Update changelog for 3.10.1

Update versions to 3.10.1
2026-05-06 20:41:59 +02:00 · 2021-05-17 13:58:23 -05:00 · 2021-05-17 13:50:56 -05:00
1522 changed files with 40816 additions and 63002 deletions
--- a/.github/ISSUE_TEMPLATE/bug-report.md
+++ b/.github/ISSUE_TEMPLATE/bug-report.md
@@ -62,11 +62,6 @@ Additionally, collecting core dumps (you may need to enable them first) if
 code-server crashes can be helpful.
 -->
 <!--
 If you're having issues with installation please include the installation logs
 i.e. the output of `yarn global add code-server` if you installed with `yarn`
 -->
 ## Screenshot
 <!-- Ideally provide a screenshot, gif, video or screen recording. -->
--- a/.github/PULL_REQUEST_TEMPLATE.md
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@@ -5,4 +5,6 @@ If there is no existing issue, please first create one unless the fix is minor.
 Please make sure the base of your PR is the default branch!
 -->
-Fixes #
+## Checklist
 - [ ] updated `CHANGELOG.md`
--- a/.github/codecov.yml
+++ b/.github/codecov.yml
@@ -1,22 +0,0 @@
 codecov:
  require_ci_to_pass: yes
  allow_coverage_offsets: True
 coverage:
  precision: 2
  round: down
  range: "40...70"
  patch: off
 parsers:
  gcov:
    branch_detection:
      conditional: yes
      loop: yes
      method: no
      macro: no
 comment:
  layout: "reach,diff,flags,files,footer"
  behavior: default
  require_changes: no
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -0,0 +1,28 @@
 version: 2
 updates:
  - package-ecosystem: "github-actions"
    directory: "/"
    schedule:
      interval: "daily"
      time: "11:00"
    ignore:
      # GitHub always delivers the latest versions for each major
      # release tag, so handle updates manually
      - dependency-name: "actions/*"
      - dependency-name: "github/codeql-action/*"
      - dependency-name: "microsoft/playwright-github-action"
  - package-ecosystem: "npm"
    directory: "/"
    schedule:
      interval: "daily"
      time: "11:00"
    ignore:
      - dependency-name: "@types/node"
        versions: ["15.x", "14.x", "13.x"]
      - dependency-name: "xdg-basedir"
        # 5.0.0 has breaking changes as they switch to named exports
        # and convert the module to ESM
        # We can't use it until we switch to ESM across the project
        # See release notes: https://github.com/sindresorhus/xdg-basedir/releases/tag/v5.0.0
        versions: ["5.x"]
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -1,4 +1,4 @@
-name: Build
+name: ci
 on:
  push:
@@ -18,17 +18,16 @@ jobs:
  prebuild:
    name: Pre-build checks
    runs-on: ubuntu-latest
    timeout-minutes: 15
    env:
      CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
    steps:
      - name: Checkout repo
        uses: actions/checkout@v2
-      - name: Install Node.js v14
+      - name: Install Node.js v12
        uses: actions/setup-node@v2
        with:
-          node-version: "14"
+          node-version: "12"
      - name: Install helm
        uses: azure/setup-helm@v1.1
@@ -39,8 +38,6 @@ jobs:
        with:
          path: "**/node_modules"
          key: yarn-build-${{ hashFiles('**/yarn.lock') }}
          restore-keys: |
            yarn-build-
      - name: Install dependencies
        if: steps.cache-yarn.outputs.cache-hit != 'true'
@@ -66,15 +63,14 @@ jobs:
    name: Run audit-ci
    needs: prebuild
    runs-on: ubuntu-latest
    timeout-minutes: 5
    steps:
      - name: Checkout repo
        uses: actions/checkout@v2
-      - name: Install Node.js v14
+      - name: Install Node.js v12
        uses: actions/setup-node@v2
        with:
-          node-version: "14"
+          node-version: "12"
      - name: Fetch dependencies from cache
        id: cache-yarn
@@ -82,8 +78,6 @@ jobs:
        with:
          path: "**/node_modules"
          key: yarn-build-${{ hashFiles('**/yarn.lock') }}
          restore-keys: |
            yarn-build-
      - name: Install dependencies
        if: steps.cache-yarn.outputs.cache-hit != 'true'
@@ -97,16 +91,15 @@ jobs:
    name: Build
    needs: prebuild
    runs-on: ubuntu-latest
    timeout-minutes: 30
    steps:
      - uses: actions/checkout@v2
        with:
          fetch-depth: 0
-      - name: Install Node.js v14
+      - name: Install Node.js v12
        uses: actions/setup-node@v2
        with:
-          node-version: "14"
+          node-version: "12"
      - name: Fetch dependencies from cache
        id: cache-yarn
@@ -114,8 +107,6 @@ jobs:
        with:
          path: "**/node_modules"
          key: yarn-build-${{ hashFiles('**/yarn.lock') }}
          restore-keys: |
            yarn-build-
      - name: Install dependencies
        if: steps.cache-yarn.outputs.cache-hit != 'true'
@@ -173,16 +164,15 @@ jobs:
    name: x86-64 Linux build
    needs: build
    runs-on: ubuntu-latest
    timeout-minutes: 15
    container: "centos:7"
    steps:
      - uses: actions/checkout@v2
-      - name: Install Node.js v14
+      - name: Install Node.js v12
        uses: actions/setup-node@v2
        with:
-          node-version: "14"
+          node-version: "12"
      - name: Install development tools
        run: |
@@ -244,7 +234,6 @@ jobs:
    name: Linux ARM64 cross-compile build
    needs: build
    runs-on: ubuntu-16.04
    timeout-minutes: 15
    env:
      AR: aarch64-linux-gnu-ar
      CC: aarch64-linux-gnu-gcc
@@ -255,10 +244,10 @@ jobs:
    steps:
      - uses: actions/checkout@v2
-      - name: Install Node.js v14
+      - name: Install Node.js v12
        uses: actions/setup-node@v2
        with:
-          node-version: "14"
+          node-version: "12"
      - name: Install nfpm
        run: |
@@ -281,8 +270,8 @@ jobs:
      - name: Replace node with arm64 equivalent
        run: |
-          wget https://nodejs.org/dist/v14.17.0/node-v14.17.0-linux-arm64.tar.xz
+          wget https://nodejs.org/dist/v12.18.4/node-v12.18.4-linux-arm64.tar.gz
-          tar -xf node-v14.17.0-linux-arm64.tar.xz node-v14.17.0-linux-arm64/bin/node --strip-components=2
+          tar -xzf node-v12.18.4-linux-arm64.tar.gz node-v12.18.4-linux-arm64/bin/node --strip-components=2
          mv ./node ./release-standalone/lib/node
      - name: Build packages with nfpm
@@ -298,14 +287,13 @@ jobs:
    name: x86-64 macOS build
    needs: build
    runs-on: macos-latest
    timeout-minutes: 15
    steps:
      - uses: actions/checkout@v2
-      - name: Install Node.js v14
+      - name: Install Node.js v12
        uses: actions/setup-node@v2
        with:
-          node-version: "14"
+          node-version: "12"
      - name: Install nfpm
        run: |
@@ -339,21 +327,19 @@ jobs:
    name: End-to-end tests
    needs: package-linux-amd64
    runs-on: ubuntu-latest
    timeout-minutes: 15
    env:
-      # Since we build code-server we might as well run tests from the release
+      PASSWORD: e45432jklfdsab
-      # since VS Code will load faster due to the bundling.
+      CODE_SERVER_ADDRESS: http://localhost:8080
      CODE_SERVER_TEST_ENTRY: "./release-packages/code-server-linux-amd64"
    steps:
      - uses: actions/checkout@v2
-      - name: Install Node.js v14
+      - name: Install Node.js v12
        uses: actions/setup-node@v2
        with:
-          node-version: "14"
+          node-version: "12"
-      - name: Install playwright OS dependencies
+      - name: Install playwright
-        run: npx playwright install-deps
+        uses: microsoft/playwright-github-action@v1
      - name: Fetch dependencies from cache
        id: cache-yarn
@@ -361,8 +347,6 @@ jobs:
        with:
          path: "**/node_modules"
          key: yarn-build-${{ hashFiles('**/yarn.lock') }}
          restore-keys: |
            yarn-build-
      - name: Download release packages
        uses: actions/download-artifact@v2
@@ -370,11 +354,9 @@ jobs:
          name: release-packages
          path: ./release-packages
-      - name: Untar code-server release
+      - name: Untar code-server file
        run: |
-          cd release-packages
+          cd release-packages && tar -xzf code-server*-linux-amd64.tar.gz
          tar -xzf code-server*-linux-amd64.tar.gz
          mv code-server*-linux-amd64 code-server-linux-amd64
      - name: Install dependencies
        if: steps.cache-yarn.outputs.cache-hit != 'true'
@@ -390,7 +372,9 @@ jobs:
          yarn install --check-files
      - name: Run end-to-end tests
-        run: yarn test:e2e
+        run: |
          ./release-packages/code-server*-linux-amd64/bin/code-server --log trace &
          yarn test:e2e
      - name: Upload test artifacts
        if: always()
@@ -402,6 +386,84 @@ jobs:
      - name: Remove release packages and test artifacts
        run: rm -rf ./release-packages ./test/test-results
  docker-amd64:
    runs-on: ubuntu-latest
    needs: package-linux-amd64
    steps:
      - uses: actions/checkout@v2
      - name: Download release package
        uses: actions/download-artifact@v2
        with:
          name: release-packages
          path: ./release-packages
      - name: Run ./ci/steps/build-docker-image.sh
        run: ./ci/steps/build-docker-image.sh
      - name: Upload release image
        uses: actions/upload-artifact@v2
        with:
          name: release-images
          path: ./release-images
  # TODO: this is the last place where we use our self-hosted arm64 runner.
  # In the future, consider switching to docker buildx + qemu,
  # thus removing the requirement for us to maintain the runner.
  docker-arm64:
    runs-on: ubuntu-arm64-latest
    needs: package-linux-arm64
    steps:
      - uses: actions/checkout@v2
      - name: Download release package
        uses: actions/download-artifact@v2
        with:
          name: release-packages
          path: ./release-packages
      - name: Run ./ci/steps/build-docker-image.sh
        run: ./ci/steps/build-docker-image.sh
      - name: Upload release image
        uses: actions/upload-artifact@v2
        with:
          name: release-images
          path: ./release-images
  trivy-scan-image:
    runs-on: ubuntu-20.04
    needs: docker-amd64
    steps:
      - name: Checkout code
        uses: actions/checkout@v2
      - name: Download release images
        uses: actions/download-artifact@v2
        with:
          name: release-images
          path: ./release-images
      - name: Run Trivy vulnerability scanner in image mode
        # Commit SHA for v0.0.17
        uses: aquasecurity/trivy-action@dba83feec810c70bacbc4bead308ae1e466c572b
        with:
          input: "./release-images/code-server-amd64-*.tar"
          scan-type: "image"
          ignore-unfixed: true
          format: "template"
          template: "@/contrib/sarif.tpl"
          output: "trivy-image-results.sarif"
          severity: "HIGH,CRITICAL"
      - name: Upload Trivy scan results to GitHub Security tab
        uses: github/codeql-action/upload-sarif@v1
        with:
          sarif_file: "trivy-image-results.sarif"
  # We have to use two trivy jobs
  # because GitHub only allows
  # codeql/upload-sarif action per job
  trivy-scan-repo:
    runs-on: ubuntu-20.04
    steps:
@@ -409,7 +471,7 @@ jobs:
        uses: actions/checkout@v2
      - name: Run Trivy vulnerability scanner in repo mode
        #Commit SHA for v0.0.17
-        uses: aquasecurity/trivy-action@9438b49cc3156b2e8c77c1ba8ffbaa3bae24e3c2
+        uses: aquasecurity/trivy-action@dba83feec810c70bacbc4bead308ae1e466c572b
        with:
          scan-type: "fs"
          scan-ref: "."
--- a/.github/workflows/docker.yaml
+++ b/.github/workflows/docker.yaml
@@ -1,28 +0,0 @@
 name: Publish on Docker
 on:
  # Shows the manual trigger in GitHub UI
  # helpful as a back-up in case the GitHub Actions Workflow fails
  workflow_dispatch:
  release:
    types: [published]
 jobs:
  docker-images:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: Set up QEMU
        uses: docker/setup-qemu-action@v1
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v1
      - name: Run ./ci/steps/docker-buildx-push.sh
        run: ./ci/steps/docker-buildx-push.sh
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
          DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
--- a/.github/workflows/installer.yml
+++ b/.github/workflows/installer.yml
@@ -1,57 +0,0 @@
 name: Installer integration
 on:
  push:
    branches:
      - main
    paths:
      - "installer.sh"
  pull_request:
    branches:
      - main
 jobs:
  ubuntu:
    name: Test installer on Ubuntu
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repo
        uses: actions/checkout@v2
      - name: Install code-server
        run: ./install.sh
      - name: Test code-server
        run: yarn test:standalone-release code-server
  alpine:
    name: Test installer on Alpine
    runs-on: ubuntu-latest
    container: "alpine:3.14"
    steps:
      - name: Checkout repo
        uses: actions/checkout@v2
      - name: Install curl
        run: apk add curl
      - name: Add user
        run: adduser coder --disabled-password
      # Standalone should work without root.
      - name: Test standalone to a non-existent prefix
        run: su coder -c "./install.sh --method standalone --prefix /tmp/does/not/yet/exist"
  macos:
    name: Test installer on macOS
    runs-on: macos-latest
    steps:
      - name: Checkout repo
        uses: actions/checkout@v2
      - name: Install code-server
        run: ./install.sh
      - name: Test code-server
        run: yarn test:standalone-release code-server
--- a/.github/workflows/npm-brew.yaml
+++ b/.github/workflows/npm-brew.yaml
@@ -1,4 +1,4 @@
-name: Publish on npm and brew
+name: publish
 on:
  # Shows the manual trigger in GitHub UI
@@ -22,19 +22,26 @@ jobs:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
  # NOTE: this job requires curl, jq and docker
  # All of them are included in ubuntu-latest.
  docker:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: Run ./ci/steps/push-docker-manifest.sh
        run: ./ci/steps/push-docker-manifest.sh
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
          DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
  homebrew:
    # The newest version of code-server needs to be available on npm when this runs
    # otherwise, it will 404 and won't open a PR to bump version on homebrew/homebrew-core
    needs: npm
    runs-on: macos-latest
    steps:
      # Ensure things are up to date
      # Suggested by homebrew maintainers
      # https://github.com/Homebrew/discussions/discussions/1532#discussioncomment-782633
      - name: Set up Homebrew
        id: set-up-homebrew
        uses: Homebrew/actions/setup-homebrew@master
      - uses: actions/checkout@v2
      - name: Configure git
        run: |
--- a/.github/workflows/scripts.yml
+++ b/.github/workflows/scripts.yml
@@ -1,30 +0,0 @@
 name: Script unit tests
 on:
  push:
    branches:
      - main
    paths:
      - "installer.sh"
  pull_request:
    branches:
      - main
 jobs:
  test:
    name: Run script unit tests
    runs-on: ubuntu-latest
    # This runs on Alpine to make sure we're testing with actual sh.
    container: "alpine:3.14"
    steps:
      - name: Checkout repo
        uses: actions/checkout@v2
      - name: Install test utilities
        run: apk add bats checkbashisms
      - name: Check Bashisms
        run: checkbashisms ./install.sh
      - name: Run script unit tests
        run: ./ci/dev/test-scripts.sh
--- a/.gitignore
+++ b/.gitignore
@@ -1,6 +1,7 @@
 .tsbuildinfo
 .cache
-/out*/
+dist*
 out*
 release/
 release-npm-package/
 release-standalone/
--- a/.node-version
+++ b/.node-version
@@ -1 +0,0 @@
 14
--- a/.nvmrc
+++ b/.nvmrc
@@ -1 +0,0 @@
 .node-version
--- a/.tours/start-development.tour
+++ b/.tours/start-development.tour
@@ -5,7 +5,7 @@
    {
      "file": "package.json",
      "line": 31,
-      "description": "## Commands\n\nTo start developing, make sure you have Node 14+ and the [required dependencies](https://github.com/Microsoft/vscode/wiki/How-to-Contribute#prerequisites) installed. Then, run the following commands:\n\n1. Install dependencies:\n>> yarn\n\n3. Start development mode (and watch for changes):\n>> yarn watch"
+      "description": "## Commands\n\nTo start developing, make sure you have Node 12+ and the [required dependencies](https://github.com/Microsoft/vscode/wiki/How-to-Contribute#prerequisites) installed. Then, run the following commands:\n\n1. Install dependencies:\n>> yarn\n\n3. Start development mode (and watch for changes):\n>> yarn watch"
    },
    {
      "file": "src/node/app.ts",
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,21 @@
 <!-- START doctoc generated TOC please keep comment here to allow auto update -->
 <!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
 # Changelog
 - [Changelog](#changelog)
  - [3.10.1](#3101)
    - [Bug Fixes](#bug-fixes)
    - [Documentation](#documentation)
    - [Development](#development)
  - [3.10.0](#3100)
    - [New Features](#new-features)
    - [Bug Fixes](#bug-fixes-1)
    - [Documentation](#documentation-1)
    - [Development](#development-1)
  - [Previous versions](#previous-versions)
 <!-- END doctoc generated TOC please keep comment here to allow auto update -->
 # Changelog
 <!--
@@ -33,57 +51,6 @@ VS Code v0.00.0
 -->
 ## Next Version
 VS Code v0.00.0
 ### New Features
 - item
 ### Bug Fixes
 - Fix logout when using a base path (#3608)
 ### Documentation
 - docs: add Pomerium #3424 @desimone
 - docs: fix confusing sentence in pull requests section #3460 @shiv-tyagi
 - docs: remove toc from changelog @oxy @jsjoeio
 - docs(MAINTAINING): add information about CHANGELOG #3467 @jsjoeio
 - docs: move release process to MAINTAINING.md #3441 @oxy @Prashant168
 - docs: format 'Caddy' from guide.md @PisecesPeng
 ### Development
 - chore: cross-compile docker images with buildx #3166 @oxy
 - chore: update node to v14 #3458 @oxy
 - chore: update .gitignore #3557 @cuining
 - fix: use sufficient computational effort for password hash #3422 @jsjoeio
 - docs(CONTRIBUTING): add section on testing #3629 @jsjoeio
 ### Development
 - fix(publish): update cdrci fork in brew-bump.sh #3468 @jsjoeio
 - chore(dev): migrate away from parcel #3578 @jsjoeio
 ## 3.10.2
 VS Code v1.56.1
 ### New Features
 - feat: support `extraInitContainers` in helm chart values #3393 @strowk
 - feat: change `extraContainers` to support templating in helm chart #3393 @strowk
 ### Bug Fixes
 - fix: use correct command to Open Folder on Welcome page #3437 @jsjoeio
 ### Development
 - fix(ci): update brew-bump.sh to update remote first #3438 @jsjoeio
 ## 3.10.1
 VS Code v1.56.1
@@ -101,6 +68,7 @@ VS Code v1.56.1
 - docs(maintaining): add merge strategies section #3379 @jsjoeio
 - refactor: move default PR template #3375 @jsjoeio
 - docs(contributing): add commits section #3377 @jsjoeio
 - docs(maintaining): add process for release managers #3360 @jsjoeio
 ### Development
--- a/README.md
+++ b/README.md
@@ -0,0 +1,77 @@
 # code-server &middot; [!["GitHub Discussions"](https://img.shields.io/badge/%20GitHub-%20Discussions-gray.svg?longCache=true&logo=github&colorB=purple)](https://github.com/cdr/code-server/discussions) [!["Join us on Slack"](https://img.shields.io/badge/join-us%20on%20slack-gray.svg?longCache=true&logo=slack&colorB=brightgreen)](https://cdr.co/join-community) [![Twitter Follow](https://img.shields.io/twitter/follow/CoderHQ?label=%40CoderHQ&style=social)](https://twitter.com/coderhq)
 [![codecov](https://codecov.io/gh/cdr/code-server/branch/main/graph/badge.svg?token=5iM9farjnC)](https://codecov.io/gh/cdr/code-server)
 [![See latest docs](https://img.shields.io/static/v1?label=Docs&message=see%20latest%20&color=blue)](https://github.com/cdr/code-server/tree/v3.10.1/docs)
 Run [VS Code](https://github.com/Microsoft/vscode) on any machine anywhere and access it in the browser.
 ![Screenshot](./docs/assets/screenshot.png)
 ## Highlights
 - Code on any device with a consistent development environment
 - Use cloud servers to speed up tests, compilations, downloads, and more
 - Preserve battery life when you're on the go; all intensive tasks run on your server
 ## Requirements
 For a good experience, we recommend at least:
 - 1 GB of RAM
 - 2 cores
 You can use whatever linux distribution floats your boat but in our [guide](./docs/guide.md) we assume Debian on Google Cloud.
 ## Getting Started
 There are three ways you can get started:
 1. Using the [install script](./install.sh), which automates most of the process. The script uses the system package manager (if possible)
 2. Manually installing code-server; see [Installation](./docs/install.md) for instructions applicable to most use cases
 3. Use our one-click buttons and guides to [deploy code-server to a popular cloud provider](https://github.com/cdr/deploy-code-server) ⚡
 If you choose to use the install script, you can preview what occurs during the install process:
 ```bash
 curl -fsSL https://code-server.dev/install.sh | sh -s -- --dry-run
 ```
 To install, run:
 ```bash
 curl -fsSL https://code-server.dev/install.sh | sh
 ```
 When done, the install script prints out instructions for running and starting code-server.
 We also have an in-depth [setup and configuration](./docs/guide.md) guide.
 ### code-server --link
 We're working on a cloud platform that makes deploying and managing code-server easier.
 Consider running code-server with the beta flag `--link` if you don't want to worry about
 - TLS
 - Authentication
 - Port Forwarding
 ```bash
 $ code-server --link
 Proxying code-server, you can access your IDE at https://valmar-jon.cdr.co
 ```
 ## FAQ
 See [./docs/FAQ.md](./docs/FAQ.md).
 ## Want to help?
 See [CONTRIBUTING](./docs/CONTRIBUTING.md) for details.
 ## Hiring
 Interested in [working at Coder](https://coder.com)? Check out [our open positions](https://jobs.lever.co/coder)!
 ## For Organizations
 Visit [our website](https://coder.com) for more information about remote development for your organization or enterprise.
--- a/ci/README.md
+++ b/ci/README.md
@@ -10,6 +10,28 @@ Any file or directory in this subdirectory should be documented here.
 - [./ci/lib.sh](./lib.sh)
  - Contains code duplicated across these scripts.
 ## Publishing a release
 1. Run `yarn release:prep` and type in the new version i.e. 3.8.1
 2. GitHub actions will generate the `npm-package`, `release-packages` and `release-images` artifacts.
   1. You do not have to wait for these.
 3. Run `yarn release:github-draft` to create a GitHub draft release from the template with
   the updated version.
   1. Summarize the major changes in the release notes and link to the relevant issues.
   2. Change the @ to target the version branch. Example: `v3.9.0 @ Target: v3.9.0`
 4. Wait for the artifacts in step 2 to build.
 5. Run `yarn release:github-assets` to download the `release-packages` artifact.
   - It will upload them to the draft release.
 6. Run some basic sanity tests on one of the released packages.
   - Especially make sure the terminal works fine.
 7. Publish the release and merge the PR.
   1. CI will automatically grab the artifacts and then:
      1. Publish the NPM package from `npm-package`.
      2. Publish the Docker Hub image from `release-images`.
 8. Update the AUR package.
   - Instructions on updating the AUR package are at [cdr/code-server-aur](https://github.com/cdr/code-server-aur).
 9. Wait for the npm package to be published.
 ## dev
 This directory contains scripts used for the development of code-server.
@@ -78,8 +100,8 @@ You can disable minification by setting `MINIFY=`.
 This directory contains the release docker container image.
- [./ci/steps/build-docker-buildx-push.sh](./ci/steps/docker-buildx-push.sh)
+- [./release-image/build.sh](./release-image/build.sh)
-  - Builds the release containers with tags `codercom/code-server-$ARCH:$VERSION` for amd64 and arm64 with `docker buildx` and pushes them.
+  - Builds the release container with the tag `codercom/code-server-$ARCH:$VERSION`.
  - Assumes debian releases are ready in `./release-packages`.
 ## images
@@ -107,8 +129,8 @@ Helps avoid clobbering the CI configuration.
    release packages into `./release-packages`.
 - [./steps/publish-npm.sh](./steps/publish-npm.sh)
  - Grabs the `npm-package` release artifact for the current commit and publishes it on npm.
- [./steps/docker-buildx-push.sh](./steps/docker-buildx-push.sh)
+- [./steps/build-docker-image.sh](./steps/build-docker-image.sh)
-  - Builds the docker image and then pushes it.
+  - Builds the docker image and then saves it into `./release-images/code-server-$ARCH-$VERSION.tar`.
 - [./steps/push-docker-manifest.sh](./steps/push-docker-manifest.sh)
  - Loads all images in `./release-images` and then builds and pushes a multi architecture
    docker manifest for the amd64 and arm64 images to `codercom/code-server:$VERSION` and
--- a/ci/build/build-code-server.sh
+++ b/ci/build/build-code-server.sh
@@ -3,6 +3,9 @@ set -euo pipefail
 # Builds code-server into out and the frontend into dist.
 # MINIFY controls whether parcel minifies dist.
 MINIFY=${MINIFY-true}
 main() {
  cd "$(dirname "${0}")/../.."
@@ -29,9 +32,14 @@ main() {
    set -e
  fi
-  yarn browserify out/browser/register.js -o out/browser/register.browserified.js
+  parcel build \
-  yarn browserify out/browser/pages/login.js -o out/browser/pages/login.browserified.js
+    --public-url "." \
-  yarn browserify out/browser/pages/vscode.js -o out/browser/pages/vscode.browserified.js
+    --out-dir dist \
    $([[ $MINIFY ]] || echo --no-minify) \
    src/browser/register.ts \
    src/browser/serviceWorker.ts \
    src/browser/pages/login.ts \
    src/browser/pages/vscode.ts
 }
 main "$@"
--- a/ci/build/build-release.sh
+++ b/ci/build/build-release.sh
@@ -22,20 +22,19 @@ main() {
  bundle_code_server
  bundle_vscode
-  rsync ./docs/README.md "$RELEASE_PATH"
+  rsync README.md "$RELEASE_PATH"
  rsync LICENSE.txt "$RELEASE_PATH"
  rsync ./lib/vscode/ThirdPartyNotices.txt "$RELEASE_PATH"
 }
 bundle_code_server() {
-  rsync out "$RELEASE_PATH"
+  rsync out dist "$RELEASE_PATH"
  # For source maps and images.
  mkdir -p "$RELEASE_PATH/src/browser"
  rsync src/browser/media/ "$RELEASE_PATH/src/browser/media"
  mkdir -p "$RELEASE_PATH/src/browser/pages"
  rsync src/browser/pages/*.html "$RELEASE_PATH/src/browser/pages"
  rsync src/browser/pages/*.css "$RELEASE_PATH/src/browser/pages"
  rsync src/browser/robots.txt "$RELEASE_PATH/src/browser"
  # Add typings for plugins
@@ -82,12 +81,10 @@ bundle_vscode() {
  rsync "$VSCODE_SRC_PATH/resources/linux/code.png" "$VSCODE_OUT_PATH/resources/linux/code.png"
  rsync "$VSCODE_SRC_PATH/resources/web/callback.html" "$VSCODE_OUT_PATH/resources/web/callback.html"
-  # Add the commit and date and enable telemetry. This just makes telemetry
+  # Adds the commit and date to product.json
  # available; telemetry can still be disabled by flag or setting.
  jq --slurp '.[0] * .[1]' "$VSCODE_SRC_PATH/product.json" <(
    cat <<EOF
  {
    "enableTelemetry": true,
    "commit": "$(git rev-parse HEAD)",
    "date": $(jq -n 'now | todate')
  }
--- a/ci/build/build-standalone-release.sh
+++ b/ci/build/build-standalone-release.sh
@@ -1,10 +1,6 @@
 #!/usr/bin/env bash
 set -euo pipefail
 # This is due to an upstream issue with RHEL7/CentOS 7 comptability with node-argon2
 # See: https://github.com/cdr/code-server/pull/3422#pullrequestreview-677765057
 export npm_config_build_from_source=true
 main() {
  cd "$(dirname "${0}")/../.."
  source ./ci/lib.sh
@@ -27,12 +23,6 @@ main() {
  cd "$RELEASE_PATH"
  yarn --production --frozen-lockfile
  # HACK: the version of Typescript vscode 1.57 uses in extensions/
  # leaves a few stray symlinks. Clean them up so nfpm does not fail.
  # Remove this line when its no longer needed.
  rm -fr "$RELEASE_PATH/lib/vscode/extensions/node_modules/.bin"
 }
 main "$@"
--- a/ci/build/npm-postinstall.sh
+++ b/ci/build/npm-postinstall.sh
@@ -18,29 +18,15 @@ detect_arch() {
 }
 ARCH="${NPM_CONFIG_ARCH:-$(detect_arch)}"
 # This is due to an upstream issue with RHEL7/CentOS 7 comptability with node-argon2
 # See: https://github.com/cdr/code-server/pull/3422#pullrequestreview-677765057
 export npm_config_build_from_source=true
 main() {
  # Grabs the major version of node from $npm_config_user_agent which looks like
  # yarn/1.21.1 npm/? node/v14.2.0 darwin x64
  major_node_version=$(echo "$npm_config_user_agent" | sed -n 's/.*node\/v\([^.]*\).*/\1/p')
-
+  if [ "$major_node_version" -lt 12 ]; then
-  if [ -n "${FORCE_NODE_VERSION:-}" ]; then
+    echo "code-server currently requires at least node v12"
    echo "WARNING: Overriding required Node.js version to v$FORCE_NODE_VERSION"
    echo "This could lead to broken functionality, and is unsupported."
    echo "USE AT YOUR OWN RISK!"
  fi
  if [ "$major_node_version" -ne "${FORCE_NODE_VERSION:-14}" ]; then
    echo "ERROR: code-server currently requires node v14."
    if [ -n "$FORCE_NODE_VERSION" ]; then
      echo "However, you have overrided the version check to use v$FORCE_NODE_VERSION."
    fi
    echo "We have detected that you are on node v$major_node_version"
-    echo "You can override this version check by setting \$FORCE_NODE_VERSION,"
+    echo "See https://github.com/cdr/code-server/issues/1633"
    echo "but configurations that do not use the same node version are unsupported."
    exit 1
  fi
@@ -68,17 +54,11 @@ main() {
    echo "Please see https://github.com/cdr/code-server/blob/master/docs/npm.md"
    exit 1
  fi
  if [ -n "${FORCE_NODE_VERSION:-}" ]; then
    echo "WARNING: The required Node.js version was overriden to v$FORCE_NODE_VERSION"
    echo "This could lead to broken functionality, and is unsupported."
    echo "USE AT YOUR OWN RISK!"
  fi
 }
 # This is a copy of symlink_asar in ../lib.sh. Look there for details.
 symlink_asar() {
-  rm -rf node_modules.asar
+  rm -f node_modules.asar
  if [ "${WINDIR-}" ]; then
    mklink /J node_modules.asar node_modules
  else
--- a/ci/build/release-prep.sh
+++ b/ci/build/release-prep.sh
@@ -83,6 +83,10 @@ main() {
  echo -e "Great! We'll prep a PR for updating to $CODE_SERVER_VERSION_TO_UPDATE\n"
  $CMD rg -g '!yarn.lock' -g '!*.svg' -g '!CHANGELOG.md' --files-with-matches --fixed-strings "${CODE_SERVER_CURRENT_VERSION}" | $CMD xargs sd "$CODE_SERVER_CURRENT_VERSION" "$CODE_SERVER_VERSION_TO_UPDATE"
  # Ensure the tests are passing and code coverage is up-to-date
  echo -e "Running unit tests and updating code coverage...\n"
  $CMD yarn test:unit
  $CMD git commit -am "chore(release): bump version to $CODE_SERVER_VERSION_TO_UPDATE"
  # This runs from the root so that's why we use this path vs. ../../
@@ -90,7 +94,7 @@ main() {
  echo -e "\nOpening a draft PR on GitHub"
  # To read about these flags, visit the docs: https://cli.github.com/manual/gh_pr_create
-  $CMD gh pr create --base main --title "release: $CODE_SERVER_VERSION_TO_UPDATE" --body "$RELEASE_TEMPLATE_STRING" --reviewer @cdr/code-server-reviewers --repo cdr/code-server --draft --assignee "@me"
+  $CMD gh pr create --base main --title "release: $CODE_SERVER_VERSION_TO_UPDATE" --body "$RELEASE_TEMPLATE_STRING" --reviewer @cdr/code-server-reviewers --repo cdr/code-server --draft
  # Open PR in browser
  $CMD gh pr view --web
--- a/ci/build/test-standalone-release.sh
+++ b/ci/build/test-standalone-release.sh
@@ -1,9 +1,7 @@
 #!/usr/bin/env bash
 set -euo pipefail
-# Make sure a code-server release works. You can pass in the path otherwise it
+# Makes sure the release works.
 # will use release-standalone in the current directory.
 #
 # This is to make sure we don't have Node version errors or any other
 # compilation-related errors.
 main() {
@@ -12,14 +10,12 @@ main() {
  local EXTENSIONS_DIR
  EXTENSIONS_DIR="$(mktemp -d)"
-  local path=${1:-./release-standalone/bin/code-server}
+  echo "Testing standalone release."
-  echo "Testing standalone release in $path."
+  # Note: using a basic theme extension because it doesn't update often and is more reliable for testing
-
+  ./release-standalone/bin/code-server --extensions-dir "$EXTENSIONS_DIR" --install-extension wesbos.theme-cobalt2
  # NOTE: using a basic theme extension because it doesn't update often and is more reliable for testing
  "$path" --extensions-dir "$EXTENSIONS_DIR" --install-extension wesbos.theme-cobalt2
  local installed_extensions
-  installed_extensions="$("$path" --extensions-dir "$EXTENSIONS_DIR" --list-extensions 2>&1)"
+  installed_extensions="$(./release-standalone/bin/code-server --extensions-dir "$EXTENSIONS_DIR" --list-extensions 2>&1)"
  # We use grep as wesbos.theme-cobalt2 may have dependency extensions that change.
  if ! echo "$installed_extensions" | grep -q "wesbos.theme-cobalt2"; then
    echo "Unexpected output from listing extensions:"
--- a/ci/dev/fmt.sh
+++ b/ci/dev/fmt.sh
@@ -31,6 +31,7 @@ main() {
  doctoc --title '# Contributor Covenant Code of Conduct' docs/CODE_OF_CONDUCT.md >/dev/null
  doctoc --title '# iPad' docs/ipad.md >/dev/null
  doctoc --title '# Termux' docs/termux.md >/dev/null
  doctoc --title '# Changelog' CHANGELOG.md >/dev/null
  if [[ ${CI-} && $(git ls-files --other --modified --exclude-standard) ]]; then
    echo "Files need generation or are formatted incorrectly:"
--- a/ci/dev/test-e2e.sh
+++ b/ci/dev/test-e2e.sh
@@ -3,35 +3,10 @@ set -euo pipefail
 main() {
  cd "$(dirname "$0")/../.."
  source ./ci/lib.sh
  local dir="$PWD"
  if [[ ! ${CODE_SERVER_TEST_ENTRY-} ]]; then
    echo "Set CODE_SERVER_TEST_ENTRY to test another build of code-server"
  else
    pushd "$CODE_SERVER_TEST_ENTRY"
    dir="$PWD"
    popd
  fi
  echo "Testing build in '$dir'"
  # Simple sanity checks to see that we've built. There could still be things
  # wrong (native modules version issues, incomplete build, etc).
  if [[ ! -d $dir/out ]]; then
    echo >&2 "No code-server build detected"
    echo >&2 "You can build it with 'yarn build' or 'yarn watch'"
    exit 1
  fi
  if [[ ! -d $dir/lib/vscode/out ]]; then
    echo >&2 "No VS Code build detected"
    echo >&2 "You can build it with 'yarn build:vscode' or 'yarn watch'"
    exit 1
  fi
  cd test
-  yarn playwright test "$@"
+  # We set these environment variables because they're used in the e2e tests
  # they don't have to be these values, but these are the defaults
  PASSWORD=e45432jklfdsab CODE_SERVER_ADDRESS=http://localhost:8080 yarn folio --config=config.ts --reporter=list "$@"
 }
 main "$@"
--- a/ci/dev/test-scripts.sh
+++ b/ci/dev/test-scripts.sh
@@ -1,9 +0,0 @@
 #!/usr/bin/env bash
 set -euo pipefail
 main() {
  cd "$(dirname "$0")/../.."
  bats ./test/scripts
 }
 main "$@"
--- a/ci/dev/test-unit.sh
+++ b/ci/dev/test-unit.sh
@@ -3,7 +3,7 @@ set -euo pipefail
 main() {
  cd "$(dirname "$0")/../.."
-  cd test/unit/node/test-plugin
+  cd test/unit/test-plugin
  make -s out/index.js
  # We must keep jest in a sub-directory. See ../../test/package.json for more
  # information. We must also run it from the root otherwise coverage will not
--- a/ci/dev/watch.ts
+++ b/ci/dev/watch.ts
@@ -1,8 +1,6 @@
 import browserify from "browserify"
 import * as cp from "child_process"
-import * as fs from "fs"
+import Bundler from "parcel-bundler"
 import * as path from "path"
 import { onLine } from "../../src/node/util"
 async function main(): Promise<void> {
  try {
@@ -42,6 +40,7 @@ class Watcher {
    const plugin = process.env.PLUGIN_DIR
      ? cp.spawn("yarn", ["build", "--watch"], { cwd: process.env.PLUGIN_DIR })
      : undefined
    const bundler = this.createBundler()
    const cleanup = (code?: number | null): void => {
      Watcher.log("killing vs code watcher")
@@ -64,7 +63,7 @@ class Watcher {
        server.kill()
      }
-      Watcher.log("killing watch")
+      Watcher.log("killing bundler")
      process.exit(code || 0)
    }
@@ -85,6 +84,16 @@ class Watcher {
        cleanup(code)
      })
    }
    const bundle = bundler.bundle().catch(() => {
      Watcher.log("parcel watcher terminated unexpectedly")
      cleanup(1)
    })
    bundler.on("buildEnd", () => {
      console.log("[parcel] bundled")
    })
    bundler.on("buildError", (error) => {
      console.error("[parcel]", error)
    })
    vscode.stderr.on("data", (d) => process.stderr.write(d))
    tsc.stderr.on("data", (d) => process.stderr.write(d))
@@ -92,11 +101,37 @@ class Watcher {
      plugin.stderr.on("data", (d) => process.stderr.write(d))
    }
-    const browserFiles = [
+    // From https://github.com/chalk/ansi-regex
-      path.join(this.rootPath, "out/browser/register.js"),
+    const pattern = [
-      path.join(this.rootPath, "out/browser/pages/login.js"),
+      "[\\u001B\\u009B][[\\]()#;?]*(?:(?:(?:[a-zA-Z\\d]*(?:;[-a-zA-Z\\d\\/#&.:=?%@~_]*)*)?\\u0007)",
-      path.join(this.rootPath, "out/browser/pages/vscode.js"),
+      "(?:(?:\\d{1,4}(?:;\\d{0,4})*)?[\\dA-PR-TZcf-ntqry=><~]))",
-    ]
+    ].join("|")
    const re = new RegExp(pattern, "g")
    /**
     * Split stdout on newlines and strip ANSI codes.
     */
    const onLine = (proc: cp.ChildProcess, callback: (strippedLine: string, originalLine: string) => void): void => {
      let buffer = ""
      if (!proc.stdout) {
        throw new Error("no stdout")
      }
      proc.stdout.setEncoding("utf8")
      proc.stdout.on("data", (d) => {
        const data = buffer + d
        const split = data.split("\n")
        const last = split.length - 1
        for (let i = 0; i < last; ++i) {
          callback(split[i].replace(re, ""), split[i])
        }
        // The last item will either be an empty string (the data ended with a
        // newline) or a partial line (did not end with a newline) and we must
        // wait to parse it until we get a full line.
        buffer = split[last]
      })
    }
    let startingVscode = false
    let startedVscode = false
@@ -108,7 +143,7 @@ class Watcher {
        startingVscode = true
      } else if (startingVscode && line.includes("Finished compilation")) {
        if (startedVscode) {
-          restartServer()
+          bundle.then(restartServer)
        }
        startedVscode = true
      }
@@ -120,8 +155,7 @@ class Watcher {
        console.log("[tsc]", original)
      }
      if (line.includes("Watching for file changes")) {
-        bundleBrowserCode(browserFiles)
+        bundle.then(restartServer)
        restartServer()
      }
    })
@@ -132,26 +166,29 @@ class Watcher {
          console.log("[plugin]", original)
        }
        if (line.includes("Watching for file changes")) {
-          restartServer()
+          bundle.then(restartServer)
        }
      })
    }
  }
 }
-function bundleBrowserCode(inputFiles: string[]) {
+  private createBundler(out = "dist"): Bundler {
-  console.log(`[browser] bundling...`)
+    return new Bundler(
-  inputFiles.forEach(async (path: string) => {
+      [
-    const outputPath = path.replace(".js", ".browserified.js")
+        path.join(this.rootPath, "src/browser/register.ts"),
-    browserify()
+        path.join(this.rootPath, "src/browser/serviceWorker.ts"),
-      .add(path)
+        path.join(this.rootPath, "src/browser/pages/login.ts"),
-      .bundle()
+        path.join(this.rootPath, "src/browser/pages/vscode.ts"),
-      .on("error", function (error: Error) {
+      ],
-        console.error(error.toString())
+      {
-      })
+        outDir: path.join(this.rootPath, out),
-      .pipe(fs.createWriteStream(outputPath))
+        cacheDir: path.join(this.rootPath, ".cache"),
-  })
+        minify: !!process.env.MINIFY,
-  console.log(`[browser] done bundling`)
+        logLevel: 1,
        publicUrl: ".",
      },
    )
  }
 }
 main()
--- a/ci/helm-chart/Chart.yaml
+++ b/ci/helm-chart/Chart.yaml
@@ -20,4 +20,4 @@ version: 1.0.3
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
-appVersion: 3.11.1
+appVersion: 3.10.1
--- a/ci/helm-chart/README.md
+++ b/ci/helm-chart/README.md
@@ -1,6 +1,6 @@
 # code-server
-![Version: 1.0.0](https://img.shields.io/badge/Version-1.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 3.11.1](https://img.shields.io/badge/AppVersion-3.11.1-informational?style=flat-square)
+![Version: 1.0.0](https://img.shields.io/badge/Version-1.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 3.10.1](https://img.shields.io/badge/AppVersion-3.10.1-informational?style=flat-square)
 [code-server](https://github.com/cdr/code-server) code-server is VS Code running
 on a remote server, accessible through the browser.
@@ -65,7 +65,6 @@ and their default values.
 | extraArgs | list | `[]` |  |
 | extraConfigmapMounts | list | `[]` |  |
 | extraContainers | string | `""` |  |
 | extraInitContainers | string | `""` |  |
 | extraSecretMounts | list | `[]` |  |
 | extraVars | list | `[]` |  |
 | extraVolumeMounts | list | `[]` |  |
@@ -73,7 +72,7 @@ and their default values.
 | hostnameOverride | string | `""` |  |
 | image.pullPolicy | string | `"Always"` |  |
 | image.repository | string | `"codercom/code-server"` |  |
-| image.tag | string | `"3.11.1"` |  |
+| image.tag | string | `"3.10.1"` |  |
 | imagePullSecrets | list | `[]` |  |
 | ingress.enabled | bool | `false` |  |
 | nameOverride | string | `""` |  |
@@ -116,47 +115,3 @@ $ helm upgrade --install code-server ci/helm-chart -f values.yaml
 ```
 > **Tip**: You can use the default [values.yaml](values.yaml)
 # Extra Containers
 There are two parameters which allow to add more containers to pod.
 Use `extraContainers` to add regular containers 
 and `extraInitContainers` to add init containers. You can read more
 about init containers in [k8s documentation](https://kubernetes.io/docs/concepts/workloads/pods/init-containers/).
 Both parameters accept strings and use them as a templates
 Example of using `extraInitContainers`:
 ``` yaml
 extraInitContainers: |
  - name: customization
    image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
    imagePullPolicy: IfNotPresent
    env:
      - name: SERVICE_URL
        value: https://open-vsx.org/vscode/gallery
      - name: ITEM_URL
        value: https://open-vsx.org/vscode/item
    command:
      - sh
      - -c
      - |
        code-server --install-extension ms-python.python
        code-server --install-extension golang.Go
    volumeMounts:
      - name: data
        mountPath: /home/coder
 ```
 With this yaml in file `init.yaml`, you can execute 
 ```console
 $ helm upgrade --install code-server \
    ci/helm-chart \
    --values init.yaml
 ```
 to deploy code-server with python and golang extensions preinstalled
 before main container have started. 
--- a/ci/helm-chart/templates/deployment.yaml
+++ b/ci/helm-chart/templates/deployment.yaml
@@ -43,13 +43,10 @@ spec:
        volumeMounts:
        - name: data
          mountPath: /home/coder
 {{- if .Values.extraInitContainers }}
 {{ tpl .Values.extraInitContainers . | indent 6}}
 {{- end }}
      {{- end }}
      containers:
 {{- if .Values.extraContainers }}
-{{ tpl .Values.extraContainers . | indent 8}}
+{{ toYaml .Values.extraContainers | indent 8}}
 {{- end }}
        - name: {{ .Chart.Name }}
          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
--- a/ci/helm-chart/values.yaml
+++ b/ci/helm-chart/values.yaml
@@ -6,7 +6,7 @@ replicaCount: 1
 image:
  repository: codercom/code-server
-  tag: '3.11.1'
+  tag: '3.10.1'
  pullPolicy: Always
 imagePullSecrets: []
--- a/ci/lib.sh
+++ b/ci/lib.sh
@@ -35,8 +35,7 @@ os() {
 }
 arch() {
-  cpu="$(uname -m)"
+  case "$(uname -m)" in
  case "$cpu" in
  aarch64)
    echo arm64
    ;;
@@ -44,7 +43,8 @@ arch() {
    echo amd64
    ;;
  *)
-      echo "$cpu"
+    echo "unknown architecture $(uname -a)"
    exit 1
    ;;
  esac
 }
@@ -57,12 +57,12 @@ arch() {
 # https://developer.github.com/v3/actions/workflow-runs/#list-workflow-runs
 get_artifacts_url() {
  local artifacts_url
  local workflow_runs_url="repos/:owner/:repo/actions/workflows/ci.yaml/runs?event=pull_request"
  local version_branch="v$VERSION"
  local workflow_runs_url="repos/:owner/:repo/actions/workflows/ci.yaml/runs?event=pull_request&branch=$version_branch"
  artifacts_url=$(gh api "$workflow_runs_url" | jq -r ".workflow_runs[] | select(.head_branch == \"$version_branch\") | .artifacts_url" | head -n 1)
  if [[ -z "$artifacts_url" ]]; then
    echo >&2 "ERROR: artifacts_url came back empty"
-    echo >&2 "We looked for a successful run triggered by a pull_request with for code-server version: $VERSION and a branch named $version_branch"
+    echo >&2 "We looked for a successful run triggered by a pull_request with for code-server version: $code_server_version and a branch named $version_branch"
    echo >&2 "URL used for gh API call: $workflow_runs_url"
    exit 1
  fi
@@ -113,7 +113,7 @@ RELEASE_PATH="${RELEASE_PATH-release}"
 # Code itself but also extensions will look specifically in this directory for
 # files (like the ripgrep binary or the oniguruma wasm).
 symlink_asar() {
-  rm -rf node_modules.asar
+  rm -f node_modules.asar
  if [ "${WINDIR-}" ]; then
    # mklink takes the link name first.
    mklink /J node_modules.asar node_modules
--- a/ci/release-image/build.sh
+++ b/ci/release-image/build.sh
@@ -0,0 +1,11 @@
 #!/usr/bin/env bash
 set -euo pipefail
 main() {
  cd "$(dirname "$0")/../.."
  source ./ci/lib.sh
  docker build -t "codercom/code-server-$ARCH:$VERSION" -f ./ci/release-image/Dockerfile .
 }
 main "$@"
--- a/ci/release-image/docker-bake.hcl
+++ b/ci/release-image/docker-bake.hcl
@@ -1,17 +0,0 @@
 # Use this file from the top of the repo, with `-f ci/release-image/docker-bake.hcl`
 # Uses env var VERSION if set;
 # normally, this is set by ci/lib.sh
 variable "VERSION" {
    default = "latest"
 }
 group "default" {
    targets = ["code-server"]
 }
 target "code-server" {
    dockerfile = "ci/release-image/Dockerfile"
    tags = ["docker.io/codercom/code-server:${VERSION}"]
    platforms = ["linux/amd64", "linux/arm64"]
 }
--- a/ci/steps/brew-bump.sh
+++ b/ci/steps/brew-bump.sh
@@ -5,51 +5,9 @@ main() {
  cd "$(dirname "$0")/../.."
  # Only sourcing this so we get access to $VERSION
  source ./ci/lib.sh
  # NOTE: we need to make sure cdrci/homebrew-core
  # is up-to-date
  # otherwise, brew bump-formula-pr will use an
  # outdated base
  echo "Cloning cdrci/homebrew-core"
  git clone https://github.com/cdrci/homebrew-core.git
  echo "Changing into homebrew-core directory"
  cd homebrew-core && pwd
  echo "Adding Homebrew/homebrew-core as $(upstream)"
  git remote add upstream https://github.com/Homebrew/homebrew-core.git
  echo "Fetching upstream Homebrew/hombrew-core commits"
  git fetch upstream
  echo "Merging in latest Homebrew/homebrew-core changes"
  git merge upstream/master
  echo "Pushing changes to cdrci/homebrew-core fork on GitHub"
  # Source: https://serverfault.com/a/912788
  # shellcheck disable=SC2016,SC2028
  echo '#!/bin/sh\nexec echo "$HOMEBREW_GITHUB_API_TOKEN"' > "$HOME"/.git-askpass.sh
  # Ensure it's executable since we just created it
  chmod +x "$HOME/.git-askpass.sh"
  # GIT_ASKPASS lets us use the password when pushing without revealing it in the process list
  # See: https://serverfault.com/a/912788
  GIT_ASKPASS="$HOME/.git-askpass.sh" git push https://cdr-oss@github.com/cdr-oss/homebrew-core.git --all
  # Find the docs for bump-formula-pr here
  # https://github.com/Homebrew/brew/blob/master/Library/Homebrew/dev-cmd/bump-formula-pr.rb#L18
-  local output
+  brew bump-formula-pr --force --version="${VERSION}" code-server --no-browse --no-audit
  if ! output=$(brew bump-formula-pr --version="${VERSION}" code-server --no-browse --no-audit 2>&1); then
    if [[ $output == *"Duplicate PRs should not be opened"* ]]; then
      echo "$VERSION is already submitted"
    else
      echo "$output"
      exit 1
    fi
  fi
  # Clean up and remove homebrew-core
  cd ..
  rm -rf homebrew-core
 }
 main "$@"
--- a/ci/steps/build-docker-image.sh
+++ b/ci/steps/build-docker-image.sh
@@ -0,0 +1,14 @@
 #!/usr/bin/env bash
 set -euo pipefail
 main() {
  cd "$(dirname "$0")/../.."
  source ./ci/lib.sh
  ./ci/release-image/build.sh
  mkdir -p release-images
  docker save "codercom/code-server-$ARCH:$VERSION" >"release-images/code-server-$ARCH-$VERSION.tar"
 }
 main "$@"
--- a/ci/steps/docker-buildx-push.sh
+++ b/ci/steps/docker-buildx-push.sh
@@ -1,37 +0,0 @@
 #!/usr/bin/env bash
 set -euo pipefail
 # See if this version already exists on Docker Hub.
 function version_exists() {
  local output
  output=$(curl --silent "https://index.docker.io/v1/repositories/codercom/code-server/tags/$VERSION")
  if [[ $output == "Tag not found" ]]; then
    return 1
  else
    return 0
  fi
 }
 main() {
  cd "$(dirname "$0")/../.."
  # ci/lib.sh sets VERSION and provides download_artifact here
  source ./ci/lib.sh
  if version_exists; then
    echo "$VERSION is already pushed"
    return
  fi
  # Download the release-packages artifact
  download_artifact release-packages ./release-packages
  # Login to Docker
  if [[ ${CI-} ]]; then
    echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin
  fi
  docker buildx bake -f ci/release-image/docker-bake.hcl --push
 }
 main "$@"
--- a/ci/steps/publish-npm.sh
+++ b/ci/steps/publish-npm.sh
@@ -5,14 +5,6 @@ main() {
  cd "$(dirname "$0")/../.."
  source ./ci/lib.sh
  # npm view won't exit with non-zero so we have to check the output.
  local hasVersion
  hasVersion=$(npm view "code-server@$VERSION" version)
  if [[ $hasVersion == "$VERSION" ]]; then
    echo "$VERSION is already published"
    return
  fi
  if [[ ${CI-} ]]; then
    echo "//registry.npmjs.org/:_authToken=${NPM_TOKEN}" >~/.npmrc
  fi
--- a/ci/steps/push-docker-manifest.sh
+++ b/ci/steps/push-docker-manifest.sh
@@ -0,0 +1,37 @@
 #!/usr/bin/env bash
 set -euo pipefail
 main() {
  cd "$(dirname "$0")/../.."
  source ./ci/lib.sh
  download_artifact release-images ./release-images
  if [[ ${CI-} ]]; then
    echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin
  fi
  for img in ./release-images/*; do
    docker load -i "$img"
  done
  # We have to ensure the amd64 and arm64 images exist on the remote registry
  # in order to build the manifest.
  # We don't put the arch in the tag to avoid polluting the main repository.
  # These other repositories are private so they don't pollute our organization namespace.
  docker push "codercom/code-server-amd64:$VERSION"
  docker push "codercom/code-server-arm64:$VERSION"
  export DOCKER_CLI_EXPERIMENTAL=enabled
  docker manifest create "codercom/code-server:$VERSION" \
    "codercom/code-server-amd64:$VERSION" \
    "codercom/code-server-arm64:$VERSION"
  docker manifest push --purge "codercom/code-server:$VERSION"
  docker manifest create "codercom/code-server:latest" \
    "codercom/code-server-amd64:$VERSION" \
    "codercom/code-server-arm64:$VERSION"
  docker manifest push --purge "codercom/code-server:latest"
 }
 main "$@"
--- a/docs/CONTRIBUTING.md
+++ b/docs/CONTRIBUTING.md
@@ -2,16 +2,13 @@
 <!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
 # Contributing
 - [Pull Requests](#pull-requests)
  - [Commits](#commits)
 - [Requirements](#requirements)
- [Creating pull requests](#creating-pull-requests)
+- [Development Workflow](#development-workflow)
-  - [Commits and commit history](#commits-and-commit-history)
+  - [Updating VS Code](#updating-vs-code)
- [Development workflow](#development-workflow)
+    - [Notes about Changes](#notes-about-changes)
  - [Updates to VS Code](#updates-to-vs-code)
 - [Build](#build)
  - [Test](#test)
  - [Unit tests](#unit-tests)
  - [Integration tests](#integration-tests)
  - [End-to-end tests](#end-to-end-tests)
 - [Structure](#structure)
  - [Modifications to VS Code](#modifications-to-vs-code)
  - [Currently Known Issues](#currently-known-issues)
@@ -20,52 +17,42 @@
 - [Detailed CI and build process docs](../ci)
-## Requirements
+## Pull Requests
-The prerequisites for contributing to code-server are almost the same as those
+Please create a [GitHub Issue](https://github.com/cdr/code-server/issues) for each issue
-for [VS
+you'd like to address unless the proposed fix is minor.
 Code](https://github.com/Microsoft/vscode/wiki/How-to-Contribute#prerequisites).
 Here is what is needed:
- `node` v14.x
+In your Pull Requests (PR), link to the issue that the PR solves.
 - `git` v2.x or greater
 - [`git-lfs`](https://git-lfs.github.com)
 - [`yarn`](https://classic.yarnpkg.com/en/)
  - Used to install JS packages and run scripts
 - [`nfpm`](https://classic.yarnpkg.com/en/)
  - Used to build `.deb` and `.rpm` packages
 - [`jq`](https://stedolan.github.io/jq/)
  - Used to build code-server releases
 - [`gnupg`](https://gnupg.org/index.html)
  - All commits must be signed and verified; see GitHub's [Managing commit
    signature
    verification](https://docs.github.com/en/github/authenticating-to-github/managing-commit-signature-verification)
    or follow [this tutorial](https://joeprevite.com/verify-commits-on-github)
 - `build-essential` (Linux only - used by VS Code)
  - Get this by running `apt-get install -y build-essential`
 - `rsync` and `unzip`
  - Used for code-server releases
 - `bats`
  - Used to run script unit tests
 ## Creating pull requests
 Please create a [GitHub Issue](https://github.com/cdr/code-server/issues) that
 includes context for issues that you see. You can skip this if the proposed fix
 is minor.
 In your pull requests (PR), link to the issue that the PR solves.
 Please ensure that the base of your PR is the **main** branch.
-### Commits and commit history
+### Commits
-We prefer a clean commit history. This means you should squash all fixups and
+We prefer a clean commit history. This means you should squash all fixups and fixup-type commits before asking for review (cleanup, squash, force-push). If you need help with this, feel free to leave a comment in your PR and we'll guide you.
 fixup-type commits before asking for a review (e.g., clean up, squash, then force
 push). If you need help with this, feel free to leave a comment in your PR, and
 we'll guide you.
-## Development workflow
+## Requirements
 The prerequisites for contributing to code-server are almost the same as those for
 [VS Code](https://github.com/Microsoft/vscode/wiki/How-to-Contribute#prerequisites).
 There are several differences, however. Here is what is needed:
 - `node` v12.x or greater
 - `git` v2.x or greater
 - [`yarn`](https://classic.yarnpkg.com/en/)
  - used to install JS packages and run scripts
 - [`nfpm`](https://classic.yarnpkg.com/en/)
  - used to build `.deb` and `.rpm` packages
 - [`jq`](https://stedolan.github.io/jq/)
  - used to build code-server releases
 - [`gnupg`](https://gnupg.org/index.html)
  - all commits must be signed and verified
  - see GitHub's ["Managing commit signature verification"](https://docs.github.com/en/github/authenticating-to-github/managing-commit-signature-verification) or follow [this tutorial](https://joeprevite.com/verify-commits-on-github)
 - `build-essential` (Linux)
  - `apt-get install -y build-essential` - used by VS Code
 - `rsync` and `unzip`
  - used for code-server releases
 ## Development Workflow
 ```shell
 yarn
@@ -75,30 +62,27 @@ yarn watch
 `yarn watch` will live reload changes to the source.
-### Updates to VS Code
+### Updating VS Code
-Updating VS Code requires `git subtree`. On some RPM-based Linux distros, `git subtree` is not included by default and needs to be installed separately. To
+Updating VS Code requires `git subtree`. On some rpm-based Linux distros, `git subtree` is not included by default, and needs to be installed separately.
-install, run `dnf install git-subtree` or `yum install git-subtree`.
+To install, run `dnf install git-subtree` or `yum install git-subtree` as necessary.
-To update VS Code:
+To update VS Code, follow these steps:
 1. Run `yarn update:vscode`.
-2. Enter a version (e.g., `1.53`)
+2. Enter a version. Ex. 1.53
-3. This will open a draft pull request for you.
+3. This will open a draft PR for you.
-4. There will be merge conflicts. Commit them first, since it will be impossible
+4. There will be merge conflicts. First commit them.
-   for us to review your PR if you don't.
+   1. We do this because if we don't, it will be impossible to review your PR.
-5. Fix the conflicts. Then, test code-server locally to make sure everything
+5. Once they're all fixed, test code-server locally and make sure it all works.
   works.
 6. Check the Node.js version that's used by Electron (which is shipped with VS
   Code. If necessary, update your version of Node.js to match.
-> Watch for updates to
+#### Notes about Changes
 > `lib/vscode/src/vs/code/browser/workbench/workbench.html`. You may need to
 > make changes to `src/browser/pages/vscode.html`.
-### Build
+- watch out for updates to `lib/vscode/src/vs/code/browser/workbench/workbench.html`. You may need to make changes to `src/browser/pages/vscode.html`
-You can build as follows:
+## Build
 You can build using:
 ```shell
 yarn build
@@ -106,7 +90,7 @@ yarn build:vscode
 yarn release
 ```
-Run your build:
+Run your build with:
 ```shell
 cd release
@@ -123,140 +107,42 @@ yarn test:standalone-release
 yarn package
 ```
-> On Linux, the currently running distro will become the minimum supported
+NOTE: On Linux, the currently running distro will become the minimum supported version.
-> version. In our GitHub Actions CI, we use CentOS 7 for maximum compatibility.
+In our GitHub Actions CI, we use CentOS 7 for maximum compatibility.
-> If you need your builds to support older distros, run the build commands
+If you need your builds to support older distros, run the build commands
-> inside a Docker container with all the build requirements installed.
+inside a Docker container with all the build requirements installed.
 ### Test
 There are three kinds of tests in code-server:
 1. Unit tests
 2. Integration tests
 3. End-to-end tests
 ### Unit tests
 Our unit tests are written in TypeScript and run using
 [Jest](https://jestjs.io/), the testing framework].
 These live under [test/unit](../test/unit).
 We use unit tests for functions and things that can be tested in isolation. The file structure is modeled closely after `/src` so it's easy for people to know where test files should live.
 ### Integration tests
 These are a work in progress. We build code-server and run a script called
 [test-standalone-release.sh](../ci/build/test-standalone-release.sh), which
 ensures that code-server's CLI is working.
 Our integration tests look at components that rely on one another. For example,
 testing the CLI requires us to build and package code-server.
 ### End-to-end tests
 The end-to-end (e2e) tests are written in TypeScript and run using
 [Playwright](https://playwright.dev/).
 These live under [test/e2e](../test/e2e).
 Before the e2e tests run, we run `globalSetup`, which eliminates the need to log
 in before each test by preserving the authentication state.
 Take a look at `codeServer.test.ts` to see how you would use it (see
 `test.use`).
 We also have a model where you can create helpers to use within tests. See
 [models/CodeServer.ts](../test/e2e/models/CodeServer.ts) for an example.
 Generally speaking, e2e means testing code-server while running in the browser
 and interacting with it in a way that's similar to how a user would interact
 with it. When running these tests with `yarn test:e2e`, you must have
 code-server running locally. In CI, this is taken care of for you.
 ## Structure
-The `code-server` script serves as an HTTP API for login and starting a remote VS
+The `code-server` script serves an HTTP API for login and starting a remote VS Code process.
 Code process.
-The CLI code is in [src/node](../src/node) and the HTTP routes are implemented
+The CLI code is in [src/node](../src/node) and the HTTP routes are implemented in
-in [src/node/routes](../src/node/routes).
+[src/node/routes](../src/node/routes).
-Most of the meaty parts are in the VS Code portion of the codebase under
+Most of the meaty parts are in the VS Code portion of the codebase under [lib/vscode](../lib/vscode), which we described next.
 [lib/vscode](../lib/vscode), which we describe next.
 ### Modifications to VS Code
-In v1 of code-server, we had a patch of VS Code that split the codebase into a
+In v1 of code-server, we had a patch of VS Code that split the codebase into a front-end
-front-end and a server. The front-end consisted of the UI code, while the server
+and a server. The front-end consisted of all UI code, while the server ran the extensions
-ran the extensions and exposed an API to the front-end for file access and all
+and exposed an API to the front-end for file access and all UI needs.
 UI needs.
-Over time, Microsoft added support to VS Code to run it on the web. They have
+Over time, Microsoft added support to VS Code to run it on the web. They have made
-made the front-end open source, but not the server. As such, code-server v2 (and
+the front-end open source, but not the server. As such, code-server v2 (and later) uses
-later) uses the VS Code front-end and implements the server. We do this by using
+the VS Code front-end and implements the server. We do this by using a git subtree to fork and modify VS Code. This code lives under [lib/vscode](../lib/vscode).
 a Git subtree to fork and modify VS Code. This code lives under
 [lib/vscode](../lib/vscode).
-Some noteworthy changes in our version of VS Code include:
+Some noteworthy changes in our version of VS Code:
- Adding our build file, [`lib/vscode/coder.js`](../lib/vscode/coder.js), which includes build steps specific to code-server
+- Adding our build file, which includes our code and VS Code's web code
- Node.js version detection changes in [`build/lib/node.ts`](../lib/vscode/build/lib/node.ts) and [`build/lib/util.ts`](../lib/vscode/build/lib/util.ts)
+- Allowing multiple extension directories (both user and built-in)
- Allowing extra extension directories
+- Modifying the loader, websocket, webview, service worker, and asset requests to
-  - Added extra arguments to [`src/vs/platform/environment/common/argv.ts`](../lib/vscode/src/vs/platform/environment/common/argv.ts) and to [`src/vs/platform/environment/node/argv.ts`](../lib/vscode/src/vs/platform/environment/node/argv.ts)
+  use the URL of the page as a base (and TLS, if necessary for the websocket)
-  - Added extra environment state to [`src/vs/platform/environment/common/environment.ts`](../lib/vscode/src/vs/platform/environment/common/environment.ts);
+- Sending client-side telemetry through the server
-  - Added extra getters to [`src/vs/platform/environment/common/environmentService.ts`](../lib/vscode/src/vs/platform/environment/common/environmentService.ts)
+- Allowing modification of the display language
-  - Added extra scanning paths to [`src/vs/platform/extensionManagement/node/extensionsScanner.ts`](../lib/vscode/src/vs/platform/extensionManagement/node/extensionsScanner.ts)
+- Making it possible for us to load code on the client
- Additions/removals from [`package.json`](../lib/vscode/package.json):
+- Making it possible to install extensions of any kind
-  - Removing `electron`, `keytar` and `native-keymap` to avoid pulling in desktop dependencies during build on Linux
+- Fixing issue with getting disconnected when your machine sleeps or hibernates
-  - Removing `gulp-azure-storage` and `gulp-tar` (unsued in our build process, may pull in outdated dependencies)
+- Adding connection type to web socket query parameters
  - Adding `proxy-agent`, `proxy-from-env` (for proxying) and `rimraf` (used during build/install steps)
 - Adding our branding/custom URLs/version:
  - [`product.json`](../lib/vscode/product.json)
  - [`src/vs/base/common/product.ts`](../lib/vscode/src/vs/base/common/product.ts)
  - [`src/vs/workbench/browser/parts/dialogs/dialogHandler.ts`](../lib/vscode/src/vs/workbench/browser/parts/dialogs/dialogHandler.ts)
  - [`src/vs/workbench/contrib/welcome/page/browser/vs_code_welcome_page.ts`](../lib/vscode/src/vs/workbench/contrib/welcome/page/browser/vs_code_welcome_page.ts)
  - [`src/vs/workbench/contrib/welcome/page/browser/welcomePage.ts`](../lib/vscode/src/vs/workbench/contrib/welcome/page/browser/welcomePage.ts)
 - Removing azure/macOS signing related dependencies from [`build/package.json`](../lib/vscode/build/package.json)
 - Modifying `.gitignore` to allow us to add files to `src/vs/server` and modifying `.eslintignore` to ignore lint on the shared files below (we use different formatter settings than VS Code).
 - Sharing some files with our codebase via symlinks:
  - [`src/vs/base/common/ipc.d.ts`](../lib/vscode/src/vs/base/common/ipc.d.ts) points to [`typings/ipc.d.ts`](../typings/ipc.d.ts)
  - [`src/vs/base/common/util.ts`](../lib/vscode/src/vs/base/common/util.ts) points to [`src/common/util.ts`](../src/common/util.ts)
  - [`src/vs/base/node/proxy_agent.ts`](../lib/vscode/src/vs/base/node/proxy_agent.ts) points to [`src/node/proxy_agent.ts`](../src/node/proxy_agent.ts)
 - Allowing socket changes by adding `setSocket` in [`src/vs/base/parts/ipc/common/ipc.net.ts`](../lib/vscode/src/vs/base/parts/ipc/common/ipc.net.ts)
  - We use this for connection persistence in our server-side code.
 - Added our server-side Node.JS code to `src/vs/server`.
  - This code includes the logic to spawn the various services (extension host, terminal, etc.) and some glue
 - Added [`src/vs/workbench/browser/client.ts`](../lib/vscode/src/vs/workbench/browser/client.ts) to hold some server customizations.
  - Includes the functionality for the Log Out command and menu item
  - Also, imported and called `initialize` from the main web file, [`src/vs/workbench/browser/web.main.ts`](../lib/vscode/src/vs/workbench/browser/web.main.ts)
 - Added a (hopefully temporary) hotfix to [`src/vs/workbench/common/resources.ts`](../lib/vscode/src/vs/workbench/common/resources.ts) to get context menu actions working for the Git integration.
 - Added connection type to WebSocket query parameters in [`src/vs/platform/remote/common/remoteAgentConnection.ts`](../lib/vscode/src/vs/platform/remote/common/remoteAgentConnection.ts)
 - Added `CODE_SERVER*` variables to the sanitization list in [`src/vs/base/common/processes.ts`](../lib/vscode/src/vs/base/common/processes.ts)
 - Fix localization support:
  - Added file [`src/vs/workbench/services/localizations/browser/localizationsService.ts`](../lib/vscode/src/vs/workbench/services/localizations/browser/localizationsService.ts).
  - Modified file [`src/vs/base/common/platform.ts`](../lib/vscode/src/vs/base/common/platform.ts)
  - Modified file [`src/vs/base/node/languagePacks.js`](../lib/vscode/src/vs/base/node/languagePacks.js)
 - Added code to allow server to inject settings to [`src/vs/platform/product/common/product.ts`](../lib/vscode/src/vs/platform/product/common/product.ts)
 - Extension fixes:
  - Avoid disabling extensions by extensionKind in [`src/vs/workbench/services/extensionManagement/browser/extensionEnablementService.ts`](../lib/vscode/src/vs/workbench/services/extensionManagement/browser/extensionEnablementService.ts) (Needed for vscode-icons)
  - Remove broken symlinks in [`extensions/postinstall.js`](../lib/vscode/extensions/postinstall.js)
  - Add tip about extension gallery in [`src/vs/workbench/contrib/extensions/browser/extensionsViewlet.ts`](../lib/vscode/src/vs/workbench/contrib/extensions/browser/extensionsViewlet.ts)
  - Use our own server for GitHub authentication in [`extensions/github-authentication/src/githubServer.ts`](../lib/vscode/extensions/github-authentication/src/githubServer.ts)
  - Settings persistence on the server in [`src/vs/workbench/services/environment/browser/environmentService.ts`](../lib/vscode/src/vs/workbench/services/environment/browser/environmentService.ts)
  - Add extension install fallback in [`src/vs/workbench/services/extensionManagement/common/extensionManagementService.ts`](../lib/vscode/src/vs/workbench/services/extensionManagement/common/extensionManagementService.ts)
  - Add proxy-agent monkeypatch and keep extension host indefinitely running in [`src/vs/workbench/services/extensions/node/extensionHostProcessSetup.ts`](../lib/vscode/src/vs/workbench/services/extensions/node/extensionHostProcessSetup.ts)
  - Patch build system to avoid removing extension dependencies for `yarn global add` users in [`build/lib/extensions.ts`](../lib/vscode/build/lib/extensions.ts)
  - Allow all extensions to use proposed APIs in [`src/vs/workbench/services/environment/browser/environmentService.ts`](../lib/vscode/src/vs/workbench/services/environment/browser/environmentService.ts)
  - Make storage writes async to allow extensions to wait for them to complete in [`src/vs/platform/storage/common/storage.ts`](../lib/vscode/src/vs/platform/storage/common/storage.ts)
 - Specify webview path in [`src/vs/code/browser/workbench/workbench.ts`](../lib/vscode/src/vs/code/browser/workbench/workbench.ts)
 - URL readability improvements for folder/workspace in [`src/vs/code/browser/workbench/workbench.ts`](../lib/vscode/src/vs/code/browser/workbench/workbench.ts)
 - Socket/Authority-related fixes (for remote proxying etc.):
  - [`src/vs/code/browser/workbench/workbench.ts`](../lib/vscode/src/vs/code/browser/workbench/workbench.ts)
  - [`src/vs/platform/remote/browser/browserSocketFactory.ts`](../lib/vscode/src/vs/platform/remote/browser/browserSocketFactory.ts)
  - [`src/vs/base/common/network.ts`](../lib/vscode/src/vs/base/common/network.ts)
 - Added code to write out IPC path in [`src/vs/workbench/api/node/extHostCLIServer.ts`](../lib/vscode/src/vs/workbench/api/node/extHostCLIServer.ts)
 As the web portion of VS Code matures, we'll be able to shrink and possibly
 eliminate our modifications. In the meantime, upgrading the VS Code version requires
@@ -264,7 +150,7 @@ us to ensure that our changes are still applied and work as intended. In the fut
 we'd like to run VS Code unit tests against our builds to ensure that features
 work as expected.
-> We have [extension docs](../ci/README.md) on the CI and build system.
+**Note**: We have [extension docs](../ci/README.md) on the CI and build system.
 If the functionality you're working on does NOT depend on code from VS Code, please
 move it out and into code-server.
--- a/docs/FAQ.md
+++ b/docs/FAQ.md
@@ -3,138 +3,159 @@
 # FAQ
 - [Questions?](#questions)
- [How should I expose code-server to the internet?](#how-should-i-expose-code-server-to-the-internet)
+- [iPad Status?](#ipad-status)
- [Can I use code-server on the iPad?](#can-i-use-code-server-on-the-ipad)
+- [Community Projects (awesome-code-server)](#community-projects-awesome-code-server)
 - [How does the config file work?](#how-does-the-config-file-work)
 - [How do I make my keyboard shortcuts work?](#how-do-i-make-my-keyboard-shortcuts-work)
 - [Why can't code-server use Microsoft's extension marketplace?](#why-cant-code-server-use-microsofts-extension-marketplace)
 - [How can I request an extension that's missing from the marketplace?](#how-can-i-request-an-extension-thats-missing-from-the-marketplace)
 - [How do I install an extension?](#how-do-i-install-an-extension)
 - [How do I install an extension manually?](#how-do-i-install-an-extension-manually)
 - [How do I use my own extensions marketplace?](#how-do-i-use-my-own-extensions-marketplace)
 - [Where are extensions stored?](#where-are-extensions-stored)
 - [How can I reuse my VS Code configuration?](#how-can-i-reuse-my-vs-code-configuration)
- [How does code-server decide what workspace or folder to open?](#how-does-code-server-decide-what-workspace-or-folder-to-open)
+- [Differences compared to VS Code?](#differences-compared-to-vs-code)
- [How do I access my Documents/Downloads/Desktop folders in code-server on macOS?](#how-do-i-access-my-documentsdownloadsdesktop-folders-in-code-server-on-macos)
+  - [Installing an extension](#installing-an-extension)
- [How do I direct server-side requests through a proxy?](#how-do-i-direct-server-side-requests-through-a-proxy)
+- [How can I request a missing extension?](#how-can-i-request-a-missing-extension)
- [How do I debug issues with code-server?](#how-do-i-debug-issues-with-code-server)
+- [Installing an extension manually](#installing-an-extension-manually)
- [What is the healthz endpoint?](#what-is-the-healthz-endpoint)
+- [How do I configure the marketplace URL?](#how-do-i-configure-the-marketplace-url)
- [What is the heartbeat file?](#what-is-the-heartbeat-file)
+- [Where are extensions stored?](#where-are-extensions-stored)
- [How do I change the password?](#how-do-i-change-the-password)
+- [How is this different from VS Code Codespaces?](#how-is-this-different-from-vs-code-codespaces)
 - [How should I expose code-server to the internet?](#how-should-i-expose-code-server-to-the-internet)
 - [Can I store my password hashed?](#can-i-store-my-password-hashed)
- [Is multi-tenancy possible?](#is-multi-tenancy-possible)
+- [How do I securely access web services?](#how-do-i-securely-access-web-services)
- [Can I use Docker in a code-server container?](#can-i-use-docker-in-a-code-server-container)
+  - [Sub-paths](#sub-paths)
- [How do I disable telemetry?](#how-do-i-disable-telemetry)
+  - [Sub-domains](#sub-domains)
- [What's the difference between code-server and Theia?](#whats-the-difference-between-code-server-and-theia)
+- [Why does the code-server proxy strip `/proxy/<port>` from the request path?](#why-does-the-code-server-proxy-strip-proxyport-from-the-request-path)
- [What's the difference between code-server and VS Code Codespaces?](#whats-the-difference-between-code-server-and-vs-code-codespaces)
+  - [Proxying to Create React App](#proxying-to-create-react-app)
- [Does code-server have any security login validation?](#does-code-server-have-any-security-login-validation)
+- [Multi-tenancy](#multi-tenancy)
- [Are there community projects involving code-server?](#are-there-community-projects-involving-code-server)
+- [Docker in code-server container?](#docker-in-code-server-container)
 - [How can I disable telemetry?](#how-can-i-disable-telemetry)
 - [How does code-server decide what workspace or folder to open?](#how-does-code-server-decide-what-workspace-or-folder-to-open)
 - [How do I debug issues with code-server?](#how-do-i-debug-issues-with-code-server)
 - [Heartbeat File](#heartbeat-file)
 - [Healthz endpoint](#healthz-endpoint)
 - [How does the config file work?](#how-does-the-config-file-work)
 - [Isn't an install script piped into sh insecure?](#isnt-an-install-script-piped-into-sh-insecure)
 - [How do I make my keyboard shortcuts work?](#how-do-i-make-my-keyboard-shortcuts-work)
 - [How do I access my Documents/Downloads/Desktop folders in code-server on OSX?](#how-do-i-access-my-documentsdownloadsdesktop-folders-in-code-server-on-osx)
 - [Differences compared to Theia?](#differences-compared-to-theia)
 - [`$HTTP_PROXY`, `$HTTPS_PROXY`, `$NO_PROXY`](#http_proxy-https_proxy-no_proxy)
 - [Enterprise](#enterprise)
 <!-- END doctoc generated TOC please keep comment here to allow auto update -->
 ## Questions?
-Please file all questions and support requests at
+Please file all questions and support requests at <https://github.com/cdr/code-server/discussions>.
 <https://github.com/cdr/code-server/discussions>.
-## How should I expose code-server to the internet?
+## iPad Status?
-Please see [our instructions on exposing code-server safely to the
+Please see [./ipad.md](./ipad.md).
 internet](./guide.md).
-## Can I use code-server on the iPad?
+## Community Projects (awesome-code-server)
-See [iPad](./ipad.md) for information on using code-server on the iPad.
+Visit the [awesome-code-server](https://github.com/cdr/awesome-code-server) repository to view community projects and guides with code-server! Feel free to add your own!
-## How does the config file work?
+## How can I reuse my VS Code configuration?
-When `code-server` starts up, it creates a default config file in `~/.config/code-server/config.yaml`:
+The very popular [Settings Sync](https://marketplace.visualstudio.com/items?itemName=Shan.code-settings-sync) extension works.
-```yaml
+You can also pass `--user-data-dir ~/.vscode` to reuse your existing VS Code extensions and configuration.
 bind-addr: 127.0.0.1:8080
 auth: password
 password: mew...22 # Randomly generated for each config.yaml
 cert: false
 ```
-The default config defines the following behavior:
+Or copy `~/.vscode` into `~/.local/share/code-server`.
- Listen on the loopback IP port 8080
+## Differences compared to VS Code?
 - Enable password authorization
 - Do not use TLS
-Each key in the file maps directly to a `code-server` flag (run `code-server --help` to see a listing of all the flags). Any flags passed to `code-server`
+`code-server` takes the open source core of VS Code and allows you to run it in the browser.
-will take priority over the config file.
+However, it is not entirely equivalent to Microsoft's VS Code.
-You can change the config file's location using the `--config` flag or
+While the core of VS Code is open source, the marketplace and many published Microsoft extensions are not.
 `$CODE_SERVER_CONFIG` environment variable.
-The default location respects `$XDG_CONFIG_HOME`.
+Furthermore, Microsoft prohibits the use of any non-Microsoft VS Code from accessing their marketplace.
-## How do I make my keyboard shortcuts work?
+See the [TOS](https://cdn.vsassets.io/v/M146_20190123.39/_content/Microsoft-Visual-Studio-Marketplace-Terms-of-Use.pdf).
-Many shortcuts will not work by default, since they'll be "caught" by the browser.
+> Marketplace Offerings are intended for use only with Visual Studio Products and Services
 > and you may only install and use Marketplace Offerings with Visual Studio Products and Services.
-If you use Chrome, you can work around this by installing the progressive web
+As a result, we cannot offer any extensions on the Microsoft marketplace. Instead,
-app (PWA):
+we have created our own marketplace for open source extensions.
 It works by scraping GitHub for VS Code extensions and building them. It's not perfect but getting
 better by the day with more and more extensions.
-1. Start the editor
+These are the closed source extensions presently unavailable:
 2. Click the **plus** icon in the URL toolbar to install the PWA
-For other browsers, you'll have to remap keybindings for shortcuts to work.
+1. [Live Share](https://visualstudio.microsoft.com/services/live-share)
   - We may implement something similar, see [#33](https://github.com/cdr/code-server/issues/33)
 1. [Remote Extensions (SSH, Containers, WSL)](https://github.com/microsoft/vscode-remote-release)
   - We may reimplement these at some point, see [#1315](https://github.com/cdr/code-server/issues/1315)
-## Why can't code-server use Microsoft's extension marketplace?
+For more about the closed source parts of VS Code, see [vscodium/vscodium](https://github.com/VSCodium/vscodium#why-does-this-exist).
-Though code-server takes the open-source core of VS Code and allows you to run
+### Installing an extension
 it in the browser, it is not entirely equivalent to Microsoft's VS Code.
-One major difference is in regards to extensions and the marketplace. The core
+Extensions can be installed from the marketplace using the extensions sidebar in
 of VS code is open source, while the marketplace and many published Microsoft
 extensions are not. Furthermore, Microsoft prohibits the use of any
 non-Microsoft VS Code from accessing their marketplace. Per the [Terms of
 Service](https://cdn.vsassets.io/v/M146_20190123.39/_content/Microsoft-Visual-Studio-Marketplace-Terms-of-Use.pdf):
 > Marketplace Offerings are intended for use only with Visual Studio Products
 > and Services, and you may only install and use Marketplace Offerings with
 > Visual Studio Products and Services.
 Because of this, we can't offer any extensions on Microsoft's marketplace.
 Instead, we've created a marketplace offering open-source extensions. The
 marketplace works by scraping GitHub for VS Code extensions and building them.
 These are the closed-source extensions that are presently unavailable:
 1. [Live Share](https://visualstudio.microsoft.com/services/live-share). We may
   implement something similar (see
   [#33](https://github.com/cdr/code-server/issues/33))
 1. [Remote Extensions (SSH, Containers,
   WSL)](https://github.com/microsoft/vscode-remote-release). We may implement
   these again at some point, see
   ([#1315](https://github.com/cdr/code-server/issues/1315)).
 For more about the closed source portions of VS Code, see [vscodium/vscodium](https://github.com/VSCodium/vscodium#why-does-this-exist).
 ## How can I request an extension that's missing from the marketplace?
 We are in the process of transitioning to [Open VSX](https://open-vsx.org/).
 Once we've [implemented Open
 VSX](https://github.com/eclipse/openvsx/issues/249), we can finalize this
 transition. As such, we are not currently accepting new extension requests.
 In the meantime, we suggest:
 - [Switching to Open VSX](#how-do-i-configure-the-marketplace-url) now
 - Downloading and [installing the extension manually](#installing-an-extension-manually)
 ## How do I install an extension?
 You can install extensions from the marketplace using the extensions sidebar in
 code-server or from the command line:
-```console
+```shell
 code-server --install-extension <extension id>
 # example: code-server --install-extension wesbos.theme-cobalt2
 ```
 ## How can I request a missing extension?
 We are currently in the process of transitioning to [Open VSX](https://open-vsx.org/).
 Once <https://github.com/eclipse/openvsx/issues/249>
 is implemented, we can fully make this transition. Therefore, we are no longer
 accepting new requests for extension requests.
 Instead, we suggest one of the following:
 - [Switch to Open VSX](#how-do-i-configure-the-marketplace-url) now
 - Download and [install the extension manually](#installing-an-extension-manually)
 ## Installing an extension manually
 If an extension is not available from the marketplace or does not work, you can
 grab its VSIX from its GitHub releases or build it yourself.
 Once you have downloaded the VSIX to the remote machine you can either:
 - Run the `Extensions: Install from VSIX` command in the Command Palette.
 - Use `code-server --install-extension <path to vsix>`
 You can also download extensions from the command line. For instance, downloading off OpenVSX can be done like this:
 ```shell
 SERVICE_URL=https://open-vsx.org/vscode/gallery ITEM_URL=https://open-vsx.org/vscode/item code-server --install-extension <extension id>
 ```
 ## How do I configure the marketplace URL?
 If you have your own marketplace that implements the VS Code Extension Gallery API, it is possible to
 point code-server to it by setting `$SERVICE_URL` and `$ITEM_URL`. These correspond directly
 to `serviceUrl` and `itemUrl` in VS Code's `product.json`.
 e.g. to use [open-vsx.org](https://open-vsx.org):
 ```bash
 export SERVICE_URL=https://open-vsx.org/vscode/gallery
 export ITEM_URL=https://open-vsx.org/vscode/item
 ```
 While you can technically use Microsoft's marketplace with these, please do not do so as it
 is against their terms of use. See [above](#differences-compared-to-vs-code) and this
 discussion regarding the use of the Microsoft URLs in forks:
 <https://github.com/microsoft/vscode/issues/31168#issue-244533026>
 See also [VSCodium's docs](https://github.com/VSCodium/vscodium/blob/master/DOCS.md#extensions--marketplace).
 These variables are most valuable to our enterprise customers for whom we have a self hosted marketplace product.
 ## Where are extensions stored?
 Defaults to `~/.local/share/code-server/extensions`.
 If the `XDG_DATA_HOME` environment variable is set the data directory will be
 `$XDG_DATA_HOME/code-server/extensions`. In general we try to follow the XDG directory spec.
 You can install an extension on the CLI with:
 ```bash
 # From the Coder extension marketplace
 code-server --install-extension ms-python.python
@@ -142,101 +163,280 @@ code-server --install-extension ms-python.python
 code-server --install-extension downloaded-ms-python.python.vsix
 ```
-## How do I install an extension manually?
+## How is this different from VS Code Codespaces?
-If there's an extension unavailable in the marketplace or an extension that
+VS Code Codespaces is a closed source and paid service by Microsoft. It also allows you to access
-doesn't work, you can download the VSIX from its GitHub releases or build it
+VS Code via the browser.
 yourself.
-Once you have downloaded the VSIX to the remote machine, you can either:
+However, code-server is free, open source and can be run on any machine without any limitations.
- Run the **Extensions: Install from VSIX** command in the Command Palette.
+While you can self host environments with VS Code Codespaces, you still need an Azure billing
- Run `code-server --install-extension <path to vsix>` in the terminal
+account and you have to access VS Code via the Codespaces web dashboard instead of directly
 connecting to your instance.
-You can also download extensions using the command line. For instance,
+## How should I expose code-server to the internet?
 downloading from OpenVSX can be done like this:
-```shell
+Please follow [./guide.md](./guide.md) for our recommendations on setting up and using code-server.
-SERVICE_URL=https://open-vsx.org/vscode/gallery ITEM_URL=https://open-vsx.org/vscode/item code-server --install-extension <extension id>
+
 code-server only supports password authentication natively.
 **note**: code-server will rate limit password authentication attempts at 2 a minute and 12 an hour.
 If you want to use external authentication (i.e sign in with Google) you should handle this
 with a reverse proxy using something like [oauth2_proxy](https://github.com/pusher/oauth2_proxy)
 or [Cloudflare Access](https://teams.cloudflare.com/access).
 For HTTPS, you can use a self signed certificate by passing in just `--cert` or
 pass in an existing certificate by providing the path to `--cert` and the path to
 the key with `--cert-key`.
 The self signed certificate will be generated into
 `~/.local/share/code-server/self-signed.crt`.
 If `code-server` has been passed a certificate it will also respond to HTTPS
 requests and will redirect all HTTP requests to HTTPS.
 You can use [Let's Encrypt](https://letsencrypt.org/) to get a TLS certificate
 for free.
 Again, please follow [./guide.md](./guide.md) for our recommendations on setting up and using code-server.
 ## Can I store my password hashed?
 Yes you can! Set the value of `hashed-password` instead of `password`. Generate the hash with:
 ```
 printf "thisismypassword" | sha256sum | cut -d' ' -f1
 ```
-## How do I use my own extensions marketplace?
+Of course replace `thisismypassword` with your actual password.
-If you own a marketplace that implements the VS Code Extension Gallery API, you
+Example:
 can point code-server to it by setting `$SERVICE_URL` and `$ITEM_URL`. These correspond directly
 to `serviceUrl` and `itemUrl` in VS Code's `product.json`.
-For example, to use [open-vsx.org](https://open-vsx.org), run:
+```yaml
-
+auth: password
-```bash
+hashed-password: 1da9133ab9dbd11d2937ec8d312e1e2569857059e73cc72df92e670928983ab5 # You got this from the command above
 export SERVICE_URL=https://open-vsx.org/vscode/gallery
 export ITEM_URL=https://open-vsx.org/vscode/item
 ```
-Though you can technically use Microsoft's marketplace in this manner, we
+## How do I securely access web services?
 strongly discourage you from doing so since this is [against their Terms of Use](#why-cant-code-server-use-microsofts-extension-marketplace).
-For further information, see [this
+code-server is capable of proxying to any port using either a subdomain or a
-discussion](https://github.com/microsoft/vscode/issues/31168#issue-244533026)
+subpath which means you can securely access these services using code-server's
-regarding the use of the Microsoft URLs in forks, as well as [VSCodium's
+built-in authentication.
 docs](https://github.com/VSCodium/vscodium/blob/master/DOCS.md#extensions--marketplace).
-## Where are extensions stored?
+### Sub-paths
-Extensions are store, by default, to `~/.local/share/code-server/extensions`.
+Just browse to `/proxy/<port>/`.
-If you set the `XDG_DATA_HOME` environment variable, the data directory will be
+### Sub-domains
 `$XDG_DATA_HOME/code-server/extensions`. In general, we try to follow the XDG directory spec.
-## How can I reuse my VS Code configuration?
+You will need a DNS entry that points to your server for each port you want to
 access. You can either set up a wildcard DNS entry for `*.<domain>` if your domain
 name registrar supports it or you can create one for every port you want to
 access (`3000.<domain>`, `8080.<domain>`, etc).
-You can use the [Settings
+You should also set up TLS certificates for these subdomains, either using a
-Sync](https://marketplace.visualstudio.com/items?itemName=Shan.code-settings-sync)
+wildcard certificate for `*.<domain>` or individual certificates for each port.
 extension for this purpose.
-Alternatively, you can also pass `--user-data-dir ~/.vscode` or copy `~/.vscode`
+Start code-server with the `--proxy-domain` flag set to your domain.
-into `~/.local/share/code-server` to reuse your existing VS Code extensions and
+
-configuration.
+```
 code-server --proxy-domain <domain>
 ```
 Now you can browse to `<port>.<domain>`. Note that this uses the host header so
 ensure your reverse proxy forwards that information if you are using one.
 ## Why does the code-server proxy strip `/proxy/<port>` from the request path?
 HTTP servers should strive to use relative URLs to avoid needed to be coupled to the
 absolute path at which they are served. This means you must use trailing slashes on all
 paths with subpaths. See <https://blog.cdivilly.com/2019/02/28/uri-trailing-slashes>
 This is really the "correct" way things work and why the striping of the base path is the
 default. If your application uses relative URLs and does not assume the absolute path at
 which it is being served, it will just work no matter what port you decide to serve it off
 or if you put it in behind code-server or any other proxy!
 However many people prefer the cleaner aesthetic of no trailing slashes. This couples you
 to the base path as you cannot use relative redirects correctly anymore. See the above
 link.
 For users who are ok with this tradeoff, use `/absproxy` instead and the path will be
 passed as is. e.g. `/absproxy/3000/my-app-path`
 ### Proxying to Create React App
 You must use `/absproxy/<port>` with create-react-app.
 See [#2565](https://github.com/cdr/code-server/issues/2565) and
 [#2222](https://github.com/cdr/code-server/issues/2222). You will need to inform
 create-react-app of the path at which you are serving via `$PUBLIC_URL` and webpack
 via `$WDS_SOCKET_PATH`.
 e.g.
 ```sh
 PUBLIC_URL=/absproxy/3000 \
  WDS_SOCKET_PATH=$PUBLIC_URL/sockjs-node \
  BROWSER=none yarn start
 ```
 Then visit `https://my-code-server-address.io/absproxy/3000` to see your app exposed through
 code-server!
 Highly recommend using the subdomain approach instead to avoid this class of issue.
 ## Multi-tenancy
 If you want to run multiple code-servers on shared infrastructure, we recommend using virtual
 machines with a VM per user. This will easily allow users to run a docker daemon. If you want
 to use kubernetes, you'll definitely want to use [kubevirt](https://kubevirt.io) or [sysbox](https://github.com/nestybox/sysbox) to give each
 user a VM-like experience instead of just a container.
 ## Docker in code-server container?
 If you'd like to access docker inside of code-server, mount the docker socket in from `/var/run/docker.sock`.
 Install the docker CLI in the code-server container and you should be able to access the daemon!
 You can even make volume mounts work. Lets say you want to run a container and mount in
 `/home/coder/myproject` into it from inside the `code-server` container. You need to make sure
 the docker daemon's `/home/coder/myproject` is the same as the one mounted inside the `code-server`
 container and the mount will just work.
 ## How can I disable telemetry?
 Use the `--disable-telemetry` flag to completely disable telemetry. We use the
 data collected only to improve code-server.
 ## How does code-server decide what workspace or folder to open?
-code-server tries the following in this order:
+code-server tries the following in order:
-1. The `workspace` query parameter
+1. The `workspace` query parameter.
-2. The `folder` query parameter
+2. The `folder` query parameter.
-3. The workspace or directory passed via the command line
+3. The workspace or directory passed on the command line.
-4. The last opened workspace or directory
+4. The last opened workspace or directory.
-## How do I access my Documents/Downloads/Desktop folders in code-server on macOS?
+## How do I debug issues with code-server?
-Newer versions of macOS require permission through a non-UNIX mechanism for
+First run code-server with at least `debug` logging (or `trace` to be really
-code-server to access the Desktop, Documents, Pictures, Downloads, and other folders.
+thorough) by setting the `--log` flag or the `LOG_LEVEL` environment variable.
 `-vvv` and `--verbose` are aliases for `--log trace`.
-You may have to give Node.js full disk access, since it doesn't implement any of the macOS permission request features natively:
+```
 code-server --log debug
 ```
-1. Find where Node.js is installed on your machine
+Once this is done, replicate the issue you're having then collect logging
 information from the following places:
 1. The most recent files from `~/.local/share/code-server/coder-logs`.
 2. The browser console.
 3. The browser network tab.
 Additionally, collecting core dumps (you may need to enable them first) if
 code-server crashes can be helpful.
 ## Heartbeat File
 `code-server` touches `~/.local/share/code-server/heartbeat` once a minute as long
 as there is an active browser connection.
 If you want to shutdown `code-server` if there hasn't been an active connection in X minutes
 you can do so by continuously checking the last modified time on the heartbeat file and if it is
 older than X minutes, kill `code-server`.
 [#1636](https://github.com/cdr/code-server/issues/1636) will make the experience here better.
 ## Healthz endpoint
 `code-server` exposes an endpoint at `/healthz` which can be used to check
 whether `code-server` is up without triggering a heartbeat. The response will
 include a status (`alive` or `expired`) and a timestamp for the last heartbeat
 (defaults to `0`). This endpoint does not require authentication.
 ```json
 {
  "status": "alive",
  "lastHeartbeat": 1599166210566
 }
 ```
 ## How does the config file work?
 When `code-server` starts up, it creates a default config file in `~/.config/code-server/config.yaml` that looks
 like this:
 ```yaml
 bind-addr: 127.0.0.1:8080
 auth: password
 password: mewkmdasosafuio3422 # This is randomly generated for each config.yaml
 cert: false
 ```
 Each key in the file maps directly to a `code-server` flag. Run `code-server --help` to see
 a listing of all the flags.
 The default config here says to listen on the loopback IP port 8080, enable password authorization
 and no TLS. Any flags passed to `code-server` will take priority over the config file.
 The `--config` flag or `$CODE_SERVER_CONFIG` can be used to change the config file's location.
 The default location also respects `$XDG_CONFIG_HOME`.
 ## Isn't an install script piped into sh insecure?
 Please give
 [this wonderful blogpost](https://sandstorm.io/news/2015-09-24-is-curl-bash-insecure-pgp-verified-install) by
 [sandstorm.io](https://sandstorm.io) a read.
 ## How do I make my keyboard shortcuts work?
 Many shortcuts will not work by default as they'll be caught by the browser.
 If you use Chrome you can get around this by installing the PWA.
 Once you've entered the editor, click the "plus" icon present in the URL toolbar area.
 This will install a Chrome PWA and now all keybindings will work!
 For other browsers you'll have to remap keybindings unfortunately.
 ## How do I access my Documents/Downloads/Desktop folders in code-server on OSX?
 Newer versions of macOS require permission through a non-UNIX mechanism for access to the Desktop, Documents, Pictures, Downloads, and other folders.
 You may have to give Node "full disk access" since it doesn't implement any of the macOS permission request stuff natively.
 1. Find where Node is installed on your machine
   ```console
-   $ which node
+   ➜ ~ which node
   /usr/local/bin/node
   ```
-2. Grant Node.js full disk access. Open **System Preferences** > **Security &
+1. Grant Node Full Disk Access:
   Privacy** > **Privacy** > **Full Disk Access**. Then, click the 🔒 to unlock,
   click **+**, and select the Node.js binary you located in the previous step.
-See [#2794](https://github.com/cdr/code-server/issues/2794) for additional context.
+Open System Preferences > Security & Privacy > Privacy (horizontal) tab > Full Disk Access (vertical) tab > Click the 🔒 to unlock > Click + and select the Node binary you located.
-## How do I direct server-side requests through a proxy?
+See [#2794](https://github.com/cdr/code-server/issues/2794) for context on this.
-> code-server proxies only server-side requests.
+## Differences compared to Theia?
-To direct server-side requests through a proxy, code-server supports the
+[Theia](https://github.com/eclipse-theia/theia) is a browser IDE loosely based on VS Code. It uses the same
-following environment variables:
+text editor library named [Monaco](https://github.com/Microsoft/monaco-editor) and the same
 extension API but everything else is very different. It also uses [open-vsx.org](https://open-vsx.org)
 for extensions which has an order of magnitude less extensions than our marketplace.
 See [#1473](https://github.com/cdr/code-server/issues/1473).
- `$HTTP_PROXY`
+You can't just use your VS Code config in Theia like you can with code-server.
- `$HTTPS_PROXY`
+
- `$NO_PROXY`
+To summarize, code-server is a patched fork of VS Code to run in the browser whereas
 Theia takes some parts of VS Code but is an entirely different editor.
 ## `$HTTP_PROXY`, `$HTTPS_PROXY`, `$NO_PROXY`
 code-server supports the standard environment variables to allow directing
 server side requests through a proxy.
 ```sh
 export HTTP_PROXY=https://134.8.5.4
@@ -246,156 +446,18 @@ export HTTPS_PROXY=https://134.8.5.4
 code-server
 ```
- See
+- See [proxy-from-env](https://www.npmjs.com/package/proxy-from-env#environment-variables)
-  [proxy-from-env](https://www.npmjs.com/package/proxy-from-env#environment-variables)
+  for a detailed reference on the various environment variables and their syntax.
-  for a detailed reference on these environment variables and their syntax (note
+  - code-server only uses the `http` and `https` protocols.
-  that code-server only uses the `http` and `https` protocols).
+- See [proxy-agent](https://www.npmjs.com/package/proxy-agent) for the various supported
- See [proxy-agent](https://www.npmjs.com/package/proxy-agent) for information
+  proxy protocols.
  on on the supported proxy protocols.
-## How do I debug issues with code-server?
+**note**: Only server side requests will be proxied! This includes fetching extensions,
 requests made from extensions etc. To proxy requests from your browser you need to
 configure your browser separately. Browser requests would cover exploring the extension
 marketplace.
-First, run code-server with the `debug` logging (or `trace` to be really
+## Enterprise
 thorough) by setting the `--log` flag or the `LOG_LEVEL` environment variable.
 `-vvv` and `--verbose` are aliases for `--log trace`.
-First, run code-server with `debug` logging (or `trace` logging for more
+Visit [our enterprise page](https://coder.com) for more information about our
-thorough messages) by setting the `--log` flag or the `LOG_LEVEL` environment
+enterprise offerings.
 variable.
 ```text
 code-server --log debug
 ```
 > Note that the `-vvv` and `--verbose` flags are aliases for `--log trace`.
 Next, replicate the issue you're having so that you can collect logging
 information from the following places:
 1. The most recent files from `~/.local/share/code-server/coder-logs`
 2. The browser console
 3. The browser network tab
 Additionally, collecting core dumps (you may need to enable them first) if
 code-server crashes can be helpful.
 ## What is the healthz endpoint?
 You can use the `/healthz` endpoint exposed by code-server to check whether
 code-server is running without triggering a heartbeat. The response includes a
 status (e.g., `alive` or `expired`) and a timestamp for the last heartbeat
 (the default is `0`).
 ```json
 {
  "status": "alive",
  "lastHeartbeat": 1599166210566
 }
 ```
 This endpoint doesn't require authentication.
 ## What is the heartbeat file?
 As long as there is an active browser connection, code-server touches
 `~/.local/share/code-server/heartbeat` once a minute.
 If you want to shutdown code-server if there hasn't been an active connection
 after a predetermined amount of time, you can do so by checking continuously for
 the last modified time on the heartbeat file. If it is older than X minutes (or
 whatever amount of time you'd like), you can kill code-server.
 Eventually, [#1636](https://github.com/cdr/code-server/issues/1636) will make
 this process better.
 ## How do I change the password?
 Edit the `password` field in the code-server config file at
 `~/.config/code-server/config.yaml`, then restart code-server:
 ```bash
 sudo systemctl restart code-server@$USER
 ```
 ## Can I store my password hashed?
 Yes, you can do so by setting the value of `hashed-password` instead of `password`. Generate the hash with:
 ```shell
 echo -n "thisismypassword" | npx argon2-cli -e
 $argon2i$v=19$m=4096,t=3,p=1$wst5qhbgk2lu1ih4dmuxvg$ls1alrvdiwtvzhwnzcm1dugg+5dto3dt1d5v9xtlws4
 ```
 Replace `thisismypassword` with your actual password and **remember to put it
 inside quotes**! For example:
 ```yaml
 auth: password
 hashed-password: "$argon2i$v=19$m=4096,t=3,p=1$wST5QhBgk2lu1ih4DMuxvg$LS1alrVdIWtvZHwnzCM1DUGg+5DTO3Dt1d5v9XtLws4"
 ```
 The `hashed-password` field takes precedence over `password`.
 ## Is multi-tenancy possible?
 If you want to run multiple code-servers on shared infrastructure, we recommend
 using virtual machines (provide one VM per user). This will easily allow users
 to run a Docker daemon. If you want to use Kubernetes, you'll want to
 use [kubevirt](https://kubevirt.io) or
 [sysbox](https://github.com/nestybox/sysbox) to give each user a VM-like
 experience instead of just a container.
 ## Can I use Docker in a code-server container?
 If you'd like to access Docker inside of code-server, mount the Docker socket in
 from `/var/run/docker.sock`. Then, install the Docker CLI in the code-server
 container, and you should be able to access the daemon.
 You can even make volume mounts work. Let's say you want to run a container and
 mount into `/home/coder/myproject` from inside the `code-server` container. You
 need to make sure the Docker daemon's `/home/coder/myproject` is the same as the
 one mounted inside the `code-server` container, and the mount will work.
 ## How do I disable telemetry?
 Use the `--disable-telemetry` flag to disable telemetry.
 > We use the data collected only to improve code-server.
 ## What's the difference between code-server and Theia?
 At a high level, code-server is a patched fork of VS Code that runs in the
 browser whereas Theia takes some parts of VS Code but is an entirely different
 editor.
 [Theia](https://github.com/eclipse-theia/theia) is a browser IDE loosely based
 on VS Code. It uses the same text editor library
 ([Monaco](https://github.com/Microsoft/monaco-editor)) and extension API, but
 everything else is different. Theia also uses [Open VSX](https://open-vsx.org)
 for extensions.
 Theia doesn't allow you to reuse your existing VS Code config.
 ## What's the difference between code-server and VS Code Codespaces?
 Both code-server and VS Code Codespaces allow you to access VS Code via a
 browser.
 VS Code Codespaces, however, is a closed-source, paid service offered by
 Microsoft. While you can self-host environments with VS Code Codespaces, you
 still need an Azure billing account, and you must access VS Code via the
 Codespaces web dashboard instead of connecting directly to it.
 On the other hand, code-server is free, open-source, and can be run on any
 machine with few limitations.
 ## Does code-server have any security login validation?
 code-server supports setting a single password and limits logins to two per
 minute plus an additional twelve per hour.
 ## Are there community projects involving code-server?
 Visit the [awesome-code-server](https://github.com/cdr/awesome-code-server)
 repository to view community projects and guides with code-server! Feel free to
 add your own!
--- a/docs/MAINTAINING.md
+++ b/docs/MAINTAINING.md
@@ -2,157 +2,91 @@
 <!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
 # Maintaining
 - [Maintaining](#maintaining)
  - [Workflow](#workflow)
    - [Milestones](#milestones)
    - [Triage](#triage)
-  - [Project boards](#project-boards)
+    - [Project Boards](#project-boards)
  - [Versioning](#versioning)
- [Pull requests](#pull-requests)
+  - [Pull Requests](#pull-requests)
-  - [Merge strategies](#merge-strategies)
+    - [Merge Strategies](#merge-strategies)
-  - [Changelog](#changelog)
+  - [Release](#release)
- [Releases](#releases)
+    - [Release Manager Rotation](#release-manager-rotation)
  - [Publishing a release](#publishing-a-release)
 <!-- END doctoc generated TOC please keep comment here to allow auto update -->
 # Maintaining
 Current maintainers:
 - @code-asher
 - @oxy
 - @jsjoeio
-This document is meant to serve current and future maintainers of code-server,
+This document is meant to serve current and future maintainers of code-server, but also share openly our workflow for maintaining the project.
 as well as share our workflow for maintaining the project.
 ## Workflow
-The workflow used by code-server maintainers aims to be easy to understood by
+The workflow used by code-server maintainers is one that aims to be easy to understood by the community and easy enough for new maintainers to jump in and start contributing on day one.
 the community and easy enough for new maintainers to jump in and start
 contributing on day one.
 ### Milestones
-We operate mainly using
+We operate mainly using [milestones](https://github.com/cdr/code-server/milestones). This was heavily inspired by our friends over at [vscode](https://github.com/microsoft/vscode).
 [milestones](https://github.com/cdr/code-server/milestones). This was heavily
 inspired by our friends over at [vscode](https://github.com/microsoft/vscode).
 Here are the milestones we use and how we use them:
 - "Backlog" -> Work not yet planned for a specific release.
 - "On Deck" -> Work under consideration for upcoming milestones.
- "Backlog Candidates" -> Work that is not yet accepted for the backlog. We wait
+- "Backlog Candidates" -> Work that is not yet accepted for the backlog. We wait for the community to weigh in.
-  for the community to weigh in.
+- "<0.0.0>" -> Work to be done for that version.
 - "<0.0.0>" -> Work to be done for a specific version.
-With this flow, any un-assigned issues are essentially in triage state. Once
+With this flow, any un-assigned issues are essentially in triage state and once triaged are either "Backlog" or "Backlog Candidates". They will eventually move to "On Deck" (or be closed). Lastly, they will end up on a version milestone where they will be worked on.
 triaged, issues are either "Backlog" or "Backlog Candidates". They will
 eventually move to "On Deck" (or be closed). Lastly, they will end up on a
 version milestone where they will be worked on.
 ### Triage
 We use the following process for triaging GitHub issues:
-1. Create an issue
+1. a submitter creates an issue
-1. Add appropriate labels to the issue (including "needs-investigation" if we
+1. add appropriate labels
-   should look into it further)
+   1. if we need to look into it further, add "needs-investigation"
-1. Add the issue to a milestone
+1. add to milestone
-   1. If it should be fixed soon, add to version milestone or "On Deck"
+   1. if it should be fixed soon, add to version milestone or "On Deck"
-   2. If not urgent, add to "Backlog"
+   1. if not urgent, add to "Backlog"
-   3. Otherwise, add to "Backlog Candidate" for future consideration
+   1. otherwise, add to "Backlog Candidate" if it should be considered
-### Project boards
+### Project Boards
 We use project boards for projects or goals that span multiple milestones.
-Think of this as a place to put miscellaneous things (like testing, clean up
+Think of this as a place to put miscellaneous things (like testing, clean up stuff, etc). As a maintainer, random todos may come up here and there. This gives you a place to add notes temporarily before opening a new issue. Given that our release milestones function off of issues, we believe tasks should have dedicated issues.
 stuff, etc). As a maintainer, random tasks may come up here and there. The
 project boards give you places to add temporary notes before opening a new
 issue. Given that our release milestones function off of issues, we believe
 tasks should have dedicated issues.
-Project boards also give us a way to separate the issue triage from
+It also gives us a way to separate the issue triage from bigger-picture, long-term work.
 bigger-picture, long-term work.
 ## Versioning
 `<major.minor.patch>`
-The code-server project follows traditional [semantic
+The code-server project follows traditional [semantic versioning](https://semver.org/), with the objective of minimizing major changes that break backward compatibility. We increment the patch level for all releases, except when the upstream Visual Studio Code project increments its minor version or we change the plugin API in a backward-compatible manner. In those cases, we increment the minor version rather than the patch level.
 versioning](https://semver.org/), with the objective of minimizing major changes
 that break backward compatibility. We increment the patch level for all
 releases, except when the upstream Visual Studio Code project increments its
 minor version or we change the plugin API in a backward-compatible manner. In
 those cases, we increment the minor version rather than the patch level.
-## Pull requests
+## Pull Requests
-Ideally, every PR should fix an issue. If it doesn't, make sure it's associated
+Ideally, every PR should fix an issue. If it doesn't, make sure it's associated with a version milestone.
 with a version milestone.
-If a PR does fix an issue, don't add it to the version milestone. Otherwise, the
+If a PR does fix an issue, don't add it to the version milestone. Otherwise, the version milestone will have duplicate information: the issue & the PR fixing the issue.
 version milestone will have duplicate information: the issue and the PR fixing
 the issue.
-### Merge strategies
+### Merge Strategies
-For most things, we recommend the **squash and merge** strategy. If you're
+For most things, we recommend "Squash and Merge". If you're updating `lib/vscode`, we suggest using the "Rebase and Merge" strategy. There may be times where "Create a merge commit" makes sense as well. Use your best judgement. If you're unsure, you can always discuss in the PR with the team.
-updating `lib/vscode`, we suggest using the **rebase and merge** strategy. There
+The code-server project follows traditional [semantic versioning](ttps://semver.org/), with the objective of minimizing major changes that break backward compatibility. We increment the patch level for all releases, except when the upstream Visual Studio Code project increments its minor version or we change the plugin API in a backward-compatible manner. In those cases, we increment the minor version rather than the patch level.
 may be times where **creating a merge commit** makes sense as well. Use your
 best judgment. If you're unsure, you can always discuss in the PR with the team.
-### Changelog
+## Release
-To save time when creating a new release for code-server, we keep a running
+### Release Manager Rotation
 changelog at `CHANGELOG.md`.
-If either the author or reviewer of a PR believes the change should be mentioned
+With each release, we rotate the role of "release manager" to ensure every maintainer goes through the process. This helps us keep documentation up-to-date and encourages us to continually review and improve the flow with each set of eyes.
 in the changelog, then it should be added.
 If there is not a **Next Version** when you modify `CHANGELOG.md`, please add it
 using the template you see near the top of the changelog.
 When writing your changelog item, ask yourself:
 1. How do these changes affect code-server users?
 2. What actions do they need to take (if any)?
 If you need inspiration, we suggest looking at the [Emacs
 changelog](https://github.com/emacs-mirror/emacs/blob/master/etc/NEWS).
 ## Releases
 With each release, we rotate the role of release manager to ensure every
 maintainer goes through the process. This helps us keep documentation up-to-date
 and encourages us to continually review and improve the flow.
 If you're the current release manager, follow these steps:
 1. Create a [release issue](../.github/ISSUE_TEMPLATE/release.md)
-1. Fill out checklist
+2. Fill out checklist
-1. Publish the release
+3. After release is published, close release milestone
 1. After release is published, close release milestone
 ### Publishing a release
 1. Run `yarn release:prep` and type in the new version (e.g., `3.8.1`)
 1. GitHub Actions will generate the `npm-package`, `release-packages` and
   `release-images` artifacts. You do not have to wait for this step to complete
   before proceeding.
 1. Run `yarn release:github-draft` to create a GitHub draft release from the
   template with the updated version.
 1. Summarize the major changes in the release notes and link to the relevant
   issues.
 1. Change the @ to target the version branch. Example: `v3.9.0 @ Target: v3.9.0`
 1. Wait for the `npm-package`, `release-packages` and `release-images` artifacts
   to build.
 1. Run `yarn release:github-assets` to download the `release-packages` artifact.
   They will upload them to the draft release.
 1. Run some basic sanity tests on one of the released packages (pay special
   attention to making sure the terminal works).
 1. Publish the release and merge the PR. CI will automatically grab the
   artifacts, publish the NPM package from `npm-package`, and publish the Docker
   Hub image from `release-images`.
 1. Update the AUR package. Instructions for updating the AUR package are at
   [cdr/code-server-aur](https://github.com/cdr/code-server-aur).
 1. Wait for the npm package to be published.
--- a/docs/README.md
+++ b/docs/README.md
@@ -1,89 +0,0 @@
 # code-server
 [!["GitHub Discussions"](https://img.shields.io/badge/%20GitHub-%20Discussions-gray.svg?longCache=true&logo=github&colorB=purple)](https://github.com/cdr/code-server/discussions) [!["Join us on Slack"](https://img.shields.io/badge/join-us%20on%20slack-gray.svg?longCache=true&logo=slack&colorB=brightgreen)](https://cdr.co/join-community) [![Twitter Follow](https://img.shields.io/twitter/follow/CoderHQ?label=%40CoderHQ&style=social)](https://twitter.com/coderhq) [![codecov](https://codecov.io/gh/cdr/code-server/branch/main/graph/badge.svg?token=5iM9farjnC)](https://codecov.io/gh/cdr/code-server) [![See v3.11.1 docs](https://img.shields.io/static/v1?label=Docs&message=see%20v3.11.1%20&color=blue)](https://github.com/cdr/code-server/tree/v3.11.1/docs)
 Run [VS Code](https://github.com/Microsoft/vscode) on any machine anywhere and
 access it in the browser.
 ![Screenshot](./assets/screenshot.png)
 ## Highlights
 - Code on any device with a consistent development environment
 - Use cloud servers to speed up tests, compilations, downloads, and more
 - Preserve battery life when you're on the go; all intensive tasks run on your
  server
 ## Requirements
 See [requirements](requirements.md) for minimum specs, as well as instructions
 on how to set up a Google VM on which you can install code-server.
 **TL;DR:** Linux machine with WebSockets enabled, 1 GB RAM, and 2 CPUs
 ## Getting started
 There are three ways to get started:
 1. Using the [install
   script](https://github.com/cdr/code-server/blob/main/install.sh), which
   automates most of the process. The script uses the system package manager if
   possible.
 2. Manually [installing
   code-server](https://coder.com/docs/code-server/v3.11.1/install)
 3. Using our one-click buttons and guides to [deploy code-server to a cloud
   provider](https://github.com/cdr/deploy-code-server) ⚡
 If you use the install script, you can preview what occurs during the install
 process:
 ```bash
 curl -fsSL https://code-server.dev/install.sh | sh -s -- --dry-run
 ```
 To install, run:
 ```bash
 curl -fsSL https://code-server.dev/install.sh | sh
 ```
 When done, the install script prints out instructions for running and starting
 code-server.
 We also have an in-depth [setup and
 configuration](https://coder.com/docs/code-server/v3.11.1/guide) guide.
 ### code-server --link
 We're working on a cloud platform that makes deploying and managing code-server
 easier. Consider running code-server with the beta flag `--link` if you don't
 want to worry about:
 - TLS
 - Authentication
 - Port forwarding
 ```bash
 $ code-server --link
 Proxying code-server, you can access your IDE at https://example.cdr.co
 ```
 ## Questions?
 See answers to [frequently asked
 questions](https://coder.com/docs/code-server/v3.11.1/FAQ).
 ## Want to help?
 See [Contributing](https://coder.com/docs/code-server/v3.11.1/CONTRIBUTING) for
 details.
 ## Hiring
 Interested in [working at Coder](https://coder.com/careers)? Check out [our open
 positions](https://coder.com/careers#openings)!
 ## For Organizations
 Want remote development for your organization or enterprise? Visit [our
 website](https://coder.com) to learn more about Coder.
--- a/docs/SECURITY.md
+++ b/docs/SECURITY.md
@@ -1,30 +1,24 @@
 # Security Policy
-Coder and the code-server team want to keep the code-server project secure and safe for end-users.
+The code-server team (and Coder, the organization) care a lot about keeping the project secure and safe for end-users.
 ## Tools
-We use the following tools to help us stay on top of vulnerability mitigation.
+We use a combination of tools to help us stay on top of vulnerabilities.
 - [dependabot](https://dependabot.com/)
-  - Submits pull requests to upgrade dependencies. We use dependabot's version
+  - Submits pull requests to upgrade dependencies. We use dependabot's version upgrades as well as security updates.
    upgrades as well as security updates.
 - code-scanning
  - [CodeQL](https://securitylab.github.com/tools/codeql/)
-    - Semantic code analysis engine that runs on a regular schedule (see
+    - Semantic code analysis engine that runs on a regular schedule (see `codeql-analysis.yml`)
      `codeql-analysis.yml`)
  - [trivy](https://github.com/aquasecurity/trivy)
-    - Comprehensive vulnerability scanner that runs on PRs into the default
+    - Comprehensive vulnerability scanner that runs on PRs into the default branch and scans both our container image and repository code (see `trivy-scan-repo` and `trivy-scan-image` jobs in `ci.yaml`)
      branch and scans both our container image and repository code (see
      `trivy-scan-repo` and `trivy-scan-image` jobs in `ci.yaml`)
 - [`audit-ci`](https://github.com/IBM/audit-ci)
-  - Audits npm and Yarn dependencies in CI (see `Audit for vulnerabilities` step
+  - Audits npm and Yarn dependencies in CI (see "Audit for vulnerabilities" step in `ci.yaml`) on PRs into the default branch and fails CI if moderate or higher vulnerabilities(see the `audit.sh` script) are present.
    in `ci.yaml`) on PRs into the default branch and fails CI if moderate or
    higher vulnerabilities (see the `audit.sh` script) are present.
 ## Supported Versions
-Coder sponsors the development and maintenance of the code-server project. We will fix security issues within 90 days of receiving a report and publish the fix in a subsequent release. The code-server project does not provide backports or patch releases for security issues at this time.
+Coder sponsors development and maintenance of the code-server project. We will fix security issues within 90 days of receiving a report, and publish the fix in a subsequent release. The code-server project does not provide backports or patch releases for security issues at this time.
 | Version                                               | Supported          |
 | ----------------------------------------------------- | ------------------ |
@@ -32,4 +26,4 @@ Coder sponsors the development and maintenance of the code-server project. We wi
 ## Reporting a Vulnerability
-To report a vulnerability, please send an email to security[@]coder.com, and our security team will respond to you.
+To report a vulnerability, please send an email to security[@]coder.com and our security team will respond to you.
--- a/docs/guide.md
+++ b/docs/guide.md
@@ -2,97 +2,159 @@
 <!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
 # Setup Guide
- [Expose code-server](#expose-code-server)
+- [1. Acquire a remote machine](#1-acquire-a-remote-machine)
-  - [Port forwarding via SSH](#port-forwarding-via-ssh)
+  - [Requirements](#requirements)
-  - [Using Let's Encrypt with Caddy](#using-lets-encrypt-with-caddy)
+  - [Google Cloud](#google-cloud)
-  - [Using Let's Encrypt with NGINX](#using-lets-encrypt-with-nginx)
+- [2. Install code-server](#2-install-code-server)
-  - [Using a self-signed certificate](#using-a-self-signed-certificate)
+- [3. Expose code-server](#3-expose-code-server)
- [External authentication](#external-authentication)
+  - [SSH forwarding](#ssh-forwarding)
- [HTTPS and self-signed certificates](#https-and-self-signed-certificates)
+  - [Let's Encrypt](#lets-encrypt)
- [Accessing web services](#accessing-web-services)
+    - [NGINX](#nginx)
-  - [Using a subdomain](#using-a-subdomain)
+  - [Self Signed Certificate](#self-signed-certificate)
-  - [Using a subpath](#using-a-subpath)
+  - [Change the password?](#change-the-password)
-  - [Stripping `/proxy/<port>` from the request path](#stripping-proxyport-from-the-request-path)
+  - [How do I securely access development web services?](#how-do-i-securely-access-development-web-services)
  - [Proxying to create a React app](#proxying-to-create-a-react-app)
 <!-- END doctoc generated TOC please keep comment here to allow auto update -->
-This article will walk you through exposing code-server securely once you've
+This guide demonstrates how to setup and use `code-server`.
-completed the [installation process](install.md).
+To reiterate, `code-server` lets you run VS Code on a remote server and then access it via a browser.
-## Expose code-server
+Further docs are at:
-**Never** expose code-server directly to the internet without some form of
+- [README](../README.md) for a general overview
-authentication and encryption, otherwise someone can take over your machine via
+- [INSTALL](../docs/install.md) for installation
-the terminal.
+- [FAQ](./FAQ.md) for common questions.
 - [CONTRIBUTING](../docs/CONTRIBUTING.md) for development docs
-By default, code-server uses password authentication. As such, you must copy the
+We highly recommend reading the [FAQ](./FAQ.md) on the [Differences compared to VS Code](./FAQ.md#differences-compared-to-vs-code) before beginning.
 password from code-server's config file to log in. To avoid exposing itself
 unnecessarily, code-server listens on `localhost`; this practice is fine for
 testing, but it doesn't work if you want to access code-server from a different
 machine.
-> **Rate limits:** code-server rate limits password authentication attempts to
+We'll walk you through acquiring a remote machine to run `code-server` on
-> two per minute and twelve per hour.
+and then exposing `code-server` so you can securely access it.
-There are several approaches to operating and exposing code-server securely:
+## 1. Acquire a remote machine
- Port forwarding via SSH
+First, you need a machine to run `code-server` on. You can use a physical
- Using Let's Encrypt with Caddy
+machine you have lying around or use a VM on GCP/AWS.
 - Using Let's Encrypt with NGINX
 - Using a self-signed certificate
-### Port forwarding via SSH
+### Requirements
-We highly recommend using [port forwarding via
+For a good experience, we recommend at least:
 SSH](https://help.ubuntu.com/community/SSH/OpenSSH/PortForwarding) to access
 code-server. If you have an SSH server on your remote machine, this approach
 doesn't required additional setup.
-The downside to SSH forwarding, however, is that you can't access code-server
+- 1 GB of RAM
-when using machines without SSH clients (such as iPads). If this applies to you,
+- 2 cores
 we recommend using another method, such as [Let's Encrypt](#let-encrypt) instead.
-> To work properly, your environment should have WebSockets enabled, which
+You can use whatever linux distribution floats your boat but in this guide we assume Debian on Google Cloud.
 > code-server uses to communicate between the browser and server.
-1. SSH into your instance and edit the code-server config file to disable
+### Google Cloud
   password authentication:
-   ```console
+For demonstration purposes, this guide assumes you're using a VM on GCP but you should be
 able to easily use any machine or VM provider.
 You can sign up at https://console.cloud.google.com/getting-started. You'll get a 12 month \$300
 free trial.
 Once you've signed up and created a GCP project, create a new Compute Engine VM Instance.
 1. Navigate to `Compute Engine -> VM Instances` on the sidebar.
 2. Now click `Create Instance` to create a new instance.
 3. Name it whatever you want.
 4. Choose the region closest to you based on [gcping.com](http://www.gcping.com).
 5. Any zone is fine.
 6. We'd recommend a `E2` series instance from the General-purpose family.
   - Change the type to custom and set at least 2 cores and 2 GB of ram.
   - Add more vCPUs and memory as you prefer, you can edit after creating the instance as well.
   - https://cloud.google.com/compute/docs/machine-types#general_purpose
 7. We highly recommend switching the persistent disk to an SSD of at least 32 GB.
   - Click `Change` under `Boot Disk` and change the type to `SSD Persistent Disk` and the size
     to `32`.
   - You can always grow your disk later.
 8. Navigate to `Networking -> Network interfaces` and edit the existing interface
   to use a static external IP.
   - Click done to save network interface changes.
 9. If you do not have a [project wide SSH key](https://cloud.google.com/compute/docs/instances/adding-removing-ssh-keys#project-wide), navigate to `Security -> SSH Keys` and add your public key there.
 10. Click create!
 Remember, you can shutdown your server when not in use to lower costs.
 We highly recommend learning to use the [`gcloud`](https://cloud.google.com/sdk/gcloud) cli
 to avoid the slow dashboard.
 ## 2. Install code-server
 We have a [script](../install.sh) to install `code-server` for Linux, macOS and FreeBSD.
 It tries to use the system package manager if possible.
 First run to print out the install process:
 ```bash
 curl -fsSL https://code-server.dev/install.sh | sh -s -- --dry-run
 ```
 Now to actually install:
 ```bash
 curl -fsSL https://code-server.dev/install.sh | sh
 ```
 The install script will print out how to run and start using `code-server`.
 Docs on the install script, manual installation and docker image are at [./install.md](./install.md).
 ## 3. Expose code-server
 **Never**, **ever** expose `code-server` directly to the internet without some form of authentication
 and encryption as someone can completely takeover your machine with the terminal.
 By default, `code-server` will enable password authentication which will require you to copy the
 password from the`code-server`config file to login. It will listen on`localhost` to avoid exposing
 itself to the world. This is fine for testing but will not work if you want to access `code-server`
 from a different machine.
 There are several approaches to securely operating and exposing `code-server`.
 **tip**: You can list the full set of `code-server` options with `code-server --help`
 ### SSH forwarding
 We highly recommend this approach for not requiring any additional setup, you just need an
 SSH server on your remote machine. The downside is you won't be able to access `code-server`
 on any machine without an SSH client like on iPad. If that's important to you, skip to [Let's Encrypt](#lets-encrypt).
 First, ssh into your instance and edit your `code-server` config file to disable password authentication.
 ```bash
 # Replaces "auth: password" with "auth: none" in the code-server config.
 sed -i.bak 's/auth: password/auth: none/' ~/.config/code-server/config.yaml
 ```
-2. Restart code-server:
+Restart `code-server` with (assuming you followed the guide):
-   ```console
+```bash
 sudo systemctl restart code-server@$USER
 ```
-3. Forward local port `8080` to `127.0.0.1:8080` on the remote instance by running the following command on your local machine:
+Now forward local port 8080 to `127.0.0.1:8080` on the remote instance by running the following command on your local machine.
-   ```console
+Recommended reading: https://help.ubuntu.com/community/SSH/OpenSSH/PortForwarding.
 ```bash
 # -N disables executing a remote shell
 ssh -N -L 8080:127.0.0.1:8080 [user]@<instance-ip>
 ```
-4. At this point, you can access code-server by pointing your web browser to `http://127.0.0.1:8080`.
+Now if you access http://127.0.0.1:8080 locally, you should see `code-server`!
-5. If you'd like to make the port forwarding via SSH persistent, we recommend
+If you want to make the SSH port forwarding persistent we recommend using
-   using [mutagen](https://mutagen.io/documentation/introduction/installation)
+[mutagen](https://mutagen.io/documentation/introduction/installation).
   to do so. Once you've installed mutagen, you can port forward as follows:
   ```console
   # This is the same as the above SSH command, but it runs in the background
   # continuously. Be sure to add `mutagen daemon start` to your ~/.bashrc to
   # start the mutagen daemon when you open a shell.
 ```
 # Same as the above SSH command but runs in the background continuously.
 # Add `mutagen daemon start` to your ~/.bashrc to start the mutagen daemon when you open a shell.
 mutagen forward create --name=code-server tcp:127.0.0.1:8080 <instance-ip>:tcp:127.0.0.1:8080
 ```
-6. Optional, but highly recommended: add the following to `~/.ssh/config` so
+We also recommend adding the following lines to your `~/.ssh/config` to quickly detect bricked SSH connections:
   that you can detect bricked SSH connections:
 ```bash
 Host *
@@ -100,26 +162,24 @@ we recommend using another method, such as [Let's Encrypt](#let-encrypt) instead
 ExitOnForwardFailure yes
 ```
-> You can [forward your
+You can also forward your SSH and GPG agent to the instance to securely access GitHub
-> SSH](https://developer.github.com/v3/guides/using-ssh-agent-forwarding/) and
+and sign commits without copying your keys.
 > [GPG agent](https://wiki.gnupg.org/AgentForwarding) to the instance to
 > securely access GitHub and sign commits without having to copy your keys.
-### Using Let's Encrypt with Caddy
+1. https://developer.github.com/v3/guides/using-ssh-agent-forwarding/
 2. https://wiki.gnupg.org/AgentForwarding
-Using [Let's Encrypt](https://letsencrypt.org) is an option if you want to
+### Let's Encrypt
 access code-server on an iPad or do not want to use SSH port forwarding.
-1. This option requires that the remote machine be exposed to the internet. Make sure that your instance allows HTTP/HTTP traffic.
+[Let's Encrypt](https://letsencrypt.org) is a great option if you want to access `code-server` on an iPad
 or do not want to use SSH forwarding. This does require that the remote machine be exposed to the internet.
-1. You'll need a domain name (if you don't have one, you can purchase one from
+Assuming you have been following the guide, edit your instance and checkmark the allow HTTP/HTTPS traffic options.
   [Google Domains](https://domains.google.com) or the domain service of your
   choice)). Once you have a domain name, add an A record to your domain that contains your
   instance's IP address.
-1. Install [Caddy](https://caddyserver.com/docs/download#debian-ubuntu-raspbian):
+1. You'll need to buy a domain name. We recommend [Google Domains](https://domains.google.com).
 2. Add an A record to your domain with your instance's IP.
 3. Install caddy https://caddyserver.com/docs/download#debian-ubuntu-raspbian.
-```console
+```bash
 sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https
 curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/cfg/gpg/gpg.155B6D79CA56EA34.key' | sudo apt-key add -
 curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/cfg/setup/config.deb.txt?distro=debian&version=any-version' | sudo tee -a /etc/apt/sources.list.d/caddy-stable.list
@@ -127,17 +187,17 @@ sudo apt update
 sudo apt install caddy
 ```
-1. Replace `/etc/caddy/Caddyfile` using `sudo` so that the file looks like this:
+4. Replace `/etc/caddy/Caddyfile` with sudo to look like this:
-   ```text
+```
 mydomain.com
 reverse_proxy 127.0.0.1:8080
 ```
-   If you want to serve code-server from a sub-path, you can do so as follows:
+If you want to serve `code-server` from a sub-path, below is sample configuration for Caddy:
-   ```text
+```
 mydomain.com/code/* {
  uri strip_prefix /code
  reverse_proxy 127.0.0.1:8080
@@ -146,35 +206,31 @@ sudo apt install caddy
 Remember to replace `mydomain.com` with your domain name!
-1. Reload Caddy:
+5. Reload caddy with:
-   ```console
+```bash
 sudo systemctl reload caddy
 ```
-At this point, you should be able to access code-server via
+Visit `https://<your-domain-name>` to access `code-server`. Congratulations!
 `https://mydomain.com`.
-### Using Let's Encrypt with NGINX
+In a future release we plan to integrate Let's Encrypt directly with `code-server` to avoid
 the dependency on caddy.
-1. This option requires that the remote machine be exposed to the internet. Make sure that your instance allows HTTP/HTTP traffic.
+#### NGINX
-1. You'll need a domain name (if you don't have one, you can purchase one from
+If you prefer to use NGINX instead of Caddy then please follow steps 1-2 above and then:
   [Google Domains](https://domains.google.com) or the domain service of your
   choice)). Once you have a domain name, add an A record to your domain that contains your
   instance's IP address.
-1. Install NGINX:
+3. Install `nginx`:
 ```bash
 sudo apt update
 sudo apt install -y nginx certbot python3-certbot-nginx
 ```
-1. Update `/etc/nginx/sites-available/code-server` using sudo with the following
+4. Put the following config into `/etc/nginx/sites-available/code-server` with sudo:
   configuration:
-   ```text
+```nginx
 server {
    listen 80;
    listen [::]:80;
@@ -190,46 +246,35 @@ At this point, you should be able to access code-server via
 }
 ```
-   Be sure to replace `mydomain.com` with your domain name!
+Remember to replace `mydomain.com` with your domain name!
-1. Enable the config:
+5. Enable the config:
-   ```console
+```bash
 sudo ln -s ../sites-available/code-server /etc/nginx/sites-enabled/code-server
 sudo certbot --non-interactive --redirect --agree-tos --nginx -d mydomain.com -m me@example.com
 ```
-   Be sure to replace `me@example.com` with your actual email.
+Make sure to substitute `me@example.com` with your actual email.
-At this point, you should be able to access code-server via
+Visit `https://<your-domain-name>` to access `code-server`. Congratulations!
 `https://mydomain.com`.
-### Using a self-signed certificate
+### Self Signed Certificate
-> Self signed certificates do not work with iPad; see [./ipad.md](./ipad.md) for
+**note:** Self signed certificates do not work with iPad normally. See [./ipad.md](./ipad.md) for details.
 > more information.
-Before proceeding, we recommend familiarizing yourself with the [risks of
+Recommended reading: https://security.stackexchange.com/a/8112.
 self-signing a certificate for
 SSL](https://security.stackexchange.com/questions/8110).
-We recommend self-signed certificates as a last resort, since self-signed
+We recommend this as a last resort because self signed certificates do not work with iPads and can
-certificates do not work with iPads and may cause unexpected issues with
+cause other bizarre issues. Not to mention all the warnings when you access `code-server`.
-code-server. You should only proceed with this option if:
+Only use this if:
- You do not want to buy a domain or you cannot expose the remote machine to
+1. You do not want to buy a domain or you cannot expose the remote machine to the internet.
-  the internet
+2. You do not want to use SSH forwarding.
 - You do not want to use port forwarding via SSH
-To use a self-signed certificate:
+ssh into your instance and edit your code-server config file to use a randomly generated self signed certificate:
-1. This option requires that the remote machine be exposed to the internet. Make
+```bash
   sure that your instance allows HTTP/HTTP traffic.
 1. SSH into your instance and edit your code-server config file to use a
   randomly generated self-signed certificate:
   ```console
 # Replaces "cert: false" with "cert: true" in the code-server config.
 sed -i.bak 's/cert: false/cert: true/' ~/.config/code-server/config.yaml
 # Replaces "bind-addr: 127.0.0.1:8080" with "bind-addr: 0.0.0.0:443" in the code-server config.
@@ -238,113 +283,35 @@ To use a self-signed certificate:
 sudo setcap cap_net_bind_service=+ep /usr/lib/code-server/lib/node
 ```
-1. Restart code-server:
+Assuming you have been following the guide, restart `code-server` with:
-   ```console
+```bash
 sudo systemctl restart code-server@$USER
 ```
-At this point, you should be able to access code-server via
+Edit your instance and checkmark the allow HTTPS traffic option.
 `https://<your-instance-ip>`.
-If you'd like to avoid the warnings displayed by code-server when using a
+Visit `https://<your-instance-ip>` to access `code-server`.
-self-signed certificate, you can use [mkcert](https://mkcert.dev) to create a
+You'll get a warning when accessing but if you click through you should be good.
 self-signed certificate that's trusted by your operating system, then pass the
 certificate to code-server via the `cert` and `cert-key` config fields.
-## External authentication
+To avoid the warnings, you can use [mkcert](https://mkcert.dev) to create a self signed certificate
 trusted by your OS and then pass it into `code-server` via the `cert` and `cert-key` config
 fields.
-If you want to use external authentication mechanism (e.g., Sign in with
+### Change the password?
 Google), you can do this with a reverse proxy such as:
- [Pomerium](https://www.pomerium.io/guides/code-server.html)
+Edit the `password` field in the `code-server` config file at `~/.config/code-server/config.yaml`
- [oauth2_proxy](https://github.com/pusher/oauth2_proxy)
+and then restart `code-server` with:
 - [Cloudflare Access](https://teams.cloudflare.com/access)
-## HTTPS and self-signed certificates
+```bash
-
+sudo systemctl restart code-server@$USER
 For HTTPS, you can use a self-signed certificate by:
 - Passing in `--cert`
 - Passing in an existing certificate by providing the path to `--cert` and the
  path to the key with `--cert-key`
 The self signed certificate will be generated to
 `~/.local/share/code-server/self-signed.crt`.
 If you pass a certificate to code-server, it will respond to HTTPS requests and
 redirect all HTTP requests to HTTPS.
 > You can use [Let's Encrypt](https://letsencrypt.org/) to get a TLS certificate
 > for free.
 Note: if you set `proxy_set_header Host $host;` in your reverse proxy config, it will change the address displayed in the green section of code-server in the bottom left to show the correct address.
 ## Accessing web services
 If you're working on web services and want to access it locally, code-server
 can proxy to any port using either a subdomain or a subpath, allowing you to
 securely access these services using code-server's built-in authentication.
 ### Using a subdomain
 You will need a DNS entry that points to your server for each port you want to
 access. You can either set up a wildcard DNS entry for `*.<domain>` if your
 domain name registrar supports it, or you can create one for every port you want
 to access (`3000.<domain>`, `8080.<domain>`, etc).
 You should also set up TLS certificates for these subdomains, either using a
 wildcard certificate for `*.<domain>` or individual certificates for each port.
 To set your domain, start code-server with the `--proxy-domain` flag:
 ```console
 code-server --proxy-domain <domain>
 ```
-Now you can browse to `<port>.<domain>`. Note that this uses the host header, so
+Alternatively, you can specify the SHA-256 of your password at the `hashed-password` field in the config file.
-ensure your reverse proxy (if you're using one) forwards that information.
+The `hashed-password` field takes precedence over `password`.
-### Using a subpath
+### How do I securely access development web services?
-Simply browse to `/proxy/<port>/`.
+If you're working on a web service and want to access it locally, `code-server` can proxy it for you.
-### Stripping `/proxy/<port>` from the request path
+See the [FAQ](./FAQ.md#how-do-i-securely-access-web-services).
 You may notice that the code-server proxy strips `/proxy/<port>` from the
 request path.
 HTTP servers should use relative URLs to avoid the need to be coupled to the
 absolute path at which they are served. This means you must [use trailing
 slashes on all paths with
 subpaths](https://blog.cdivilly.com/2019/02/28/uri-trailing-slashes).
 This reasoning is why the default behavior is to strip `/proxy/<port>` from the
 base path. If your application uses relative URLs and does not assume the
 absolute path at which it is being served, it will just work no matter what port
 you decide to serve it off or if you put it in behind code-server or any other
 proxy.
 However, some prefer the cleaner aesthetic of no trailing slashes. Omitting the
 trailing slashes couples you to the base path, since you cannot use relative
 redirects correctly anymore. If you're okay with this tradeoff, use `/absproxy`
 instead and the path will be passed as is (e.g., `/absproxy/3000/my-app-path`).
 ### Proxying to create a React app
 You must use `/absproxy/<port>` with `create-react-app` (see
 [#2565](https://github.com/cdr/code-server/issues/2565) and
 [#2222](https://github.com/cdr/code-server/issues/2222) for more information).
 You will need to inform `create-react-app` of the path at which you are serving
 via `$PUBLIC_URL` and webpack via `$WDS_SOCKET_PATH`:
 ```sh
 PUBLIC_URL=/absproxy/3000 \
  WDS_SOCKET_PATH=$PUBLIC_URL/sockjs-node \
  BROWSER=none yarn start
 ```
 You should then be able to visit `https://my-code-server-address.io/absproxy/3000` to see your app exposed through
 code-server!
 > We highly recommend using the subdomain approach instead to avoid this class of issue.
--- a/docs/install.md
+++ b/docs/install.md
@@ -2,166 +2,95 @@
 <!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
 # Install
 - [Upgrading](#upgrading)
 - [install.sh](#installsh)
-  - [Detection reference](#detection-reference)
+  - [Flags](#flags)
- [yarn, npm](#yarn-npm)
+  - [Detection Reference](#detection-reference)
 - [Standalone releases](#standalone-releases)
 - [Debian, Ubuntu](#debian-ubuntu)
 - [Fedora, CentOS, RHEL, SUSE](#fedora-centos-rhel-suse)
 - [Arch Linux](#arch-linux)
 - [macOS](#macos)
 - [Docker](#docker)
 - [Helm](#helm)
 - [Raspberry Pi](#raspberry-pi)
 - [Termux](#termux)
- [Cloud providers](#cloud-providers)
+- [Raspberry Pi](#raspberry-pi)
- [Uninstall](#uninstall)
+- [yarn, npm](#yarn-npm)
-  - [install.sh](#installsh-1)
+- [macOS](#macos)
-  - [Homebrew](#homebrew)
+- [Standalone Releases](#standalone-releases)
-  - [yarn, npm](#yarn-npm-1)
+- [Docker](#docker)
-  - [Debian, Ubuntu](#debian-ubuntu-1)
+- [helm](#helm)
 - [Cloud Providers](#cloud-providers)
 <!-- END doctoc generated TOC please keep comment here to allow auto update -->
-This document demonstrates how to install `code-server` on various distros and
+This document demonstrates how to install `code-server` on
-operating systems.
+various distros and operating systems.
 ## Upgrading
 When upgrading you can just install the new version over the old one. code-server
 maintains all user data in `~/.local/share/code-server` so that it is preserved in between
 installations.
 ## install.sh
-The easiest way to install code-server is to use our [install
+We have a [script](../install.sh) to install code-server for Linux, macOS and FreeBSD.
 script](../install.sh) for Linux, macOS and FreeBSD. The install script
 [attempts to use the system package manager](#detection-reference) if possible.
-You can preview what occurs during the install process:
+It tries to use the system package manager if possible.
 First run to print out the install process:
 ```bash
 curl -fsSL https://code-server.dev/install.sh | sh -s -- --dry-run
 ```
-To install, run:
+Now to actually install:
 ```bash
 curl -fsSL https://code-server.dev/install.sh | sh
 ```
-You can modify the installation process by including one or more of the
+The script will print out how to run and start using code-server.
 following flags:
- `--dry-run`: echo the commands for the install process without running them.
+If you believe an install script used with `curl | sh` is insecure, please give
- `--method`: choose the installation method.
+[this wonderful blogpost](https://sandstorm.io/news/2015-09-24-is-curl-bash-insecure-pgp-verified-install) by
-  - `--method=detect`: detect the package manager but fallback to
+[sandstorm.io](https://sandstorm.io) a read.
    `--method=standalone`.
  - `--method=standalone`: install a standalone release archive into `~/.local`.
 - `--prefix=/usr/local`: install a standalone release archive system-wide.
 - `--version=X.X.X`: install version `X.X.X` instead of latest version.
 - `--help`: see usage docs.
-When done, the install script prints out instructions for running and starting
+If you'd still prefer manual installation despite the below [detection reference](#detection-reference) and `--dry-run`
-code-server.
+then continue on for docs on manual installation. The [`install.sh`](../install.sh) script runs the _exact_ same
 commands presented in the rest of this document.
-> If you're concerned about the install script's use of `curl | sh` and the
+### Flags
 > security implications, please see [this blog
 > post](https://sandstorm.io/news/2015-09-24-is-curl-bash-insecure-pgp-verified-install)
 > by [sandstorm.io](https://sandstorm.io).
-If you prefer to install code-server manually, despite the [detection
+- `--dry-run` to echo the commands for the install process without running them.
-references](#detection-reference) and `--dry-run` feature, then continue on for
+- `--method` to choose the installation method.
-information on how to do this. The [`install.sh`](../install.sh) script runs the
+  - `--method=detect` to detect the package manager but fallback to `--method=standalone`.
-_exact_ same commands presented in the rest of this document.
+  - `--method=standalone` to install a standalone release archive into `~/.local`.
 - `--prefix=/usr/local` to install a standalone release archive system wide.
 - `--version=X.X.X` to install version `X.X.X` instead of latest.
 - `--help` to see full usage docs.
-### Detection reference
+### Detection Reference
- For Debian and Ubuntu, code-server will install the latest deb package.
+- For Debian and Ubuntu it will install the latest deb package.
- For Fedora, CentOS, RHEL and openSUSE, code-server will install the latest RPM
+- For Fedora, CentOS, RHEL and openSUSE it will install the latest rpm package.
-  package.
+- For Arch Linux it will install the AUR package.
- For Arch Linux, code-server will install the AUR package.
+- For any unrecognized Linux operating system it will install the latest standalone release into `~/.local`.
 - For any unrecognized Linux operating system, code-server will install the
  latest standalone release into `~/.local`.
-  - Ensure that you add `~/.local/bin` to your `$PATH` to run code-server.
+  - Add `~/.local/bin` to your `$PATH` to run code-server.
- For macOS, code-server will install the Homebrew package (if you don't have
+- For macOS it will install the Homebrew package.
  Homebrew installed, code-server will install the latest standalone release
  into `~/.local`).
-  - Ensure that you add `~/.local/bin` to your `$PATH` to run code-server.
+  - If Homebrew is not installed it will install the latest standalone release into `~/.local`.
  - Add `~/.local/bin` to your `$PATH` to run code-server.
- For FreeBSD, code-server will install the [npm package](#yarn-npm) with `yarn`
+- For FreeBSD, it will install the [npm package](#yarn-npm) with `yarn` or `npm`.
  or `npm`.
- If you're installing code-server onto architecture with no releases,
+- If ran on an architecture with no releases, it will install the [npm package](#yarn-npm) with `yarn` or `npm`.
-  code-server will install the [npm package](#yarn-npm) with `yarn` or `npm`
+  - We only have releases for amd64 and arm64 presently.
-  - We currently offer releases for amd64 and arm64.
+  - The [npm package](#yarn-npm) builds the native modules on postinstall.
  - The [npm package](#yarn-npm) builds the native modules on post-install.
 ## yarn, npm
 We recommend installing with `yarn` or `npm` when:
 1. You aren't using a machine with `amd64` or `arm64`.
 2. You're on Linux with `glibc` < v2.17, `glibcxx` < v3.4.18 on `amd64`, `glibc`
   < v2.23, or `glibcxx` < v3.4.21 on `arm64`.
 3. You're running Alpine Linux or are using a non-glibc libc. See
   [#1430](https://github.com/cdr/code-server/issues/1430#issuecomment-629883198)
   for more information.
 Installing code-server with `yarn` or `npm` builds native modules on install.
 This process requires C dependencies; see our guide on [installing these
 dependencies][./npm.md](./npm.md) for more information.
 You must have Node.js v12 (or later) installed. See
 [#1633](https://github.com/cdr/code-server/issues/1633).
 To install:
 ```bash
 yarn global add code-server
 # Or: npm install -g code-server
 code-server
 # Now visit http://127.0.0.1:8080. Your password is in ~/.config/code-server/config.yaml
 ```
 ## Standalone releases
 We publish self-contained `.tar.gz` archives for every release on
 [GitHub](https://github.com/cdr/code-server/releases). The archives bundle the
 node binary and node modules.
 We create the standalone releases using the [npm package](#yarn-npm), and we
 then create the remaining releases using the standalone version.
 The only requirement to use the standalone release is `glibc` >= 2.17 and
 `glibcxx` >= v3.4.18 on Linux (for macOS, there is no minimum system
 requirement).
 To use a standalone release:
 1. Download the latest release archive for your system from
   [GitHub](https://github.com/cdr/code-server/releases).
 2. Unpack the release.
 3. Run code-server by executing `./bin/code-server`.
 You can add `./bin/code-server` to your `$PATH` so that you can execute
 `code-server` without providing full path each time.
 Here is a sample script for installing and using a standalone code-server
 release on Linux:
 ```bash
 mkdir -p ~/.local/lib ~/.local/bin
 curl -fL https://github.com/cdr/code-server/releases/download/v$VERSION/code-server-$VERSION-linux-amd64.tar.gz \
  | tar -C ~/.local/lib -xz
 mv ~/.local/lib/code-server-$VERSION-linux-amd64 ~/.local/lib/code-server-$VERSION
 ln -s ~/.local/lib/code-server-$VERSION/bin/code-server ~/.local/bin/code-server
 PATH="~/.local/bin:$PATH"
 code-server
 # Now visit http://127.0.0.1:8080. Your password is in ~/.config/code-server/config.yaml
 ```
 ## Debian, Ubuntu
-> The standalone arm64 .deb does not support Ubuntu 16.04 or earlier. Please
+NOTE: The standalone arm64 .deb does not support Ubuntu <16.04.
-> upgrade or [build with yarn](#yarn-npm).
+Please upgrade or [build with yarn](#yarn-npm).
 ```bash
 curl -fOL https://github.com/cdr/code-server/releases/download/v$VERSION/code-server_$VERSION_amd64.deb
@@ -172,8 +101,8 @@ sudo systemctl enable --now code-server@$USER
 ## Fedora, CentOS, RHEL, SUSE
-> The standalone arm64 .rpm does not support CentOS 7. Please upgrade or [build
+NOTE: The standalone arm64 .rpm does not support CentOS 7.
-> with yarn](#yarn-npm).
+Please upgrade or [build with yarn](#yarn-npm).
 ```bash
 curl -fOL https://github.com/cdr/code-server/releases/download/v$VERSION/code-server-$VERSION-amd64.rpm
@@ -185,14 +114,14 @@ sudo systemctl enable --now code-server@$USER
 ## Arch Linux
 ```bash
-# Install code-server from the AUR using yay.
+# Installs code-server from the AUR using yay.
 yay -S code-server
 sudo systemctl enable --now code-server@$USER
 # Now visit http://127.0.0.1:8080. Your password is in ~/.config/code-server/config.yaml
 ```
 ```bash
-# Install code-server from the AUR with plain makepkg.
+# Installs code-server from the AUR with plain makepkg.
 git clone https://aur.archlinux.org/code-server.git
 cd code-server
 makepkg -si
@@ -200,6 +129,34 @@ sudo systemctl enable --now code-server@$USER
 # Now visit http://127.0.0.1:8080. Your password is in ~/.config/code-server/config.yaml
 ```
 ## Termux
 Please see "Installation" in the [Termux docs](./termux.md#installation)
 ## Raspberry Pi
 If you're running a Raspberry Pi, we recommend install code-server with `yarn` or `npm`. See [yarn-npm](#yarn-npm).
 ## yarn, npm
 We recommend installing with `yarn` or `npm` when:
 1. You aren't on `amd64` or `arm64`.
 2. If you're on Linux with glibc < v2.17 or glibcxx < v3.4.18 on amd64, or glibc < v2.23 or glibcxx < v3.4.21 on arm64.
 3. You're running Alpine Linux, or are using a non-glibc libc. See [#1430](https://github.com/cdr/code-server/issues/1430#issuecomment-629883198)
 **note:** Installing via `yarn` or `npm` builds native modules on install and so requires C dependencies.
 See [./npm.md](./npm.md) for installing these dependencies.
 You will need at least node v12 installed. See [#1633](https://github.com/cdr/code-server/issues/1633).
 ```bash
 yarn global add code-server
 # Or: npm install -g code-server
 code-server
 # Now visit http://127.0.0.1:8080. Your password is in ~/.config/code-server/config.yaml
 ```
 ## macOS
 ```bash
@@ -208,6 +165,34 @@ brew services start code-server
 # Now visit http://127.0.0.1:8080. Your password is in ~/.config/code-server/config.yaml
 ```
 ## Standalone Releases
 We publish self contained `.tar.gz` archives for every release on [github](https://github.com/cdr/code-server/releases).
 They bundle the node binary and `node_modules`.
 These are created from the [npm package](#yarn-npm) and the rest of the releases are created from these.
 Only requirement is glibc >= 2.17 && glibcxx >= v3.4.18 on Linux and for macOS there is no minimum system requirement.
 1. Download the latest release archive for your system from [github](https://github.com/cdr/code-server/releases).
 2. Unpack the release.
 3. You can run code-server by executing `./bin/code-server`.
 You can add the code-server `bin` directory to your `$PATH` to easily execute `code-server`
 without the full path every time.
 Here is an example script for installing and using a standalone `code-server` release on Linux:
 ```bash
 mkdir -p ~/.local/lib ~/.local/bin
 curl -fL https://github.com/cdr/code-server/releases/download/v$VERSION/code-server-$VERSION-linux-amd64.tar.gz \
  | tar -C ~/.local/lib -xz
 mv ~/.local/lib/code-server-$VERSION-linux-amd64 ~/.local/lib/code-server-$VERSION
 ln -s ~/.local/lib/code-server-$VERSION/bin/code-server ~/.local/bin/code-server
 PATH="~/.local/bin:$PATH"
 code-server
 # Now visit http://127.0.0.1:8080. Your password is in ~/.config/code-server/config.yaml
 ```
 ## Docker
 ```bash
@@ -228,77 +213,18 @@ docker run -it --name code-server -p 127.0.0.1:8080:8080 \
  codercom/code-server:latest
 ```
-Our official image supports `amd64` and `arm64`. For `arm32` support, you can
+Our official image supports `amd64` and `arm64`.
 use a [community-maintained code-server
 alternative](https://hub.docker.com/r/linuxserver/code-server).
-## Helm
+For `arm32` support there is a popular community maintained alternative:
-You can install code-server via [Helm](https://github.com/cdr/code-server/blob/main/ci/helm-chart/README.md).
+https://hub.docker.com/r/linuxserver/code-server
-## Raspberry Pi
+## helm
-We recommend installing code-server onto Raspberry Pi with [`yarn` or
+See [the chart](../ci/helm-chart).
 `npm`](#yarn-npm).
-## Termux
+## Cloud Providers
-Please see code-server's [Termux docs](./termux.md#installation) for more
+We maintain one-click apps and install scripts for different cloud providers such as DigitalOcean, Railway, Heroku, Azure, etc. Check out the repository:
 information.
-## Cloud providers
+https://github.com/cdr/deploy-code-server
 We maintain [one-click apps and install scripts for cloud
 providers](https://github.com/cdr/deploy-code-server) such as DigitalOcean,
 Railway, Heroku, and Azure.
 ## Uninstall
 code-server can be completely uninstalled by removing the application directory, and your user configuration directory.
 To delete settings and data:
 ```shell
 rm -rf ~/.local/share/code-server ~/.config/code-server
 ```
 ### install.sh
 If you installed with the install script, by default code-server will be in `~/.local/lib/code-server-<version>` and you can remove it with `rm -rf`. e.g.
 ```shell
 rm -rf ~/.local/lib/code-server-*
 ```
 ### Homebrew
 To remove the code-server homebrew package, run:
 ```shell
 brew remove code-server
 # Alternatively
 brew uninstall code-server
 ```
 ### yarn, npm
 To remove the code-server global module, run:
 ```shell
 yarn global remove code-server
 ```
 or
 ```shell
 npm uninstall -g code-server
 ```
 ### Debian, Ubuntu
 To uninstall, run:
 ```shell
 sudo apt remove code-server
 ```
--- a/docs/ipad.md
+++ b/docs/ipad.md
@@ -2,39 +2,52 @@
 <!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
 # iPad
- [Using the code-server progressive web app (PWA)](#using-the-code-server-progressive-web-app-pwa)
+- [Known Issues](#known-issues)
- [Access code-server with a self-signed certificate on an iPad](#access-code-server-with-a-self-signed-certificate-on-an-ipad)
+- [How to install PWA](#how-to-install-pwa)
-  - [Certificate requirements](#certificate-requirements)
+- [How to access code-server with a self signed certificate on iPad?](#how-to-access-code-server-with-a-self-signed-certificate-on-ipad)
-  - [Sharing a self-signed certificate with an iPad](#sharing-a-self-signed-certificate-with-an-ipad)
+  - [Servediter iPad App](#servediter-ipad-app)
- [Access code-server using Servediter](#access-code-server-using-servediter)
+- [Raspberry Pi USB-C Network](#raspberry-pi-usb-c-network)
- [Raspberry Pi USB-C network](#raspberry-pi-usb-c-network)
+- [Ctrl C Workaround](#ctrl-c-workaround)
 - [Recommendations](#recommendations)
- [Known issues](#known-issues)
+- [By 2022 iPad coding more desirable on Arm Macs](#by-2022-ipad-coding-more-desirable-on-arm-macs)
  - [Workaround for issue with `ctrl+c` not stopping a running process in the terminal](#workaround-for-issue-with-ctrlc-not-stopping-a-running-process-in-the-terminal)
 <!-- END doctoc generated TOC please keep comment here to allow auto update -->
-Once you've installed code-server, you can access it from an iPad.
+## Known Issues
-## Using the code-server progressive web app (PWA)
+- Getting self signed certificates certificates to work is involved, see below.
 - Keyboard issues
  - May disappear sometimes [#1313](https://github.com/cdr/code-server/issues/1313), [#979](https://github.com/cdr/code-server/issues/979)
  - Some short cuts expectations may not be met
    - `command + n` opens new browser window instead of new file and difficult to even set to another quick key
    - In general it's just note worthy you most likely will need to edit keyboard shortcuts
  - No escape key by default on Magic Keyboard but everyone sets the globe key to be an escape key
    - Opinion: It's actually an awesome joy having the escape key at bottom of keyboard
 - Trackpad scrolling does not work [#1455](https://github.com/cdr/code-server/issues/1455)
  - [Bug tracking of a WebKit fix here](https://bugs.webkit.org/show_bug.cgi?id=210071#c13)
  - [tracking of WebKit patch](https://trac.webkit.org/changeset/270712/webkit)
  - Alternative: Install line-jump extension and use keyboard to nav by jumping large amount of lines
  - Alternative: Just use touch scrolling
 - See [issues tagged with the iPad label](https://github.com/cdr/code-server/issues?q=is%3Aopen+is%3Aissue+label%3AiPad) for more.
 - `ctrl+c` does not stop a long-running process in the browser
  - Tracking upstream issue here: [#114009](https://github.com/microsoft/vscode/issues/114009)
  - See [workaround](#ctrl-c-workaround)
-To use code-server on an iPad, we recommend installing the code-server
+## How to install PWA
 progressive web app (PWA):
-1. Open code-server in Safari.
+To install the code-server PWA, follow these steps:
 2. Click the **Share** icon.
 3. Click **Add to Home Screen**.
-You can now open code-server from the Home screen, and when you do, you'll be
+1. Open code-server in Safari
-using the PWA. Running code-server as a PWA gets you more screen real estate and
+2. Click the Share icon
-access to top-level keyboard shortcuts since its running like a native app.
+3. Click "Add to Home Screen"
-For example, you can use `cmd+w` to close an active file in the workbench. You
+Now when you open code-server from the home screen, you will be using the PWA.
-can add this to `keybindings.json`:
+The advantages of this are more screen real estate and access to top-level keyboard shortcuts because it's running like an app.
 An example shortcut is the `cmd+w` to close an active file in the workbench. You can add this to your `keybindings.json` by doing the following:
-1. Open code-server
+1. Open up code-serer
-2. Go to **Command Palette** > **Open Keyboard Shortcuts (JSON)**
+2. `Command Palette > Open Keyboard Shortcuts (JSON)`
-3. Add the following to `keybindings.json`
+3. Add the following to your `keybindings.json`
 ```json
 {
@@ -43,149 +56,78 @@ can add this to `keybindings.json`:
 }
 ```
-4. Test the command by using `cmd+w` to close an active file.
+Test out command by hitting `cmd+w` to close an active file
-## Access code-server with a self-signed certificate on an iPad
+## How to access code-server with a self signed certificate on iPad?
-If you've installed code-server and are [running it with a self-signed
+Accessing a self signed certificate on iPad isn't as easy as accepting through all
-certificate](./guide.md#using-a-self-signed-certificate), you may see multiple
+the security warnings. Safari will prevent WebSocket connections unless the certificate
-security warnings from Safari. To fix this, you'll need to install the
+is installed as a profile on the device.
 self-signed certificate generated by code-server as a profile on your device (you'll also need to do this to
 enable WebSocket connections).
-### Certificate requirements
+The below assumes you are using the self signed certificate that code-server
 generates for you. If not, that's fine but you'll have to make sure your certificate
 abides by the following guidelines from Apple: https://support.apple.com/en-us/HT210176
- We're assuming that you're using the self-signed certificate code-server
+**note**: Another undocumented requirement we noticed is that the certificate has to have `basicConstraints=CA:true`.
  generates for you (if not, make sure that your certificate [abides by the
  guidelines issued by Apple](https://support.apple.com/en-us/HT210176)).
 - We've noticed that the certificate has to include `basicConstraints=CA:true`.
 - Your certificate must have a subject alt name that matches the hostname you'll
  use to access code-server from the iPad. You can pass this name to code-server
  so that it generates the certificate correctly using `--cert-host`.
-### Sharing a self-signed certificate with an iPad
+The following instructions assume you have code-server installed and running
 with a self signed certificate. If not, please first go through [./guide.md](./guide.md)!
-To share a self-signed certificate with an iPad:
+**warning**: Your iPad must access code-server via a domain name. It could be local
 DNS like `mymacbookpro.local` but it must be a domain name. Otherwise Safari will
 refuse to allow WebSockets to connect.
-1. Get the location of the certificate code-server generated; code-server prints
+1. Your certificate **must** have a subject alt name that matches the hostname
-   the certificate's location in its logs:
+   at which you will access code-server from your iPad. You can pass this to code-server
   so that it generates the certificate correctly with `--cert-host`.
 2. Share your self signed certificate with the iPad.
   - code-server will print the location of the certificate it has generated in the logs.
-   ```console
+```
 [2020-10-30T08:55:45.139Z] info    - Using generated certificate and key for HTTPS: ~/.local/share/code-server/mymbp_local.crt
 ```
-2. Send the certificate to the iPad, either by emailing it to yourself or using
+- You can mail it to yourself or if you have a Mac, it's easiest to just Airdrop to the iPad.
   Apple's Airdrop feature.
-3. Open the `*.crt` file so that you're prompted to go into Settings to install.
+3. When opening the `*.crt` file, you'll be prompted to go into settings to install.
 4. Go to `Settings -> General -> Profile`, select the profile and then hit `Install`.
   - It should say the profile is verified.
 5. Go to `Settings -> About -> Certificate Trust Settings` and enable full trust for
   the certificate. [more apple support here](https://support.apple.com/en-us/HT204477)
 6. Now you can access code-server! 🍻
-4. Go to **Settings** > **General** > **Profile**, and select the profile. Tap **Install**.
+### Servediter iPad App
-5. Go to **Settings** > **About** > **Certificate Trust Settings** and [enable
+If you are unable to get the self signed certificate working or you do not have a domain
-   full trust for your certificate](https://support.apple.com/en-us/HT204477).
+name to use, you can use the Servediter iPad App instead!
-You should be able to access code-server without all of Safari's warnings now.
+**note**: This is not an officially supported app by the code-server team!
-**warning**: Your iPad must access code-server via a domain name. It could be local
+Download [Serveediter](https://apps.apple.com/us/app/servediter-for-code-server/id1504491325) from the
-DNS like `mymacbookpro.local`, but it must be a domain name. Otherwise, Safari will
+App Store and then input your server information. If you are running a local server or mabye a usb-c
-not allow WebSockets connections.
+connected Raspberry Pi, you will input your settings into "Self Hosted Server".
-## Access code-server using Servediter
+## Raspberry Pi USB-C Network
-If you are unable to get the self-signed certificate working, or you do not have a domain
+It is a bit out of scope for this project, however, great success is being reported using iPad on the go with just a single USB-C cable connected to a Raspberry Pi both powering and supplying direct network access. Many support articles already exist but the key steps boil down to turning on Network over USB-C on the Raspberry Pi itself and the rest of the steps are just like getting Code Server running any where else.
 name to use, you can use [Servediter for code-server](https://apps.apple.com/us/app/servediter-for-code-server/id1504491325).
-> Servediter for code-server is **not** officially supported by the code-server team!
+Resources worthy of review:
-To use Servediter:
+- [General intro to Pi as an iPad accessory](https://www.youtube.com/watch?v=IR6sDcKo3V8)
 1. Download the app from the App Store.
 2. When prompted, provide your server information. If you are running a local
   server or a [Raspberry Pi connected via USB-C](#raspberry-pi-usb-c-network), you will input your settings
   into **Self Hosted Server**.
 ## Raspberry Pi USB-C network
 We've heard of users having great success using code-server on an iPad connected
 to a Raspberry Pi via USB-C (the Raspberry Pi provides both power and direct
 network access). Setting this up requires you to turn on **Network over USB-C**
 on the Raspberry Pi, then continuing with code-server as usual on the iPad.
 For more information, see:
 - [General introduction to Pi as an iPad
  accessory](https://www.youtube.com/watch?v=IR6sDcKo3V8)
 - [iPad with Pi FAQ](https://www.youtube.com/watch?v=SPSlyqo5Q2Q)
- [Technical guide to connecting a Raspberry Pi to an
+- [Technical guide to perform the steps](https://www.geeky-gadgets.com/connect-a-raspberry-pi-4-to-an-ipad-pro-21-01-2020/)
  iPad](https://www.geeky-gadgets.com/connect-a-raspberry-pi-4-to-an-ipad-pro-21-01-2020/)
-You may also find the following tips from [Acker
+> Here are my keys to success. I bought a 4" touch screen with fan included that attaches as a case to the Pi. I use the touch screen for anytime I have connection issues, otherwise I turn off the Pi screen. I gave my Pi a network name so I can easily connect at home on wifi or when on go with 1 usb-c cable that supplys both power and network connectivity. Lastly, not all usb-c cables are equal and not all will work so try different usb-c cables if you are going mad (confirm over wifi first then move to cable).
-Apple](http://github.com/ackerapple/) helpful:
+>
 > -- <cite>[Acker Apple](http://github.com/ackerapple/)</cite>
-> Here are my keys to success. I bought a 4" touch screen with fan included that
+## Ctrl C Workaround
 > attaches as a case to the Pi. I use the touch screen for anytime I have
 > connection issues, otherwise I turn off the Pi screen. I gave my Pi a network
 > name so I can easily connect at home on wifi or when on go with 1 usb-c cable
 > that supplys both power and network connectivity. Lastly, not all usb-c cables
 > are equal and not all will work so try different usb-c cables if you are going
 > mad (confirm over wifi first then move to cable).
-## Recommendations
+There is currently an issue with `ctrl+c` not stopping a running process in the integrated terminal. We have filed an issue upstream and are tracking [here](https://github.com/microsoft/vscode/issues/114009). As a temporary workaround, it works if you manually define the shortcut like so:
-Once you can access code-server on your iPad, you may find the following tips
+1. Open Command Palette
-and tricks helpful:
+2. Look for "Preferences: Open Keyboard Shortcuts (JSON)"
-
+3. Add this:
 - Use multi-task mode to make code changes and see the browser at the same time
  - This prevents the iOS background from dropping an app's state if you are
    switching between code-server and browser (with both in full-screen)
 - Be sure you are using the debug/terminal that is built into VS Code so that
  you don’t need another terminal app running
  - This also prevents switching between full screen apps and losing your view
    due to iOS' background app memory management
 ## Known issues
 - Getting self-signed certificates to work [is an involved
  process](#access-code-server-with-a-self-signed-certificate-on-an-ipad)
 - Keyboard issues:
  - The keyboard disappear sometimes
    [#1313](https://github.com/cdr/code-server/issues/1313),
    [#979](https://github.com/cdr/code-server/issues/979)
  - Some expectations regarding shortcuts may not be met:
    - `cmd + n` opens new browser window instead of new file, and it's difficult
      to set alternative as a workaround
    - In general, expect to edit your keyboard shortcuts
  - There's no escape key by default on the Magic Keyboard, so most users set
    the globe key to be an escape key
 - Trackpad scrolling does not work
  ([#1455](https://github.com/cdr/code-server/issues/1455))
  - Bug tracking of a WebKit fix
    [here](https://bugs.webkit.org/show_bug.cgi?id=210071#c13)
  - Tracking of [WebKit patch](https://trac.webkit.org/changeset/270712/webkit)
  - Alternatives:
    - Install line-jump extension and use keyboard to navigate by jumping large
      amount of lines
    - Use touch scrolling
 - `ctrl+c` does not stop a long-running process in the browser
  - Tracking upstream issue here:
    [#114009](https://github.com/microsoft/vscode/issues/114009)
  - See [workaround](#ctrl-c-workaround)
 Additionally, see [issues in the code-server repo that are tagged with the iPad
 label](https://github.com/cdr/code-server/issues?q=is%3Aopen+is%3Aissue+label%3AiPad)
 for more information.
 ### Workaround for issue with `ctrl+c` not stopping a running process in the terminal
 This's currently an issue with `ctrl+c` not stopping a running process in the
 integrated terminal. We have filed an issue upstream and are tracking
 [here](https://github.com/microsoft/vscode/issues/114009).
 In the meantime, you can manually define a shortcut as a workaround:
 1. Open the Command Palette
 2. Look for **Preferences: Open Keyboard Shortcuts (JSON)**
 3. Add the following snippet:
 ```json
 {
@@ -198,4 +140,24 @@ In the meantime, you can manually define a shortcut as a workaround:
 }
 ```
-_Source: [StackOverflow](https://stackoverflow.com/a/52735954/3015595)_
+Source: [StackOverflow](https://stackoverflow.com/a/52735954/3015595)
 ## Recommendations
 Once you have code-server accessible to your iPad a few things could help save you time:
 - Use multi task mode to make code changes and see browser at the same time
  - Prevents iOs background dropping an App's state if you are full screen switching between code-server and browser
 - Be sure you are using the debug/terminal that is built into VS Code so that you don’t need another terminal app running
  - Again, prevents switching between full screen app and losing your view to iOs background app memory management
 - You should be of a mindset willing to deal and adapt with differences in having an imperfect experience, for the perceived joyful benefits of interacting with your computer in more intuitive ways
 ## By 2022 iPad coding more desirable on Arm Macs
 > This section is generalized opinions intended to inform fellow Apple product consumers of perceived over time changes coming down the line
 The general feeling from overall Apple movements recently, is that the Mac arm processors are in fact helping support the direction of having Macs with touch screens. Many great YouTube videos of interest call out highly suggestive evidence. In the past Apple has hard declared reasons of body fatigue and such as why not to encourage nor further developments on the iPad touch experience mixed with a keyboard/mouse/trackpad. Regardless, products and software have been released further supporting just that very experience.
 The iPad coding experience has been a joy for some of us that are willing to trade an imperfect experience for a uniquely effective focus driven experience. Note worthy, some of us think it's a trashy waste of time. This experience is undoubtably going to get better just by the work that can be seen by all parties, even in our own code-server attempt to make it better.
 Lastly, it is note worthy that if you have decided to incorporate a Raspberry Pi into you iPad coding experience, they are Arm processors. You are perfectly lined up with the future of Macs as well.
--- a/docs/manifest.json
+++ b/docs/manifest.json
@@ -1,88 +0,0 @@
 {
  "versions": ["v3.11.1", "v3.11.0"],
  "routes": [
    {
      "title": "Home",
      "description": "Learn how to install and run code-server.",
      "path": "./README.md",
      "icon": "<svg xmlns=\"http://www.w3.org/2000/svg\" xmlns:xlink=\"http://www.w3.org/1999/xlink\" version=\"1.1\" viewBox=\"0 0 16 16\" width=\"16px\" xml:space=\"preserve\"><path d=\"M15.45,7L14,5.551V2c0-0.55-0.45-1-1-1h-1c-0.55,0-1,0.45-1,1v0.553L9,0.555C8.727,0.297,8.477,0,8,0S7.273,0.297,7,0.555  L0.55,7C0.238,7.325,0,7.562,0,8c0,0.563,0.432,1,1,1h1v6c0,0.55,0.45,1,1,1h3v-5c0-0.55,0.45-1,1-1h2c0.55,0,1,0.45,1,1v5h3  c0.55,0,1-0.45,1-1V9h1c0.568,0,1-0.437,1-1C16,7.562,15.762,7.325,15.45,7z\"></path></svg>"
    },
    {
      "title": "Requirements",
      "description": "Learn about what you need to run code-server.",
      "icon": "<svg width=\"20\" height=\"20\" viewBox=\"0 0 20 20\" fill=\"none\" xmlns=\"http://www.w3.org/2000/svg\"><path d=\"M6 2V11H2V15C2 16.7 3.3 18 5 18H15C16.7 18 18 16.7 18 15V2H6ZM16 15C16 15.6 15.6 16 15 16H8V4H16V15Z\" /><path d=\"M14 7H10V9H14V7Z\" /><path d=\"M14 11H10V13H14V11Z\" /></svg>",
      "path": "./requirements.md"
    },
    {
      "title": "Install",
      "description": "How to install code-server.",
      "icon": "<svg class=\"MuiSvgIcon-root jss172\" focusable=\"false\" viewBox=\"0 0 24 24\" aria-hidden=\"true\"><path d=\"M22.7 19l-9.1-9.1c.9-2.3.4-5-1.5-6.9-2-2-5-2.4-7.4-1.3L9 6 6 9 1.6 4.7C.4 7.1.9 10.1 2.9 12.1c1.9 1.9 4.6 2.4 6.9 1.5l9.1 9.1c.4.4 1 .4 1.4 0l2.3-2.3c.5-.4.5-1.1.1-1.4z\"></path></svg>",
      "path": "./install.md",
      "children": [
        {
          "title": "npm",
          "description": "How to install code-server using npm or yarn",
          "path": "./npm.md"
        }
      ]
    },
    {
      "title": "Usage",
      "description": "How to set up and use code-server.",
      "icon": "<svg viewBox=\"0 0 16 16\" xmlns=\"http://www.w3.org/2000/svg\"><path d=\"M4 6H2v14c0 1.1.9 2 2 2h14v-2H4V6zm16-4H8c-1.1 0-2 .9-2 2v12c0 1.1.9 2 2 2h12c1.1 0 2-.9 2-2V4c0-1.1-.9-2-2-2zm0 10l-2.5-1.5L15 12V4h5v8z\"></path></svg>",
      "path": "./guide.md",
      "children": [
        {
          "title": "iPad",
          "description": "How to access your code-server installation using an iPad.",
          "path": "./ipad.md"
        },
        {
          "title": "Termux",
          "description": "How to install Termux to run code-server on an Android device.",
          "path": "./termux.md"
        }
      ]
    },
    {
      "title": "Upgrade",
      "description": "How to upgrade code-server.",
      "icon": "<svg width=\"20\" height=\"20\" viewBox=\"0 0 20 20\" fill=\"none\" xmlns=\"http://www.w3.org/2000/svg\"><path d=\"M17.8049 2.19795C17.7385 2.1311 17.6587 2.07899 17.5708 2.04504C17.4829 2.01108 17.3889 1.99604 17.2948 2.00089C7.89216 2.49153 4.4188 10.8673 4.38528 10.9517C4.33624 11.0736 4.32406 11.2071 4.35028 11.3358C4.3765 11.4645 4.43995 11.5827 4.53274 11.6756L8.32449 15.4674C8.41787 15.5606 8.53669 15.6242 8.66606 15.6502C8.79543 15.6762 8.92959 15.6634 9.05174 15.6135C9.13552 15.5793 17.4664 12.0671 17.9986 2.7087C18.0039 2.61474 17.9895 2.5207 17.9561 2.4327C17.9227 2.3447 17.8712 2.26471 17.8049 2.19795ZM12.3314 9.56427C12.1439 9.75179 11.9051 9.87951 11.645 9.93126C11.385 9.98302 11.1154 9.9565 10.8704 9.85505C10.6254 9.7536 10.4161 9.58178 10.2687 9.36131C10.1214 9.14085 10.0428 8.88166 10.0428 8.6165C10.0428 8.35135 10.1214 8.09215 10.2687 7.87169C10.4161 7.65123 10.6254 7.47941 10.8704 7.37796C11.1154 7.27651 11.385 7.24998 11.645 7.30174C11.9051 7.3535 12.1439 7.48121 12.3314 7.66873C12.5827 7.92012 12.7239 8.26104 12.7239 8.6165C12.7239 8.97197 12.5827 9.31288 12.3314 9.56427Z\"/><path d=\"M2.74602 14.5444C2.92281 14.3664 3.133 14.2251 3.36454 14.1285C3.59608 14.0319 3.8444 13.9819 4.09529 13.9815C4.34617 13.9811 4.59466 14.0302 4.82653 14.126C5.05839 14.2218 5.26907 14.3624 5.44647 14.5398C5.62386 14.7172 5.7645 14.9279 5.86031 15.1598C5.95612 15.3916 6.00522 15.6401 6.00479 15.891C6.00437 16.1419 5.95442 16.3902 5.85782 16.6218C5.76122 16.8533 5.61987 17.0635 5.44186 17.2403C4.69719 17.985 2 18.0004 2 18.0004C2 18.0004 2 15.2884 2.74602 14.5444Z\"/><path d=\"M8.9416 3.48269C7.99688 3.31826 7.02645 3.38371 6.11237 3.67352C5.19828 3.96332 4.36741 4.46894 3.68999 5.14765C3.33153 5.50944 3.01988 5.91477 2.76233 6.35415C2.68692 6.4822 2.6562 6.63169 2.67501 6.77911C2.69381 6.92652 2.76108 7.06351 2.86623 7.16853L4.1994 8.50238C5.43822 6.53634 7.04911 4.83119 8.9416 3.48269Z\"/><path d=\"M16.5181 11.0585C16.6825 12.0033 16.6171 12.9737 16.3273 13.8878C16.0375 14.8019 15.5318 15.6327 14.8531 16.3101C14.4914 16.6686 14.086 16.9803 13.6466 17.2378C13.5186 17.3132 13.3691 17.3439 13.2217 17.3251C13.0743 17.3063 12.9373 17.2391 12.8323 17.1339L11.4984 15.8007C13.4645 14.5619 15.1696 12.951 16.5181 11.0585Z\"/></svg>",
      "path": "./upgrade.md"
    },
    {
      "title": "FAQ",
      "description": "Frequently asked questions on installing and running code-server.",
      "icon": "<svg width=\"20\" height=\"20\" viewBox=\"0 0 20 20\" xmlns=\"http://www.w3.org/2000/svg\"><path d=\"M10.0001 18.3333C14.6025 18.3333 18.3334 14.6024 18.3334 10C18.3334 5.39762 14.6025 1.66666 10.0001 1.66666C5.39771 1.66666 1.66675 5.39762 1.66675 10C1.66675 14.6024 5.39771 18.3333 10.0001 18.3333Z\" stroke=\"currentColor\" fill=\"none\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\"/><path d=\"M7.57495 7.5C7.77087 6.94306 8.15758 6.47342 8.66658 6.17428C9.17558 5.87513 9.77403 5.76578 10.3559 5.86559C10.9378 5.96541 11.4656 6.26794 11.8458 6.71961C12.2261 7.17128 12.4342 7.74294 12.4333 8.33333C12.4333 10 9.93328 10.8333 9.93328 10.8333\" stroke=\"currentColor\" fill=\"none\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\"/><path d=\"M10 14.1667H10.0083\" stroke=\"currentColor\" fill=\"none\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\"/></svg>",
      "path": "./FAQ.md"
    },
    {
      "title": "Contributing",
      "description": "How to contribute to code-server.",
      "icon": "<svg width=\"20\" height=\"20\" fill=\"none\" viewBox=\"0 0 20 20\" xmlns=\"http://www.w3.org/2000/svg\"><path d=\"M5 2.5V12.5\" stroke=\"currentColor\" fill=\"none\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\"/><path d=\"M15 7.5C16.3807 7.5 17.5 6.38071 17.5 5C17.5 3.61929 16.3807 2.5 15 2.5C13.6193 2.5 12.5 3.61929 12.5 5C12.5 6.38071 13.6193 7.5 15 7.5Z\" stroke=\"currentColor\" fill=\"none\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\"/><path d=\"M5 17.5C6.38071 17.5 7.5 16.3807 7.5 15C7.5 13.6193 6.38071 12.5 5 12.5C3.61929 12.5 2.5 13.6193 2.5 15C2.5 16.3807 3.61929 17.5 5 17.5Z\" stroke=\"currentColor\" fill=\"none\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\"/><path d=\"M15 7.5C15 9.48912 14.2098 11.3968 12.8033 12.8033C11.3968 14.2098 9.48912 15 7.5 15\" stroke=\"currentColor\" fill=\"none\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\"/></svg>",
      "path": "./CONTRIBUTING.md",
      "children": [
        {
          "title": "Code of conduct",
          "description": "Coder expects contributors to code-server to behave in a manner that creates an open and welcoming environment.",
          "path": "./CODE_OF_CONDUCT.md"
        },
        {
          "title": "Maintenance",
          "description": "Learn about the workflow followed by code-server's maintainers.",
          "path": "./MAINTAINING.md"
        },
        {
          "title": "Triage",
          "description": "How the maintainers triage issues with code-server.",
          "path": "./triage.md"
        },
        {
          "title": "Security",
          "description": "Learn about the tools used to detect vulnerabilities in code-server, and how you can report vulnerabilities.",
          "path": "./SECURITY.md"
        }
      ]
    }
  ]
 }
--- a/docs/npm.md
+++ b/docs/npm.md
@@ -2,28 +2,23 @@
 <!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
 # npm Install Requirements
 - [Node.js version](#nodejs-version)
 - [Ubuntu, Debian](#ubuntu-debian)
 - [Fedora, CentOS, RHEL](#fedora-centos-rhel)
 - [Alpine](#alpine)
 - [macOS](#macos)
 - [FreeBSD](#freebsd)
 - [Issues with Node.js after version upgrades](#issues-with-nodejs-after-version-upgrades)
 <!-- END doctoc generated TOC please keep comment here to allow auto update -->
-If you're installing code-server via `npm`, you'll need to install additional
+If you're installing the npm module you'll need certain dependencies to build the native modules used by VS Code.
 dependencies required to build the native modules used by VS Code. This article
 includes installing instructions based on your operating system.
-## Node.js version
+- Node.js: version `>= 12`, `<= 14`
-We use the same major version of Node.js shipped with VSCode's Electron,
+_Note: the Node.js version requirements are based on the VS Code Node.js requirements. See [here](https://github.com/microsoft/vscode/wiki/How-to-Contribute#prerequisites)._
 which is currently `14.x`. VS Code also [lists Node.js
 requirements](https://github.com/microsoft/vscode/wiki/How-to-Contribute#prerequisites).
-Using other versions of Node.js [may lead to unexpected
+Related:
-behavior](https://github.com/cdr/code-server/issues/1633).
+
 - [#1633](https://github.com/cdr/code-server/issues/1633)
 ## Ubuntu, Debian
@@ -60,25 +55,6 @@ xcode-select --install
 ## FreeBSD
 ```sh
-pkg install -y git python npm-node14 yarn-node14 pkgconf
+pkg install -y git python npm-node12 yarn-node12 pkgconf
 pkg install -y libinotify
 ```
 ## Issues with Node.js after version upgrades
 Occasionally, you may run into issues with Node.js.
 If you install code-server using `yarn` or `npm`, and you upgrade your Node.js
 version, you may need to reinstall code-server to recompile native modules.
 Sometimes, you can get around this by navigating into code-server's `lib/vscode`
 directory and running `npm rebuild` to recompile the modules.
 A step-by-step example of how you might do this is:
 1. Install code-server: `brew install code-server`
 2. Navigate into the directory: `cd /usr/local/Cellar/code-server/<version>/libexec/lib/vscode/`
 3. Recompile the native modules: `npm rebuild`
 4. Restart code-server
 If you need further assistance, post on our [GitHub Discussions
 page](https://github.com/cdr/code-server/discussions).
--- a/docs/requirements.md
+++ b/docs/requirements.md
@@ -1,55 +0,0 @@
 # Requirements
 You'll need a machine on which you can run code-server. You can use a physical
 machine you have, or you can use a VM on GCP/AWS.
 At the minimum, we recommend:
 - 1 GB of RAM
 - 2 CPU cores
 You can use any Linux distribution, but [our
 docs](https://coder.com/docs/code-server/v3.11.1/guide) assume that you're using
 Debian hosted by Google Cloud (see the following section for instructions on
 setting this up).
 Your environment must have WebSockets enabled, since code-server uses WebSockets
 for communication between the browser and the server.
 ## Set up a VM on Google Cloud
 The following steps walk you through setting up a VM running Debian using Google
 Cloud (though you are welcome to use any machine or VM provider).
 If you're [signing up with Google](https://console.cloud.google.com/getting-started) for the first time, you should get a 12-month trial with
 $300 of credits.
 After you sign up and create a new Google Cloud Provider (GCP) project, create a
 new Compute Engine VM instance:
 1. Using the sidebar, navigate to **Compute Engine** > **VM Instances**.
 2. Click **Create Instance**.
 3. Provide a **name** for new instance.
 4. Choose the **region** that's closest to you based on [GCP
   ping](https://gcping.com/).
 5. Choose a **zone** (any option is fine).
 6. We recommend choose an **E2 series instance** from the [general-purpose
   family](https://cloud.google.com/compute/docs/machine-types#general_purpose).
 7. Change the instance type to **custom** and set at least **2 cores** and **2
   GB of RAM**. You can add more resources if desired, though you can also edit
   your instance at a later point.
 8. Though optional, we highly recommend switching the persistent disk to an SSD
   with at least 32 GB. To do so, click **change** under **Boot Disk**. Then,
   change the type to **SSD Persistent Disk**, and set the size to **32**. (You
   can also grow your disk at a later date).
 9. Go to **Networking** > **Networking Interfaces** and edit the existing
   interface to use a static internal IP. Click **Done** to save.
 10. If you don't have a [project-wide SSH
    key](https://cloud.google.com/compute/docs/instances/adding-removing-ssh-keys#project-wide),
    go to **Security** > **SSH Keys** to add your public key.
 11. Click **Create** to proceed.
 Notes:
 - To lower costs, you can shut down your server when you're not using it.
 - We recommend using the `gcloud cli` to avoid using the GCP Dashboard if possible.
--- a/docs/termux.md
+++ b/docs/termux.md
@@ -2,70 +2,60 @@
 <!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
 # Termux
- [Install](#install)
+- [Termux](#termux)
- [Upgrade](#upgrade)
+  - [Installation](#installation)
  - [Upgrading](#upgrading)
  - [Known Issues](#known-issues)
-  - [Search doesn't work](#search-doesnt-work)
+    - [Search issue](#search-issue)
-  - [Backspace doesn't work](#backspace-doesnt-work)
+    - [Backspace not working](#backspace-not-working)
 <!-- END doctoc generated TOC please keep comment here to allow auto update -->
-Termux is a terminal application and Linux environment that you can also use to
+# Termux
 run code-server from your Android phone.
-## Install
+Termux is an Android terminal application and Linux environment, which can also run code-server from your phone.
-1. Install Termux from [F-Droid](https://f-droid.org/en/packages/com.termux/).
+## Installation
 1. Make sure it's up-to-date: `apt update && apt upgrade`
 1. Install required packages: `apt install build-essential python git nodejs yarn`
 1. Install code-server: `yarn global add code-server`
 1. Run code-server: `code-server` and navigate to localhost:8080 in your browser
-## Upgrade
+1. Install Termux from [F-Droid](https://f-droid.org/en/packages/com.termux/)
 2. Make sure it's up-to-date by running `apt update && apt upgrade`
 3. Install required packages: `apt install build-essential python git nodejs yarn`
 4. Install code-server: `yarn global add code-server`
 5. Run code-server: `code-server` and navigate to localhost:8080 in your browser
 ## Upgrading
 To upgrade run: `yarn global upgrade code-server --latest`
 ## Known Issues
-The following details known issues and suggested workarounds for using
+### Search issue
 code-server with Termux.
-### Search doesn't work
+There is a known issue with search not working on Android because it's missing `bin/rg`. To fix:
 There is a known issue with search not working on Android because it's missing
 `bin/rg` ([context](https://github.com/cdr/code-server/issues/1730#issuecomment-721515979)). To fix this:
 1. Install `ripgrep` with `pkg`
   ```sh
   pkg install ripgrep
   ```
-
+2. Make a soft link using `ln -s`
 1. Make a soft link using `ln -s`
 ```sh
 # run this command inside the code-server directory
 ln -s $PREFIX/bin/rg ./lib/vscode/node_modules/vscode-ripgrep/bin/rg
 ```
-### Backspace doesn't work
+For more context, see [comment](https://github.com/cdr/code-server/issues/1730#issuecomment-721515979).
-When using Android's on-screen keyboard, the backspace key doesn't work
+### Backspace not working
 properly. This is a known upstream issue:
- [Issues with backspace in Codespaces on Android (Surface Duo)](https://github.com/microsoft/vscode/issues/107602)
+There is a known issue with the backspace key not working correctly when using the on-screen keyboard on Android. This is due to an upstream issue. Read more:
 - [Issues with Backspace in Codespaces on Android (Surface Duo)](https://github.com/microsoft/vscode/issues/107602)
 - [Support mobile platforms](https://github.com/xtermjs/xterm.js/issues/1101)
-There are two workarounds.
+Workaround: use a Bluetooth keyboard.
-**Option 1:** Modify keyboard dispatch settings
+For more context, see issues:
-1. Open the Command Palette
+- [500 error: 3.9.2 not working on Android + Termux](https://github.com/cdr/code-server/issues/3036)
-2. Search for **Preferences: Open Settings (JSON)**
+- [Document Android backspace issue](https://github.com/cdr/code-server/issues/3079)
 3. Add `"keyboard.dispatch": "keyCode"`
 The backspace button should work at this point.
 _Thanks to @Nefomemes for the [suggestion](https://github.com/cdr/code-server/issues/1141#issuecomment-789463707)!_
 **Option 2:** Use a Bluetooth keyboard.
--- a/docs/triage.md
+++ b/docs/triage.md
@@ -1,35 +1,37 @@
 # Triage
 ## Filter
 Triaging code-server issues is done with the following issue filter:
-```text
+```
 is:issue is:open no:project sort:created-asc -label:blocked -label:upstream -label:waiting-for-info -label:extension-request
 ```
 This will show issues that:
 1. Are open.
-1. Have no assigned project.
+2. Have no assigned project.
-1. Are not `blocked` or tagged for work by `upstream` (the VS Code core team).
+3. Are not `blocked` or tagged for work by `upstream` (VS Code core team)
-   If an upstream issue is detrimental to the code-server experience we may fix
+   - If an upstream issue is detrimental to the code-server experience we may fix it in
-   it in our patch instead of waiting for the VS Code team to fix it. Someone
+     our patch instead of waiting for the VS Code team to fix it.
-   should periodically go through these issues to see if they can be unblocked!
+   - Someone should periodically go through these issues to see if they can be unblocked
-1. Are not labeled `waiting-for-info`.
+     though!
-1. Are not extension requests.
+4. Are not in `waiting-for-info`.
 5. Are not extension requests.
-## Triage process
+## Process
-1. If an issue is a question/discussion, it should be converted into a GitHub
+1. If an issue is a question/discussion it should be converted into a GitHub discussion.
-   discussion.
+2. Next, give the issue the appropriate labels and feel free to create new ones if
-1. Otherwise, give the issue the appropriate labels (feel free to create new
+   necessary.
-   ones if necessary). There are no hard and set rules for labels. We don't have
+   - There are no hard and set rules for labels. We don't have many so look through and
-   many so look through and see how they've been used throughout the repository.
+     see how they've been used throughout the repository. They all also have descriptions.
-   They all also have descriptions.
+3. If more information is required, please ask the submitter and tag as
 1. If more information is required, please ask the submitter and tag as
   `waiting-for-info` and wait.
-1. Finally, the issue should be moved into the
+4. Finally, the issue should be moved into the
-   [code-server](https://github.com/cdr/code-server/projects/1) project where we
+   [code-server](https://github.com/cdr/code-server/projects/1) project where we pick
-   pick out issues to fix and track their progress.
+   out issues to fix and track their progress.
-We also use [milestones](https://github.com/cdr/code-server/milestones) to track
+We also use [milestones](https://github.com/cdr/code-server/milestones) to track what
-what issues are planned/or were closed for what release.
+issues are planned/or were closed for what release.
--- a/docs/upgrade.md
+++ b/docs/upgrade.md
@@ -1,5 +0,0 @@
 # Upgrade
 To upgrade code-server, install the new version over the old version. All user
 data is in `~/.local/share/code-server`, so they are preserved between
 installations.
--- a/install.sh
+++ b/install.sh
@@ -2,7 +2,7 @@
 set -eu
 # code-server's automatic install script.
-# See https://coder.com/docs/code-server/v3.11.1/install
+# See https://github.com/cdr/code-server/blob/main/docs/install.md
 usage() {
  arg0="$0"
@@ -14,7 +14,7 @@ usage() {
  fi
  cath <<EOF
-Installs code-server.
+Installs code-server for Linux, macOS and FreeBSD.
 It tries to use the system package manager if possible.
 After successful installation it explains how to start using code-server.
@@ -48,25 +48,26 @@ Usage:
  --rsh <bin>
      Specifies the remote shell for remote installation. Defaults to ssh.
-The detection method works as follows:
+- For Debian, Ubuntu and Raspbian it will install the latest deb package.
-  - Debian, Ubuntu, Raspbian: install the deb package from GitHub.
+- For Fedora, CentOS, RHEL and openSUSE it will install the latest rpm package.
-  - Fedora, CentOS, RHEL, openSUSE: install the rpm package from GitHub.
+- For Arch Linux it will install the AUR package.
-  - Arch Linux: install from the AUR (which pulls releases from GitHub).
+- For any unrecognized Linux operating system it will install the latest standalone
-  - FreeBSD, Alpine: install from yarn/npm.
+  release into ~/.local
  - macOS: install using Homebrew if installed otherwise install from GitHub.
  - All others: install the release from GitHub.
-We only build releases on GitHub for amd64 and arm64 on Linux and amd64 for
+- For macOS it will install the Homebrew package.
-macOS. When the detection method tries to pull a release from GitHub it will
+  - If Homebrew is not installed it will install the latest standalone release
-fall back to installing from npm when there is no matching release for the
+    into ~/.local
 system's operating system and architecture.
-The standalone method will force installion using GitHub releases. It will not
+- For FreeBSD, it will install the npm package with yarn or npm.
 fall back to npm so on architectures without pre-built releases this will error.
-The installer will cache all downloaded assets into ~/.cache/code-server
+- If ran on an architecture with no releases, it will install the
  npm package with yarn or npm.
  - We only have releases for amd64 and arm64 presently.
  - The npm package builds the native modules on postinstall.
-More installation docs are at https://coder.com/docs/code-server/v3.11.1/install
+It will cache all downloaded assets into ~/.cache/code-server
 More installation docs are at https://github.com/cdr/code-server/blob/main/docs/install.md
 EOF
 }
@@ -81,11 +82,10 @@ echo_latest_version() {
 echo_npm_postinstall() {
  echoh
  cath <<EOF
-npm package has been installed.
+The npm package has been installed successfully!
-
+Please extend your path to use code-server:
 Extend your path to use code-server:
  PATH="$NPM_BIN_DIR:\$PATH"
-Then run with:
+Please run with:
  code-server
 EOF
 }
@@ -94,20 +94,9 @@ echo_standalone_postinstall() {
  echoh
  cath <<EOF
 Standalone release has been installed into $STANDALONE_INSTALL_PREFIX/lib/code-server-$VERSION
-
+Please extend your path to use code-server:
 Extend your path to use code-server:
  PATH="$STANDALONE_INSTALL_PREFIX/bin:\$PATH"
-Then run with:
+Then you can run:
  code-server
 EOF
 }
 echo_brew_postinstall() {
  echoh
  cath << EOF
 Brew release has been installed.
 Run with:
  code-server
 EOF
 }
@@ -115,8 +104,6 @@ EOF
 echo_systemd_postinstall() {
  echoh
  cath <<EOF
 $1 package has been installed.
 To have systemd start code-server now and restart on boot:
  sudo systemctl enable --now code-server@\$USER
 Or, if you don't want/need a background service you can run:
@@ -132,6 +119,8 @@ main() {
  unset \
    DRY_RUN \
    METHOD \
    STANDALONE_INSTALL_PREFIX \
    VERSION \
    OPTIONAL \
    ALL_FLAGS \
    RSH_ARGS \
@@ -209,70 +198,69 @@ main() {
    return
  fi
  VERSION="${VERSION-$(echo_latest_version)}"
  METHOD="${METHOD-detect}"
  if [ "$METHOD" != detect ] && [ "$METHOD" != standalone ]; then
    echoerr "Unknown install method \"$METHOD\""
    echoerr "Run with --help to see usage."
    exit 1
  fi
  STANDALONE_INSTALL_PREFIX="${STANDALONE_INSTALL_PREFIX-$HOME/.local}"
-  # These are used by the various install_* functions that make use of GitHub
+  OS="$(os)"
-  # releases in order to download and unpack the right release.
+  if [ ! "$OS" ]; then
-  CACHE_DIR=$(echo_cache_dir)
+    echoerr "Unsupported OS $(uname)."
-  STANDALONE_INSTALL_PREFIX=${STANDALONE_INSTALL_PREFIX:-$HOME/.local}
+    exit 1
-  VERSION=${VERSION:-$(echo_latest_version)}
+  fi
  # These can be overridden for testing but shouldn't normally be used as it can
  # result in a broken code-server.
  OS=${OS:-$(os)}
  ARCH=${ARCH:-$(arch)}
  distro_name
-  # Standalone installs by pulling pre-built releases from GitHub.
+  ARCH="$(arch)"
  if [ ! "$ARCH" ]; then
    if [ "$METHOD" = standalone ]; then
-    if has_standalone; then
+      echoerr "No precompiled releases for $(uname -m)."
-      install_standalone
+      echoerr 'Please rerun without the "--method standalone" flag to install from npm.'
      exit 0
    else
      echoerr "There are no standalone releases for $ARCH"
      echoerr "Please try again without '--method standalone'"
      exit 1
    fi
    echoh "No precompiled releases for $(uname -m)."
    install_npm
    return
  fi
-  # DISTRO can be overridden for testing but shouldn't normally be used as it
+  if [ "$OS" = "freebsd" ]; then
-  # can result in a broken code-server.
+    if [ "$METHOD" = standalone ]; then
-  DISTRO=${DISTRO:-$(distro)}
+      echoerr "No precompiled releases available for $OS."
      echoerr 'Please rerun without the "--method standalone" flag to install from npm.'
      exit 1
    fi
    echoh "No precompiled releases available for $OS."
    install_npm
    return
  fi
-  case $DISTRO in
+  CACHE_DIR="$(echo_cache_dir)"
-    # macOS uses brew when available and falls back to standalone. We only have
+
-    # amd64 for macOS so for anything else use npm.
+  if [ "$METHOD" = standalone ]; then
    install_standalone
    return
  fi
  case "$(distro)" in
  macos)
-      BREW_PATH="${BREW_PATH-brew}"
+    install_macos
-      if command_exists "$BREW_PATH"; then
+    ;;
-        install_brew
+  debian)
-      else
+    install_deb
-        echoh "Homebrew not installed."
+    ;;
-        echoh "Falling back to standalone installation."
+  fedora | opensuse)
-        npm_fallback install_standalone
+    install_rpm
-      fi
+    ;;
  arch)
    install_aur
    ;;
    # The .deb and .rpm files are pulled from GitHub and we only have amd64 and
    # arm64 there and need to fall back to npm otherwise.
    debian) npm_fallback install_deb ;;
    fedora | opensuse) npm_fallback install_rpm ;;
    # Arch uses the AUR package which only supports amd64 and arm64 since it
    # pulls releases from GitHub so we need to fall back to npm.
    arch) npm_fallback install_aur ;;
    # We don't have GitHub releases that work on Alpine or FreeBSD so we have no
    # choice but to use npm here.
    alpine | freebsd) install_npm ;;
    # For anything else we'll try to install standalone but fall back to npm if
    # we don't have releases for the architecture.
  *)
    echoh "Unsupported package manager."
-      echoh "Falling back to standalone installation."
+    install_standalone
      npm_fallback install_standalone
    ;;
  esac
 }
@@ -327,39 +315,45 @@ fetch() {
  sh_c mv "$FILE.incomplete" "$FILE"
 }
-install_brew() {
+install_macos() {
-  echoh "Installing latest from Homebrew."
+  if command_exists brew; then
    echoh "Installing from Homebrew."
    echoh
-  sh_c "$BREW_PATH" install code-server
+    sh_c brew install code-server
-  echo_brew_postinstall
+    return
  fi
  echoh "Homebrew not installed."
  install_standalone
 }
 install_deb() {
-  echoh "Installing v$VERSION of the $ARCH deb package from GitHub."
+  echoh "Installing v$VERSION deb package from GitHub releases."
  echoh
  fetch "https://github.com/cdr/code-server/releases/download/v$VERSION/code-server_${VERSION}_$ARCH.deb" \
    "$CACHE_DIR/code-server_${VERSION}_$ARCH.deb"
  sudo_sh_c dpkg -i "$CACHE_DIR/code-server_${VERSION}_$ARCH.deb"
-  echo_systemd_postinstall deb
+  echo_systemd_postinstall
 }
 install_rpm() {
-  echoh "Installing v$VERSION of the $ARCH rpm package from GitHub."
+  echoh "Installing v$VERSION rpm package from GitHub releases."
  echoh
  fetch "https://github.com/cdr/code-server/releases/download/v$VERSION/code-server-$VERSION-$ARCH.rpm" \
    "$CACHE_DIR/code-server-$VERSION-$ARCH.rpm"
  sudo_sh_c rpm -i "$CACHE_DIR/code-server-$VERSION-$ARCH.rpm"
-  echo_systemd_postinstall rpm
+  echo_systemd_postinstall
 }
 install_aur() {
-  echoh "Installing latest from the AUR."
+  echoh "Installing from the AUR."
  echoh
  sh_c mkdir -p "$CACHE_DIR/code-server-aur"
@@ -370,20 +364,16 @@ install_aur() {
  fi
  sh_c makepkg -si
-  echo_systemd_postinstall AUR
+  echo_systemd_postinstall
 }
 install_standalone() {
-  echoh "Installing v$VERSION of the $ARCH release from GitHub."
+  echoh "Installing standalone release archive v$VERSION from GitHub releases."
  echoh
  fetch "https://github.com/cdr/code-server/releases/download/v$VERSION/code-server-$VERSION-$OS-$ARCH.tar.gz" \
    "$CACHE_DIR/code-server-$VERSION-$OS-$ARCH.tar.gz"
  # -w only works if the directory exists so try creating it first. If this
  # fails we can ignore the error as the -w check will then swap us to sudo.
  sh_c mkdir -p "$STANDALONE_INSTALL_PREFIX" 2> /dev/null || true
  sh_c="sh_c"
  if [ ! -w "$STANDALONE_INSTALL_PREFIX" ]; then
    sh_c="sudo_sh_c"
@@ -405,74 +395,50 @@ install_standalone() {
 }
 install_npm() {
-  echoh "Installing latest from npm."
+  if command_exists yarn; then
  echoh
  YARN_PATH="${YARN_PATH-yarn}"
  NPM_PATH="${YARN_PATH-npm}"
  if command_exists "$YARN_PATH"; then
    sh_c="sh_c"
-    if [ ! "${DRY_RUN-}" ] && [ ! -w "$($YARN_PATH global bin)" ]; then
+    if [ ! -w "$(yarn global bin)" ]; then
      sh_c="sudo_sh_c"
    fi
    echoh "Installing with yarn."
    echoh
-    "$sh_c" "$YARN_PATH" global add code-server --unsafe-perm
+    "$sh_c" yarn global add code-server --unsafe-perm
-    NPM_BIN_DIR="\$($YARN_PATH global bin)" echo_npm_postinstall
+    NPM_BIN_DIR="$(yarn global bin)" echo_npm_postinstall
    return
-  elif command_exists "$NPM_PATH"; then
+  elif command_exists npm; then
    sh_c="sh_c"
-    if [ ! "${DRY_RUN-}" ] && [ ! -w "$(NPM_PATH config get prefix)" ]; then
+    if [ ! -w "$(npm config get prefix)" ]; then
      sh_c="sudo_sh_c"
    fi
    echoh "Installing with npm."
    echoh
-    "$sh_c" "$NPM_PATH" install -g code-server --unsafe-perm
+    "$sh_c" npm install -g code-server --unsafe-perm
-    NPM_BIN_DIR="\$($NPM_PATH bin -g)" echo_npm_postinstall
+    NPM_BIN_DIR="$(npm bin -g)" echo_npm_postinstall
    return
  fi
  echoh
  echoerr "Please install npm or yarn to install code-server!"
  echoerr "You will need at least node v12 and a few C dependencies."
-  echoerr "See the docs https://coder.com/docs/code-server/v3.11.1/install#yarn-npm"
+  echoerr "See the docs https://github.com/cdr/code-server/blob/v3.10.1/docs/install.md#yarn-npm"
  exit 1
 }
 # Run $1 if we have a standalone otherwise run install_npm.
 npm_fallback() {
  if has_standalone; then
    $1
  else
    echoh "No standalone releases for $ARCH."
    echoh "Falling back to installation from npm."
    install_npm
  fi
 }
 # Determine if we have standalone releases on GitHub for the system's arch.
 has_standalone() {
  case $ARCH in
    amd64) return 0 ;;
    # We only have amd64 for macOS.
    arm64)
      [ "$(distro)" != macos ]
      return
      ;;
    *) return 1 ;;
  esac
 }
 os() {
-  uname="$(uname)"
+  case "$(uname)" in
-  case $uname in
+  Linux)
-    Linux) echo linux ;;
+    echo linux
-    Darwin) echo macos ;;
+    ;;
-    FreeBSD) echo freebsd ;;
+  Darwin)
-    *) echo "$uname" ;;
+    echo macos
    ;;
  FreeBSD)
    echo freebsd
    ;;
  esac
 }
-# Print the detected Linux distro, otherwise print the OS name.
+# distro prints the detected operating system including linux distros.
 # Also parses ID_LIKE for common distro bases.
 #
 # Example outputs:
 # - macos -> macos
@@ -509,7 +475,7 @@ distro() {
  fi
 }
-# Print a human-readable name for the OS/distro.
+# os_name prints a pretty human readable name for the OS/Distro.
 distro_name() {
  if [ "$(uname)" = "Darwin" ]; then
    echo "macOS v$(sw_vers -productVersion)"
@@ -529,16 +495,20 @@ distro_name() {
 }
 arch() {
-  uname_m=$(uname -m)
+  case "$(uname -m)" in
-  case $uname_m in
+  aarch64)
-    aarch64) echo arm64 ;;
+    echo arm64
-    x86_64) echo amd64 ;;
+    ;;
-    *) echo "$uname_m" ;;
+  x86_64)
    echo amd64
    ;;
  amd64) # FreeBSD.
    echo amd64
    ;;
  esac
 }
 command_exists() {
  if [ ! "$1" ]; then return 1; fi
  command -v "$@" >/dev/null
 }
--- a/lib/vscode/.devcontainer/README.md
+++ b/lib/vscode/.devcontainer/README.md
@@ -1,14 +1,14 @@
 # Code - OSS Development Container
-This repository includes configuration for a development container for working with Code - OSS in a local container or using [GitHub Codespaces](https://github.com/features/codespaces).
+This repository includes configuration for a development container for working with Code - OSS in an isolated local container or using [GitHub Codespaces](https://github.com/features/codespaces).
-> **Tip:** The default VNC password is `vscode`. The VNC server runs on port `5901` and a web client is available on port `6080`.
+> **Tip:** The default VNC password is `vscode`. The VNC server runs on port `5901` with a web client at `6080`. For better performance, we recommend using a [VNC Viewer](https://www.realvnc.com/en/connect/download/viewer/). Applications like the macOS Screen Sharing app will not perform as well.
 ## Quick start - local
 1. Install Docker Desktop or Docker for Linux on your local machine. (See [docs](https://aka.ms/vscode-remote/containers/getting-started) for additional details.)
-2. **Important**: Docker needs at least **4 Cores and 6 GB of RAM (8 GB recommended)** to run a full build. If you are on macOS, or are using the old Hyper-V engine for Windows, update these values for Docker Desktop by right-clicking on the Docker status bar item and going to **Preferences/Settings > Resources > Advanced**.
+2. **Important**: Docker needs at least **4 Cores and 6 GB of RAM (8 GB recommended)** to run full build. If you on macOS, or using the old Hyper-V engine for Windows, update these values for Docker Desktop by right-clicking on the Docker status bar item, going to **Preferences/Settings > Resources > Advanced**.
    > **Note:** The [Resource Monitor](https://marketplace.visualstudio.com/items?itemName=mutantdino.resourcemonitor) extension is included in the container so you can keep an eye on CPU/Memory in the status bar.
@@ -16,56 +16,53 @@ This repository includes configuration for a development container for working w
    ![Image of Remote - Containers extension](https://microsoft.github.io/vscode-remote-release/images/remote-containers-extn.png)
-    > **Note:** The Remote - Containers extension requires the Visual Studio Code distribution of Code - OSS. See the [FAQ](https://aka.ms/vscode-remote/faq/license) for details.
+    > Note that the Remote - Containers extension requires the Visual Studio Code distribution of Code - OSS. See the [FAQ](https://aka.ms/vscode-remote/faq/license) for details.
-4. Press <kbd>Ctrl/Cmd</kbd> + <kbd>Shift</kbd> + <kbd>P</kbd> or <kbd>F1</kbd> and select **Remote-Containers: Clone Repository in Container Volume...**.
+4. Press <kbd>Ctrl/Cmd</kbd> + <kbd>Shift</kbd> + <kbd>P</kbd> and select **Remote-Containers: Clone Repository in Container Volume...**.
-    > **Tip:** While you can use your local source tree instead, operations like `yarn install` can be slow on macOS or when using the Hyper-V engine on Windows. We recommend the "clone repository in container" approach instead since it uses "named volume" rather than the local filesystem.
+    > **Tip:** While you can use your local source tree instead, operations like `yarn install` can be slow on macOS or using the Hyper-V engine on Windows. We recommend the "clone repository in container" approach instead since it uses "named volume" rather than the local filesystem.
 5. Type `https://github.com/microsoft/vscode` (or a branch or PR URL) in the input box and press <kbd>Enter</kbd>.
-6. After the container is running, open a web browser and go to [http://localhost:6080](http://localhost:6080), or use a [VNC Viewer](https://www.realvnc.com/en/connect/download/viewer/) to connect to `localhost:5901` and enter `vscode` as the password.
+6. After the container is running, open a web browser and go to [http://localhost:6080](http://localhost:6080) or use a [VNC Viewer](https://www.realvnc.com/en/connect/download/viewer/) to connect to `localhost:5901` and enter `vscode` as the password.
-Anything you start in VS Code, or the integrated terminal, will appear here.
+Anything you start in VS Code or the integrated terminal will appear here.
 Next: **[Try it out!](#try-it)**
 ## Quick start - GitHub Codespaces
-1. From the [microsoft/vscode GitHub repository](https://github.com/microsoft/vscode), click on the **Code** dropdown, select **Open with Codespaces**, and then click on **New codespace**. If prompted, select the **Standard** machine size (which is also the default).
+> **IMPORTANT:** You need to use a "Standard" sized codespace or larger (4-core, 8GB) since VS Code needs 6GB of RAM to compile. This is now the default for GitHub Codespaces, but do not downgrade to "Basic" unless you do not intend to compile.
-   > **Note:** You will not see these options within GitHub if you are not in the Codespaces beta.
+1. From the [microsoft/vscode GitHub repository](https://github.com/microsoft/vscode), click on the **Code** dropdown, select **Open with Codespaces**, and the **New codespace**
-2. After the codespace is up and running in your browser, press <kbd>Ctrl/Cmd</kbd> + <kbd>Shift</kbd> + <kbd>P</kbd> or <kbd>F1</kbd> and select **Ports: Focus on Ports View**.
+    > Note that you will not see these options if you are not in the beta yet.
-3. You should see **VNC web client (6080)** under in the list of ports. Select the line and click on the globe icon to open it in a browser tab.
+2. After the codespace is up and running in your browser, press <kbd>F1</kbd> and select **Ports: Focus on Ports View**.
-    > **Tip:** If you do not see the port, <kbd>Ctrl/Cmd</kbd> + <kbd>Shift</kbd> + <kbd>P</kbd> or <kbd>F1</kbd>, select **Forward a Port** and enter port `6080`.
+3. You should see port `6080` under **Forwarded Ports**. Select the line and click on the globe icon to open it in a browser tab.
    > If you do not see port `6080`, press <kbd>F1</kbd>, select **Forward a Port** and enter port `6080`.
 4. In the new tab, you should see noVNC. Click **Connect** and enter `vscode` as the password.
-Anything you start in VS Code, or the integrated terminal, will appear here.
+Anything you start in VS Code or the integrated terminal will appear here.
 Next: **[Try it out!](#try-it)**
 ### Using VS Code with GitHub Codespaces
-You may see improved VNC responsiveness when accessing a codespace from VS Code client since you can use a [VNC Viewer](https://www.realvnc.com/en/connect/download/viewer/). Here's how to do it.
+You will likely see better performance when accessing the codespace you created from VS Code since you can use a[VNC Viewer](https://www.realvnc.com/en/connect/download/viewer/). Here's how to do it.
-1.  Install [Visual Studio Code Stable](https://code.visualstudio.com/) or [Insiders](https://code.visualstudio.com/insiders/) and the the [GitHub Codespaces extension](https://marketplace.visualstudio.com/items?itemName=GitHub.codespaces).
+1. [Create a codespace](#quick-start---github-codespaces) if you have not already.
-	> **Note:** The GitHub Codespaces extension requires the Visual Studio Code distribution of Code - OSS.
+2. Set up [VS Code for use with GitHub Codespaces](https://docs.github.com/github/developing-online-with-codespaces/using-codespaces-in-visual-studio-code)
-2. After the VS Code is up and running, press <kbd>Ctrl/Cmd</kbd> + <kbd>Shift</kbd> + <kbd>P</kbd> or <kbd>F1</kbd>, choose **Codespaces: Create New Codespace**, and use the following settings:
+3. After the VS Code is up and running, press <kbd>F1</kbd>, choose **Codespaces: Connect to Codespace**, and select the codespace you created.
    - `microsoft/vscode` for the repository.
 	- Select any branch (e.g. **main**) - you select a different one later.
 	- Choose **Standard** (4-core, 8GB) as the size.
-4. After you have connected to the codespace, you can use a [VNC Viewer](https://www.realvnc.com/en/connect/download/viewer/) to connect to `localhost:5901` and enter `vscode` as the password.
+4. After you've connected to the codespace, use a [VNC Viewer](https://www.realvnc.com/en/connect/download/viewer/) to connect to `localhost:5901` and enter `vscode` as the password.
-    > **Tip:** You may also need change your VNC client's **Picture Quaility** setting to **High** to get a full color desktop.
+5. Anything you start in VS Code or the integrated terminal will appear here.
 5. Anything you start in VS Code, or the integrated terminal, will appear here.
 Next: **[Try it out!](#try-it)**
@@ -73,18 +70,20 @@ Next: **[Try it out!](#try-it)**
 This container uses the [Fluxbox](http://fluxbox.org/) window manager to keep things lean. **Right-click on the desktop** to see menu options. It works with GNOME and GTK applications, so other tools can be installed if needed.
-> **Note:** You can also set the resolution from the command line by typing `set-resolution`.
+Note you can also set the resolution from the command line by typing `set-resolution`.
 To start working with Code - OSS, follow these steps:
-1. In your local VS Code client, open a terminal (<kbd>Ctrl/Cmd</kbd> + <kbd>Shift</kbd> + <kbd>\`</kbd>) and type the following commands:
+1. In your local VS Code, open a terminal (<kbd>Ctrl/Cmd</kbd> + <kbd>Shift</kbd> + <kbd>\`</kbd>) and type the following commands:
    ```bash
    yarn install
    bash scripts/code.sh
    ```
-2. After the build is complete, open a web browser or a [VNC Viewer](https://www.realvnc.com/en/connect/download/viewer/) to connect to the desktop environment as described in the quick start and enter `vscode` as the password.
+    Note that a previous run of `yarn install`  will already be cached, so this step should simply pick up any recent differences.
 2. After the build is complete, open a web browser or a [VNC Viewer](https://www.realvnc.com/en/connect/download/viewer/) to the desktop environnement as described in the quick start and enter `vscode` as the password.
 3. You should now see Code - OSS!
@@ -92,7 +91,7 @@ Next, let's try debugging.
 1. Shut down Code - OSS by clicking the box in the upper right corner of the Code - OSS window through your browser or VNC viewer.
-2. Go to your local VS Code client, and use the **Run / Debug** view to launch the **VS Code** configuration. (Typically the default, so you can likely just press <kbd>F5</kbd>).
+2. Go to your local VS Code client, and use Run / Debug view to launch the **VS Code** configuration. (Typically the default, so you can likely just press <kbd>F5</kbd>).
    > **Note:** If launching times out, you can increase the value of `timeout` in the "VS Code", "Attach Main Process", "Attach Extension Host", and "Attach to Shared Process" configurations in [launch.json](../.vscode/launch.json). However, running `scripts/code.sh` first will set up Electron which will usually solve timeout issues.
--- a/lib/vscode/.devcontainer/devcontainer.json
+++ b/lib/vscode/.devcontainer/devcontainer.json
@@ -3,26 +3,20 @@
 	// Image contents: https://github.com/microsoft/vscode-dev-containers/blob/master/repository-containers/images/github.com/microsoft/vscode/.devcontainer/base.Dockerfile
 	"image": "mcr.microsoft.com/vscode/devcontainers/repos/microsoft/vscode:branch-main",
 	"workspaceMount": "source=${localWorkspaceFolder},target=/home/node/workspace/vscode,type=bind,consistency=cached",
 	"workspaceFolder": "/home/node/workspace/vscode",
 	"overrideCommand": false,
 	"runArgs": [ "--init", "--security-opt", "seccomp=unconfined"],
 	"settings": {
 		"terminal.integrated.shell.linux": "/bin/bash",
 		"resmon.show.battery": false,
 		"resmon.show.cpufreq": false
 	},
-	// noVNC, VNC
+	// noVNC, VNC, debug ports
-	"forwardPorts": [6080, 5901],
+	"forwardPorts": [6080, 5901, 9222],
 	"portsAttributes": {
 		"6080": {
 			"label": "VNC web client (noVNC)",
 			"onAutoForward": "silent"
 		},
 		"5901": {
 			"label": "VNC TCP port",
 			"onAutoForward": "silent"
 		}
 	},
 	"extensions": [
 		"dbaeumer.vscode-eslint",
--- a/lib/vscode/.eslintignore
+++ b/lib/vscode/.eslintignore
@@ -17,7 +17,6 @@
 **/extensions/typescript-basics/test/colorize-fixtures/**
 **/extensions/**/dist/**
 # These are code-server code symlinks.
 src/vs/base/common/util.ts
 src/vs/base/common/ipc.d.ts
 src/vs/base/node/proxy_agent.ts
-src/vs/server/uriTransformer.ts
+src/vs/ipc.d.ts
 src/vs/server/common/util.ts
--- a/lib/vscode/.eslintrc.json
+++ b/lib/vscode/.eslintrc.json
@@ -62,7 +62,7 @@
 		"code-no-standalone-editor": "warn",
 		"code-no-unexternalized-strings": "warn",
 		"code-layering": [
-			"warn",
+			"off",
 			{
 				"common": [],
 				"node": [
@@ -88,7 +88,7 @@
 			}
 		],
 		"code-import-patterns": [
-			"warn",
+			"off",
 			// !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 			// !!! Do not relax these rules !!!
 			// !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
@@ -501,7 +501,7 @@
 					"**/vs/platform/**",
 					"**/vs/editor/**",
 					"**/vs/workbench/{common,browser,node,electron-sandbox,electron-browser}/**",
-					"vs/workbench/contrib/files/browser/editors/fileEditorInput",
+					"vs/workbench/contrib/files/common/editors/fileEditorInput",
 					"**/vs/workbench/services/**",
 					"**/vs/workbench/test/**",
 					"*" // node modules
@@ -807,7 +807,6 @@
 					"**/vs/platform/**/{common,node}/**",
 					"**/vs/workbench/**/{common,node}/**",
 					"**/vs/server/**",
 					"@coder/logger", // NOTE@coder: add logger
 					"*" // node modules
 				]
 			},
--- a/lib/vscode/.github/ISSUE_TEMPLATE/bug_report.md
+++ b/lib/vscode/.github/ISSUE_TEMPLATE/bug_report.md
@@ -8,11 +8,6 @@ about: Create a report to help us improve
 <!-- 🔎 Search existing issues to avoid creating duplicates. -->
 <!-- 🧪 Test using the latest Insiders build to see if your issue has already been fixed: https://code.visualstudio.com/insiders/ -->
 <!-- 💡 Instead of creating your report here, use 'Report Issue' from the 'Help' menu in VS Code to pre-fill useful information. -->
 <!-- 🔧 Launch with `code --disable-extensions` to check. -->
 Does this issue occur when all extensions are disabled?: Yes/No
 <!-- 🪓 If you answered No above, use 'Help: Start Extension Bisect' from Command Palette to try to identify the cause. -->
 <!-- 📣 Issues caused by an extension need to be reported directly to the extension publisher. The 'Help > Report Issue' dialog can assist with this. -->
 - VS Code Version:
 - OS Version:
@@ -20,3 +15,9 @@ Steps to Reproduce:
 1.
 2.
 <!-- 🔧 Launch with `code --disable-extensions` to check. -->
 Does this issue occur when all extensions are disabled?: Yes/No
 <!-- 🪓 If you answered No above, use 'Help: Start Extension Bisect' from Command Palette to try to identify the cause. -->
 <!-- 📣 Issues caused by an extension need to be reported directly to the extension publisher. The 'Help > Report Issue' dialog can assist with this. -->
--- a/lib/vscode/.github/classifier.json
+++ b/lib/vscode/.github/classifier.json
@@ -1,17 +1,16 @@
 {
 	"$schema": "https://raw.githubusercontent.com/microsoft/vscode-github-triage-actions/master/classifier-deep/apply/apply-labels/deep-classifier-config.schema.json",
-	"vacation": ["RMacfarlane"],
+	"vacation": [],
 	"assignees": {
 		"JacksonKearl": {"accuracy": 0.5}
 	},
 	"labels": {
 		"L10N": {"assign": []},
 		"VIM": {"assign": []},
 		"accessibility": { "assign": ["isidorn"]},
 		"api": {"assign": ["jrieken"]},
 		"api-finalization": {"assign": []},
 		"api-proposal": {"assign": ["jrieken"]},
-		"authentication": {"assign": ["TylerLeonhardt"]},
+		"authentication": {"assign": ["RMacfarlane"]},
 		"breadcrumbs": {"assign": ["jrieken"]},
 		"callhierarchy": {"assign": ["jrieken"]},
 		"code-lens": {"assign": ["jrieken"]},
@@ -21,7 +20,8 @@
 		"context-keys": {"assign": []},
 		"css-less-scss": {"assign": ["aeschli"]},
 		"custom-editors": {"assign": ["mjbvz"]},
-		"debug": {"assign": ["weinand"]},
+		"debug": {"assign": ["isidorn"]},
 		"debug-console": {"assign": ["isidorn"]},
 		"dialogs": {"assign": ["sbatten"]},
 		"diff-editor": {"assign": []},
 		"dropdown": {"assign": []},
@@ -81,15 +81,14 @@
 		"icon-brand": {"assign": []},
 		"icons-product": {"assign": ["misolori"]},
 		"install-update": {"assign": []},
-		"terminal": {"assign": ["meganrogge"]},
+		"integrated-terminal": {"assign": ["meganrogge"]},
-		"terminal-conpty": {"assign": ["meganrogge"]},
+		"integrated-terminal-conpty": {"assign": ["meganrogge"]},
-		"terminal-links": {"assign": ["meganrogge"]},
+		"integrated-terminal-links": {"assign": ["meganrogge"]},
 		"terminal-external": {"assign": ["meganrogge"]},
 		"integration-test": {"assign": []},
 		"intellisense-config": {"assign": []},
 		"ipc": {"assign": ["joaomoreno"]},
 		"issue-bot": {"assign": ["chrmarti"]},
-		"issue-reporter": {"assign": ["TylerLeonhardt"]},
+		"issue-reporter": {"assign": ["RMacfarlane"]},
 		"javascript": {"assign": ["mjbvz"]},
 		"json": {"assign": ["aeschli"]},
 		"keybindings": {"assign": []},
@@ -114,7 +113,7 @@
 		"php": {"assign": ["roblourens"]},
 		"portable-mode": {"assign": ["joaomoreno"]},
 		"proxy": {"assign": []},
-		"quick-pick": {"assign": ["TylerLeonhardt"]},
+		"quick-pick": {"assign": ["chrmarti"]},
 		"references-viewlet": {"assign": ["jrieken"]},
 		"release-notes": {"assign": []},
 		"remote": {"assign": []},
@@ -153,7 +152,7 @@
 		"web": {"assign": ["bpasero"]},
 		"webview": {"assign": ["mjbvz"]},
 		"workbench-cli": {"assign": []},
-		"workbench-diagnostics": {"assign": ["Tyriar"]},
+		"workbench-diagnostics": {"assign": ["RMacfarlane"]},
 		"workbench-dnd": {"assign": ["bpasero"]},
 		"workbench-editor-grid": {"assign": ["sbatten"]},
 		"workbench-editors": {"assign": ["bpasero"]},
--- a/lib/vscode/.github/commands.json
+++ b/lib/vscode/.github/commands.json
@@ -90,7 +90,7 @@
 			"@author"
 		],
 		"action": "updateLabels",
-		"addLabel": "verified",
+		"addLabel": "z-author-verified",
 		"removeLabel": "author-verification-requested",
 		"requireLabel": "author-verification-requested",
 		"disallowLabel": "unreleased"
@@ -133,18 +133,6 @@
 		"action": "updateLabels",
 		"addLabel": "~needs more info"
 	},
 	{
 		"type": "comment",
 		"name": "needsPerfInfo",
 		"allowUsers": [
 			"cleidigh",
 			"usernamehw",
 			"gjsjohnmurray",
 			"IllusionMH"
 		],
 		"addLabel": "needs more info",
 		"comment": "Thanks for creating this issue regarding performance! Please follow this guide to help us diagnose performance issues: https://github.com/microsoft/vscode/wiki/Performance-Issues \n\nHappy Coding!"
 	},
 	{
 		"type": "comment",
 		"name": "jsDebugLogs",
--- a/lib/vscode/.github/subscribers.json
+++ b/lib/vscode/.github/subscribers.json
@@ -4,7 +4,6 @@
 		"rchiodo",
 		"greazer",
 		"donjayamanne",
-		"jilljac",
+		"jilljac"
 		"IanMatthewHuff"
 	]
 }
--- a/lib/vscode/.github/workflows/ci.yml
+++ b/lib/vscode/.github/workflows/ci.yml
@@ -244,9 +244,6 @@ jobs:
      - name: Run Valid Layers Checks
        run: yarn valid-layers-check
      - name: Compile /build/
        run: yarn --cwd build compile
      - name: Run Monaco Editor Checks
        run: yarn monaco-compile-check
--- a/lib/vscode/.gitignore
+++ b/lib/vscode/.gitignore
@@ -7,8 +7,7 @@ node_modules/
 extensions/**/dist/
 /out*/
 /extensions/**/out/
-# NOTE@coder: remove to provide our own server
+# src/vs/server NOTE@coder: So our code isn't ignored.
 # src/vs/server
 resources/server
 build/node_modules
 coverage/
--- a/lib/vscode/.vscode/notebooks/api.github-issues
+++ b/lib/vscode/.vscode/notebooks/api.github-issues
@@ -2,31 +2,37 @@
  {
    "kind": 1,
    "language": "markdown",
-    "value": "#### Config"
+    "value": "#### Config",
    "editable": true
  },
  {
    "kind": 2,
    "language": "github-issues",
-    "value": "$repo=repo:microsoft/vscode\n$milestone=milestone:\"May 2021\""
+    "value": "$repo=repo:microsoft/vscode\n$milestone=milestone:\"April 2021\"",
    "editable": true
  },
  {
    "kind": 1,
    "language": "markdown",
-    "value": "### Finalization"
+    "value": "### Finalization",
    "editable": true
  },
  {
    "kind": 2,
    "language": "github-issues",
-    "value": "$repo $milestone label:api-finalization"
+    "value": "$repo $milestone label:api-finalization",
    "editable": true
  },
  {
    "kind": 1,
    "language": "markdown",
-    "value": "### Proposals"
+    "value": "### Proposals",
    "editable": true
  },
  {
    "kind": 2,
    "language": "github-issues",
-    "value": "$repo $milestone is:open label:api-proposal "
+    "value": "$repo $milestone is:open label:api-proposal ",
    "editable": true
  }
 ]
--- a/lib/vscode/.vscode/notebooks/endgame.github-issues
+++ b/lib/vscode/.vscode/notebooks/endgame.github-issues
@@ -7,7 +7,7 @@
  {
    "kind": 2,
    "language": "github-issues",
-    "value": "$REPOS=repo:microsoft/vscode repo:microsoft/vscode-internalbacklog repo:microsoft/vscode-js-debug repo:microsoft/vscode-remote-release repo:microsoft/vscode-pull-request-github repo:microsoft/vscode-settings-sync-server repo:microsoft/vscode-emmet-helper repo:microsoft/vscode-remotehub\n\n$MILESTONE=milestone:\"May 2021\""
+    "value": "$REPOS=repo:microsoft/vscode repo:microsoft/vscode-internalbacklog repo:microsoft/vscode-js-debug repo:microsoft/vscode-remote-release repo:microsoft/vscode-pull-request-github repo:microsoft/vscode-settings-sync-server repo:microsoft/vscode-emmet-helper repo:microsoft/vscode-remotehub\n\n$MILESTONE=milestone:\"April 2021\""
  },
  {
    "kind": 1,
--- a/lib/vscode/.vscode/notebooks/my-endgame.github-issues
+++ b/lib/vscode/.vscode/notebooks/my-endgame.github-issues
@@ -7,7 +7,7 @@
  {
    "kind": 2,
    "language": "github-issues",
-    "value": "$REPOS=repo:microsoft/vscode repo:microsoft/vscode-internalbacklog repo:microsoft/vscode-js-debug repo:microsoft/vscode-remote-release repo:microsoft/vscode-pull-request-github repo:microsoft/vscode-settings-sync-server repo:microsoft/vscode-remotehub\n\n$MILESTONE=milestone:\"May 2021\"\n\n$MINE=assignee:@me"
+    "value": "$REPOS=repo:microsoft/vscode repo:microsoft/vscode-internalbacklog repo:microsoft/vscode-js-debug repo:microsoft/vscode-remote-release repo:microsoft/vscode-pull-request-github repo:microsoft/vscode-settings-sync-server repo:microsoft/vscode-remotehub\n\n$MILESTONE=milestone:\"April 2021\"\n\n$MINE=assignee:@me"
  },
  {
    "kind": 1,
@@ -157,7 +157,7 @@
  {
    "kind": 2,
    "language": "github-issues",
-    "value": "$REPOS $MILESTONE -$MINE is:issue is:closed sort:updated-asc label:bug -label:verified -label:z-author-verified -label:on-testplan -label:*duplicate -label:duplicate -label:invalid -label:*as-designed -label:error-telemetry -label:verification-steps-needed -label:verification-found -author:aeschli -author:alexdima -author:alexr00 -author:AmandaSilver -author:bamurtaugh -author:bpasero -author:btholt -author:chrisdias -author:chrmarti -author:Chuxel -author:connor4312 -author:dbaeumer -author:deepak1556 -author:devinvalenciano -author:digitarald -author:eamodio -author:egamma -author:fiveisprime -author:gregvanl -author:isidorn -author:ItalyPaleAle -author:JacksonKearl -author:joaomoreno -author:jrieken -author:kieferrm -author:lszomoru -author:meganrogge -author:misolori -author:mjbvz -author:ornellaalt -author:orta -author:rebornix -author:RMacfarlane -author:roblourens -author:rzhao271 -author:sana-ajani -author:sandy081 -author:sbatten -author:stevencl -author:Tyriar -author:weinand -author:TylerLeonhardt -author:lramos15 -author:hediet"
+    "value": "$REPOS $MILESTONE -$MINE is:issue is:closed sort:updated-asc label:bug -label:verified -label:z-author-verified -label:on-testplan -label:*duplicate -label:duplicate -label:invalid -label:*as-designed -label:error-telemetry -label:verification-steps-needed -label:verification-found -author:aeschli -author:alexdima -author:alexr00 -author:AmandaSilver -author:bamurtaugh -author:bpasero -author:btholt -author:chrisdias -author:chrmarti -author:Chuxel -author:connor4312 -author:dbaeumer -author:deepak1556 -author:devinvalenciano -author:digitarald -author:eamodio -author:egamma -author:fiveisprime -author:gregvanl -author:isidorn -author:ItalyPaleAle -author:JacksonKearl -author:joaomoreno -author:jrieken -author:kieferrm -author:lszomoru -author:meganrogge -author:misolori -author:mjbvz -author:ornellaalt -author:orta -author:rebornix -author:RMacfarlane -author:roblourens -author:rzhao271 -author:sana-ajani -author:sandy081 -author:sbatten -author:stevencl -author:Tyriar -author:weinand -author:TylerLeonhardt -author:lramos15"
  },
  {
    "kind": 1,
--- a/lib/vscode/.vscode/notebooks/my-work.github-issues
+++ b/lib/vscode/.vscode/notebooks/my-work.github-issues
@@ -2,96 +2,115 @@
  {
    "kind": 1,
    "language": "markdown",
-    "value": "##### `Config`: This should be changed every month/milestone"
+    "value": "##### `Config`: This should be changed every month/milestone",
    "editable": true
  },
  {
    "kind": 2,
    "language": "github-issues",
-    "value": "// list of repos we work in\n$repos=repo:microsoft/vscode repo:microsoft/vscode-remote-release repo:microsoft/vscode-js-debug repo:microsoft/vscode-pull-request-github repo:microsoft/vscode-github-issue-notebooks repo:microsoft/vscode-internalbacklog\n\n// current milestone name\n$milestone=milestone:\"May 2021\""
+    "value": "// list of repos we work in\n$repos=repo:microsoft/vscode repo:microsoft/vscode-remote-release repo:microsoft/vscode-js-debug repo:microsoft/vscode-pull-request-github repo:microsoft/vscode-github-issue-notebooks repo:microsoft/vscode-internalbacklog\n\n// current milestone name\n$milestone=milestone:\"April 2021\"",
    "editable": true
  },
  {
    "kind": 1,
    "language": "github-issues",
-    "value": "## Milestone Work"
+    "value": "## Milestone Work",
    "editable": true
  },
  {
    "kind": 2,
    "language": "github-issues",
-    "value": "$repos $milestone assignee:@me is:open"
+    "value": "$repos $milestone assignee:@me is:open",
    "editable": true
  },
  {
    "kind": 1,
    "language": "github-issues",
-    "value": "## Bugs, Debt, Features..."
+    "value": "## Bugs, Debt, Features...",
    "editable": true
  },
  {
    "kind": 1,
    "language": "markdown",
-    "value": "#### My Bugs"
+    "value": "#### My Bugs",
    "editable": true
  },
  {
    "kind": 2,
    "language": "github-issues",
-    "value": "$repos assignee:@me is:open label:bug"
+    "value": "$repos assignee:@me is:open label:bug",
    "editable": true
  },
  {
    "kind": 1,
    "language": "markdown",
-    "value": "#### Debt & Engineering"
+    "value": "#### Debt & Engineering",
    "editable": true
  },
  {
    "kind": 2,
    "language": "github-issues",
-    "value": "$repos assignee:@me is:open label:debt OR $repos assignee:@me is:open label:engineering"
+    "value": "$repos assignee:@me is:open label:debt OR $repos assignee:@me is:open label:engineering",
    "editable": true
  },
  {
    "kind": 1,
    "language": "markdown",
-    "value": "#### Performance 🐌 🔜 🏎"
+    "value": "#### Performance 🐌 🔜 🏎",
    "editable": true
  },
  {
    "kind": 2,
    "language": "github-issues",
-    "value": "$repos assignee:@me is:open label:perf OR $repos assignee:@me is:open label:perf-startup OR $repos assignee:@me is:open label:perf-bloat OR $repos assignee:@me is:open label:freeze-slow-crash-leak"
+    "value": "$repos assignee:@me is:open label:perf OR $repos assignee:@me is:open label:perf-startup OR $repos assignee:@me is:open label:perf-bloat OR $repos assignee:@me is:open label:freeze-slow-crash-leak",
    "editable": true
  },
  {
    "kind": 1,
    "language": "markdown",
-    "value": "#### Feature Requests"
+    "value": "#### Feature Requests",
    "editable": true
  },
  {
    "kind": 2,
    "language": "github-issues",
-    "value": "$repos assignee:@me is:open label:feature-request milestone:Backlog sort:reactions-+1-desc"
+    "value": "$repos assignee:@me is:open label:feature-request milestone:Backlog sort:reactions-+1-desc",
    "editable": true
  },
  {
    "kind": 2,
    "language": "github-issues",
-    "value": "$repos assignee:@me is:open milestone:\"Backlog Candidates\""
+    "value": "$repos assignee:@me is:open milestone:\"Backlog Candidates\"",
    "editable": true
  },
  {
    "kind": 1,
    "language": "markdown",
-    "value": "### Personal Inbox\n"
+    "value": "### Personal Inbox\n",
    "editable": true
  },
  {
    "kind": 1,
    "language": "markdown",
-    "value": "\n#### Missing Type label"
+    "value": "\n#### Missing Type label",
    "editable": true
  },
  {
    "kind": 2,
    "language": "github-issues",
-    "value": "$repos assignee:@me is:open type:issue -label:bug -label:\"needs more info\" -label:feature-request -label:under-discussion -label:debt -label:plan-item -label:upstream"
+    "value": "$repos assignee:@me is:open type:issue -label:bug -label:\"needs more info\" -label:feature-request -label:under-discussion -label:debt -label:plan-item -label:upstream",
    "editable": true
  },
  {
    "kind": 1,
    "language": "markdown",
-    "value": "#### Not Actionable"
+    "value": "#### Not Actionable",
    "editable": true
  },
  {
    "kind": 2,
    "language": "github-issues",
-    "value": "$repos assignee:@me is:open label:\"needs more info\""
+    "value": "$repos assignee:@me is:open label:\"needs more info\"",
    "editable": true
  }
 ]
--- a/lib/vscode/.vscode/tasks.json
+++ b/lib/vscode/.vscode/tasks.json
@@ -55,11 +55,39 @@
 				}
 			}
 		},
 		{
 			"type": "npm",
 			"script": "watch-extension-mediad",
 			"label": "Ext Media - Build",
 			"isBackground": true,
 			"presentation": {
 				"reveal": "never",
 				"group": "buildWatchers"
 			},
 			"problemMatcher": {
 				"owner": "typescript",
 				"applyTo": "closedDocuments",
 				"fileLocation": [
 					"absolute"
 				],
 				"pattern": {
 					"regexp": "Error: ([^(]+)\\((\\d+|\\d+,\\d+|\\d+,\\d+,\\d+,\\d+)\\): (.*)$",
 					"file": 1,
 					"location": 2,
 					"message": 3
 				},
 				"background": {
 					"beginsPattern": "Starting compilation",
 					"endsPattern": "Finished compilation"
 				}
 			}
 		},
 		{
 			"label": "VS Code - Build",
 			"dependsOn": [
 				"Core - Build",
-				"Ext - Build"
+				"Ext - Build",
 				"Ext Media - Build",
 			],
 			"group": {
 				"kind": "build",
@@ -74,8 +102,7 @@
 			"group": "build",
 			"presentation": {
 				"reveal": "never",
-				"group": "buildKillers",
+				"group": "buildKillers"
 				"close": true
 			},
 			"problemMatcher": "$tsc"
 		},
@@ -86,8 +113,18 @@
 			"group": "build",
 			"presentation": {
 				"reveal": "never",
-				"group": "buildKillers",
+				"group": "buildKillers"
-				"close": true
+			},
 			"problemMatcher": "$tsc"
 		},
 		{
 			"type": "npm",
 			"script": "kill-watch-extension-mediad",
 			"label": "Kill Ext Media - Build",
 			"group": "build",
 			"presentation": {
 				"reveal": "never",
 				"group": "buildKillers"
 			},
 			"problemMatcher": "$tsc"
 		},
@@ -95,7 +132,8 @@
 			"label": "Kill VS Code - Build",
 			"dependsOn": [
 				"Kill Core - Build",
-				"Kill Ext - Build"
+				"Kill Ext - Build",
 				"Kill Ext Media - Build",
 			],
 			"group": "build",
 			"problemMatcher": []
@@ -200,8 +238,7 @@
 			"command": "node build/lib/preLaunch.js",
 			"label": "Ensure Prelaunch Dependencies",
 			"presentation": {
-				"reveal": "silent",
+				"reveal": "silent"
 				"close": true
 			}
 		},
 		{
--- a/lib/vscode/.yarnrc
+++ b/lib/vscode/.yarnrc
@@ -0,0 +1,3 @@
 disturl "https://electronjs.org/headers"
 target "12.0.4"
 runtime "electron"
--- a/lib/vscode/README.md
+++ b/lib/vscode/README.md
@@ -10,7 +10,7 @@ This repository ("`Code - OSS`") is where we (Microsoft) develop the [Visual Stu
 ## Visual Studio Code
 <p align="center">
-  <img alt="VS Code in action" src="https://user-images.githubusercontent.com/35271042/118224532-3842c400-b438-11eb-923d-a5f66fa6785a.png">
+  <img alt="VS Code in action" src="https://user-images.githubusercontent.com/1487073/58344409-70473b80-7e0a-11e9-8570-b2efc6f8fa44.png">
 </p>
 [Visual Studio Code](https://code.visualstudio.com) is a distribution of the `Code - OSS` repository with Microsoft specific customizations released under a traditional [Microsoft product license](https://code.visualstudio.com/License/).
@@ -21,11 +21,11 @@ Visual Studio Code is updated monthly with new features and bug fixes. You can d
 ## Contributing
-There are many ways in which you can participate in this project, for example:
+There are many ways in which you can participate in the project, for example:
 * [Submit bugs and feature requests](https://github.com/microsoft/vscode/issues), and help us verify as they are checked in
 * Review [source code changes](https://github.com/microsoft/vscode/pulls)
-* Review the [documentation](https://github.com/microsoft/vscode-docs) and make pull requests for anything from typos to additional and new content
+* Review the [documentation](https://github.com/microsoft/vscode-docs) and make pull requests for anything from typos to new content
 If you are interested in fixing issues and contributing directly to the code base,
 please see the document [How to Contribute](https://github.com/microsoft/vscode/wiki/How-to-Contribute), which covers the following:
@@ -57,10 +57,10 @@ VS Code includes a set of built-in extensions located in the [extensions](extens
 ## Development Container
-This repository includes a Visual Studio Code Remote - Containers / GitHub Codespaces development container.
+This repository includes a Visual Studio Code Remote - Containers / Codespaces development container.
- For [Remote - Containers](https://aka.ms/vscode-remote/download/containers), use the **Remote-Containers: Clone Repository in Container Volume...** command which creates a Docker volume for better disk I/O on macOS and Windows.
+- For [Remote - Containers](https://aka.ms/vscode-remote/download/containers), use the **Remote-Containers: Open Repository in Container...** command which creates a Docker volume for better disk I/O on macOS and Windows.
- For Codespaces, install the [Github Codespaces](https://marketplace.visualstudio.com/items?itemName=GitHub.codespacese) extension in VS Code, and use the **Codespaces: Create New Codespace** command.
+- For Codespaces, install the [Visual Studio Codespaces](https://aka.ms/vscs-ext-vscode) extension in VS Code, and use the **Codespaces: Create New Codespace** command.
 Docker / the Codespace should have at least **4 Cores and 6 GB of RAM (8 GB recommended)** to run full build. See the [development container README](.devcontainer/README.md) for more information.
--- a/lib/vscode/ThirdPartyNotices.txt
+++ b/lib/vscode/ThirdPartyNotices.txt
@@ -5,17 +5,17 @@ Do Not Translate or Localize
 This project incorporates components from the projects listed below. The original copyright notices and the licenses under which Microsoft received such components are set forth below. Microsoft reserves all rights not expressly granted herein, whether by implication, estoppel or otherwise.
-1.	atom/language-clojure version 0.22.7 (https://github.com/atom/language-clojure)
+1.	 JuliaEditorSupport/atom-language-julia version 0.21.0 (https://github.com/JuliaEditorSupport/atom-language-julia)
-2.	atom/language-coffee-script version 0.49.3 (https://github.com/atom/language-coffee-script)
+2.	atom/language-clojure version 0.22.7 (https://github.com/atom/language-clojure)
-3.	atom/language-css version 0.44.4 (https://github.com/atom/language-css)
+3.	atom/language-coffee-script version 0.49.3 (https://github.com/atom/language-coffee-script)
-4.	atom/language-java version 0.32.1 (https://github.com/atom/language-java)
+4.	atom/language-css version 0.44.4 (https://github.com/atom/language-css)
-5.	atom/language-sass version 0.62.1 (https://github.com/atom/language-sass)
+5.	atom/language-java version 0.32.1 (https://github.com/atom/language-java)
-6.	atom/language-shellscript version 0.26.0 (https://github.com/atom/language-shellscript)
+6.	atom/language-sass version 0.61.4 (https://github.com/atom/language-sass)
-7.	atom/language-xml version 0.35.2 (https://github.com/atom/language-xml)
+7.	atom/language-shellscript version 0.26.0 (https://github.com/atom/language-shellscript)
-8.	better-go-syntax version 1.0.0 (https://github.com/jeff-hykin/better-go-syntax/ )
+8.	atom/language-xml version 0.35.2 (https://github.com/atom/language-xml)
-9.	Colorsublime-Themes version 0.1.0 (https://github.com/Colorsublime/Colorsublime-Themes)
+9.	better-go-syntax version 1.0.0 (https://github.com/jeff-hykin/better-go-syntax/ )
-10.	daaain/Handlebars version 1.8.0 (https://github.com/daaain/Handlebars)
+10.	Colorsublime-Themes version 0.1.0 (https://github.com/Colorsublime/Colorsublime-Themes)
-11.	dart-lang/dart-syntax-highlight (https://github.com/dart-lang/dart-syntax-highlight)
+11.	daaain/Handlebars version 1.8.0 (https://github.com/daaain/Handlebars)
 12.	davidrios/pug-tmbundle (https://github.com/davidrios/pug-tmbundle)
 13.	definitelytyped (https://github.com/DefinitelyTyped/DefinitelyTyped)
 14.	demyte/language-cshtml version 0.3.0 (https://github.com/demyte/language-cshtml)
@@ -32,46 +32,72 @@ This project incorporates components from the projects listed below. The origina
 25.	jeff-hykin/cpp-textmate-grammar version 1.12.11 (https://github.com/jeff-hykin/cpp-textmate-grammar)
 26.	jeff-hykin/cpp-textmate-grammar version 1.15.5 (https://github.com/jeff-hykin/cpp-textmate-grammar)
 27.	js-beautify version 1.6.8 (https://github.com/beautify-web/js-beautify)
-28.	JuliaEditorSupport/atom-language-julia version 0.21.0 (https://github.com/JuliaEditorSupport/atom-language-julia)
+28.	Jxck/assert version 1.0.0 (https://github.com/Jxck/assert)
-29.	Jxck/assert version 1.0.0 (https://github.com/Jxck/assert)
+29.	language-docker (https://github.com/moby/moby)
-30.	language-docker (https://github.com/moby/moby)
+30.	language-less version 0.34.2 (https://github.com/atom/language-less)
-31.	language-less version 0.34.2 (https://github.com/atom/language-less)
+31.	language-php version 0.46.0 (https://github.com/atom/language-php)
-32.	language-php version 0.46.2 (https://github.com/atom/language-php)
+32.	MagicStack/MagicPython version 1.1.1 (https://github.com/MagicStack/MagicPython)
-33.	MagicStack/MagicPython version 1.1.1 (https://github.com/MagicStack/MagicPython)
+33.	marked version 1.1.0 (https://github.com/markedjs/marked)
-34.	marked version 1.1.0 (https://github.com/markedjs/marked)
+34.	mdn-data version 1.1.12 (https://github.com/mdn/data)
-35.	mdn-data version 1.1.12 (https://github.com/mdn/data)
+35.	microsoft/TypeScript-TmLanguage version 0.0.1 (https://github.com/microsoft/TypeScript-TmLanguage)
-36.	microsoft/TypeScript-TmLanguage version 0.0.1 (https://github.com/microsoft/TypeScript-TmLanguage)
+36.	microsoft/vscode-JSON.tmLanguage (https://github.com/microsoft/vscode-JSON.tmLanguage)
-37.	microsoft/vscode-JSON.tmLanguage (https://github.com/microsoft/vscode-JSON.tmLanguage)
+37.	microsoft/vscode-markdown-tm-grammar version 1.0.0 (https://github.com/microsoft/vscode-markdown-tm-grammar)
-38.	microsoft/vscode-markdown-tm-grammar version 1.0.0 (https://github.com/microsoft/vscode-markdown-tm-grammar)
+38.	microsoft/vscode-mssql version 1.9.0 (https://github.com/microsoft/vscode-mssql)
-39.	microsoft/vscode-mssql version 1.9.0 (https://github.com/microsoft/vscode-mssql)
+39.	mmims/language-batchfile version 0.7.5 (https://github.com/mmims/language-batchfile)
-40.	mmims/language-batchfile version 0.7.6 (https://github.com/mmims/language-batchfile)
+40.	NVIDIA/cuda-cpp-grammar (https://github.com/NVIDIA/cuda-cpp-grammar)
-41.	NVIDIA/cuda-cpp-grammar (https://github.com/NVIDIA/cuda-cpp-grammar)
+41.	PowerShell/EditorSyntax version 1.0.0 (https://github.com/PowerShell/EditorSyntax)
-42.	PowerShell/EditorSyntax version 1.0.0 (https://github.com/PowerShell/EditorSyntax)
+42.	rust-syntax version 0.4.3 (https://github.com/dustypomerleau/rust-syntax)
-43.	rust-syntax version 0.4.3 (https://github.com/dustypomerleau/rust-syntax)
+43.	seti-ui version 0.1.0 (https://github.com/jesseweed/seti-ui)
-44.	seti-ui version 0.1.0 (https://github.com/jesseweed/seti-ui)
+44.	shaders-tmLanguage version 0.1.0 (https://github.com/tgjones/shaders-tmLanguage)
-45.	shaders-tmLanguage version 0.1.0 (https://github.com/tgjones/shaders-tmLanguage)
+45.	textmate/asp.vb.net.tmbundle (https://github.com/textmate/asp.vb.net.tmbundle)
-46.	textmate/asp.vb.net.tmbundle (https://github.com/textmate/asp.vb.net.tmbundle)
+46.	textmate/c.tmbundle (https://github.com/textmate/c.tmbundle)
-47.	textmate/c.tmbundle (https://github.com/textmate/c.tmbundle)
+47.	textmate/diff.tmbundle (https://github.com/textmate/diff.tmbundle)
-48.	textmate/diff.tmbundle (https://github.com/textmate/diff.tmbundle)
+48.	textmate/git.tmbundle (https://github.com/textmate/git.tmbundle)
-49.	textmate/git.tmbundle (https://github.com/textmate/git.tmbundle)
+49.	textmate/groovy.tmbundle (https://github.com/textmate/groovy.tmbundle)
-50.	textmate/groovy.tmbundle (https://github.com/textmate/groovy.tmbundle)
+50.	textmate/html.tmbundle (https://github.com/textmate/html.tmbundle)
-51.	textmate/html.tmbundle (https://github.com/textmate/html.tmbundle)
+51.	textmate/ini.tmbundle (https://github.com/textmate/ini.tmbundle)
-52.	textmate/ini.tmbundle (https://github.com/textmate/ini.tmbundle)
+52.	textmate/javascript.tmbundle (https://github.com/textmate/javascript.tmbundle)
-53.	textmate/javascript.tmbundle (https://github.com/textmate/javascript.tmbundle)
+53.	textmate/lua.tmbundle (https://github.com/textmate/lua.tmbundle)
-54.	textmate/lua.tmbundle (https://github.com/textmate/lua.tmbundle)
+54.	textmate/markdown.tmbundle (https://github.com/textmate/markdown.tmbundle)
-55.	textmate/markdown.tmbundle (https://github.com/textmate/markdown.tmbundle)
+55.	textmate/perl.tmbundle (https://github.com/textmate/perl.tmbundle)
-56.	textmate/perl.tmbundle (https://github.com/textmate/perl.tmbundle)
+56.	textmate/ruby.tmbundle (https://github.com/textmate/ruby.tmbundle)
-57.	textmate/ruby.tmbundle (https://github.com/textmate/ruby.tmbundle)
+57.	textmate/yaml.tmbundle (https://github.com/textmate/yaml.tmbundle)
-58.	textmate/yaml.tmbundle (https://github.com/textmate/yaml.tmbundle)
+58.	TypeScript-TmLanguage version 0.1.8 (https://github.com/microsoft/TypeScript-TmLanguage)
-59.	TypeScript-TmLanguage version 0.1.8 (https://github.com/microsoft/TypeScript-TmLanguage)
+59.	TypeScript-TmLanguage version 1.0.0 (https://github.com/microsoft/TypeScript-TmLanguage)
-60.	TypeScript-TmLanguage version 1.0.0 (https://github.com/microsoft/TypeScript-TmLanguage)
+60.	Unicode version 12.0.0 (https://home.unicode.org/)
-61.	Unicode version 12.0.0 (https://home.unicode.org/)
+61.	vscode-codicons version 0.0.14 (https://github.com/microsoft/vscode-codicons)
-62.	vscode-codicons version 0.0.14 (https://github.com/microsoft/vscode-codicons)
+62.	vscode-logfile-highlighter version 2.11.0 (https://github.com/emilast/vscode-logfile-highlighter)
-63.	vscode-logfile-highlighter version 2.11.0 (https://github.com/emilast/vscode-logfile-highlighter)
+63.	vscode-swift version 0.0.1 (https://github.com/owensd/vscode-swift)
-64.	vscode-swift version 0.0.1 (https://github.com/owensd/vscode-swift)
+64.	Web Background Synchronization (https://github.com/WICG/background-sync)
 65.	Web Background Synchronization (https://github.com/WICG/background-sync)
 %%  JuliaEditorSupport/atom-language-julia NOTICES AND INFORMATION BEGIN HERE
 =========================================
 The atom-language-julia package is licensed under the MIT "Expat" License:
 > Copyright (c) 2015
 >
 > Permission is hereby granted, free of charge, to any person obtaining
 > a copy of this software and associated documentation files (the
 > "Software"), to deal in the Software without restriction, including
 > without limitation the rights to use, copy, modify, merge, publish,
 > distribute, sublicense, and/or sell copies of the Software, and to
 > permit persons to whom the Software is furnished to do so, subject to
 > the following conditions:
 >
 > The above copyright notice and this permission notice shall be
 > included in all copies or substantial portions of the Software.
 >
 > THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
 > EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
 > MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
 > IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
 > CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
 > TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
 > SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 =========================================
 END OF  JuliaEditorSupport/atom-language-julia NOTICES AND INFORMATION
 %% atom/language-clojure NOTICES AND INFORMATION BEGIN HERE
 =========================================
 Copyright (c) 2014 GitHub Inc.
@@ -451,38 +477,6 @@ THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLI
 =========================================
 END OF daaain/Handlebars NOTICES AND INFORMATION
 %% dart-lang/dart-syntax-highlight NOTICES AND INFORMATION BEGIN HERE
 =========================================
 Copyright 2020, the Dart project authors.
 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions are
 met:
    * Redistributions of source code must retain the above copyright
    notice, this list of conditions and the following disclaimer.
    * Redistributions in binary form must reproduce the above
    copyright notice, this list of conditions and the following
    disclaimer in the documentation and/or other materials provided
    with the distribution.
    * Neither the name of Google LLC nor the names of its
    contributors may be used to endorse or promote products derived
    from this software without specific prior written permission.
 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
 LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
 A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
 OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
 LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 =========================================
 END OF dart-lang/dart-syntax-highlight NOTICES AND INFORMATION
 %% davidrios/pug-tmbundle NOTICES AND INFORMATION BEGIN HERE
 =========================================
 The MIT License (MIT)
@@ -861,33 +855,6 @@ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLI
 =========================================
 END OF js-beautify NOTICES AND INFORMATION
 %% JuliaEditorSupport/atom-language-julia NOTICES AND INFORMATION BEGIN HERE
 =========================================
 The atom-language-julia package is licensed under the MIT "Expat" License:
 > Copyright (c) 2015
 >
 > Permission is hereby granted, free of charge, to any person obtaining
 > a copy of this software and associated documentation files (the
 > "Software"), to deal in the Software without restriction, including
 > without limitation the rights to use, copy, modify, merge, publish,
 > distribute, sublicense, and/or sell copies of the Software, and to
 > permit persons to whom the Software is furnished to do so, subject to
 > the following conditions:
 >
 > The above copyright notice and this permission notice shall be
 > included in all copies or substantial portions of the Software.
 >
 > THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
 > EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
 > MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
 > IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
 > CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
 > TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
 > SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 =========================================
 END OF JuliaEditorSupport/atom-language-julia NOTICES AND INFORMATION
 %% Jxck/assert NOTICES AND INFORMATION BEGIN HERE
 =========================================
 The MIT License (MIT)
--- a/lib/vscode/build/azure-pipelines/common/createAsset.js
+++ b/lib/vscode/build/azure-pipelines/common/createAsset.js
@@ -5,101 +5,15 @@
 'use strict';
 Object.defineProperty(exports, "__esModule", { value: true });
 const fs = require("fs");
 const url = require("url");
 const crypto = require("crypto");
 const azure = require("azure-storage");
 const mime = require("mime");
 const cosmos_1 = require("@azure/cosmos");
 const retry_1 = require("./retry");
-if (process.argv.length !== 8) {
+if (process.argv.length !== 6) {
-    console.error('Usage: node createAsset.js PRODUCT OS ARCH TYPE NAME FILE');
+    console.error('Usage: node createAsset.js PLATFORM TYPE NAME FILE');
    process.exit(-1);
 }
 // Contains all of the logic for mapping details to our actual product names in CosmosDB
 function getPlatform(product, os, arch, type) {
    switch (os) {
        case 'win32':
            switch (product) {
                case 'client':
                    const asset = arch === 'ia32' ? 'win32' : `win32-${arch}`;
                    switch (type) {
                        case 'archive':
                            return `${asset}-archive`;
                        case 'setup':
                            return asset;
                        case 'user-setup':
                            return `${asset}-user`;
                        default:
                            throw `Unrecognized: ${product} ${os} ${arch} ${type}`;
                    }
                case 'server':
                    if (arch === 'arm64') {
                        throw `Unrecognized: ${product} ${os} ${arch} ${type}`;
                    }
                    return arch === 'ia32' ? 'server-win32' : `server-win32-${arch}`;
                case 'web':
                    if (arch === 'arm64') {
                        throw `Unrecognized: ${product} ${os} ${arch} ${type}`;
                    }
                    return arch === 'ia32' ? 'server-win32-web' : `server-win32-${arch}-web`;
                default:
                    throw `Unrecognized: ${product} ${os} ${arch} ${type}`;
            }
        case 'linux':
            switch (type) {
                case 'snap':
                    return `linux-snap-${arch}`;
                case 'archive-unsigned':
                    switch (product) {
                        case 'client':
                            return `linux-${arch}`;
                        case 'server':
                            return `server-linux-${arch}`;
                        case 'web':
                            return arch === 'standalone' ? 'web-standalone' : `server-linux-${arch}-web`;
                        default:
                            throw `Unrecognized: ${product} ${os} ${arch} ${type}`;
                    }
                case 'deb-package':
                    return `linux-deb-${arch}`;
                case 'rpm-package':
                    return `linux-rpm-${arch}`;
                default:
                    throw `Unrecognized: ${product} ${os} ${arch} ${type}`;
            }
        case 'darwin':
            switch (product) {
                case 'client':
                    if (arch === 'x64') {
                        return 'darwin';
                    }
                    return `darwin-${arch}`;
                case 'server':
                    return 'server-darwin';
                case 'web':
                    if (arch !== 'x64') {
                        throw `What should the platform be?: ${product} ${os} ${arch} ${type}`;
                    }
                    return 'server-darwin-web';
                default:
                    throw `Unrecognized: ${product} ${os} ${arch} ${type}`;
            }
        default:
            throw `Unrecognized: ${product} ${os} ${arch} ${type}`;
    }
 }
 // Contains all of the logic for mapping types to our actual types in CosmosDB
 function getRealType(type) {
    switch (type) {
        case 'user-setup':
            return 'setup';
        case 'deb-package':
        case 'rpm-package':
            return 'package';
        default:
            return type;
    }
 }
 function hashStream(hashName, stream) {
    return new Promise((c, e) => {
        const shasum = crypto.createHash(hashName);
@@ -131,10 +45,7 @@ function getEnv(name) {
    return result;
 }
 async function main() {
-    const [, , product, os, arch, unprocessedType, fileName, filePath] = process.argv;
+    const [, , platform, type, fileName, filePath] = process.argv;
    // getPlatform needs the unprocessedType
    const platform = getPlatform(product, os, arch, unprocessedType);
    const type = getRealType(unprocessedType);
    const quality = getEnv('VSCODE_QUALITY');
    const commit = getEnv('BUILD_SOURCEVERSION');
    console.log('Creating asset...');
@@ -154,27 +65,14 @@ async function main() {
        console.log(`Blob ${quality}, ${blobName} already exists, not publishing again.`);
        return;
    }
-    const mooncakeBlobService = azure.createBlobService(storageAccount, process.env['MOONCAKE_STORAGE_ACCESS_KEY'], `${storageAccount}.blob.core.chinacloudapi.cn`)
+    console.log('Uploading blobs to Azure storage...');
-        .withFilter(new azure.ExponentialRetryPolicyFilter(20));
+    await uploadBlob(blobService, quality, blobName, filePath, fileName);
    // mooncake is fussy and far away, this is needed!
    blobService.defaultClientRequestTimeoutInMs = 10 * 60 * 1000;
    mooncakeBlobService.defaultClientRequestTimeoutInMs = 10 * 60 * 1000;
    console.log('Uploading blobs to Azure storage and Mooncake Azure storage...');
    await retry_1.retry(() => Promise.all([
        uploadBlob(blobService, quality, blobName, filePath, fileName),
        uploadBlob(mooncakeBlobService, quality, blobName, filePath, fileName)
    ]));
    console.log('Blobs successfully uploaded.');
    // TODO: Understand if blobName and blobPath are the same and replace blobPath with blobName if so.
    const assetUrl = `${process.env['AZURE_CDN_URL']}/${quality}/${blobName}`;
    const blobPath = url.parse(assetUrl).path;
    const mooncakeUrl = `${process.env['MOONCAKE_CDN_URL']}${blobPath}`;
    const asset = {
        platform,
        type,
-        url: assetUrl,
+        url: `${process.env['AZURE_CDN_URL']}/${quality}/${blobName}`,
        hash: sha1hash,
        mooncakeUrl,
        sha256hash,
        size
    };
@@ -186,7 +84,6 @@ async function main() {
    const client = new cosmos_1.CosmosClient({ endpoint: process.env['AZURE_DOCUMENTDB_ENDPOINT'], key: process.env['AZURE_DOCUMENTDB_MASTERKEY'] });
    const scripts = client.database('builds').container(quality).scripts;
    await retry_1.retry(() => scripts.storedProcedure('createAsset').execute('', [commit, asset, true]));
    console.log(`  Done ✔️`);
 }
 main().then(() => {
    console.log('Asset successfully created');
--- a/lib/vscode/build/azure-pipelines/common/createAsset.ts
+++ b/lib/vscode/build/azure-pipelines/common/createAsset.ts
@@ -6,7 +6,6 @@
 'use strict';
 import * as fs from 'fs';
 import * as url from 'url';
 import { Readable } from 'stream';
 import * as crypto from 'crypto';
 import * as azure from 'azure-storage';
@@ -25,98 +24,11 @@ interface Asset {
 	supportsFastUpdate?: boolean;
 }
-if (process.argv.length !== 8) {
+if (process.argv.length !== 6) {
-	console.error('Usage: node createAsset.js PRODUCT OS ARCH TYPE NAME FILE');
+	console.error('Usage: node createAsset.js PLATFORM TYPE NAME FILE');
 	process.exit(-1);
 }
 // Contains all of the logic for mapping details to our actual product names in CosmosDB
 function getPlatform(product: string, os: string, arch: string, type: string): string {
 	switch (os) {
 		case 'win32':
 			switch (product) {
 				case 'client':
 					const asset = arch === 'ia32' ? 'win32' : `win32-${arch}`;
 					switch (type) {
 						case 'archive':
 							return `${asset}-archive`;
 						case 'setup':
 							return asset;
 						case 'user-setup':
 							return `${asset}-user`;
 						default:
 							throw `Unrecognized: ${product} ${os} ${arch} ${type}`;
 					}
 				case 'server':
 					if (arch === 'arm64') {
 						throw `Unrecognized: ${product} ${os} ${arch} ${type}`;
 					}
 					return arch === 'ia32' ? 'server-win32' : `server-win32-${arch}`;
 				case 'web':
 					if (arch === 'arm64') {
 						throw `Unrecognized: ${product} ${os} ${arch} ${type}`;
 					}
 					return arch === 'ia32' ? 'server-win32-web' : `server-win32-${arch}-web`;
 				default:
 					throw `Unrecognized: ${product} ${os} ${arch} ${type}`;
 			}
 		case 'linux':
 			switch (type) {
 				case 'snap':
 					return `linux-snap-${arch}`;
 				case 'archive-unsigned':
 					switch (product) {
 						case 'client':
 							return `linux-${arch}`;
 						case 'server':
 							return `server-linux-${arch}`;
 						case 'web':
 							return arch === 'standalone' ? 'web-standalone' : `server-linux-${arch}-web`;
 						default:
 							throw `Unrecognized: ${product} ${os} ${arch} ${type}`;
 					}
 				case 'deb-package':
 					return `linux-deb-${arch}`;
 				case 'rpm-package':
 					return `linux-rpm-${arch}`;
 				default:
 					throw `Unrecognized: ${product} ${os} ${arch} ${type}`;
 			}
 		case 'darwin':
 			switch (product) {
 				case 'client':
 					if (arch === 'x64') {
 						return 'darwin';
 					}
 					return `darwin-${arch}`;
 				case 'server':
 					return 'server-darwin';
 				case 'web':
 					if (arch !== 'x64') {
 						throw `What should the platform be?: ${product} ${os} ${arch} ${type}`;
 					}
 					return 'server-darwin-web';
 				default:
 					throw `Unrecognized: ${product} ${os} ${arch} ${type}`;
 			}
 		default:
 			throw `Unrecognized: ${product} ${os} ${arch} ${type}`;
 	}
 }
 // Contains all of the logic for mapping types to our actual types in CosmosDB
 function getRealType(type: string) {
 	switch (type) {
 		case 'user-setup':
 			return 'setup';
 		case 'deb-package':
 		case 'rpm-package':
 			return 'package';
 		default:
 			return type;
 	}
 }
 function hashStream(hashName: string, stream: Readable): Promise<string> {
 	return new Promise<string>((c, e) => {
 		const shasum = crypto.createHash(hashName);
@@ -156,10 +68,7 @@ function getEnv(name: string): string {
 }
 async function main(): Promise<void> {
-	const [, , product, os, arch, unprocessedType, fileName, filePath] = process.argv;
+	const [, , platform, type, fileName, filePath] = process.argv;
 	// getPlatform needs the unprocessedType
 	const platform = getPlatform(product, os, arch, unprocessedType);
 	const type = getRealType(unprocessedType);
 	const quality = getEnv('VSCODE_QUALITY');
 	const commit = getEnv('BUILD_SOURCEVERSION');
@@ -189,33 +98,17 @@ async function main(): Promise<void> {
 		return;
 	}
-	const mooncakeBlobService = azure.createBlobService(storageAccount, process.env['MOONCAKE_STORAGE_ACCESS_KEY']!, `${storageAccount}.blob.core.chinacloudapi.cn`)
+	console.log('Uploading blobs to Azure storage...');
 		.withFilter(new azure.ExponentialRetryPolicyFilter(20));
-	// mooncake is fussy and far away, this is needed!
+	await uploadBlob(blobService, quality, blobName, filePath, fileName);
 	blobService.defaultClientRequestTimeoutInMs = 10 * 60 * 1000;
 	mooncakeBlobService.defaultClientRequestTimeoutInMs = 10 * 60 * 1000;
 	console.log('Uploading blobs to Azure storage and Mooncake Azure storage...');
 	await retry(() => Promise.all([
 		uploadBlob(blobService, quality, blobName, filePath, fileName),
 		uploadBlob(mooncakeBlobService, quality, blobName, filePath, fileName)
 	]));
 	console.log('Blobs successfully uploaded.');
 	// TODO: Understand if blobName and blobPath are the same and replace blobPath with blobName if so.
 	const assetUrl = `${process.env['AZURE_CDN_URL']}/${quality}/${blobName}`;
 	const blobPath = url.parse(assetUrl).path;
 	const mooncakeUrl = `${process.env['MOONCAKE_CDN_URL']}${blobPath}`;
 	const asset: Asset = {
 		platform,
 		type,
-		url: assetUrl,
+		url: `${process.env['AZURE_CDN_URL']}/${quality}/${blobName}`,
 		hash: sha1hash,
 		mooncakeUrl,
 		sha256hash,
 		size
 	};
@@ -230,8 +123,6 @@ async function main(): Promise<void> {
 	const client = new CosmosClient({ endpoint: process.env['AZURE_DOCUMENTDB_ENDPOINT']!, key: process.env['AZURE_DOCUMENTDB_MASTERKEY'] });
 	const scripts = client.database('builds').container(quality).scripts;
 	await retry(() => scripts.storedProcedure('createAsset').execute('', [commit, asset, true]));
 	console.log(`  Done ✔️`);
 }
 main().then(() => {
--- a/lib/vscode/build/azure-pipelines/common/sync-mooncake.js
+++ b/lib/vscode/build/azure-pipelines/common/sync-mooncake.js
@@ -0,0 +1,87 @@
 /*---------------------------------------------------------------------------------------------
 *  Copyright (c) Microsoft Corporation. All rights reserved.
 *  Licensed under the MIT License. See License.txt in the project root for license information.
 *--------------------------------------------------------------------------------------------*/
 'use strict';
 Object.defineProperty(exports, "__esModule", { value: true });
 const url = require("url");
 const azure = require("azure-storage");
 const mime = require("mime");
 const cosmos_1 = require("@azure/cosmos");
 const retry_1 = require("./retry");
 function log(...args) {
    console.log(...[`[${new Date().toISOString()}]`, ...args]);
 }
 function error(...args) {
    console.error(...[`[${new Date().toISOString()}]`, ...args]);
 }
 if (process.argv.length < 3) {
    error('Usage: node sync-mooncake.js <quality>');
    process.exit(-1);
 }
 async function sync(commit, quality) {
    log(`Synchronizing Mooncake assets for ${quality}, ${commit}...`);
    const client = new cosmos_1.CosmosClient({ endpoint: process.env['AZURE_DOCUMENTDB_ENDPOINT'], key: process.env['AZURE_DOCUMENTDB_MASTERKEY'] });
    const container = client.database('builds').container(quality);
    const query = `SELECT TOP 1 * FROM c WHERE c.id = "${commit}"`;
    const res = await container.items.query(query, {}).fetchAll();
    if (res.resources.length !== 1) {
        throw new Error(`No builds found for ${commit}`);
    }
    const build = res.resources[0];
    log(`Found build for ${commit}, with ${build.assets.length} assets`);
    const storageAccount = process.env['AZURE_STORAGE_ACCOUNT_2'];
    const blobService = azure.createBlobService(storageAccount, process.env['AZURE_STORAGE_ACCESS_KEY_2'])
        .withFilter(new azure.ExponentialRetryPolicyFilter(20));
    const mooncakeBlobService = azure.createBlobService(storageAccount, process.env['MOONCAKE_STORAGE_ACCESS_KEY'], `${storageAccount}.blob.core.chinacloudapi.cn`)
        .withFilter(new azure.ExponentialRetryPolicyFilter(20));
    // mooncake is fussy and far away, this is needed!
    blobService.defaultClientRequestTimeoutInMs = 10 * 60 * 1000;
    mooncakeBlobService.defaultClientRequestTimeoutInMs = 10 * 60 * 1000;
    for (const asset of build.assets) {
        try {
            const blobPath = url.parse(asset.url).path;
            if (!blobPath) {
                throw new Error(`Failed to parse URL: ${asset.url}`);
            }
            const blobName = blobPath.replace(/^\/\w+\//, '');
            log(`Found ${blobName}`);
            if (asset.mooncakeUrl) {
                log(`  Already in Mooncake ✔️`);
                continue;
            }
            const readStream = blobService.createReadStream(quality, blobName, undefined);
            const blobOptions = {
                contentSettings: {
                    contentType: mime.lookup(blobPath),
                    cacheControl: 'max-age=31536000, public'
                }
            };
            const writeStream = mooncakeBlobService.createWriteStreamToBlockBlob(quality, blobName, blobOptions, undefined);
            log(`  Uploading to Mooncake...`);
            await new Promise((c, e) => readStream.pipe(writeStream).on('finish', c).on('error', e));
            log(`  Updating build in DB...`);
            const mooncakeUrl = `${process.env['MOONCAKE_CDN_URL']}${blobPath}`;
            await retry_1.retry(() => container.scripts.storedProcedure('setAssetMooncakeUrl')
                .execute('', [commit, asset.platform, asset.type, mooncakeUrl]));
            log(`  Done ✔️`);
        }
        catch (err) {
            error(err);
        }
    }
    log(`All done ✔️`);
 }
 function main() {
    const commit = process.env['BUILD_SOURCEVERSION'];
    if (!commit) {
        error('Skipping publish due to missing BUILD_SOURCEVERSION');
        return;
    }
    const quality = process.argv[2];
    sync(commit, quality).catch(err => {
        error(err);
        process.exit(1);
    });
 }
 main();
--- a/lib/vscode/build/azure-pipelines/common/sync-mooncake.ts
+++ b/lib/vscode/build/azure-pipelines/common/sync-mooncake.ts
@@ -0,0 +1,131 @@
 /*---------------------------------------------------------------------------------------------
 *  Copyright (c) Microsoft Corporation. All rights reserved.
 *  Licensed under the MIT License. See License.txt in the project root for license information.
 *--------------------------------------------------------------------------------------------*/
 'use strict';
 import * as url from 'url';
 import * as azure from 'azure-storage';
 import * as mime from 'mime';
 import { CosmosClient } from '@azure/cosmos';
 import { retry } from './retry';
 function log(...args: any[]) {
 	console.log(...[`[${new Date().toISOString()}]`, ...args]);
 }
 function error(...args: any[]) {
 	console.error(...[`[${new Date().toISOString()}]`, ...args]);
 }
 if (process.argv.length < 3) {
 	error('Usage: node sync-mooncake.js <quality>');
 	process.exit(-1);
 }
 interface Build {
 	assets: Asset[];
 }
 interface Asset {
 	platform: string;
 	type: string;
 	url: string;
 	mooncakeUrl: string;
 	hash: string;
 	sha256hash: string;
 	size: number;
 	supportsFastUpdate?: boolean;
 }
 async function sync(commit: string, quality: string): Promise<void> {
 	log(`Synchronizing Mooncake assets for ${quality}, ${commit}...`);
 	const client = new CosmosClient({ endpoint: process.env['AZURE_DOCUMENTDB_ENDPOINT']!, key: process.env['AZURE_DOCUMENTDB_MASTERKEY'] });
 	const container = client.database('builds').container(quality);
 	const query = `SELECT TOP 1 * FROM c WHERE c.id = "${commit}"`;
 	const res = await container.items.query<Build>(query, {}).fetchAll();
 	if (res.resources.length !== 1) {
 		throw new Error(`No builds found for ${commit}`);
 	}
 	const build = res.resources[0];
 	log(`Found build for ${commit}, with ${build.assets.length} assets`);
 	const storageAccount = process.env['AZURE_STORAGE_ACCOUNT_2']!;
 	const blobService = azure.createBlobService(storageAccount, process.env['AZURE_STORAGE_ACCESS_KEY_2']!)
 		.withFilter(new azure.ExponentialRetryPolicyFilter(20));
 	const mooncakeBlobService = azure.createBlobService(storageAccount, process.env['MOONCAKE_STORAGE_ACCESS_KEY']!, `${storageAccount}.blob.core.chinacloudapi.cn`)
 		.withFilter(new azure.ExponentialRetryPolicyFilter(20));
 	// mooncake is fussy and far away, this is needed!
 	blobService.defaultClientRequestTimeoutInMs = 10 * 60 * 1000;
 	mooncakeBlobService.defaultClientRequestTimeoutInMs = 10 * 60 * 1000;
 	for (const asset of build.assets) {
 		try {
 			const blobPath = url.parse(asset.url).path;
 			if (!blobPath) {
 				throw new Error(`Failed to parse URL: ${asset.url}`);
 			}
 			const blobName = blobPath.replace(/^\/\w+\//, '');
 			log(`Found ${blobName}`);
 			if (asset.mooncakeUrl) {
 				log(`  Already in Mooncake ✔️`);
 				continue;
 			}
 			const readStream = blobService.createReadStream(quality, blobName, undefined!);
 			const blobOptions: azure.BlobService.CreateBlockBlobRequestOptions = {
 				contentSettings: {
 					contentType: mime.lookup(blobPath),
 					cacheControl: 'max-age=31536000, public'
 				}
 			};
 			const writeStream = mooncakeBlobService.createWriteStreamToBlockBlob(quality, blobName, blobOptions, undefined);
 			log(`  Uploading to Mooncake...`);
 			await new Promise((c, e) => readStream.pipe(writeStream).on('finish', c).on('error', e));
 			log(`  Updating build in DB...`);
 			const mooncakeUrl = `${process.env['MOONCAKE_CDN_URL']}${blobPath}`;
 			await retry(() => container.scripts.storedProcedure('setAssetMooncakeUrl')
 				.execute('', [commit, asset.platform, asset.type, mooncakeUrl]));
 			log(`  Done ✔️`);
 		} catch (err) {
 			error(err);
 		}
 	}
 	log(`All done ✔️`);
 }
 function main(): void {
 	const commit = process.env['BUILD_SOURCEVERSION'];
 	if (!commit) {
 		error('Skipping publish due to missing BUILD_SOURCEVERSION');
 		return;
 	}
 	const quality = process.argv[2];
 	sync(commit, quality).catch(err => {
 		error(err);
 		process.exit(1);
 	});
 }
 main();
--- a/lib/vscode/build/azure-pipelines/darwin/product-build-darwin-sign.yml
+++ b/lib/vscode/build/azure-pipelines/darwin/product-build-darwin-sign.yml
@@ -35,13 +35,13 @@ steps:
    displayName: Restore modules for just build folder and compile it
  - download: current
-    artifact: unsigned_vscode_client_darwin_$(VSCODE_ARCH)_archive
+    artifact: vscode-darwin-$(VSCODE_ARCH)
    displayName: Download $(VSCODE_ARCH) artifact
  - script: |
      set -e
-      unzip $(Pipeline.Workspace)/unsigned_vscode_client_darwin_$(VSCODE_ARCH)_archive/VSCode-darwin-$(VSCODE_ARCH).zip -d $(agent.builddirectory)/VSCode-darwin-$(VSCODE_ARCH)
+      unzip $(Pipeline.Workspace)/vscode-darwin-$(VSCODE_ARCH)/VSCode-darwin-$(VSCODE_ARCH).zip -d $(agent.builddirectory)/VSCode-darwin-$(VSCODE_ARCH)
-      mv $(Pipeline.Workspace)/unsigned_vscode_client_darwin_$(VSCODE_ARCH)_archive/VSCode-darwin-$(VSCODE_ARCH).zip $(agent.builddirectory)/VSCode-darwin-$(VSCODE_ARCH).zip
+      mv $(Pipeline.Workspace)/vscode-darwin-$(VSCODE_ARCH)/VSCode-darwin-$(VSCODE_ARCH).zip $(agent.builddirectory)/VSCode-darwin-$(VSCODE_ARCH).zip
    displayName: Unzip & move
  - task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@1
@@ -108,18 +108,22 @@ steps:
    condition: and(succeeded(), ne(variables['VSCODE_ARCH'], 'arm64'))
  - script: |
      set -e
      # For legacy purposes, arch for x64 is just 'darwin'
      case $VSCODE_ARCH in
        x64) ASSET_ID="darwin" ;;
        arm64) ASSET_ID="darwin-arm64" ;;
        universal) ASSET_ID="darwin-universal" ;;
      esac
      echo "##vso[task.setvariable variable=ASSET_ID]$ASSET_ID"
    displayName: Set asset id variable
-  - script: mv $(agent.builddirectory)/VSCode-darwin-x64.zip $(agent.builddirectory)/VSCode-darwin.zip
+      VSCODE_MIXIN_PASSWORD="$(github-distro-mixin-password)" \
-    displayName: Rename x64 build to it's legacy name
+      AZURE_DOCUMENTDB_MASTERKEY="$(builds-docdb-key-readwrite)" \
-    condition: and(succeeded(), eq(variables['VSCODE_ARCH'], 'x64'))
+      AZURE_STORAGE_ACCESS_KEY="$(ticino-storage-key)" \
-
+      AZURE_STORAGE_ACCESS_KEY_2="$(vscode-storage-key)" \
-  - publish: $(Agent.BuildDirectory)/VSCode-$(ASSET_ID).zip
+      node build/azure-pipelines/common/createAsset.js \
-    artifact: vscode_client_darwin_$(VSCODE_ARCH)_archive
+        "$ASSET_ID" \
        archive \
        "VSCode-$ASSET_ID.zip" \
        ../VSCode-darwin-$(VSCODE_ARCH).zip
    displayName: Publish Clients
--- a/lib/vscode/build/azure-pipelines/darwin/product-build-darwin.yml
+++ b/lib/vscode/build/azure-pipelines/darwin/product-build-darwin.yml
@@ -138,19 +138,19 @@ steps:
    condition: and(succeeded(), ne(variables['VSCODE_ARCH'], 'universal'), eq(variables['VSCODE_STEP_ON_IT'], 'false'))
  - download: current
-    artifact: unsigned_vscode_client_darwin_x64_archive
+    artifact: vscode-darwin-x64
    displayName: Download x64 artifact
    condition: and(succeeded(), eq(variables['VSCODE_ARCH'], 'universal'))
  - download: current
-    artifact: unsigned_vscode_client_darwin_arm64_archive
+    artifact: vscode-darwin-arm64
    displayName: Download arm64 artifact
    condition: and(succeeded(), eq(variables['VSCODE_ARCH'], 'universal'))
  - script: |
      set -e
-      cp $(Pipeline.Workspace)/unsigned_vscode_client_darwin_x64_archive/VSCode-darwin-x64.zip $(agent.builddirectory)/VSCode-darwin-x64.zip
+      cp $(Pipeline.Workspace)/vscode-darwin-x64/VSCode-darwin-x64.zip $(agent.builddirectory)/VSCode-darwin-x64.zip
-      cp $(Pipeline.Workspace)/unsigned_vscode_client_darwin_arm64_archive/VSCode-darwin-arm64.zip $(agent.builddirectory)/VSCode-darwin-arm64.zip
+      cp $(Pipeline.Workspace)/vscode-darwin-arm64/VSCode-darwin-arm64.zip $(agent.builddirectory)/VSCode-darwin-arm64.zip
      unzip $(agent.builddirectory)/VSCode-darwin-x64.zip -d $(agent.builddirectory)/VSCode-darwin-x64
      unzip $(agent.builddirectory)/VSCode-darwin-arm64.zip -d $(agent.builddirectory)/VSCode-darwin-arm64
      DEBUG=* node build/darwin/create-universal-app.js
@@ -280,27 +280,26 @@ steps:
  - script: |
      set -e
-
+      VSCODE_MIXIN_PASSWORD="$(github-distro-mixin-password)" \
-      # package Remote Extension Host
+      AZURE_DOCUMENTDB_MASTERKEY="$(builds-docdb-key-readwrite)" \
-      pushd .. && mv vscode-reh-darwin vscode-server-darwin && zip -Xry vscode-server-darwin.zip vscode-server-darwin && popd
+      AZURE_STORAGE_ACCESS_KEY="$(ticino-storage-key)" \
-
+      AZURE_STORAGE_ACCESS_KEY_2="$(vscode-storage-key)" \
-      # package Remote Extension Host (Web)
+      VSCODE_ARCH="$(VSCODE_ARCH)" ./build/azure-pipelines/darwin/publish-server.sh
-      pushd .. && mv vscode-reh-web-darwin vscode-server-darwin-web && zip -Xry vscode-server-darwin-web.zip vscode-server-darwin-web && popd
+    displayName: Publish Servers
    displayName: Prepare to publish servers
    condition: and(succeeded(), eq(variables['VSCODE_ARCH'], 'x64'), ne(variables['VSCODE_PUBLISH'], 'false'))
  - publish: $(Agent.BuildDirectory)/VSCode-darwin-$(VSCODE_ARCH).zip
-    artifact: unsigned_vscode_client_darwin_$(VSCODE_ARCH)_archive
+    artifact: vscode-darwin-$(VSCODE_ARCH)
    displayName: Publish client archive
    condition: and(succeeded(), ne(variables['VSCODE_PUBLISH'], 'false'))
  - publish: $(Agent.BuildDirectory)/vscode-server-darwin.zip
-    artifact: vscode_server_darwin_$(VSCODE_ARCH)_archive-unsigned
+    artifact: vscode-server-darwin-$(VSCODE_ARCH)
    displayName: Publish server archive
    condition: and(succeeded(), eq(variables['VSCODE_ARCH'], 'x64'), ne(variables['VSCODE_PUBLISH'], 'false'))
  - publish: $(Agent.BuildDirectory)/vscode-server-darwin-web.zip
-    artifact: vscode_web_darwin_$(VSCODE_ARCH)_archive-unsigned
+    artifact: vscode-server-darwin-$(VSCODE_ARCH)-web
    displayName: Publish web server archive
    condition: and(succeeded(), eq(variables['VSCODE_ARCH'], 'x64'), ne(variables['VSCODE_PUBLISH'], 'false'))
@@ -309,5 +308,5 @@ steps:
      VSCODE_ARCH="$(VSCODE_ARCH)" \
      yarn gulp upload-vscode-configuration
    displayName: Upload configuration (for Bing settings search)
-    condition: and(succeeded(), eq(variables['VSCODE_ARCH'], 'x64'), ne(variables['VSCODE_PUBLISH'], 'false'))
+    condition: and(succeeded(), eq(variables['VSCODE_ARCH'], 'x64'))
    continueOnError: true
--- a/lib/vscode/build/azure-pipelines/darwin/publish-server.sh
+++ b/lib/vscode/build/azure-pipelines/darwin/publish-server.sh
@@ -0,0 +1,14 @@
 #!/usr/bin/env bash
 set -e
 if [ "$VSCODE_ARCH" == "x64" ]; then
 	# package Remote Extension Host
 	pushd .. && mv vscode-reh-darwin vscode-server-darwin && zip -Xry vscode-server-darwin.zip vscode-server-darwin && popd
 	# publish Remote Extension Host
 	node build/azure-pipelines/common/createAsset.js \
 		server-darwin \
 		archive-unsigned \
 		"vscode-server-darwin.zip" \
 		../vscode-server-darwin.zip
 fi
--- a/lib/vscode/build/azure-pipelines/linux/alpine/publish.sh
+++ b/lib/vscode/build/azure-pipelines/linux/alpine/publish.sh
@@ -0,0 +1,28 @@
 #!/usr/bin/env bash
 set -e
 REPO="$(pwd)"
 ROOT="$REPO/.."
 PLATFORM_LINUX="linux-alpine"
 # Publish Remote Extension Host
 LEGACY_SERVER_BUILD_NAME="vscode-reh-$PLATFORM_LINUX"
 SERVER_BUILD_NAME="vscode-server-$PLATFORM_LINUX"
 SERVER_TARBALL_FILENAME="vscode-server-$PLATFORM_LINUX.tar.gz"
 SERVER_TARBALL_PATH="$ROOT/$SERVER_TARBALL_FILENAME"
 rm -rf $ROOT/vscode-server-*.tar.*
 (cd $ROOT && mv $LEGACY_SERVER_BUILD_NAME $SERVER_BUILD_NAME && tar --owner=0 --group=0 -czf $SERVER_TARBALL_PATH $SERVER_BUILD_NAME)
 node build/azure-pipelines/common/createAsset.js "server-$PLATFORM_LINUX" archive-unsigned "$SERVER_TARBALL_FILENAME" "$SERVER_TARBALL_PATH"
 # Publish Remote Extension Host (Web)
 LEGACY_SERVER_BUILD_NAME="vscode-reh-web-$PLATFORM_LINUX"
 SERVER_BUILD_NAME="vscode-server-$PLATFORM_LINUX-web"
 SERVER_TARBALL_FILENAME="vscode-server-$PLATFORM_LINUX-web.tar.gz"
 SERVER_TARBALL_PATH="$ROOT/$SERVER_TARBALL_FILENAME"
 rm -rf $ROOT/vscode-server-*-web.tar.*
 (cd $ROOT && mv $LEGACY_SERVER_BUILD_NAME $SERVER_BUILD_NAME && tar --owner=0 --group=0 -czf $SERVER_TARBALL_PATH $SERVER_BUILD_NAME)
 node build/azure-pipelines/common/createAsset.js "server-$PLATFORM_LINUX-web" archive-unsigned "$SERVER_TARBALL_FILENAME" "$SERVER_TARBALL_PATH"
--- a/lib/vscode/build/azure-pipelines/linux/product-build-alpine.yml
+++ b/lib/vscode/build/azure-pipelines/linux/product-build-alpine.yml
@@ -117,37 +117,19 @@ steps:
  - script: |
      set -e
-      REPO="$(pwd)"
+      AZURE_DOCUMENTDB_MASTERKEY="$(builds-docdb-key-readwrite)" \
-      ROOT="$REPO/.."
+      AZURE_STORAGE_ACCESS_KEY_2="$(vscode-storage-key)" \
-
+      VSCODE_MIXIN_PASSWORD="$(github-distro-mixin-password)" \
-      PLATFORM_LINUX="linux-alpine"
+      ./build/azure-pipelines/linux/alpine/publish.sh
-
+    displayName: Publish
      # Publish Remote Extension Host
      LEGACY_SERVER_BUILD_NAME="vscode-reh-$PLATFORM_LINUX"
      SERVER_BUILD_NAME="vscode-server-$PLATFORM_LINUX"
      SERVER_TARBALL_FILENAME="vscode-server-$PLATFORM_LINUX.tar.gz"
      SERVER_TARBALL_PATH="$ROOT/$SERVER_TARBALL_FILENAME"
      rm -rf $ROOT/vscode-server-*.tar.*
      (cd $ROOT && mv $LEGACY_SERVER_BUILD_NAME $SERVER_BUILD_NAME && tar --owner=0 --group=0 -czf $SERVER_TARBALL_PATH $SERVER_BUILD_NAME)
      # Publish Remote Extension Host (Web)
      LEGACY_SERVER_BUILD_NAME="vscode-reh-web-$PLATFORM_LINUX"
      SERVER_BUILD_NAME="vscode-server-$PLATFORM_LINUX-web"
      SERVER_TARBALL_FILENAME="vscode-server-$PLATFORM_LINUX-web.tar.gz"
      SERVER_TARBALL_PATH="$ROOT/$SERVER_TARBALL_FILENAME"
      rm -rf $ROOT/vscode-server-*-web.tar.*
      (cd $ROOT && mv $LEGACY_SERVER_BUILD_NAME $SERVER_BUILD_NAME && tar --owner=0 --group=0 -czf $SERVER_TARBALL_PATH $SERVER_BUILD_NAME)
    displayName: Prepare for publish
    condition: and(succeeded(), ne(variables['VSCODE_PUBLISH'], 'false'))
  - publish: $(Agent.BuildDirectory)/vscode-server-linux-alpine.tar.gz
-    artifact: vscode_server_linux_alpine_archive-unsigned
+    artifact: vscode-server-linux-alpine
    displayName: Publish server archive
    condition: and(succeeded(), ne(variables['VSCODE_PUBLISH'], 'false'))
  - publish: $(Agent.BuildDirectory)/vscode-server-linux-alpine-web.tar.gz
-    artifact: vscode_web_linux_alpine_archive-unsigned
+    artifact: vscode-server-linux-alpine-web
    displayName: Publish web server archive
    condition: and(succeeded(), ne(variables['VSCODE_PUBLISH'], 'false'))
--- a/lib/vscode/build/azure-pipelines/linux/product-build-linux.yml
+++ b/lib/vscode/build/azure-pipelines/linux/product-build-linux.yml
@@ -245,32 +245,27 @@ steps:
      AZURE_STORAGE_ACCESS_KEY_2="$(vscode-storage-key)" \
      VSCODE_MIXIN_PASSWORD="$(github-distro-mixin-password)" \
      VSCODE_ARCH="$(VSCODE_ARCH)" \
-      ./build/azure-pipelines/linux/prepare-publish.sh
+      ./build/azure-pipelines/linux/publish.sh
-    displayName: Prepare for Publish
+    displayName: Publish
    condition: and(succeeded(), ne(variables['VSCODE_PUBLISH'], 'false'))
  - publish: $(DEB_PATH)
-    artifact: vscode_client_linux_$(VSCODE_ARCH)_deb-package
+    artifact: vscode-linux-deb-$(VSCODE_ARCH)
    displayName: Publish deb package
    condition: and(succeeded(), ne(variables['VSCODE_PUBLISH'], 'false'))
  - publish: $(RPM_PATH)
-    artifact: vscode_client_linux_$(VSCODE_ARCH)_rpm-package
+    artifact: vscode-linux-rpm-$(VSCODE_ARCH)
    displayName: Publish rpm package
    condition: and(succeeded(), ne(variables['VSCODE_PUBLISH'], 'false'))
  - publish: $(TARBALL_PATH)
    artifact: vscode_client_linux_$(VSCODE_ARCH)_archive-unsigned
    displayName: Publish client archive
    condition: and(succeeded(), ne(variables['VSCODE_PUBLISH'], 'false'))
  - publish: $(Agent.BuildDirectory)/vscode-server-linux-$(VSCODE_ARCH).tar.gz
-    artifact: vscode_server_linux_$(VSCODE_ARCH)_archive-unsigned
+    artifact: vscode-server-linux-$(VSCODE_ARCH)
    displayName: Publish server archive
    condition: and(succeeded(), ne(variables['VSCODE_PUBLISH'], 'false'))
  - publish: $(Agent.BuildDirectory)/vscode-server-linux-$(VSCODE_ARCH)-web.tar.gz
-    artifact: vscode_web_linux_$(VSCODE_ARCH)_archive-unsigned
+    artifact: vscode-server-linux-$(VSCODE_ARCH)-web
    displayName: Publish web server archive
    condition: and(succeeded(), ne(variables['VSCODE_PUBLISH'], 'false'))
--- a/lib/vscode/build/azure-pipelines/linux/prepare-publish.sh
+++ b/lib/vscode/build/azure-pipelines/linux/prepare-publish.sh
@@ -13,6 +13,8 @@ TARBALL_PATH="$ROOT/$TARBALL_FILENAME"
 rm -rf $ROOT/code-*.tar.*
 (cd $ROOT && tar -czf $TARBALL_PATH $BUILDNAME)
 node build/azure-pipelines/common/createAsset.js "$PLATFORM_LINUX" archive-unsigned "$TARBALL_FILENAME" "$TARBALL_PATH"
 # Publish Remote Extension Host
 LEGACY_SERVER_BUILD_NAME="vscode-reh-$PLATFORM_LINUX"
 SERVER_BUILD_NAME="vscode-server-$PLATFORM_LINUX"
@@ -22,6 +24,8 @@ SERVER_TARBALL_PATH="$ROOT/$SERVER_TARBALL_FILENAME"
 rm -rf $ROOT/vscode-server-*.tar.*
 (cd $ROOT && mv $LEGACY_SERVER_BUILD_NAME $SERVER_BUILD_NAME && tar --owner=0 --group=0 -czf $SERVER_TARBALL_PATH $SERVER_BUILD_NAME)
 node build/azure-pipelines/common/createAsset.js "server-$PLATFORM_LINUX" archive-unsigned "$SERVER_TARBALL_FILENAME" "$SERVER_TARBALL_PATH"
 # Publish Remote Extension Host (Web)
 LEGACY_SERVER_BUILD_NAME="vscode-reh-web-$PLATFORM_LINUX"
 SERVER_BUILD_NAME="vscode-server-$PLATFORM_LINUX-web"
@@ -31,6 +35,8 @@ SERVER_TARBALL_PATH="$ROOT/$SERVER_TARBALL_FILENAME"
 rm -rf $ROOT/vscode-server-*-web.tar.*
 (cd $ROOT && mv $LEGACY_SERVER_BUILD_NAME $SERVER_BUILD_NAME && tar --owner=0 --group=0 -czf $SERVER_TARBALL_PATH $SERVER_BUILD_NAME)
 node build/azure-pipelines/common/createAsset.js "server-$PLATFORM_LINUX-web" archive-unsigned "$SERVER_TARBALL_FILENAME" "$SERVER_TARBALL_PATH"
 # Publish DEB
 case $VSCODE_ARCH in
 	x64) DEB_ARCH="amd64" ;;
@@ -41,6 +47,8 @@ PLATFORM_DEB="linux-deb-$VSCODE_ARCH"
 DEB_FILENAME="$(ls $REPO/.build/linux/deb/$DEB_ARCH/deb/)"
 DEB_PATH="$REPO/.build/linux/deb/$DEB_ARCH/deb/$DEB_FILENAME"
 node build/azure-pipelines/common/createAsset.js "$PLATFORM_DEB" package "$DEB_FILENAME" "$DEB_PATH"
 # Publish RPM
 case $VSCODE_ARCH in
 	x64) RPM_ARCH="x86_64" ;;
@@ -53,6 +61,8 @@ PLATFORM_RPM="linux-rpm-$VSCODE_ARCH"
 RPM_FILENAME="$(ls $REPO/.build/linux/rpm/$RPM_ARCH/ | grep .rpm)"
 RPM_PATH="$REPO/.build/linux/rpm/$RPM_ARCH/$RPM_FILENAME"
 node build/azure-pipelines/common/createAsset.js "$PLATFORM_RPM" package "$RPM_FILENAME" "$RPM_PATH"
 # Publish Snap
 # Pack snap tarball artifact, in order to preserve file perms
 mkdir -p $REPO/.build/linux/snap-tarball
@@ -63,4 +73,3 @@ rm -rf $SNAP_TARBALL_PATH
 # Export DEB_PATH, RPM_PATH
 echo "##vso[task.setvariable variable=DEB_PATH]$DEB_PATH"
 echo "##vso[task.setvariable variable=RPM_PATH]$RPM_PATH"
 echo "##vso[task.setvariable variable=TARBALL_PATH]$TARBALL_PATH"
--- a/lib/vscode/build/azure-pipelines/linux/snap-build-linux.yml
+++ b/lib/vscode/build/azure-pipelines/linux/snap-build-linux.yml
@@ -50,11 +50,15 @@ steps:
      esac
      (cd $SNAP_ROOT/code-* && sudo --preserve-env snapcraft prime $SNAPCRAFT_TARGET_ARGS && snap pack prime --compression=lzo --filename="$SNAP_PATH")
      # Publish snap package
      AZURE_DOCUMENTDB_MASTERKEY="$(builds-docdb-key-readwrite)" \
      AZURE_STORAGE_ACCESS_KEY_2="$(vscode-storage-key)" \
      node build/azure-pipelines/common/createAsset.js "linux-snap-$(VSCODE_ARCH)" package "$SNAP_FILENAME" "$SNAP_PATH"
      # Export SNAP_PATH
      echo "##vso[task.setvariable variable=SNAP_PATH]$SNAP_PATH"
    displayName: Prepare for publish
  - publish: $(SNAP_PATH)
-    artifact: vscode_client_linux_$(VSCODE_ARCH)_snap
+    artifact: vscode-linux-snap-$(VSCODE_ARCH)
    displayName: Publish snap package
    condition: and(succeeded(), ne(variables['VSCODE_PUBLISH'], 'false'))
--- a/lib/vscode/build/azure-pipelines/product-build.yml
+++ b/lib/vscode/build/azure-pipelines/product-build.yml
@@ -86,8 +86,6 @@ variables:
    value: ${{ eq(parameters.ENABLE_TERRAPIN, true) }}
  - name: VSCODE_QUALITY
    value: ${{ parameters.VSCODE_QUALITY }}
  - name: VSCODE_RELEASE
    value: ${{ parameters.VSCODE_RELEASE }}
  - name: VSCODE_BUILD_STAGE_WINDOWS
    value: ${{ or(eq(parameters.VSCODE_BUILD_WIN32, true), eq(parameters.VSCODE_BUILD_WIN32_32BIT, true), eq(parameters.VSCODE_BUILD_WIN32_ARM64, true)) }}
  - name: VSCODE_BUILD_STAGE_LINUX
@@ -303,30 +301,37 @@ stages:
              steps:
                - template: darwin/product-build-darwin-sign.yml
-  - ${{ if and(eq(parameters.VSCODE_COMPILE_ONLY, false), ne(variables['VSCODE_PUBLISH'], 'false')) }}:
+  - ${{ if and(eq(variables['VSCODE_PUBLISH'], true), eq(parameters.VSCODE_COMPILE_ONLY, false)) }}:
-    - stage: Publish
+    - stage: Mooncake
      dependsOn:
-        - Compile
+        - ${{ if eq(variables['VSCODE_BUILD_STAGE_WINDOWS'], true) }}:
          - Windows
        - ${{ if eq(variables['VSCODE_BUILD_STAGE_LINUX'], true) }}:
          - Linux
        - ${{ if eq(variables['VSCODE_BUILD_STAGE_MACOS'], true) }}:
          - macOS
      condition: succeededOrFailed()
      pool:
        vmImage: "Ubuntu-18.04"
      variables:
        - name: BUILDS_API_URL
          value: $(System.CollectionUri)$(System.TeamProject)/_apis/build/builds/$(Build.BuildId)/
      jobs:
-        - job: PublishBuild
+        - job: SyncMooncake
-          timeoutInMinutes: 180
+          displayName: Sync Mooncake
          displayName: Publish Build
          steps:
-            - template: product-publish.yml
+            - template: sync-mooncake.yml
-    - ${{ if or(eq(parameters.VSCODE_RELEASE, true), and(in(parameters.VSCODE_QUALITY, 'insider', 'exploration'), eq(variables['VSCODE_SCHEDULEDBUILD'], true))) }}:
+  - ${{ if and(eq(parameters.VSCODE_COMPILE_ONLY, false), or(eq(parameters.VSCODE_RELEASE, true), and(in(parameters.VSCODE_QUALITY, 'insider', 'exploration'), eq(variables['VSCODE_SCHEDULEDBUILD'], true)))) }}:
    - stage: Release
      dependsOn:
-          - Publish
+        - ${{ if eq(variables['VSCODE_BUILD_STAGE_WINDOWS'], true) }}:
          - Windows
        - ${{ if eq(variables['VSCODE_BUILD_STAGE_LINUX'], true) }}:
          - Linux
        - ${{ if eq(variables['VSCODE_BUILD_STAGE_MACOS'], true) }}:
          - macOS
      pool:
        vmImage: "Ubuntu-18.04"
      jobs:
        - job: ReleaseBuild
          displayName: Release Build
          steps:
-              - template: product-release.yml
+            - template: release.yml
--- a/lib/vscode/build/azure-pipelines/product-compile.yml
+++ b/lib/vscode/build/azure-pipelines/product-compile.yml
@@ -118,6 +118,14 @@ steps:
    displayName: Publish Webview
    condition: and(succeeded(), ne(variables['VSCODE_PUBLISH'], 'false'))
  - script: |
      set -e
      VERSION=`node -p "require(\"./package.json\").version"`
      AZURE_DOCUMENTDB_MASTERKEY="$(builds-docdb-key-readwrite)" \
        node build/azure-pipelines/common/createBuild.js $VERSION
    displayName: Create build
    condition: and(succeeded(), ne(variables['VSCODE_PUBLISH'], 'false'))
  # we gotta tarball everything in order to preserve file permissions
  - script: |
      set -e
--- a/lib/vscode/build/azure-pipelines/product-publish.ps1
+++ b/lib/vscode/build/azure-pipelines/product-publish.ps1
@@ -1,114 +0,0 @@
 . build/azure-pipelines/win32/exec.ps1
 $ErrorActionPreference = 'Stop'
 $ProgressPreference = 'SilentlyContinue'
 $ARTIFACT_PROCESSED_WILDCARD_PATH = "$env:PIPELINE_WORKSPACE/artifacts_processed_*/artifacts_processed_*"
 $ARTIFACT_PROCESSED_FILE_PATH = "$env:PIPELINE_WORKSPACE/artifacts_processed_$env:SYSTEM_STAGEATTEMPT/artifacts_processed_$env:SYSTEM_STAGEATTEMPT.txt"
 function Get-PipelineArtifact {
 	param($Name = '*')
 	try {
 		$res = Invoke-RestMethod "$($env:BUILDS_API_URL)artifacts?api-version=6.0" -Headers @{
 			Authorization = "Bearer $env:SYSTEM_ACCESSTOKEN"
 		} -MaximumRetryCount 5 -RetryIntervalSec 1
 		if (!$res) {
 			return
 		}
 		$res.value | Where-Object { $_.name -Like $Name }
 	} catch {
 		Write-Warning $_
 	}
 }
 # This set will keep track of which artifacts have already been processed
 $set = [System.Collections.Generic.HashSet[string]]::new()
 if (Test-Path $ARTIFACT_PROCESSED_WILDCARD_PATH) {
 	# Grab the latest artifact_processed text file and load all assets already processed from that.
 	# This means that the latest artifact_processed_*.txt file has all of the contents of the previous ones.
 	# Note: The kusto-like syntax only works in PS7+ and only in scripts, not at the REPL.
 	Get-ChildItem $ARTIFACT_PROCESSED_WILDCARD_PATH
 		| Sort-Object
 		| Select-Object -Last 1
 		| Get-Content
 		| ForEach-Object {
 			$set.Add($_) | Out-Null
 			Write-Host "Already processed artifact: $_"
 		}
 }
 # Create the artifact file that will be used for this run
 New-Item -Path $ARTIFACT_PROCESSED_FILE_PATH -Force | Out-Null
 # Determine which stages we need to watch
 $stages = @(
 	if ($env:VSCODE_BUILD_STAGE_WINDOWS -eq 'True') { 'Windows' }
 	if ($env:VSCODE_BUILD_STAGE_LINUX -eq 'True') { 'Linux' }
 	if ($env:VSCODE_BUILD_STAGE_MACOS -eq 'True') { 'macOS' }
 )
 do {
 	Start-Sleep -Seconds 10
 	$artifacts = Get-PipelineArtifact -Name 'vscode_*'
 	if (!$artifacts) {
 		continue
 	}
 	$artifacts | ForEach-Object {
 		$artifactName = $_.name
 		if($set.Add($artifactName)) {
 			Write-Host "Processing artifact: '$artifactName. Downloading from: $($_.resource.downloadUrl)"
 			try {
 				Invoke-RestMethod $_.resource.downloadUrl -OutFile "$env:AGENT_TEMPDIRECTORY/$artifactName.zip" -Headers @{
 					Authorization = "Bearer $env:SYSTEM_ACCESSTOKEN"
 				} -MaximumRetryCount 5 -RetryIntervalSec 1  | Out-Null
 				Expand-Archive -Path "$env:AGENT_TEMPDIRECTORY/$artifactName.zip" -DestinationPath $env:AGENT_TEMPDIRECTORY | Out-Null
 			} catch {
 				Write-Warning $_
 				$set.Remove($artifactName) | Out-Null
 				continue
 			}
 			$null,$product,$os,$arch,$type = $artifactName -split '_'
 			$asset = Get-ChildItem -rec "$env:AGENT_TEMPDIRECTORY/$artifactName"
 			Write-Host "Processing artifact with the following values:"
 			# turning in into an object just to log nicely
 			@{
 				product = $product
 				os = $os
 				arch = $arch
 				type = $type
 				asset = $asset.Name
 			} | Format-Table
 			exec { node build/azure-pipelines/common/createAsset.js $product $os $arch $type $asset.Name $asset.FullName }
 			$artifactName >> $ARTIFACT_PROCESSED_FILE_PATH
 		}
 	}
 	# Get the timeline and see if it says the other stage completed
 	try {
 		$timeline = Invoke-RestMethod "$($env:BUILDS_API_URL)timeline?api-version=6.0" -Headers @{
 			Authorization = "Bearer $env:SYSTEM_ACCESSTOKEN"
 		}  -MaximumRetryCount 5 -RetryIntervalSec 1
 	} catch {
 		Write-Warning $_
 		continue
 	}
 	foreach ($stage in $stages) {
 		$otherStageFinished = $timeline.records | Where-Object { $_.name -eq $stage -and $_.type -eq 'stage' -and $_.state -eq 'completed' }
 		if (!$otherStageFinished) {
 			break
 		}
 	}
 	$artifacts = Get-PipelineArtifact -Name 'vscode_*'
 	$artifactsStillToProcess = $artifacts.Count -ne $set.Count
 } while (!$otherStageFinished -or $artifactsStillToProcess)
 Write-Host "Processed $($set.Count) artifacts."
--- a/lib/vscode/build/azure-pipelines/product-publish.yml
+++ b/lib/vscode/build/azure-pipelines/product-publish.yml
@@ -1,89 +0,0 @@
 steps:
  - task: NodeTool@0
    inputs:
      versionSpec: "12.x"
  - task: geeklearningio.gl-vsts-tasks-yarn.yarn-installer-task.YarnInstaller@2
    inputs:
      versionSpec: "1.x"
  - task: AzureKeyVault@1
    displayName: "Azure Key Vault: Get Secrets"
    inputs:
      azureSubscription: "vscode-builds-subscription"
      KeyVaultName: vscode
  - pwsh: |
      . build/azure-pipelines/win32/exec.ps1
      cd build
      exec { yarn }
    displayName: Install dependencies
  - download: current
    patterns: '**/artifacts_processed_*.txt'
    displayName: Download all artifacts_processed text files
  - pwsh: |
      . build/azure-pipelines/win32/exec.ps1
      if (Test-Path "$(Pipeline.Workspace)/artifacts_processed_*/artifacts_processed_*.txt") {
        Write-Host "Artifacts already processed so a build must have already been created."
        return
      }
      $env:AZURE_DOCUMENTDB_MASTERKEY = "$(builds-docdb-key-readwrite)"
      $VERSION = node -p "require('./package.json').version"
      Write-Host "Creating build with version: $VERSION"
      exec { node build/azure-pipelines/common/createBuild.js $VERSION }
    displayName: Create build if it hasn't been created before
  - pwsh: |
      $env:VSCODE_MIXIN_PASSWORD = "$(github-distro-mixin-password)"
      $env:AZURE_DOCUMENTDB_MASTERKEY = "$(builds-docdb-key-readwrite)"
      $env:AZURE_STORAGE_ACCESS_KEY = "$(ticino-storage-key)"
      $env:AZURE_STORAGE_ACCESS_KEY_2 = "$(vscode-storage-key)"
      $env:MOONCAKE_STORAGE_ACCESS_KEY = "$(vscode-mooncake-storage-key)"
      build/azure-pipelines/product-publish.ps1
    env:
      SYSTEM_ACCESSTOKEN: $(System.AccessToken)
    displayName: Process artifacts
  - publish: $(Pipeline.Workspace)/artifacts_processed_$(System.StageAttempt)/artifacts_processed_$(System.StageAttempt).txt
    artifact: artifacts_processed_$(System.StageAttempt)
    displayName: Publish what artifacts were published for this stage attempt
  - pwsh: |
      $ErrorActionPreference = 'Stop'
      # Determine which stages we need to watch
      $stages = @(
        if ($env:VSCODE_BUILD_STAGE_WINDOWS -eq 'True') { 'Windows' }
        if ($env:VSCODE_BUILD_STAGE_LINUX -eq 'True') { 'Linux' }
        if ($env:VSCODE_BUILD_STAGE_MACOS -eq 'True') { 'macOS' }
      )
      Write-Host "Stages to check: $stages"
      # Get the timeline and see if it says the other stage completed
      $timeline = Invoke-RestMethod "$($env:BUILDS_API_URL)timeline?api-version=6.0" -Headers @{
        Authorization = "Bearer $env:SYSTEM_ACCESSTOKEN"
      }  -MaximumRetryCount 5 -RetryIntervalSec 1
      $failedStages = @()
      foreach ($stage in $stages) {
        $didStageFail = $timeline.records | Where-Object {
          $_.name -eq $stage -and $_.type -eq 'stage' -and $_.result -ne 'succeeded' -and $_.result -ne 'succeededWithIssues'
        }
        if($didStageFail) {
          $failedStages += $stage
        } else {
          Write-Host "'$stage' did not fail."
        }
      }
      if ($failedStages.Length) {
        throw "Failed stages: $($failedStages -join ', '). This stage will now fail so that it is easier to retry failed jobs."
      }
    env:
      SYSTEM_ACCESSTOKEN: $(System.AccessToken)
    displayName: Determine if stage should succeed
--- a/lib/vscode/build/azure-pipelines/product-release.yml
+++ b/lib/vscode/build/azure-pipelines/product-release.yml
--- a/lib/vscode/build/azure-pipelines/sync-mooncake.yml
+++ b/lib/vscode/build/azure-pipelines/sync-mooncake.yml
@@ -0,0 +1,24 @@
 steps:
  - task: NodeTool@0
    inputs:
      versionSpec: "14.x"
  - task: geeklearningio.gl-vsts-tasks-yarn.yarn-installer-task.YarnInstaller@2
    inputs:
      versionSpec: "1.x"
  - task: AzureKeyVault@1
    displayName: "Azure Key Vault: Get Secrets"
    inputs:
      azureSubscription: "vscode-builds-subscription"
      KeyVaultName: vscode
  - script: |
      set -e
      (cd build ; yarn)
      AZURE_DOCUMENTDB_MASTERKEY="$(builds-docdb-key-readwrite)" \
      AZURE_STORAGE_ACCESS_KEY_2="$(vscode-storage-key)" \
      MOONCAKE_STORAGE_ACCESS_KEY="$(vscode-mooncake-storage-key)" \
      node build/azure-pipelines/common/sync-mooncake.js "$VSCODE_QUALITY"
--- a/lib/vscode/build/azure-pipelines/web/product-build-web.yml
+++ b/lib/vscode/build/azure-pipelines/web/product-build-web.yml
@@ -119,19 +119,13 @@ steps:
  - script: |
      set -e
-      REPO="$(pwd)"
+      AZURE_DOCUMENTDB_MASTERKEY="$(builds-docdb-key-readwrite)" \
-      ROOT="$REPO/.."
+      AZURE_STORAGE_ACCESS_KEY_2="$(vscode-storage-key)" \
-
+      VSCODE_MIXIN_PASSWORD="$(github-distro-mixin-password)" \
-      WEB_BUILD_NAME="vscode-web"
+      ./build/azure-pipelines/web/publish.sh
-      WEB_TARBALL_FILENAME="vscode-web.tar.gz"
+    displayName: Publish
      WEB_TARBALL_PATH="$ROOT/$WEB_TARBALL_FILENAME"
      rm -rf $ROOT/vscode-web.tar.*
      cd $ROOT && tar --owner=0 --group=0 -czf $WEB_TARBALL_PATH $WEB_BUILD_NAME
    displayName: Prepare for publish
  - publish: $(Agent.BuildDirectory)/vscode-web.tar.gz
-    artifact: vscode_web_linux_standalone_archive-unsigned
+    artifact: vscode-web-standalone
    displayName: Publish web archive
    condition: and(succeeded(), ne(variables['VSCODE_PUBLISH'], 'false'))
--- a/lib/vscode/build/azure-pipelines/web/publish.sh
+++ b/lib/vscode/build/azure-pipelines/web/publish.sh
@@ -0,0 +1,15 @@
 #!/usr/bin/env bash
 set -e
 REPO="$(pwd)"
 ROOT="$REPO/.."
 # Publish Web Client
 WEB_BUILD_NAME="vscode-web"
 WEB_TARBALL_FILENAME="vscode-web.tar.gz"
 WEB_TARBALL_PATH="$ROOT/$WEB_TARBALL_FILENAME"
 rm -rf $ROOT/vscode-web.tar.*
 (cd $ROOT && tar --owner=0 --group=0 -czf $WEB_TARBALL_PATH $WEB_BUILD_NAME)
 node build/azure-pipelines/common/createAsset.js web-standalone archive-unsigned "$WEB_TARBALL_FILENAME" "$WEB_TARBALL_PATH"
--- a/lib/vscode/build/azure-pipelines/win32/product-build-win32.yml
+++ b/lib/vscode/build/azure-pipelines/win32/product-build-win32.yml
@@ -295,31 +295,31 @@ steps:
      $env:AZURE_STORAGE_ACCESS_KEY_2 = "$(vscode-storage-key)"
      $env:AZURE_DOCUMENTDB_MASTERKEY = "$(builds-docdb-key-readwrite)"
      $env:VSCODE_MIXIN_PASSWORD="$(github-distro-mixin-password)"
-      .\build\azure-pipelines\win32\prepare-publish.ps1
+      .\build\azure-pipelines\win32\publish.ps1
    displayName: Publish
    condition: and(succeeded(), ne(variables['VSCODE_PUBLISH'], 'false'))
-  - publish: $(System.DefaultWorkingDirectory)\.build\win32-$(VSCODE_ARCH)\archive\$(ARCHIVE_NAME)
+  - publish: $(System.DefaultWorkingDirectory)\.build\win32-$(VSCODE_ARCH)\archive\VSCode-win32-$(VSCODE_ARCH).zip
-    artifact: vscode_client_win32_$(VSCODE_ARCH)_archive
+    artifact: vscode-win32-$(VSCODE_ARCH)
    displayName: Publish archive
    condition: and(succeeded(), ne(variables['VSCODE_PUBLISH'], 'false'))
-  - publish: $(System.DefaultWorkingDirectory)\.build\win32-$(VSCODE_ARCH)\system-setup\$(SYSTEM_SETUP_NAME)
+  - publish: $(System.DefaultWorkingDirectory)\.build\win32-$(VSCODE_ARCH)\system-setup\VSCodeSetup.exe
-    artifact: vscode_client_win32_$(VSCODE_ARCH)_setup
+    artifact: vscode-win32-$(VSCODE_ARCH)-setup
    displayName: Publish system setup
    condition: and(succeeded(), ne(variables['VSCODE_PUBLISH'], 'false'))
-  - publish: $(System.DefaultWorkingDirectory)\.build\win32-$(VSCODE_ARCH)\user-setup\$(USER_SETUP_NAME)
+  - publish: $(System.DefaultWorkingDirectory)\.build\win32-$(VSCODE_ARCH)\user-setup\VSCodeSetup.exe
-    artifact: vscode_client_win32_$(VSCODE_ARCH)_user-setup
+    artifact: vscode-win32-$(VSCODE_ARCH)-user-setup
    displayName: Publish user setup
    condition: and(succeeded(), ne(variables['VSCODE_PUBLISH'], 'false'))
  - publish: $(System.DefaultWorkingDirectory)\.build\vscode-server-win32-$(VSCODE_ARCH).zip
-    artifact: vscode_server_win32_$(VSCODE_ARCH)_archive
+    artifact: vscode-server-win32-$(VSCODE_ARCH)
    displayName: Publish server archive
    condition: and(succeeded(), ne(variables['VSCODE_PUBLISH'], 'false'), ne(variables['VSCODE_ARCH'], 'arm64'))
  - publish: $(System.DefaultWorkingDirectory)\.build\vscode-server-win32-$(VSCODE_ARCH)-web.zip
-    artifact: vscode_web_win32_$(VSCODE_ARCH)_archive
+    artifact: vscode-server-win32-$(VSCODE_ARCH)-web
    displayName: Publish web server archive
    condition: and(succeeded(), ne(variables['VSCODE_PUBLISH'], 'false'), ne(variables['VSCODE_ARCH'], 'arm64'))
--- a/lib/vscode/build/azure-pipelines/win32/prepare-publish.ps1
+++ b/lib/vscode/build/azure-pipelines/win32/prepare-publish.ps1
@@ -13,31 +13,24 @@ $Zip = "$Repo\.build\win32-$Arch\archive\VSCode-win32-$Arch.zip"
 $LegacyServer = "$Root\vscode-reh-win32-$Arch"
 $Server = "$Root\vscode-server-win32-$Arch"
 $ServerZip = "$Repo\.build\vscode-server-win32-$Arch.zip"
 $LegacyWeb = "$Root\vscode-reh-web-win32-$Arch"
 $Web = "$Root\vscode-server-win32-$Arch-web"
 $WebZip = "$Repo\.build\vscode-server-win32-$Arch-web.zip"
 $Build = "$Root\VSCode-win32-$Arch"
 # Create server archive
 if ("$Arch" -ne "arm64") {
 	exec { xcopy $LegacyServer $Server /H /E /I }
 	exec { .\node_modules\7zip\7zip-lite\7z.exe a -tzip $ServerZip $Server -r }
 	exec { xcopy $LegacyWeb $Web /H /E /I }
 	exec { .\node_modules\7zip\7zip-lite\7z.exe a -tzip $WebZip $Web -r }
 }
 # get version
 $PackageJson = Get-Content -Raw -Path "$Build\resources\app\package.json" | ConvertFrom-Json
 $Version = $PackageJson.version
-$ARCHIVE_NAME = "VSCode-win32-$Arch-$Version.zip"
+$AssetPlatform = if ("$Arch" -eq "ia32") { "win32" } else { "win32-$Arch" }
 $SYSTEM_SETUP_NAME = "VSCodeSetup-$Arch-$Version.exe"
 $USER_SETUP_NAME = "VSCodeUserSetup-$Arch-$Version.exe"
-# Set variables for upload
+exec { node build/azure-pipelines/common/createAsset.js "$AssetPlatform-archive" archive "VSCode-win32-$Arch-$Version.zip" $Zip }
-Move-Item $Zip "$Repo\.build\win32-$Arch\archive\$ARCHIVE_NAME"
+exec { node build/azure-pipelines/common/createAsset.js "$AssetPlatform" setup "VSCodeSetup-$Arch-$Version.exe" $SystemExe }
-Write-Host "##vso[task.setvariable variable=ARCHIVE_NAME]$ARCHIVE_NAME"
+exec { node build/azure-pipelines/common/createAsset.js "$AssetPlatform-user" setup "VSCodeUserSetup-$Arch-$Version.exe" $UserExe }
-Move-Item $SystemExe "$Repo\.build\win32-$Arch\system-setup\$SYSTEM_SETUP_NAME"
+
-Write-Host "##vso[task.setvariable variable=SYSTEM_SETUP_NAME]$SYSTEM_SETUP_NAME"
+if ("$Arch" -ne "arm64") {
-Move-Item $UserExe "$Repo\.build\win32-$Arch\user-setup\$USER_SETUP_NAME"
+	exec { node build/azure-pipelines/common/createAsset.js "server-$AssetPlatform" archive "vscode-server-win32-$Arch.zip" $ServerZip }
-Write-Host "##vso[task.setvariable variable=USER_SETUP_NAME]$USER_SETUP_NAME"
+}
--- a/lib/vscode/build/darwin/create-universal-app.js
+++ b/lib/vscode/build/darwin/create-universal-app.js
@@ -33,7 +33,7 @@ async function main() {
            'Credits.rtf',
            'CodeResources',
            'fsevents.node',
-            'Info.plist',
+            'Info.plist', // TODO@deepak1556: regressed with 11.4.2 internal builds
            '.npmrc'
        ],
        outAppPath,
--- a/lib/vscode/build/gulpfile.extensions.js
+++ b/lib/vscode/build/gulpfile.extensions.js
@@ -8,6 +8,7 @@ require('events').EventEmitter.defaultMaxListeners = 100;
 const gulp = require('gulp');
 const path = require('path');
 const child_process = require('child_process');
 const nodeUtil = require('util');
 const es = require('event-stream');
 const filter = require('gulp-filter');
@@ -19,6 +20,8 @@ const glob = require('glob');
 const root = path.dirname(__dirname);
 const commit = util.getVersion(root);
 const plumber = require('gulp-plumber');
 const fancyLog = require('fancy-log');
 const ansiColors = require('ansi-colors');
 const ext = require('./lib/extensions');
 const extensionsPath = path.join(path.dirname(__dirname), 'extensions');
@@ -198,17 +201,45 @@ gulp.task(compileExtensionsBuildLegacyTask);
 //#region Extension media
-const compileExtensionMediaTask = task.define('compile-extension-media', () => ext.buildExtensionMedia(false));
+// Additional projects to webpack. These typically build code for webviews
 const webpackMediaConfigFiles = [
 	'markdown-language-features/webpack.config.js',
 	'simple-browser/webpack.config.js',
 ];
 // Additional projects to run esbuild on. These typically build code for webviews
 const esbuildMediaScripts = [
 	'markdown-language-features/esbuild.js',
 	'notebook-markdown-extensions/esbuild.js',
 ];
 const compileExtensionMediaTask = task.define('compile-extension-media', () => buildExtensionMedia(false));
 gulp.task(compileExtensionMediaTask);
 exports.compileExtensionMediaTask = compileExtensionMediaTask;
-const watchExtensionMedia = task.define('watch-extension-media', () => ext.buildExtensionMedia(true));
+const watchExtensionMedia = task.define('watch-extension-media', () => buildExtensionMedia(true));
 gulp.task(watchExtensionMedia);
 exports.watchExtensionMedia = watchExtensionMedia;
-const compileExtensionMediaBuildTask = task.define('compile-extension-media-build', () => ext.buildExtensionMedia(false, '.build/extensions'));
+const compileExtensionMediaBuildTask = task.define('compile-extension-media-build', () => buildExtensionMedia(false, '.build/extensions'));
 gulp.task(compileExtensionMediaBuildTask);
 async function buildExtensionMedia(isWatch, outputRoot) {
 	const webpackConfigLocations = webpackMediaConfigFiles.map(p => {
 		return {
 			configPath: path.join(extensionsPath, p),
 			outputRoot: outputRoot ? path.join(root, outputRoot, path.dirname(p)) : undefined
 		};
 	});
 	return Promise.all([
 		webpackExtensions('webpacking extension media', isWatch, webpackConfigLocations),
 		esbuildExtensions('esbuilding extension media', isWatch, esbuildMediaScripts.map(p => ({
 			script: path.join(extensionsPath, p),
 			outputRoot: outputRoot ? path.join(root, outputRoot, path.dirname(p)) : undefined
 		}))),
 	]);
 }
 //#endregion
 //#region Azure Pipelines
@@ -240,5 +271,121 @@ async function buildWebExtensions(isWatch) {
 		path.join(extensionsPath, '**', 'extension-browser.webpack.config.js'),
 		{ ignore: ['**/node_modules'] }
 	);
-	return ext.webpackExtensions('packaging web extension', isWatch, webpackConfigLocations.map(configPath => ({ configPath })));
+	return webpackExtensions('packaging web extension', isWatch, webpackConfigLocations.map(configPath => ({ configPath })));
 }
 /**
 * @param {string} taskName
 * @param {boolean} isWatch
 * @param {{ configPath: string, outputRoot?: boolean}} webpackConfigLocations
 */
 async function webpackExtensions(taskName, isWatch, webpackConfigLocations) {
 	const webpack = require('webpack');
 	const webpackConfigs = [];
 	for (const { configPath, outputRoot } of webpackConfigLocations) {
 		const configOrFnOrArray = require(configPath);
 		function addConfig(configOrFn) {
 			let config;
 			if (typeof configOrFn === 'function') {
 				config = configOrFn({}, {});
 				webpackConfigs.push(config);
 			} else {
 				config = configOrFn;
 			}
 			if (outputRoot) {
 				config.output.path = path.join(outputRoot, path.relative(path.dirname(configPath), config.output.path));
 			}
 			webpackConfigs.push(configOrFn);
 		}
 		addConfig(configOrFnOrArray);
 	}
 	function reporter(fullStats) {
 		if (Array.isArray(fullStats.children)) {
 			for (const stats of fullStats.children) {
 				const outputPath = stats.outputPath;
 				if (outputPath) {
 					const relativePath = path.relative(extensionsPath, outputPath).replace(/\\/g, '/');
 					const match = relativePath.match(/[^\/]+(\/server|\/client)?/);
 					fancyLog(`Finished ${ansiColors.green(taskName)} ${ansiColors.cyan(match[0])} with ${stats.errors.length} errors.`);
 				}
 				if (Array.isArray(stats.errors)) {
 					stats.errors.forEach(error => {
 						fancyLog.error(error);
 					});
 				}
 				if (Array.isArray(stats.warnings)) {
 					stats.warnings.forEach(warning => {
 						fancyLog.warn(warning);
 					});
 				}
 			}
 		}
 	}
 	return new Promise((resolve, reject) => {
 		if (isWatch) {
 			webpack(webpackConfigs).watch({}, (err, stats) => {
 				if (err) {
 					reject();
 				} else {
 					reporter(stats.toJson());
 				}
 			});
 		} else {
 			webpack(webpackConfigs).run((err, stats) => {
 				if (err) {
 					fancyLog.error(err);
 					reject();
 				} else {
 					reporter(stats.toJson());
 					resolve();
 				}
 			});
 		}
 	});
 }
 /**
 * @param {string} taskName
 * @param {boolean} isWatch
 * @param {{ script: string, outputRoot?: string }}} scripts
 */
 async function esbuildExtensions(taskName, isWatch, scripts) {
 	function reporter(/** @type {string} */ stdError, /** @type {string} */script) {
 		const matches = (stdError || '').match(/\> (.+): error: (.+)?/g);
 		fancyLog(`Finished ${ansiColors.green(taskName)} ${script} with ${matches ? matches.length : 0} errors.`);
 		for (const match of matches || []) {
 			fancyLog.error(match);
 		}
 	}
 	const tasks = scripts.map(({ script, outputRoot }) => {
 		return new Promise((resolve, reject) => {
 			const args = [script];
 			if (isWatch) {
 				args.push('--watch');
 			}
 			if (outputRoot) {
 				args.push('--outputRoot', outputRoot);
 			}
 			const proc = child_process.execFile(process.argv[0], args, {}, (error, _stdout, stderr) => {
 				if (error) {
 					return reject(error);
 				}
 				reporter(stderr, script);
 				if (stderr) {
 					return reject();
 				}
 				return resolve();
 			});
 			proc.stdout.on('data', (data) => {
 				fancyLog(`${ansiColors.green(taskName)}: ${data.toString('utf8')}`);
 			});
 		});
 	});
 	return Promise.all(tasks);
 }
--- a/lib/vscode/build/gulpfile.reh.js
+++ b/lib/vscode/build/gulpfile.reh.js
@@ -42,7 +42,6 @@ BUILD_TARGETS.forEach(({ platform, arch }) => {
 });
 function getNodeVersion() {
 	// NOTE@coder: Fix version due to .yarnrc removal.
 	return process.versions.node;
 	const yarnrc = fs.readFileSync(path.join(REPO_ROOT, 'remote', '.yarnrc'), 'utf8');
 	const target = /^target "(.*)"$/m.exec(yarnrc)[1];
--- a/lib/vscode/build/gulpfile.vscode.js
+++ b/lib/vscode/build/gulpfile.vscode.js
@@ -228,14 +228,7 @@ function packageTask(platform, arch, sourceFolderName, destinationFolderName, op
 			.pipe(jsFilter)
 			.pipe(util.rewriteSourceMappingURL(sourceMappingURLBase))
 			.pipe(jsFilter.restore)
-			.pipe(createAsar(path.join(process.cwd(), 'node_modules'), [
+			.pipe(createAsar(path.join(process.cwd(), 'node_modules'), ['**/*.node', '**/vscode-ripgrep/bin/*', '**/node-pty/build/Release/*', '**/*.wasm'], 'node_modules.asar'));
 				'**/*.node',
 				'**/vscode-ripgrep/bin/*',
 				'**/node-pty/build/Release/*',
 				'**/node-pty/lib/worker/conoutSocketWorker.js',
 				'**/node-pty/lib/shared/conout.js',
 				'**/*.wasm'
 			], 'node_modules.asar'));
 		let all = es.merge(
 			packageJsonStream,
@@ -390,6 +383,8 @@ BUILD_TARGETS.forEach(buildTarget => {
 	}
 });
 // Transifex Localizations
 const innoSetupConfig = {
 	'zh-cn': { codePage: 'CP936', defaultInfo: { name: 'Simplified Chinese', id: '$0804', } },
 	'zh-tw': { codePage: 'CP950', defaultInfo: { name: 'Traditional Chinese', id: '$0404' } },
@@ -405,8 +400,6 @@ const innoSetupConfig = {
 	'tr': { codePage: 'CP1254' }
 };
 // Transifex Localizations
 const apiHostname = process.env.TRANSIFEX_API_URL;
 const apiName = process.env.TRANSIFEX_API_NAME;
 const apiToken = process.env.TRANSIFEX_API_TOKEN;
@@ -441,7 +434,7 @@ gulp.task(task.define(
 		function () {
 			const pathToMetadata = './out-vscode/nls.metadata.json';
 			const pathToExtensions = '.build/extensions/*';
-			const pathToSetup = 'build/win32/i18n/messages.en.isl';
+			const pathToSetup = 'build/win32/**/{Default.isl,messages.en.isl}';
 			return es.merge(
 				gulp.src(pathToMetadata).pipe(i18n.createXlfFilesForCoreBundle()),
@@ -467,8 +460,8 @@ gulp.task('vscode-translations-import', function () {
 		}
 	});
 	return es.merge([...i18n.defaultLanguages, ...i18n.extraLanguages].map(language => {
-		let id = language.id;
+		let id = language.transifexId || language.id;
-		return gulp.src(`${options.location}/${id}/vscode-setup/messages.xlf`)
+		return gulp.src(`${options.location}/${id}/setup/*/*.xlf`)
 			.pipe(i18n.prepareIslFiles(language, innoSetupConfig[language.id]))
 			.pipe(vfs.dest(`./build/win32/i18n`));
 	}));
--- a/lib/vscode/build/lib/builtInExtensions.js
+++ b/lib/vscode/build/lib/builtInExtensions.js
@@ -18,8 +18,8 @@ const ansiColors = require("ansi-colors");
 const mkdirp = require('mkdirp');
 const root = path.dirname(path.dirname(__dirname));
 const productjson = JSON.parse(fs.readFileSync(path.join(__dirname, '../../product.json'), 'utf8'));
-const builtInExtensions = productjson.builtInExtensions || [];
+const builtInExtensions = productjson.builtInExtensions;
-const webBuiltInExtensions = productjson.webBuiltInExtensions || [];
+const webBuiltInExtensions = productjson.webBuiltInExtensions;
 const controlFilePath = path.join(os.homedir(), '.vscode-oss-dev', 'extensions', 'control.json');
 const ENABLE_LOGGING = !process.env['VSCODE_BUILD_BUILTIN_EXTENSIONS_SILENCE_PLEASE'];
 function log(...messages) {
--- a/lib/vscode/build/lib/builtInExtensions.ts
+++ b/lib/vscode/build/lib/builtInExtensions.ts
@@ -36,8 +36,8 @@ export interface IExtensionDefinition {
 const root = path.dirname(path.dirname(__dirname));
 const productjson = JSON.parse(fs.readFileSync(path.join(__dirname, '../../product.json'), 'utf8'));
-const builtInExtensions = <IExtensionDefinition[]>productjson.builtInExtensions || [];
+const builtInExtensions = <IExtensionDefinition[]>productjson.builtInExtensions;
-const webBuiltInExtensions = <IExtensionDefinition[]>productjson.webBuiltInExtensions || [];
+const webBuiltInExtensions = <IExtensionDefinition[]>productjson.webBuiltInExtensions;
 const controlFilePath = path.join(os.homedir(), '.vscode-oss-dev', 'extensions', 'control.json');
 const ENABLE_LOGGING = !process.env['VSCODE_BUILD_BUILTIN_EXTENSIONS_SILENCE_PLEASE'];
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Asher	c56304cf4f	Update changelog for 3.10.1	2021-05-17 13:58:23 -05:00
Asher	6bbf7e9e7a	Update versions to 3.10.1	2021-05-17 13:50:56 -05:00