Skills are not versioned in the registry. Their versioning happens in
the source repos. The version-bump workflow only handles modules, and
the release.yml skill-path detection was based on the old per-skill
directory format that no longer exists.
Bumps the github-actions group with 3 updates in the / directory:
[coder/coder](https://github.com/coder/coder),
[crate-ci/typos](https://github.com/crate-ci/typos) and
[zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action).
Updates `coder/coder` from 2.32.0 to 2.33.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/coder/coder/releases">coder/coder's
releases</a>.</em></p>
<blockquote>
<h2>v2.33.3</h2>
<h2>Changelog</h2>
<blockquote>
<p>[!NOTE]
This is a mainline Coder release. We advise enterprise customers without
a staging environment to install our <a
href="https://github.com/coder/coder/releases/latest">latest stable
release</a> while we refine this version. Learn more about our <a
href="https://coder.com/docs/install/releases">Release Schedule</a>.</p>
</blockquote>
<h3>Bug fixes</h3>
<ul>
<li>Upgrade Go toolchain from 1.25.9 to 1.25.10 (<a
href="https://redirect.github.com/coder/coder/issues/25230">#25230</a>,
e5a96f3608)</li>
<li>Cherry-pick go-git v5.19.0 (CVE-2026-45022) (<a
href="https://redirect.github.com/coder/coder/issues/25229">#25229</a>,
4e4e23539e)</li>
<li>Dashboard: Show Organizations in admin dropdown for single-org OSS
deployments (<a
href="https://redirect.github.com/coder/coder/issues/25175">#25175</a>,
bbca430b4c)</li>
<li>fix(scripts/ironbank): update base image to UBI9 and remove urllib3
(CVE-2026-44431) (<a
href="https://redirect.github.com/coder/coder/issues/25247">#25247</a>,
818fc72802)</li>
<li>Server: Harden Azure identity certificate fetch (cherry-pick v2.33)
(<a
href="https://redirect.github.com/coder/coder/issues/25276">#25276</a>,
844c1e0467)</li>
<li>Verify PKCS7 signature on Azure instance identity tokens (2.33
cherry-pick) (<a
href="https://redirect.github.com/coder/coder/issues/25302">#25302</a>,
2b778f292c)</li>
</ul>
<p>Compare: <a
href="https://github.com/coder/coder/compare/v2.33.2...v2.33.3"><code>v2.33.2...v2.33.3</code></a></p>
<h2>Container image</h2>
<ul>
<li><code>docker pull ghcr.io/coder/coder:2.33.3</code></li>
</ul>
<h2>Install/upgrade</h2>
<p>Refer to our docs to <a
href="https://coder.com/docs/install">install</a> or <a
href="https://coder.com/docs/install/upgrade">upgrade</a> Coder, or use
a release asset below.</p>
<h2>v2.33.2</h2>
<h2>Changelog</h2>
<blockquote>
<p>[!NOTE]
This is a mainline Coder release. We advise enterprise customers without
a staging environment to install our <a
href="https://github.com/coder/coder/releases/latest">latest stable
release</a> while we refine this version. Learn more about our <a
href="https://coder.com/docs/install/releases">Release Schedule</a>.</p>
</blockquote>
<h3>Bug fixes</h3>
<ul>
<li>Backport 11 Coder Agents docs PRs to release/2.33 (<a
href="https://redirect.github.com/coder/coder/issues/25047">#25047</a>,
d622e86fa0)</li>
</ul>
<p>Compare: <a
href="https://github.com/coder/coder/compare/v2.33.1...v2.33.2"><code>v2.33.1...v2.33.2</code></a></p>
<h2>Container image</h2>
<ul>
<li><code>docker pull ghcr.io/coder/coder:2.33.2</code></li>
</ul>
<h2>Install/upgrade</h2>
<p>Refer to our docs to <a
href="https://coder.com/docs/install">install</a> or <a
href="https://coder.com/docs/install/upgrade">upgrade</a> Coder, or use
a release asset below.</p>
<h2>v2.33.1</h2>
<h2>Changelog</h2>
<blockquote>
<p>[!NOTE]
This is a mainline Coder release. We advise enterprise customers without
a staging environment to install our <a
href="https://github.com/coder/coder/releases/latest">latest stable
release</a> while we refine this version. Learn more about our <a
href="https://coder.com/docs/install/releases">Release Schedule</a>.</p>
</blockquote>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="2b778f292c"><code>2b778f2</code></a>
fix: verify PKCS7 signature on Azure instance identity tokens (2.33
cherry-pi...</li>
<li><a
href="844c1e0467"><code>844c1e0</code></a>
fix(coderd): harden Azure identity certificate fetch (cherry-pick v2.33)
(<a
href="https://redirect.github.com/coder/coder/issues/25">#25</a>...</li>
<li><a
href="818fc72802"><code>818fc72</code></a>
fix(scripts/ironbank): update base image to UBI9 and remove urllib3
(CVE-2026...</li>
<li><a
href="bbca430b4c"><code>bbca430</code></a>
fix(site): show Organizations in admin dropdown for single-org OSS
deployment...</li>
<li><a
href="4e4e23539e"><code>4e4e235</code></a>
fix: cherry-pick go-git v5.19.0 (CVE-2026-45022) (<a
href="https://redirect.github.com/coder/coder/issues/25229">#25229</a>)</li>
<li><a
href="e5a96f3608"><code>e5a96f3</code></a>
fix: upgrade Go toolchain from 1.25.9 to 1.25.10 (<a
href="https://redirect.github.com/coder/coder/issues/25230">#25230</a>)</li>
<li><a
href="d622e86fa0"><code>d622e86</code></a>
fix: backport 11 Coder Agents docs PRs to release/2.33 (<a
href="https://redirect.github.com/coder/coder/issues/25047">#25047</a>)</li>
<li><a
href="3e34ba7bf0"><code>3e34ba7</code></a>
chore: remove agents experiment flag and mark feature as beta (<a
href="https://redirect.github.com/coder/coder/issues/24432">#24432</a>)
(<a
href="https://redirect.github.com/coder/coder/issues/25003">#25003</a>)</li>
<li><a
href="f009c17217"><code>f009c17</code></a>
fix(coderd): cut DB fan-out on agent instance-identity auth (backport <a
href="https://redirect.github.com/coder/coder/issues/24973">#24973</a>)...</li>
<li><a
href="17635dde5c"><code>17635dd</code></a>
chore: include pgcoordinator schema changes in 2.33 (<a
href="https://redirect.github.com/coder/coder/issues/24931">#24931</a>)</li>
<li>Additional commits viewable in <a
href="34584e909b...2b778f292c">compare
view</a></li>
</ul>
</details>
<br />
Updates `crate-ci/typos` from 1.45.1 to 1.46.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/crate-ci/typos/releases">crate-ci/typos's
releases</a>.</em></p>
<blockquote>
<h2>v1.46.2</h2>
<h2>[1.46.2] - 2026-05-16</h2>
<h3>Fixes</h3>
<ul>
<li>Don't correct to <code>criterias</code></li>
<li>Don't correct to <code>replaceables</code></li>
</ul>
<h2>v1.46.1</h2>
<h2>[1.46.1] - 2026-05-08</h2>
<h3>Fixes</h3>
<ul>
<li>Don't correct to <code>confidentials</code></li>
</ul>
<h2>v1.46.0</h2>
<h2>[1.46.0] - 2026-04-30</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1531">April
2026</a> changes</li>
</ul>
<h2>v1.45.2</h2>
<h2>[1.45.2] - 2026-04-27</h2>
<h3>Fixes</h3>
<ul>
<li>Ignore ssh ed25519 public keys</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's
changelog</a>.</em></p>
<blockquote>
<h1>Change Log</h1>
<p>All notable changes to this project will be documented in this
file.</p>
<p>The format is based on <a href="https://keepachangelog.com/">Keep a
Changelog</a>
and this project adheres to <a href="https://semver.org/">Semantic
Versioning</a>.</p>
<!-- raw HTML omitted -->
<h2>[Unreleased] - ReleaseDate</h2>
<h2>[1.46.2] - 2026-05-16</h2>
<h3>Fixes</h3>
<ul>
<li>Don't correct to <code>criterias</code></li>
<li>Don't correct to <code>replaceables</code></li>
</ul>
<h2>[1.46.1] - 2026-05-08</h2>
<h3>Fixes</h3>
<ul>
<li>Don't correct to <code>confidentials</code></li>
</ul>
<h2>[1.46.0] - 2026-04-30</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1531">April
2026</a> changes</li>
</ul>
<h2>[1.45.2] - 2026-04-27</h2>
<h3>Fixes</h3>
<ul>
<li>Ignore ssh ed25519 public keys</li>
</ul>
<h2>[1.45.1] - 2026-04-13</h2>
<h3>Fixes</h3>
<ul>
<li><em>(action)</em> Use a temp dir for caching</li>
</ul>
<h2>[1.45.0] - 2026-04-01</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1509">March
2026</a> changes</li>
</ul>
<h2>[1.44.0] - 2026-02-27</h2>
<h3>Features</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="aca895bf05"><code>aca895b</code></a>
chore: Release</li>
<li><a
href="4dbdd7509d"><code>4dbdd75</code></a>
docs: Update changelog</li>
<li><a
href="3da2876731"><code>3da2876</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1556">#1556</a>
from epage/replaceable</li>
<li><a
href="8918680477"><code>8918680</code></a>
fix(dict): Don't correct to replaceables</li>
<li><a
href="57d5422e87"><code>57d5422</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1555">#1555</a>
from epage/criteria</li>
<li><a
href="f54668abd7"><code>f54668a</code></a>
fix(dict): Don't correct to criterias</li>
<li><a
href="5374cbf686"><code>5374cbf</code></a>
chore: Release</li>
<li><a
href="52448f5ecf"><code>52448f5</code></a>
docs: Update changelog</li>
<li><a
href="030c719ff1"><code>030c719</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1552">#1552</a>
from epage/fixes</li>
<li><a
href="7a688c7c08"><code>7a688c7</code></a>
fix(dict): Confidentials isn't valid</li>
<li>Additional commits viewable in <a
href="cf5f1c29a8...aca895bf05">compare
view</a></li>
</ul>
</details>
<br />
Updates `zizmorcore/zizmor-action` from 0.5.3 to 0.5.6
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/zizmorcore/zizmor-action/releases">zizmorcore/zizmor-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.5.6</h2>
<ul>
<li>1.25.2 is now available via the action</li>
<li>1.25.2 is now the default version of zizmor used by the action</li>
</ul>
<h2>v0.5.5</h2>
<p>This is a no-op release.</p>
<h2>v0.5.4</h2>
<ul>
<li>1.25.0 is now available via the action</li>
<li>1.25.0 is now the default version of zizmor used by the action</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5f14fd08f7"><code>5f14fd0</code></a>
Sync zizmor versions (<a
href="https://redirect.github.com/zizmorcore/zizmor-action/issues/114">#114</a>)</li>
<li><a
href="a16621b09c"><code>a16621b</code></a>
Bump pins in README (<a
href="https://redirect.github.com/zizmorcore/zizmor-action/issues/112">#112</a>)</li>
<li><a
href="1c03e047a3"><code>1c03e04</code></a>
chore(deps): bump github/codeql-action from 4.35.2 to 4.35.3 in the
github-ac...</li>
<li><a
href="b572f7b1a1"><code>b572f7b</code></a>
Sync zizmor versions (<a
href="https://redirect.github.com/zizmorcore/zizmor-action/issues/111">#111</a>)</li>
<li><a
href="06928c5dcb"><code>06928c5</code></a>
chore(deps): bump github/codeql-action in the github-actions group (<a
href="https://redirect.github.com/zizmorcore/zizmor-action/issues/109">#109</a>)</li>
<li><a
href="5ea8b96e10"><code>5ea8b96</code></a>
docs: Update link to GitHub docs (<a
href="https://redirect.github.com/zizmorcore/zizmor-action/issues/108">#108</a>)</li>
<li><a
href="849ac26095"><code>849ac26</code></a>
chore(deps): bump the github-actions group with 2 updates (<a
href="https://redirect.github.com/zizmorcore/zizmor-action/issues/106">#106</a>)</li>
<li><a
href="814f9778ac"><code>814f977</code></a>
Bump pins in README (<a
href="https://redirect.github.com/zizmorcore/zizmor-action/issues/103">#103</a>)</li>
<li>See full diff in <a
href="b1d7e1fb5d...5f14fd08f7">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
## Description
Fix git-clone module to fail fast when `pre_clone_script` or
`post_clone_script` returns a non-zero exit code. Previously, both
scripts were executed but their exit codes were never checked — a
failing pre-clone hook (e.g., a prerequisite check that calls `exit 1`)
was silently ignored and cloning continued. This broke the advertised
"validate prerequisites before cloning" behavior and could leave
workspaces starting with unmet preconditions.
## Type of Change
- [ ] New module
- [ ] New template
- [x] Bug fix
- [ ] Feature/enhancement
- [ ] Documentation
- [ ] Other
## Module Information
**Path:** `registry/coder/modules/git-clone`
**New version:** `v1.3.1`
**Breaking change:** [ ] Yes [x] No
## Testing & Validation
- [x] Tests pass (`bun test`)
- [x] Code formatted (`bun fmt`)
- [x] Changes tested locally
## Related Issues
- https://github.com/coder/registry/pull/887#issuecomment-4413765491
- https://github.com/coder/registry/issues/60
- https://github.com/coder/registry/issues/86
## Problem
The module configures Claude Code's permission posture by reaching
around the permission system rather than through it:
- `scripts/install.sh` writes `bypassPermissionsModeAccepted`,
`autoModeAccepted`, and `primaryApiKey` directly into the user-writable
`~/.claude.json`. Any process in the workspace can read the API key or
flip the acceptance flags back.
- `scripts/start.sh` adds `--dangerously-skip-permissions` to every task
launch, even when the template author set an explicit `permission_mode`.
The README has to carry a security warning telling people the module
bypasses permission checks.
- `permission_mode`, `allowed_tools`, and `disallowed_tools` each plumb
through a different ad-hoc path (CLI flag, `coder` subcommand) instead
of a single policy surface.
## Change
Add a `managed_settings` input that renders to
`/etc/claude-code/managed-settings.d/10-coder.json`. Claude Code reads
that drop-in directory at startup with the highest configuration
precedence (above `~/.claude/settings.json` and project settings), so
template authors get an admin-controlled policy file that users inside
the workspace cannot override. The mechanism is a local file read with
no API call, so it works identically for the Anthropic API, AWS Bedrock,
Google Vertex AI, and AI Bridge / AI Gateway.
```hcl
managed_settings = {
permissions = {
defaultMode = "acceptEdits"
disableBypassPermissionsMode = "disable"
deny = ["Bash(curl:*)", "WebFetch"]
}
}
```
Supporting changes:
- `install.sh` writes the policy file (root-owned, 0644) and stops
writing `bypassPermissionsModeAccepted`, `autoModeAccepted`, and
`primaryApiKey` into `~/.claude.json`. The API key is already exported
via `coder_env` as `CLAUDE_API_KEY`; duplicating it on disk is
unnecessary. `hasCompletedOnboarding` stays because there is no env-var
alternative for it.
- `start.sh` only adds `--dangerously-skip-permissions` for tasks when
no explicit `permission_mode` is set (same fix as #846; included here so
this PR is self-contained, happy to drop if #846 lands first).
- `permission_mode`, `allowed_tools`, and `disallowed_tools` are marked
deprecated and shimmed into `managed_settings.permissions` for one
release when `managed_settings` is not provided.
- README security warning rewritten to point at the policy mechanism
instead of telling people the module is unsafe by design.
## Relationship to #861#861 strips this module to install-and-configure and removes
`permission_mode` / `allowed_tools` / `disallowed_tools` outright.
`managed_settings` is the natural replacement for those: it is
install-time (survives the `start.sh` removal), it covers everything the
dropped variables did plus `hooks`, `env`, `model`, `apiKeyHelper`, and
the rest of the settings schema, and it does not require the module to
know anything about how Claude is launched. If #861 lands first I will
rebase this on top and drop the deprecation shim and the `start.sh`
hunk.
## Validation
- `terraform fmt` / `terraform validate` clean
- New tests: `claude-managed-settings-written`,
`claude-managed-settings-legacy-shim`,
`claude-no-policy-keys-in-claudejson`, plus an assertion in
`claude-auto-permission-mode` that `--dangerously-skip-permissions` is
absent when a mode is set
- Manually verified `/etc/claude-code/managed-settings.d/*.json`
precedence in the Claude Code CLI source
Closes#818. Relates to #284, #846, #861.
Disclosure: I work at Anthropic on the Claude Code team. Happy to adjust
scope or split this further if that is easier to review.
---------
Co-authored-by: DevCats <chris@dualriver.com>
Co-authored-by: DevCats <christofer@coder.com>
Sources now use structured YAML objects instead of flat strings.
Each skill can have its own display_name, icon, and tags.
Top-level icon serves as the default for skills without overrides.
Removed top-level display_name, description, and tags (per-skill only).
The registry's separateFrontmatter() function trims indentation from
each frontmatter line, which breaks nested YAML structures. Use the
flat "owner/repo@ref" string format that the registry-server parses
with strings.Cut.
The README validation tool has an allowlist of directories permitted
under registry/<namespace>/. Add 'skills' to that list so the
skills/README.md catalogue entry passes validation.
Skills are added to supportedUserNameSpaceDirectories but not to
supportedResourceTypes, so the skills directory is allowed to exist
without being validated as a module or template.
Skills content now lives in source repos (e.g., coder/skills) instead of
being duplicated in the registry. Each namespace declares its skill source
repo(s) in a single registry/<namespace>/skills/README.md with a sources
field in the frontmatter.
Changes:
- Replace per-skill directories (coder-modules/, coder-templates/) with
a single registry/coder/skills/README.md that references coder/skills
- Revert .agents/skills/ frontmatter changes (those files will move to
coder/skills repo)
- Revert version-bump.sh and tag_release.sh skill-specific version
extraction (versioning lives in source repos now)
- Keep CI/CD path triggers for registry/**/skills/** so catalogue
metadata changes trigger deployment
The registry-server build pipeline (PR #442) will need to be updated
to clone source repos declared in the README.md frontmatter and
auto-discover skills from them.
## Description
Extracts boundary installation and wrapper logic into a standalone
`coder/agent-firewall` module, decoupling it from `agentapi`.
### Why
Boundary is currently embedded inside `agentapi` (`scripts/boundary.sh`)
and duplicated in `claude-code`. This couples network isolation to the
AI/Tasks stack, but boundary is a general-purpose primitive — users
running a plain agent with no agentapi or tasks should be able to use it
too.
### What this adds
`registry/coder/modules/agent-firewall/` — a new first-class module
that:
* Installs boundary via one of three strategies:
1. `coder boundary` subcommand (default, zero-install)
2. Direct binary from release (`use_agent_firewall_directly = true`)
3. Compiled from source (`compile_agent_firewall_from_source = true`)
* Ships a comprehensive [default allowlist
config](registry/coder/modules/agent-firewall/config.yaml.tftpl)
(Anthropic, OpenAI, VCS, package managers, cloud platforms, etc.)
* Auto-fills the Coder deployment domain via
`data.coder_workspace.me.access_url`
* Supports inline config (`agent_firewall_config`) or external file
(`agent_firewall_config_path`), mutually exclusive with cross-variable
validation
* Creates a wrapper script at
`$HOME/.coder-modules/coder/agent-firewall/scripts/agent-firewall-wrapper.sh`
* Strips `CAP_NET_ADMIN` from the coder binary (copies to
`coder-no-caps`) to allow execution inside network namespaces without
`sys_admin`
* Supports `pre_install_script` / `post_install_script` hooks
* Exposes `agent_firewall_wrapper_path`, `agent_firewall_config_path`,
and `scripts` outputs for script coordination
* No env vars exported — everything is output-only
### Usage
```tf
module "agent-firewall" {
source = "registry.coder.com/coder/agent-firewall/coder"
version = "0.0.1"
agent_id = coder_agent.main.id
}
```
Works standalone with any agent — no agentapi dependency required.
### Testing
* 8 Terraform plan tests (`agent-firewall.tftest.hcl`): default outputs,
compile from source, use directly, custom hooks, custom module
directory, inline config, external config path, mutual exclusion
validation
* TypeScript integration tests (`main.test.ts`): state verification,
coder subcommand happy path, inline config, config path skip, custom
hooks, env var absence, wrapper execution, idempotent installation
## Type of Change
- [X] New module
## Module Information
**Path:** `registry/coder/modules/agent-firewall` <br>**New version:**
`v0.0.1` <br>**Breaking change:** No
## Related Issues
Closescoder/registry#844🤖 Generated by Coder Agents
---------
Co-authored-by: Jay Kumar <jay.kumar@coder.com>
Aligns codex module variable names with the claude-code v5 conventions
established in #861 and #879.
- Rename `additional_mcp_servers` to `mcp` to match claude-code's
variable name.
- Change `codex_version` default from `""` to `"latest"` to match
`claude_code_version`.
## Type of Change
- [ ] New module
- [ ] New template
- [x] Bug fix
- [ ] Feature/enhancement
- [ ] Documentation
- [ ] Other
## Module Information
**Path:** `registry/coder-labs/modules/codex`
**Breaking change:** [x] Yes [ ] No
> [!WARNING]
> Breaking change for anyone referencing `additional_mcp_servers` by
name. Since v5.0.0 was released and deleted on the same day (#879), this
should have zero downstream impact.
## Testing & Validation
- [x] Tests pass (`bun test`)
- [x] Code formatted (`bun fmt`)
- [x] Changes tested locally
## Related Issues
- Follow-up to #879
- Filed #886 to track adding `mcp_config_remote_path` support to codex
---
*This PR was authored by Coder Agents.*
Add agent skills to the registry catalogue alongside modules and
templates, following the agentskills.io specification with proper
frontmatter metadata (license, version, author, tags).
- Add registry/coder/skills/coder-modules/ and
registry/coder/skills/coder-templates/ as catalogue entries,
each with SKILL.md (full spec frontmatter + body) and README.md.
- Update .agents/skills/ frontmatter to match catalogue versions.
- Update CI/CD workflows and scripts to support skills:
- deploy-registry.yaml: add skills path trigger
- release.yml: detect skills vs modules for changelog path
- version-bump.yaml: add skills path trigger
- version-bump.sh: include skills in change detection
- tag_release.sh: scan skills directories and extract version
from SKILL.md frontmatter
## Description
Fixes
[REG-4](https://linear.app/codercom/issue/REG-4/filebrowser-appends-workspace-path-twice-in-url):
the `filebrowser` module opens to a non-existent URL with the workspace
path appended a second time when `subdomain = false` and `agent_name` is
not provided, e.g.:
```
https://<coder-host>/@<owner>/<workspace>/apps/filebrowser/files/@<owner>/<workspace>.<agent>/apps/filebrowser/
```
### Root cause
Coder's frontend always builds path-based app URLs as
`/@<owner>/<workspace>.<agent>/apps/<slug>/` (it always includes
`.<agent_name>`, even for single-agent templates):
https://github.com/coder/coder/blob/main/site/src/modules/apps/apps.ts
```ts
return `${path}/@${workspace.owner_name}/${workspace.name}.${agent.name}/apps/${app.slug}/`;
```
The filebrowser module, however, only includes the agent segment in
`local.server_base_path` (which becomes filebrowser's `--baseURL`) when
the user explicitly passes `agent_name`. The variable description and
the README both said `agent_name` was "only required if the template
uses multiple agents", which is incorrect.
When the URLs disagree, filebrowser's reverse-proxy `stripPrefix` cannot
strip the prefix, the path falls through filebrowser's `/:catchAll(.*)*`
Vue route, and the router redirects to `/files/${catchAll}` — producing
the duplicated path the user reported.
### Fix
- Add a `lifecycle.precondition` on `coder_script.filebrowser` that
fails `terraform apply` with a clear, actionable error when `subdomain =
false` and `agent_name == null`.
- Update the `agent_name` variable description to state it is required
whenever `subdomain` is `false`.
- Update the `README.md` example for the path-based config to call out
the requirement explicitly.
- Bump the module version from `1.1.4` → `1.1.5`.
- Add a TS test covering the new precondition.
This avoids the silent misconfiguration that produces the duplicated
URL, without breaking anyone whose existing template already sets
`agent_name` (or uses `subdomain = true`).
## Type of Change
- [ ] New module
- [ ] New template
- [x] Bug fix
- [ ] Feature/enhancement
- [ ] Documentation
- [ ] Other
## Module Information
**Path:** `registry/coder/modules/filebrowser`
**New version:** `v1.1.5`
**Breaking change:** [ ] Yes [x] No
## Testing & Validation
- [x] `bun test main.test.ts` — 8 pass, 0 fail (includes new
precondition test)
- [x] `terraform fmt -recursive`
- [x] `terraform validate`
- [x] `bun x prettier --check`
- [x] Manually verified the precondition fires with a minimal repro and
passes when `agent_name` is supplied or `subdomain = true`.
## Related Issues
- Linear:
[REG-4](https://linear.app/codercom/issue/REG-4/filebrowser-appends-workspace-path-twice-in-url)
---
Created on behalf of @matifali.
Generated with Blink.
Co-authored-by: blink-so[bot] <211532188+blink-so[bot]@users.noreply.github.com>
Co-authored-by: DevCats <christofer@coder.com>
## Problem
Claude Code ships an OpenTelemetry exporter for token usage, tool calls,
session lifecycle and errors
(https://docs.anthropic.com/en/docs/claude-code/monitoring-usage), but
the module exposes no first-class wiring for it. Template authors who
want telemetry have to know the env var names
(`CLAUDE_CODE_ENABLE_TELEMETRY`, the `OTEL_EXPORTER_OTLP_*` family) and
write their own `coder_env` blocks. More importantly there is no
convention for how to correlate Claude Code telemetry with Coder's own
audit logs and `exectrace` records, so even when both are exported they
end up as two unjoined datasets.
## Change
Adds a `telemetry` input that turns on `CLAUDE_CODE_ENABLE_TELEMETRY`
and the standard OTLP exporter env vars in one place:
```tf
telemetry = {
enabled = true
otlp_endpoint = "http://otel-collector.observability:4317"
otlp_protocol = "grpc"
otlp_headers = { authorization = "Bearer ..." }
resource_attributes = { "service.name" = "claude-code" }
}
```
When enabled, the module automatically appends `coder.workspace_id`,
`coder.workspace_name`, `coder.workspace_owner` and
`coder.template_name` to `OTEL_RESOURCE_ATTRIBUTES`. This gives a stable
join key between Claude Code spans/metrics and Coder's audit log and
exectrace events on `workspace_id`, so a platform team can answer "show
me every shell command Claude executed in workspace X alongside the
token spend for that session" without custom plumbing.
This is purely additive (`coder_env` resources behind `count`), defaults
to disabled, and is independent of how Claude is launched, so it
composes cleanly with the install-only direction in #861.
## Validation
- `terraform fmt`, `terraform validate`, `terraform test` (19/19) pass
- `bun test -t telemetry` (2/2) pass: env vars are set with the expected
values when enabled, and absent when the input is omitted
Disclosure: I work at Anthropic on the Claude Code team.
---------
Co-authored-by: DevCats <chris@dualriver.com>
Co-authored-by: Atif Ali <me@matifali.dev>
## Summary
Derives `coder-utils` script names from `module_directory` instead of a
separate `agent_name` input. The `module_directory` already encodes both
the namespace and the module name, so carrying both is redundant and
error-prone. Callers like `claude-code` no longer need to pass
`agent_name`.
Scripts this module materializes lose the `${agent_name}-utils-` prefix
because `module_directory` already namespaces them per-caller.
We will address multiple instances of coder-utils per caller in a future
iteration if needed.
## Versioning Note
Previous tags (`v1.0.0` through `v1.3.0`) have been deleted because no
published module ever consumed them — the module was effectively
unreleased. This PR ships the first real public version as **`v0.0.1`**,
treating it as a fresh start rather than a breaking bump from a version
that was never in production use.
## Changes
- Remove `agent_name` variable.
- Derive `caller_name = "${namespace}-${module_name}"` from
`module_directory`.
- Validate `module_directory` matches
`$HOME/.coder-modules/<namespace>/<module-name>`.
- Rename script files on disk from `${agent_name}-utils-<phase>.sh` to
plain `<phase>.sh`.
- Add a TS test for the `module_directory` validation.
- Ship as `v0.0.1` (first published version; all prior tags removed).
## Breaking Changes
| Before | After |
|---|---|
| `agent_name = "myagent"` | removed (derived from `module_directory`) |
| `module_directory = ".my-module"` | `module_directory =
"$HOME/.coder-modules/<ns>/<name>"` (validated) |
| Script files `${agent_name}-utils-install.sh` | `install.sh` |
| Script sync names `${agent_name}-install_script` |
`${namespace}-${module_name}-install_script` |
No callers were depending on the old format (prior tags were
unpublished).
## Validation
- `terraform fmt -recursive` clean
- `terraform validate` clean
- `terraform test` → 17/17 pass
- `bun test registry/coder/modules/coder-utils` → 5/5 pass
- `prettier --check` clean
## Consumer
coder/registry#861 (`claude-code`) consumes this and is currently pinned
to the commit SHA until this merges and ships as `v0.0.1`.
> 🤖 This PR was created with the help of Coder Agents, and needs a human
review. 🧑💻
## Summary
Move script files from the flat `${module_directory}` to a `scripts/`
subdirectory, and prefix each script's filename with
`${agent_name}-utils-` so multiple `coder-utils` instances can safely
share a `module_directory`. Mirrors the layout #870 established for
`logs/` and aligns with the Module Data Layout standard in `AGENTS.md`
(#869).
## Changes
- Compute `local.scripts_directory = "${var.module_directory}/scripts"`
and use it for every `*.sh` path.
- Script filenames are now
`${agent_name}-utils-{pre_install,install,post_install,start}.sh` so two
`coder-utils` instances don't collide on disk.
- Pre-install and install `coder_script`s `mkdir -p` the `scripts/`
sub-path before writing their `.sh`; post-install and start sync-depend
on install, so the directory already exists by the time they run.
- Update the `module_directory` description to call out the nested
`scripts/` and `logs/` paths.
- Add `test_scripts_nested_under_module_directory` asserting the new
paths (including the `${agent_name}-utils-` prefix) and the `mkdir -p`
in each script.
- README: add a "Script file locations" section documenting the new
layout.
- Bump module version to `v1.3.0`.
## Breaking Changes
Consumers reading `${module_directory}/install.sh` (and friends)
directly must look under
`${module_directory}/scripts/${agent_name}-utils-install.sh` instead. No
in-repo consumers exist today.
## Validation
- `terraform fmt -recursive` clean
- `terraform validate` clean
- `terraform test` → 16/16 pass (includes the new
`test_scripts_nested_under_module_directory`)
- `bun test main.test.ts` → 5/5 pass
- `prettier --check` clean
> 🤖 This PR was created with the help of Coder Agents, and needs a human
review. 🧑💻
Fixes#835
## Problem
The `data "http"` resource always fires for every selected IDE, even
when the user has pinned versions via `ide_config`. In air-gapped or
caching scenarios, this causes:
- **30-second hangs** when `releases_base_link` is set to a dummy URL
like `https://localhost`
- **Fatal errors** with `https://localhost:1` (connection refused)
- The documented "air-gapped fallback" via `try()` never actually worked
— the `http` data source fails before `try()` can catch anything
## Fix
When `ide_config` is provided, the module now skips all HTTP calls and
uses the pinned build numbers directly.
| Scenario | `ide_config` | HTTP calls | Build source | On API failure |
|---|---|---|---|---|
| User wants latest | `null` (default) | Yes | JetBrains API | Terraform
error (fail loudly) |
| User pins versions | Set | **None** | `ide_config.build` | N/A |
### Changes
- `ide_config` default changed from a full map to `null`
- `name` and `icon` are now `optional(string)` in `ide_config` — falls
back to built-in metadata
- `data.http.jetbrains_ide_versions` `for_each` is empty when
`ide_config` is set
- Static `ide_metadata` local provides name/icon when `ide_config` is
null
- Removed `try()` fallback from `parsed_responses` — API errors are now
explicit instead of silently using stale builds
- Cross-variable validation rejects `major_version`, `channel`, and
`releases_base_link` when `ide_config` is set
- Validation for `ide_config ⊇ default` added (previously only
`ide_config ⊇ options` was checked)
- Version bumped `1.3.1` → `1.4.0`
### Usage
```tf
module "jetbrains" {
source = "registry.coder.com/coder/jetbrains/coder"
version = "1.4.0"
agent_id = coder_agent.main.id
folder = "/home/coder/project"
# Zero HTTP calls — only build is required.
ide_config = {
"GO" = { build = "261.22158.291" }
"PY" = { build = "261.22158.340" }
}
options = ["GO", "PY"]
}
```
> 🤖 This PR was created with the help of Coder Agents, and needs a human
review. 🧑💻
## Summary
- Add `auto` as a valid `permission_mode` for the claude-code module,
passing `--enable-auto-mode` to the CLI when selected
- Fix bypass permissions TOS prompt appearing interactively by
pre-seeding `bypassPermissionsModeAccepted` in `~/.claude.json` during
install (workaround for
https://github.com/anthropics/claude-code/issues/25503)
- Bump version `4.8.2` → `4.9.0`
## Test plan
- [x] All 19 terraform tests pass (`terraform test -verbose`)
- [x] Added `test_claude_code_auto_permission_mode` tftest
- [x] Added `claude-auto-permission-mode` TypeScript test verifying both
`--permission-mode auto` and `--enable-auto-mode` are passed
- [ ] Container test with auto mode (requires Linux/Colima)
- [ ] Verify bypass permissions TOS prompt no longer appears on task
startup
🤖 Generated with Claude Code using Claude Opus 4.6
---------
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-authored-by: DevCats <christofer@coder.com>
The `copilot_model` variable was restricted to a hardcoded enum of three
models (`claude-sonnet-4`, `claude-sonnet-4.5`, `gpt-5`). Models change
fast and this validation was blocking users from using newer models.
## Changes
- Remove `validation` block from `copilot_model` variable in `main.tf`
- Update variable description to indicate any Copilot-supported model
can be used
- Replace enum validation test with a test that verifies arbitrary model
strings are accepted
- Bump module version to `0.4.1` in README examples
Closes#832
> 🤖 This PR was created with the help of Coder Agents, and needs a human
review. 🧑💻
Follow-up to #764.
Now that the `agentapi` module `v2.4.0` is published with `web_app`
support, this PR completes the wiring:
## Changes
### `claude-code/main.tf`
- Bump agentapi dependency from `v2.3.0` → `v2.4.0`
- Replace `# TODO: pass web_app = var.web_app once agentapi module is
published with web_app support` with `web_app = var.web_app`
### `claude-code/README.md`
- Bump version references from `4.9.0` → `4.9.1`
## Result
Setting `web_app = false` on the `claude-code` module now correctly
passes through to the `agentapi` module, hiding the web UI app icon from
the Coder dashboard while still running AgentAPI. The task-safe behavior
(auto-enabling for `coder_ai_task`) is handled by the `agentapi` module.
---------
Co-authored-by: blink-so[bot] <211532188+blink-so[bot]@users.noreply.github.com>
Adds a `web_app` variable (default: `true`) to both the `claude-code`
and `agentapi` modules. When set to `false`, AgentAPI still runs but the
web UI app icon is not shown in the Coder dashboard.
This mirrors the existing `cli_app` toggle pattern.
## Changes
### `agentapi` module
- New `web_app` variable (bool, default `true`)
- `coder_app.agentapi_web` now has `count = local.web_app ? 1 : 0`
- **Task-safe:** `local.web_app` is computed as `var.web_app ||
local.is_task`, where `is_task = try(data.coder_task.me.enabled,
false)`. This means the web app is always created when the workspace is
a Task, regardless of the `web_app` variable.
- `task_app_id` output returns `""` when `local.web_app` is `false`
### `claude-code` module
- New `web_app` variable (bool, default `true`)
- `TODO` comment to wire `web_app` through to agentapi once published
## Usage (once fully wired)
```hcl
module "claude-code" {
source = "registry.coder.com/coder/claude-code/coder"
...
web_app = false # hides the Claude Code web UI from the dashboard
}
```
Setting `web_app = false` is safe even in templates that use
`coder_ai_task` — the module detects Tasks via
`data.coder_task.me.enabled` and automatically enables the web app.
## Merge strategy
This needs to land in two steps:
1. **Merge this PR** — publishes the agentapi module with `web_app`
support, and adds the `web_app` variable to claude-code (not yet wired
through)
2. **Follow-up PR** — bump the agentapi version in claude-code and
replace the `TODO` with `web_app = var.web_app`
---------
Co-authored-by: blink-so[bot] <211532188+blink-so[bot]@users.noreply.github.com>
Co-authored-by: DevCats <christofer@coder.com>
## New Template: docker-rstudio
Adds a Docker-based template for R development workspaces.
### What it provides
| Tool | Source | Access |
|------|--------|--------|
| **RStudio Server** | Pre-installed in `rocker/rstudio` image | Browser
via Coder proxy (subdomain) |
| **code-server** | `registry.coder.com/coder/code-server/coder` module
| Browser via Coder proxy |
| **RMarkdown** | Installed on first start, persisted in home-dir R
library | Available in both RStudio and code-server |
### Design decisions
<details>
<summary>Click to expand</summary>
- **`rocker/rstudio` as the base image** instead of
`codercom/enterprise-base:ubuntu` + the `rstudio-server` module. The
module runs RStudio inside a nested Docker container which requires
Docker-in-Docker or socket mounting in the workspace. Using the rocker
image directly avoids that complexity and starts faster since R and
RStudio are already installed.
- **Direct `coder_app` for RStudio** rather than the registry
`rstudio-server` module, because the module is designed for Docker-based
provisioning (it pulls and runs a rocker container). Since the workspace
itself _is_ the rocker container, RStudio Server is started natively via
`rserver`.
- **RMarkdown installed idempotently** — the startup script checks
`require('rmarkdown')` before installing. Since R libraries default to a
subdirectory under `/home/rstudio` (the persistent volume), packages
survive workspace restarts.
- **Persistent volume mounted at `/home/rstudio`** to match the default
user in the rocker image.
- **`--auth-none=1`** disables RStudio authentication since the Coder
proxy handles access control.
</details>
### Files added
- `registry/coder/templates/docker-rstudio/main.tf`
- `registry/coder/templates/docker-rstudio/README.md`
### Validation
- `go run ./cmd/readmevalidation/` — passes (32 templates detected)
- `terraform fmt` — clean
- `bun run fmt` — all files unchanged
---------
Co-authored-by: DevCats <christofer@coder.com>
Co-authored-by: blink-so[bot] <211532188+blink-so[bot]@users.noreply.github.com>
## Description
Add two Claude Code skills for the Coder Registry: `coder-modules` and
`coder-templates`. These skills guide AI agents through creating and
updating registry modules and workspace templates, covering scaffolding,
Terraform patterns, testing, README standards, icon management, version
bumps, and newer features like presets, prebuilds, and task-oriented
templates.
Fixes `coder_script "1password"` → `coder_script "onepassword"` since
Terraform resource names cannot start with a digit. Adds a demo
screenshot showing the template variables page and `op whoami` working
in a workspace. Bumps version to 1.0.2.
