Also remove github.com from the trusted domains. This causes the
browser to block the popup instead (probably because the space between
interaction and popup is too great), which is difficult to notice in
Chromium. Even in Firefox with the extra bar they add at the top it can
be easy to miss.
* Fix building from source on arm
Not building from source causes argon2 to pull the wrong arch, so we
have to build from source.
But building from source is causing the new Kerberos module to fail on
arm64 and keytar to fail on both.
The latter has been very difficult to debug because the GitHub image
provides a different result to containers based on Ubuntu 20.04.
Because of this, use a container instead.
Use debian:buster as the container because it is easier to set up the
architecture sources (no need to modify the sources) and because it
seems to come with glibc 2.28 rather than 2.31.
Also use the exact version of Node (18.15.0) for reproducibility.
* Set owner and group during tar to zero
Otherwise you get IDs that can cause (benign) errors while extracting,
which might be confusing. At the very least, I did not see these errors
from previous tars (although they seem to use 1001).
There is no guarantee what IDs might exist so 0 seems the most
reasonable.
* Avoid packaging yarn.lock
Since the shrinkwrap is what we want everything to use.
* Build with npm
It seems we stuck with yarn because npm was giving us errors but I will try
sorting it out now so we can build with npm as originally intended.
* Remove build from source
Not using CentOS 7 anymore so based on the comment we no longer need
this. Keytar seems to install fine now.
* Update missed Node version
These numbers are all over the place.
* npm_config_arch must be lowercase
* Patch out Kerberos
I am not sure exactly how it is used but I think it is not a path code-server
worries about, at least not right now. Just going to patch it out rather than
figure out how to build it on armv7l but we can revisit later.
* Update VS Code to 1.82.2
* Add new libkrb5 dependency
* Update patches
The only changes were to context except:
- The URL callback provider uses a new _callbackRoute argument and moved
locations.
- The telemetry provider gets passed the request service as the first
argument now.
- CSP hash changed, as usual.
* Update Node to v18
* Revert back to es2020
es2022 is breaking Safari.
* Update to 1.78.1
No changes needed in the patches other than moving some lines around and
updating the CSP hash as usual.
The flake had to be updated as it was using Node 16.16 and 16.17 is
required at minimum now. Also python seems to install python2 which is
marked as deprecated so explicitly install python3.
* Update to 1.78.2
Patches applied without any conflicts.
* Update commit environment variable
This was causing the commit not to be set. It broke display languages
since that has a hard dependency on the commit for directory names.
Possibly broke other things.
* refactor: remove keytar dep in cross-compile
* refactor: try other keytar package
* refactor: remove keytar step in cross-compile
* fix: manually remove keytar
* try this first
* I think this is it
* Revert "I think this is it"
This reverts commit 5c566b0c01.
* okay this is it
* fixup
* try legacy peer
* remove keytar before standalone
* wrong path
* maybe
* revert: change *npm* back to npm*
* revert: don't uninstall keytar
* fix: use npm run standalone-release
* fixup formatting
* Revert "refactor: remove yarn.lock steps (#5850)"
This reverts commit 907747d394.
* fixup: remove the --exclude
* refactor: remove yarn.lock check
Co-authored-by: repo-ranger[bot] <39074581+repo-ranger[bot]@users.noreply.github.com>
* refactor: default to npm in postinstall.sh
yarn has a bug where it will try to update dependencies even if
`yarn.lock` is present. Therefore we're defaulting to `npm` to prevent
further issues.
* refactor: exclude yarn.lock in standalone
By excluding `yarn.lock`, we prevent issues where the user must use
`yarn` instead of `npm` to install code-server.
* refactor: get version dynamically
* chore: remove version
* fixup: missing quotes
* refactor: drop global VERSION
* wip: updating ersion in publish
* refactor: update publish.yaml with version changes
* refactor: release.yaml with new version changes
* refactor: update build.yaml with version changes
* chore: update maintainer
* fixup: update version in build-vscode
* fixup: fix github env version
* try macos only
* try again
* last resort
* joe again
* this oneee
* fixup: this should work
* try using inputs
* docs: update release notes
* fixup!: use env.VERSION in docker step
* fixup!: comment get and set version
* fixup!: remove compress release package comment
* fixup!: use $VERSION in npm-version
* refactor: set VERSION in build VS Code step
* refactor: use 0.0.0 in package.json version
* refactor: delete release-prep script
* Update ci/build/build-vscode.sh
* fixup!: remove extra VERSION set in aur
* chore: update code to 1.71.2
* chore: update telemetry patch
It appears part of the fix has been implemented upstream.
* refactor: drop safari-console patch
This has been fixed upstream.
* docs: update MAINTAINING
* refactor: use branch name in release-prep
This makes a minor improvement to the `release-prep.sh` script to grab
the version to update to from the branch name.
* chore(release): bump version to 4.7.0
* fixup: bump version
* docs: use latest instead of version
* fixup: bump Chart version
* chore: update CHANGELOG
* chore: add license to test package.json
* chore: bump @coder/logging to 3.0.0
* fix: change level to Warn
* Include bin scripts for all platforms
These will get symlinked as part of the postinstall. These scripts
provide everything ours does inside the integrated terminal plus more.
* Improve OS detection
Specifically for Windows although we do not yet support Windows.
Also standardize the duplicate arch functions since they had drifted
from each other bit.
* Remove duplicate asar symlink
Since standalone releases run the postinstall they will get the asar
symlink there. That means the symlink will not exist for the npm
package and we will not need to ignore it.
The symlink portion is split out so it can be re-used for other
symlinks (for example linking bin scripts).
* Add symlinks to bin scripts
* Add test for opening a file from the terminal
* Add global Playwright timeout
Otherwise it will exceed the Actions timeout and get rudely killed
without any output.
* Make sed work on macOS
* Fix Node path in bin scripts
* Disable shellcheck expansion error
* Make scripts executable
* Remove .bak files created by sed
* Include Code build script in cache hash
Otherwise if we change the script it will not rebuild Code.
* Make sure the terminal opens
The selector was timing out even though it matched more than one element
but matching on the focused one appears to work.
In addition add a loop so it can keep trying to open the terminal
if something goes wrong with the focus.
* feat: add installExtension integration test
This adds a new helper function called `runCodeServerCommand` along with
a test for `--install-extension`. We can use this approach for writing
integration tests (i.e. testing a real code-server build, CLI commands,
etc).
* refactor: s/ test:standalone with test:integration
This replaces our integration approach to use Jest instead of a single
bash script. By doing this, we will be able to easily maintain and add
to our integration test suite.
* refactor: filter unit tests
Now that our integration tests also use Jest, we need to update our unit
test script to ignore `test/integration`.
* refactor: add SKIP_SUBMODULE_DEPS to postinstall
* refactor: add SKIP_SUBMODULE_DEPS to postinstall
* fixup!: skip submod deps
* refactor: move runCodeServerCommand into sep. file
When Jest runs a test, it loads all the files and imports for that test.
This means you might be "requiring" code that's unrelated to your tests.
This leads to unexpected errors depending on where the code runs.
Moved this file to avoid GLIBC and other errors relaed to argon2 when
running integration tests in CI.
* fizup: formatting
* fizup: increase timeout
* refactor: use fixture in installExtension test
Instead of relying on a network to install an extension, we use a
fixture - vsix file in the repo. This is also faster.
* feat: add integration test for listExtensions
* chore: ignore integration fixtures
* fixup: formatting
* fixup: remove custom-hacks.css
* fixup: formatting
* Update test/integration/installExtension.test.ts
Co-authored-by: Asher <ash@coder.com>
* Update test/integration/listExtensions.test.ts
Co-authored-by: Asher <ash@coder.com>
* Update test/integration/installExtension.test.ts
Co-authored-by: Asher <ash@coder.com>
* Update test/integration/listExtensions.test.ts
Co-authored-by: Asher <ash@coder.com>
* fixup: contributing integration tests section
* fixup: update ci/readme
* fixup: use RELEASE_PATH in test-integration.sh
* refactor: unzip vsix for listExtensions
* refactor: use exec instead of spawn
* Update docs/CONTRIBUTING.md
Co-authored-by: Asher <ash@coder.com>
* Update test/integration/listExtensions.test.ts
Co-authored-by: Asher <ash@coder.com>
* Update test/integration/listExtensions.test.ts
Co-authored-by: Asher <ash@coder.com>
* Update test/integration/listExtensions.test.ts
Co-authored-by: Asher <ash@coder.com>
* refactor: use different default binary path
* fixup!: formatting
Co-authored-by: Asher <ash@coder.com>
* chore: update Code to 1.67
Was able to remove our changes to common/webview.ts since they are
upstream now.
Other than that no serious changes, just context diffs.
* chore: update Code to 1.68
- Upstream moved the web socket endpoint so change the Express route
from / to *. That will let web sockets work at any endpoint.
- Everything in the workbench config is basically the same but
de-indented (upstream extracted it into a separate object which
resulted in a de-indent), the ordering is slightly different, and
instead of vscodeBase we now need vscodeBase + this._staticRoute since
everything is served from a sub-path now.
- Move manifest link back to the root since that is where we host our
manifest.
- Change RemoteAuthoritiesImpl to use the same path building method as
in other places (+ instead of using URI.parse/join).
- Use existing host/port in RemoteAuthoritiesImpl and
BrowserSocketFactory instead of patching them to use window.location
(these are set from window.location to begin with so it should be the
same result but with less patching).
- Since BrowserSocketFactory includes a sub-path now (endpoints were
changed upstream to serve from /quality/commit instead of from the
root) the patch there has changed to prepend the base to that
path (instead of using the base directly).
- The workbench HTML now natively supports a base URL in the form of
WORKBENCH_WEB_BASE_URL so no need for VS_BASE patches there anymore.
- Upstream added type="image/x-icon" so I did as well.
- Move the language patch to the end of the series so it is easier to
eventually remove.
- Remove the existing NLS config in favor of one that supports
extensions.
- Upstream deleted webview main.js and inlined it into the HTML so move
that code (the parent origin check) into both those HTML files
(index.html and index-no-csp.html).
- The remaining diff is from changes to the surrounding context or a
line was changed slightly by upstream (for example renamed files or
new arguments like to the remote authority resolver).
* fix: modify product.json before building
Code injects this into the client during the build process so it needs
to be updated before we build.
* fix: update inline script nonces
* Update HTML base path test
* fix: missing commit
Code overrides it with nothing.
The date is also already injected.
* fix: web extensions breaking when the commit changes
By just using the marketplace directly instead of going through the
backend. I am not sure what the point is when searching extensions
already goes directly to the marketplace anyway.
But also remove the prefix that breaks this as well because otherwise
existing installations will break.
* chore: upgrade Code to 1.66
* docs: update docs for Code upgrades
* fixup!: docs
* chore: update vscode submodule
* chore: update integration patch
* chore: update node-version patch
* chore: update github-auth patch
They completely changed how auth is handled for GitHub in
https://github.com/microsoft/vscode/pull/145424 so our patch may not
work. Will need to test and revisit.
* refactor: remove postinstall patch
It appears they renamed postinstall.js to postinstall.mjs and removed
the use of `rimraf` which means our patch is no longer needed! 🎉b0e8554cce
* chore: refresh local-storage patch
* chore: refresh service-worker patch
* chore: bulk refresh patches
* fixup!: docs formatting
* refactor: remove unused last-opened patch
* fixup!: formatting docs
* fixup!: formatting docs
* refactor: remove rsync postinstall
* Revert "refactor: remove rsync postinstall"
This reverts commit 8d6b613e9d.
* refactor: update postinstall.js to .mjs
* feat(patches): add parent-origin bypass
* docs(patches): add notes for testing store-socket
* docs(patches): update testing info for node-version
* refactor(patches): delete github-auth.diff patch
* docs(patches): add notes for testing connection-type
* fixup!: delete github-auth patch
* fixup!: update connection type testing
* docs(patches): add notes to insecure-notification.diff
* docs(patches): add nots for update-check.diff
* fixup!: remove comma in integration patch
* fix(e2e): disable workspace trust
* refactor: add --no-default-rc for yarn install
* feat(patches): remove yarnrc in presinstall
* fixup!: silly mistake
* docs: add note about KEEP_MODULES=1
* docs(patches): add testing notes for node-version
* refactor(patches): remove node-version
It appears this is no longer needed due to the `remote/package.json` now which
targets node rather than electron.
* fixup!: add cd ../.. to code upgrade instructions
* fixup!: add note to yarn --production flag
* fixup!: make parent-origin easier to upstream
* Revert "refactor(patches): delete github-auth.diff patch"
This reverts commit 31a354a343.
* Revert "fixup!: delete github-auth patch"
This reverts commit bdeb5212e8.
* Merge webview origin patch into webview patch
* Remove unused post-install patch
* Prevent builtin extensions from updating
* Refresh sourcemaps patch
* Update Node to v16
This matches the version in ./lib/vscode/remote/.yarnrc.
I changed the engine to exactly 16 since if you use any different
version it will just not work since the modules will have been built for
16 (due to the .yarnrc).
* Replace fs.rmdir with fs.rm
Node is showing a deprecation warning about it.
* Update github-auth patch
The local credentials provider is no longer used when there is a remote
so this code moved into the backend web credential provider.
* Prevent fs.rm from erroring about non-existent files
We were using fs.rmdir which presumably did not have the same behavior
in v14 (in v16 fs.rmdir also errors).
* Install Python 3 in CentOS CI container
Co-authored-by: Asher <ash@coder.com>
* Use --exclude to skip node_modules
Instead of copying and then deleting them. This will also catch some
node_modules directories that were missed.
* Remove per-extension dependency install
Code packages all the dependencies using webpack for each extension so
there are no dependencies to install.
* Include source maps
I also moved this to its own patch because it feels sufficiently
standalone.
Fixes#5026.
* Refresh language patch
The base is slightly different so it needed to be refreshed.
* Add missing package.json
This was caused by switching to Code's package step which does not
include the package.json.
Fixes#5019.
* Include keytar
It seems this actually is used now.
* Regenerate last opened patch
The lines were a bit off.
* Remove packaged .gitignore files
Fixes#4964.
* Remove extra Node binary
This gets overidden in the standalone but it was getting uselessly
included in the npm package.
* Move integration types into code-server
This will be easier to maintain than to have it as a patch.
* Disable connection token
Using a flag means we will not need to patch it out. I think this is
new from 1.64?
* Add product.json to build process
This way we do not have to patch it.
* Ship with remote agent package.json
Instead of the root one. This contains fewer dependencies.
* Let Code handle errors
This way we will not have to patch Code to make this work and I think it
makes sense to let Code handle the request.
If we do want to handle errors we can do it cleanly by patching their
error handler to throw instead.
* Move manifest override into code-server
This way we will not have to patch it.
* Move to patches
- Switch submodule to track upstream
- Add quilt to the process
- Add patches
The node-* ignore was ignoring one of the diffs so I removed it. This
was added when we were curling Node as node-v{version}-darwin-x64 for
the macOS build but this no longer happens (we use the Node action to
install a specific version now so we just use the system-wide Node).
* Use pre-packaged Code
* fix(ci): correctly download npm artifact
* fixup! fix(ci): correctly download npm artifact
* docs: update MAINTAINING
* fixup! docs: update MAINTAINING
* fixup! Merge branch 'main' into 4949-chore-fix-npm-workflow
* chore: get ci to run
* refactor: use vVERSION branch name instead of release
* refactor: use new download artifact in docker workflow
* refactor: clean up release-github-assets script
* fixup: remove extra v
* fixup! fixup: remove extra v
* Move Code to a submodule
Closes#4901.
* Base Code cache on hash and re-enable node_modules cache
The current setup appears to only rebuild VS Code if the dependencies
change but we need to rebuild it if anything changes.
I also re-enabled the commented out node_modules caches. They look like
they should work to me with the submodule method. I think the problem
occurred because Code itself was being installed in the yarn step.
* Update links in package.json
I will try checking the docs too
* docs: Update links in triage.md
* docs: Update links in npm.md
* docs: Update links in whatever files that have `cdr`
* Replace globally, thanks @bpmct!
* fix: coderer instead of coder
I should've used all three toggles in the Search/Replace tab in the GItHub.dev editor.
* Code Formatting
* chore(deps): replace argon2 w/@node-rs/argon2
* refactor: clean up hashPassword functions
* refactor(util): pass in process.platform
* fix: use correct settings for test-extension
Before, it was running into errors with an @types package.
Now, we're correctly running `tsc` so it picks up our `tsconfig.json` and we're
telling TypeScript to not typecheck our lib and exclude `node_modules`
* Flesh out fixes to align with upstream.
* Update route handlers to better reflect fallback behavior.
* Add platform to vscode-reh-web task
Our strategy has been to build once and then recompile native modules
for individual platforms. It looks like VS Code builds from scratch for
each platform.
But we can target any platform, grab the pre-packaged folder, then
continue with own packaging.
In the future we may want to rework to match upstream.
* Fix issue where workspace args are not parsed.
* Fix issues surrounding opening files within code-server's terminal.
* Readd parent wrapper for hot reload.
* Allow more errors.
* Fix issues surrounding Coder link.
* Add dir creation and fix cli
It seems VS Code explodes when certain directories do not exist so
import the reh agent instead of the server component since it creates
the directories (require patching thus the VS Code update).
Also the CLI (for installing extensions) did not seem to be working so
point that to the same place since it also exports a function for
running that part of the CLI.
* Remove hardcoded VSCODE_DEV=1
This causes VS Code to use the development HTML file. Move this to the
watch command instead.
I deleted the other stuff before it as well since in the latest main.js
they do not have this code so I figure we should be safe to omit it.
* Fix mismatching commit between client and server
* Mostly restore command-line parity
Restore most everything and remove the added server arguments. This
will let us add and remove options after later so we can contain the
number of breaking changes.
To accomplish this a hard separation is added between the CLI arguments
and the server arguments.
The separation between user-provided arguments and arguments with
defaults is also made more clear.
The extra directory flags have been left out as they were buggy and
should be implemented upstream although I think there are better
solutions anyway. locale and install-source are unsupported with the
web remote and are left removed. It is unclear whether they were used
before anyway.
Some restored flags still need to have their behavior re-implemented.
* Fix static endpoint not emitting 404s
This fixes the last failing unit test.
Fix a missing dependency, add some generic reverse proxy support for the
protocol, and add back a missing nfpm fix.
* Import missing logError
* Fix 403 errors
* Add code-server version to about dialog
* Use user settings to disable welcome page
The workspace setting seems to be recognized but if so it is having no
effect.
* Update VS Code cache step with new build directories
Co-authored-by: Asher <ash@coder.com>
* fix(testing): revert change & fix playwright tests
* fix(constants): add type to import statement
* refactor(e2e): delete browser test
This test was originally added to ensure playwright was working.
At this point, we know it works so removing this test because it doesn't help
with anything specific to code-server and only adds unnecessary code to the
codebase plus increases the e2e test job duration.
* chore(e2e): use 1 worker for e2e test
I don't know if it's a resources issue, playwright, or code-server but it seems
like the e2e tests choke when multiple workers are used.
This change is okay because our CI runner only has 2 cores so it would only use
1 worker anyway, but by specifying it in our playwright config, we ensure more
stability in our e2e tests working correctly.
See these PRs:
- https://github.com/cdr/code-server/pull/3263
- https://github.com/cdr/code-server/pull/4310
* revert(vscode): add missing route with redirect
* chore(vscode): update to latest fork
* Touch up compilation step.
* Bump vendor.
* Fix VS Code minification step
* Move ClientConfiguration to common
Common code must not import Node code as it is imported by the browser.
* Ensure lib directory exists before curling
cURL errors now because VS Code was moved and the directory does not
exist.
* Update incorrect e2e test help output
Revert workers change as well; this can be overridden when desired.
* Add back extension compilation step
* Include missing resources in release
This includes a favicon, for example. I opted to include the entire
directory to make sure we do not miss anything. Some of the other
stuff looks potentially useful (like completions).
* Set quality property in product configuration
When httpWebWorkerExtensionHostIframe.html is fetched it uses the web
endpoint template (in which we do not include the commit) but if the
quality is not set it prepends the commit to the web endpoint instead.
The new static endpoint does not use/handle commits so this 404s.
Long-term we might want to make the new static endpoint use commits like
the old one but we will also need to update the various other static
URLs to include the commit.
For now I just fixed this by adding the quality since:
1. Probably faster than trying to find and update all static uses.
2. VS Code probably expects it anyway.
3. Gives us better control over the endpoint.
* Update VS Code
This fixes several build issues.
* Bump vscode.
* Bump.
* Bump.
* Use CLI directly.
* Update tests to reflect new upstream behavior.
* Move unit tests to after the build
Our code has new dependencies on VS Code that are pulled in when the
unit tests run. Because of this we need to build VS Code before running
the unit tests (as it only pulls built code).
* Upgrade proxy-agent dependencies
This resolves a security report with one of its dependencies (vm2).
* Symlink VS Code output directory before unit tests
This is necessary now that we import from the out directory.
* Fix issues surrounding persistent processes between tests.
* Update VS Code cache directories
These were renamed so the cached paths need to be updated. I changed
the key as well to force a rebuild.
* Move test symlink to script
This way it works for local testing as well.
I had to use out-build instead of out-vscode-server-min because Jest
throws some obscure error about a handlebars haste map.
* Fix listening on a socket
* Update VS Code
It contains fixes for missing files in the build.
* Standardize disposals
* Dispose HTTP server
Shares code with the test HTTP server. For now it is a function but
maybe we should make it a class that is extended by tests.
* Dispose app on exit
* Fix logging link errors
Unfortunately the logger currently chokes when provided with error
objects.
Also for some reason the bracketed text was not displaying...
* Update regex used by e2e to extract address
The address was recently changed to use URL which seems to add a
trailing slash when using toString, causing the regex match to fail.
* Log browser console in e2e tests
* Add base back to login page
This is used to set cookies when using a base path.
* Remove login page test
The file this was testing no longer exists.
* Use path.posix for static base
Since this is a web path and not platform-dependent.
* Add test for invalid password
Co-authored-by: Teffen Ellis <teffen@nirri.us>
Co-authored-by: Asher <ash@coder.com>
