mirror of
https://github.com/coder/code-server.git
synced 2026-07-17 14:20:26 +02:00
Compare commits
1 Commits
v4.129.0
...
update/1.1
| Author | SHA1 | Date | |
|---|---|---|---|
|
|
48d57a5b64 |
@@ -1 +1 @@
|
||||
24.18.0
|
||||
24.17.0
|
||||
|
||||
@@ -22,12 +22,6 @@ Code v99.99.999
|
||||
|
||||
## Unreleased
|
||||
|
||||
Code v1.129.0
|
||||
|
||||
### Changed
|
||||
|
||||
- Update to Code 1.129.0
|
||||
|
||||
## [4.128.0](https://github.com/coder/code-server/releases/tag/v4.128.0) - 2026-07-11
|
||||
|
||||
Code v1.128.0
|
||||
|
||||
@@ -4,7 +4,7 @@ set -Eeuo pipefail
|
||||
|
||||
function unapply_patches() {
|
||||
local -i exit_code=0
|
||||
quiet quilt pop -af 2>&1 || exit_code=$?
|
||||
quiet quilt pop -af || exit_code=$?
|
||||
case $exit_code in
|
||||
# Sucessfully unapplied.
|
||||
0) ;;
|
||||
@@ -15,19 +15,6 @@ function unapply_patches() {
|
||||
esac
|
||||
}
|
||||
|
||||
function apply_patches() {
|
||||
local -i exit_code=0
|
||||
quiet quilt push -a 2>&1 || exit_code=$?
|
||||
case $exit_code in
|
||||
# Sucessfully applied.
|
||||
0) ;;
|
||||
# No more patches to apply.
|
||||
2) ;;
|
||||
# Some error.
|
||||
*) return $exit_code ;;
|
||||
esac
|
||||
}
|
||||
|
||||
function update_vscode() {
|
||||
pushd lib/vscode
|
||||
if ! git checkout 2>&1 "$target_vscode_version" ; then
|
||||
@@ -41,8 +28,8 @@ function update_vscode() {
|
||||
|
||||
function refresh_patches() {
|
||||
local -i exit_code=0
|
||||
while quiet quilt push 2>&1 ; ! (( exit_code=$? )) ; do
|
||||
quilt refresh 2>&1
|
||||
while quiet quilt push ; ! (( exit_code=$? )) ; do
|
||||
quilt refresh
|
||||
done
|
||||
case $exit_code in
|
||||
# No more patches to apply.
|
||||
@@ -69,41 +56,50 @@ function get-webview-script-hash() {
|
||||
local html
|
||||
html=$(<"$1")
|
||||
local start_tag='<script async type="module">'
|
||||
if [[ $file == */webWorkerExtensionHostIframe.html ]] ; then
|
||||
start_tag='<script>'
|
||||
fi
|
||||
local end_tag="</script>"
|
||||
html=${html##*"$start_tag"}
|
||||
html=${html%%"$end_tag"*}
|
||||
echo -n "$html" | openssl sha256 -binary | openssl base64
|
||||
}
|
||||
|
||||
function delete_csp() {
|
||||
quilt delete csp-hashes.diff
|
||||
}
|
||||
|
||||
function update_csp() {
|
||||
apply_patches
|
||||
|
||||
local files=(
|
||||
./lib/vscode/src/vs/workbench/contrib/webview/browser/pre/index.html
|
||||
./lib/vscode/src/vs/workbench/services/extensions/worker/webWorkerExtensionHostIframe.html
|
||||
)
|
||||
|
||||
quilt new csp-hashes.diff
|
||||
|
||||
local file
|
||||
for file in "${files[@]}" ; do
|
||||
quilt add "$file"
|
||||
|
||||
local hash
|
||||
hash=$(get-webview-script-hash "$file")
|
||||
echo "Calculated hash as $hash"
|
||||
# Use octothorpe as a delimiter since the hash may contain a slash.
|
||||
sed -i.bak "s#'sha256-[^']\+'#'sha256-$hash'#" "$file"
|
||||
done
|
||||
local current
|
||||
current=$(quilt top 2>/dev/null || echo "")
|
||||
local patch_action=""
|
||||
echo "Currently at ${current:-base}"
|
||||
if [[ $current != */webview.diff ]] ; then
|
||||
echo "Moving to patches/webview.diff..."
|
||||
local -i exit_code=0
|
||||
if quilt applied 2>/dev/null | grep --quiet webview.diff ; then
|
||||
quiet quilt pop webview || exit_code=$?
|
||||
patch_action=pop
|
||||
else
|
||||
quiet quilt push webview || exit_code=$?
|
||||
patch_action=push
|
||||
fi
|
||||
case $exit_code in
|
||||
# Successfully moved.
|
||||
0) ;;
|
||||
# Some error.
|
||||
*) return $exit_code ;;
|
||||
esac
|
||||
fi
|
||||
|
||||
local file=lib/vscode/src/vs/workbench/contrib/webview/browser/pre/index.html
|
||||
local hash
|
||||
hash=$(get-webview-script-hash "$file")
|
||||
echo "Calculated hash as $hash"
|
||||
# Use octothorpe as a delimiter since the hash may contain a slash.
|
||||
sed -i.bak "s#script-src 'sha256-[^']\+'#script-src 'sha256-$hash'#" "$file"
|
||||
quilt refresh
|
||||
|
||||
if [[ $patch_action != "" ]] ; then
|
||||
echo "Moving back to ${current:-base}..."
|
||||
case $patch_action in
|
||||
pop) quiet quilt push "$current" ;;
|
||||
push) quiet quilt pop "${current:--a}" ;;
|
||||
esac
|
||||
fi
|
||||
}
|
||||
|
||||
function add_changelog() {
|
||||
@@ -124,9 +120,6 @@ function main() {
|
||||
|
||||
declare -a steps
|
||||
|
||||
# Hashes are always regenerated to avoid having to resolve conflicts..
|
||||
steps+=("Revert CSP hashes" "delete_csp")
|
||||
|
||||
# If version is not set, assume we are already at the target version and the
|
||||
# user is just trying to resolve conflics.
|
||||
local target_vscode_version
|
||||
@@ -148,7 +141,7 @@ function main() {
|
||||
|
||||
steps+=(
|
||||
"Update Node version" "update_node"
|
||||
"Regenerate CSP hashes" "update_csp"
|
||||
"Update CSP webview hash" "update_csp"
|
||||
"Add changelog note" "add_changelog"
|
||||
)
|
||||
|
||||
|
||||
10
ci/lib.sh
10
ci/lib.sh
@@ -85,20 +85,18 @@ run-steps() {
|
||||
while (( $# )) ; do
|
||||
local name=$1 ; shift
|
||||
local fn=$1 ; shift
|
||||
echo "$name..."
|
||||
# Only run if an earlier step has not failed.
|
||||
# For all failed steps, write out an empty checkbox.
|
||||
if [[ $failed == 0 ]] ; then
|
||||
echo "$name..."
|
||||
if $fn | indent ; then
|
||||
echo "- [X] $name" >> .cache/checklist
|
||||
else
|
||||
((failed++))
|
||||
echo "- [-] $name" >> .cache/checklist
|
||||
echo "Failed" | indent
|
||||
fi
|
||||
else
|
||||
fi
|
||||
# For all failed steps, write out an empty checkbox.
|
||||
if [[ $failed != 0 ]] ; then
|
||||
echo "- [ ] $name" >> .cache/checklist
|
||||
echo "Skipped" | indent
|
||||
fi
|
||||
done
|
||||
if [[ $failed != 0 ]] ; then
|
||||
|
||||
Submodule lib/vscode updated: 125df4672b...5264f2156c
@@ -1,26 +0,0 @@
|
||||
Index: code-server/lib/vscode/src/vs/workbench/contrib/webview/browser/pre/index.html
|
||||
===================================================================
|
||||
--- code-server.orig/lib/vscode/src/vs/workbench/contrib/webview/browser/pre/index.html
|
||||
+++ code-server/lib/vscode/src/vs/workbench/contrib/webview/browser/pre/index.html
|
||||
@@ -5,7 +5,7 @@
|
||||
<meta charset="UTF-8">
|
||||
|
||||
<meta http-equiv="Content-Security-Policy"
|
||||
- content="default-src 'none'; script-src 'sha256-nXjtuhBilO++r8hfxl5VjEScSmdm07wDAk6jw228DgM=' 'self'; frame-src 'self'; style-src 'unsafe-inline';">
|
||||
+ content="default-src 'none'; script-src 'sha256-A6/szVNdTzyi4hDa+9OLbzS8tSd2iUV4CqimLNWex2Y=' 'self'; frame-src 'self'; style-src 'unsafe-inline';">
|
||||
|
||||
<!-- Disable pinch zooming -->
|
||||
<meta name="viewport"
|
||||
Index: code-server/lib/vscode/src/vs/workbench/services/extensions/worker/webWorkerExtensionHostIframe.html
|
||||
===================================================================
|
||||
--- code-server.orig/lib/vscode/src/vs/workbench/services/extensions/worker/webWorkerExtensionHostIframe.html
|
||||
+++ code-server/lib/vscode/src/vs/workbench/services/extensions/worker/webWorkerExtensionHostIframe.html
|
||||
@@ -4,7 +4,7 @@
|
||||
<meta http-equiv="Content-Security-Policy" content="
|
||||
default-src 'none';
|
||||
child-src 'self' data: blob:;
|
||||
- script-src 'self' 'unsafe-eval' 'sha256-daEgfo2VIXpx2Np71KqCCbkeQwv+68vPrx54XRcbdcs=' https: http://localhost:* blob:;
|
||||
+ script-src 'self' 'unsafe-eval' 'sha256-gfjiOVjAlxqrivZAfTq2d83mOaz0fnAxbGaFpj5IjD8=' https: http://localhost:* blob:;
|
||||
connect-src 'self' https: wss: http://localhost:* http://127.0.0.1:* ws://localhost:* ws://127.0.0.1:*;"/>
|
||||
</head>
|
||||
<body>
|
||||
@@ -10,17 +10,18 @@ Index: code-server/lib/vscode/src/vs/workbench/services/extensions/common/extens
|
||||
===================================================================
|
||||
--- code-server.orig/lib/vscode/src/vs/workbench/services/extensions/common/extensions.ts
|
||||
+++ code-server/lib/vscode/src/vs/workbench/services/extensions/common/extensions.ts
|
||||
@@ -324,6 +324,10 @@ function extensionDescriptionArrayToMap(
|
||||
@@ -321,10 +321,7 @@ function extensionDescriptionArrayToMap(
|
||||
}
|
||||
|
||||
export function isProposedApiEnabled(extension: IExtensionDescription, proposal: ApiProposalName): boolean {
|
||||
+ return true;
|
||||
+}
|
||||
+
|
||||
+export function _isProposedApiEnabled(extension: IExtensionDescription, proposal: ApiProposalName): boolean {
|
||||
if (!extension.enabledApiProposals) {
|
||||
return false;
|
||||
}
|
||||
- if (!extension.enabledApiProposals) {
|
||||
- return false;
|
||||
- }
|
||||
- return true;// extension.enabledApiProposals.includes(proposal);
|
||||
+ return true
|
||||
}
|
||||
|
||||
export function checkProposedApiEnabled(extension: IExtensionDescription, proposal: ApiProposalName): void {
|
||||
Index: code-server/lib/vscode/src/vs/workbench/services/extensions/common/extensionsProposedApi.ts
|
||||
===================================================================
|
||||
--- code-server.orig/lib/vscode/src/vs/workbench/services/extensions/common/extensionsProposedApi.ts
|
||||
|
||||
@@ -24,4 +24,3 @@ trusted-domains.diff
|
||||
signature-verification.diff
|
||||
copilot.diff
|
||||
app-name.diff
|
||||
csp-hashes.diff
|
||||
|
||||
@@ -3,6 +3,9 @@ Serve webviews from the same origin
|
||||
Normally webviews are served from vscode-webview.net but we would rather them be
|
||||
self-hosted.
|
||||
|
||||
When doing this CSP will block resources (for example when viewing images) so
|
||||
add 'self' to the CSP to fix that.
|
||||
|
||||
Additionally the service worker defaults to handling *all* requests made to the
|
||||
current host but when self-hosting the webview this will end up including the
|
||||
webview HTML itself which means these requests will fail since the communication
|
||||
@@ -17,6 +20,16 @@ webview host is separate by default but we serve on the same host).
|
||||
|
||||
To test, open a few types of webviews (images, markdown, extension details, etc).
|
||||
|
||||
Make sure to update the hash. To do so:
|
||||
1. run code-server
|
||||
2. open any webview (i.e. preview Markdown)
|
||||
3. see error in console and copy hash
|
||||
|
||||
That will test the hash change in pre/index.html
|
||||
|
||||
Double-check the console to make sure there are no console errors for the webWorkerExtensionHostIframe
|
||||
which also requires a hash change.
|
||||
|
||||
parentOriginHash changes
|
||||
|
||||
This fixes webviews from not working properly due to a change upstream.
|
||||
@@ -53,6 +66,15 @@ Index: code-server/lib/vscode/src/vs/workbench/contrib/webview/browser/pre/index
|
||||
===================================================================
|
||||
--- code-server.orig/lib/vscode/src/vs/workbench/contrib/webview/browser/pre/index.html
|
||||
+++ code-server/lib/vscode/src/vs/workbench/contrib/webview/browser/pre/index.html
|
||||
@@ -5,7 +5,7 @@
|
||||
<meta charset="UTF-8">
|
||||
|
||||
<meta http-equiv="Content-Security-Policy"
|
||||
- content="default-src 'none'; script-src 'sha256-nXjtuhBilO++r8hfxl5VjEScSmdm07wDAk6jw228DgM=' 'self'; frame-src 'self'; style-src 'unsafe-inline';">
|
||||
+ content="default-src 'none'; script-src 'sha256-A6/szVNdTzyi4hDa+9OLbzS8tSd2iUV4CqimLNWex2Y=' 'self'; frame-src 'self'; style-src 'unsafe-inline';">
|
||||
|
||||
<!-- Disable pinch zooming -->
|
||||
<meta name="viewport"
|
||||
@@ -253,7 +253,7 @@
|
||||
}
|
||||
|
||||
@@ -79,8 +101,17 @@ Index: code-server/lib/vscode/src/vs/workbench/services/extensions/worker/webWor
|
||||
===================================================================
|
||||
--- code-server.orig/lib/vscode/src/vs/workbench/services/extensions/worker/webWorkerExtensionHostIframe.html
|
||||
+++ code-server/lib/vscode/src/vs/workbench/services/extensions/worker/webWorkerExtensionHostIframe.html
|
||||
@@ -34,6 +34,13 @@
|
||||
}
|
||||
@@ -4,7 +4,7 @@
|
||||
<meta http-equiv="Content-Security-Policy" content="
|
||||
default-src 'none';
|
||||
child-src 'self' data: blob:;
|
||||
- script-src 'self' 'unsafe-eval' 'sha256-cl8ijlOzEe+0GRCQNJQu2k6nUQ0fAYNYIuuKEm72JDs=' https: http://localhost:* blob:;
|
||||
+ script-src 'self' 'unsafe-eval' 'sha256-yhZXuB8LS6t73dvNg6rtLX8y4PHLnqRm5+6DdOGkOcw=' https: http://localhost:* blob:;
|
||||
connect-src 'self' https: wss: http://localhost:* http://127.0.0.1:* ws://localhost:* ws://127.0.0.1:*;"/>
|
||||
</head>
|
||||
<body>
|
||||
@@ -25,6 +25,13 @@
|
||||
// validation not requested
|
||||
return start();
|
||||
}
|
||||
+
|
||||
|
||||
Reference in New Issue
Block a user