chore: bump basic-ftp from 5.2.0 to 5.2.1 (#7749)

This is mostly just because if the opts are empty, it seems to error in
macOS for some reason...(rsync_opts[@]: unbound variable).

.github/workflows/build.yaml

@@ -90,7 +90,7 @@ jobs:
     if: needs.changes.outputs.helm == 'true'
     steps:
       - uses: actions/checkout@v6
-      - uses: azure/setup-helm@1a275c3b69536ee54be43f2070a358922e12c8d4 # v4
+      - uses: azure/setup-helm@dda3372f752e03dde6b3237bc9431cdc2f7a02a2 # v5.0.0
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
       - run: helm plugin install https://github.com/instrumenta/helm-kubeval
@@ -143,7 +143,7 @@ jobs:
             test/package-lock.json
       - run: SKIP_SUBMODULE_DEPS=1 npm ci
       - run: npm run test:unit
-      - uses: codecov/codecov-action@1af58845a975a7985b0beb0cbe6fbbb71a41dbad # v5
+      - uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v5
         if: success()
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
@@ -162,7 +162,7 @@ jobs:
 
     steps:
       - run: sudo apt update && sudo apt install -y libkrb5-dev
-      - uses: awalsh128/cache-apt-pkgs-action@2c09a5e66da6c8016428a2172bd76e5e4f14bb17 # latest
+      - uses: awalsh128/cache-apt-pkgs-action@acb598e5ddbc6f68a970c5da0688d2f3a9f04d05 # latest
         with:
           packages: quilt
           version: 1.0

.github/workflows/publish.yaml

@@ -108,8 +108,8 @@ jobs:
           echo "VERSION=${TAG#v}" >> $GITHUB_ENV
 
       - uses: actions/checkout@v6
-      - uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3
-      - uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3
+      - uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4.0.0
+      - uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
 
       - uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3
         with:

.github/workflows/release.yaml

@@ -45,12 +45,16 @@ jobs:
       # Cross-compile target.
       VSCODE_ARCH: ${{ matrix.vscode_arch }}
       npm_config_arch: ${{ matrix.npm_arch }}
+      # Ensure native modules are built from source to avoid prebuilds and use
+      # the correct version of glibc.
+      npm_config_build_from_source: true
       # Gulp target name.
+      # TODO: Pull from VSCODE_ARCH instead.
       VSCODE_TARGET: ${{ format('linux-{0}', matrix.vscode_arch) }}
 
     steps:
       - run: sudo apt update && sudo apt install -y libkrb5-dev
-      - uses: awalsh128/cache-apt-pkgs-action@2c09a5e66da6c8016428a2172bd76e5e4f14bb17 # latest
+      - uses: awalsh128/cache-apt-pkgs-action@acb598e5ddbc6f68a970c5da0688d2f3a9f04d05 # latest
         with:
           packages: quilt
           version: 1.0
@@ -125,6 +129,8 @@ jobs:
       VSCODE_TARGET: ${{ matrix.vscode_target }}
       GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
       TAG: ${{ inputs.version || github.ref_name }}
+      # Ensure native modules are built from source to avoid prebuilds.
+      npm_config_build_from_source: true
 
     steps:
       # The version of node-gyp we use depends on distutils but it was removed

CHANGELOG.md

@@ -22,6 +22,39 @@ Code v99.99.999
 
 ## Unreleased
 
+## [4.114.1](https://github.com/coder/code-server/releases/tag/v4.114.1) - 2026-04-06
+
+Code v1.114.0
+
+### Changed
+
+- Ensure native modules are built from source so they use the correct version of
+  glibc. This should bring down the requirement from 2.34 back down to 2.28.
+
+## [4.114.0](https://github.com/coder/code-server/releases/tag/v4.114.0) - 2026-04-04
+
+Code v1.114.0
+
+### Changed
+
+- Update to Code 1.114.0.
+
+## [4.113.1](https://github.com/coder/code-server/releases/tag/v4.113.1) - 2026-04-03
+
+Code v1.113.0
+
+This is a re-release of v4.113.0 but with the correct Node binaries for arm64
+and armv7l. Previously they were packaging the amd64 Node binary due to a
+mistake while refactoring CI to use more of the upstream build scripts.
+
+## [4.113.0](https://github.com/coder/code-server/releases/tag/v4.113.0) - 2026-04-02
+
+Code v1.113.0
+
+### Changed
+
+- Update to Code 1.113.0
+
 ## [4.112.0](https://github.com/coder/code-server/releases/tag/v4.112.0) - 2026-03-19
 
 Code v1.112.0

ci/build/build-release.sh

@@ -79,7 +79,15 @@ EOF
   mv npm-shrinkwrap.json "$RELEASE_PATH"
 
   if [ "$KEEP_MODULES" = 1 ]; then
-    rsync node_modules/ "$RELEASE_PATH/node_modules"
+    local rsync_opts=(-a)
+    if [[ ${DEBUG-} = 1 ]]; then
+      rsync_opts+=(-vh)
+    fi
+    # If we build from source, exclude the prebuilds.
+    if [[ ${npm_config_build_from_source-} = true ]]; then
+      rsync_opts+=(--exclude /argon2/prebuilds)
+    fi
+    rsync "${rsync_opts[@]}" node_modules/ "$RELEASE_PATH/node_modules"
     # Remove dev dependencies.
     pushd "$RELEASE_PATH"
     npm prune --production
@@ -92,7 +100,7 @@ EOF
 bundle_vscode() {
   mkdir -p "$VSCODE_OUT_PATH"
 
-  local rsync_opts=()
+  local rsync_opts=(-a)
   if [[ ${DEBUG-} = 1 ]]; then
     rsync_opts+=(-vh)
   fi

ci/helm-chart/Chart.yaml

@@ -15,9 +15,9 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 3.33.0
+version: 3.34.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
-appVersion: 4.109.5
+appVersion: 4.114.1

ci/helm-chart/values.yaml

@@ -6,7 +6,7 @@ replicaCount: 1
 
 image:
   repository: codercom/code-server
-  tag: '4.109.5'
+  tag: '4.114.1'
   pullPolicy: Always
 
 # Specifies one or more secrets to be used when pulling images from a

package-lock.json

@@ -1639,9 +1639,9 @@
       "license": "MIT"
     },
     "node_modules/basic-ftp": {
-      "version": "5.2.0",
-      "resolved": "https://registry.npmjs.org/basic-ftp/-/basic-ftp-5.2.0.tgz",
-      "integrity": "sha512-VoMINM2rqJwJgfdHq6RiUudKt2BV+FY5ZFezP/ypmwayk68+NzzAQy4XXLlqsGD4MCzq3DrmNFD/uUmBJuGoXw==",
+      "version": "5.2.1",
+      "resolved": "https://registry.npmjs.org/basic-ftp/-/basic-ftp-5.2.1.tgz",
+      "integrity": "sha512-0yaL8JdxTknKDILitVpfYfV2Ob6yb3udX/hK97M7I3jOeznBNxQPtVvTUtnhUkyHlxFWyr5Lvknmgzoc7jf+1Q==",
       "license": "MIT",
       "engines": {
         "node": ">=10.0.0"
@@ -5042,9 +5042,9 @@
       "license": "MIT"
     },
     "node_modules/path-to-regexp": {
-      "version": "8.3.0",
-      "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-8.3.0.tgz",
-      "integrity": "sha512-7jdwVIRtsP8MYpdXSwOS0YdD0Du+qOoF/AEPIt88PcCFrZCzx41oxku1jD88hZBwbNUIEfpqvuhjFaMAqMTWnA==",
+      "version": "8.4.2",
+      "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-8.4.2.tgz",
+      "integrity": "sha512-qRcuIdP69NPm4qbACK+aDogI5CBDMi1jKe0ry5rSQJz8JVLsC7jV8XpiJjGRLLol3N+R5ihGYcrPLTno6pAdBA==",
       "license": "MIT",
       "funding": {
         "type": "opencollective",
@@ -5067,9 +5067,9 @@
       }
     },
     "node_modules/picomatch": {
-      "version": "4.0.3",
-      "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.3.tgz",
-      "integrity": "sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==",
+      "version": "4.0.4",
+      "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.4.tgz",
+      "integrity": "sha512-QP88BAKvMam/3NxH6vj2o21R6MjxZUAd6nlwAS/pnGvN9IVLocLHxGYIzFhg6fUQ+5th6P4dv4eW9jX3DSIj7A==",
       "dev": true,
       "license": "MIT",
       "engines": {

patches/update-check.diff

@@ -101,7 +101,7 @@ Index: code-server/lib/vscode/src/vs/base/common/product.ts
  
  	readonly version: string;
  	readonly date?: string;
-@@ -115,6 +116,7 @@ export interface IProductConfiguration {
+@@ -117,6 +118,7 @@ export interface IProductConfiguration {
  		readonly resourceUrlTemplate: string;
  		readonly nlsBaseUrl: string;
  		readonly accessSKUs?: string[];

test/package-lock.json

@@ -4031,9 +4031,9 @@
       "license": "ISC"
     },
     "node_modules/picomatch": {
-      "version": "2.3.1",
-      "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz",
-      "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==",
+      "version": "2.3.2",
+      "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.2.tgz",
+      "integrity": "sha512-V7+vQEJ06Z+c5tSye8S+nHUfI51xoXIXjHQ99cQtKUkQqqO1kO/KCJUfZXuB47h/YBlDhah2H3hdUGXn8ie0oA==",
       "dev": true,
       "license": "MIT",
       "engines": {