracking.
- web: Updated incorrect login message to be more generic.