Enforce Node binary permissions

In some cases it may have extra write permissions.

CHANGELOG.md

@@ -22,7 +22,21 @@ Code v99.99.999
 
 ## Unreleased
 
-Code v1.78.2
+Code v1.79.2
+
+## [4.14.0](https://github.com/coder/code-server/releases/tag/v4.14.0) - 2023-06-16
+
+Code v1.79.2
+
+### Added
+
+- `--domain-proxy` now supports `{{port}}` and `{{host}}` template variables.
+
+### Changed
+
+- Updated to Code 1.79.2
+- Files opened from an external terminal will now open in the most closely
+  related window rather than in the last opened window.
 
 ## [4.13.0](https://github.com/coder/code-server/releases/tag/v4.13.0) - 2023-05-19
 

ci/build/build-standalone-release.sh

@@ -24,6 +24,8 @@ main() {
   rsync ./ci/build/code-server.sh "$RELEASE_PATH/bin/code-server"
   rsync "$node_path" "$RELEASE_PATH/lib/node"
 
+  chmod 755 "$RELEASE_PATH/lib/node"
+
   pushd "$RELEASE_PATH"
   npm install --unsafe-perm --omit=dev
   popd

ci/helm-chart/Chart.yaml

@@ -15,9 +15,9 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 3.9.0
+version: 3.10.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
-appVersion: 4.13.0
+appVersion: 4.14.0

ci/helm-chart/values.yaml

@@ -6,7 +6,7 @@ replicaCount: 1
 
 image:
   repository: codercom/code-server
-  tag: '4.13.0'
+  tag: '4.14.0'
   pullPolicy: Always
 
 # Specifies one or more secrets to be used when pulling images from a

src/node/main.ts

@@ -121,13 +121,10 @@ export const runCodeServer = async (
   const app = await createApp(args)
   const protocol = args.cert ? "https" : "http"
   const serverAddress = ensureAddress(app.server, protocol)
-  const sessionServerAddress = app.editorSessionManagerServer.address()
   const disposeRoutes = await register(app, args)
 
   logger.info(`Using config file ${humanPath(os.homedir(), args.config)}`)
   logger.info(`${protocol.toUpperCase()} server listening on ${serverAddress.toString()}`)
-  logger.info(`Session server listening on ${sessionServerAddress?.toString()}`)
-
   if (args.auth === AuthType.Password) {
     logger.info("  - Authentication is enabled")
     if (args.usingEnvPassword) {
@@ -155,6 +152,11 @@ export const runCodeServer = async (
     logger.info(`Using proxy URI in PORTS tab: ${process.env.VSCODE_PROXY_URI}`)
   }
 
+  const sessionServerAddress = app.editorSessionManagerServer.address()
+  if (sessionServerAddress) {
+    logger.info(`Session server listening on ${sessionServerAddress.toString()}`)
+  }
+
   if (args.enable && args.enable.length > 0) {
     logger.info("Enabling the following experimental features:")
     args.enable.forEach((feature) => {

src/node/vscodeSocket.ts

@@ -1,14 +1,13 @@
 import { logger } from "@coder/logger"
 import express from "express"
 import * as http from "http"
-import * as os from "os"
 import * as path from "path"
 import { HttpCode } from "../common/http"
 import { listen } from "./app"
-import { canConnect } from "./util"
+import { canConnect, paths } from "./util"
 
 // Socket path of the daemonized code-server instance.
-export const DEFAULT_SOCKET_PATH = path.join(os.tmpdir(), "code-server-ipc.sock")
+export const DEFAULT_SOCKET_PATH = path.join(paths.data, `code-server-ipc.sock`)
 
 export interface EditorSessionEntry {
   workspace: {
@@ -78,7 +77,11 @@ export async function makeEditorSessionManagerServer(
   })
 
   const server = http.createServer(router)
-  await listen(server, { socket: codeServerSocketPath })
+  try {
+    await listen(server, { socket: codeServerSocketPath })
+  } catch (e) {
+    logger.warn(`Could not create socket at ${codeServerSocketPath}`)
+  }
   return server
 }
 

test/unit/node/vscodeSocket.test.ts

@@ -1,5 +1,50 @@
-import { EditorSessionManager } from "../../../src/node/vscodeSocket"
-import { clean, tmpdir, listenOn } from "../../utils/helpers"
+import { logger } from "@coder/logger"
+import * as app from "../../../src/node/app"
+import { paths } from "../../../src/node/util"
+import {
+  DEFAULT_SOCKET_PATH,
+  EditorSessionManager,
+  makeEditorSessionManagerServer,
+} from "../../../src/node/vscodeSocket"
+import { clean, tmpdir, listenOn, mockLogger } from "../../utils/helpers"
+
+describe("DEFAULT_SOCKET_PATH", () => {
+  it("should be a unique path per user", () => {
+    expect(DEFAULT_SOCKET_PATH.startsWith(paths.data)).toBe(true)
+  })
+})
+
+describe("makeEditorSessionManagerServer", () => {
+  let tmpDirPath: string
+
+  const testName = "mesms"
+
+  beforeAll(async () => {
+    jest.clearAllMocks()
+    mockLogger()
+    await clean(testName)
+  })
+
+  afterAll(() => {
+    jest.resetModules()
+  })
+
+  beforeEach(async () => {
+    tmpDirPath = await tmpdir(testName)
+  })
+
+  it("warns if socket cannot be created", async () => {
+    jest.spyOn(app, "listen").mockImplementation(() => {
+      throw new Error()
+    })
+    const server = await makeEditorSessionManagerServer(
+      `${tmpDirPath}/code-server-ipc.sock`,
+      new EditorSessionManager(),
+    )
+    expect(logger.warn).toHaveBeenCalledWith(`Could not create socket at ${tmpDirPath}/code-server-ipc.sock`)
+    server.close()
+  })
+})
 
 describe("EditorSessionManager", () => {
   let tmpDirPath: string