From 0b7c04485715756aa87fddfc6487b2c328945798 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 11 Feb 2025 11:11:21 -0900 Subject: [PATCH 1/6] chore: bump codecov/codecov-action from 4 to 5 (#7096) Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4 to 5. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/v4...v5) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/build.yaml | 2 +- .github/workflows/release.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 337b55ba6e73..621e609f00d1 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -188,7 +188,7 @@ jobs: run: npm run test:unit - name: Upload coverage report to Codecov - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@v5 with: token: ${{ secrets.CODECOV_TOKEN }} if: success() diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 1a09c6dda41b..9e693e09583b 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -71,7 +71,7 @@ jobs: - run: npm run test:integration - name: Upload coverage report to Codecov - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@v5 with: token: ${{ secrets.CODECOV_TOKEN }} if: success() From 96800cc52126ed8e8420169cea1ff8684d87c36b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 11 Feb 2025 11:11:50 -0900 Subject: [PATCH 2/6] chore: bump aquasecurity/trivy-action from 0.28.0 to 0.29.0 (#7097) Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.28.0 to 0.29.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2...18f2510ee396bbf400402947b394f2dd8c87dbb0) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/security.yaml | 2 +- .github/workflows/trivy-docker.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/security.yaml b/.github/workflows/security.yaml index 5f41bec5bade..d67018340754 100644 --- a/.github/workflows/security.yaml +++ b/.github/workflows/security.yaml @@ -51,7 +51,7 @@ jobs: fetch-depth: 0 - name: Run Trivy vulnerability scanner in repo mode - uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2 + uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0 with: scan-type: "fs" scan-ref: "." diff --git a/.github/workflows/trivy-docker.yaml b/.github/workflows/trivy-docker.yaml index 30c6efda575d..133720a621e5 100644 --- a/.github/workflows/trivy-docker.yaml +++ b/.github/workflows/trivy-docker.yaml @@ -51,7 +51,7 @@ jobs: uses: actions/checkout@v4 - name: Run Trivy vulnerability scanner in image mode - uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2 + uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0 with: image-ref: "docker.io/codercom/code-server:latest" ignore-unfixed: true From 1c3fcf2a838e2bdb05c0cc63db5ccb8a0d2f1373 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 11 Feb 2025 11:12:14 -0900 Subject: [PATCH 3/6] chore: bump @eslint/eslintrc from 3.1.0 to 3.2.0 (#7100) Bumps [@eslint/eslintrc](https://github.com/eslint/eslintrc) from 3.1.0 to 3.2.0. - [Release notes](https://github.com/eslint/eslintrc/releases) - [Changelog](https://github.com/eslint/eslintrc/blob/main/CHANGELOG.md) - [Commits](https://github.com/eslint/eslintrc/compare/v3.1.0...v3.2.0) --- updated-dependencies: - dependency-name: "@eslint/eslintrc" dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package-lock.json | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index 3779af901516..937bf9e77eab 100644 --- a/package-lock.json +++ b/package-lock.json @@ -164,11 +164,10 @@ } }, "node_modules/@eslint/eslintrc": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-3.1.0.tgz", - "integrity": "sha512-4Bfj15dVJdoy3RfZmmo86RK1Fwzn6SstsvK9JS+BaVKqC6QQQQyXekNaC+g+LKNgkQ+2VhGAzm6hO40AhMR3zQ==", + "version": "3.2.0", + "resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-3.2.0.tgz", + "integrity": "sha512-grOjVNN8P3hjJn/eIETF1wwd12DdnwFDoyceUJLYYdkpbwq3nLi+4fqrTAONx7XDALqlL220wC/RHSC/QTI/0w==", "dev": true, - "license": "MIT", "dependencies": { "ajv": "^6.12.4", "debug": "^4.3.2", From ef713bde58bb1df096220158091211e9e839484b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 11 Feb 2025 11:12:36 -0900 Subject: [PATCH 4/6] chore: bump globals from 15.10.0 to 15.14.0 (#7146) Bumps [globals](https://github.com/sindresorhus/globals) from 15.10.0 to 15.14.0. - [Release notes](https://github.com/sindresorhus/globals/releases) - [Commits](https://github.com/sindresorhus/globals/compare/v15.10.0...v15.14.0) --- updated-dependencies: - dependency-name: globals dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package-lock.json | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index 937bf9e77eab..0d52008a225f 100644 --- a/package-lock.json +++ b/package-lock.json @@ -2928,11 +2928,10 @@ } }, "node_modules/globals": { - "version": "15.10.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-15.10.0.tgz", - "integrity": "sha512-tqFIbz83w4Y5TCbtgjZjApohbuh7K9BxGYFm7ifwDR240tvdb7P9x+/9VvUKlmkPoiknoJtanI8UOrqxS3a7lQ==", + "version": "15.14.0", + "resolved": "https://registry.npmjs.org/globals/-/globals-15.14.0.tgz", + "integrity": "sha512-OkToC372DtlQeje9/zHIo5CT8lRP/FUgEOKBEhU4e0abL7J7CD24fD9ohiLN5hagG/kWCYj4K5oaxxtj2Z0Dig==", "dev": true, - "license": "MIT", "engines": { "node": ">=18" }, From 18cd97dc12747ec20ce1b33d373f3c1e7dbcb96a Mon Sep 17 00:00:00 2001 From: ChenPi11 <102936596+ChenPi11@users.noreply.github.com> Date: Wed, 12 Feb 2025 04:16:40 +0800 Subject: [PATCH 5/6] fix: invalid ESM module path on Windows (#7162) --- src/node/main.ts | 7 ++++++- src/node/routes/vscode.ts | 7 ++++++- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/src/node/main.ts b/src/node/main.ts index b3c4e4c14500..990a7af792b1 100644 --- a/src/node/main.ts +++ b/src/node/main.ts @@ -9,6 +9,7 @@ import { commit, version, vsRootPath } from "./constants" import { register } from "./routes" import { VSCodeModule } from "./routes/vscode" import { isDirectory, open } from "./util" +import * as os from "os" /** * Return true if the user passed an extension-related VS Code flag. @@ -51,7 +52,11 @@ export const runCodeCli = async (args: DefaultedArgs): Promise => { try { // See vscode.loadVSCode for more on this jank. process.env.CODE_SERVER_PARENT_PID = process.pid.toString() - const modPath = path.join(vsRootPath, "out/server-main.js") + let modPath = path.join(vsRootPath, "out/server-main.js") + if (os.platform() === "win32") { + // On Windows, absolute paths of ESM modules must be a valid file URI. + modPath = "file:///" + modPath.replace(/\\/g, "/") + } const mod = (await eval(`import("${modPath}")`)) as VSCodeModule const serverModule = await mod.loadCodeWithNls() await serverModule.spawnCli(await toCodeArgs(args)) diff --git a/src/node/routes/vscode.ts b/src/node/routes/vscode.ts index 7e8f0f3ff4e5..637a30352ceb 100644 --- a/src/node/routes/vscode.ts +++ b/src/node/routes/vscode.ts @@ -5,6 +5,7 @@ import { promises as fs } from "fs" import * as http from "http" import * as net from "net" import * as path from "path" +import * as os from "os" import { WebsocketRequest } from "../../../typings/pluginapi" import { logError } from "../../common/util" import { CodeArgs, toCodeArgs } from "../cli" @@ -58,7 +59,11 @@ async function loadVSCode(req: express.Request): Promise { // which will also require that we switch to ESM, since a hybrid approach // breaks importing `rotating-file-stream` for some reason. To work around // this, use `eval` for now, but we should consider switching to ESM. - const modPath = path.join(vsRootPath, "out/server-main.js") + let modPath = path.join(vsRootPath, "out/server-main.js") + if (os.platform() === "win32") { + // On Windows, absolute paths of ESM modules must be a valid file URI. + modPath = "file:///" + modPath.replace(/\\/g, "/") + } const mod = (await eval(`import("${modPath}")`)) as VSCodeModule const serverModule = await mod.loadCodeWithNls() return serverModule.createServer(null, { From a6fad66e5e667a1200e2c92d898a6e0bf6b2e65c Mon Sep 17 00:00:00 2001 From: Jan Larwig Date: Tue, 11 Feb 2025 21:24:31 +0100 Subject: [PATCH 6/6] doc: update upstream documentation urls (#7165) --- docs/guide.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/guide.md b/docs/guide.md index 60098ca7e679..c2f230ee5eb7 100644 --- a/docs/guide.md +++ b/docs/guide.md @@ -271,9 +271,9 @@ should see OSSStatus: 9836 in the browser console. If you want to use external authentication mechanism (e.g., Sign in with Google), you can do this with a reverse proxy such as: -- [Pomerium](https://www.pomerium.io/guides/code-server.html) -- [oauth2_proxy](https://github.com/pusher/oauth2_proxy) -- [Cloudflare Access](https://teams.cloudflare.com/access) +- [Pomerium](https://www.pomerium.com/docs/guides/code-server.html) +- [oauth2-proxy](https://oauth2-proxy.github.io/oauth2-proxy/) +- [Cloudflare Access](https://www.cloudflare.com/zero-trust/products/access/) ## HTTPS and self-signed certificates