From 447617c418757c047662d9acc0b38138681f769c Mon Sep 17 00:00:00 2001 From: Ehab Younes Date: Tue, 26 May 2026 14:36:20 +0000 Subject: [PATCH] chore: bump to v1.14.6 and update changelog Bump the version from 1.14.5 to 1.14.6 and move the cherry-picked entries from Unreleased into a new v1.14.6 section. The mTLS auth recovery fixes from the release branch are included in the changelog. Items that were not cherry-picked remain in Unreleased. --- CHANGELOG.md | 34 +++++++++++++++++++++++++++------- package.json | 2 +- 2 files changed, 28 insertions(+), 8 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 11083aeb8..b200309d5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -42,13 +42,6 @@ around `cmd.exe` on Windows) and a recurring command-injection risk when deployment-supplied values like workspace names or template parameters contained spaces, quotes, or shell metacharacters. -- Minimum supported VS Code lowered to 1.105 for Cursor compatibility. - -### Removed - -- The "Coder Chat (Experimental)" secondary sidebar and its `agents` - experiment gate. Deeplinks that still include `chatId` continue to open - the workspace; the parameter is now silently ignored. ### Fixed @@ -72,6 +65,33 @@ for input the update is failed instead of hanging, and the workspace falls back to starting on the existing template version with a warning. +## [v1.14.6](https://github.com/coder/vscode-coder/releases/tag/v1.14.6) 2026-05-26 + +### Changed + +- Minimum supported VS Code lowered to 1.105 for Cursor compatibility. + +### Removed + +- The "Coder Chat (Experimental)" secondary sidebar and its `agents` + experiment gate. Deeplinks that still include `chatId` continue to open + the workspace; the parameter is now silently ignored. + +### Fixed + +- Sessions suspended by an mTLS or `coder.headerCommand` failure now + auto-recover once the setting is corrected; a 401 from a mid-flight + settings change is retried silently with the new settings and fresh + headers instead of escalating to an interactive prompt. +- Logout, deployment switch, or dispose during an in-flight auth verify + is no longer overwritten when the verify finishes, and no longer + leaves stale deployment data in storage. +- Cross-window login keeps listening when the first token observed from + another window is invalid, so a follow-up valid write still resolves + the dialog. +- Config-change side-effects (reload prompt, recovery, reconnects) fire + once after edits settle instead of on every event in a burst. + ### Security - Hardened the configuration scope of security-sensitive settings so that a diff --git a/package.json b/package.json index 0620d6d5a..4c26798d7 100644 --- a/package.json +++ b/package.json @@ -1,7 +1,7 @@ { "name": "coder-remote", "displayName": "Coder", - "version": "1.14.5", + "version": "1.14.6", "description": "Open any workspace with a single click.", "categories": [ "Other"