Compare commits

..

1 Commits

Author SHA1 Message Date
cdrci
48d57a5b64 Update Code to 1.128.1 2026-07-14 21:25:54 +00:00
11 changed files with 90 additions and 102 deletions

View File

@@ -1 +1 @@
24.18.0
24.17.0

View File

@@ -22,14 +22,6 @@ Code v99.99.999
## Unreleased
## [4.129.0](https://github.com/coder/code-server/releases/tag/v4.129.0) - 2026-07-17
Code v1.129.0
### Changed
- Update to Code 1.129.0
## [4.128.0](https://github.com/coder/code-server/releases/tag/v4.128.0) - 2026-07-11
Code v1.128.0

View File

@@ -4,7 +4,7 @@ set -Eeuo pipefail
function unapply_patches() {
local -i exit_code=0
quiet quilt pop -af 2>&1 || exit_code=$?
quiet quilt pop -af || exit_code=$?
case $exit_code in
# Sucessfully unapplied.
0) ;;
@@ -15,19 +15,6 @@ function unapply_patches() {
esac
}
function apply_patches() {
local -i exit_code=0
quiet quilt push -a 2>&1 || exit_code=$?
case $exit_code in
# Sucessfully applied.
0) ;;
# No more patches to apply.
2) ;;
# Some error.
*) return $exit_code ;;
esac
}
function update_vscode() {
pushd lib/vscode
if ! git checkout 2>&1 "$target_vscode_version" ; then
@@ -41,8 +28,8 @@ function update_vscode() {
function refresh_patches() {
local -i exit_code=0
while quiet quilt push 2>&1 ; ! (( exit_code=$? )) ; do
quilt refresh 2>&1
while quiet quilt push ; ! (( exit_code=$? )) ; do
quilt refresh
done
case $exit_code in
# No more patches to apply.
@@ -69,41 +56,50 @@ function get-webview-script-hash() {
local html
html=$(<"$1")
local start_tag='<script async type="module">'
if [[ $file == */webWorkerExtensionHostIframe.html ]] ; then
start_tag='<script>'
fi
local end_tag="</script>"
html=${html##*"$start_tag"}
html=${html%%"$end_tag"*}
echo -n "$html" | openssl sha256 -binary | openssl base64
}
function delete_csp() {
quilt delete csp-hashes.diff
}
function update_csp() {
apply_patches
local files=(
./lib/vscode/src/vs/workbench/contrib/webview/browser/pre/index.html
./lib/vscode/src/vs/workbench/services/extensions/worker/webWorkerExtensionHostIframe.html
)
quilt new csp-hashes.diff
local file
for file in "${files[@]}" ; do
quilt add "$file"
local hash
hash=$(get-webview-script-hash "$file")
echo "Calculated hash as $hash"
# Use octothorpe as a delimiter since the hash may contain a slash.
sed -i.bak "s#'sha256-[^']\+'#'sha256-$hash'#" "$file"
done
local current
current=$(quilt top 2>/dev/null || echo "")
local patch_action=""
echo "Currently at ${current:-base}"
if [[ $current != */webview.diff ]] ; then
echo "Moving to patches/webview.diff..."
local -i exit_code=0
if quilt applied 2>/dev/null | grep --quiet webview.diff ; then
quiet quilt pop webview || exit_code=$?
patch_action=pop
else
quiet quilt push webview || exit_code=$?
patch_action=push
fi
case $exit_code in
# Successfully moved.
0) ;;
# Some error.
*) return $exit_code ;;
esac
fi
local file=lib/vscode/src/vs/workbench/contrib/webview/browser/pre/index.html
local hash
hash=$(get-webview-script-hash "$file")
echo "Calculated hash as $hash"
# Use octothorpe as a delimiter since the hash may contain a slash.
sed -i.bak "s#script-src 'sha256-[^']\+'#script-src 'sha256-$hash'#" "$file"
quilt refresh
if [[ $patch_action != "" ]] ; then
echo "Moving back to ${current:-base}..."
case $patch_action in
pop) quiet quilt push "$current" ;;
push) quiet quilt pop "${current:--a}" ;;
esac
fi
}
function add_changelog() {
@@ -124,9 +120,6 @@ function main() {
declare -a steps
# Hashes are always regenerated to avoid having to resolve conflicts..
steps+=("Revert CSP hashes" "delete_csp")
# If version is not set, assume we are already at the target version and the
# user is just trying to resolve conflics.
local target_vscode_version
@@ -148,7 +141,7 @@ function main() {
steps+=(
"Update Node version" "update_node"
"Regenerate CSP hashes" "update_csp"
"Update CSP webview hash" "update_csp"
"Add changelog note" "add_changelog"
)

View File

@@ -15,9 +15,9 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 3.44.0
version: 3.43.0
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
appVersion: 4.129.0
appVersion: 4.128.0

View File

@@ -6,7 +6,7 @@ replicaCount: 1
image:
repository: codercom/code-server
tag: '4.129.0'
tag: '4.128.0'
pullPolicy: Always
# Specifies one or more secrets to be used when pulling images from a

View File

@@ -85,20 +85,18 @@ run-steps() {
while (( $# )) ; do
local name=$1 ; shift
local fn=$1 ; shift
echo "$name..."
# Only run if an earlier step has not failed.
# For all failed steps, write out an empty checkbox.
if [[ $failed == 0 ]] ; then
echo "$name..."
if $fn | indent ; then
echo "- [X] $name" >> .cache/checklist
else
((failed++))
echo "- [-] $name" >> .cache/checklist
echo "Failed" | indent
fi
else
fi
# For all failed steps, write out an empty checkbox.
if [[ $failed != 0 ]] ; then
echo "- [ ] $name" >> .cache/checklist
echo "Skipped" | indent
fi
done
if [[ $failed != 0 ]] ; then

View File

@@ -1,26 +0,0 @@
Index: code-server/lib/vscode/src/vs/workbench/contrib/webview/browser/pre/index.html
===================================================================
--- code-server.orig/lib/vscode/src/vs/workbench/contrib/webview/browser/pre/index.html
+++ code-server/lib/vscode/src/vs/workbench/contrib/webview/browser/pre/index.html
@@ -5,7 +5,7 @@
<meta charset="UTF-8">
<meta http-equiv="Content-Security-Policy"
- content="default-src 'none'; script-src 'sha256-nXjtuhBilO++r8hfxl5VjEScSmdm07wDAk6jw228DgM=' 'self'; frame-src 'self'; style-src 'unsafe-inline';">
+ content="default-src 'none'; script-src 'sha256-A6/szVNdTzyi4hDa+9OLbzS8tSd2iUV4CqimLNWex2Y=' 'self'; frame-src 'self'; style-src 'unsafe-inline';">
<!-- Disable pinch zooming -->
<meta name="viewport"
Index: code-server/lib/vscode/src/vs/workbench/services/extensions/worker/webWorkerExtensionHostIframe.html
===================================================================
--- code-server.orig/lib/vscode/src/vs/workbench/services/extensions/worker/webWorkerExtensionHostIframe.html
+++ code-server/lib/vscode/src/vs/workbench/services/extensions/worker/webWorkerExtensionHostIframe.html
@@ -4,7 +4,7 @@
<meta http-equiv="Content-Security-Policy" content="
default-src 'none';
child-src 'self' data: blob:;
- script-src 'self' 'unsafe-eval' 'sha256-daEgfo2VIXpx2Np71KqCCbkeQwv+68vPrx54XRcbdcs=' https: http://localhost:* blob:;
+ script-src 'self' 'unsafe-eval' 'sha256-gfjiOVjAlxqrivZAfTq2d83mOaz0fnAxbGaFpj5IjD8=' https: http://localhost:* blob:;
connect-src 'self' https: wss: http://localhost:* http://127.0.0.1:* ws://localhost:* ws://127.0.0.1:*;"/>
</head>
<body>

View File

@@ -10,17 +10,18 @@ Index: code-server/lib/vscode/src/vs/workbench/services/extensions/common/extens
===================================================================
--- code-server.orig/lib/vscode/src/vs/workbench/services/extensions/common/extensions.ts
+++ code-server/lib/vscode/src/vs/workbench/services/extensions/common/extensions.ts
@@ -324,6 +324,10 @@ function extensionDescriptionArrayToMap(
@@ -321,10 +321,7 @@ function extensionDescriptionArrayToMap(
}
export function isProposedApiEnabled(extension: IExtensionDescription, proposal: ApiProposalName): boolean {
+ return true;
+}
+
+export function _isProposedApiEnabled(extension: IExtensionDescription, proposal: ApiProposalName): boolean {
if (!extension.enabledApiProposals) {
return false;
}
- if (!extension.enabledApiProposals) {
- return false;
- }
- return true;// extension.enabledApiProposals.includes(proposal);
+ return true
}
export function checkProposedApiEnabled(extension: IExtensionDescription, proposal: ApiProposalName): void {
Index: code-server/lib/vscode/src/vs/workbench/services/extensions/common/extensionsProposedApi.ts
===================================================================
--- code-server.orig/lib/vscode/src/vs/workbench/services/extensions/common/extensionsProposedApi.ts

View File

@@ -24,4 +24,3 @@ trusted-domains.diff
signature-verification.diff
copilot.diff
app-name.diff
csp-hashes.diff

View File

@@ -3,6 +3,9 @@ Serve webviews from the same origin
Normally webviews are served from vscode-webview.net but we would rather them be
self-hosted.
When doing this CSP will block resources (for example when viewing images) so
add 'self' to the CSP to fix that.
Additionally the service worker defaults to handling *all* requests made to the
current host but when self-hosting the webview this will end up including the
webview HTML itself which means these requests will fail since the communication
@@ -17,6 +20,16 @@ webview host is separate by default but we serve on the same host).
To test, open a few types of webviews (images, markdown, extension details, etc).
Make sure to update the hash. To do so:
1. run code-server
2. open any webview (i.e. preview Markdown)
3. see error in console and copy hash
That will test the hash change in pre/index.html
Double-check the console to make sure there are no console errors for the webWorkerExtensionHostIframe
which also requires a hash change.
parentOriginHash changes
This fixes webviews from not working properly due to a change upstream.
@@ -53,6 +66,15 @@ Index: code-server/lib/vscode/src/vs/workbench/contrib/webview/browser/pre/index
===================================================================
--- code-server.orig/lib/vscode/src/vs/workbench/contrib/webview/browser/pre/index.html
+++ code-server/lib/vscode/src/vs/workbench/contrib/webview/browser/pre/index.html
@@ -5,7 +5,7 @@
<meta charset="UTF-8">
<meta http-equiv="Content-Security-Policy"
- content="default-src 'none'; script-src 'sha256-nXjtuhBilO++r8hfxl5VjEScSmdm07wDAk6jw228DgM=' 'self'; frame-src 'self'; style-src 'unsafe-inline';">
+ content="default-src 'none'; script-src 'sha256-A6/szVNdTzyi4hDa+9OLbzS8tSd2iUV4CqimLNWex2Y=' 'self'; frame-src 'self'; style-src 'unsafe-inline';">
<!-- Disable pinch zooming -->
<meta name="viewport"
@@ -253,7 +253,7 @@
}
@@ -79,8 +101,17 @@ Index: code-server/lib/vscode/src/vs/workbench/services/extensions/worker/webWor
===================================================================
--- code-server.orig/lib/vscode/src/vs/workbench/services/extensions/worker/webWorkerExtensionHostIframe.html
+++ code-server/lib/vscode/src/vs/workbench/services/extensions/worker/webWorkerExtensionHostIframe.html
@@ -34,6 +34,13 @@
}
@@ -4,7 +4,7 @@
<meta http-equiv="Content-Security-Policy" content="
default-src 'none';
child-src 'self' data: blob:;
- script-src 'self' 'unsafe-eval' 'sha256-cl8ijlOzEe+0GRCQNJQu2k6nUQ0fAYNYIuuKEm72JDs=' https: http://localhost:* blob:;
+ script-src 'self' 'unsafe-eval' 'sha256-yhZXuB8LS6t73dvNg6rtLX8y4PHLnqRm5+6DdOGkOcw=' https: http://localhost:* blob:;
connect-src 'self' https: wss: http://localhost:* http://127.0.0.1:* ws://localhost:* ws://127.0.0.1:*;"/>
</head>
<body>
@@ -25,6 +25,13 @@
// validation not requested
return start();
}
+