fix(site): show delete menu for failed devcontainers

The three-dot menu containing the Delete action was hidden for
devcontainers in a failed/error state because showDevcontainerControls
required both a sub-agent and container reference. For failed
devcontainers, neither is typically present.

Decouple the AgentDevcontainerMoreActions rendering from
showDevcontainerControls so the Delete action is always available
regardless of container state. The SSH and port forwarding controls
remain gated behind showDevcontainerControls since they genuinely
need the sub-agent and container.

.github/cherry-pick-bot.yml

@@ -0,0 +1,2 @@
+enabled: true
+preservePullRequestTitle: true

.github/workflows/backport.yaml

@@ -1,178 +0,0 @@
-# Automatically backport merged PRs to the last N release branches when the
-# "backport" label is applied. Works whether the label is added before or
-# after the PR is merged.
-#
-# Usage:
-#   1. Add the "backport" label to a PR targeting main.
-#   2. When the PR merges (or if already merged), the workflow detects the
-#      latest release/* branches and opens one cherry-pick PR per branch.
-#
-# The created backport PRs follow existing repo conventions:
-#   - Branch:  backport/<pr>-to-<version>
-#   - Title:   <original PR title> (#<pr>)
-#   - Body:    links back to the original PR and merge commit
-
-name: Backport
-on:
-  pull_request_target:
-    branches:
-      - main
-    types:
-      - closed
-      - labeled
-
-permissions:
-  contents: write
-  pull-requests: write
-
-# Prevent duplicate runs for the same PR when both 'closed' and 'labeled'
-# fire in quick succession.
-concurrency:
-  group: backport-${{ github.event.pull_request.number }}
-
-jobs:
-  detect:
-    name: Detect target branches
-    if: >
-      github.event.pull_request.merged == true &&
-      contains(github.event.pull_request.labels.*.name, 'backport')
-    runs-on: ubuntu-latest
-    outputs:
-      branches: ${{ steps.find.outputs.branches }}
-    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          # Need all refs to discover release branches.
-          fetch-depth: 0
-
-      - name: Find latest release branches
-        id: find
-        run: |
-          # List remote release branches matching the exact release/2.X
-          # pattern (no suffixes like release/2.31_hotfix), sort by minor
-          # version descending, and take the top 3.
-          BRANCHES=$(
-            git branch -r \
-              | grep -E '^\s*origin/release/2\.[0-9]+$' \
-              | sed 's|.*origin/||' \
-              | sort -t. -k2 -n -r \
-              | head -3
-          )
-
-          if [ -z "$BRANCHES" ]; then
-            echo "No release branches found."
-            echo "branches=[]" >> "$GITHUB_OUTPUT"
-            exit 0
-          fi
-
-          # Convert to JSON array for the matrix.
-          JSON=$(echo "$BRANCHES" | jq -Rnc '[inputs | select(length > 0)]')
-          echo "branches=$JSON" >> "$GITHUB_OUTPUT"
-          echo "Will backport to: $JSON"
-
-  backport:
-    name: "Backport to ${{ matrix.branch }}"
-    needs: detect
-    if: needs.detect.outputs.branches != '[]'
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        branch: ${{ fromJson(needs.detect.outputs.branches) }}
-      fail-fast: false
-    env:
-      PR_NUMBER: ${{ github.event.pull_request.number }}
-      PR_TITLE: ${{ github.event.pull_request.title }}
-      PR_URL: ${{ github.event.pull_request.html_url }}
-      MERGE_SHA: ${{ github.event.pull_request.merge_commit_sha }}
-      SENDER: ${{ github.event.sender.login }}
-    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          # Full history required for cherry-pick.
-          fetch-depth: 0
-
-      - name: Cherry-pick and open PR
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          set -euo pipefail
-
-          RELEASE_VERSION="${{ matrix.branch }}"
-          # Strip the release/ prefix for naming.
-          VERSION="${RELEASE_VERSION#release/}"
-          BACKPORT_BRANCH="backport/${PR_NUMBER}-to-${VERSION}"
-
-          git config user.name "github-actions[bot]"
-          git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
-
-          # Check if backport branch already exists (idempotency for re-runs).
-          if git ls-remote --exit-code origin "refs/heads/${BACKPORT_BRANCH}" >/dev/null 2>&1; then
-            echo "Backport branch ${BACKPORT_BRANCH} already exists, skipping."
-            exit 0
-          fi
-
-          # Create the backport branch from the target release branch.
-          git checkout -b "$BACKPORT_BRANCH" "origin/${RELEASE_VERSION}"
-
-          # Cherry-pick the merge commit. Use -x to record provenance and
-          # -m1 to pick the first parent (the main branch side).
-          CONFLICTS=false
-          if ! git cherry-pick -x -m1 "$MERGE_SHA"; then
-            echo "::warning::Cherry-pick to ${RELEASE_VERSION} had conflicts."
-            CONFLICTS=true
-
-            # Abort the failed cherry-pick and create an empty commit
-            # explaining the situation.
-            git cherry-pick --abort
-            git commit --allow-empty -m "Cherry-pick of #${PR_NUMBER} requires manual resolution
-
-          The automatic cherry-pick of ${MERGE_SHA} to ${RELEASE_VERSION} had conflicts.
-          Please cherry-pick manually:
-
-              git cherry-pick -x -m1 ${MERGE_SHA}"
-          fi
-
-          git push origin "$BACKPORT_BRANCH"
-
-          TITLE="${PR_TITLE} (#${PR_NUMBER})"
-          BODY=$(cat <<EOF
-          Backport of ${PR_URL}
-
-          Original PR: #${PR_NUMBER} — ${PR_TITLE}
-          Merge commit: ${MERGE_SHA}
-          Requested by: @${SENDER}
-          EOF
-          )
-
-          if [ "$CONFLICTS" = true ]; then
-            TITLE="${TITLE} (conflicts)"
-            BODY="${BODY}
-
-          > [!WARNING]
-          > The automatic cherry-pick had conflicts.
-          > Please resolve manually by cherry-picking the original merge commit:
-          >
-          > \`\`\`
-          > git fetch origin ${BACKPORT_BRANCH}
-          > git checkout ${BACKPORT_BRANCH}
-          > git reset --hard origin/${RELEASE_VERSION}
-          > git cherry-pick -x -m1 ${MERGE_SHA}
-          > # resolve conflicts, then push
-          > \`\`\`"
-          fi
-
-          # Check if a PR already exists for this branch (idempotency
-          # for re-runs).
-          EXISTING_PR=$(gh pr list --head "$BACKPORT_BRANCH" --base "$RELEASE_VERSION" --state all --json number --jq '.[0].number // empty')
-          if [ -n "$EXISTING_PR" ]; then
-            echo "PR #${EXISTING_PR} already exists for ${BACKPORT_BRANCH}, skipping."
-            exit 0
-          fi
-
-          gh pr create \
-            --base "$RELEASE_VERSION" \
-            --head "$BACKPORT_BRANCH" \
-            --title "$TITLE" \
-            --body "$BODY" \
-            --assignee "$SENDER" \
-            --reviewer "$SENDER"

.github/workflows/cherry-pick.yaml

@@ -1,143 +0,0 @@
-# Automatically cherry-pick merged PRs to the latest release branch when the
-# "cherry-pick" label is applied. Works whether the label is added before or
-# after the PR is merged.
-#
-# Usage:
-#   1. Add the "cherry-pick" label to a PR targeting main.
-#   2. When the PR merges (or if already merged), the workflow detects the
-#      latest release/* branch and opens a cherry-pick PR against it.
-#
-# The created PRs follow existing repo conventions:
-#   - Branch:  backport/<pr>-to-<version>
-#   - Title:   <original PR title> (#<pr>)
-#   - Body:    links back to the original PR and merge commit
-
-name: Cherry-pick to release
-on:
-  pull_request_target:
-    branches:
-      - main
-    types:
-      - closed
-      - labeled
-
-permissions:
-  contents: write
-  pull-requests: write
-
-# Prevent duplicate runs for the same PR when both 'closed' and 'labeled'
-# fire in quick succession.
-concurrency:
-  group: cherry-pick-${{ github.event.pull_request.number }}
-
-jobs:
-  cherry-pick:
-    name: Cherry-pick to latest release
-    if: >
-      github.event.pull_request.merged == true &&
-      contains(github.event.pull_request.labels.*.name, 'cherry-pick')
-    runs-on: ubuntu-latest
-    env:
-      PR_NUMBER: ${{ github.event.pull_request.number }}
-      PR_TITLE: ${{ github.event.pull_request.title }}
-      PR_URL: ${{ github.event.pull_request.html_url }}
-      MERGE_SHA: ${{ github.event.pull_request.merge_commit_sha }}
-      SENDER: ${{ github.event.sender.login }}
-    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          # Full history required for cherry-pick and branch discovery.
-          fetch-depth: 0
-
-      - name: Cherry-pick and open PR
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          set -euo pipefail
-
-          # Find the latest release branch matching the exact release/2.X
-          # pattern (no suffixes like release/2.31_hotfix).
-          RELEASE_BRANCH=$(
-            git branch -r \
-              | grep -E '^\s*origin/release/2\.[0-9]+$' \
-              | sed 's|.*origin/||' \
-              | sort -t. -k2 -n -r \
-              | head -1
-          )
-
-          if [ -z "$RELEASE_BRANCH" ]; then
-            echo "::error::No release branch found."
-            exit 1
-          fi
-
-          # Strip the release/ prefix for naming.
-          VERSION="${RELEASE_BRANCH#release/}"
-          BACKPORT_BRANCH="backport/${PR_NUMBER}-to-${VERSION}"
-
-          echo "Target branch: $RELEASE_BRANCH"
-          echo "Backport branch: $BACKPORT_BRANCH"
-
-          # Check if backport branch already exists (idempotency for re-runs).
-          if git ls-remote --exit-code origin "refs/heads/${BACKPORT_BRANCH}" >/dev/null 2>&1; then
-            echo "Branch ${BACKPORT_BRANCH} already exists, skipping."
-            exit 0
-          fi
-
-          git config user.name "github-actions[bot]"
-          git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
-
-          # Create the backport branch from the target release branch.
-          git checkout -b "$BACKPORT_BRANCH" "origin/${RELEASE_BRANCH}"
-
-          # Cherry-pick the merge commit. Use -x to record provenance and
-          # -m1 to pick the first parent (the main branch side).
-          CONFLICT=false
-          if ! git cherry-pick -x -m1 "$MERGE_SHA"; then
-            CONFLICT=true
-            echo "::warning::Cherry-pick to ${RELEASE_BRANCH} had conflicts."
-
-            # Abort the failed cherry-pick and create an empty commit with
-            # instructions so the PR can still be opened.
-            git cherry-pick --abort
-            git commit --allow-empty -m "cherry-pick of #${PR_NUMBER} failed — resolve conflicts manually
-
-          Cherry-pick of ${MERGE_SHA} onto ${RELEASE_BRANCH} had conflicts.
-          To resolve:
-            git fetch origin ${BACKPORT_BRANCH}
-            git checkout ${BACKPORT_BRANCH}
-            git cherry-pick -x -m1 ${MERGE_SHA}
-            # resolve conflicts
-            git push origin ${BACKPORT_BRANCH}"
-          fi
-
-          git push origin "$BACKPORT_BRANCH"
-
-          BODY=$(cat <<EOF
-          Cherry-pick of ${PR_URL}
-
-          Original PR: #${PR_NUMBER} — ${PR_TITLE}
-          Merge commit: ${MERGE_SHA}
-          Requested by: @${SENDER}
-          EOF
-          )
-
-          TITLE="${PR_TITLE} (#${PR_NUMBER})"
-          if [ "$CONFLICT" = true ]; then
-            TITLE="[CONFLICT] ${TITLE}"
-          fi
-
-          # Check if a PR already exists for this branch (idempotency
-          # for re-runs). Use --state all to catch closed/merged PRs too.
-          EXISTING_PR=$(gh pr list --head "$BACKPORT_BRANCH" --base "$RELEASE_BRANCH" --state all --json number --jq '.[0].number // empty')
-          if [ -n "$EXISTING_PR" ]; then
-            echo "PR #${EXISTING_PR} already exists for ${BACKPORT_BRANCH}, skipping."
-            exit 0
-          fi
-
-          gh pr create \
-            --base "$RELEASE_BRANCH" \
-            --head "$BACKPORT_BRANCH" \
-            --title "$TITLE" \
-            --body "$BODY" \
-            --assignee "$SENDER" \
-            --reviewer "$SENDER"

.github/workflows/ci.yaml

@@ -35,7 +35,7 @@ jobs:
       tailnet-integration: ${{ steps.filter.outputs.tailnet-integration }}
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 
@@ -157,7 +157,7 @@ jobs:
     runs-on: ${{ github.repository_owner == 'coder' && 'depot-ubuntu-22.04-8' || 'ubuntu-latest' }}
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 
@@ -247,7 +247,7 @@ jobs:
     runs-on: ${{ github.repository_owner == 'coder' && 'depot-ubuntu-22.04-8' || 'ubuntu-latest' }}
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 
@@ -272,7 +272,7 @@ jobs:
     if: ${{ !cancelled() }}
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 
@@ -327,7 +327,7 @@ jobs:
     timeout-minutes: 20
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 
@@ -379,7 +379,7 @@ jobs:
           - windows-2022
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 
@@ -575,7 +575,7 @@ jobs:
     timeout-minutes: 25
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 
@@ -637,7 +637,7 @@ jobs:
     timeout-minutes: 25
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 
@@ -709,7 +709,7 @@ jobs:
     timeout-minutes: 20
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 
@@ -736,7 +736,7 @@ jobs:
     timeout-minutes: 20
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 
@@ -769,7 +769,7 @@ jobs:
     name: ${{ matrix.variant.name }}
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 
@@ -849,7 +849,7 @@ jobs:
     if: needs.changes.outputs.site == 'true' || needs.changes.outputs.ci == 'true'
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 
@@ -930,7 +930,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 
@@ -1005,7 +1005,7 @@ jobs:
     if: always()
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 
@@ -1043,7 +1043,7 @@ jobs:
     runs-on: ${{ github.repository_owner == 'coder' && 'depot-ubuntu-22.04-8' || 'ubuntu-latest' }}
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 
@@ -1097,7 +1097,7 @@ jobs:
       IMAGE: ghcr.io/coder/coder-preview:${{ steps.build-docker.outputs.tag }}
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 
@@ -1479,7 +1479,7 @@ jobs:
     if: needs.changes.outputs.db == 'true' || needs.changes.outputs.ci == 'true' || github.ref == 'refs/heads/main'
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 

.github/workflows/dependabot.yaml

@@ -23,7 +23,7 @@ jobs:
     steps:
       - name: Dependabot metadata
         id: metadata
-        uses: dependabot/fetch-metadata@ffa630c65fa7e0ecfa0625b5ceda64399aea1b36 # v3.0.0
+        uses: dependabot/fetch-metadata@21025c705c08248db411dc16f3619e6b5f9ea21a # v2.5.0
         with:
           github-token: "${{ secrets.GITHUB_TOKEN }}"
 

.github/workflows/deploy.yaml

@@ -36,7 +36,7 @@ jobs:
       verdict: ${{ steps.check.outputs.verdict }} # DEPLOY or NOOP
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 
@@ -65,7 +65,7 @@ jobs:
       packages: write # to retag image as dogfood
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 
@@ -142,7 +142,7 @@ jobs:
     needs: deploy
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 

.github/workflows/docker-base.yaml

@@ -38,7 +38,7 @@ jobs:
     if: github.repository_owner == 'coder'
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 

.github/workflows/dogfood.yaml

@@ -26,7 +26,7 @@ jobs:
     runs-on: ${{ github.repository_owner == 'coder' && 'depot-ubuntu-22.04-4' || 'ubuntu-latest' }}
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 
@@ -125,7 +125,7 @@ jobs:
       id-token: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 

.github/workflows/nightly-gauntlet.yaml

@@ -28,7 +28,7 @@ jobs:
           - windows-2022
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 

.github/workflows/pr-auto-assign.yaml

@@ -15,7 +15,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 

.github/workflows/pr-cherry-pick-check.yaml

@@ -1,93 +0,0 @@
-# Ensures that only bug fixes are cherry-picked to release branches.
-# PRs targeting release/* must have a title starting with "fix:" or "fix(scope):".
-name: PR Cherry-Pick Check
-
-on:
-  # zizmor: ignore[dangerous-triggers] Only reads PR metadata and comments; does not checkout PR code.
-  pull_request_target:
-    types: [opened, reopened, edited]
-    branches:
-      - "release/*"
-
-permissions:
-  pull-requests: write
-
-jobs:
-  check-cherry-pick:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
-        with:
-          egress-policy: audit
-
-      - name: Check PR title for bug fix
-        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
-        with:
-          script: |
-            const title = context.payload.pull_request.title;
-            const prNumber = context.payload.pull_request.number;
-            const baseBranch = context.payload.pull_request.base.ref;
-            const author = context.payload.pull_request.user.login;
-
-            console.log(`PR #${prNumber}: "${title}" -> ${baseBranch}`);
-
-            // Match conventional commit "fix:" or "fix(scope):" prefix.
-            const isBugFix = /^fix(\(.+\))?:/.test(title);
-
-            if (isBugFix) {
-              console.log("PR title indicates a bug fix. No action needed.");
-              return;
-            }
-
-            console.log("PR title does not indicate a bug fix. Commenting.");
-
-            // Check for an existing comment from this bot to avoid duplicates
-            // on title edits.
-            const { data: comments } = await github.rest.issues.listComments({
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              issue_number: prNumber,
-            });
-
-            const marker = "<!-- cherry-pick-check -->";
-            const existingComment = comments.find(
-              (c) => c.body && c.body.includes(marker),
-            );
-
-            const body = [
-              marker,
-              `👋 Hey @${author}!`,
-              "",
-              `This PR is targeting the \`${baseBranch}\` release branch, but its title does not start with \`fix:\` or \`fix(scope):\`.`,
-              "",
-              "Only **bug fixes** should be cherry-picked to release branches. If this is a bug fix, please update the PR title to match the conventional commit format:",
-              "",
-              "```",
-              "fix: description of the bug fix",
-              "fix(scope): description of the bug fix",
-              "```",
-              "",
-              "If this is **not** a bug fix, it likely should not target a release branch.",
-            ].join("\n");
-
-            if (existingComment) {
-              console.log(`Updating existing comment ${existingComment.id}.`);
-              await github.rest.issues.updateComment({
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                comment_id: existingComment.id,
-                body,
-              });
-            } else {
-              await github.rest.issues.createComment({
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                issue_number: prNumber,
-                body,
-              });
-            }
-
-            core.warning(
-              `PR #${prNumber} targets ${baseBranch} but is not a bug fix. Title must start with "fix:" or "fix(scope):".`,
-            );

.github/workflows/pr-cleanup.yaml

@@ -19,7 +19,7 @@ jobs:
       packages: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 

.github/workflows/pr-deploy.yaml

@@ -39,7 +39,7 @@ jobs:
       PR_OPEN: ${{ steps.check_pr.outputs.pr_open }}
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 
@@ -76,7 +76,7 @@ jobs:
     runs-on: "ubuntu-latest"
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 
@@ -184,7 +184,7 @@ jobs:
       pull-requests: write # needed for commenting on PRs
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 
@@ -228,7 +228,7 @@ jobs:
       CODER_IMAGE_TAG: ${{ needs.get_info.outputs.CODER_IMAGE_TAG }}
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 
@@ -288,7 +288,7 @@ jobs:
       PR_HOSTNAME: "pr${{ needs.get_info.outputs.PR_NUMBER }}.${{ secrets.PR_DEPLOYMENTS_DOMAIN }}"
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 

.github/workflows/release-validation.yaml

@@ -14,7 +14,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 

.github/workflows/release.yaml

@@ -81,7 +81,7 @@ jobs:
       version: ${{ steps.version.outputs.version }}
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 
@@ -121,22 +121,22 @@ jobs:
           fi
 
           # Derive the release branch from the version tag.
-          # Non-RC releases must be on a release/X.Y branch.
-          # RC tags are allowed on any branch (typically main).
+          # Standard: 2.10.2 -> release/2.10
+          # RC:       2.32.0-rc.0 -> release/2.32-rc.0
           version="$(./scripts/version.sh)"
-          # Strip any pre-release suffix first (e.g. 2.32.0-rc.0 -> 2.32.0)
-          base_version="${version%%-*}"
-          # Then strip patch to get major.minor (e.g. 2.32.0 -> 2.32)
-          release_branch="release/${base_version%.*}"
-
           if [[ "$version" == *-rc.* ]]; then
-            echo "RC release detected — skipping release branch check (RC tags are cut from main)."
+            # Extract major.minor and rc suffix from e.g. 2.32.0-rc.0
+            base_version="${version%%-rc.*}"   # 2.32.0
+            major_minor="${base_version%.*}"   # 2.32
+            rc_suffix="${version##*-rc.}"      # 0
+            release_branch="release/${major_minor}-rc.${rc_suffix}"
           else
-            branch_contains_tag=$(git branch --remotes --contains "${GITHUB_REF}" --list "*/${release_branch}" --format='%(refname)')
-            if [[ -z "${branch_contains_tag}" ]]; then
-              echo "Ref tag must exist in a branch named ${release_branch} when creating a non-RC release, did you use scripts/release.sh?"
-              exit 1
-            fi
+            release_branch=release/${version%.*}
+          fi
+          branch_contains_tag=$(git branch --remotes --contains "${GITHUB_REF}" --list "*/${release_branch}" --format='%(refname)')
+          if [[ -z "${branch_contains_tag}" ]]; then
+            echo "Ref tag must exist in a branch named ${release_branch} when creating a release, did you use scripts/release.sh?"
+            exit 1
           fi
 
           if [[ -z "${CODER_RELEASE_NOTES}" ]]; then
@@ -673,7 +673,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 
@@ -749,7 +749,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 

.github/workflows/scorecard.yml

@@ -20,7 +20,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 
@@ -47,6 +47,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # v3.29.5
+        uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v3.29.5
         with:
           sarif_file: results.sarif

.github/workflows/security.yaml

@@ -27,7 +27,7 @@ jobs:
     runs-on: ${{ github.repository_owner == 'coder' && 'depot-ubuntu-22.04-8' || 'ubuntu-latest' }}
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 
@@ -40,7 +40,7 @@ jobs:
         uses: ./.github/actions/setup-go
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@c10b8064de6f491fea524254123dbe5e09572f13 # v3.29.5
+        uses: github/codeql-action/init@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v3.29.5
         with:
           languages: go, javascript
 
@@ -50,7 +50,7 @@ jobs:
           rm Makefile
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@c10b8064de6f491fea524254123dbe5e09572f13 # v3.29.5
+        uses: github/codeql-action/analyze@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v3.29.5
 
       - name: Send Slack notification on failure
         if: ${{ failure() }}

.github/workflows/stale.yaml

@@ -18,7 +18,7 @@ jobs:
       pull-requests: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 
@@ -96,7 +96,7 @@ jobs:
       contents: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 
@@ -120,7 +120,7 @@ jobs:
       actions: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 

.github/workflows/typos.toml

@@ -36,7 +36,6 @@ typ = "typ"
 styl = "styl"
 edn = "edn"
 Inferrable = "Inferrable"
-IIF = "IIF"
 
 [files]
 extend-exclude = [

.github/workflows/weekly-docs.yaml

@@ -21,7 +21,7 @@ jobs:
       pull-requests: write # required to post PR review comments by the action
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
 

.gitignore

@@ -103,6 +103,3 @@ PLAN.md
 
 # Ignore any dev licenses
 license.txt
--e 
-# Agent planning documents (local working files).
-docs/plans/

AGENTS.md

@@ -110,9 +110,6 @@ app, err := api.Database.GetOAuth2ProviderAppByClientID(ctx, clientID)
 - For experimental or unstable API paths, skip public doc generation with
   `// @x-apidocgen {"skip": true}` after the `@Router` annotation. This
   keeps them out of the published API reference until they stabilize.
-- Experimental chat endpoints in `coderd/exp_chats.go` omit swagger
-  annotations entirely. Do not add `@Summary`, `@Router`, or other
-  swagger comments to handlers in that file.
 
 ### Database Query Naming
 

Makefile

@@ -91,59 +91,6 @@ define atomic_write
 		mv "$$tmpfile" "$@" && rm -rf "$$tmpdir"
 endef
 
-# Helper binary targets. Built with go build -o to avoid caching
-# link-stage executables in GOCACHE. Each binary is a real Make
-# target so parallel -j builds serialize correctly instead of
-# racing on the same output path.
-
-_gen/bin/apitypings: $(wildcard scripts/apitypings/*.go) | _gen
-	@mkdir -p _gen/bin
-	go build -o $@ ./scripts/apitypings
-
-_gen/bin/auditdocgen: $(wildcard scripts/auditdocgen/*.go) | _gen
-	@mkdir -p _gen/bin
-	go build -o $@ ./scripts/auditdocgen
-
-_gen/bin/check-scopes: $(wildcard scripts/check-scopes/*.go) | _gen
-	@mkdir -p _gen/bin
-	go build -o $@ ./scripts/check-scopes
-
-_gen/bin/clidocgen: $(wildcard scripts/clidocgen/*.go) | _gen
-	@mkdir -p _gen/bin
-	go build -o $@ ./scripts/clidocgen
-
-_gen/bin/dbdump: $(wildcard coderd/database/gen/dump/*.go) | _gen
-	@mkdir -p _gen/bin
-	go build -o $@ ./coderd/database/gen/dump
-
-_gen/bin/examplegen: $(wildcard scripts/examplegen/*.go) | _gen
-	@mkdir -p _gen/bin
-	go build -o $@ ./scripts/examplegen
-
-_gen/bin/gensite: $(wildcard scripts/gensite/*.go) | _gen
-	@mkdir -p _gen/bin
-	go build -o $@ ./scripts/gensite
-
-_gen/bin/apikeyscopesgen: $(wildcard scripts/apikeyscopesgen/*.go) | _gen
-	@mkdir -p _gen/bin
-	go build -o $@ ./scripts/apikeyscopesgen
-
-_gen/bin/metricsdocgen: $(wildcard scripts/metricsdocgen/*.go) | _gen
-	@mkdir -p _gen/bin
-	go build -o $@ ./scripts/metricsdocgen
-
-_gen/bin/metricsdocgen-scanner: $(wildcard scripts/metricsdocgen/scanner/*.go) | _gen
-	@mkdir -p _gen/bin
-	go build -o $@ ./scripts/metricsdocgen/scanner
-
-_gen/bin/modeloptionsgen: $(wildcard scripts/modeloptionsgen/*.go) | _gen
-	@mkdir -p _gen/bin
-	go build -o $@ ./scripts/modeloptionsgen
-
-_gen/bin/typegen: $(wildcard scripts/typegen/*.go) | _gen
-	@mkdir -p _gen/bin
-	go build -o $@ ./scripts/typegen
-
 # Shared temp directory for atomic writes. Lives at the project root
 # so all targets share the same filesystem, and is gitignored.
 # Order-only prerequisite: recipes that need it depend on | _gen
@@ -254,7 +201,6 @@ endif
 
 clean:
 	rm -rf build/ site/build/ site/out/
-	rm -rf _gen/bin
 	mkdir -p build/
 	git restore site/out/
 .PHONY: clean
@@ -708,8 +654,8 @@ lint/go:
 	go tool github.com/coder/paralleltestctx/cmd/paralleltestctx -custom-funcs="testutil.Context" ./...
 .PHONY: lint/go
 
-lint/examples: | _gen/bin/examplegen
-	_gen/bin/examplegen -lint
+lint/examples:
+	go run ./scripts/examplegen/main.go -lint
 .PHONY: lint/examples
 
 # Use shfmt to determine the shell files, takes editorconfig into consideration.
@@ -747,8 +693,8 @@ lint/actions/zizmor:
 .PHONY: lint/actions/zizmor
 
 # Verify api_key_scope enum contains all RBAC <resource>:<action> values.
-lint/check-scopes: coderd/database/dump.sql | _gen/bin/check-scopes
-	_gen/bin/check-scopes
+lint/check-scopes: coderd/database/dump.sql
+	go run ./scripts/check-scopes
 .PHONY: lint/check-scopes
 
 # Verify migrations do not hardcode the public schema.
@@ -788,8 +734,8 @@ lint/typos: build/typos-$(TYPOS_VERSION)
 # The pre-push hook is allowlisted, see scripts/githooks/pre-push.
 #
 # pre-commit uses two phases: gen+fmt first, then lint+build. This
-# avoids races where gen creates temporary .go files that lint's
-# find-based checks pick up. Within each phase, targets run in
+# avoids races where gen's `go run` creates temporary .go files that
+# lint's find-based checks pick up. Within each phase, targets run in
 # parallel via -j. It fails if any tracked files have unstaged
 # changes afterward.
 
@@ -1003,8 +949,8 @@ gen/mark-fresh:
 
 # Runs migrations to output a dump of the database schema after migrations are
 # applied.
-coderd/database/dump.sql: coderd/database/gen/dump/main.go $(wildcard coderd/database/migrations/*.sql) | _gen/bin/dbdump
-	_gen/bin/dbdump
+coderd/database/dump.sql: coderd/database/gen/dump/main.go $(wildcard coderd/database/migrations/*.sql)
+	go run ./coderd/database/gen/dump/main.go
 	touch "$@"
 
 # Generates Go code for querying the database.
@@ -1121,88 +1067,88 @@ enterprise/aibridged/proto/aibridged.pb.go: enterprise/aibridged/proto/aibridged
 		--go-drpc_opt=paths=source_relative \
 		./enterprise/aibridged/proto/aibridged.proto
 
-site/src/api/typesGenerated.ts: site/node_modules/.installed $(wildcard scripts/apitypings/*) $(shell find ./codersdk $(FIND_EXCLUSIONS) -type f -name '*.go') | _gen _gen/bin/apitypings
-	$(call atomic_write,_gen/bin/apitypings,./scripts/biome_format.sh)
+site/src/api/typesGenerated.ts: site/node_modules/.installed $(wildcard scripts/apitypings/*) $(shell find ./codersdk $(FIND_EXCLUSIONS) -type f -name '*.go') | _gen
+	$(call atomic_write,go run -C ./scripts/apitypings main.go,./scripts/biome_format.sh)
 
 site/e2e/provisionerGenerated.ts: site/node_modules/.installed provisionerd/proto/provisionerd.pb.go provisionersdk/proto/provisioner.pb.go
 	(cd site/ && pnpm run gen:provisioner)
 	touch "$@"
 
-site/src/theme/icons.json: site/node_modules/.installed $(wildcard scripts/gensite/*) $(wildcard site/static/icon/*) | _gen _gen/bin/gensite
+site/src/theme/icons.json: site/node_modules/.installed $(wildcard scripts/gensite/*) $(wildcard site/static/icon/*) | _gen
 	tmpdir=$$(mktemp -d -p _gen) && tmpfile=$$(realpath "$$tmpdir")/$(notdir $@) && \
-		_gen/bin/gensite -icons "$$tmpfile" && \
+		go run ./scripts/gensite/ -icons "$$tmpfile" && \
 		./scripts/biome_format.sh "$$tmpfile" && \
 		mv "$$tmpfile" "$@" && rm -rf "$$tmpdir"
 
-examples/examples.gen.json: scripts/examplegen/main.go examples/examples.go $(shell find ./examples/templates) | _gen _gen/bin/examplegen
-	$(call atomic_write,_gen/bin/examplegen)
+examples/examples.gen.json: scripts/examplegen/main.go examples/examples.go $(shell find ./examples/templates) | _gen
+	$(call atomic_write,go run ./scripts/examplegen/main.go)
 
-coderd/rbac/object_gen.go: scripts/typegen/rbacobject.gotmpl scripts/typegen/main.go coderd/rbac/object.go coderd/rbac/policy/policy.go | _gen _gen/bin/typegen
-	$(call atomic_write,_gen/bin/typegen rbac object)
+coderd/rbac/object_gen.go: scripts/typegen/rbacobject.gotmpl scripts/typegen/main.go coderd/rbac/object.go coderd/rbac/policy/policy.go | _gen
+	$(call atomic_write,go run ./scripts/typegen/main.go rbac object)
 	touch "$@"
 
-# NOTE: depends on object_gen.go because the generator build
-# compiles coderd/rbac which includes it.
+# NOTE: depends on object_gen.go because `go run` compiles
+# coderd/rbac which includes it.
 coderd/rbac/scopes_constants_gen.go: scripts/typegen/scopenames.gotmpl scripts/typegen/main.go coderd/rbac/policy/policy.go \
-	coderd/rbac/object_gen.go | _gen _gen/bin/typegen
+	coderd/rbac/object_gen.go | _gen
 	# Write to a temp file first to avoid truncating the package
 	# during build since the generator imports the rbac package.
-	$(call atomic_write,_gen/bin/typegen rbac scopenames)
+	$(call atomic_write,go run ./scripts/typegen/main.go rbac scopenames)
 	touch "$@"
 
 # NOTE: depends on object_gen.go and scopes_constants_gen.go because
-# the generator build compiles coderd/rbac which includes both.
+# `go run` compiles coderd/rbac which includes both.
 codersdk/rbacresources_gen.go: scripts/typegen/codersdk.gotmpl scripts/typegen/main.go coderd/rbac/object.go coderd/rbac/policy/policy.go \
-	coderd/rbac/object_gen.go coderd/rbac/scopes_constants_gen.go | _gen _gen/bin/typegen
+	coderd/rbac/object_gen.go coderd/rbac/scopes_constants_gen.go | _gen
 	# Write to a temp file to avoid truncating the target, which
 	# would break the codersdk package and any parallel build targets.
-	$(call atomic_write,_gen/bin/typegen rbac codersdk)
+	$(call atomic_write,go run scripts/typegen/main.go rbac codersdk)
 	touch "$@"
 
 # NOTE: depends on object_gen.go and scopes_constants_gen.go because
-# the generator build compiles coderd/rbac which includes both.
+# `go run` compiles coderd/rbac which includes both.
 codersdk/apikey_scopes_gen.go: scripts/apikeyscopesgen/main.go coderd/rbac/scopes_catalog.go coderd/rbac/scopes.go \
-	coderd/rbac/object_gen.go coderd/rbac/scopes_constants_gen.go | _gen _gen/bin/apikeyscopesgen
+	coderd/rbac/object_gen.go coderd/rbac/scopes_constants_gen.go | _gen
 	# Generate SDK constants for external API key scopes.
-	$(call atomic_write,_gen/bin/apikeyscopesgen)
+	$(call atomic_write,go run ./scripts/apikeyscopesgen)
 	touch "$@"
 
 # NOTE: depends on object_gen.go and scopes_constants_gen.go because
-# the generator build compiles coderd/rbac which includes both.
+# `go run` compiles coderd/rbac which includes both.
 site/src/api/rbacresourcesGenerated.ts: site/node_modules/.installed scripts/typegen/codersdk.gotmpl scripts/typegen/main.go coderd/rbac/object.go coderd/rbac/policy/policy.go \
-	coderd/rbac/object_gen.go coderd/rbac/scopes_constants_gen.go | _gen _gen/bin/typegen
-	$(call atomic_write,_gen/bin/typegen rbac typescript,./scripts/biome_format.sh)
+	coderd/rbac/object_gen.go coderd/rbac/scopes_constants_gen.go | _gen
+	$(call atomic_write,go run scripts/typegen/main.go rbac typescript,./scripts/biome_format.sh)
 
-site/src/api/countriesGenerated.ts: site/node_modules/.installed scripts/typegen/countries.tstmpl scripts/typegen/main.go codersdk/countries.go | _gen _gen/bin/typegen
-	$(call atomic_write,_gen/bin/typegen countries,./scripts/biome_format.sh)
+site/src/api/countriesGenerated.ts: site/node_modules/.installed scripts/typegen/countries.tstmpl scripts/typegen/main.go codersdk/countries.go | _gen
+	$(call atomic_write,go run scripts/typegen/main.go countries,./scripts/biome_format.sh)
 
-site/src/api/chatModelOptionsGenerated.json: scripts/modeloptionsgen/main.go codersdk/chats.go | _gen _gen/bin/modeloptionsgen
-	$(call atomic_write,_gen/bin/modeloptionsgen | tail -n +2,./scripts/biome_format.sh)
+site/src/api/chatModelOptionsGenerated.json: scripts/modeloptionsgen/main.go codersdk/chats.go | _gen
+	$(call atomic_write,go run ./scripts/modeloptionsgen/main.go | tail -n +2,./scripts/biome_format.sh)
 
-scripts/metricsdocgen/generated_metrics: $(GO_SRC_FILES) | _gen _gen/bin/metricsdocgen-scanner
-	$(call atomic_write,_gen/bin/metricsdocgen-scanner)
+scripts/metricsdocgen/generated_metrics: $(GO_SRC_FILES) | _gen
+	$(call atomic_write,go run ./scripts/metricsdocgen/scanner)
 
-docs/admin/integrations/prometheus.md: node_modules/.installed scripts/metricsdocgen/main.go scripts/metricsdocgen/metrics scripts/metricsdocgen/generated_metrics | _gen _gen/bin/metricsdocgen
+docs/admin/integrations/prometheus.md: node_modules/.installed scripts/metricsdocgen/main.go scripts/metricsdocgen/metrics scripts/metricsdocgen/generated_metrics | _gen
 	tmpdir=$$(mktemp -d -p _gen) && tmpfile=$$(realpath "$$tmpdir")/$(notdir $@) && cp "$@" "$$tmpfile" && \
-		_gen/bin/metricsdocgen --prometheus-doc-file="$$tmpfile" && \
+		go run scripts/metricsdocgen/main.go --prometheus-doc-file="$$tmpfile" && \
 		pnpm exec markdownlint-cli2 --fix "$$tmpfile" && \
 		pnpm exec markdown-table-formatter "$$tmpfile" && \
 		mv "$$tmpfile" "$@" && rm -rf "$$tmpdir"
 
-docs/reference/cli/index.md: node_modules/.installed scripts/clidocgen/main.go examples/examples.gen.json $(GO_SRC_FILES) | _gen _gen/bin/clidocgen
+docs/reference/cli/index.md: node_modules/.installed scripts/clidocgen/main.go examples/examples.gen.json $(GO_SRC_FILES) | _gen
 	tmpdir=$$(mktemp -d -p _gen) && \
 		tmpdir=$$(realpath "$$tmpdir") && \
 		mkdir -p "$$tmpdir/docs/reference/cli" && \
 		cp docs/manifest.json "$$tmpdir/docs/manifest.json" && \
-		CI=true DOCS_DIR="$$tmpdir/docs" _gen/bin/clidocgen && \
+		CI=true DOCS_DIR="$$tmpdir/docs" go run ./scripts/clidocgen && \
 		pnpm exec markdownlint-cli2 --fix "$$tmpdir/docs/reference/cli/*.md" && \
 		pnpm exec markdown-table-formatter "$$tmpdir/docs/reference/cli/*.md" && \
 		for f in "$$tmpdir/docs/reference/cli/"*.md; do mv "$$f" "docs/reference/cli/$$(basename "$$f")"; done && \
 		rm -rf "$$tmpdir"
 
-docs/admin/security/audit-logs.md: node_modules/.installed coderd/database/querier.go scripts/auditdocgen/main.go enterprise/audit/table.go coderd/rbac/object_gen.go | _gen _gen/bin/auditdocgen
+docs/admin/security/audit-logs.md: node_modules/.installed coderd/database/querier.go scripts/auditdocgen/main.go enterprise/audit/table.go coderd/rbac/object_gen.go | _gen
 	tmpdir=$$(mktemp -d -p _gen) && tmpfile=$$(realpath "$$tmpdir")/$(notdir $@) && cp "$@" "$$tmpfile" && \
-		_gen/bin/auditdocgen --audit-doc-file="$$tmpfile" && \
+		go run scripts/auditdocgen/main.go --audit-doc-file="$$tmpfile" && \
 		pnpm exec markdownlint-cli2 --fix "$$tmpfile" && \
 		pnpm exec markdown-table-formatter "$$tmpfile" && \
 		mv "$$tmpfile" "$@" && rm -rf "$$tmpdir"

agent/agent.go

@@ -102,8 +102,6 @@ type Options struct {
 	ReportMetadataInterval       time.Duration
 	ServiceBannerRefreshInterval time.Duration
 	BlockFileTransfer            bool
-	BlockReversePortForwarding   bool
-	BlockLocalPortForwarding     bool
 	Execer                       agentexec.Execer
 	Devcontainers                bool
 	DevcontainerAPIOptions       []agentcontainers.Option // Enable Devcontainers for these to be effective.
@@ -216,8 +214,6 @@ func New(options Options) Agent {
 		subsystems:                         options.Subsystems,
 		logSender:                          agentsdk.NewLogSender(options.Logger),
 		blockFileTransfer:                  options.BlockFileTransfer,
-		blockReversePortForwarding:         options.BlockReversePortForwarding,
-		blockLocalPortForwarding:           options.BlockLocalPortForwarding,
 
 		prometheusRegistry: prometheusRegistry,
 		metrics:            newAgentMetrics(prometheusRegistry),
@@ -284,8 +280,6 @@ type agent struct {
 	sshServer                          *agentssh.Server
 	sshMaxTimeout                      time.Duration
 	blockFileTransfer                  bool
-	blockReversePortForwarding         bool
-	blockLocalPortForwarding           bool
 
 	lifecycleUpdate            chan struct{}
 	lifecycleReported          chan codersdk.WorkspaceAgentLifecycle
@@ -337,14 +331,12 @@ func (a *agent) TailnetConn() *tailnet.Conn {
 func (a *agent) init() {
 	// pass the "hard" context because we explicitly close the SSH server as part of graceful shutdown.
 	sshSrv, err := agentssh.NewServer(a.hardCtx, a.logger.Named("ssh-server"), a.prometheusRegistry, a.filesystem, a.execer, &agentssh.Config{
-		MaxTimeout:                 a.sshMaxTimeout,
-		MOTDFile:                   func() string { return a.manifest.Load().MOTDFile },
-		AnnouncementBanners:        func() *[]codersdk.BannerConfig { return a.announcementBanners.Load() },
-		UpdateEnv:                  a.updateCommandEnv,
-		WorkingDirectory:           func() string { return a.manifest.Load().Directory },
-		BlockFileTransfer:          a.blockFileTransfer,
-		BlockReversePortForwarding: a.blockReversePortForwarding,
-		BlockLocalPortForwarding:   a.blockLocalPortForwarding,
+		MaxTimeout:          a.sshMaxTimeout,
+		MOTDFile:            func() string { return a.manifest.Load().MOTDFile },
+		AnnouncementBanners: func() *[]codersdk.BannerConfig { return a.announcementBanners.Load() },
+		UpdateEnv:           a.updateCommandEnv,
+		WorkingDirectory:    func() string { return a.manifest.Load().Directory },
+		BlockFileTransfer:   a.blockFileTransfer,
 		ReportConnection: func(id uuid.UUID, magicType agentssh.MagicSessionType, ip string) func(code int, reason string) {
 			var connectionType proto.Connection_Type
 			switch magicType {
@@ -406,7 +398,7 @@ func (a *agent) init() {
 	gitOpts := append([]agentgit.Option{agentgit.WithClock(a.clock)}, a.gitAPIOptions...)
 	a.gitAPI = agentgit.NewAPI(a.logger.Named("git"), pathStore, gitOpts...)
 	desktop := agentdesktop.NewPortableDesktop(
-		a.logger.Named("desktop"), a.execer, a.scriptRunner.ScriptBinDir(), nil,
+		a.logger.Named("desktop"), a.execer, a.scriptRunner.ScriptBinDir(),
 	)
 	a.desktopAPI = agentdesktop.NewAPI(a.logger.Named("desktop"), desktop, a.clock)
 	a.mcpManager = agentmcp.NewManager(a.logger.Named("mcp"))
@@ -1374,7 +1366,7 @@ func (a *agent) handleManifest(manifestOK *checkpoint) func(ctx context.Context,
 				// lifecycle transition to avoid delaying Ready.
 				// This runs inside the tracked goroutine so it
 				// is properly awaited on shutdown.
-				if mcpErr := a.mcpManager.Connect(a.gracefulCtx, a.contextConfigAPI.MCPConfigFiles()); mcpErr != nil {
+				if mcpErr := a.mcpManager.Connect(a.gracefulCtx, a.contextConfigAPI.Config().MCPConfigFiles); mcpErr != nil {
 					a.logger.Warn(ctx, "failed to connect to workspace MCP servers", slog.Error(mcpErr))
 				}
 			})

agent/agent_internal_test.go

@@ -83,14 +83,14 @@ func TestContextConfigAPI_InitOnce(t *testing.T) {
 		return ""
 	})
 
-	mcpFiles1 := a.contextConfigAPI.MCPConfigFiles()
-	require.NotEmpty(t, mcpFiles1)
-	require.Contains(t, mcpFiles1[0], dir1)
+	cfg1 := a.contextConfigAPI.Config()
+	require.NotEmpty(t, cfg1.MCPConfigFiles)
+	require.Contains(t, cfg1.MCPConfigFiles[0], dir1)
 
-	// Simulate manifest update on reconnection -- no field
+	// Simulate manifest update on reconnection — no field
 	// reassignment needed, the lazy closure picks it up.
 	a.manifest.Store(&agentsdk.Manifest{Directory: dir2})
-	mcpFiles2 := a.contextConfigAPI.MCPConfigFiles()
-	require.NotEmpty(t, mcpFiles2)
-	require.Contains(t, mcpFiles2[0], dir2)
+	cfg2 := a.contextConfigAPI.Config()
+	require.NotEmpty(t, cfg2.MCPConfigFiles)
+	require.Contains(t, cfg2.MCPConfigFiles[0], dir2)
 }

agent/agent_test.go

@@ -986,161 +986,6 @@ func TestAgent_TCPRemoteForwarding(t *testing.T) {
 	requireEcho(t, conn)
 }
 
-func TestAgent_TCPLocalForwardingBlocked(t *testing.T) {
-	t.Parallel()
-	ctx := testutil.Context(t, testutil.WaitLong)
-
-	rl, err := net.Listen("tcp", "127.0.0.1:0")
-	require.NoError(t, err)
-	defer rl.Close()
-	tcpAddr, valid := rl.Addr().(*net.TCPAddr)
-	require.True(t, valid)
-	remotePort := tcpAddr.Port
-
-	//nolint:dogsled
-	agentConn, _, _, _, _ := setupAgent(t, agentsdk.Manifest{}, 0, func(_ *agenttest.Client, o *agent.Options) {
-		o.BlockLocalPortForwarding = true
-	})
-	sshClient, err := agentConn.SSHClient(ctx)
-	require.NoError(t, err)
-	defer sshClient.Close()
-
-	_, err = sshClient.Dial("tcp", fmt.Sprintf("127.0.0.1:%d", remotePort))
-	require.ErrorContains(t, err, "administratively prohibited")
-}
-
-func TestAgent_TCPRemoteForwardingBlocked(t *testing.T) {
-	t.Parallel()
-	ctx := testutil.Context(t, testutil.WaitLong)
-
-	//nolint:dogsled
-	agentConn, _, _, _, _ := setupAgent(t, agentsdk.Manifest{}, 0, func(_ *agenttest.Client, o *agent.Options) {
-		o.BlockReversePortForwarding = true
-	})
-	sshClient, err := agentConn.SSHClient(ctx)
-	require.NoError(t, err)
-	defer sshClient.Close()
-
-	localhost := netip.MustParseAddr("127.0.0.1")
-	randomPort := testutil.RandomPortNoListen(t)
-	addr := net.TCPAddrFromAddrPort(netip.AddrPortFrom(localhost, randomPort))
-	_, err = sshClient.ListenTCP(addr)
-	require.ErrorContains(t, err, "tcpip-forward request denied by peer")
-}
-
-func TestAgent_UnixLocalForwardingBlocked(t *testing.T) {
-	t.Parallel()
-	if runtime.GOOS == "windows" {
-		t.Skip("unix domain sockets are not fully supported on Windows")
-	}
-	ctx := testutil.Context(t, testutil.WaitLong)
-	tmpdir := testutil.TempDirUnixSocket(t)
-	remoteSocketPath := filepath.Join(tmpdir, "remote-socket")
-
-	l, err := net.Listen("unix", remoteSocketPath)
-	require.NoError(t, err)
-	defer l.Close()
-
-	//nolint:dogsled
-	agentConn, _, _, _, _ := setupAgent(t, agentsdk.Manifest{}, 0, func(_ *agenttest.Client, o *agent.Options) {
-		o.BlockLocalPortForwarding = true
-	})
-	sshClient, err := agentConn.SSHClient(ctx)
-	require.NoError(t, err)
-	defer sshClient.Close()
-
-	_, err = sshClient.Dial("unix", remoteSocketPath)
-	require.ErrorContains(t, err, "administratively prohibited")
-}
-
-func TestAgent_UnixRemoteForwardingBlocked(t *testing.T) {
-	t.Parallel()
-	if runtime.GOOS == "windows" {
-		t.Skip("unix domain sockets are not fully supported on Windows")
-	}
-	ctx := testutil.Context(t, testutil.WaitLong)
-	tmpdir := testutil.TempDirUnixSocket(t)
-	remoteSocketPath := filepath.Join(tmpdir, "remote-socket")
-
-	//nolint:dogsled
-	agentConn, _, _, _, _ := setupAgent(t, agentsdk.Manifest{}, 0, func(_ *agenttest.Client, o *agent.Options) {
-		o.BlockReversePortForwarding = true
-	})
-	sshClient, err := agentConn.SSHClient(ctx)
-	require.NoError(t, err)
-	defer sshClient.Close()
-
-	_, err = sshClient.ListenUnix(remoteSocketPath)
-	require.ErrorContains(t, err, "streamlocal-forward@openssh.com request denied by peer")
-}
-
-// TestAgent_LocalBlockedDoesNotAffectReverse verifies that blocking
-// local port forwarding does not prevent reverse port forwarding from
-// working. A field-name transposition at any plumbing hop would cause
-// both directions to be blocked when only one flag is set.
-func TestAgent_LocalBlockedDoesNotAffectReverse(t *testing.T) {
-	t.Parallel()
-	ctx := testutil.Context(t, testutil.WaitLong)
-
-	//nolint:dogsled
-	agentConn, _, _, _, _ := setupAgent(t, agentsdk.Manifest{}, 0, func(_ *agenttest.Client, o *agent.Options) {
-		o.BlockLocalPortForwarding = true
-	})
-	sshClient, err := agentConn.SSHClient(ctx)
-	require.NoError(t, err)
-	defer sshClient.Close()
-
-	// Reverse forwarding must still work.
-	localhost := netip.MustParseAddr("127.0.0.1")
-	var ll net.Listener
-	for {
-		randomPort := testutil.RandomPortNoListen(t)
-		addr := net.TCPAddrFromAddrPort(netip.AddrPortFrom(localhost, randomPort))
-		ll, err = sshClient.ListenTCP(addr)
-		if err != nil {
-			t.Logf("error remote forwarding: %s", err.Error())
-			select {
-			case <-ctx.Done():
-				t.Fatal("timed out getting random listener")
-			default:
-				continue
-			}
-		}
-		break
-	}
-	_ = ll.Close()
-}
-
-// TestAgent_ReverseBlockedDoesNotAffectLocal verifies that blocking
-// reverse port forwarding does not prevent local port forwarding from
-// working.
-func TestAgent_ReverseBlockedDoesNotAffectLocal(t *testing.T) {
-	t.Parallel()
-	ctx := testutil.Context(t, testutil.WaitLong)
-
-	rl, err := net.Listen("tcp", "127.0.0.1:0")
-	require.NoError(t, err)
-	defer rl.Close()
-	tcpAddr, valid := rl.Addr().(*net.TCPAddr)
-	require.True(t, valid)
-	remotePort := tcpAddr.Port
-	go echoOnce(t, rl)
-
-	//nolint:dogsled
-	agentConn, _, _, _, _ := setupAgent(t, agentsdk.Manifest{}, 0, func(_ *agenttest.Client, o *agent.Options) {
-		o.BlockReversePortForwarding = true
-	})
-	sshClient, err := agentConn.SSHClient(ctx)
-	require.NoError(t, err)
-	defer sshClient.Close()
-
-	// Local forwarding must still work.
-	conn, err := sshClient.Dial("tcp", fmt.Sprintf("127.0.0.1:%d", remotePort))
-	require.NoError(t, err)
-	defer conn.Close()
-	requireEcho(t, conn)
-}
-
 func TestAgent_UnixLocalForwarding(t *testing.T) {
 	t.Parallel()
 	if runtime.GOOS == "windows" {

agent/agentcontextconfig/api.go

@@ -2,17 +2,13 @@ package agentcontextconfig
 
 import (
 	"cmp"
-	"io"
 	"net/http"
 	"os"
-	"path/filepath"
-	"regexp"
 	"strings"
 
 	"github.com/go-chi/chi/v5"
 
 	"github.com/coder/coder/v2/coderd/httpapi"
-	"github.com/coder/coder/v2/codersdk"
 	"github.com/coder/coder/v2/codersdk/workspacesdk"
 )
 
@@ -26,47 +22,9 @@ const (
 	EnvMCPConfigFiles   = "CODER_AGENT_EXP_MCP_CONFIG_FILES"
 )
 
-const (
-	maxInstructionFileBytes = 64 * 1024
-	maxSkillMetaBytes       = 64 * 1024
-)
-
-// markdownCommentPattern strips HTML comments from instruction
-// file content for security (prevents hidden prompt injection).
-var markdownCommentPattern = regexp.MustCompile(`<!--[\s\S]*?-->`)
-
-// invisibleRunePattern strips invisible Unicode characters that
-// could be used for prompt injection.
-//
-//nolint:gocritic // Non-ASCII char ranges are intentional for invisible Unicode stripping.
-var invisibleRunePattern = regexp.MustCompile(
-	"[\u00ad\u034f\u061c\u070f" +
-		"\u115f\u1160\u17b4\u17b5" +
-		"\u180b-\u180f" +
-		"\u200b\u200d\u200e\u200f" +
-		"\u202a-\u202e" +
-		"\u2060-\u206f" +
-		"\u3164" +
-		"\ufe00-\ufe0f" +
-		"\ufeff" +
-		"\uffa0" +
-		"\ufff0-\ufff8]",
-)
-
-// skillNamePattern validates kebab-case skill names.
-var skillNamePattern = regexp.MustCompile(
-	`^[a-z0-9]+(-[a-z0-9]+)*$`,
-)
-
-// Default values for agent-internal configuration. These are
-// used when the corresponding env vars are unset.
-const (
-	DefaultInstructionsDir  = "~/.coder"
-	DefaultInstructionsFile = "AGENTS.md"
-	DefaultSkillsDir        = ".agents/skills"
-	DefaultSkillMetaFile    = "SKILL.md"
-	DefaultMCPConfigFile    = ".mcp.json"
-)
+// Defaults are defined in codersdk/workspacesdk so both
+// the agent and server can reference them without a
+// cross-layer import.
 
 // API exposes the resolved context configuration through the
 // agent's HTTP API.
@@ -84,88 +42,33 @@ func NewAPI(workingDir func() string) *API {
 	return &API{workingDir: workingDir}
 }
 
-// Config reads env vars, resolves paths, reads instruction files,
-// and discovers skills. Returns the HTTP response and the resolved
-// MCP config file paths (used only agent-internally). Exported
-// for use by tests.
-func Config(workingDir string) (workspacesdk.ContextConfigResponse, []string) {
+// Config reads env vars and resolves paths. Exported for use
+// by the MCP manager and tests.
+func Config(workingDir string) workspacesdk.ContextConfigResponse {
 	// TrimSpace all env vars before cmp.Or so that a
 	// whitespace-only value falls through to the default
 	// consistently. ResolvePaths also trims each comma-
 	// separated entry, but without pre-trimming here a
 	// bare " " would bypass cmp.Or and produce nil.
-	instructionsDir := cmp.Or(strings.TrimSpace(os.Getenv(EnvInstructionsDirs)), DefaultInstructionsDir)
-	instructionsFile := cmp.Or(strings.TrimSpace(os.Getenv(EnvInstructionsFile)), DefaultInstructionsFile)
-	skillsDir := cmp.Or(strings.TrimSpace(os.Getenv(EnvSkillsDirs)), DefaultSkillsDir)
-	skillMetaFile := cmp.Or(strings.TrimSpace(os.Getenv(EnvSkillMetaFile)), DefaultSkillMetaFile)
-	mcpConfigFile := cmp.Or(strings.TrimSpace(os.Getenv(EnvMCPConfigFiles)), DefaultMCPConfigFile)
-
-	resolvedInstructionsDirs := ResolvePaths(instructionsDir, workingDir)
-	resolvedSkillsDirs := ResolvePaths(skillsDir, workingDir)
-
-	// Read instruction files from each configured directory.
-	parts := readInstructionFiles(resolvedInstructionsDirs, instructionsFile)
-
-	// Also check the working directory for the instruction file,
-	// unless it was already covered by InstructionsDirs.
-	if workingDir != "" {
-		seenDirs := make(map[string]struct{}, len(resolvedInstructionsDirs))
-		for _, d := range resolvedInstructionsDirs {
-			seenDirs[d] = struct{}{}
-		}
-		if _, ok := seenDirs[workingDir]; !ok {
-			if entry, found := readInstructionFileFromDir(workingDir, instructionsFile); found {
-				parts = append(parts, entry)
-			}
-		}
-	}
-
-	// Discover skills from each configured skills directory.
-	skillParts := discoverSkills(resolvedSkillsDirs, skillMetaFile)
-	parts = append(parts, skillParts...)
-
-	// Guarantee non-nil slice to signal agent support.
-	if parts == nil {
-		parts = []codersdk.ChatMessagePart{}
-	}
+	instructionsDir := cmp.Or(strings.TrimSpace(os.Getenv(EnvInstructionsDirs)), workspacesdk.DefaultInstructionsDir)
+	instructionsFile := cmp.Or(strings.TrimSpace(os.Getenv(EnvInstructionsFile)), workspacesdk.DefaultInstructionsFile)
+	skillsDir := cmp.Or(strings.TrimSpace(os.Getenv(EnvSkillsDirs)), workspacesdk.DefaultSkillsDir)
+	skillMetaFile := cmp.Or(strings.TrimSpace(os.Getenv(EnvSkillMetaFile)), workspacesdk.DefaultSkillMetaFile)
+	mcpConfigFile := cmp.Or(strings.TrimSpace(os.Getenv(EnvMCPConfigFiles)), workspacesdk.DefaultMCPConfigFile)
 
 	return workspacesdk.ContextConfigResponse{
-		Parts: parts,
-	}, ResolvePaths(mcpConfigFile, workingDir)
+		InstructionsDirs: ResolvePaths(instructionsDir, workingDir),
+		InstructionsFile: instructionsFile,
+		SkillsDirs:       ResolvePaths(skillsDir, workingDir),
+		SkillMetaFile:    skillMetaFile,
+		MCPConfigFiles:   ResolvePaths(mcpConfigFile, workingDir),
+	}
 }
 
-// ContextPartsFromDir reads instruction files and discovers skills
-// from a specific directory, using default file names. This is used
-// by the CLI chat context commands to read context from an arbitrary
-// directory without consulting agent env vars.
-func ContextPartsFromDir(dir string) []codersdk.ChatMessagePart {
-	var parts []codersdk.ChatMessagePart
-
-	if entry, found := readInstructionFileFromDir(dir, DefaultInstructionsFile); found {
-		parts = append(parts, entry)
-	}
-
-	// Reuse ResolvePaths so CLI skill discovery follows the same
-	// project-relative path handling as agent config resolution.
-	skillParts := discoverSkills(
-		ResolvePaths(strings.Join([]string{DefaultSkillsDir, "skills"}, ","), dir),
-		DefaultSkillMetaFile,
-	)
-	parts = append(parts, skillParts...)
-
-	// Guarantee non-nil slice.
-	if parts == nil {
-		parts = []codersdk.ChatMessagePart{}
-	}
-
-	return parts
-}
-
-// MCPConfigFiles returns the resolved MCP configuration file
-// paths for the agent's MCP manager.
-func (api *API) MCPConfigFiles() []string {
-	_, mcpFiles := Config(api.workingDir())
-	return mcpFiles
+// Config returns the resolved config for use by other agent
+// components (e.g. MCP manager).
+func (api *API) Config() workspacesdk.ContextConfigResponse {
+	return Config(api.workingDir())
 }
 
 // Routes returns the HTTP handler for the context config
@@ -177,164 +80,5 @@ func (api *API) Routes() http.Handler {
 }
 
 func (api *API) handleGet(rw http.ResponseWriter, r *http.Request) {
-	response, _ := Config(api.workingDir())
-	httpapi.Write(r.Context(), rw, http.StatusOK, response)
-}
-
-// readInstructionFiles reads instruction files from each given
-// directory. Missing directories are silently skipped. Duplicate
-// directories are deduplicated.
-func readInstructionFiles(dirs []string, fileName string) []codersdk.ChatMessagePart {
-	var parts []codersdk.ChatMessagePart
-	seen := make(map[string]struct{}, len(dirs))
-	for _, dir := range dirs {
-		if _, ok := seen[dir]; ok {
-			continue
-		}
-		seen[dir] = struct{}{}
-		if part, found := readInstructionFileFromDir(dir, fileName); found {
-			parts = append(parts, part)
-		}
-	}
-	return parts
-}
-
-// readInstructionFileFromDir scans a directory for a file matching
-// fileName (case-insensitive) and reads its contents.
-func readInstructionFileFromDir(dir, fileName string) (codersdk.ChatMessagePart, bool) {
-	dirEntries, err := os.ReadDir(dir)
-	if err != nil {
-		return codersdk.ChatMessagePart{}, false
-	}
-
-	for _, e := range dirEntries {
-		if e.IsDir() {
-			continue
-		}
-		if strings.EqualFold(strings.TrimSpace(e.Name()), fileName) {
-			filePath := filepath.Join(dir, e.Name())
-			content, truncated, ok := readAndSanitizeFile(filePath, maxInstructionFileBytes)
-			if !ok {
-				return codersdk.ChatMessagePart{}, false
-			}
-			if content == "" {
-				return codersdk.ChatMessagePart{}, false
-			}
-			return codersdk.ChatMessagePart{
-				Type:                 codersdk.ChatMessagePartTypeContextFile,
-				ContextFilePath:      filePath,
-				ContextFileContent:   content,
-				ContextFileTruncated: truncated,
-			}, true
-		}
-	}
-	return codersdk.ChatMessagePart{}, false
-}
-
-// readAndSanitizeFile reads the file at path, capping the read
-// at maxBytes to avoid unbounded memory allocation. It sanitizes
-// the content (strips HTML comments and invisible Unicode) and
-// returns the result. Returns false if the file cannot be read.
-func readAndSanitizeFile(path string, maxBytes int64) (content string, truncated bool, ok bool) {
-	f, err := os.Open(path)
-	if err != nil {
-		return "", false, false
-	}
-	defer f.Close()
-
-	// Read at most maxBytes+1 to detect truncation without
-	// allocating the entire file into memory.
-	raw, err := io.ReadAll(io.LimitReader(f, maxBytes+1))
-	if err != nil {
-		return "", false, false
-	}
-
-	truncated = int64(len(raw)) > maxBytes
-	if truncated {
-		raw = raw[:maxBytes]
-	}
-
-	s := sanitizeInstructionMarkdown(string(raw))
-	if s == "" {
-		return "", truncated, true
-	}
-	return s, truncated, true
-}
-
-// sanitizeInstructionMarkdown strips HTML comments, invisible
-// Unicode characters, and CRLF line endings from instruction
-// file content.
-func sanitizeInstructionMarkdown(content string) string {
-	content = strings.ReplaceAll(content, "\r\n", "\n")
-	content = strings.ReplaceAll(content, "\r", "\n")
-	content = markdownCommentPattern.ReplaceAllString(content, "")
-	content = invisibleRunePattern.ReplaceAllString(content, "")
-	return strings.TrimSpace(content)
-}
-
-// discoverSkills walks the given skills directories and returns
-// metadata for every valid skill it finds. Body and supporting
-// file lists are NOT included; chatd fetches those on demand
-// via read_skill. Missing directories or individual errors are
-// silently skipped.
-func discoverSkills(skillsDirs []string, metaFile string) []codersdk.ChatMessagePart {
-	seen := make(map[string]struct{})
-	var parts []codersdk.ChatMessagePart
-
-	for _, skillsDir := range skillsDirs {
-		entries, err := os.ReadDir(skillsDir)
-		if err != nil {
-			continue
-		}
-
-		for _, entry := range entries {
-			if !entry.IsDir() {
-				continue
-			}
-
-			metaPath := filepath.Join(skillsDir, entry.Name(), metaFile)
-			f, err := os.Open(metaPath)
-			if err != nil {
-				continue
-			}
-			raw, err := io.ReadAll(io.LimitReader(f, maxSkillMetaBytes+1))
-			_ = f.Close()
-			if err != nil {
-				continue
-			}
-			if int64(len(raw)) > maxSkillMetaBytes {
-				raw = raw[:maxSkillMetaBytes]
-			}
-
-			name, description, _, err := workspacesdk.ParseSkillFrontmatter(string(raw))
-			if err != nil {
-				continue
-			}
-
-			// The directory name must match the declared name.
-			if name != entry.Name() {
-				continue
-			}
-			if !skillNamePattern.MatchString(name) {
-				continue
-			}
-
-			// First occurrence wins across directories.
-			if _, ok := seen[name]; ok {
-				continue
-			}
-			seen[name] = struct{}{}
-
-			skillDir := filepath.Join(skillsDir, entry.Name())
-			parts = append(parts, codersdk.ChatMessagePart{
-				Type:                     codersdk.ChatMessagePartTypeSkill,
-				SkillName:                name,
-				SkillDescription:         description,
-				SkillDir:                 skillDir,
-				ContextFileSkillMetaFile: metaFile,
-			})
-		}
-	}
-
-	return parts
+	httpapi.Write(r.Context(), rw, http.StatusOK, api.Config())
 }

agent/agentcontextconfig/api_test.go

@@ -1,465 +1,96 @@
 package agentcontextconfig_test
 
 import (
-	"os"
 	"path/filepath"
-	"strings"
 	"testing"
 
 	"github.com/stretchr/testify/require"
 
 	"github.com/coder/coder/v2/agent/agentcontextconfig"
-	"github.com/coder/coder/v2/codersdk"
+	"github.com/coder/coder/v2/codersdk/workspacesdk"
 )
 
-// filterParts returns only the parts matching the given type.
-func filterParts(parts []codersdk.ChatMessagePart, t codersdk.ChatMessagePartType) []codersdk.ChatMessagePart {
-	var out []codersdk.ChatMessagePart
-	for _, p := range parts {
-		if p.Type == t {
-			out = append(out, p)
-		}
-	}
-	return out
-}
-
-func writeSkillMetaFileInRoot(t *testing.T, skillsRoot, name, description string) string {
-	t.Helper()
-
-	skillDir := filepath.Join(skillsRoot, name)
-	require.NoError(t, os.MkdirAll(skillDir, 0o755))
-	require.NoError(t, os.WriteFile(
-		filepath.Join(skillDir, "SKILL.md"),
-		[]byte("---\nname: "+name+"\ndescription: "+description+"\n---\nSkill body"),
-		0o600,
-	))
-
-	return skillDir
-}
-
-func writeSkillMetaFile(t *testing.T, dir, name, description string) string {
-	t.Helper()
-	return writeSkillMetaFileInRoot(t, filepath.Join(dir, ".agents", "skills"), name, description)
-}
-
-func TestContextPartsFromDir(t *testing.T) {
-	t.Parallel()
-
-	t.Run("ReturnsInstructionFilePart", func(t *testing.T) {
-		t.Parallel()
-
-		dir := t.TempDir()
-		instructionPath := filepath.Join(dir, "AGENTS.md")
-		require.NoError(t, os.WriteFile(instructionPath, []byte("project instructions"), 0o600))
-
-		parts := agentcontextconfig.ContextPartsFromDir(dir)
-		contextParts := filterParts(parts, codersdk.ChatMessagePartTypeContextFile)
-		skillParts := filterParts(parts, codersdk.ChatMessagePartTypeSkill)
-
-		require.Len(t, parts, 1)
-		require.Len(t, contextParts, 1)
-		require.Empty(t, skillParts)
-		require.Equal(t, instructionPath, contextParts[0].ContextFilePath)
-		require.Equal(t, "project instructions", contextParts[0].ContextFileContent)
-		require.False(t, contextParts[0].ContextFileTruncated)
-	})
-
-	t.Run("ReturnsSkillParts", func(t *testing.T) {
-		t.Parallel()
-
-		dir := t.TempDir()
-		skillDir := writeSkillMetaFile(t, dir, "my-skill", "A test skill")
-
-		parts := agentcontextconfig.ContextPartsFromDir(dir)
-		contextParts := filterParts(parts, codersdk.ChatMessagePartTypeContextFile)
-		skillParts := filterParts(parts, codersdk.ChatMessagePartTypeSkill)
-
-		require.Len(t, parts, 1)
-		require.Empty(t, contextParts)
-		require.Len(t, skillParts, 1)
-		require.Equal(t, "my-skill", skillParts[0].SkillName)
-		require.Equal(t, "A test skill", skillParts[0].SkillDescription)
-		require.Equal(t, skillDir, skillParts[0].SkillDir)
-		require.Equal(t, "SKILL.md", skillParts[0].ContextFileSkillMetaFile)
-	})
-
-	t.Run("ReturnsSkillPartsFromSkillsDir", func(t *testing.T) {
-		t.Parallel()
-
-		dir := t.TempDir()
-		skillDir := writeSkillMetaFileInRoot(
-			t,
-			filepath.Join(dir, "skills"),
-			"my-skill",
-			"A test skill",
-		)
-
-		parts := agentcontextconfig.ContextPartsFromDir(dir)
-		contextParts := filterParts(parts, codersdk.ChatMessagePartTypeContextFile)
-		skillParts := filterParts(parts, codersdk.ChatMessagePartTypeSkill)
-
-		require.Len(t, parts, 1)
-		require.Empty(t, contextParts)
-		require.Len(t, skillParts, 1)
-		require.Equal(t, "my-skill", skillParts[0].SkillName)
-		require.Equal(t, "A test skill", skillParts[0].SkillDescription)
-		require.Equal(t, skillDir, skillParts[0].SkillDir)
-		require.Equal(t, "SKILL.md", skillParts[0].ContextFileSkillMetaFile)
-	})
-
-	t.Run("ReturnsEmptyForEmptyDir", func(t *testing.T) {
-		t.Parallel()
-
-		parts := agentcontextconfig.ContextPartsFromDir(t.TempDir())
-
-		require.NotNil(t, parts)
-		require.Empty(t, parts)
-	})
-
-	t.Run("ReturnsCombinedResults", func(t *testing.T) {
-		t.Parallel()
-
-		dir := t.TempDir()
-		instructionPath := filepath.Join(dir, "AGENTS.md")
-		require.NoError(t, os.WriteFile(instructionPath, []byte("combined instructions"), 0o600))
-		skillDir := writeSkillMetaFile(t, dir, "combined-skill", "Combined test skill")
-
-		parts := agentcontextconfig.ContextPartsFromDir(dir)
-		contextParts := filterParts(parts, codersdk.ChatMessagePartTypeContextFile)
-		skillParts := filterParts(parts, codersdk.ChatMessagePartTypeSkill)
-
-		require.Len(t, parts, 2)
-		require.Len(t, contextParts, 1)
-		require.Len(t, skillParts, 1)
-		require.Equal(t, instructionPath, contextParts[0].ContextFilePath)
-		require.Equal(t, "combined instructions", contextParts[0].ContextFileContent)
-		require.Equal(t, "combined-skill", skillParts[0].SkillName)
-		require.Equal(t, skillDir, skillParts[0].SkillDir)
-	})
-}
-
-func setupConfigTestEnv(t *testing.T, overrides map[string]string) string {
-	t.Helper()
-
-	fakeHome := t.TempDir()
-	t.Setenv("HOME", fakeHome)
-	t.Setenv("USERPROFILE", fakeHome)
-	t.Setenv(agentcontextconfig.EnvInstructionsDirs, "")
-	t.Setenv(agentcontextconfig.EnvInstructionsFile, "")
-	t.Setenv(agentcontextconfig.EnvSkillsDirs, "")
-	t.Setenv(agentcontextconfig.EnvSkillMetaFile, "")
-	t.Setenv(agentcontextconfig.EnvMCPConfigFiles, "")
-
-	for key, value := range overrides {
-		t.Setenv(key, value)
-	}
-
-	return fakeHome
-}
-
 func TestConfig(t *testing.T) {
-	//nolint:paralleltest // Uses t.Setenv to mutate process-wide environment.
 	t.Run("Defaults", func(t *testing.T) {
-		setupConfigTestEnv(t, nil)
-
-		workDir := platformAbsPath("work")
-		cfg, mcpFiles := agentcontextconfig.Config(workDir)
-
-		// Parts is always non-nil.
-		require.NotNil(t, cfg.Parts)
-		// Default MCP config file is ".mcp.json" (relative),
-		// resolved against the working directory.
-		require.Equal(t, []string{filepath.Join(workDir, ".mcp.json")}, mcpFiles)
-	})
-
-	//nolint:paralleltest // Uses t.Setenv to mutate process-wide environment.
-	t.Run("CustomEnvVars", func(t *testing.T) {
-		optInstructions := t.TempDir()
-		optSkills := t.TempDir()
-		optMCP := platformAbsPath("opt", "mcp.json")
-		setupConfigTestEnv(t, map[string]string{
-			agentcontextconfig.EnvInstructionsDirs: optInstructions,
-			agentcontextconfig.EnvInstructionsFile: "CUSTOM.md",
-			agentcontextconfig.EnvSkillsDirs:       optSkills,
-			agentcontextconfig.EnvSkillMetaFile:    "META.yaml",
-			agentcontextconfig.EnvMCPConfigFiles:   optMCP,
-		})
-
-		// Create files matching the custom names so we can
-		// verify the env vars actually change lookup behavior.
-		require.NoError(t, os.WriteFile(filepath.Join(optInstructions, "CUSTOM.md"), []byte("custom instructions"), 0o600))
-		skillDir := filepath.Join(optSkills, "my-skill")
-		require.NoError(t, os.MkdirAll(skillDir, 0o755))
-		require.NoError(t, os.WriteFile(
-			filepath.Join(skillDir, "META.yaml"),
-			[]byte("---\nname: my-skill\ndescription: custom meta\n---\n"),
-			0o600,
-		))
-
-		workDir := platformAbsPath("work")
-		cfg, mcpFiles := agentcontextconfig.Config(workDir)
-
-		require.Equal(t, []string{optMCP}, mcpFiles)
-		ctxFiles := filterParts(cfg.Parts, codersdk.ChatMessagePartTypeContextFile)
-		require.Len(t, ctxFiles, 1)
-		require.Equal(t, "custom instructions", ctxFiles[0].ContextFileContent)
-		skillParts := filterParts(cfg.Parts, codersdk.ChatMessagePartTypeSkill)
-		require.Len(t, skillParts, 1)
-		require.Equal(t, "my-skill", skillParts[0].SkillName)
-		require.Equal(t, "META.yaml", skillParts[0].ContextFileSkillMetaFile)
-	})
-
-	//nolint:paralleltest // Uses t.Setenv to mutate process-wide environment.
-	t.Run("WhitespaceInFileNames", func(t *testing.T) {
-		fakeHome := setupConfigTestEnv(t, map[string]string{
-			agentcontextconfig.EnvInstructionsFile: "  CLAUDE.md  ",
-		})
-		t.Setenv(agentcontextconfig.EnvInstructionsDirs, fakeHome)
-
-		workDir := t.TempDir()
-		// Create a file matching the trimmed name.
-		require.NoError(t, os.WriteFile(filepath.Join(fakeHome, "CLAUDE.md"), []byte("hello"), 0o600))
-
-		cfg, _ := agentcontextconfig.Config(workDir)
-
-		ctxFiles := filterParts(cfg.Parts, codersdk.ChatMessagePartTypeContextFile)
-		require.Len(t, ctxFiles, 1)
-		require.Equal(t, "hello", ctxFiles[0].ContextFileContent)
-	})
-
-	//nolint:paralleltest // Uses t.Setenv to mutate process-wide environment.
-	t.Run("CommaSeparatedDirs", func(t *testing.T) {
-		a := t.TempDir()
-		b := t.TempDir()
-		setupConfigTestEnv(t, map[string]string{
-			agentcontextconfig.EnvInstructionsDirs: a + "," + b,
-		})
-
-		// Put instruction files in both dirs.
-		require.NoError(t, os.WriteFile(filepath.Join(a, "AGENTS.md"), []byte("from a"), 0o600))
-		require.NoError(t, os.WriteFile(filepath.Join(b, "AGENTS.md"), []byte("from b"), 0o600))
-
-		workDir := t.TempDir()
-		cfg, _ := agentcontextconfig.Config(workDir)
-
-		ctxFiles := filterParts(cfg.Parts, codersdk.ChatMessagePartTypeContextFile)
-		require.Len(t, ctxFiles, 2)
-		require.Equal(t, "from a", ctxFiles[0].ContextFileContent)
-		require.Equal(t, "from b", ctxFiles[1].ContextFileContent)
-	})
-
-	//nolint:paralleltest // Uses t.Setenv to mutate process-wide environment.
-	t.Run("ReadsInstructionFiles", func(t *testing.T) {
-		workDir := t.TempDir()
-		fakeHome := setupConfigTestEnv(t, nil)
-
-		// Create ~/.coder/AGENTS.md
-		coderDir := filepath.Join(fakeHome, ".coder")
-		require.NoError(t, os.MkdirAll(coderDir, 0o755))
-		require.NoError(t, os.WriteFile(
-			filepath.Join(coderDir, "AGENTS.md"),
-			[]byte("home instructions"),
-			0o600,
-		))
-
-		cfg, _ := agentcontextconfig.Config(workDir)
-
-		ctxFiles := filterParts(cfg.Parts, codersdk.ChatMessagePartTypeContextFile)
-		require.NotNil(t, cfg.Parts)
-		require.Len(t, ctxFiles, 1)
-		require.Equal(t, "home instructions", ctxFiles[0].ContextFileContent)
-		require.Equal(t, filepath.Join(coderDir, "AGENTS.md"), ctxFiles[0].ContextFilePath)
-		require.False(t, ctxFiles[0].ContextFileTruncated)
-	})
-
-	//nolint:paralleltest // Uses t.Setenv to mutate process-wide environment.
-	t.Run("ReadsWorkingDirInstructionFile", func(t *testing.T) {
-		setupConfigTestEnv(t, nil)
-		workDir := t.TempDir()
-
-		// Create AGENTS.md in the working directory.
-		require.NoError(t, os.WriteFile(
-			filepath.Join(workDir, "AGENTS.md"),
-			[]byte("project instructions"),
-			0o600,
-		))
-
-		cfg, _ := agentcontextconfig.Config(workDir)
-
-		// Should find the working dir file (not in instruction dirs).
-		ctxFiles := filterParts(cfg.Parts, codersdk.ChatMessagePartTypeContextFile)
-		require.NotNil(t, cfg.Parts)
-		require.Len(t, ctxFiles, 1)
-		require.Equal(t, "project instructions", ctxFiles[0].ContextFileContent)
-		require.Equal(t, filepath.Join(workDir, "AGENTS.md"), ctxFiles[0].ContextFilePath)
-	})
-
-	//nolint:paralleltest // Uses t.Setenv to mutate process-wide environment.
-	t.Run("TruncatesLargeInstructionFile", func(t *testing.T) {
-		setupConfigTestEnv(t, nil)
-		workDir := t.TempDir()
-		largeContent := strings.Repeat("a", 64*1024+100)
-		require.NoError(t, os.WriteFile(filepath.Join(workDir, "AGENTS.md"), []byte(largeContent), 0o600))
-
-		cfg, _ := agentcontextconfig.Config(workDir)
-
-		ctxFiles := filterParts(cfg.Parts, codersdk.ChatMessagePartTypeContextFile)
-		require.Len(t, ctxFiles, 1)
-		require.True(t, ctxFiles[0].ContextFileTruncated)
-		require.Len(t, ctxFiles[0].ContextFileContent, 64*1024)
-	})
-
-	sanitizationTests := []struct {
-		name     string
-		input    string
-		expected string
-	}{
-		{
-			name:     "SanitizesHTMLComments",
-			input:    "visible\n<!-- hidden -->content",
-			expected: "visible\ncontent",
-		},
-		{
-			name:     "SanitizesInvisibleUnicode",
-			input:    "before\u200bafter",
-			expected: "beforeafter",
-		},
-		{
-			name:     "NormalizesCRLF",
-			input:    "line1\r\nline2\rline3",
-			expected: "line1\nline2\nline3",
-		},
-	}
-	//nolint:paralleltest // Uses t.Setenv to mutate process-wide environment.
-	for _, tt := range sanitizationTests {
-		t.Run(tt.name, func(t *testing.T) {
-			setupConfigTestEnv(t, nil)
-			workDir := t.TempDir()
-			require.NoError(t, os.WriteFile(
-				filepath.Join(workDir, "AGENTS.md"),
-				[]byte(tt.input),
-				0o600,
-			))
-
-			cfg, _ := agentcontextconfig.Config(workDir)
-
-			ctxFiles := filterParts(cfg.Parts, codersdk.ChatMessagePartTypeContextFile)
-			require.Len(t, ctxFiles, 1)
-			require.Equal(t, tt.expected, ctxFiles[0].ContextFileContent)
-		})
-	}
-
-	//nolint:paralleltest // Uses t.Setenv to mutate process-wide environment.
-	t.Run("DiscoversSkills", func(t *testing.T) {
 		fakeHome := t.TempDir()
 		t.Setenv("HOME", fakeHome)
 		t.Setenv("USERPROFILE", fakeHome)
-		t.Setenv(agentcontextconfig.EnvInstructionsDirs, fakeHome)
+
+		// Clear all env vars so defaults are used.
+		t.Setenv(agentcontextconfig.EnvInstructionsDirs, "")
 		t.Setenv(agentcontextconfig.EnvInstructionsFile, "")
+		t.Setenv(agentcontextconfig.EnvSkillsDirs, "")
 		t.Setenv(agentcontextconfig.EnvSkillMetaFile, "")
 		t.Setenv(agentcontextconfig.EnvMCPConfigFiles, "")
 
-		workDir := t.TempDir()
-		skillsDir := filepath.Join(workDir, ".agents", "skills")
-		t.Setenv(agentcontextconfig.EnvSkillsDirs, skillsDir)
+		workDir := platformAbsPath("work")
+		cfg := agentcontextconfig.Config(workDir)
 
-		// Create a valid skill.
-		skillDir := filepath.Join(skillsDir, "my-skill")
-		require.NoError(t, os.MkdirAll(skillDir, 0o755))
-		require.NoError(t, os.WriteFile(
-			filepath.Join(skillDir, "SKILL.md"),
-			[]byte("---\nname: my-skill\ndescription: A test skill\n---\nSkill body"),
-			0o600,
-		))
-
-		cfg, _ := agentcontextconfig.Config(workDir)
-
-		skillParts := filterParts(cfg.Parts, codersdk.ChatMessagePartTypeSkill)
-		require.Len(t, skillParts, 1)
-		require.Equal(t, "my-skill", skillParts[0].SkillName)
-		require.Equal(t, "A test skill", skillParts[0].SkillDescription)
-		require.Equal(t, skillDir, skillParts[0].SkillDir)
-		require.Equal(t, "SKILL.md", skillParts[0].ContextFileSkillMetaFile)
+		require.Equal(t, workspacesdk.DefaultInstructionsFile, cfg.InstructionsFile)
+		require.Equal(t, workspacesdk.DefaultSkillMetaFile, cfg.SkillMetaFile)
+		// Default instructions dir is "~/.coder" which resolves
+		// to the home directory.
+		require.Equal(t, []string{filepath.Join(fakeHome, ".coder")}, cfg.InstructionsDirs)
+		// Default skills dir is ".agents/skills" (relative),
+		// resolved against the working directory.
+		require.Equal(t, []string{filepath.Join(workDir, ".agents", "skills")}, cfg.SkillsDirs)
+		// Default MCP config file is ".mcp.json" (relative),
+		// resolved against the working directory.
+		require.Equal(t, []string{filepath.Join(workDir, ".mcp.json")}, cfg.MCPConfigFiles)
 	})
 
-	//nolint:paralleltest // Uses t.Setenv to mutate process-wide environment.
-	t.Run("SkipsMissingDirs", func(t *testing.T) {
-		nonExistent := filepath.Join(t.TempDir(), "does-not-exist")
-		setupConfigTestEnv(t, map[string]string{
-			agentcontextconfig.EnvInstructionsDirs: nonExistent,
-			agentcontextconfig.EnvSkillsDirs:       nonExistent,
-		})
+	t.Run("CustomEnvVars", func(t *testing.T) {
+		fakeHome := t.TempDir()
+		t.Setenv("HOME", fakeHome)
+		t.Setenv("USERPROFILE", fakeHome)
 
-		workDir := t.TempDir()
-		cfg, _ := agentcontextconfig.Config(workDir)
+		optInstructions := platformAbsPath("opt", "instructions")
+		optSkills := platformAbsPath("opt", "skills")
+		optMCP := platformAbsPath("opt", "mcp.json")
 
-		// Non-nil empty slice (signals agent supports new format).
-		require.NotNil(t, cfg.Parts)
-		require.Empty(t, cfg.Parts)
+		t.Setenv(agentcontextconfig.EnvInstructionsDirs, optInstructions)
+		t.Setenv(agentcontextconfig.EnvInstructionsFile, "CUSTOM.md")
+		t.Setenv(agentcontextconfig.EnvSkillsDirs, optSkills)
+		t.Setenv(agentcontextconfig.EnvSkillMetaFile, "META.yaml")
+		t.Setenv(agentcontextconfig.EnvMCPConfigFiles, optMCP)
+
+		workDir := platformAbsPath("work")
+		cfg := agentcontextconfig.Config(workDir)
+
+		require.Equal(t, "CUSTOM.md", cfg.InstructionsFile)
+		require.Equal(t, "META.yaml", cfg.SkillMetaFile)
+		require.Equal(t, []string{optInstructions}, cfg.InstructionsDirs)
+		require.Equal(t, []string{optSkills}, cfg.SkillsDirs)
+		require.Equal(t, []string{optMCP}, cfg.MCPConfigFiles)
 	})
 
-	//nolint:paralleltest // Uses t.Setenv to mutate process-wide environment.
-	t.Run("MCPConfigFilesResolvedSeparately", func(t *testing.T) {
-		optMCP := platformAbsPath("opt", "custom.json")
-		fakeHome := setupConfigTestEnv(t, map[string]string{
-			agentcontextconfig.EnvMCPConfigFiles: optMCP,
-		})
-		t.Setenv(agentcontextconfig.EnvInstructionsDirs, fakeHome)
+	t.Run("WhitespaceInFileNames", func(t *testing.T) {
+		t.Setenv(agentcontextconfig.EnvInstructionsDirs, "")
+		t.Setenv(agentcontextconfig.EnvInstructionsFile, "  CLAUDE.md  ")
+		t.Setenv(agentcontextconfig.EnvSkillsDirs, "")
+		t.Setenv(agentcontextconfig.EnvSkillMetaFile, "")
+		t.Setenv(agentcontextconfig.EnvMCPConfigFiles, "")
 
-		workDir := t.TempDir()
-		_, mcpFiles := agentcontextconfig.Config(workDir)
+		workDir := platformAbsPath("work")
+		cfg := agentcontextconfig.Config(workDir)
 
-		require.Equal(t, []string{optMCP}, mcpFiles)
+		require.Equal(t, "CLAUDE.md", cfg.InstructionsFile)
 	})
 
-	//nolint:paralleltest // Uses t.Setenv to mutate process-wide environment.
-	t.Run("SkillNameMustMatchDir", func(t *testing.T) {
-		fakeHome := setupConfigTestEnv(t, nil)
-		t.Setenv(agentcontextconfig.EnvInstructionsDirs, fakeHome)
+	t.Run("CommaSeparatedDirs", func(t *testing.T) {
+		a := platformAbsPath("opt", "a")
+		b := platformAbsPath("opt", "b")
 
-		workDir := t.TempDir()
-		skillsDir := filepath.Join(workDir, "skills")
-		t.Setenv(agentcontextconfig.EnvSkillsDirs, skillsDir)
+		t.Setenv(agentcontextconfig.EnvInstructionsDirs, a+","+b)
+		t.Setenv(agentcontextconfig.EnvInstructionsFile, "")
+		t.Setenv(agentcontextconfig.EnvSkillsDirs, "")
+		t.Setenv(agentcontextconfig.EnvSkillMetaFile, "")
+		t.Setenv(agentcontextconfig.EnvMCPConfigFiles, "")
 
-		// Skill name in frontmatter doesn't match directory name.
-		skillDir := filepath.Join(skillsDir, "wrong-dir-name")
-		require.NoError(t, os.MkdirAll(skillDir, 0o755))
-		require.NoError(t, os.WriteFile(
-			filepath.Join(skillDir, "SKILL.md"),
-			[]byte("---\nname: actual-name\ndescription: mismatch\n---\n"),
-			0o600,
-		))
+		workDir := platformAbsPath("work")
+		cfg := agentcontextconfig.Config(workDir)
 
-		cfg, _ := agentcontextconfig.Config(workDir)
-		skillParts := filterParts(cfg.Parts, codersdk.ChatMessagePartTypeSkill)
-		require.Empty(t, skillParts)
-	})
-
-	//nolint:paralleltest // Uses t.Setenv to mutate process-wide environment.
-	t.Run("DuplicateSkillsFirstWins", func(t *testing.T) {
-		fakeHome := setupConfigTestEnv(t, nil)
-		t.Setenv(agentcontextconfig.EnvInstructionsDirs, fakeHome)
-
-		workDir := t.TempDir()
-		skillsDir1 := filepath.Join(workDir, "skills1")
-		skillsDir2 := filepath.Join(workDir, "skills2")
-		t.Setenv(agentcontextconfig.EnvSkillsDirs, skillsDir1+","+skillsDir2)
-
-		// Same skill name in both directories.
-		for _, dir := range []string{skillsDir1, skillsDir2} {
-			skillDir := filepath.Join(dir, "dup-skill")
-			require.NoError(t, os.MkdirAll(skillDir, 0o755))
-			require.NoError(t, os.WriteFile(
-				filepath.Join(skillDir, "SKILL.md"),
-				[]byte("---\nname: dup-skill\ndescription: from "+filepath.Base(dir)+"\n---\n"),
-				0o600,
-			))
-		}
-
-		cfg, _ := agentcontextconfig.Config(workDir)
-		skillParts := filterParts(cfg.Parts, codersdk.ChatMessagePartTypeSkill)
-		require.Len(t, skillParts, 1)
-		require.Equal(t, "from skills1", skillParts[0].SkillDescription)
+		require.Equal(t, []string{a, b}, cfg.InstructionsDirs)
 	})
 }
 
@@ -473,13 +104,14 @@ func TestNewAPI_LazyDirectory(t *testing.T) {
 	dir := ""
 	api := agentcontextconfig.NewAPI(func() string { return dir })
 
-	// Before directory is set, MCP paths resolve to nothing.
-	mcpFiles := api.MCPConfigFiles()
-	require.Empty(t, mcpFiles)
+	// Before directory is set, relative paths resolve to nothing.
+	cfg := api.Config()
+	require.Empty(t, cfg.SkillsDirs)
+	require.Empty(t, cfg.MCPConfigFiles)
 
-	// After setting the directory, MCPConfigFiles() picks it up.
+	// After setting the directory, Config() picks it up lazily.
 	dir = platformAbsPath("work")
-	mcpFiles = api.MCPConfigFiles()
-	require.NotEmpty(t, mcpFiles)
-	require.Equal(t, []string{filepath.Join(dir, ".mcp.json")}, mcpFiles)
+	cfg = api.Config()
+	require.NotEmpty(t, cfg.SkillsDirs)
+	require.Equal(t, []string{filepath.Join(dir, ".agents", "skills")}, cfg.SkillsDirs)
 }

agent/agentssh/agentssh.go

@@ -117,10 +117,6 @@ type Config struct {
 	X11MaxPort *int
 	// BlockFileTransfer restricts use of file transfer applications.
 	BlockFileTransfer bool
-	// BlockReversePortForwarding disables reverse port forwarding (ssh -R).
-	BlockReversePortForwarding bool
-	// BlockLocalPortForwarding disables local port forwarding (ssh -L).
-	BlockLocalPortForwarding bool
 	// ReportConnection.
 	ReportConnection reportConnectionFunc
 	// Experimental: allow connecting to running containers via Docker exec.
@@ -194,7 +190,7 @@ func NewServer(ctx context.Context, logger slog.Logger, prometheusRegistry *prom
 	}
 
 	forwardHandler := &ssh.ForwardedTCPHandler{}
-	unixForwardHandler := newForwardedUnixHandler(logger, config.BlockReversePortForwarding)
+	unixForwardHandler := newForwardedUnixHandler(logger)
 
 	metrics := newSSHServerMetrics(prometheusRegistry)
 	s := &Server{
@@ -233,15 +229,8 @@ func NewServer(ctx context.Context, logger slog.Logger, prometheusRegistry *prom
 				wrapped := NewJetbrainsChannelWatcher(ctx, s.logger, s.config.ReportConnection, newChan, &s.connCountJetBrains)
 				ssh.DirectTCPIPHandler(srv, conn, wrapped, ctx)
 			},
-			"direct-streamlocal@openssh.com": func(srv *ssh.Server, conn *gossh.ServerConn, newChan gossh.NewChannel, ctx ssh.Context) {
-				if s.config.BlockLocalPortForwarding {
-					s.logger.Warn(ctx, "unix local port forward blocked")
-					_ = newChan.Reject(gossh.Prohibited, "local port forwarding is disabled")
-					return
-				}
-				directStreamLocalHandler(srv, conn, newChan, ctx)
-			},
-			"session": ssh.DefaultSessionHandler,
+			"direct-streamlocal@openssh.com": directStreamLocalHandler,
+			"session":                        ssh.DefaultSessionHandler,
 		},
 		ConnectionFailedCallback: func(conn net.Conn, err error) {
 			s.logger.Warn(ctx, "ssh connection failed",
@@ -261,12 +250,6 @@ func NewServer(ctx context.Context, logger slog.Logger, prometheusRegistry *prom
 		// be set before we start listening.
 		HostSigners: []ssh.Signer{},
 		LocalPortForwardingCallback: func(ctx ssh.Context, destinationHost string, destinationPort uint32) bool {
-			if s.config.BlockLocalPortForwarding {
-				s.logger.Warn(ctx, "local port forward blocked",
-					slog.F("destination_host", destinationHost),
-					slog.F("destination_port", destinationPort))
-				return false
-			}
 			// Allow local port forwarding all!
 			s.logger.Debug(ctx, "local port forward",
 				slog.F("destination_host", destinationHost),
@@ -277,12 +260,6 @@ func NewServer(ctx context.Context, logger slog.Logger, prometheusRegistry *prom
 			return true
 		},
 		ReversePortForwardingCallback: func(ctx ssh.Context, bindHost string, bindPort uint32) bool {
-			if s.config.BlockReversePortForwarding {
-				s.logger.Warn(ctx, "reverse port forward blocked",
-					slog.F("bind_host", bindHost),
-					slog.F("bind_port", bindPort))
-				return false
-			}
 			// Allow reverse port forwarding all!
 			s.logger.Debug(ctx, "reverse port forward",
 				slog.F("bind_host", bindHost),

agent/agentssh/forward.go

@@ -35,9 +35,8 @@ type forwardedStreamLocalPayload struct {
 // streamlocal forwarding (aka. unix forwarding) instead of TCP forwarding.
 type forwardedUnixHandler struct {
 	sync.Mutex
-	log                        slog.Logger
-	forwards                   map[forwardKey]net.Listener
-	blockReversePortForwarding bool
+	log      slog.Logger
+	forwards map[forwardKey]net.Listener
 }
 
 type forwardKey struct {
@@ -45,11 +44,10 @@ type forwardKey struct {
 	addr      string
 }
 
-func newForwardedUnixHandler(log slog.Logger, blockReversePortForwarding bool) *forwardedUnixHandler {
+func newForwardedUnixHandler(log slog.Logger) *forwardedUnixHandler {
 	return &forwardedUnixHandler{
-		log:                        log,
-		forwards:                   make(map[forwardKey]net.Listener),
-		blockReversePortForwarding: blockReversePortForwarding,
+		log:      log,
+		forwards: make(map[forwardKey]net.Listener),
 	}
 }
 
@@ -64,10 +62,6 @@ func (h *forwardedUnixHandler) HandleSSHRequest(ctx ssh.Context, _ *ssh.Server,
 
 	switch req.Type {
 	case "streamlocal-forward@openssh.com":
-		if h.blockReversePortForwarding {
-			log.Warn(ctx, "unix reverse port forward blocked")
-			return false, nil
-		}
 		var reqPayload streamLocalForwardPayload
 		err := gossh.Unmarshal(req.Payload, &reqPayload)
 		if err != nil {

agent/x/agentdesktop/api.go

@@ -1,19 +1,12 @@
 package agentdesktop
 
 import (
-	"context"
 	"encoding/json"
-	"errors"
-	"io"
-	"mime/multipart"
 	"net/http"
-	"net/textproto"
 	"strconv"
-	"sync"
 	"time"
 
 	"github.com/go-chi/chi/v5"
-	"github.com/google/uuid"
 
 	"cdr.dev/slog/v3"
 	"github.com/coder/coder/v2/agent/agentssh"
@@ -54,9 +47,6 @@ type API struct {
 	logger  slog.Logger
 	desktop Desktop
 	clock   quartz.Clock
-
-	closeMu sync.Mutex
-	closed  bool
 }
 
 // NewAPI creates a new desktop streaming API.
@@ -76,10 +66,6 @@ func (a *API) Routes() http.Handler {
 	r := chi.NewRouter()
 	r.Get("/vnc", a.handleDesktopVNC)
 	r.Post("/action", a.handleAction)
-	r.Route("/recording", func(r chi.Router) {
-		r.Post("/start", a.handleRecordingStart)
-		r.Post("/stop", a.handleRecordingStop)
-	})
 	return r
 }
 
@@ -130,9 +116,6 @@ func (a *API) handleAction(rw http.ResponseWriter, r *http.Request) {
 	ctx := r.Context()
 	handlerStart := a.clock.Now()
 
-	// Update last desktop action timestamp for idle recording monitor.
-	a.desktop.RecordActivity()
-
 	// Ensure the desktop is running and grab native dimensions.
 	cfg, err := a.desktop.Start(ctx)
 	if err != nil {
@@ -497,205 +480,9 @@ func (a *API) handleAction(rw http.ResponseWriter, r *http.Request) {
 
 // Close shuts down the desktop session if one is running.
 func (a *API) Close() error {
-	a.closeMu.Lock()
-	if a.closed {
-		a.closeMu.Unlock()
-		return nil
-	}
-	a.closed = true
-	a.closeMu.Unlock()
-
 	return a.desktop.Close()
 }
 
-// decodeRecordingRequest decodes and validates a recording request
-// from the HTTP body, returning the recording ID. Returns false if
-// the request was invalid and an error response was already written.
-func (*API) decodeRecordingRequest(rw http.ResponseWriter, r *http.Request) (string, bool) {
-	ctx := r.Context()
-	var req struct {
-		RecordingID string `json:"recording_id"`
-	}
-	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
-		httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
-			Message: "Failed to decode request body.",
-			Detail:  err.Error(),
-		})
-		return "", false
-	}
-	if req.RecordingID == "" {
-		httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
-			Message: "Missing recording_id.",
-		})
-		return "", false
-	}
-	if _, err := uuid.Parse(req.RecordingID); err != nil {
-		httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
-			Message: "Invalid recording_id format.",
-			Detail:  "recording_id must be a valid UUID.",
-		})
-		return "", false
-	}
-	return req.RecordingID, true
-}
-
-func (a *API) handleRecordingStart(rw http.ResponseWriter, r *http.Request) {
-	ctx := r.Context()
-	recordingID, ok := a.decodeRecordingRequest(rw, r)
-	if !ok {
-		return
-	}
-
-	a.closeMu.Lock()
-	if a.closed {
-		a.closeMu.Unlock()
-		httpapi.Write(ctx, rw, http.StatusServiceUnavailable, codersdk.Response{
-			Message: "Desktop API is shutting down.",
-		})
-		return
-	}
-	a.closeMu.Unlock()
-
-	if err := a.desktop.StartRecording(ctx, recordingID); err != nil {
-		if errors.Is(err, ErrDesktopClosed) {
-			httpapi.Write(ctx, rw, http.StatusServiceUnavailable, codersdk.Response{
-				Message: "Desktop API is shutting down.",
-			})
-			return
-		}
-		httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{
-			Message: "Failed to start recording.",
-			Detail:  err.Error(),
-		})
-		return
-	}
-
-	httpapi.Write(ctx, rw, http.StatusOK, codersdk.Response{
-		Message: "Recording started.",
-	})
-}
-
-func (a *API) handleRecordingStop(rw http.ResponseWriter, r *http.Request) {
-	ctx := r.Context()
-
-	recordingID, ok := a.decodeRecordingRequest(rw, r)
-	if !ok {
-		return
-	}
-
-	a.closeMu.Lock()
-	if a.closed {
-		a.closeMu.Unlock()
-		httpapi.Write(ctx, rw, http.StatusServiceUnavailable, codersdk.Response{
-			Message: "Desktop API is shutting down.",
-		})
-		return
-	}
-	a.closeMu.Unlock()
-
-	// Stop recording (idempotent).
-	// Use a context detached from the HTTP request so that if the
-	// connection drops, the recording process can still shut down
-	// gracefully. WithoutCancel preserves request-scoped values.
-	stopCtx, stopCancel := context.WithTimeout(context.WithoutCancel(r.Context()), 30*time.Second)
-	defer stopCancel()
-	artifact, err := a.desktop.StopRecording(stopCtx, recordingID)
-	if err != nil {
-		if errors.Is(err, ErrUnknownRecording) {
-			httpapi.Write(ctx, rw, http.StatusNotFound, codersdk.Response{
-				Message: "Recording not found.",
-				Detail:  err.Error(),
-			})
-			return
-		}
-		if errors.Is(err, ErrRecordingCorrupted) {
-			httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{
-				Message: "Recording is corrupted.",
-				Detail:  err.Error(),
-			})
-			return
-		}
-		httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{
-			Message: "Failed to stop recording.",
-			Detail:  err.Error(),
-		})
-		return
-	}
-	defer artifact.Reader.Close()
-	defer func() {
-		if artifact.ThumbnailReader != nil {
-			_ = artifact.ThumbnailReader.Close()
-		}
-	}()
-
-	if artifact.Size > workspacesdk.MaxRecordingSize {
-		a.logger.Warn(ctx, "recording file exceeds maximum size",
-			slog.F("recording_id", recordingID),
-			slog.F("size", artifact.Size),
-			slog.F("max_size", workspacesdk.MaxRecordingSize),
-		)
-		httpapi.Write(ctx, rw, http.StatusRequestEntityTooLarge, codersdk.Response{
-			Message: "Recording file exceeds maximum allowed size.",
-		})
-		return
-	}
-
-	// Discard the thumbnail if it exceeds the maximum size.
-	// The server-side consumer also enforces this per-part, but
-	// rejecting it here avoids streaming a large thumbnail over
-	// the wire for nothing.
-	if artifact.ThumbnailReader != nil && artifact.ThumbnailSize > workspacesdk.MaxThumbnailSize {
-		a.logger.Warn(ctx, "thumbnail file exceeds maximum size, omitting",
-			slog.F("recording_id", recordingID),
-			slog.F("size", artifact.ThumbnailSize),
-			slog.F("max_size", workspacesdk.MaxThumbnailSize),
-		)
-		_ = artifact.ThumbnailReader.Close()
-		artifact.ThumbnailReader = nil
-		artifact.ThumbnailSize = 0
-	}
-
-	// The multipart response is best-effort: once WriteHeader(200) is
-	// called, CreatePart failures produce a truncated response without
-	// the closing boundary. The server-side consumer handles this
-	// gracefully, preserving any parts read before the error.
-	mw := multipart.NewWriter(rw)
-	defer mw.Close()
-	rw.Header().Set("Content-Type", "multipart/mixed; boundary="+mw.Boundary())
-	rw.WriteHeader(http.StatusOK)
-
-	// Part 1: video/mp4 (always present).
-	videoPart, err := mw.CreatePart(textproto.MIMEHeader{
-		"Content-Type": {"video/mp4"},
-	})
-	if err != nil {
-		a.logger.Warn(ctx, "failed to create video multipart part",
-			slog.F("recording_id", recordingID),
-			slog.Error(err))
-		return
-	}
-	if _, err := io.Copy(videoPart, artifact.Reader); err != nil {
-		a.logger.Warn(ctx, "failed to write video multipart part",
-			slog.F("recording_id", recordingID),
-			slog.Error(err))
-		return
-	}
-
-	// Part 2: image/jpeg (present only when thumbnail was extracted).
-	if artifact.ThumbnailReader != nil {
-		thumbPart, err := mw.CreatePart(textproto.MIMEHeader{
-			"Content-Type": {"image/jpeg"},
-		})
-		if err != nil {
-			a.logger.Warn(ctx, "failed to create thumbnail multipart part",
-				slog.F("recording_id", recordingID),
-				slog.Error(err))
-			return
-		}
-		_, _ = io.Copy(thumbPart, artifact.ThumbnailReader)
-	}
-}
-
 // coordFromAction extracts the coordinate pair from a DesktopAction,
 // returning an error if the coordinate field is missing.
 func coordFromAction(action DesktopAction) (x, y int, err error) {

agent/x/agentdesktop/api_test.go

@@ -4,22 +4,12 @@ import (
 	"bytes"
 	"context"
 	"encoding/json"
-	"errors"
-	"fmt"
-	"io"
-	"mime"
-	"mime/multipart"
 	"net"
 	"net/http"
 	"net/http/httptest"
-	"os"
-	"slices"
-	"strings"
-	"sync"
 	"testing"
 	"time"
 
-	"github.com/google/uuid"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	"golang.org/x/xerrors"
@@ -31,16 +21,6 @@ import (
 	"github.com/coder/quartz"
 )
 
-// Test recording UUIDs used across tests.
-const (
-	testRecIDDefault         = "870e1f02-8118-4300-a37e-4adb0117baf3"
-	testRecIDStartIdempotent = "250a2ffb-a5e5-4c94-9754-4d6a4ab7ba20"
-	testRecIDStopIdempotent  = "38f8a378-f98f-4758-a4ae-950b44cf989a"
-	testRecIDConcurrentA     = "8dc173eb-23c6-4601-a485-b6dfb2a42c3a"
-	testRecIDConcurrentB     = "fea490d4-70f0-4798-a181-29d65ce25ae1"
-	testRecIDRestart         = "75173a0d-b018-4e2e-a771-defa3fc6af69"
-)
-
 // Ensure fakeDesktop satisfies the Desktop interface at compile time.
 var _ agentdesktop.Desktop = (*fakeDesktop)(nil)
 
@@ -63,16 +43,6 @@ type fakeDesktop struct {
 	lastTyped   string
 	lastKeyDown string
 	lastKeyUp   string
-
-	thumbnailData []byte // if set, StopRecording includes a thumbnail
-
-	// Recording tracking (guarded by recMu).
-	recMu         sync.Mutex
-	recordings    map[string]string // ID → file path
-	stopCalls     []string          // recording IDs passed to StopRecording
-	recStopCh     chan string       // optional: signaled when StopRecording is called
-	startCount    int               // incremented on each new recording start
-	activityCount int               // incremented by RecordActivity
 }
 
 func (f *fakeDesktop) Start(context.Context) (agentdesktop.DisplayConfig, error) {
@@ -137,145 +107,11 @@ func (f *fakeDesktop) CursorPosition(context.Context) (x int, y int, err error)
 	return f.cursorPos[0], f.cursorPos[1], nil
 }
 
-func (f *fakeDesktop) StartRecording(_ context.Context, recordingID string) error {
-	f.recMu.Lock()
-	defer f.recMu.Unlock()
-	if f.recordings == nil {
-		f.recordings = make(map[string]string)
-	}
-	if path, ok := f.recordings[recordingID]; ok {
-		// Check if already stopped (file still exists but stop was
-		// called). For the fake, a stopped recording means its ID
-		// appears in stopCalls. In that case, remove the old file
-		// and start fresh.
-		stopped := slices.Contains(f.stopCalls, recordingID)
-		if !stopped {
-			// Active recording - no-op.
-			return nil
-		}
-		// Completed recording - discard old file, start fresh.
-		_ = os.Remove(path)
-		delete(f.recordings, recordingID)
-	}
-	f.startCount++
-	tmpFile, err := os.CreateTemp("", "fake-recording-*.mp4")
-	if err != nil {
-		return err
-	}
-	_, _ = tmpFile.Write([]byte(fmt.Sprintf("fake-mp4-data-%s-%d", recordingID, f.startCount)))
-	_ = tmpFile.Close()
-	f.recordings[recordingID] = tmpFile.Name()
-	return nil
-}
-
-func (f *fakeDesktop) StopRecording(_ context.Context, recordingID string) (*agentdesktop.RecordingArtifact, error) {
-	f.recMu.Lock()
-	defer f.recMu.Unlock()
-	if f.recordings == nil {
-		return nil, agentdesktop.ErrUnknownRecording
-	}
-	path, ok := f.recordings[recordingID]
-	if !ok {
-		return nil, agentdesktop.ErrUnknownRecording
-	}
-	f.stopCalls = append(f.stopCalls, recordingID)
-	if f.recStopCh != nil {
-		select {
-		case f.recStopCh <- recordingID:
-		default:
-		}
-	}
-	file, err := os.Open(path)
-	if err != nil {
-		return nil, err
-	}
-	info, err := file.Stat()
-	if err != nil {
-		_ = file.Close()
-		return nil, err
-	}
-	artifact := &agentdesktop.RecordingArtifact{
-		Reader: file,
-		Size:   info.Size(),
-	}
-	if f.thumbnailData != nil {
-		artifact.ThumbnailReader = io.NopCloser(bytes.NewReader(f.thumbnailData))
-		artifact.ThumbnailSize = int64(len(f.thumbnailData))
-	}
-	return artifact, nil
-}
-
-func (f *fakeDesktop) RecordActivity() {
-	f.recMu.Lock()
-	f.activityCount++
-	f.recMu.Unlock()
-}
-
 func (f *fakeDesktop) Close() error {
 	f.closed = true
-	f.recMu.Lock()
-	defer f.recMu.Unlock()
-	for _, path := range f.recordings {
-		_ = os.Remove(path)
-	}
 	return nil
 }
 
-// failStartRecordingDesktop wraps fakeDesktop and overrides
-// StartRecording to always return an error.
-type failStartRecordingDesktop struct {
-	fakeDesktop
-	startRecordingErr error
-}
-
-func (f *failStartRecordingDesktop) StartRecording(_ context.Context, _ string) error {
-	return f.startRecordingErr
-}
-
-// corruptedStopDesktop wraps fakeDesktop and overrides
-// StopRecording to always return ErrRecordingCorrupted.
-type corruptedStopDesktop struct {
-	fakeDesktop
-}
-
-func (*corruptedStopDesktop) StopRecording(_ context.Context, _ string) (*agentdesktop.RecordingArtifact, error) {
-	return nil, agentdesktop.ErrRecordingCorrupted
-}
-
-// oversizedFakeDesktop wraps fakeDesktop and expands recording files
-// beyond MaxRecordingSize when StopRecording is called.
-type oversizedFakeDesktop struct {
-	fakeDesktop
-}
-
-func (f *oversizedFakeDesktop) StopRecording(ctx context.Context, recordingID string) (*agentdesktop.RecordingArtifact, error) {
-	artifact, err := f.fakeDesktop.StopRecording(ctx, recordingID)
-	if err != nil {
-		return nil, err
-	}
-	// Close the original reader since we're going to re-open after truncation.
-	artifact.Reader.Close()
-
-	// Look up the path from the fakeDesktop recordings.
-	f.fakeDesktop.recMu.Lock()
-	path := f.fakeDesktop.recordings[recordingID]
-	f.fakeDesktop.recMu.Unlock()
-
-	// Expand the file to exceed the maximum recording size.
-	if err := os.Truncate(path, workspacesdk.MaxRecordingSize+1); err != nil {
-		return nil, err
-	}
-	// Re-open the truncated file.
-	file, err := os.Open(path)
-	if err != nil {
-		return nil, err
-	}
-	return &agentdesktop.RecordingArtifact{
-		Reader: file,
-		Size:   workspacesdk.MaxRecordingSize + 1,
-	}, nil
-}
-
 func TestHandleDesktopVNC_StartError(t *testing.T) {
 	t.Parallel()
 
@@ -298,37 +134,6 @@ func TestHandleDesktopVNC_StartError(t *testing.T) {
 	assert.Equal(t, "Failed to start desktop session.", resp.Message)
 }
 
-func TestHandleAction_CallsRecordActivity(t *testing.T) {
-	t.Parallel()
-
-	logger := slogtest.Make(t, nil)
-	fake := &fakeDesktop{
-		startCfg: agentdesktop.DisplayConfig{Width: 1920, Height: 1080},
-	}
-	api := agentdesktop.NewAPI(logger, fake, nil)
-	defer api.Close()
-
-	body := agentdesktop.DesktopAction{
-		Action:     "left_click",
-		Coordinate: &[2]int{100, 200},
-	}
-	b, err := json.Marshal(body)
-	require.NoError(t, err)
-
-	rr := httptest.NewRecorder()
-	req := httptest.NewRequest(http.MethodPost, "/action", bytes.NewReader(b))
-	req.Header.Set("Content-Type", "application/json")
-
-	handler := api.Routes()
-	handler.ServeHTTP(rr, req)
-	require.Equal(t, http.StatusOK, rr.Code)
-
-	fake.recMu.Lock()
-	count := fake.activityCount
-	fake.recMu.Unlock()
-	assert.Equal(t, 1, count, "handleAction should call RecordActivity exactly once")
-}
-
 func TestHandleAction_Screenshot(t *testing.T) {
 	t.Parallel()
 
@@ -769,644 +574,3 @@ func TestHandleAction_CursorPositionReturnsDeclaredCoordinates(t *testing.T) {
 	// Native (960,540) in 1920x1080 should map to declared space in 1280x720.
 	assert.Equal(t, "x=640,y=360", resp.Output)
 }
-
-func TestRecordingStartStop(t *testing.T) {
-	t.Parallel()
-
-	logger := slogtest.Make(t, nil)
-	fake := &fakeDesktop{
-		startCfg: agentdesktop.DisplayConfig{Width: 1920, Height: 1080},
-	}
-	api := agentdesktop.NewAPI(logger, fake, nil)
-	defer api.Close()
-
-	handler := api.Routes()
-
-	// Start recording.
-	startBody, err := json.Marshal(map[string]string{"recording_id": testRecIDDefault})
-	require.NoError(t, err)
-	rr := httptest.NewRecorder()
-	req := httptest.NewRequest(http.MethodPost, "/recording/start", bytes.NewReader(startBody))
-	handler.ServeHTTP(rr, req)
-	require.Equal(t, http.StatusOK, rr.Code)
-
-	// Stop recording.
-	stopBody, err := json.Marshal(map[string]string{"recording_id": testRecIDDefault})
-	require.NoError(t, err)
-	rr = httptest.NewRecorder()
-	req = httptest.NewRequest(http.MethodPost, "/recording/stop", bytes.NewReader(stopBody))
-	handler.ServeHTTP(rr, req)
-	require.Equal(t, http.StatusOK, rr.Code)
-	parts := parseMultipartParts(t, rr.Header().Get("Content-Type"), rr.Body.Bytes())
-	assert.Equal(t, []byte("fake-mp4-data-"+testRecIDDefault+"-1"), parts["video/mp4"])
-}
-
-func TestRecordingStartFails(t *testing.T) {
-	t.Parallel()
-
-	logger := slogtest.Make(t, nil)
-	fake := &failStartRecordingDesktop{
-		fakeDesktop: fakeDesktop{
-			startCfg: agentdesktop.DisplayConfig{Width: 1920, Height: 1080},
-		},
-		startRecordingErr: xerrors.New("start recording error"),
-	}
-	api := agentdesktop.NewAPI(logger, fake, nil)
-	defer api.Close()
-
-	handler := api.Routes()
-
-	body, err := json.Marshal(map[string]string{"recording_id": uuid.New().String()})
-	require.NoError(t, err)
-	rr := httptest.NewRecorder()
-	req := httptest.NewRequest(http.MethodPost, "/recording/start", bytes.NewReader(body))
-	handler.ServeHTTP(rr, req)
-
-	assert.Equal(t, http.StatusInternalServerError, rr.Code)
-
-	var resp codersdk.Response
-	err = json.NewDecoder(rr.Body).Decode(&resp)
-	require.NoError(t, err)
-	assert.Equal(t, "Failed to start recording.", resp.Message)
-}
-
-func TestRecordingStartIdempotent(t *testing.T) {
-	t.Parallel()
-
-	logger := slogtest.Make(t, nil)
-	fake := &fakeDesktop{
-		startCfg: agentdesktop.DisplayConfig{Width: 1920, Height: 1080},
-	}
-	api := agentdesktop.NewAPI(logger, fake, nil)
-	defer api.Close()
-
-	handler := api.Routes()
-
-	// Start same recording twice - both should succeed.
-	for range 2 {
-		body, err := json.Marshal(map[string]string{"recording_id": testRecIDStartIdempotent})
-		require.NoError(t, err)
-		rr := httptest.NewRecorder()
-		req := httptest.NewRequest(http.MethodPost, "/recording/start", bytes.NewReader(body))
-		handler.ServeHTTP(rr, req)
-		require.Equal(t, http.StatusOK, rr.Code)
-	}
-
-	// Stop once, verify normal response.
-	stopBody, err := json.Marshal(map[string]string{"recording_id": testRecIDStartIdempotent})
-	require.NoError(t, err)
-	rr := httptest.NewRecorder()
-	req := httptest.NewRequest(http.MethodPost, "/recording/stop", bytes.NewReader(stopBody))
-	handler.ServeHTTP(rr, req)
-	require.Equal(t, http.StatusOK, rr.Code)
-	parts := parseMultipartParts(t, rr.Header().Get("Content-Type"), rr.Body.Bytes())
-	assert.Equal(t, []byte("fake-mp4-data-"+testRecIDStartIdempotent+"-1"), parts["video/mp4"])
-}
-
-func TestRecordingStopIdempotent(t *testing.T) {
-	t.Parallel()
-
-	logger := slogtest.Make(t, nil)
-	fake := &fakeDesktop{
-		startCfg: agentdesktop.DisplayConfig{Width: 1920, Height: 1080},
-	}
-	api := agentdesktop.NewAPI(logger, fake, nil)
-	defer api.Close()
-
-	handler := api.Routes()
-
-	// Start recording.
-	startBody, err := json.Marshal(map[string]string{"recording_id": testRecIDStopIdempotent})
-	require.NoError(t, err)
-	rr := httptest.NewRecorder()
-	req := httptest.NewRequest(http.MethodPost, "/recording/start", bytes.NewReader(startBody))
-	handler.ServeHTTP(rr, req)
-	require.Equal(t, http.StatusOK, rr.Code)
-
-	// Stop twice - both should succeed with identical data.
-	var videoParts [2][]byte
-	for i := range 2 {
-		body, err := json.Marshal(map[string]string{"recording_id": testRecIDStopIdempotent})
-		require.NoError(t, err)
-		recorder := httptest.NewRecorder()
-		request := httptest.NewRequest(http.MethodPost, "/recording/stop", bytes.NewReader(body))
-		handler.ServeHTTP(recorder, request)
-		require.Equal(t, http.StatusOK, recorder.Code)
-		parts := parseMultipartParts(t, recorder.Header().Get("Content-Type"), recorder.Body.Bytes())
-		videoParts[i] = parts["video/mp4"]
-	}
-	assert.Equal(t, videoParts[0], videoParts[1])
-}
-
-func TestRecordingStopInvalidIDFormat(t *testing.T) {
-	t.Parallel()
-
-	logger := slogtest.Make(t, nil)
-	fake := &fakeDesktop{
-		startCfg: agentdesktop.DisplayConfig{Width: 1920, Height: 1080},
-	}
-	api := agentdesktop.NewAPI(logger, fake, nil)
-	defer api.Close()
-
-	handler := api.Routes()
-
-	body, err := json.Marshal(map[string]string{"recording_id": "not-a-uuid"})
-	require.NoError(t, err)
-	rr := httptest.NewRecorder()
-	req := httptest.NewRequest(http.MethodPost, "/recording/stop", bytes.NewReader(body))
-	handler.ServeHTTP(rr, req)
-	assert.Equal(t, http.StatusBadRequest, rr.Code)
-}
-
-func TestRecordingStopUnknownRecording(t *testing.T) {
-	t.Parallel()
-
-	logger := slogtest.Make(t, nil)
-	fake := &fakeDesktop{
-		startCfg: agentdesktop.DisplayConfig{Width: 1920, Height: 1080},
-	}
-	api := agentdesktop.NewAPI(logger, fake, nil)
-	defer api.Close()
-
-	handler := api.Routes()
-
-	// Send a valid UUID that was never started - should reach
-	// StopRecording, get ErrUnknownRecording, and return 404.
-	body, err := json.Marshal(map[string]string{"recording_id": uuid.New().String()})
-	require.NoError(t, err)
-	rr := httptest.NewRecorder()
-	req := httptest.NewRequest(http.MethodPost, "/recording/stop", bytes.NewReader(body))
-	handler.ServeHTTP(rr, req)
-	assert.Equal(t, http.StatusNotFound, rr.Code)
-
-	var resp codersdk.Response
-	err = json.NewDecoder(rr.Body).Decode(&resp)
-	require.NoError(t, err)
-	assert.Equal(t, "Recording not found.", resp.Message)
-}
-
-func TestRecordingStopOversizedFile(t *testing.T) {
-	t.Parallel()
-
-	logger := slogtest.Make(t, nil)
-	fake := &oversizedFakeDesktop{
-		fakeDesktop: fakeDesktop{
-			startCfg: agentdesktop.DisplayConfig{Width: 1920, Height: 1080},
-		},
-	}
-	api := agentdesktop.NewAPI(logger, fake, nil)
-	defer api.Close()
-
-	handler := api.Routes()
-
-	// Start recording.
-	recID := uuid.New().String()
-	startBody, err := json.Marshal(map[string]string{"recording_id": recID})
-	require.NoError(t, err)
-	rr := httptest.NewRecorder()
-	req := httptest.NewRequest(http.MethodPost, "/recording/start", bytes.NewReader(startBody))
-	handler.ServeHTTP(rr, req)
-	require.Equal(t, http.StatusOK, rr.Code)
-
-	// Stop recording - file exceeds max size, expect 413.
-	stopBody, err := json.Marshal(map[string]string{"recording_id": recID})
-	require.NoError(t, err)
-	rr = httptest.NewRecorder()
-	req = httptest.NewRequest(http.MethodPost, "/recording/stop", bytes.NewReader(stopBody))
-	handler.ServeHTTP(rr, req)
-	assert.Equal(t, http.StatusRequestEntityTooLarge, rr.Code)
-
-	var resp codersdk.Response
-	err = json.NewDecoder(rr.Body).Decode(&resp)
-	require.NoError(t, err)
-	assert.Equal(t, "Recording file exceeds maximum allowed size.", resp.Message)
-}
-
-func TestRecordingMultipleSimultaneous(t *testing.T) {
-	t.Parallel()
-
-	logger := slogtest.Make(t, nil)
-	fake := &fakeDesktop{
-		startCfg: agentdesktop.DisplayConfig{Width: 1920, Height: 1080},
-	}
-	api := agentdesktop.NewAPI(logger, fake, nil)
-	defer api.Close()
-
-	handler := api.Routes()
-
-	// Start two recordings with different IDs.
-	for _, id := range []string{testRecIDConcurrentA, testRecIDConcurrentB} {
-		body, err := json.Marshal(map[string]string{"recording_id": id})
-		require.NoError(t, err)
-		rr := httptest.NewRecorder()
-		req := httptest.NewRequest(http.MethodPost, "/recording/start", bytes.NewReader(body))
-		handler.ServeHTTP(rr, req)
-		require.Equal(t, http.StatusOK, rr.Code)
-	}
-
-	// Stop both and verify each returns its own data.
-	expected := map[string][]byte{
-		testRecIDConcurrentA: []byte("fake-mp4-data-" + testRecIDConcurrentA + "-1"),
-		testRecIDConcurrentB: []byte("fake-mp4-data-" + testRecIDConcurrentB + "-2"),
-	}
-	for _, id := range []string{testRecIDConcurrentA, testRecIDConcurrentB} {
-		body, err := json.Marshal(map[string]string{"recording_id": id})
-		require.NoError(t, err)
-		rr := httptest.NewRecorder()
-		req := httptest.NewRequest(http.MethodPost, "/recording/stop", bytes.NewReader(body))
-		handler.ServeHTTP(rr, req)
-		require.Equal(t, http.StatusOK, rr.Code)
-		parts := parseMultipartParts(t, rr.Header().Get("Content-Type"), rr.Body.Bytes())
-		assert.Equal(t, expected[id], parts["video/mp4"])
-	}
-}
-
-func TestRecordingStartMalformedBody(t *testing.T) {
-	t.Parallel()
-
-	logger := slogtest.Make(t, nil)
-	fake := &fakeDesktop{
-		startCfg: agentdesktop.DisplayConfig{Width: 1920, Height: 1080},
-	}
-	api := agentdesktop.NewAPI(logger, fake, nil)
-	defer api.Close()
-
-	handler := api.Routes()
-
-	rr := httptest.NewRecorder()
-	req := httptest.NewRequest(http.MethodPost, "/recording/start", bytes.NewReader([]byte("not json")))
-	handler.ServeHTTP(rr, req)
-	assert.Equal(t, http.StatusBadRequest, rr.Code)
-}
-
-func TestRecordingStartEmptyID(t *testing.T) {
-	t.Parallel()
-
-	logger := slogtest.Make(t, nil)
-	fake := &fakeDesktop{
-		startCfg: agentdesktop.DisplayConfig{Width: 1920, Height: 1080},
-	}
-	api := agentdesktop.NewAPI(logger, fake, nil)
-	defer api.Close()
-
-	handler := api.Routes()
-
-	body, err := json.Marshal(map[string]string{"recording_id": ""})
-	require.NoError(t, err)
-	rr := httptest.NewRecorder()
-	req := httptest.NewRequest(http.MethodPost, "/recording/start", bytes.NewReader(body))
-	handler.ServeHTTP(rr, req)
-	assert.Equal(t, http.StatusBadRequest, rr.Code)
-}
-
-func TestRecordingStopEmptyID(t *testing.T) {
-	t.Parallel()
-
-	logger := slogtest.Make(t, nil)
-	fake := &fakeDesktop{
-		startCfg: agentdesktop.DisplayConfig{Width: 1920, Height: 1080},
-	}
-	api := agentdesktop.NewAPI(logger, fake, nil)
-	defer api.Close()
-
-	handler := api.Routes()
-
-	body, err := json.Marshal(map[string]string{"recording_id": ""})
-	require.NoError(t, err)
-	rr := httptest.NewRecorder()
-	req := httptest.NewRequest(http.MethodPost, "/recording/stop", bytes.NewReader(body))
-	handler.ServeHTTP(rr, req)
-	assert.Equal(t, http.StatusBadRequest, rr.Code)
-}
-
-func TestRecordingStopMalformedBody(t *testing.T) {
-	t.Parallel()
-
-	logger := slogtest.Make(t, nil)
-	fake := &fakeDesktop{
-		startCfg: agentdesktop.DisplayConfig{Width: 1920, Height: 1080},
-	}
-	api := agentdesktop.NewAPI(logger, fake, nil)
-	defer api.Close()
-
-	handler := api.Routes()
-
-	rr := httptest.NewRecorder()
-	req := httptest.NewRequest(http.MethodPost, "/recording/stop", bytes.NewReader([]byte("not json")))
-	handler.ServeHTTP(rr, req)
-	assert.Equal(t, http.StatusBadRequest, rr.Code)
-}
-
-func TestRecordingStartAfterCompleted(t *testing.T) {
-	t.Parallel()
-
-	logger := slogtest.Make(t, nil)
-	fake := &fakeDesktop{
-		startCfg: agentdesktop.DisplayConfig{Width: 1920, Height: 1080},
-	}
-	api := agentdesktop.NewAPI(logger, fake, nil)
-	defer api.Close()
-
-	handler := api.Routes()
-
-	// Step 1: Start recording.
-	startBody, err := json.Marshal(map[string]string{"recording_id": testRecIDRestart})
-	require.NoError(t, err)
-	rr := httptest.NewRecorder()
-	req := httptest.NewRequest(http.MethodPost, "/recording/start", bytes.NewReader(startBody))
-	handler.ServeHTTP(rr, req)
-	require.Equal(t, http.StatusOK, rr.Code)
-
-	// Step 2: Stop recording (gets first MP4 data).
-	stopBody, err := json.Marshal(map[string]string{"recording_id": testRecIDRestart})
-	require.NoError(t, err)
-	rr = httptest.NewRecorder()
-	req = httptest.NewRequest(http.MethodPost, "/recording/stop", bytes.NewReader(stopBody))
-	handler.ServeHTTP(rr, req)
-	require.Equal(t, http.StatusOK, rr.Code)
-	firstParts := parseMultipartParts(t, rr.Header().Get("Content-Type"), rr.Body.Bytes())
-	firstData := firstParts["video/mp4"]
-	require.NotEmpty(t, firstData)
-
-	// Step 3: Start again with the same ID - should succeed
-	// (old file discarded, new recording started).
-	rr = httptest.NewRecorder()
-	req = httptest.NewRequest(http.MethodPost, "/recording/start", bytes.NewReader(startBody))
-	handler.ServeHTTP(rr, req)
-	require.Equal(t, http.StatusOK, rr.Code)
-
-	// Step 4: Stop again - should return NEW MP4 data.
-	rr = httptest.NewRecorder()
-	req = httptest.NewRequest(http.MethodPost, "/recording/stop", bytes.NewReader(stopBody))
-	handler.ServeHTTP(rr, req)
-	require.Equal(t, http.StatusOK, rr.Code)
-	secondParts := parseMultipartParts(t, rr.Header().Get("Content-Type"), rr.Body.Bytes())
-	secondData := secondParts["video/mp4"]
-	require.NotEmpty(t, secondData)
-
-	// The two recordings should have different data because the
-	// fake increments a counter on each fresh start.
-	assert.NotEqual(t, firstData, secondData,
-		"restarted recording should produce different data")
-}
-
-func TestRecordingStartAfterClose(t *testing.T) {
-	t.Parallel()
-
-	logger := slogtest.Make(t, nil)
-	fake := &fakeDesktop{
-		startCfg: agentdesktop.DisplayConfig{Width: 1920, Height: 1080},
-	}
-	api := agentdesktop.NewAPI(logger, fake, nil)
-
-	handler := api.Routes()
-
-	// Close the API before sending the request.
-	api.Close()
-
-	body, err := json.Marshal(map[string]string{"recording_id": uuid.New().String()})
-	require.NoError(t, err)
-	rr := httptest.NewRecorder()
-	req := httptest.NewRequest(http.MethodPost, "/recording/start", bytes.NewReader(body))
-	handler.ServeHTTP(rr, req)
-
-	assert.Equal(t, http.StatusServiceUnavailable, rr.Code)
-
-	var resp codersdk.Response
-	err = json.NewDecoder(rr.Body).Decode(&resp)
-	require.NoError(t, err)
-	assert.Equal(t, "Desktop API is shutting down.", resp.Message)
-}
-
-func TestRecordingStartDesktopClosed(t *testing.T) {
-	t.Parallel()
-
-	logger := slogtest.Make(t, nil)
-	// StartRecording returns ErrDesktopClosed to simulate a race
-	// where the desktop is closed between the API-level check and
-	// the desktop-level StartRecording call.
-	fake := &failStartRecordingDesktop{
-		fakeDesktop: fakeDesktop{
-			startCfg: agentdesktop.DisplayConfig{Width: 1920, Height: 1080},
-		},
-		startRecordingErr: agentdesktop.ErrDesktopClosed,
-	}
-	api := agentdesktop.NewAPI(logger, fake, nil)
-	defer api.Close()
-
-	handler := api.Routes()
-
-	body, err := json.Marshal(map[string]string{"recording_id": uuid.New().String()})
-	require.NoError(t, err)
-	rr := httptest.NewRecorder()
-	req := httptest.NewRequest(http.MethodPost, "/recording/start", bytes.NewReader(body))
-	handler.ServeHTTP(rr, req)
-
-	assert.Equal(t, http.StatusServiceUnavailable, rr.Code)
-
-	var resp codersdk.Response
-	err = json.NewDecoder(rr.Body).Decode(&resp)
-	require.NoError(t, err)
-	assert.Equal(t, "Desktop API is shutting down.", resp.Message)
-}
-
-func TestRecordingStopCorrupted(t *testing.T) {
-	t.Parallel()
-
-	logger := slogtest.Make(t, nil)
-	fake := &corruptedStopDesktop{
-		fakeDesktop: fakeDesktop{
-			startCfg: agentdesktop.DisplayConfig{Width: 1920, Height: 1080},
-		},
-	}
-	api := agentdesktop.NewAPI(logger, fake, nil)
-	defer api.Close()
-
-	handler := api.Routes()
-
-	// Start a recording so the stop has something to find.
-	recID := uuid.New().String()
-	startBody, err := json.Marshal(map[string]string{"recording_id": recID})
-	require.NoError(t, err)
-	rr := httptest.NewRecorder()
-	req := httptest.NewRequest(http.MethodPost, "/recording/start", bytes.NewReader(startBody))
-	handler.ServeHTTP(rr, req)
-	require.Equal(t, http.StatusOK, rr.Code)
-
-	// Stop returns ErrRecordingCorrupted.
-	stopBody, err := json.Marshal(map[string]string{"recording_id": recID})
-	require.NoError(t, err)
-	rr = httptest.NewRecorder()
-	req = httptest.NewRequest(http.MethodPost, "/recording/stop", bytes.NewReader(stopBody))
-	handler.ServeHTTP(rr, req)
-
-	assert.Equal(t, http.StatusInternalServerError, rr.Code)
-
-	var respStop codersdk.Response
-	err = json.NewDecoder(rr.Body).Decode(&respStop)
-	require.NoError(t, err)
-	assert.Equal(t, "Recording is corrupted.", respStop.Message)
-}
-
-// parseMultipartParts parses a multipart/mixed response and returns
-// a map from Content-Type to body bytes.
-func parseMultipartParts(t *testing.T, contentType string, body []byte) map[string][]byte {
-	t.Helper()
-	_, params, err := mime.ParseMediaType(contentType)
-	require.NoError(t, err, "parse Content-Type")
-	boundary := params["boundary"]
-	require.NotEmpty(t, boundary, "missing boundary")
-	mr := multipart.NewReader(bytes.NewReader(body), boundary)
-	parts := make(map[string][]byte)
-	for {
-		part, err := mr.NextPart()
-		if errors.Is(err, io.EOF) {
-			break
-		}
-		require.NoError(t, err, "unexpected multipart parse error")
-		ct := part.Header.Get("Content-Type")
-		data, readErr := io.ReadAll(part)
-		require.NoError(t, readErr)
-		parts[ct] = data
-	}
-	return parts
-}
-
-func TestHandleRecordingStop_WithThumbnail(t *testing.T) {
-	t.Parallel()
-
-	logger := slogtest.Make(t, nil)
-	// Create a fake JPEG header: 0xFF 0xD8 0xFF followed by 509 zero bytes.
-	thumbnail := make([]byte, 512)
-	thumbnail[0] = 0xff
-	thumbnail[1] = 0xd8
-	thumbnail[2] = 0xff
-
-	fake := &fakeDesktop{
-		startCfg:      agentdesktop.DisplayConfig{Width: 1920, Height: 1080},
-		thumbnailData: thumbnail,
-	}
-	api := agentdesktop.NewAPI(logger, fake, nil)
-	defer api.Close()
-
-	handler := api.Routes()
-
-	// Start recording.
-	recID := uuid.New().String()
-	startBody, err := json.Marshal(map[string]string{"recording_id": recID})
-	require.NoError(t, err)
-	rr := httptest.NewRecorder()
-	req := httptest.NewRequest(http.MethodPost, "/recording/start", bytes.NewReader(startBody))
-	handler.ServeHTTP(rr, req)
-	require.Equal(t, http.StatusOK, rr.Code)
-
-	// Stop recording.
-	stopBody, err := json.Marshal(map[string]string{"recording_id": recID})
-	require.NoError(t, err)
-	rr = httptest.NewRecorder()
-	req = httptest.NewRequest(http.MethodPost, "/recording/stop", bytes.NewReader(stopBody))
-	handler.ServeHTTP(rr, req)
-	require.Equal(t, http.StatusOK, rr.Code)
-
-	// Verify multipart response.
-	ct := rr.Header().Get("Content-Type")
-	assert.True(t, strings.HasPrefix(ct, "multipart/mixed"),
-		"expected multipart/mixed Content-Type, got %s", ct)
-
-	parts := parseMultipartParts(t, ct, rr.Body.Bytes())
-	assert.Len(t, parts, 2, "expected exactly 2 parts (video + thumbnail)")
-
-	// The fake writes "fake-mp4-data-<id>-<counter>" as the MP4 content.
-	expectedMP4 := []byte("fake-mp4-data-" + recID + "-1")
-	assert.Equal(t, expectedMP4, parts["video/mp4"])
-	assert.Equal(t, thumbnail, parts["image/jpeg"])
-}
-
-func TestHandleRecordingStop_NoThumbnail(t *testing.T) {
-	t.Parallel()
-
-	logger := slogtest.Make(t, nil)
-	fake := &fakeDesktop{
-		startCfg: agentdesktop.DisplayConfig{Width: 1920, Height: 1080},
-	}
-	api := agentdesktop.NewAPI(logger, fake, nil)
-	defer api.Close()
-
-	handler := api.Routes()
-
-	// Start recording.
-	recID := uuid.New().String()
-	startBody, err := json.Marshal(map[string]string{"recording_id": recID})
-	require.NoError(t, err)
-	rr := httptest.NewRecorder()
-	req := httptest.NewRequest(http.MethodPost, "/recording/start", bytes.NewReader(startBody))
-	handler.ServeHTTP(rr, req)
-	require.Equal(t, http.StatusOK, rr.Code)
-
-	// Stop recording.
-	stopBody, err := json.Marshal(map[string]string{"recording_id": recID})
-	require.NoError(t, err)
-	rr = httptest.NewRecorder()
-	req = httptest.NewRequest(http.MethodPost, "/recording/stop", bytes.NewReader(stopBody))
-	handler.ServeHTTP(rr, req)
-	require.Equal(t, http.StatusOK, rr.Code)
-
-	// Verify multipart response.
-	ct := rr.Header().Get("Content-Type")
-	assert.True(t, strings.HasPrefix(ct, "multipart/mixed"),
-		"expected multipart/mixed Content-Type, got %s", ct)
-
-	parts := parseMultipartParts(t, ct, rr.Body.Bytes())
-	assert.Len(t, parts, 1, "expected exactly 1 part (video only)")
-
-	expectedMP4 := []byte("fake-mp4-data-" + recID + "-1")
-	assert.Equal(t, expectedMP4, parts["video/mp4"])
-}
-
-func TestHandleRecordingStop_OversizedThumbnail(t *testing.T) {
-	t.Parallel()
-
-	logger := slogtest.Make(t, nil)
-	// Create thumbnail data that exceeds MaxThumbnailSize.
-	oversizedThumb := make([]byte, workspacesdk.MaxThumbnailSize+1)
-	oversizedThumb[0] = 0xff
-	oversizedThumb[1] = 0xd8
-	oversizedThumb[2] = 0xff
-
-	fake := &fakeDesktop{
-		startCfg:      agentdesktop.DisplayConfig{Width: 1920, Height: 1080},
-		thumbnailData: oversizedThumb,
-	}
-	api := agentdesktop.NewAPI(logger, fake, nil)
-	defer api.Close()
-
-	handler := api.Routes()
-
-	// Start recording.
-	recID := uuid.New().String()
-	startBody, err := json.Marshal(map[string]string{"recording_id": recID})
-	require.NoError(t, err)
-	rr := httptest.NewRecorder()
-	req := httptest.NewRequest(http.MethodPost, "/recording/start", bytes.NewReader(startBody))
-	handler.ServeHTTP(rr, req)
-	require.Equal(t, http.StatusOK, rr.Code)
-
-	// Stop recording.
-	stopBody, err := json.Marshal(map[string]string{"recording_id": recID})
-	require.NoError(t, err)
-	rr = httptest.NewRecorder()
-	req = httptest.NewRequest(http.MethodPost, "/recording/stop", bytes.NewReader(stopBody))
-	handler.ServeHTTP(rr, req)
-	require.Equal(t, http.StatusOK, rr.Code)
-
-	// Verify multipart response contains only the video part.
-	ct := rr.Header().Get("Content-Type")
-	assert.True(t, strings.HasPrefix(ct, "multipart/mixed"),
-		"expected multipart/mixed Content-Type, got %s", ct)
-
-	parts := parseMultipartParts(t, ct, rr.Body.Bytes())
-	assert.Len(t, parts, 1, "expected exactly 1 part (video only, oversized thumbnail discarded)")
-
-	expectedMP4 := []byte("fake-mp4-data-" + recID + "-1")
-	assert.Equal(t, expectedMP4, parts["video/mp4"])
-}

agent/x/agentdesktop/desktop.go

@@ -2,10 +2,7 @@ package agentdesktop
 
 import (
 	"context"
-	"io"
 	"net"
-
-	"golang.org/x/xerrors"
 )
 
 // Desktop abstracts a virtual desktop session running inside a workspace.
@@ -61,57 +58,10 @@ type Desktop interface {
 	// CursorPosition returns the current cursor coordinates.
 	CursorPosition(ctx context.Context) (x, y int, err error)
 
-	// RecordActivity marks the desktop as having received user
-	// interaction, resetting the idle-recording timer.
-	RecordActivity()
-
-	// StartRecording begins recording the desktop to an MP4 file
-	// using the caller-provided recording ID. Safe to call
-	// repeatedly - active recordings continue unchanged, stopped
-	// recordings are discarded and restarted. Concurrent recordings
-	// are supported.
-	StartRecording(ctx context.Context, recordingID string) error
-
-	// StopRecording finalizes the recording identified by the given
-	// ID. Idempotent - safe to call on an already-stopped recording.
-	// Returns a RecordingArtifact that the caller can stream. The
-	// caller must close the artifact when done. Returns an error if
-	// the recording ID is unknown.
-	StopRecording(ctx context.Context, recordingID string) (*RecordingArtifact, error)
-
 	// Close shuts down the desktop session and cleans up resources.
 	Close() error
 }
 
-// ErrUnknownRecording is returned by StopRecording when the
-// recording ID is not recognized.
-var ErrUnknownRecording = xerrors.New("unknown recording ID")
-
-// ErrDesktopClosed is returned when an operation is attempted on a
-// closed desktop session.
-var ErrDesktopClosed = xerrors.New("desktop closed")
-
-// ErrRecordingCorrupted is returned by StopRecording when the
-// recording process was force-killed and the artifact is likely
-// incomplete or corrupt.
-var ErrRecordingCorrupted = xerrors.New("recording corrupted: process was force-killed")
-
-// RecordingArtifact is a finalized recording returned by StopRecording.
-// The caller streams the artifact and must call Close when done. The
-// artifact remains valid even if the same recording ID is restarted
-// or the desktop is closed while the caller is reading.
-type RecordingArtifact struct {
-	// Reader is the MP4 content. Callers must close it when done.
-	Reader io.ReadCloser
-	// Size is the byte length of the MP4 content.
-	Size int64
-	// ThumbnailReader is the JPEG thumbnail. May be nil if no
-	// thumbnail was produced. Callers must close it when done.
-	ThumbnailReader io.ReadCloser
-	// ThumbnailSize is the byte length of the thumbnail.
-	ThumbnailSize int64
-}
-
 // DisplayConfig describes a running desktop session.
 type DisplayConfig struct {
 	Width   int // native width in pixels

agent/x/agentdesktop/portabledesktop.go

@@ -3,7 +3,6 @@ package agentdesktop
 import (
 	"context"
 	"encoding/json"
-	"errors"
 	"fmt"
 	"net"
 	"os"
@@ -12,7 +11,6 @@ import (
 	"runtime"
 	"strconv"
 	"sync"
-	"sync/atomic"
 	"time"
 
 	"golang.org/x/xerrors"
@@ -20,7 +18,6 @@ import (
 	"cdr.dev/slog/v3"
 	"github.com/coder/coder/v2/agent/agentexec"
 	"github.com/coder/coder/v2/codersdk/workspacesdk"
-	"github.com/coder/quartz"
 )
 
 // portableDesktopOutput is the JSON output from
@@ -52,66 +49,32 @@ type screenshotOutput struct {
 	Data string `json:"data"`
 }
 
-// recordingProcess tracks a single desktop recording subprocess.
-type recordingProcess struct {
-	cmd        *exec.Cmd
-	filePath   string
-	thumbPath  string
-	stopped    bool
-	killed     bool          // true when the process was SIGKILLed
-	done       chan struct{} // closed when cmd.Wait() returns
-	waitErr    error         // set before done is closed
-	stopOnce   sync.Once
-	idleCancel context.CancelFunc // cancels the per-recording idle goroutine
-	idleDone   chan struct{}      // closed when idle goroutine exits
-}
-
-// maxConcurrentRecordings is the maximum number of active (non-stopped)
-// recordings allowed at once. This prevents resource exhaustion.
-const maxConcurrentRecordings = 5
-
-// idleTimeout is the duration of desktop inactivity after which all
-// active recordings are automatically stopped.
-const idleTimeout = 10 * time.Minute
-
 // portableDesktop implements Desktop by shelling out to the
 // portabledesktop CLI via agentexec.Execer.
 type portableDesktop struct {
 	logger       slog.Logger
 	execer       agentexec.Execer
 	scriptBinDir string // coder script bin directory
-	clock        quartz.Clock
 
-	mu                  sync.Mutex
-	session             *desktopSession // nil until started
-	binPath             string          // resolved path to binary, cached
-	closed              bool
-	recordings          map[string]*recordingProcess // guarded by mu
-	lastDesktopActionAt atomic.Int64
+	mu      sync.Mutex
+	session *desktopSession // nil until started
+	binPath string          // resolved path to binary, cached
+	closed  bool
 }
 
 // NewPortableDesktop creates a Desktop backed by the portabledesktop
 // CLI binary, using execer to spawn child processes. scriptBinDir is
-// the coder script bin directory checked for the binary. If clk is
-// nil, a real clock is used.
+// the coder script bin directory checked for the binary.
 func NewPortableDesktop(
 	logger slog.Logger,
 	execer agentexec.Execer,
 	scriptBinDir string,
-	clk quartz.Clock,
 ) Desktop {
-	if clk == nil {
-		clk = quartz.NewReal()
-	}
-	pd := &portableDesktop{
+	return &portableDesktop{
 		logger:       logger,
 		execer:       execer,
 		scriptBinDir: scriptBinDir,
-		clock:        clk,
-		recordings:   make(map[string]*recordingProcess),
 	}
-	pd.lastDesktopActionAt.Store(clk.Now().UnixNano())
-	return pd
 }
 
 // Start launches the desktop session (idempotent).
@@ -120,7 +83,7 @@ func (p *portableDesktop) Start(ctx context.Context) (DisplayConfig, error) {
 	defer p.mu.Unlock()
 
 	if p.closed {
-		return DisplayConfig{}, ErrDesktopClosed
+		return DisplayConfig{}, xerrors.New("desktop is closed")
 	}
 
 	if err := p.ensureBinary(ctx); err != nil {
@@ -350,386 +313,23 @@ func (p *portableDesktop) CursorPosition(ctx context.Context) (x int, y int, err
 	return result.X, result.Y, nil
 }
 
-// StartRecording begins recording the desktop to an MP4 file.
-// Three-state idempotency: active recordings are no-ops,
-// completed recordings are discarded and restarted.
-func (p *portableDesktop) StartRecording(ctx context.Context, recordingID string) error {
-	// Ensure the desktop session is running before acquiring the
-	// recording lock. Start is independently locked and idempotent.
-	if _, err := p.Start(ctx); err != nil {
-		return xerrors.Errorf("ensure desktop session: %w", err)
-	}
-
-	p.mu.Lock()
-	defer p.mu.Unlock()
-
-	if p.closed {
-		return ErrDesktopClosed
-	}
-
-	// Three-state idempotency:
-	// - Active recording → no-op, continue recording.
-	// - Completed recording → discard old file, start fresh.
-	// - Unknown ID → fall through to start a new recording.
-	if rec, ok := p.recordings[recordingID]; ok {
-		if !rec.stopped {
-			select {
-			case <-rec.done:
-				// Process exited unexpectedly; treat as completed
-				// so we fall through to discard the old file and
-				// restart.
-			default:
-				// Active recording - no-op, continue recording.
-				return nil
-			}
-		}
-		// Completed recording - discard old file, start fresh.
-		if err := os.Remove(rec.filePath); err != nil && !errors.Is(err, os.ErrNotExist) {
-			p.logger.Warn(ctx, "failed to remove old recording file",
-				slog.F("recording_id", recordingID),
-				slog.F("file_path", rec.filePath),
-				slog.Error(err),
-			)
-		}
-		if err := os.Remove(rec.thumbPath); err != nil && !errors.Is(err, os.ErrNotExist) {
-			p.logger.Warn(ctx, "failed to remove old thumbnail file",
-				slog.F("recording_id", recordingID),
-				slog.F("thumbnail_path", rec.thumbPath),
-				slog.Error(err),
-			)
-		}
-		delete(p.recordings, recordingID)
-	}
-
-	// Check concurrent recording limit.
-	if p.lockedActiveRecordingCount() >= maxConcurrentRecordings {
-		return xerrors.Errorf("too many concurrent recordings (max %d)", maxConcurrentRecordings)
-	}
-
-	// GC sweep: remove stopped recordings with stale files.
-	p.lockedCleanStaleRecordings(ctx)
-
-	if err := p.ensureBinary(ctx); err != nil {
-		return xerrors.Errorf("ensure portabledesktop binary: %w", err)
-	}
-
-	filePath := filepath.Join(os.TempDir(), "coder-recording-"+recordingID+".mp4")
-	thumbPath := filepath.Join(os.TempDir(), "coder-recording-"+recordingID+".thumb.jpg")
-
-	// Use a background context so the process outlives the HTTP
-	// request that triggered it.
-	procCtx, procCancel := context.WithCancel(context.Background())
-
-	//nolint:gosec // portabledesktop is a trusted binary resolved via ensureBinary.
-	cmd := p.execer.CommandContext(procCtx, p.binPath, "record",
-		// The following options are used to speed up the recording when the desktop is idle.
-		// They were taken out of an example in the portabledesktop repo.
-		// There's likely room for improvement to optimize the values.
-		"--idle-speedup", "20",
-		"--idle-min-duration", "0.35",
-		"--idle-noise-tolerance", "-38dB",
-		"--thumbnail", thumbPath,
-		filePath)
-
-	if err := cmd.Start(); err != nil {
-		procCancel()
-		return xerrors.Errorf("start recording process: %w", err)
-	}
-
-	rec := &recordingProcess{
-		cmd:       cmd,
-		filePath:  filePath,
-		thumbPath: thumbPath,
-		done:      make(chan struct{}),
-	}
-	go func() {
-		rec.waitErr = cmd.Wait()
-		close(rec.done)
-		// avoid a context resource leak by canceling the context
-		procCancel()
-	}()
-
-	p.recordings[recordingID] = rec
-
-	p.logger.Info(ctx, "started desktop recording",
-		slog.F("recording_id", recordingID),
-		slog.F("file_path", filePath),
-		slog.F("pid", cmd.Process.Pid),
-	)
-
-	// Record activity so a recording started on an already-idle
-	// desktop does not stop immediately.
-	p.lastDesktopActionAt.Store(p.clock.Now().UnixNano())
-
-	// Spawn a per-recording idle goroutine.
-	idleCtx, idleCancel := context.WithCancel(context.Background())
-	rec.idleCancel = idleCancel
-	rec.idleDone = make(chan struct{})
-	go func() {
-		defer close(rec.idleDone)
-		p.monitorRecordingIdle(idleCtx, rec)
-	}()
-
-	return nil
-}
-
-// StopRecording finalizes the recording. Idempotent - safe to call
-// on an already-stopped recording. Returns a RecordingArtifact
-// that the caller can stream. The caller must close the Reader
-// on the returned artifact to avoid leaking file descriptors.
-func (p *portableDesktop) StopRecording(ctx context.Context, recordingID string) (*RecordingArtifact, error) {
-	p.mu.Lock()
-	rec, ok := p.recordings[recordingID]
-	if !ok {
-		p.mu.Unlock()
-		return nil, ErrUnknownRecording
-	}
-
-	p.lockedStopRecordingProcess(ctx, rec, false)
-	killed := rec.killed
-	p.mu.Unlock()
-
-	p.logger.Info(ctx, "stopped desktop recording",
-		slog.F("recording_id", recordingID),
-		slog.F("file_path", rec.filePath),
-	)
-
-	if killed {
-		return nil, ErrRecordingCorrupted
-	}
-
-	// Open the file and return an artifact. Each call opens a fresh
-	// file descriptor so the caller is insulated from restarts and
-	// desktop close.
-	f, err := os.Open(rec.filePath)
-	if err != nil {
-		return nil, xerrors.Errorf("open recording artifact: %w", err)
-	}
-	info, err := f.Stat()
-	if err != nil {
-		_ = f.Close()
-		return nil, xerrors.Errorf("stat recording artifact: %w", err)
-	}
-	artifact := &RecordingArtifact{
-		Reader: f,
-		Size:   info.Size(),
-	}
-	// Attach thumbnail if the subprocess wrote one.
-	thumbFile, err := os.Open(rec.thumbPath)
-	if err != nil {
-		p.logger.Warn(ctx, "thumbnail not available",
-			slog.F("thumbnail_path", rec.thumbPath),
-			slog.Error(err))
-		return artifact, nil
-	}
-	thumbInfo, err := thumbFile.Stat()
-	if err != nil {
-		_ = thumbFile.Close()
-		p.logger.Warn(ctx, "thumbnail stat failed",
-			slog.F("thumbnail_path", rec.thumbPath),
-			slog.Error(err))
-		return artifact, nil
-	}
-	if thumbInfo.Size() == 0 {
-		_ = thumbFile.Close()
-		p.logger.Warn(ctx, "thumbnail file is empty",
-			slog.F("thumbnail_path", rec.thumbPath))
-		return artifact, nil
-	}
-	artifact.ThumbnailReader = thumbFile
-	artifact.ThumbnailSize = thumbInfo.Size()
-	return artifact, nil
-}
-
-// lockedStopRecordingProcess stops a single recording via stopOnce.
-// It sends SIGINT, waits up to 15 seconds for graceful exit, then
-// SIGKILLs. When force is true the process is SIGKILLed immediately
-// without attempting a graceful shutdown. Must be called while p.mu
-// is held; the lock is held for the full duration so that no
-// concurrent StopRecording caller can read rec.stopped = true
-// before the process has finished writing the MP4 file.
-//
-//nolint:revive // force flag keeps shared stopOnce/cleanup logic in one place.
-func (p *portableDesktop) lockedStopRecordingProcess(ctx context.Context, rec *recordingProcess, force bool) {
-	rec.stopOnce.Do(func() {
-		if force {
-			_ = rec.cmd.Process.Kill()
-			rec.killed = true
-		} else {
-			_ = interruptRecordingProcess(rec.cmd.Process)
-			timer := p.clock.NewTimer(15*time.Second, "agentdesktop", "stop_timeout")
-			defer timer.Stop()
-			select {
-			case <-rec.done:
-			case <-ctx.Done():
-				_ = rec.cmd.Process.Kill()
-				rec.killed = true
-			case <-timer.C:
-				_ = rec.cmd.Process.Kill()
-				rec.killed = true
-			}
-		}
-		rec.stopped = true
-		if rec.idleCancel != nil {
-			rec.idleCancel()
-		}
-	})
-	// NOTE: We intentionally do not wait on rec.done here.
-	// If goleak is added to this package's tests, this may
-	// need revisiting to avoid flakes.
-}
-
-// lockedActiveRecordingCount returns the number of recordings that
-// are still actively running. Must be called while p.mu is held.
-// The max concurrency is low (maxConcurrentRecordings = 5), so a
-// full scan is cheap and avoids maintaining a separate counter.
-func (p *portableDesktop) lockedActiveRecordingCount() int {
-	active := 0
-	for _, rec := range p.recordings {
-		if rec.stopped {
-			continue
-		}
-		select {
-		case <-rec.done:
-		default:
-			active++
-		}
-	}
-	return active
-}
-
-// lockedCleanStaleRecordings removes stopped recordings whose temp
-// files are older than one hour. Must be called while p.mu is held.
-func (p *portableDesktop) lockedCleanStaleRecordings(ctx context.Context) {
-	for id, rec := range p.recordings {
-		if !rec.stopped {
-			continue
-		}
-		info, err := os.Stat(rec.filePath)
-		if err != nil {
-			// File already removed or inaccessible; clean up
-			// any leftover thumbnail and drop the entry.
-			if err := os.Remove(rec.thumbPath); err != nil && !errors.Is(err, os.ErrNotExist) {
-				p.logger.Warn(ctx, "failed to remove stale thumbnail file",
-					slog.F("recording_id", id),
-					slog.F("thumbnail_path", rec.thumbPath),
-					slog.Error(err),
-				)
-			}
-			delete(p.recordings, id)
-			continue
-		}
-		if p.clock.Since(info.ModTime()) > time.Hour {
-			if err := os.Remove(rec.filePath); err != nil && !errors.Is(err, os.ErrNotExist) {
-				p.logger.Warn(ctx, "failed to remove stale recording file",
-					slog.F("recording_id", id),
-					slog.F("file_path", rec.filePath),
-					slog.Error(err),
-				)
-			}
-			if err := os.Remove(rec.thumbPath); err != nil && !errors.Is(err, os.ErrNotExist) {
-				p.logger.Warn(ctx, "failed to remove stale thumbnail file",
-					slog.F("recording_id", id),
-					slog.F("thumbnail_path", rec.thumbPath),
-					slog.Error(err),
-				)
-			}
-			delete(p.recordings, id)
-		}
-	}
-}
-
 // Close shuts down the desktop session and cleans up resources.
 func (p *portableDesktop) Close() error {
 	p.mu.Lock()
+	defer p.mu.Unlock()
+
 	p.closed = true
-
-	// Force-kill all active recordings. The stopOnce inside
-	// lockedStopRecordingProcess makes this safe for
-	// already-stopped recordings.
-	for _, rec := range p.recordings {
-		p.lockedStopRecordingProcess(context.Background(), rec, true)
-	}
-
-	// Snapshot recording file paths and idle goroutine channels
-	// for cleanup, then clear the map.
-	type recEntry struct {
-		id        string
-		filePath  string
-		thumbPath string
-		idleDone  chan struct{}
-	}
-	var allRecs []recEntry
-	for id, rec := range p.recordings {
-		allRecs = append(allRecs, recEntry{id: id, filePath: rec.filePath, thumbPath: rec.thumbPath, idleDone: rec.idleDone})
-		delete(p.recordings, id)
-	}
-	session := p.session
-	p.session = nil
-	p.mu.Unlock()
-
-	// Wait for all per-recording idle goroutines to exit.
-	for _, entry := range allRecs {
-		if entry.idleDone != nil {
-			<-entry.idleDone
-		}
-	}
-
-	// Remove all recording files and wait for the session to
-	// exit with a timeout so a slow filesystem or hung process
-	// cannot block agent shutdown indefinitely.
-	cleanupDone := make(chan struct{})
-	go func() {
-		defer close(cleanupDone)
-		for _, entry := range allRecs {
-			if err := os.Remove(entry.filePath); err != nil && !errors.Is(err, os.ErrNotExist) {
-				p.logger.Warn(context.Background(), "failed to remove recording file on close",
-					slog.F("recording_id", entry.id),
-					slog.F("file_path", entry.filePath),
-					slog.Error(err),
-				)
-			}
-			if err := os.Remove(entry.thumbPath); err != nil && !errors.Is(err, os.ErrNotExist) {
-				p.logger.Warn(context.Background(), "failed to remove thumbnail file on close",
-					slog.F("recording_id", entry.id),
-					slog.F("thumbnail_path", entry.thumbPath),
-					slog.Error(err),
-				)
-			}
-		}
-		if session != nil {
-			session.cancel()
-			if err := session.cmd.Process.Kill(); err != nil {
-				p.logger.Warn(context.Background(), "failed to kill portabledesktop process",
-					slog.Error(err),
-				)
-			}
-			if err := session.cmd.Wait(); err != nil {
-				var exitErr *exec.ExitError
-				if !errors.As(err, &exitErr) {
-					p.logger.Warn(context.Background(), "portabledesktop process exited with error",
-						slog.Error(err),
-					)
-				}
-			}
-		}
-	}()
-	timer := p.clock.NewTimer(15*time.Second, "agentdesktop", "close_cleanup_timeout")
-	defer timer.Stop()
-	select {
-	case <-cleanupDone:
-	case <-timer.C:
-		p.logger.Warn(context.Background(), "timed out waiting for close cleanup")
+	if p.session != nil {
+		p.session.cancel()
+		// Xvnc is a child process — killing it cleans up the X
+		// session.
+		_ = p.session.cmd.Process.Kill()
+		_ = p.session.cmd.Wait()
+		p.session = nil
 	}
 	return nil
 }
 
-// RecordActivity marks the desktop as having received user
-// interaction, resetting the idle-recording timer.
-func (p *portableDesktop) RecordActivity() {
-	p.lastDesktopActionAt.Store(p.clock.Now().UnixNano())
-}
-
 // runCmd executes a portabledesktop subcommand and returns combined
 // output. The caller must have previously called ensureBinary.
 func (p *portableDesktop) runCmd(ctx context.Context, args ...string) (string, error) {
@@ -797,31 +397,3 @@ func (p *portableDesktop) ensureBinary(ctx context.Context) error {
 
 	return xerrors.New("portabledesktop binary not found in PATH or script bin directory")
 }
-
-// monitorRecordingIdle watches for desktop inactivity and stops the
-// given recording when the idle timeout is reached.
-func (p *portableDesktop) monitorRecordingIdle(ctx context.Context, rec *recordingProcess) {
-	timer := p.clock.NewTimer(idleTimeout, "agentdesktop", "recording_idle")
-	defer timer.Stop()
-
-	for {
-		select {
-		case <-timer.C:
-			lastNano := p.lastDesktopActionAt.Load()
-			lastAction := time.Unix(0, lastNano)
-			elapsed := p.clock.Since(lastAction)
-			if elapsed >= idleTimeout {
-				p.mu.Lock()
-				p.lockedStopRecordingProcess(context.Background(), rec, false)
-				p.mu.Unlock()
-				return
-			}
-			// Activity happened; reset with remaining budget.
-			timer.Reset(idleTimeout-elapsed, "agentdesktop", "recording_idle")
-		case <-rec.done:
-			return
-		case <-ctx.Done():
-			return
-		}
-	}
-}

agent/x/agentdesktop/portabledesktop_internal_test.go

@@ -2,7 +2,6 @@ package agentdesktop
 
 import (
 	"context"
-	"io"
 	"os"
 	"os/exec"
 	"path/filepath"
@@ -10,17 +9,13 @@ import (
 	"strings"
 	"sync"
 	"testing"
-	"time"
 
-	"github.com/google/uuid"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 
 	"cdr.dev/slog/v3/sloggers/slogtest"
 	"github.com/coder/coder/v2/agent/agentexec"
 	"github.com/coder/coder/v2/pty"
-	"github.com/coder/coder/v2/testutil"
-	"github.com/coder/quartz"
 )
 
 // recordedExecer implements agentexec.Execer by recording every
@@ -91,7 +86,6 @@ func TestPortableDesktop_Start_ParsesOutput(t *testing.T) {
 		execer:       rec,
 		scriptBinDir: t.TempDir(),
 		binPath:      "portabledesktop", // pre-set so ensureBinary is a no-op
-		clock:        quartz.NewReal(),
 	}
 
 	ctx := t.Context()
@@ -123,7 +117,6 @@ func TestPortableDesktop_Start_Idempotent(t *testing.T) {
 		execer:       rec,
 		scriptBinDir: t.TempDir(),
 		binPath:      "portabledesktop",
-		clock:        quartz.NewReal(),
 	}
 
 	ctx := t.Context()
@@ -166,7 +159,6 @@ func TestPortableDesktop_Screenshot(t *testing.T) {
 		execer:       rec,
 		scriptBinDir: t.TempDir(),
 		binPath:      "portabledesktop",
-		clock:        quartz.NewReal(),
 	}
 
 	ctx := t.Context()
@@ -192,7 +184,6 @@ func TestPortableDesktop_Screenshot_WithTargetDimensions(t *testing.T) {
 		execer:       rec,
 		scriptBinDir: t.TempDir(),
 		binPath:      "portabledesktop",
-		clock:        quartz.NewReal(),
 	}
 
 	ctx := t.Context()
@@ -291,7 +282,6 @@ func TestPortableDesktop_MouseMethods(t *testing.T) {
 				execer:       rec,
 				scriptBinDir: t.TempDir(),
 				binPath:      "portabledesktop",
-				clock:        quartz.NewReal(),
 			}
 
 			err := tt.invoke(t.Context(), pd)
@@ -299,6 +289,7 @@ func TestPortableDesktop_MouseMethods(t *testing.T) {
 
 			cmds := rec.allCommands()
 			require.NotEmpty(t, cmds, "expected at least one command")
+
 			// Find at least one recorded command that contains
 			// all expected argument substrings.
 			found := false
@@ -376,7 +367,6 @@ func TestPortableDesktop_KeyboardMethods(t *testing.T) {
 				execer:       rec,
 				scriptBinDir: t.TempDir(),
 				binPath:      "portabledesktop",
-				clock:        quartz.NewReal(),
 			}
 
 			err := tt.invoke(t.Context(), pd)
@@ -433,7 +423,6 @@ func TestPortableDesktop_Close(t *testing.T) {
 		execer:       rec,
 		scriptBinDir: t.TempDir(),
 		binPath:      "portabledesktop",
-		clock:        quartz.NewReal(),
 	}
 
 	ctx := t.Context()
@@ -456,7 +445,7 @@ func TestPortableDesktop_Close(t *testing.T) {
 	// Subsequent Start must fail.
 	_, err = pd.Start(ctx)
 	require.Error(t, err)
-	assert.Contains(t, err.Error(), "desktop closed")
+	assert.Contains(t, err.Error(), "desktop is closed")
 }
 
 // --- ensureBinary tests ---
@@ -550,471 +539,7 @@ func TestEnsureBinary_NotFound(t *testing.T) {
 	assert.Contains(t, err.Error(), "not found")
 }
 
-func TestPortableDesktop_StartRecording(t *testing.T) {
-	t.Parallel()
-
-	logger := slogtest.Make(t, nil)
-	rec := &recordedExecer{
-		scripts: map[string]string{
-			"record": `trap 'exit 0' INT; sleep 120 & wait`,
-			"up":     `printf '{"vncPort":5901,"geometry":"1920x1080"}\n' && sleep 120`,
-		},
-	}
-
-	clk := quartz.NewReal()
-	pd := &portableDesktop{
-		logger:       logger,
-		execer:       rec,
-		scriptBinDir: t.TempDir(),
-		clock:        clk,
-		binPath:      "portabledesktop",
-		recordings:   make(map[string]*recordingProcess),
-	}
-	pd.lastDesktopActionAt.Store(clk.Now().UnixNano())
-
-	ctx := t.Context()
-	recID := uuid.New().String()
-	err := pd.StartRecording(ctx, recID)
-	require.NoError(t, err)
-
-	cmds := rec.allCommands()
-	require.NotEmpty(t, cmds)
-	// Find the record command (not the up command).
-	found := false
-	for _, cmd := range cmds {
-		joined := strings.Join(cmd, " ")
-		if strings.Contains(joined, "record") && strings.Contains(joined, "coder-recording-"+recID) {
-			found = true
-			assert.Contains(t, joined, "--thumbnail", "record command should include --thumbnail flag")
-			break
-		}
-	}
-	assert.True(t, found, "expected a record command with the recording ID")
-
-	require.NoError(t, pd.Close())
-}
-
-func TestPortableDesktop_StartRecording_ConcurrentLimit(t *testing.T) {
-	t.Parallel()
-
-	logger := slogtest.Make(t, nil)
-	rec := &recordedExecer{
-		scripts: map[string]string{
-			"record": `trap 'exit 0' INT; sleep 120 & wait`,
-			"up":     `printf '{"vncPort":5901,"geometry":"1920x1080"}\n' && sleep 120`,
-		},
-	}
-
-	clk := quartz.NewReal()
-	pd := &portableDesktop{
-		logger:       logger,
-		execer:       rec,
-		scriptBinDir: t.TempDir(),
-		clock:        clk,
-		binPath:      "portabledesktop",
-		recordings:   make(map[string]*recordingProcess),
-	}
-	pd.lastDesktopActionAt.Store(clk.Now().UnixNano())
-
-	ctx := t.Context()
-
-	for i := range maxConcurrentRecordings {
-		err := pd.StartRecording(ctx, uuid.New().String())
-		require.NoError(t, err, "recording %d should succeed", i)
-	}
-
-	err := pd.StartRecording(ctx, uuid.New().String())
-	require.Error(t, err)
-	assert.Contains(t, err.Error(), "too many concurrent recordings")
-
-	require.NoError(t, pd.Close())
-}
-
-func TestPortableDesktop_StopRecording_ReturnsArtifact(t *testing.T) {
-	t.Parallel()
-
-	logger := slogtest.Make(t, nil)
-	rec := &recordedExecer{
-		scripts: map[string]string{
-			"record": `trap 'exit 0' INT; sleep 120 & wait`,
-			"up":     `printf '{"vncPort":5901,"geometry":"1920x1080"}\n' && sleep 120`,
-		},
-	}
-
-	clk := quartz.NewReal()
-	pd := &portableDesktop{
-		logger:       logger,
-		execer:       rec,
-		scriptBinDir: t.TempDir(),
-		clock:        clk,
-		binPath:      "portabledesktop",
-		recordings:   make(map[string]*recordingProcess),
-	}
-	pd.lastDesktopActionAt.Store(clk.Now().UnixNano())
-
-	ctx := t.Context()
-	recID := uuid.New().String()
-	err := pd.StartRecording(ctx, recID)
-	require.NoError(t, err)
-
-	// Write a dummy MP4 file at the expected path so StopRecording
-	// can open it as an artifact.
-	filePath := filepath.Join(os.TempDir(), "coder-recording-"+recID+".mp4")
-	require.NoError(t, os.WriteFile(filePath, []byte("fake-mp4-data"), 0o600))
-	t.Cleanup(func() { _ = os.Remove(filePath) })
-
-	artifact, err := pd.StopRecording(ctx, recID)
-	require.NoError(t, err)
-	defer artifact.Reader.Close()
-	assert.Equal(t, int64(len("fake-mp4-data")), artifact.Size)
-
-	// No thumbnail file exists, so ThumbnailReader should be nil.
-	assert.Nil(t, artifact.ThumbnailReader, "ThumbnailReader should be nil when no thumbnail file exists")
-
-	require.NoError(t, pd.Close())
-}
-
-func TestPortableDesktop_StopRecording_WithThumbnail(t *testing.T) {
-	t.Parallel()
-
-	logger := slogtest.Make(t, nil)
-	rec := &recordedExecer{
-		scripts: map[string]string{
-			"record": `trap 'exit 0' INT; sleep 120 & wait`,
-			"up":     `printf '{"vncPort":5901,"geometry":"1920x1080"}\n' && sleep 120`,
-		},
-	}
-
-	clk := quartz.NewReal()
-	pd := &portableDesktop{
-		logger:       logger,
-		execer:       rec,
-		scriptBinDir: t.TempDir(),
-		clock:        clk,
-		binPath:      "portabledesktop",
-		recordings:   make(map[string]*recordingProcess),
-	}
-	pd.lastDesktopActionAt.Store(clk.Now().UnixNano())
-
-	ctx := t.Context()
-	recID := uuid.New().String()
-	err := pd.StartRecording(ctx, recID)
-	require.NoError(t, err)
-
-	// Write a dummy MP4 file at the expected path.
-	filePath := filepath.Join(os.TempDir(), "coder-recording-"+recID+".mp4")
-	require.NoError(t, os.WriteFile(filePath, []byte("fake-mp4-data"), 0o600))
-	t.Cleanup(func() { _ = os.Remove(filePath) })
-
-	// Write a thumbnail file at the expected path.
-	thumbPath := filepath.Join(os.TempDir(), "coder-recording-"+recID+".thumb.jpg")
-	thumbContent := []byte("fake-jpeg-thumbnail")
-	require.NoError(t, os.WriteFile(thumbPath, thumbContent, 0o600))
-	t.Cleanup(func() { _ = os.Remove(thumbPath) })
-
-	artifact, err := pd.StopRecording(ctx, recID)
-	require.NoError(t, err)
-	defer artifact.Reader.Close()
-
-	assert.Equal(t, int64(len("fake-mp4-data")), artifact.Size)
-
-	// Thumbnail should be attached.
-	require.NotNil(t, artifact.ThumbnailReader, "ThumbnailReader should be non-nil when thumbnail file exists")
-	defer artifact.ThumbnailReader.Close()
-	assert.Equal(t, int64(len(thumbContent)), artifact.ThumbnailSize)
-
-	// Read and verify thumbnail content.
-	thumbData, err := io.ReadAll(artifact.ThumbnailReader)
-	require.NoError(t, err)
-	assert.Equal(t, thumbContent, thumbData)
-
-	require.NoError(t, pd.Close())
-}
-
-func TestPortableDesktop_StopRecording_UnknownID(t *testing.T) {
-	t.Parallel()
-
-	logger := slogtest.Make(t, nil)
-	rec := &recordedExecer{
-		scripts: map[string]string{
-			"record": `trap 'exit 0' INT; sleep 120 & wait`,
-		},
-	}
-
-	clk := quartz.NewReal()
-	pd := &portableDesktop{
-		logger:       logger,
-		execer:       rec,
-		scriptBinDir: t.TempDir(),
-		clock:        clk,
-		binPath:      "portabledesktop",
-		recordings:   make(map[string]*recordingProcess),
-	}
-	pd.lastDesktopActionAt.Store(clk.Now().UnixNano())
-
-	ctx := t.Context()
-	_, err := pd.StopRecording(ctx, uuid.New().String())
-	require.ErrorIs(t, err, ErrUnknownRecording)
-
-	require.NoError(t, pd.Close())
-}
-
 // Ensure that portableDesktop satisfies the Desktop interface at
 // compile time. This uses the unexported type so it lives in the
 // internal test package.
 var _ Desktop = (*portableDesktop)(nil)
-
-func TestPortableDesktop_IdleTimeout_StopsRecordings(t *testing.T) {
-	t.Parallel()
-
-	logger := slogtest.Make(t, nil)
-	rec := &recordedExecer{
-		scripts: map[string]string{
-			"record": `trap 'exit 0' INT; sleep 120 & wait`,
-			"up":     `printf '{"vncPort":5901,"geometry":"1920x1080"}\n' && sleep 120`,
-		},
-	}
-
-	clk := quartz.NewMock(t)
-	pd := &portableDesktop{
-		logger:       logger,
-		execer:       rec,
-		scriptBinDir: t.TempDir(),
-		clock:        clk,
-		binPath:      "portabledesktop",
-		recordings:   make(map[string]*recordingProcess),
-	}
-	pd.lastDesktopActionAt.Store(clk.Now().UnixNano())
-
-	ctx := t.Context()
-	recID := uuid.New().String()
-
-	// Install the trap before StartRecording so it is guaranteed
-	// to catch the idle monitor's NewTimer call regardless of
-	// goroutine scheduling.
-	trap := clk.Trap().NewTimer("agentdesktop", "recording_idle")
-
-	err := pd.StartRecording(ctx, recID)
-	require.NoError(t, err)
-
-	// Verify recording is active.
-	pd.mu.Lock()
-	require.False(t, pd.recordings[recID].stopped)
-	pd.mu.Unlock()
-
-	// Wait for the idle monitor timer to be created and release
-	// it so the monitor enters its select loop.
-	trap.MustWait(ctx).MustRelease(ctx)
-	trap.Close()
-
-	// The stop-all path calls lockedStopRecordingProcess which
-	// creates a per-recording 15s stop_timeout timer.
-	stopTrap := clk.Trap().NewTimer("agentdesktop", "stop_timeout")
-
-	// Advance past idle timeout to trigger the stop-all.
-	clk.Advance(idleTimeout)
-
-	// Wait for the stop timer to be created, then release it.
-	stopTrap.MustWait(ctx).MustRelease(ctx)
-	stopTrap.Close()
-
-	// The recording process should now be stopped.
-	require.Eventually(t, func() bool {
-		pd.mu.Lock()
-		defer pd.mu.Unlock()
-		rec, ok := pd.recordings[recID]
-		return ok && rec.stopped
-	}, testutil.WaitShort, testutil.IntervalFast)
-
-	require.NoError(t, pd.Close())
-}
-
-func TestPortableDesktop_IdleTimeout_ActivityResetsTimer(t *testing.T) {
-	t.Parallel()
-
-	logger := slogtest.Make(t, nil)
-	rec := &recordedExecer{
-		scripts: map[string]string{
-			"record": `trap 'exit 0' INT; sleep 120 & wait`,
-			"up":     `printf '{"vncPort":5901,"geometry":"1920x1080"}\n' && sleep 120`,
-		},
-	}
-
-	clk := quartz.NewMock(t)
-	pd := &portableDesktop{
-		logger:       logger,
-		execer:       rec,
-		scriptBinDir: t.TempDir(),
-		clock:        clk,
-		binPath:      "portabledesktop",
-		recordings:   make(map[string]*recordingProcess),
-	}
-	pd.lastDesktopActionAt.Store(clk.Now().UnixNano())
-
-	ctx := t.Context()
-	recID := uuid.New().String()
-
-	// Install the trap before StartRecording so it is guaranteed
-	// to catch the idle monitor's NewTimer call regardless of
-	// goroutine scheduling.
-	trap := clk.Trap().NewTimer("agentdesktop", "recording_idle")
-
-	err := pd.StartRecording(ctx, recID)
-	require.NoError(t, err)
-
-	// Wait for the idle monitor timer to be created.
-	trap.MustWait(ctx).MustRelease(ctx)
-	trap.Close()
-
-	// Advance most of the way but not past the timeout.
-	clk.Advance(idleTimeout - time.Minute)
-
-	// Record activity to reset the timer.
-	pd.RecordActivity()
-
-	// Trap the Reset call that the idle monitor makes when it
-	// sees recent activity.
-	resetTrap := clk.Trap().TimerReset("agentdesktop", "recording_idle")
-
-	// Advance past the original idle timeout deadline. The
-	// monitor should see the recent activity and reset instead
-	// of stopping.
-	clk.Advance(time.Minute)
-
-	resetTrap.MustWait(ctx).MustRelease(ctx)
-	resetTrap.Close()
-
-	// Recording should still be active because activity was
-	// recorded.
-	pd.mu.Lock()
-	require.False(t, pd.recordings[recID].stopped)
-	pd.mu.Unlock()
-
-	require.NoError(t, pd.Close())
-}
-
-func TestPortableDesktop_IdleTimeout_MultipleRecordings(t *testing.T) {
-	t.Parallel()
-
-	logger := slogtest.Make(t, nil)
-	rec := &recordedExecer{
-		scripts: map[string]string{
-			"record": `trap 'exit 0' INT; sleep 120 & wait`,
-			"up":     `printf '{"vncPort":5901,"geometry":"1920x1080"}\n' && sleep 120`,
-		},
-	}
-
-	clk := quartz.NewMock(t)
-	pd := &portableDesktop{
-		logger:       logger,
-		execer:       rec,
-		scriptBinDir: t.TempDir(),
-		clock:        clk,
-		binPath:      "portabledesktop",
-		recordings:   make(map[string]*recordingProcess),
-	}
-	pd.lastDesktopActionAt.Store(clk.Now().UnixNano())
-
-	ctx := t.Context()
-	recID1 := uuid.New().String()
-	recID2 := uuid.New().String()
-
-	// Trap idle timer creation for both recordings.
-	trap := clk.Trap().NewTimer("agentdesktop", "recording_idle")
-
-	err := pd.StartRecording(ctx, recID1)
-	require.NoError(t, err)
-
-	// Wait for first recording's idle timer.
-	trap.MustWait(ctx).MustRelease(ctx)
-
-	err = pd.StartRecording(ctx, recID2)
-	require.NoError(t, err)
-
-	// Wait for second recording's idle timer.
-	trap.MustWait(ctx).MustRelease(ctx)
-	trap.Close()
-
-	// Trap the stop timers that will be created when idle fires.
-	stopTrap := clk.Trap().NewTimer("agentdesktop", "stop_timeout")
-
-	// Advance past idle timeout.
-	clk.Advance(idleTimeout)
-
-	// Wait for both stop timers.
-	stopTrap.MustWait(ctx).MustRelease(ctx)
-	stopTrap.MustWait(ctx).MustRelease(ctx)
-	stopTrap.Close()
-
-	// Both recordings should be stopped.
-	require.Eventually(t, func() bool {
-		pd.mu.Lock()
-		defer pd.mu.Unlock()
-		r1, ok1 := pd.recordings[recID1]
-		r2, ok2 := pd.recordings[recID2]
-		return ok1 && r1.stopped && ok2 && r2.stopped
-	}, testutil.WaitShort, testutil.IntervalFast)
-
-	require.NoError(t, pd.Close())
-}
-
-func TestPortableDesktop_StartRecording_ReturnsErrDesktopClosed(t *testing.T) {
-	t.Parallel()
-
-	logger := slogtest.Make(t, nil)
-	rec := &recordedExecer{
-		scripts: map[string]string{
-			"up": `printf '{"vncPort":5901,"geometry":"1920x1080"}\n' && sleep 120`,
-		},
-	}
-
-	clk := quartz.NewReal()
-	pd := &portableDesktop{
-		logger:       logger,
-		execer:       rec,
-		scriptBinDir: t.TempDir(),
-		clock:        clk,
-		binPath:      "portabledesktop",
-		recordings:   make(map[string]*recordingProcess),
-	}
-	pd.lastDesktopActionAt.Store(clk.Now().UnixNano())
-
-	// Start and close the desktop so it's in the closed state.
-	ctx := t.Context()
-	_, err := pd.Start(ctx)
-	require.NoError(t, err)
-	require.NoError(t, pd.Close())
-
-	// StartRecording should now return ErrDesktopClosed.
-	err = pd.StartRecording(ctx, uuid.New().String())
-	require.ErrorIs(t, err, ErrDesktopClosed)
-}
-
-func TestPortableDesktop_Start_ReturnsErrDesktopClosed(t *testing.T) {
-	t.Parallel()
-
-	logger := slogtest.Make(t, nil)
-	rec := &recordedExecer{
-		scripts: map[string]string{
-			"up": `printf '{"vncPort":5901,"geometry":"1920x1080"}\n' && sleep 120`,
-		},
-	}
-
-	pd := &portableDesktop{
-		logger:       logger,
-		execer:       rec,
-		scriptBinDir: t.TempDir(),
-		clock:        quartz.NewReal(),
-		binPath:      "portabledesktop",
-		recordings:   make(map[string]*recordingProcess),
-	}
-	pd.lastDesktopActionAt.Store(pd.clock.Now().UnixNano())
-
-	ctx := t.Context()
-	_, err := pd.Start(ctx)
-	require.NoError(t, err)
-	require.NoError(t, pd.Close())
-
-	_, err = pd.Start(ctx)
-	require.ErrorIs(t, err, ErrDesktopClosed)
-}

agent/x/agentdesktop/portabledesktop_stop_other.go

@@ -1,12 +0,0 @@
-//go:build !windows
-
-package agentdesktop
-
-import "os"
-
-// interruptRecordingProcess sends a SIGINT to the recording process
-// for graceful shutdown. On Unix, os.Interrupt is delivered as
-// SIGINT which lets the recorder finalize the MP4 container.
-func interruptRecordingProcess(p *os.Process) error {
-	return p.Signal(os.Interrupt)
-}

agent/x/agentdesktop/portabledesktop_stop_windows.go

@@ -1,10 +0,0 @@
-package agentdesktop
-
-import "os"
-
-// interruptRecordingProcess kills the recording process directly
-// because os.Process.Signal(os.Interrupt) is not supported on
-// Windows and returns an error without delivering a signal.
-func interruptRecordingProcess(p *os.Process) error {
-	return p.Kill()
-}

agent/x/agentmcp/manager.go

@@ -187,11 +187,7 @@ func (*Manager) connectServer(ctx context.Context, cfg ServerConfig) (*client.Cl
 	connectCtx, cancel := context.WithTimeout(ctx, connectTimeout)
 	defer cancel()
 
-	// Use the parent ctx (not connectCtx) so the subprocess outlives
-	// the connect/initialize handshake. connectCtx bounds only the
-	// Initialize call below. The subprocess is cleaned up when the
-	// Manager is closed or ctx is canceled.
-	if err := c.Start(ctx); err != nil {
+	if err := c.Start(connectCtx); err != nil {
 		_ = c.Close()
 		return nil, xerrors.Errorf("start %q: %w", cfg.Name, err)
 	}

agent/x/agentmcp/manager_internal_test.go

@@ -1,11 +1,6 @@
 package agentmcp
 
 import (
-	"bufio"
-	"context"
-	"encoding/json"
-	"fmt"
-	"os"
 	"testing"
 
 	"github.com/mark3labs/mcp-go/mcp"
@@ -13,7 +8,6 @@ import (
 	"github.com/stretchr/testify/require"
 
 	"github.com/coder/coder/v2/codersdk/workspacesdk"
-	"github.com/coder/coder/v2/testutil"
 )
 
 func TestSplitToolName(t *testing.T) {
@@ -199,118 +193,3 @@ func TestConvertResult(t *testing.T) {
 		})
 	}
 }
-
-// TestConnectServer_StdioProcessSurvivesConnect verifies that a stdio MCP
-// server subprocess remains alive after connectServer returns. This is a
-// regression test for a bug where the subprocess was tied to a short-lived
-// connectCtx and killed as soon as the context was canceled.
-func TestConnectServer_StdioProcessSurvivesConnect(t *testing.T) {
-	t.Parallel()
-
-	if os.Getenv("TEST_MCP_FAKE_SERVER") == "1" {
-		// Child process: act as a minimal MCP server over stdio.
-		runFakeMCPServer()
-		return
-	}
-
-	// Get the path to the test binary so we can re-exec ourselves
-	// as a fake MCP server subprocess.
-	testBin, err := os.Executable()
-	require.NoError(t, err)
-
-	cfg := ServerConfig{
-		Name:      "fake",
-		Transport: "stdio",
-		Command:   testBin,
-		Args:      []string{"-test.run=^TestConnectServer_StdioProcessSurvivesConnect$"},
-		Env:       map[string]string{"TEST_MCP_FAKE_SERVER": "1"},
-	}
-
-	ctx := testutil.Context(t, testutil.WaitLong)
-	m := &Manager{}
-	client, err := m.connectServer(ctx, cfg)
-	require.NoError(t, err, "connectServer should succeed")
-	t.Cleanup(func() { _ = client.Close() })
-
-	// At this point connectServer has returned and its internal
-	// connectCtx has been canceled. The subprocess must still be
-	// alive. Verify by listing tools (requires a live server).
-	listCtx, listCancel := context.WithTimeout(ctx, testutil.WaitShort)
-	defer listCancel()
-	result, err := client.ListTools(listCtx, mcp.ListToolsRequest{})
-	require.NoError(t, err, "ListTools should succeed — server must be alive after connect")
-	require.Len(t, result.Tools, 1)
-	assert.Equal(t, "echo", result.Tools[0].Name)
-}
-
-// runFakeMCPServer implements a minimal JSON-RPC / MCP server over
-// stdin/stdout, just enough for initialize + tools/list.
-func runFakeMCPServer() {
-	scanner := bufio.NewScanner(os.Stdin)
-	for scanner.Scan() {
-		line := scanner.Bytes()
-
-		var req struct {
-			JSONRPC string          `json:"jsonrpc"`
-			ID      json.RawMessage `json:"id"`
-			Method  string          `json:"method"`
-		}
-		if err := json.Unmarshal(line, &req); err != nil {
-			continue
-		}
-
-		var resp any
-		switch req.Method {
-		case "initialize":
-			resp = map[string]any{
-				"jsonrpc": "2.0",
-				"id":      req.ID,
-				"result": map[string]any{
-					"protocolVersion": "2025-03-26",
-					"capabilities": map[string]any{
-						"tools": map[string]any{},
-					},
-					"serverInfo": map[string]any{
-						"name":    "fake-server",
-						"version": "0.0.1",
-					},
-				},
-			}
-		case "notifications/initialized":
-			// No response needed for notifications.
-			continue
-		case "tools/list":
-			resp = map[string]any{
-				"jsonrpc": "2.0",
-				"id":      req.ID,
-				"result": map[string]any{
-					"tools": []map[string]any{
-						{
-							"name":        "echo",
-							"description": "echoes input",
-							"inputSchema": map[string]any{
-								"type":       "object",
-								"properties": map[string]any{},
-							},
-						},
-					},
-				},
-			}
-		default:
-			resp = map[string]any{
-				"jsonrpc": "2.0",
-				"id":      req.ID,
-				"error": map[string]any{
-					"code":    -32601,
-					"message": "method not found",
-				},
-			}
-		}
-
-		out, err := json.Marshal(resp)
-		if err != nil {
-			continue
-		}
-		_, _ = fmt.Fprintf(os.Stdout, "%s\n", out)
-	}
-}

biome.jsonc

@@ -3,13 +3,11 @@
 		"enabled": true,
 		"clientKind": "git",
 		"useIgnoreFile": true,
-		"defaultBranch": "main"
+		"defaultBranch": "main",
 	},
 	"files": {
-		// static/*.html are Go templates with {{ }} directives that
-		// Biome's HTML parser does not support.
-		"includes": ["**", "!**/pnpm-lock.yaml", "!**/static/*.html"],
-		"ignoreUnknown": true
+		"includes": ["**", "!**/pnpm-lock.yaml"],
+		"ignoreUnknown": true,
 	},
 	"linter": {
 		"rules": {
@@ -17,7 +15,7 @@
 				"noSvgWithoutTitle": "off",
 				"useButtonType": "off",
 				"useSemanticElements": "off",
-				"noStaticElementInteractions": "off"
+				"noStaticElementInteractions": "off",
 			},
 			"correctness": {
 				"noUnusedImports": "warn",
@@ -26,9 +24,9 @@
 				"noUnusedVariables": {
 					"level": "warn",
 					"options": {
-						"ignoreRestSiblings": true
-					}
-				}
+						"ignoreRestSiblings": true,
+					},
+				},
 			},
 			"style": {
 				"noNonNullAssertion": "off",
@@ -49,7 +47,7 @@
 						"paths": {
 							"react": {
 								"message": "React 19 no longer requires forwardRef. Use ref as a prop instead.",
-								"importNames": ["forwardRef"]
+								"importNames": ["forwardRef"],
 							},
 							// "@mui/material/Alert": "Use components/Alert/Alert instead.",
 							// "@mui/material/AlertTitle": "Use components/Alert/Alert instead.",
@@ -117,10 +115,10 @@
 							"@emotion/styled": "Use Tailwind CSS instead.",
 							// "@emotion/cache": "Use Tailwind CSS instead.",
 							// "components/Stack/Stack": "Use Tailwind flex utilities instead (e.g., <div className='flex flex-col gap-4'>).",
-							"lodash": "Use lodash/<name> instead."
-						}
-					}
-				}
+							"lodash": "Use lodash/<name> instead.",
+						},
+					},
+				},
 			},
 			"suspicious": {
 				"noArrayIndexKey": "off",
@@ -131,21 +129,14 @@
 				"noConsole": {
 					"level": "error",
 					"options": {
-						"allow": ["error", "info", "warn"]
-					}
-				}
+						"allow": ["error", "info", "warn"],
+					},
+				},
 			},
 			"complexity": {
-				"noImportantStyles": "off" // TODO: check and fix !important styles
-			}
-		}
+				"noImportantStyles": "off", // TODO: check and fix !important styles
+			},
+		},
 	},
-	"css": {
-		"parser": {
-			// Biome 2.3+ requires opt-in for @apply and other
-			// Tailwind directives.
-			"tailwindDirectives": true
-		}
-	},
-	"$schema": "./node_modules/@biomejs/biome/configuration_schema.json"
+	"$schema": "./node_modules/@biomejs/biome/configuration_schema.json",
 }

buildinfo/buildinfo.go

@@ -87,12 +87,6 @@ func IsDevVersion(v string) bool {
 	return strings.Contains(v, "-"+develPreRelease)
 }
 
-// IsRCVersion returns true if the version has a release candidate
-// pre-release tag, e.g. "v2.31.0-rc.0".
-func IsRCVersion(v string) bool {
-	return strings.Contains(v, "-rc.")
-}
-
 // IsDev returns true if this is a development build.
 // CI builds are also considered development builds.
 func IsDev() bool {

buildinfo/buildinfo_test.go

@@ -102,29 +102,3 @@ func TestBuildInfo(t *testing.T) {
 		}
 	})
 }
-
-func TestIsRCVersion(t *testing.T) {
-	t.Parallel()
-
-	cases := []struct {
-		name     string
-		version  string
-		expected bool
-	}{
-		{"RC0", "v2.31.0-rc.0", true},
-		{"RC1WithBuild", "v2.31.0-rc.1+abc123", true},
-		{"RC10", "v2.31.0-rc.10", true},
-		{"RCDevel", "v2.33.0-rc.1-devel+727ec00f7", true},
-		{"DevelVersion", "v2.31.0-devel+abc123", false},
-		{"StableVersion", "v2.31.0", false},
-		{"DevNoVersion", "v0.0.0-devel+abc123", false},
-		{"BetaVersion", "v2.31.0-beta.1", false},
-	}
-
-	for _, c := range cases {
-		t.Run(c.name, func(t *testing.T) {
-			t.Parallel()
-			require.Equal(t, c.expected, buildinfo.IsRCVersion(c.version))
-		})
-	}
-}

cli/agent.go

@@ -17,7 +17,6 @@ import (
 	"strings"
 	"time"
 
-	"github.com/google/uuid"
 	"github.com/prometheus/client_golang/prometheus"
 	"golang.org/x/xerrors"
 	"gopkg.in/natefinch/lumberjack.v2"
@@ -53,8 +52,6 @@ func workspaceAgent() *serpent.Command {
 		slogJSONPath                   string
 		slogStackdriverPath            string
 		blockFileTransfer              bool
-		blockReversePortForwarding     bool
-		blockLocalPortForwarding       bool
 		agentHeaderCommand             string
 		agentHeader                    []string
 		devcontainers                  bool
@@ -275,14 +272,11 @@ func workspaceAgent() *serpent.Command {
 				logger.Info(ctx, "agent devcontainer detection not enabled")
 			}
 
-			reinitCtx, reinitCancel := context.WithCancel(ctx)
-			defer reinitCancel()
-			reinitEvents := agentsdk.WaitForReinitLoop(reinitCtx, logger, client)
+			reinitEvents := agentsdk.WaitForReinitLoop(ctx, logger, client)
 
 			var (
-				lastOwnerID uuid.UUID
-				lastErr     error
-				mustExit    bool
+				lastErr  error
+				mustExit bool
 			)
 			for {
 				prometheusRegistry := prometheus.NewRegistry()
@@ -321,12 +315,10 @@ func workspaceAgent() *serpent.Command {
 					SSHMaxTimeout:        sshMaxTimeout,
 					Subsystems:           subsystems,
 
-					PrometheusRegistry:         prometheusRegistry,
-					BlockFileTransfer:          blockFileTransfer,
-					BlockReversePortForwarding: blockReversePortForwarding,
-					BlockLocalPortForwarding:   blockLocalPortForwarding,
-					Execer:                     execer,
-					Devcontainers:              devcontainers,
+					PrometheusRegistry: prometheusRegistry,
+					BlockFileTransfer:  blockFileTransfer,
+					Execer:             execer,
+					Devcontainers:      devcontainers,
 					DevcontainerAPIOptions: []agentcontainers.Option{
 						agentcontainers.WithSubAgentURL(agentAuth.agentURL.String()),
 						agentcontainers.WithProjectDiscovery(devcontainerProjectDiscovery),
@@ -351,32 +343,9 @@ func workspaceAgent() *serpent.Command {
 				case <-ctx.Done():
 					logger.Info(ctx, "agent shutting down", slog.Error(context.Cause(ctx)))
 					mustExit = true
-				case event, ok := <-reinitEvents:
-					switch {
-					case !ok:
-						// Channel closed — the reinit loop exited
-						// (terminal 409 or context expired). Keep
-						// running the current agent until the parent
-						// context is canceled.
-						logger.Info(ctx, "reinit channel closed, running without reinit capability")
-						reinitEvents = nil
-						<-ctx.Done()
-						mustExit = true
-					case event.OwnerID != uuid.Nil && event.OwnerID == lastOwnerID:
-						// Duplicate reinit for same owner — already
-						// reinitialized. Cancel the reinit loop
-						// goroutine and keep the current agent.
-						logger.Info(ctx, "skipping redundant reinit, owner unchanged",
-							slog.F("owner_id", event.OwnerID))
-						reinitCancel()
-						reinitEvents = nil
-						<-ctx.Done()
-						mustExit = true
-					default:
-						lastOwnerID = event.OwnerID
-						logger.Info(ctx, "agent received instruction to reinitialize",
-							slog.F("workspace_id", event.WorkspaceID), slog.F("reason", event.Reason))
-					}
+				case event := <-reinitEvents:
+					logger.Info(ctx, "agent received instruction to reinitialize",
+						slog.F("workspace_id", event.WorkspaceID), slog.F("reason", event.Reason))
 				}
 
 				lastErr = agnt.Close()
@@ -497,20 +466,6 @@ func workspaceAgent() *serpent.Command {
 			Description: fmt.Sprintf("Block file transfer using known applications: %s.", strings.Join(agentssh.BlockedFileTransferCommands, ",")),
 			Value:       serpent.BoolOf(&blockFileTransfer),
 		},
-		{
-			Flag:        "block-reverse-port-forwarding",
-			Default:     "false",
-			Env:         "CODER_AGENT_BLOCK_REVERSE_PORT_FORWARDING",
-			Description: "Block reverse port forwarding through the SSH server (ssh -R).",
-			Value:       serpent.BoolOf(&blockReversePortForwarding),
-		},
-		{
-			Flag:        "block-local-port-forwarding",
-			Default:     "false",
-			Env:         "CODER_AGENT_BLOCK_LOCAL_PORT_FORWARDING",
-			Description: "Block local port forwarding through the SSH server (ssh -L).",
-			Value:       serpent.BoolOf(&blockLocalPortForwarding),
-		},
 		{
 			Flag:        "devcontainers-enable",
 			Default:     "true",

cli/clilog/clilog.go

@@ -104,7 +104,7 @@ func (b *Builder) Build(inv *serpent.Invocation) (log slog.Logger, closeLog func
 
 	addSinkIfProvided := func(sinkFn func(io.Writer) slog.Sink, loc string) error {
 		switch loc {
-		case "", "/dev/null":
+		case "":
 		case "/dev/stdout":
 			sinks = append(sinks, sinkFn(inv.Stdout))
 

cli/exp_chat.go

@@ -1,194 +0,0 @@
-package cli
-
-import (
-	"fmt"
-	"os"
-	"path/filepath"
-
-	"github.com/google/uuid"
-	"golang.org/x/xerrors"
-
-	"github.com/coder/coder/v2/agent/agentcontextconfig"
-	"github.com/coder/coder/v2/codersdk/agentsdk"
-	"github.com/coder/serpent"
-)
-
-func (r *RootCmd) chatCommand() *serpent.Command {
-	return &serpent.Command{
-		Use:   "chat",
-		Short: "Manage agent chats",
-		Long:  "Commands for interacting with chats from within a workspace.",
-		Handler: func(i *serpent.Invocation) error {
-			return i.Command.HelpHandler(i)
-		},
-		Children: []*serpent.Command{
-			r.chatContextCommand(),
-		},
-	}
-}
-
-func (r *RootCmd) chatContextCommand() *serpent.Command {
-	return &serpent.Command{
-		Use:   "context",
-		Short: "Manage chat context",
-		Long:  "Add or clear context files and skills for an active chat session.",
-		Handler: func(i *serpent.Invocation) error {
-			return i.Command.HelpHandler(i)
-		},
-		Children: []*serpent.Command{
-			r.chatContextAddCommand(),
-			r.chatContextClearCommand(),
-		},
-	}
-}
-
-func (*RootCmd) chatContextAddCommand() *serpent.Command {
-	var (
-		dir    string
-		chatID string
-	)
-	agentAuth := &AgentAuth{}
-	cmd := &serpent.Command{
-		Use:   "add",
-		Short: "Add context to an active chat",
-		Long: "Read instruction files and discover skills from a directory, then add " +
-			"them as context to an active chat session. Multiple calls " +
-			"are additive.",
-		Handler: func(inv *serpent.Invocation) error {
-			ctx := inv.Context()
-			ctx, stop := inv.SignalNotifyContext(ctx, StopSignals...)
-			defer stop()
-
-			if dir == "" && inv.Environ.Get("CODER") != "true" {
-				return xerrors.New("this command must be run inside a Coder workspace (set --dir to override)")
-			}
-
-			client, err := agentAuth.CreateClient()
-			if err != nil {
-				return xerrors.Errorf("create agent client: %w", err)
-			}
-
-			resolvedDir := dir
-			if resolvedDir == "" {
-				resolvedDir, err = os.Getwd()
-				if err != nil {
-					return xerrors.Errorf("get working directory: %w", err)
-				}
-			}
-			resolvedDir, err = filepath.Abs(resolvedDir)
-			if err != nil {
-				return xerrors.Errorf("resolve directory: %w", err)
-			}
-			info, err := os.Stat(resolvedDir)
-			if err != nil {
-				return xerrors.Errorf("cannot read directory %q: %w", resolvedDir, err)
-			}
-			if !info.IsDir() {
-				return xerrors.Errorf("%q is not a directory", resolvedDir)
-			}
-
-			parts := agentcontextconfig.ContextPartsFromDir(resolvedDir)
-			if len(parts) == 0 {
-				_, _ = fmt.Fprintln(inv.Stderr, "No context files or skills found in "+resolvedDir)
-				return nil
-			}
-
-			// Resolve chat ID from flag or auto-detect.
-			resolvedChatID, err := parseChatID(chatID)
-			if err != nil {
-				return err
-			}
-
-			resp, err := client.AddChatContext(ctx, agentsdk.AddChatContextRequest{
-				ChatID: resolvedChatID,
-				Parts:  parts,
-			})
-			if err != nil {
-				return xerrors.Errorf("add chat context: %w", err)
-			}
-
-			_, _ = fmt.Fprintf(inv.Stdout, "Added %d context part(s) to chat %s\n", resp.Count, resp.ChatID)
-			return nil
-		},
-		Options: serpent.OptionSet{
-			{
-				Name:        "Directory",
-				Flag:        "dir",
-				Description: "Directory to read context files and skills from. Defaults to the current working directory.",
-				Value:       serpent.StringOf(&dir),
-			},
-			{
-				Name:        "Chat ID",
-				Flag:        "chat",
-				Env:         "CODER_CHAT_ID",
-				Description: "Chat ID to add context to. Auto-detected from CODER_CHAT_ID, the only active chat, or the only top-level active chat.",
-				Value:       serpent.StringOf(&chatID),
-			},
-		},
-	}
-	agentAuth.AttachOptions(cmd, false)
-	return cmd
-}
-
-func (*RootCmd) chatContextClearCommand() *serpent.Command {
-	var chatID string
-	agentAuth := &AgentAuth{}
-	cmd := &serpent.Command{
-		Use:   "clear",
-		Short: "Clear context from an active chat",
-		Long: "Soft-delete all context-file and skill messages from an active chat. " +
-			"The next turn will re-fetch default context from the agent.",
-		Handler: func(inv *serpent.Invocation) error {
-			ctx := inv.Context()
-			ctx, stop := inv.SignalNotifyContext(ctx, StopSignals...)
-			defer stop()
-
-			client, err := agentAuth.CreateClient()
-			if err != nil {
-				return xerrors.Errorf("create agent client: %w", err)
-			}
-
-			resolvedChatID, err := parseChatID(chatID)
-			if err != nil {
-				return err
-			}
-
-			resp, err := client.ClearChatContext(ctx, agentsdk.ClearChatContextRequest{
-				ChatID: resolvedChatID,
-			})
-			if err != nil {
-				return xerrors.Errorf("clear chat context: %w", err)
-			}
-
-			if resp.ChatID == uuid.Nil {
-				_, _ = fmt.Fprintln(inv.Stdout, "No active chats to clear.")
-			} else {
-				_, _ = fmt.Fprintf(inv.Stdout, "Cleared context from chat %s\n", resp.ChatID)
-			}
-			return nil
-		},
-		Options: serpent.OptionSet{{
-			Name:        "Chat ID",
-			Flag:        "chat",
-			Env:         "CODER_CHAT_ID",
-			Description: "Chat ID to clear context from. Auto-detected from CODER_CHAT_ID, the only active chat, or the only top-level active chat.",
-			Value:       serpent.StringOf(&chatID),
-		}},
-	}
-	agentAuth.AttachOptions(cmd, false)
-	return cmd
-}
-
-// parseChatID returns the chat UUID from the flag value (which
-// serpent already populates from --chat or CODER_CHAT_ID). Returns
-// uuid.Nil if empty (the server will auto-detect).
-func parseChatID(flagValue string) (uuid.UUID, error) {
-	if flagValue == "" {
-		return uuid.Nil, nil
-	}
-	parsed, err := uuid.Parse(flagValue)
-	if err != nil {
-		return uuid.Nil, xerrors.Errorf("invalid chat ID %q: %w", flagValue, err)
-	}
-	return parsed, nil
-}

cli/exp_chat_test.go

@@ -1,46 +0,0 @@
-package cli_test
-
-import (
-	"testing"
-
-	"github.com/stretchr/testify/require"
-
-	"github.com/coder/coder/v2/cli/clitest"
-)
-
-func TestExpChatContextAdd(t *testing.T) {
-	t.Parallel()
-
-	t.Run("RequiresWorkspaceOrDir", func(t *testing.T) {
-		t.Parallel()
-
-		inv, _ := clitest.New(t, "exp", "chat", "context", "add")
-
-		err := inv.Run()
-		require.Error(t, err)
-		require.Contains(t, err.Error(), "this command must be run inside a Coder workspace")
-	})
-
-	t.Run("AllowsExplicitDir", func(t *testing.T) {
-		t.Parallel()
-
-		inv, _ := clitest.New(t, "exp", "chat", "context", "add", "--dir", t.TempDir())
-
-		err := inv.Run()
-		if err != nil {
-			require.NotContains(t, err.Error(), "this command must be run inside a Coder workspace")
-		}
-	})
-
-	t.Run("AllowsWorkspaceEnv", func(t *testing.T) {
-		t.Parallel()
-
-		inv, _ := clitest.New(t, "exp", "chat", "context", "add")
-		inv.Environ.Set("CODER", "true")
-
-		err := inv.Run()
-		if err != nil {
-			require.NotContains(t, err.Error(), "this command must be run inside a Coder workspace")
-		}
-	})
-}

cli/exp_scaletest.go

@@ -1401,9 +1401,6 @@ func (r *RootCmd) scaletestWorkspaceTraffic() *serpent.Command {
 				// Setup our workspace agent connection.
 				config := workspacetraffic.Config{
 					AgentID:       agent.ID,
-					WorkspaceID:   ws.ID,
-					WorkspaceName: ws.Name,
-					AgentName:     agent.Name,
 					BytesPerTick:  bytesPerTick,
 					Duration:      strategy.timeout,
 					TickInterval:  tickInterval,

cli/root.go

@@ -7,7 +7,6 @@ import (
 	"encoding/base64"
 	"encoding/json"
 	"errors"
-	"flag"
 	"fmt"
 	"io"
 	"net/http"
@@ -149,7 +148,6 @@ func (r *RootCmd) AGPLExperimental() []*serpent.Command {
 	return []*serpent.Command{
 		r.scaletestCmd(),
 		r.errorExample(),
-		r.chatCommand(),
 		r.mcpCommand(),
 		r.promptExample(),
 		r.rptyCommand(),
@@ -712,7 +710,7 @@ func (r *RootCmd) createHTTPClient(ctx context.Context, serverURL *url.URL, inv
 	transport = wrapTransportWithTelemetryHeader(transport, inv)
 	transport = wrapTransportWithUserAgentHeader(transport, inv)
 	if !r.noVersionCheck {
-		transport = wrapTransportWithVersionCheck(transport, inv, buildinfo.Version(), func(ctx context.Context) (codersdk.BuildInfoResponse, error) {
+		transport = wrapTransportWithVersionMismatchCheck(transport, inv, buildinfo.Version(), func(ctx context.Context) (codersdk.BuildInfoResponse, error) {
 			// Create a new client without any wrapped transport
 			// otherwise it creates an infinite loop!
 			basicClient := codersdk.New(serverURL)
@@ -1436,21 +1434,6 @@ func defaultUpgradeMessage(version string) string {
 	return fmt.Sprintf("download the server version with: 'curl -L https://coder.com/install.sh | sh -s -- --version %s'", version)
 }
 
-// serverVersionMessage returns a warning message if the server version
-// is a release candidate or development build. Returns empty string
-// for stable versions. RC is checked before devel because RC dev
-// builds (e.g. v2.33.0-rc.1-devel+hash) contain both tags.
-func serverVersionMessage(serverVersion string) string {
-	switch {
-	case buildinfo.IsRCVersion(serverVersion):
-		return fmt.Sprintf("the server is running a release candidate of Coder (%s)", serverVersion)
-	case buildinfo.IsDevVersion(serverVersion):
-		return fmt.Sprintf("the server is running a development version of Coder (%s)", serverVersion)
-	default:
-		return ""
-	}
-}
-
 // wrapTransportWithEntitlementsCheck adds a middleware to the HTTP transport
 // that checks for entitlement warnings and prints them to the user.
 func wrapTransportWithEntitlementsCheck(rt http.RoundTripper, w io.Writer) http.RoundTripper {
@@ -1469,10 +1452,10 @@ func wrapTransportWithEntitlementsCheck(rt http.RoundTripper, w io.Writer) http.
 	})
 }
 
-// wrapTransportWithVersionCheck adds a middleware to the HTTP transport
-// that checks the server version and warns about development builds,
-// release candidates, and client/server version mismatches.
-func wrapTransportWithVersionCheck(rt http.RoundTripper, inv *serpent.Invocation, clientVersion string, getBuildInfo func(ctx context.Context) (codersdk.BuildInfoResponse, error)) http.RoundTripper {
+// wrapTransportWithVersionMismatchCheck adds a middleware to the HTTP transport
+// that checks for version mismatches between the client and server. If a mismatch
+// is detected, a warning is printed to the user.
+func wrapTransportWithVersionMismatchCheck(rt http.RoundTripper, inv *serpent.Invocation, clientVersion string, getBuildInfo func(ctx context.Context) (codersdk.BuildInfoResponse, error)) http.RoundTripper {
 	var once sync.Once
 	return roundTripper(func(req *http.Request) (*http.Response, error) {
 		res, err := rt.RoundTrip(req)
@@ -1484,16 +1467,9 @@ func wrapTransportWithVersionCheck(rt http.RoundTripper, inv *serpent.Invocation
 			if serverVersion == "" {
 				return
 			}
-			// Warn about non-stable server versions. Skip
-			// during tests to avoid polluting golden files.
-			if msg := serverVersionMessage(serverVersion); msg != "" && flag.Lookup("test.v") == nil {
-				warning := pretty.Sprint(cliui.DefaultStyles.Warn, msg)
-				_, _ = fmt.Fprintln(inv.Stderr, warning)
-			}
 			if buildinfo.VersionsMatch(clientVersion, serverVersion) {
 				return
 			}
-
 			upgradeMessage := defaultUpgradeMessage(semver.Canonical(serverVersion))
 			if serverInfo, err := getBuildInfo(inv.Context()); err == nil {
 				switch {

cli/root_internal_test.go

@@ -91,7 +91,7 @@ func Test_formatExamples(t *testing.T) {
 	}
 }
 
-func Test_wrapTransportWithVersionCheck(t *testing.T) {
+func Test_wrapTransportWithVersionMismatchCheck(t *testing.T) {
 	t.Parallel()
 
 	t.Run("NoOutput", func(t *testing.T) {
@@ -102,7 +102,7 @@ func Test_wrapTransportWithVersionCheck(t *testing.T) {
 		var buf bytes.Buffer
 		inv := cmd.Invoke()
 		inv.Stderr = &buf
-		rt := wrapTransportWithVersionCheck(roundTripper(func(req *http.Request) (*http.Response, error) {
+		rt := wrapTransportWithVersionMismatchCheck(roundTripper(func(req *http.Request) (*http.Response, error) {
 			return &http.Response{
 				StatusCode: http.StatusOK,
 				Header: http.Header{
@@ -131,7 +131,7 @@ func Test_wrapTransportWithVersionCheck(t *testing.T) {
 		inv := cmd.Invoke()
 		inv.Stderr = &buf
 		expectedUpgradeMessage := "My custom upgrade message"
-		rt := wrapTransportWithVersionCheck(roundTripper(func(req *http.Request) (*http.Response, error) {
+		rt := wrapTransportWithVersionMismatchCheck(roundTripper(func(req *http.Request) (*http.Response, error) {
 			return &http.Response{
 				StatusCode: http.StatusOK,
 				Header: http.Header{
@@ -159,53 +159,6 @@ func Test_wrapTransportWithVersionCheck(t *testing.T) {
 		expectedOutput := fmt.Sprintln(pretty.Sprint(cliui.DefaultStyles.Warn, fmtOutput))
 		require.Equal(t, expectedOutput, buf.String())
 	})
-
-	t.Run("ServerStableVersion", func(t *testing.T) {
-		t.Parallel()
-		r := &RootCmd{}
-		cmd, err := r.Command(nil)
-		require.NoError(t, err)
-		var buf bytes.Buffer
-		inv := cmd.Invoke()
-		inv.Stderr = &buf
-		rt := wrapTransportWithVersionCheck(roundTripper(func(req *http.Request) (*http.Response, error) {
-			return &http.Response{
-				StatusCode: http.StatusOK,
-				Header: http.Header{
-					codersdk.BuildVersionHeader: []string{"v2.31.0"},
-				},
-				Body: io.NopCloser(nil),
-			}, nil
-		}), inv, "v2.31.0", nil)
-		req := httptest.NewRequest(http.MethodGet, "http://example.com", nil)
-		res, err := rt.RoundTrip(req)
-		require.NoError(t, err)
-		defer res.Body.Close()
-		require.Empty(t, buf.String())
-	})
-}
-
-func Test_serverVersionMessage(t *testing.T) {
-	t.Parallel()
-
-	cases := []struct {
-		name     string
-		version  string
-		expected string
-	}{
-		{"Stable", "v2.31.0", ""},
-		{"Dev", "v0.0.0-devel+abc123", "the server is running a development version of Coder (v0.0.0-devel+abc123)"},
-		{"RC", "v2.31.0-rc.1", "the server is running a release candidate of Coder (v2.31.0-rc.1)"},
-		{"RCDevel", "v2.33.0-rc.1-devel+727ec00f7", "the server is running a release candidate of Coder (v2.33.0-rc.1-devel+727ec00f7)"},
-		{"Empty", "", ""},
-	}
-
-	for _, c := range cases {
-		t.Run(c.name, func(t *testing.T) {
-			t.Parallel()
-			require.Equal(t, c.expected, serverVersionMessage(c.version))
-		})
-	}
 }
 
 func Test_wrapTransportWithTelemetryHeader(t *testing.T) {

cli/server.go

@@ -79,7 +79,6 @@ import (
 	"github.com/coder/coder/v2/coderd/notifications"
 	"github.com/coder/coder/v2/coderd/notifications/reports"
 	"github.com/coder/coder/v2/coderd/oauthpki"
-	"github.com/coder/coder/v2/coderd/objstore"
 	"github.com/coder/coder/v2/coderd/pproflabel"
 	"github.com/coder/coder/v2/coderd/prometheusmetrics"
 	"github.com/coder/coder/v2/coderd/prometheusmetrics/insights"
@@ -639,19 +638,12 @@ func (r *RootCmd) Server(newAPI func(context.Context, *coderd.Options) (*coderd.
 					vals.WorkspaceHostnameSuffix.String())
 			}
 
-			objStore, err := objstore.FromConfig(ctx, vals.ObjectStore, r.globalConfig)
-			if err != nil {
-				return xerrors.Errorf("initialize object store: %w", err)
-			}
-			defer objStore.Close()
-
 			options := &coderd.Options{
 				AccessURL:                   vals.AccessURL.Value(),
 				AppHostname:                 appHostname,
 				AppHostnameRegex:            appHostnameRegex,
 				Logger:                      logger.Named("coderd"),
 				Database:                    nil,
-				ObjectStore:                 objStore,
 				BaseDERPMap:                 derpMap,
 				Pubsub:                      nil,
 				CacheDir:                    cacheDir,
@@ -1083,7 +1075,7 @@ func (r *RootCmd) Server(newAPI func(context.Context, *coderd.Options) (*coderd.
 			defer shutdownConns()
 
 			// Ensures that old database entries are cleaned up over time!
-			purger := dbpurge.New(ctx, logger.Named("dbpurge"), options.Database, options.DeploymentValues, quartz.NewReal(), options.PrometheusRegistry, objStore)
+			purger := dbpurge.New(ctx, logger.Named("dbpurge"), options.Database, options.DeploymentValues, quartz.NewReal(), options.PrometheusRegistry)
 			defer purger.Close()
 
 			// Updates workspace usage

cli/ssh.go

@@ -52,10 +52,6 @@ import (
 
 const (
 	disableUsageApp = "disable"
-
-	// Retry transient errors during SSH connection establishment.
-	sshRetryInterval = 2 * time.Second
-	sshMaxAttempts   = 10 // initial + retries per step
 )
 
 var (
@@ -66,53 +62,6 @@ var (
 	workspaceNameRe         = regexp.MustCompile(`[/.]+|--`)
 )
 
-// isRetryableError checks for transient connection errors worth
-// retrying: DNS failures, connection refused, and server 5xx.
-func isRetryableError(err error) bool {
-	if err == nil || xerrors.Is(err, context.Canceled) {
-		return false
-	}
-	// Check connection errors before context.DeadlineExceeded because
-	// net.Dialer.Timeout produces *net.OpError that matches both.
-	if codersdk.IsConnectionError(err) {
-		return true
-	}
-	if xerrors.Is(err, context.DeadlineExceeded) {
-		return false
-	}
-	var sdkErr *codersdk.Error
-	if xerrors.As(err, &sdkErr) {
-		return sdkErr.StatusCode() >= 500
-	}
-	return false
-}
-
-// retryWithInterval calls fn up to maxAttempts times, waiting
-// interval between attempts. Stops on success, non-retryable
-// error, or context cancellation.
-func retryWithInterval(ctx context.Context, logger slog.Logger, interval time.Duration, maxAttempts int, fn func() error) error {
-	var lastErr error
-	attempt := 0
-	for r := retry.New(interval, interval); r.Wait(ctx); {
-		lastErr = fn()
-		if lastErr == nil || !isRetryableError(lastErr) {
-			return lastErr
-		}
-		attempt++
-		if attempt >= maxAttempts {
-			break
-		}
-		logger.Warn(ctx, "transient error, retrying",
-			slog.Error(lastErr),
-			slog.F("attempt", attempt),
-		)
-	}
-	if lastErr != nil {
-		return lastErr
-	}
-	return ctx.Err()
-}
-
 func (r *RootCmd) ssh() *serpent.Command {
 	var (
 		stdio               bool
@@ -328,17 +277,10 @@ func (r *RootCmd) ssh() *serpent.Command {
 				HostnameSuffix: hostnameSuffix,
 			}
 
-			// Populated by the closure below.
-			var workspace codersdk.Workspace
-			var workspaceAgent codersdk.WorkspaceAgent
-			resolveWorkspace := func() error {
-				var err error
-				workspace, workspaceAgent, err = findWorkspaceAndAgentByHostname(
-					ctx, inv, client,
-					inv.Args[0], cliConfig, disableAutostart)
-				return err
-			}
-			if err := retryWithInterval(ctx, logger, sshRetryInterval, sshMaxAttempts, resolveWorkspace); err != nil {
+			workspace, workspaceAgent, err := findWorkspaceAndAgentByHostname(
+				ctx, inv, client,
+				inv.Args[0], cliConfig, disableAutostart)
+			if err != nil {
 				return err
 			}
 
@@ -364,13 +306,8 @@ func (r *RootCmd) ssh() *serpent.Command {
 				wait = false
 			}
 
-			var templateVersion codersdk.TemplateVersion
-			fetchVersion := func() error {
-				var err error
-				templateVersion, err = client.TemplateVersion(ctx, workspace.LatestBuild.TemplateVersionID)
-				return err
-			}
-			if err := retryWithInterval(ctx, logger, sshRetryInterval, sshMaxAttempts, fetchVersion); err != nil {
+			templateVersion, err := client.TemplateVersion(ctx, workspace.LatestBuild.TemplateVersionID)
+			if err != nil {
 				return err
 			}
 
@@ -410,12 +347,8 @@ func (r *RootCmd) ssh() *serpent.Command {
 			// If we're in stdio mode, check to see if we can use Coder Connect.
 			// We don't support Coder Connect over non-stdio coder ssh yet.
 			if stdio && !forceNewTunnel {
-				var connInfo workspacesdk.AgentConnectionInfo
-				if err := retryWithInterval(ctx, logger, sshRetryInterval, sshMaxAttempts, func() error {
-					var err error
-					connInfo, err = wsClient.AgentConnectionInfoGeneric(ctx)
-					return err
-				}); err != nil {
+				connInfo, err := wsClient.AgentConnectionInfoGeneric(ctx)
+				if err != nil {
 					return xerrors.Errorf("get agent connection info: %w", err)
 				}
 				coderConnectHost := fmt.Sprintf("%s.%s.%s.%s",
@@ -451,27 +384,23 @@ func (r *RootCmd) ssh() *serpent.Command {
 						})
 						defer closeUsage()
 					}
-					return runCoderConnectStdio(ctx, fmt.Sprintf("%s:22", coderConnectHost), stdioReader, stdioWriter, stack, logger)
+					return runCoderConnectStdio(ctx, fmt.Sprintf("%s:22", coderConnectHost), stdioReader, stdioWriter, stack)
 				}
 			}
 
 			if r.disableDirect {
 				_, _ = fmt.Fprintln(inv.Stderr, "Direct connections disabled.")
 			}
-			var conn workspacesdk.AgentConn
-			if err := retryWithInterval(ctx, logger, sshRetryInterval, sshMaxAttempts, func() error {
-				var err error
-				conn, err = wsClient.DialAgent(ctx, workspaceAgent.ID, &workspacesdk.DialAgentOptions{
+			conn, err := wsClient.
+				DialAgent(ctx, workspaceAgent.ID, &workspacesdk.DialAgentOptions{
 					Logger:          logger,
 					BlockEndpoints:  r.disableDirect,
 					EnableTelemetry: !r.disableNetworkTelemetry,
 				})
-				return err
-			}); err != nil {
+			if err != nil {
 				return xerrors.Errorf("dial agent: %w", err)
 			}
 			if err = stack.push("agent conn", conn); err != nil {
-				_ = conn.Close()
 				return err
 			}
 			conn.AwaitReachable(ctx)
@@ -1649,27 +1578,16 @@ func WithTestOnlyCoderConnectDialer(ctx context.Context, dialer coderConnectDial
 func testOrDefaultDialer(ctx context.Context) coderConnectDialer {
 	dialer, ok := ctx.Value(coderConnectDialerContextKey{}).(coderConnectDialer)
 	if !ok || dialer == nil {
-		// Timeout prevents hanging on broken tunnels (OS default is very long).
-		return &net.Dialer{
-			Timeout:   5 * time.Second,
-			KeepAlive: 30 * time.Second,
-		}
+		return &net.Dialer{}
 	}
 	return dialer
 }
 
-func runCoderConnectStdio(ctx context.Context, addr string, stdin io.Reader, stdout io.Writer, stack *closerStack, logger slog.Logger) error {
+func runCoderConnectStdio(ctx context.Context, addr string, stdin io.Reader, stdout io.Writer, stack *closerStack) error {
 	dialer := testOrDefaultDialer(ctx)
-	var conn net.Conn
-	if err := retryWithInterval(ctx, logger, sshRetryInterval, sshMaxAttempts, func() error {
-		var err error
-		conn, err = dialer.DialContext(ctx, "tcp", addr)
-		if err != nil {
-			return xerrors.Errorf("dial coder connect host %q over tcp: %w", addr, err)
-		}
-		return nil
-	}); err != nil {
-		return err
+	conn, err := dialer.DialContext(ctx, "tcp", addr)
+	if err != nil {
+		return xerrors.Errorf("dial coder connect host: %w", err)
 	}
 	if err := stack.push("tcp conn", conn); err != nil {
 		return err

cli/ssh_internal_test.go

@@ -5,9 +5,7 @@ import (
 	"fmt"
 	"io"
 	"net"
-	"net/http"
 	"net/url"
-	"os"
 	"sync"
 	"testing"
 	"time"
@@ -228,41 +226,6 @@ func TestCloserStack_Timeout(t *testing.T) {
 	testutil.TryReceive(ctx, t, closed)
 }
 
-func TestCloserStack_PushAfterClose_ConnClosed(t *testing.T) {
-	t.Parallel()
-	ctx := testutil.Context(t, testutil.WaitShort)
-	logger := slogtest.Make(t, &slogtest.Options{IgnoreErrors: true}).Leveled(slog.LevelDebug)
-	uut := newCloserStack(ctx, logger, quartz.NewMock(t))
-
-	uut.close(xerrors.New("canceled"))
-
-	closes := new([]*fakeCloser)
-	fc := &fakeCloser{closes: closes}
-	err := uut.push("conn", fc)
-	require.Error(t, err)
-	require.Equal(t, []*fakeCloser{fc}, *closes, "should close conn on failed push")
-}
-
-func TestCoderConnectDialer_DefaultTimeout(t *testing.T) {
-	t.Parallel()
-	ctx := context.Background()
-
-	dialer := testOrDefaultDialer(ctx)
-	d, ok := dialer.(*net.Dialer)
-	require.True(t, ok, "expected *net.Dialer")
-	assert.Equal(t, 5*time.Second, d.Timeout)
-	assert.Equal(t, 30*time.Second, d.KeepAlive)
-}
-
-func TestCoderConnectDialer_Overridden(t *testing.T) {
-	t.Parallel()
-	custom := &net.Dialer{Timeout: 99 * time.Second}
-	ctx := WithTestOnlyCoderConnectDialer(context.Background(), custom)
-
-	dialer := testOrDefaultDialer(ctx)
-	assert.Equal(t, custom, dialer)
-}
-
 func TestCoderConnectStdio(t *testing.T) {
 	t.Parallel()
 
@@ -291,7 +254,7 @@ func TestCoderConnectStdio(t *testing.T) {
 
 	stdioDone := make(chan struct{})
 	go func() {
-		err = runCoderConnectStdio(ctx, ln.Addr().String(), clientOutput, serverInput, stack, logger)
+		err = runCoderConnectStdio(ctx, ln.Addr().String(), clientOutput, serverInput, stack)
 		assert.NoError(t, err)
 		close(stdioDone)
 	}()
@@ -485,131 +448,3 @@ func Test_getWorkspaceAgent(t *testing.T) {
 		assert.Contains(t, err.Error(), "available agents: [clark krypton zod]")
 	})
 }
-
-func TestIsRetryableError(t *testing.T) {
-	t.Parallel()
-
-	tests := []struct {
-		name      string
-		err       error
-		retryable bool
-	}{
-		{"Nil", nil, false},
-		{"ContextCanceled", context.Canceled, false},
-		{"ContextDeadlineExceeded", context.DeadlineExceeded, false},
-		{"WrappedContextCanceled", xerrors.Errorf("wrapped: %w", context.Canceled), false},
-		{"DNSError", &net.DNSError{Err: "no such host", Name: "example.com", IsNotFound: true}, true},
-		{"OpError", &net.OpError{Op: "dial", Net: "tcp", Err: &os.SyscallError{}}, true},
-		{"WrappedDNSError", xerrors.Errorf("connect: %w", &net.DNSError{Err: "no such host", Name: "example.com"}), true},
-		{"SDKError_500", codersdk.NewTestError(http.StatusInternalServerError, "GET", "/api"), true},
-		{"SDKError_502", codersdk.NewTestError(http.StatusBadGateway, "GET", "/api"), true},
-		{"SDKError_503", codersdk.NewTestError(http.StatusServiceUnavailable, "GET", "/api"), true},
-		{"SDKError_401", codersdk.NewTestError(http.StatusUnauthorized, "GET", "/api"), false},
-		{"SDKError_403", codersdk.NewTestError(http.StatusForbidden, "GET", "/api"), false},
-		{"SDKError_404", codersdk.NewTestError(http.StatusNotFound, "GET", "/api"), false},
-		{"GenericError", xerrors.New("something went wrong"), false},
-	}
-
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			t.Parallel()
-			assert.Equal(t, tt.retryable, isRetryableError(tt.err))
-		})
-	}
-
-	// net.Dialer.Timeout produces *net.OpError that matches both
-	// IsConnectionError and context.DeadlineExceeded. Verify it is retryable.
-	t.Run("DialTimeout", func(t *testing.T) {
-		t.Parallel()
-		ctx, cancel := context.WithDeadline(context.Background(), time.Now())
-		defer cancel()
-		<-ctx.Done() // ensure deadline has fired
-		_, err := (&net.Dialer{}).DialContext(ctx, "tcp", "127.0.0.1:1")
-		require.Error(t, err)
-		// Proves the ambiguity: this error matches BOTH checks.
-		require.ErrorIs(t, err, context.DeadlineExceeded)
-		require.ErrorAs(t, err, new(*net.OpError))
-		assert.True(t, isRetryableError(err))
-		// Also when wrapped, as runCoderConnectStdio does.
-		assert.True(t, isRetryableError(xerrors.Errorf("dial coder connect: %w", err)))
-	})
-}
-
-func TestRetryWithInterval(t *testing.T) {
-	t.Parallel()
-
-	const interval = time.Millisecond
-	const maxAttempts = 3
-
-	dnsErr := &net.DNSError{Err: "no such host", Name: "example.com", IsNotFound: true}
-	logger := slogtest.Make(t, nil).Leveled(slog.LevelDebug)
-
-	t.Run("Succeeds_FirstTry", func(t *testing.T) {
-		t.Parallel()
-		ctx := testutil.Context(t, testutil.WaitShort)
-
-		attempts := 0
-		err := retryWithInterval(ctx, logger, interval, maxAttempts, func() error {
-			attempts++
-			return nil
-		})
-		require.NoError(t, err)
-		assert.Equal(t, 1, attempts)
-	})
-
-	t.Run("Succeeds_AfterTransientFailures", func(t *testing.T) {
-		t.Parallel()
-		ctx := testutil.Context(t, testutil.WaitShort)
-
-		attempts := 0
-		err := retryWithInterval(ctx, logger, interval, maxAttempts, func() error {
-			attempts++
-			if attempts < 3 {
-				return dnsErr
-			}
-			return nil
-		})
-		require.NoError(t, err)
-		assert.Equal(t, 3, attempts)
-	})
-
-	t.Run("Stops_NonRetryableError", func(t *testing.T) {
-		t.Parallel()
-		ctx := testutil.Context(t, testutil.WaitShort)
-
-		attempts := 0
-		err := retryWithInterval(ctx, logger, interval, maxAttempts, func() error {
-			attempts++
-			return xerrors.New("permanent failure")
-		})
-		require.ErrorContains(t, err, "permanent failure")
-		assert.Equal(t, 1, attempts)
-	})
-
-	t.Run("Stops_MaxAttemptsExhausted", func(t *testing.T) {
-		t.Parallel()
-		ctx := testutil.Context(t, testutil.WaitShort)
-
-		attempts := 0
-		err := retryWithInterval(ctx, logger, interval, maxAttempts, func() error {
-			attempts++
-			return dnsErr
-		})
-		require.Error(t, err)
-		assert.Equal(t, maxAttempts, attempts)
-	})
-
-	t.Run("Stops_ContextCanceled", func(t *testing.T) {
-		t.Parallel()
-		ctx, cancel := context.WithCancel(context.Background())
-
-		attempts := 0
-		err := retryWithInterval(ctx, logger, interval, maxAttempts, func() error {
-			attempts++
-			cancel()
-			return dnsErr
-		})
-		require.Error(t, err)
-		assert.Equal(t, 1, attempts)
-	})
-}

cli/testdata/coder_agent_--help.golden

@@ -39,12 +39,6 @@ OPTIONS:
       --block-file-transfer bool, $CODER_AGENT_BLOCK_FILE_TRANSFER (default: false)
           Block file transfer using known applications: nc,rsync,scp,sftp.
 
-      --block-local-port-forwarding bool, $CODER_AGENT_BLOCK_LOCAL_PORT_FORWARDING (default: false)
-          Block local port forwarding through the SSH server (ssh -L).
-
-      --block-reverse-port-forwarding bool, $CODER_AGENT_BLOCK_REVERSE_PORT_FORWARDING (default: false)
-          Block reverse port forwarding through the SSH server (ssh -R).
-
       --boundary-log-proxy-socket-path string, $CODER_AGENT_BOUNDARY_LOG_PROXY_SOCKET_PATH (default: /tmp/boundary-audit.sock)
           The path for the boundary log proxy server Unix socket. Boundary
           should write audit logs to this socket.

cli/testdata/coder_server_--help.golden

@@ -773,41 +773,6 @@ OIDC OPTIONS:
           requirement, and can lead to an insecure OIDC configuration. It is not
           recommended to use this flag.
 
-OBJECT STORE OPTIONS: 
-Configure the object storage backend for binary data (chat files, transcripts,
-etc.). Defaults to local filesystem storage.
-
-      --objectstore-backend string, $CODER_OBJECTSTORE_BACKEND (default: local)
-          The storage backend for binary data such as chat files. Valid values:
-          local, s3, gcs.
-
-      --objectstore-gcs-bucket string, $CODER_OBJECTSTORE_GCS_BUCKET
-          GCS bucket name. Required when the backend is "gcs".
-
-      --objectstore-gcs-credentials-file string, $CODER_OBJECTSTORE_GCS_CREDENTIALS_FILE
-          Path to a GCS service account key file. If empty, Application Default
-          Credentials are used.
-
-      --objectstore-gcs-prefix string, $CODER_OBJECTSTORE_GCS_PREFIX
-          Optional key prefix within the GCS bucket.
-
-      --objectstore-local-dir string, $CODER_OBJECTSTORE_LOCAL_DIR
-          Root directory for the local filesystem object store backend. Only
-          used when the backend is "local".
-
-      --objectstore-s3-bucket string, $CODER_OBJECTSTORE_S3_BUCKET
-          S3 bucket name. Required when the backend is "s3".
-
-      --objectstore-s3-endpoint string, $CODER_OBJECTSTORE_S3_ENDPOINT
-          Custom S3-compatible endpoint URL (e.g. for MinIO, R2, Cloudflare).
-          Leave empty for standard AWS S3.
-
-      --objectstore-s3-prefix string, $CODER_OBJECTSTORE_S3_PREFIX
-          Optional key prefix within the S3 bucket.
-
-      --objectstore-s3-region string, $CODER_OBJECTSTORE_S3_REGION
-          AWS region for the S3 bucket.
-
 PROVISIONING OPTIONS: 
 Tune the behavior of the provisioner, which is responsible for creating,
 updating, and deleting workspace resources.

cli/testdata/server-config.yaml.golden

@@ -908,37 +908,3 @@ retention:
   # build are always retained. Set to 0 to disable automatic deletion.
   # (default: 7d, type: duration)
   workspace_agent_logs: 168h0m0s
-# Configure the object storage backend for binary data (chat files, transcripts,
-# etc.). Defaults to local filesystem storage.
-objectStore:
-  # The storage backend for binary data such as chat files. Valid values: local, s3,
-  # gcs.
-  # (default: local, type: string)
-  backend: local
-  # Root directory for the local filesystem object store backend. Only used when the
-  # backend is "local".
-  # (default: <unset>, type: string)
-  local_dir: ""
-  # S3 bucket name. Required when the backend is "s3".
-  # (default: <unset>, type: string)
-  s3_bucket: ""
-  # AWS region for the S3 bucket.
-  # (default: <unset>, type: string)
-  s3_region: ""
-  # Optional key prefix within the S3 bucket.
-  # (default: <unset>, type: string)
-  s3_prefix: ""
-  # Custom S3-compatible endpoint URL (e.g. for MinIO, R2, Cloudflare). Leave empty
-  # for standard AWS S3.
-  # (default: <unset>, type: string)
-  s3_endpoint: ""
-  # GCS bucket name. Required when the backend is "gcs".
-  # (default: <unset>, type: string)
-  gcs_bucket: ""
-  # Optional key prefix within the GCS bucket.
-  # (default: <unset>, type: string)
-  gcs_prefix: ""
-  # Path to a GCS service account key file. If empty, Application Default
-  # Credentials are used.
-  # (default: <unset>, type: string)
-  gcs_credentials_file: ""

cli/usercreate_test.go

@@ -134,7 +134,6 @@ func TestUserCreate(t *testing.T) {
 		{
 			name: "ServiceAccount",
 			args: []string{"--service-account", "-u", "dean"},
-			err:  "Premium feature",
 		},
 		{
 			name: "ServiceAccountLoginType",

coderd/agentapi/connectionlog.go

@@ -85,7 +85,7 @@ func (a *ConnLogAPI) ReportConnection(ctx context.Context, req *agentproto.Repor
 		AgentName:        a.AgentName,
 		Type:             connectionType,
 		Code:             code,
-		IP:               logIP,
+		Ip:               logIP,
 		ConnectionID: uuid.NullUUID{
 			UUID:  connectionID,
 			Valid: true,

coderd/agentapi/connectionlog_test.go

@@ -152,7 +152,7 @@ func TestConnectionLog(t *testing.T) {
 					Int32: tt.status,
 					Valid: *tt.action == agentproto.Connection_DISCONNECT,
 				},
-				IP:   expectedIP,
+				Ip:   expectedIP,
 				Type: agentProtoConnectionTypeToConnectionLog(t, *tt.typ),
 				DisconnectReason: sql.NullString{
 					String: tt.reason,

coderd/agentapi/logs.go

@@ -77,9 +77,8 @@ func (a *LogsAPI) BatchCreateLogs(ctx context.Context, req *agentproto.BatchCrea
 	level := make([]database.LogLevel, 0)
 	outputLength := 0
 	for _, logEntry := range req.Logs {
-		sanitizedOutput := agentsdk.SanitizeLogOutput(logEntry.Output)
-		output = append(output, sanitizedOutput)
-		outputLength += len(sanitizedOutput)
+		output = append(output, logEntry.Output)
+		outputLength += len(logEntry.Output)
 
 		var dbLevel database.LogLevel
 		switch logEntry.Level {

coderd/agentapi/logs_test.go

@@ -139,59 +139,6 @@ func TestBatchCreateLogs(t *testing.T) {
 		require.True(t, publishWorkspaceAgentLogsUpdateCalled)
 	})
 
-	t.Run("SanitizesOutput", func(t *testing.T) {
-		t.Parallel()
-
-		dbM := dbmock.NewMockStore(gomock.NewController(t))
-		now := dbtime.Now()
-		api := &agentapi.LogsAPI{
-			AgentFn: func(context.Context) (database.WorkspaceAgent, error) {
-				return agent, nil
-			},
-			Database: dbM,
-			Log:      testutil.Logger(t),
-			TimeNowFn: func() time.Time {
-				return now
-			},
-		}
-
-		rawOutput := "before\x00middle\xc3\x28after"
-		sanitizedOutput := agentsdk.SanitizeLogOutput(rawOutput)
-		expectedOutputLength := int32(len(sanitizedOutput)) //nolint:gosec // Test-controlled string length is small.
-		req := &agentproto.BatchCreateLogsRequest{
-			LogSourceId: logSource.ID[:],
-			Logs: []*agentproto.Log{
-				{
-					CreatedAt: timestamppb.New(now),
-					Level:     agentproto.Log_WARN,
-					Output:    rawOutput,
-				},
-			},
-		}
-
-		dbM.EXPECT().InsertWorkspaceAgentLogs(gomock.Any(), database.InsertWorkspaceAgentLogsParams{
-			AgentID:      agent.ID,
-			LogSourceID:  logSource.ID,
-			CreatedAt:    now,
-			Output:       []string{sanitizedOutput},
-			Level:        []database.LogLevel{database.LogLevelWarn},
-			OutputLength: expectedOutputLength,
-		}).Return([]database.WorkspaceAgentLog{
-			{
-				AgentID:     agent.ID,
-				CreatedAt:   now,
-				ID:          1,
-				Output:      sanitizedOutput,
-				Level:       database.LogLevelWarn,
-				LogSourceID: logSource.ID,
-			},
-		}, nil)
-
-		resp, err := api.BatchCreateLogs(context.Background(), req)
-		require.NoError(t, err)
-		require.Equal(t, &agentproto.BatchCreateLogsResponse{}, resp)
-	})
-
 	t.Run("NoWorkspacePublishIfNotFirstLogs", func(t *testing.T) {
 		t.Parallel()
 

coderd/apidoc/docs.go

@@ -1266,68 +1266,6 @@ const docTemplate = `{
                 ]
             }
         },
-        "/experimental/chats/config/retention-days": {
-            "get": {
-                "produces": [
-                    "application/json"
-                ],
-                "tags": [
-                    "Chats"
-                ],
-                "summary": "Get chat retention days",
-                "operationId": "get-chat-retention-days",
-                "responses": {
-                    "200": {
-                        "description": "OK",
-                        "schema": {
-                            "$ref": "#/definitions/codersdk.ChatRetentionDaysResponse"
-                        }
-                    }
-                },
-                "security": [
-                    {
-                        "CoderSessionToken": []
-                    }
-                ],
-                "x-apidocgen": {
-                    "skip": true
-                }
-            },
-            "put": {
-                "consumes": [
-                    "application/json"
-                ],
-                "tags": [
-                    "Chats"
-                ],
-                "summary": "Update chat retention days",
-                "operationId": "update-chat-retention-days",
-                "parameters": [
-                    {
-                        "description": "Request body",
-                        "name": "request",
-                        "in": "body",
-                        "required": true,
-                        "schema": {
-                            "$ref": "#/definitions/codersdk.UpdateChatRetentionDaysRequest"
-                        }
-                    }
-                ],
-                "responses": {
-                    "204": {
-                        "description": "No Content"
-                    }
-                },
-                "security": [
-                    {
-                        "CoderSessionToken": []
-                    }
-                ],
-                "x-apidocgen": {
-                    "skip": true
-                }
-            }
-        },
         "/experimental/watch-all-workspacebuilds": {
             "get": {
                 "produces": [
@@ -9514,212 +9452,6 @@ const docTemplate = `{
                 ]
             }
         },
-        "/users/{user}/secrets": {
-            "get": {
-                "produces": [
-                    "application/json"
-                ],
-                "tags": [
-                    "Secrets"
-                ],
-                "summary": "List user secrets",
-                "operationId": "list-user-secrets",
-                "parameters": [
-                    {
-                        "type": "string",
-                        "description": "User ID, username, or me",
-                        "name": "user",
-                        "in": "path",
-                        "required": true
-                    }
-                ],
-                "responses": {
-                    "200": {
-                        "description": "OK",
-                        "schema": {
-                            "type": "array",
-                            "items": {
-                                "$ref": "#/definitions/codersdk.UserSecret"
-                            }
-                        }
-                    }
-                },
-                "security": [
-                    {
-                        "CoderSessionToken": []
-                    }
-                ]
-            },
-            "post": {
-                "consumes": [
-                    "application/json"
-                ],
-                "produces": [
-                    "application/json"
-                ],
-                "tags": [
-                    "Secrets"
-                ],
-                "summary": "Create a new user secret",
-                "operationId": "create-a-new-user-secret",
-                "parameters": [
-                    {
-                        "type": "string",
-                        "description": "User ID, username, or me",
-                        "name": "user",
-                        "in": "path",
-                        "required": true
-                    },
-                    {
-                        "description": "Create secret request",
-                        "name": "request",
-                        "in": "body",
-                        "required": true,
-                        "schema": {
-                            "$ref": "#/definitions/codersdk.CreateUserSecretRequest"
-                        }
-                    }
-                ],
-                "responses": {
-                    "201": {
-                        "description": "Created",
-                        "schema": {
-                            "$ref": "#/definitions/codersdk.UserSecret"
-                        }
-                    }
-                },
-                "security": [
-                    {
-                        "CoderSessionToken": []
-                    }
-                ]
-            }
-        },
-        "/users/{user}/secrets/{name}": {
-            "get": {
-                "produces": [
-                    "application/json"
-                ],
-                "tags": [
-                    "Secrets"
-                ],
-                "summary": "Get a user secret by name",
-                "operationId": "get-a-user-secret-by-name",
-                "parameters": [
-                    {
-                        "type": "string",
-                        "description": "User ID, username, or me",
-                        "name": "user",
-                        "in": "path",
-                        "required": true
-                    },
-                    {
-                        "type": "string",
-                        "description": "Secret name",
-                        "name": "name",
-                        "in": "path",
-                        "required": true
-                    }
-                ],
-                "responses": {
-                    "200": {
-                        "description": "OK",
-                        "schema": {
-                            "$ref": "#/definitions/codersdk.UserSecret"
-                        }
-                    }
-                },
-                "security": [
-                    {
-                        "CoderSessionToken": []
-                    }
-                ]
-            },
-            "delete": {
-                "tags": [
-                    "Secrets"
-                ],
-                "summary": "Delete a user secret",
-                "operationId": "delete-a-user-secret",
-                "parameters": [
-                    {
-                        "type": "string",
-                        "description": "User ID, username, or me",
-                        "name": "user",
-                        "in": "path",
-                        "required": true
-                    },
-                    {
-                        "type": "string",
-                        "description": "Secret name",
-                        "name": "name",
-                        "in": "path",
-                        "required": true
-                    }
-                ],
-                "responses": {
-                    "204": {
-                        "description": "No Content"
-                    }
-                },
-                "security": [
-                    {
-                        "CoderSessionToken": []
-                    }
-                ]
-            },
-            "patch": {
-                "consumes": [
-                    "application/json"
-                ],
-                "produces": [
-                    "application/json"
-                ],
-                "tags": [
-                    "Secrets"
-                ],
-                "summary": "Update a user secret",
-                "operationId": "update-a-user-secret",
-                "parameters": [
-                    {
-                        "type": "string",
-                        "description": "User ID, username, or me",
-                        "name": "user",
-                        "in": "path",
-                        "required": true
-                    },
-                    {
-                        "type": "string",
-                        "description": "Secret name",
-                        "name": "name",
-                        "in": "path",
-                        "required": true
-                    },
-                    {
-                        "description": "Update secret request",
-                        "name": "request",
-                        "in": "body",
-                        "required": true,
-                        "schema": {
-                            "$ref": "#/definitions/codersdk.UpdateUserSecretRequest"
-                        }
-                    }
-                ],
-                "responses": {
-                    "200": {
-                        "description": "OK",
-                        "schema": {
-                            "$ref": "#/definitions/codersdk.UserSecret"
-                        }
-                    }
-                },
-                "security": [
-                    {
-                        "CoderSessionToken": []
-                    }
-                ]
-            }
-        },
         "/users/{user}/status/activate": {
             "put": {
                 "produces": [
@@ -10473,26 +10205,12 @@ const docTemplate = `{
                 ],
                 "summary": "Get workspace agent reinitialization",
                 "operationId": "get-workspace-agent-reinitialization",
-                "parameters": [
-                    {
-                        "type": "boolean",
-                        "description": "Opt in to durable reinit checks",
-                        "name": "wait",
-                        "in": "query"
-                    }
-                ],
                 "responses": {
                     "200": {
                         "description": "OK",
                         "schema": {
                             "$ref": "#/definitions/agentsdk.ReinitializationEvent"
                         }
-                    },
-                    "409": {
-                        "description": "Conflict",
-                        "schema": {
-                            "$ref": "#/definitions/codersdk.Response"
-                        }
                     }
                 },
                 "security": [
@@ -12929,16 +12647,11 @@ const docTemplate = `{
         "agentsdk.ReinitializationEvent": {
             "type": "object",
             "properties": {
-                "owner_id": {
-                    "type": "string",
-                    "format": "uuid"
-                },
                 "reason": {
                     "$ref": "#/definitions/agentsdk.ReinitializationReason"
                 },
-                "workspace_id": {
-                    "type": "string",
-                    "format": "uuid"
+                "workspaceID": {
+                    "type": "string"
                 }
             }
         },
@@ -13401,12 +13114,6 @@ const docTemplate = `{
         "codersdk.AIBridgeSessionThreadsTokenUsage": {
             "type": "object",
             "properties": {
-                "cache_read_input_tokens": {
-                    "type": "integer"
-                },
-                "cache_write_input_tokens": {
-                    "type": "integer"
-                },
                 "input_tokens": {
                     "type": "integer"
                 },
@@ -13422,12 +13129,6 @@ const docTemplate = `{
         "codersdk.AIBridgeSessionTokenUsageSummary": {
             "type": "object",
             "properties": {
-                "cache_read_input_tokens": {
-                    "type": "integer"
-                },
-                "cache_write_input_tokens": {
-                    "type": "integer"
-                },
                 "input_tokens": {
                     "type": "integer"
                 },
@@ -13445,12 +13146,6 @@ const docTemplate = `{
                         "$ref": "#/definitions/codersdk.AIBridgeAgenticAction"
                     }
                 },
-                "credential_hint": {
-                    "type": "string"
-                },
-                "credential_kind": {
-                    "type": "string"
-                },
                 "ended_at": {
                     "type": "string",
                     "format": "date-time"
@@ -13480,12 +13175,6 @@ const docTemplate = `{
         "codersdk.AIBridgeTokenUsage": {
             "type": "object",
             "properties": {
-                "cache_read_input_tokens": {
-                    "type": "integer"
-                },
-                "cache_write_input_tokens": {
-                    "type": "integer"
-                },
                 "created_at": {
                     "type": "string",
                     "format": "date-time"
@@ -14449,9 +14138,6 @@ const docTemplate = `{
                 },
                 "count": {
                     "type": "integer"
-                },
-                "count_cap": {
-                    "type": "integer"
                 }
             }
         },
@@ -14694,14 +14380,6 @@ const docTemplate = `{
                 }
             }
         },
-        "codersdk.ChatRetentionDaysResponse": {
-            "type": "object",
-            "properties": {
-                "retention_days": {
-                    "type": "integer"
-                }
-            }
-        },
         "codersdk.ConnectionLatency": {
             "type": "object",
             "properties": {
@@ -14781,9 +14459,6 @@ const docTemplate = `{
                 },
                 "count": {
                     "type": "integer"
-                },
-                "count_cap": {
-                    "type": "integer"
                 }
             }
         },
@@ -14871,17 +14546,6 @@ const docTemplate = `{
                 }
             }
         },
-        "codersdk.CreateFirstUserOnboardingInfo": {
-            "type": "object",
-            "properties": {
-                "newsletter_marketing": {
-                    "type": "boolean"
-                },
-                "newsletter_releases": {
-                    "type": "boolean"
-                }
-            }
-        },
         "codersdk.CreateFirstUserRequest": {
             "type": "object",
             "required": [
@@ -14896,9 +14560,6 @@ const docTemplate = `{
                 "name": {
                     "type": "string"
                 },
-                "onboarding_info": {
-                    "$ref": "#/definitions/codersdk.CreateFirstUserOnboardingInfo"
-                },
                 "password": {
                     "type": "string"
                 },
@@ -15354,26 +15015,6 @@ const docTemplate = `{
                 }
             }
         },
-        "codersdk.CreateUserSecretRequest": {
-            "type": "object",
-            "properties": {
-                "description": {
-                    "type": "string"
-                },
-                "env_name": {
-                    "type": "string"
-                },
-                "file_path": {
-                    "type": "string"
-                },
-                "name": {
-                    "type": "string"
-                },
-                "value": {
-                    "type": "string"
-                }
-            }
-        },
         "codersdk.CreateWorkspaceBuildReason": {
             "type": "string",
             "enum": [
@@ -15925,9 +15566,6 @@ const docTemplate = `{
                 "oauth2": {
                     "$ref": "#/definitions/codersdk.OAuth2Config"
                 },
-                "object_store": {
-                    "$ref": "#/definitions/codersdk.ObjectStoreConfig"
-                },
                 "oidc": {
                     "$ref": "#/definitions/codersdk.OIDCConfig"
                 },
@@ -17944,47 +17582,6 @@ const docTemplate = `{
                 }
             }
         },
-        "codersdk.ObjectStoreConfig": {
-            "type": "object",
-            "properties": {
-                "backend": {
-                    "description": "Backend selects the storage backend: \"local\" (default), \"s3\", or \"gcs\".",
-                    "type": "string"
-                },
-                "gcs_bucket": {
-                    "description": "GCSBucket is the GCS bucket name. Required when Backend is \"gcs\".",
-                    "type": "string"
-                },
-                "gcs_credentials_file": {
-                    "description": "GCSCredentialsFile is an optional path to a GCS service account\nkey file. If empty, Application Default Credentials are used.",
-                    "type": "string"
-                },
-                "gcs_prefix": {
-                    "description": "GCSPrefix is an optional key prefix within the GCS bucket.",
-                    "type": "string"
-                },
-                "local_dir": {
-                    "description": "LocalDir is the root directory for the local filesystem backend.\nOnly used when Backend is \"local\". Defaults to \u003cconfig-dir\u003e/objectstore/.",
-                    "type": "string"
-                },
-                "s3_bucket": {
-                    "description": "S3Bucket is the S3 bucket name. Required when Backend is \"s3\".",
-                    "type": "string"
-                },
-                "s3_endpoint": {
-                    "description": "S3Endpoint is a custom S3-compatible endpoint URL (for MinIO, R2, etc.).",
-                    "type": "string"
-                },
-                "s3_prefix": {
-                    "description": "S3Prefix is an optional key prefix within the S3 bucket.",
-                    "type": "string"
-                },
-                "s3_region": {
-                    "description": "S3Region is the AWS region for the S3 bucket.",
-                    "type": "string"
-                }
-            }
-        },
         "codersdk.OptionType": {
             "type": "string",
             "enum": [
@@ -21298,14 +20895,6 @@ const docTemplate = `{
                 }
             }
         },
-        "codersdk.UpdateChatRetentionDaysRequest": {
-            "type": "object",
-            "properties": {
-                "retention_days": {
-                    "type": "integer"
-                }
-            }
-        },
         "codersdk.UpdateCheckResponse": {
             "type": "object",
             "properties": {
@@ -21547,23 +21136,6 @@ const docTemplate = `{
                 }
             }
         },
-        "codersdk.UpdateUserSecretRequest": {
-            "type": "object",
-            "properties": {
-                "description": {
-                    "type": "string"
-                },
-                "env_name": {
-                    "type": "string"
-                },
-                "file_path": {
-                    "type": "string"
-                },
-                "value": {
-                    "type": "string"
-                }
-            }
-        },
         "codersdk.UpdateWorkspaceACL": {
             "type": "object",
             "properties": {
@@ -22019,35 +21591,6 @@ const docTemplate = `{
                 }
             }
         },
-        "codersdk.UserSecret": {
-            "type": "object",
-            "properties": {
-                "created_at": {
-                    "type": "string",
-                    "format": "date-time"
-                },
-                "description": {
-                    "type": "string"
-                },
-                "env_name": {
-                    "type": "string"
-                },
-                "file_path": {
-                    "type": "string"
-                },
-                "id": {
-                    "type": "string",
-                    "format": "uuid"
-                },
-                "name": {
-                    "type": "string"
-                },
-                "updated_at": {
-                    "type": "string",
-                    "format": "date-time"
-                }
-            }
-        },
         "codersdk.UserStatus": {
             "type": "string",
             "enum": [

coderd/apidoc/swagger.json

@@ -1103,60 +1103,6 @@
 				]
 			}
 		},
-		"/experimental/chats/config/retention-days": {
-			"get": {
-				"produces": ["application/json"],
-				"tags": ["Chats"],
-				"summary": "Get chat retention days",
-				"operationId": "get-chat-retention-days",
-				"responses": {
-					"200": {
-						"description": "OK",
-						"schema": {
-							"$ref": "#/definitions/codersdk.ChatRetentionDaysResponse"
-						}
-					}
-				},
-				"security": [
-					{
-						"CoderSessionToken": []
-					}
-				],
-				"x-apidocgen": {
-					"skip": true
-				}
-			},
-			"put": {
-				"consumes": ["application/json"],
-				"tags": ["Chats"],
-				"summary": "Update chat retention days",
-				"operationId": "update-chat-retention-days",
-				"parameters": [
-					{
-						"description": "Request body",
-						"name": "request",
-						"in": "body",
-						"required": true,
-						"schema": {
-							"$ref": "#/definitions/codersdk.UpdateChatRetentionDaysRequest"
-						}
-					}
-				],
-				"responses": {
-					"204": {
-						"description": "No Content"
-					}
-				},
-				"security": [
-					{
-						"CoderSessionToken": []
-					}
-				],
-				"x-apidocgen": {
-					"skip": true
-				}
-			}
-		},
 		"/experimental/watch-all-workspacebuilds": {
 			"get": {
 				"produces": ["application/json"],
@@ -8431,190 +8377,6 @@
 				]
 			}
 		},
-		"/users/{user}/secrets": {
-			"get": {
-				"produces": ["application/json"],
-				"tags": ["Secrets"],
-				"summary": "List user secrets",
-				"operationId": "list-user-secrets",
-				"parameters": [
-					{
-						"type": "string",
-						"description": "User ID, username, or me",
-						"name": "user",
-						"in": "path",
-						"required": true
-					}
-				],
-				"responses": {
-					"200": {
-						"description": "OK",
-						"schema": {
-							"type": "array",
-							"items": {
-								"$ref": "#/definitions/codersdk.UserSecret"
-							}
-						}
-					}
-				},
-				"security": [
-					{
-						"CoderSessionToken": []
-					}
-				]
-			},
-			"post": {
-				"consumes": ["application/json"],
-				"produces": ["application/json"],
-				"tags": ["Secrets"],
-				"summary": "Create a new user secret",
-				"operationId": "create-a-new-user-secret",
-				"parameters": [
-					{
-						"type": "string",
-						"description": "User ID, username, or me",
-						"name": "user",
-						"in": "path",
-						"required": true
-					},
-					{
-						"description": "Create secret request",
-						"name": "request",
-						"in": "body",
-						"required": true,
-						"schema": {
-							"$ref": "#/definitions/codersdk.CreateUserSecretRequest"
-						}
-					}
-				],
-				"responses": {
-					"201": {
-						"description": "Created",
-						"schema": {
-							"$ref": "#/definitions/codersdk.UserSecret"
-						}
-					}
-				},
-				"security": [
-					{
-						"CoderSessionToken": []
-					}
-				]
-			}
-		},
-		"/users/{user}/secrets/{name}": {
-			"get": {
-				"produces": ["application/json"],
-				"tags": ["Secrets"],
-				"summary": "Get a user secret by name",
-				"operationId": "get-a-user-secret-by-name",
-				"parameters": [
-					{
-						"type": "string",
-						"description": "User ID, username, or me",
-						"name": "user",
-						"in": "path",
-						"required": true
-					},
-					{
-						"type": "string",
-						"description": "Secret name",
-						"name": "name",
-						"in": "path",
-						"required": true
-					}
-				],
-				"responses": {
-					"200": {
-						"description": "OK",
-						"schema": {
-							"$ref": "#/definitions/codersdk.UserSecret"
-						}
-					}
-				},
-				"security": [
-					{
-						"CoderSessionToken": []
-					}
-				]
-			},
-			"delete": {
-				"tags": ["Secrets"],
-				"summary": "Delete a user secret",
-				"operationId": "delete-a-user-secret",
-				"parameters": [
-					{
-						"type": "string",
-						"description": "User ID, username, or me",
-						"name": "user",
-						"in": "path",
-						"required": true
-					},
-					{
-						"type": "string",
-						"description": "Secret name",
-						"name": "name",
-						"in": "path",
-						"required": true
-					}
-				],
-				"responses": {
-					"204": {
-						"description": "No Content"
-					}
-				},
-				"security": [
-					{
-						"CoderSessionToken": []
-					}
-				]
-			},
-			"patch": {
-				"consumes": ["application/json"],
-				"produces": ["application/json"],
-				"tags": ["Secrets"],
-				"summary": "Update a user secret",
-				"operationId": "update-a-user-secret",
-				"parameters": [
-					{
-						"type": "string",
-						"description": "User ID, username, or me",
-						"name": "user",
-						"in": "path",
-						"required": true
-					},
-					{
-						"type": "string",
-						"description": "Secret name",
-						"name": "name",
-						"in": "path",
-						"required": true
-					},
-					{
-						"description": "Update secret request",
-						"name": "request",
-						"in": "body",
-						"required": true,
-						"schema": {
-							"$ref": "#/definitions/codersdk.UpdateUserSecretRequest"
-						}
-					}
-				],
-				"responses": {
-					"200": {
-						"description": "OK",
-						"schema": {
-							"$ref": "#/definitions/codersdk.UserSecret"
-						}
-					}
-				},
-				"security": [
-					{
-						"CoderSessionToken": []
-					}
-				]
-			}
-		},
 		"/users/{user}/status/activate": {
 			"put": {
 				"produces": ["application/json"],
@@ -9276,26 +9038,12 @@
 				"tags": ["Agents"],
 				"summary": "Get workspace agent reinitialization",
 				"operationId": "get-workspace-agent-reinitialization",
-				"parameters": [
-					{
-						"type": "boolean",
-						"description": "Opt in to durable reinit checks",
-						"name": "wait",
-						"in": "query"
-					}
-				],
 				"responses": {
 					"200": {
 						"description": "OK",
 						"schema": {
 							"$ref": "#/definitions/agentsdk.ReinitializationEvent"
 						}
-					},
-					"409": {
-						"description": "Conflict",
-						"schema": {
-							"$ref": "#/definitions/codersdk.Response"
-						}
 					}
 				},
 				"security": [
@@ -11481,16 +11229,11 @@
 		"agentsdk.ReinitializationEvent": {
 			"type": "object",
 			"properties": {
-				"owner_id": {
-					"type": "string",
-					"format": "uuid"
-				},
 				"reason": {
 					"$ref": "#/definitions/agentsdk.ReinitializationReason"
 				},
-				"workspace_id": {
-					"type": "string",
-					"format": "uuid"
+				"workspaceID": {
+					"type": "string"
 				}
 			}
 		},
@@ -11949,12 +11692,6 @@
 		"codersdk.AIBridgeSessionThreadsTokenUsage": {
 			"type": "object",
 			"properties": {
-				"cache_read_input_tokens": {
-					"type": "integer"
-				},
-				"cache_write_input_tokens": {
-					"type": "integer"
-				},
 				"input_tokens": {
 					"type": "integer"
 				},
@@ -11970,12 +11707,6 @@
 		"codersdk.AIBridgeSessionTokenUsageSummary": {
 			"type": "object",
 			"properties": {
-				"cache_read_input_tokens": {
-					"type": "integer"
-				},
-				"cache_write_input_tokens": {
-					"type": "integer"
-				},
 				"input_tokens": {
 					"type": "integer"
 				},
@@ -11993,12 +11724,6 @@
 						"$ref": "#/definitions/codersdk.AIBridgeAgenticAction"
 					}
 				},
-				"credential_hint": {
-					"type": "string"
-				},
-				"credential_kind": {
-					"type": "string"
-				},
 				"ended_at": {
 					"type": "string",
 					"format": "date-time"
@@ -12028,12 +11753,6 @@
 		"codersdk.AIBridgeTokenUsage": {
 			"type": "object",
 			"properties": {
-				"cache_read_input_tokens": {
-					"type": "integer"
-				},
-				"cache_write_input_tokens": {
-					"type": "integer"
-				},
 				"created_at": {
 					"type": "string",
 					"format": "date-time"
@@ -12983,9 +12702,6 @@
 				},
 				"count": {
 					"type": "integer"
-				},
-				"count_cap": {
-					"type": "integer"
 				}
 			}
 		},
@@ -13207,14 +12923,6 @@
 				}
 			}
 		},
-		"codersdk.ChatRetentionDaysResponse": {
-			"type": "object",
-			"properties": {
-				"retention_days": {
-					"type": "integer"
-				}
-			}
-		},
 		"codersdk.ConnectionLatency": {
 			"type": "object",
 			"properties": {
@@ -13294,9 +13002,6 @@
 				},
 				"count": {
 					"type": "integer"
-				},
-				"count_cap": {
-					"type": "integer"
 				}
 			}
 		},
@@ -13381,17 +13086,6 @@
 				}
 			}
 		},
-		"codersdk.CreateFirstUserOnboardingInfo": {
-			"type": "object",
-			"properties": {
-				"newsletter_marketing": {
-					"type": "boolean"
-				},
-				"newsletter_releases": {
-					"type": "boolean"
-				}
-			}
-		},
 		"codersdk.CreateFirstUserRequest": {
 			"type": "object",
 			"required": ["email", "password", "username"],
@@ -13402,9 +13096,6 @@
 				"name": {
 					"type": "string"
 				},
-				"onboarding_info": {
-					"$ref": "#/definitions/codersdk.CreateFirstUserOnboardingInfo"
-				},
 				"password": {
 					"type": "string"
 				},
@@ -13833,26 +13524,6 @@
 				}
 			}
 		},
-		"codersdk.CreateUserSecretRequest": {
-			"type": "object",
-			"properties": {
-				"description": {
-					"type": "string"
-				},
-				"env_name": {
-					"type": "string"
-				},
-				"file_path": {
-					"type": "string"
-				},
-				"name": {
-					"type": "string"
-				},
-				"value": {
-					"type": "string"
-				}
-			}
-		},
 		"codersdk.CreateWorkspaceBuildReason": {
 			"type": "string",
 			"enum": [
@@ -14392,9 +14063,6 @@
 				"oauth2": {
 					"$ref": "#/definitions/codersdk.OAuth2Config"
 				},
-				"object_store": {
-					"$ref": "#/definitions/codersdk.ObjectStoreConfig"
-				},
 				"oidc": {
 					"$ref": "#/definitions/codersdk.OIDCConfig"
 				},
@@ -16341,47 +16009,6 @@
 				}
 			}
 		},
-		"codersdk.ObjectStoreConfig": {
-			"type": "object",
-			"properties": {
-				"backend": {
-					"description": "Backend selects the storage backend: \"local\" (default), \"s3\", or \"gcs\".",
-					"type": "string"
-				},
-				"gcs_bucket": {
-					"description": "GCSBucket is the GCS bucket name. Required when Backend is \"gcs\".",
-					"type": "string"
-				},
-				"gcs_credentials_file": {
-					"description": "GCSCredentialsFile is an optional path to a GCS service account\nkey file. If empty, Application Default Credentials are used.",
-					"type": "string"
-				},
-				"gcs_prefix": {
-					"description": "GCSPrefix is an optional key prefix within the GCS bucket.",
-					"type": "string"
-				},
-				"local_dir": {
-					"description": "LocalDir is the root directory for the local filesystem backend.\nOnly used when Backend is \"local\". Defaults to \u003cconfig-dir\u003e/objectstore/.",
-					"type": "string"
-				},
-				"s3_bucket": {
-					"description": "S3Bucket is the S3 bucket name. Required when Backend is \"s3\".",
-					"type": "string"
-				},
-				"s3_endpoint": {
-					"description": "S3Endpoint is a custom S3-compatible endpoint URL (for MinIO, R2, etc.).",
-					"type": "string"
-				},
-				"s3_prefix": {
-					"description": "S3Prefix is an optional key prefix within the S3 bucket.",
-					"type": "string"
-				},
-				"s3_region": {
-					"description": "S3Region is the AWS region for the S3 bucket.",
-					"type": "string"
-				}
-			}
-		},
 		"codersdk.OptionType": {
 			"type": "string",
 			"enum": ["string", "number", "bool", "list(string)"],
@@ -19559,14 +19186,6 @@
 				}
 			}
 		},
-		"codersdk.UpdateChatRetentionDaysRequest": {
-			"type": "object",
-			"properties": {
-				"retention_days": {
-					"type": "integer"
-				}
-			}
-		},
 		"codersdk.UpdateCheckResponse": {
 			"type": "object",
 			"properties": {
@@ -19799,23 +19418,6 @@
 				}
 			}
 		},
-		"codersdk.UpdateUserSecretRequest": {
-			"type": "object",
-			"properties": {
-				"description": {
-					"type": "string"
-				},
-				"env_name": {
-					"type": "string"
-				},
-				"file_path": {
-					"type": "string"
-				},
-				"value": {
-					"type": "string"
-				}
-			}
-		},
 		"codersdk.UpdateWorkspaceACL": {
 			"type": "object",
 			"properties": {
@@ -20246,35 +19848,6 @@
 				}
 			}
 		},
-		"codersdk.UserSecret": {
-			"type": "object",
-			"properties": {
-				"created_at": {
-					"type": "string",
-					"format": "date-time"
-				},
-				"description": {
-					"type": "string"
-				},
-				"env_name": {
-					"type": "string"
-				},
-				"file_path": {
-					"type": "string"
-				},
-				"id": {
-					"type": "string",
-					"format": "uuid"
-				},
-				"name": {
-					"type": "string"
-				},
-				"updated_at": {
-					"type": "string",
-					"format": "date-time"
-				}
-			}
-		},
 		"codersdk.UserStatus": {
 			"type": "string",
 			"enum": ["active", "dormant", "suspended"],

coderd/audit.go

@@ -26,11 +26,6 @@ import (
 	"github.com/coder/coder/v2/codersdk"
 )
 
-// Limit the count query to avoid a slow sequential scan due to joins
-// on a large table. Set to 0 to disable capping (but also see the note
-// in the SQL query).
-const auditLogCountCap = 2000
-
 // @Summary Get audit logs
 // @ID get-audit-logs
 // @Security CoderSessionToken
@@ -71,7 +66,7 @@ func (api *API) auditLogs(rw http.ResponseWriter, r *http.Request) {
 		countFilter.Username = ""
 	}
 
-	countFilter.CountCap = auditLogCountCap
+	// Use the same filters to count the number of audit logs
 	count, err := api.Database.CountAuditLogs(ctx, countFilter)
 	if dbauthz.IsNotAuthorizedError(err) {
 		httpapi.Forbidden(rw)
@@ -86,7 +81,6 @@ func (api *API) auditLogs(rw http.ResponseWriter, r *http.Request) {
 		httpapi.Write(ctx, rw, http.StatusOK, codersdk.AuditLogResponse{
 			AuditLogs: []codersdk.AuditLog{},
 			Count:     0,
-			CountCap:  auditLogCountCap,
 		})
 		return
 	}
@@ -104,7 +98,6 @@ func (api *API) auditLogs(rw http.ResponseWriter, r *http.Request) {
 	httpapi.Write(ctx, rw, http.StatusOK, codersdk.AuditLogResponse{
 		AuditLogs: api.convertAuditLogs(ctx, dblogs),
 		Count:     count,
-		CountCap:  auditLogCountCap,
 	})
 }
 

coderd/coderd.go

@@ -71,7 +71,6 @@ import (
 	"github.com/coder/coder/v2/coderd/metricscache"
 	"github.com/coder/coder/v2/coderd/notifications"
 	"github.com/coder/coder/v2/coderd/oauth2provider"
-	"github.com/coder/coder/v2/coderd/objstore"
 	"github.com/coder/coder/v2/coderd/portsharing"
 	"github.com/coder/coder/v2/coderd/pproflabel"
 	"github.com/coder/coder/v2/coderd/prebuilds"
@@ -159,7 +158,6 @@ type Options struct {
 	AppHostnameRegex *regexp.Regexp
 	Logger           slog.Logger
 	Database         database.Store
-	ObjectStore      objstore.Store
 	Pubsub           pubsub.Pubsub
 	RuntimeConfig    *runtimeconfig.Manager
 
@@ -170,7 +168,6 @@ type Options struct {
 	ConnectionLogger               connectionlog.ConnectionLogger
 	AgentConnectionUpdateFrequency time.Duration
 	AgentInactiveDisconnectTimeout time.Duration
-	ChatdInstructionLookupTimeout  time.Duration
 	AWSCertificates                awsidentity.Certificates
 	Authorizer                     rbac.Authorizer
 	AzureCertificates              x509.VerifyOptions
@@ -785,16 +782,14 @@ func New(options *Options) *API {
 			ReplicaID:                      api.ID,
 			SubscribeFn:                    options.ChatSubscribeFn,
 			MaxChatsPerAcquire:             int32(maxChatsPerAcquire), //nolint:gosec // maxChatsPerAcquire is clamped to int32 range above.
-			ProviderAPIKeys:                ChatProviderAPIKeysFromDeploymentValues(options.DeploymentValues),
+			ProviderAPIKeys:                chatProviderAPIKeysFromDeploymentValues(options.DeploymentValues),
 			AgentConn:                      api.agentProvider.AgentConn,
 			AgentInactiveDisconnectTimeout: api.AgentInactiveDisconnectTimeout,
-			InstructionLookupTimeout:       options.ChatdInstructionLookupTimeout,
 			CreateWorkspace:                api.chatCreateWorkspace,
 			StartWorkspace:                 api.chatStartWorkspace,
 			Pubsub:                         options.Pubsub,
 			WebpushDispatcher:              options.WebPushDispatcher,
 			UsageTracker:                   options.WorkspaceUsageTracker,
-			ObjectStore:                    options.ObjectStore,
 		})
 		gitSyncLogger := options.Logger.Named("gitsync")
 		refresher := gitsync.NewRefresher(
@@ -1192,8 +1187,6 @@ func New(options *Options) *API {
 				r.Delete("/user-compaction-thresholds/{modelConfig}", api.deleteUserChatCompactionThreshold)
 				r.Get("/workspace-ttl", api.getChatWorkspaceTTL)
 				r.Put("/workspace-ttl", api.putChatWorkspaceTTL)
-				r.Get("/retention-days", api.getChatRetentionDays)
-				r.Put("/retention-days", api.putChatRetentionDays)
 				r.Get("/template-allowlist", api.getChatTemplateAllowlist)
 				r.Put("/template-allowlist", api.putChatTemplateAllowlist)
 			})
@@ -1228,13 +1221,6 @@ func New(options *Options) *API {
 					r.Delete("/", api.deleteChatUsageLimitGroupOverride)
 				})
 			})
-			r.Route("/user-provider-configs", func(r chi.Router) {
-				r.Get("/", api.listUserChatProviderConfigs)
-				r.Route("/{providerConfig}", func(r chi.Router) {
-					r.Put("/", api.upsertUserChatProviderKey)
-					r.Delete("/", api.deleteUserChatProviderKey)
-				})
-			})
 			r.Route("/{chat}", func(r chi.Router) {
 				r.Use(httpmw.ExtractChatParam(options.Database))
 				r.Get("/", api.getChat)
@@ -1248,7 +1234,6 @@ func New(options *Options) *API {
 					r.Get("/git", api.watchChatGit)
 				})
 				r.Post("/interrupt", api.interruptChat)
-				r.Post("/tool-results", api.postChatToolResults)
 				r.Post("/title/regenerate", api.regenerateChatTitle)
 				r.Get("/diff", api.getChatDiffContents)
 				r.Route("/queue/{queuedMessage}", func(r chi.Router) {
@@ -1611,15 +1596,6 @@ func New(options *Options) *API {
 
 						r.Get("/gitsshkey", api.gitSSHKey)
 						r.Put("/gitsshkey", api.regenerateGitSSHKey)
-						r.Route("/secrets", func(r chi.Router) {
-							r.Post("/", api.postUserSecret)
-							r.Get("/", api.getUserSecrets)
-							r.Route("/{name}", func(r chi.Router) {
-								r.Get("/", api.getUserSecret)
-								r.Patch("/", api.patchUserSecret)
-								r.Delete("/", api.deleteUserSecret)
-							})
-						})
 						r.Route("/notifications", func(r chi.Router) {
 							r.Route("/preferences", func(r chi.Router) {
 								r.Get("/", api.userNotificationPreferences)
@@ -1665,10 +1641,6 @@ func New(options *Options) *API {
 				r.Get("/gitsshkey", api.agentGitSSHKey)
 				r.Post("/log-source", api.workspaceAgentPostLogSource)
 				r.Get("/reinit", api.workspaceAgentReinit)
-				r.Route("/experimental", func(r chi.Router) {
-					r.Post("/chat-context", api.workspaceAgentAddChatContext)
-					r.Delete("/chat-context", api.workspaceAgentClearChatContext)
-				})
 				r.Route("/tasks/{task}", func(r chi.Router) {
 					r.Post("/log-snapshot", api.postWorkspaceAgentTaskLogSnapshot)
 				})

coderd/coderdtest/coderdtest.go

@@ -149,13 +149,12 @@ type Options struct {
 	OneTimePasscodeValidityPeriod time.Duration
 
 	// IncludeProvisionerDaemon when true means to start an in-memory provisionerD
-	IncludeProvisionerDaemon      bool
-	ChatdInstructionLookupTimeout time.Duration
-	ProvisionerDaemonVersion      string
-	ProvisionerDaemonTags         map[string]string
-	MetricsCacheRefreshInterval   time.Duration
-	AgentStatsRefreshInterval     time.Duration
-	DeploymentValues              *codersdk.DeploymentValues
+	IncludeProvisionerDaemon    bool
+	ProvisionerDaemonVersion    string
+	ProvisionerDaemonTags       map[string]string
+	MetricsCacheRefreshInterval time.Duration
+	AgentStatsRefreshInterval   time.Duration
+	DeploymentValues            *codersdk.DeploymentValues
 
 	// Set update check options to enable update check.
 	UpdateCheckOptions *updatecheck.Options
@@ -576,7 +575,6 @@ func NewOptions(t testing.TB, options *Options) (func(http.Handler), context.Can
 			// Force a long disconnection timeout to ensure
 			// agents are not marked as disconnected during slow tests.
 			AgentInactiveDisconnectTimeout: testutil.WaitShort,
-			ChatdInstructionLookupTimeout:  options.ChatdInstructionLookupTimeout,
 			AccessURL:                      accessURL,
 			AppHostname:                    options.AppHostname,
 			AppHostnameRegex:               appHostnameRegex,

coderd/coderdtest/swaggerparser.go

@@ -147,10 +147,6 @@ func parseSwaggerComment(commentGroup *ast.CommentGroup) SwaggerComment {
 	return c
 }
 
-func isExperimentalEndpoint(route string) bool {
-	return strings.HasPrefix(route, "/workspaceagents/me/experimental/")
-}
-
 func VerifySwaggerDefinitions(t *testing.T, router chi.Router, swaggerComments []SwaggerComment) {
 	assertUniqueRoutes(t, swaggerComments)
 	assertSingleAnnotations(t, swaggerComments)
@@ -169,9 +165,6 @@ func VerifySwaggerDefinitions(t *testing.T, router chi.Router, swaggerComments [
 			if strings.HasSuffix(route, "/*") {
 				return
 			}
-			if isExperimentalEndpoint(route) {
-				return
-			}
 
 			c := findSwaggerCommentByMethodAndRoute(swaggerComments, method, route)
 			assert.NotNil(t, c, "Missing @Router annotation")

coderd/coderdtest/users.go

@@ -123,10 +123,6 @@ func UsersPagination(
 	require.Contains(t, gotUsers[0].Name, "after")
 }
 
-type UsersFilterOptions struct {
-	CreateServiceAccounts bool
-}
-
 // UsersFilter creates a set of users to run various filters against for
 // testing.  It can be used to test filtering both users and group members.
 func UsersFilter(
@@ -134,16 +130,11 @@ func UsersFilter(
 	t *testing.T,
 	client *codersdk.Client,
 	db database.Store,
-	options *UsersFilterOptions,
 	setup func(users []codersdk.User),
 	fetch func(ctx context.Context, req codersdk.UsersRequest) []codersdk.ReducedUser,
 ) {
 	t.Helper()
 
-	if options == nil {
-		options = &UsersFilterOptions{}
-	}
-
 	firstUser, err := client.User(setupCtx, codersdk.Me)
 	require.NoError(t, err, "fetch me")
 
@@ -220,13 +211,11 @@ func UsersFilter(
 	}
 
 	// Add some service accounts.
-	if options.CreateServiceAccounts {
-		for range 3 {
-			_, user := CreateAnotherUserMutators(t, client, orgID, nil, func(r *codersdk.CreateUserRequestWithOrgs) {
-				r.ServiceAccount = true
-			})
-			users = append(users, user)
-		}
+	for range 3 {
+		_, user := CreateAnotherUserMutators(t, client, orgID, nil, func(r *codersdk.CreateUserRequestWithOrgs) {
+			r.ServiceAccount = true
+		})
+		users = append(users, user)
 	}
 
 	hashedPassword, err := userpassword.Hash("SomeStrongPassword!")

coderd/connectionlog/connectionlog.go

@@ -90,8 +90,8 @@ func (m *FakeConnectionLogger) Contains(t testing.TB, expected database.UpsertCo
 			t.Logf("connection log %d: expected Code %d, got %d", idx+1, expected.Code.Int32, cl.Code.Int32)
 			continue
 		}
-		if expected.IP.Valid && cl.IP.IPNet.String() != expected.IP.IPNet.String() {
-			t.Logf("connection log %d: expected IP %s, got %s", idx+1, expected.IP.IPNet, cl.IP.IPNet)
+		if expected.Ip.Valid && cl.Ip.IPNet.String() != expected.Ip.IPNet.String() {
+			t.Logf("connection log %d: expected IP %s, got %s", idx+1, expected.Ip.IPNet, cl.Ip.IPNet)
 			continue
 		}
 		if expected.UserAgent.Valid && cl.UserAgent.String != expected.UserAgent.String {

coderd/database/check_constraint.go

@@ -10,7 +10,6 @@ const (
 	CheckChatModelConfigsCompressionThresholdCheck   CheckConstraint = "chat_model_configs_compression_threshold_check"     // chat_model_configs
 	CheckChatModelConfigsContextLimitCheck           CheckConstraint = "chat_model_configs_context_limit_check"             // chat_model_configs
 	CheckChatProvidersProviderCheck                  CheckConstraint = "chat_providers_provider_check"                      // chat_providers
-	CheckValidCredentialPolicy                       CheckConstraint = "valid_credential_policy"                            // chat_providers
 	CheckChatUsageLimitConfigDefaultLimitMicrosCheck CheckConstraint = "chat_usage_limit_config_default_limit_micros_check" // chat_usage_limit_config
 	CheckChatUsageLimitConfigPeriodCheck             CheckConstraint = "chat_usage_limit_config_period_check"               // chat_usage_limit_config
 	CheckChatUsageLimitConfigSingletonCheck          CheckConstraint = "chat_usage_limit_config_singleton_check"            // chat_usage_limit_config
@@ -33,5 +32,4 @@ const (
 	CheckTelemetryLockEventTypeConstraint            CheckConstraint = "telemetry_lock_event_type_constraint"               // telemetry_locks
 	CheckValidationMonotonicOrder                    CheckConstraint = "validation_monotonic_order"                         // template_version_parameters
 	CheckUsageEventTypeCheck                         CheckConstraint = "usage_event_type_check"                             // usage_events
-	CheckUserChatProviderKeysAPIKeyCheck             CheckConstraint = "user_chat_provider_keys_api_key_check"              // user_chat_provider_keys
 )

coderd/database/db2sdk/db2sdk.go

@@ -538,12 +538,6 @@ func WorkspaceAgent(derpMap *tailcfg.DERPMap, coordinator tailnet.Coordinator,
 	switch {
 	case workspaceAgent.Status != codersdk.WorkspaceAgentConnected && workspaceAgent.LifecycleState == codersdk.WorkspaceAgentLifecycleOff:
 		workspaceAgent.Health.Reason = "agent is not running"
-	case workspaceAgent.Status == codersdk.WorkspaceAgentConnecting:
-		// Note: the case above catches connecting+off as "not running".
-		// This case handles connecting agents with a non-off lifecycle
-		// (e.g. "created" or "starting"), where the agent binary has
-		// not yet established a connection to coderd.
-		workspaceAgent.Health.Reason = "agent has not yet connected"
 	case workspaceAgent.Status == codersdk.WorkspaceAgentTimeout:
 		workspaceAgent.Health.Reason = "agent is taking too long to connect"
 	case workspaceAgent.Status == codersdk.WorkspaceAgentDisconnected:
@@ -1043,10 +1037,8 @@ func AIBridgeSession(row database.ListAIBridgeSessionsRow) codersdk.AIBridgeSess
 		StartedAt: row.StartedAt,
 		Threads:   row.Threads,
 		TokenUsageSummary: codersdk.AIBridgeSessionTokenUsageSummary{
-			InputTokens:           row.InputTokens,
-			OutputTokens:          row.OutputTokens,
-			CacheReadInputTokens:  row.CacheReadInputTokens,
-			CacheWriteInputTokens: row.CacheWriteInputTokens,
+			InputTokens:  row.InputTokens,
+			OutputTokens: row.OutputTokens,
 		},
 	}
 	// Ensure non-nil slices for JSON serialization.
@@ -1070,15 +1062,13 @@ func AIBridgeSession(row database.ListAIBridgeSessionsRow) codersdk.AIBridgeSess
 
 func AIBridgeTokenUsage(usage database.AIBridgeTokenUsage) codersdk.AIBridgeTokenUsage {
 	return codersdk.AIBridgeTokenUsage{
-		ID:                    usage.ID,
-		InterceptionID:        usage.InterceptionID,
-		ProviderResponseID:    usage.ProviderResponseID,
-		InputTokens:           usage.InputTokens,
-		OutputTokens:          usage.OutputTokens,
-		CacheReadInputTokens:  usage.CacheReadInputTokens,
-		CacheWriteInputTokens: usage.CacheWriteInputTokens,
-		Metadata:              jsonOrEmptyMap(usage.Metadata),
-		CreatedAt:             usage.CreatedAt,
+		ID:                 usage.ID,
+		InterceptionID:     usage.InterceptionID,
+		ProviderResponseID: usage.ProviderResponseID,
+		InputTokens:        usage.InputTokens,
+		OutputTokens:       usage.OutputTokens,
+		Metadata:           jsonOrEmptyMap(usage.Metadata),
+		CreatedAt:          usage.CreatedAt,
 	}
 }
 
@@ -1189,11 +1179,9 @@ func AIBridgeSessionThreads(
 		PageStartedAt: pageStartedAt,
 		PageEndedAt:   pageEndedAt,
 		TokenUsageSummary: codersdk.AIBridgeSessionThreadsTokenUsage{
-			InputTokens:           session.InputTokens,
-			OutputTokens:          session.OutputTokens,
-			CacheReadInputTokens:  session.CacheReadInputTokens,
-			CacheWriteInputTokens: session.CacheWriteInputTokens,
-			Metadata:              sessionTokenMeta,
+			InputTokens:  session.InputTokens,
+			OutputTokens: session.OutputTokens,
+			Metadata:     sessionTokenMeta,
 		},
 		Threads: threads,
 	}
@@ -1240,8 +1228,6 @@ func buildAIBridgeThread(
 	if rootIntc != nil {
 		thread.Model = rootIntc.Model
 		thread.Provider = rootIntc.Provider
-		thread.CredentialKind = string(rootIntc.CredentialKind)
-		thread.CredentialHint = rootIntc.CredentialHint
 		// Get first user prompt from root interception.
 		// A thread can only have one prompt, by definition, since we currently
 		// only store the last prompt observed in an interception.
@@ -1328,19 +1314,17 @@ func buildAIBridgeThread(
 
 // aggregateTokenUsage sums token usage rows and aggregates metadata.
 func aggregateTokenUsage(tokens []database.AIBridgeTokenUsage) codersdk.AIBridgeSessionThreadsTokenUsage {
-	var inputTokens, outputTokens, cacheRead, cacheWrite int64
+	var inputTokens, outputTokens int64
 	for _, tu := range tokens {
 		inputTokens += tu.InputTokens
 		outputTokens += tu.OutputTokens
-		cacheRead += tu.CacheReadInputTokens
-		cacheWrite += tu.CacheWriteInputTokens
+		// TODO: once https://github.com/coder/aibridge/issues/150 lands we
+		// should aggregate the other token types.
 	}
 	return codersdk.AIBridgeSessionThreadsTokenUsage{
-		InputTokens:           inputTokens,
-		OutputTokens:          outputTokens,
-		CacheReadInputTokens:  cacheRead,
-		CacheWriteInputTokens: cacheWrite,
-		Metadata:              aggregateTokenMetadata(tokens),
+		InputTokens:  inputTokens,
+		OutputTokens: outputTokens,
+		Metadata:     aggregateTokenMetadata(tokens),
 	}
 }
 
@@ -1536,10 +1520,7 @@ func nullInt64Ptr(v sql.NullInt64) *int64 {
 // Chat converts a database.Chat to a codersdk.Chat. It coalesces
 // nil slices and maps to empty values for JSON serialization and
 // derives RootChatID from the parent chain when not explicitly set.
-// When diffStatus is non-nil the response includes diff metadata.
-// When files is non-empty the response includes file metadata;
-// pass nil to omit the files field (e.g. list endpoints).
-func Chat(c database.Chat, diffStatus *database.ChatDiffStatus, files []database.GetChatFileMetadataByChatIDRow) codersdk.Chat {
+func Chat(c database.Chat, diffStatus *database.ChatDiffStatus) codersdk.Chat {
 	mcpServerIDs := c.MCPServerIDs
 	if mcpServerIDs == nil {
 		mcpServerIDs = []uuid.UUID{}
@@ -1592,19 +1573,6 @@ func Chat(c database.Chat, diffStatus *database.ChatDiffStatus, files []database
 		convertedDiffStatus := ChatDiffStatus(c.ID, diffStatus)
 		chat.DiffStatus = &convertedDiffStatus
 	}
-	if len(files) > 0 {
-		chat.Files = make([]codersdk.ChatFileMetadata, 0, len(files))
-		for _, row := range files {
-			chat.Files = append(chat.Files, codersdk.ChatFileMetadata{
-				ID:             row.ID,
-				OwnerID:        row.OwnerID,
-				OrganizationID: row.OrganizationID,
-				Name:           row.Name,
-				MimeType:       row.Mimetype,
-				CreatedAt:      row.CreatedAt,
-			})
-		}
-	}
 	if c.LastInjectedContext.Valid {
 		var parts []codersdk.ChatMessagePart
 		// Internal fields are stripped at write time in
@@ -1628,9 +1596,9 @@ func ChatRows(rows []database.GetChatsRow, diffStatusesByChatID map[uuid.UUID]da
 	for i, row := range rows {
 		diffStatus, ok := diffStatusesByChatID[row.Chat.ID]
 		if ok {
-			result[i] = Chat(row.Chat, &diffStatus, nil)
+			result[i] = Chat(row.Chat, &diffStatus)
 		} else {
-			result[i] = Chat(row.Chat, nil, nil)
+			result[i] = Chat(row.Chat, nil)
 			if diffStatusesByChatID != nil {
 				emptyDiffStatus := ChatDiffStatus(row.Chat.ID, nil)
 				result[i].DiffStatus = &emptyDiffStatus
@@ -1723,41 +1691,3 @@ func ChatDiffStatus(chatID uuid.UUID, status *database.ChatDiffStatus) codersdk.
 
 	return result
 }
-
-// UserSecret converts a database ListUserSecretsRow (metadata only,
-// no value) to an SDK UserSecret.
-func UserSecret(secret database.ListUserSecretsRow) codersdk.UserSecret {
-	return codersdk.UserSecret{
-		ID:          secret.ID,
-		Name:        secret.Name,
-		Description: secret.Description,
-		EnvName:     secret.EnvName,
-		FilePath:    secret.FilePath,
-		CreatedAt:   secret.CreatedAt,
-		UpdatedAt:   secret.UpdatedAt,
-	}
-}
-
-// UserSecretFromFull converts a full database UserSecret row to an
-// SDK UserSecret, omitting the value and encryption key ID.
-func UserSecretFromFull(secret database.UserSecret) codersdk.UserSecret {
-	return codersdk.UserSecret{
-		ID:          secret.ID,
-		Name:        secret.Name,
-		Description: secret.Description,
-		EnvName:     secret.EnvName,
-		FilePath:    secret.FilePath,
-		CreatedAt:   secret.CreatedAt,
-		UpdatedAt:   secret.UpdatedAt,
-	}
-}
-
-// UserSecrets converts a slice of database ListUserSecretsRow to
-// SDK UserSecret values.
-func UserSecrets(secrets []database.ListUserSecretsRow) []codersdk.UserSecret {
-	result := make([]codersdk.UserSecret, 0, len(secrets))
-	for _, s := range secrets {
-		result = append(result, UserSecret(s))
-	}
-	return result
-}

coderd/database/db2sdk/db2sdk_test.go

@@ -259,13 +259,11 @@ func TestAIBridgeInterception(t *testing.T) {
 			},
 			tokenUsages: []database.AIBridgeTokenUsage{
 				{
-					ID:                    uuid.New(),
-					InterceptionID:        interceptionID,
-					ProviderResponseID:    "resp-123",
-					InputTokens:           100,
-					OutputTokens:          200,
-					CacheReadInputTokens:  50,
-					CacheWriteInputTokens: 10,
+					ID:                 uuid.New(),
+					InterceptionID:     interceptionID,
+					ProviderResponseID: "resp-123",
+					InputTokens:        100,
+					OutputTokens:       200,
 					Metadata: pqtype.NullRawMessage{
 						RawMessage: json.RawMessage(`{"cache":"hit"}`),
 						Valid:      true,
@@ -415,8 +413,6 @@ func TestAIBridgeInterception(t *testing.T) {
 				require.Equal(t, tu.ProviderResponseID, result.TokenUsages[i].ProviderResponseID)
 				require.Equal(t, tu.InputTokens, result.TokenUsages[i].InputTokens)
 				require.Equal(t, tu.OutputTokens, result.TokenUsages[i].OutputTokens)
-				require.Equal(t, tu.CacheReadInputTokens, result.TokenUsages[i].CacheReadInputTokens)
-				require.Equal(t, tu.CacheWriteInputTokens, result.TokenUsages[i].CacheWriteInputTokens)
 			}
 
 			// Verify user prompts are converted correctly.
@@ -552,10 +548,6 @@ func TestChat_AllFieldsPopulated(t *testing.T) {
 			RawMessage: json.RawMessage(`[{"type":"context-file","context_file_path":"/AGENTS.md"}]`),
 			Valid:      true,
 		},
-		DynamicTools: pqtype.NullRawMessage{
-			RawMessage: json.RawMessage(`[{"name":"tool1","description":"test tool","inputSchema":{"type":"object"}}]`),
-			Valid:      true,
-		},
 	}
 	// Only ChatID is needed here. This test checks that
 	// Chat.DiffStatus is non-nil, not that every DiffStatus
@@ -565,26 +557,14 @@ func TestChat_AllFieldsPopulated(t *testing.T) {
 		ChatID: input.ID,
 	}
 
-	fileRows := []database.GetChatFileMetadataByChatIDRow{
-		{
-			ID:             uuid.New(),
-			OwnerID:        input.OwnerID,
-			OrganizationID: uuid.New(),
-			Name:           "test.png",
-			Mimetype:       "image/png",
-			CreatedAt:      now,
-		},
-	}
-
-	got := db2sdk.Chat(input, diffStatus, fileRows)
+	got := db2sdk.Chat(input, diffStatus)
 
 	v := reflect.ValueOf(got)
 	typ := v.Type()
 	// HasUnread is populated by ChatRows (which joins the
-	// read-cursor query), not by Chat. Warnings is a transient
-	// field populated by handlers, not the converter. Both are
-	// expected to remain zero here.
-	skip := map[string]bool{"HasUnread": true, "Warnings": true}
+	// read-cursor query), not by Chat, so it is expected
+	// to remain zero here.
+	skip := map[string]bool{"HasUnread": true}
 	for i := range typ.NumField() {
 		field := typ.Field(i)
 		if skip[field.Name] {
@@ -597,112 +577,6 @@ func TestChat_AllFieldsPopulated(t *testing.T) {
 	}
 }
 
-func TestChat_FileMetadataConversion(t *testing.T) {
-	t.Parallel()
-
-	ownerID := uuid.New()
-	orgID := uuid.New()
-	fileID := uuid.New()
-	now := dbtime.Now()
-
-	chat := database.Chat{
-		ID:                uuid.New(),
-		OwnerID:           ownerID,
-		LastModelConfigID: uuid.New(),
-		Title:             "file metadata test",
-		Status:            database.ChatStatusWaiting,
-		CreatedAt:         now,
-		UpdatedAt:         now,
-	}
-
-	rows := []database.GetChatFileMetadataByChatIDRow{
-		{
-			ID:             fileID,
-			OwnerID:        ownerID,
-			OrganizationID: orgID,
-			Name:           "screenshot.png",
-			Mimetype:       "image/png",
-			CreatedAt:      now,
-		},
-	}
-
-	result := db2sdk.Chat(chat, nil, rows)
-
-	require.Len(t, result.Files, 1)
-	f := result.Files[0]
-	require.Equal(t, fileID, f.ID)
-	require.Equal(t, ownerID, f.OwnerID, "OwnerID must be mapped from DB row")
-	require.Equal(t, orgID, f.OrganizationID, "OrganizationID must be mapped from DB row")
-	require.Equal(t, "screenshot.png", f.Name)
-	require.Equal(t, "image/png", f.MimeType)
-	require.Equal(t, now, f.CreatedAt)
-
-	// Verify JSON serialization uses snake_case for mime_type.
-	data, err := json.Marshal(f)
-	require.NoError(t, err)
-	require.Contains(t, string(data), `"mime_type"`)
-	require.NotContains(t, string(data), `"mimetype"`)
-}
-
-func TestChat_NilFilesOmitted(t *testing.T) {
-	t.Parallel()
-
-	chat := database.Chat{
-		ID:                uuid.New(),
-		OwnerID:           uuid.New(),
-		LastModelConfigID: uuid.New(),
-		Title:             "no files",
-		Status:            database.ChatStatusWaiting,
-		CreatedAt:         dbtime.Now(),
-		UpdatedAt:         dbtime.Now(),
-	}
-
-	result := db2sdk.Chat(chat, nil, nil)
-	require.Empty(t, result.Files)
-}
-
-func TestChat_MultipleFiles(t *testing.T) {
-	t.Parallel()
-
-	now := dbtime.Now()
-	file1 := uuid.New()
-	file2 := uuid.New()
-
-	chat := database.Chat{
-		ID:                uuid.New(),
-		OwnerID:           uuid.New(),
-		LastModelConfigID: uuid.New(),
-		Title:             "multi file test",
-		Status:            database.ChatStatusWaiting,
-		CreatedAt:         now,
-		UpdatedAt:         now,
-	}
-
-	rows := []database.GetChatFileMetadataByChatIDRow{
-		{
-			ID:             file1,
-			OwnerID:        chat.OwnerID,
-			OrganizationID: uuid.New(),
-			Name:           "a.png",
-			Mimetype:       "image/png",
-			CreatedAt:      now,
-		},
-		{
-			ID:             file2,
-			OwnerID:        chat.OwnerID,
-			OrganizationID: uuid.New(),
-			Name:           "b.txt",
-			Mimetype:       "text/plain",
-			CreatedAt:      now,
-		},
-	}
-
-	result := db2sdk.Chat(chat, nil, rows)
-	require.Len(t, result.Files, 2)
-	require.Equal(t, "a.png", result.Files[0].Name)
-	require.Equal(t, "b.txt", result.Files[1].Name)
-}
-
 func TestChatQueuedMessage_MalformedContent(t *testing.T) {
 	t.Parallel()
 

coderd/database/dbauthz/dbauthz.go

@@ -1627,13 +1627,6 @@ func (q *querier) BatchUpdateWorkspaceNextStartAt(ctx context.Context, arg datab
 	return q.db.BatchUpdateWorkspaceNextStartAt(ctx, arg)
 }
 
-func (q *querier) BatchUpsertConnectionLogs(ctx context.Context, arg database.BatchUpsertConnectionLogsParams) error {
-	if err := q.authorizeContext(ctx, policy.ActionUpdate, rbac.ResourceConnectionLog); err != nil {
-		return err
-	}
-	return q.db.BatchUpsertConnectionLogs(ctx, arg)
-}
-
 func (q *querier) BulkMarkNotificationMessagesFailed(ctx context.Context, arg database.BulkMarkNotificationMessagesFailedParams) (int64, error) {
 	if err := q.authorizeContext(ctx, policy.ActionUpdate, rbac.ResourceNotificationMessage); err != nil {
 		return 0, err
@@ -1708,17 +1701,6 @@ func (q *querier) CleanupDeletedMCPServerIDsFromChats(ctx context.Context) error
 	return q.db.CleanupDeletedMCPServerIDsFromChats(ctx)
 }
 
-func (q *querier) ClearChatMessageProviderResponseIDsByChatID(ctx context.Context, chatID uuid.UUID) error {
-	chat, err := q.db.GetChatByID(ctx, chatID)
-	if err != nil {
-		return err
-	}
-	if err := q.authorizeContext(ctx, policy.ActionUpdate, chat); err != nil {
-		return err
-	}
-	return q.db.ClearChatMessageProviderResponseIDsByChatID(ctx, chatID)
-}
-
 func (q *querier) CountAIBridgeInterceptions(ctx context.Context, arg database.CountAIBridgeInterceptionsParams) (int64, error) {
 	prep, err := prepareSQLFilter(ctx, q.auth, policy.ActionRead, rbac.ResourceAibridgeInterception.Type)
 	if err != nil {
@@ -2042,20 +2024,6 @@ func (q *querier) DeleteOldAuditLogs(ctx context.Context, arg database.DeleteOld
 	return q.db.DeleteOldAuditLogs(ctx, arg)
 }
 
-func (q *querier) DeleteOldChatFiles(ctx context.Context, arg database.DeleteOldChatFilesParams) ([]database.DeleteOldChatFilesRow, error) {
-	if err := q.authorizeContext(ctx, policy.ActionDelete, rbac.ResourceSystem); err != nil {
-		return nil, err
-	}
-	return q.db.DeleteOldChatFiles(ctx, arg)
-}
-
-func (q *querier) DeleteOldChats(ctx context.Context, arg database.DeleteOldChatsParams) (int64, error) {
-	if err := q.authorizeContext(ctx, policy.ActionDelete, rbac.ResourceSystem); err != nil {
-		return 0, err
-	}
-	return q.db.DeleteOldChats(ctx, arg)
-}
-
 func (q *querier) DeleteOldConnectionLogs(ctx context.Context, arg database.DeleteOldConnectionLogsParams) (int64, error) {
 	if err := q.authorizeContext(ctx, policy.ActionDelete, rbac.ResourceSystem); err != nil {
 		return 0, err
@@ -2169,23 +2137,17 @@ func (q *querier) DeleteUserChatCompactionThreshold(ctx context.Context, arg dat
 	return q.db.DeleteUserChatCompactionThreshold(ctx, arg)
 }
 
-func (q *querier) DeleteUserChatProviderKey(ctx context.Context, arg database.DeleteUserChatProviderKeyParams) error {
-	u, err := q.db.GetUserByID(ctx, arg.UserID)
+func (q *querier) DeleteUserSecret(ctx context.Context, id uuid.UUID) error {
+	// First get the secret to check ownership
+	secret, err := q.GetUserSecret(ctx, id)
 	if err != nil {
 		return err
 	}
-	if err := q.authorizeContext(ctx, policy.ActionUpdatePersonal, u); err != nil {
+
+	if err := q.authorizeContext(ctx, policy.ActionDelete, secret); err != nil {
 		return err
 	}
-	return q.db.DeleteUserChatProviderKey(ctx, arg)
-}
-
-func (q *querier) DeleteUserSecretByUserIDAndName(ctx context.Context, arg database.DeleteUserSecretByUserIDAndNameParams) (int64, error) {
-	obj := rbac.ResourceUserSecret.WithOwner(arg.UserID.String())
-	if err := q.authorizeContext(ctx, policy.ActionDelete, obj); err != nil {
-		return 0, err
-	}
-	return q.db.DeleteUserSecretByUserIDAndName(ctx, arg)
+	return q.db.DeleteUserSecret(ctx, id)
 }
 
 func (q *querier) DeleteWebpushSubscriptionByUserIDAndEndpoint(ctx context.Context, arg database.DeleteWebpushSubscriptionByUserIDAndEndpointParams) error {
@@ -2424,10 +2386,6 @@ func (q *querier) GetActiveAISeatCount(ctx context.Context) (int64, error) {
 	return q.db.GetActiveAISeatCount(ctx)
 }
 
-func (q *querier) GetActiveChatsByAgentID(ctx context.Context, agentID uuid.UUID) ([]database.Chat, error) {
-	return fetchWithPostFilter(q.auth, policy.ActionRead, q.db.GetActiveChatsByAgentID)(ctx, agentID)
-}
-
 func (q *querier) GetActivePresetPrebuildSchedules(ctx context.Context) ([]database.TemplateVersionPresetPrebuildSchedule, error) {
 	if err := q.authorizeContext(ctx, policy.ActionRead, rbac.ResourceTemplate.All()); err != nil {
 		return nil, err
@@ -2607,10 +2565,6 @@ func (q *querier) GetChatFileByID(ctx context.Context, id uuid.UUID) (database.C
 	return file, nil
 }
 
-func (q *querier) GetChatFileMetadataByChatID(ctx context.Context, chatID uuid.UUID) ([]database.GetChatFileMetadataByChatIDRow, error) {
-	return fetchWithPostFilter(q.auth, policy.ActionRead, q.db.GetChatFileMetadataByChatID)(ctx, chatID)
-}
-
 func (q *querier) GetChatFilesByIDs(ctx context.Context, ids []uuid.UUID) ([]database.ChatFile, error) {
 	files, err := q.db.GetChatFilesByIDs(ctx, ids)
 	if err != nil {
@@ -2651,14 +2605,6 @@ func (q *querier) GetChatMessageByID(ctx context.Context, id int64) (database.Ch
 	return msg, nil
 }
 
-func (q *querier) GetChatMessageSummariesPerChat(ctx context.Context, createdAfter time.Time) ([]database.GetChatMessageSummariesPerChatRow, error) {
-	// Telemetry queries are called from system contexts only.
-	if err := q.authorizeContext(ctx, policy.ActionRead, rbac.ResourceSystem); err != nil {
-		return nil, err
-	}
-	return q.db.GetChatMessageSummariesPerChat(ctx, createdAfter)
-}
-
 func (q *querier) GetChatMessagesByChatID(ctx context.Context, arg database.GetChatMessagesByChatIDParams) ([]database.ChatMessage, error) {
 	// Authorize read on the parent chat.
 	_, err := q.GetChatByID(ctx, arg.ChatID)
@@ -2707,14 +2653,6 @@ func (q *querier) GetChatModelConfigs(ctx context.Context) ([]database.ChatModel
 	return q.db.GetChatModelConfigs(ctx)
 }
 
-func (q *querier) GetChatModelConfigsForTelemetry(ctx context.Context) ([]database.GetChatModelConfigsForTelemetryRow, error) {
-	// Telemetry queries are called from system contexts only.
-	if err := q.authorizeContext(ctx, policy.ActionRead, rbac.ResourceSystem); err != nil {
-		return nil, err
-	}
-	return q.db.GetChatModelConfigsForTelemetry(ctx)
-}
-
 func (q *querier) GetChatProviderByID(ctx context.Context, id uuid.UUID) (database.ChatProvider, error) {
 	if err := q.authorizeContext(ctx, policy.ActionRead, rbac.ResourceDeploymentConfig); err != nil {
 		return database.ChatProvider{}, err
@@ -2744,15 +2682,6 @@ func (q *querier) GetChatQueuedMessages(ctx context.Context, chatID uuid.UUID) (
 	return q.db.GetChatQueuedMessages(ctx, chatID)
 }
 
-func (q *querier) GetChatRetentionDays(ctx context.Context) (int32, error) {
-	// Chat retention is a deployment-wide config read by dbpurge.
-	// Only requires a valid actor in context.
-	if _, ok := ActorFromContext(ctx); !ok {
-		return 0, ErrNoActor
-	}
-	return q.db.GetChatRetentionDays(ctx)
-}
-
 func (q *querier) GetChatSystemPrompt(ctx context.Context) (string, error) {
 	// The system prompt is a deployment-wide setting read during chat
 	// creation by every authenticated user, so no RBAC policy check
@@ -2831,14 +2760,6 @@ func (q *querier) GetChatsByWorkspaceIDs(ctx context.Context, ids []uuid.UUID) (
 	return fetchWithPostFilter(q.auth, policy.ActionRead, q.db.GetChatsByWorkspaceIDs)(ctx, ids)
 }
 
-func (q *querier) GetChatsUpdatedAfter(ctx context.Context, updatedAfter time.Time) ([]database.GetChatsUpdatedAfterRow, error) {
-	// Telemetry queries are called from system contexts only.
-	if err := q.authorizeContext(ctx, policy.ActionRead, rbac.ResourceSystem); err != nil {
-		return nil, err
-	}
-	return q.db.GetChatsUpdatedAfter(ctx, updatedAfter)
-}
-
 func (q *querier) GetConnectionLogsOffset(ctx context.Context, arg database.GetConnectionLogsOffsetParams) ([]database.GetConnectionLogsOffsetRow, error) {
 	// Just like with the audit logs query, shortcut if the user is an owner.
 	err := q.authorizeContext(ctx, policy.ActionRead, rbac.ResourceConnectionLog)
@@ -3714,18 +3635,18 @@ func (q *querier) GetTailnetPeers(ctx context.Context, id uuid.UUID) ([]database
 	return q.db.GetTailnetPeers(ctx, id)
 }
 
-func (q *querier) GetTailnetTunnelPeerBindingsBatch(ctx context.Context, ids []uuid.UUID) ([]database.GetTailnetTunnelPeerBindingsBatchRow, error) {
+func (q *querier) GetTailnetTunnelPeerBindings(ctx context.Context, srcID uuid.UUID) ([]database.GetTailnetTunnelPeerBindingsRow, error) {
 	if err := q.authorizeContext(ctx, policy.ActionRead, rbac.ResourceTailnetCoordinator); err != nil {
 		return nil, err
 	}
-	return q.db.GetTailnetTunnelPeerBindingsBatch(ctx, ids)
+	return q.db.GetTailnetTunnelPeerBindings(ctx, srcID)
 }
 
-func (q *querier) GetTailnetTunnelPeerIDsBatch(ctx context.Context, ids []uuid.UUID) ([]database.GetTailnetTunnelPeerIDsBatchRow, error) {
+func (q *querier) GetTailnetTunnelPeerIDs(ctx context.Context, srcID uuid.UUID) ([]database.GetTailnetTunnelPeerIDsRow, error) {
 	if err := q.authorizeContext(ctx, policy.ActionRead, rbac.ResourceTailnetCoordinator); err != nil {
 		return nil, err
 	}
-	return q.db.GetTailnetTunnelPeerIDsBatch(ctx, ids)
+	return q.db.GetTailnetTunnelPeerIDs(ctx, srcID)
 }
 
 func (q *querier) GetTaskByID(ctx context.Context, id uuid.UUID) (database.Task, error) {
@@ -4103,17 +4024,6 @@ func (q *querier) GetUserChatCustomPrompt(ctx context.Context, userID uuid.UUID)
 	return q.db.GetUserChatCustomPrompt(ctx, userID)
 }
 
-func (q *querier) GetUserChatProviderKeys(ctx context.Context, userID uuid.UUID) ([]database.UserChatProviderKey, error) {
-	u, err := q.db.GetUserByID(ctx, userID)
-	if err != nil {
-		return nil, err
-	}
-	if err := q.authorizeContext(ctx, policy.ActionReadPersonal, u); err != nil {
-		return nil, err
-	}
-	return q.db.GetUserChatProviderKeys(ctx, userID)
-}
-
 func (q *querier) GetUserChatSpendInPeriod(ctx context.Context, arg database.GetUserChatSpendInPeriodParams) (int64, error) {
 	if err := q.authorizeContext(ctx, policy.ActionRead, rbac.ResourceChat.WithOwner(arg.UserID.String())); err != nil {
 		return 0, err
@@ -4185,6 +4095,19 @@ func (q *querier) GetUserNotificationPreferences(ctx context.Context, userID uui
 	return q.db.GetUserNotificationPreferences(ctx, userID)
 }
 
+func (q *querier) GetUserSecret(ctx context.Context, id uuid.UUID) (database.UserSecret, error) {
+	// First get the secret to check ownership
+	secret, err := q.db.GetUserSecret(ctx, id)
+	if err != nil {
+		return database.UserSecret{}, err
+	}
+
+	if err := q.authorizeContext(ctx, policy.ActionRead, secret); err != nil {
+		return database.UserSecret{}, err
+	}
+	return secret, nil
+}
+
 func (q *querier) GetUserSecretByUserIDAndName(ctx context.Context, arg database.GetUserSecretByUserIDAndNameParams) (database.UserSecret, error) {
 	obj := rbac.ResourceUserSecret.WithOwner(arg.UserID.String())
 	if err := q.authorizeContext(ctx, policy.ActionRead, obj); err != nil {
@@ -5441,17 +5364,6 @@ func (q *querier) InsertWorkspaceResourceMetadata(ctx context.Context, arg datab
 	return q.db.InsertWorkspaceResourceMetadata(ctx, arg)
 }
 
-func (q *querier) LinkChatFiles(ctx context.Context, arg database.LinkChatFilesParams) (int32, error) {
-	chat, err := q.db.GetChatByID(ctx, arg.ChatID)
-	if err != nil {
-		return 0, err
-	}
-	if err := q.authorizeContext(ctx, policy.ActionUpdate, chat); err != nil {
-		return 0, err
-	}
-	return q.db.LinkChatFiles(ctx, arg)
-}
-
 func (q *querier) ListAIBridgeClients(ctx context.Context, arg database.ListAIBridgeClientsParams) ([]string, error) {
 	prep, err := prepareSQLFilter(ctx, q.auth, policy.ActionRead, rbac.ResourceAibridgeInterception.Type)
 	if err != nil {
@@ -5568,7 +5480,7 @@ func (q *querier) ListUserChatCompactionThresholds(ctx context.Context, userID u
 	return q.db.ListUserChatCompactionThresholds(ctx, userID)
 }
 
-func (q *querier) ListUserSecrets(ctx context.Context, userID uuid.UUID) ([]database.ListUserSecretsRow, error) {
+func (q *querier) ListUserSecrets(ctx context.Context, userID uuid.UUID) ([]database.UserSecret, error) {
 	obj := rbac.ResourceUserSecret.WithOwner(userID.String())
 	if err := q.authorizeContext(ctx, policy.ActionRead, obj); err != nil {
 		return nil, err
@@ -5576,16 +5488,6 @@ func (q *querier) ListUserSecrets(ctx context.Context, userID uuid.UUID) ([]data
 	return q.db.ListUserSecrets(ctx, userID)
 }
 
-func (q *querier) ListUserSecretsWithValues(ctx context.Context, userID uuid.UUID) ([]database.UserSecret, error) {
-	// This query returns decrypted secret values and must only be called
-	// from system contexts (provisioner, agent manifest). REST API
-	// handlers should use ListUserSecrets (metadata only).
-	if err := q.authorizeContext(ctx, policy.ActionRead, rbac.ResourceSystem); err != nil {
-		return nil, err
-	}
-	return q.db.ListUserSecretsWithValues(ctx, userID)
-}
-
 func (q *querier) ListWorkspaceAgentPortShares(ctx context.Context, workspaceID uuid.UUID) ([]database.WorkspaceAgentPortShare, error) {
 	workspace, err := q.db.GetWorkspaceByID(ctx, workspaceID)
 	if err != nil {
@@ -5743,17 +5645,6 @@ func (q *querier) SoftDeleteChatMessagesAfterID(ctx context.Context, arg databas
 	return q.db.SoftDeleteChatMessagesAfterID(ctx, arg)
 }
 
-func (q *querier) SoftDeleteContextFileMessages(ctx context.Context, chatID uuid.UUID) error {
-	chat, err := q.db.GetChatByID(ctx, chatID)
-	if err != nil {
-		return err
-	}
-	if err := q.authorizeContext(ctx, policy.ActionUpdate, chat); err != nil {
-		return err
-	}
-	return q.db.SoftDeleteContextFileMessages(ctx, chatID)
-}
-
 func (q *querier) TryAcquireLock(ctx context.Context, id int64) (bool, error) {
 	return q.db.TryAcquireLock(ctx, id)
 }
@@ -5847,15 +5738,15 @@ func (q *querier) UpdateChatByID(ctx context.Context, arg database.UpdateChatByI
 	return q.db.UpdateChatByID(ctx, arg)
 }
 
-func (q *querier) UpdateChatHeartbeats(ctx context.Context, arg database.UpdateChatHeartbeatsParams) ([]uuid.UUID, error) {
-	// The batch heartbeat is a system-level operation filtered by
-	// worker_id. Authorization is enforced by the AsChatd context
-	// at the call site rather than per-row, because checking each
-	// row individually would defeat the purpose of batching.
-	if err := q.authorizeContext(ctx, policy.ActionUpdate, rbac.ResourceChat); err != nil {
-		return nil, err
+func (q *querier) UpdateChatHeartbeat(ctx context.Context, arg database.UpdateChatHeartbeatParams) (int64, error) {
+	chat, err := q.db.GetChatByID(ctx, arg.ID)
+	if err != nil {
+		return 0, err
 	}
-	return q.db.UpdateChatHeartbeats(ctx, arg)
+	if err := q.authorizeContext(ctx, policy.ActionUpdate, chat); err != nil {
+		return 0, err
+	}
+	return q.db.UpdateChatHeartbeat(ctx, arg)
 }
 
 func (q *querier) UpdateChatLabelsByID(ctx context.Context, arg database.UpdateChatLabelsByIDParams) (database.Chat, error) {
@@ -6563,17 +6454,6 @@ func (q *querier) UpdateUserChatCustomPrompt(ctx context.Context, arg database.U
 	return q.db.UpdateUserChatCustomPrompt(ctx, arg)
 }
 
-func (q *querier) UpdateUserChatProviderKey(ctx context.Context, arg database.UpdateUserChatProviderKeyParams) (database.UserChatProviderKey, error) {
-	u, err := q.db.GetUserByID(ctx, arg.UserID)
-	if err != nil {
-		return database.UserChatProviderKey{}, err
-	}
-	if err := q.authorizeContext(ctx, policy.ActionUpdatePersonal, u); err != nil {
-		return database.UserChatProviderKey{}, err
-	}
-	return q.db.UpdateUserChatProviderKey(ctx, arg)
-}
-
 func (q *querier) UpdateUserDeletedByID(ctx context.Context, id uuid.UUID) error {
 	return deleteQ(q.log, q.auth, q.db.GetUserByID, q.db.UpdateUserDeletedByID)(ctx, id)
 }
@@ -6697,12 +6577,17 @@ func (q *querier) UpdateUserRoles(ctx context.Context, arg database.UpdateUserRo
 	return q.db.UpdateUserRoles(ctx, arg)
 }
 
-func (q *querier) UpdateUserSecretByUserIDAndName(ctx context.Context, arg database.UpdateUserSecretByUserIDAndNameParams) (database.UserSecret, error) {
-	obj := rbac.ResourceUserSecret.WithOwner(arg.UserID.String())
-	if err := q.authorizeContext(ctx, policy.ActionUpdate, obj); err != nil {
+func (q *querier) UpdateUserSecret(ctx context.Context, arg database.UpdateUserSecretParams) (database.UserSecret, error) {
+	// First get the secret to check ownership
+	secret, err := q.db.GetUserSecret(ctx, arg.ID)
+	if err != nil {
 		return database.UserSecret{}, err
 	}
-	return q.db.UpdateUserSecretByUserIDAndName(ctx, arg)
+
+	if err := q.authorizeContext(ctx, policy.ActionUpdate, secret); err != nil {
+		return database.UserSecret{}, err
+	}
+	return q.db.UpdateUserSecret(ctx, arg)
 }
 
 func (q *querier) UpdateUserStatus(ctx context.Context, arg database.UpdateUserStatusParams) (database.User, error) {
@@ -7104,13 +6989,6 @@ func (q *querier) UpsertChatIncludeDefaultSystemPrompt(ctx context.Context, incl
 	return q.db.UpsertChatIncludeDefaultSystemPrompt(ctx, includeDefaultSystemPrompt)
 }
 
-func (q *querier) UpsertChatRetentionDays(ctx context.Context, retentionDays int32) error {
-	if err := q.authorizeContext(ctx, policy.ActionUpdate, rbac.ResourceDeploymentConfig); err != nil {
-		return err
-	}
-	return q.db.UpsertChatRetentionDays(ctx, retentionDays)
-}
-
 func (q *querier) UpsertChatSystemPrompt(ctx context.Context, value string) error {
 	if err := q.authorizeContext(ctx, policy.ActionUpdate, rbac.ResourceDeploymentConfig); err != nil {
 		return err
@@ -7154,6 +7032,13 @@ func (q *querier) UpsertChatWorkspaceTTL(ctx context.Context, workspaceTtl strin
 	return q.db.UpsertChatWorkspaceTTL(ctx, workspaceTtl)
 }
 
+func (q *querier) UpsertConnectionLog(ctx context.Context, arg database.UpsertConnectionLogParams) (database.ConnectionLog, error) {
+	if err := q.authorizeContext(ctx, policy.ActionUpdate, rbac.ResourceConnectionLog); err != nil {
+		return database.ConnectionLog{}, err
+	}
+	return q.db.UpsertConnectionLog(ctx, arg)
+}
+
 func (q *querier) UpsertDefaultProxy(ctx context.Context, arg database.UpsertDefaultProxyParams) error {
 	if err := q.authorizeContext(ctx, policy.ActionUpdate, rbac.ResourceSystem); err != nil {
 		return err
@@ -7296,17 +7181,6 @@ func (q *querier) UpsertTemplateUsageStats(ctx context.Context) error {
 	return q.db.UpsertTemplateUsageStats(ctx)
 }
 
-func (q *querier) UpsertUserChatProviderKey(ctx context.Context, arg database.UpsertUserChatProviderKeyParams) (database.UserChatProviderKey, error) {
-	u, err := q.db.GetUserByID(ctx, arg.UserID)
-	if err != nil {
-		return database.UserChatProviderKey{}, err
-	}
-	if err := q.authorizeContext(ctx, policy.ActionUpdatePersonal, u); err != nil {
-		return database.UserChatProviderKey{}, err
-	}
-	return q.db.UpsertUserChatProviderKey(ctx, arg)
-}
-
 func (q *querier) UpsertWebpushVAPIDKeys(ctx context.Context, arg database.UpsertWebpushVAPIDKeysParams) error {
 	if err := q.authorizeContext(ctx, policy.ActionUpdate, rbac.ResourceDeploymentConfig); err != nil {
 		return err

coderd/database/dbauthz/dbauthz_test.go

@@ -338,9 +338,10 @@ func (s *MethodTestSuite) TestAuditLogs() {
 }
 
 func (s *MethodTestSuite) TestConnectionLogs() {
-	s.Run("BatchUpsertConnectionLogs", s.Mocked(func(dbm *dbmock.MockStore, _ *gofakeit.Faker, check *expects) {
-		arg := database.BatchUpsertConnectionLogsParams{}
-		dbm.EXPECT().BatchUpsertConnectionLogs(gomock.Any(), arg).Return(nil).AnyTimes()
+	s.Run("UpsertConnectionLog", s.Mocked(func(dbm *dbmock.MockStore, faker *gofakeit.Faker, check *expects) {
+		ws := testutil.Fake(s.T(), faker, database.WorkspaceTable{})
+		arg := database.UpsertConnectionLogParams{Ip: defaultIPAddress(), Type: database.ConnectionTypeSsh, WorkspaceID: ws.ID, OrganizationID: ws.OrganizationID, ConnectionStatus: database.ConnectionStatusConnected, WorkspaceOwnerID: ws.OwnerID}
+		dbm.EXPECT().UpsertConnectionLog(gomock.Any(), arg).Return(database.ConnectionLog{}, nil).AnyTimes()
 		check.Args(arg).Asserts(rbac.ResourceConnectionLog, policy.ActionUpdate)
 	}))
 	s.Run("GetConnectionLogsOffset", s.Mocked(func(dbm *dbmock.MockStore, _ *gofakeit.Faker, check *expects) {
@@ -400,17 +401,6 @@ func (s *MethodTestSuite) TestChats() {
 		dbm.EXPECT().UnarchiveChatByID(gomock.Any(), chat.ID).Return([]database.Chat{chat}, nil).AnyTimes()
 		check.Args(chat.ID).Asserts(chat, policy.ActionUpdate).Returns([]database.Chat{chat})
 	}))
-	s.Run("LinkChatFiles", s.Mocked(func(dbm *dbmock.MockStore, faker *gofakeit.Faker, check *expects) {
-		chat := testutil.Fake(s.T(), faker, database.Chat{})
-		arg := database.LinkChatFilesParams{
-			ChatID:       chat.ID,
-			MaxFileLinks: int32(codersdk.MaxChatFileIDs),
-			FileIds:      []uuid.UUID{uuid.New()},
-		}
-		dbm.EXPECT().GetChatByID(gomock.Any(), chat.ID).Return(chat, nil).AnyTimes()
-		dbm.EXPECT().LinkChatFiles(gomock.Any(), arg).Return(int32(0), nil).AnyTimes()
-		check.Args(arg).Asserts(chat, policy.ActionUpdate).Returns(int32(0))
-	}))
 	s.Run("PinChatByID", s.Mocked(func(dbm *dbmock.MockStore, faker *gofakeit.Faker, check *expects) {
 		chat := testutil.Fake(s.T(), faker, database.Chat{})
 		dbm.EXPECT().GetChatByID(gomock.Any(), chat.ID).Return(chat, nil).AnyTimes()
@@ -478,24 +468,6 @@ func (s *MethodTestSuite) TestChats() {
 		dbm.EXPECT().GetChatsByWorkspaceIDs(gomock.Any(), arg).Return([]database.Chat{chatA, chatB}, nil).AnyTimes()
 		check.Args(arg).Asserts(chatA, policy.ActionRead, chatB, policy.ActionRead).Returns([]database.Chat{chatA, chatB})
 	}))
-	s.Run("GetActiveChatsByAgentID", s.Mocked(func(dbm *dbmock.MockStore, faker *gofakeit.Faker, check *expects) {
-		chat := testutil.Fake(s.T(), faker, database.Chat{})
-		agentID := uuid.New()
-		dbm.EXPECT().GetActiveChatsByAgentID(gomock.Any(), agentID).Return([]database.Chat{chat}, nil).AnyTimes()
-		check.Args(agentID).Asserts(chat, policy.ActionRead).Returns([]database.Chat{chat})
-	}))
-	s.Run("SoftDeleteContextFileMessages", s.Mocked(func(dbm *dbmock.MockStore, faker *gofakeit.Faker, check *expects) {
-		chat := testutil.Fake(s.T(), faker, database.Chat{})
-		dbm.EXPECT().GetChatByID(gomock.Any(), chat.ID).Return(chat, nil).AnyTimes()
-		dbm.EXPECT().SoftDeleteContextFileMessages(gomock.Any(), chat.ID).Return(nil).AnyTimes()
-		check.Args(chat.ID).Asserts(chat, policy.ActionUpdate).Returns()
-	}))
-	s.Run("ClearChatMessageProviderResponseIDsByChatID", s.Mocked(func(dbm *dbmock.MockStore, faker *gofakeit.Faker, check *expects) {
-		chat := testutil.Fake(s.T(), faker, database.Chat{})
-		dbm.EXPECT().GetChatByID(gomock.Any(), chat.ID).Return(chat, nil).AnyTimes()
-		dbm.EXPECT().ClearChatMessageProviderResponseIDsByChatID(gomock.Any(), chat.ID).Return(nil).AnyTimes()
-		check.Args(chat.ID).Asserts(chat, policy.ActionUpdate).Returns()
-	}))
 	s.Run("GetChatCostPerChat", s.Mocked(func(dbm *dbmock.MockStore, _ *gofakeit.Faker, check *expects) {
 		arg := database.GetChatCostPerChatParams{
 			OwnerID:   uuid.New(),
@@ -605,35 +577,6 @@ func (s *MethodTestSuite) TestChats() {
 		dbm.EXPECT().GetChatFilesByIDs(gomock.Any(), []uuid.UUID{file.ID}).Return([]database.ChatFile{file}, nil).AnyTimes()
 		check.Args([]uuid.UUID{file.ID}).Asserts(rbac.ResourceChat.WithOwner(file.OwnerID.String()).InOrg(file.OrganizationID).WithID(file.ID), policy.ActionRead).Returns([]database.ChatFile{file})
 	}))
-	s.Run("GetChatFileMetadataByChatID", s.Mocked(func(dbm *dbmock.MockStore, faker *gofakeit.Faker, check *expects) {
-		file := testutil.Fake(s.T(), faker, database.ChatFile{})
-		rows := []database.GetChatFileMetadataByChatIDRow{{
-			ID:             file.ID,
-			Name:           file.Name,
-			Mimetype:       file.Mimetype,
-			CreatedAt:      file.CreatedAt,
-			OwnerID:        file.OwnerID,
-			OrganizationID: file.OrganizationID,
-		}}
-		dbm.EXPECT().GetChatFileMetadataByChatID(gomock.Any(), file.ID).Return(rows, nil).AnyTimes()
-		check.Args(file.ID).Asserts(rbac.ResourceChat.WithOwner(file.OwnerID.String()).InOrg(file.OrganizationID).WithID(file.ID), policy.ActionRead).Returns(rows)
-	}))
-	s.Run("DeleteOldChatFiles", s.Mocked(func(dbm *dbmock.MockStore, _ *gofakeit.Faker, check *expects) {
-		dbm.EXPECT().DeleteOldChatFiles(gomock.Any(), database.DeleteOldChatFilesParams{}).Return(int64(0), nil).AnyTimes()
-		check.Args(database.DeleteOldChatFilesParams{}).Asserts(rbac.ResourceSystem, policy.ActionDelete)
-	}))
-	s.Run("DeleteOldChats", s.Mocked(func(dbm *dbmock.MockStore, _ *gofakeit.Faker, check *expects) {
-		dbm.EXPECT().DeleteOldChats(gomock.Any(), database.DeleteOldChatsParams{}).Return(int64(0), nil).AnyTimes()
-		check.Args(database.DeleteOldChatsParams{}).Asserts(rbac.ResourceSystem, policy.ActionDelete)
-	}))
-	s.Run("GetChatRetentionDays", s.Mocked(func(dbm *dbmock.MockStore, _ *gofakeit.Faker, check *expects) {
-		dbm.EXPECT().GetChatRetentionDays(gomock.Any()).Return(int32(30), nil).AnyTimes()
-		check.Args().Asserts()
-	}))
-	s.Run("UpsertChatRetentionDays", s.Mocked(func(dbm *dbmock.MockStore, _ *gofakeit.Faker, check *expects) {
-		dbm.EXPECT().UpsertChatRetentionDays(gomock.Any(), int32(30)).Return(nil).AnyTimes()
-		check.Args(int32(30)).Asserts(rbac.ResourceDeploymentConfig, policy.ActionUpdate)
-	}))
 	s.Run("GetChatMessageByID", s.Mocked(func(dbm *dbmock.MockStore, faker *gofakeit.Faker, check *expects) {
 		chat := testutil.Fake(s.T(), faker, database.Chat{})
 		msg := testutil.Fake(s.T(), faker, database.ChatMessage{ChatID: chat.ID})
@@ -876,15 +819,15 @@ func (s *MethodTestSuite) TestChats() {
 		dbm.EXPECT().UpdateChatStatusPreserveUpdatedAt(gomock.Any(), arg).Return(chat, nil).AnyTimes()
 		check.Args(arg).Asserts(chat, policy.ActionUpdate).Returns(chat)
 	}))
-	s.Run("UpdateChatHeartbeats", s.Mocked(func(dbm *dbmock.MockStore, faker *gofakeit.Faker, check *expects) {
-		resultID := uuid.New()
-		arg := database.UpdateChatHeartbeatsParams{
-			IDs:      []uuid.UUID{resultID},
+	s.Run("UpdateChatHeartbeat", s.Mocked(func(dbm *dbmock.MockStore, faker *gofakeit.Faker, check *expects) {
+		chat := testutil.Fake(s.T(), faker, database.Chat{})
+		arg := database.UpdateChatHeartbeatParams{
+			ID:       chat.ID,
 			WorkerID: uuid.New(),
-			Now:      time.Now(),
 		}
-		dbm.EXPECT().UpdateChatHeartbeats(gomock.Any(), arg).Return([]uuid.UUID{resultID}, nil).AnyTimes()
-		check.Args(arg).Asserts(rbac.ResourceChat, policy.ActionUpdate).Returns([]uuid.UUID{resultID})
+		dbm.EXPECT().GetChatByID(gomock.Any(), chat.ID).Return(chat, nil).AnyTimes()
+		dbm.EXPECT().UpdateChatHeartbeat(gomock.Any(), arg).Return(int64(1), nil).AnyTimes()
+		check.Args(arg).Asserts(chat, policy.ActionUpdate).Returns(int64(1))
 	}))
 	s.Run("UpdateChatMessageByID", s.Mocked(func(dbm *dbmock.MockStore, faker *gofakeit.Faker, check *expects) {
 		chat := testutil.Fake(s.T(), faker, database.Chat{})
@@ -2464,36 +2407,6 @@ func (s *MethodTestSuite) TestUser() {
 		dbm.EXPECT().GetUserChatCustomPrompt(gomock.Any(), u.ID).Return("my custom prompt", nil).AnyTimes()
 		check.Args(u.ID).Asserts(u, policy.ActionReadPersonal).Returns("my custom prompt")
 	}))
-	s.Run("GetUserChatProviderKeys", s.Mocked(func(dbm *dbmock.MockStore, faker *gofakeit.Faker, check *expects) {
-		u := testutil.Fake(s.T(), faker, database.User{})
-		key := testutil.Fake(s.T(), faker, database.UserChatProviderKey{UserID: u.ID})
-		dbm.EXPECT().GetUserByID(gomock.Any(), u.ID).Return(u, nil).AnyTimes()
-		dbm.EXPECT().GetUserChatProviderKeys(gomock.Any(), u.ID).Return([]database.UserChatProviderKey{key}, nil).AnyTimes()
-		check.Args(u.ID).Asserts(u, policy.ActionReadPersonal).Returns([]database.UserChatProviderKey{key})
-	}))
-	s.Run("DeleteUserChatProviderKey", s.Mocked(func(dbm *dbmock.MockStore, faker *gofakeit.Faker, check *expects) {
-		u := testutil.Fake(s.T(), faker, database.User{})
-		arg := database.DeleteUserChatProviderKeyParams{UserID: u.ID, ChatProviderID: uuid.New()}
-		dbm.EXPECT().GetUserByID(gomock.Any(), u.ID).Return(u, nil).AnyTimes()
-		dbm.EXPECT().DeleteUserChatProviderKey(gomock.Any(), arg).Return(nil).AnyTimes()
-		check.Args(arg).Asserts(u, policy.ActionUpdatePersonal).Returns()
-	}))
-	s.Run("UpdateUserChatProviderKey", s.Mocked(func(dbm *dbmock.MockStore, faker *gofakeit.Faker, check *expects) {
-		u := testutil.Fake(s.T(), faker, database.User{})
-		arg := database.UpdateUserChatProviderKeyParams{UserID: u.ID, ChatProviderID: uuid.New(), APIKey: "updated-api-key"}
-		key := testutil.Fake(s.T(), faker, database.UserChatProviderKey{UserID: u.ID, ChatProviderID: arg.ChatProviderID, APIKey: arg.APIKey})
-		dbm.EXPECT().GetUserByID(gomock.Any(), u.ID).Return(u, nil).AnyTimes()
-		dbm.EXPECT().UpdateUserChatProviderKey(gomock.Any(), arg).Return(key, nil).AnyTimes()
-		check.Args(arg).Asserts(u, policy.ActionUpdatePersonal).Returns(key)
-	}))
-	s.Run("UpsertUserChatProviderKey", s.Mocked(func(dbm *dbmock.MockStore, faker *gofakeit.Faker, check *expects) {
-		u := testutil.Fake(s.T(), faker, database.User{})
-		arg := database.UpsertUserChatProviderKeyParams{UserID: u.ID, ChatProviderID: uuid.New(), APIKey: "upserted-api-key"}
-		key := testutil.Fake(s.T(), faker, database.UserChatProviderKey{UserID: u.ID, ChatProviderID: arg.ChatProviderID, APIKey: arg.APIKey})
-		dbm.EXPECT().GetUserByID(gomock.Any(), u.ID).Return(u, nil).AnyTimes()
-		dbm.EXPECT().UpsertUserChatProviderKey(gomock.Any(), arg).Return(key, nil).AnyTimes()
-		check.Args(arg).Asserts(u, policy.ActionUpdatePersonal).Returns(key)
-	}))
 	s.Run("UpdateUserChatCustomPrompt", s.Mocked(func(dbm *dbmock.MockStore, faker *gofakeit.Faker, check *expects) {
 		u := testutil.Fake(s.T(), faker, database.User{})
 		uc := database.UserConfig{UserID: u.ID, Key: "chat_custom_prompt", Value: "my custom prompt"}
@@ -3807,11 +3720,13 @@ func (s *MethodTestSuite) TestTailnetFunctions() {
 		check.Args(uuid.New()).
 			Asserts(rbac.ResourceTailnetCoordinator, policy.ActionRead)
 	}))
-	s.Run("GetTailnetTunnelPeerBindingsBatch", s.Subtest(func(_ database.Store, check *expects) {
-		check.Args([]uuid.UUID{uuid.New()}).Asserts(rbac.ResourceTailnetCoordinator, policy.ActionRead)
+	s.Run("GetTailnetTunnelPeerBindings", s.Subtest(func(_ database.Store, check *expects) {
+		check.Args(uuid.New()).
+			Asserts(rbac.ResourceTailnetCoordinator, policy.ActionRead)
 	}))
-	s.Run("GetTailnetTunnelPeerIDsBatch", s.Subtest(func(_ database.Store, check *expects) {
-		check.Args([]uuid.UUID{uuid.New()}).Asserts(rbac.ResourceTailnetCoordinator, policy.ActionRead)
+	s.Run("GetTailnetTunnelPeerIDs", s.Subtest(func(_ database.Store, check *expects) {
+		check.Args(uuid.New()).
+			Asserts(rbac.ResourceTailnetCoordinator, policy.ActionRead)
 	}))
 	s.Run("GetAllTailnetCoordinators", s.Subtest(func(_ database.Store, check *expects) {
 		check.Args().
@@ -4030,20 +3945,6 @@ func (s *MethodTestSuite) TestSystemFunctions() {
 		dbm.EXPECT().GetWorkspaceAgentsCreatedAfter(gomock.Any(), ts).Return([]database.WorkspaceAgent{}, nil).AnyTimes()
 		check.Args(ts).Asserts(rbac.ResourceSystem, policy.ActionRead)
 	}))
-	s.Run("GetChatsUpdatedAfter", s.Mocked(func(dbm *dbmock.MockStore, _ *gofakeit.Faker, check *expects) {
-		ts := dbtime.Now()
-		dbm.EXPECT().GetChatsUpdatedAfter(gomock.Any(), ts).Return([]database.GetChatsUpdatedAfterRow{}, nil).AnyTimes()
-		check.Args(ts).Asserts(rbac.ResourceSystem, policy.ActionRead)
-	}))
-	s.Run("GetChatMessageSummariesPerChat", s.Mocked(func(dbm *dbmock.MockStore, _ *gofakeit.Faker, check *expects) {
-		ts := dbtime.Now()
-		dbm.EXPECT().GetChatMessageSummariesPerChat(gomock.Any(), ts).Return([]database.GetChatMessageSummariesPerChatRow{}, nil).AnyTimes()
-		check.Args(ts).Asserts(rbac.ResourceSystem, policy.ActionRead)
-	}))
-	s.Run("GetChatModelConfigsForTelemetry", s.Mocked(func(dbm *dbmock.MockStore, _ *gofakeit.Faker, check *expects) {
-		dbm.EXPECT().GetChatModelConfigsForTelemetry(gomock.Any()).Return([]database.GetChatModelConfigsForTelemetryRow{}, nil).AnyTimes()
-		check.Args().Asserts(rbac.ResourceSystem, policy.ActionRead)
-	}))
 	s.Run("GetWorkspaceAppsCreatedAfter", s.Mocked(func(dbm *dbmock.MockStore, _ *gofakeit.Faker, check *expects) {
 		ts := dbtime.Now()
 		dbm.EXPECT().GetWorkspaceAppsCreatedAfter(gomock.Any(), ts).Return([]database.WorkspaceApp{}, nil).AnyTimes()
@@ -5394,20 +5295,19 @@ func (s *MethodTestSuite) TestUserSecrets() {
 			Asserts(rbac.ResourceUserSecret.WithOwner(user.ID.String()), policy.ActionRead).
 			Returns(secret)
 	}))
+	s.Run("GetUserSecret", s.Mocked(func(dbm *dbmock.MockStore, faker *gofakeit.Faker, check *expects) {
+		secret := testutil.Fake(s.T(), faker, database.UserSecret{})
+		dbm.EXPECT().GetUserSecret(gomock.Any(), secret.ID).Return(secret, nil).AnyTimes()
+		check.Args(secret.ID).
+			Asserts(secret, policy.ActionRead).
+			Returns(secret)
+	}))
 	s.Run("ListUserSecrets", s.Mocked(func(dbm *dbmock.MockStore, faker *gofakeit.Faker, check *expects) {
 		user := testutil.Fake(s.T(), faker, database.User{})
-		row := testutil.Fake(s.T(), faker, database.ListUserSecretsRow{UserID: user.ID})
-		dbm.EXPECT().ListUserSecrets(gomock.Any(), user.ID).Return([]database.ListUserSecretsRow{row}, nil).AnyTimes()
+		secret := testutil.Fake(s.T(), faker, database.UserSecret{UserID: user.ID})
+		dbm.EXPECT().ListUserSecrets(gomock.Any(), user.ID).Return([]database.UserSecret{secret}, nil).AnyTimes()
 		check.Args(user.ID).
 			Asserts(rbac.ResourceUserSecret.WithOwner(user.ID.String()), policy.ActionRead).
-			Returns([]database.ListUserSecretsRow{row})
-	}))
-	s.Run("ListUserSecretsWithValues", s.Mocked(func(dbm *dbmock.MockStore, faker *gofakeit.Faker, check *expects) {
-		user := testutil.Fake(s.T(), faker, database.User{})
-		secret := testutil.Fake(s.T(), faker, database.UserSecret{UserID: user.ID})
-		dbm.EXPECT().ListUserSecretsWithValues(gomock.Any(), user.ID).Return([]database.UserSecret{secret}, nil).AnyTimes()
-		check.Args(user.ID).
-			Asserts(rbac.ResourceSystem, policy.ActionRead).
 			Returns([]database.UserSecret{secret})
 	}))
 	s.Run("CreateUserSecret", s.Mocked(func(dbm *dbmock.MockStore, faker *gofakeit.Faker, check *expects) {
@@ -5419,22 +5319,23 @@ func (s *MethodTestSuite) TestUserSecrets() {
 			Asserts(rbac.ResourceUserSecret.WithOwner(user.ID.String()), policy.ActionCreate).
 			Returns(ret)
 	}))
-	s.Run("UpdateUserSecretByUserIDAndName", s.Mocked(func(dbm *dbmock.MockStore, faker *gofakeit.Faker, check *expects) {
-		user := testutil.Fake(s.T(), faker, database.User{})
-		updated := testutil.Fake(s.T(), faker, database.UserSecret{UserID: user.ID})
-		arg := database.UpdateUserSecretByUserIDAndNameParams{UserID: user.ID, Name: "test"}
-		dbm.EXPECT().UpdateUserSecretByUserIDAndName(gomock.Any(), arg).Return(updated, nil).AnyTimes()
+	s.Run("UpdateUserSecret", s.Mocked(func(dbm *dbmock.MockStore, faker *gofakeit.Faker, check *expects) {
+		secret := testutil.Fake(s.T(), faker, database.UserSecret{})
+		updated := testutil.Fake(s.T(), faker, database.UserSecret{ID: secret.ID})
+		arg := database.UpdateUserSecretParams{ID: secret.ID}
+		dbm.EXPECT().GetUserSecret(gomock.Any(), secret.ID).Return(secret, nil).AnyTimes()
+		dbm.EXPECT().UpdateUserSecret(gomock.Any(), arg).Return(updated, nil).AnyTimes()
 		check.Args(arg).
-			Asserts(rbac.ResourceUserSecret.WithOwner(user.ID.String()), policy.ActionUpdate).
+			Asserts(secret, policy.ActionUpdate).
 			Returns(updated)
 	}))
-	s.Run("DeleteUserSecretByUserIDAndName", s.Mocked(func(dbm *dbmock.MockStore, faker *gofakeit.Faker, check *expects) {
-		user := testutil.Fake(s.T(), faker, database.User{})
-		arg := database.DeleteUserSecretByUserIDAndNameParams{UserID: user.ID, Name: "test"}
-		dbm.EXPECT().DeleteUserSecretByUserIDAndName(gomock.Any(), arg).Return(int64(1), nil).AnyTimes()
-		check.Args(arg).
-			Asserts(rbac.ResourceUserSecret.WithOwner(user.ID.String()), policy.ActionDelete).
-			Returns(int64(1))
+	s.Run("DeleteUserSecret", s.Mocked(func(dbm *dbmock.MockStore, faker *gofakeit.Faker, check *expects) {
+		secret := testutil.Fake(s.T(), faker, database.UserSecret{})
+		dbm.EXPECT().GetUserSecret(gomock.Any(), secret.ID).Return(secret, nil).AnyTimes()
+		dbm.EXPECT().DeleteUserSecret(gomock.Any(), secret.ID).Return(nil).AnyTimes()
+		check.Args(secret.ID).
+			Asserts(secret, policy.ActionRead, secret, policy.ActionDelete).
+			Returns()
 	}))
 }
 

coderd/database/dbgen/dbgen.go

@@ -76,7 +76,7 @@ func AuditLog(t testing.TB, db database.Store, seed database.AuditLog) database.
 }
 
 func ConnectionLog(t testing.TB, db database.Store, seed database.UpsertConnectionLogParams) database.ConnectionLog {
-	arg := database.UpsertConnectionLogParams{
+	log, err := db.UpsertConnectionLog(genCtx, database.UpsertConnectionLogParams{
 		ID:               takeFirst(seed.ID, uuid.New()),
 		Time:             takeFirst(seed.Time, dbtime.Now()),
 		OrganizationID:   takeFirst(seed.OrganizationID, uuid.New()),
@@ -89,7 +89,7 @@ func ConnectionLog(t testing.TB, db database.Store, seed database.UpsertConnecti
 			Int32: takeFirst(seed.Code.Int32, 0),
 			Valid: takeFirst(seed.Code.Valid, false),
 		},
-		IP: pqtype.Inet{
+		Ip: pqtype.Inet{
 			IPNet: net.IPNet{
 				IP:   net.IPv4(127, 0, 0, 1),
 				Mask: net.IPv4Mask(255, 255, 255, 255),
@@ -117,53 +117,9 @@ func ConnectionLog(t testing.TB, db database.Store, seed database.UpsertConnecti
 			Valid:  takeFirst(seed.DisconnectReason.Valid, false),
 		},
 		ConnectionStatus: takeFirst(seed.ConnectionStatus, database.ConnectionStatusConnected),
-	}
-
-	var disconnectTime sql.NullTime
-	if arg.ConnectionStatus == database.ConnectionStatusDisconnected {
-		disconnectTime = sql.NullTime{Time: arg.Time, Valid: true}
-	}
-
-	err := db.BatchUpsertConnectionLogs(genCtx, database.BatchUpsertConnectionLogsParams{
-		ID:               []uuid.UUID{arg.ID},
-		ConnectTime:      []time.Time{arg.Time},
-		OrganizationID:   []uuid.UUID{arg.OrganizationID},
-		WorkspaceOwnerID: []uuid.UUID{arg.WorkspaceOwnerID},
-		WorkspaceID:      []uuid.UUID{arg.WorkspaceID},
-		WorkspaceName:    []string{arg.WorkspaceName},
-		AgentName:        []string{arg.AgentName},
-		Type:             []database.ConnectionType{arg.Type},
-		Code:             []int32{arg.Code.Int32},
-		CodeValid:        []bool{arg.Code.Valid},
-		Ip:               []pqtype.Inet{arg.IP},
-		UserAgent:        []string{arg.UserAgent.String},
-		UserID:           []uuid.UUID{arg.UserID.UUID},
-		SlugOrPort:       []string{arg.SlugOrPort.String},
-		ConnectionID:     []uuid.UUID{arg.ConnectionID.UUID},
-		DisconnectReason: []string{arg.DisconnectReason.String},
-		DisconnectTime:   []time.Time{disconnectTime.Time},
 	})
 	require.NoError(t, err, "insert connection log")
-
-	// Query back the actual row from the database. On upsert
-	// conflict the DB keeps the original row's ID, so we can't
-	// rely on arg.ID. Match on the conflict key for rows with a
-	// connection_id, or by primary key for NULL connection_id.
-	rows, err := db.GetConnectionLogsOffset(genCtx, database.GetConnectionLogsOffsetParams{})
-	require.NoError(t, err, "query connection logs")
-	for _, row := range rows {
-		if arg.ConnectionID.Valid {
-			if row.ConnectionLog.ConnectionID == arg.ConnectionID &&
-				row.ConnectionLog.WorkspaceID == arg.WorkspaceID &&
-				row.ConnectionLog.AgentName == arg.AgentName {
-				return row.ConnectionLog
-			}
-		} else if row.ConnectionLog.ID == arg.ID {
-			return row.ConnectionLog
-		}
-	}
-	require.Failf(t, "connection log not found", "id=%s", arg.ID)
-	return database.ConnectionLog{} // unreachable
+	return log
 }
 
 func Template(t testing.TB, db database.Store, seed database.Template) database.Template {
@@ -1597,7 +1553,6 @@ func UserSecret(t testing.TB, db database.Store, seed database.UserSecret) datab
 		Name:        takeFirst(seed.Name, "secret-name"),
 		Description: takeFirst(seed.Description, "secret description"),
 		Value:       takeFirst(seed.Value, "secret value"),
-		ValueKeyID:  seed.ValueKeyID,
 		EnvName:     takeFirst(seed.EnvName, "SECRET_ENV_NAME"),
 		FilePath:    takeFirst(seed.FilePath, "~/secret/file/path"),
 	})
@@ -1644,8 +1599,6 @@ func AIBridgeInterception(t testing.TB, db database.Store, seed database.InsertA
 		ThreadParentInterceptionID: seed.ThreadParentInterceptionID,
 		ThreadRootInterceptionID:   seed.ThreadRootInterceptionID,
 		ClientSessionID:            seed.ClientSessionID,
-		CredentialKind:             takeFirst(seed.CredentialKind, database.CredentialKindCentralized),
-		CredentialHint:             takeFirst(seed.CredentialHint, ""),
 	})
 	if endedAt != nil {
 		interception, err = db.UpdateAIBridgeInterceptionEnded(genCtx, database.UpdateAIBridgeInterceptionEndedParams{
@@ -1660,15 +1613,13 @@ func AIBridgeInterception(t testing.TB, db database.Store, seed database.InsertA
 
 func AIBridgeTokenUsage(t testing.TB, db database.Store, seed database.InsertAIBridgeTokenUsageParams) database.AIBridgeTokenUsage {
 	usage, err := db.InsertAIBridgeTokenUsage(genCtx, database.InsertAIBridgeTokenUsageParams{
-		ID:                    takeFirst(seed.ID, uuid.New()),
-		InterceptionID:        takeFirst(seed.InterceptionID, uuid.New()),
-		ProviderResponseID:    takeFirst(seed.ProviderResponseID, "provider_response_id"),
-		InputTokens:           takeFirst(seed.InputTokens, 100),
-		OutputTokens:          takeFirst(seed.OutputTokens, 100),
-		CacheReadInputTokens:  seed.CacheReadInputTokens,
-		CacheWriteInputTokens: seed.CacheWriteInputTokens,
-		Metadata:              takeFirstSlice(seed.Metadata, json.RawMessage("{}")),
-		CreatedAt:             takeFirst(seed.CreatedAt, dbtime.Now()),
+		ID:                 takeFirst(seed.ID, uuid.New()),
+		InterceptionID:     takeFirst(seed.InterceptionID, uuid.New()),
+		ProviderResponseID: takeFirst(seed.ProviderResponseID, "provider_response_id"),
+		InputTokens:        takeFirst(seed.InputTokens, 100),
+		OutputTokens:       takeFirst(seed.OutputTokens, 100),
+		Metadata:           takeFirstSlice(seed.Metadata, json.RawMessage("{}")),
+		CreatedAt:          takeFirst(seed.CreatedAt, dbtime.Now()),
 	})
 	require.NoError(t, err, "insert aibridge token usage")
 	return usage

coderd/database/dbmetrics/querymetrics.go

@@ -208,14 +208,6 @@ func (m queryMetricsStore) BatchUpdateWorkspaceNextStartAt(ctx context.Context,
 	return r0
 }
 
-func (m queryMetricsStore) BatchUpsertConnectionLogs(ctx context.Context, arg database.BatchUpsertConnectionLogsParams) error {
-	start := time.Now()
-	r0 := m.s.BatchUpsertConnectionLogs(ctx, arg)
-	m.queryLatencies.WithLabelValues("BatchUpsertConnectionLogs").Observe(time.Since(start).Seconds())
-	m.queryCounts.WithLabelValues(httpmw.ExtractHTTPRoute(ctx), httpmw.ExtractHTTPMethod(ctx), "BatchUpsertConnectionLogs").Inc()
-	return r0
-}
-
 func (m queryMetricsStore) BulkMarkNotificationMessagesFailed(ctx context.Context, arg database.BulkMarkNotificationMessagesFailedParams) (int64, error) {
 	start := time.Now()
 	r0, r1 := m.s.BulkMarkNotificationMessagesFailed(ctx, arg)
@@ -280,14 +272,6 @@ func (m queryMetricsStore) CleanupDeletedMCPServerIDsFromChats(ctx context.Conte
 	return r0
 }
 
-func (m queryMetricsStore) ClearChatMessageProviderResponseIDsByChatID(ctx context.Context, chatID uuid.UUID) error {
-	start := time.Now()
-	r0 := m.s.ClearChatMessageProviderResponseIDsByChatID(ctx, chatID)
-	m.queryLatencies.WithLabelValues("ClearChatMessageProviderResponseIDsByChatID").Observe(time.Since(start).Seconds())
-	m.queryCounts.WithLabelValues(httpmw.ExtractHTTPRoute(ctx), httpmw.ExtractHTTPMethod(ctx), "ClearChatMessageProviderResponseIDsByChatID").Inc()
-	return r0
-}
-
 func (m queryMetricsStore) CountAIBridgeInterceptions(ctx context.Context, arg database.CountAIBridgeInterceptionsParams) (int64, error) {
 	start := time.Now()
 	r0, r1 := m.s.CountAIBridgeInterceptions(ctx, arg)
@@ -600,22 +584,6 @@ func (m queryMetricsStore) DeleteOldAuditLogs(ctx context.Context, arg database.
 	return r0, r1
 }
 
-func (m queryMetricsStore) DeleteOldChatFiles(ctx context.Context, arg database.DeleteOldChatFilesParams) ([]database.DeleteOldChatFilesRow, error) {
-	start := time.Now()
-	r0, r1 := m.s.DeleteOldChatFiles(ctx, arg)
-	m.queryLatencies.WithLabelValues("DeleteOldChatFiles").Observe(time.Since(start).Seconds())
-	m.queryCounts.WithLabelValues(httpmw.ExtractHTTPRoute(ctx), httpmw.ExtractHTTPMethod(ctx), "DeleteOldChatFiles").Inc()
-	return r0, r1
-}
-
-func (m queryMetricsStore) DeleteOldChats(ctx context.Context, arg database.DeleteOldChatsParams) (int64, error) {
-	start := time.Now()
-	r0, r1 := m.s.DeleteOldChats(ctx, arg)
-	m.queryLatencies.WithLabelValues("DeleteOldChats").Observe(time.Since(start).Seconds())
-	m.queryCounts.WithLabelValues(httpmw.ExtractHTTPRoute(ctx), httpmw.ExtractHTTPMethod(ctx), "DeleteOldChats").Inc()
-	return r0, r1
-}
-
 func (m queryMetricsStore) DeleteOldConnectionLogs(ctx context.Context, arg database.DeleteOldConnectionLogsParams) (int64, error) {
 	start := time.Now()
 	r0, r1 := m.s.DeleteOldConnectionLogs(ctx, arg)
@@ -728,22 +696,14 @@ func (m queryMetricsStore) DeleteUserChatCompactionThreshold(ctx context.Context
 	return r0
 }
 
-func (m queryMetricsStore) DeleteUserChatProviderKey(ctx context.Context, arg database.DeleteUserChatProviderKeyParams) error {
+func (m queryMetricsStore) DeleteUserSecret(ctx context.Context, id uuid.UUID) error {
 	start := time.Now()
-	r0 := m.s.DeleteUserChatProviderKey(ctx, arg)
-	m.queryLatencies.WithLabelValues("DeleteUserChatProviderKey").Observe(time.Since(start).Seconds())
-	m.queryCounts.WithLabelValues(httpmw.ExtractHTTPRoute(ctx), httpmw.ExtractHTTPMethod(ctx), "DeleteUserChatProviderKey").Inc()
+	r0 := m.s.DeleteUserSecret(ctx, id)
+	m.queryLatencies.WithLabelValues("DeleteUserSecret").Observe(time.Since(start).Seconds())
+	m.queryCounts.WithLabelValues(httpmw.ExtractHTTPRoute(ctx), httpmw.ExtractHTTPMethod(ctx), "DeleteUserSecret").Inc()
 	return r0
 }
 
-func (m queryMetricsStore) DeleteUserSecretByUserIDAndName(ctx context.Context, arg database.DeleteUserSecretByUserIDAndNameParams) (int64, error) {
-	start := time.Now()
-	r0, r1 := m.s.DeleteUserSecretByUserIDAndName(ctx, arg)
-	m.queryLatencies.WithLabelValues("DeleteUserSecretByUserIDAndName").Observe(time.Since(start).Seconds())
-	m.queryCounts.WithLabelValues(httpmw.ExtractHTTPRoute(ctx), httpmw.ExtractHTTPMethod(ctx), "DeleteUserSecretByUserIDAndName").Inc()
-	return r0, r1
-}
-
 func (m queryMetricsStore) DeleteWebpushSubscriptionByUserIDAndEndpoint(ctx context.Context, arg database.DeleteWebpushSubscriptionByUserIDAndEndpointParams) error {
 	start := time.Now()
 	r0 := m.s.DeleteWebpushSubscriptionByUserIDAndEndpoint(ctx, arg)
@@ -976,14 +936,6 @@ func (m queryMetricsStore) GetActiveAISeatCount(ctx context.Context) (int64, err
 	return r0, r1
 }
 
-func (m queryMetricsStore) GetActiveChatsByAgentID(ctx context.Context, agentID uuid.UUID) ([]database.Chat, error) {
-	start := time.Now()
-	r0, r1 := m.s.GetActiveChatsByAgentID(ctx, agentID)
-	m.queryLatencies.WithLabelValues("GetActiveChatsByAgentID").Observe(time.Since(start).Seconds())
-	m.queryCounts.WithLabelValues(httpmw.ExtractHTTPRoute(ctx), httpmw.ExtractHTTPMethod(ctx), "GetActiveChatsByAgentID").Inc()
-	return r0, r1
-}
-
 func (m queryMetricsStore) GetActivePresetPrebuildSchedules(ctx context.Context) ([]database.TemplateVersionPresetPrebuildSchedule, error) {
 	start := time.Now()
 	r0, r1 := m.s.GetActivePresetPrebuildSchedules(ctx)
@@ -1160,14 +1112,6 @@ func (m queryMetricsStore) GetChatFileByID(ctx context.Context, id uuid.UUID) (d
 	return r0, r1
 }
 
-func (m queryMetricsStore) GetChatFileMetadataByChatID(ctx context.Context, chatID uuid.UUID) ([]database.GetChatFileMetadataByChatIDRow, error) {
-	start := time.Now()
-	r0, r1 := m.s.GetChatFileMetadataByChatID(ctx, chatID)
-	m.queryLatencies.WithLabelValues("GetChatFileMetadataByChatID").Observe(time.Since(start).Seconds())
-	m.queryCounts.WithLabelValues(httpmw.ExtractHTTPRoute(ctx), httpmw.ExtractHTTPMethod(ctx), "GetChatFileMetadataByChatID").Inc()
-	return r0, r1
-}
-
 func (m queryMetricsStore) GetChatFilesByIDs(ctx context.Context, ids []uuid.UUID) ([]database.ChatFile, error) {
 	start := time.Now()
 	r0, r1 := m.s.GetChatFilesByIDs(ctx, ids)
@@ -1192,14 +1136,6 @@ func (m queryMetricsStore) GetChatMessageByID(ctx context.Context, id int64) (da
 	return r0, r1
 }
 
-func (m queryMetricsStore) GetChatMessageSummariesPerChat(ctx context.Context, createdAfter time.Time) ([]database.GetChatMessageSummariesPerChatRow, error) {
-	start := time.Now()
-	r0, r1 := m.s.GetChatMessageSummariesPerChat(ctx, createdAfter)
-	m.queryLatencies.WithLabelValues("GetChatMessageSummariesPerChat").Observe(time.Since(start).Seconds())
-	m.queryCounts.WithLabelValues(httpmw.ExtractHTTPRoute(ctx), httpmw.ExtractHTTPMethod(ctx), "GetChatMessageSummariesPerChat").Inc()
-	return r0, r1
-}
-
 func (m queryMetricsStore) GetChatMessagesByChatID(ctx context.Context, chatID database.GetChatMessagesByChatIDParams) ([]database.ChatMessage, error) {
 	start := time.Now()
 	r0, r1 := m.s.GetChatMessagesByChatID(ctx, chatID)
@@ -1248,14 +1184,6 @@ func (m queryMetricsStore) GetChatModelConfigs(ctx context.Context) ([]database.
 	return r0, r1
 }
 
-func (m queryMetricsStore) GetChatModelConfigsForTelemetry(ctx context.Context) ([]database.GetChatModelConfigsForTelemetryRow, error) {
-	start := time.Now()
-	r0, r1 := m.s.GetChatModelConfigsForTelemetry(ctx)
-	m.queryLatencies.WithLabelValues("GetChatModelConfigsForTelemetry").Observe(time.Since(start).Seconds())
-	m.queryCounts.WithLabelValues(httpmw.ExtractHTTPRoute(ctx), httpmw.ExtractHTTPMethod(ctx), "GetChatModelConfigsForTelemetry").Inc()
-	return r0, r1
-}
-
 func (m queryMetricsStore) GetChatProviderByID(ctx context.Context, id uuid.UUID) (database.ChatProvider, error) {
 	start := time.Now()
 	r0, r1 := m.s.GetChatProviderByID(ctx, id)
@@ -1288,14 +1216,6 @@ func (m queryMetricsStore) GetChatQueuedMessages(ctx context.Context, chatID uui
 	return r0, r1
 }
 
-func (m queryMetricsStore) GetChatRetentionDays(ctx context.Context) (int32, error) {
-	start := time.Now()
-	r0, r1 := m.s.GetChatRetentionDays(ctx)
-	m.queryLatencies.WithLabelValues("GetChatRetentionDays").Observe(time.Since(start).Seconds())
-	m.queryCounts.WithLabelValues(httpmw.ExtractHTTPRoute(ctx), httpmw.ExtractHTTPMethod(ctx), "GetChatRetentionDays").Inc()
-	return r0, r1
-}
-
 func (m queryMetricsStore) GetChatSystemPrompt(ctx context.Context) (string, error) {
 	start := time.Now()
 	r0, r1 := m.s.GetChatSystemPrompt(ctx)
@@ -1368,14 +1288,6 @@ func (m queryMetricsStore) GetChatsByWorkspaceIDs(ctx context.Context, ids []uui
 	return r0, r1
 }
 
-func (m queryMetricsStore) GetChatsUpdatedAfter(ctx context.Context, updatedAfter time.Time) ([]database.GetChatsUpdatedAfterRow, error) {
-	start := time.Now()
-	r0, r1 := m.s.GetChatsUpdatedAfter(ctx, updatedAfter)
-	m.queryLatencies.WithLabelValues("GetChatsUpdatedAfter").Observe(time.Since(start).Seconds())
-	m.queryCounts.WithLabelValues(httpmw.ExtractHTTPRoute(ctx), httpmw.ExtractHTTPMethod(ctx), "GetChatsUpdatedAfter").Inc()
-	return r0, r1
-}
-
 func (m queryMetricsStore) GetConnectionLogsOffset(ctx context.Context, arg database.GetConnectionLogsOffsetParams) ([]database.GetConnectionLogsOffsetRow, error) {
 	start := time.Now()
 	r0, r1 := m.s.GetConnectionLogsOffset(ctx, arg)
@@ -2296,19 +2208,19 @@ func (m queryMetricsStore) GetTailnetPeers(ctx context.Context, id uuid.UUID) ([
 	return r0, r1
 }
 
-func (m queryMetricsStore) GetTailnetTunnelPeerBindingsBatch(ctx context.Context, ids []uuid.UUID) ([]database.GetTailnetTunnelPeerBindingsBatchRow, error) {
+func (m queryMetricsStore) GetTailnetTunnelPeerBindings(ctx context.Context, srcID uuid.UUID) ([]database.GetTailnetTunnelPeerBindingsRow, error) {
 	start := time.Now()
-	r0, r1 := m.s.GetTailnetTunnelPeerBindingsBatch(ctx, ids)
-	m.queryLatencies.WithLabelValues("GetTailnetTunnelPeerBindingsBatch").Observe(time.Since(start).Seconds())
-	m.queryCounts.WithLabelValues(httpmw.ExtractHTTPRoute(ctx), httpmw.ExtractHTTPMethod(ctx), "GetTailnetTunnelPeerBindingsBatch").Inc()
+	r0, r1 := m.s.GetTailnetTunnelPeerBindings(ctx, srcID)
+	m.queryLatencies.WithLabelValues("GetTailnetTunnelPeerBindings").Observe(time.Since(start).Seconds())
+	m.queryCounts.WithLabelValues(httpmw.ExtractHTTPRoute(ctx), httpmw.ExtractHTTPMethod(ctx), "GetTailnetTunnelPeerBindings").Inc()
 	return r0, r1
 }
 
-func (m queryMetricsStore) GetTailnetTunnelPeerIDsBatch(ctx context.Context, ids []uuid.UUID) ([]database.GetTailnetTunnelPeerIDsBatchRow, error) {
+func (m queryMetricsStore) GetTailnetTunnelPeerIDs(ctx context.Context, srcID uuid.UUID) ([]database.GetTailnetTunnelPeerIDsRow, error) {
 	start := time.Now()
-	r0, r1 := m.s.GetTailnetTunnelPeerIDsBatch(ctx, ids)
-	m.queryLatencies.WithLabelValues("GetTailnetTunnelPeerIDsBatch").Observe(time.Since(start).Seconds())
-	m.queryCounts.WithLabelValues(httpmw.ExtractHTTPRoute(ctx), httpmw.ExtractHTTPMethod(ctx), "GetTailnetTunnelPeerIDsBatch").Inc()
+	r0, r1 := m.s.GetTailnetTunnelPeerIDs(ctx, srcID)
+	m.queryLatencies.WithLabelValues("GetTailnetTunnelPeerIDs").Observe(time.Since(start).Seconds())
+	m.queryCounts.WithLabelValues(httpmw.ExtractHTTPRoute(ctx), httpmw.ExtractHTTPMethod(ctx), "GetTailnetTunnelPeerIDs").Inc()
 	return r0, r1
 }
 
@@ -2616,14 +2528,6 @@ func (m queryMetricsStore) GetUserChatCustomPrompt(ctx context.Context, userID u
 	return r0, r1
 }
 
-func (m queryMetricsStore) GetUserChatProviderKeys(ctx context.Context, userID uuid.UUID) ([]database.UserChatProviderKey, error) {
-	start := time.Now()
-	r0, r1 := m.s.GetUserChatProviderKeys(ctx, userID)
-	m.queryLatencies.WithLabelValues("GetUserChatProviderKeys").Observe(time.Since(start).Seconds())
-	m.queryCounts.WithLabelValues(httpmw.ExtractHTTPRoute(ctx), httpmw.ExtractHTTPMethod(ctx), "GetUserChatProviderKeys").Inc()
-	return r0, r1
-}
-
 func (m queryMetricsStore) GetUserChatSpendInPeriod(ctx context.Context, arg database.GetUserChatSpendInPeriodParams) (int64, error) {
 	start := time.Now()
 	r0, r1 := m.s.GetUserChatSpendInPeriod(ctx, arg)
@@ -2688,6 +2592,14 @@ func (m queryMetricsStore) GetUserNotificationPreferences(ctx context.Context, u
 	return r0, r1
 }
 
+func (m queryMetricsStore) GetUserSecret(ctx context.Context, id uuid.UUID) (database.UserSecret, error) {
+	start := time.Now()
+	r0, r1 := m.s.GetUserSecret(ctx, id)
+	m.queryLatencies.WithLabelValues("GetUserSecret").Observe(time.Since(start).Seconds())
+	m.queryCounts.WithLabelValues(httpmw.ExtractHTTPRoute(ctx), httpmw.ExtractHTTPMethod(ctx), "GetUserSecret").Inc()
+	return r0, r1
+}
+
 func (m queryMetricsStore) GetUserSecretByUserIDAndName(ctx context.Context, arg database.GetUserSecretByUserIDAndNameParams) (database.UserSecret, error) {
 	start := time.Now()
 	r0, r1 := m.s.GetUserSecretByUserIDAndName(ctx, arg)
@@ -3840,14 +3752,6 @@ func (m queryMetricsStore) InsertWorkspaceResourceMetadata(ctx context.Context,
 	return r0, r1
 }
 
-func (m queryMetricsStore) LinkChatFiles(ctx context.Context, arg database.LinkChatFilesParams) (int32, error) {
-	start := time.Now()
-	r0, r1 := m.s.LinkChatFiles(ctx, arg)
-	m.queryLatencies.WithLabelValues("LinkChatFiles").Observe(time.Since(start).Seconds())
-	m.queryCounts.WithLabelValues(httpmw.ExtractHTTPRoute(ctx), httpmw.ExtractHTTPMethod(ctx), "LinkChatFiles").Inc()
-	return r0, r1
-}
-
 func (m queryMetricsStore) ListAIBridgeClients(ctx context.Context, arg database.ListAIBridgeClientsParams) ([]string, error) {
 	start := time.Now()
 	r0, r1 := m.s.ListAIBridgeClients(ctx, arg)
@@ -3976,7 +3880,7 @@ func (m queryMetricsStore) ListUserChatCompactionThresholds(ctx context.Context,
 	return r0, r1
 }
 
-func (m queryMetricsStore) ListUserSecrets(ctx context.Context, userID uuid.UUID) ([]database.ListUserSecretsRow, error) {
+func (m queryMetricsStore) ListUserSecrets(ctx context.Context, userID uuid.UUID) ([]database.UserSecret, error) {
 	start := time.Now()
 	r0, r1 := m.s.ListUserSecrets(ctx, userID)
 	m.queryLatencies.WithLabelValues("ListUserSecrets").Observe(time.Since(start).Seconds())
@@ -3984,14 +3888,6 @@ func (m queryMetricsStore) ListUserSecrets(ctx context.Context, userID uuid.UUID
 	return r0, r1
 }
 
-func (m queryMetricsStore) ListUserSecretsWithValues(ctx context.Context, userID uuid.UUID) ([]database.UserSecret, error) {
-	start := time.Now()
-	r0, r1 := m.s.ListUserSecretsWithValues(ctx, userID)
-	m.queryLatencies.WithLabelValues("ListUserSecretsWithValues").Observe(time.Since(start).Seconds())
-	m.queryCounts.WithLabelValues(httpmw.ExtractHTTPRoute(ctx), httpmw.ExtractHTTPMethod(ctx), "ListUserSecretsWithValues").Inc()
-	return r0, r1
-}
-
 func (m queryMetricsStore) ListWorkspaceAgentPortShares(ctx context.Context, workspaceID uuid.UUID) ([]database.WorkspaceAgentPortShare, error) {
 	start := time.Now()
 	r0, r1 := m.s.ListWorkspaceAgentPortShares(ctx, workspaceID)
@@ -4120,14 +4016,6 @@ func (m queryMetricsStore) SoftDeleteChatMessagesAfterID(ctx context.Context, ar
 	return r0
 }
 
-func (m queryMetricsStore) SoftDeleteContextFileMessages(ctx context.Context, chatID uuid.UUID) error {
-	start := time.Now()
-	r0 := m.s.SoftDeleteContextFileMessages(ctx, chatID)
-	m.queryLatencies.WithLabelValues("SoftDeleteContextFileMessages").Observe(time.Since(start).Seconds())
-	m.queryCounts.WithLabelValues(httpmw.ExtractHTTPRoute(ctx), httpmw.ExtractHTTPMethod(ctx), "SoftDeleteContextFileMessages").Inc()
-	return r0
-}
-
 func (m queryMetricsStore) TryAcquireLock(ctx context.Context, pgTryAdvisoryXactLock int64) (bool, error) {
 	start := time.Now()
 	r0, r1 := m.s.TryAcquireLock(ctx, pgTryAdvisoryXactLock)
@@ -4208,11 +4096,11 @@ func (m queryMetricsStore) UpdateChatByID(ctx context.Context, arg database.Upda
 	return r0, r1
 }
 
-func (m queryMetricsStore) UpdateChatHeartbeats(ctx context.Context, arg database.UpdateChatHeartbeatsParams) ([]uuid.UUID, error) {
+func (m queryMetricsStore) UpdateChatHeartbeat(ctx context.Context, arg database.UpdateChatHeartbeatParams) (int64, error) {
 	start := time.Now()
-	r0, r1 := m.s.UpdateChatHeartbeats(ctx, arg)
-	m.queryLatencies.WithLabelValues("UpdateChatHeartbeats").Observe(time.Since(start).Seconds())
-	m.queryCounts.WithLabelValues(httpmw.ExtractHTTPRoute(ctx), httpmw.ExtractHTTPMethod(ctx), "UpdateChatHeartbeats").Inc()
+	r0, r1 := m.s.UpdateChatHeartbeat(ctx, arg)
+	m.queryLatencies.WithLabelValues("UpdateChatHeartbeat").Observe(time.Since(start).Seconds())
+	m.queryCounts.WithLabelValues(httpmw.ExtractHTTPRoute(ctx), httpmw.ExtractHTTPMethod(ctx), "UpdateChatHeartbeat").Inc()
 	return r0, r1
 }
 
@@ -4672,14 +4560,6 @@ func (m queryMetricsStore) UpdateUserChatCustomPrompt(ctx context.Context, arg d
 	return r0, r1
 }
 
-func (m queryMetricsStore) UpdateUserChatProviderKey(ctx context.Context, arg database.UpdateUserChatProviderKeyParams) (database.UserChatProviderKey, error) {
-	start := time.Now()
-	r0, r1 := m.s.UpdateUserChatProviderKey(ctx, arg)
-	m.queryLatencies.WithLabelValues("UpdateUserChatProviderKey").Observe(time.Since(start).Seconds())
-	m.queryCounts.WithLabelValues(httpmw.ExtractHTTPRoute(ctx), httpmw.ExtractHTTPMethod(ctx), "UpdateUserChatProviderKey").Inc()
-	return r0, r1
-}
-
 func (m queryMetricsStore) UpdateUserDeletedByID(ctx context.Context, id uuid.UUID) error {
 	start := time.Now()
 	r0 := m.s.UpdateUserDeletedByID(ctx, id)
@@ -4768,11 +4648,11 @@ func (m queryMetricsStore) UpdateUserRoles(ctx context.Context, arg database.Upd
 	return r0, r1
 }
 
-func (m queryMetricsStore) UpdateUserSecretByUserIDAndName(ctx context.Context, arg database.UpdateUserSecretByUserIDAndNameParams) (database.UserSecret, error) {
+func (m queryMetricsStore) UpdateUserSecret(ctx context.Context, arg database.UpdateUserSecretParams) (database.UserSecret, error) {
 	start := time.Now()
-	r0, r1 := m.s.UpdateUserSecretByUserIDAndName(ctx, arg)
-	m.queryLatencies.WithLabelValues("UpdateUserSecretByUserIDAndName").Observe(time.Since(start).Seconds())
-	m.queryCounts.WithLabelValues(httpmw.ExtractHTTPRoute(ctx), httpmw.ExtractHTTPMethod(ctx), "UpdateUserSecretByUserIDAndName").Inc()
+	r0, r1 := m.s.UpdateUserSecret(ctx, arg)
+	m.queryLatencies.WithLabelValues("UpdateUserSecret").Observe(time.Since(start).Seconds())
+	m.queryCounts.WithLabelValues(httpmw.ExtractHTTPRoute(ctx), httpmw.ExtractHTTPMethod(ctx), "UpdateUserSecret").Inc()
 	return r0, r1
 }
 
@@ -5072,14 +4952,6 @@ func (m queryMetricsStore) UpsertChatIncludeDefaultSystemPrompt(ctx context.Cont
 	return r0
 }
 
-func (m queryMetricsStore) UpsertChatRetentionDays(ctx context.Context, retentionDays int32) error {
-	start := time.Now()
-	r0 := m.s.UpsertChatRetentionDays(ctx, retentionDays)
-	m.queryLatencies.WithLabelValues("UpsertChatRetentionDays").Observe(time.Since(start).Seconds())
-	m.queryCounts.WithLabelValues(httpmw.ExtractHTTPRoute(ctx), httpmw.ExtractHTTPMethod(ctx), "UpsertChatRetentionDays").Inc()
-	return r0
-}
-
 func (m queryMetricsStore) UpsertChatSystemPrompt(ctx context.Context, value string) error {
 	start := time.Now()
 	r0 := m.s.UpsertChatSystemPrompt(ctx, value)
@@ -5128,6 +5000,14 @@ func (m queryMetricsStore) UpsertChatWorkspaceTTL(ctx context.Context, workspace
 	return r0
 }
 
+func (m queryMetricsStore) UpsertConnectionLog(ctx context.Context, arg database.UpsertConnectionLogParams) (database.ConnectionLog, error) {
+	start := time.Now()
+	r0, r1 := m.s.UpsertConnectionLog(ctx, arg)
+	m.queryLatencies.WithLabelValues("UpsertConnectionLog").Observe(time.Since(start).Seconds())
+	m.queryCounts.WithLabelValues(httpmw.ExtractHTTPRoute(ctx), httpmw.ExtractHTTPMethod(ctx), "UpsertConnectionLog").Inc()
+	return r0, r1
+}
+
 func (m queryMetricsStore) UpsertDefaultProxy(ctx context.Context, arg database.UpsertDefaultProxyParams) error {
 	start := time.Now()
 	r0 := m.s.UpsertDefaultProxy(ctx, arg)
@@ -5272,14 +5152,6 @@ func (m queryMetricsStore) UpsertTemplateUsageStats(ctx context.Context) error {
 	return r0
 }
 
-func (m queryMetricsStore) UpsertUserChatProviderKey(ctx context.Context, arg database.UpsertUserChatProviderKeyParams) (database.UserChatProviderKey, error) {
-	start := time.Now()
-	r0, r1 := m.s.UpsertUserChatProviderKey(ctx, arg)
-	m.queryLatencies.WithLabelValues("UpsertUserChatProviderKey").Observe(time.Since(start).Seconds())
-	m.queryCounts.WithLabelValues(httpmw.ExtractHTTPRoute(ctx), httpmw.ExtractHTTPMethod(ctx), "UpsertUserChatProviderKey").Inc()
-	return r0, r1
-}
-
 func (m queryMetricsStore) UpsertWebpushVAPIDKeys(ctx context.Context, arg database.UpsertWebpushVAPIDKeysParams) error {
 	start := time.Now()
 	r0 := m.s.UpsertWebpushVAPIDKeys(ctx, arg)

coderd/database/dbmock/dbmock.go

@@ -233,20 +233,6 @@ func (mr *MockStoreMockRecorder) BatchUpdateWorkspaceNextStartAt(ctx, arg any) *
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "BatchUpdateWorkspaceNextStartAt", reflect.TypeOf((*MockStore)(nil).BatchUpdateWorkspaceNextStartAt), ctx, arg)
 }
 
-// BatchUpsertConnectionLogs mocks base method.
-func (m *MockStore) BatchUpsertConnectionLogs(ctx context.Context, arg database.BatchUpsertConnectionLogsParams) error {
-	m.ctrl.T.Helper()
-	ret := m.ctrl.Call(m, "BatchUpsertConnectionLogs", ctx, arg)
-	ret0, _ := ret[0].(error)
-	return ret0
-}
-
-// BatchUpsertConnectionLogs indicates an expected call of BatchUpsertConnectionLogs.
-func (mr *MockStoreMockRecorder) BatchUpsertConnectionLogs(ctx, arg any) *gomock.Call {
-	mr.mock.ctrl.T.Helper()
-	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "BatchUpsertConnectionLogs", reflect.TypeOf((*MockStore)(nil).BatchUpsertConnectionLogs), ctx, arg)
-}
-
 // BulkMarkNotificationMessagesFailed mocks base method.
 func (m *MockStore) BulkMarkNotificationMessagesFailed(ctx context.Context, arg database.BulkMarkNotificationMessagesFailedParams) (int64, error) {
 	m.ctrl.T.Helper()
@@ -363,20 +349,6 @@ func (mr *MockStoreMockRecorder) CleanupDeletedMCPServerIDsFromChats(ctx any) *g
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CleanupDeletedMCPServerIDsFromChats", reflect.TypeOf((*MockStore)(nil).CleanupDeletedMCPServerIDsFromChats), ctx)
 }
 
-// ClearChatMessageProviderResponseIDsByChatID mocks base method.
-func (m *MockStore) ClearChatMessageProviderResponseIDsByChatID(ctx context.Context, chatID uuid.UUID) error {
-	m.ctrl.T.Helper()
-	ret := m.ctrl.Call(m, "ClearChatMessageProviderResponseIDsByChatID", ctx, chatID)
-	ret0, _ := ret[0].(error)
-	return ret0
-}
-
-// ClearChatMessageProviderResponseIDsByChatID indicates an expected call of ClearChatMessageProviderResponseIDsByChatID.
-func (mr *MockStoreMockRecorder) ClearChatMessageProviderResponseIDsByChatID(ctx, chatID any) *gomock.Call {
-	mr.mock.ctrl.T.Helper()
-	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ClearChatMessageProviderResponseIDsByChatID", reflect.TypeOf((*MockStore)(nil).ClearChatMessageProviderResponseIDsByChatID), ctx, chatID)
-}
-
 // CountAIBridgeInterceptions mocks base method.
 func (m *MockStore) CountAIBridgeInterceptions(ctx context.Context, arg database.CountAIBridgeInterceptionsParams) (int64, error) {
 	m.ctrl.T.Helper()
@@ -998,36 +970,6 @@ func (mr *MockStoreMockRecorder) DeleteOldAuditLogs(ctx, arg any) *gomock.Call {
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteOldAuditLogs", reflect.TypeOf((*MockStore)(nil).DeleteOldAuditLogs), ctx, arg)
 }
 
-// DeleteOldChatFiles mocks base method.
-func (m *MockStore) DeleteOldChatFiles(ctx context.Context, arg database.DeleteOldChatFilesParams) ([]database.DeleteOldChatFilesRow, error) {
-	m.ctrl.T.Helper()
-	ret := m.ctrl.Call(m, "DeleteOldChatFiles", ctx, arg)
-	ret0, _ := ret[0].([]database.DeleteOldChatFilesRow)
-	ret1, _ := ret[1].(error)
-	return ret0, ret1
-}
-
-// DeleteOldChatFiles indicates an expected call of DeleteOldChatFiles.
-func (mr *MockStoreMockRecorder) DeleteOldChatFiles(ctx, arg any) *gomock.Call {
-	mr.mock.ctrl.T.Helper()
-	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteOldChatFiles", reflect.TypeOf((*MockStore)(nil).DeleteOldChatFiles), ctx, arg)
-}
-
-// DeleteOldChats mocks base method.
-func (m *MockStore) DeleteOldChats(ctx context.Context, arg database.DeleteOldChatsParams) (int64, error) {
-	m.ctrl.T.Helper()
-	ret := m.ctrl.Call(m, "DeleteOldChats", ctx, arg)
-	ret0, _ := ret[0].(int64)
-	ret1, _ := ret[1].(error)
-	return ret0, ret1
-}
-
-// DeleteOldChats indicates an expected call of DeleteOldChats.
-func (mr *MockStoreMockRecorder) DeleteOldChats(ctx, arg any) *gomock.Call {
-	mr.mock.ctrl.T.Helper()
-	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteOldChats", reflect.TypeOf((*MockStore)(nil).DeleteOldChats), ctx, arg)
-}
-
 // DeleteOldConnectionLogs mocks base method.
 func (m *MockStore) DeleteOldConnectionLogs(ctx context.Context, arg database.DeleteOldConnectionLogsParams) (int64, error) {
 	m.ctrl.T.Helper()
@@ -1229,33 +1171,18 @@ func (mr *MockStoreMockRecorder) DeleteUserChatCompactionThreshold(ctx, arg any)
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteUserChatCompactionThreshold", reflect.TypeOf((*MockStore)(nil).DeleteUserChatCompactionThreshold), ctx, arg)
 }
 
-// DeleteUserChatProviderKey mocks base method.
-func (m *MockStore) DeleteUserChatProviderKey(ctx context.Context, arg database.DeleteUserChatProviderKeyParams) error {
+// DeleteUserSecret mocks base method.
+func (m *MockStore) DeleteUserSecret(ctx context.Context, id uuid.UUID) error {
 	m.ctrl.T.Helper()
-	ret := m.ctrl.Call(m, "DeleteUserChatProviderKey", ctx, arg)
+	ret := m.ctrl.Call(m, "DeleteUserSecret", ctx, id)
 	ret0, _ := ret[0].(error)
 	return ret0
 }
 
-// DeleteUserChatProviderKey indicates an expected call of DeleteUserChatProviderKey.
-func (mr *MockStoreMockRecorder) DeleteUserChatProviderKey(ctx, arg any) *gomock.Call {
+// DeleteUserSecret indicates an expected call of DeleteUserSecret.
+func (mr *MockStoreMockRecorder) DeleteUserSecret(ctx, id any) *gomock.Call {
 	mr.mock.ctrl.T.Helper()
-	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteUserChatProviderKey", reflect.TypeOf((*MockStore)(nil).DeleteUserChatProviderKey), ctx, arg)
-}
-
-// DeleteUserSecretByUserIDAndName mocks base method.
-func (m *MockStore) DeleteUserSecretByUserIDAndName(ctx context.Context, arg database.DeleteUserSecretByUserIDAndNameParams) (int64, error) {
-	m.ctrl.T.Helper()
-	ret := m.ctrl.Call(m, "DeleteUserSecretByUserIDAndName", ctx, arg)
-	ret0, _ := ret[0].(int64)
-	ret1, _ := ret[1].(error)
-	return ret0, ret1
-}
-
-// DeleteUserSecretByUserIDAndName indicates an expected call of DeleteUserSecretByUserIDAndName.
-func (mr *MockStoreMockRecorder) DeleteUserSecretByUserIDAndName(ctx, arg any) *gomock.Call {
-	mr.mock.ctrl.T.Helper()
-	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteUserSecretByUserIDAndName", reflect.TypeOf((*MockStore)(nil).DeleteUserSecretByUserIDAndName), ctx, arg)
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteUserSecret", reflect.TypeOf((*MockStore)(nil).DeleteUserSecret), ctx, id)
 }
 
 // DeleteWebpushSubscriptionByUserIDAndEndpoint mocks base method.
@@ -1682,21 +1609,6 @@ func (mr *MockStoreMockRecorder) GetActiveAISeatCount(ctx any) *gomock.Call {
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetActiveAISeatCount", reflect.TypeOf((*MockStore)(nil).GetActiveAISeatCount), ctx)
 }
 
-// GetActiveChatsByAgentID mocks base method.
-func (m *MockStore) GetActiveChatsByAgentID(ctx context.Context, agentID uuid.UUID) ([]database.Chat, error) {
-	m.ctrl.T.Helper()
-	ret := m.ctrl.Call(m, "GetActiveChatsByAgentID", ctx, agentID)
-	ret0, _ := ret[0].([]database.Chat)
-	ret1, _ := ret[1].(error)
-	return ret0, ret1
-}
-
-// GetActiveChatsByAgentID indicates an expected call of GetActiveChatsByAgentID.
-func (mr *MockStoreMockRecorder) GetActiveChatsByAgentID(ctx, agentID any) *gomock.Call {
-	mr.mock.ctrl.T.Helper()
-	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetActiveChatsByAgentID", reflect.TypeOf((*MockStore)(nil).GetActiveChatsByAgentID), ctx, agentID)
-}
-
 // GetActivePresetPrebuildSchedules mocks base method.
 func (m *MockStore) GetActivePresetPrebuildSchedules(ctx context.Context) ([]database.TemplateVersionPresetPrebuildSchedule, error) {
 	m.ctrl.T.Helper()
@@ -2132,21 +2044,6 @@ func (mr *MockStoreMockRecorder) GetChatFileByID(ctx, id any) *gomock.Call {
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetChatFileByID", reflect.TypeOf((*MockStore)(nil).GetChatFileByID), ctx, id)
 }
 
-// GetChatFileMetadataByChatID mocks base method.
-func (m *MockStore) GetChatFileMetadataByChatID(ctx context.Context, chatID uuid.UUID) ([]database.GetChatFileMetadataByChatIDRow, error) {
-	m.ctrl.T.Helper()
-	ret := m.ctrl.Call(m, "GetChatFileMetadataByChatID", ctx, chatID)
-	ret0, _ := ret[0].([]database.GetChatFileMetadataByChatIDRow)
-	ret1, _ := ret[1].(error)
-	return ret0, ret1
-}
-
-// GetChatFileMetadataByChatID indicates an expected call of GetChatFileMetadataByChatID.
-func (mr *MockStoreMockRecorder) GetChatFileMetadataByChatID(ctx, chatID any) *gomock.Call {
-	mr.mock.ctrl.T.Helper()
-	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetChatFileMetadataByChatID", reflect.TypeOf((*MockStore)(nil).GetChatFileMetadataByChatID), ctx, chatID)
-}
-
 // GetChatFilesByIDs mocks base method.
 func (m *MockStore) GetChatFilesByIDs(ctx context.Context, ids []uuid.UUID) ([]database.ChatFile, error) {
 	m.ctrl.T.Helper()
@@ -2192,21 +2089,6 @@ func (mr *MockStoreMockRecorder) GetChatMessageByID(ctx, id any) *gomock.Call {
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetChatMessageByID", reflect.TypeOf((*MockStore)(nil).GetChatMessageByID), ctx, id)
 }
 
-// GetChatMessageSummariesPerChat mocks base method.
-func (m *MockStore) GetChatMessageSummariesPerChat(ctx context.Context, createdAfter time.Time) ([]database.GetChatMessageSummariesPerChatRow, error) {
-	m.ctrl.T.Helper()
-	ret := m.ctrl.Call(m, "GetChatMessageSummariesPerChat", ctx, createdAfter)
-	ret0, _ := ret[0].([]database.GetChatMessageSummariesPerChatRow)
-	ret1, _ := ret[1].(error)
-	return ret0, ret1
-}
-
-// GetChatMessageSummariesPerChat indicates an expected call of GetChatMessageSummariesPerChat.
-func (mr *MockStoreMockRecorder) GetChatMessageSummariesPerChat(ctx, createdAfter any) *gomock.Call {
-	mr.mock.ctrl.T.Helper()
-	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetChatMessageSummariesPerChat", reflect.TypeOf((*MockStore)(nil).GetChatMessageSummariesPerChat), ctx, createdAfter)
-}
-
 // GetChatMessagesByChatID mocks base method.
 func (m *MockStore) GetChatMessagesByChatID(ctx context.Context, arg database.GetChatMessagesByChatIDParams) ([]database.ChatMessage, error) {
 	m.ctrl.T.Helper()
@@ -2297,21 +2179,6 @@ func (mr *MockStoreMockRecorder) GetChatModelConfigs(ctx any) *gomock.Call {
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetChatModelConfigs", reflect.TypeOf((*MockStore)(nil).GetChatModelConfigs), ctx)
 }
 
-// GetChatModelConfigsForTelemetry mocks base method.
-func (m *MockStore) GetChatModelConfigsForTelemetry(ctx context.Context) ([]database.GetChatModelConfigsForTelemetryRow, error) {
-	m.ctrl.T.Helper()
-	ret := m.ctrl.Call(m, "GetChatModelConfigsForTelemetry", ctx)
-	ret0, _ := ret[0].([]database.GetChatModelConfigsForTelemetryRow)
-	ret1, _ := ret[1].(error)
-	return ret0, ret1
-}
-
-// GetChatModelConfigsForTelemetry indicates an expected call of GetChatModelConfigsForTelemetry.
-func (mr *MockStoreMockRecorder) GetChatModelConfigsForTelemetry(ctx any) *gomock.Call {
-	mr.mock.ctrl.T.Helper()
-	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetChatModelConfigsForTelemetry", reflect.TypeOf((*MockStore)(nil).GetChatModelConfigsForTelemetry), ctx)
-}
-
 // GetChatProviderByID mocks base method.
 func (m *MockStore) GetChatProviderByID(ctx context.Context, id uuid.UUID) (database.ChatProvider, error) {
 	m.ctrl.T.Helper()
@@ -2372,21 +2239,6 @@ func (mr *MockStoreMockRecorder) GetChatQueuedMessages(ctx, chatID any) *gomock.
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetChatQueuedMessages", reflect.TypeOf((*MockStore)(nil).GetChatQueuedMessages), ctx, chatID)
 }
 
-// GetChatRetentionDays mocks base method.
-func (m *MockStore) GetChatRetentionDays(ctx context.Context) (int32, error) {
-	m.ctrl.T.Helper()
-	ret := m.ctrl.Call(m, "GetChatRetentionDays", ctx)
-	ret0, _ := ret[0].(int32)
-	ret1, _ := ret[1].(error)
-	return ret0, ret1
-}
-
-// GetChatRetentionDays indicates an expected call of GetChatRetentionDays.
-func (mr *MockStoreMockRecorder) GetChatRetentionDays(ctx any) *gomock.Call {
-	mr.mock.ctrl.T.Helper()
-	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetChatRetentionDays", reflect.TypeOf((*MockStore)(nil).GetChatRetentionDays), ctx)
-}
-
 // GetChatSystemPrompt mocks base method.
 func (m *MockStore) GetChatSystemPrompt(ctx context.Context) (string, error) {
 	m.ctrl.T.Helper()
@@ -2522,21 +2374,6 @@ func (mr *MockStoreMockRecorder) GetChatsByWorkspaceIDs(ctx, ids any) *gomock.Ca
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetChatsByWorkspaceIDs", reflect.TypeOf((*MockStore)(nil).GetChatsByWorkspaceIDs), ctx, ids)
 }
 
-// GetChatsUpdatedAfter mocks base method.
-func (m *MockStore) GetChatsUpdatedAfter(ctx context.Context, updatedAfter time.Time) ([]database.GetChatsUpdatedAfterRow, error) {
-	m.ctrl.T.Helper()
-	ret := m.ctrl.Call(m, "GetChatsUpdatedAfter", ctx, updatedAfter)
-	ret0, _ := ret[0].([]database.GetChatsUpdatedAfterRow)
-	ret1, _ := ret[1].(error)
-	return ret0, ret1
-}
-
-// GetChatsUpdatedAfter indicates an expected call of GetChatsUpdatedAfter.
-func (mr *MockStoreMockRecorder) GetChatsUpdatedAfter(ctx, updatedAfter any) *gomock.Call {
-	mr.mock.ctrl.T.Helper()
-	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetChatsUpdatedAfter", reflect.TypeOf((*MockStore)(nil).GetChatsUpdatedAfter), ctx, updatedAfter)
-}
-
 // GetConnectionLogsOffset mocks base method.
 func (m *MockStore) GetConnectionLogsOffset(ctx context.Context, arg database.GetConnectionLogsOffsetParams) ([]database.GetConnectionLogsOffsetRow, error) {
 	m.ctrl.T.Helper()
@@ -4262,34 +4099,34 @@ func (mr *MockStoreMockRecorder) GetTailnetPeers(ctx, id any) *gomock.Call {
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetTailnetPeers", reflect.TypeOf((*MockStore)(nil).GetTailnetPeers), ctx, id)
 }
 
-// GetTailnetTunnelPeerBindingsBatch mocks base method.
-func (m *MockStore) GetTailnetTunnelPeerBindingsBatch(ctx context.Context, ids []uuid.UUID) ([]database.GetTailnetTunnelPeerBindingsBatchRow, error) {
+// GetTailnetTunnelPeerBindings mocks base method.
+func (m *MockStore) GetTailnetTunnelPeerBindings(ctx context.Context, srcID uuid.UUID) ([]database.GetTailnetTunnelPeerBindingsRow, error) {
 	m.ctrl.T.Helper()
-	ret := m.ctrl.Call(m, "GetTailnetTunnelPeerBindingsBatch", ctx, ids)
-	ret0, _ := ret[0].([]database.GetTailnetTunnelPeerBindingsBatchRow)
+	ret := m.ctrl.Call(m, "GetTailnetTunnelPeerBindings", ctx, srcID)
+	ret0, _ := ret[0].([]database.GetTailnetTunnelPeerBindingsRow)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
 
-// GetTailnetTunnelPeerBindingsBatch indicates an expected call of GetTailnetTunnelPeerBindingsBatch.
-func (mr *MockStoreMockRecorder) GetTailnetTunnelPeerBindingsBatch(ctx, ids any) *gomock.Call {
+// GetTailnetTunnelPeerBindings indicates an expected call of GetTailnetTunnelPeerBindings.
+func (mr *MockStoreMockRecorder) GetTailnetTunnelPeerBindings(ctx, srcID any) *gomock.Call {
 	mr.mock.ctrl.T.Helper()
-	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetTailnetTunnelPeerBindingsBatch", reflect.TypeOf((*MockStore)(nil).GetTailnetTunnelPeerBindingsBatch), ctx, ids)
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetTailnetTunnelPeerBindings", reflect.TypeOf((*MockStore)(nil).GetTailnetTunnelPeerBindings), ctx, srcID)
 }
 
-// GetTailnetTunnelPeerIDsBatch mocks base method.
-func (m *MockStore) GetTailnetTunnelPeerIDsBatch(ctx context.Context, ids []uuid.UUID) ([]database.GetTailnetTunnelPeerIDsBatchRow, error) {
+// GetTailnetTunnelPeerIDs mocks base method.
+func (m *MockStore) GetTailnetTunnelPeerIDs(ctx context.Context, srcID uuid.UUID) ([]database.GetTailnetTunnelPeerIDsRow, error) {
 	m.ctrl.T.Helper()
-	ret := m.ctrl.Call(m, "GetTailnetTunnelPeerIDsBatch", ctx, ids)
-	ret0, _ := ret[0].([]database.GetTailnetTunnelPeerIDsBatchRow)
+	ret := m.ctrl.Call(m, "GetTailnetTunnelPeerIDs", ctx, srcID)
+	ret0, _ := ret[0].([]database.GetTailnetTunnelPeerIDsRow)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
 
-// GetTailnetTunnelPeerIDsBatch indicates an expected call of GetTailnetTunnelPeerIDsBatch.
-func (mr *MockStoreMockRecorder) GetTailnetTunnelPeerIDsBatch(ctx, ids any) *gomock.Call {
+// GetTailnetTunnelPeerIDs indicates an expected call of GetTailnetTunnelPeerIDs.
+func (mr *MockStoreMockRecorder) GetTailnetTunnelPeerIDs(ctx, srcID any) *gomock.Call {
 	mr.mock.ctrl.T.Helper()
-	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetTailnetTunnelPeerIDsBatch", reflect.TypeOf((*MockStore)(nil).GetTailnetTunnelPeerIDsBatch), ctx, ids)
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetTailnetTunnelPeerIDs", reflect.TypeOf((*MockStore)(nil).GetTailnetTunnelPeerIDs), ctx, srcID)
 }
 
 // GetTaskByID mocks base method.
@@ -4892,21 +4729,6 @@ func (mr *MockStoreMockRecorder) GetUserChatCustomPrompt(ctx, userID any) *gomoc
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetUserChatCustomPrompt", reflect.TypeOf((*MockStore)(nil).GetUserChatCustomPrompt), ctx, userID)
 }
 
-// GetUserChatProviderKeys mocks base method.
-func (m *MockStore) GetUserChatProviderKeys(ctx context.Context, userID uuid.UUID) ([]database.UserChatProviderKey, error) {
-	m.ctrl.T.Helper()
-	ret := m.ctrl.Call(m, "GetUserChatProviderKeys", ctx, userID)
-	ret0, _ := ret[0].([]database.UserChatProviderKey)
-	ret1, _ := ret[1].(error)
-	return ret0, ret1
-}
-
-// GetUserChatProviderKeys indicates an expected call of GetUserChatProviderKeys.
-func (mr *MockStoreMockRecorder) GetUserChatProviderKeys(ctx, userID any) *gomock.Call {
-	mr.mock.ctrl.T.Helper()
-	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetUserChatProviderKeys", reflect.TypeOf((*MockStore)(nil).GetUserChatProviderKeys), ctx, userID)
-}
-
 // GetUserChatSpendInPeriod mocks base method.
 func (m *MockStore) GetUserChatSpendInPeriod(ctx context.Context, arg database.GetUserChatSpendInPeriodParams) (int64, error) {
 	m.ctrl.T.Helper()
@@ -5027,6 +4849,21 @@ func (mr *MockStoreMockRecorder) GetUserNotificationPreferences(ctx, userID any)
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetUserNotificationPreferences", reflect.TypeOf((*MockStore)(nil).GetUserNotificationPreferences), ctx, userID)
 }
 
+// GetUserSecret mocks base method.
+func (m *MockStore) GetUserSecret(ctx context.Context, id uuid.UUID) (database.UserSecret, error) {
+	m.ctrl.T.Helper()
+	ret := m.ctrl.Call(m, "GetUserSecret", ctx, id)
+	ret0, _ := ret[0].(database.UserSecret)
+	ret1, _ := ret[1].(error)
+	return ret0, ret1
+}
+
+// GetUserSecret indicates an expected call of GetUserSecret.
+func (mr *MockStoreMockRecorder) GetUserSecret(ctx, id any) *gomock.Call {
+	mr.mock.ctrl.T.Helper()
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetUserSecret", reflect.TypeOf((*MockStore)(nil).GetUserSecret), ctx, id)
+}
+
 // GetUserSecretByUserIDAndName mocks base method.
 func (m *MockStore) GetUserSecretByUserIDAndName(ctx context.Context, arg database.GetUserSecretByUserIDAndNameParams) (database.UserSecret, error) {
 	m.ctrl.T.Helper()
@@ -7186,21 +7023,6 @@ func (mr *MockStoreMockRecorder) InsertWorkspaceResourceMetadata(ctx, arg any) *
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "InsertWorkspaceResourceMetadata", reflect.TypeOf((*MockStore)(nil).InsertWorkspaceResourceMetadata), ctx, arg)
 }
 
-// LinkChatFiles mocks base method.
-func (m *MockStore) LinkChatFiles(ctx context.Context, arg database.LinkChatFilesParams) (int32, error) {
-	m.ctrl.T.Helper()
-	ret := m.ctrl.Call(m, "LinkChatFiles", ctx, arg)
-	ret0, _ := ret[0].(int32)
-	ret1, _ := ret[1].(error)
-	return ret0, ret1
-}
-
-// LinkChatFiles indicates an expected call of LinkChatFiles.
-func (mr *MockStoreMockRecorder) LinkChatFiles(ctx, arg any) *gomock.Call {
-	mr.mock.ctrl.T.Helper()
-	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "LinkChatFiles", reflect.TypeOf((*MockStore)(nil).LinkChatFiles), ctx, arg)
-}
-
 // ListAIBridgeClients mocks base method.
 func (m *MockStore) ListAIBridgeClients(ctx context.Context, arg database.ListAIBridgeClientsParams) ([]string, error) {
 	m.ctrl.T.Helper()
@@ -7517,10 +7339,10 @@ func (mr *MockStoreMockRecorder) ListUserChatCompactionThresholds(ctx, userID an
 }
 
 // ListUserSecrets mocks base method.
-func (m *MockStore) ListUserSecrets(ctx context.Context, userID uuid.UUID) ([]database.ListUserSecretsRow, error) {
+func (m *MockStore) ListUserSecrets(ctx context.Context, userID uuid.UUID) ([]database.UserSecret, error) {
 	m.ctrl.T.Helper()
 	ret := m.ctrl.Call(m, "ListUserSecrets", ctx, userID)
-	ret0, _ := ret[0].([]database.ListUserSecretsRow)
+	ret0, _ := ret[0].([]database.UserSecret)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
@@ -7531,21 +7353,6 @@ func (mr *MockStoreMockRecorder) ListUserSecrets(ctx, userID any) *gomock.Call {
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ListUserSecrets", reflect.TypeOf((*MockStore)(nil).ListUserSecrets), ctx, userID)
 }
 
-// ListUserSecretsWithValues mocks base method.
-func (m *MockStore) ListUserSecretsWithValues(ctx context.Context, userID uuid.UUID) ([]database.UserSecret, error) {
-	m.ctrl.T.Helper()
-	ret := m.ctrl.Call(m, "ListUserSecretsWithValues", ctx, userID)
-	ret0, _ := ret[0].([]database.UserSecret)
-	ret1, _ := ret[1].(error)
-	return ret0, ret1
-}
-
-// ListUserSecretsWithValues indicates an expected call of ListUserSecretsWithValues.
-func (mr *MockStoreMockRecorder) ListUserSecretsWithValues(ctx, userID any) *gomock.Call {
-	mr.mock.ctrl.T.Helper()
-	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ListUserSecretsWithValues", reflect.TypeOf((*MockStore)(nil).ListUserSecretsWithValues), ctx, userID)
-}
-
 // ListWorkspaceAgentPortShares mocks base method.
 func (m *MockStore) ListWorkspaceAgentPortShares(ctx context.Context, workspaceID uuid.UUID) ([]database.WorkspaceAgentPortShare, error) {
 	m.ctrl.T.Helper()
@@ -7810,20 +7617,6 @@ func (mr *MockStoreMockRecorder) SoftDeleteChatMessagesAfterID(ctx, arg any) *go
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "SoftDeleteChatMessagesAfterID", reflect.TypeOf((*MockStore)(nil).SoftDeleteChatMessagesAfterID), ctx, arg)
 }
 
-// SoftDeleteContextFileMessages mocks base method.
-func (m *MockStore) SoftDeleteContextFileMessages(ctx context.Context, chatID uuid.UUID) error {
-	m.ctrl.T.Helper()
-	ret := m.ctrl.Call(m, "SoftDeleteContextFileMessages", ctx, chatID)
-	ret0, _ := ret[0].(error)
-	return ret0
-}
-
-// SoftDeleteContextFileMessages indicates an expected call of SoftDeleteContextFileMessages.
-func (mr *MockStoreMockRecorder) SoftDeleteContextFileMessages(ctx, chatID any) *gomock.Call {
-	mr.mock.ctrl.T.Helper()
-	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "SoftDeleteContextFileMessages", reflect.TypeOf((*MockStore)(nil).SoftDeleteContextFileMessages), ctx, chatID)
-}
-
 // TryAcquireLock mocks base method.
 func (m *MockStore) TryAcquireLock(ctx context.Context, pgTryAdvisoryXactLock int64) (bool, error) {
 	m.ctrl.T.Helper()
@@ -7969,19 +7762,19 @@ func (mr *MockStoreMockRecorder) UpdateChatByID(ctx, arg any) *gomock.Call {
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateChatByID", reflect.TypeOf((*MockStore)(nil).UpdateChatByID), ctx, arg)
 }
 
-// UpdateChatHeartbeats mocks base method.
-func (m *MockStore) UpdateChatHeartbeats(ctx context.Context, arg database.UpdateChatHeartbeatsParams) ([]uuid.UUID, error) {
+// UpdateChatHeartbeat mocks base method.
+func (m *MockStore) UpdateChatHeartbeat(ctx context.Context, arg database.UpdateChatHeartbeatParams) (int64, error) {
 	m.ctrl.T.Helper()
-	ret := m.ctrl.Call(m, "UpdateChatHeartbeats", ctx, arg)
-	ret0, _ := ret[0].([]uuid.UUID)
+	ret := m.ctrl.Call(m, "UpdateChatHeartbeat", ctx, arg)
+	ret0, _ := ret[0].(int64)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
 
-// UpdateChatHeartbeats indicates an expected call of UpdateChatHeartbeats.
-func (mr *MockStoreMockRecorder) UpdateChatHeartbeats(ctx, arg any) *gomock.Call {
+// UpdateChatHeartbeat indicates an expected call of UpdateChatHeartbeat.
+func (mr *MockStoreMockRecorder) UpdateChatHeartbeat(ctx, arg any) *gomock.Call {
 	mr.mock.ctrl.T.Helper()
-	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateChatHeartbeats", reflect.TypeOf((*MockStore)(nil).UpdateChatHeartbeats), ctx, arg)
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateChatHeartbeat", reflect.TypeOf((*MockStore)(nil).UpdateChatHeartbeat), ctx, arg)
 }
 
 // UpdateChatLabelsByID mocks base method.
@@ -8812,21 +8605,6 @@ func (mr *MockStoreMockRecorder) UpdateUserChatCustomPrompt(ctx, arg any) *gomoc
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateUserChatCustomPrompt", reflect.TypeOf((*MockStore)(nil).UpdateUserChatCustomPrompt), ctx, arg)
 }
 
-// UpdateUserChatProviderKey mocks base method.
-func (m *MockStore) UpdateUserChatProviderKey(ctx context.Context, arg database.UpdateUserChatProviderKeyParams) (database.UserChatProviderKey, error) {
-	m.ctrl.T.Helper()
-	ret := m.ctrl.Call(m, "UpdateUserChatProviderKey", ctx, arg)
-	ret0, _ := ret[0].(database.UserChatProviderKey)
-	ret1, _ := ret[1].(error)
-	return ret0, ret1
-}
-
-// UpdateUserChatProviderKey indicates an expected call of UpdateUserChatProviderKey.
-func (mr *MockStoreMockRecorder) UpdateUserChatProviderKey(ctx, arg any) *gomock.Call {
-	mr.mock.ctrl.T.Helper()
-	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateUserChatProviderKey", reflect.TypeOf((*MockStore)(nil).UpdateUserChatProviderKey), ctx, arg)
-}
-
 // UpdateUserDeletedByID mocks base method.
 func (m *MockStore) UpdateUserDeletedByID(ctx context.Context, id uuid.UUID) error {
 	m.ctrl.T.Helper()
@@ -8988,19 +8766,19 @@ func (mr *MockStoreMockRecorder) UpdateUserRoles(ctx, arg any) *gomock.Call {
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateUserRoles", reflect.TypeOf((*MockStore)(nil).UpdateUserRoles), ctx, arg)
 }
 
-// UpdateUserSecretByUserIDAndName mocks base method.
-func (m *MockStore) UpdateUserSecretByUserIDAndName(ctx context.Context, arg database.UpdateUserSecretByUserIDAndNameParams) (database.UserSecret, error) {
+// UpdateUserSecret mocks base method.
+func (m *MockStore) UpdateUserSecret(ctx context.Context, arg database.UpdateUserSecretParams) (database.UserSecret, error) {
 	m.ctrl.T.Helper()
-	ret := m.ctrl.Call(m, "UpdateUserSecretByUserIDAndName", ctx, arg)
+	ret := m.ctrl.Call(m, "UpdateUserSecret", ctx, arg)
 	ret0, _ := ret[0].(database.UserSecret)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
 
-// UpdateUserSecretByUserIDAndName indicates an expected call of UpdateUserSecretByUserIDAndName.
-func (mr *MockStoreMockRecorder) UpdateUserSecretByUserIDAndName(ctx, arg any) *gomock.Call {
+// UpdateUserSecret indicates an expected call of UpdateUserSecret.
+func (mr *MockStoreMockRecorder) UpdateUserSecret(ctx, arg any) *gomock.Call {
 	mr.mock.ctrl.T.Helper()
-	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateUserSecretByUserIDAndName", reflect.TypeOf((*MockStore)(nil).UpdateUserSecretByUserIDAndName), ctx, arg)
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateUserSecret", reflect.TypeOf((*MockStore)(nil).UpdateUserSecret), ctx, arg)
 }
 
 // UpdateUserStatus mocks base method.
@@ -9533,20 +9311,6 @@ func (mr *MockStoreMockRecorder) UpsertChatIncludeDefaultSystemPrompt(ctx, inclu
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpsertChatIncludeDefaultSystemPrompt", reflect.TypeOf((*MockStore)(nil).UpsertChatIncludeDefaultSystemPrompt), ctx, includeDefaultSystemPrompt)
 }
 
-// UpsertChatRetentionDays mocks base method.
-func (m *MockStore) UpsertChatRetentionDays(ctx context.Context, retentionDays int32) error {
-	m.ctrl.T.Helper()
-	ret := m.ctrl.Call(m, "UpsertChatRetentionDays", ctx, retentionDays)
-	ret0, _ := ret[0].(error)
-	return ret0
-}
-
-// UpsertChatRetentionDays indicates an expected call of UpsertChatRetentionDays.
-func (mr *MockStoreMockRecorder) UpsertChatRetentionDays(ctx, retentionDays any) *gomock.Call {
-	mr.mock.ctrl.T.Helper()
-	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpsertChatRetentionDays", reflect.TypeOf((*MockStore)(nil).UpsertChatRetentionDays), ctx, retentionDays)
-}
-
 // UpsertChatSystemPrompt mocks base method.
 func (m *MockStore) UpsertChatSystemPrompt(ctx context.Context, value string) error {
 	m.ctrl.T.Helper()
@@ -9634,6 +9398,21 @@ func (mr *MockStoreMockRecorder) UpsertChatWorkspaceTTL(ctx, workspaceTtl any) *
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpsertChatWorkspaceTTL", reflect.TypeOf((*MockStore)(nil).UpsertChatWorkspaceTTL), ctx, workspaceTtl)
 }
 
+// UpsertConnectionLog mocks base method.
+func (m *MockStore) UpsertConnectionLog(ctx context.Context, arg database.UpsertConnectionLogParams) (database.ConnectionLog, error) {
+	m.ctrl.T.Helper()
+	ret := m.ctrl.Call(m, "UpsertConnectionLog", ctx, arg)
+	ret0, _ := ret[0].(database.ConnectionLog)
+	ret1, _ := ret[1].(error)
+	return ret0, ret1
+}
+
+// UpsertConnectionLog indicates an expected call of UpsertConnectionLog.
+func (mr *MockStoreMockRecorder) UpsertConnectionLog(ctx, arg any) *gomock.Call {
+	mr.mock.ctrl.T.Helper()
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpsertConnectionLog", reflect.TypeOf((*MockStore)(nil).UpsertConnectionLog), ctx, arg)
+}
+
 // UpsertDefaultProxy mocks base method.
 func (m *MockStore) UpsertDefaultProxy(ctx context.Context, arg database.UpsertDefaultProxyParams) error {
 	m.ctrl.T.Helper()
@@ -9892,21 +9671,6 @@ func (mr *MockStoreMockRecorder) UpsertTemplateUsageStats(ctx any) *gomock.Call
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpsertTemplateUsageStats", reflect.TypeOf((*MockStore)(nil).UpsertTemplateUsageStats), ctx)
 }
 
-// UpsertUserChatProviderKey mocks base method.
-func (m *MockStore) UpsertUserChatProviderKey(ctx context.Context, arg database.UpsertUserChatProviderKeyParams) (database.UserChatProviderKey, error) {
-	m.ctrl.T.Helper()
-	ret := m.ctrl.Call(m, "UpsertUserChatProviderKey", ctx, arg)
-	ret0, _ := ret[0].(database.UserChatProviderKey)
-	ret1, _ := ret[1].(error)
-	return ret0, ret1
-}
-
-// UpsertUserChatProviderKey indicates an expected call of UpsertUserChatProviderKey.
-func (mr *MockStoreMockRecorder) UpsertUserChatProviderKey(ctx, arg any) *gomock.Call {
-	mr.mock.ctrl.T.Helper()
-	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpsertUserChatProviderKey", reflect.TypeOf((*MockStore)(nil).UpsertUserChatProviderKey), ctx, arg)
-}
-
 // UpsertWebpushVAPIDKeys mocks base method.
 func (m *MockStore) UpsertWebpushVAPIDKeys(ctx context.Context, arg database.UpsertWebpushVAPIDKeysParams) error {
 	m.ctrl.T.Helper()

coderd/database/dbpurge/dbpurge.go

@@ -3,7 +3,6 @@ package dbpurge
 import (
 	"context"
 	"io"
-	"sync"
 	"time"
 
 	"github.com/prometheus/client_golang/prometheus"
@@ -13,7 +12,6 @@ import (
 	"github.com/coder/coder/v2/coderd/database"
 	"github.com/coder/coder/v2/coderd/database/dbauthz"
 	"github.com/coder/coder/v2/coderd/database/dbtime"
-	"github.com/coder/coder/v2/coderd/objstore"
 	"github.com/coder/coder/v2/coderd/pproflabel"
 	"github.com/coder/coder/v2/codersdk"
 	"github.com/coder/quartz"
@@ -36,22 +34,13 @@ const (
 	// long enough to cover the maximum interval of a heartbeat event (currently
 	// 1 hour) plus some buffer.
 	maxTelemetryHeartbeatAge = 24 * time.Hour
-	// Batch sizes for chat purging. Both use 1000, which is smaller
-	// than audit/connection log batches (10000), because chat_files
-	// rows contain bytea blob data that make large batches heavier.
-	chatsBatchSize     = 1000
-	chatFilesBatchSize = 1000
 )
 
-// chatFilesNamespace is the object store namespace under which chat
-// files are stored.
-const chatFilesNamespace = "chatfiles"
-
 // New creates a new periodically purging database instance.
 // It is the caller's responsibility to call Close on the returned instance.
 //
 // This is for cleaning up old, unused resources from the database that take up space.
-func New(ctx context.Context, logger slog.Logger, db database.Store, vals *codersdk.DeploymentValues, clk quartz.Clock, reg prometheus.Registerer, objStore objstore.Store) io.Closer {
+func New(ctx context.Context, logger slog.Logger, db database.Store, vals *codersdk.DeploymentValues, clk quartz.Clock, reg prometheus.Registerer) io.Closer {
 	closed := make(chan struct{})
 
 	ctx, cancelFunc := context.WithCancel(ctx)
@@ -75,22 +64,6 @@ func New(ctx context.Context, logger slog.Logger, db database.Store, vals *coder
 	}, []string{"record_type"})
 	reg.MustRegister(recordsPurged)
 
-	objStoreInflight := prometheus.NewGauge(prometheus.GaugeOpts{
-		Namespace: "coderd",
-		Subsystem: "dbpurge",
-		Name:      "objstore_delete_inflight",
-		Help:      "Number of object store files currently enqueued for deletion.",
-	})
-	reg.MustRegister(objStoreInflight)
-
-	objStoreDeleted := prometheus.NewCounter(prometheus.CounterOpts{
-		Namespace: "coderd",
-		Subsystem: "dbpurge",
-		Name:      "objstore_files_deleted_total",
-		Help:      "Total number of object store files successfully deleted.",
-	})
-	reg.MustRegister(objStoreDeleted)
-
 	inst := &instance{
 		cancel:            cancelFunc,
 		closed:            closed,
@@ -99,9 +72,6 @@ func New(ctx context.Context, logger slog.Logger, db database.Store, vals *coder
 		clk:               clk,
 		iterationDuration: iterationDuration,
 		recordsPurged:     recordsPurged,
-		objStore:          objStore,
-		objStoreInflight:  objStoreInflight,
-		objStoreDeleted:   objStoreDeleted,
 	}
 
 	// Start the ticker with the initial delay.
@@ -139,17 +109,6 @@ func New(ctx context.Context, logger slog.Logger, db database.Store, vals *coder
 // purgeTick performs a single purge iteration. It returns an error if the
 // purge fails.
 func (i *instance) purgeTick(ctx context.Context, db database.Store, start time.Time) error {
-	// Read chat retention config outside the transaction to
-	// avoid poisoning the tx if the stored value is corrupt.
-	// A SQL-level cast error (e.g. non-numeric text) puts PG
-	// into error state, failing all subsequent queries in the
-	// same transaction.
-	chatRetentionDays, err := db.GetChatRetentionDays(ctx)
-	if err != nil {
-		i.logger.Warn(ctx, "failed to read chat retention config, skipping chat purge", slog.Error(err))
-		chatRetentionDays = 0
-	}
-
 	// Start a transaction to grab advisory lock, we don't want to run
 	// multiple purges at the same time (multiple replicas).
 	return db.InTx(func(tx database.Store) error {
@@ -254,50 +213,12 @@ func (i *instance) purgeTick(ctx context.Context, db database.Store, start time.
 			}
 		}
 
-		// Chat retention is configured via site_configs. When
-		// enabled, old archived chats are deleted first, then
-		// orphaned chat files. Deleting a chat cascades to
-		// chat_file_links (removing references) but not to
-		// chat_files directly, so files from deleted chats
-		// become orphaned and are caught by DeleteOldChatFiles
-		// in the same tick.
-		var purgedChats int64
-		var purgedChatFiles int64
-		if chatRetentionDays > 0 {
-			chatRetention := time.Duration(chatRetentionDays) * 24 * time.Hour
-			deleteChatsBefore := start.Add(-chatRetention)
-
-			purgedChats, err = tx.DeleteOldChats(ctx, database.DeleteOldChatsParams{
-				BeforeTime: deleteChatsBefore,
-				LimitCount: chatsBatchSize,
-			})
-			if err != nil {
-				return xerrors.Errorf("failed to delete old chats: %w", err)
-			}
-
-			deletedFiles, err := tx.DeleteOldChatFiles(ctx, database.DeleteOldChatFilesParams{
-				BeforeTime: deleteChatsBefore,
-				LimitCount: chatFilesBatchSize,
-			})
-			if err != nil {
-				return xerrors.Errorf("failed to delete old chat files: %w", err)
-			}
-			purgedChatFiles = int64(len(deletedFiles))
-
-			// Collect object store keys from the deleted rows
-			// and delete them in a background goroutine so
-			// slow object store I/O does not hold the
-			// advisory lock or block the next tick.
-			i.deleteObjStoreKeys(ctx, deletedFiles)
-		}
 		i.logger.Debug(ctx, "purged old database entries",
 			slog.F("workspace_agent_logs", purgedWorkspaceAgentLogs),
 			slog.F("expired_api_keys", expiredAPIKeys),
 			slog.F("aibridge_records", purgedAIBridgeRecords),
 			slog.F("connection_logs", purgedConnectionLogs),
 			slog.F("audit_logs", purgedAuditLogs),
-			slog.F("chats", purgedChats),
-			slog.F("chat_files", purgedChatFiles),
 			slog.F("duration", i.clk.Since(start)),
 		)
 
@@ -311,8 +232,6 @@ func (i *instance) purgeTick(ctx context.Context, db database.Store, start time.
 			i.recordsPurged.WithLabelValues("aibridge_records").Add(float64(purgedAIBridgeRecords))
 			i.recordsPurged.WithLabelValues("connection_logs").Add(float64(purgedConnectionLogs))
 			i.recordsPurged.WithLabelValues("audit_logs").Add(float64(purgedAuditLogs))
-			i.recordsPurged.WithLabelValues("chats").Add(float64(purgedChats))
-			i.recordsPurged.WithLabelValues("chat_files").Add(float64(purgedChatFiles))
 		}
 
 		return nil
@@ -327,13 +246,6 @@ type instance struct {
 	clk               quartz.Clock
 	iterationDuration *prometheus.HistogramVec
 	recordsPurged     *prometheus.CounterVec
-	objStore          objstore.Store
-	objStoreInflight  prometheus.Gauge
-	objStoreDeleted   prometheus.Counter
-
-	// objDeleteMu serializes background object store delete batches
-	// so at most one goroutine is deleting at a time.
-	objDeleteMu sync.Mutex
 }
 
 func (i *instance) Close() error {
@@ -341,62 +253,3 @@ func (i *instance) Close() error {
 	<-i.closed
 	return nil
 }
-
-// deleteObjStoreKeys removes object store entries for the given
-// deleted chat file rows. The work runs in a background goroutine
-// guarded by a mutex so that slow object store I/O never blocks
-// the purge transaction or the next tick. At most one delete batch
-// runs at a time; if a batch is already in flight the new keys are
-// silently dropped (they will be orphan-collected on a future tick
-// if needed).
-func (i *instance) deleteObjStoreKeys(ctx context.Context, rows []database.DeleteOldChatFilesRow) {
-	// Collect non-empty object store keys.
-	var keys []string
-	for _, r := range rows {
-		if r.ObjectStoreKey.Valid && r.ObjectStoreKey.String != "" {
-			keys = append(keys, r.ObjectStoreKey.String)
-		}
-	}
-	if len(keys) == 0 {
-		return
-	}
-
-	// Try to acquire the mutex without blocking. If another
-	// delete batch is already running, skip this one.
-	if !i.objDeleteMu.TryLock() {
-		i.logger.Debug(ctx, "object store delete already in progress, skipping batch",
-			slog.F("skipped_keys", len(keys)))
-		return
-	}
-
-	i.objStoreInflight.Add(float64(len(keys)))
-
-	go func() {
-		defer i.objDeleteMu.Unlock()
-
-		var deleted int
-		for _, key := range keys {
-			if ctx.Err() != nil {
-				remaining := len(keys) - deleted
-				i.objStoreInflight.Sub(float64(remaining))
-				i.logger.Debug(ctx, "context canceled during object store cleanup",
-					slog.F("deleted", deleted),
-					slog.F("remaining", remaining))
-				return
-			}
-			if err := i.objStore.Delete(ctx, chatFilesNamespace, key); err != nil {
-				i.logger.Warn(ctx, "failed to delete chat file from object store",
-					slog.F("key", key),
-					slog.Error(err))
-			} else {
-				deleted++
-			}
-			i.objStoreInflight.Dec()
-		}
-
-		i.objStoreDeleted.Add(float64(deleted))
-		i.logger.Debug(ctx, "deleted chat files from object store",
-			slog.F("deleted", deleted),
-			slog.F("failed", len(keys)-deleted))
-	}()
-}

coderd/database/dbpurge/dbpurge_test.go

@@ -12,7 +12,6 @@ import (
 	"time"
 
 	"github.com/google/uuid"
-	"github.com/lib/pq"
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
@@ -54,9 +53,8 @@ func TestPurge(t *testing.T) {
 	clk := quartz.NewMock(t)
 	done := awaitDoTick(ctx, t, clk)
 	mDB := dbmock.NewMockStore(gomock.NewController(t))
-	mDB.EXPECT().GetChatRetentionDays(gomock.Any()).Return(int32(0), nil).AnyTimes()
 	mDB.EXPECT().InTx(gomock.Any(), database.DefaultTXOptions().WithID("db_purge")).Return(nil).Times(2)
-	purger := dbpurge.New(context.Background(), testutil.Logger(t), mDB, &codersdk.DeploymentValues{}, clk, prometheus.NewRegistry(), nil)
+	purger := dbpurge.New(context.Background(), testutil.Logger(t), mDB, &codersdk.DeploymentValues{}, clk, prometheus.NewRegistry())
 	<-done // wait for doTick() to run.
 	require.NoError(t, purger.Close())
 }
@@ -90,7 +88,7 @@ func TestMetrics(t *testing.T) {
 			Retention: codersdk.RetentionConfig{
 				APIKeys: serpent.Duration(7 * 24 * time.Hour), // 7 days retention
 			},
-		}, clk, reg, nil)
+		}, clk, reg)
 		defer closer.Close()
 		testutil.TryReceive(ctx, t, done)
 
@@ -127,16 +125,6 @@ func TestMetrics(t *testing.T) {
 			"record_type": "audit_logs",
 		})
 		require.GreaterOrEqual(t, auditLogs, 0)
-
-		chats := promhelp.CounterValue(t, reg, "coderd_dbpurge_records_purged_total", prometheus.Labels{
-			"record_type": "chats",
-		})
-		require.GreaterOrEqual(t, chats, 0)
-
-		chatFiles := promhelp.CounterValue(t, reg, "coderd_dbpurge_records_purged_total", prometheus.Labels{
-			"record_type": "chat_files",
-		})
-		require.GreaterOrEqual(t, chatFiles, 0)
 	})
 
 	t.Run("FailedIteration", func(t *testing.T) {
@@ -150,7 +138,6 @@ func TestMetrics(t *testing.T) {
 
 		ctrl := gomock.NewController(t)
 		mDB := dbmock.NewMockStore(ctrl)
-		mDB.EXPECT().GetChatRetentionDays(gomock.Any()).Return(int32(0), nil).AnyTimes()
 		mDB.EXPECT().InTx(gomock.Any(), database.DefaultTXOptions().WithID("db_purge")).
 			Return(xerrors.New("simulated database error")).
 			MinTimes(1)
@@ -158,7 +145,7 @@ func TestMetrics(t *testing.T) {
 		logger := slogtest.Make(t, &slogtest.Options{IgnoreErrors: true})
 
 		done := awaitDoTick(ctx, t, clk)
-		closer := dbpurge.New(ctx, logger, mDB, &codersdk.DeploymentValues{}, clk, reg, nil)
+		closer := dbpurge.New(ctx, logger, mDB, &codersdk.DeploymentValues{}, clk, reg)
 		defer closer.Close()
 		testutil.TryReceive(ctx, t, done)
 
@@ -248,7 +235,7 @@ func TestDeleteOldWorkspaceAgentStats(t *testing.T) {
 	})
 
 	// when
-	closer := dbpurge.New(ctx, logger, db, &codersdk.DeploymentValues{}, clk, prometheus.NewRegistry(), nil)
+	closer := dbpurge.New(ctx, logger, db, &codersdk.DeploymentValues{}, clk, prometheus.NewRegistry())
 	defer closer.Close()
 
 	// then
@@ -273,7 +260,7 @@ func TestDeleteOldWorkspaceAgentStats(t *testing.T) {
 
 	// Start a new purger to immediately trigger delete after rollup.
 	_ = closer.Close()
-	closer = dbpurge.New(ctx, logger, db, &codersdk.DeploymentValues{}, clk, prometheus.NewRegistry(), nil)
+	closer = dbpurge.New(ctx, logger, db, &codersdk.DeploymentValues{}, clk, prometheus.NewRegistry())
 	defer closer.Close()
 
 	// then
@@ -368,7 +355,7 @@ func TestDeleteOldWorkspaceAgentLogs(t *testing.T) {
 		Retention: codersdk.RetentionConfig{
 			WorkspaceAgentLogs: serpent.Duration(7 * 24 * time.Hour),
 		},
-	}, clk, prometheus.NewRegistry(), nil)
+	}, clk, prometheus.NewRegistry())
 
 	defer closer.Close()
 	<-done // doTick() has now run.
@@ -583,7 +570,7 @@ func TestDeleteOldWorkspaceAgentLogsRetention(t *testing.T) {
 			done := awaitDoTick(ctx, t, clk)
 			closer := dbpurge.New(ctx, logger, db, &codersdk.DeploymentValues{
 				Retention: tc.retentionConfig,
-			}, clk, prometheus.NewRegistry(), nil)
+			}, clk, prometheus.NewRegistry())
 			defer closer.Close()
 			testutil.TryReceive(ctx, t, done)
 
@@ -674,7 +661,7 @@ func TestDeleteOldProvisionerDaemons(t *testing.T) {
 	require.NoError(t, err)
 
 	// when
-	closer := dbpurge.New(ctx, logger, db, &codersdk.DeploymentValues{}, clk, prometheus.NewRegistry(), nil)
+	closer := dbpurge.New(ctx, logger, db, &codersdk.DeploymentValues{}, clk, prometheus.NewRegistry())
 	defer closer.Close()
 
 	// then
@@ -778,7 +765,7 @@ func TestDeleteOldAuditLogConnectionEvents(t *testing.T) {
 
 	// Run the purge
 	done := awaitDoTick(ctx, t, clk)
-	closer := dbpurge.New(ctx, logger, db, &codersdk.DeploymentValues{}, clk, prometheus.NewRegistry(), nil)
+	closer := dbpurge.New(ctx, logger, db, &codersdk.DeploymentValues{}, clk, prometheus.NewRegistry())
 	defer closer.Close()
 	// Wait for tick
 	testutil.TryReceive(ctx, t, done)
@@ -941,7 +928,7 @@ func TestDeleteOldTelemetryHeartbeats(t *testing.T) {
 	require.NoError(t, err)
 
 	done := awaitDoTick(ctx, t, clk)
-	closer := dbpurge.New(ctx, logger, db, &codersdk.DeploymentValues{}, clk, prometheus.NewRegistry(), nil)
+	closer := dbpurge.New(ctx, logger, db, &codersdk.DeploymentValues{}, clk, prometheus.NewRegistry())
 	defer closer.Close()
 	<-done // doTick() has now run.
 
@@ -1060,7 +1047,7 @@ func TestDeleteOldConnectionLogs(t *testing.T) {
 			done := awaitDoTick(ctx, t, clk)
 			closer := dbpurge.New(ctx, logger, db, &codersdk.DeploymentValues{
 				Retention: tc.retentionConfig,
-			}, clk, prometheus.NewRegistry(), nil)
+			}, clk, prometheus.NewRegistry())
 			defer closer.Close()
 			testutil.TryReceive(ctx, t, done)
 
@@ -1316,7 +1303,7 @@ func TestDeleteOldAIBridgeRecords(t *testing.T) {
 						Retention: serpent.Duration(tc.retention),
 					},
 				},
-			}, clk, prometheus.NewRegistry(), nil)
+			}, clk, prometheus.NewRegistry())
 			defer closer.Close()
 			testutil.TryReceive(ctx, t, done)
 
@@ -1403,7 +1390,7 @@ func TestDeleteOldAuditLogs(t *testing.T) {
 			done := awaitDoTick(ctx, t, clk)
 			closer := dbpurge.New(ctx, logger, db, &codersdk.DeploymentValues{
 				Retention: tc.retentionConfig,
-			}, clk, prometheus.NewRegistry(), nil)
+			}, clk, prometheus.NewRegistry())
 			defer closer.Close()
 			testutil.TryReceive(ctx, t, done)
 
@@ -1493,7 +1480,7 @@ func TestDeleteOldAuditLogs(t *testing.T) {
 			Retention: codersdk.RetentionConfig{
 				AuditLogs: serpent.Duration(retentionPeriod),
 			},
-		}, clk, prometheus.NewRegistry(), nil)
+		}, clk, prometheus.NewRegistry())
 		defer closer.Close()
 		testutil.TryReceive(ctx, t, done)
 
@@ -1613,7 +1600,7 @@ func TestDeleteExpiredAPIKeys(t *testing.T) {
 			done := awaitDoTick(ctx, t, clk)
 			closer := dbpurge.New(ctx, logger, db, &codersdk.DeploymentValues{
 				Retention: tc.retentionConfig,
-			}, clk, prometheus.NewRegistry(), nil)
+			}, clk, prometheus.NewRegistry())
 			defer closer.Close()
 			testutil.TryReceive(ctx, t, done)
 
@@ -1647,488 +1634,3 @@ func TestDeleteExpiredAPIKeys(t *testing.T) {
 func ptr[T any](v T) *T {
 	return &v
 }
-
-//nolint:paralleltest // It uses LockIDDBPurge.
-func TestDeleteOldChatFiles(t *testing.T) {
-	now := time.Date(2025, 6, 15, 12, 0, 0, 0, time.UTC)
-
-	// createChatFile inserts a chat file and backdates created_at.
-	createChatFile := func(ctx context.Context, t *testing.T, db database.Store, rawDB *sql.DB, ownerID, orgID uuid.UUID, createdAt time.Time) uuid.UUID {
-		t.Helper()
-		row, err := db.InsertChatFile(ctx, database.InsertChatFileParams{
-			OwnerID:        ownerID,
-			OrganizationID: orgID,
-			Name:           "test.png",
-			Mimetype:       "image/png",
-			Data:           []byte("fake-image-data"),
-		})
-		require.NoError(t, err)
-		_, err = rawDB.ExecContext(ctx, "UPDATE chat_files SET created_at = $1 WHERE id = $2", createdAt, row.ID)
-		require.NoError(t, err)
-		return row.ID
-	}
-
-	// createChat inserts a chat and optionally archives it, then
-	// backdates updated_at to control the "archived since" window.
-	createChat := func(ctx context.Context, t *testing.T, db database.Store, rawDB *sql.DB, ownerID, modelConfigID uuid.UUID, archived bool, updatedAt time.Time) database.Chat {
-		t.Helper()
-		chat, err := db.InsertChat(ctx, database.InsertChatParams{
-			OwnerID:           ownerID,
-			LastModelConfigID: modelConfigID,
-			Title:             "test-chat",
-			Status:            database.ChatStatusWaiting,
-		})
-		require.NoError(t, err)
-		if archived {
-			_, err = db.ArchiveChatByID(ctx, chat.ID)
-			require.NoError(t, err)
-		}
-		_, err = rawDB.ExecContext(ctx, "UPDATE chats SET updated_at = $1 WHERE id = $2", updatedAt, chat.ID)
-		require.NoError(t, err)
-		return chat
-	}
-	// setupChatDeps creates the common dependencies needed for
-	// chat-related tests: user, org, org member, provider, model config.
-	type chatDeps struct {
-		user        database.User
-		org         database.Organization
-		modelConfig database.ChatModelConfig
-	}
-	setupChatDeps := func(ctx context.Context, t *testing.T, db database.Store) chatDeps {
-		t.Helper()
-		user := dbgen.User(t, db, database.User{})
-		org := dbgen.Organization(t, db, database.Organization{})
-		_ = dbgen.OrganizationMember(t, db, database.OrganizationMember{UserID: user.ID, OrganizationID: org.ID})
-		_, err := db.InsertChatProvider(ctx, database.InsertChatProviderParams{
-			Provider:             "openai",
-			DisplayName:          "OpenAI",
-			Enabled:              true,
-			CentralApiKeyEnabled: true,
-		})
-		require.NoError(t, err)
-		mc, err := db.InsertChatModelConfig(ctx, database.InsertChatModelConfigParams{
-			Provider:     "openai",
-			Model:        "test-model",
-			ContextLimit: 8192,
-			Options:      json.RawMessage("{}"),
-		})
-		require.NoError(t, err)
-		return chatDeps{user: user, org: org, modelConfig: mc}
-	}
-
-	tests := []struct {
-		name string
-		run  func(t *testing.T)
-	}{
-		{
-			name: "ChatRetentionDisabled",
-			run: func(t *testing.T) {
-				ctx := testutil.Context(t, testutil.WaitLong)
-				clk := quartz.NewMock(t)
-				clk.Set(now).MustWait(ctx)
-
-				db, _, rawDB := dbtestutil.NewDBWithSQLDB(t, dbtestutil.WithDumpOnFailure())
-				logger := slogtest.Make(t, &slogtest.Options{IgnoreErrors: true})
-				deps := setupChatDeps(ctx, t, db)
-
-				// Disable retention.
-				err := db.UpsertChatRetentionDays(ctx, int32(0))
-				require.NoError(t, err)
-
-				// Create an old archived chat and an orphaned old file.
-				oldChat := createChat(ctx, t, db, rawDB, deps.user.ID, deps.modelConfig.ID, true, now.Add(-31*24*time.Hour))
-				oldFileID := createChatFile(ctx, t, db, rawDB, deps.user.ID, deps.org.ID, now.Add(-31*24*time.Hour))
-
-				done := awaitDoTick(ctx, t, clk)
-				closer := dbpurge.New(ctx, logger, db, &codersdk.DeploymentValues{}, clk, prometheus.NewRegistry(), nil)
-				defer closer.Close()
-				testutil.TryReceive(ctx, t, done)
-
-				// Both should still exist.
-				_, err = db.GetChatByID(ctx, oldChat.ID)
-				require.NoError(t, err, "chat should not be deleted when retention is disabled")
-				_, err = db.GetChatFileByID(ctx, oldFileID)
-				require.NoError(t, err, "chat file should not be deleted when retention is disabled")
-			},
-		},
-		{
-			name: "OldArchivedChatsDeleted",
-			run: func(t *testing.T) {
-				ctx := testutil.Context(t, testutil.WaitLong)
-				clk := quartz.NewMock(t)
-				clk.Set(now).MustWait(ctx)
-
-				db, _, rawDB := dbtestutil.NewDBWithSQLDB(t, dbtestutil.WithDumpOnFailure())
-				logger := slogtest.Make(t, &slogtest.Options{IgnoreErrors: true})
-				deps := setupChatDeps(ctx, t, db)
-
-				err := db.UpsertChatRetentionDays(ctx, int32(30))
-				require.NoError(t, err)
-
-				// Old archived chat (31 days) — should be deleted.
-				oldChat := createChat(ctx, t, db, rawDB, deps.user.ID, deps.modelConfig.ID, true, now.Add(-31*24*time.Hour))
-				// Insert a message so we can verify CASCADE.
-				_, err = db.InsertChatMessages(ctx, database.InsertChatMessagesParams{
-					ChatID:              oldChat.ID,
-					CreatedBy:           []uuid.UUID{deps.user.ID},
-					ModelConfigID:       []uuid.UUID{deps.modelConfig.ID},
-					Role:                []database.ChatMessageRole{database.ChatMessageRoleUser},
-					Content:             []string{`[{"type":"text","text":"hello"}]`},
-					ContentVersion:      []int16{0},
-					Visibility:          []database.ChatMessageVisibility{database.ChatMessageVisibilityBoth},
-					InputTokens:         []int64{0},
-					OutputTokens:        []int64{0},
-					TotalTokens:         []int64{0},
-					ReasoningTokens:     []int64{0},
-					CacheCreationTokens: []int64{0},
-					CacheReadTokens:     []int64{0},
-					ContextLimit:        []int64{0},
-					Compressed:          []bool{false},
-					TotalCostMicros:     []int64{0},
-					RuntimeMs:           []int64{0},
-					ProviderResponseID:  []string{""},
-				})
-				require.NoError(t, err)
-
-				// Recently archived chat (10 days) — should be retained.
-				recentChat := createChat(ctx, t, db, rawDB, deps.user.ID, deps.modelConfig.ID, true, now.Add(-10*24*time.Hour))
-
-				// Active chat — should be retained.
-				activeChat := createChat(ctx, t, db, rawDB, deps.user.ID, deps.modelConfig.ID, false, now)
-
-				done := awaitDoTick(ctx, t, clk)
-				closer := dbpurge.New(ctx, logger, db, &codersdk.DeploymentValues{}, clk, prometheus.NewRegistry(), nil)
-				defer closer.Close()
-				testutil.TryReceive(ctx, t, done)
-
-				// Old archived chat should be gone.
-				_, err = db.GetChatByID(ctx, oldChat.ID)
-				require.Error(t, err, "old archived chat should be deleted")
-
-				// Its messages should be gone too (CASCADE).
-				msgs, err := db.GetChatMessagesByChatID(ctx, database.GetChatMessagesByChatIDParams{
-					ChatID:  oldChat.ID,
-					AfterID: 0,
-				})
-				require.NoError(t, err)
-				require.Empty(t, msgs, "messages should be cascade-deleted")
-
-				// Recent archived and active chats should remain.
-				_, err = db.GetChatByID(ctx, recentChat.ID)
-				require.NoError(t, err, "recently archived chat should be retained")
-				_, err = db.GetChatByID(ctx, activeChat.ID)
-				require.NoError(t, err, "active chat should be retained")
-			},
-		},
-		{
-			name: "OrphanedOldFilesDeleted",
-			run: func(t *testing.T) {
-				ctx := testutil.Context(t, testutil.WaitLong)
-				clk := quartz.NewMock(t)
-				clk.Set(now).MustWait(ctx)
-
-				db, _, rawDB := dbtestutil.NewDBWithSQLDB(t, dbtestutil.WithDumpOnFailure())
-				logger := slogtest.Make(t, &slogtest.Options{IgnoreErrors: true})
-				deps := setupChatDeps(ctx, t, db)
-
-				err := db.UpsertChatRetentionDays(ctx, int32(30))
-				require.NoError(t, err)
-
-				// File A: 31 days old, NOT in any chat -> should be deleted.
-				fileA := createChatFile(ctx, t, db, rawDB, deps.user.ID, deps.org.ID, now.Add(-31*24*time.Hour))
-
-				// File B: 31 days old, in an active chat -> should be retained.
-				fileB := createChatFile(ctx, t, db, rawDB, deps.user.ID, deps.org.ID, now.Add(-31*24*time.Hour))
-				activeChat := createChat(ctx, t, db, rawDB, deps.user.ID, deps.modelConfig.ID, false, now)
-				_, err = db.LinkChatFiles(ctx, database.LinkChatFilesParams{
-					ChatID:       activeChat.ID,
-					MaxFileLinks: 100,
-					FileIds:      []uuid.UUID{fileB},
-				})
-				require.NoError(t, err)
-
-				// File C: 10 days old, NOT in any chat -> should be retained (too young).
-				fileC := createChatFile(ctx, t, db, rawDB, deps.user.ID, deps.org.ID, now.Add(-10*24*time.Hour))
-
-				// File near boundary: 29d23h old — close to threshold.
-				fileBoundary := createChatFile(ctx, t, db, rawDB, deps.user.ID, deps.org.ID, now.Add(-30*24*time.Hour).Add(time.Hour))
-
-				done := awaitDoTick(ctx, t, clk)
-				closer := dbpurge.New(ctx, logger, db, &codersdk.DeploymentValues{}, clk, prometheus.NewRegistry(), nil)
-				defer closer.Close()
-				testutil.TryReceive(ctx, t, done)
-
-				_, err = db.GetChatFileByID(ctx, fileA)
-				require.Error(t, err, "orphaned old file A should be deleted")
-
-				_, err = db.GetChatFileByID(ctx, fileB)
-				require.NoError(t, err, "file B in active chat should be retained")
-
-				_, err = db.GetChatFileByID(ctx, fileC)
-				require.NoError(t, err, "young file C should be retained")
-
-				_, err = db.GetChatFileByID(ctx, fileBoundary)
-				require.NoError(t, err, "file near 30d boundary should be retained")
-			},
-		},
-		{
-			name: "ArchivedChatFilesDeleted",
-			run: func(t *testing.T) {
-				ctx := testutil.Context(t, testutil.WaitLong)
-				clk := quartz.NewMock(t)
-				clk.Set(now).MustWait(ctx)
-
-				db, _, rawDB := dbtestutil.NewDBWithSQLDB(t, dbtestutil.WithDumpOnFailure())
-				logger := slogtest.Make(t, &slogtest.Options{IgnoreErrors: true})
-				deps := setupChatDeps(ctx, t, db)
-
-				err := db.UpsertChatRetentionDays(ctx, int32(30))
-				require.NoError(t, err)
-
-				// File D: 31 days old, in a chat archived 31 days ago -> should be deleted.
-				fileD := createChatFile(ctx, t, db, rawDB, deps.user.ID, deps.org.ID, now.Add(-31*24*time.Hour))
-				oldArchivedChat := createChat(ctx, t, db, rawDB, deps.user.ID, deps.modelConfig.ID, true, now.Add(-31*24*time.Hour))
-				_, err = db.LinkChatFiles(ctx, database.LinkChatFilesParams{
-					ChatID:       oldArchivedChat.ID,
-					MaxFileLinks: 100,
-					FileIds:      []uuid.UUID{fileD},
-				})
-				require.NoError(t, err)
-				// LinkChatFiles does not update chats.updated_at, so backdate.
-				_, err = rawDB.ExecContext(ctx, "UPDATE chats SET updated_at = $1 WHERE id = $2",
-					now.Add(-31*24*time.Hour), oldArchivedChat.ID)
-				require.NoError(t, err)
-
-				// File E: 31 days old, in a chat archived 10 days ago -> should be retained.
-				fileE := createChatFile(ctx, t, db, rawDB, deps.user.ID, deps.org.ID, now.Add(-31*24*time.Hour))
-				recentArchivedChat := createChat(ctx, t, db, rawDB, deps.user.ID, deps.modelConfig.ID, true, now.Add(-10*24*time.Hour))
-				_, err = db.LinkChatFiles(ctx, database.LinkChatFilesParams{
-					ChatID:       recentArchivedChat.ID,
-					MaxFileLinks: 100,
-					FileIds:      []uuid.UUID{fileE},
-				})
-				require.NoError(t, err)
-				_, err = rawDB.ExecContext(ctx, "UPDATE chats SET updated_at = $1 WHERE id = $2",
-					now.Add(-10*24*time.Hour), recentArchivedChat.ID)
-				require.NoError(t, err)
-
-				// File F: 31 days old, in BOTH an active chat AND an old archived chat -> should be retained.
-				fileF := createChatFile(ctx, t, db, rawDB, deps.user.ID, deps.org.ID, now.Add(-31*24*time.Hour))
-				anotherOldArchivedChat := createChat(ctx, t, db, rawDB, deps.user.ID, deps.modelConfig.ID, true, now.Add(-31*24*time.Hour))
-				_, err = db.LinkChatFiles(ctx, database.LinkChatFilesParams{
-					ChatID:       anotherOldArchivedChat.ID,
-					MaxFileLinks: 100,
-					FileIds:      []uuid.UUID{fileF},
-				})
-				require.NoError(t, err)
-				_, err = rawDB.ExecContext(ctx, "UPDATE chats SET updated_at = $1 WHERE id = $2",
-					now.Add(-31*24*time.Hour), anotherOldArchivedChat.ID)
-				require.NoError(t, err)
-
-				activeChatForF := createChat(ctx, t, db, rawDB, deps.user.ID, deps.modelConfig.ID, false, now)
-				_, err = db.LinkChatFiles(ctx, database.LinkChatFilesParams{
-					ChatID:       activeChatForF.ID,
-					MaxFileLinks: 100,
-					FileIds:      []uuid.UUID{fileF},
-				})
-				require.NoError(t, err)
-
-				done := awaitDoTick(ctx, t, clk)
-				closer := dbpurge.New(ctx, logger, db, &codersdk.DeploymentValues{}, clk, prometheus.NewRegistry(), nil)
-				defer closer.Close()
-				testutil.TryReceive(ctx, t, done)
-
-				_, err = db.GetChatFileByID(ctx, fileD)
-				require.Error(t, err, "file D in old archived chat should be deleted")
-
-				_, err = db.GetChatFileByID(ctx, fileE)
-				require.NoError(t, err, "file E in recently archived chat should be retained")
-
-				_, err = db.GetChatFileByID(ctx, fileF)
-				require.NoError(t, err, "file F in active + old archived chat should be retained")
-			},
-		},
-		{
-			name: "UnarchiveAfterFilePurge",
-			run: func(t *testing.T) {
-				// Validates that when dbpurge deletes chat_files rows,
-				// the FK cascade on chat_file_links automatically
-				// removes the stale links. Unarchiving a chat after
-				// file purge should show only surviving files.
-				ctx := testutil.Context(t, testutil.WaitLong)
-				db, _, rawDB := dbtestutil.NewDBWithSQLDB(t, dbtestutil.WithDumpOnFailure())
-				deps := setupChatDeps(ctx, t, db)
-
-				// Create a chat with three attached files.
-				fileA := createChatFile(ctx, t, db, rawDB, deps.user.ID, deps.org.ID, now)
-				fileB := createChatFile(ctx, t, db, rawDB, deps.user.ID, deps.org.ID, now)
-				fileC := createChatFile(ctx, t, db, rawDB, deps.user.ID, deps.org.ID, now)
-
-				chat := createChat(ctx, t, db, rawDB, deps.user.ID, deps.modelConfig.ID, false, now)
-				_, err := db.LinkChatFiles(ctx, database.LinkChatFilesParams{
-					ChatID:       chat.ID,
-					MaxFileLinks: 100,
-					FileIds:      []uuid.UUID{fileA, fileB, fileC},
-				})
-				require.NoError(t, err)
-
-				// Archive the chat.
-				_, err = db.ArchiveChatByID(ctx, chat.ID)
-				require.NoError(t, err)
-
-				// Simulate dbpurge deleting files A and B. The FK
-				// cascade on chat_file_links_file_id_fkey should
-				// automatically remove the corresponding link rows.
-				_, err = rawDB.ExecContext(ctx, "DELETE FROM chat_files WHERE id = ANY($1)", pq.Array([]uuid.UUID{fileA, fileB}))
-				require.NoError(t, err)
-
-				// Unarchive the chat.
-				_, err = db.UnarchiveChatByID(ctx, chat.ID)
-				require.NoError(t, err)
-
-				// Only file C should remain linked (FK cascade
-				// removed the links for deleted files A and B).
-				files, err := db.GetChatFileMetadataByChatID(ctx, chat.ID)
-				require.NoError(t, err)
-				require.Len(t, files, 1, "only surviving file should be linked")
-				require.Equal(t, fileC, files[0].ID)
-
-				// Edge case: delete the last file too. The chat
-				// should have zero linked files, not an error.
-				_, err = db.ArchiveChatByID(ctx, chat.ID)
-				require.NoError(t, err)
-				_, err = rawDB.ExecContext(ctx, "DELETE FROM chat_files WHERE id = $1", fileC)
-				require.NoError(t, err)
-				_, err = db.UnarchiveChatByID(ctx, chat.ID)
-				require.NoError(t, err)
-
-				files, err = db.GetChatFileMetadataByChatID(ctx, chat.ID)
-				require.NoError(t, err)
-				require.Empty(t, files, "all-files-deleted should yield empty result")
-
-				// Test parent+child cascade: deleting files should
-				// clean up links for both parent and child chats
-				// independently via FK cascade.
-				parentChat := createChat(ctx, t, db, rawDB, deps.user.ID, deps.modelConfig.ID, false, now)
-				childChat, err := db.InsertChat(ctx, database.InsertChatParams{
-					OwnerID:           deps.user.ID,
-					LastModelConfigID: deps.modelConfig.ID,
-					Title:             "child-chat",
-					Status:            database.ChatStatusWaiting,
-				})
-				require.NoError(t, err)
-				// Set root_chat_id to link child to parent.
-				_, err = rawDB.ExecContext(ctx, "UPDATE chats SET root_chat_id = $1 WHERE id = $2", parentChat.ID, childChat.ID)
-				require.NoError(t, err)
-
-				// Attach different files to parent and child.
-				parentFileKeep := createChatFile(ctx, t, db, rawDB, deps.user.ID, deps.org.ID, now)
-				parentFileStale := createChatFile(ctx, t, db, rawDB, deps.user.ID, deps.org.ID, now)
-				childFileKeep := createChatFile(ctx, t, db, rawDB, deps.user.ID, deps.org.ID, now)
-				childFileStale := createChatFile(ctx, t, db, rawDB, deps.user.ID, deps.org.ID, now)
-
-				_, err = db.LinkChatFiles(ctx, database.LinkChatFilesParams{
-					ChatID:       parentChat.ID,
-					MaxFileLinks: 100,
-					FileIds:      []uuid.UUID{parentFileKeep, parentFileStale},
-				})
-				require.NoError(t, err)
-				_, err = db.LinkChatFiles(ctx, database.LinkChatFilesParams{
-					ChatID:       childChat.ID,
-					MaxFileLinks: 100,
-					FileIds:      []uuid.UUID{childFileKeep, childFileStale},
-				})
-				require.NoError(t, err)
-
-				// Archive via parent (cascades to child).
-				_, err = db.ArchiveChatByID(ctx, parentChat.ID)
-				require.NoError(t, err)
-
-				// Delete one file from each chat.
-				_, err = rawDB.ExecContext(ctx, "DELETE FROM chat_files WHERE id = ANY($1)",
-					pq.Array([]uuid.UUID{parentFileStale, childFileStale}))
-				require.NoError(t, err)
-
-				// Unarchive via parent.
-				_, err = db.UnarchiveChatByID(ctx, parentChat.ID)
-				require.NoError(t, err)
-
-				parentFiles, err := db.GetChatFileMetadataByChatID(ctx, parentChat.ID)
-				require.NoError(t, err)
-				require.Len(t, parentFiles, 1)
-				require.Equal(t, parentFileKeep, parentFiles[0].ID,
-					"parent should retain only non-stale file")
-
-				childFiles, err := db.GetChatFileMetadataByChatID(ctx, childChat.ID)
-				require.NoError(t, err)
-				require.Len(t, childFiles, 1)
-				require.Equal(t, childFileKeep, childFiles[0].ID,
-					"child should retain only non-stale file")
-			},
-		},
-		{
-			name: "BatchLimitFiles",
-			run: func(t *testing.T) {
-				ctx := testutil.Context(t, testutil.WaitLong)
-				db, _, rawDB := dbtestutil.NewDBWithSQLDB(t, dbtestutil.WithDumpOnFailure())
-				deps := setupChatDeps(ctx, t, db)
-
-				// Create 3 deletable orphaned files (all 31 days old).
-				for range 3 {
-					createChatFile(ctx, t, db, rawDB, deps.user.ID, deps.org.ID, now.Add(-31*24*time.Hour))
-				}
-
-				// Delete with limit 2 — should delete 2, leave 1.
-				deleted, err := db.DeleteOldChatFiles(ctx, database.DeleteOldChatFilesParams{
-					BeforeTime: now.Add(-30 * 24 * time.Hour),
-					LimitCount: 2,
-				})
-				require.NoError(t, err)
-				require.Equal(t, int64(2), deleted, "should delete exactly 2 files")
-
-				// Delete again — should delete the remaining 1.
-				deleted, err = db.DeleteOldChatFiles(ctx, database.DeleteOldChatFilesParams{
-					BeforeTime: now.Add(-30 * 24 * time.Hour),
-					LimitCount: 2,
-				})
-				require.NoError(t, err)
-				require.Equal(t, int64(1), deleted, "should delete remaining 1 file")
-			},
-		},
-		{
-			name: "BatchLimitChats",
-			run: func(t *testing.T) {
-				ctx := testutil.Context(t, testutil.WaitLong)
-				db, _, rawDB := dbtestutil.NewDBWithSQLDB(t, dbtestutil.WithDumpOnFailure())
-				deps := setupChatDeps(ctx, t, db)
-
-				// Create 3 deletable old archived chats.
-				for range 3 {
-					createChat(ctx, t, db, rawDB, deps.user.ID, deps.modelConfig.ID, true, now.Add(-31*24*time.Hour))
-				}
-
-				// Delete with limit 2 — should delete 2, leave 1.
-				deleted, err := db.DeleteOldChats(ctx, database.DeleteOldChatsParams{
-					BeforeTime: now.Add(-30 * 24 * time.Hour),
-					LimitCount: 2,
-				})
-				require.NoError(t, err)
-				require.Equal(t, int64(2), deleted, "should delete exactly 2 chats")
-
-				// Delete again — should delete the remaining 1.
-				deleted, err = db.DeleteOldChats(ctx, database.DeleteOldChatsParams{
-					BeforeTime: now.Add(-30 * 24 * time.Hour),
-					LimitCount: 2,
-				})
-				require.NoError(t, err)
-				require.Equal(t, int64(1), deleted, "should delete remaining 1 chat")
-			},
-		},
-	}
-
-	for _, tc := range tests {
-		t.Run(tc.name, func(t *testing.T) {
-			tc.run(t)
-		})
-	}
-}

coderd/database/dump.sql

@@ -293,8 +293,7 @@ CREATE TYPE chat_status AS ENUM (
     'running',
     'paused',
     'completed',
-    'error',
-    'requires_action'
+    'error'
 );
 
 CREATE TYPE connection_status AS ENUM (
@@ -316,11 +315,6 @@ CREATE TYPE cors_behavior AS ENUM (
     'passthru'
 );
 
-CREATE TYPE credential_kind AS ENUM (
-    'centralized',
-    'byok'
-);
-
 CREATE TYPE crypto_key_feature AS ENUM (
     'workspace_apps_token',
     'workspace_apps_api_key',
@@ -1107,9 +1101,7 @@ CREATE TABLE aibridge_interceptions (
     thread_root_id uuid,
     client_session_id character varying(256),
     session_id text GENERATED ALWAYS AS (COALESCE(client_session_id, ((thread_root_id)::text)::character varying, ((id)::text)::character varying)) STORED NOT NULL,
-    provider_name text DEFAULT ''::text NOT NULL,
-    credential_kind credential_kind DEFAULT 'centralized'::credential_kind NOT NULL,
-    credential_hint character varying(15) DEFAULT ''::character varying NOT NULL
+    provider_name text DEFAULT ''::text NOT NULL
 );
 
 COMMENT ON TABLE aibridge_interceptions IS 'Audit log of requests intercepted by AI Bridge';
@@ -1126,10 +1118,6 @@ COMMENT ON COLUMN aibridge_interceptions.session_id IS 'Groups related intercept
 
 COMMENT ON COLUMN aibridge_interceptions.provider_name IS 'The provider instance name which may differ from provider when multiple instances of the same provider type exist.';
 
-COMMENT ON COLUMN aibridge_interceptions.credential_kind IS 'How the request was authenticated: centralized or byok.';
-
-COMMENT ON COLUMN aibridge_interceptions.credential_hint IS 'Masked credential identifier for audit (e.g. sk-a***efgh).';
-
 CREATE TABLE aibridge_model_thoughts (
     interception_id uuid NOT NULL,
     content text NOT NULL,
@@ -1146,9 +1134,7 @@ CREATE TABLE aibridge_token_usages (
     input_tokens bigint NOT NULL,
     output_tokens bigint NOT NULL,
     metadata jsonb,
-    created_at timestamp with time zone NOT NULL,
-    cache_read_input_tokens bigint DEFAULT 0 NOT NULL,
-    cache_write_input_tokens bigint DEFAULT 0 NOT NULL
+    created_at timestamp with time zone NOT NULL
 );
 
 COMMENT ON TABLE aibridge_token_usages IS 'Audit log of tokens used by intercepted requests in AI Bridge';
@@ -1281,11 +1267,6 @@ CREATE TABLE chat_diff_statuses (
     head_branch text
 );
 
-CREATE TABLE chat_file_links (
-    chat_id uuid NOT NULL,
-    file_id uuid NOT NULL
-);
-
 CREATE TABLE chat_files (
     id uuid DEFAULT gen_random_uuid() NOT NULL,
     owner_id uuid NOT NULL,
@@ -1293,8 +1274,7 @@ CREATE TABLE chat_files (
     created_at timestamp with time zone DEFAULT now() NOT NULL,
     name text DEFAULT ''::text NOT NULL,
     mimetype text NOT NULL,
-    data bytea,
-    object_store_key text
+    data bytea NOT NULL
 );
 
 CREATE TABLE chat_messages (
@@ -1361,11 +1341,7 @@ CREATE TABLE chat_providers (
     created_at timestamp with time zone DEFAULT now() NOT NULL,
     updated_at timestamp with time zone DEFAULT now() NOT NULL,
     base_url text DEFAULT ''::text NOT NULL,
-    central_api_key_enabled boolean DEFAULT true NOT NULL,
-    allow_user_api_key boolean DEFAULT false NOT NULL,
-    allow_central_api_key_fallback boolean DEFAULT false NOT NULL,
-    CONSTRAINT chat_providers_provider_check CHECK ((provider = ANY (ARRAY['anthropic'::text, 'azure'::text, 'bedrock'::text, 'google'::text, 'openai'::text, 'openai-compat'::text, 'openrouter'::text, 'vercel'::text]))),
-    CONSTRAINT valid_credential_policy CHECK (((central_api_key_enabled OR allow_user_api_key) AND ((NOT allow_central_api_key_fallback) OR (central_api_key_enabled AND allow_user_api_key))))
+    CONSTRAINT chat_providers_provider_check CHECK ((provider = ANY (ARRAY['anthropic'::text, 'azure'::text, 'bedrock'::text, 'google'::text, 'openai'::text, 'openai-compat'::text, 'openrouter'::text, 'vercel'::text])))
 );
 
 COMMENT ON COLUMN chat_providers.api_key_key_id IS 'The ID of the key used to encrypt the provider API key. If this is NULL, the API key is not encrypted';
@@ -1431,8 +1407,7 @@ CREATE TABLE chats (
     agent_id uuid,
     pin_order integer DEFAULT 0 NOT NULL,
     last_read_message_id bigint,
-    last_injected_context jsonb,
-    dynamic_tools jsonb
+    last_injected_context jsonb
 );
 
 CREATE TABLE connection_logs (
@@ -2777,17 +2752,6 @@ COMMENT ON TABLE usage_events_daily IS 'usage_events_daily is a daily rollup of
 
 COMMENT ON COLUMN usage_events_daily.day IS 'The date of the summed usage events, always in UTC.';
 
-CREATE TABLE user_chat_provider_keys (
-    id uuid DEFAULT gen_random_uuid() NOT NULL,
-    user_id uuid NOT NULL,
-    chat_provider_id uuid NOT NULL,
-    api_key text NOT NULL,
-    api_key_key_id text,
-    created_at timestamp with time zone DEFAULT now() NOT NULL,
-    updated_at timestamp with time zone DEFAULT now() NOT NULL,
-    CONSTRAINT user_chat_provider_keys_api_key_check CHECK ((api_key <> ''::text))
-);
-
 CREATE TABLE user_configs (
     user_id uuid NOT NULL,
     key character varying(256) NOT NULL,
@@ -2829,8 +2793,7 @@ CREATE TABLE user_secrets (
     env_name text DEFAULT ''::text NOT NULL,
     file_path text DEFAULT ''::text NOT NULL,
     created_at timestamp with time zone DEFAULT CURRENT_TIMESTAMP NOT NULL,
-    updated_at timestamp with time zone DEFAULT CURRENT_TIMESTAMP NOT NULL,
-    value_key_id text
+    updated_at timestamp with time zone DEFAULT CURRENT_TIMESTAMP NOT NULL
 );
 
 CREATE TABLE user_status_changes (
@@ -3363,9 +3326,6 @@ ALTER TABLE ONLY boundary_usage_stats
 ALTER TABLE ONLY chat_diff_statuses
     ADD CONSTRAINT chat_diff_statuses_pkey PRIMARY KEY (chat_id);
 
-ALTER TABLE ONLY chat_file_links
-    ADD CONSTRAINT chat_file_links_chat_id_file_id_key UNIQUE (chat_id, file_id);
-
 ALTER TABLE ONLY chat_files
     ADD CONSTRAINT chat_files_pkey PRIMARY KEY (id);
 
@@ -3588,12 +3548,6 @@ ALTER TABLE ONLY usage_events_daily
 ALTER TABLE ONLY usage_events
     ADD CONSTRAINT usage_events_pkey PRIMARY KEY (id);
 
-ALTER TABLE ONLY user_chat_provider_keys
-    ADD CONSTRAINT user_chat_provider_keys_pkey PRIMARY KEY (id);
-
-ALTER TABLE ONLY user_chat_provider_keys
-    ADD CONSTRAINT user_chat_provider_keys_user_id_chat_provider_id_key UNIQUE (user_id, chat_provider_id);
-
 ALTER TABLE ONLY user_configs
     ADD CONSTRAINT user_configs_pkey PRIMARY KEY (user_id, key);
 
@@ -3756,8 +3710,6 @@ CREATE INDEX idx_audit_logs_time_desc ON audit_logs USING btree ("time" DESC);
 
 CREATE INDEX idx_chat_diff_statuses_stale_at ON chat_diff_statuses USING btree (stale_at);
 
-CREATE INDEX idx_chat_file_links_chat_id ON chat_file_links USING btree (chat_id);
-
 CREATE INDEX idx_chat_files_org ON chat_files USING btree (organization_id);
 
 CREATE INDEX idx_chat_files_owner ON chat_files USING btree (owner_id);
@@ -3784,8 +3736,6 @@ CREATE INDEX idx_chat_providers_enabled ON chat_providers USING btree (enabled);
 
 CREATE INDEX idx_chat_queued_messages_chat_id ON chat_queued_messages USING btree (chat_id);
 
-CREATE INDEX idx_chats_agent_id ON chats USING btree (agent_id) WHERE (agent_id IS NOT NULL);
-
 CREATE INDEX idx_chats_labels ON chats USING gin (labels);
 
 CREATE INDEX idx_chats_last_model_config_id ON chats USING btree (last_model_config_id);
@@ -4062,12 +4012,6 @@ ALTER TABLE ONLY api_keys
 ALTER TABLE ONLY chat_diff_statuses
     ADD CONSTRAINT chat_diff_statuses_chat_id_fkey FOREIGN KEY (chat_id) REFERENCES chats(id) ON DELETE CASCADE;
 
-ALTER TABLE ONLY chat_file_links
-    ADD CONSTRAINT chat_file_links_chat_id_fkey FOREIGN KEY (chat_id) REFERENCES chats(id) ON DELETE CASCADE;
-
-ALTER TABLE ONLY chat_file_links
-    ADD CONSTRAINT chat_file_links_file_id_fkey FOREIGN KEY (file_id) REFERENCES chat_files(id) ON DELETE CASCADE;
-
 ALTER TABLE ONLY chat_files
     ADD CONSTRAINT chat_files_organization_id_fkey FOREIGN KEY (organization_id) REFERENCES organizations(id) ON DELETE CASCADE;
 
@@ -4314,15 +4258,6 @@ ALTER TABLE ONLY templates
 ALTER TABLE ONLY templates
     ADD CONSTRAINT templates_organization_id_fkey FOREIGN KEY (organization_id) REFERENCES organizations(id) ON DELETE CASCADE;
 
-ALTER TABLE ONLY user_chat_provider_keys
-    ADD CONSTRAINT user_chat_provider_keys_api_key_key_id_fkey FOREIGN KEY (api_key_key_id) REFERENCES dbcrypt_keys(active_key_digest);
-
-ALTER TABLE ONLY user_chat_provider_keys
-    ADD CONSTRAINT user_chat_provider_keys_chat_provider_id_fkey FOREIGN KEY (chat_provider_id) REFERENCES chat_providers(id) ON DELETE CASCADE;
-
-ALTER TABLE ONLY user_chat_provider_keys
-    ADD CONSTRAINT user_chat_provider_keys_user_id_fkey FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE;
-
 ALTER TABLE ONLY user_configs
     ADD CONSTRAINT user_configs_user_id_fkey FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE;
 
@@ -4341,9 +4276,6 @@ ALTER TABLE ONLY user_links
 ALTER TABLE ONLY user_secrets
     ADD CONSTRAINT user_secrets_user_id_fkey FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE;
 
-ALTER TABLE ONLY user_secrets
-    ADD CONSTRAINT user_secrets_value_key_id_fkey FOREIGN KEY (value_key_id) REFERENCES dbcrypt_keys(active_key_digest);
-
 ALTER TABLE ONLY user_status_changes
     ADD CONSTRAINT user_status_changes_user_id_fkey FOREIGN KEY (user_id) REFERENCES users(id);
 

coderd/database/foreign_key_constraint.go

@@ -10,8 +10,6 @@ const (
 	ForeignKeyAibridgeInterceptionsInitiatorID                    ForeignKeyConstraint = "aibridge_interceptions_initiator_id_fkey"                        // ALTER TABLE ONLY aibridge_interceptions ADD CONSTRAINT aibridge_interceptions_initiator_id_fkey FOREIGN KEY (initiator_id) REFERENCES users(id);
 	ForeignKeyAPIKeysUserIDUUID                                   ForeignKeyConstraint = "api_keys_user_id_uuid_fkey"                                      // ALTER TABLE ONLY api_keys ADD CONSTRAINT api_keys_user_id_uuid_fkey FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE;
 	ForeignKeyChatDiffStatusesChatID                              ForeignKeyConstraint = "chat_diff_statuses_chat_id_fkey"                                 // ALTER TABLE ONLY chat_diff_statuses ADD CONSTRAINT chat_diff_statuses_chat_id_fkey FOREIGN KEY (chat_id) REFERENCES chats(id) ON DELETE CASCADE;
-	ForeignKeyChatFileLinksChatID                                 ForeignKeyConstraint = "chat_file_links_chat_id_fkey"                                    // ALTER TABLE ONLY chat_file_links ADD CONSTRAINT chat_file_links_chat_id_fkey FOREIGN KEY (chat_id) REFERENCES chats(id) ON DELETE CASCADE;
-	ForeignKeyChatFileLinksFileID                                 ForeignKeyConstraint = "chat_file_links_file_id_fkey"                                    // ALTER TABLE ONLY chat_file_links ADD CONSTRAINT chat_file_links_file_id_fkey FOREIGN KEY (file_id) REFERENCES chat_files(id) ON DELETE CASCADE;
 	ForeignKeyChatFilesOrganizationID                             ForeignKeyConstraint = "chat_files_organization_id_fkey"                                 // ALTER TABLE ONLY chat_files ADD CONSTRAINT chat_files_organization_id_fkey FOREIGN KEY (organization_id) REFERENCES organizations(id) ON DELETE CASCADE;
 	ForeignKeyChatFilesOwnerID                                    ForeignKeyConstraint = "chat_files_owner_id_fkey"                                        // ALTER TABLE ONLY chat_files ADD CONSTRAINT chat_files_owner_id_fkey FOREIGN KEY (owner_id) REFERENCES users(id) ON DELETE CASCADE;
 	ForeignKeyChatMessagesChatID                                  ForeignKeyConstraint = "chat_messages_chat_id_fkey"                                      // ALTER TABLE ONLY chat_messages ADD CONSTRAINT chat_messages_chat_id_fkey FOREIGN KEY (chat_id) REFERENCES chats(id) ON DELETE CASCADE;
@@ -94,16 +92,12 @@ const (
 	ForeignKeyTemplateVersionsTemplateID                          ForeignKeyConstraint = "template_versions_template_id_fkey"                              // ALTER TABLE ONLY template_versions ADD CONSTRAINT template_versions_template_id_fkey FOREIGN KEY (template_id) REFERENCES templates(id) ON DELETE CASCADE;
 	ForeignKeyTemplatesCreatedBy                                  ForeignKeyConstraint = "templates_created_by_fkey"                                       // ALTER TABLE ONLY templates ADD CONSTRAINT templates_created_by_fkey FOREIGN KEY (created_by) REFERENCES users(id) ON DELETE RESTRICT;
 	ForeignKeyTemplatesOrganizationID                             ForeignKeyConstraint = "templates_organization_id_fkey"                                  // ALTER TABLE ONLY templates ADD CONSTRAINT templates_organization_id_fkey FOREIGN KEY (organization_id) REFERENCES organizations(id) ON DELETE CASCADE;
-	ForeignKeyUserChatProviderKeysAPIKeyKeyID                     ForeignKeyConstraint = "user_chat_provider_keys_api_key_key_id_fkey"                     // ALTER TABLE ONLY user_chat_provider_keys ADD CONSTRAINT user_chat_provider_keys_api_key_key_id_fkey FOREIGN KEY (api_key_key_id) REFERENCES dbcrypt_keys(active_key_digest);
-	ForeignKeyUserChatProviderKeysChatProviderID                  ForeignKeyConstraint = "user_chat_provider_keys_chat_provider_id_fkey"                   // ALTER TABLE ONLY user_chat_provider_keys ADD CONSTRAINT user_chat_provider_keys_chat_provider_id_fkey FOREIGN KEY (chat_provider_id) REFERENCES chat_providers(id) ON DELETE CASCADE;
-	ForeignKeyUserChatProviderKeysUserID                          ForeignKeyConstraint = "user_chat_provider_keys_user_id_fkey"                            // ALTER TABLE ONLY user_chat_provider_keys ADD CONSTRAINT user_chat_provider_keys_user_id_fkey FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE;
 	ForeignKeyUserConfigsUserID                                   ForeignKeyConstraint = "user_configs_user_id_fkey"                                       // ALTER TABLE ONLY user_configs ADD CONSTRAINT user_configs_user_id_fkey FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE;
 	ForeignKeyUserDeletedUserID                                   ForeignKeyConstraint = "user_deleted_user_id_fkey"                                       // ALTER TABLE ONLY user_deleted ADD CONSTRAINT user_deleted_user_id_fkey FOREIGN KEY (user_id) REFERENCES users(id);
 	ForeignKeyUserLinksOauthAccessTokenKeyID                      ForeignKeyConstraint = "user_links_oauth_access_token_key_id_fkey"                       // ALTER TABLE ONLY user_links ADD CONSTRAINT user_links_oauth_access_token_key_id_fkey FOREIGN KEY (oauth_access_token_key_id) REFERENCES dbcrypt_keys(active_key_digest);
 	ForeignKeyUserLinksOauthRefreshTokenKeyID                     ForeignKeyConstraint = "user_links_oauth_refresh_token_key_id_fkey"                      // ALTER TABLE ONLY user_links ADD CONSTRAINT user_links_oauth_refresh_token_key_id_fkey FOREIGN KEY (oauth_refresh_token_key_id) REFERENCES dbcrypt_keys(active_key_digest);
 	ForeignKeyUserLinksUserID                                     ForeignKeyConstraint = "user_links_user_id_fkey"                                         // ALTER TABLE ONLY user_links ADD CONSTRAINT user_links_user_id_fkey FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE;
 	ForeignKeyUserSecretsUserID                                   ForeignKeyConstraint = "user_secrets_user_id_fkey"                                       // ALTER TABLE ONLY user_secrets ADD CONSTRAINT user_secrets_user_id_fkey FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE;
-	ForeignKeyUserSecretsValueKeyID                               ForeignKeyConstraint = "user_secrets_value_key_id_fkey"                                  // ALTER TABLE ONLY user_secrets ADD CONSTRAINT user_secrets_value_key_id_fkey FOREIGN KEY (value_key_id) REFERENCES dbcrypt_keys(active_key_digest);
 	ForeignKeyUserStatusChangesUserID                             ForeignKeyConstraint = "user_status_changes_user_id_fkey"                                // ALTER TABLE ONLY user_status_changes ADD CONSTRAINT user_status_changes_user_id_fkey FOREIGN KEY (user_id) REFERENCES users(id);
 	ForeignKeyWebpushSubscriptionsUserID                          ForeignKeyConstraint = "webpush_subscriptions_user_id_fkey"                              // ALTER TABLE ONLY webpush_subscriptions ADD CONSTRAINT webpush_subscriptions_user_id_fkey FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE;
 	ForeignKeyWorkspaceAgentDevcontainersSubagentID               ForeignKeyConstraint = "workspace_agent_devcontainers_subagent_id_fkey"                  // ALTER TABLE ONLY workspace_agent_devcontainers ADD CONSTRAINT workspace_agent_devcontainers_subagent_id_fkey FOREIGN KEY (subagent_id) REFERENCES workspace_agents(id) ON DELETE CASCADE;

coderd/database/migrations/000459_provider_key_policy.down.sql

@@ -1,8 +0,0 @@
-DROP TABLE IF EXISTS user_chat_provider_keys;
-
-ALTER TABLE chat_providers DROP CONSTRAINT IF EXISTS valid_credential_policy;
-
-ALTER TABLE chat_providers
-    DROP COLUMN IF EXISTS central_api_key_enabled,
-    DROP COLUMN IF EXISTS allow_user_api_key,
-    DROP COLUMN IF EXISTS allow_central_api_key_fallback;

coderd/database/migrations/000459_provider_key_policy.up.sql

@@ -1,24 +0,0 @@
-ALTER TABLE chat_providers
-    ADD COLUMN central_api_key_enabled BOOLEAN NOT NULL DEFAULT TRUE,
-    ADD COLUMN allow_user_api_key BOOLEAN NOT NULL DEFAULT FALSE,
-    ADD COLUMN allow_central_api_key_fallback BOOLEAN NOT NULL DEFAULT FALSE;
-
-ALTER TABLE chat_providers
-    ADD CONSTRAINT valid_credential_policy CHECK (
-        (central_api_key_enabled OR allow_user_api_key) AND
-        (
-            NOT allow_central_api_key_fallback OR
-            (central_api_key_enabled AND allow_user_api_key)
-        )
-    );
-
-CREATE TABLE user_chat_provider_keys (
-    id               UUID        PRIMARY KEY DEFAULT gen_random_uuid(),
-    user_id          UUID        NOT NULL REFERENCES users(id) ON DELETE CASCADE,
-    chat_provider_id UUID        NOT NULL REFERENCES chat_providers(id) ON DELETE CASCADE,
-    api_key          TEXT        NOT NULL CHECK (api_key != ''),
-    api_key_key_id   TEXT        REFERENCES dbcrypt_keys(active_key_digest),
-    created_at       TIMESTAMPTZ NOT NULL DEFAULT NOW(),
-    updated_at       TIMESTAMPTZ NOT NULL DEFAULT NOW(),
-    UNIQUE (user_id, chat_provider_id)
-);

coderd/database/migrations/000460_user_secrets_value_key_id.down.sql

@@ -1,3 +0,0 @@
-ALTER TABLE user_secrets
-    DROP CONSTRAINT user_secrets_value_key_id_fkey,
-    DROP COLUMN value_key_id;

coderd/database/migrations/000460_user_secrets_value_key_id.up.sql

@@ -1,5 +0,0 @@
-ALTER TABLE user_secrets
-    ADD COLUMN value_key_id TEXT;
-
-ALTER TABLE ONLY user_secrets
-    ADD CONSTRAINT user_secrets_value_key_id_fkey FOREIGN KEY (value_key_id) REFERENCES dbcrypt_keys(active_key_digest);

coderd/database/migrations/000461_aibridge_cache_token_columns.down.sql

@@ -1,3 +0,0 @@
-ALTER TABLE aibridge_token_usages
-    DROP COLUMN cache_read_input_tokens,
-    DROP COLUMN cache_write_input_tokens;

coderd/database/migrations/000461_aibridge_cache_token_columns.up.sql

@@ -1,26 +0,0 @@
-ALTER TABLE aibridge_token_usages
-    ADD COLUMN cache_read_input_tokens BIGINT NOT NULL DEFAULT 0,
-    ADD COLUMN cache_write_input_tokens BIGINT NOT NULL DEFAULT 0;
-
--- Backfill from metadata JSONB. Old rows stored cache tokens under
--- provider-specific keys; new rows use the dedicated columns above.
-UPDATE aibridge_token_usages
-SET
-
-    -- Cache-read metadata keys by provider:
-    --   Anthropic (/v1/messages):          "cache_read_input"
-    --   OpenAI    (/v1/responses):         "input_cached"
-    --   OpenAI    (/v1/chat/completions):  "prompt_cached"
-    cache_read_input_tokens = GREATEST(
-        COALESCE((metadata->>'cache_read_input')::bigint, 0),
-        COALESCE((metadata->>'input_cached')::bigint, 0),
-        COALESCE((metadata->>'prompt_cached')::bigint, 0)
-    ),
-
-	-- Cache-write metadata keys by provider:
-	--   Anthropic (/v1/messages):          "cache_creation_input"
-	--   OpenAI does not report cache-write tokens.
-    cache_write_input_tokens = COALESCE((metadata->>'cache_creation_input')::bigint, 0)
-WHERE metadata IS NOT NULL
-  AND cache_read_input_tokens = 0
-  AND cache_write_input_tokens = 0;

coderd/database/migrations/000462_chat_file_links.down.sql

@@ -1,9 +0,0 @@
-ALTER TABLE chats ADD COLUMN file_ids uuid[] DEFAULT '{}'::uuid[] NOT NULL;
-
-UPDATE chats SET file_ids = (
-    SELECT COALESCE(array_agg(cfl.file_id), '{}')
-    FROM chat_file_links cfl
-    WHERE cfl.chat_id = chats.id
-);
-
-DROP TABLE chat_file_links;

coderd/database/migrations/000462_chat_file_links.up.sql

@@ -1,17 +0,0 @@
-CREATE TABLE chat_file_links (
-    chat_id uuid NOT NULL,
-    file_id uuid NOT NULL,
-    UNIQUE (chat_id, file_id)
-);
-
-CREATE INDEX idx_chat_file_links_chat_id ON chat_file_links (chat_id);
-
-ALTER TABLE chat_file_links
-    ADD CONSTRAINT chat_file_links_chat_id_fkey
-    FOREIGN KEY (chat_id) REFERENCES chats(id) ON DELETE CASCADE;
-
-ALTER TABLE chat_file_links
-    ADD CONSTRAINT chat_file_links_file_id_fkey
-    FOREIGN KEY (file_id) REFERENCES chat_files(id) ON DELETE CASCADE;
-
-ALTER TABLE chats DROP COLUMN IF EXISTS file_ids;

coderd/database/migrations/000463_chat_dynamic_tools.down.sql

@@ -1,31 +0,0 @@
--- First update any rows using the value we're about to remove.
--- The column type is still the original chat_status at this point.
-UPDATE chats SET status = 'error' WHERE status = 'requires_action';
-
--- Drop the column (this is independent of the enum).
-ALTER TABLE chats DROP COLUMN IF EXISTS dynamic_tools;
-
--- Drop the partial index that references the chat_status enum type.
--- It must be removed before the rename-create-cast-drop cycle
--- because the index's WHERE clause (status = 'pending'::chat_status)
--- would otherwise cause a cross-type comparison failure.
-DROP INDEX IF EXISTS idx_chats_pending;
-
--- Now recreate the enum without requires_action.
--- We must use the rename-create-cast-drop pattern.
-ALTER TYPE chat_status RENAME TO chat_status_old;
-CREATE TYPE chat_status AS ENUM (
-    'waiting',
-    'pending',
-    'running',
-    'paused',
-    'completed',
-    'error'
-);
-ALTER TABLE chats ALTER COLUMN status DROP DEFAULT;
-ALTER TABLE chats ALTER COLUMN status TYPE chat_status USING status::text::chat_status;
-ALTER TABLE chats ALTER COLUMN status SET DEFAULT 'waiting';
-DROP TYPE chat_status_old;
-
--- Recreate the partial index.
-CREATE INDEX idx_chats_pending ON chats USING btree (status) WHERE (status = 'pending'::chat_status);

coderd/database/migrations/000463_chat_dynamic_tools.up.sql

@@ -1,3 +0,0 @@
-ALTER TYPE chat_status ADD VALUE IF NOT EXISTS 'requires_action';
-
-ALTER TABLE chats ADD COLUMN dynamic_tools JSONB DEFAULT NULL;

coderd/database/migrations/000464_aibridge_credential_kind.down.sql

@@ -1,5 +0,0 @@
-ALTER TABLE aibridge_interceptions
-    DROP COLUMN IF EXISTS credential_kind,
-    DROP COLUMN IF EXISTS credential_hint;
-
-DROP TYPE IF EXISTS credential_kind;

coderd/database/migrations/000464_aibridge_credential_kind.up.sql

@@ -1,12 +0,0 @@
-CREATE TYPE credential_kind AS ENUM ('centralized', 'byok');
-
--- Records how each LLM request was authenticated and a masked credential
--- identifier for audit purposes. Existing rows default to 'centralized'
--- with an empty hint since we cannot retroactively determine their values.
-ALTER TABLE aibridge_interceptions
-    ADD COLUMN credential_kind credential_kind NOT NULL DEFAULT 'centralized',
-    -- Length capped as a safety measure to ensure only masked values are stored.
-    ADD COLUMN credential_hint CHARACTER VARYING(15) NOT NULL DEFAULT '';
-
-COMMENT ON COLUMN aibridge_interceptions.credential_kind IS 'How the request was authenticated: centralized or byok.';
-COMMENT ON COLUMN aibridge_interceptions.credential_hint IS 'Masked credential identifier for audit (e.g. sk-a***efgh).';

coderd/database/migrations/000465_chat_agent_id_index.down.sql

@@ -1 +0,0 @@
-DROP INDEX IF EXISTS idx_chats_agent_id;

coderd/database/migrations/000465_chat_agent_id_index.up.sql

@@ -1 +0,0 @@
-CREATE INDEX idx_chats_agent_id ON chats(agent_id) WHERE agent_id IS NOT NULL;

coderd/database/migrations/000466_chat_files_object_store.down.sql

@@ -1,7 +0,0 @@
--- Backfill any NULL data values before restoring NOT NULL would require
--- reading from the object store, which is not possible in a migration.
--- Instead, delete rows that only exist in the object store.
-DELETE FROM chat_files WHERE data IS NULL;
-
-ALTER TABLE chat_files ALTER COLUMN data SET NOT NULL;
-ALTER TABLE chat_files DROP COLUMN object_store_key;

coderd/database/migrations/000466_chat_files_object_store.up.sql

@@ -1,8 +0,0 @@
--- Add object_store_key to track files stored in external object storage.
--- When non-NULL, the file data lives in the object store under this key
--- and the data column may be NULL.
-ALTER TABLE chat_files ADD COLUMN object_store_key TEXT;
-
--- Make data nullable so new writes can skip the BYTEA column when
--- storing in the object store.
-ALTER TABLE chat_files ALTER COLUMN data DROP NOT NULL;

coderd/database/migrations/testdata/fixtures/000459_provider_key_policy.up.sql

@@ -1,16 +0,0 @@
-INSERT INTO user_chat_provider_keys (
-    user_id,
-    chat_provider_id,
-    api_key,
-    created_at,
-    updated_at
-)
-SELECT
-    id,
-    '0a8b2f84-b5a8-4c44-8c9f-e58c44a534a7',
-    'fixture-test-key',
-    '2025-01-01 00:00:00+00',
-    '2025-01-01 00:00:00+00'
-FROM users
-ORDER BY created_at, id
-LIMIT 1;

coderd/database/migrations/testdata/fixtures/000462_chat_file_links.up.sql

@@ -1,5 +0,0 @@
-INSERT INTO chat_file_links (chat_id, file_id)
-VALUES (
-    '72c0438a-18eb-4688-ab80-e4c6a126ef96',
-    '00000000-0000-0000-0000-000000000099'
-);

coderd/database/modelmethods.go

@@ -10,7 +10,6 @@ import (
 	"time"
 
 	"github.com/google/uuid"
-	"github.com/sqlc-dev/pqtype"
 	"golang.org/x/exp/maps"
 	"golang.org/x/oauth2"
 	"golang.org/x/xerrors"
@@ -187,10 +186,6 @@ func (c ChatFile) RBACObject() rbac.Object {
 	return rbac.ResourceChat.WithID(c.ID).WithOwner(c.OwnerID.String()).InOrg(c.OrganizationID)
 }
 
-func (c GetChatFileMetadataByChatIDRow) RBACObject() rbac.Object {
-	return rbac.ResourceChat.WithID(c.ID).WithOwner(c.OwnerID.String()).InOrg(c.OrganizationID)
-}
-
 func (s APIKeyScope) ToRBAC() rbac.ScopeName {
 	switch s {
 	case ApiKeyScopeCoderAll:
@@ -928,28 +923,3 @@ func WorkspaceIdentityFromWorkspace(w Workspace) WorkspaceIdentity {
 func (r GetWorkspaceAgentAndWorkspaceByIDRow) RBACObject() rbac.Object {
 	return r.WorkspaceTable.RBACObject()
 }
-
-// UpsertConnectionLogParams contains the parameters for upserting a
-// connection log entry. This struct is hand-maintained (not generated
-// by sqlc) because the single-row UpsertConnectionLog query was
-// removed in favor of BatchUpsertConnectionLogs, but the struct is
-// still used as the canonical connection log event type throughout
-// the codebase.
-type UpsertConnectionLogParams struct {
-	ID               uuid.UUID        `db:"id" json:"id"`
-	OrganizationID   uuid.UUID        `db:"organization_id" json:"organization_id"`
-	WorkspaceOwnerID uuid.UUID        `db:"workspace_owner_id" json:"workspace_owner_id"`
-	WorkspaceID      uuid.UUID        `db:"workspace_id" json:"workspace_id"`
-	WorkspaceName    string           `db:"workspace_name" json:"workspace_name"`
-	AgentName        string           `db:"agent_name" json:"agent_name"`
-	Type             ConnectionType   `db:"type" json:"type"`
-	Code             sql.NullInt32    `db:"code" json:"code"`
-	IP               pqtype.Inet      `db:"ip" json:"ip"`
-	UserAgent        sql.NullString   `db:"user_agent" json:"user_agent"`
-	UserID           uuid.NullUUID    `db:"user_id" json:"user_id"`
-	SlugOrPort       sql.NullString   `db:"slug_or_port" json:"slug_or_port"`
-	ConnectionID     uuid.NullUUID    `db:"connection_id" json:"connection_id"`
-	DisconnectReason sql.NullString   `db:"disconnect_reason" json:"disconnect_reason"`
-	Time             time.Time        `db:"time" json:"time"`
-	ConnectionStatus ConnectionStatus `db:"connection_status" json:"connection_status"`
-}

coderd/database/modelqueries.go

@@ -584,7 +584,6 @@ func (q *sqlQuerier) CountAuthorizedAuditLogs(ctx context.Context, arg CountAudi
 		arg.DateTo,
 		arg.BuildReason,
 		arg.RequestID,
-		arg.CountCap,
 	)
 	if err != nil {
 		return 0, err
@@ -721,7 +720,6 @@ func (q *sqlQuerier) CountAuthorizedConnectionLogs(ctx context.Context, arg Coun
 		arg.WorkspaceID,
 		arg.ConnectionID,
 		arg.Status,
-		arg.CountCap,
 	)
 	if err != nil {
 		return 0, err
@@ -798,7 +796,6 @@ func (q *sqlQuerier) GetAuthorizedChats(ctx context.Context, arg GetChatsParams,
 			&i.Chat.PinOrder,
 			&i.Chat.LastReadMessageID,
 			&i.Chat.LastInjectedContext,
-			&i.Chat.DynamicTools,
 			&i.HasUnread); err != nil {
 			return nil, err
 		}
@@ -869,8 +866,6 @@ func (q *sqlQuerier) ListAuthorizedAIBridgeInterceptions(ctx context.Context, ar
 			&i.AIBridgeInterception.ClientSessionID,
 			&i.AIBridgeInterception.SessionID,
 			&i.AIBridgeInterception.ProviderName,
-			&i.AIBridgeInterception.CredentialKind,
-			&i.AIBridgeInterception.CredentialHint,
 			&i.VisibleUser.ID,
 			&i.VisibleUser.Username,
 			&i.VisibleUser.Name,
@@ -1034,8 +1029,6 @@ func (q *sqlQuerier) ListAuthorizedAIBridgeSessions(ctx context.Context, arg Lis
 			&i.Threads,
 			&i.InputTokens,
 			&i.OutputTokens,
-			&i.CacheReadInputTokens,
-			&i.CacheWriteInputTokens,
 			&i.LastPrompt,
 		); err != nil {
 			return nil, err
@@ -1134,8 +1127,6 @@ func (q *sqlQuerier) ListAuthorizedAIBridgeSessionThreads(ctx context.Context, a
 			&i.AIBridgeInterception.ClientSessionID,
 			&i.AIBridgeInterception.SessionID,
 			&i.AIBridgeInterception.ProviderName,
-			&i.AIBridgeInterception.CredentialKind,
-			&i.AIBridgeInterception.CredentialHint,
 		); err != nil {
 			return nil, err
 		}