Commit Graph

737 Commits

Author SHA1 Message Date
Asher
acc50a5d36
Update dependencies and force-update qs (#6440)
* Update dependencies and force-update qs

This is mainly an attempt to get rid of as many resolutions as possible
since it seems they are unnecessary except for qs (according to yarn/npm
audit).

For qs use 6.9.7 since Express is using 6.9.6 and that matches the most
closely.

Also add overrides since this is npm's version of yarn's resolutions and
we need it for the shrinkwrap to generate with the right dependencies.

Decided to keep pinning @types/node as well although I am not sure it is
necessary.  Express is pulling in v20 types.  Since this is
development-only we only need it in resolutions.

* Run formatter

Some rules seem to have changed with the dependency updates.

* Replace deprecated bodyParser.json() usage

* Audit npm shrinkwrap as well

* Skip installing dependencies in audit

It seems the tools only require the lock files.

* Fix tests when using ipv6

* Add missing openssl dependency to flake
2023-09-21 16:13:34 -08:00
Kaoru Yamamoto
95bcf101d7
Add Japanese locale (#6433) 2023-09-18 17:23:03 +00:00
Asher
3e1c00e017
Run formatter
Not sure why CI missed these, will have to look into it.
2023-09-11 09:27:28 -08:00
Cyanoure
a76e5241b6
Add "CODE_SERVER_HOST" environment variable (#6423) 2023-09-08 22:50:11 +00:00
Asher
eb498b0d6d
Remove humanPath (#6404)
The tilde is ambiguous and it can be helpful to know exactly what paths
code-server is trying to use, especially if it is running as a different
user than you expected.
2023-08-29 14:25:24 -08:00
Asher
e37b35278d
Account for disabled proxy in startup logs 2023-07-27 09:26:11 -08:00
Ryan Brainard
74da5167a2
Add --disable-proxy option (#6349) 2023-07-21 15:23:21 -08:00
Alex Thillen
93e60f7b0e
add trusted-origins cli argument (#6319) 2023-07-19 14:04:03 -08:00
Asher
5c19962930
Set session socket into environment variable (#6282)
* Avoid spawning code-server with --reuse-window and --new-window

These flags mean the user explicitly wants to open in an existing
instance so if the socket is down it should error rather than try to
spawn code-server normally.

* Set session socket into environment variable

While I was at it I added a CLI flag to override the default.  I also
swapped the default to --user-data-dir.

The value is set on an environment variable so it can be used by the
extension host similar to VSCODE_IPC_HOOK_CLI.

* Add e2e test for opening files externally
2023-06-21 22:47:01 -08:00
Asher
cef2aa22dc
Move session server log after HTTP server logs
The indented logs technically apply to the HTTP server so move the
session server log afterward to avoid making them look like they apply
to the session server.
2023-06-21 10:59:02 -08:00
Sean Lee
b5a9ef80e7
Use unique socket per user for managing editor sessions (#6278)
Also warn if editor session manager socket cannot be created rather than failing.
2023-06-21 13:39:25 -05:00
dependabot[bot]
fdeaba9581
chore: bump proxy-agent from 5.0.0 to 6.2.1 (#6247)
* chore: bump proxy-agent from 5.0.0 to 6.2.1

Bumps [proxy-agent](https://github.com/TooTallNate/proxy-agents/tree/HEAD/packages/proxy-agent) from 5.0.0 to 6.2.1.
- [Release notes](https://github.com/TooTallNate/proxy-agents/releases)
- [Changelog](https://github.com/TooTallNate/proxy-agents/blob/main/packages/proxy-agent/CHANGELOG.md)
- [Commits](https://github.com/TooTallNate/proxy-agents/commits/proxy-agent@6.2.1/packages/proxy-agent)

---
updated-dependencies:
- dependency-name: proxy-agent
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update proxy-agent usage

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Asher <ash@coder.com>
2023-06-14 14:27:15 -08:00
Sean Lee
fb73742b2b
Prefer matching editor sessions when opening files. (#6191)
Signed-off-by: Sean Lee <freshdried@gmail.com>
2023-06-14 13:32:07 -08:00
Simon Merschjohann
0703ef008c
Allow {{host}} and {{port}} in domain proxy (#6225) 2023-05-31 16:31:30 -05:00
Asher
b3b971480f
Support X-Forwarded-Host with multiple hosts
Closes #6215.
2023-05-17 11:51:05 -08:00
Asher
5708e6ce32
Format redacted arg lines
Pushing straight to main again.
2023-05-05 14:44:40 -08:00
Asher
3f7db15fde
Redact sensitive args from handshake debug log 2023-05-04 10:54:41 -08:00
Asher
8c99f41b90
Fix parent process log level 2023-05-04 10:48:32 -08:00
Asher
e02d56dbfd
Do not trace child process messages
All this does is add a stack trace which is not helpful here.
2023-05-04 10:48:31 -08:00
Asher
aac5efa046
Do not log < 500 on web sockets as errors
For example if someone spams a web socket without authentication we
should not log "forbidden".  Forbidden is normal/expected operation, not
an error.
2023-05-04 10:48:30 -08:00
smalllady
951d8ac45e
Fix proxying non-ASCII (#6154)
This only affects the path proxy since `req.originalUrl` is in escaped format.
2023-04-25 11:41:33 -08:00
Asher
c995988b70
Set proxy URI to domain proxy when possible (#6115)
This will make the ports panel use it instead of the default path-based
proxy.
2023-03-30 12:01:49 -08:00
watchakorn-18k
a44bd71043
Add thai language i18n (#6103) 2023-03-30 13:00:58 -05:00
Asher
19bcd043d7
Add debug log for origin check (#6096)
Extracted host detection into a separate function to avoid multiple log
lines on each return and went with a thrown error to consolidate the
common log text.
2023-03-30 12:24:33 -05:00
Ahmed El-Sharnoby
bca733de3d
Allow app-name configuration to change the name of the PWA (#6093) 2023-03-22 01:02:31 +00:00
Asher
dbdd2edb62
Fix proxy error on web sockets
Fixes #6088.
2023-03-21 12:24:09 -08:00
Asher
d477972c68
Add origin checks to web sockets (#6048)
* Move splitOnFirstEquals to util

I will be making use of this to parse the forwarded header.

* Type splitOnFirstEquals with two items

Also add some test cases.

* Check origin header on web sockets

* Update changelog with origin check

* Fix web sockets not closing with error code
2023-03-03 03:12:34 -06:00
Asher
ac1fba8bde
Remove deprecated --link (#6018) 2023-02-13 16:52:48 -06:00
Asher
45aef719d3
Make sure heartbeat isActive resolves
This does not seem to actually cause an issue (not resolving ends up
with the same behavior as resolving with false) but I am not sure if the
hanging promises would be a memory leak so seems best to fix.
2023-02-08 11:43:40 -09:00
dependabot[bot]
e5a2537aee
chore: bump limiter from 1.1.5 to 2.1.0 (#6001)
* chore: bump limiter from 1.1.5 to 2.1.0

Bumps [limiter](https://github.com/jhurliman/node-rate-limiter) from 1.1.5 to 2.1.0.
- [Release notes](https://github.com/jhurliman/node-rate-limiter/releases)
- [Commits](https://github.com/jhurliman/node-rate-limiter/commits)

---
updated-dependencies:
- dependency-name: limiter
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update limiter usage

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Asher <ash@coder.com>
2023-02-06 13:12:57 -06:00
zhaozhiming
7c2aa8c417
feat: add i18n in login page (#5947)
* feat: add i18n in login page

* fix: add word space and put the app name into the title

* fix: remove duplicate replace title

* fix: prettier format code

* fix: fix typescript check warning

* fix: add zh-cn locale file code owner

* fix: use existing flag locale to the login page

Co-authored-by: Joe Previte <jjprevite@gmail.com>
2023-01-13 17:42:49 +00:00
Joe Previte
1484bee621
release: 4.9.0 (#5772)
* wip: changelog

* fixup

* fix: add +x to product.json in build-vscode

While testing a pre-release, there seems to be a bug with the file
permissions for `product.json`. Adding `chmod +x` to see if that fixes
it.

* chore: increase timeout

* fix: keep product.json file permissions in release

When we added the change to modify the `package.json` version using `mv`
and `jq` we didn't account for lost file permissions.

This caused a bug only happening in CI.

This should fix it by giving it 755 via `chmod`.

* trigger ci

* chore: update package.json bust cache

* fixup!: fix: keep product.json file permissions in release

* Revert "fix: add +x to product.json in build-vscode"

This reverts commit fc4d2b532f.

* chore: pin ubuntu runner in build code-server

* chore: update prettierignore

* chore: add notes to changelog

* chore: use ubuntu-22.04 for e2e

* chore: pin all jobs in build to ubuntu 20.04

* feat(wrapper): add tests for isChild

* fixup: include description ts-expect-error comment

* chore: update CHANGELOG

* chore: update Helm chart

* fixup: use our childProcess

* Update CHANGELOG.md

Co-authored-by: Asher <ash@coder.com>

Co-authored-by: Asher <ash@coder.com>
2022-12-06 13:28:27 -07:00
Geoffrey Huntley
b6adcf50c6
feat(securitytxt): add security.txt (#5827) 2022-12-05 15:43:00 -07:00
Joe Previte
3367e1ad4e
chore: upgrade Code to 1.73.0 (#5751)
* chore: upgrade Code to 1.73.0

This upgrades Code to 1.73.0 via the tag.

* chore: refresh integration patch

* chore: clean up base-path patch

Only change here was they moved
lib/vscode/src/vs/platform/extensionResourceLoader/common/extensionResourceLoader.ts

so I had to update it. Code still looks the same though.

* chore: refresh proposed-api patch

* chore: update marketplace patch

Simlar to a previous patch, the location of
lib/vscode/src/vs/platform/extensionResourceLoader/common/extensionResourceLoader.ts
changed so I had to update this patch.

No changes to code itself.

* chore: update hash in webview patch

I believe there was only one to update but I may have missed one.

* chore: refresh disable-builtin-ext-update.diff

* chore: refresh update-check

quilt couldn't apply it so I had to add one change in manually to
lib/vscode/src/vs/server/node/serverEnvironmentService.ts

* chore: refresh logout patch

* chore: refresh proxy-uri patch

* chore: refresh local-storage patch

* chore: refresh sourcemaps patch

* chore: refresh disable-downloads patch

* chore: refresh telemetry patch

* refactor: re-apply display-language patch

This kinda got removed but I added it back in.

* refactor: drop exec-argv patch

This was accepted upstream! :tada

* chore: refresh getting-started patch

* fixup: add missing slash in marketplace

* fixup: update notes proposed-api patch

* fixup: support this.args.log as string

Seems like upstream now uses a string[] for this. For now, support
string.

See
2b50ab06b1

* Revert "fixup: support this.args.log as string"

This reverts commit 78c02a1f13.

* fixup!: add log to toCodeArgs

This was changed upstream from `string` to `string[]` so now we convert
to an array in `toCodeArgs`.

See 78c02a1f13

* fixup: update telemetry description
2022-11-09 22:10:03 +00:00
Kyle Carberry
77c3cd3aa1
Improve getting started Coder CTA (#5752)
* Improve getting started Coder CTA

This wasn't very standout-ish before, and I think it's
wise for us to experiment with directing users to Coder.

* Update nix flake

* Update diff

* Add advert to code-server install

* Fix patch to reset columns if getting started is disabled

* Update text for advert
2022-11-07 11:06:51 -07:00
Joe Previte
2530a0d265
release: 4.8.2 (#5743)
* chore: bump version to 4.8.2

* chore: update CHANGELOG

* docs: add back line in publishing release

See https://github.com/coder/code-server/pull/5732#discussion_r1010685933

* Revert "chore: bump version to 4.8.2"

This reverts commit 5d70994f22.

* fixup: use 4.8.2-rc.1

* docs: add release candidate notes

* refactor: warn plugin range incompatibble

* chore: bump version 4.8.2
2022-11-02 14:34:38 -07:00
Joe Previte
649985af8e
feat: customize getting started page (#5707)
* feat: add getting-started patch

This modifies the text on the Getting Started page to promote
coder/coder.

* feat: add --disable-getting-started-override

This adds a new CLI flag to code-server called
`--disable-getting-started` which will be used in Code to not use
Coder's custom Getting Started text.

* refactor: conditionally show coder getting started

This modifies the getting started patch changes to work with the new
`--disable-getting-started-override`.

The flag is false by default meaning the Coder getting started is shown.
By passing the flag to code-server, it will not be shown.

* docs: update faq for getting started override

* docs: update getting-started patch description

* fixup!: update patch

* fixup!: unit test

* feat: add more tests

* fixup!: use correct env var in tests

Co-authored-by: repo-ranger[bot] <39074581+repo-ranger[bot]@users.noreply.github.com>
2022-10-28 16:59:24 +00:00
Joe Previte
b19996176e
chore(deps): update prettier and eslint (#5700)
* chore(deps): update eslint/prettier deps

* refactor(cli): only import load from js-yaml

* chore(deps): remove minimatch resolution

* fixup! update yarn lock
2022-10-25 16:39:06 +00:00
Kyle Carberry
430b567e69
fix: Enable the BROWSER environment variable (#5695)
This was breaking the automatic opening of links in GIT_ASKPASS
on a git clone. I've tried to execute this script manually, and
it does indeed work!
2022-10-24 11:26:36 -05:00
Alwin Lohrie
714afe0cc7
feat: add customization options for the login page (#5633)
* add customization options for the login page

* add unit tests

* add test for correct welcome text when none is set but app-name is

Signed-off-by: niwla23 <46248939+niwla23@users.noreply.github.com>

* add test for no app-name set and check in title too

Signed-off-by: niwla23 <46248939+niwla23@users.noreply.github.com>

Signed-off-by: niwla23 <46248939+niwla23@users.noreply.github.com>
Co-authored-by: Joe Previte <jjprevite@gmail.com>
2022-10-13 22:32:20 +00:00
kotborealis
f61ec4a41c
add CLI argument --disable-workspace-trust (#5638)
Add CLI flag to disable workspace trust feature, as
described in documentation:
https://code.visualstudio.com/docs/editor/workspace-trust

Add test for workspace trust argument.
2022-10-13 19:57:04 +00:00
Daniil Gentili
b562d4a880
Allow opening files at a specific line and column (fixes #5619) (#5620)
* Allow opening files at a specific line and column (fixes #5619)

* Add isDirectory test
2022-10-06 11:12:21 -07:00
Joe Previte
3ac2307b5c
fix: add node to path (#5598)
* fix: remove deprecated symlink

* refactor: remove deprecation notice

* fixup! refactor: remove deprecation notice

* fix: add node to path

* fixup: shellcheck

* Update src/node/wrapper.ts

Co-authored-by: Asher <ash@coder.com>

* fixup!: fix: remove deprecated symlink

* Update ci/build/build-vscode.sh

Co-authored-by: Asher <ash@coder.com>

* Update ci/build/build-vscode.sh

Co-authored-by: Asher <ash@coder.com>

* fixup: use NODE_EXEC_PATh

* Update ci/build/build-vscode.sh

Co-authored-by: Asher <ash@coder.com>

Co-authored-by: Asher <ash@coder.com>
2022-09-29 18:02:53 -05:00
Joe Previte
04f1080451
release: 4.7.0 (#5546)
* docs: update MAINTAINING

* refactor: use branch name in release-prep

This makes a minor improvement to the `release-prep.sh` script to grab
the version to update to from the branch name.

* chore(release): bump version to 4.7.0

* fixup: bump version

* docs: use latest instead of version

* fixup: bump Chart version

* chore: update CHANGELOG

* chore: add license to test package.json

* chore: bump @coder/logging to 3.0.0

* fix: change level to Warn
2022-09-09 15:15:39 -07:00
Asher
6262c7a0bf
fix: propagate execArgv (#5510)
* Use fork instead of spawn

We no longer do in-place updating so no need for the spawn.  The
advantage of a fork is that it preserves flags like --prof which you can
use to profile code-server.

Also I am not sure the comment about not being able to reload in place
with fork was even true to begin with.

* Refresh heartbeat patch

Seems to have gotten out of date a little.

* Propagate execArgv to extension host

This will let us profile the extension host.
2022-08-30 10:19:19 -05:00
Rafael Calpena Rodrigues
2ec1e2de34
fix: authentication check in path proxy (#5442)
`proxy` should `await` for result of `authenticated` call otherwise since otherwise it will always appear to be authenticated as the promise is truthy.

Co-authored-by: Asher <ash@coder.com>
2022-08-11 00:05:49 +00:00
renovate[bot]
91589fd106
chore(deps): update dependency @types/node to v16 (#5170)
* Update Node types to 16

* Update Express core types

Fixes a number of conflicts it has with Node 16.

* Fix websocket router types

It seems req was `any` before so now we have to handle the types.  Also
it seems the socket is of type `stream.Duplex`, not `net.Socket`.

The ws types had to be updated to support the new type.

Unfortunately Code still uses the old type so cast for now.

In the web socket router just use a cast for the extra properties we
add.  We could add the types to the Express namespace but I am not sure
we really want these commonly accessible so keep with the casts for now.
Likely we should use Express's `locals` or something instead.

* Add missing return

Not sure why it only just now started complaining though.

Co-authored-by: Asher <ash@coder.com>
2022-08-10 16:15:52 -05:00
Marshall Walker
efb5baec83
refactor: simplify manifest route (#5219)
Co-authored-by: Joe Previte <jjprevite@gmail.com>
2022-08-09 12:54:00 -05:00
Asher
592973c1bb
fix: remove default memory limit (#5355)
Having NODE_OPTIONS set is unexpected and although the later flag should
override the previous flag it is not certain that will always be the
case.

Also some users are having issues with the 2 GB limit.
2022-07-18 14:37:35 -07:00
Asher
646f2436b0
fix: output lost after hotswapping (#5346)
I think the pipe was closing the other streams when the child stream
closed so instead just write it one way.
2022-07-15 18:44:27 +00:00