… priority

This commit clarifies that the CODER_EXTERNAL_AUTH_0_ID value is used as part of thecallback URL path when configuring external authentication providers. Thedocumentation previously stated it was only for internal reference, which wasmisleading as it's a critical part of the OAuth provider configuration.Fixes#16851🤖 Generated with [Claude Code](https://claude.ai/code)Co-Authored-By: Claude <noreply@anthropic.com>

Co-authored-by: M Atif Ali <atif@coder.com>

Each notification type will have an icon to represent the context:<img width="503" alt="Screenshot 2025-03-26 at 13 44 35"src="https://github.com/user-attachments/assets/1187c1c0-1043-4a32-b105-a7f91b52f8ca"/>This depends on#17013

This does ~95% of the backend work required to integrate the AI work.Most left to integrate from the tasks branch is just frontend, whichwill be a lot smaller I believe.The real difference between this branch and that one is the abstraction-- this now attaches statuses to apps, and returns the latest statusreported as part of a workspace.This change enables us to have a similar UX to in the tasks branch, butfor agents other than Claude Code as well. Any app can report statusnow.

Adds a `coder exp mcp` command which will start a local MCP serverlistening on stdio with the following capabilities:* Show logged in user (`coder whoami`)* List workspaces (`coder list`)* List templates (`coder templates list`)* Start a workspace (`coder start`)* Stop a workspace (`coder stop`)* Fetch a single workspace (no direct CLI analogue)* Execute a command inside a workspace (`coder exp rpty`)* Report the status of a task (currently a no-op, pending task support)This can be tested as follows:```# Start a local Coder server../scripts/develop.sh# Start a workspace. Currently, creating workspaces is not supported../scripts/coder-dev.sh create -t docker --yes# Add the MCP to your Claude config.claude mcp add coder ./scripts/coder-dev.sh exp mcp# Tell Claude to do something Coder-related. You may need to nudge it to use the tools.claude 'start a docker workspace and tell me what version of python is installed'```

Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite)from 5.4.15 to 5.4.16.<details><summary>Release notes</summary><p><em>Sourced from <ahref="https://github.com/vitejs/vite/releases">vite'sreleases</a>.</em></p><blockquote><h2>v5.4.16</h2><p>Please refer to <ahref="https://github.com/vitejs/vite/blob/v5.4.16/packages/vite/CHANGELOG.md">CHANGELOG.md</a>for details.</p></blockquote></details><details><summary>Changelog</summary><p><em>Sourced from <ahref="https://github.com/vitejs/vite/blob/v5.4.16/packages/vite/CHANGELOG.md">vite'schangelog</a>.</em></p><blockquote><h2><!-- raw HTML omitted -->5.4.16 (2025-03-31)<!-- raw HTML omitted--></h2><ul><li>fix: backport <ahref="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19761">#19761</a>,fs check in transform middleware (<ahref="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19762">#19762</a>)(<ahref="https://github.com/vitejs/vite/commit/b627c50d359f3bd9b602408fbbf462cf4a2f019c">b627c50</a>),closes <ahref="https://redirect.github.com/vitejs/vite/issues/19761">#19761</a><ahref="https://redirect.github.com/vitejs/vite/issues/19762">#19762</a></li></ul></blockquote></details><details><summary>Commits</summary><ul><li><ahref="https://github.com/vitejs/vite/commit/712cb71aa0e2a03dbf49db92043fb4ecbfc826b1"><code>712cb71</code></a>release: v5.4.16</li><li><ahref="https://github.com/vitejs/vite/commit/b627c50d359f3bd9b602408fbbf462cf4a2f019c"><code>b627c50</code></a>fix: backport <ahref="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19761">#19761</a>,fs check in transform middleware (<ahref="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19762">#19762</a>)</li><li>See full diff in <ahref="https://github.com/vitejs/vite/commits/v5.4.16/packages/vite">compareview</a></li></ul></details><br />[![Dependabot compatibilityscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=vite&package-manager=npm_and_yarn&previous-version=5.4.15&new-version=5.4.16)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)Dependabot will resolve any conflicts with this PR as long as you don'talter it yourself. You can also trigger a rebase manually by commenting`@dependabot rebase`.[//]: # (dependabot-automerge-start)[//]: # (dependabot-automerge-end)---<details><summary>Dependabot commands and options</summary><br />You can trigger Dependabot actions by commenting on this PR:- `@dependabot rebase` will rebase this PR- `@dependabot recreate` will recreate this PR, overwriting any editsthat have been made to it- `@dependabot merge` will merge this PR after your CI passes on it- `@dependabot squash and merge` will squash and merge this PR afteryour CI passes on it- `@dependabot cancel merge` will cancel a previously requested mergeand block automerging- `@dependabot reopen` will reopen this PR if it is closed- `@dependabot close` will close this PR and stop Dependabot recreatingit. You can achieve the same result by closing it manually- `@dependabot show <dependency name> ignore conditions` will show allof the ignore conditions of the specified dependency- `@dependabot ignore this major version` will close this PR and stopDependabot creating any more for this major version (unless you reopenthe PR or upgrade to it yourself)- `@dependabot ignore this minor version` will close this PR and stopDependabot creating any more for this minor version (unless you reopenthe PR or upgrade to it yourself)- `@dependabot ignore this dependency` will close this PR and stopDependabot creating any more for this dependency (unless you reopen thePR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the[Security Alerts page](https://github.com/coder/coder/network/alerts).</details>Signed-off-by: dependabot[bot] <support@github.com>Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

- Fixes a transitive vuln in path-to-regexp

Fixes#17063I'm ignoring flake.nix for now.```$ IGNORE_NIX=true ./scripts/check_go_versions.shINFO : go.mod                   : 1.24.1INFO : dogfood/coder/Dockerfile : 1.24.1INFO : setup-go/action.yaml     : 1.24.1INFO : flake.nix                : 1.22INFO : Ignoring flake.nix, as IGNORE_NIX=trueGo version check passed, all versions are 1.24.1$ ./scripts/check_go_versions.shINFO : go.mod                   : 1.24.1INFO : dogfood/coder/Dockerfile : 1.24.1INFO : setup-go/action.yaml     : 1.24.1INFO : flake.nix                : 1.22ERROR: Go version mismatch between go.mod and flake.nix```

Closescoder/internal#547

There's a flake reported incoder/internal#549that was caused by the built-in Postgres failing to start. However, thetest was written in a way that didn't log the actual error which causedPostgres to fail. This PR improves error logging in the affected test sothat the next time the error happens, we know what it is.

Spotted on main:https://github.com/coder/coder/actions/runs/14179449567/job/39721999486```=== FAIL: coderd TestOIDCDomainErrorMessage/MalformedEmailErrorOmitsDomains (0.01s)==================WARNING: DATA RACERead at 0x00c060b54e68 by goroutine 296485:  golang.org/x/oauth2.(*Config).Exchange()      /home/runner/go/pkg/mod/golang.org/x/oauth2@v0.28.0/oauth2.go:228 +0x1d8  github.com/coder/coder/v2/coderd.(*OIDCConfig).Exchange()      <autogenerated>:1 +0xb7  github.com/coder/coder/v2/coderd.New.func11.12.1.2.ExtractOAuth2.1.1()      /home/runner/work/coder/coder/coderd/httpmw/oauth2.go:168 +0x7b5  net/http.HandlerFunc.ServeHTTP()      /opt/hostedtoolcache/go/1.24.1/x64/src/net/http/server.go:2294 +0x47[...]Previous write at 0x00c060b54e68 by goroutine 55730:  github.com/coder/coder/v2/coderd/coderdtest/oidctest.(*FakeIDP).SetRedirect()      /home/runner/work/coder/coder/coderd/coderdtest/oidctest/idp.go:1280 +0x1e6  github.com/coder/coder/v2/coderd/coderdtest/oidctest.(*FakeIDP).LoginWithClient()      /home/runner/work/coder/coder/coderd/coderdtest/oidctest/idp.go:494 +0x170  github.com/coder/coder/v2/coderd/coderdtest/oidctest.(*FakeIDP).AttemptLogin()      /home/runner/work/coder/coder/coderd/coderdtest/oidctest/idp.go:479 +0x624  github.com/coder/coder/v2/coderd_test.TestOIDCDomainErrorMessage.func3()      /home/runner/work/coder/coder/coderd/userauth_test.go:2041 +0x1f2```As seen, this race was caused by sharing a `*oidctest.FakeIDP` between test cases. The fix is to simply do the setup twice.```$ go test -race -run "TestOIDCDomainErrorMessage" github.com/coder/coder/v2/coderd -count=100ok      github.com/coder/coder/v2/coderd        7.551s````

## Changes made- Switched almost all headers to use the `SettingHeader` component- Redesigned component to be more composition-based, to stay in linewith the patterns we're starting to use more throughout the codebase- Refactored `SettingHeader` to be based on Radix and Tailwind, ratherthan Emotion/MUI- Added additional props to `SettingHeader` to help resolve issues withthe component creating invalid HTML- Beefed up `SettingHeader` to have better out-of-the-box accessibility- Addressed some typographic problems in `SettingHeader`- Addressed some responsive layout problems for `SettingsHeader`- Added first-ever stories for `SettingsHeader`## Notes- There are still a few headers that aren't using `SettingHeader` yet.There were some UI edge cases that meant I couldn't reliably bring it inwithout consulting the Design team first. I'm a little less worriedabout them, because they at least *look* like the other headers, butit'd be nice if we could centralize everything in a followup PR

closes#16919 - [x] cursor doc- [x] windsurf docfrom#16919 (comment):- add to access-workspace- link to module(s)- how to windsurf with ssh- temp: install vsix manually (Windsurf)   - from <https://github.com/coder/vscode-coder>- log in first- search extensions for Coder- ask your admin to add a module:https://registry.coder.com/modules/cursor---------Co-authored-by: EdwardAngert <17991901+EdwardAngert@users.noreply.github.com>Co-authored-by: M Atif Ali <atif@coder.com>

Check out the stories for the exacts...![image](https://github.com/user-attachments/assets/a1e1b9b0-7b37-4e0d-b99e-64b4766519ef)![image](https://github.com/user-attachments/assets/d3eb580d-071c-4caf-b393-a7e87da61f5e)

## IssueCloses#16206(thanks@bjornrobertsson - not sure why I can't tag you as a reviewer)Mismatch between the SMTP configuration UI and the documentation.## VerificationClaude verified this issue by examining:1. The current SMTP configuration code in the codebase2. The CLI help documentation for the server command3. The examples provided in the notifications documentationThe issue was confirmed by finding:- A reference to a deprecated variable`CODER_NOTIFICATIONS_EMAIL_FORCE_TLS` instead of the current`CODER_EMAIL_FORCE_TLS`- Missing information about the port format required for the SMTPsmarthost## Changes made1. Updated the `--email-smarthost` description to clarify that theformat should include both hostname and port: `(format:     hostname:port)`2. Fixed the reference to the TLS environment variable in the STARTTLSdescription, replacing the deprecated`CODER_NOTIFICATIONS_EMAIL_FORCE_TLS` with the correct`CODER_EMAIL_FORCE_TLS`## Additional informationThe Gmail and Outlook examples in the documentation already correctlyshow the port included in the smarthost configuration, but the maindescription table needed to be updated to explicitly mention thisrequirement.[preview](https://coder.com/docs/@16206-smtp-required-components/admin/monitoring/notifications)<sub>🤖 Generated with [Claude Code](https://claude.ai/code)</sub>---------Co-authored-by: EdwardAngert <17991901+EdwardAngert@users.noreply.github.com>Co-authored-by: Claude <noreply@anthropic.com>

This was causing no status to be rendered in the list, and`latest_app_status` to always be nil.

Updates `~/.claude.json` and `~/.claude/CLAUDE.md` with requiredsettings for agentic usage.

This PR adds the ability to hide presets on the workspace creation form.When showing them, a clear indication is now made as to which inputswere preset and which weren't.![image](https://github.com/user-attachments/assets/6c8f690c-7cf6-44a9-9657-65039b2b3cb7)