chore: bump heyhusen/archlinux-package-action from 2.4.0 to 3.0.0 (#7650 )

chore: bump aquasecurity/trivy-action from 0.33.1 to 0.34.1 (#7676 )
chore: bump ws and @types/ws (#7651 )
2026-05-10 22:37:26 +02:00 · 2026-03-03 12:35:36 -09:00 · 2026-03-03 12:29:03 -09:00 · 2026-03-03 12:24:36 -09:00 · 2026-03-03 12:23:40 -09:00 · 2026-03-03 12:19:52 -09:00
10 changed files with 78 additions and 36 deletions
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -219,7 +219,7 @@ jobs:
        if: success()
      # https://github.com/actions/upload-artifact/issues/38
      - run: tar -czf package.tar.gz release
-      - uses: actions/upload-artifact@v4
+      - uses: actions/upload-artifact@v7
        with:
          name: npm-package
          path: ./package.tar.gz
@@ -241,7 +241,7 @@ jobs:
            package-lock.json
            test/package-lock.json
      - run: SKIP_SUBMODULE_DEPS=1 npm ci
-      - uses: actions/download-artifact@v5
+      - uses: actions/download-artifact@v8
        with:
          name: npm-package
      - run: tar -xzf package.tar.gz
@@ -251,7 +251,7 @@ jobs:
          ./test/node_modules/.bin/playwright install-deps
          ./test/node_modules/.bin/playwright install
      - run: CODE_SERVER_TEST_ENTRY=./release npm run test:e2e
-      - uses: actions/upload-artifact@v4
+      - uses: actions/upload-artifact@v7
        if: always()
        with:
          name: failed-test-videos
@@ -275,7 +275,7 @@ jobs:
            package-lock.json
            test/package-lock.json
      - run: SKIP_SUBMODULE_DEPS=1 npm ci
-      - uses: actions/download-artifact@v5
+      - uses: actions/download-artifact@v8
        with:
          name: npm-package
      - run: tar -xzf package.tar.gz
@@ -304,7 +304,7 @@ jobs:
      - run: ~/.cache/caddy/caddy stop --config ./ci/Caddyfile
        if: always()

-      - uses: actions/upload-artifact@v4
+      - uses: actions/upload-artifact@v7
        if: always()
        with:
          name: failed-test-videos-proxy
--- a/.github/workflows/publish.yaml
+++ b/.github/workflows/publish.yaml
@@ -92,7 +92,7 @@ jobs:
          echo "VERSION=${TAG#v}" >> $GITHUB_ENV

      - name: Validate package
-        uses: heyhusen/archlinux-package-action@v2.4.0
+        uses: heyhusen/archlinux-package-action@v3.0.0
        env:
          VERSION: ${{ env.VERSION }}
        with:
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -94,7 +94,7 @@ jobs:
          echo "$HOME/.local/bin" >> $GITHUB_PATH

      - name: Download npm package
-        uses: actions/download-artifact@v5
+        uses: actions/download-artifact@v8
        with:
          name: npm-release-package

@@ -160,7 +160,7 @@ jobs:
      - run: brew install python-setuptools

      - name: Download npm package
-        uses: actions/download-artifact@v5
+        uses: actions/download-artifact@v8
        with:
          name: npm-release-package

@@ -221,7 +221,7 @@ jobs:
      - run: brew install python-setuptools

      - name: Download npm package
-        uses: actions/download-artifact@v5
+        uses: actions/download-artifact@v8
        with:
          name: npm-release-package

@@ -253,7 +253,7 @@ jobs:
    needs: npm-version
    steps:
      - name: Download npm package
-        uses: actions/download-artifact@v5
+        uses: actions/download-artifact@v8
        with:
          name: npm-release-package

@@ -269,7 +269,7 @@ jobs:
    timeout-minutes: 15
    steps:
      - name: Download artifacts
-        uses: dawidd6/action-download-artifact@v12
+        uses: dawidd6/action-download-artifact@v16
        id: download
        with:
          branch: ${{ github.ref }}
@@ -303,7 +303,7 @@ jobs:
      - run: tar -czf package.tar.gz release

      - name: Upload npm package artifact
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v7
        with:
          name: npm-release-package
          path: ./package.tar.gz
--- a/.github/workflows/security.yaml
+++ b/.github/workflows/security.yaml
@@ -51,7 +51,7 @@ jobs:
          fetch-depth: 0

      - name: Run Trivy vulnerability scanner in repo mode
-        uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8
+        uses: aquasecurity/trivy-action@97e0b3872f55f89b95b2f65b3dbab56962816478
        with:
          scan-type: "fs"
          scan-ref: "."
--- a/.github/workflows/trivy-docker.yaml
+++ b/.github/workflows/trivy-docker.yaml
@@ -51,7 +51,7 @@ jobs:
        uses: actions/checkout@v6

      - name: Run Trivy vulnerability scanner in image mode
-        uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8
+        uses: aquasecurity/trivy-action@97e0b3872f55f89b95b2f65b3dbab56962816478
        with:
          image-ref: "docker.io/codercom/code-server:latest"
          ignore-unfixed: true
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -22,6 +22,46 @@ Code v99.99.999

 ## Unreleased

+## [4.109.5](https://github.com/coder/code-server/releases/tag/v4.109.5) - 2026-03-02
+
+Code v1.109.5
+
+### Changed
+
+- Update to Code 1.109.5
+
+## [4.109.2](https://github.com/coder/code-server/releases/tag/v4.109.2) - 2026-02-12
+
+Code v1.109.2
+
+### Changed
+
+- Update to Code 1.109.2
+
+## [4.109.0](https://github.com/coder/code-server/releases/tag/v4.109.0) - 2026-02-12
+
+Code v1.109.0
+
+### Changed
+
+- Update to Code 1.109.0
+
+## [4.108.2](https://github.com/coder/code-server/releases/tag/v4.108.2) - 2026-01-26
+
+Code v1.108.2
+
+### Changed
+
+- Update to Code 1.108.2
+
+## [4.108.1](https://github.com/coder/code-server/releases/tag/v4.108.1) - 2026-01-16
+
+Code v1.108.1
+
+### Changed
+
+- Update to Code 1.108.1
+
 ## [4.108.0](https://github.com/coder/code-server/releases/tag/v4.108.0) - 2026-01-12

 Code v1.108.0
--- a/ci/helm-chart/Chart.yaml
+++ b/ci/helm-chart/Chart.yaml
@@ -15,9 +15,9 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 3.32.1
+version: 3.33.0

 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
-appVersion: 4.108.0
+appVersion: 4.109.5
--- a/ci/helm-chart/values.yaml
+++ b/ci/helm-chart/values.yaml
@@ -6,7 +6,7 @@ replicaCount: 1

 image:
  repository: codercom/code-server
-  tag: '4.108.0'
+  tag: '4.109.5'
  pullPolicy: Always

 # Specifies one or more secrets to be used when pulling images from a
--- a/package-lock.json
+++ b/package-lock.json
@@ -769,10 +769,11 @@
      "dev": true
    },
    "node_modules/@types/ws": {
-      "version": "8.5.12",
-      "resolved": "https://registry.npmjs.org/@types/ws/-/ws-8.5.12.tgz",
-      "integrity": "sha512-3tPRkv1EtkDpzlgyKyI8pGsGZAGPEaXeu0DOj5DI25Ja91bdAYddYHbADRYVrZMRbfW+1l5YwXVDKohDJNQxkQ==",
+      "version": "8.18.1",
+      "resolved": "https://registry.npmjs.org/@types/ws/-/ws-8.18.1.tgz",
+      "integrity": "sha512-ThVF6DCVhA8kUGy+aazFQ4kXQ7E1Ty7A3ypFOe0IcJV8O/M511G99AW24irKrW56Wt44yG9+ij8FaqoBGkuBXg==",
      "dev": true,
+      "license": "MIT",
      "dependencies": {
        "@types/node": "*"
      }
@@ -974,13 +975,13 @@
      }
    },
    "node_modules/@typescript-eslint/typescript-estree/node_modules/minimatch": {
-      "version": "9.0.5",
-      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz",
-      "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==",
+      "version": "9.0.9",
+      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.9.tgz",
+      "integrity": "sha512-OBwBN9AL4dqmETlpS2zasx+vTeWclWzkblfZk7KTA5j3jeOONz/tRCnZomUyvNg83wL5Zv9Ss6HMJXAgL8R2Yg==",
      "dev": true,
      "license": "ISC",
      "dependencies": {
-        "brace-expansion": "^2.0.1"
+        "brace-expansion": "^2.0.2"
      },
      "engines": {
        "node": ">=16 || 14 >=14.17"
@@ -1588,9 +1589,9 @@
      "license": "MIT"
    },
    "node_modules/basic-ftp": {
-      "version": "5.0.5",
-      "resolved": "https://registry.npmjs.org/basic-ftp/-/basic-ftp-5.0.5.tgz",
-      "integrity": "sha512-4Bcg1P8xhUuqcii/S0Z9wiHIrQVPMermM1any+MX5GeGD7faD3/msQUDGLol9wOcz4/jbg/WJnGqoJF6LiBdtg==",
+      "version": "5.2.0",
+      "resolved": "https://registry.npmjs.org/basic-ftp/-/basic-ftp-5.2.0.tgz",
+      "integrity": "sha512-VoMINM2rqJwJgfdHq6RiUudKt2BV+FY5ZFezP/ypmwayk68+NzzAQy4XXLlqsGD4MCzq3DrmNFD/uUmBJuGoXw==",
      "license": "MIT",
      "engines": {
        "node": ">=10.0.0"
@@ -4415,9 +4416,9 @@
      }
    },
    "node_modules/minimatch": {
-      "version": "3.1.2",
-      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
-      "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
+      "version": "3.1.5",
+      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.5.tgz",
+      "integrity": "sha512-VgjWUsnnT6n+NUk6eZq77zeFdpW2LWDzP6zFGrCbHXiYNul5Dzqk2HHQ5uFH2DNW5Xbp8+jVzaeNt94ssEEl4w==",
      "dev": true,
      "license": "ISC",
      "dependencies": {
@@ -6283,9 +6284,10 @@
      "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ=="
    },
    "node_modules/ws": {
-      "version": "8.18.0",
-      "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.0.tgz",
-      "integrity": "sha512-8VbfWfHLbbwu3+N6OKsOMpBdT4kXPDDB9cJk2bJ6mh9ucxdlnNvH1e+roYkKmN9Nxw2yjz7VzeO9oOz2zJ04Pw==",
+      "version": "8.19.0",
+      "resolved": "https://registry.npmjs.org/ws/-/ws-8.19.0.tgz",
+      "integrity": "sha512-blAT2mjOEIi0ZzruJfIhb3nps74PRWTCz1IjglWEEpQl5XS/UNama6u2/rjFkDDouqr4L67ry+1aGIALViWjDg==",
+      "license": "MIT",
      "engines": {
        "node": ">=10.0.0"
      },
--- a/test/package-lock.json
+++ b/test/package-lock.json
@@ -3750,9 +3750,9 @@
      }
    },
    "node_modules/minimatch": {
-      "version": "3.1.2",
-      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
-      "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
+      "version": "3.1.5",
+      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.5.tgz",
+      "integrity": "sha512-VgjWUsnnT6n+NUk6eZq77zeFdpW2LWDzP6zFGrCbHXiYNul5Dzqk2HHQ5uFH2DNW5Xbp8+jVzaeNt94ssEEl4w==",
      "dev": true,
      "license": "ISC",
      "dependencies": {
Author	SHA1	Message	Date
dependabot[bot]	65b0f0e1bb	chore: bump heyhusen/archlinux-package-action from 2.4.0 to 3.0.0 (#7650 )	2026-03-03 12:35:36 -09:00
dependabot[bot]	841ec45573	chore: bump aquasecurity/trivy-action from 0.33.1 to 0.34.1 (#7676 )	2026-03-03 12:29:03 -09:00
dependabot[bot]	3eada681d3	chore: bump ws and @types/ws (#7651 )	2026-03-03 12:24:36 -09:00
dependabot[bot]	52f1542621	chore: bump basic-ftp from 5.0.5 to 5.2.0 (#7680 )	2026-03-03 12:23:40 -09:00
dependabot[bot]	b5e2c42183	chore: bump minimatch from 3.1.2 to 3.1.5 in /test (#7682 )	2026-03-03 12:19:52 -09:00
dependabot[bot]	980e009b6d	chore: bump minimatch (#7683 )	2026-03-03 12:19:01 -09:00
dependabot[bot]	36b00d37ff	chore: bump actions/upload-artifact from 4 to 7 (#7685 )	2026-03-03 12:11:52 -09:00
dependabot[bot]	355546d0a5	chore: bump dawidd6/action-download-artifact from 12 to 16 (#7686 )	2026-03-03 12:11:17 -09:00
dependabot[bot]	e9c577549f	chore: bump actions/download-artifact from 5 to 8 (#7687 )	2026-03-03 11:50:14 -09:00
Asher	98a2a0064b	Update Helm chart and changelog to 4.109.5	2026-03-03 08:24:56 -09:00