The existing README for the Azure Linux template only mentioned that the
VM is ephemeral and the managed disk is persistent, but did not explain
that the resource group, virtual network, subnet, and network interface
also persist when a workspace is stopped.
This led to confusion where users expected all Azure resources to be
cleaned up on stop, when in reality only the VM is destroyed.
## Changes
- Added the persistent networking/infrastructure resources to the
resource list
- Added "What happens on stop" section explaining which resources
persist and why
- Added "What happens on delete" section confirming all resources are
cleaned up
- Moved the existing note about ephemeral tools/files into a "Workspace
restarts" subsection for clarity
Created on behalf of @DevelopmentCats
Co-authored-by: blink-so[bot] <211532188+blink-so[bot]@users.noreply.github.com>
Co-authored-by: DevCats <christofer@coder.com>
## Summary
Add per-workspace authentication token wiring to the Mux Coder module,
closing the last-mile deployment gap for cross-site WebSocket hijacking
(CSWSH) protection identified in coder/security#120.
## Background
When Mux runs as a Coder workspace app, it is accessible via Coder's
subdomain proxy (e.g., `mux--ws--user.apps.coder.com`). Without an auth
token, a malicious same-site origin (another user's workspace app on the
same `*.coder.com` domain) can hijack the WebSocket session and execute
arbitrary commands via the oRPC API.
The Mux application itself already implements:
- **Strict same-origin enforcement** for HTTP/CORS and WebSocket
upgrades (coder/mux#2418)
- **Auth token support** — the server reads `MUX_SERVER_AUTH_TOKEN` or
`--auth-token`, and the browser frontend extracts `?token=` from the URL
and persists it to localStorage
What was missing was module-level token generation and browser/backend
wiring.
## Implementation
- **`random_password.mux_auth_token`** generates a 64-character token
per module instance.
- **Backend wiring:** `run.sh` launches mux with a process-scoped
`MUX_SERVER_AUTH_TOKEN` environment variable.
- **Frontend wiring:** `coder_app.mux.url` includes `?token=<secret>` so
first launch from Coder passes the token to the browser for
bootstrap/persistence.
To avoid cross-instance breakage, this change intentionally does **not**
use a shared `coder_env` key. Multiple `coder/mux` module instances can
target the same `agent_id` (different `slug`/`port`), and a single
global env key would collide. Process-scoped env keeps each instance's
backend token aligned with its app URL token.
## Validation
- `terraform fmt -check -diff` in `registry/coder/modules/mux`
- `terraform test` in `registry/coder/modules/mux` (8 passed, 0 failed)
- Updated tests now verify the URL token value (not just prefix) and
verify the launch script sets `MUX_SERVER_AUTH_TOKEN` using the
generated token.
---
_Generated with `mux` • Model: `anthropic:claude-opus-4-6` • Thinking:
`xhigh`_
<!-- mux-attribution: model=anthropic:claude-opus-4-6 thinking=xhigh -->
## Description
The Agent Helper module is a building block for modules that need to run
multiple scripts in a specific order. It uses `coder exp sync` for
dependency management and is designed for orchestrating pre-install,
install, post-install, and start scripts.
## Type of Change
- [x] New module
- [ ] New template
- [ ] Bug fix
- [ ] Feature/enhancement
- [ ] Documentation
- [ ] Other
## Module Information
<!-- Delete this section if not applicable -->
**Path:** `registry/coder/modules/agent-helper`
**New version:** `v1.0.0`
**Breaking change:** [x] Yes [ ] No
## Testing & Validation
- [x] Tests pass (`bun test`)
- [x] Code formatted (`bun fmt`)
- [x] Changes tested locally
## Related Issues
Closes: https://github.com/coder/registry/issues/696
Closes: https://github.com/coder/registry/issues/698
---------
Co-authored-by: DevCats <christofer@coder.com>
## Description
Add's Validation to the dotfiles module in all input's to address
security issue pointed out in
https://github.com/coder/security/issues/119
<!-- Briefly describe what this PR does and why -->
## Type of Change
- [ ] New module
- [ ] New template
- [X] Bug fix
- [ ] Feature/enhancement
- [ ] Documentation
- [ ] Other
## Module Information
<!-- Delete this section if not applicable -->
**Path:** `registry/coder/modules/dotfiles`
**New version:** `v1.2.4`
**Breaking change:** [ ] Yes [X] No
## Testing & Validation
- [Y] Tests pass (`bun test`)
- [Y] Code formatted (`bun fmt`)
- [ ] Changes tested locally
## Related Issues
https://github.com/coder/security/issues/119
<!-- Link related issues or write "None" if not applicable -->
---------
Co-authored-by: Jakub Domeracki <jakub@coder.com>
### Summary
Temporary workaround for non-deterministic PATH handling when using
`coder_env` across multiple modules
([coder/coder#21885](https://github.com/coder/coder/issues/21885)).
### Problem
When multiple modules define `coder_env` with the same `name` (e.g.,
`PATH`), the final value is non-deterministic due to Go map iteration
order. This caused PATH overwrites instead of appending, breaking Claude
Code discovery in workspaces using multiple modules.
### Solution
Replace `coder_env` PATH manipulation with script-based PATH handling:
- **Install script**: Exports PATH and adds claude binary directory to
shell profiles (`.profile`, `.bashrc`, `.zshrc`, fish) for interactive
shell access
- **Start script**: Exports PATH at script execution time
- **Symlink**: Creates symlink in `CODER_SCRIPT_BIN_DIR` as additional
fallback
- **Validation**: Prevents invalid configuration where
`claude_binary_path` is customized but `install_claude_code=true`
(official installer doesn't support custom paths)
### Changes
- Removed `coder_env` resource for PATH
- Added PATH export to `install.sh` and `start.sh`
- Added shell profile modifications for cross-shell compatibility (bash,
zsh, fish)
- Added variable validation for `claude_binary_path`
### Note
This is a temporary fix until
[coder/coder#21885](https://github.com/coder/coder/issues/21885) is
resolved with a proper `merge_strategy` attribute for `coder_env`.
## Type of Change
- [ ] New module
- [ ] New template
- [X] Bug fix
- [ ] Feature/enhancement
- [ ] Documentation
- [ ] Other
## Module Information
<!-- Delete this section if not applicable -->
**Path:** `registry/coder/modules/claude-code`
**New version:** `v4.7.5`
**Breaking change:** [ ] Yes [X] No
## Testing & Validation
- [X] Tests pass (`bun test`)
- [X] Code formatted (`bun fmt`)
- [X] Changes tested locally
## Related Issues
([coder/coder#21885](https://github.com/coder/coder/issues/21885))
## Description
At the moment, the `CLAUDE_API_KEY` coder_env will always be created,
even if the variable itself is not. This can lead to the environment
variable being unset if it has been set outside of Terraform.
With this PR, we make the `claude_api_key` coder_env conditional, so it
will only be created if an API key has been set.
## Type of Change
- [ ] New module
- [ ] New template
- [x] Bug fix
- [ ] Feature/enhancement
- [ ] Documentation
- [ ] Other
## Module Information
<!-- Delete this section if not applicable -->
**Path:** `registry/coder/modules/claude-code/main.tf`
**New version:** `v4.7.4`
**Breaking change:** [ ] Yes [x] No
## Testing & Validation
- [x] Tests pass (`bun test`)
- [x] Code formatted (`bun fmt`)
- [x] Changes tested locally
## Related Issues
None
---------
Co-authored-by: 35C4n0r <70096901+35C4n0r@users.noreply.github.com>
Captures the last 10 messages from AgentAPI when task workspaces stop,
allowing users to view conversation history while the task is paused.
The shutdown script fetches messages, builds a payload with last 10
messages, truncates to 64KB if needed (removes old messages first, then
truncates content of the last message), and posts to the log snapshot
endpoint.
Gracefully handles non-task workspaces (skips), older Coder versions
without the endpoint (logs and continues), and empty message sets.
Enabled by default via task_log_snapshot variable. Task ID is
automatically resolved from data.coder_task when available.
Updates coder/internal#1257
## Description
- Update claude-code module to use binary installation incase of
specific version pinning unless use npm is specified.
- Add a deprecation warning in the install script and readme for npm.
## Type of Change
- [ ] New module
- [ ] New template
- [x] Bug fix
- [ ] Feature/enhancement
- [ ] Documentation
- [ ] Other
## Module Information
<!-- Delete this section if not applicable -->
**Path:** `registry/coder/modules/claude-code`
**New version:** `v4.7.1`
**Breaking change:** [ ] Yes [x] No
## Testing & Validation
- [x] Tests pass (`bun test`)
- [x] Code formatted (`bun fmt`)
- [x] Changes tested locally
## Related Issues
<!-- Link related issues or write "None" if not applicable -->
## Description
<!-- Briefly describe what this PR does and why -->
A draft that allow user connect existing linux system though coder by
ssh
## Type of Change
- [ ] New module
- [x] New template
- [ ] Bug fix
- [ ] Feature/enhancement
- [x] Documentation
- [ ] Other
## Template Information
<!-- Delete this section if not applicable -->
**Path:** `registry/IamTaoChen/templates/ssh-linux`
## Testing & Validation
- [ ] Tests pass (`bun test`)
- [x] Code formatted (`bun fmt`)
- [x] Changes tested locally
## Related Issues
<!-- Link related issues or write "None" if not applicable -->
---------
Co-authored-by: DevCats <christofer@coder.com>
## Summary
- Default `subdomain` to `true` so Mux uses subdomain routing by
default.
- Default `display_name` to `Mux`.
- Make `add-project` optional (`null` by default) and pass
`--add-project` to `mux server` when set.
- Bump mux module README example version to `1.0.8`.
## Notes
Changing the `subdomain` default may affect workspaces without wildcard
subdomain support configured (they can explicitly set `subdomain =
false`).
## Testing
- `terraform validate` (registry/coder/modules/mux)
- `terraform test -verbose` (registry/coder/modules/mux)
---
Generated with Mux (AI coding agent).
## Description
This PR adds a zizmor security scan to the CI pipeline to analyze new
and existing GitHub Actions workflows under .github/workflows/.
- Runs zizmor on PRs and fails the check when HIGH severity (or above)
issues are found, so they can block merges.
- Runs zizmor on main to produce security reporting (where applicable),
keeping visibility into findings over time.
- Intended to be added as a required status check so workflow-security
regressions can’t land unnoticed.
Reference: coder/registry#642 (comment) / zizmor-action
## Type of Change
- [ ] New module
- [ ] New template
- [ ] Bug fix
- [ ] Feature/enhancement
- [ ] Documentation
- [x] Other - CI / security tooling
## Testing & Validation
- Validation via PR check - opened a test PR with a deliberately risky
workflow and confirmed zizmor reports and blocks on HIGH findings
## Related Issues
coder/registry#642 (comment) / zizmor-action
## Description
Updates AGENTS.md to be more concise (~36 lines) while adding missing
commands and a PR review checklist based on recent PR feedback.
## Changes
- **Commands section**: Added `bun run tftest`, `bun run tstest`, single
test commands, and version-bump script
- **Structure section**: Added note that URLs must be relative (from
#639)
- **Code Style section**: Added `tf` vs `hcl` guidance and relative icon
paths
- **New PR Review Checklist**: Based on patterns from recent PRs
including:
- Version bumping requirements (#661, #617)
- Breaking changes documentation (#636)
- Graceful error handling in scripts (#658)
- Diagnostic logging for tests (#643)
- **AI attribution requirement**: PRs should note model/tool used
## Type of Change
- [ ] New module
- [ ] New template
- [ ] Bug fix
- [ ] Feature/enhancement
- [x] Documentation
- [ ] Other
---
Generated with
[Amp](https://ampcode.com/threads/T-019bcb7e-2e92-76f2-a1aa-2023ecdb0763)
using Claude Sonnet 4
## Description
Adds a `claude_path` variable to override the path that the `coder_env`
sets for claude-code.
Adds a `install_via_npm` variable to override the official installation
and use npm to install claude-code ( this doesn't change any behaviour,
simply just the options available to the user )
Model now uses `coder_env` to set the `ANTHROPIC_MODEL` env instead of
using the `--model` cli flag which did not set the anthropic model
globally in the workspace.
Normal Usage -> Official Installer
Specific Version Set -> NPM Install
Install Via NPM -> NPM Install
The idea with `claude_path` is that someone who wants to source claude
another way can install it and utilize that install in the module. If
install is true and a custom path is provided there is a tf precondition
that will disallow this.
<!-- Briefly describe what this PR does and why -->
## Type of Change
- [ ] New module
- [ ] New template
- [ ] Bug fix
- [X] Feature/enhancement
- [ ] Documentation
- [ ] Other
## Module Information
<!-- Delete this section if not applicable -->
**Path:** `registry/coder/modules/claude-code`
**New version:** `v4.4.0`
**Breaking change:** [ ] Yes [X] No
## Testing & Validation
- [X] Tests pass (`bun test`)
- [X] Code formatted (`bun fmt`)
- [X] Changes tested locally
## Related Issues
<!-- Link related issues or write "None" if not applicable -->
## Description
Adds e2e test for code-server that actually installs and health checks
code-server
<!-- Briefly describe what this PR does and why -->
## Type of Change
- [ ] New module
- [ ] New template
- [ ] Bug fix
- [ ] Feature/enhancement
- [ ] Documentation
- [X] Other
## Testing & Validation
- [X] Tests pass (`bun test`)
- [X] Code formatted (`bun fmt`)
- [X] Changes tested locally
## Related Issues
<!-- Link related issues or write "None" if not applicable -->
## Summary
Adds a `CODEOWNERS` file to enforce code review requirements for GitHub
Actions workflow changes.
- Creates `CODEOWNERS` file designating `@jdomeracki-coder` as owner of
`.github/` directory
- All changes to GitHub Actions workflows (`.github/` directory) now
require approval from the designated code owner
- Improves security posture by preventing unauthorized modifications to
CI/CD pipelines
## Why this change?
GitHub Actions workflows have elevated privileges and can access
repository secrets. Requiring explicit approval for workflow changes
helps prevent:
- Accidental or malicious modifications to CI/CD pipelines
- Unauthorized access to secrets
- Supply chain security vulnerabilities
## Test plan
- [x] Verify CODEOWNERS file is properly formatted
- [ ] Test that PRs modifying `.github/` directory require approval from
`@jdomeracki-coder`
- [ ] Confirm existing PRs not touching `.github/` continue to work
normally
## Description
- Minor maintenance and update codex to use coder_ai_task.
## Type of Change
- [ ] New module
- [ ] New template
- [ ] Bug fix
- [x] Feature/enhancement
- [ ] Documentation
- [ ] Other
## Module Information
<!-- Delete this section if not applicable -->
**Path:** `registry/coder-labs/modules/codex`
**New version:** `v4.0.0`
**Breaking change:** [x] Yes [ ] No
## Testing & Validation
- [x] Tests pass (`bun test`)
- [x] Code formatted (`bun fmt`)
- [x] Changes tested locally
## Related Issues
<!-- Link related issues or write "None" if not applicable -->
---------
Co-authored-by: Atif Ali <atif@coder.com>
This pull request updates the `claude-code` module to version 4.3.0 and
significantly simplifies the configuration and startup logic for the
Boundary integration. The changes remove several Boundary-related
configuration variables and options, streamlining both Terraform and
shell script code. The documentation is updated to reflect these changes
and the new version.
**Boundary integration simplification:**
* Removed multiple Boundary-related variables from `main.tf`, including
log directory, log level, additional allowed URLs, proxy port, and pprof
options, as well as their usage in the module and test files.
(`registry/coder/modules/claude-code/main.tf`
[[1]](diffhunk://#diff-e7adc2da34facfd5d16deb23876fca7ae4cb11c8a68a0cfbe37a044bb69932f0L213-L248)
[[2]](diffhunk://#diff-e7adc2da34facfd5d16deb23876fca7ae4cb11c8a68a0cfbe37a044bb69932f0L377-L382);
`registry/coder/modules/claude-code/main.tftest.hcl`
[[3]](diffhunk://#diff-46ca9cfb5cdd077a9c42f7f62ab3f45583196a05edc29838eda0c6bd0ea63edcL198-L210)
* Updated the Boundary startup logic in `start.sh` to remove handling
and passing of the eliminated variables, resulting in a simpler and more
maintainable script.
(`registry/coder/modules/claude-code/scripts/start.sh`
[[1]](diffhunk://#diff-decfa0cea699ba8bf5e89b60ee677c361d2e9cc8b4792ed54ac1da66b4bd9315L19-L23)
[[2]](diffhunk://#diff-decfa0cea699ba8bf5e89b60ee677c361d2e9cc8b4792ed54ac1da66b4bd9315L39-L41)
[[3]](diffhunk://#diff-decfa0cea699ba8bf5e89b60ee677c361d2e9cc8b4792ed54ac1da66b4bd9315L232-L260)
**Documentation updates:**
* Updated all usage examples in `README.md` to reference version 4.3.0
and reflect the new, simplified Boundary configuration.
(`registry/coder/modules/claude-code/README.md`
[[1]](diffhunk://#diff-3f433388cb775dcc77c38911e23acbd2eb64e26e26c25d46b045724dfe5136bbL16-R16)
[[2]](diffhunk://#diff-3f433388cb775dcc77c38911e23acbd2eb64e26e26c25d46b045724dfe5136bbL48-R52)
[[3]](diffhunk://#diff-3f433388cb775dcc77c38911e23acbd2eb64e26e26c25d46b045724dfe5136bbL75-R71)
[[4]](diffhunk://#diff-3f433388cb775dcc77c38911e23acbd2eb64e26e26c25d46b045724dfe5136bbL111-R107)
[[5]](diffhunk://#diff-3f433388cb775dcc77c38911e23acbd2eb64e26e26c25d46b045724dfe5136bbL133-R129)
[[6]](diffhunk://#diff-3f433388cb775dcc77c38911e23acbd2eb64e26e26c25d46b045724dfe5136bbL206-R202)
[[7]](diffhunk://#diff-3f433388cb775dcc77c38911e23acbd2eb64e26e26c25d46b045724dfe5136bbL263-R259)
**Version bump:**
* Bumped the module version from 4.2.9 to 4.3.0 throughout all
documentation and configuration examples.
(`registry/coder/modules/claude-code/README.md`
[[1]](diffhunk://#diff-3f433388cb775dcc77c38911e23acbd2eb64e26e26c25d46b045724dfe5136bbL16-R16)
[[2]](diffhunk://#diff-3f433388cb775dcc77c38911e23acbd2eb64e26e26c25d46b045724dfe5136bbL48-R52)
[[3]](diffhunk://#diff-3f433388cb775dcc77c38911e23acbd2eb64e26e26c25d46b045724dfe5136bbL75-R71)
[[4]](diffhunk://#diff-3f433388cb775dcc77c38911e23acbd2eb64e26e26c25d46b045724dfe5136bbL111-R107)
[[5]](diffhunk://#diff-3f433388cb775dcc77c38911e23acbd2eb64e26e26c25d46b045724dfe5136bbL133-R129)
[[6]](diffhunk://#diff-3f433388cb775dcc77c38911e23acbd2eb64e26e26c25d46b045724dfe5136bbL206-R202)
[[7]](diffhunk://#diff-3f433388cb775dcc77c38911e23acbd2eb64e26e26c25d46b045724dfe5136bbL263-R259)
---------
Co-authored-by: DevCats <christofer@coder.com>
## Description
Remove test from `cloud-dev` template since templates generally have no
tests.
<!-- Briefly describe what this PR does and why -->
## Type of Change
- [ ] New module
- [ ] New template
- [X] Bug fix
- [ ] Feature/enhancement
- [ ] Documentation
- [ ] Other
## Template Information
<!-- Delete this section if not applicable -->
**Path:** `registry/nboyers/templates/cloud-dev`
## Testing & Validation
- [X] Tests pass (`bun test`)
- [X] Code formatted (`bun fmt`)
- [X] Changes tested locally
## Related Issues
<!-- Link related issues or write "None" if not applicable -->
## Description
Better test cleanup, and resolve flakiness.
<!-- Briefly describe what this PR does and why -->
## Type of Change
- [ ] New module
- [ ] New template
- [X] Bug fix
- [ ] Feature/enhancement
- [ ] Documentation
- [ ] Other
## Module Information
<!-- Delete this section if not applicable -->
**Path:** `registry/coder/modules/github-upload-public-key`
**New version:** `v1.0.32`
**Breaking change:** [ ] Yes [ ] No
## Testing & Validation
- [X] Tests pass (`bun test`)
- [X] Code formatted (`bun fmt`)
- [X] Changes tested locally
## Related Issues
<!-- Link related issues or write "None" if not applicable -->
