chore: bump softprops/action-gh-release from 1 to 3

Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release) from 1 to 3.
- [Release notes](https://github.com/softprops/action-gh-release/releases)
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md)
- [Commits](de2c0eb89a...b430933298)

---
updated-dependencies:
- dependency-name: softprops/action-gh-release
  dependency-version: '3'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

.github/workflows/build.yaml

@@ -25,8 +25,8 @@ jobs:
       docs: ${{ steps.filter.outputs.docs }}
       helm: ${{ steps.filter.outputs.helm }}
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-      - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3
+      - uses: dorny/paths-filter@d1c1ffe0248fe513906c8e24db8ea791d46f8590 # v3
         id: filter
         with:
           filters: |
@@ -55,8 +55,8 @@ jobs:
     name: Run prettier check
     runs-on: ubuntu-22.04
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-      - uses: actions/setup-node@v6
+      - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6
         with:
           node-version-file: .node-version
           cache: npm
@@ -72,8 +72,8 @@ jobs:
     needs: changes
     if: needs.changes.outputs.docs == 'true'
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-      - uses: actions/setup-node@v6
+      - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6
         with:
           node-version-file: .node-version
           cache: npm
@@ -89,7 +89,7 @@ jobs:
     needs: changes
     if: needs.changes.outputs.helm == 'true'
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
       - uses: azure/setup-helm@dda3372f752e03dde6b3237bc9431cdc2f7a02a2 # v5.0.0
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
@@ -103,8 +103,8 @@ jobs:
     needs: changes
     if: needs.changes.outputs.code == 'true'
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-      - uses: actions/setup-node@v6
+      - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6
         with:
           node-version-file: .node-version
           cache: npm
@@ -121,7 +121,7 @@ jobs:
     if: needs.changes.outputs.ci == 'true'
     steps:
       - name: Checkout repo
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
       - name: Check workflow files
         run: |
           bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash) 1.7.9
@@ -134,8 +134,8 @@ jobs:
     needs: changes
     if: needs.changes.outputs.code == 'true'
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-      - uses: actions/setup-node@v6
+      - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6
         with:
           node-version-file: .node-version
           cache: npm
@@ -144,7 +144,7 @@ jobs:
             test/package-lock.json
       - run: SKIP_SUBMODULE_DEPS=1 npm ci
       - run: npm run test:unit
-      - uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v5
+      - uses: codecov/codecov-action@75cd11691c0faa626561e295848008c8a7dddffe # v5
         if: success()
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
@@ -163,16 +163,16 @@ jobs:
 
     steps:
       - run: sudo apt update && sudo apt install -y libkrb5-dev
-      - uses: awalsh128/cache-apt-pkgs-action@acb598e5ddbc6f68a970c5da0688d2f3a9f04d05 # latest
+      - uses: awalsh128/cache-apt-pkgs-action@2c09a5e66da6c8016428a2172bd76e5e4f14bb17 # latest
         with:
           packages: quilt
           version: 1.0
 
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
         with:
           submodules: true
       - run: quilt push -a
-      - uses: actions/setup-node@v6
+      - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6
         with:
           node-version-file: .node-version
           cache: npm
@@ -191,7 +191,7 @@ jobs:
       # embedded into the code).  Use VSCODE_CACHE_VERSION to force a rebuild.
       - name: Fetch prebuilt linux-x64 Code package from cache
         id: cache-vscode
-        uses: actions/cache@v4
+        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4
         with:
           path: lib/vscode-reh-web-linux-x64
           key: vscode-linux-x64-package-${{ secrets.VSCODE_CACHE_VERSION }}-${{ steps.vscode-rev.outputs.rev }}-${{ hashFiles('patches/*.diff', 'ci/build/build-vscode.sh') }}
@@ -205,7 +205,7 @@ jobs:
       # Push up an artifact containing the linux-x64 release.
       - run: KEEP_MODULES=1 npm run release
       - run: tar -czf package.tar.gz release
-      - uses: actions/upload-artifact@v7
+      - uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7
         with:
           name: linux-x64-package
           path: ./package.tar.gz
@@ -213,12 +213,14 @@ jobs:
   test-e2e:
     name: Run e2e tests
     runs-on: ubuntu-22.04
+    env:
+      LOG_LEVEL: debug
     needs: [changes, build]
     if: needs.changes.outputs.code == 'true' || needs.changes.outputs.deps == 'true' || needs.changes.outputs.ci == 'true'
 
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-      - uses: actions/setup-node@v6
+      - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6
         with:
           node-version-file: .node-version
           cache: npm
@@ -231,13 +233,13 @@ jobs:
           ./test/node_modules/.bin/playwright install-deps
           ./test/node_modules/.bin/playwright install
 
-      - uses: actions/download-artifact@v8
+      - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8
         with:
           name: linux-x64-package
       - run: tar -xzf package.tar.gz
 
       - run: CODE_SERVER_TEST_ENTRY=./release npm run test:e2e
-      - uses: actions/upload-artifact@v7
+      - uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7
         if: always()
         with:
           name: failed-test-videos
@@ -248,12 +250,13 @@ jobs:
     runs-on: ubuntu-22.04
     env:
       GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      LOG_LEVEL: debug
     needs: [changes, build]
     if: needs.changes.outputs.code == 'true' || needs.changes.outputs.deps == 'true' || needs.changes.outputs.ci == 'true'
 
     steps:
       - name: Cache Caddy
-        uses: actions/cache@v4
+        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4
         id: caddy-cache
         with:
           path: |
@@ -266,8 +269,8 @@ jobs:
           mkdir -p ~/.cache/caddy
           tar -xzf caddy_2.5.2_linux_amd64.tar.gz --directory ~/.cache/caddy
 
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-      - uses: actions/setup-node@v6
+      - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6
         with:
           node-version-file: .node-version
           cache: npm
@@ -280,7 +283,7 @@ jobs:
           ./test/node_modules/.bin/playwright install-deps
           ./test/node_modules/.bin/playwright install
 
-      - uses: actions/download-artifact@v8
+      - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8
         with:
           name: linux-x64-package
       - run: tar -xzf package.tar.gz
@@ -289,7 +292,7 @@ jobs:
       - run: CODE_SERVER_TEST_ENTRY=./release npm run test:e2e:proxy
       - run: ~/.cache/caddy/caddy stop --config ./ci/Caddyfile
         if: always()
-      - uses: actions/upload-artifact@v7
+      - uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7
         if: always()
         with:
           name: failed-test-videos-proxy

.github/workflows/installer.yaml

@@ -30,7 +30,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repo
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
       - name: Install code-server
         run: ./install.sh
@@ -44,7 +44,7 @@ jobs:
     container: "alpine:3.17"
     steps:
       - name: Checkout repo
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
       - name: Install curl
         run: apk add curl
@@ -67,7 +67,7 @@ jobs:
 
     steps:
       - name: Checkout repo
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
       - name: Install code-server
         run: ./install.sh

.github/workflows/publish.yaml

@@ -33,8 +33,8 @@ jobs:
         run: |
           echo "VERSION=${TAG#v}" >> $GITHUB_ENV
 
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-      - uses: actions/setup-node@v6
+      - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6
         with:
           node-version-file: .node-version
 
@@ -64,23 +64,24 @@ jobs:
           echo "VERSION=${TAG#v}" >> $GITHUB_ENV
 
       - name: Checkout code-server-aur repo
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
         with:
           repository: "cdrci/code-server-aur"
           token: ${{ secrets.HOMEBREW_GITHUB_API_TOKEN }}
           ref: "master"
 
-      - name: Merge in master
-        run: |
-          git remote add upstream https://github.com/coder/code-server-aur.git
-          git fetch upstream
-          git merge upstream/master
-
       - name: Configure git
         run: |
           git config --global user.name cdrci
           git config --global user.email opensource@coder.com
 
+      - name: Fetch and reset master
+        run: |
+          git remote add upstream https://github.com/coder/code-server-aur.git
+          git fetch upstream
+          git reset --hard upstream/master
+          git push --force
+
       - name: Validate package
         uses: heyhusen/archlinux-package-action@c9f94059ccbebe8710d31d582f33ef4e84fe575c # v3.0.0
         with:
@@ -107,7 +108,7 @@ jobs:
         run: |
           echo "VERSION=${TAG#v}" >> $GITHUB_ENV
 
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
       - uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4.0.0
       - uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
 
@@ -135,3 +136,32 @@ jobs:
           out-file-path: "release-packages"
 
       - run: npm run publish:docker
+
+  repo:
+    runs-on: ubuntu-latest
+    env:
+      GH_TOKEN: ${{ secrets.HOMEBREW_GITHUB_API_TOKEN }}
+      TAG: ${{ inputs.version || github.ref_name }}
+    needs: docker
+
+    steps:
+      - name: Set version to tag without leading v
+        run: |
+          echo "VERSION=${TAG#v}" >> $GITHUB_ENV
+
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+
+      - run: ./ci/build/update-repo.sh
+
+      - name: Open PR
+        run: |
+          git config --global user.name cdrci
+          git config --global user.email opensource@coder.com
+          git checkout -b "helm/$VERSION"
+          git add .
+          git commit -m "Update to $VERSION"
+          git push -u origin "$(git branch --show)"
+          gh pr create \
+            --repo coder/code-server \
+            --body-file .cache/checklist \
+            --title "Update to $VERSION"

.github/workflows/release.yaml

@@ -6,6 +6,11 @@ on:
       version:
         type: string
         required: true
+  pull_request_target:
+    types:
+      - closed
+    branches:
+      - "update/**"
 
 permissions:
   contents: write # For creating releases.
@@ -21,6 +26,7 @@ jobs:
   package-linux:
     name: ${{ format('linux-{0}', matrix.vscode_arch) }}
     runs-on: ubuntu-22.04
+    if: github.event_name == 'workflow_dispatch' || github.event.pull_request.merged == true
 
     strategy:
       matrix:
@@ -39,7 +45,7 @@ jobs:
       GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
       ELECTRON_SKIP_BINARY_DOWNLOAD: 1
       PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1
-      TAG: ${{ inputs.version || github.ref_name }}
+      TAG: ${{ inputs.version || github.event.pull_request.head.ref || github.ref_name }}
       # Set release package name.
       ARCH: ${{ matrix.package_arch }}
       # Cross-compile target.
@@ -54,7 +60,7 @@ jobs:
 
     steps:
       - run: sudo apt update && sudo apt install -y libkrb5-dev
-      - uses: awalsh128/cache-apt-pkgs-action@acb598e5ddbc6f68a970c5da0688d2f3a9f04d05 # latest
+      - uses: awalsh128/cache-apt-pkgs-action@2c09a5e66da6c8016428a2172bd76e5e4f14bb17 # latest
         with:
           packages: quilt
           version: 1.0
@@ -64,15 +70,16 @@ jobs:
           curl -sSfL https://github.com/goreleaser/nfpm/releases/download/v2.3.1/nfpm_2.3.1_`uname -s`_`uname -m`.tar.gz | tar -C ~/.local/bin -zxv nfpm
           echo "$HOME/.local/bin" >> $GITHUB_PATH
 
-      - name: Set version to tag without leading v
+      - name: Strip update/ and v from tag
         run: |
-          echo "VERSION=${TAG#v}" >> $GITHUB_ENV
+          version=${TAG#update/}
+          echo "VERSION=${version#v}" >> $GITHUB_ENV
 
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
         with:
           submodules: true
       - run: quilt push -a
-      - uses: actions/setup-node@v6
+      - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6
         with:
           node-version-file: .node-version
           cache: npm
@@ -99,25 +106,34 @@ jobs:
         if: ${{ matrix.vscode_arch == 'x64' }}
       - run: tar -czf package.tar.gz release
         if: ${{ matrix.vscode_arch == 'x64' }}
-      - uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v1
+      - run: |
+          sed "/^## Unreleased/,/^## / ! d" CHANGELOG.md | head -n -2 | tail -n +3 > .cache/release-notes
+        if: ${{ matrix.vscode_arch == 'x64' }}
+      - uses: softprops/action-gh-release@b4309332981a82ec1c5618f44dd2e27cc8bfbfda # v3.0.0
         if: ${{ matrix.vscode_arch == 'x64' }}
         with:
           draft: true
           discussion_category_name: "📣 Announcements"
           files: package.tar.gz
+          tag_name: v${{ env.VERSION }}
+          name: v${{ env.VERSION }}
+          body: .cache/release-notes
 
       # Platform-specific release.
       - run: KEEP_MODULES=1 npm run release
       - run: npm run package
-      - uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v1
+      - uses: softprops/action-gh-release@b4309332981a82ec1c5618f44dd2e27cc8bfbfda # v3.0.0
         with:
           draft: true
           discussion_category_name: "📣 Announcements"
           files: ./release-packages/*
+          tag_name: v${{ env.VERSION }}
+          name: v${{ env.VERSION }}
 
   package-macos:
     name: ${{ matrix.vscode_target }}
     runs-on: ${{ matrix.os }}
+    if: github.event_name == 'workflow_dispatch' || github.event.pull_request_merged == true
     strategy:
       matrix:
         include:
@@ -144,15 +160,16 @@ jobs:
           curl -sSfL https://github.com/goreleaser/nfpm/releases/download/v2.3.1/nfpm_2.3.1_`uname -s`_`uname -m`.tar.gz | tar -C ~/.local/bin -zxv nfpm
           echo "$HOME/.local/bin" >> $GITHUB_PATH
 
-      - name: Set version to tag without leading v
+      - name: Strip update/ and v from tag
         run: |
-          echo "VERSION=${TAG#v}" >> $GITHUB_ENV
+          version=${TAG#update/}
+          echo "VERSION=${version#v}" >> $GITHUB_ENV
 
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
         with:
           submodules: true
       - run: quilt push -a
-      - uses: actions/setup-node@v6
+      - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6
         with:
           node-version-file: .node-version
           cache: npm
@@ -167,8 +184,10 @@ jobs:
       - run: npm run test:native
 
       - run: npm run package
-      - uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v1
+      - uses: softprops/action-gh-release@b4309332981a82ec1c5618f44dd2e27cc8bfbfda # v3.0.0
         with:
           draft: true
           discussion_category_name: "📣 Announcements"
           files: ./release-packages/*
+          tag_name: v${{ env.VERSION }}
+          name: v${{ env.VERSION }}

.github/workflows/scripts.yaml

@@ -41,7 +41,7 @@ jobs:
     container: "alpine:3.17"
     steps:
       - name: Checkout repo
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
       - name: Install test utilities
         run: apk add bats checkbashisms
@@ -58,7 +58,7 @@ jobs:
     timeout-minutes: 5
     steps:
       - name: Checkout repo
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
       - name: Install lint utilities
         run: sudo apt install shellcheck

.github/workflows/security.yaml

@@ -25,12 +25,12 @@ jobs:
     timeout-minutes: 15
     steps:
       - name: Checkout repo
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
         with:
           fetch-depth: 0
 
       - name: Install Node.js
-        uses: actions/setup-node@v6
+        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6
         with:
           node-version-file: .node-version
 
@@ -46,12 +46,12 @@ jobs:
     runs-on: ubuntu-22.04
     steps:
       - name: Checkout repo
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
         with:
           fetch-depth: 0
 
       - name: Run Trivy vulnerability scanner in repo mode
-        uses: aquasecurity/trivy-action@97e0b3872f55f89b95b2f65b3dbab56962816478
+        uses: aquasecurity/trivy-action@97e0b3872f55f89b95b2f65b3dbab56962816478 # latest
         with:
           scan-type: "fs"
           scan-ref: "."
@@ -62,7 +62,7 @@ jobs:
           severity: "HIGH,CRITICAL"
 
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v4
+        uses: github/codeql-action/upload-sarif@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4
         with:
           sarif_file: "trivy-repo-results.sarif"
 
@@ -76,17 +76,17 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v4
+        uses: github/codeql-action/init@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4
         with:
           config-file: ./.github/codeql-config.yml
           languages: javascript
 
       - name: Autobuild
-        uses: github/codeql-action/autobuild@v4
+        uses: github/codeql-action/autobuild@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v4
+        uses: github/codeql-action/analyze@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4

.github/workflows/trivy-docker.yaml

@@ -48,10 +48,10 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
       - name: Run Trivy vulnerability scanner in image mode
-        uses: aquasecurity/trivy-action@97e0b3872f55f89b95b2f65b3dbab56962816478
+        uses: aquasecurity/trivy-action@97e0b3872f55f89b95b2f65b3dbab56962816478 # latest
         with:
           image-ref: "docker.io/codercom/code-server:latest"
           ignore-unfixed: true
@@ -60,6 +60,6 @@ jobs:
           severity: "HIGH,CRITICAL"
 
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v4
+        uses: github/codeql-action/upload-sarif@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4
         with:
           sarif_file: "trivy-image-results.sarif"

.github/workflows/update.yaml

@@ -0,0 +1,72 @@
+name: Update code-server
+
+on:
+  workflow_dispatch:
+    inputs:
+      version:
+        type: string
+        required: true
+  schedule:
+    - cron: "0 16,21 * * *"
+
+jobs:
+  update:
+    runs-on: ubuntu-latest
+    env:
+      TAG: ${{ inputs.version }}
+      GH_TOKEN: ${{ secrets.HOMEBREW_GITHUB_API_TOKEN }}
+
+    steps:
+      - name: Fetch latest tag
+        if: env.TAG == ''
+        run: |
+          tag=$(curl -fsSLI -o /dev/null -w "%{url_effective}" https://github.com/microsoft/vscode/releases/latest)
+          tag="${tag#https://github.com/microsoft/vscode/releases/tag/}"
+          echo "TAG=$tag" >> $GITHUB_ENV
+
+      - name: Remove leading v from tag
+        run: |
+          echo "VERSION=${TAG#v}" >> $GITHUB_ENV
+
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+        with:
+          submodules: true
+
+      - name: Check current version
+        id: check
+        run: |
+          commit="$(git -C lib/vscode rev-parse HEAD)"
+          if [[ $(git -C lib/vscode ls-remote --tags | grep "$commit") == */"$VERSION" ]] ; then
+            echo "$VERSION update has already been merged into $(git rev-parse --abbrev-ref HEAD)"
+            echo done=true >> $GITHUB_OUTPUT
+          elif git ls-remote --exit-code --heads origin "update/$VERSION" ; then
+            echo "There is already a PR for updating to $VERSION"
+            echo done=true >> $GITHUB_OUTPUT
+          else
+            echo "$VERSION update has not started yet"
+            echo done=false >> $GITHUB_OUTPUT
+          fi
+
+      - uses: awalsh128/cache-apt-pkgs-action@2c09a5e66da6c8016428a2172bd76e5e4f14bb17 # latest
+        if: steps.check.outputs.done == 'false'
+        with:
+          packages: quilt
+          version: 1.0
+
+      - run: ./ci/build/update-vscode.sh
+        if: steps.check.outputs.done == 'false'
+
+      - name: Open PR
+        if: steps.check.outputs.done == 'false'
+        run: |
+          git config --global user.name cdrci
+          git config --global user.email opensource@coder.com
+          git checkout -b "update/$VERSION"
+          git add .
+          git commit -m "Update VS Code to $VERSION"
+          git push -u origin "$(git branch --show)"
+          gh pr create \
+            --repo coder/code-server \
+            --title "Update VS Code to $VERSION" \
+            --body-file .cache/checklist \
+            --draft

.gitignore

@@ -11,6 +11,7 @@ node_modules
 .home
 coverage
 **/.DS_Store
+*.bak
 
 # Code packages itself here.
 /lib/vscode-reh-web-*

CHANGELOG.md

@@ -22,6 +22,30 @@ Code v99.99.999
 
 ## Unreleased
 
+## [4.119.0](https://github.com/coder/code-server/releases/tag/v4.119.0) - 2026-05-07
+
+Code v1.119.0
+
+### Changed
+
+- Update to Code 1.119.0
+
+## [4.118.0](https://github.com/coder/code-server/releases/tag/v4.118.0) - 2026-05-06
+
+Code v1.118.0
+
+### Changed
+
+- Update to Code 1.118.0
+
+## [4.117.0](https://github.com/coder/code-server/releases/tag/v4.117.0) - 2026-04-22
+
+Code v1.117.0
+
+### Changed
+
+- Update to Code 1.117.0
+
 ## [4.116.0](https://github.com/coder/code-server/releases/tag/v4.116.0) - 2026-04-16
 
 Code v1.116.0

ci/build/update-repo.sh

@@ -0,0 +1,46 @@
+#!/usr/bin/env bash
+
+set -Eeuo pipefail
+
+function update_helm() {
+  local current
+  current=$(yq .version ci/helm-chart/Chart.yaml)
+  local next
+  next=$(semver "$current" -i minor)
+  echo "Bumping version from $current to $next..."
+  sed -i.bak "s/^version: $current\$/version: $next/" ci/helm-chart/Chart.yaml
+
+  echo "Setting app version and image to $version..."
+  sed -i.bak "s/^appVersion: .\+\$/appVersion: $version/" ci/helm-chart/Chart.yaml
+  sed -i.bak "s/^  tag: .\+\$/  tag: '$version'/" ci/helm-chart/values.yaml
+}
+
+function update_changelog() {
+  local date
+  date=$(printf '%(%Y-%m-%d)T\n' -1)
+  local link="https://github.com/coder/code-server/releases/tag/v$version"
+  sed -i.bak "s|## Unreleased|## Unreleased\n\n## [$version]($link) - $date|" CHANGELOG.md
+}
+
+function main() {
+  cd "$(dirname "${0}")/../.."
+
+  source ./ci/lib.sh
+
+  local version=${VERSION:-$(git describe --tags)}
+  version="${version#v}"
+
+  declare -a steps
+
+  steps+=(
+    "Update Helm chart" "update_helm"
+    "Update changelog" "update_changelog"
+  )
+
+  run-steps "${steps[@]}"
+
+  # This step is always manual.
+  echo "- [ ] https://github.com/coder/code-server-aur/pulls" >> .cache/checklist
+}
+
+main "$@"

ci/build/update-vscode.sh

@@ -0,0 +1,154 @@
+#!/usr/bin/env bash
+
+set -Eeuo pipefail
+
+function unapply_patches() {
+  local -i exit_code=0
+  quiet quilt pop -af || exit_code=$?
+  case $exit_code in
+    # Sucessfully unapplied.
+    0) ;;
+    # No more patches to unapply.
+    2) ;;
+    # Some error.
+    *) return $exit_code ;;
+  esac
+}
+
+function update_vscode() {
+  pushd lib/vscode
+  if ! git checkout 2>&1 "$target_vscode_version" ; then
+    echo "$target_vscode_version does not exist locally, fetching..."
+    git fetch --all --prune
+    git checkout "$target_vscode_version"
+  fi
+  popd
+}
+
+function refresh_patches() {
+  local -i exit_code=0
+  while quiet quilt push ; ! (( exit_code=$? )) ; do
+    quilt refresh
+  done
+  case $exit_code in
+    # No more patches to apply.
+    2) ;;
+    # Some error.
+    *) return $exit_code ;;
+  esac
+}
+
+function update_node() {
+  local node_version
+  node_version=$(cat .node-version)
+  if [[ $node_version == "$target_node_version" ]] ; then
+    echo "Already set to $target_node_version"
+  else
+    echo "Updating from $node_version to $target_node_version..."
+    echo "$target_node_version" > .node-version
+  fi
+}
+
+function get-webview-script-hash() {
+  local html
+  html=$(<"$1")
+  local start_tag='<script async type="module">'
+  local end_tag="</script>"
+  html=${html##*"$start_tag"}
+  html=${html%%"$end_tag"*}
+  echo -n "$html" | openssl sha256 -binary | openssl base64
+}
+
+function update_csp() {
+  local current
+  current=$(quilt top 2>/dev/null || echo "")
+  local patch_action=""
+  echo "Currently at ${current:-base}"
+  if [[ $current != */webview.diff ]] ; then
+    echo "Moving to patches/webview.diff..."
+    local -i exit_code=0
+    if quilt applied 2>/dev/null | grep --quiet webview.diff ; then
+      quiet quilt pop webview || exit_code=$?
+      patch_action=pop
+    else
+      quiet quilt push webview || exit_code=$?
+      patch_action=push
+    fi
+    case $exit_code in
+      # Successfully moved.
+      0) ;;
+      # Some error.
+      *) return $exit_code ;;
+    esac
+  fi
+
+  local file=lib/vscode/src/vs/workbench/contrib/webview/browser/pre/index.html
+  local hash
+  hash=$(get-webview-script-hash "$file")
+  echo "Calculated hash as $hash"
+  # Use octothorpe as a delimiter since the hash may contain a slash.
+  sed -i.bak "s#script-src 'sha256-[^']\+'#script-src 'sha256-$hash'#" "$file"
+  quilt refresh
+
+  if [[ $patch_action != "" ]] ; then
+    echo "Moving back to ${current:-base}..."
+    case $patch_action in
+      pop) quiet quilt push "$current" ;;
+      push) quiet quilt pop "${current:--a}" ;;
+    esac
+  fi
+}
+
+function add_changelog() {
+  local file=CHANGELOG.md
+  if grep --quiet "Code $target_vscode_version" "$file" ; then
+    echo "Changelog for $target_vscode_version already exists"
+  else
+    # TODO: This is not exactly robust.  In particular, it needs to handle if
+    # there is already a "changed" section.
+    sed -i.bak "s/## Unreleased/## Unreleased\n\nCode v$target_vscode_version\n\n### Changed\n\n- Update to Code $target_vscode_version/" "$file"
+  fi
+}
+
+function main() {
+  cd "$(dirname "${0}")/../.."
+
+  source ./ci/lib.sh
+
+  local target_node_version
+  target_node_version=$(grep target lib/vscode/remote/.npmrc | awk -F= '{print $2}' | tr -d '"')
+
+  declare -a steps
+
+  # If version is not set, assume we are already at the target version and the
+  # user is just trying to resolve conflics.
+  local target_vscode_version
+  if [[ ${VERSION-} ]] ; then
+    # Removing patches only needs to be done locally; in CI we start from a
+    # fresh clone each time.
+    if [[ ! ${CI-} ]] ; then
+      steps+=("Unapplying patches" "unapply_patches")
+    fi
+    target_vscode_version="${VERSION#v}"
+    steps+=(
+      "Update VS Code to $target_vscode_version" "update_vscode"
+      "Refresh VS Code patches" "refresh_patches"
+    )
+  else
+    target_vscode_version="$(git -C lib/vscode describe --tags --exact-match)"
+    echo "Detected VS Code version $target_vscode_version"
+  fi
+
+  steps+=(
+    "Set Node version to $target_node_version" "update_node"
+    "Update CSP webview hash" "update_csp"
+    "Add changelog note" "add_changelog"
+  )
+
+  run-steps "${steps[@]}"
+
+  # This step is always manual.
+  echo "- [ ] Verify changelog" >> .cache/checklist
+}
+
+main "$@"

ci/lib.sh

@@ -78,6 +78,42 @@ nodeArch() {
   echo "$cpu"
 }
 
+run-steps() {
+  local -i failed=0
+  rm -f .cache/checklist
+  while (( $# )) ; do
+    local name=$1 ; shift
+    local fn=$1 ; shift
+    # Only run if an earlier step has not failed.
+    if [[ $failed == 0 ]] ; then
+      echo "$name..."
+      if $fn | indent ; then
+        echo "- [X] $name" >> .cache/checklist
+      else
+        ((failed++))
+      fi
+    fi
+    # For all failed steps, write out an empty checkbox.
+    if [[ $failed != 0 ]] ; then
+      echo "- [ ] $name" >> .cache/checklist
+    fi
+  done
+  if [[ $failed != 0 ]] ; then
+    return 1
+  fi
+}
+
+quiet() {
+  "$@" >/dev/null
+}
+
+indent() {
+  local count=2
+  local space
+  space=$(printf "%${count}s")
+  sed "s/^/$space| /g"
+}
+
 # See gulpfile.reh.ts for available targets.
 if [[ ! ${VSCODE_TARGET-} ]]; then
   VSCODE_TARGET="$(nodeOS)-$(nodeArch)"

ci/release-image/docker-bake.hcl

@@ -20,6 +20,7 @@ group "default" {
         "code-server-debian-12",
         "code-server-ubuntu-focal",
         "code-server-ubuntu-noble",
+        "code-server-ubuntu-resolute",
         "code-server-fedora-39",
         "code-server-opensuse-tumbleweed",
     ]
@@ -73,7 +74,6 @@ target "code-server-debian-12" {
 target "code-server-ubuntu-focal" {
     dockerfile = "ci/release-image/Dockerfile"
     tags = concat(
-        gen_tags_for_docker_and_ghcr("ubuntu"),
         gen_tags_for_docker_and_ghcr("focal"),
     )
     args = {
@@ -86,6 +86,7 @@ target "code-server-ubuntu-noble" {
     dockerfile = "ci/release-image/Dockerfile"
     tags = concat(
         gen_tags_for_docker_and_ghcr("noble"),
+        gen_tags_for_docker_and_ghcr("ubuntu"),
     )
     args = {
         BASE = "ubuntu:noble"
@@ -93,6 +94,17 @@ target "code-server-ubuntu-noble" {
     platforms = ["linux/amd64", "linux/arm64"]
 }
 
+target "code-server-ubuntu-resolute" {
+    dockerfile = "ci/release-image/Dockerfile"
+    tags = concat(
+        gen_tags_for_docker_and_ghcr("resolute"),
+    )
+    args = {
+        BASE = "ubuntu:resolute"
+    }
+    platforms = ["linux/amd64", "linux/arm64"]
+}
+
 target "code-server-fedora-39" {
     dockerfile = "ci/release-image/Dockerfile.fedora"
     tags = concat(

docs/CONTRIBUTING.md

@@ -93,17 +93,20 @@ commits first if you are doing this).
 
 ### Version updates to Code
 
-1. Remove any patches with `quilt pop -a`.
+PRs will be automatically created with updates to VS Code. If a patch cannot be
-2. Update the `lib/vscode` submodule to the desired upstream version branch.
+automatically resolved, it will be necessary to clone the branch, resolve the
-   1. `cd lib/vscode && git checkout release/1.66 && cd ../..`
+conflicts manually, and finish the update. To do this:
-   2. `git add lib && git commit -m "chore: update to Code <version>"`
+
-3. Apply the patches one at a time (`quilt push`). If the application succeeds
+1. Apply as many patches as possible `quilt push -a`.
-   but the lines changed, update the patch with `quilt refresh`. If there are
+2. Once you hit a conflict, force apply with `quilt push -f`, manually add back
-   conflicts, then force apply with `quilt push -f`, manually add back the
+   the rejected code, then run `quilt refresh`.
-   rejected code, then run `quilt refresh`.
+3. Once all patches have been resolved, run `./ci/build/update.sh` to finish the
-4. From the code-server **project root**, run `npm install`.
+   update process.
-5. Check the Node.js version that's used by Electron (which is shipped with VS
+4. Commit all changes, push them up to the branch, and update the checklist in
-   Code. If necessary, update our version of Node.js to match.
+   the PR description.
+
+Once the PR is ready, manually verify that the unreleased changelog section
+contains all the changes going into this version before merging.
 
 ### Patching Code
 

patches/clipboard.diff

@@ -78,7 +78,7 @@ Index: code-server/lib/vscode/src/vs/platform/environment/common/argv.ts
 ===================================================================
 --- code-server.orig/lib/vscode/src/vs/platform/environment/common/argv.ts
 +++ code-server/lib/vscode/src/vs/platform/environment/common/argv.ts
-@@ -145,6 +145,7 @@ export interface NativeParsedArgs {
+@@ -149,6 +149,7 @@ export interface NativeParsedArgs {
  	'disable-chromium-sandbox'?: boolean;
  	sandbox?: boolean;
  	'enable-coi'?: boolean;

patches/copilot.diff

@@ -2,7 +2,7 @@ Index: code-server/lib/vscode/build/gulpfile.extensions.ts
 ===================================================================
 --- code-server.orig/lib/vscode/build/gulpfile.extensions.ts
 +++ code-server/lib/vscode/build/gulpfile.extensions.ts
-@@ -287,6 +287,29 @@ export const compileCopilotExtensionBuil
+@@ -294,6 +294,29 @@ export const compileCopilotExtensionBuil
  gulp.task(compileCopilotExtensionBuildTask);
  
  /**
@@ -40,11 +40,11 @@ Index: code-server/lib/vscode/build/lib/extensions.ts
  import { type IExtensionDefinition, getExtensionStream } from './builtInExtensions.ts';
  import { fetchUrls, fetchGithub } from './fetch.ts';
  import { createTsgoStream, spawnTsgo } from './tsgo.ts';
-+import { prepareBuiltInCopilotExtensionShims } from './copilot.ts';
++import { prepareBuiltInCopilotRipgrepShim } from './copilot.ts';
  import vzip from 'gulp-vinyl-zip';
  
  import { createRequire } from 'module';
-@@ -482,6 +483,116 @@ export function packageCopilotExtensionS
+@@ -487,6 +488,116 @@ export function packageCopilotExtensionS
  	).pipe(util2.setExecutableBit(['**/*.sh']));
  }
  
@@ -61,7 +61,7 @@ Index: code-server/lib/vscode/build/lib/extensions.ts
 +		return es.readArray([]);
 +	}
 +
-+	const esbuildConfigFileName = '.esbuild.ts';
++	const esbuildConfigFileName = '.esbuild.mts';
 +	const esbuildScript = path.join(extensionPath, esbuildConfigFileName);
 +	if (!fs.existsSync(esbuildScript)) {
 +		throw new Error(`Copilot esbuild script not found at ${esbuildScript}`);
@@ -148,7 +148,7 @@ Index: code-server/lib/vscode/build/lib/extensions.ts
 +	}
 +
 +	try {
-+		prepareBuiltInCopilotExtensionShims(platform, arch, outputDir, appNodeModulesDir);
++		prepareBuiltInCopilotRipgrepShim(platform, arch, outputDir, appNodeModulesDir);
 +		fancyLog(`[prepareCopilotExtensionNativeShims] Materialized native shims for ${platform}-${arch}`);
 +	} catch (err) {
 +		// Downgrade to a warning for local builds since the extension

patches/display-language.diff

@@ -32,7 +32,7 @@ Index: code-server/lib/vscode/src/vs/platform/environment/common/environmentServ
 ===================================================================
 --- code-server.orig/lib/vscode/src/vs/platform/environment/common/environmentService.ts
 +++ code-server/lib/vscode/src/vs/platform/environment/common/environmentService.ts
-@@ -98,7 +98,7 @@ export abstract class AbstractNativeEnvi
+@@ -112,7 +112,7 @@ export abstract class AbstractNativeEnvi
  			return URI.file(join(vscodePortable, 'argv.json'));
  		}
  

patches/external-file-actions.diff

@@ -166,8 +166,8 @@ Index: code-server/lib/vscode/src/vs/workbench/contrib/files/browser/fileActions
  import { AutoSaveAfterShortDelayContext } from '../../../services/filesConfiguration/common/filesConfigurationService.js';
  import { WorkbenchListDoubleSelection } from '../../../../platform/list/browser/listService.js';
  import { Schemas } from '../../../../base/common/network.js';
--import { DirtyWorkingCopiesContext, EnterMultiRootWorkspaceSupportContext, HasWebFileSystemAccess, WorkbenchStateContext, WorkspaceFolderCountContext, SidebarFocusContext, ActiveEditorCanRevertContext, ActiveEditorContext, ResourceContextKey, ActiveEditorAvailableEditorIdsContext, MultipleEditorsSelectedInGroupContext, TwoEditorsSelectedInGroupContext, SelectedEditorsInGroupFileOrUntitledResourceContextKey } from '../../../common/contextkeys.js';
+-import { DirtyWorkingCopiesContext, EnterMultiRootWorkspaceSupportContext, HasWebFileSystemAccess, IsSessionsWindowContext, WorkbenchStateContext, WorkspaceFolderCountContext, SidebarFocusContext, ActiveEditorCanRevertContext, ActiveEditorContext, ResourceContextKey, ActiveEditorAvailableEditorIdsContext, MultipleEditorsSelectedInGroupContext, TwoEditorsSelectedInGroupContext, SelectedEditorsInGroupFileOrUntitledResourceContextKey } from '../../../common/contextkeys.js';
-+import { IsEnabledFileDownloads, IsEnabledFileUploads, DirtyWorkingCopiesContext, EnterMultiRootWorkspaceSupportContext, HasWebFileSystemAccess, WorkbenchStateContext, WorkspaceFolderCountContext, SidebarFocusContext, ActiveEditorCanRevertContext, ActiveEditorContext, ResourceContextKey, ActiveEditorAvailableEditorIdsContext, MultipleEditorsSelectedInGroupContext, TwoEditorsSelectedInGroupContext, SelectedEditorsInGroupFileOrUntitledResourceContextKey } from '../../../common/contextkeys.js';
++import { IsEnabledFileDownloads, IsEnabledFileUploads, DirtyWorkingCopiesContext, EnterMultiRootWorkspaceSupportContext, HasWebFileSystemAccess, IsSessionsWindowContext, WorkbenchStateContext, WorkspaceFolderCountContext, SidebarFocusContext, ActiveEditorCanRevertContext, ActiveEditorContext, ResourceContextKey, ActiveEditorAvailableEditorIdsContext, MultipleEditorsSelectedInGroupContext, TwoEditorsSelectedInGroupContext, SelectedEditorsInGroupFileOrUntitledResourceContextKey } from '../../../common/contextkeys.js';
  import { IsWebContext } from '../../../../platform/contextkey/common/contextkeys.js';
  import { ServicesAccessor } from '../../../../platform/instantiation/common/instantiation.js';
  import { ThemeIcon } from '../../../../base/common/themables.js';

patches/store-socket.diff

@@ -31,7 +31,7 @@ Index: code-server/lib/vscode/src/vs/workbench/api/node/extHostExtensionService.
  import { ExtHostDiskFileSystemProvider } from './extHostDiskFileSystemProvider.js';
  import nodeModule from 'node:module';
  import { assertType } from '../../../base/common/types.js';
-@@ -226,6 +228,52 @@ export class ExtHostExtensionService ext
+@@ -175,6 +177,52 @@ export class ExtHostExtensionService ext
  
  		performance.mark('code/extHost/didInitAPI');
  

patches/unique-db.diff

@@ -21,7 +21,7 @@ Index: code-server/lib/vscode/src/vs/workbench/services/storage/browser/storageS
  
  export class BrowserStorageService extends AbstractStorageService {
  
-@@ -300,7 +301,11 @@ export class IndexedDBStorageDatabase ex
+@@ -328,7 +329,11 @@ export class IndexedDBStorageDatabase ex
  	}
  
  	static async createWorkspaceStorage(workspaceId: string, logService: ILogService): Promise<IIndexedDBStorageDatabase> {

patches/update-check.diff

@@ -101,7 +101,7 @@ Index: code-server/lib/vscode/src/vs/base/common/product.ts
  
  	readonly version: string;
  	readonly date?: string;
-@@ -118,6 +119,7 @@ export interface IProductConfiguration {
+@@ -119,6 +120,7 @@ export interface IProductConfiguration {
  		readonly resourceUrlTemplate: string;
  		readonly nlsBaseUrl: string;
  		readonly accessSKUs?: string[];

patches/webview.diff

@@ -70,21 +70,21 @@ Index: code-server/lib/vscode/src/vs/workbench/contrib/webview/browser/pre/index
  	<meta charset="UTF-8">
  
  	<meta http-equiv="Content-Security-Policy"
--		content="default-src 'none'; script-src 'sha256-TaWGDzV7c9rUH2q/5ygOyYUHSyHIqBMYfucPh3lnKvU=' 'self'; frame-src 'self'; style-src 'unsafe-inline';">
+-		content="default-src 'none'; script-src 'sha256-q+WTr+fBXpLLE3++yWNaxT6BTWQtsKscoeIlynBRk4E=' 'self'; frame-src 'self'; style-src 'unsafe-inline';">
-+		content="default-src 'none'; script-src 'sha256-nQZh+9dHKZP2cHbhYlCbWDtqxxJtGjRGBx57zNP2DZM=' 'self'; frame-src 'self'; style-src 'unsafe-inline';">
++		content="default-src 'none'; script-src 'sha256-m1DlJtsIJd46QuWYNcsaYIG1xI+9FyjKQu+cfp+zq5Q=' 'self'; frame-src 'self'; style-src 'unsafe-inline';">
  
  	<!-- Disable pinch zooming -->
  	<meta name="viewport"
-@@ -256,7 +256,7 @@
+@@ -253,7 +253,7 @@
  			}
  
  			const swPath = encodeURI(`service-worker.js?v=${expectedWorkerVersion}&vscode-resource-base-authority=${searchParams.get('vscode-resource-base-authority')}&remoteAuthority=${searchParams.get('remoteAuthority') ?? ''}`);
--			navigator.serviceWorker.register(swPath, { type: 'module' })
+-			navigator.serviceWorker.register(swPath, { type: 'module', updateViaCache: 'none' })
 +			navigator.serviceWorker.register(swPath)
  				.then(async registration => {
- 					/**
+ 					if (navigator.serviceWorker.controller) {
- 					 * @param {MessageEvent} event
+ 						// A previous SW is already controlling. Force an update
-@@ -370,6 +370,12 @@
+@@ -332,6 +332,12 @@
  
  				const hostname = location.hostname;
  

test/package-lock.json

@@ -18,7 +18,7 @@
         "jest-fetch-mock": "^3.0.3",
         "jsdom": "^16.4.0",
         "node-fetch": "^2.6.7",
-        "playwright": "^1.56.1",
+        "playwright": "^1.59.1",
         "ts-jest": "^27.0.7",
         "wtfnode": "^0.9.1"
       }
@@ -1013,6 +1013,53 @@
         "node": ">=18"
       }
     },
+    "node_modules/@playwright/test/node_modules/fsevents": {
+      "version": "2.3.2",
+      "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz",
+      "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==",
+      "dev": true,
+      "hasInstallScript": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "darwin"
+      ],
+      "engines": {
+        "node": "^8.16.0 || ^10.6.0 || >=11.0.0"
+      }
+    },
+    "node_modules/@playwright/test/node_modules/playwright": {
+      "version": "1.56.1",
+      "resolved": "https://registry.npmjs.org/playwright/-/playwright-1.56.1.tgz",
+      "integrity": "sha512-aFi5B0WovBHTEvpM3DzXTUaeN6eN0qWnTkKx4NQaH4Wvcmc153PdaY2UBdSYKaGYw+UyWXSVyxDUg5DoPEttjw==",
+      "dev": true,
+      "license": "Apache-2.0",
+      "dependencies": {
+        "playwright-core": "1.56.1"
+      },
+      "bin": {
+        "playwright": "cli.js"
+      },
+      "engines": {
+        "node": ">=18"
+      },
+      "optionalDependencies": {
+        "fsevents": "2.3.2"
+      }
+    },
+    "node_modules/@playwright/test/node_modules/playwright-core": {
+      "version": "1.56.1",
+      "resolved": "https://registry.npmjs.org/playwright-core/-/playwright-core-1.56.1.tgz",
+      "integrity": "sha512-hutraynyn31F+Bifme+Ps9Vq59hKuUCz7H1kDOcBs+2oGguKkWTU50bBWrtz34OUWmIwpBTWDxaRPXrIXkgvmQ==",
+      "dev": true,
+      "license": "Apache-2.0",
+      "bin": {
+        "playwright-core": "cli.js"
+      },
+      "engines": {
+        "node": ">=18"
+      }
+    },
     "node_modules/@sinonjs/commons": {
       "version": "1.8.6",
       "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-1.8.6.tgz",
@@ -4067,13 +4114,13 @@
       }
     },
     "node_modules/playwright": {
-      "version": "1.56.1",
+      "version": "1.59.1",
-      "resolved": "https://registry.npmjs.org/playwright/-/playwright-1.56.1.tgz",
+      "resolved": "https://registry.npmjs.org/playwright/-/playwright-1.59.1.tgz",
-      "integrity": "sha512-aFi5B0WovBHTEvpM3DzXTUaeN6eN0qWnTkKx4NQaH4Wvcmc153PdaY2UBdSYKaGYw+UyWXSVyxDUg5DoPEttjw==",
+      "integrity": "sha512-C8oWjPR3F81yljW9o5OxcWzfh6avkVwDD2VYdwIGqTkl+OGFISgypqzfu7dOe4QNLL2aqcWBmI3PMtLIK233lw==",
       "dev": true,
       "license": "Apache-2.0",
       "dependencies": {
-        "playwright-core": "1.56.1"
+        "playwright-core": "1.59.1"
       },
       "bin": {
         "playwright": "cli.js"
@@ -4086,9 +4133,9 @@
       }
     },
     "node_modules/playwright-core": {
-      "version": "1.56.1",
+      "version": "1.59.1",
-      "resolved": "https://registry.npmjs.org/playwright-core/-/playwright-core-1.56.1.tgz",
+      "resolved": "https://registry.npmjs.org/playwright-core/-/playwright-core-1.59.1.tgz",
-      "integrity": "sha512-hutraynyn31F+Bifme+Ps9Vq59hKuUCz7H1kDOcBs+2oGguKkWTU50bBWrtz34OUWmIwpBTWDxaRPXrIXkgvmQ==",
+      "integrity": "sha512-HBV/RJg81z5BiiZ9yPzIiClYV/QMsDCKUyogwH9p3MCP6IYjUFu/MActgYAvK0oWyV9NlwM3GLBjADyWgydVyg==",
       "dev": true,
       "license": "Apache-2.0",
       "bin": {

test/package.json

@@ -14,7 +14,7 @@
     "jest-fetch-mock": "^3.0.3",
     "jsdom": "^16.4.0",
     "node-fetch": "^2.6.7",
-    "playwright": "^1.56.1",
+    "playwright": "^1.59.1",
     "ts-jest": "^27.0.7",
     "wtfnode": "^0.9.1"
   },

test/playwright.config.ts

@@ -33,10 +33,12 @@ const config: PlaywrightTestConfig = {
     //   name: "Firefox",
     //   use: { browserName: "firefox" },
     // },
-    {
+    // Keeps failing with "Underlying ArrayBuffer has been detached from the view or out-of-bounds"
-      name: "WebKit",
+    // Not sure what we can do about it...so skip for now.
-      use: { browserName: "webkit" },
+    // {
-    },
+    //   name: "WebKit",
+    //   use: { browserName: "webkit" },
+    // },
   ],
 }