coder/code-server
1
0
Fork 0
mirror of https://github.com/coder/code-server.git synced 2026-06-16 05:39:11 -05:00
Code Issues Packages Projects Releases 202 Wiki Activity
4,179 Commits 28 Branches 247 Tags
9baa4f24aa5c5bb4cc7f5bb6fe72a60852a62894
Commit Graph

61 Commits

Author SHA1 Message Date
Asher
1ccd4f04d2 Update brace-expansion, js-yaml, and ws 2026-06-15 16:42:17 -08:00
Asher
364cf99338 Strip token from cookies before proxying 
Since this functionality requires information placed onto the request by
code-server (req.args) and Express (req.cookies), move the standalone
tests into the integration tests as the proxy can no longer run
correctly on its own without that context.

We could strip the header elsewhere or refactor in some way (pass in a
callback function for the stripping or something) but this seems like
the simplest and safest place at the moment to ensure we catch all uses
of the proxy.

In any case, I think it does lend more confidence to know we are testing
the proxy the way it will be used in practice.  The downside is some
additional complexity when setting up tests, but at the moment I do not
think that exchange is overly burdensome.
 2026-06-15 16:42:17 -08:00
dependabot[bot]
6cad75773e chore: bump basic-ftp from 5.3.0 to 5.3.1 (#7786) 2026-06-01 13:56:12 -08:00
dependabot[bot]
4a50b99b67 chore: bump ip-address from 10.1.0 to 10.2.0 (#7785) 2026-05-28 10:26:53 -08:00
dependabot[bot]
477c0b11b8 chore: bump qs from 6.15.0 to 6.15.2 (#7814) 2026-05-28 10:23:44 -08:00
dependabot[bot]
62e5c450f7 chore: bump prettier from 3.6.2 to 3.8.3 (#7776) 2026-05-22 12:29:05 -08:00
dependabot[bot]
265713561c chore: bump ws from 8.19.0 to 8.20.1 (#7804) 2026-05-22 12:28:29 -08:00
Asher
ddeb0a3de0 Update brace-expansion to 1.1.14 2026-04-22 14:20:28 -08:00
dependabot[bot]
a12c89658c chore: bump follow-redirects from 1.15.11 to 1.16.0 (#7755) 2026-04-17 11:02:42 -08:00
dependabot[bot]
4b4903e809 chore: bump basic-ftp from 5.2.1 to 5.3.0 (#7759) 2026-04-17 11:02:13 -08:00
dependabot[bot]
34ac5f47de chore: bump basic-ftp from 5.2.0 to 5.2.1 (#7749) 2026-04-10 11:51:18 -08:00
dependabot[bot]
287f8ecd56 chore: bump path-to-regexp from 8.3.0 to 8.4.0 (#7722) 2026-04-08 13:46:01 -08:00
dependabot[bot]
0b15b91dc1 chore: bump picomatch from 4.0.3 to 4.0.4 (#7718) 2026-04-06 10:26:13 -08:00
dependabot[bot]
d544846caa chore: bump flatted from 3.3.4 to 3.4.2 (#7713) 2026-03-23 10:50:35 -08:00
Olivier Benz
1af5ce5ab6 Update Code to 1.110.0 (#7694) 
* Update Code to 1.110.0
* Fix protected field error
* Lower mangle workers to 2 to fix oom
* Remove build timeouts
 2026-03-05 23:54:52 -09:00
Asher
62afaf261b Update npm dependencies 2026-03-03 16:18:30 -09:00
dependabot[bot]
b6e0c844a9 chore: bump eslint-config-prettier from 9.1.0 to 10.1.8 (#7653) 2026-03-03 15:27:51 -09:00
dependabot[bot]
83d2935223 chore: bump typescript-eslint from 8.33.0 to 8.54.0 (#7654) 2026-03-03 15:27:10 -09:00
dependabot[bot]
9e3794487f chore: bump eslint-plugin-import from 2.31.0 to 2.32.0 (#7652) 2026-03-03 13:10:47 -09:00
dependabot[bot]
3eada681d3 chore: bump ws and @types/ws (#7651) 2026-03-03 12:24:36 -09:00
dependabot[bot]
52f1542621 chore: bump basic-ftp from 5.0.5 to 5.2.0 (#7680) 2026-03-03 12:23:40 -09:00
dependabot[bot]
980e009b6d chore: bump minimatch (#7683) 2026-03-03 12:19:01 -09:00
dependabot[bot]
7f2112c1c9 chore: bump express from 5.1.0 to 5.2.0 (#7586) 2026-01-23 13:50:38 -09:00
dependabot[bot]
7ec0be6995 chore: bump prettier-plugin-sh from 0.14.0 to 0.18.0 (#7551) 2026-01-23 12:46:37 -09:00
dependabot[bot]
9e97cd1278 chore: bump js-yaml from 4.1.0 to 4.1.1 (#7563) 2026-01-23 12:41:43 -09:00
dependabot[bot]
809abfbbe0 chore: bump argon2 from 0.31.2 to 0.44.0 (#7635) 
This also removes a sub-dependency on tar, among others.
 2026-01-23 12:36:30 -09:00
dependabot[bot]
f5dc5436da chore: bump qs from 6.14.0 to 6.14.1 (#7618) 2026-01-23 12:25:07 -09:00
dependabot[bot]
7a2a5eb055 chore: bump eslint from 9.32.0 to 9.36.0 (#7513) 2025-10-28 16:13:34 -08:00
dependabot[bot]
af397f71e2 chore: bump globals from 16.1.0 to 16.4.0 (#7511) 2025-10-28 16:13:15 -08:00
dependabot[bot]
9d89b17fd7 chore: bump express and @types/express (#7510) 2025-10-28 16:12:45 -08:00
dependabot[bot]
b27d982c67 chore: bump prettier from 3.4.2 to 3.6.2 (#7407) 2025-08-04 12:46:32 -08:00
Asher
e54467fb85 Run npm audit fix 2025-08-04 12:26:46 -08:00
Asher
5c0ff5013f Remove direct safe-buffer dependency 
We do not use it directly.
 2025-08-04 12:26:46 -08:00
dependabot[bot]
8a378df6e5 chore: bump eslint-import-resolver-typescript from 3.8.3 to 4.4.4 (#7404) 2025-08-04 11:37:04 -08:00
dependabot[bot]
794def9a77 chore: bump on-headers and compression (#7427) 
Bumps [on-headers](https://github.com/jshttp/on-headers) to 1.1.0 and updates ancestor dependency [compression](https://github.com/expressjs/compression). These dependencies need to be updated together.


Updates `on-headers` from 1.0.2 to 1.1.0
- [Release notes](https://github.com/jshttp/on-headers/releases)
- [Changelog](https://github.com/jshttp/on-headers/blob/master/HISTORY.md)
- [Commits](https://github.com/jshttp/on-headers/compare/v1.0.2...v1.1.0)

Updates `compression` from 1.8.0 to 1.8.1
- [Release notes](https://github.com/expressjs/compression/releases)
- [Changelog](https://github.com/expressjs/compression/blob/master/HISTORY.md)
- [Commits](https://github.com/expressjs/compression/compare/1.8.0...v1.8.1)

---
updated-dependencies:
- dependency-name: on-headers
  dependency-version: 1.1.0
  dependency-type: indirect
- dependency-name: compression
  dependency-version: 1.8.1
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-04 11:33:51 -08:00
dependabot[bot]
bbe1b7fecb chore: bump i18next from 23.16.4 to 25.3.0 (#7406) 
Bumps [i18next](https://github.com/i18next/i18next) from 23.16.4 to 25.3.0.
- [Release notes](https://github.com/i18next/i18next/releases)
- [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md)
- [Commits](https://github.com/i18next/i18next/compare/v23.16.4...v25.3.0)

---
updated-dependencies:
- dependency-name: i18next
  dependency-version: 25.3.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-15 12:40:04 -08:00
Asher
27a112c3a7 Upgrade brace-expansion sub-dependency 
Courtesy of `npm audit fix`.
 2025-06-16 17:00:51 -08:00
dependabot[bot]
74cc50d5e6 chore: bump qs from 6.13.0 to 6.14.0 (#7363) 
Bumps [qs](https://github.com/ljharb/qs) from 6.13.0 to 6.14.0.
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
- [Commits](https://github.com/ljharb/qs/compare/v6.13.0...v6.14.0)

---
updated-dependencies:
- dependency-name: qs
  dependency-version: 6.14.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-16 15:32:23 -08:00
dependabot[bot]
85ee441006 chore: bump typescript from 5.6.2 to 5.8.3 (#7335) 
* chore: bump typescript from 5.6.2 to 5.8.3

Bumps [typescript](https://github.com/microsoft/TypeScript) from 5.6.2 to 5.8.3.
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release-publish.yml)
- [Commits](https://github.com/microsoft/TypeScript/compare/v5.6.2...v5.8.3)

---
updated-dependencies:
- dependency-name: typescript
  dependency-version: 5.8.3
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* as T

* Update JSON error

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Asher <ash@coder.com>
 2025-06-16 15:32:00 -08:00
dependabot[bot]
3669c96c9c chore: bump @types/compression from 1.7.5 to 1.8.0 (#7364) 
Bumps [@types/compression](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/compression) from 1.7.5 to 1.8.0.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/compression)

---
updated-dependencies:
- dependency-name: "@types/compression"
  dependency-version: 1.8.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-16 13:05:03 -08:00
dependabot[bot]
37357b0142 chore: bump typescript-eslint from 8.29.0 to 8.33.0 (#7365) 
Bumps [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) from 8.29.0 to 8.33.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.33.0/packages/typescript-eslint)

---
updated-dependencies:
- dependency-name: typescript-eslint
  dependency-version: 8.33.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-16 13:04:33 -08:00
Olivier Benz
405eb0f511 Update Code to 1.101.0 (#7376) 2025-06-16 13:03:47 -08:00
dependabot[bot]
35e78fe35b chore: bump globals from 15.14.0 to 16.0.0 (#7333) 
Bumps [globals](https://github.com/sindresorhus/globals) from 15.14.0 to 16.0.0.
- [Release notes](https://github.com/sindresorhus/globals/releases)
- [Commits](https://github.com/sindresorhus/globals/compare/v15.14.0...v16.0.0)

---
updated-dependencies:
- dependency-name: globals
  dependency-version: 16.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-19 12:09:04 -08:00
dependabot[bot]
8b55b5003d chore: bump eslint from 9.23.0 to 9.25.1 (#7332) 
Bumps [eslint](https://github.com/eslint/eslint) from 9.23.0 to 9.25.1.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v9.23.0...v9.25.1)

---
updated-dependencies:
- dependency-name: eslint
  dependency-version: 9.25.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-06 11:34:30 -08:00
dependabot[bot]
e5b8d447e5 chore: bump @types/semver from 7.5.8 to 7.7.0 2025-05-06 11:34:09 -08:00
dependabot[bot]
3b7634c578 chore: bump @babel/runtime from 7.25.7 to 7.27.0 (#7312) 
Bumps [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) from 7.25.7 to 7.27.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.27.0/packages/babel-runtime)

---
updated-dependencies:
- dependency-name: "@babel/runtime"
  dependency-version: 7.27.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-14 12:03:25 -08:00
dependabot[bot]
cb29e65982 chore: bump proxy-agent from 6.4.0 to 6.5.0 (#7294) 
Bumps [proxy-agent](https://github.com/TooTallNate/proxy-agents/tree/HEAD/packages/proxy-agent) from 6.4.0 to 6.5.0.
- [Release notes](https://github.com/TooTallNate/proxy-agents/releases)
- [Changelog](https://github.com/TooTallNate/proxy-agents/blob/main/packages/proxy-agent/CHANGELOG.md)
- [Commits](https://github.com/TooTallNate/proxy-agents/commits/proxy-agent@6.5.0/packages/proxy-agent)

---
updated-dependencies:
- dependency-name: proxy-agent
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-14 11:00:47 -08:00
dependabot[bot]
cd4d1b614d chore: bump eslint from 9.13.0 to 9.23.0 (#7291) 
Bumps [eslint](https://github.com/eslint/eslint) from 9.13.0 to 9.23.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v9.13.0...v9.23.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-14 10:58:42 -08:00
dependabot[bot]
5051c0f9e4 chore: bump typescript-eslint from 8.12.2 to 8.29.0 (#7290) 
Bumps [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) from 8.12.2 to 8.29.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.29.0/packages/typescript-eslint)

---
updated-dependencies:
- dependency-name: typescript-eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-14 10:58:33 -08:00
dependabot[bot]
949aed1cef Update to Express 5 2025-03-06 15:28:07 -09:00