Create devcontainer.json

[danialzivehdar1992-hue]

Changes 🏗️

Checklist 📋

For code changes:

• I have clearly listed my changes in the PR description
• I have made a test plan
• I have tested my changes according to the test plan:
  • ...

Example test plan

• Create from scratch and execute an agent with at least 3 blocks
• Import an agent from file upload, and confirm it executes correctly
• Upload agent to marketplace
• Import an agent from marketplace and confirm it executes correctly
• Edit an agent from monitor, and confirm it executes correctly

For configuration changes:

• .env.default is updated or already compatible with my changes
• docker-compose.yml is updated or already compatible with my changes
• I have included a list of my configuration changes in the PR description (under Changes)

Examples of configuration changes

• Changing ports
• Adding new services that need to communicate with each other
• Secrets or environment variable changes
• New or infrastructure changes such as databases

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[github-actions]

This PR targets the master branch but does not come from dev or a hotfix/* branch.

Automatically setting the base branch to dev.

[coderabbitai]

Important

Review skipped

Review was skipped due to path filters

⛔ Files ignored due to path filters (1)

• classic/original_autogpt/poetry.lock is excluded by !**/*.lock

CodeRabbit blocks several paths by default. You can override this behavior by explicitly including those paths in the path filters. For example, including **/dist/** will override the default block on the dist directory, by removing the pattern from both the lists.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

Walkthrough

A development container configuration file has been added to specify the dev container image (mcr.microsoft.com/devcontainers/universal:2) and an empty features object. This enables consistent development environment setup across team members.

Changes

Cohort / File(s)	Summary
Dev Container Configuration .devcontainer/devcontainer.json	Added new dev container configuration specifying the universal dev container image and an empty features object.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

🐰 A burrow of code, now snug and neat,
With containers configured—oh what a treat!
Universal images, features aligned,
Dev environments unified, perfectly designed! ✨

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Description check	❓ Inconclusive	The description contains only a template with unchecked checklist items and no actual details about the changes made or configuration modifications.	Complete the 'Changes' section with a concrete description of what was added to devcontainer.json, and provide details about any configuration or environment changes affected.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'Create devcontainer.json' accurately describes the main change in the pull request, which is adding a new development container configuration file.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[danialzivehdar1992-hue]

All of

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In @.devcontainer/devcontainer.json:
- Line 2: Update the "image" property in .devcontainer/devcontainer.json so it
no longer references the outdated "mcr.microsoft.com/devcontainers/universal:2";
change the value to a newer tag such as
"mcr.microsoft.com/devcontainers/universal:5" for non-breaking updates or pin to
"mcr.microsoft.com/devcontainers/universal:5.1.4" for exact reproducibility
(edit the "image" field to the chosen tag).

🧹 Nitpick comments (1)

.devcontainer/devcontainer.json (1)

3-3: Consider adding features and customizations.

The empty features object and lack of customizations make this a minimal configuration. For a more complete developer experience, consider adding:

• Common features (e.g., ghcr.io/devcontainers/features/python, docker-in-docker, git)
• VS Code extensions via customizations.vscode.extensions
• A postCreateCommand to install dependencies
• Other properties like forwardPorts or remoteUser if needed

This would provide a more consistent and feature-rich environment for contributors.

📦 Example enhanced configuration

 {
   "image": "mcr.microsoft.com/devcontainers/universal:2",
-  "features": {}
+  "features": {
+    "ghcr.io/devcontainers/features/python:1": {
+      "version": "latest"
+    },
+    "ghcr.io/devcontainers/features/node:1": {
+      "version": "lts"
+    },
+    "ghcr.io/devcontainers/features/docker-in-docker:2": {}
+  },
+  "customizations": {
+    "vscode": {
+      "extensions": [
+        "ms-python.python",
+        "ms-python.vscode-pylance"
+      ]
+    }
+  },
+  "postCreateCommand": "pip install -r requirements.txt"
 }

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between cd64562 and ee780f4.

📒 Files selected for processing (1)

• .devcontainer/devcontainer.json

🧰 Additional context used

🧠 Learnings (1)

📓 Common learnings

Learnt from: CR
Repo: Significant-Gravitas/AutoGPT PR: 0
File: autogpt_platform/CLAUDE.md:0-0
Timestamp: 2026-02-04T16:49:56.176Z
Learning: Fill out the .github/PULL_REQUEST_TEMPLATE.md template as the PR description when creating pull requests

Learnt from: CR
Repo: Significant-Gravitas/AutoGPT PR: 0
File: AGENTS.md:0-0
Timestamp: 2026-02-04T16:50:51.303Z
Learning: Fill out the Changes section and checklist in pull requests

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

• GitHub Check: Seer Code Review
• GitHub Check: Analyze (python)
• GitHub Check: Check PR Status

🔇 Additional comments (1)

.devcontainer/devcontainer.json (1)

1-4: ⚠️ Potential issue | 🟡 Minor

Fill out the PR description template.

The PR description template includes a "Changes" section and checklist that should be completed. Please describe what this devcontainer configuration enables and check the appropriate boxes. Based on learnings, the PR template should be filled out to help reviewers understand the changes.

⛔ Skipped due to learnings

Learnt from: CR
Repo: Significant-Gravitas/AutoGPT PR: 0
File: autogpt_platform/CLAUDE.md:0-0
Timestamp: 2026-02-04T16:49:56.176Z
Learning: Fill out the .github/PULL_REQUEST_TEMPLATE.md template as the PR description when creating pull requests

Learnt from: CR
Repo: Significant-Gravitas/AutoGPT PR: 0
File: AGENTS.md:0-0
Timestamp: 2026-02-04T16:50:51.303Z
Learning: Fill out the Changes section and checklist in pull requests

Learnt from: CR
Repo: Significant-Gravitas/AutoGPT PR: 0
File: AGENTS.md:0-0
Timestamp: 2026-02-04T16:50:51.303Z
Learning: Use the template in `.github/PULL_REQUEST_TEMPLATE.md` for pull requests

Learnt from: CR
Repo: Significant-Gravitas/AutoGPT PR: 0
File: AGENTS.md:0-0
Timestamp: 2026-02-04T16:50:51.303Z
Learning: Ensure PR descriptions are complete

_{✏️ Tip: You can disable this entire section by setting review_details to false in your review settings.}

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🏁 Script executed:

# First, let's explore the repo structure to understand the tech stack
git ls-files | head -20

Repository: Significant-Gravitas/AutoGPT

Length of output: 1431

---

🏁 Script executed:

# Check for package.json, requirements.txt, pyproject.toml, etc.
find . -maxdepth 2 -type f \( -name "package.json" -o -name "requirements.txt" -o -name "pyproject.toml" -o -name "setup.py" -o -name ".python-version" \) 2>/dev/null

Repository: Significant-Gravitas/AutoGPT

Length of output: 54

---

🏁 Script executed:

# Check the devcontainer.json for more context about what's configured
cat -n .devcontainer/devcontainer.json

Repository: Significant-Gravitas/AutoGPT

Length of output: 178

---

🌐 Web query:

Latest Microsoft devcontainers universal image version 2026 mcr.microsoft.com

💡 Result:

As of February 7, 2026, the highest semantic version tag published for mcr.microsoft.com/devcontainers/universal is:

• 5.1.4 (also available as 5.1.4-linux and 5.1.4-noble) [1]

Rolling tags like latest, linux, and noble are also published (they move over time) [1].

Example:

docker pull mcr.microsoft.com/devcontainers/universal:5.1.4

Sources: [1]

---

🌐 Web query:

devcontainer images for Python projects best practices Microsoft

💡 Result:

Microsoft-recommended best practices for Dev Container images in Python projects

1. Start from the official Microsoft/Dev Containers Python base image

   • Use mcr.microsoft.com/devcontainers/python and pick a tag that matches your Python version (for example 3.12, 3.11, etc.), optionally pinned to an OS variant like -bookworm or -bullseye. This gives you a Debian-based Python dev environment with common dev tooling and a non-root vscode user. [1]

2. Pin what matters (Python + OS variant), but understand patching tradeoffs

   • Prefer pinning to a clear Python major/minor (and often an OS variant) for reproducibility across dev machines/CI.
   • If you pin very tightly (e.g., specific image version lines), be aware you may need to explicitly pull OS updates (for example via apt-get update && apt-get upgrade) depending on how tightly you lock, because security patching is emphasized on supported “latest non-breaking” lines. [1]

3. Use devcontainer.json to reference an image for simplicity; switch to a Dockerfile only when you must

   • For many repos, devcontainer.json with "image": "mcr.microsoft.com/devcontainers/python:..." is enough.
   • If you need extra OS packages/tools, use a .devcontainer/Dockerfile (referenced via "build": { "dockerfile": "Dockerfile" }) and keep changes there so they persist across rebuilds. [2]

4. Optimize Dockerfile layers (smaller, faster pulls/rebuilds)

   • Combine related RUN steps and cleanup in the same layer (a pattern used by the official dev container images) to avoid bloating image layers. [3]

5. Prefer Dev Container “Features” for add-on tooling

   • The official images are built with Dev Container Features, and the ecosystem expects you to add common tools via Features where possible (rather than hand-rolling installs in every repo). [3]

6. Prebuild images for teams/CI (fast startup, consistent environments)

   • Use the Dev Container CLI (devcontainer build) to pre-build and publish your dev container images to a registry when you want consistent, fast onboarding across multiple repos or Codespaces usage. [4]
   • The Dev Containers guidance also highlights prebuilds as a way to speed workflows and reuse the official images as bases. [5]

Key sources: Microsoft/Dev Containers Python image tags & guidance [1], VS Code Dev Containers creation + Dockerfile patterns [2], Dev Containers images repo (layering + Features context) [3], Dev Container CLI prebuild workflow [4], containers.dev prebuild guidance [5].

---

🏁 Script executed:

# Search for Python files to understand the tech stack
find . -maxdepth 3 -type f -name "*.py" | head -10

Repository: Significant-Gravitas/AutoGPT

Length of output: 367

---

🏁 Script executed:

# Check the README for tech stack information
head -100 README.md

Repository: Significant-Gravitas/AutoGPT

Length of output: 4764

---

🏁 Script executed:

# Look for other config files that might indicate tech stack
find . -maxdepth 2 -type f \( -name "Dockerfile" -o -name "docker-compose.yml" -o -name ".github" \) 2>/dev/null | head -20

Repository: Significant-Gravitas/AutoGPT

Length of output: 109

---

🌐 Web query:

mcr.microsoft.com/devcontainers/universal version pinning best practices 5.1.4

💡 Result:

1) First, verify the tag exists (and see available variants)

MCR supports a plain tags API:

curl -s https://mcr.microsoft.com/v2/devcontainers/universal/tags/list

This is the easiest way to confirm 5.1.4 is published and whether there are suffix variants like -linux, -noble, etc. (if you use them). [1]

2) Choose the right level of pinning (recommended order)

Dev Container images publish semantic-version tags so you can control your update cadence. The general recommendation is to pin to the major to avoid breaking changes while still getting fixes/content updates. [2]

So, prefer (in order):

• Major (recommended default): mcr.microsoft.com/devcontainers/universal:5
  Gets non-breaking updates within the v5 line. [2]
• Minor: ...:5.1
  Tighter drift control, still gets patch updates. (Same semver idea as other devcontainers images.) [2]
• Patch (most reproducible among tags): ...:5.1.4
  Most stable tag choice, but you’ll miss future patch fixes unless you bump it yourself. [2]

3) For true reproducibility / supply-chain integrity, pin by digest

Tags are mutable (they can be repointed). If you need deterministic builds, pin the image to a digest:

{
  "image": "mcr.microsoft.com/devcontainers/universal:5.1.4@sha256:<digest>"
}

Pinning by digest makes the reference immutable (you always get the exact same image content). [3][4]

Tradeoff: digest pinning opts you out of automatic security updates, so you’ll want a process/tooling to regularly update the digest intentionally. [3]

---

Update the devcontainer image version.

universal:2 is outdated; the latest version is 5.1.4. Update to universal:5 to receive non-breaking updates and patches, or pin to a specific patch version like 5.1.4 for full reproducibility.

🤖 Prompt for AI Agents

In @.devcontainer/devcontainer.json at line 2, Update the "image" property in
.devcontainer/devcontainer.json so it no longer references the outdated
"mcr.microsoft.com/devcontainers/universal:2"; change the value to a newer tag
such as "mcr.microsoft.com/devcontainers/universal:5" for non-breaking updates
or pin to "mcr.microsoft.com/devcontainers/universal:5.1.4" for exact
reproducibility (edit the "image" field to the chosen tag).

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
⚠️ Please upload report for BASE (dev@7e5b84c). Learn more about missing BASE report.
✅ All tests successful. No failed tests found.

Additional details and impacted files

@@          Coverage Diff           @@
##             dev   #12008   +/-   ##
======================================
  Coverage       ?   33.94%           
======================================
  Files          ?       16           
  Lines          ?     1258           
  Branches       ?      190           
======================================
  Hits           ?      427           
  Misses         ?      804           
  Partials       ?       27           

Flag	Coverage Δ
Linux	33.94% <ø> (?)
Windows	33.94% <ø> (?)
autogpt-agent	33.94% <ø> (?)
macOS	33.94% <ø> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.