46 changed files with 7227 additions and 12224 deletions
--- a/.eslintrc.yaml
+++ b/.eslintrc.yaml
@ -0,0 +1,43 @@
 parser: "@typescript-eslint/parser"
 env:
  browser: true
  es6: true # Map, etc.
  jest: true
  node: true
 parserOptions:
  ecmaVersion: 2018
  sourceType: module
 extends:
  - eslint:recommended
  - plugin:@typescript-eslint/recommended
  - plugin:import/recommended
  - plugin:import/typescript
  - plugin:prettier/recommended
  # Prettier should always be last
  # Removes eslint rules that conflict with prettier.
  - prettier
 rules:
  # Sometimes you need to add args to implement a function signature even
  # if they are unused.
  "@typescript-eslint/no-unused-vars": ["error", { "args": "none" }]
  # For overloads.
  no-dupe-class-members: off
  "@typescript-eslint/no-use-before-define": off
  "@typescript-eslint/no-non-null-assertion": off
  "@typescript-eslint/ban-types": off
  "@typescript-eslint/no-var-requires": off
  "@typescript-eslint/explicit-module-boundary-types": off
  "@typescript-eslint/no-explicit-any": off
  "@typescript-eslint/no-extra-semi": off
  eqeqeq: error
  import/order:
    [error, { alphabetize: { order: "asc" }, groups: [["builtin", "external", "internal"], "parent", "sibling"] }]
  no-async-promise-executor: off
 settings:
  import/resolver:
    typescript:
      alwaysTryTypes: true
--- a/.github/ISSUE_TEMPLATE/bug-report.yml
+++ b/.github/ISSUE_TEMPLATE/bug-report.yml
@ -62,7 +62,7 @@ body:
    id: logs
    attributes:
      label: Logs
-      description: Run code-server with the --verbose flag and then paste any relevant logs from the server, from the browser console and/or the browser network tab. For issues with installation, include installation logs (i.e. output of `npm install -g code-server`).
+      description: Run code-server with the --verbose flag and then paste any relevant logs from the server, from the browser console and/or the browser network tab. For issues with installation, include installation logs (i.e. output of `yarn global add code-server`).
      render: shell
  - type: textarea
--- a/.github/PULL_REQUEST_TEMPLATE/release_template.md
+++ b/.github/PULL_REQUEST_TEMPLATE/release_template.md
@ -0,0 +1,17 @@
 <!-- Note: this variable $CODE_SERVER_VERSION_TO_UPDATE will be set when you run the release-prep.sh script with `yarn release:prep` -->
 This PR is to generate a new release of `code-server` at `$CODE_SERVER_VERSION_TO_UPDATE`
 ## Screenshot
 TODO
 ## TODOs
 Follow "Publishing a release" steps in `ci/README.md`
 <!-- Note some of these steps below are redundant since they're listed in the "Publishing a release" docs -->
 - [ ] update `CHANGELOG.md`
 - [ ] manually run "Draft release" workflow after merging this PR
 - [ ] merge PR opened in [code-server-aur](https://github.com/coder/code-server-aur)
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@ -19,7 +19,7 @@ concurrency:
 # this ensures that it only executes if all previous jobs succeeded.
 # if: steps.cache-node-modules.outputs.cache-hit != 'true'
-# will skip running `npm install` if it successfully fetched from cache
+# will skip running `yarn install` if it successfully fetched from cache
 jobs:
  prettier:
@ -33,7 +33,7 @@ jobs:
      - name: Run prettier with actionsx/prettier
        uses: actionsx/prettier@v3
        with:
-          args: --check --log-level=warn .
+          args: --check --loglevel=warn .
  doctoc:
    name: Doctoc markdown files
@ -55,16 +55,14 @@ jobs:
        uses: actions/setup-node@v4
        with:
          node-version-file: .node-version
-          cache: npm
+          cache: "yarn"
          cache-dependency-path: |
            package-lock.json
            test/package-lock.json
-      - if: steps.changed-files.outputs.any_changed == 'true'
+      - name: Install doctoc
-        run: SKIP_SUBMODULE_DEPS=1 npm ci
+        run: yarn global add doctoc@2.2.1
-      - if: steps.changed-files.outputs.any_changed == 'true'
+      - name: Run doctoc
-        run: npm run doctoc
+        if: steps.changed-files.outputs.any_changed == 'true'
        run: yarn doctoc
  lint-helm:
    name: Lint Helm chart
@ -89,10 +87,12 @@ jobs:
        with:
          token: ${{ secrets.GITHUB_TOKEN }}
-      - if: steps.changed-files.outputs.any_changed == 'true'
+      - name: Install helm kubeval plugin
        if: steps.changed-files.outputs.any_changed == 'true'
        run: helm plugin install https://github.com/instrumenta/helm-kubeval
-      - if: steps.changed-files.outputs.any_changed == 'true'
+      - name: Lint Helm chart
        if: steps.changed-files.outputs.any_changed == 'true'
        run: helm kubeval ci/helm-chart
  lint-ts:
@ -120,17 +120,24 @@ jobs:
        uses: actions/setup-node@v4
        with:
          node-version-file: .node-version
          cache: npm
          cache-dependency-path: |
            package-lock.json
            test/package-lock.json
-      - if: steps.changed-files.outputs.any_changed == 'true'
+      - name: Fetch dependencies from cache
-        run: SKIP_SUBMODULE_DEPS=1 npm ci
+        if: steps.changed-files.outputs.any_changed == 'true'
        id: cache-node-modules
        uses: actions/cache@v4
        with:
          path: "**/node_modules"
          key: yarn-build-${{ hashFiles('**/yarn.lock') }}
          restore-keys: |
            yarn-build-
      - name: Install dependencies
        if: steps.changed-files.outputs.any_changed == 'true' && steps.cache-node-modules.outputs.cache-hit != 'true'
        run: SKIP_SUBMODULE_DEPS=1 yarn --frozen-lockfile
      - name: Lint TypeScript files
        if: steps.changed-files.outputs.any_changed == 'true'
-        run: npm run lint:ts
+        run: yarn lint:ts
  lint-actions:
    name: Lint GitHub Actions
@ -168,16 +175,24 @@ jobs:
        uses: actions/setup-node@v4
        with:
          node-version-file: .node-version
          cache: npm
          cache-dependency-path: |
            package-lock.json
            test/package-lock.json
-      - if: steps.changed-files.outputs.any_changed == 'true'
+      - name: Fetch dependencies from cache
-        run: SKIP_SUBMODULE_DEPS=1 npm ci
+        if: steps.changed-files.outputs.any_changed == 'true'
        id: cache-node-modules
        uses: actions/cache@v4
        with:
          path: "**/node_modules"
          key: yarn-build-${{ hashFiles('**/yarn.lock') }}
          restore-keys: |
            yarn-build-
-      - if: steps.changed-files.outputs.any_changed == 'true'
+      - name: Install dependencies
-        run: npm run test:unit
+        if: steps.changed-files.outputs.any_changed == 'true' && steps.cache-node-modules.outputs.cache-hit != 'true'
        run: SKIP_SUBMODULE_DEPS=1 yarn --frozen-lockfile
      - name: Run unit tests
        if: steps.changed-files.outputs.any_changed == 'true'
        run: yarn test:unit
      - name: Upload coverage report to Codecov
        uses: codecov/codecov-action@v4
@ -214,16 +229,24 @@ jobs:
        uses: actions/setup-node@v4
        with:
          node-version-file: .node-version
          cache: npm
          cache-dependency-path: |
            package-lock.json
            test/package-lock.json
-      - run: SKIP_SUBMODULE_DEPS=1 npm ci
+      - name: Fetch dependencies from cache
        id: cache-node-modules
        uses: actions/cache@v4
        with:
          path: "**/node_modules"
          key: yarn-build-code-server-${{ hashFiles('**/yarn.lock') }}
          restore-keys: |
            yarn-build-code-server-
-      - env:
+      - name: Install dependencies
        if: steps.cache-node-modules.outputs.cache-hit != 'true'
        run: yarn --frozen-lockfile
      - name: Build code-server
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: npm run build
+        run: yarn build
      # Get Code's git hash.  When this changes it means the content is
      # different and we need to rebuild.
@ -246,19 +269,17 @@ jobs:
        env:
          VERSION: "0.0.0"
        if: steps.cache-vscode.outputs.cache-hit != 'true'
-        run: |
+        run: yarn build:vscode
          pushd lib/vscode
          npm ci
          popd
          npm run build:vscode
      # The release package does not contain any native modules
      # and is neutral to architecture/os/libc version.
-      - run: npm run release
+      - name: Create release package
        run: yarn release
        if: success()
      # https://github.com/actions/upload-artifact/issues/38
-      - run: tar -czf package.tar.gz release
+      - name: Compress release package
        run: tar -czf package.tar.gz release
      - name: Upload npm package artifact
        uses: actions/upload-artifact@v4
@ -282,28 +303,38 @@ jobs:
        uses: actions/setup-node@v4
        with:
          node-version-file: .node-version
          cache: npm
          cache-dependency-path: |
            package-lock.json
            test/package-lock.json
-      - run: SKIP_SUBMODULE_DEPS=1 npm ci
+      - name: Fetch dependencies from cache
        id: cache-node-modules
        uses: actions/cache@v4
        with:
          path: "**/node_modules"
          key: yarn-build-${{ hashFiles('**/yarn.lock') }}
          restore-keys: |
            yarn-build-
      - name: Download npm package
        uses: actions/download-artifact@v4
        with:
          name: npm-package
-      - run: tar -xzf package.tar.gz
+      - name: Decompress npm package
        run: tar -xzf package.tar.gz
-      - run: cd release && npm install --unsafe-perm --omit=dev
+      - name: Install release package dependencies
        run: cd release && npm install --unsafe-perm --omit=dev
      - name: Install dependencies
        if: steps.cache-node-modules.outputs.cache-hit != 'true'
        run: SKIP_SUBMODULE_DEPS=1 yarn --frozen-lockfile
      - name: Install Playwright OS dependencies
        run: |
          ./test/node_modules/.bin/playwright install-deps
          ./test/node_modules/.bin/playwright install
-      - run: CODE_SERVER_TEST_ENTRY=./release npm run test:e2e
+      - name: Run end-to-end tests
        run: CODE_SERVER_TEST_ENTRY=./release yarn test:e2e
      - name: Upload test artifacts
        if: always()
@ -331,21 +362,30 @@ jobs:
        uses: actions/setup-node@v4
        with:
          node-version-file: .node-version
          cache: npm
          cache-dependency-path: |
            package-lock.json
            test/package-lock.json
-      - run: SKIP_SUBMODULE_DEPS=1 npm ci
+      - name: Fetch dependencies from cache
        id: cache-node-modules
        uses: actions/cache@v4
        with:
          path: "**/node_modules"
          key: yarn-build-${{ hashFiles('**/yarn.lock') }}
          restore-keys: |
            yarn-build-
      - name: Download npm package
        uses: actions/download-artifact@v4
        with:
          name: npm-package
-      - run: tar -xzf package.tar.gz
+      - name: Decompress npm package
        run: tar -xzf package.tar.gz
-      - run: cd release && npm install --unsafe-perm --omit=dev
+      - name: Install release package dependencies
        run: cd release && npm install --unsafe-perm --omit=dev
      - name: Install dependencies
        if: steps.cache-node-modules.outputs.cache-hit != 'true'
        run: SKIP_SUBMODULE_DEPS=1 yarn --frozen-lockfile
      - name: Install Playwright OS dependencies
        run: |
@ -369,15 +409,22 @@ jobs:
          mkdir -p ~/.cache/caddy
          tar -xzf caddy_2.5.2_linux_amd64.tar.gz --directory ~/.cache/caddy
-      - run: sudo ~/.cache/caddy/caddy start --config ./ci/Caddyfile
+      - name: Start Caddy
        run: sudo ~/.cache/caddy/caddy start --config ./ci/Caddyfile
-      - run: CODE_SERVER_TEST_ENTRY=./release npm run test:e2e:proxy --global-timeout 840000
+      - name: Run end-to-end tests
        run: CODE_SERVER_TEST_ENTRY=./release yarn test:e2e:proxy --global-timeout 840000
-      - if: always()
+      - name: Stop Caddy
        if: always()
        run: sudo ~/.cache/caddy/caddy stop --config ./ci/Caddyfile
-      - if: always()
+      - name: Upload test artifacts
        if: always()
        uses: actions/upload-artifact@v4
        with:
          name: failed-test-videos-proxy
          path: ./test/test-results
      - name: Remove release packages and test artifacts
        run: rm -rf ./release ./test/test-results
--- a/.github/workflows/publish.yaml
+++ b/.github/workflows/publish.yaml
@ -21,6 +21,8 @@ concurrency:
  cancel-in-progress: ${{ github.event_name == 'pull_request' }}
 jobs:
  # NOTE: this job requires curl, jq and yarn
  # All of them are included in ubuntu-latest.
  npm:
    runs-on: ubuntu-latest
    steps:
@ -31,6 +33,7 @@ jobs:
        uses: actions/setup-node@v4
        with:
          node-version-file: .node-version
          cache: "yarn"
      - name: Download npm package from release artifacts
        uses: robinraju/release-downloader@v1.11
@ -40,13 +43,15 @@ jobs:
          fileName: "package.tar.gz"
          out-file-path: "release-npm-package"
-      # Strip out the v (v4.9.1 -> 4.9.1).
+      # NOTE@jsjoeio - we do this so we can strip out the v
      # i.e. v4.9.1 -> 4.9.1
      - name: Get and set VERSION
        run: |
          TAG="${{ github.event.inputs.version || github.ref_name }}"
          echo "VERSION=${TAG#v}" >> $GITHUB_ENV
-      - run: npm run publish:npm
+      - name: Publish npm package and tag with "latest"
        run: yarn publish:npm
        env:
          VERSION: ${{ env.VERSION }}
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@ -72,7 +77,8 @@ jobs:
          git config --global user.name cdrci
          git config --global user.email opensource@coder.com
-      # Strip out the v (v4.9.1 -> 4.9.1).
+      # NOTE@jsjoeio - we do this so we can strip out the v
      # i.e. v4.9.1 -> 4.9.1
      - name: Get and set VERSION
        run: |
          TAG="${{ github.event.inputs.version || github.ref_name }}"
@ -118,7 +124,8 @@ jobs:
          git config --global user.name cdrci
          git config --global user.email opensource@coder.com
-      # Strip out the v (v4.9.1 -> 4.9.1).
+      # NOTE@jsjoeio - we do this so we can strip out the v
      # i.e. v4.9.1 -> 4.9.1
      - name: Get and set VERSION
        run: |
          TAG="${{ github.event.inputs.version || github.ref_name }}"
@ -144,7 +151,6 @@ jobs:
          git commit -m "chore: updating version to ${{ env.VERSION }}"
          git push -u origin $(git branch --show)
          gh pr create --repo coder/code-server-aur --title "chore: bump version to ${{ env.VERSION }}" --body "PR opened by @$GITHUB_ACTOR" --assignee $GITHUB_ACTOR
  docker:
    runs-on: ubuntu-20.04
    steps:
@ -170,7 +176,8 @@ jobs:
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
-      # Strip out the v (v4.9.1 -> 4.9.1).
+      # NOTE@jsjoeio - we do this so we can strip out the v
      # i.e. v4.9.1 -> 4.9.1
      - name: Get and set VERSION
        run: |
          TAG="${{ github.event.inputs.version || github.ref_name }}"
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@ -19,6 +19,9 @@ concurrency:
  cancel-in-progress: ${{ github.event_name == 'pull_request' }}
 jobs:
  # TODO: cache building yarn --production
  # possibly 2m30s of savings(?)
  # this requires refactoring our release scripts
  package-linux-amd64:
    name: x86-64 Linux build
    runs-on: ubuntu-latest
@ -36,12 +39,6 @@ jobs:
        uses: actions/setup-node@v4
        with:
          node-version-file: .node-version
          cache: npm
          cache-dependency-path: |
            package-lock.json
            test/package-lock.json
      - run: SKIP_SUBMODULE_DEPS=1 npm ci
      - name: Install development tools
        run: |
@ -59,16 +56,25 @@ jobs:
          mv envsubst ~/.local/bin
          echo "$HOME/.local/bin" >> $GITHUB_PATH
      - name: Install yarn
        run: npm install -g yarn
      - name: Download npm package
        uses: actions/download-artifact@v4
        with:
          name: npm-release-package
-      - run: tar -xzf package.tar.gz
+      - name: Decompress npm package
        run: tar -xzf package.tar.gz
-      - run: npm run release:standalone
+      - name: Build standalone release
        run: npm run release:standalone
-      - run: npm run test:integration
+      - name: Install test dependencies
        run: SKIP_SUBMODULE_DEPS=1 yarn --frozen-lockfile
      - name: Run integration tests on standalone release
        run: yarn test:integration
      - name: Upload coverage report to Codecov
        uses: codecov/codecov-action@v4
@ -77,15 +83,17 @@ jobs:
        if: success()
        continue-on-error: true
-      # Strip out the v (v4.9.1 -> 4.9.1).
+      # NOTE@jsjoeio - we do this so we can strip out the v
      # i.e. v4.9.1 -> 4.9.1
      - name: Get and set VERSION
        run: |
          TAG="${{ inputs.version || github.ref_name }}"
          echo "VERSION=${TAG#v}" >> $GITHUB_ENV
-      - env:
+      - name: Build packages with nfpm
        env:
          VERSION: ${{ env.VERSION }}
-        run: npm run package
+        run: yarn package
      - uses: softprops/action-gh-release@v1
        with:
@ -133,12 +141,6 @@ jobs:
        uses: actions/setup-node@v4
        with:
          node-version-file: .node-version
          cache: npm
          cache-dependency-path: |
            package-lock.json
            test/package-lock.json
      - run: SKIP_SUBMODULE_DEPS=1 npm ci
      - name: Install cross-compiler and system dependencies
        run: |
@ -164,8 +166,11 @@ jobs:
        with:
          name: npm-release-package
-      - run: tar -xzf package.tar.gz
+      - name: Decompress npm package
-      - run: npm run release:standalone
+        run: tar -xzf package.tar.gz
      - name: Build standalone release
        run: npm run release:standalone
      - name: Replace node with cross-compile equivalent
        run: |
@ -174,13 +179,15 @@ jobs:
          tar -xf node-${node_version}-linux-${npm_config_arch}.tar.xz node-${node_version}-linux-${npm_config_arch}/bin/node --strip-components=2
          mv ./node ./release-standalone/lib/node
-      # Strip out the v (v4.9.1 -> 4.9.1).
+      # NOTE@jsjoeio - we do this so we can strip out the v
      # i.e. v4.9.1 -> 4.9.1
      - name: Get and set VERSION
        run: |
          TAG="${{ inputs.version || github.ref_name }}"
          echo "VERSION=${TAG#v}" >> $GITHUB_ENV
-      - env:
+      - name: Build packages with nfpm
        env:
          VERSION: ${{ env.VERSION }}
        run: npm run package ${npm_config_arch}
@ -203,12 +210,6 @@ jobs:
        uses: actions/setup-node@v4
        with:
          node-version-file: .node-version
          cache: npm
          cache-dependency-path: |
            package-lock.json
            test/package-lock.json
      - run: SKIP_SUBMODULE_DEPS=1 npm ci
      - name: Install nfpm
        run: |
@ -220,18 +221,28 @@ jobs:
      # in Python 3.12.  It seems to be fixed in the latest node-gyp so when we
      # next update Node we can probably remove this.  For now, install
      # setuptools since it contains distutils.
-      - run: brew install python-setuptools
+      - name: Install Python utilities
        run: brew install python-setuptools
      - name: Download npm package
        uses: actions/download-artifact@v4
        with:
          name: npm-release-package
-      - run: tar -xzf package.tar.gz
+      - name: Decompress npm package
-      - run: npm run release:standalone
+        run: tar -xzf package.tar.gz
      - run: npm run test:native
-      # Strip out the v (v4.9.1 -> 4.9.1).
+      - name: Build standalone release
        run: npm run release:standalone
      - name: Install test dependencies
        run: SKIP_SUBMODULE_DEPS=1 yarn install
      - name: Run native module tests on standalone release
        run: yarn test:native
      # NOTE@jsjoeio - we do this so we can strip out the v
      # i.e. v4.9.1 -> 4.9.1
      - name: Get and set VERSION
        run: |
          TAG="${{ inputs.version || github.ref_name }}"
@ -240,7 +251,7 @@ jobs:
      - name: Build packages with nfpm
        env:
          VERSION: ${{ env.VERSION }}
-        run: npm run package
+        run: yarn package
      - uses: softprops/action-gh-release@v1
        with:
@ -281,9 +292,11 @@ jobs:
          check_artifacts: false
          if_no_artifact_found: fail
-      - run: tar -xzf package.tar.gz
+      - name: Decompress npm package
        run: tar -xzf package.tar.gz
-      # Strip out the v (v4.9.1 -> 4.9.1).
+      # NOTE@jsjoeio - we do this so we can strip out the v
      # i.e. v4.9.1 -> 4.9.1
      - name: Get and set VERSION
        run: |
          TAG="${{ inputs.version || github.ref_name }}"
@ -302,7 +315,8 @@ jobs:
          # Ensure it has the same permissions as before
          chmod 644 release/lib/vscode/product.json
-      - run: tar -czf package.tar.gz release
+      - name: Compress release package
        run: tar -czf package.tar.gz release
      - name: Upload npm package artifact
        uses: actions/upload-artifact@v4
--- a/.github/workflows/security.yaml
+++ b/.github/workflows/security.yaml
@ -34,8 +34,12 @@ jobs:
        with:
          node-version-file: .node-version
      - name: Audit yarn for vulnerabilities
        run: yarn audit
        if: success()
      - name: Audit npm for vulnerabilities
-        run: npm audit
+        run: npm shrinkwrap && npm audit
        if: success()
  trivy-scan-repo:
--- a/.prettierignore
+++ b/.prettierignore
@ -7,4 +7,3 @@ helm-chart
 test/scripts
 test/e2e/extensions/test-extension
 .pc
 package-lock.json
--- a/.tours/start-development.tour
+++ b/.tours/start-development.tour
@ -5,7 +5,7 @@
    {
      "file": "package.json",
      "line": 31,
-      "description": "## Commands\n\nTo start developing, make sure you have Node 16+ and the [required dependencies](https://github.com/Microsoft/vscode/wiki/How-to-Contribute#prerequisites) installed. Then, run the following commands:\n\n1. Install dependencies:\n>> npm\n\n3. Start development mode (and watch for changes):\n>> npm run watch"
+      "description": "## Commands\n\nTo start developing, make sure you have Node 16+ and the [required dependencies](https://github.com/Microsoft/vscode/wiki/How-to-Contribute#prerequisites) installed. Then, run the following commands:\n\n1. Install dependencies:\n>> yarn\n\n3. Start development mode (and watch for changes):\n>> yarn watch"
    },
    {
      "file": "src/node/app.ts",
@ -20,7 +20,7 @@
    {
      "file": "src/node/app.ts",
      "line": 62,
-      "description": "## That's it!\n\n\nThat's all there is to it! When this tour ends, your terminal session may stop, but just use `npm run watch` to start developing from here on out!\n\n\nIf you haven't already, be sure to check out these resources:\n- [Tour: Contributing](command:codetour.startTourByTitle?[\"Contributing\"])\n- [Docs: FAQ.md](https://github.com/coder/code-server/blob/main/docs/FAQ.md)\n- [Docs: CONTRIBUTING.md](https://github.com/coder/code-server/blob/main/docs/CONTRIBUTING.md)\n- [Community: GitHub Discussions](https://github.com/coder/code-server/discussions)\n- [Community: Slack](https://community.coder.com)"
+      "description": "## That's it!\n\n\nThat's all there is to it! When this tour ends, your terminal session may stop, but just use `yarn watch` to start developing from here on out!\n\n\nIf you haven't already, be sure to check out these resources:\n- [Tour: Contributing](command:codetour.startTourByTitle?[\"Contributing\"])\n- [Docs: FAQ.md](https://github.com/coder/code-server/blob/main/docs/FAQ.md)\n- [Docs: CONTRIBUTING.md](https://github.com/coder/code-server/blob/main/docs/CONTRIBUTING.md)\n- [Community: GitHub Discussions](https://github.com/coder/code-server/discussions)\n- [Community: Slack](https://community.coder.com)"
    }
  ]
-}
+}
--- a/ci/README.md
+++ b/ci/README.md
@ -16,18 +16,18 @@ This directory contains scripts used for the development of code-server.
 - [./ci/dev/image](./dev/image)
  - See [./docs/CONTRIBUTING.md](../docs/CONTRIBUTING.md) for docs on the development container.
- [./ci/dev/fmt.sh](./dev/fmt.sh) (`npm run fmt`)
+- [./ci/dev/fmt.sh](./dev/fmt.sh) (`yarn fmt`)
  - Runs formatters.
- [./ci/dev/lint.sh](./dev/lint.sh) (`npm run lint`)
+- [./ci/dev/lint.sh](./dev/lint.sh) (`yarn lint`)
  - Runs linters.
- [./ci/dev/test-unit.sh](./dev/test-unit.sh) (`npm run test:unit`)
+- [./ci/dev/test-unit.sh](./dev/test-unit.sh) (`yarn test:unit`)
  - Runs unit tests.
- [./ci/dev/test-e2e.sh](./dev/test-e2e.sh) (`npm run test:e2e`)
+- [./ci/dev/test-e2e.sh](./dev/test-e2e.sh) (`yarn test:e2e`)
  - Runs end-to-end tests.
- [./ci/dev/watch.ts](./dev/watch.ts) (`npm run watch`)
+- [./ci/dev/watch.ts](./dev/watch.ts) (`yarn watch`)
  - Starts a process to build and launch code-server and restart on any code changes.
  - Example usage in [./docs/CONTRIBUTING.md](../docs/CONTRIBUTING.md).
- [./ci/dev/gen_icons.sh](./dev/gen_icons.sh) (`npm run icons`)
+- [./ci/dev/gen_icons.sh](./dev/gen_icons.sh) (`yarn icons`)
  - Generates the various icons from a single `.svg` favicon in
    `src/browser/media/favicon.svg`.
  - Requires [imagemagick](https://imagemagick.org/index.php)
@ -37,20 +37,20 @@ This directory contains scripts used for the development of code-server.
 This directory contains the scripts used to build and release code-server.
 You can disable minification by setting `MINIFY=`.
- [./ci/build/build-code-server.sh](./build/build-code-server.sh) (`npm run build`)
+- [./ci/build/build-code-server.sh](./build/build-code-server.sh) (`yarn build`)
  - Builds code-server into `./out` and bundles the frontend into `./dist`.
- [./ci/build/build-vscode.sh](./build/build-vscode.sh) (`npm run build:vscode`)
+- [./ci/build/build-vscode.sh](./build/build-vscode.sh) (`yarn build:vscode`)
  - Builds vscode into `./lib/vscode/out-vscode`.
- [./ci/build/build-release.sh](./build/build-release.sh) (`npm run release`)
+- [./ci/build/build-release.sh](./build/build-release.sh) (`yarn release`)
  - Bundles the output of the above two scripts into a single node module at `./release`.
- [./ci/build/clean.sh](./build/clean.sh) (`npm run clean`)
+- [./ci/build/clean.sh](./build/clean.sh) (`yarn clean`)
  - Removes all build artifacts.
  - Useful to do a clean build.
 - [./ci/build/code-server.sh](./build/code-server.sh)
  - Copied into standalone releases to run code-server with the bundled node binary.
- [./ci/build/test-standalone-release.sh](./build/test-standalone-release.sh) (`npm run test:standalone-release`)
+- [./ci/build/test-standalone-release.sh](./build/test-standalone-release.sh) (`yarn test:standalone-release`)
  - Ensures code-server in the `./release-standalone` directory works by installing an extension.
- [./ci/build/build-packages.sh](./build/build-packages.sh) (`npm run package`)
+- [./ci/build/build-packages.sh](./build/build-packages.sh) (`yarn package`)
  - Packages `./release-standalone` into a `.tar.gz` archive in `./release-packages`.
  - If on linux, [nfpm](https://github.com/goreleaser/nfpm) is used to generate `.deb` and `.rpm`.
 - [./ci/build/nfpm.yaml](./build/nfpm.yaml)
@ -59,15 +59,15 @@ You can disable minification by setting `MINIFY=`.
  - Entrypoint script for code-server for `.deb` and `.rpm`.
 - [./ci/build/code-server.service](./build/code-server.service)
  - systemd user service packaged into the `.deb` and `.rpm`.
- [./ci/build/release-github-draft.sh](./build/release-github-draft.sh) (`npm run release:github-draft`)
+- [./ci/build/release-github-draft.sh](./build/release-github-draft.sh) (`yarn release:github-draft`)
  - Uses [gh](https://github.com/cli/cli) to create a draft release with a template description.
- [./ci/build/release-github-assets.sh](./build/release-github-assets.sh) (`npm run release:github-assets`)
+- [./ci/build/release-github-assets.sh](./build/release-github-assets.sh) (`yarn release:github-assets`)
  - Downloads the release-package artifacts for the current commit from CI.
  - Uses [gh](https://github.com/cli/cli) to upload the artifacts to the release
    specified in `package.json`.
 - [./ci/build/npm-postinstall.sh](./build/npm-postinstall.sh)
  - Post install script for the npm package.
-  - Bundled by`npm run release`.
+  - Bundled by`yarn release`.
 ## release-image
@ -87,15 +87,15 @@ This directory contains the scripts used in CI.
 Helps avoid clobbering the CI configuration.
 - [./steps/fmt.sh](./steps/fmt.sh)
-  - Runs `npm run fmt`.
+  - Runs `yarn fmt`.
 - [./steps/lint.sh](./steps/lint.sh)
-  - Runs `npm run lint`.
+  - Runs `yarn lint`.
 - [./steps/test-unit.sh](./steps/test-unit.sh)
-  - Runs `npm run test:unit`.
+  - Runs `yarn test:unit`.
 - [./steps/test-integration.sh](./steps/test-integration.sh)
-  - Runs `npm run test:integration`.
+  - Runs `yarn test:integration`.
 - [./steps/test-e2e.sh](./steps/test-e2e.sh)
-  - Runs `npm run test:e2e`.
+  - Runs `yarn test:e2e`.
 - [./steps/release.sh](./steps/release.sh)
  - Runs the release process.
  - Generates the npm package at `./release`.
--- a/ci/build/build-packages.sh
+++ b/ci/build/build-packages.sh
@ -1,10 +1,8 @@
 #!/usr/bin/env bash
 set -euo pipefail
-# Given a platform-specific release found in ./release-standalone, generate an
+# Packages code-server for the current OS and architecture into ./release-packages.
-# compressed archives and bundles (as appropriate for the platform) named after
+# This script assumes that a standalone release is built already into ./release-standalone
 # the platform's architecture and OS and place them in ./release-packages and
 # ./release-gcp.
 main() {
  cd "$(dirname "${0}")/../.."
--- a/ci/build/build-release.sh
+++ b/ci/build/build-release.sh
@ -1,16 +1,13 @@
 #!/usr/bin/env bash
 set -euo pipefail
-# Once both code-server and VS Code have been built, use this script to copy
+# This script requires vscode to be built with matching MINIFY.
 # them into a single directory (./release), prepare the package.json and
 # product.json, and add shrinkwraps.  This results in a generic NPM package that
 # we published to NPM and also use to compile platform-specific packages.
-# MINIFY controls whether minified VS Code is bundled. It must match the value
+# MINIFY controls whether minified vscode is bundled.
 # used when VS Code was built.
 MINIFY="${MINIFY-true}"
-# node_modules are not copied by default.  Set KEEP_MODULES=1 to copy them.
+# KEEP_MODULES controls whether the script cleans all node_modules requiring a yarn install
 # to run first.
 KEEP_MODULES="${KEEP_MODULES-0}"
 main() {
@ -106,29 +103,34 @@ bundle_vscode() {
 }
 create_shrinkwraps() {
-  # package-lock.json files (used to ensure deterministic versions of
+  # yarn.lock or package-lock.json files (used to ensure deterministic versions of dependencies) are
-  # dependencies) are not packaged when publishing to the NPM registry.
+  # not packaged when publishing to the NPM registry.
-  #
+  # To ensure deterministic dependency versions (even when code-server is installed with NPM), we create
-  # To ensure deterministic dependency versions (even when code-server is
+  # an npm-shrinkwrap.json file from the currently installed node_modules. This ensures the versions used
-  # installed with NPM), we create an npm-shrinkwrap.json file from the
+  # from development (that the yarn.lock guarantees) are also the ones installed by end-users.
-  # currently installed node_modules. This ensures the versions used from
+  # These will include devDependencies, but those will be ignored when installing globally (for code-server), and
-  # development (that the package-lock.json guarantees) are also the ones
+  # because we use --omit=dev when installing vscode.
  # installed by end-users.  These will include devDependencies, but those will
  # be ignored when installing globally (for code-server), and because we use
  # --omit=dev (for VS Code).
-  # We first generate the shrinkwrap file for code-server itself - which is the
+  # We first generate the shrinkwrap file for code-server itself - which is the current directory
-  # current directory.
+  create_shrinkwrap_keeping_yarn_lock
  npm shrinkwrap
-  # Then the shrinkwrap files for the bundled VS Code.
+  # Then the shrinkwrap files for the bundled VSCode
  pushd "$VSCODE_SRC_PATH/remote/"
-  npm shrinkwrap
+  create_shrinkwrap_keeping_yarn_lock
  popd
  pushd "$VSCODE_SRC_PATH/extensions/"
-  npm shrinkwrap
+  create_shrinkwrap_keeping_yarn_lock
  popd
 }
 create_shrinkwrap_keeping_yarn_lock() {
  # HACK@edvincent: Generating a shrinkwrap alters the yarn.lock which we don't want (with NPM URLs rather than the Yarn URLs)
  # But to generate a valid shrinkwrap, it has to exist... So we copy it to then restore it
  cp yarn.lock yarn.lock.temp
  npm shrinkwrap
  cp yarn.lock.temp yarn.lock
  rm yarn.lock.temp
 }
 main "$@"
--- a/ci/build/build-standalone-release.sh
+++ b/ci/build/build-standalone-release.sh
@ -1,10 +1,6 @@
 #!/usr/bin/env bash
 set -euo pipefail
 # Once we have an NPM package, use this script to copy it to a separate
 # directory (./release-standalone) and install the dependencies.  This new
 # directory can then be packaged as a platform-specific release.
 main() {
  cd "$(dirname "${0}")/../.."
@ -13,8 +9,9 @@ main() {
  rsync "$RELEASE_PATH/" "$RELEASE_PATH-standalone"
  RELEASE_PATH+=-standalone
-  # Package managers may shim their own "node" wrapper into the PATH, so run
+  # We cannot get the path to Node from $PATH (for example via `which node`)
-  # node and ask it for its true path.
+  # because Yarn shims a script called `node` and we would end up just copying
  # that script.  Instead we run Node and have it print its actual path.
  local node_path
  node_path="$(node <<< 'console.info(process.execPath)')"
--- a/ci/build/build-vscode.sh
+++ b/ci/build/build-vscode.sh
@ -54,7 +54,7 @@ main() {
  if [[ ! ${VERSION-} ]]; then
    echo "VERSION not set. Please set before running this script:"
-    echo "VERSION='0.0.0' npm run build:vscode"
+    echo "VERSION='0.0.0' yarn build:vscode"
    exit 1
  fi
@ -112,7 +112,7 @@ EOF
  # this because we have an NPM package that could be installed on any platform.
  # The correct platform dependencies and scripts will be installed as part of
  # the post-install during `npm install` or when building a standalone release.
-  npm run gulp "vscode-reh-web-linux-x64${MINIFY:+-min}"
+  yarn gulp "vscode-reh-web-linux-x64${MINIFY:+-min}"
  # Reset so if you develop after building you will not be stuck with the wrong
  # commit (the dev client will use `oss-dev` but the dev server will still use
--- a/ci/build/npm-postinstall.sh
+++ b/ci/build/npm-postinstall.sh
@ -117,11 +117,14 @@ main() {
 install_with_yarn_or_npm() {
  echo "User agent: ${npm_config_user_agent-none}"
-  # For development we enforce npm, but for installing the package as an
+  # NOTE@edvincent: We want to keep using the package manager that the end-user was using to install the package.
-  # end-user we want to keep using whatever package manager is in use.
+  # This also ensures that when *we* run `yarn` in the development process, the yarn.lock file is used.
  case "${npm_config_user_agent-}" in
    npm*)
-      if ! npm install --unsafe-perm --omit=dev; then
+      # HACK: NPM's use of semver doesn't like resolving some peerDependencies that vscode (upstream) brings in the form of pre-releases.
      # The legacy behavior doesn't complain about pre-releases being used, falling back to that for now.
      # See https://github.com//pull/5071
      if ! npm install --unsafe-perm --legacy-peer-deps --omit=dev; then
        return 1
      fi
      ;;
--- a/ci/dev/doctoc.sh
+++ b/ci/dev/doctoc.sh
@ -18,7 +18,7 @@ main() {
    echo "Files need generation or are formatted incorrectly:"
    git -c color.ui=always status | grep --color=no '\[31m'
    echo "Please run the following locally:"
-    echo "  npm run doctoc"
+    echo "  yarn doctoc"
    exit 1
  fi
 }
--- a/ci/dev/postinstall.sh
+++ b/ci/dev/postinstall.sh
@ -3,13 +3,14 @@ set -euo pipefail
 # Install dependencies in $1.
 install-deps() {
-  local args=()
+  local args=(install)
  if [[ ${CI-} ]]; then
-    args+=(ci)
+    args+=(--frozen-lockfile)
  else
    args+=(install)
  fi
-  # If there is no package.json then npm will look upward and end up installing
+  if [[ "$1" == "lib/vscode" ]]; then
    args+=(--no-default-rc)
  fi
  # If there is no package.json then yarn will look upward and end up installing
  # from the root resulting in an infinite loop (this can happen if you have not
  # checked out the submodule yet for example).
  if [[ ! -f "$1/package.json" ]]; then
@ -18,7 +19,7 @@ install-deps() {
  fi
  pushd "$1"
  echo "Installing dependencies for $PWD"
-  npm "${args[@]}"
+  yarn "${args[@]}"
  popd
 }
--- a/ci/dev/preinstall.js
+++ b/ci/dev/preinstall.js
@ -1,3 +0,0 @@
 if (process.env.npm_execpath.includes("yarn")) {
  throw new Error("`yarn` is no longer supported; please use `npm install` instead")
 }
--- a/ci/dev/test-e2e.sh
+++ b/ci/dev/test-e2e.sh
@ -2,9 +2,9 @@
 set -euo pipefail
 help() {
-  echo >&2 "  You can build with 'npm run watch' or you can build a release"
+  echo >&2 "  You can build with 'yarn watch' or you can build a release"
-  echo >&2 "  For example: 'npm run build && npm run build:vscode && KEEP_MODULES=1 npm run release'"
+  echo >&2 "  For example: 'yarn build && yarn build:vscode && KEEP_MODULES=1 yarn release'"
-  echo >&2 "  Then 'CODE_SERVER_TEST_ENTRY=./release npm run test:e2e'"
+  echo >&2 "  Then 'CODE_SERVER_TEST_ENTRY=./release yarn test:e2e'"
  echo >&2 "  You can manually run that release with 'node ./release'"
 }
@ -15,7 +15,7 @@ main() {
  pushd test/e2e/extensions/test-extension
  echo "Building test extension"
-  npm run build
+  yarn build
  popd
  local dir="$PWD"
@ -44,7 +44,7 @@ main() {
  fi
  cd test
-  npm run playwright test "$@"
+  yarn playwright test "$@"
 }
 main "$@"
--- a/ci/dev/test-integration.sh
+++ b/ci/dev/test-integration.sh
@ -2,9 +2,9 @@
 set -euo pipefail
 help() {
-  echo >&2 "  You can build the standalone release with 'npm run release:standalone'"
+  echo >&2 "  You can build the standalone release with 'yarn release:standalone'"
  echo >&2 "  Or you can pass in a custom path."
-  echo >&2 "  CODE_SERVER_PATH='/var/tmp/coder/code-server/bin/code-server' npm run test:integration"
+  echo >&2 "  CODE_SERVER_PATH='/var/tmp/coder/code-server/bin/code-server' yarn test:integration"
 }
 # Make sure a code-server release works. You can pass in the path otherwise it
--- a/ci/dev/test-native.sh
+++ b/ci/dev/test-native.sh
@ -2,9 +2,9 @@
 set -euo pipefail
 help() {
-  echo >&2 "  You can build the standalone release with 'npm run release:standalone'"
+  echo >&2 "  You can build the standalone release with 'yarn release:standalone'"
  echo >&2 "  Or you can pass in a custom path."
-  echo >&2 "  CODE_SERVER_PATH='/var/tmp/coder/code-server/bin/code-server' npm run test:integration"
+  echo >&2 "  CODE_SERVER_PATH='/var/tmp/coder/code-server/bin/code-server' yarn test:integration"
 }
 # Make sure a code-server release works. You can pass in the path otherwise it
--- a/ci/dev/watch.ts
+++ b/ci/dev/watch.ts
@ -45,11 +45,9 @@ class Watcher {
  private readonly compilers: DevelopmentCompilers = {
    codeServer: spawn("tsc", ["--watch", "--pretty", "--preserveWatchOutput"], { cwd: this.rootPath }),
-    vscode: spawn("npm", ["run", "watch"], { cwd: this.paths.vscodeDir }),
+    vscode: spawn("yarn", ["watch"], { cwd: this.paths.vscodeDir }),
-    vscodeWebExtensions: spawn("npm", ["run", "watch-web"], { cwd: this.paths.vscodeDir }),
+    vscodeWebExtensions: spawn("yarn", ["watch-web"], { cwd: this.paths.vscodeDir }),
-    plugins: this.paths.pluginDir
+    plugins: this.paths.pluginDir ? spawn("yarn", ["build", "--watch"], { cwd: this.paths.pluginDir }) : undefined,
      ? spawn("npm", ["run", "build", "--watch"], { cwd: this.paths.pluginDir })
      : undefined,
  }
  public async initialize(): Promise<void> {
--- a/ci/steps/publish-npm.sh
+++ b/ci/steps/publish-npm.sh
@ -53,11 +53,11 @@ main() {
  # This string is used to determine how we should tag the npm release.
  # Environment can be one of three choices:
  # "development" - this means we tag with the PR number, allowing
-  # a developer to install this version with `npm install code-server@<pr-number>`
+  # a developer to install this version with `yarn add code-server@<pr-number>`
  # "staging" - this means we tag with `beta`, allowing
-  # a developer to install this version with `npm install code-server@beta`
+  # a developer to install this version with `yarn add code-server@beta`
  # "production" - this means we tag with `latest` (default), allowing
-  # a developer to install this version with `npm install code-server@latest`
+  # a developer to install this version with `yarn add code-server@latest`
  if ! is_env_var_set "NPM_ENVIRONMENT"; then
    echo "NPM_ENVIRONMENT is not set."
    echo "Determining in script based on GITHUB environment variables."
@ -86,7 +86,7 @@ main() {
  if [[ "$NPM_ENVIRONMENT" == "production" ]]; then
    NPM_VERSION="$VERSION"
    # This means the npm version will be published as "stable"
-    # and installed when a user runs `npm install code-server`
+    # and installed when a user runs `yarn install code-server`
    NPM_TAG="latest"
  else
    COMMIT_SHA="$GITHUB_SHA"
@ -94,7 +94,7 @@ main() {
    if [[ "$NPM_ENVIRONMENT" == "staging" ]]; then
      NPM_VERSION="$VERSION-beta-$COMMIT_SHA"
      # This means the npm version will be tagged with "beta"
-      # and installed when a user runs `npm install code-server@beta`
+      # and installed when a user runs `yarn install code-server@beta`
      NPM_TAG="beta"
      PACKAGE_NAME="@coder/code-server-pr"
    fi
@ -105,7 +105,7 @@ main() {
      NPM_VERSION="$VERSION-$PR_NUMBER-$COMMIT_SHA"
      PACKAGE_NAME="@coder/code-server-pr"
      # This means the npm version will be tagged with "<pr number>"
-      # and installed when a user runs `npm install code-server@<pr number>`
+      # and installed when a user runs `yarn install code-server@<pr number>`
      NPM_TAG="$PR_NUMBER"
    fi
@ -120,7 +120,10 @@ main() {
    # Example: "version": "4.0.1-4769-ad7b23cfe6ffd72914e34781ef7721b129a23040"
    # Example: "version": "4.0.1-beta-ad7b23cfe6ffd72914e34781ef7721b129a23040"
    pushd release
    # NOTE@jsjoeio
    # I originally tried to use `yarn version` but ran into issues and abandoned it.
    npm version "$NPM_VERSION"
    # NOTE@jsjoeio
    # Use the development package name
    # This is so we don't clutter the code-server versions on npm
    # with development versions.
@ -131,6 +134,7 @@ main() {
    popd
  fi
  # NOTE@jsjoeio
  # We need to make sure we haven't already published the version.
  # If we get error, continue with script because we want to publish
  # If version is valid, we check if we're publishing the same one
@ -140,9 +144,10 @@ main() {
    return
  fi
  # NOTE@jsjoeio
  # Since the dev builds are scoped to @coder
  # We pass --access public to ensure npm knows it's not private.
-  npm publish --non-interactive release --tag "$NPM_TAG" --access public
+  yarn publish --non-interactive release --tag "$NPM_TAG" --access public
 }
 main "$@"
--- a/docs/CONTRIBUTING.md
+++ b/docs/CONTRIBUTING.md
@ -35,7 +35,7 @@ Here is what is needed:
 - `node` v20.x
 - `git` v2.x or greater
 - [`git-lfs`](https://git-lfs.github.com)
- [`npm`](https://www.npmjs.com/)
+- [`yarn`](https://classic.yarnpkg.com/en/)
  - Used to install JS packages and run scripts
 - [`nfpm`](https://nfpm.goreleaser.com/)
  - Used to build `.deb` and `.rpm` packages
@ -70,8 +70,8 @@ for more information.
 1. `git clone https://github.com/coder/code-server.git` - Clone `code-server`
 2. `git submodule update --init` - Clone `vscode` submodule
 3. `quilt push -a` - Apply patches to the `vscode` submodule.
-4. `npm install` - Install dependencies
+4. `yarn` - Install dependencies
-5. `npm run watch` - Launch code-server localhost:8080. code-server will be live
+5. `yarn watch` - Launch code-server localhost:8080. code-server will be live
   reloaded when changes are made; the browser needs to be refreshed manually.
 When pulling down changes that include modifications to the patches you will
@ -102,7 +102,7 @@ commits first if you are doing this).
   but the lines changed, update the patch with `quilt refresh`. If there are
   conflicts, then force apply with `quilt push -f`, manually add back the
   rejected code, then run `quilt refresh`.
-4. From the code-server **project root**, run `npm install`.
+4. From the code-server **project root**, run `yarn install`.
 5. Check the Node.js version that's used by Electron (which is shipped with VS
   Code. If necessary, update our version of Node.js to match.
@ -127,14 +127,14 @@ You can build a full production as follows:
 ```shell
 git submodule update --init
 quilt push -a
-npm install
+yarn install
-npm run build
+yarn build
-VERSION=0.0.0 npm run build:vscode
+VERSION=0.0.0 yarn build:vscode
-npm run release
+yarn release
 ```
 This does not keep `node_modules`. If you want them to be kept, use
-`KEEP_MODULES=1 npm run release`
+`KEEP_MODULES=1 yarn release`
 Run your build:
@ -148,9 +148,9 @@ node .
 Then, to build the release package:
 ```shell
-npm run release:standalone
+yarn release:standalone
-npm run test:integration
+yarn test:integration
-npm run package
+yarn package
 ```
 > On Linux, the currently running distro will become the minimum supported
@ -170,9 +170,9 @@ writing, we do this for the following platforms/architectures:
 - Linux armhf.rpm
 - macOS arm64.tar.gz
-Currently, these are compiled in CI using the `npm run release:standalone`
+Currently, these are compiled in CI using the `yarn release:standalone` command
-command in the `release.yaml` workflow. We then upload them to the draft release
+in the `release.yaml` workflow. We then upload them to the draft release and
-and distribute via GitHub Releases.
+distribute via GitHub Releases.
 ### Troubleshooting
@ -226,7 +226,7 @@ We use these to test anything related to our scripts (most of which live under
 ### Integration tests
-These are a work in progress. We build code-server and run tests with `npm run
+These are a work in progress. We build code-server and run tests with `yarn
 test:integration`, which ensures that code-server builds work on their
 respective platforms.
--- a/docs/MAINTAINING.md
+++ b/docs/MAINTAINING.md
@ -90,7 +90,7 @@ Our testing structure is laid out under our [Contributing docs](https://coder.co
 If you're ever looking to add more tests, here are a few ways to get started:
- run `npm run test:unit` and look at the coverage chart. You'll see all the
+- run `yarn test:unit` and look at the coverage chart. You'll see all the
  uncovered lines. This is a good place to start.
 - look at `test/scripts` to see which scripts are tested. We can always use more
  tests there.
--- a/docs/SECURITY.md
+++ b/docs/SECURITY.md
@ -17,8 +17,8 @@ We use the following tools to help us stay on top of vulnerability mitigation.
    - Comprehensive vulnerability scanner that runs on PRs into the default
      branch and scans both our container image and repository code (see
      `trivy-scan-repo` and `trivy-scan-image` jobs in `build.yaml`)
- `npm audit`
+- `yarn audit` and `npm audit`
-  - Audits NPM dependencies.
+  - Audits Yarn/NPM dependencies.
 ## Supported Versions
--- a/eslint.config.mjs
+++ b/eslint.config.mjs
@ -1,84 +0,0 @@
 import { fixupConfigRules } from "@eslint/compat"
 import globals from "globals"
 import tsParser from "@typescript-eslint/parser"
 import path from "node:path"
 import { fileURLToPath } from "node:url"
 import js from "@eslint/js"
 import { FlatCompat } from "@eslint/eslintrc"
 const __filename = fileURLToPath(import.meta.url)
 const __dirname = path.dirname(__filename)
 const compat = new FlatCompat({
  baseDirectory: __dirname,
  recommendedConfig: js.configs.recommended,
  allConfig: js.configs.all,
 })
 export default [
  ...fixupConfigRules(
    compat.extends(
      "eslint:recommended",
      "plugin:@typescript-eslint/recommended",
      "plugin:import/recommended",
      "plugin:import/typescript",
      "plugin:prettier/recommended",
      "prettier",
    ),
  ),
  {
    languageOptions: {
      globals: {
        ...globals.browser,
        ...globals.jest,
        ...globals.node,
      },
      parser: tsParser,
      ecmaVersion: 2018,
      sourceType: "module",
    },
    settings: {
      "import/resolver": {
        typescript: {
          alwaysTryTypes: true,
        },
      },
    },
    rules: {
      "@typescript-eslint/no-unused-vars": [
        "error",
        {
          args: "none",
        },
      ],
      "no-dupe-class-members": "off",
      "@typescript-eslint/no-use-before-define": "off",
      "@typescript-eslint/no-non-null-assertion": "off",
      "@typescript-eslint/ban-types": "off",
      "@typescript-eslint/no-var-requires": "off",
      "@typescript-eslint/explicit-module-boundary-types": "off",
      "@typescript-eslint/no-explicit-any": "off",
      "@typescript-eslint/no-extra-semi": "off",
      "@typescript-eslint/no-require-imports": "off",
      "@typescript-eslint/no-unused-vars": "off", // TODO: Fix these.
      "@typescript-eslint/no-empty-object-type": "off",
      eqeqeq: "error",
      "import/order": [
        "error",
        {
          alphabetize: {
            order: "asc",
          },
          groups: [["builtin", "external", "internal"], "parent", "sibling"],
        },
      ],
      "no-async-promise-executor": "off",
    },
  },
 ]
--- a/flake.lock
+++ b/flake.lock
@ -5,11 +5,11 @@
        "systems": "systems"
      },
      "locked": {
-        "lastModified": 1726560853,
+        "lastModified": 1710146030,
-        "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
+        "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
        "owner": "numtide",
        "repo": "flake-utils",
-        "rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
+        "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
        "type": "github"
      },
      "original": {
@ -20,18 +20,15 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1727104955,
+        "lastModified": 1716137900,
-        "narHash": "sha256-m6kgjR4zAwyMe1Pn4RGXLCzArtoBp1qzhb2AUlPeVh4=",
+        "narHash": "sha256-sowPU+tLQv8GlqtVtsXioTKeaQvlMz/pefcdwg8MvfM=",
-        "owner": "nixos",
+        "path": "/nix/store/r8nhgnkxacbnf4kv8kdi8b6ks3k9b16i-source",
-        "repo": "nixpkgs",
+        "rev": "6c0b7a92c30122196a761b440ac0d46d3d9954f1",
-        "rev": "d266adc5a77ec8c10ed941c7251b2673004dbd62",
+        "type": "path"
        "type": "github"
      },
      "original": {
-        "owner": "nixos",
+        "id": "nixpkgs",
-        "ref": "nixos-unstable-small",
+        "type": "indirect"
        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "root": {
--- a/flake.nix
+++ b/flake.nix
@ -8,19 +8,11 @@
      (system:
        let pkgs = nixpkgs.legacyPackages.${system};
            nodejs = pkgs.nodejs_20;
            yarn' = pkgs.yarn.override { inherit nodejs; };
        in {
          devShells.default = pkgs.mkShell {
            nativeBuildInputs = with pkgs; [
-              nodejs
+              nodejs yarn' python3 pkg-config git rsync jq moreutils quilt bats openssl
              python3
              pkg-config
              git
              rsync
              jq
              moreutils
              quilt
              bats
              openssl
            ];
            buildInputs = with pkgs; (lib.optionals (!stdenv.isDarwin) [ libsecret libkrb5 ]
                          ++ (with xorg; [ libX11 libxkbfile ])
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@ -23,27 +23,22 @@
    "test:native": "./ci/dev/test-native.sh",
    "test:scripts": "./ci/dev/test-scripts.sh",
    "package": "./ci/build/build-packages.sh",
-    "prettier": "prettier --write --log-level=warn --cache .",
+    "prettier": "prettier --write --loglevel=warn --cache .",
    "preinstall": "node ./ci/dev/preinstall.js",
    "postinstall": "./ci/dev/postinstall.sh",
    "publish:npm": "./ci/steps/publish-npm.sh",
    "publish:docker": "./ci/steps/docker-buildx-push.sh",
-    "fmt": "npm run prettier && ./ci/dev/doctoc.sh",
+    "fmt": "yarn prettier && ./ci/dev/doctoc.sh",
    "lint:scripts": "./ci/dev/lint-scripts.sh",
-    "lint:ts": "eslint --max-warnings=0 --fix $(git ls-files '*.ts' '*.js' | grep -v 'lib/vscode' | grep -v test-plugin)",
+    "lint:ts": "eslint --max-warnings=0 --fix $(git ls-files '*.ts' '*.js' | grep -v 'lib/vscode')",
-    "test": "echo 'Run npm run test:unit or npm run test:e2e' && exit 1",
+    "test": "echo 'Run yarn test:unit or yarn test:e2e' && exit 1",
    "watch": "VSCODE_DEV=1 VSCODE_IPC_HOOK_CLI= NODE_OPTIONS='--max_old_space_size=32384 --trace-warnings' ts-node ./ci/dev/watch.ts",
    "icons": "./ci/dev/gen_icons.sh"
  },
  "main": "out/node/entry.js",
  "devDependencies": {
    "@eslint/compat": "^1.2.0",
    "@eslint/eslintrc": "^3.1.0",
    "@eslint/js": "^9.12.0",
    "@schemastore/package": "^0.0.10",
    "@types/compression": "^1.7.3",
    "@types/cookie-parser": "^1.4.4",
    "@types/eslint__js": "^8.42.3",
    "@types/express": "^4.17.17",
    "@types/http-proxy": "1.17.7",
    "@types/js-yaml": "^4.0.6",
@ -54,18 +49,18 @@
    "@types/semver": "^7.5.2",
    "@types/trusted-types": "^2.0.4",
    "@types/ws": "^8.5.5",
    "@typescript-eslint/eslint-plugin": "^7.0.0",
    "@typescript-eslint/parser": "^6.7.2",
    "doctoc": "^2.2.1",
-    "eslint": "^9.12.0",
+    "eslint": "^8.49.0",
    "eslint-config-prettier": "^9.0.0",
    "eslint-import-resolver-typescript": "^3.6.0",
    "eslint-plugin-import": "^2.28.1",
    "eslint-plugin-prettier": "^5.0.0",
    "globals": "^15.10.0",
    "prettier": "^3.0.3",
    "prettier-plugin-sh": "^0.14.0",
    "ts-node": "^10.9.1",
-    "typescript": "^5.6.2",
+    "typescript": "^5.2.2"
    "typescript-eslint": "^8.8.0"
  },
  "dependencies": {
    "@coder/logger": "^3.0.1",
@ -105,7 +100,8 @@
    "remote-development"
  ],
  "engines": {
-    "node": "20"
+    "node": "20",
    "yarn": "1"
  },
  "jest": {
    "transform": {
--- a/src/browser/serviceWorker.ts
+++ b/src/browser/serviceWorker.ts
@ -1,3 +1,5 @@
 /* eslint-disable @typescript-eslint/no-explicit-any */
 self.addEventListener("install", () => {
  console.debug("[Service Worker] installed")
 })
--- a/src/node/socket.ts
+++ b/src/node/socket.ts
@ -47,7 +47,7 @@ export class SocketProxyProvider {
      proxy.once("connect", () => proxy.write(id))
      const timeout = setTimeout(() => {
-        listener.dispose()
+        listener.dispose() // eslint-disable-line @typescript-eslint/no-use-before-define
        socket.destroy()
        proxy.destroy()
        reject(new Error("TLS socket proxy timed out"))
--- a/src/node/vscodeSocket.ts
+++ b/src/node/vscodeSocket.ts
@ -37,6 +37,7 @@ export async function makeEditorSessionManagerServer(
 ): Promise<http.Server> {
  const router = express()
  // eslint-disable-next-line import/no-named-as-default-member
  router.use(express.json())
  router.get<{}, GetSessionResponse | string | unknown, undefined, { filePath?: string }>(
--- a/src/node/wsRouter.ts
+++ b/src/node/wsRouter.ts
@ -54,4 +54,5 @@ export function Router(): WebsocketRouter {
  return new WebsocketRouter()
 }
 // eslint-disable-next-line import/no-named-as-default-member -- the typings are not updated correctly
 export const wss = new Websocket.Server({ noServer: true })
--- a/test/e2e/extensions/test-extension/package-lock.json
+++ b/test/e2e/extensions/test-extension/package-lock.json
@ -1,41 +0,0 @@
 {
  "name": "code-server-extension",
  "version": "0.0.1",
  "lockfileVersion": 3,
  "requires": true,
  "packages": {
    "": {
      "name": "code-server-extension",
      "version": "0.0.1",
      "license": "MIT",
      "devDependencies": {
        "@types/vscode": "^1.56.0",
        "typescript": "^4.0.5"
      },
      "engines": {
        "vscode": "^1.56.0"
      }
    },
    "node_modules/@types/vscode": {
      "version": "1.57.0",
      "resolved": "https://registry.npmjs.org/@types/vscode/-/vscode-1.57.0.tgz",
      "integrity": "sha512-FeznBFtIDCWRluojTsi9c3LLcCHOXP5etQfBK42+ixo1CoEAchkw39tuui9zomjZuKfUVL33KZUDIwHZ/xvOkQ==",
      "dev": true,
      "license": "MIT"
    },
    "node_modules/typescript": {
      "version": "4.3.2",
      "resolved": "https://registry.npmjs.org/typescript/-/typescript-4.3.2.tgz",
      "integrity": "sha512-zZ4hShnmnoVnAHpVHWpTcxdv7dWP60S2FsydQLV8V5PbS3FifjWFFRiHSWpDJahly88PRyV5teTSLoq4eG7mKw==",
      "dev": true,
      "license": "Apache-2.0",
      "bin": {
        "tsc": "bin/tsc",
        "tsserver": "bin/tsserver"
      },
      "engines": {
        "node": ">=4.2.0"
      }
    }
  }
 }
--- a/test/e2e/extensions/test-extension/yarn.lock
+++ b/test/e2e/extensions/test-extension/yarn.lock
@ -0,0 +1,13 @@
 # THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
 # yarn lockfile v1
 "@types/vscode@^1.56.0":
  version "1.57.0"
  resolved "https://registry.yarnpkg.com/@types/vscode/-/vscode-1.57.0.tgz#cc648e0573b92f725cd1baf2621f8da9f8bc689f"
  integrity sha512-FeznBFtIDCWRluojTsi9c3LLcCHOXP5etQfBK42+ixo1CoEAchkw39tuui9zomjZuKfUVL33KZUDIwHZ/xvOkQ==
 typescript@^4.0.5:
  version "4.3.2"
  resolved "https://registry.yarnpkg.com/typescript/-/typescript-4.3.2.tgz#399ab18aac45802d6f2498de5054fcbbe716a805"
  integrity sha512-zZ4hShnmnoVnAHpVHWpTcxdv7dWP60S2FsydQLV8V5PbS3FifjWFFRiHSWpDJahly88PRyV5teTSLoq4eG7mKw==
--- a/test/e2e/webview.test.ts
+++ b/test/e2e/webview.test.ts
@ -23,6 +23,6 @@ describe("Webviews", ["--disable-workspace-trust"], {}, () => {
      .frameLocator("#active-frame")
      .locator("text=Hello world")
-    expect(renderedText).toBeVisible()
+    expect(renderedText).toBeVisible
  })
 })
--- a/test/package-lock.json
+++ b/test/package-lock.json
--- a/test/playwright.config.ts
+++ b/test/playwright.config.ts
@ -3,12 +3,12 @@ import { PlaywrightTestConfig } from "@playwright/test"
 import path from "path"
 // The default configuration runs all tests in three browsers with workers equal
-// to half the available threads. See 'npm run test:e2e --help' to customize
+// to half the available threads. See 'yarn test:e2e --help' to customize from
-// from the command line. For example:
+// the command line. For example:
-//   npm run test:e2e --workers 1        # Run with one worker
+//   yarn test:e2e --workers 1        # Run with one worker
-//   npm run test:e2e --project Chromium # Only run on Chromium
+//   yarn test:e2e --project Chromium # Only run on Chromium
-//   npm run test:e2e --grep login       # Run tests matching "login"
+//   yarn test:e2e --grep login       # Run tests matching "login"
-//   PWDEBUG=1 npm run test:e2e          # Run Playwright inspector
+//   PWDEBUG=1 yarn test:e2e          # Run Playwright inspector
 const config: PlaywrightTestConfig = {
  testDir: path.join(__dirname, "e2e"), // Search for tests in this directory.
  timeout: 60000, // Each test is given 60 seconds.
--- a/test/unit/node/socket.test.ts
+++ b/test/unit/node/socket.test.ts
@ -61,7 +61,7 @@ describe("SocketProxyProvider", () => {
        resolved[type] = true
        if (resolved.client && resolved.server) {
          // We don't need any more connections.
-          main.close()
+          main.close() // eslint-disable-line @typescript-eslint/no-use-before-define
          _resolve()
        }
      }
--- a/test/unit/node/test-plugin/Makefile
+++ b/test/unit/node/test-plugin/Makefile
@ -1,6 +1,6 @@
 out/index.js: src/index.ts
 	# Typescript always emits, even on errors.
-	npm run build || rm out/index.js
+	yarn build || rm out/index.js
-node_modules: package.json package-lock.json
+node_modules: package.json yarn.lock
-	npm install
+	yarn
--- a/test/unit/node/test-plugin/package-lock.json
+++ b/test/unit/node/test-plugin/package-lock.json
@ -1,90 +0,0 @@
 {
  "name": "test-plugin",
  "version": "1.0.0",
  "lockfileVersion": 1,
  "requires": true,
  "dependencies": {
    "@types/body-parser": {
      "version": "1.19.0",
      "resolved": "https://registry.npmjs.org/@types/body-parser/-/body-parser-1.19.0.tgz",
      "integrity": "sha512-W98JrE0j2K78swW4ukqMleo8R7h/pFETjM2DQ90MF6XK2i4LO4W3gQ71Lt4w3bfm2EvVSyWHplECvB5sK22yFQ==",
      "requires": {
        "@types/connect": "*",
        "@types/node": "*"
      },
      "dev": true
    },
    "@types/connect": {
      "version": "3.4.33",
      "resolved": "https://registry.npmjs.org/@types/connect/-/connect-3.4.33.tgz",
      "integrity": "sha512-2+FrkXY4zllzTNfJth7jOqEHC+enpLeGslEhpnTAkg21GkRrWV4SsAtqchtT4YS9/nODBU2/ZfsBY2X4J/dX7A==",
      "requires": {
        "@types/node": "*"
      },
      "dev": true
    },
    "@types/express": {
      "version": "4.17.8",
      "resolved": "https://registry.npmjs.org/@types/express/-/express-4.17.8.tgz",
      "integrity": "sha512-wLhcKh3PMlyA2cNAB9sjM1BntnhPMiM0JOBwPBqttjHev2428MLEB4AYVN+d8s2iyCVZac+o41Pflm/ZH5vLXQ==",
      "requires": {
        "@types/body-parser": "*",
        "@types/express-serve-static-core": "*",
        "@types/qs": "*",
        "@types/serve-static": "*"
      },
      "dev": true
    },
    "@types/express-serve-static-core": {
      "version": "4.17.13",
      "resolved": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-4.17.13.tgz",
      "integrity": "sha512-RgDi5a4nuzam073lRGKTUIaL3eF2+H7LJvJ8eUnCI0wA6SNjXc44DCmWNiTLs/AZ7QlsFWZiw/gTG3nSQGL0fA==",
      "requires": {
        "@types/node": "*",
        "@types/qs": "*",
        "@types/range-parser": "*"
      },
      "dev": true
    },
    "@types/mime": {
      "version": "2.0.3",
      "resolved": "https://registry.npmjs.org/@types/mime/-/mime-2.0.3.tgz",
      "integrity": "sha512-Jus9s4CDbqwocc5pOAnh8ShfrnMcPHuJYzVcSUU7lrh8Ni5HuIqX3oilL86p3dlTrk0LzHRCgA/GQ7uNCw6l2Q==",
      "dev": true
    },
    "@types/node": {
      "version": "14.14.6",
      "resolved": "https://registry.npmjs.org/@types/node/-/node-14.14.6.tgz",
      "integrity": "sha512-6QlRuqsQ/Ox/aJEQWBEJG7A9+u7oSYl3mem/K8IzxXG/kAGbV1YPD9Bg9Zw3vyxC/YP+zONKwy8hGkSt1jxFMw==",
      "dev": true
    },
    "@types/qs": {
      "version": "6.9.5",
      "resolved": "https://registry.npmjs.org/@types/qs/-/qs-6.9.5.tgz",
      "integrity": "sha512-/JHkVHtx/REVG0VVToGRGH2+23hsYLHdyG+GrvoUGlGAd0ErauXDyvHtRI/7H7mzLm+tBCKA7pfcpkQ1lf58iQ==",
      "dev": true
    },
    "@types/range-parser": {
      "version": "1.2.3",
      "resolved": "https://registry.npmjs.org/@types/range-parser/-/range-parser-1.2.3.tgz",
      "integrity": "sha512-ewFXqrQHlFsgc09MK5jP5iR7vumV/BYayNC6PgJO2LPe8vrnNFyjQjSppfEngITi0qvfKtzFvgKymGheFM9UOA==",
      "dev": true
    },
    "@types/serve-static": {
      "version": "1.13.6",
      "resolved": "https://registry.npmjs.org/@types/serve-static/-/serve-static-1.13.6.tgz",
      "integrity": "sha512-nuRJmv7jW7VmCVTn+IgYDkkbbDGyIINOeu/G0d74X3lm6E5KfMeQPJhxIt1ayQeQB3cSxvYs1RA/wipYoFB4EA==",
      "requires": {
        "@types/mime": "*",
        "@types/node": "*"
      },
      "dev": true
    },
    "typescript": {
      "version": "4.0.5",
      "resolved": "https://registry.npmjs.org/typescript/-/typescript-4.0.5.tgz",
      "integrity": "sha512-ywmr/VrTVCmNTJ6iV2LwIrfG1P+lv6luD8sUJs+2eI9NLGigaN+nUQc13iHqisq7bra9lnmUSYqbJvegraBOPQ==",
      "dev": true
    }
  }
 }
--- a/test/unit/node/test-plugin/yarn.lock
+++ b/test/unit/node/test-plugin/yarn.lock
@ -0,0 +1,70 @@
 # THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
 # yarn lockfile v1
 "@types/body-parser@*":
  version "1.19.0"
  resolved "https://registry.yarnpkg.com/@types/body-parser/-/body-parser-1.19.0.tgz#0685b3c47eb3006ffed117cdd55164b61f80538f"
  integrity sha512-W98JrE0j2K78swW4ukqMleo8R7h/pFETjM2DQ90MF6XK2i4LO4W3gQ71Lt4w3bfm2EvVSyWHplECvB5sK22yFQ==
  dependencies:
    "@types/connect" "*"
    "@types/node" "*"
 "@types/connect@*":
  version "3.4.33"
  resolved "https://registry.yarnpkg.com/@types/connect/-/connect-3.4.33.tgz#31610c901eca573b8713c3330abc6e6b9f588546"
  integrity sha512-2+FrkXY4zllzTNfJth7jOqEHC+enpLeGslEhpnTAkg21GkRrWV4SsAtqchtT4YS9/nODBU2/ZfsBY2X4J/dX7A==
  dependencies:
    "@types/node" "*"
 "@types/express-serve-static-core@*":
  version "4.17.13"
  resolved "https://registry.yarnpkg.com/@types/express-serve-static-core/-/express-serve-static-core-4.17.13.tgz#d9af025e925fc8b089be37423b8d1eac781be084"
  integrity sha512-RgDi5a4nuzam073lRGKTUIaL3eF2+H7LJvJ8eUnCI0wA6SNjXc44DCmWNiTLs/AZ7QlsFWZiw/gTG3nSQGL0fA==
  dependencies:
    "@types/node" "*"
    "@types/qs" "*"
    "@types/range-parser" "*"
 "@types/express@^4.17.8":
  version "4.17.8"
  resolved "https://registry.yarnpkg.com/@types/express/-/express-4.17.8.tgz#3df4293293317e61c60137d273a2e96cd8d5f27a"
  integrity sha512-wLhcKh3PMlyA2cNAB9sjM1BntnhPMiM0JOBwPBqttjHev2428MLEB4AYVN+d8s2iyCVZac+o41Pflm/ZH5vLXQ==
  dependencies:
    "@types/body-parser" "*"
    "@types/express-serve-static-core" "*"
    "@types/qs" "*"
    "@types/serve-static" "*"
 "@types/mime@*":
  version "2.0.3"
  resolved "https://registry.yarnpkg.com/@types/mime/-/mime-2.0.3.tgz#c893b73721db73699943bfc3653b1deb7faa4a3a"
  integrity sha512-Jus9s4CDbqwocc5pOAnh8ShfrnMcPHuJYzVcSUU7lrh8Ni5HuIqX3oilL86p3dlTrk0LzHRCgA/GQ7uNCw6l2Q==
 "@types/node@*":
  version "14.14.6"
  resolved "https://registry.yarnpkg.com/@types/node/-/node-14.14.6.tgz#146d3da57b3c636cc0d1769396ce1cfa8991147f"
  integrity sha512-6QlRuqsQ/Ox/aJEQWBEJG7A9+u7oSYl3mem/K8IzxXG/kAGbV1YPD9Bg9Zw3vyxC/YP+zONKwy8hGkSt1jxFMw==
 "@types/qs@*":
  version "6.9.5"
  resolved "https://registry.yarnpkg.com/@types/qs/-/qs-6.9.5.tgz#434711bdd49eb5ee69d90c1d67c354a9a8ecb18b"
  integrity sha512-/JHkVHtx/REVG0VVToGRGH2+23hsYLHdyG+GrvoUGlGAd0ErauXDyvHtRI/7H7mzLm+tBCKA7pfcpkQ1lf58iQ==
 "@types/range-parser@*":
  version "1.2.3"
  resolved "https://registry.yarnpkg.com/@types/range-parser/-/range-parser-1.2.3.tgz#7ee330ba7caafb98090bece86a5ee44115904c2c"
  integrity sha512-ewFXqrQHlFsgc09MK5jP5iR7vumV/BYayNC6PgJO2LPe8vrnNFyjQjSppfEngITi0qvfKtzFvgKymGheFM9UOA==
 "@types/serve-static@*":
  version "1.13.6"
  resolved "https://registry.yarnpkg.com/@types/serve-static/-/serve-static-1.13.6.tgz#866b1b8dec41c36e28c7be40ac725b88be43c5c1"
  integrity sha512-nuRJmv7jW7VmCVTn+IgYDkkbbDGyIINOeu/G0d74X3lm6E5KfMeQPJhxIt1ayQeQB3cSxvYs1RA/wipYoFB4EA==
  dependencies:
    "@types/mime" "*"
    "@types/node" "*"
 typescript@^4.0.5:
  version "4.0.5"
  resolved "https://registry.yarnpkg.com/typescript/-/typescript-4.0.5.tgz#ae9dddfd1069f1cb5beb3ef3b2170dd7c1332389"
  integrity sha512-ywmr/VrTVCmNTJ6iV2LwIrfG1P+lv6luD8sUJs+2eI9NLGigaN+nUQc13iHqisq7bra9lnmUSYqbJvegraBOPQ==
--- a/test/yarn.lock
+++ b/test/yarn.lock
--- a/yarn.lock
+++ b/yarn.lock