Fix changelog typo

`proxy` should `await` for result of `authenticated` call otherwise since otherwise it will always appear to be authenticated as the promise is truthy.

Co-authored-by: Asher <ash@coder.com>

.github/CODEOWNERS

@@ -1,3 +1,5 @@
 * @coder/code-server-reviewers
 
 ci/helm-chart/ @Matthew-Beckett @alexgorbatchev
+
+docs/install.md @GNUxeava

.github/workflows/ci.yaml

@@ -39,7 +39,7 @@ jobs:
           node-version: "16"
 
       - name: Install helm
-        uses: azure/setup-helm@v3.0
+        uses: azure/setup-helm@v3.3
 
       - name: Fetch dependencies from cache
         id: cache-yarn
@@ -143,14 +143,20 @@ jobs:
         id: vscode-rev
         run: echo "::set-output name=rev::$(git rev-parse HEAD:./lib/vscode)"
 
-        # We need to rebuild when we have a new version of Code or when any of
-        # the patches changed.  Use VSCODE_CACHE_VERSION to force a rebuild.
+      - name: Get version
+        id: version
+        run: echo "::set-output name=version::$(jq -r .version package.json)"
+
+      # We need to rebuild when we have a new version of Code, when any of
+      # the patches changed, or when the code-server version changes (since
+      # it gets embedded into the code).  Use VSCODE_CACHE_VERSION to
+      # force a rebuild.
       - name: Fetch prebuilt Code package from cache
         id: cache-vscode
         uses: actions/cache@v3
         with:
           path: lib/vscode-reh-web-*
-          key: vscode-reh-package-${{ secrets.VSCODE_CACHE_VERSION }}-${{ steps.vscode-rev.outputs.rev }}-${{ hashFiles('patches/*.diff') }}
+          key: vscode-reh-package-${{ secrets.VSCODE_CACHE_VERSION }}-${{ steps.vscode-rev.outputs.rev }}-${{ steps.version.outputs.version }}-${{ hashFiles('patches/*.diff', 'ci/build/build-vscode.sh') }}
 
       - name: Build vscode
         if: steps.cache-vscode.outputs.cache-hit != 'true'
@@ -192,9 +198,9 @@ jobs:
     # This environment "npm" requires someone from
     # coder/code-server-reviewers to approve the PR before this job runs.
     environment: npm
-    # Only run if PR comes from base repo
+    # Only run if PR comes from base repo or event is not a PR
     # Reason: forks cannot access secrets and this will always fail
-    if: github.event.pull_request.head.repo.full_name == github.repository
+    if: github.event.pull_request.head.repo.full_name == github.repository || github.event_name != 'pull_request'
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repo
@@ -455,7 +461,6 @@ jobs:
         uses: actions/checkout@v3
         with:
           fetch-depth: 0
-          submodules: true
 
       - name: Install Node.js v16
         uses: actions/setup-node@v3
@@ -485,7 +490,7 @@ jobs:
 
       - name: Install dependencies
         if: steps.cache-yarn.outputs.cache-hit != 'true'
-        run: yarn --frozen-lockfile
+        run: SKIP_SUBMODULE_DEPS=1 yarn --frozen-lockfile
 
       - name: Install Playwright OS dependencies
         run: |
@@ -493,7 +498,7 @@ jobs:
           ./test/node_modules/.bin/playwright install
 
       - name: Run end-to-end tests
-        run: yarn test:e2e
+        run: yarn test:e2e --global-timeout 840000
 
       - name: Upload test artifacts
         if: always()
@@ -505,6 +510,93 @@ jobs:
       - name: Remove release packages and test artifacts
         run: rm -rf ./release-packages ./test/test-results
 
+  test-e2e-proxy:
+    name: End-to-end tests behind proxy
+    needs: package-linux-amd64
+    runs-on: ubuntu-latest
+    timeout-minutes: 25
+    env:
+      # Since we build code-server we might as well run tests from the release
+      # since VS Code will load faster due to the bundling.
+      CODE_SERVER_TEST_ENTRY: "./release-packages/code-server-linux-amd64"
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Install Node.js v16
+        uses: actions/setup-node@v3
+        with:
+          node-version: "16"
+
+      - name: Fetch dependencies from cache
+        id: cache-yarn
+        uses: actions/cache@v3
+        with:
+          path: "**/node_modules"
+          key: yarn-build-${{ hashFiles('**/yarn.lock') }}
+          restore-keys: |
+            yarn-build-
+
+      - name: Download release packages
+        uses: actions/download-artifact@v3
+        with:
+          name: release-packages
+          path: ./release-packages
+
+      - name: Untar code-server release
+        run: |
+          cd release-packages
+          tar -xzf code-server*-linux-amd64.tar.gz
+          mv code-server*-linux-amd64 code-server-linux-amd64
+
+      - name: Install dependencies
+        if: steps.cache-yarn.outputs.cache-hit != 'true'
+        run: SKIP_SUBMODULE_DEPS=1 yarn --frozen-lockfile
+
+      - name: Install Playwright OS dependencies
+        run: |
+          ./test/node_modules/.bin/playwright install-deps
+          ./test/node_modules/.bin/playwright install
+
+      - name: Cache Caddy
+        uses: actions/cache@v2
+        id: caddy-cache
+        with:
+          path: |
+            ~/.cache/caddy
+          key: cache-caddy-2.5.2
+
+      - name: Install Caddy
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        if: steps.caddy-cache.outputs.cache-hit != 'true'
+        run: |
+          gh release download v2.5.2 --repo caddyserver/caddy --pattern "caddy_2.5.2_linux_amd64.tar.gz"
+          mkdir -p ~/.cache/caddy 
+          tar -xzf caddy_2.5.2_linux_amd64.tar.gz --directory ~/.cache/caddy
+
+      - name: Start Caddy
+        run: sudo ~/.cache/caddy/caddy start --config ./ci/Caddyfile
+
+      - name: Run end-to-end tests
+        run: yarn test:e2e:proxy
+
+      - name: Stop Caddy
+        if: always()
+        run: sudo ~/.cache/caddy/caddy stop --config ./ci/Caddyfile
+
+      - name: Upload test artifacts
+        if: always()
+        uses: actions/upload-artifact@v3
+        with:
+          name: failed-test-videos-proxy
+          path: ./test/test-results
+
+      - name: Remove release packages and test artifacts
+        run: rm -rf ./release-packages ./test/test-results
+
   trivy-scan-repo:
     permissions:
       contents: read # for actions/checkout to fetch code
@@ -517,7 +609,7 @@ jobs:
           fetch-depth: 0
 
       - name: Run Trivy vulnerability scanner in repo mode
-        uses: aquasecurity/trivy-action@0105373003c89c494a3f436bd5efc57f3ac1ca20
+        uses: aquasecurity/trivy-action@cb606dfdb0d2b3698ace62192088ef4f5360b24f
         with:
           scan-type: "fs"
           scan-ref: "."

.github/workflows/docs-preview.yaml

@@ -4,6 +4,8 @@ on:
   pull_request:
     branches:
       - main
+    paths:
+      - "docs/**"
 
 permissions:
   actions: none

.github/workflows/installer.yml

@@ -39,7 +39,7 @@ jobs:
   alpine:
     name: Test installer on Alpine
     runs-on: ubuntu-latest
-    container: "alpine:3.14"
+    container: "alpine:3.16"
     steps:
       - name: Checkout repo
         uses: actions/checkout@v3

.github/workflows/npm-brew.yaml

@@ -31,7 +31,7 @@ jobs:
         uses: dawidd6/action-download-artifact@v2
         id: download
         with:
-          branch: v${{ steps.version.outputs.version }}
+          branch: release/v${{ steps.version.outputs.version }}
           workflow: ci.yaml
           workflow_conclusion: completed
           name: "npm-package"

.github/workflows/scripts.yml

@@ -38,7 +38,7 @@ jobs:
     name: Run script unit tests
     runs-on: ubuntu-latest
     # This runs on Alpine to make sure we're testing with actual sh.
-    container: "alpine:3.14"
+    container: "alpine:3.16"
     steps:
       - name: Checkout repo
         uses: actions/checkout@v3

.github/workflows/trivy-docker.yaml

@@ -51,7 +51,7 @@ jobs:
         uses: actions/checkout@v3
 
       - name: Run Trivy vulnerability scanner in image mode
-        uses: aquasecurity/trivy-action@0105373003c89c494a3f436bd5efc57f3ac1ca20
+        uses: aquasecurity/trivy-action@cb606dfdb0d2b3698ace62192088ef4f5360b24f
         with:
           image-ref: "docker.io/codercom/code-server:latest"
           ignore-unfixed: true

.prettierignore

@@ -0,0 +1 @@
+lib/vscode

.prettierrc.yaml

@@ -4,14 +4,3 @@ trailingComma: all
 arrowParens: always
 singleQuote: false
 useTabs: false
-
-overrides:
-  # Attempt to keep VScode's existing code style intact.
-  - files: "lib/vscode/**/*.ts"
-    options:
-      # No limit defined upstream.
-      printWidth: 10000
-      semi: true
-      singleQuote: true
-      useTabs: true
-      arrowParens: avoid

CHANGELOG.md

@@ -20,6 +20,68 @@ Code v99.99.999
 
 -->
 
+## [4.5.2](https://github.com/coder/code-server/releases/tag/v4.5.2) - 2022-08-15
+
+Code v1.68.1
+
+### Security
+
+- Fixed the proxy route not performing authentication. For example if you were
+  to run a development HTTP server using `python -m http.server 8000` then it
+  would be accessible at `my.domain/proxy/8000/` without any authentication.
+
+  If all of the following apply to you please update as soon as possible:
+
+  - You run code-server with the built-in password authentication.
+  - You run unprotected HTTP services on ports accessible by code-server.
+
+### Changed
+
+- Invoking `code-server` in the integrated terminal will now use the script that
+  comes with upstream Code. This means flags like `--wait` will be
+  automatically supported now. However the upstream script only has the ability
+  to interact with the running code-server and cannot spawn new instances. If
+  you need to spawn a new code-server from the integrated terminal please
+  specify the full path to code-server's usual script (for example
+  `/usr/bin/code-server`).
+
+### Fixed
+
+- Invoking `code-server` in the integrated terminal will now work instead of
+  erroring about not finding Node.
+
+## [4.5.1](https://github.com/coder/code-server/releases/tag/v4.5.1) - 2022-07-18
+
+Code v1.68.1
+
+### Changed
+
+- We now use `release/v<0.0.0>` for the release branch name so it doesn't
+  conflict with the tag name
+- Added `.prettierignore` to ignore formatting files in `lib/vscode`
+
+### Added
+
+- Allow more comprehensive affinity config in Helm chart
+- Added custom message in Homebrew PR to make sure code-server maintainers are
+  tagged
+- Allow setting `priorityClassName` via Helm chart
+- Added troubleshooting docs to `CONTRIBUTING.md`
+
+### Fixed
+
+- Removed default memory limit which was set via `NODE_OPTIONS`
+- Changed output in pipe to make it easier to debug code-server when doing live
+  edits
+- Fixed display-language patch to use correct path which broke in 4.5.0
+- Fixed multiple code-server windows opening when using the code-server CLI in
+  the Integrated Terminal
+- Fixed Integrated Terminal not working when web base was not the root path
+
+### Security
+
+- Updated `glob-parent` version in dependencies
+
 ## [4.5.0](https://github.com/coder/code-server/releases/tag/v4.5.0) - 2022-06-29
 
 Code v1.68.1

ci/Caddyfile

@@ -0,0 +1,15 @@
+{
+	admin    localhost:4444
+}
+:8000 {
+	@portLocalhost path_regexp port ^/([0-9]+)\/ide
+        handle @portLocalhost {
+		uri strip_prefix {re.port.1}/ide
+                reverse_proxy localhost:{re.port.1}
+        }
+
+	handle {
+                respond "Bad hostname" 400
+        }
+
+}

ci/build/build-release.sh

@@ -110,10 +110,6 @@ bundle_vscode() {
   rsync "$VSCODE_SRC_PATH/extensions/package.json" "$VSCODE_OUT_PATH/extensions/package.json"
   rsync "$VSCODE_SRC_PATH/extensions/yarn.lock" "$VSCODE_OUT_PATH/extensions/yarn.lock"
   rsync "$VSCODE_SRC_PATH/extensions/postinstall.mjs" "$VSCODE_OUT_PATH/extensions/postinstall.mjs"
-
-  pushd "$VSCODE_OUT_PATH"
-  symlink_asar
-  popd
 }
 
 main "$@"

ci/build/build-standalone-release.sh

@@ -27,8 +27,9 @@ main() {
   ln -s "./bin/code-server" "$RELEASE_PATH/code-server"
   ln -s "./lib/node" "$RELEASE_PATH/node"
 
-  cd "$RELEASE_PATH"
+  pushd "$RELEASE_PATH"
   yarn --production --frozen-lockfile
+  popd
 }
 
 main "$@"

ci/build/build-vscode.sh

@@ -6,12 +6,38 @@ set -euo pipefail
 # MINIFY controls whether a minified version of vscode is built.
 MINIFY=${MINIFY-true}
 
+delete-bin-script() {
+  rm -f "lib/vscode-reh-web-linux-x64/bin/$1"
+}
+
+copy-bin-script() {
+  local script="$1"
+  local dest="lib/vscode-reh-web-linux-x64/bin/$script"
+  cp "lib/vscode/resources/server/bin/$script" "$dest"
+  sed -i.bak "s/@@VERSION@@/$(vscode_version)/g" "$dest"
+  sed -i.bak "s/@@COMMIT@@/$VSCODE_DISTRO_COMMIT/g" "$dest"
+  sed -i.bak "s/@@APPNAME@@/code-server/g" "$dest"
+
+  # Fix Node path on Darwin and Linux.
+  # We do not want expansion here; this text should make it to the file as-is.
+  # shellcheck disable=SC2016
+  sed -i.bak 's/^ROOT=\(.*\)$/VSROOT=\1\nROOT="$(dirname "$(dirname "$VSROOT")")"/g' "$dest"
+  sed -i.bak 's/ROOT\/out/VSROOT\/out/g' "$dest"
+
+  # Fix Node path on Windows.
+  sed -i.bak 's/^set ROOT_DIR=\(.*\)$/set ROOT_DIR=%~dp0..\\..\\..\\..\r\nset VSROOT_DIR=\1/g' "$dest"
+  sed -i.bak 's/%ROOT_DIR%\\out/%VSROOT_DIR%\\out/g' "$dest"
+
+  chmod +x "$dest"
+  rm "$dest.bak"
+}
+
 main() {
   cd "$(dirname "${0}")/../.."
 
   source ./ci/lib.sh
 
-  cd lib/vscode
+  pushd lib/vscode
 
   # Set the commit Code will embed into the product.json.  We need to do this
   # since Code tries to get the commit from the `.git` directory which will fail
@@ -58,13 +84,31 @@ main() {
 EOF
   ) > product.json
 
-  # Any platform works since we have our own packaging step (for now).
+  # Any platform here works since we will do our own packaging.  We have to do
+  # this because we have an NPM package that could be installed on any platform.
+  # The correct platform dependencies and scripts will be installed as part of
+  # the post-install during `npm install` or when building a standalone release.
   yarn gulp "vscode-reh-web-linux-x64${MINIFY:+-min}"
 
   # Reset so if you develop after building you will not be stuck with the wrong
   # commit (the dev client will use `oss-dev` but the dev server will still use
   # product.json which will have `stable-$commit`).
   git checkout product.json
+
+  popd
+
+  # These provide a `code-server` command in the integrated terminal to open
+  # files in the current instance.
+  delete-bin-script remote-cli/code-server
+  copy-bin-script remote-cli/code-darwin.sh
+  copy-bin-script remote-cli/code-linux.sh
+  copy-bin-script remote-cli/code.cmd
+
+  # These provide a way for terminal applications to open browser windows.
+  delete-bin-script helpers/browser.sh
+  copy-bin-script helpers/browser-darwin.sh
+  copy-bin-script helpers/browser-linux.sh
+  copy-bin-script helpers/browser.cmd
 }
 
 main "$@"

ci/build/npm-postinstall.sh

@@ -1,23 +1,69 @@
 #!/usr/bin/env sh
 set -eu
 
-# Copied from arch() in ci/lib.sh.
-detect_arch() {
-  case "$(uname -m)" in
-    aarch64)
-      echo arm64
-      ;;
-    x86_64 | amd64)
-      echo amd64
-      ;;
-    *)
-      # This will cause the download to fail, but is intentional
-      uname -m
-      ;;
+# Copied from ../lib.sh.
+arch() {
+  cpu="$(uname -m)"
+  case "$cpu" in
+    aarch64) cpu=arm64 ;;
+    x86_64) cpu=amd64 ;;
+  esac
+  echo "$cpu"
+}
+
+# Copied from ../lib.sh except we do not rename Darwin since the cloud agent
+# uses "darwin" in the release names and we do not need to detect Alpine.
+os() {
+  osname=$(uname | tr '[:upper:]' '[:lower:]')
+  case $osname in
+    cygwin* | mingw*) osname="windows" ;;
+  esac
+  echo "$osname"
+}
+
+# Create a symlink at $2 pointing to $1 on any platform.  Anything that
+# currently exists at $2 will be deleted.
+symlink() {
+  source="$1"
+  dest="$2"
+  rm -rf "$dest"
+  case $OS in
+    windows) mklink /J "$dest" "$source" ;;
+    *) ln -s "$source" "$dest" ;;
   esac
 }
 
-ARCH="${NPM_CONFIG_ARCH:-$(detect_arch)}"
+# VS Code bundles some modules into an asar which is an archive format that
+# works like tar. It then seems to get unpacked into node_modules.asar.
+#
+# I don't know why they do this but all the dependencies they bundle already
+# exist in node_modules so just symlink it. We have to do this since not only
+# Code itself but also extensions will look specifically in this directory for
+# files (like the ripgrep binary or the oniguruma wasm).
+symlink_asar() {
+  symlink node_modules node_modules.asar
+}
+
+# Make a symlink at bin/$1/$3 pointing to the platform-specific version of the
+# script in $2.  The extension of the link will be .cmd for Windows otherwise it
+# will be whatever is in $4 (or no extension if $4 is not set).
+symlink_bin_script() {
+  oldpwd="$(pwd)"
+  cd "bin/$1"
+  source="$2"
+  dest="$3"
+  ext="${4-}"
+  case $OS in
+    windows) symlink "$source.cmd" "$dest.cmd" ;;
+    darwin | macos) symlink "$source-darwin.sh" "$dest$ext" ;;
+    *) symlink "$source-linux.sh" "$dest$ext" ;;
+  esac
+  cd "$oldpwd"
+}
+
+ARCH="${NPM_CONFIG_ARCH:-$(arch)}"
+OS="$(os)"
+
 # This is due to an upstream issue with RHEL7/CentOS 7 comptability with node-argon2
 # See: https://github.com/cdr/code-server/pull/3422#pullrequestreview-677765057
 export npm_config_build_from_source=true
@@ -56,8 +102,6 @@ main() {
     ;;
   esac
 
-  OS="$(uname | tr '[:upper:]' '[:lower:]')"
-
   mkdir -p ./lib
 
   if curl -fsSL "https://github.com/coder/cloud-agent/releases/latest/download/cloud-agent-$OS-$ARCH" -o ./lib/coder-cloud-agent; then
@@ -79,22 +123,14 @@ main() {
   fi
 }
 
-# This is a copy of symlink_asar in ../lib.sh. Look there for details.
-symlink_asar() {
-  rm -rf node_modules.asar
-  if [ "${WINDIR-}" ]; then
-    mklink /J node_modules.asar node_modules
-  else
-    ln -s node_modules node_modules.asar
-  fi
-}
-
 vscode_yarn() {
   echo 'Installing Code dependencies...'
   cd lib/vscode
   yarn --production --frozen-lockfile --no-default-rc
 
   symlink_asar
+  symlink_bin_script remote-cli code code-server
+  symlink_bin_script helpers browser browser .sh
 
   cd extensions
   yarn --production --frozen-lockfile

ci/helm-chart/Chart.yaml

@@ -15,9 +15,9 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 2.6.0
+version: 3.1.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
-appVersion: 4.5.0
+appVersion: 4.5.2

ci/helm-chart/templates/deployment.yaml

@@ -25,6 +25,9 @@ spec:
       {{- if .Values.hostnameOverride }}
       hostname: {{ .Values.hostnameOverride }}
       {{- end }}
+      {{- if .Values.priorityClassName }}
+      priorityClassName: {{ .Values.priorityClassName }}
+      {{- end }}
       {{- if .Values.securityContext.enabled }}
       securityContext:
         fsGroup: {{ .Values.securityContext.fsGroup }}
@@ -59,6 +62,17 @@ spec:
           securityContext:
             runAsUser: {{ .Values.securityContext.runAsUser }}
           {{- end }}
+          {{- if .Values.lifecycle.enabled }}
+          lifecycle:
+            {{- if .Values.lifecycle.postStart }}
+            postStart:
+              {{ toYaml .Values.lifecycle.postStart | nindent 14 }}
+            {{- end }}
+            {{- if .Values.lifecycle.preStop }}
+            preStop:
+              {{ toYaml .Values.lifecycle.preStop | nindent 14 }}
+            {{- end }}
+          {{- end }}
           env:
         {{- if .Values.extraVars }}
 {{ toYaml .Values.extraVars | indent 10 }}
@@ -116,7 +130,7 @@ spec:
       {{- end }}
     {{- with .Values.affinity }}
       affinity:
-        {{- toYaml . | nindent 8 }}
+        {{- tpl . $ | nindent 8 }}
     {{- end }}
     {{- with .Values.tolerations }}
       tolerations:

ci/helm-chart/values.yaml

@@ -6,7 +6,7 @@ replicaCount: 1
 
 image:
   repository: codercom/code-server
-  tag: '4.5.0'
+  tag: '4.5.2'
   pullPolicy: Always
 
 # Specifies one or more secrets to be used when pulling images from a
@@ -33,6 +33,8 @@ podAnnotations: {}
 podSecurityContext: {}
   # fsGroup: 2000
 
+priorityClassName: ""
+
 service:
   type: ClusterIP
   port: 8080
@@ -125,6 +127,15 @@ persistence:
   # existingClaim: ""
   # hostPath: /data
 
+lifecycle:
+  enabled: false
+  # postStart:
+  #  exec:
+  #    command:
+  #      - /bin/bash
+  #      - -c
+  #      - curl -s -L SOME_SCRIPT | bash
+
 ## Enable an Specify container in extraContainers.
 ## This is meant to allow adding code-server dependencies, like docker-dind.
 extraContainers: |
@@ -145,6 +156,25 @@ extraContainers: |
 #  - name: DOCKER_DRIVER
 #    value: "overlay2"
 
+extraInitContainers: |
+# - name: customization
+#   image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
+#   imagePullPolicy: IfNotPresent
+#   env:
+#     - name: SERVICE_URL
+#       value: https://open-vsx.org/vscode/gallery
+#     - name: ITEM_URL
+#       value: https://open-vsx.org/vscode/item
+#   command:
+#     - sh
+#     - -c
+#     - |
+#       code-server --install-extension ms-python.python
+#       code-server --install-extension golang.Go
+#   volumeMounts:
+#     - name: data
+#       mountPath: /home/coder
+
 ## Additional code-server secret mounts
 extraSecretMounts: []
   # - name: secret-files

ci/lib.sh

@@ -18,35 +18,30 @@ vscode_version() {
 }
 
 os() {
-  local os
-  os=$(uname | tr '[:upper:]' '[:lower:]')
-  if [[ $os == "linux" ]]; then
-    # Alpine's ldd doesn't have a version flag but if you use an invalid flag
-    # (like --version) it outputs the version to stderr and exits with 1.
-    local ldd_output
-    ldd_output=$(ldd --version 2>&1 || true)
-    if echo "$ldd_output" | grep -iq musl; then
-      os="alpine"
-    fi
-  elif [[ $os == "darwin" ]]; then
-    os="macos"
-  fi
-  echo "$os"
+  osname=$(uname | tr '[:upper:]' '[:lower:]')
+  case $osname in
+    linux)
+      # Alpine's ldd doesn't have a version flag but if you use an invalid flag
+      # (like --version) it outputs the version to stderr and exits with 1.
+      # TODO: Better to check /etc/os-release; see ../install.sh.
+      ldd_output=$(ldd --version 2>&1 || true)
+      if echo "$ldd_output" | grep -iq musl; then
+        osname="alpine"
+      fi
+      ;;
+    darwin) osname="macos" ;;
+    cygwin* | mingw*) osname="windows" ;;
+  esac
+  echo "$osname"
 }
 
 arch() {
   cpu="$(uname -m)"
   case "$cpu" in
-    aarch64)
-      echo arm64
-      ;;
-    x86_64 | amd64)
-      echo amd64
-      ;;
-    *)
-      echo "$cpu"
-      ;;
+    aarch64) cpu=arm64 ;;
+    x86_64) cpu=amd64 ;;
   esac
+  echo "$cpu"
 }
 
 # Grabs the most recent ci.yaml github workflow run that was triggered from the
@@ -57,7 +52,7 @@ arch() {
 # https://developer.github.com/v3/actions/workflow-runs/#list-workflow-runs
 get_artifacts_url() {
   local artifacts_url
-  local version_branch="v$VERSION"
+  local version_branch="release/v$VERSION"
   local workflow_runs_url="repos/:owner/:repo/actions/workflows/ci.yaml/runs?event=pull_request&branch=$version_branch"
   artifacts_url=$(gh api "$workflow_runs_url" | jq -r ".workflow_runs[] | select(.head_branch == \"$version_branch\") | .artifacts_url" | head -n 1)
   if [[ -z "$artifacts_url" ]]; then
@@ -104,21 +99,3 @@ export OS
 # RELEASE_PATH is the destination directory for the release from the root.
 # Defaults to release
 RELEASE_PATH="${RELEASE_PATH-release}"
-
-# VS Code bundles some modules into an asar which is an archive format that
-# works like tar. It then seems to get unpacked into node_modules.asar.
-#
-# I don't know why they do this but all the dependencies they bundle already
-# exist in node_modules so just symlink it. We have to do this since not only VS
-# Code itself but also extensions will look specifically in this directory for
-# files (like the ripgrep binary or the oniguruma wasm).
-symlink_asar() {
-  rm -rf node_modules.asar
-  if [ "${WINDIR-}" ]; then
-    # mklink takes the link name first.
-    mklink /J node_modules.asar node_modules
-  else
-    # ln takes the link name second.
-    ln -s node_modules node_modules.asar
-  fi
-}

ci/steps/brew-bump.sh

@@ -23,7 +23,7 @@ main() {
   # Find the docs for bump-formula-pr here
   # https://github.com/Homebrew/brew/blob/master/Library/Homebrew/dev-cmd/bump-formula-pr.rb#L18
   local output
-  if ! output=$(brew bump-formula-pr --version="${VERSION}" code-server --no-browse --no-audit 2>&1); then
+  if ! output=$(brew bump-formula-pr --version="${VERSION}" code-server --no-browse --no-audit --message="PR opened by @${GITHUB_ACTOR}" 2>&1); then
     if [[ $output == *"Duplicate PRs should not be opened"* ]]; then
       echo "$VERSION is already submitted"
       exit 0

ci/steps/publish-npm.sh

@@ -81,10 +81,6 @@ main() {
   # https://github.com/actions/upload-artifact/issues/38
   tar -xzf release-npm-package/package.tar.gz
 
-  # Ignore symlink when publishing npm package
-  # See: https://github.com/coder/code-server/pull/3935
-  echo "node_modules.asar" > release/.npmignore
-
   # We use this to set the name of the package in the
   # package.json
   PACKAGE_NAME="code-server"

docs/CONTRIBUTING.md

@@ -10,6 +10,9 @@
   - [Version updates to Code](#version-updates-to-code)
   - [Patching Code](#patching-code)
   - [Build](#build)
+  - [Troubleshooting](#troubleshooting)
+    - [I see "Forbidden access" when I load code-server in the browser](#i-see-forbidden-access-when-i-load-code-server-in-the-browser)
+  - ["Can only have one anonymous define call per script"](#can-only-have-one-anonymous-define-call-per-script)
   - [Help](#help)
 - [Test](#test)
   - [Unit tests](#unit-tests)
@@ -156,6 +159,18 @@ yarn package
 > If you need your builds to support older distros, run the build commands
 > inside a Docker container with all the build requirements installed.
 
+### Troubleshooting
+
+#### I see "Forbidden access" when I load code-server in the browser
+
+This means your patches didn't apply correctly. We have a patch to remove the auth from vanilla Code because we use our own.
+
+Try popping off the patches with `quilt pop -a` and reapplying with `quilt push -a`.
+
+### "Can only have one anonymous define call per script"
+
+Code might be trying to use a dev or prod HTML in the wrong context. You can try re-running code-server and setting `VSCODE_DEV=1`.
+
 ### Help
 
 If you get stuck or need help, you can always start a new GitHub Discussion [here](https://github.com/coder/code-server/discussions). One of the maintainers will respond and help you out.

docs/MAINTAINING.md

@@ -164,7 +164,8 @@ If you're the current release manager, follow these steps:
 
 ### Publishing a release
 
-1. Create a new branch called `v0.0.0` (replace 0s with actual version aka v4.5.0)
+1. Create a new branch called `release/v0.0.0` (replace 0s with actual version aka v4.5.0)
+   1. If you don't do this, the `npm-brew` GitHub workflow will fail. It looks for the release artifacts under the branch pattern.
 1. Run `yarn release:prep` and type in the new version (e.g., `3.8.1`)
 1. GitHub Actions will generate the `npm-package`, `release-packages` and
    `release-images` artifacts. You do not have to wait for this step to complete
@@ -174,7 +175,7 @@ If you're the current release manager, follow these steps:
 1. Bump chart version in `Chart.yaml`.
 1. Summarize the major changes in the release notes and link to the relevant
    issues.
-1. Change the @ to target the version branch. Example: `v3.9.0 @ Target: v3.9.0`
+1. Change the @ to target the version branch. Example: `v3.9.0 @ Target: release/v3.9.0`
 1. Wait for the `npm-package`, `release-packages` and `release-images` artifacts
    to build.
 1. Run `yarn release:github-assets` to download the `release-packages` artifact.

docs/README.md

@@ -14,20 +14,16 @@ access it in the browser.
 - Preserve battery life when you're on the go; all intensive tasks run on your
   server
 
-> **Note**
-> To manage multiple IDEs, workspaces, and teams, see
-> our new project: [coder/coder](http://cdr.co/coder-github)
-
 ## Requirements
 
 See [requirements](requirements.md) for minimum specs, as well as instructions
 on how to set up a Google VM on which you can install code-server.
 
-**TL;DR:** Linux machine with WebSockets enabled, 1 GB RAM, and 2 CPUs
+**TL;DR:** Linux machine with WebSockets enabled, 1 GB RAM, and 2 vCPUs
 
 ## Getting started
 
-There are three ways to get started:
+There are four ways to get started:
 
 1. Using the [install
    script](https://github.com/coder/code-server/blob/main/install.sh), which
@@ -35,7 +31,8 @@ There are three ways to get started:
    possible.
 2. Manually [installing
    code-server](https://coder.com/docs/code-server/latest/install)
-3. Using our one-click buttons and guides to [deploy code-server to a cloud
+3. Deploy code-server to your team with [coder/coder](https://cdr.co/coder-github)
+4. Using our one-click buttons and guides to [deploy code-server to a cloud
    provider](https://github.com/coder/deploy-code-server) ⚡
 
 If you use the install script, you can preview what occurs during the install
@@ -54,6 +51,9 @@ curl -fsSL https://code-server.dev/install.sh | sh
 When done, the install script prints out instructions for running and starting
 code-server.
 
+> **Note**
+> To manage code-server for a team on your infrastructure, see: [coder/coder](https://cdr.co/coder-github)
+
 We also have an in-depth [setup and
 configuration](https://coder.com/docs/code-server/latest/guide) guide.
 

docs/assets/images/icons/collab.svg

@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" width="20" height="20" viewBox="0 0 20 20"> <path d="M12.2 13.4357L9.5 11.4357C10.4 10.7357 11 9.7357 11 8.5357V7.7357C11 5.8357 9.6 4.1357 7.7 4.0357C5.7 3.9357 4 5.5357 4 7.5357V8.5357C4 9.7357 4.6 10.7357 5.5 11.4357L2.8 13.5357C2.3 13.9357 2 14.5357 2 15.1357V17.0357C2 17.6357 2.4 18.0357 3 18.0357H12C12.6 18.0357 13 17.6357 13 17.0357V15.0357C13 14.4357 12.7 13.8357 12.2 13.4357Z"/> <path d="M17.1 8.43436L15.3 7.23436C15.7 6.83436 16 6.23436 16 5.53436V4.63436C16 3.43436 15.1 2.23436 13.9 2.03436C12.7 1.83436 11.7 2.53436 11.2 3.43436C12.3 4.43436 13 5.83436 13 7.43436V8.43436C13 9.33436 12.8 10.2344 12.4 10.9344C12.4 10.9344 13.6 11.8344 13.6 11.9344H17C17.6 11.9344 18 11.5344 18 10.9344V10.1344C18 9.43436 17.7 8.83436 17.1 8.43436Z"/></svg>

docs/assets/images/icons/contributing.svg

@@ -0,0 +1 @@
+<svg width="20" height="20" fill="none" viewBox="0 0 20 20" xmlns="http://www.w3.org/2000/svg"><path d="M5 2.5V12.5" stroke="currentColor" fill="none" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/><path d="M15 7.5C16.3807 7.5 17.5 6.38071 17.5 5C17.5 3.61929 16.3807 2.5 15 2.5C13.6193 2.5 12.5 3.61929 12.5 5C12.5 6.38071 13.6193 7.5 15 7.5Z" stroke="currentColor" fill="none" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/><path d="M5 17.5C6.38071 17.5 7.5 16.3807 7.5 15C7.5 13.6193 6.38071 12.5 5 12.5C3.61929 12.5 2.5 13.6193 2.5 15C2.5 16.3807 3.61929 17.5 5 17.5Z" stroke="currentColor" fill="none" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/><path d="M15 7.5C15 9.48912 14.2098 11.3968 12.8033 12.8033C11.3968 14.2098 9.48912 15 7.5 15" stroke="currentColor" fill="none" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/></svg>

docs/assets/images/icons/faq.svg

@@ -0,0 +1 @@
+<svg width="20" height="20" viewBox="0 0 20 20" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1"><path d="M10.0001 18.3333C14.6025 18.3333 18.3334 14.6024 18.3334 10C18.3334 5.39762 14.6025 1.66666 10.0001 1.66666C5.39771 1.66666 1.66675 5.39762 1.66675 10C1.66675 14.6024 5.39771 18.3333 10.0001 18.3333Z" stroke="currentColor" fill="none" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/><path d="M7.57495 7.5C7.77087 6.94306 8.15758 6.47342 8.66658 6.17428C9.17558 5.87513 9.77403 5.76578 10.3559 5.86559C10.9378 5.96541 11.4656 6.26794 11.8458 6.71961C12.2261 7.17128 12.4342 7.74294 12.4333 8.33333C12.4333 10 9.93328 10.8333 9.93328 10.8333" stroke="currentColor" fill="none" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/><path d="M10 14.1667H10.0083" stroke="currentColor" fill="none" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/></svg>

docs/assets/images/icons/home.svg

@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" viewBox="0 0 16 16" width="16px" xml:space="preserve"><path d="M15.45,7L14,5.551V2c0-0.55-0.45-1-1-1h-1c-0.55,0-1,0.45-1,1v0.553L9,0.555C8.727,0.297,8.477,0,8,0S7.273,0.297,7,0.555  L0.55,7C0.238,7.325,0,7.562,0,8c0,0.563,0.432,1,1,1h1v6c0,0.55,0.45,1,1,1h3v-5c0-0.55,0.45-1,1-1h2c0.55,0,1,0.45,1,1v5h3  c0.55,0,1-0.45,1-1V9h1c0.568,0,1-0.437,1-1C16,7.562,15.762,7.325,15.45,7z"></path></svg>

docs/assets/images/icons/requirements.svg

@@ -0,0 +1 @@
+<svg width="20" height="20" viewBox="0 0 20 20"  xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1"><path d="M6 2V11H2V15C2 16.7 3.3 18 5 18H15C16.7 18 18 16.7 18 15V2H6ZM16 15C16 15.6 15.6 16 15 16H8V4H16V15Z" /><path d="M14 7H10V9H14V7Z" /><path d="M14 11H10V13H14V11Z" /></svg>

docs/assets/images/icons/upgrade.svg

@@ -0,0 +1 @@
+<svg width="20" height="20" viewBox="0 0 20 20" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1"><path d="M17.8049 2.19795C17.7385 2.1311 17.6587 2.07899 17.5708 2.04504C17.4829 2.01108 17.3889 1.99604 17.2948 2.00089C7.89216 2.49153 4.4188 10.8673 4.38528 10.9517C4.33624 11.0736 4.32406 11.2071 4.5.028 11.3358C4.3765 11.4645 4.43995 11.5827 4.53274 11.6756L8.32449 15.4674C8.41787 15.5606 8.53669 15.6242 8.66606 15.6502C8.79543 15.6762 8.92959 15.6634 9.05174 15.6135C9.13552 15.5793 17.4664 12.0671 17.9986 2.7087C18.0039 2.61474 17.9895 2.5207 17.9561 2.4327C17.9227 2.3447 17.8712 2.26471 17.8049 2.19795ZM12.3314 9.56427C12.1439 9.75179 11.9051 9.87951 11.645 9.93126C11.385 9.98302 11.1154 9.9565 10.8704 9.85505C10.6254 9.7536 10.4161 9.58178 10.2687 9.36131C10.1214 9.14085 10.0428 8.88166 10.0428 8.6165C10.0428 8.35135 10.1214 8.09215 10.2687 7.87169C10.4161 7.65123 10.6254 7.47941 10.8704 7.37796C11.1154 7.27651 11.385 7.24998 11.645 7.30174C11.9051 7.3535 12.1439 7.48121 12.3314 7.66873C12.5827 7.92012 12.7239 8.26104 12.7239 8.6165C12.7239 8.97197 12.5827 9.31288 12.3314 9.56427Z"/><path d="M2.74602 14.5444C2.92281 14.3664 3.133 14.2251 3.36454 14.1285C3.59608 14.0319 3.8444 13.9819 4.09529 13.9815C4.34617 13.9811 4.59466 14.0.12 4.82653 14.126C5.05839 14.2218 5.26907 14.3624 5.44647 14.5398C5.62386 14.7172 5.7645 14.9279 5.86031 15.1598C5.95612 15.3916 6.00522 15.6401 6.00479 15.891C6.00437 16.1419 5.95442 16.3902 5.85782 16.6218C5.76122 16.8533 5.61987 17.0635 5.44186 17.2403C4.69719 17.985 2 18.0004 2 18.0004C2 18.0004 2 15.2884 2.74602 14.5444Z"/><path d="M8.9416 3.48269C7.99688 3.31826 7.02645 3.38371 6.11237 3.67352C5.19828 3.96332 4.36741 4.46894 3.68999 5.14765C3.33153 5.50944.5.01988 5.91477 2.76233 6.35415C2.68692 6.4822 2.6562 6.63169 2.67501 6.77911C2.69381 6.92652 2.76108 7.06351 2.86623 7.16853L4.1994 8.50238C5.43822 6.53634 7.04911 4.83119 8.9416 3.48269Z"/><path d="M16.5181 11.0585C16.6825 12.0033 16.6171 12.9737 16.3273 13.8878C16.0375 14.8019 15.5318 15.6327 14.8531 16.3101C14.4914 16.6686 14.086 16.9803 13.6466 17.2378C13.5186 17.3132 13.3691 17.3439 13.2217 17.3251C13.0743 17.3063 12.9373 17.2391 12.8323 17.1339L11.4984 15.8007C13.4645 14.5619 15.1696 12.951 16.5181 11.0585Z"/></svg>

docs/assets/images/icons/usage.svg

@@ -0,0 +1 @@
+<svg viewBox="0 0 16 16" xmlns="http://www.w3.org/2000/svg"><path d="M4 6H2v14c0 1.1.9 2 2 2h14v-2H4V6zm16-4H8c-1.1 0-2 .9-2 2v12c0 1.1.9 2 2 2h12c1.1 0 2-.9 2-2V4c0-1.1-.9-2-2-2zm0 10l-2.5-1.5L15 12V4h5v8z"></path></svg>

docs/assets/images/icons/wrench.svg

@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" aria-hidden="true"><path d="M22.7 19l-9.1-9.1c.9-2.3.4-5-1.5-6.9-2-2-5-2.4-7.4-1.3L9 6 6 9 1.6 4.7C.4 7.1.9 10.1 2.9 12.1c1.9 1.9 4.6 2.4 6.9 1.5l9.1 9.1c.4.4 1 .4 1.4 0l2.3-2.3c.5-.4.5-1.1.1-1.4z"></path></svg>

docs/collaboration.md

@@ -60,6 +60,6 @@ As `code-server` is based on VS Code, you can follow the steps described on Duck
    code-server --enable-proposed-api genuitecllc.codetogether
    ```
 
-   Another option would be to add a value in code-server's [config file](https://coder.com/docs/code-server/v4.5.0/FAQ#how-does-the-config-file-work).
+   Another option would be to add a value in code-server's [config file](https://coder.com/docs/code-server/v4.5.2/FAQ#how-does-the-config-file-work).
 
 3. Refresh code-server and navigate to the CodeTogether icon in the sidebar to host or join a coding session.

docs/guide.md

@@ -126,7 +126,7 @@ access code-server on an iPad or do not want to use SSH port forwarding.
 
 ```console
 sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https
-curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo apt-key add -
+curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
 curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list
 sudo apt update
 sudo apt install caddy

docs/helm.md

@@ -1,6 +1,6 @@
 # code-server Helm Chart
 
-[![Version: 1.0.0](https://img.shields.io/badge/Version-1.0.0-informational?style=flat-square)](https://img.shields.io/badge/Version-1.0.0-informational?style=flat-square) [![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)](https://img.shields.io/badge/Type-application-informational?style=flat-square) [![AppVersion: 4.5.0](https://img.shields.io/badge/AppVersion-4.5.0-informational?style=flat-square)](https://img.shields.io/badge/AppVersion-4.5.0-informational?style=flat-square)
+[![Version: 1.0.0](https://img.shields.io/badge/Version-1.0.0-informational?style=flat-square)](https://img.shields.io/badge/Version-1.0.0-informational?style=flat-square) [![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)](https://img.shields.io/badge/Type-application-informational?style=flat-square) [![AppVersion: 4.5.2](https://img.shields.io/badge/AppVersion-4.5.2-informational?style=flat-square)](https://img.shields.io/badge/AppVersion-4.5.2-informational?style=flat-square)
 
 [code-server](https://github.com/coder/code-server) code-server is VS Code running
 on a remote server, accessible through the browser.
@@ -73,7 +73,7 @@ and their default values.
 | hostnameOverride                            | string | `""`                     |
 | image.pullPolicy                            | string | `"Always"`               |
 | image.repository                            | string | `"codercom/code-server"` |
-| image.tag                                   | string | `"4.5.0"`                |
+| image.tag                                   | string | `"4.5.2"`                |
 | imagePullSecrets                            | list   | `[]`                     |
 | ingress.enabled                             | bool   | `false`                  |
 | nameOverride                                | string | `""`                     |

docs/install.md

@@ -9,6 +9,7 @@
 - [Debian, Ubuntu](#debian-ubuntu)
 - [Fedora, CentOS, RHEL, SUSE](#fedora-centos-rhel-suse)
 - [Arch Linux](#arch-linux)
+- [Artix Linux](#artix-linux)
 - [macOS](#macos)
 - [Docker](#docker)
 - [Helm](#helm)
@@ -190,6 +191,72 @@ sudo systemctl enable --now code-server@$USER
 # Now visit http://127.0.0.1:8080. Your password is in ~/.config/code-server/config.yaml
 ```
 
+## Artix Linux
+
+```bash
+# Install code-server from the AUR
+git clone https://aur.archlinux.org/code-server.git
+cd code-server
+makepkg -si
+```
+
+Save the file as `code-server` in `/etc/init.d/` and make it executable with `chmod +x code-server`. Put your username in line 3.
+
+```bash
+#!/sbin/openrc-run
+name=$RC_SVCNAME
+description="$name - VS Code on a remote server"
+user="" # your username here
+homedir="/home/$user"
+command="$(which code-server)"
+# Just because you can do this does not mean you should. Use ~/.config/code-server/config.yaml instead
+#command_args="--extensions-dir $homedir/.local/share/$name/extensions --user-data-dir $homedir/.local/share/$name --disable-telemetry"
+command_user="$user:$user"
+pidfile="/run/$name/$name.pid"
+command_background="yes"
+extra_commands="report"
+
+depend() {
+  use logger dns
+  need net
+}
+
+start_pre() {
+  checkpath --directory --owner $command_user --mode 0755 /run/$name /var/log/$name
+}
+
+start() {
+  default_start
+  report
+}
+
+stop() {
+  default_stop
+}
+
+status() {
+  default_status
+  report
+}
+
+report() {
+  # Report to the user
+  einfo "Reading configuration from ~/.config/code-server/config.yaml"
+}
+```
+
+Start on boot with default runlevel
+
+```
+rc-update add code-server default
+```
+
+Start the service immediately
+
+```
+rc-service code-server start
+```
+
 ## macOS
 
 ```bash
@@ -237,6 +304,8 @@ We currently [do not publish Windows releases](https://github.com/coder/code-ser
 We recommend installing code-server onto Raspberry Pi with [`yarn` or
 `npm`](#yarn-npm).
 
+If you see an error related to `node-gyp` during installation, See [#5174](https://github.com/coder/code-server/issues/5174) for more information.
+
 ## Termux
 
 Please see code-server's [Termux docs](./termux.md#installation) for more

docs/manifest.json

@@ -1,22 +1,22 @@
 {
-  "versions": ["v4.5.0"],
+  "versions": ["v4.5.2"],
   "routes": [
     {
       "title": "Home",
       "description": "Learn how to install and run code-server.",
       "path": "./README.md",
-      "icon": "<svg xmlns=\"http://www.w3.org/2000/svg\" xmlns:xlink=\"http://www.w3.org/1999/xlink\" version=\"1.1\" viewBox=\"0 0 16 16\" width=\"16px\" xml:space=\"preserve\"><path d=\"M15.45,7L14,5.551V2c0-0.55-0.45-1-1-1h-1c-0.55,0-1,0.45-1,1v0.553L9,0.555C8.727,0.297,8.477,0,8,0S7.273,0.297,7,0.555  L0.55,7C0.238,7.325,0,7.562,0,8c0,0.563,0.432,1,1,1h1v6c0,0.55,0.45,1,1,1h3v-5c0-0.55,0.45-1,1-1h2c0.55,0,1,0.45,1,1v5h3  c0.55,0,1-0.45,1-1V9h1c0.568,0,1-0.437,1-1C16,7.562,15.762,7.325,15.45,7z\"></path></svg>"
+      "icon_path": "assets/images/icons/home.svg"
     },
     {
       "title": "Requirements",
       "description": "Learn about what you need to run code-server.",
-      "icon": "<svg width=\"20\" height=\"20\" viewBox=\"0 0 20 20\" fill=\"none\" xmlns=\"http://www.w3.org/2000/svg\"><path d=\"M6 2V11H2V15C2 16.7 3.3 18 5 18H15C16.7 18 18 16.7 18 15V2H6ZM16 15C16 15.6 15.6 16 15 16H8V4H16V15Z\" /><path d=\"M14 7H10V9H14V7Z\" /><path d=\"M14 11H10V13H14V11Z\" /></svg>",
+      "icon_path": "assets/images/icons/requirements.svg",
       "path": "./requirements.md"
     },
     {
       "title": "Install",
       "description": "How to install code-server.",
-      "icon": "<svg class=\"MuiSvgIcon-root jss172\" focusable=\"false\" viewBox=\"0 0 24 24\" aria-hidden=\"true\"><path d=\"M22.7 19l-9.1-9.1c.9-2.3.4-5-1.5-6.9-2-2-5-2.4-7.4-1.3L9 6 6 9 1.6 4.7C.4 7.1.9 10.1 2.9 12.1c1.9 1.9 4.6 2.4 6.9 1.5l9.1 9.1c.4.4 1 .4 1.4 0l2.3-2.3c.5-.4.5-1.1.1-1.4z\"></path></svg>",
+      "icon_path": "assets/images/icons/wrench.svg",
       "path": "./install.md",
       "children": [
         {
@@ -34,7 +34,7 @@
     {
       "title": "Usage",
       "description": "How to set up and use code-server.",
-      "icon": "<svg viewBox=\"0 0 16 16\" xmlns=\"http://www.w3.org/2000/svg\"><path d=\"M4 6H2v14c0 1.1.9 2 2 2h14v-2H4V6zm16-4H8c-1.1 0-2 .9-2 2v12c0 1.1.9 2 2 2h12c1.1 0 2-.9 2-2V4c0-1.1-.9-2-2-2zm0 10l-2.5-1.5L15 12V4h5v8z\"></path></svg>",
+      "icon_path": "assets/images/icons/usage.svg",
       "path": "./guide.md",
       "children": [
         {
@@ -67,25 +67,25 @@
     {
       "title": "Collaboration",
       "description": "How to setup real time collaboration using code server.",
-      "icon": "<svg width=\"20\" height=\"20\" viewBox=\"0 0 20 20\" fill=\"none\" xmlns=\"http://www.w3.org/2000/svg\"> <path d=\"M12.2 13.4357L9.5 11.4357C10.4 10.7357 11 9.7357 11 8.5357V7.7357C11 5.8357 9.6 4.1357 7.7 4.0357C5.7 3.9357 4 5.5357 4 7.5357V8.5357C4 9.7357 4.6 10.7357 5.5 11.4357L2.8 13.5357C2.3 13.9357 2 14.5357 2 15.1357V17.0357C2 17.6357 2.4 18.0357 3 18.0357H12C12.6 18.0357 13 17.6357 13 17.0357V15.0357C13 14.4357 12.7 13.8357 12.2 13.4357Z\"/> <path d=\"M17.1 8.43436L15.3 7.23436C15.7 6.83436 16 6.23436 16 5.53436V4.63436C16 3.43436 15.1 2.23436 13.9 2.03436C12.7 1.83436 11.7 2.53436 11.2 3.43436C12.3 4.43436 13 5.83436 13 7.43436V8.43436C13 9.33436 12.8 10.2344 12.4 10.9344C12.4 10.9344 13.6 11.8344 13.6 11.9344H17C17.6 11.9344 18 11.5344 18 10.9344V10.1344C18 9.43436 17.7 8.83436 17.1 8.43436Z\"/></svg>",
+      "icon_path": "assets/images/icons/collab.svg",
       "path": "./collaboration.md"
     },
     {
       "title": "Upgrade",
       "description": "How to upgrade code-server.",
-      "icon": "<svg width=\"20\" height=\"20\" viewBox=\"0 0 20 20\" fill=\"none\" xmlns=\"http://www.w3.org/2000/svg\"><path d=\"M17.8049 2.19795C17.7385 2.1311 17.6587 2.07899 17.5708 2.04504C17.4829 2.01108 17.3889 1.99604 17.2948 2.00089C7.89216 2.49153 4.4188 10.8673 4.38528 10.9517C4.33624 11.0736 4.32406 11.2071 4.5.028 11.3358C4.3765 11.4645 4.43995 11.5827 4.53274 11.6756L8.32449 15.4674C8.41787 15.5606 8.53669 15.6242 8.66606 15.6502C8.79543 15.6762 8.92959 15.6634 9.05174 15.6135C9.13552 15.5793 17.4664 12.0671 17.9986 2.7087C18.0039 2.61474 17.9895 2.5207 17.9561 2.4327C17.9227 2.3447 17.8712 2.26471 17.8049 2.19795ZM12.3314 9.56427C12.1439 9.75179 11.9051 9.87951 11.645 9.93126C11.385 9.98302 11.1154 9.9565 10.8704 9.85505C10.6254 9.7536 10.4161 9.58178 10.2687 9.36131C10.1214 9.14085 10.0428 8.88166 10.0428 8.6165C10.0428 8.35135 10.1214 8.09215 10.2687 7.87169C10.4161 7.65123 10.6254 7.47941 10.8704 7.37796C11.1154 7.27651 11.385 7.24998 11.645 7.30174C11.9051 7.3535 12.1439 7.48121 12.3314 7.66873C12.5827 7.92012 12.7239 8.26104 12.7239 8.6165C12.7239 8.97197 12.5827 9.31288 12.3314 9.56427Z\"/><path d=\"M2.74602 14.5444C2.92281 14.3664 3.133 14.2251 3.36454 14.1285C3.59608 14.0319 3.8444 13.9819 4.09529 13.9815C4.34617 13.9811 4.59466 14.0.12 4.82653 14.126C5.05839 14.2218 5.26907 14.3624 5.44647 14.5398C5.62386 14.7172 5.7645 14.9279 5.86031 15.1598C5.95612 15.3916 6.00522 15.6401 6.00479 15.891C6.00437 16.1419 5.95442 16.3902 5.85782 16.6218C5.76122 16.8533 5.61987 17.0635 5.44186 17.2403C4.69719 17.985 2 18.0004 2 18.0004C2 18.0004 2 15.2884 2.74602 14.5444Z\"/><path d=\"M8.9416 3.48269C7.99688 3.31826 7.02645 3.38371 6.11237 3.67352C5.19828 3.96332 4.36741 4.46894 3.68999 5.14765C3.33153 5.50944.5.01988 5.91477 2.76233 6.35415C2.68692 6.4822 2.6562 6.63169 2.67501 6.77911C2.69381 6.92652 2.76108 7.06351 2.86623 7.16853L4.1994 8.50238C5.43822 6.53634 7.04911 4.83119 8.9416 3.48269Z\"/><path d=\"M16.5181 11.0585C16.6825 12.0033 16.6171 12.9737 16.3273 13.8878C16.0375 14.8019 15.5318 15.6327 14.8531 16.3101C14.4914 16.6686 14.086 16.9803 13.6466 17.2378C13.5186 17.3132 13.3691 17.3439 13.2217 17.3251C13.0743 17.3063 12.9373 17.2391 12.8323 17.1339L11.4984 15.8007C13.4645 14.5619 15.1696 12.951 16.5181 11.0585Z\"/></svg>",
+      "icon_path": "assets/images/icons/upgrade.svg",
       "path": "./upgrade.md"
     },
     {
       "title": "FAQ",
       "description": "Frequently asked questions on installing and running code-server.",
-      "icon": "<svg width=\"20\" height=\"20\" viewBox=\"0 0 20 20\" xmlns=\"http://www.w3.org/2000/svg\"><path d=\"M10.0001 18.3333C14.6025 18.3333 18.3334 14.6024 18.3334 10C18.3334 5.39762 14.6025 1.66666 10.0001 1.66666C5.39771 1.66666 1.66675 5.39762 1.66675 10C1.66675 14.6024 5.39771 18.3333 10.0001 18.3333Z\" stroke=\"currentColor\" fill=\"none\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\"/><path d=\"M7.57495 7.5C7.77087 6.94306 8.15758 6.47342 8.66658 6.17428C9.17558 5.87513 9.77403 5.76578 10.3559 5.86559C10.9378 5.96541 11.4656 6.26794 11.8458 6.71961C12.2261 7.17128 12.4342 7.74294 12.4333 8.33333C12.4333 10 9.93328 10.8333 9.93328 10.8333\" stroke=\"currentColor\" fill=\"none\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\"/><path d=\"M10 14.1667H10.0083\" stroke=\"currentColor\" fill=\"none\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\"/></svg>",
+      "icon_path": "assets/images/icons/faq.svg",
       "path": "./FAQ.md"
     },
     {
       "title": "Contributing",
       "description": "How to contribute to code-server.",
-      "icon": "<svg width=\"20\" height=\"20\" fill=\"none\" viewBox=\"0 0 20 20\" xmlns=\"http://www.w3.org/2000/svg\"><path d=\"M5 2.5V12.5\" stroke=\"currentColor\" fill=\"none\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\"/><path d=\"M15 7.5C16.3807 7.5 17.5 6.38071 17.5 5C17.5 3.61929 16.3807 2.5 15 2.5C13.6193 2.5 12.5 3.61929 12.5 5C12.5 6.38071 13.6193 7.5 15 7.5Z\" stroke=\"currentColor\" fill=\"none\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\"/><path d=\"M5 17.5C6.38071 17.5 7.5 16.3807 7.5 15C7.5 13.6193 6.38071 12.5 5 12.5C3.61929 12.5 2.5 13.6193 2.5 15C2.5 16.3807 3.61929 17.5 5 17.5Z\" stroke=\"currentColor\" fill=\"none\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\"/><path d=\"M15 7.5C15 9.48912 14.2098 11.3968 12.8033 12.8033C11.3968 14.2098 9.48912 15 7.5 15\" stroke=\"currentColor\" fill=\"none\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\"/></svg>",
+      "icon_path": "assets/images/icons/contributing.svg",
       "path": "./CONTRIBUTING.md",
       "children": [
         {

docs/requirements.md

@@ -21,7 +21,7 @@ for communication between the browser and the server.
 The following steps walk you through setting up a VM running Debian using Google
 Cloud (though you are welcome to use any machine or VM provider).
 
-If you're [signing up with Google](https://console.cloud.google.com/getting-started) for the first time, you should get a 12-month trial with
+If you're [signing up with Google](https://console.cloud.google.com/getting-started) for the first time, you should get a 3-month trial with
 $300 of credits.
 
 After you sign up and create a new Google Cloud Provider (GCP) project, create a

docs/termux.md

@@ -3,6 +3,7 @@
 # Termux
 
 - [Install](#install)
+- [Yarn Installation](#yarn-installation)
 - [Upgrade](#upgrade)
 - [Known Issues](#known-issues)
   - [Git won't work in `/sdcard`](#git-wont-work-in-sdcard)
@@ -65,6 +66,59 @@ curl -fsSL https://code-server.dev/install.sh | sh
 > Consider using a new user instead of root, read [here](https://www.howtogeek.com/124950/htg-explains-why-you-shouldnt-log-into-your-linux-system-as-root/) why using root is not recommended.\
 > Learn how to add a user [here](#create-a-new-user).
 
+## Yarn Installation
+
+1. Get [Termux](https://f-droid.org/en/packages/com.termux/) from **F-Droid**.
+
+2. We will now change using the following command.
+
+```sh
+termux-change-repo
+```
+
+Now select `Main Repository` then change repo to `Mirrors by Grimler Hosted on grimler.se`.
+
+3. After successfully updating of repository update and upgrade all the packages by the following command
+
+```sh
+pkg update
+pkg upgrade -y
+```
+
+4. Now let's install requirement dependancy.
+
+```sh
+pkg install -y \
+  build-essential \
+  binutils \
+  pkg-config \
+  python3 \
+  yarn \
+  nodejs-lts
+npm config set python python3
+node -v
+```
+
+you will get node version `v16.15.0`
+
+5. Now install code-server
+
+```sh
+yarn global add code-server
+```
+
+6. Congratulation code-server is installed on your device using the following command.
+
+```sh
+code-server --auth none
+```
+
+7. If already installed then use the following command for upgradation.
+
+```
+yarn upgrade code-server
+```
+
 ## Upgrade
 
 1. Remove all previous installs `rm -rf ~/.local/lib/code-server-*`

package.json

@@ -1,7 +1,7 @@
 {
   "name": "code-server",
   "license": "MIT",
-  "version": "4.5.0",
+  "version": "4.5.2",
   "description": "Run VS Code on a remote server.",
   "homepage": "https://github.com/coder/code-server",
   "bugs": {
@@ -18,6 +18,7 @@
     "release:github-assets": "./ci/build/release-github-assets.sh",
     "release:prep": "./ci/build/release-prep.sh",
     "test:e2e": "VSCODE_IPC_HOOK_CLI= ./ci/dev/test-e2e.sh",
+    "test:e2e:proxy": "USE_PROXY=1 ./ci/dev/test-e2e.sh",
     "test:unit": "./ci/dev/test-unit.sh --forceExit --detectOpenHandles",
     "test:integration": "./ci/dev/test-integration.sh",
     "test:scripts": "./ci/dev/test-scripts.sh",
@@ -41,14 +42,14 @@
     "@types/express": "^4.17.8",
     "@types/http-proxy": "^1.17.4",
     "@types/js-yaml": "^4.0.0",
-    "@types/node": "^14.17.1",
+    "@types/node": "^16.0.0",
     "@types/pem": "^1.9.5",
     "@types/proxy-from-env": "^1.0.1",
     "@types/safe-compare": "^1.1.0",
     "@types/semver": "^7.1.0",
     "@types/split2": "^3.2.0",
     "@types/trusted-types": "^2.0.2",
-    "@types/ws": "^8.0.0",
+    "@types/ws": "^8.5.3",
     "@typescript-eslint/eslint-plugin": "^5.23.0",
     "@typescript-eslint/parser": "^5.23.0",
     "audit-ci": "^6.0.0",
@@ -83,7 +84,9 @@
     "follow-redirects": "^1.14.8",
     "node-fetch": "^2.6.7",
     "nanoid": "^3.1.31",
-    "minimist": "npm:minimist-lite@2.2.1"
+    "minimist": "npm:minimist-lite@2.2.1",
+    "glob-parent": "^6.0.1",
+    "@types/node": "^16.0.0"
   },
   "dependencies": {
     "@coder/logger": "1.1.16",

patches/base-path.diff

@@ -86,6 +86,15 @@ Index: code-server/lib/vscode/src/vs/code/browser/workbench/workbench.html
  		<link data-name="vs/workbench/workbench.web.main" rel="stylesheet" href="{{WORKBENCH_WEB_BASE_URL}}/out/vs/workbench/workbench.web.main.css">
  
  	</head>
+@@ -38,7 +38,7 @@
+ 	<script src="{{WORKBENCH_WEB_BASE_URL}}/out/vs/loader.js"></script>
+ 	<script src="{{WORKBENCH_WEB_BASE_URL}}/out/vs/webPackagePaths.js"></script>
+ 	<script>
+-		const baseUrl = new URL('{{WORKBENCH_WEB_BASE_URL}}', window.location.origin).toString();
++		const baseUrl = new URL('{{WORKBENCH_WEB_BASE_URL}}', window.location).toString();
+ 		Object.keys(self.webPackagePaths).map(function (key, index) {
+ 			self.webPackagePaths[key] = `${baseUrl}/node_modules/${key}/${self.webPackagePaths[key]}`;
+ 		});
 Index: code-server/lib/vscode/src/vs/platform/remote/browser/browserSocketFactory.ts
 ===================================================================
 --- code-server.orig/lib/vscode/src/vs/platform/remote/browser/browserSocketFactory.ts

patches/cli-window-open.diff

@@ -0,0 +1,96 @@
+Make opening files/folders from the terminal only open in the current instance
+
+Previously they would open in every code-server tab/window.
+
+To test:
+
+1. Run code-server
+2. Open code-server
+3. Open terminal
+4. Open another code-server window
+5. Run code-server with a file or directory argument
+
+The file or directory should only open from the instance attached to that
+terminal.
+
+Index: code-server/lib/vscode/src/vs/server/node/remoteTerminalChannel.ts
+===================================================================
+--- code-server.orig/lib/vscode/src/vs/server/node/remoteTerminalChannel.ts
++++ code-server/lib/vscode/src/vs/server/node/remoteTerminalChannel.ts
+@@ -89,7 +89,7 @@ export class RemoteTerminalChannel exten
+ 		uriTransformer: IURITransformer;
+ 	}>();
+ 
+-	private readonly _onExecuteCommand = this._register(new Emitter<{ reqId: number; commandId: string; commandArgs: any[] }>());
++	private readonly _onExecuteCommand = this._register(new Emitter<{ reqId: number; terminalId: number; commandId: string; commandArgs: any[] }>());
+ 	readonly onExecuteCommand = this._onExecuteCommand.event;
+ 
+ 	constructor(
+@@ -240,20 +240,20 @@ export class RemoteTerminalChannel exten
+ 		const ipcHandlePath = createRandomIPCHandle();
+ 		env.VSCODE_IPC_HOOK_CLI = ipcHandlePath;
+ 		const commandsExecuter: ICommandsExecuter = {
+-			executeCommand: <T>(id: string, ...args: any[]): Promise<T> => this._executeCommand(id, args, uriTransformer)
++			executeCommand: <T>(commandId: string, ...args: any[]): Promise<T> => this._executeCommand(terminalId, commandId, args, uriTransformer)
+ 		};
+ 		const cliServer = new CLIServerBase(commandsExecuter, this._logService, ipcHandlePath);
+ 
+-		const id = await this._ptyService.createProcess(shellLaunchConfig, initialCwd, args.cols, args.rows, args.unicodeVersion, env, baseEnv, args.options, args.shouldPersistTerminal, args.workspaceId, args.workspaceName);
+-		this._ptyService.onProcessExit(e => e.id === id && cliServer.dispose());
++		const terminalId = await this._ptyService.createProcess(shellLaunchConfig, initialCwd, args.cols, args.rows, args.unicodeVersion, env, baseEnv, args.options, args.shouldPersistTerminal, args.workspaceId, args.workspaceName);
++		this._ptyService.onProcessExit(e => e.id === terminalId && cliServer.dispose());
+ 
+ 		return {
+-			persistentTerminalId: id,
++			persistentTerminalId: terminalId,
+ 			resolvedShellLaunchConfig: shellLaunchConfig
+ 		};
+ 	}
+ 
+-	private _executeCommand<T>(commandId: string, commandArgs: any[], uriTransformer: IURITransformer): Promise<T> {
++	private _executeCommand<T>(terminalId: number, commandId: string, commandArgs: any[], uriTransformer: IURITransformer): Promise<T> {
+ 		let resolve!: (data: any) => void;
+ 		let reject!: (err: any) => void;
+ 		const result = new Promise<T>((_resolve, _reject) => {
+@@ -276,6 +276,7 @@ export class RemoteTerminalChannel exten
+ 		});
+ 		this._onExecuteCommand.fire({
+ 			reqId,
++			terminalId,
+ 			commandId,
+ 			commandArgs: serializedCommandArgs
+ 		});
+Index: code-server/lib/vscode/src/vs/workbench/contrib/terminal/browser/remoteTerminalBackend.ts
+===================================================================
+--- code-server.orig/lib/vscode/src/vs/workbench/contrib/terminal/browser/remoteTerminalBackend.ts
++++ code-server/lib/vscode/src/vs/workbench/contrib/terminal/browser/remoteTerminalBackend.ts
+@@ -94,10 +94,14 @@ class RemoteTerminalBackend extends Base
+ 		this._remoteTerminalChannel.onExecuteCommand(async e => {
+ 			const reqId = e.reqId;
+ 			const commandId = e.commandId;
++			const terminalId = e.terminalId;
+ 			if (!allowedCommands.includes(commandId)) {
+ 				this._remoteTerminalChannel.sendCommandResult(reqId, true, 'Invalid remote cli command: ' + commandId);
+ 				return;
+ 			}
++			if (typeof terminalId !== "undefined" && !this._ptys.has(terminalId)) {
++				return
++			}
+ 			const commandArgs = e.commandArgs.map(arg => revive(arg));
+ 			try {
+ 				const result = await this._commandService.executeCommand(e.commandId, ...commandArgs);
+Index: code-server/lib/vscode/src/vs/workbench/contrib/terminal/common/remoteTerminalChannel.ts
+===================================================================
+--- code-server.orig/lib/vscode/src/vs/workbench/contrib/terminal/common/remoteTerminalChannel.ts
++++ code-server/lib/vscode/src/vs/workbench/contrib/terminal/common/remoteTerminalChannel.ts
+@@ -88,8 +88,8 @@ export class RemoteTerminalChannelClient
+ 	get onProcessOrphanQuestion(): Event<{ id: number }> {
+ 		return this._channel.listen<{ id: number }>('$onProcessOrphanQuestion');
+ 	}
+-	get onExecuteCommand(): Event<{ reqId: number; commandId: string; commandArgs: any[] }> {
+-		return this._channel.listen<{ reqId: number; commandId: string; commandArgs: any[] }>('$onExecuteCommand');
++	get onExecuteCommand(): Event<{ reqId: number; terminalId: number; commandId: string; commandArgs: any[] }> {
++		return this._channel.listen<{ reqId: number; terminalId: number; commandId: string; commandArgs: any[] }>('$onExecuteCommand');
+ 	}
+ 	get onDidRequestDetach(): Event<{ requestId: number; workspaceId: string; instanceId: number }> {
+ 		return this._channel.listen<{ requestId: number; workspaceId: string; instanceId: number }>('$onDidRequestDetach');

patches/display-language.diff

@@ -91,7 +91,7 @@ Index: code-server/lib/vscode/src/vs/code/browser/workbench/workbench.html
 +						return cb(undefined, result)
 +					}
 +					const path = nlsConfig['vs/nls']._resolvedLanguagePackCoreLocation + "/" + bundle.replace(/\//g, "!") + ".nls.json"
-+					fetch(`{{WORKBENCH_WEB_BASE_URL}}/vscode-remote-resource?path=${encodeURIComponent(path)}`)
++					fetch(`{{WORKBENCH_WEB_BASE_URL}}/../vscode-remote-resource?path=${encodeURIComponent(path)}`)
 +						.then((response) => response.json())
 +						.then((json) => {
 +							bundles[bundle] = json

patches/series

@@ -19,3 +19,4 @@ sourcemaps.diff
 disable-downloads.diff
 telemetry.diff
 display-language.diff
+cli-window-open.diff

src/node/routes/index.ts

@@ -94,8 +94,8 @@ export const register = async (app: App, args: DefaultedArgs): Promise<Disposabl
   app.router.use("/", domainProxy.router)
   app.wsRouter.use("/", domainProxy.wsRouter.router)
 
-  app.router.all("/proxy/(:port)(/*)?", (req, res) => {
-    pathProxy.proxy(req, res)
+  app.router.all("/proxy/(:port)(/*)?", async (req, res) => {
+    await pathProxy.proxy(req, res)
   })
   app.wsRouter.get("/proxy/(:port)(/*)?", async (req) => {
     await pathProxy.wsProxy(req as pluginapi.WebsocketRequest)
@@ -103,8 +103,8 @@ export const register = async (app: App, args: DefaultedArgs): Promise<Disposabl
   // These two routes pass through the path directly.
   // So the proxied app must be aware it is running
   // under /absproxy/<someport>/
-  app.router.all("/absproxy/(:port)(/*)?", (req, res) => {
-    pathProxy.proxy(req, res, {
+  app.router.all("/absproxy/(:port)(/*)?", async (req, res) => {
+    await pathProxy.proxy(req, res, {
       passthroughPath: true,
     })
   })

src/node/routes/pathProxy.ts

@@ -14,14 +14,14 @@ const getProxyTarget = (req: Request, passthroughPath?: boolean): string => {
   return `http://0.0.0.0:${req.params.port}/${req.params[0] || ""}${query ? `?${query}` : ""}`
 }
 
-export function proxy(
+export async function proxy(
   req: Request,
   res: Response,
   opts?: {
     passthroughPath?: boolean
   },
-): void {
-  if (!authenticated(req)) {
+): Promise<void> {
+  if (!(await authenticated(req))) {
     // If visiting the root (/:port only) redirect to the login page.
     if (!req.params[0] || req.params[0] === "/") {
       const to = self(req)

src/node/routes/vscode.ts

@@ -127,7 +127,10 @@ export class CodeServerRouteWrapper {
 
   private $proxyWebsocket = async (req: WebsocketRequest) => {
     const wrappedSocket = await this._socketProxyProvider.createProxy(req.ws)
-    this._codeServerMain.handleUpgrade(req, wrappedSocket)
+    // This should actually accept a duplex stream but it seems Code has not
+    // been updated to match the Node 16 types so cast for now.  There does not
+    // appear to be any code specific to sockets so this should be fine.
+    this._codeServerMain.handleUpgrade(req, wrappedSocket as net.Socket)
 
     req.ws.resume()
   }
@@ -170,7 +173,7 @@ export class CodeServerRouteWrapper {
 
   constructor() {
     this.router.get("/", this.ensureCodeServerLoaded, this.$root)
-    this.router.get(/manifest.json$/, this.manifest)
+    this.router.get("/manifest.json", this.manifest)
     this.router.all("*", ensureAuthenticated, this.ensureCodeServerLoaded, this.$proxyRequest)
     this._wsRouterWrapper.ws("*", ensureAuthenticated, this.ensureCodeServerLoaded, this.$proxyWebsocket)
   }

src/node/socket.ts

@@ -1,6 +1,7 @@
 import { promises as fs } from "fs"
 import * as net from "net"
 import * as path from "path"
+import * as stream from "stream"
 import * as tls from "tls"
 import { Emitter } from "../common/emitter"
 import { generateUuid } from "../common/util"
@@ -27,10 +28,13 @@ export class SocketProxyProvider {
   }
 
   /**
-   * Create a socket proxy for TLS sockets. If it's not a TLS socket the
-   * original socket is returned. This will spawn a proxy server on demand.
+   * Create a socket proxy for TLS sockets. If it is not a TLS socket the
+   * original socket or stream is returned. This will spawn a proxy server on
+   * demand.
    */
-  public async createProxy(socket: net.Socket): Promise<net.Socket> {
+  public async createProxy(socket: tls.TLSSocket | net.Socket): Promise<net.Socket>
+  public async createProxy(socket: stream.Duplex): Promise<stream.Duplex>
+  public async createProxy(socket: tls.TLSSocket | net.Socket | stream.Duplex): Promise<net.Socket | stream.Duplex> {
     if (!(socket instanceof tls.TLSSocket)) {
       return socket
     }

src/node/wrapper.ts

@@ -292,14 +292,18 @@ export class ParentProcess extends Process {
     const child = this.spawn()
     this.child = child
 
-    // Log both to stdout and to the log directory.
+    // Log child output to stdout/stderr and to the log directory.
     if (child.stdout) {
-      child.stdout.pipe(this.logStdoutStream)
-      child.stdout.pipe(process.stdout)
+      child.stdout.on("data", (data) => {
+        this.logStdoutStream.write(data)
+        process.stdout.write(data)
+      })
     }
     if (child.stderr) {
-      child.stderr.pipe(this.logStderrStream)
-      child.stderr.pipe(process.stderr)
+      child.stderr.on("data", (data) => {
+        this.logStderrStream.write(data)
+        process.stderr.write(data)
+      })
     }
 
     this.logger.debug(`spawned inner process ${child.pid}`)
@@ -318,7 +322,6 @@ export class ParentProcess extends Process {
       env: {
         ...process.env,
         CODE_SERVER_PARENT_PID: process.pid.toString(),
-        NODE_OPTIONS: `--max-old-space-size=2048 ${process.env.NODE_OPTIONS || ""}`,
       },
       stdio: ["pipe", "pipe", "pipe", "ipc"],
     })

src/node/wsRouter.ts

@@ -8,13 +8,14 @@ export const handleUpgrade = (app: express.Express, server: http.Server): void =
   server.on("upgrade", (req, socket, head) => {
     socket.pause()
 
-    req.ws = socket
-    req.head = head
-    req._ws_handled = false
+    const wreq = req as InternalWebsocketRequest
+    wreq.ws = socket
+    wreq.head = head
+    wreq._ws_handled = false
 
     // Send the request off to be handled by Express.
-    ;(app as any).handle(req, new http.ServerResponse(req), () => {
-      if (!req._ws_handled) {
+    ;(app as any).handle(wreq, new http.ServerResponse(wreq), () => {
+      if (!wreq._ws_handled) {
         socket.end("HTTP/1.1 404 Not Found\r\n\r\n")
       }
     })

test/e2e/baseFixture.ts

@@ -1,4 +1,3 @@
-import { field, logger } from "@coder/logger"
 import { test as base } from "@playwright/test"
 import { CodeServer, CodeServerPage } from "./models/CodeServer"
 
@@ -11,14 +10,13 @@ import { CodeServer, CodeServerPage } from "./models/CodeServer"
  */
 export const describe = (
   name: string,
-  includeCredentials: boolean,
   codeServerArgs: string[],
   codeServerEnv: NodeJS.ProcessEnv,
   fn: (codeServer: CodeServer) => void,
 ) => {
   test.describe(name, () => {
     // This will spawn on demand so nothing is necessary on before.
-    const codeServer = new CodeServer(name, codeServerArgs, codeServerEnv)
+    const codeServer = new CodeServer(name, codeServerArgs, codeServerEnv, undefined)
 
     // Kill code-server after the suite has ended. This may happen even without
     // doing it explicitly but it seems prudent to be sure.
@@ -26,22 +24,10 @@ export const describe = (
       await codeServer.close()
     })
 
-    const storageState = JSON.parse(process.env.STORAGE || "{}")
-
-    // Sanity check to ensure the cookie is set.
-    const cookies = storageState?.cookies
-    if (includeCredentials && (!cookies || cookies.length !== 1 || !!cookies[0].key)) {
-      logger.error("no cookies", field("storage", JSON.stringify(cookies)))
-      throw new Error("no credentials to include")
-    }
-
     test.use({
       // Makes `codeServer` and `authenticated` available to the extend call
       // below.
       codeServer,
-      authenticated: includeCredentials,
-      // This provides a cookie that authenticates with code-server.
-      storageState: includeCredentials ? storageState : {},
       // NOTE@jsjoeio some tests use --cert which uses a self-signed certificate
       // without this option, those tests will fail.
       ignoreHTTPSErrors: true,
@@ -52,7 +38,6 @@ export const describe = (
 }
 
 interface TestFixtures {
-  authenticated: boolean
   codeServer: CodeServer
   codeServerPage: CodeServerPage
 }
@@ -62,15 +47,14 @@ interface TestFixtures {
  * ready.
  */
 export const test = base.extend<TestFixtures>({
-  authenticated: false,
   codeServer: undefined, // No default; should be provided through `test.use`.
-  codeServerPage: async ({ authenticated, codeServer, page }, use) => {
+  codeServerPage: async ({ codeServer, page }, use) => {
     // It's possible code-server might prevent navigation because of unsaved
     // changes (seems to happen based on timing even if no changes have been
     // made too). In these cases just accept.
     page.on("dialog", (d) => d.accept())
 
-    const codeServerPage = new CodeServerPage(codeServer, page, authenticated)
+    const codeServerPage = new CodeServerPage(codeServer, page)
     await codeServerPage.navigate()
     await use(codeServerPage)
   },

test/e2e/codeServer.test.ts

@@ -3,10 +3,11 @@ import { promises as fs } from "fs"
 import * as os from "os"
 import * as path from "path"
 import * as util from "util"
+import { getMaybeProxiedCodeServer } from "../utils/helpers"
 import { describe, test, expect } from "./baseFixture"
 import { CodeServer } from "./models/CodeServer"
 
-describe("code-server", true, [], {}, () => {
+describe("code-server", [], {}, () => {
   // TODO@asher: Generalize this?  Could be nice if we were to ever need
   // multiple migration tests in other suites.
   const instances = new Map<string, CodeServer>()
@@ -48,7 +49,8 @@ describe("code-server", true, [], {}, () => {
     const url = codeServerPage.page.url()
     // We use match because there may be a / at the end
     // so we don't want it to fail if we expect http://localhost:8080 to match http://localhost:8080/
-    expect(url).toMatch(await codeServerPage.address())
+    const address = await getMaybeProxiedCodeServer(codeServerPage)
+    expect(url).toMatch(address)
   })
 
   test("should always see the code-server editor", async ({ codeServerPage }) => {
@@ -70,7 +72,9 @@ describe("code-server", true, [], {}, () => {
   test("should migrate state to avoid collisions", async ({ codeServerPage }) => {
     // This can take a very long time in development because of how long pages
     // take to load and we are doing a lot of that here.
-    test.slow()
+    if (process.env.VSCODE_DEV === "1") {
+      test.slow()
+    }
 
     const dir = await codeServerPage.workspaceDir
     const files = [path.join(dir, "foo"), path.join(dir, "bar")]
@@ -90,6 +94,7 @@ describe("code-server", true, [], {}, () => {
     // domain and can write to the same database.
     const cs = await spawn("4.0.2", dir)
     const address = new URL(await cs.address())
+
     await codeServerPage.navigate("/proxy/" + address.port + "/")
     await codeServerPage.openFile(files[1])
     expect(await codeServerPage.tabIsVisible(files[0])).toBe(false)

test/e2e/downloads.test.ts

@@ -3,7 +3,7 @@ import * as path from "path"
 import { clean } from "../utils/helpers"
 import { describe, test, expect } from "./baseFixture"
 
-describe("Downloads (enabled)", true, [], {}, async () => {
+describe("Downloads (enabled)", [], {}, async () => {
   const testName = "downloads-enabled"
   test.beforeAll(async () => {
     await clean(testName)
@@ -25,7 +25,7 @@ describe("Downloads (enabled)", true, [], {}, async () => {
   })
 })
 
-describe("Downloads (disabled)", true, ["--disable-file-downloads"], {}, async () => {
+describe("Downloads (disabled)", ["--disable-file-downloads"], {}, async () => {
   const testName = "downloads-disabled"
   test.beforeAll(async () => {
     await clean(testName)

test/e2e/extensions.test.ts

@@ -1,23 +1,36 @@
 import * as path from "path"
-import { describe, test } from "./baseFixture"
+import { test as base } from "@playwright/test"
+import { describe, test, expect } from "./baseFixture"
+import { getMaybeProxiedCodeServer } from "../utils/helpers"
 
 function runTestExtensionTests() {
   // This will only work if the test extension is loaded into code-server.
   test("should have access to VSCODE_PROXY_URI", async ({ codeServerPage }) => {
-    const address = await codeServerPage.address()
+    const address = await getMaybeProxiedCodeServer(codeServerPage)
 
     await codeServerPage.executeCommandViaMenus("code-server: Get proxy URI")
 
-    await codeServerPage.page.waitForSelector(`text=${address}/proxy/{{port}}`)
+    const text = await codeServerPage.page.locator(".notification-list-item-message").textContent()
+    // Remove end slash in address
+    const normalizedAddress = address.replace(/\/+$/, "")
+    expect(text).toBe(`${normalizedAddress}/proxy/{{port}}`)
   })
 }
 
 const flags = ["--extensions-dir", path.join(__dirname, "./extensions")]
 
-describe("Extensions", true, flags, {}, () => {
+describe("Extensions", flags, {}, () => {
   runTestExtensionTests()
 })
 
-describe("Extensions with --cert", true, [...flags, "--cert"], {}, () => {
-  runTestExtensionTests()
-})
+if (process.env.USE_PROXY !== "1") {
+  describe("Extensions with --cert", [...flags, "--cert"], {}, () => {
+    runTestExtensionTests()
+  })
+} else {
+  base.describe("Extensions with --cert", () => {
+    base.skip("skipped because USE_PROXY is set", () => {
+      // Playwright will not show this without a function.
+    })
+  })
+}

test/e2e/github.test.ts

@@ -2,7 +2,7 @@ import { test as base } from "@playwright/test"
 import { describe, expect, test } from "./baseFixture"
 
 if (process.env.GITHUB_TOKEN) {
-  describe("GitHub token", true, [], {}, () => {
+  describe("GitHub token", [], {}, () => {
     test("should be logged in to pull requests extension", async ({ codeServerPage }) => {
       await codeServerPage.exec("git init")
       await codeServerPage.exec("git remote add origin https://github.com/coder/code-server")
@@ -16,7 +16,7 @@ if (process.env.GITHUB_TOKEN) {
     })
   })
 
-  describe("No GitHub token", true, [], { GITHUB_TOKEN: "" }, () => {
+  describe("No GitHub token", [], { GITHUB_TOKEN: "" }, () => {
     test("should not be logged in to pull requests extension", async ({ codeServerPage }) => {
       await codeServerPage.exec("git init")
       await codeServerPage.exec("git remote add origin https://github.com/coder/code-server")

test/e2e/globalSetup.test.ts

@@ -1,10 +0,0 @@
-import { describe, test, expect } from "./baseFixture"
-
-// This test is to make sure the globalSetup works as expected
-// meaning globalSetup ran and stored the storageState
-describe("globalSetup", true, [], {}, () => {
-  test("should keep us logged in using the storageState", async ({ codeServerPage }) => {
-    // Make sure the editor actually loaded
-    expect(await codeServerPage.isEditorVisible()).toBe(true)
-  })
-})

test/e2e/login.test.ts

@@ -1,7 +1,7 @@
 import { PASSWORD } from "../utils/constants"
 import { describe, test, expect } from "./baseFixture"
 
-describe("login", false, [], {}, () => {
+describe("login", ["--auth", "password"], {}, () => {
   test("should see the login page", async ({ codeServerPage }) => {
     // It should send us to the login page
     expect(await codeServerPage.page.title()).toBe("code-server login")

test/e2e/models/CodeServer.ts

@@ -4,10 +4,10 @@ import { promises as fs } from "fs"
 import * as path from "path"
 import { Page } from "playwright"
 import * as util from "util"
-import { logError, plural } from "../../../src/common/util"
+import { logError, normalize, plural } from "../../../src/common/util"
 import { onLine } from "../../../src/node/util"
 import { PASSWORD, workspaceDir } from "../../utils/constants"
-import { idleTimer, tmpdir } from "../../utils/helpers"
+import { getMaybeProxiedCodeServer, idleTimer, tmpdir } from "../../utils/helpers"
 
 interface CodeServerProcess {
   process: cp.ChildProcess
@@ -58,6 +58,7 @@ export class CodeServer {
       this.process = this.spawn()
     }
     const { address } = await this.process
+
     return address
   }
 
@@ -104,6 +105,8 @@ export class CodeServer {
         this.entry,
         "--extensions-dir",
         path.join(dir, "extensions"),
+        "--auth",
+        "none",
         ...this.args,
         // Using port zero will spawn on a random port.
         "--bind-addr",
@@ -124,6 +127,10 @@ export class CodeServer {
         env: {
           ...process.env,
           ...this.env,
+          // Set to empty string to prevent code-server from
+          // using the existing instance when running the e2e tests
+          // from an integrated terminal.
+          VSCODE_IPC_HOOK_CLI: "",
           PASSWORD,
         },
       })
@@ -183,6 +190,13 @@ export class CodeServer {
       proc.kill()
     }
   }
+
+  /**
+   * Whether or not authentication is enabled.
+   */
+  authEnabled(): boolean {
+    return this.args.includes("password")
+  }
 }
 
 /**
@@ -195,11 +209,7 @@ export class CodeServer {
 export class CodeServerPage {
   private readonly editorSelector = "div.monaco-workbench"
 
-  constructor(
-    private readonly codeServer: CodeServer,
-    public readonly page: Page,
-    private readonly authenticated: boolean,
-  ) {
+  constructor(private readonly codeServer: CodeServer, public readonly page: Page) {
     this.page.on("console", (message) => {
       this.codeServer.logger.debug(message.text())
     })
@@ -224,12 +234,16 @@ export class CodeServerPage {
    * editor to become available.
    */
   async navigate(endpoint = "/") {
-    const to = new URL(endpoint, await this.codeServer.address())
+    const address = await getMaybeProxiedCodeServer(this.codeServer)
+    const noramlizedUrl = normalize(address + endpoint, true)
+    const to = new URL(noramlizedUrl)
+
+    this.codeServer.logger.info(`navigating to ${to}`)
     await this.page.goto(to.toString(), { waitUntil: "networkidle" })
 
-    // Only reload editor if authenticated. Otherwise we'll get stuck
+    // Only reload editor if auth is not enabled. Otherwise we'll get stuck
     // reloading the login page.
-    if (this.authenticated) {
+    if (!this.codeServer.authEnabled()) {
       await this.reloadUntilEditorIsReady()
     }
   }
@@ -283,19 +297,31 @@ export class CodeServerPage {
   }
 
   /**
-   * Focuses Integrated Terminal
-   * by using "Terminal: Focus Terminal"
-   * from the Command Palette
+   * Focuses the integrated terminal by navigating through the command palette.
    *
-   * This should focus the terminal no matter
-   * if it already has focus and/or is or isn't
-   * visible already.
+   * This should focus the terminal no matter if it already has focus and/or is
+   * or isn't visible already.  It will always create a new terminal to avoid
+   * clobbering parallel tests.
    */
   async focusTerminal() {
-    await this.executeCommandViaMenus("Terminal: Focus Terminal")
+    const doFocus = async (): Promise<boolean> => {
+      await this.executeCommandViaMenus("Terminal: Create New Terminal")
+      try {
+        await this.page.waitForLoadState("load")
+        await this.page.waitForSelector("textarea.xterm-helper-textarea:focus-within", { timeout: 5000 })
+        return true
+      } catch (error) {
+        return false
+      }
+    }
 
-    // Wait for terminal textarea to show up
-    await this.page.waitForSelector("textarea.xterm-helper-textarea")
+    let attempts = 1
+    while (!(await doFocus())) {
+      ++attempts
+      this.codeServer.logger.debug(`no focused terminal textarea, retrying (${attempts}/∞)`)
+    }
+
+    this.codeServer.logger.debug(`opening terminal took ${attempts} ${plural(attempts, "attempt")}`)
   }
 
   /**
@@ -423,7 +449,7 @@ export class CodeServerPage {
     let context = new Context()
     while (!(await Promise.race([openThenWaitClose(context), navigate(context)]))) {
       ++attempts
-      logger.debug("closed, retrying (${attempt}/∞)")
+      logger.debug(`closed, retrying (${attempts}/∞)`)
       context.cancel()
       context = new Context()
     }

test/e2e/openHelpAbout.test.ts

@@ -1,12 +1,17 @@
+import { version } from "../../src/node/constants"
 import { describe, test, expect } from "./baseFixture"
 
-describe("Open Help > About", true, [], {}, () => {
+describe("Open Help > About", [], {}, () => {
   test("should see code-server version in about dialog", async ({ codeServerPage }) => {
     // Open using the menu.
     await codeServerPage.navigateMenus(["Help", "About"])
 
+    const isDevMode = process.env.VSCODE_DEV === "1"
+
     // Look for code-server info div.
-    const element = await codeServerPage.page.waitForSelector(`div[role="dialog"] >> text=code-server`)
+    const element = await codeServerPage.page.waitForSelector(
+      `div[role="dialog"] >> text=code-server: ${isDevMode ? "Unknown" : "v" + version}`,
+    )
     expect(element).not.toBeNull()
   })
 })

test/e2e/terminal.test.ts

@@ -1,10 +1,11 @@
 import * as cp from "child_process"
+import { promises as fs } from "fs"
 import * as path from "path"
 import util from "util"
-import { clean, tmpdir } from "../utils/helpers"
+import { clean, getMaybeProxiedCodeServer, tmpdir } from "../utils/helpers"
 import { describe, expect, test } from "./baseFixture"
 
-describe("Integrated Terminal", true, [], {}, () => {
+describe("Integrated Terminal", [], {}, () => {
   const testName = "integrated-terminal"
   test.beforeAll(async () => {
     await clean(testName)
@@ -21,13 +22,25 @@ describe("Integrated Terminal", true, [], {}, () => {
     // Open terminal and type in value
     await codeServerPage.focusTerminal()
 
-    await codeServerPage.page.waitForLoadState("load")
     await codeServerPage.page.keyboard.type(`printenv VSCODE_PROXY_URI > ${tmpFile}`)
     await codeServerPage.page.keyboard.press("Enter")
-    // It may take a second to process
-    await codeServerPage.page.waitForTimeout(1000)
 
     const { stdout } = await output
-    expect(stdout).toMatch(await codeServerPage.address())
+    const address = await getMaybeProxiedCodeServer(codeServerPage)
+    expect(stdout).toMatch(address)
+  })
+
+  test("should be able to invoke `code-server` to open a file", async ({ codeServerPage }) => {
+    const tmpFolderPath = await tmpdir(testName)
+    const tmpFile = path.join(tmpFolderPath, "test-file")
+    await fs.writeFile(tmpFile, "test")
+    const fileName = path.basename(tmpFile)
+
+    await codeServerPage.focusTerminal()
+
+    await codeServerPage.page.keyboard.type(`code-server ${tmpFile}`)
+    await codeServerPage.page.keyboard.press("Enter")
+
+    await codeServerPage.waitForTab(fileName)
   })
 })

test/integration/help.test.ts

@@ -0,0 +1,13 @@
+import { runCodeServerCommand } from "../utils/runCodeServerCommand"
+
+// NOTE@jsjoeio
+// We have this test to ensure that native modules
+// work as expected. If this is called on the wrong
+// platform, the test will fail.
+describe("--help", () => {
+  it("should list code-server usage", async () => {
+    const expectedOutput = "Usage: code-server [options] [path]"
+    const { stdout } = await runCodeServerCommand(["--help"])
+    expect(stdout).toMatch(expectedOutput)
+  }, 20000)
+})

test/integration/installExtension.test.ts

@@ -1,5 +1,3 @@
-import { stat } from "fs/promises"
-import path from "path"
 import { clean, tmpdir } from "../utils/helpers"
 import { runCodeServerCommand } from "../utils/runCodeServerCommand"
 
@@ -13,13 +11,11 @@ describe("--install-extension", () => {
     tempDir = await tmpdir(testName)
     setupFlags = ["--extensions-dir", tempDir]
   })
-  it("should install an extension", async () => {
-    const extName = `wesbos.theme-cobalt2-2.1.6`
-    const vsixFileName = "wesbos.theme-cobalt2-2.1.6.vsix"
-    const extensionFixture = path.resolve(`./test/integration/fixtures/${vsixFileName}`)
-    await runCodeServerCommand([...setupFlags, "--install-extension", extensionFixture])
-    const pathToExtFolder = path.join(tempDir, extName)
-    const statInfo = await stat(pathToExtFolder)
-    expect(statInfo.isDirectory()).toBe(true)
-  }, 20000)
+  it("should use EXTENSIONS_GALLERY when set", async () => {
+    const extName = `author.extension-1.0.0`
+    const { stderr } = await runCodeServerCommand([...setupFlags, "--install-extension", extName], {
+      EXTENSIONS_GALLERY: "{}",
+    })
+    expect(stderr).toMatch("No extension gallery service configured")
+  })
 })

test/integration/listExtensions.test.ts

@@ -1,30 +0,0 @@
-import extract from "extract-zip"
-import { rename } from "fs/promises"
-import path from "path"
-import { clean, tmpdir } from "../utils/helpers"
-import { runCodeServerCommand } from "../utils/runCodeServerCommand"
-
-describe("--list-extensions", () => {
-  const testName = "listExtensions"
-  const extName = `wesbos.theme-cobalt2`
-  const extVersion = "2.1.6"
-  const vsixFileName = `${extName}-${extVersion}.vsix`
-  let tempDir: string
-  let setupFlags: string[]
-
-  beforeEach(async () => {
-    await clean(testName)
-    tempDir = await tmpdir(testName)
-    setupFlags = ["--extensions-dir", tempDir]
-    const extensionFixture = path.resolve(`./test/integration/fixtures/${vsixFileName}`)
-    // Make folder because this is where we'll move the extension
-    const pathToUnpackedExtension = path.join(tempDir, `${extName}-${extVersion}`)
-    const tempPathToUnpackedExtension = path.join(tempDir, `${extName}-temp`)
-    await extract(extensionFixture, { dir: tempPathToUnpackedExtension })
-    await rename(path.join(tempPathToUnpackedExtension, "extension"), pathToUnpackedExtension)
-  })
-  it("should list installed extensions", async () => {
-    const { stdout } = await runCodeServerCommand([...setupFlags, "--list-extensions"])
-    expect(stdout).toMatch(extName)
-  }, 20000)
-})

test/playwright.config.ts

@@ -12,6 +12,8 @@ const config: PlaywrightTestConfig = {
   testDir: path.join(__dirname, "e2e"), // Search for tests in this directory.
   timeout: 60000, // Each test is given 60 seconds.
   retries: process.env.CI ? 2 : 1, // Retry in CI due to flakiness.
+  // Limit the number of failures on CI to save resources
+  maxFailures: process.env.CI ? 3 : undefined,
   globalSetup: require.resolve("./utils/globalE2eSetup.ts"),
   reporter: "list",
   // Put any shared options on the top level.

test/unit/node/update.test.ts

@@ -67,7 +67,7 @@ describe("update", () => {
 
     // Anything else is a 404.
     response.writeHead(404)
-    response.end("not found")
+    return response.end("not found")
   })
 
   let _settings: SettingsProvider<UpdateSettings> | undefined

test/utils/constants.ts

@@ -1,2 +1,4 @@
 export const PASSWORD = "e45432jklfdsab"
 export const workspaceDir = "workspaces"
+export const REVERSE_PROXY_BASE_PATH = process.env.CS_TEST_REVERSE_PROXY_BASE_PATH || "ide"
+export const REVERSE_PROXY_PORT = process.env.CS_TEST_REVERSE_PROXY_PORT || "8000"

test/utils/globalE2eSetup.ts

@@ -1,7 +1,4 @@
-import { Cookie } from "playwright"
-import { CookieKeys } from "../../src/common/http"
-import { hash } from "../../src/node/util"
-import { PASSWORD, workspaceDir } from "./constants"
+import { workspaceDir } from "./constants"
 import { clean } from "./helpers"
 import * as wtfnode from "./wtfnode"
 
@@ -20,25 +17,5 @@ export default async function () {
     wtfnode.setup()
   }
 
-  // TODO: Replace this with a call to code-server to get the cookie. To avoid
-  // too much overhead we can do an http POST request and avoid spawning a
-  // browser for it.
-  const cookies: Cookie[] = [
-    {
-      domain: "localhost",
-      expires: -1,
-      httpOnly: false,
-      name: CookieKeys.Session,
-      path: "/",
-      sameSite: "Lax",
-      secure: false,
-      value: await hash(PASSWORD),
-    },
-  ]
-
-  // Save storage state and store as an env variable
-  // More info: https://playwright.dev/docs/auth/#reuse-authentication-state
-  process.env.STORAGE = JSON.stringify({ cookies })
-
   console.log("✅ Global Setup for Playwright End-to-End Tests is now complete.")
 }

test/utils/helpers.ts

@@ -3,6 +3,8 @@ import { promises as fs } from "fs"
 import * as net from "net"
 import * as os from "os"
 import * as path from "path"
+import { CodeServer, CodeServerPage } from "../e2e/models/CodeServer"
+import { REVERSE_PROXY_PORT, REVERSE_PROXY_BASE_PATH } from "./constants"
 
 /**
  * Spy on the logger and console and replace with mock implementations to
@@ -119,3 +121,18 @@ export function isAddressInfo(address: unknown): address is net.AddressInfo {
     (address as net.AddressInfo).address !== undefined
   )
 }
+
+/**
+ * If using a proxy, return the address of the proxy.
+ *
+ * Otherwise, return the direct address of code-server.
+ */
+export async function getMaybeProxiedCodeServer(codeServer: CodeServerPage | CodeServer): Promise<string> {
+  const address = await codeServer.address()
+  if (process.env.USE_PROXY === "1") {
+    const uri = new URL(address)
+    return `http://${uri.hostname}:${REVERSE_PROXY_PORT}/${uri.port}/${REVERSE_PROXY_BASE_PATH}/`
+  }
+
+  return address
+}

test/utils/runCodeServerCommand.ts

@@ -6,9 +6,14 @@ import { promisify } from "util"
  *
  * A helper function for integration tests to run code-server commands.
  */
-export async function runCodeServerCommand(argv: string[]): Promise<{ stdout: string; stderr: string }> {
+export async function runCodeServerCommand(
+  argv: string[],
+  env?: NodeJS.ProcessEnv,
+): Promise<{ stdout: string; stderr: string }> {
   const CODE_SERVER_COMMAND = process.env.CODE_SERVER_PATH || path.resolve("../../release-standalone/bin/code-server")
-  const { stdout, stderr } = await promisify(exec)(`${CODE_SERVER_COMMAND} ${argv.join(" ")}`)
+  const { stdout, stderr } = await promisify(exec)(`${CODE_SERVER_COMMAND} ${argv.join(" ")}`, {
+    env: { ...process.env, ...env },
+  })
 
   return { stdout, stderr }
 }

typings/pluginapi.d.ts

@@ -5,7 +5,7 @@ import { field, Level, Logger } from "@coder/logger"
 import * as express from "express"
 import * as expressCore from "express-serve-static-core"
 import ProxyServer from "http-proxy"
-import * as net from "net"
+import * as stream from "stream"
 import Websocket from "ws"
 
 /**
@@ -97,7 +97,7 @@ export declare class HttpError extends Error {
 }
 
 export interface WebsocketRequest extends express.Request {
-  ws: net.Socket
+  ws: stream.Duplex
   head: Buffer
 }
 

yarn.lock

@@ -369,9 +369,9 @@
     "@types/express" "*"
 
 "@types/express-serve-static-core@^4.17.18":
-  version "4.17.19"
-  resolved "https://registry.yarnpkg.com/@types/express-serve-static-core/-/express-serve-static-core-4.17.19.tgz#00acfc1632e729acac4f1530e9e16f6dd1508a1d"
-  integrity sha512-DJOSHzX7pCiSElWaGR8kCprwibCB/3yW6vcT8VG3P0SJjnv19gnWG/AZMfM60Xj/YJIp/YCaDHyvzsFVeniARA==
+  version "4.17.30"
+  resolved "https://registry.yarnpkg.com/@types/express-serve-static-core/-/express-serve-static-core-4.17.30.tgz#0f2f99617fa8f9696170c46152ccf7500b34ac04"
+  integrity sha512-gstzbTWro2/nFed1WXtf+TtrpwxH7Ggs4RLYTLbeVgIkUQOI3WG/JKjgeOU1zXDvezllupjrf8OPIdvTbIaVOQ==
   dependencies:
     "@types/node" "*"
     "@types/qs" "*"
@@ -426,10 +426,10 @@
   resolved "https://registry.yarnpkg.com/@types/minimist/-/minimist-1.2.1.tgz#283f669ff76d7b8260df8ab7a4262cc83d988256"
   integrity sha512-fZQQafSREFyuZcdWFAExYjBiCL7AUCdgsk80iO0q4yihYYdcIiH28CcuPTGFgLOCC8RlW49GSQxdHwZP+I7CNg==
 
-"@types/node@*", "@types/node@^14.17.1":
-  version "14.17.6"
-  resolved "https://registry.yarnpkg.com/@types/node/-/node-14.17.6.tgz#cc61c8361c89e70c468cda464d1fa3dd7e5ebd62"
-  integrity sha512-iBxsxU7eswQDGhlr3AiamBxOssaYxbM+NKXVil8jg9yFXvrfEFbDumLD/2dMTB+zYyg7w+Xjt8yuxfdbUHAtcQ==
+"@types/node@*", "@types/node@^16.0.0":
+  version "16.11.41"
+  resolved "https://registry.yarnpkg.com/@types/node/-/node-16.11.41.tgz#88eb485b1bfdb4c224d878b7832239536aa2f813"
+  integrity sha512-mqoYK2TnVjdkGk8qXAVGc/x9nSaTpSrFaGFm43BUH3IdoBV0nta6hYaGmdOvIMlbHJbUEVen3gvwpwovAZKNdQ==
 
 "@types/normalize-package-data@^2.4.0":
   version "2.4.0"
@@ -500,10 +500,10 @@
   resolved "https://registry.yarnpkg.com/@types/unist/-/unist-2.0.3.tgz#9c088679876f374eb5983f150d4787aa6fb32d7e"
   integrity sha512-FvUupuM3rlRsRtCN+fDudtmytGO6iHJuuRKS1Ss0pG5z8oX0diNEw94UEL7hgDbpN94rgaK5R7sWm6RrSkZuAQ==
 
-"@types/ws@^8.0.0":
-  version "8.2.0"
-  resolved "https://registry.yarnpkg.com/@types/ws/-/ws-8.2.0.tgz#75faefbe2328f3b833cb8dc640658328990d04f3"
-  integrity sha512-cyeefcUCgJlEk+hk2h3N+MqKKsPViQgF5boi9TTHSK+PoR9KWBb/C5ccPcDyAqgsbAYHTwulch725DV84+pSpg==
+"@types/ws@^8.5.3":
+  version "8.5.3"
+  resolved "https://registry.yarnpkg.com/@types/ws/-/ws-8.5.3.tgz#7d25a1ffbecd3c4f2d35068d0b283c037003274d"
+  integrity sha512-6YOoWjruKj1uLf3INHH7D3qTXwFfEsg1kf3c0uDdSBJwfa/llkwIjrAGV7j7mVgGNbzTQ3HiHKKDXl6bJPD97w==
   dependencies:
     "@types/node" "*"
 
@@ -2032,12 +2032,12 @@ get-uri@3:
     fs-extra "^8.1.0"
     ftp "^0.3.10"
 
-glob-parent@^5.1.0, glob-parent@^5.1.2:
-  version "5.1.2"
-  resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-5.1.2.tgz#869832c58034fe68a4093c17dc15e8340d8401c4"
-  integrity sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==
+glob-parent@^5.1.0, glob-parent@^5.1.2, glob-parent@^6.0.1:
+  version "6.0.2"
+  resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-6.0.2.tgz#6d237d99083950c79290f24c7642a3de9a28f9e3"
+  integrity sha512-XxwI8EOhVQgWp6iDL+3b0r86f4d6AX6zSU55HfB4ydCEuXLXc5FcYeOu+nnGftS4TEju/11rt4KJPTMgbfmv4A==
   dependencies:
-    is-glob "^4.0.1"
+    is-glob "^4.0.3"
 
 glob@^7.1.3:
   version "7.1.6"