`proxy` should `await` for result of `authenticated` call otherwise since otherwise it will always appear to be authenticated as the promise is truthy.
Co-authored-by: Asher <ash@coder.com>
* Update Node types to 16
* Update Express core types
Fixes a number of conflicts it has with Node 16.
* Fix websocket router types
It seems req was `any` before so now we have to handle the types. Also
it seems the socket is of type `stream.Duplex`, not `net.Socket`.
The ws types had to be updated to support the new type.
Unfortunately Code still uses the old type so cast for now.
In the web socket router just use a cast for the extra properties we
add. We could add the types to the Express namespace but I am not sure
we really want these commonly accessible so keep with the casts for now.
Likely we should use Express's `locals` or something instead.
* Add missing return
Not sure why it only just now started complaining though.
Co-authored-by: Asher <ash@coder.com>
Having NODE_OPTIONS set is unexpected and although the later flag should
override the previous flag it is not certain that will always be the
case.
Also some users are having issues with the 2 GB limit.
* chore: update Code to 1.67
Was able to remove our changes to common/webview.ts since they are
upstream now.
Other than that no serious changes, just context diffs.
* chore: update Code to 1.68
- Upstream moved the web socket endpoint so change the Express route
from / to *. That will let web sockets work at any endpoint.
- Everything in the workbench config is basically the same but
de-indented (upstream extracted it into a separate object which
resulted in a de-indent), the ordering is slightly different, and
instead of vscodeBase we now need vscodeBase + this._staticRoute since
everything is served from a sub-path now.
- Move manifest link back to the root since that is where we host our
manifest.
- Change RemoteAuthoritiesImpl to use the same path building method as
in other places (+ instead of using URI.parse/join).
- Use existing host/port in RemoteAuthoritiesImpl and
BrowserSocketFactory instead of patching them to use window.location
(these are set from window.location to begin with so it should be the
same result but with less patching).
- Since BrowserSocketFactory includes a sub-path now (endpoints were
changed upstream to serve from /quality/commit instead of from the
root) the patch there has changed to prepend the base to that
path (instead of using the base directly).
- The workbench HTML now natively supports a base URL in the form of
WORKBENCH_WEB_BASE_URL so no need for VS_BASE patches there anymore.
- Upstream added type="image/x-icon" so I did as well.
- Move the language patch to the end of the series so it is easier to
eventually remove.
- Remove the existing NLS config in favor of one that supports
extensions.
- Upstream deleted webview main.js and inlined it into the HTML so move
that code (the parent origin check) into both those HTML files
(index.html and index-no-csp.html).
- The remaining diff is from changes to the surrounding context or a
line was changed slightly by upstream (for example renamed files or
new arguments like to the remote authority resolver).
* fix: modify product.json before building
Code injects this into the client during the build process so it needs
to be updated before we build.
* fix: update inline script nonces
* Update HTML base path test
* fix: missing commit
Code overrides it with nothing.
The date is also already injected.
* fix: web extensions breaking when the commit changes
By just using the marketplace directly instead of going through the
backend. I am not sure what the point is when searching extensions
already goes directly to the marketplace anyway.
But also remove the prefix that breaks this as well because otherwise
existing installations will break.
* refactor: fix type annotations in open
There was no clear reason as to why we needed to use type assertions
when initializing both `args` and `options` in `open` so I refactored
them both.
* refactor: create constructOpenOptions
* refactor: add urlSearch and remove options
* feat: add tests for constructOpenOptions
* feat: set up new test for beat twice
* refactor: make Heart.beat() async
This allows us to properly await heart.beat() in our tests and remove
the HACK I added before.
* refactor: bind heart methods .beat and .alive
This allows the functions to maintain access to the Heart instance (or
`this`) even when they are passed to other functions. We do this because
we pass both `isActive` and `beat` to `heartbeatTimer`.
* feat(heart): add test to ensure no warnings called
* fixup!: revert setTimeout for heartbeatTimer
* fixup!: return promise in beat
* chore: upgrade Code to 1.66
* docs: update docs for Code upgrades
* fixup!: docs
* chore: update vscode submodule
* chore: update integration patch
* chore: update node-version patch
* chore: update github-auth patch
They completely changed how auth is handled for GitHub in
https://github.com/microsoft/vscode/pull/145424 so our patch may not
work. Will need to test and revisit.
* refactor: remove postinstall patch
It appears they renamed postinstall.js to postinstall.mjs and removed
the use of `rimraf` which means our patch is no longer needed! 🎉b0e8554cce
* chore: refresh local-storage patch
* chore: refresh service-worker patch
* chore: bulk refresh patches
* fixup!: docs formatting
* refactor: remove unused last-opened patch
* fixup!: formatting docs
* fixup!: formatting docs
* refactor: remove rsync postinstall
* Revert "refactor: remove rsync postinstall"
This reverts commit 8d6b613e9d.
* refactor: update postinstall.js to .mjs
* feat(patches): add parent-origin bypass
* docs(patches): add notes for testing store-socket
* docs(patches): update testing info for node-version
* refactor(patches): delete github-auth.diff patch
* docs(patches): add notes for testing connection-type
* fixup!: delete github-auth patch
* fixup!: update connection type testing
* docs(patches): add notes to insecure-notification.diff
* docs(patches): add nots for update-check.diff
* fixup!: remove comma in integration patch
* fix(e2e): disable workspace trust
* refactor: add --no-default-rc for yarn install
* feat(patches): remove yarnrc in presinstall
* fixup!: silly mistake
* docs: add note about KEEP_MODULES=1
* docs(patches): add testing notes for node-version
* refactor(patches): remove node-version
It appears this is no longer needed due to the `remote/package.json` now which
targets node rather than electron.
* fixup!: add cd ../.. to code upgrade instructions
* fixup!: add note to yarn --production flag
* fixup!: make parent-origin easier to upstream
* Revert "refactor(patches): delete github-auth.diff patch"
This reverts commit 31a354a343.
* Revert "fixup!: delete github-auth patch"
This reverts commit bdeb5212e8.
* Merge webview origin patch into webview patch
* Remove unused post-install patch
* Prevent builtin extensions from updating
* Refresh sourcemaps patch
* Update Node to v16
This matches the version in ./lib/vscode/remote/.yarnrc.
I changed the engine to exactly 16 since if you use any different
version it will just not work since the modules will have been built for
16 (due to the .yarnrc).
* Replace fs.rmdir with fs.rm
Node is showing a deprecation warning about it.
* Update github-auth patch
The local credentials provider is no longer used when there is a remote
so this code moved into the backend web credential provider.
* Prevent fs.rm from erroring about non-existent files
We were using fs.rmdir which presumably did not have the same behavior
in v14 (in v16 fs.rmdir also errors).
* Install Python 3 in CentOS CI container
Co-authored-by: Asher <ash@coder.com>
This is because Node uses SIGUSR1 to enable the debug listener so even
if you just want to restart code-server you end up enabling the debug
listener as well.
Opted to leave the SIGUSR1 handler in to avoid breaking existing
workflows even though it does mean even if you only want to enable the
debug listener you will end up restarting code-server as well. We could
consider removing it after a transition phase.
After some feedback, we realized it is more intuitive to disable file
downloads by setting the environment variable
`CS_DISABLE_FILE_DOWNLOADS` to `true` than `1`. This commit adds support
for both.
* refactor(heart): extract logic into heartbeatTimer fn
To make it easier to test, I extract heartbeatTimer into it's own
function.
* feat(testing): add tests for heart.ts
* fixup
* fixup!: remove unneeded heart call
* Update src/node/heart.ts
Co-authored-by: Asher <ash@coder.com>
* fixup!: use mockResolvedValue everywhere
* fixup!: add stat test for timestamp check
Co-authored-by: Asher <ash@coder.com>
* Move integration types into code-server
This will be easier to maintain than to have it as a patch.
* Disable connection token
Using a flag means we will not need to patch it out. I think this is
new from 1.64?
* Add product.json to build process
This way we do not have to patch it.
* Ship with remote agent package.json
Instead of the root one. This contains fewer dependencies.
* Let Code handle errors
This way we will not have to patch Code to make this work and I think it
makes sense to let Code handle the request.
If we do want to handle errors we can do it cleanly by patching their
error handler to throw instead.
* Move manifest override into code-server
This way we will not have to patch it.
* Move to patches
- Switch submodule to track upstream
- Add quilt to the process
- Add patches
The node-* ignore was ignoring one of the diffs so I removed it. This
was added when we were curling Node as node-v{version}-darwin-x64 for
the macOS build but this no longer happens (we use the Node action to
install a specific version now so we just use the system-wide Node).
* Use pre-packaged Code
* Move Code to a submodule
Closes#4901.
* Base Code cache on hash and re-enable node_modules cache
The current setup appears to only rebuild VS Code if the dependencies
change but we need to rebuild it if anything changes.
I also re-enabled the commented out node_modules caches. They look like
they should work to me with the submodule method. I think the problem
occurred because Code itself was being installed in the yarn step.
* refactor: remove folder/workspace from vsCodeCliArgs
Since we handle this in the vscode.ts route, we no longer need to pass it to VS
Code as a CLI arg since it's deprecated on that side.
* feat(vscode): redirect to folder from cli
* Update src/node/routes/vscode.ts
Co-authored-by: Asher <ash@coder.com>
* fixup!: update _: type
* fixup!: move vars to lower if block
* fixup!: share redirect block
* fixup!: mmove req.query.ew block into if
* fixup!: refactor vscode tests
* refactor: make vscode.ts logic easier to read
* fixup!: fix broken tests and clean up logic
* chore: upgrade vscode version
* fixup!: delete unnecessary if closed block
* Update src/node/routes/vscode.ts
Co-authored-by: Asher <ash@coder.com>
* fixup!: rename to FOLDER_OR_WORKSPACE_WAS_CLOSED
Co-authored-by: Asher <ash@coder.com>
* feat: github-auth flag
This will allow injecting credentials into code-server if you already
have them.
* Update Code
Contains the GitHub auth changes.
* Add e2e test for GitHub token
Show the bundled version of Code OSS in the text-based output
for --version and --help, in addition to the JSON output
(--version --json)
Closes: #4874
* refactor(http): extract logic into constructRedirectPath
This allows us to easily test our redirect path construction logic where we get
the relative path, the query string and construct a redirect path.
By extracting this from `redirect`, we can easily test this logic in a unit
test.
I did this so we could test some logic where slashes in query strings should be
made human-friendly for users.
* feat(testing): add tests for constructRedirectPath
Co-authored-by: Asher <ash@coder.com>
Introduce helper functions for getting human- and machine-readable
version strings from the constants package, and cover it in unit
tests.
This is a first step to resolving #4874.
* Update links in package.json
I will try checking the docs too
* docs: Update links in triage.md
* docs: Update links in npm.md
* docs: Update links in whatever files that have `cdr`
* Replace globally, thanks @bpmct!
* fix: coderer instead of coder
I should've used all three toggles in the Search/Replace tab in the GItHub.dev editor.
* Code Formatting
* Disable BROWSER env var
Right now the browser helper script does not actually work. It seems
safer to skip this until we can fix it.
* Bump to 4.0.2
* Update changelog for 4.0.2
* chore(deps): replace argon2 w/@node-rs/argon2
* refactor: clean up hashPassword functions
* refactor(util): pass in process.platform
* fix: use correct settings for test-extension
Before, it was running into errors with an @types package.
Now, we're correctly running `tsc` so it picks up our `tsconfig.json` and we're
telling TypeScript to not typecheck our lib and exclude `node_modules`
I think the problem is that when a proxy is not in use proxy-agent
returns the global agent...which is itself since we set it globally,
causing the loop.
VS Code already covers proxies meaning we only need to do it in our own
requests so to fix this pass in the agent in the version fetch request
instead of overidding globally.
Also avoid proxy-from-env and pass in the proxy URI instead as both
http_proxy and https_proxy can be used for either http or https requests
but it does not allow that.
* Implement last opened functionality
Fixes https://github.com/cdr/code-server/issues/4619
* Fix test temp dirs not being cleaned up
* Mock logger everywhere
This suppresses all the error and debug output we generate which makes
it hard to actually find which test has failed. It also gives us a
standard way to test logging for the few places we do that.
* Use separate data directories for unit test instances
Exactly as we do for the e2e tests.
* Add integration tests for vscode route
* Make settings use --user-data-dir
Without this test instances step on each other feet and they also
clobber your own non-test settings.
* Make redirects consistent
They will preserve the trailing slash if there is one.
* Remove compilation check
If you do a regular non-watch build there are no compilation stats so
this bricks VS Code in CI when running the unit tests.
I am not sure how best to fix this for the case where you have a build
that has not been packaged yet so I just removed it for now and added a
message to check if VS Code is compiling when in dev mode.
* Update code-server update endpoint name
The problem before was that the pop() caused the open in existing
instance functionality to break because the arguments no longer
contained the file.
We could simply remove the pop() but since `workspace` and `folder` are
not CLI arguments I think it makes sense to handle them in a separate
function which can be called at the point where they are needed. This
also lets us de-duplicate some logic since we create these arguments in
two spots and lets us skip this logic when we do not need it.
The pop() is still avoided because manipulating a passed-in object
in-place seems like a risky move. If we really need to do this we
should copy the positional argument array instead.
* Add tests for relativeRoot
* Remove path.posix.join
Since this is for file system paths it feels incorrect to use it on
URL paths as they are different in many ways.
* Rewrite cookie path logic
Before we relied on the client to resolve the base given to it by the
backend against the path.
Instead have the client pass that information along so we can resolve it
on the backend. This means the client has to do less work.
* Do not remove out directory before watch
This is re-used for incremental compilation.
Also remove del since that was the only use (and we can use fs.rmdir in
the future if we need something like this).
* Remove unused function resolveBase
* Remove extra VS Code CLI spawn
We already spawn VS Code's CLI when necessary in the lines below.
Having the CLI spawn unconditionally when in a VS Code environment makes
it impossible to run code-server within code-server (for example to
develop it).
* Update VS Code
This sanitizes our environment variables so code-server does not always
think it is a child spawn.
Fixes https://github.com/cdr/code-server/issues/4519.
The watch script was reloading the web server after every extension
compilation which is not necessary plus VS Code will not even be ready
at that point anyway.
Instead restart when the main compilation is finished. The string to
match with includes a "with" because otherwise it would match "Finished
compilation extensions" which is not the main compilation task where we
actually need to restart the web server.
I also replaced this.log with console.log because the former does not
include a newline and it appears we want newlines with all
these (otherwise the next log starts on the same line which looks odd).
I removed the cache clean as well because the cache is meant to stay
there to speed up builds.
* Fix issue where HTTP error status codes are not read.
* Fix issues surrounding sessions when accessed from a proxy.
- Updated vscode args to match latest upstream.
- Fixed issues surrounding trailing slashes affecting base paths.
- Updated cookie names to better match upstream's usage, debuggability.
* Bump vendor.
* Update tests.
* Fix issue where tests lack cookie key.
Co-authored-by: Asher <ash@coder.com>
Rafael Calpena Rodrigues