mirror of
https://github.com/coder/code-server.git
synced 2026-04-14 15:19:07 -05:00
Compare commits
13 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
c36b2d3edd | ||
|
|
3b7634c578 | ||
|
|
ec0899a81b | ||
|
|
bbf2e24648 | ||
|
|
9045919d2b | ||
|
|
cb29e65982 | ||
|
|
7eb8f4be87 | ||
|
|
cd4d1b614d | ||
|
|
5051c0f9e4 | ||
|
|
b07335a0f1 | ||
|
|
e3c09efcbc | ||
|
|
e0c960b30e | ||
|
|
55b311a954 |
6
.github/workflows/publish.yaml
vendored
6
.github/workflows/publish.yaml
vendored
@@ -33,7 +33,7 @@ jobs:
|
||||
node-version-file: .node-version
|
||||
|
||||
- name: Download npm package from release artifacts
|
||||
uses: robinraju/release-downloader@v1.11
|
||||
uses: robinraju/release-downloader@v1.12
|
||||
with:
|
||||
repository: "coder/code-server"
|
||||
tag: ${{ github.event.inputs.version || github.ref_name }}
|
||||
@@ -176,7 +176,7 @@ jobs:
|
||||
echo "VERSION=${TAG#v}" >> $GITHUB_ENV
|
||||
|
||||
- name: Download deb artifacts
|
||||
uses: robinraju/release-downloader@v1.11
|
||||
uses: robinraju/release-downloader@v1.12
|
||||
with:
|
||||
repository: "coder/code-server"
|
||||
tag: v${{ env.VERSION }}
|
||||
@@ -184,7 +184,7 @@ jobs:
|
||||
out-file-path: "release-packages"
|
||||
|
||||
- name: Download rpm artifacts
|
||||
uses: robinraju/release-downloader@v1.11
|
||||
uses: robinraju/release-downloader@v1.12
|
||||
with:
|
||||
repository: "coder/code-server"
|
||||
tag: v${{ env.VERSION }}
|
||||
|
||||
2
.github/workflows/security.yaml
vendored
2
.github/workflows/security.yaml
vendored
@@ -51,7 +51,7 @@ jobs:
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Run Trivy vulnerability scanner in repo mode
|
||||
uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0
|
||||
uses: aquasecurity/trivy-action@6c175e9c4083a92bbca2f9724c8a5e33bc2d97a5
|
||||
with:
|
||||
scan-type: "fs"
|
||||
scan-ref: "."
|
||||
|
||||
2
.github/workflows/trivy-docker.yaml
vendored
2
.github/workflows/trivy-docker.yaml
vendored
@@ -51,7 +51,7 @@ jobs:
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Run Trivy vulnerability scanner in image mode
|
||||
uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0
|
||||
uses: aquasecurity/trivy-action@6c175e9c4083a92bbca2f9724c8a5e33bc2d97a5
|
||||
with:
|
||||
image-ref: "docker.io/codercom/code-server:latest"
|
||||
ignore-unfixed: true
|
||||
|
||||
16
CHANGELOG.md
16
CHANGELOG.md
@@ -22,6 +22,22 @@ Code v99.99.999
|
||||
|
||||
## Unreleased
|
||||
|
||||
## [4.99.2](https://github.com/coder/code-server/releases/tag/v4.99.2) - 2025-04-10
|
||||
|
||||
Code v1.99.2
|
||||
|
||||
### Changed
|
||||
|
||||
- Update to Code 1.99.2.
|
||||
|
||||
## [4.99.1](https://github.com/coder/code-server/releases/tag/v4.99.1) - 2025-04-08
|
||||
|
||||
Code v1.99.1
|
||||
|
||||
### Changed
|
||||
|
||||
- Update to Code 1.99.1.
|
||||
|
||||
## [4.99.0](https://github.com/coder/code-server/releases/tag/v4.99.0) - 2025-04-07
|
||||
|
||||
Code v1.99.0
|
||||
|
||||
@@ -15,9 +15,9 @@ type: application
|
||||
# This is the chart version. This version number should be incremented each time you make changes
|
||||
# to the chart and its templates, including the app version.
|
||||
# Versions are expected to follow Semantic Versioning (https://semver.org/)
|
||||
version: 3.26.0
|
||||
version: 3.26.2
|
||||
|
||||
# This is the version number of the application being deployed. This version number should be
|
||||
# incremented each time you make changes to the application. Versions are not expected to
|
||||
# follow Semantic Versioning. They should reflect the version the application is using.
|
||||
appVersion: 4.99.0
|
||||
appVersion: 4.99.2
|
||||
|
||||
@@ -6,7 +6,7 @@ replicaCount: 1
|
||||
|
||||
image:
|
||||
repository: codercom/code-server
|
||||
tag: '4.99.0'
|
||||
tag: '4.99.2'
|
||||
pullPolicy: Always
|
||||
|
||||
# Specifies one or more secrets to be used when pulling images from a
|
||||
|
||||
@@ -121,7 +121,7 @@ access code-server on an iPad or do not want to use SSH port forwarding.
|
||||
|
||||
1. You'll need a domain name (if you don't have one, you can purchase one from
|
||||
[Google Domains](https://domains.google.com) or the domain service of your
|
||||
choice)). Once you have a domain name, add an A record to your domain that contains your
|
||||
choice). Once you have a domain name, add an A record to your domain that contains your
|
||||
instance's IP address.
|
||||
|
||||
1. Install [Caddy](https://caddyserver.com/docs/download#debian-ubuntu-raspbian):
|
||||
@@ -168,7 +168,7 @@ At this point, you should be able to access code-server via
|
||||
|
||||
1. You'll need a domain name (if you don't have one, you can purchase one from
|
||||
[Google Domains](https://domains.google.com) or the domain service of your
|
||||
choice)). Once you have a domain name, add an A record to your domain that contains your
|
||||
choice). Once you have a domain name, add an A record to your domain that contains your
|
||||
instance's IP address.
|
||||
|
||||
1. Install NGINX:
|
||||
|
||||
Submodule lib/vscode updated: 7c6fdfb0b8...17baf84113
574
package-lock.json
generated
574
package-lock.json
generated
File diff suppressed because it is too large
Load Diff
@@ -84,6 +84,7 @@ export interface UserProvidedArgs extends UserProvidedCodeArgs {
|
||||
"trusted-origins"?: string[]
|
||||
version?: boolean
|
||||
"proxy-domain"?: string[]
|
||||
"skip-auth-preflight"?: boolean
|
||||
"reuse-window"?: boolean
|
||||
"new-window"?: boolean
|
||||
"ignore-last-opened"?: boolean
|
||||
@@ -252,6 +253,10 @@ export const options: Options<Required<UserProvidedArgs>> = {
|
||||
description: "GitHub authentication token (can only be passed in via $GITHUB_TOKEN or the config file).",
|
||||
},
|
||||
"proxy-domain": { type: "string[]", description: "Domain used for proxying ports." },
|
||||
"skip-auth-preflight": {
|
||||
type: "boolean",
|
||||
description: "Allows preflight requests through proxy without authentication.",
|
||||
},
|
||||
"ignore-last-opened": {
|
||||
type: "boolean",
|
||||
short: "e",
|
||||
|
||||
@@ -163,6 +163,9 @@ export const runCodeServer = async (
|
||||
logger.info(` - ${plural(args["proxy-domain"].length, "Proxying the following domain")}:`)
|
||||
args["proxy-domain"].forEach((domain) => logger.info(` - ${domain}`))
|
||||
}
|
||||
if (args["skip-auth-preflight"]) {
|
||||
logger.info(" - Skipping authentication for preflight requests")
|
||||
}
|
||||
if (process.env.VSCODE_PROXY_URI) {
|
||||
logger.info(`Using proxy URI in PORTS tab: ${process.env.VSCODE_PROXY_URI}`)
|
||||
}
|
||||
|
||||
@@ -61,6 +61,11 @@ router.all(/.*/, async (req, res, next) => {
|
||||
|
||||
ensureProxyEnabled(req)
|
||||
|
||||
if (req.method === "OPTIONS" && req.args["skip-auth-preflight"]) {
|
||||
// Allow preflight requests with `skip-auth-preflight` flag
|
||||
return next()
|
||||
}
|
||||
|
||||
// Must be authenticated to use the proxy.
|
||||
const isAuthenticated = await authenticated(req)
|
||||
if (!isAuthenticated) {
|
||||
|
||||
@@ -26,7 +26,9 @@ export async function proxy(
|
||||
): Promise<void> {
|
||||
ensureProxyEnabled(req)
|
||||
|
||||
if (!(await authenticated(req))) {
|
||||
if (req.method === "OPTIONS" && req.args["skip-auth-preflight"]) {
|
||||
// Allow preflight requests with `skip-auth-preflight` flag
|
||||
} else if (!(await authenticated(req))) {
|
||||
// If visiting the root (/:port only) redirect to the login page.
|
||||
if (!req.params.path || req.params.path === "/") {
|
||||
const to = self(req)
|
||||
|
||||
@@ -108,6 +108,8 @@ describe("parser", () => {
|
||||
|
||||
["--abs-proxy-base-path", "/codeserver/app1"],
|
||||
|
||||
"--skip-auth-preflight",
|
||||
|
||||
["--session-socket", "/tmp/override-code-server-ipc-socket"],
|
||||
|
||||
["--host", "0.0.0.0"],
|
||||
@@ -146,6 +148,7 @@ describe("parser", () => {
|
||||
"bind-addr": "192.169.0.1:8080",
|
||||
"session-socket": "/tmp/override-code-server-ipc-socket",
|
||||
"abs-proxy-base-path": "/codeserver/app1",
|
||||
"skip-auth-preflight": true,
|
||||
})
|
||||
})
|
||||
|
||||
|
||||
@@ -268,6 +268,21 @@ describe("proxy", () => {
|
||||
const text = await resp.text()
|
||||
expect(text).toBe("app being served behind a prefixed path")
|
||||
})
|
||||
|
||||
it("should not allow OPTIONS without authentication by default", async () => {
|
||||
process.env.PASSWORD = "test"
|
||||
codeServer = await integration.setup(["--auth=password"])
|
||||
const resp = await codeServer.fetch(proxyPath, { method: "OPTIONS" })
|
||||
expect(resp.status).toBe(401)
|
||||
})
|
||||
|
||||
it("should allow OPTIONS with `skip-auth-preflight` flag", async () => {
|
||||
process.env.PASSWORD = "test"
|
||||
codeServer = await integration.setup(["--auth=password", "--skip-auth-preflight"])
|
||||
e.post("/wsup", (req, res) => {})
|
||||
const resp = await codeServer.fetch(proxyPath, { method: "OPTIONS" })
|
||||
expect(resp.status).toBe(200)
|
||||
})
|
||||
})
|
||||
|
||||
// NOTE@jsjoeio
|
||||
|
||||
Reference in New Issue
Block a user