Comparing changes

Current pull request contains patched `CHANGELOG.md` file for the `v0.6.6` version. Co-authored-by: GitHub Action <[email protected]>

This PR documents why the SNI is altered during TLS handshake and why a certificate SAN is compared against an alternate hostname.

Context: Toolbox can store key/value pairs in two places: - a settings store which is backed by a clear text json file per each plugin - native keystore for sensitive data At the same time some of Coder's clients (ex: Netflix) would like to deploy at scale preconfigured settings for Toolbox. Most of the needed settings are part of json backed store except the last used URL. This PR reworks the code around the last used URL/token and moves the URL in the json backed store, making it easy to configure. At the same time we still support the pair stored in the native keystore for backward compatibility reasons.

Current pull request contains patched `CHANGELOG.md` file for the `v0.7.0` version. Co-authored-by: GitHub Action <[email protected]>

Inspired by coder/jetbrains-coder@5f0e363 which took a while to debug and understand. This rewrite arguably provides better test names, better data setup with cleaner descriptions.

PR #180 delegated all the logic for rest client and cli initialization to the usual authentication screen which provided better feedback/progress. But it also left over previous logic that can be removed.

…#205) Replace !! operators with safe idiom takeIf/let chains. The non-null assertions were unsafe in concurrent scenarios where one thread could potentially modify the settings while another thread reads and makes non-null assertions.

On some Windows versions the cli stream comes as application/x-ms-dos-executable. - resolves #187

Current pull request contains patched `CHANGELOG.md` file for the `v0.7.1` version. Co-authored-by: GitHub Action <[email protected]>

…16 to 3.318 (#210) Bumps [org.jetbrains.intellij.plugins:structure-toolbox](https://github.com/JetBrains/intellij-plugin-verifier) from 3.316 to 3.318. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/JetBrains/intellij-plugin-verifier/commits/intellij-structure-3.318">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.jetbrains.intellij.plugins:structure-toolbox&package-manager=gradle&previous-version=3.316&new-version=3.318)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Some clients (Netflix in this specific case) rely on mainly their own dashboard tools instead of the Coder one. Two main reasons that were mentioned by Netflix: - aggregate many dev tools in a unified internal console - specific platform/security needs that their own UI handles better For this reason they would like the actions that open up the Coder Dashboard (`Create workspace` and `Open in dashboard`) to be fully customizable, and allow clients to override the URL. For `Create workspace` we now have a config that defaults $lastDeploymentUrl/templates, but it can be replaced with a complete new URL. It also supports `$workspaceOwner` as a placeholder that is replaced by the plugin with the username that logged in. For `Open in dashboard` a full URL can be provided and we also introduced two placeholders `$workspaceOwner` and `$workspaceName` which will be replaced by the plugin but only for this action. For now the decision is to not allow configuration from UI since Netflix is the only target for this change, and they deploy at scale a templated settings.json.

This PR addresses two issues in the URI handler workflow to improve user experience and reliability. 1. Streamline version fallback behavior Problem: When the URI handler receives a build number that is no longer available, the application would fall back to the latest version but display a confirmation dialog. Netflix reported that this confirmation dialog disrupts the user workflow. Solution: Removed the confirmation dialog and replaced it with logging. The handler now silently falls back to the latest available version when the requested build number is unavailable, maintaining a seamless user experience. 2. Fix connect page not displaying when Toolbox is already open Problem: When Toolbox is already running and a URI is executed, the connect page fails to display. Investigation revealed that the UI event emitted via MutableSharedFlow(replay = 0) is lost because the UI collector is not yet active when processEvent() is called. Solution: Introduced a 66-100ms delay before emitting the UI event. This delay ensures the collector is ready to receive events, preventing them from being dropped. The timing was determined through testing and appears to account for the collector initialization time. Note: The delay in fix #2 is a workaround for what appears to be a timing issue with the MutableSharedFlow collector initialization.

#215) Bumps com.github.jk1.dependency-license-report from 2.9 to 3.0.1. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.github.jk1.dependency-license-report&package-manager=gradle&previous-version=2.9&new-version=3.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…18 to 3.319 (#216) Bumps [org.jetbrains.intellij.plugins:structure-toolbox](https://github.com/JetBrains/intellij-plugin-verifier) from 3.318 to 3.319. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/JetBrains/intellij-plugin-verifier/commit/ed3db6d341c30d507afbe338a8fd41d4030315e8"><code>ed3db6d</code></a> Forbid DTD on XML parsing</li> <li><a href="https://github.com/JetBrains/intellij-plugin-verifier/commit/a36c730880335d80483a2806cfe3bc79d8e656af"><code>a36c730</code></a> Bump Gradle to 9.1 (<a href="https://redirect.github.com/JetBrains/intellij-plugin-verifier/issues/1357">#1357</a>)</li> <li><a href="https://github.com/JetBrains/intellij-plugin-verifier/commit/8d1aea82f955dc9559bc91635a39e3a14af53ee1"><code>8d1aea8</code></a> cleanup unused OS mapping</li> <li>See full diff in <a href="https://github.com/JetBrains/intellij-plugin-verifier/compare/intellij-structure-3.318...intellij-structure-3.319">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.jetbrains.intellij.plugins:structure-toolbox&package-manager=gradle&previous-version=3.318&new-version=3.319)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

It was increased to 0.7.3 by mistake, 0.7.2 was not actually released.

Current pull request contains patched `CHANGELOG.md` file for the `v0.7.2` version. Co-authored-by: GitHub Action <[email protected]>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Comparing changes

Open a pull request

Commits on Sep 24, 2025

Commits on Sep 25, 2025

Commits on Sep 27, 2025

Commits on Sep 29, 2025

Commits on Oct 3, 2025

Commits on Oct 6, 2025

Commits on Oct 7, 2025

Commits on Oct 13, 2025

Commits on Oct 20, 2025

Commits on Oct 27, 2025

Commits on Oct 30, 2025

Commits on Nov 3, 2025

Commits on Nov 4, 2025

This comparison is taking too long to generate.

Uh oh!