chore(deps): bump the github-actions group with 2 updates

[dependabot]

Bumps the github-actions group with 2 updates: coder/coder and crate-ci/typos.

Updates coder/coder from 2.32.0 to 2.32.1

Release notes

Sourced from coder/coder's releases.

v2.32.1

Changelog

[!NOTE] This is a mainline Coder release. We advise enterprise customers without a staging environment to install our latest stable release while we refine this version. Learn more about our Release Schedule.

BREAKING CHANGES

• fix!: terminal command confirmation dialog (cherry-pick to 2.32) (#24767)

When a ?command= parameter is present, a confirmation dialog is shown before the command executes. The user must click Run command to proceed or Cancel to close the terminal window. This prevents external links from silently executing arbitrary commands in a workspace.

Template-configured apps that use the command attribute in coder_app are trusted and bypass the confirmation dialog. These apps use the ?app= parameter internally, which resolves the command from the agent's app list. See docs.

Bug Fixes

• fix: bump hashicorp/hc-install to v0.9.4 (#24547) (#24576)
• fix(coderd/externalauth): save refreshed token before validation (#24332) (#24579)
• fix(site): implement agent logs improvements (#24455) (#24733)
• fix: restore kebab menu flex (#24359) (#24734)
• fix: widen engines.node to include Node.js 24 LTS (#24419) (#24468)
• fix(coderd/x/chatd): hoist system prompt fetch out of chat creation transaction (#24369) (#24415)
• fix: prevent 'See all templates' from overlapping template list in New Workspace dropdown (#24356) (#24386)

Compare: v2.32.0...v2.32.1

Container image

• docker pull ghcr.io/coder/coder:2.32.1

Install/upgrade

Refer to our docs to install or upgrade Coder, or use a release asset below.

Commits

• 2466f0c fix: bump hashicorp/hc-install to v0.9.4 (#24547) (#24576)
• c9b5f12 fix!: terminal command confirmation dialog (cherry-pick to 2.32) (#24767)
• 4d00bc6 fix(coderd/externalauth): save refreshed token before validation (#24332) (#2...
• 26373e5 fix(site): implement agent logs improvements (#24455) (#24733)
• 06f6b79 fix: restore kebab menu flex (#24359) (#24734)
• b40faa7 fix: widen engines.node to include Node.js 24 LTS (#24419) (#24468)
• 6219191 fix(coderd/x/chatd): hoist system prompt fetch out of chat creation transacti...
• 8d740ff fix: prevent 'See all templates' from overlapping template list in New Worksp...
• See full diff in compare view

Updates crate-ci/typos from 1.45.1 to 1.46.0

Release notes

Sourced from crate-ci/typos's releases.

v1.46.0

[1.46.0] - 2026-04-30

Features

• Updated the dictionary with the April 2026 changes

v1.45.2

[1.45.2] - 2026-04-27

Fixes

• Ignore ssh ed25519 public keys

Changelog

Sourced from crate-ci/typos's changelog.

Change Log

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

[Unreleased] - ReleaseDate

[1.46.0] - 2026-04-30

Features

• Updated the dictionary with the April 2026 changes

[1.45.2] - 2026-04-27

Fixes

• Ignore ssh ed25519 public keys

[1.45.1] - 2026-04-13

Fixes

• (action) Use a temp dir for caching

[1.45.0] - 2026-04-01

Features

• Updated the dictionary with the March 2026 changes

[1.44.0] - 2026-02-27

Features

• Updated the dictionary with the February 2026 changes

[1.43.5] - 2026-02-16

Fixes

• (pypi) Hopefully fix the sdist build

[1.43.4] - 2026-02-09

Fixes

• Don't correct pincher

... (truncated)

Commits

• bbaefad chore: Release
• c19f54c chore: Release
• d65608b docs: Update changelog
• c6f8f5e Merge pull request #1546 from epage/april
• da5e97e feat(dict): April updates
• 7c57295 chore: Release
• b5056d6 docs: Update changelog
• a063c3f Merge pull request #1544 from epage/pub
• 5d5e80b fix(tokens): Ignore ssh ed25519 pub keys
• 4da614b test(tokens): Show parsing of a public key
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[DevelopmentCats]

LGTM i dont see why we would have any issues here and CI passes.

edit: of course now that i say that it fails on rebase i will look into why this is happening