chore(deps): bump github.com/coder/coder/v2 from 2.25.2 to 2.26.1

[dependabot]

Bumps github.com/coder/coder/v2 from 2.25.2 to 2.26.1.

Release notes

Sourced from github.com/coder/coder/v2's releases.

v2.26.1

Changelog

[!NOTE] This is a mainline Coder release. We advise enterprise customers without a staging environment to install our latest stable release while we refine this version. Learn more about our Release Schedule.

Bug fixes

• Server: Ensure agent WebSocket conn is cleaned up (#19711, 7afe6c813) (@​DanielleMaywood)
• pin pg_dump version when generating schema (#19696, c0f1b9d73) (@​ethanndickson)
• Remove expensive GetWorkspaces query from entitlements (#19747, 536920459) (@​kacpersaw)

Compare: v2.26.0...v2.26.1

Container image

• docker pull ghcr.io/coder/coder:v2.26.1

Install/upgrade

Refer to our docs to install or upgrade Coder, or use a release asset below.

v2.26.0

Changelog

[!NOTE] This is a mainline Coder release. We advise enterprise customers without a staging environment to install our latest stable release while we refine this version. Learn more about our Release Schedule.

KNOWN ISSUES

• You may see higher numbers of "API Key Created" entries in the audit logs. This is expected due to fixing an audit logging omission (#19672).
• Jetbrains users may experience inflated API key creation. This will be fixed in a future patch to the Jetbrains plugin version.

BREAKING CHANGES

• Support empty or default fields when updating templates (#19256, aab2ccdb3) (@​rafrdz)

  Breaking change to the Coder Go SDK. Field types in codersdk.UpdateTemplateMeta for Icon, Description, and DisplayName changed from string to *string. Consumers must pass pointers and handle nil checks. Code that assigns/reads plain strings will no longer compile without updates.

• fix(coderd/prometheusmetrics)!: filter deleted wsbuilds to reduce db load (#19197, 1b66495b7) (@​mafredri)

  Breaking change to coderd_api_workspace_latest_build Prometheus metric. The coderd_api_workspace_latest_build Prometheus metric no longer includes builds belonging to deleted workspaces, as such, this metric will show fewer statuses.

Security Fixes

• Expire token for prebuilds user when regenerating session token (#19667) (#19668, ec660907f) (@​johnstcn)

  ⚠ Fixes an issue allowing previously authenticated users to claim prebuilt workspaces created from templates using the coder-login module. Read more in our GHSA for this vulnerability.

• Server: Add audit log on creating a new session key (#19672) (#19684, a79adb155) (@​johnstcn)

  Adds an audit log entry when an API key is created via coder login.

Features

• Validate presets on template import to prevent publishing an unusable template (#18844, f256a23a7) (@​SasSwart)

... (truncated)

Commits

• 7afe6c8 fix(coderd): ensure agent WebSocket conn is cleaned up (#19711) (#20094)
• 5369204 [2.26 backport] perf(enterprise): remove expensive GetWorkspaces query from e...
• c0f1b9d [2.26 backport] fix: pin pg_dump version when generating schema (#19696) (#19...
• a056cb6 chore: add last commit from cherry-pick list for release (#19679)
• 0a73f84 fix: merge cherry-picked items for v2.26.0 (#19678)
• 8083d9d fix(cli): attach org option to task create (#19554)
• f0cf0ad feat: log additional known non-sensitive query param fields in the httpmw log...
• d274f83 chore: improve scroll behavior of DashboardLayout wrapped pages (#19396)
• 59525f8 feat: display startup script logs while agent is starting (#19530)
• a1546b5 refactor: replace task prompt by workspace name in the topbar (#19531)
• Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
github.com/coder/coder/v2	[>= 2.15.0.a, < 2.15.1]
github.com/coder/coder/v2	[>= 2.18.0.a, < 2.18.1]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)