coder
diff --git a/‎.markdownlint.jsonc
Lines changed: 2 additions & 0 deletions b/‎.markdownlint.jsonc
Lines changed: 2 additions & 0 deletions
diff --git a/‎Makefile
Lines changed: 6 additions & 0 deletions b/‎Makefile
Lines changed: 6 additions & 0 deletions
diff --git a/‎cli/testdata/coder_server_--help.golden
Lines changed: 6 additions & 6 deletions b/‎cli/testdata/coder_server_--help.golden
Lines changed: 6 additions & 6 deletions
diff --git a/‎cli/testdata/server-config.yaml.golden
Lines changed: 7 additions & 7 deletions b/‎cli/testdata/server-config.yaml.golden
Lines changed: 7 additions & 7 deletions
diff --git a/‎coderd/apidoc/docs.go
Lines changed: 1 addition & 1 deletion b/‎coderd/apidoc/docs.go
Lines changed: 1 addition & 1 deletion
diff --git a/‎coderd/apidoc/swagger.json
Lines changed: 1 addition & 1 deletion b/‎coderd/apidoc/swagger.json
Lines changed: 1 addition & 1 deletion
diff --git a/‎codersdk/deployment.go
Lines changed: 9 additions & 9 deletions b/‎codersdk/deployment.go
Lines changed: 9 additions & 9 deletions
diff --git a/‎docs/reference/api/schemas.md
Lines changed: 1 addition & 1 deletion b/‎docs/reference/api/schemas.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎docs/reference/cli/server.md
Lines changed: 7 additions & 7 deletions b/‎docs/reference/cli/server.md
Lines changed: 7 additions & 7 deletions
diff --git a/‎docs/reference/cli/templates_create.md
Lines changed: 1 addition & 1 deletion b/‎docs/reference/cli/templates_create.md
Lines changed: 1 addition & 1 deletion
@@ -8,6 +8,8 @@
 
 	"MD033": false, // Inline HTML: we use it in some places
 
+	"MD034": false, // Bare URL: we use it in some places in generated docs see: codersdk/deployment.go
+
 	"MD041": false, // First line in file should be a top level heading: All of our changelogs do not start with a top level heading
 	// TODO: We need to update /home/coder/repos/coder/coder/scripts/release/generate_release_notes.sh to generate changelogs that follow this rule
 
 
@@ -685,9 +685,15 @@ codersdk/rbacresources_gen.go: scripts/typegen/codersdk.gotmpl scripts/typegen/m
 
 site/src/api/rbacresourcesGenerated.ts: scripts/typegen/codersdk.gotmpl scripts/typegen/main.go coderd/rbac/object.go coderd/rbac/policy/policy.go
 	go run scripts/typegen/main.go rbac typescript > "$@"
+	cd site
+	../scripts/pnpm_install.sh
+	pnpm exec biome format --write src/api/rbacresourcesGenerated.ts
 
 site/src/api/countriesGenerated.ts: scripts/typegen/countries.tstmpl scripts/typegen/main.go codersdk/countries.go
 	go run scripts/typegen/main.go countries > "$@"
+	cd site
+	../scripts/pnpm_install.sh
+	pnpm exec biome format --write src/api/countriesGenerated.ts
 
 docs/admin/integrations/prometheus.md: scripts/metricsdocgen/main.go scripts/metricsdocgen/metrics
 	go run scripts/metricsdocgen/main.go
 
@@ -56,7 +56,7 @@ OPTIONS:
 
       --postgres-url string, $CODER_PG_CONNECTION_URL
           URL of a PostgreSQL database. If empty, PostgreSQL binaries will be
-          downloaded from Maven <https://repo1.maven.org/maven2> and store all
+          downloaded from Maven https://repo1.maven.org/maven2 and store all
           data in the config root. Access the built-in database with "coder
           server postgres-builtin-url". Note that any special characters in the
           URL must be URL-encoded.
@@ -215,7 +215,7 @@ INTROSPECTION / TRACING OPTIONS:
       --trace bool, $CODER_TRACE_ENABLE
           Whether application tracing data is collected. It exports to a backend
           configured by environment variables. See:
-          <https://github.com/open-telemetry/opentelemetry-specification/blob/main/specification/protocol/exporter.md>.
+          https://github.com/open-telemetry/opentelemetry-specification/blob/main/specification/protocol/exporter.md.
 
       --trace-honeycomb-api-key string, $CODER_TRACE_HONEYCOMB_API_KEY
           Enables trace exporting to Honeycomb.io using the provided API Key.
@@ -269,11 +269,11 @@ backed by Tailscale and WireGuard.
 
       --derp-config-path string, $CODER_DERP_CONFIG_PATH
           Path to read a DERP mapping from. See:
-          <https://tailscale.com/kb/1118/custom-derp-servers/>.
+          https://tailscale.com/kb/1118/custom-derp-servers/.
 
       --derp-config-url string, $CODER_DERP_CONFIG_URL
           URL to fetch a DERP mapping on startup. See:
-          <https://tailscale.com/kb/1118/custom-derp-servers/>.
+          https://tailscale.com/kb/1118/custom-derp-servers/.
 
       --derp-force-websockets bool, $CODER_DERP_FORCE_WEBSOCKETS
           Force clients and agents to always use WebSocket to connect to DERP
@@ -355,7 +355,7 @@ can safely ignore these settings.
       --tls-allow-insecure-ciphers bool, $CODER_TLS_ALLOW_INSECURE_CIPHERS (default: false)
           By default, only ciphers marked as 'secure' are allowed to be used.
           See
-          <https://github.com/golang/go/blob/master/src/crypto/tls/cipher_suites.go#L82-L95>.
+          https://github.com/golang/go/blob/master/src/crypto/tls/cipher_suites.go#L82-L95.
 
       --tls-cert-file string-array, $CODER_TLS_CERT_FILE
           Path to each certificate for TLS. It requires a PEM-encoded file. To
@@ -365,7 +365,7 @@ can safely ignore these settings.
 
       --tls-ciphers string-array, $CODER_TLS_CIPHERS
           Specify specific TLS ciphers that allowed to be used. See
-          <https://github.com/golang/go/blob/master/src/crypto/tls/cipher_suites.go#L53-L75>.
+          https://github.com/golang/go/blob/master/src/crypto/tls/cipher_suites.go#L53-L75.
 
       --tls-client-auth string, $CODER_TLS_CLIENT_AUTH (default: none)
           Policy the server will follow for TLS Client Authentication. Accepted
 
@@ -90,11 +90,11 @@ networking:
     # (default: <unset>, type: string)
     clientKeyFile: ""
     # Specify specific TLS ciphers that allowed to be used. See
-    # <https://github.com/golang/go/blob/master/src/crypto/tls/cipher_suites.go#L53-L75>.
+    # https://github.com/golang/go/blob/master/src/crypto/tls/cipher_suites.go#L53-L75.
     # (default: <unset>, type: string-array)
     tlsCiphers: []
     # By default, only ciphers marked as 'secure' are allowed to be used. See
-    # <https://github.com/golang/go/blob/master/src/crypto/tls/cipher_suites.go#L82-L95>.
+    # https://github.com/golang/go/blob/master/src/crypto/tls/cipher_suites.go#L82-L95.
     # (default: false, type: bool)
     tlsAllowInsecureCiphers: false
     # Controls if the 'Strict-Transport-Security' header is set on all static file
@@ -157,11 +157,11 @@ networking:
     # (default: <unset>, type: bool)
     forceWebSockets: false
     # URL to fetch a DERP mapping on startup. See:
-    # <https://tailscale.com/kb/1118/custom-derp-servers/>.
+    # https://tailscale.com/kb/1118/custom-derp-servers/.
     # (default: <unset>, type: string)
     url: ""
     # Path to read a DERP mapping from. See:
-    # <https://tailscale.com/kb/1118/custom-derp-servers/>.
+    # https://tailscale.com/kb/1118/custom-derp-servers/.
     # (default: <unset>, type: string)
     configPath: ""
   # Headers to trust for forwarding IP addresses. e.g. Cf-Connecting-Ip,
@@ -217,7 +217,7 @@ introspection:
   tracing:
     # Whether application tracing data is collected. It exports to a backend
     # configured by environment variables. See:
-    # <https://github.com/open-telemetry/opentelemetry-specification/blob/main/specification/protocol/exporter.md>.
+    # https://github.com/open-telemetry/opentelemetry-specification/blob/main/specification/protocol/exporter.md.
     # (default: <unset>, type: bool)
     enable: false
     # Enables capturing of logs as events in traces. This is useful for debugging, but
@@ -499,9 +499,9 @@ supportLinks: []
 # External Authentication providers.
 # (default: <unset>, type: struct[[]codersdk.ExternalAuthConfig])
 externalAuthProviders: []
-# Hostname of HTTPS server that runs <https://github.com/coder/wgtunnel>. By
+# Hostname of HTTPS server that runs https://github.com/coder/wgtunnel. By
 # default, this will pick the best available wgtunnel server hosted by Coder. e.g.
-# <tunnel.example.com>.
+# tunnel.example.com.
 # (default: <unset>, type: string)
 wgtunnelHost: ""
 # Allow users to set quiet hours schedules each day for workspaces to avoid
 
@@ -594,7 +594,7 @@ type ExternalAuthConfig struct {
 	// a string (e.g. coder.com) instead of by it's type.
 	//
 	// Git clone makes use of this by parsing the URL from:
-	// 'Username for <https://github.com>:'
+	// 'Username for https://github.com:'
 	// And sending it to the Coder server to match against the Regex.
 	Regex string `json:"regex" yaml:"regex"`
 	// DisplayName is shown in the UI to identify the auth config.
@@ -1174,7 +1174,7 @@ when required by your organization's security policy.`,
 			Flag:        "wildcard-access-url",
 			Env:         "CODER_WILDCARD_ACCESS_URL",
 			// Do not use a serpent.URL here. We are intentionally omitting the
-			// scheme part of the url <https://>, so the standard url parsing
+			// scheme part of the url https://, so the standard url parsing
 			// will yield unexpected results.
 			//
 			// We have a validation function to ensure the wildcard url is correct,
@@ -1339,7 +1339,7 @@ when required by your organization's security policy.`,
 		},
 		{
 			Name:        "TLS Ciphers",
-			Description: "Specify specific TLS ciphers that allowed to be used. See <https://github.com/golang/go/blob/master/src/crypto/tls/cipher_suites.go#L53-L75>.",
+			Description: "Specify specific TLS ciphers that allowed to be used. See https://github.com/golang/go/blob/master/src/crypto/tls/cipher_suites.go#L53-L75.",
 			Flag:        "tls-ciphers",
 			Env:         "CODER_TLS_CIPHERS",
 			Default:     "",
@@ -1350,7 +1350,7 @@ when required by your organization's security policy.`,
 		},
 		{
 			Name:        "TLS Allow Insecure Ciphers",
-			Description: "By default, only ciphers marked as 'secure' are allowed to be used. See <https://github.com/golang/go/blob/master/src/crypto/tls/cipher_suites.go#L82-L95>.",
+			Description: "By default, only ciphers marked as 'secure' are allowed to be used. See https://github.com/golang/go/blob/master/src/crypto/tls/cipher_suites.go#L82-L95.",
 			Flag:        "tls-allow-insecure-ciphers",
 			Env:         "CODER_TLS_ALLOW_INSECURE_CIPHERS",
 			Default:     "false",
@@ -1452,7 +1452,7 @@ when required by your organization's security policy.`,
 		},
 		{
 			Name:        "DERP Config URL",
-			Description: "URL to fetch a DERP mapping on startup. See: <https://tailscale.com/kb/1118/custom-derp-servers/>.",
+			Description: "URL to fetch a DERP mapping on startup. See: https://tailscale.com/kb/1118/custom-derp-servers/.",
 			Flag:        "derp-config-url",
 			Env:         "CODER_DERP_CONFIG_URL",
 			Value:       &c.DERP.Config.URL,
@@ -1461,7 +1461,7 @@ when required by your organization's security policy.`,
 		},
 		{
 			Name:        "DERP Config Path",
-			Description: "Path to read a DERP mapping from. See: <https://tailscale.com/kb/1118/custom-derp-servers/>.",
+			Description: "Path to read a DERP mapping from. See: https://tailscale.com/kb/1118/custom-derp-servers/.",
 			Flag:        "derp-config-path",
 			Env:         "CODER_DERP_CONFIG_PATH",
 			Value:       &c.DERP.Config.Path,
@@ -1945,7 +1945,7 @@ when required by your organization's security policy.`,
 		// Trace settings
 		{
 			Name:        "Trace Enable",
-			Description: "Whether application tracing data is collected. It exports to a backend configured by environment variables. See: <https://github.com/open-telemetry/opentelemetry-specification/blob/main/specification/protocol/exporter.md>.",
+			Description: "Whether application tracing data is collected. It exports to a backend configured by environment variables. See: https://github.com/open-telemetry/opentelemetry-specification/blob/main/specification/protocol/exporter.md.",
 			Flag:        "trace",
 			Env:         "CODER_TRACE_ENABLE",
 			Value:       &c.Trace.Enable,
@@ -2284,7 +2284,7 @@ when required by your organization's security policy.`,
 		},
 		{
 			Name:        "Postgres Connection URL",
-			Description: "URL of a PostgreSQL database. If empty, PostgreSQL binaries will be downloaded from Maven <https://repo1.maven.org/maven2> and store all data in the config root. Access the built-in database with \"coder server postgres-builtin-url\". Note that any special characters in the URL must be URL-encoded.",
+			Description: "URL of a PostgreSQL database. If empty, PostgreSQL binaries will be downloaded from Maven https://repo1.maven.org/maven2 and store all data in the config root. Access the built-in database with \"coder server postgres-builtin-url\". Note that any special characters in the URL must be URL-encoded.",
 			Flag:        "postgres-url",
 			Env:         "CODER_PG_CONNECTION_URL",
 			Annotations: serpent.Annotations{}.Mark(annotationSecretKey, "true"),
@@ -2530,7 +2530,7 @@ Write out the current server config as YAML to stdout.`,
 		},
 		{
 			Name:        "Custom wgtunnel Host",
-			Description: "Hostname of HTTPS server that runs <https://github.com/coder/wgtunnel>. By default, this will pick the best available wgtunnel server hosted by Coder. e.g. <tunnel.example.com>.",
+			Description: "Hostname of HTTPS server that runs https://github.com/coder/wgtunnel. By default, this will pick the best available wgtunnel server hosted by Coder. e.g. tunnel.example.com.",
 			Flag:        "wg-tunnel-host",
 			Env:         "WGTUNNEL_HOST",
 			YAML:        "wgtunnelHost",