mirror of
https://github.com/coder/code-server.git
synced 2026-07-17 14:20:26 +02:00
Compare commits
7 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
|
77baee7fe0 | ||
|
|
3e76a04b1b | ||
|
|
421e7eb084 | ||
|
|
cb22f74650 | ||
|
|
d103d5057a | ||
|
|
aed61bf6ab | ||
|
|
1e160477be |
@@ -1 +1 @@
|
||||
24.15.0
|
||||
24.18.0
|
||||
|
||||
16
CHANGELOG.md
16
CHANGELOG.md
@@ -22,6 +22,22 @@ Code v99.99.999
|
||||
|
||||
## Unreleased
|
||||
|
||||
Code v1.129.0
|
||||
|
||||
### Changed
|
||||
|
||||
- Update to Code 1.129.0
|
||||
|
||||
## [4.128.0](https://github.com/coder/code-server/releases/tag/v4.128.0) - 2026-07-11
|
||||
|
||||
Code v1.128.0
|
||||
|
||||
### Changed
|
||||
|
||||
- Update to Code 1.128.0
|
||||
|
||||
## [4.127.0](https://github.com/coder/code-server/releases/tag/v4.127.0) - 2026-07-02
|
||||
|
||||
Code v1.127.0
|
||||
|
||||
### Changed
|
||||
|
||||
@@ -4,7 +4,7 @@ set -Eeuo pipefail
|
||||
|
||||
function unapply_patches() {
|
||||
local -i exit_code=0
|
||||
quiet quilt pop -af || exit_code=$?
|
||||
quiet quilt pop -af 2>&1 || exit_code=$?
|
||||
case $exit_code in
|
||||
# Sucessfully unapplied.
|
||||
0) ;;
|
||||
@@ -15,6 +15,19 @@ function unapply_patches() {
|
||||
esac
|
||||
}
|
||||
|
||||
function apply_patches() {
|
||||
local -i exit_code=0
|
||||
quiet quilt push -a 2>&1 || exit_code=$?
|
||||
case $exit_code in
|
||||
# Sucessfully applied.
|
||||
0) ;;
|
||||
# No more patches to apply.
|
||||
2) ;;
|
||||
# Some error.
|
||||
*) return $exit_code ;;
|
||||
esac
|
||||
}
|
||||
|
||||
function update_vscode() {
|
||||
pushd lib/vscode
|
||||
if ! git checkout 2>&1 "$target_vscode_version" ; then
|
||||
@@ -28,8 +41,8 @@ function update_vscode() {
|
||||
|
||||
function refresh_patches() {
|
||||
local -i exit_code=0
|
||||
while quiet quilt push ; ! (( exit_code=$? )) ; do
|
||||
quilt refresh
|
||||
while quiet quilt push 2>&1 ; ! (( exit_code=$? )) ; do
|
||||
quilt refresh 2>&1
|
||||
done
|
||||
case $exit_code in
|
||||
# No more patches to apply.
|
||||
@@ -42,6 +55,8 @@ function refresh_patches() {
|
||||
function update_node() {
|
||||
local node_version
|
||||
node_version=$(cat .node-version)
|
||||
local target_node_version
|
||||
target_node_version=$(grep target lib/vscode/remote/.npmrc | awk -F= '{print $2}' | tr -d '"')
|
||||
if [[ $node_version == "$target_node_version" ]] ; then
|
||||
echo "Already set to $target_node_version"
|
||||
else
|
||||
@@ -54,50 +69,41 @@ function get-webview-script-hash() {
|
||||
local html
|
||||
html=$(<"$1")
|
||||
local start_tag='<script async type="module">'
|
||||
if [[ $file == */webWorkerExtensionHostIframe.html ]] ; then
|
||||
start_tag='<script>'
|
||||
fi
|
||||
local end_tag="</script>"
|
||||
html=${html##*"$start_tag"}
|
||||
html=${html%%"$end_tag"*}
|
||||
echo -n "$html" | openssl sha256 -binary | openssl base64
|
||||
}
|
||||
|
||||
function delete_csp() {
|
||||
quilt delete csp-hashes.diff
|
||||
}
|
||||
|
||||
function update_csp() {
|
||||
local current
|
||||
current=$(quilt top 2>/dev/null || echo "")
|
||||
local patch_action=""
|
||||
echo "Currently at ${current:-base}"
|
||||
if [[ $current != */webview.diff ]] ; then
|
||||
echo "Moving to patches/webview.diff..."
|
||||
local -i exit_code=0
|
||||
if quilt applied 2>/dev/null | grep --quiet webview.diff ; then
|
||||
quiet quilt pop webview || exit_code=$?
|
||||
patch_action=pop
|
||||
else
|
||||
quiet quilt push webview || exit_code=$?
|
||||
patch_action=push
|
||||
fi
|
||||
case $exit_code in
|
||||
# Successfully moved.
|
||||
0) ;;
|
||||
# Some error.
|
||||
*) return $exit_code ;;
|
||||
esac
|
||||
fi
|
||||
apply_patches
|
||||
|
||||
local files=(
|
||||
./lib/vscode/src/vs/workbench/contrib/webview/browser/pre/index.html
|
||||
./lib/vscode/src/vs/workbench/services/extensions/worker/webWorkerExtensionHostIframe.html
|
||||
)
|
||||
|
||||
quilt new csp-hashes.diff
|
||||
|
||||
local file
|
||||
for file in "${files[@]}" ; do
|
||||
quilt add "$file"
|
||||
|
||||
local hash
|
||||
hash=$(get-webview-script-hash "$file")
|
||||
echo "Calculated hash as $hash"
|
||||
# Use octothorpe as a delimiter since the hash may contain a slash.
|
||||
sed -i.bak "s#'sha256-[^']\+'#'sha256-$hash'#" "$file"
|
||||
done
|
||||
|
||||
local file=lib/vscode/src/vs/workbench/contrib/webview/browser/pre/index.html
|
||||
local hash
|
||||
hash=$(get-webview-script-hash "$file")
|
||||
echo "Calculated hash as $hash"
|
||||
# Use octothorpe as a delimiter since the hash may contain a slash.
|
||||
sed -i.bak "s#script-src 'sha256-[^']\+'#script-src 'sha256-$hash'#" "$file"
|
||||
quilt refresh
|
||||
|
||||
if [[ $patch_action != "" ]] ; then
|
||||
echo "Moving back to ${current:-base}..."
|
||||
case $patch_action in
|
||||
pop) quiet quilt push "$current" ;;
|
||||
push) quiet quilt pop "${current:--a}" ;;
|
||||
esac
|
||||
fi
|
||||
}
|
||||
|
||||
function add_changelog() {
|
||||
@@ -116,11 +122,11 @@ function main() {
|
||||
|
||||
source ./ci/lib.sh
|
||||
|
||||
local target_node_version
|
||||
target_node_version=$(grep target lib/vscode/remote/.npmrc | awk -F= '{print $2}' | tr -d '"')
|
||||
|
||||
declare -a steps
|
||||
|
||||
# Hashes are always regenerated to avoid having to resolve conflicts..
|
||||
steps+=("Revert CSP hashes" "delete_csp")
|
||||
|
||||
# If version is not set, assume we are already at the target version and the
|
||||
# user is just trying to resolve conflics.
|
||||
local target_vscode_version
|
||||
@@ -141,8 +147,8 @@ function main() {
|
||||
fi
|
||||
|
||||
steps+=(
|
||||
"Set Node version to $target_node_version" "update_node"
|
||||
"Update CSP webview hash" "update_csp"
|
||||
"Update Node version" "update_node"
|
||||
"Regenerate CSP hashes" "update_csp"
|
||||
"Add changelog note" "add_changelog"
|
||||
)
|
||||
|
||||
|
||||
@@ -15,9 +15,9 @@ type: application
|
||||
# This is the chart version. This version number should be incremented each time you make changes
|
||||
# to the chart and its templates, including the app version.
|
||||
# Versions are expected to follow Semantic Versioning (https://semver.org/)
|
||||
version: 3.41.0
|
||||
version: 3.43.0
|
||||
|
||||
# This is the version number of the application being deployed. This version number should be
|
||||
# incremented each time you make changes to the application. Versions are not expected to
|
||||
# follow Semantic Versioning. They should reflect the version the application is using.
|
||||
appVersion: 4.126.0
|
||||
appVersion: 4.128.0
|
||||
|
||||
@@ -6,7 +6,7 @@ replicaCount: 1
|
||||
|
||||
image:
|
||||
repository: codercom/code-server
|
||||
tag: '4.126.0'
|
||||
tag: '4.128.0'
|
||||
pullPolicy: Always
|
||||
|
||||
# Specifies one or more secrets to be used when pulling images from a
|
||||
|
||||
10
ci/lib.sh
10
ci/lib.sh
@@ -85,18 +85,20 @@ run-steps() {
|
||||
while (( $# )) ; do
|
||||
local name=$1 ; shift
|
||||
local fn=$1 ; shift
|
||||
echo "$name..."
|
||||
# Only run if an earlier step has not failed.
|
||||
# For all failed steps, write out an empty checkbox.
|
||||
if [[ $failed == 0 ]] ; then
|
||||
echo "$name..."
|
||||
if $fn | indent ; then
|
||||
echo "- [X] $name" >> .cache/checklist
|
||||
else
|
||||
((failed++))
|
||||
echo "- [-] $name" >> .cache/checklist
|
||||
echo "Failed" | indent
|
||||
fi
|
||||
fi
|
||||
# For all failed steps, write out an empty checkbox.
|
||||
if [[ $failed != 0 ]] ; then
|
||||
else
|
||||
echo "- [ ] $name" >> .cache/checklist
|
||||
echo "Skipped" | indent
|
||||
fi
|
||||
done
|
||||
if [[ $failed != 0 ]] ; then
|
||||
|
||||
Submodule lib/vscode updated: a22d003006...125df4672b
8
package-lock.json
generated
8
package-lock.json
generated
@@ -38,7 +38,6 @@
|
||||
"@eslint/compat": "^1.2.0",
|
||||
"@eslint/eslintrc": "^3.1.0",
|
||||
"@eslint/js": "^9.12.0",
|
||||
"@schemastore/package": "^0.0.10",
|
||||
"@types/compression": "^1.7.3",
|
||||
"@types/cookie-parser": "^1.4.4",
|
||||
"@types/eslint__js": "^8.42.3",
|
||||
@@ -438,13 +437,6 @@
|
||||
"dev": true,
|
||||
"license": "MIT"
|
||||
},
|
||||
"node_modules/@schemastore/package": {
|
||||
"version": "0.0.10",
|
||||
"resolved": "https://registry.npmjs.org/@schemastore/package/-/package-0.0.10.tgz",
|
||||
"integrity": "sha512-D3LxMCnkgsb4LO5sDKf6E+yahM2SqpEHmkqMPDSJis5Cy/j2MgWo/g/iq0lECK0mrPWfx3hqKm2ZJlqxwbRJQA==",
|
||||
"dev": true,
|
||||
"license": "MIT"
|
||||
},
|
||||
"node_modules/@textlint/ast-node-types": {
|
||||
"version": "15.7.1",
|
||||
"resolved": "https://registry.npmjs.org/@textlint/ast-node-types/-/ast-node-types-15.7.1.tgz",
|
||||
|
||||
@@ -39,7 +39,6 @@
|
||||
"@eslint/compat": "^1.2.0",
|
||||
"@eslint/eslintrc": "^3.1.0",
|
||||
"@eslint/js": "^9.12.0",
|
||||
"@schemastore/package": "^0.0.10",
|
||||
"@types/compression": "^1.7.3",
|
||||
"@types/cookie-parser": "^1.4.4",
|
||||
"@types/eslint__js": "^8.42.3",
|
||||
|
||||
26
patches/csp-hashes.diff
Normal file
26
patches/csp-hashes.diff
Normal file
@@ -0,0 +1,26 @@
|
||||
Index: code-server/lib/vscode/src/vs/workbench/contrib/webview/browser/pre/index.html
|
||||
===================================================================
|
||||
--- code-server.orig/lib/vscode/src/vs/workbench/contrib/webview/browser/pre/index.html
|
||||
+++ code-server/lib/vscode/src/vs/workbench/contrib/webview/browser/pre/index.html
|
||||
@@ -5,7 +5,7 @@
|
||||
<meta charset="UTF-8">
|
||||
|
||||
<meta http-equiv="Content-Security-Policy"
|
||||
- content="default-src 'none'; script-src 'sha256-nXjtuhBilO++r8hfxl5VjEScSmdm07wDAk6jw228DgM=' 'self'; frame-src 'self'; style-src 'unsafe-inline';">
|
||||
+ content="default-src 'none'; script-src 'sha256-A6/szVNdTzyi4hDa+9OLbzS8tSd2iUV4CqimLNWex2Y=' 'self'; frame-src 'self'; style-src 'unsafe-inline';">
|
||||
|
||||
<!-- Disable pinch zooming -->
|
||||
<meta name="viewport"
|
||||
Index: code-server/lib/vscode/src/vs/workbench/services/extensions/worker/webWorkerExtensionHostIframe.html
|
||||
===================================================================
|
||||
--- code-server.orig/lib/vscode/src/vs/workbench/services/extensions/worker/webWorkerExtensionHostIframe.html
|
||||
+++ code-server/lib/vscode/src/vs/workbench/services/extensions/worker/webWorkerExtensionHostIframe.html
|
||||
@@ -4,7 +4,7 @@
|
||||
<meta http-equiv="Content-Security-Policy" content="
|
||||
default-src 'none';
|
||||
child-src 'self' data: blob:;
|
||||
- script-src 'self' 'unsafe-eval' 'sha256-daEgfo2VIXpx2Np71KqCCbkeQwv+68vPrx54XRcbdcs=' https: http://localhost:* blob:;
|
||||
+ script-src 'self' 'unsafe-eval' 'sha256-gfjiOVjAlxqrivZAfTq2d83mOaz0fnAxbGaFpj5IjD8=' https: http://localhost:* blob:;
|
||||
connect-src 'self' https: wss: http://localhost:* http://127.0.0.1:* ws://localhost:* ws://127.0.0.1:*;"/>
|
||||
</head>
|
||||
<body>
|
||||
@@ -10,18 +10,17 @@ Index: code-server/lib/vscode/src/vs/workbench/services/extensions/common/extens
|
||||
===================================================================
|
||||
--- code-server.orig/lib/vscode/src/vs/workbench/services/extensions/common/extensions.ts
|
||||
+++ code-server/lib/vscode/src/vs/workbench/services/extensions/common/extensions.ts
|
||||
@@ -321,10 +321,7 @@ function extensionDescriptionArrayToMap(
|
||||
@@ -324,6 +324,10 @@ function extensionDescriptionArrayToMap(
|
||||
}
|
||||
|
||||
export function isProposedApiEnabled(extension: IExtensionDescription, proposal: ApiProposalName): boolean {
|
||||
- if (!extension.enabledApiProposals) {
|
||||
- return false;
|
||||
- }
|
||||
- return true;// extension.enabledApiProposals.includes(proposal);
|
||||
+ return true
|
||||
}
|
||||
|
||||
export function checkProposedApiEnabled(extension: IExtensionDescription, proposal: ApiProposalName): void {
|
||||
+ return true;
|
||||
+}
|
||||
+
|
||||
+export function _isProposedApiEnabled(extension: IExtensionDescription, proposal: ApiProposalName): boolean {
|
||||
if (!extension.enabledApiProposals) {
|
||||
return false;
|
||||
}
|
||||
Index: code-server/lib/vscode/src/vs/workbench/services/extensions/common/extensionsProposedApi.ts
|
||||
===================================================================
|
||||
--- code-server.orig/lib/vscode/src/vs/workbench/services/extensions/common/extensionsProposedApi.ts
|
||||
|
||||
@@ -24,3 +24,4 @@ trusted-domains.diff
|
||||
signature-verification.diff
|
||||
copilot.diff
|
||||
app-name.diff
|
||||
csp-hashes.diff
|
||||
|
||||
@@ -3,9 +3,6 @@ Serve webviews from the same origin
|
||||
Normally webviews are served from vscode-webview.net but we would rather them be
|
||||
self-hosted.
|
||||
|
||||
When doing this CSP will block resources (for example when viewing images) so
|
||||
add 'self' to the CSP to fix that.
|
||||
|
||||
Additionally the service worker defaults to handling *all* requests made to the
|
||||
current host but when self-hosting the webview this will end up including the
|
||||
webview HTML itself which means these requests will fail since the communication
|
||||
@@ -20,16 +17,6 @@ webview host is separate by default but we serve on the same host).
|
||||
|
||||
To test, open a few types of webviews (images, markdown, extension details, etc).
|
||||
|
||||
Make sure to update the hash. To do so:
|
||||
1. run code-server
|
||||
2. open any webview (i.e. preview Markdown)
|
||||
3. see error in console and copy hash
|
||||
|
||||
That will test the hash change in pre/index.html
|
||||
|
||||
Double-check the console to make sure there are no console errors for the webWorkerExtensionHostIframe
|
||||
which also requires a hash change.
|
||||
|
||||
parentOriginHash changes
|
||||
|
||||
This fixes webviews from not working properly due to a change upstream.
|
||||
@@ -66,15 +53,6 @@ Index: code-server/lib/vscode/src/vs/workbench/contrib/webview/browser/pre/index
|
||||
===================================================================
|
||||
--- code-server.orig/lib/vscode/src/vs/workbench/contrib/webview/browser/pre/index.html
|
||||
+++ code-server/lib/vscode/src/vs/workbench/contrib/webview/browser/pre/index.html
|
||||
@@ -5,7 +5,7 @@
|
||||
<meta charset="UTF-8">
|
||||
|
||||
<meta http-equiv="Content-Security-Policy"
|
||||
- content="default-src 'none'; script-src 'sha256-nXjtuhBilO++r8hfxl5VjEScSmdm07wDAk6jw228DgM=' 'self'; frame-src 'self'; style-src 'unsafe-inline';">
|
||||
+ content="default-src 'none'; script-src 'sha256-A6/szVNdTzyi4hDa+9OLbzS8tSd2iUV4CqimLNWex2Y=' 'self'; frame-src 'self'; style-src 'unsafe-inline';">
|
||||
|
||||
<!-- Disable pinch zooming -->
|
||||
<meta name="viewport"
|
||||
@@ -253,7 +253,7 @@
|
||||
}
|
||||
|
||||
@@ -101,17 +79,8 @@ Index: code-server/lib/vscode/src/vs/workbench/services/extensions/worker/webWor
|
||||
===================================================================
|
||||
--- code-server.orig/lib/vscode/src/vs/workbench/services/extensions/worker/webWorkerExtensionHostIframe.html
|
||||
+++ code-server/lib/vscode/src/vs/workbench/services/extensions/worker/webWorkerExtensionHostIframe.html
|
||||
@@ -4,7 +4,7 @@
|
||||
<meta http-equiv="Content-Security-Policy" content="
|
||||
default-src 'none';
|
||||
child-src 'self' data: blob:;
|
||||
- script-src 'self' 'unsafe-eval' 'sha256-cl8ijlOzEe+0GRCQNJQu2k6nUQ0fAYNYIuuKEm72JDs=' https: http://localhost:* blob:;
|
||||
+ script-src 'self' 'unsafe-eval' 'sha256-yhZXuB8LS6t73dvNg6rtLX8y4PHLnqRm5+6DdOGkOcw=' https: http://localhost:* blob:;
|
||||
connect-src 'self' https: wss: http://localhost:* http://127.0.0.1:* ws://localhost:* ws://127.0.0.1:*;"/>
|
||||
</head>
|
||||
<body>
|
||||
@@ -25,6 +25,13 @@
|
||||
// validation not requested
|
||||
@@ -34,6 +34,13 @@
|
||||
}
|
||||
return start();
|
||||
}
|
||||
+
|
||||
|
||||
@@ -1,9 +1,13 @@
|
||||
import { logger } from "@coder/logger"
|
||||
import type { JSONSchemaForNPMPackageJsonFiles } from "@schemastore/package"
|
||||
import * as os from "os"
|
||||
import * as path from "path"
|
||||
|
||||
export function getPackageJson(relativePath: string): JSONSchemaForNPMPackageJsonFiles {
|
||||
type PackageJson = {
|
||||
version: string
|
||||
commit: string
|
||||
}
|
||||
|
||||
export function getPackageJson(relativePath: string): PackageJson {
|
||||
let pkg = {}
|
||||
try {
|
||||
pkg = require(relativePath)
|
||||
@@ -11,7 +15,7 @@ export function getPackageJson(relativePath: string): JSONSchemaForNPMPackageJso
|
||||
logger.warn(error.message)
|
||||
}
|
||||
|
||||
return pkg
|
||||
return pkg as PackageJson
|
||||
}
|
||||
|
||||
export const rootPath = path.resolve(__dirname, "../..")
|
||||
|
||||
Reference in New Issue
Block a user