Commit Graph

722 Commits

Author SHA1 Message Date
Asher 5708e6ce32
Format redacted arg lines
Pushing straight to main again.
2023-05-05 14:44:40 -08:00
Asher 3f7db15fde
Redact sensitive args from handshake debug log 2023-05-04 10:54:41 -08:00
Asher 8c99f41b90
Fix parent process log level 2023-05-04 10:48:32 -08:00
Asher e02d56dbfd
Do not trace child process messages
All this does is add a stack trace which is not helpful here.
2023-05-04 10:48:31 -08:00
Asher aac5efa046
Do not log < 500 on web sockets as errors
For example if someone spams a web socket without authentication we
should not log "forbidden".  Forbidden is normal/expected operation, not
an error.
2023-05-04 10:48:30 -08:00
smalllady 951d8ac45e
Fix proxying non-ASCII (#6154)
This only affects the path proxy since `req.originalUrl` is in escaped format.
2023-04-25 11:41:33 -08:00
Asher c995988b70
Set proxy URI to domain proxy when possible (#6115)
This will make the ports panel use it instead of the default path-based
proxy.
2023-03-30 12:01:49 -08:00
watchakorn-18k a44bd71043
Add thai language i18n (#6103) 2023-03-30 13:00:58 -05:00
Asher 19bcd043d7
Add debug log for origin check (#6096)
Extracted host detection into a separate function to avoid multiple log
lines on each return and went with a thrown error to consolidate the
common log text.
2023-03-30 12:24:33 -05:00
Ahmed El-Sharnoby bca733de3d
Allow app-name configuration to change the name of the PWA (#6093) 2023-03-22 01:02:31 +00:00
Asher dbdd2edb62
Fix proxy error on web sockets
Fixes #6088.
2023-03-21 12:24:09 -08:00
Asher d477972c68
Add origin checks to web sockets (#6048)
* Move splitOnFirstEquals to util

I will be making use of this to parse the forwarded header.

* Type splitOnFirstEquals with two items

Also add some test cases.

* Check origin header on web sockets

* Update changelog with origin check

* Fix web sockets not closing with error code
2023-03-03 03:12:34 -06:00
Asher ac1fba8bde
Remove deprecated --link (#6018) 2023-02-13 16:52:48 -06:00
Asher 45aef719d3
Make sure heartbeat isActive resolves
This does not seem to actually cause an issue (not resolving ends up
with the same behavior as resolving with false) but I am not sure if the
hanging promises would be a memory leak so seems best to fix.
2023-02-08 11:43:40 -09:00
dependabot[bot] e5a2537aee
chore: bump limiter from 1.1.5 to 2.1.0 (#6001)
* chore: bump limiter from 1.1.5 to 2.1.0

Bumps [limiter](https://github.com/jhurliman/node-rate-limiter) from 1.1.5 to 2.1.0.
- [Release notes](https://github.com/jhurliman/node-rate-limiter/releases)
- [Commits](https://github.com/jhurliman/node-rate-limiter/commits)

---
updated-dependencies:
- dependency-name: limiter
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update limiter usage

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Asher <ash@coder.com>
2023-02-06 13:12:57 -06:00
zhaozhiming 7c2aa8c417
feat: add i18n in login page (#5947)
* feat: add i18n in login page

* fix: add word space and put the app name into the title

* fix: remove duplicate replace title

* fix: prettier format code

* fix: fix typescript check warning

* fix: add zh-cn locale file code owner

* fix: use existing flag locale to the login page

Co-authored-by: Joe Previte <jjprevite@gmail.com>
2023-01-13 17:42:49 +00:00
Joe Previte 1484bee621
release: 4.9.0 (#5772)
* wip: changelog

* fixup

* fix: add +x to product.json in build-vscode

While testing a pre-release, there seems to be a bug with the file
permissions for `product.json`. Adding `chmod +x` to see if that fixes
it.

* chore: increase timeout

* fix: keep product.json file permissions in release

When we added the change to modify the `package.json` version using `mv`
and `jq` we didn't account for lost file permissions.

This caused a bug only happening in CI.

This should fix it by giving it 755 via `chmod`.

* trigger ci

* chore: update package.json bust cache

* fixup!: fix: keep product.json file permissions in release

* Revert "fix: add +x to product.json in build-vscode"

This reverts commit fc4d2b532f.

* chore: pin ubuntu runner in build code-server

* chore: update prettierignore

* chore: add notes to changelog

* chore: use ubuntu-22.04 for e2e

* chore: pin all jobs in build to ubuntu 20.04

* feat(wrapper): add tests for isChild

* fixup: include description ts-expect-error comment

* chore: update CHANGELOG

* chore: update Helm chart

* fixup: use our childProcess

* Update CHANGELOG.md

Co-authored-by: Asher <ash@coder.com>

Co-authored-by: Asher <ash@coder.com>
2022-12-06 13:28:27 -07:00
Geoffrey Huntley b6adcf50c6
feat(securitytxt): add security.txt (#5827) 2022-12-05 15:43:00 -07:00
Joe Previte 3367e1ad4e
chore: upgrade Code to 1.73.0 (#5751)
* chore: upgrade Code to 1.73.0

This upgrades Code to 1.73.0 via the tag.

* chore: refresh integration patch

* chore: clean up base-path patch

Only change here was they moved
lib/vscode/src/vs/platform/extensionResourceLoader/common/extensionResourceLoader.ts

so I had to update it. Code still looks the same though.

* chore: refresh proposed-api patch

* chore: update marketplace patch

Simlar to a previous patch, the location of
lib/vscode/src/vs/platform/extensionResourceLoader/common/extensionResourceLoader.ts
changed so I had to update this patch.

No changes to code itself.

* chore: update hash in webview patch

I believe there was only one to update but I may have missed one.

* chore: refresh disable-builtin-ext-update.diff

* chore: refresh update-check

quilt couldn't apply it so I had to add one change in manually to
lib/vscode/src/vs/server/node/serverEnvironmentService.ts

* chore: refresh logout patch

* chore: refresh proxy-uri patch

* chore: refresh local-storage patch

* chore: refresh sourcemaps patch

* chore: refresh disable-downloads patch

* chore: refresh telemetry patch

* refactor: re-apply display-language patch

This kinda got removed but I added it back in.

* refactor: drop exec-argv patch

This was accepted upstream! :tada

* chore: refresh getting-started patch

* fixup: add missing slash in marketplace

* fixup: update notes proposed-api patch

* fixup: support this.args.log as string

Seems like upstream now uses a string[] for this. For now, support
string.

See
2b50ab06b1

* Revert "fixup: support this.args.log as string"

This reverts commit 78c02a1f13.

* fixup!: add log to toCodeArgs

This was changed upstream from `string` to `string[]` so now we convert
to an array in `toCodeArgs`.

See 78c02a1f13

* fixup: update telemetry description
2022-11-09 22:10:03 +00:00
Kyle Carberry 77c3cd3aa1
Improve getting started Coder CTA (#5752)
* Improve getting started Coder CTA

This wasn't very standout-ish before, and I think it's
wise for us to experiment with directing users to Coder.

* Update nix flake

* Update diff

* Add advert to code-server install

* Fix patch to reset columns if getting started is disabled

* Update text for advert
2022-11-07 11:06:51 -07:00
Joe Previte 2530a0d265
release: 4.8.2 (#5743)
* chore: bump version to 4.8.2

* chore: update CHANGELOG

* docs: add back line in publishing release

See https://github.com/coder/code-server/pull/5732#discussion_r1010685933

* Revert "chore: bump version to 4.8.2"

This reverts commit 5d70994f22.

* fixup: use 4.8.2-rc.1

* docs: add release candidate notes

* refactor: warn plugin range incompatibble

* chore: bump version 4.8.2
2022-11-02 14:34:38 -07:00
Joe Previte 649985af8e
feat: customize getting started page (#5707)
* feat: add getting-started patch

This modifies the text on the Getting Started page to promote
coder/coder.

* feat: add --disable-getting-started-override

This adds a new CLI flag to code-server called
`--disable-getting-started` which will be used in Code to not use
Coder's custom Getting Started text.

* refactor: conditionally show coder getting started

This modifies the getting started patch changes to work with the new
`--disable-getting-started-override`.

The flag is false by default meaning the Coder getting started is shown.
By passing the flag to code-server, it will not be shown.

* docs: update faq for getting started override

* docs: update getting-started patch description

* fixup!: update patch

* fixup!: unit test

* feat: add more tests

* fixup!: use correct env var in tests

Co-authored-by: repo-ranger[bot] <39074581+repo-ranger[bot]@users.noreply.github.com>
2022-10-28 16:59:24 +00:00
Joe Previte b19996176e
chore(deps): update prettier and eslint (#5700)
* chore(deps): update eslint/prettier deps

* refactor(cli): only import load from js-yaml

* chore(deps): remove minimatch resolution

* fixup! update yarn lock
2022-10-25 16:39:06 +00:00
Kyle Carberry 430b567e69
fix: Enable the `BROWSER` environment variable (#5695)
This was breaking the automatic opening of links in GIT_ASKPASS
on a git clone. I've tried to execute this script manually, and
it does indeed work!
2022-10-24 11:26:36 -05:00
Alwin Lohrie 714afe0cc7
feat: add customization options for the login page (#5633)
* add customization options for the login page

* add unit tests

* add test for correct welcome text when none is set but app-name is

Signed-off-by: niwla23 <46248939+niwla23@users.noreply.github.com>

* add test for no app-name set and check in title too

Signed-off-by: niwla23 <46248939+niwla23@users.noreply.github.com>

Signed-off-by: niwla23 <46248939+niwla23@users.noreply.github.com>
Co-authored-by: Joe Previte <jjprevite@gmail.com>
2022-10-13 22:32:20 +00:00
kotborealis f61ec4a41c
add CLI argument `--disable-workspace-trust` (#5638)
Add CLI flag to disable workspace trust feature, as
described in documentation:
https://code.visualstudio.com/docs/editor/workspace-trust

Add test for workspace trust argument.
2022-10-13 19:57:04 +00:00
Daniil Gentili b562d4a880
Allow opening files at a specific line and column (fixes #5619) (#5620)
* Allow opening files at a specific line and column (fixes #5619)

* Add isDirectory test
2022-10-06 11:12:21 -07:00
Joe Previte 3ac2307b5c
fix: add node to path (#5598)
* fix: remove deprecated symlink

* refactor: remove deprecation notice

* fixup! refactor: remove deprecation notice

* fix: add node to path

* fixup: shellcheck

* Update src/node/wrapper.ts

Co-authored-by: Asher <ash@coder.com>

* fixup!: fix: remove deprecated symlink

* Update ci/build/build-vscode.sh

Co-authored-by: Asher <ash@coder.com>

* Update ci/build/build-vscode.sh

Co-authored-by: Asher <ash@coder.com>

* fixup: use NODE_EXEC_PATh

* Update ci/build/build-vscode.sh

Co-authored-by: Asher <ash@coder.com>

Co-authored-by: Asher <ash@coder.com>
2022-09-29 18:02:53 -05:00
Joe Previte 04f1080451
release: 4.7.0 (#5546)
* docs: update MAINTAINING

* refactor: use branch name in release-prep

This makes a minor improvement to the `release-prep.sh` script to grab
the version to update to from the branch name.

* chore(release): bump version to 4.7.0

* fixup: bump version

* docs: use latest instead of version

* fixup: bump Chart version

* chore: update CHANGELOG

* chore: add license to test package.json

* chore: bump @coder/logging to 3.0.0

* fix: change level to Warn
2022-09-09 15:15:39 -07:00
Asher 6262c7a0bf
fix: propagate execArgv (#5510)
* Use fork instead of spawn

We no longer do in-place updating so no need for the spawn.  The
advantage of a fork is that it preserves flags like --prof which you can
use to profile code-server.

Also I am not sure the comment about not being able to reload in place
with fork was even true to begin with.

* Refresh heartbeat patch

Seems to have gotten out of date a little.

* Propagate execArgv to extension host

This will let us profile the extension host.
2022-08-30 10:19:19 -05:00
Rafael Calpena Rodrigues 2ec1e2de34
fix: authentication check in path proxy (#5442)
`proxy` should `await` for result of `authenticated` call otherwise since otherwise it will always appear to be authenticated as the promise is truthy.

Co-authored-by: Asher <ash@coder.com>
2022-08-11 00:05:49 +00:00
renovate[bot] 91589fd106
chore(deps): update dependency @types/node to v16 (#5170)
* Update Node types to 16

* Update Express core types

Fixes a number of conflicts it has with Node 16.

* Fix websocket router types

It seems req was `any` before so now we have to handle the types.  Also
it seems the socket is of type `stream.Duplex`, not `net.Socket`.

The ws types had to be updated to support the new type.

Unfortunately Code still uses the old type so cast for now.

In the web socket router just use a cast for the extra properties we
add.  We could add the types to the Express namespace but I am not sure
we really want these commonly accessible so keep with the casts for now.
Likely we should use Express's `locals` or something instead.

* Add missing return

Not sure why it only just now started complaining though.

Co-authored-by: Asher <ash@coder.com>
2022-08-10 16:15:52 -05:00
Marshall Walker efb5baec83
refactor: simplify manifest route (#5219)
Co-authored-by: Joe Previte <jjprevite@gmail.com>
2022-08-09 12:54:00 -05:00
Asher 592973c1bb
fix: remove default memory limit (#5355)
Having NODE_OPTIONS set is unexpected and although the later flag should
override the previous flag it is not certain that will always be the
case.

Also some users are having issues with the 2 GB limit.
2022-07-18 14:37:35 -07:00
Asher 646f2436b0
fix: output lost after hotswapping (#5346)
I think the pipe was closing the other streams when the child stream
closed so instead just write it one way.
2022-07-15 18:44:27 +00:00
Asher 5ce99f8d1c
chore: update Code to 1.68 (#5263)
* chore: update Code to 1.67

Was able to remove our changes to common/webview.ts since they are
upstream now.

Other than that no serious changes, just context diffs.

* chore: update Code to 1.68

- Upstream moved the web socket endpoint so change the Express route
  from / to *.  That will let web sockets work at any endpoint.
- Everything in the workbench config is basically the same but
  de-indented (upstream extracted it into a separate object which
  resulted in a de-indent), the ordering is slightly different, and
  instead of vscodeBase we now need vscodeBase + this._staticRoute since
  everything is served from a sub-path now.
- Move manifest link back to the root since that is where we host our
  manifest.
- Change RemoteAuthoritiesImpl to use the same path building method as
  in other places (+ instead of using URI.parse/join).
- Use existing host/port in RemoteAuthoritiesImpl and
  BrowserSocketFactory instead of patching them to use window.location
  (these are set from window.location to begin with so it should be the
  same result but with less patching).
- Since BrowserSocketFactory includes a sub-path now (endpoints were
  changed upstream to serve from /quality/commit instead of from the
  root) the patch there has changed to prepend the base to that
  path (instead of using the base directly).
- The workbench HTML now natively supports a base URL in the form of
  WORKBENCH_WEB_BASE_URL so no need for VS_BASE patches there anymore.
- Upstream added type="image/x-icon" so I did as well.
- Move the language patch to the end of the series so it is easier to
  eventually remove.
- Remove the existing NLS config in favor of one that supports
  extensions.
- Upstream deleted webview main.js and inlined it into the HTML so move
  that code (the parent origin check) into both those HTML files
  (index.html and index-no-csp.html).
- The remaining diff is from changes to the surrounding context or a
  line was changed slightly by upstream (for example renamed files or
  new arguments like to the remote authority resolver).

* fix: modify product.json before building

Code injects this into the client during the build process so it needs
to be updated before we build.

* fix: update inline script nonces

* Update HTML base path test

* fix: missing commit

Code overrides it with nothing.

The date is also already injected.

* fix: web extensions breaking when the commit changes

By just using the marketplace directly instead of going through the
backend.  I am not sure what the point is when searching extensions
already goes directly to the marketplace anyway.

But also remove the prefix that breaks this as well because otherwise
existing installations will break.
2022-06-21 21:51:46 +00:00
Joe Previte 61138b4a61
refactor: open function (#5257)
* refactor: fix type annotations in open

There was no clear reason as to why we needed to use type assertions
when initializing both `args` and `options` in `open` so I refactored
them both.

* refactor: create constructOpenOptions

* refactor: add urlSearch and remove options

* feat: add tests for constructOpenOptions
2022-06-15 20:53:07 +00:00
Joe Previte 2c1cf0259e
feat: add tests for isWsl (#5251)
* refactor: add docs to isWsl and make easier to test

* feat: add tests for isWsl

* fixup!: refactor isWsl and tests

* Update test/unit/node/util.test.ts

Co-authored-by: Asher <ash@coder.com>

* Update test/unit/node/util.test.ts

Co-authored-by: Asher <ash@coder.com>

Co-authored-by: Asher <ash@coder.com>
2022-06-10 20:00:20 +00:00
Joe Previte a02f47714e refactor: remove unused code enumToArray 2022-05-10 23:26:04 +00:00
Joe Previte b13849ded0
refactor: remove dead code (#5188)
* refactor: delete unused code

* refactor: move onLine to test helpers

* Revert "refactor: move onLine to test helpers"

This reverts commit 32cc27b213.

* fixup! refactor: delete unused code
2022-05-10 22:44:54 +00:00
Joe Previte cd78f32dc0
refactor(util): remove unused isObject function (#5183) 2022-05-10 00:24:25 +00:00
Joe Previte 7c1a45a8d8
chore: update --help for disable-file-downloads (#5176)
* chore: update --help for disable-file-downloads

* fixup: formatting
2022-05-06 23:08:25 +00:00
Joe Previte 88e971c609
refactor(heart): bind class methods and make beat async (#5142)
* feat: set up new test for beat twice

* refactor: make Heart.beat() async

This allows us to properly await heart.beat() in our tests and remove
the HACK I added before.

* refactor: bind heart methods .beat and .alive

This allows the functions to maintain access to the Heart instance (or
`this`) even when they are passed to other functions. We do this because
we pass both `isActive` and `beat` to `heartbeatTimer`.

* feat(heart): add test to ensure no warnings called

* fixup!: revert setTimeout for heartbeatTimer

* fixup!: return promise in beat
2022-05-04 16:05:48 -07:00
Joe Previte 7027ec7d60
chore: upgrade Code to 1.66 (#5135)
* chore: upgrade Code to 1.66

* docs: update docs for Code upgrades

* fixup!: docs

* chore: update vscode submodule

* chore: update integration patch

* chore: update node-version patch

* chore: update github-auth patch

They completely changed how auth is handled for GitHub in
https://github.com/microsoft/vscode/pull/145424 so our patch may not
work. Will need to test and revisit.

* refactor: remove postinstall patch

It appears they renamed postinstall.js to postinstall.mjs and removed
the use of `rimraf` which means our patch is no longer needed! 🎉

b0e8554cce

* chore: refresh local-storage patch

* chore: refresh service-worker patch

* chore: bulk refresh patches

* fixup!: docs formatting

* refactor: remove unused last-opened patch

* fixup!: formatting docs

* fixup!: formatting docs

* refactor: remove rsync postinstall

* Revert "refactor: remove rsync postinstall"

This reverts commit 8d6b613e9d.

* refactor: update postinstall.js to .mjs

* feat(patches): add parent-origin bypass

* docs(patches): add notes for testing store-socket

* docs(patches): update testing info for node-version

* refactor(patches): delete github-auth.diff patch

* docs(patches): add notes for testing connection-type

* fixup!: delete github-auth patch

* fixup!: update connection type testing

* docs(patches): add notes to insecure-notification.diff

* docs(patches): add nots for update-check.diff

* fixup!: remove comma in integration patch

* fix(e2e): disable workspace trust

* refactor: add --no-default-rc for yarn install

* feat(patches): remove yarnrc in presinstall

* fixup!: silly mistake

* docs: add note about KEEP_MODULES=1

* docs(patches): add testing notes for node-version

* refactor(patches): remove node-version

It appears this is no longer needed due to the `remote/package.json` now which
targets node rather than electron.

* fixup!: add cd ../.. to code upgrade instructions

* fixup!: add note to yarn --production flag

* fixup!: make parent-origin easier to upstream

* Revert "refactor(patches): delete github-auth.diff patch"

This reverts commit 31a354a343.

* Revert "fixup!: delete github-auth patch"

This reverts commit bdeb5212e8.

* Merge webview origin patch into webview patch

* Remove unused post-install patch

* Prevent builtin extensions from updating

* Refresh sourcemaps patch

* Update Node to v16

This matches the version in ./lib/vscode/remote/.yarnrc.

I changed the engine to exactly 16 since if you use any different
version it will just not work since the modules will have been built for
16 (due to the .yarnrc).

* Replace fs.rmdir with fs.rm

Node is showing a deprecation warning about it.

* Update github-auth patch

The local credentials provider is no longer used when there is a remote
so this code moved into the backend web credential provider.

* Prevent fs.rm from erroring about non-existent files

We were using fs.rmdir which presumably did not have the same behavior
in v14 (in v16 fs.rmdir also errors).

* Install Python 3 in CentOS CI container

Co-authored-by: Asher <ash@coder.com>
2022-05-04 21:58:49 +00:00
Asher 4e93db5b95
feat: relaunch on SIGUSR2 (#4979)
This is because Node uses SIGUSR1 to enable the debug listener so even
if you just want to restart code-server you end up enabling the debug
listener as well.

Opted to leave the SIGUSR1 handler in to avoid breaking existing
workflows even though it does mean even if you only want to enable the
debug listener you will end up restarting code-server as well.  We could
consider removing it after a transition phase.
2022-04-27 10:10:48 -05:00
Joe Previte e3c8bd692c
feat(cli): support true for CS_DISABLE_FILE_DOWNLOADS (#5134)
After some feedback, we realized it is more intuitive to disable file
downloads by setting the environment variable
`CS_DISABLE_FILE_DOWNLOADS` to `true` than `1`. This commit adds support
for both.
2022-04-26 20:09:53 +00:00
mooff a0b36147ea
fix: listening on IPv6 address not possible (#5133)
Wrap IPv6 addresses in square brackets when making URL in ensureAddress,
fixing regression (#1582)
2022-04-26 19:33:51 +00:00
Joe Previte 18ff99693b
feat: add tests for node/heart.ts (#5122)
* refactor(heart): extract logic into heartbeatTimer fn

To make it easier to test, I extract heartbeatTimer into it's own
function.

* feat(testing): add tests for heart.ts

* fixup

* fixup!: remove unneeded heart call

* Update src/node/heart.ts

Co-authored-by: Asher <ash@coder.com>

* fixup!: use mockResolvedValue everywhere

* fixup!: add stat test for timestamp check

Co-authored-by: Asher <ash@coder.com>
2022-04-26 16:35:40 +00:00
Joe Previte 0e1f396645
feat: add option for disabling file downloads (#5055)
* feat(cli): add disable-file-downloads to cli

* feat(e2e): add download test

* feat(e2e): add downloads disabled test

* refactor(e2e): explain how to debug unexpected close

* feat(patches): add disable file downloads

* wip: update diff

* Update src/node/cli.ts

Co-authored-by: Asher <ash@coder.com>

* fixup! add missing common/contextkeys file to patch

* fixup!: update patch

* fixup!: default disable-file-downloads undefined

* fixup!: combine e2e tests

* fixup!: use different test names

* feat: add CS_DISABLE_FILE_DOWNLOADS

* fixup!: make explicit and cleanup test

* fixup!: use beforeEach

Co-authored-by: Asher <ash@coder.com>
2022-04-13 09:39:05 -07:00
Asher a1af9e2a56
chore: move to patches (#4997)
* Move integration types into code-server

This will be easier to maintain than to have it as a patch.

* Disable connection token

Using a flag means we will not need to patch it out.  I think this is
new from 1.64?

* Add product.json to build process

This way we do not have to patch it.

* Ship with remote agent package.json

Instead of the root one.  This contains fewer dependencies.

* Let Code handle errors

This way we will not have to patch Code to make this work and I think it
makes sense to let Code handle the request.

If we do want to handle errors we can do it cleanly by patching their
error handler to throw instead.

* Move manifest override into code-server

This way we will not have to patch it.

* Move to patches

- Switch submodule to track upstream
- Add quilt to the process
- Add patches

The node-* ignore was ignoring one of the diffs so I removed it.  This
was added when we were curling Node as node-v{version}-darwin-x64 for
the macOS build but this no longer happens (we use the Node action to
install a specific version now so we just use the system-wide Node).

* Use pre-packaged Code
2022-03-22 15:07:14 -05:00