Skip to content

Merge in changes #11

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 775 commits into
base: main
Choose a base branch
from
Open

Merge in changes #11

wants to merge 775 commits into from

Conversation

dylanturn
Copy link
Member

Fixes #

github-advanced-security[bot]
github-advanced-security bot found potential problems Feb 15, 2023
View reviewed changes
test/utils/runCodeServerCommand.ts
env?: NodeJS.ProcessEnv,
): Promise<{ stdout: string; stderr: string }> {
const CODE_SERVER_COMMAND = process.env.CODE_SERVER_PATH || path.resolve("../../release-standalone/bin/code-server")
const { stdout, stderr } = await promisify(exec)(`${CODE_SERVER_COMMAND} ${argv.join(" ")}`, {

Check warning

Code scanning / CodeQL

Shell command built from environment values

This shell command depends on an uncontrolled [absolute path](1).
@github-advanced-security
Copy link

You have successfully added a new CodeQL configuration .github/workflows/security.yaml:codeql-analyze. As part of the setup process, we have scanned this repository and found 2 existing alerts. Please check the repository Security tab to see all alerts.

dependabot bot added 4 commits January 5, 2024 13:32
@dependabot
chore: bump actions/download-artifact from 3 to 4 (#6609)
94f759a 
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 3 to 4.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](actions/download-artifact@v3...v4)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
chore: bump @types/node from 18.18.1 to 18.19.4 (#6613)
749e105 
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 18.18.1 to 18.19.4.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
chore: bump @typescript-eslint/parser from 6.9.1 to 6.17.0 (#6622)
cc68c0f 
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 6.9.1 to 6.17.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.17.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
chore: bump follow-redirects from 1.15.3 to 1.15.4 (#6624)
e87499c 
Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.15.3 to 1.15.4.
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.15.3...v1.15.4)

---
updated-dependencies:
- dependency-name: follow-redirects
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@code-asher
Fix query string being double-encoding over path proxy
d49b3bf 
Instead of trying to piece together the original URL and re-encode what
needs to be re-encoded, strip out the base from the original URL.

Fixes #6307.
code-asher and others added 17 commits January 11, 2024 12:46
@code-asher
Exit with 1 when VS Code CLI errors
fdb46d3 
Addresses part of #6367.  The script bundled with VS Code still has the
same problem but it would be better to fix that one upstream.
@benz0li
Update Code to 1.85.2 (#6631)
e76afa4
@code-asher
Release v4.20.1
d6ef385
@benz0li
Update Code to 1.86.0 (#6655)
1d774d0
@dependabot
chore: bump tj-actions/changed-files from 41 to 42 (#6654)
dd9cefa 
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files) from 41 to 42.
- [Release notes](https://github.com/tj-actions/changed-files/releases)
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md)
- [Commits](tj-actions/changed-files@v41...v42)

---
updated-dependencies:
- dependency-name: tj-actions/changed-files
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
chore: bump github/codeql-action from 2 to 3 (#6653)
2db0184 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@v2...v3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
chore: bump codecov/codecov-action from 3 to 4 (#6652)
63beaaa 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3 to 4.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](codecov/codecov-action@v3...v4)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
chore: bump robinraju/release-downloader from 1.8 to 1.9 (#6651)
53b0fda 
Bumps [robinraju/release-downloader](https://github.com/robinraju/release-downloader) from 1.8 to 1.9.
- [Release notes](https://github.com/robinraju/release-downloader/releases)
- [Commits](robinraju/release-downloader@v1.8...v1.9)

---
updated-dependencies:
- dependency-name: robinraju/release-downloader
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
chore: bump actions/cache from 3 to 4 (#6650)
ab17495 
Bumps [actions/cache](https://github.com/actions/cache) from 3 to 4.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](actions/cache@v3...v4)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
chore: bump eslint-plugin-prettier from 5.0.0 to 5.1.3 (#6649)
b63fda4 
Bumps [eslint-plugin-prettier](https://github.com/prettier/eslint-plugin-prettier) from 5.0.0 to 5.1.3.
- [Release notes](https://github.com/prettier/eslint-plugin-prettier/releases)
- [Changelog](https://github.com/prettier/eslint-plugin-prettier/blob/master/CHANGELOG.md)
- [Commits](prettier/eslint-plugin-prettier@v5.0.0...v5.1.3)

---
updated-dependencies:
- dependency-name: eslint-plugin-prettier
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
chore: bump prettier from 3.1.1 to 3.2.4 (#6647)
2a55212 
Bumps [prettier](https://github.com/prettier/prettier) from 3.1.1 to 3.2.4.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](prettier/prettier@3.1.1...3.2.4)

---
updated-dependencies:
- dependency-name: prettier
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
chore: bump @typescript-eslint/eslint-plugin from 6.16.0 to 6.20.0 (#…
6adbfc4 
…6646)

Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 6.16.0 to 6.20.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.20.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
chore: bump i18next from 23.7.6 to 23.8.2 (#6645)
1471a15 
Bumps [i18next](https://github.com/i18next/i18next) from 23.7.6 to 23.8.2.
- [Release notes](https://github.com/i18next/i18next/releases)
- [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md)
- [Commits](i18next/i18next@v23.7.6...v23.8.2)

---
updated-dependencies:
- dependency-name: i18next
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
chore: bump eslint-config-prettier from 9.0.0 to 9.1.0 (#6648)
84ca272 
Bumps [eslint-config-prettier](https://github.com/prettier/eslint-config-prettier) from 9.0.0 to 9.1.0.
- [Changelog](https://github.com/prettier/eslint-config-prettier/blob/main/CHANGELOG.md)
- [Commits](prettier/eslint-config-prettier@v9.0.0...v9.1.0)

---
updated-dependencies:
- dependency-name: eslint-config-prettier
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@code-asher
Release v4.21.0
5b62943
@code-asher
Update Node to 18.17.1
413c47a 
For #6666.
@benz0li
Update Code to 1.86.1 (#6668)
76e6f75
dependabot bot and others added 11 commits April 14, 2025 10:57
@dependabot
chore: bump aquasecurity/trivy-action from 0.29.0 to 0.30.0 (#7288)
b07335a 
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.29.0 to 0.30.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](aquasecurity/trivy-action@18f2510...6c175e9)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
chore: bump typescript-eslint from 8.12.2 to 8.29.0 (#7290)
5051c0f 
Bumps [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) from 8.12.2 to 8.29.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.29.0/packages/typescript-eslint)

---
updated-dependencies:
- dependency-name: typescript-eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
chore: bump eslint from 9.13.0 to 9.23.0 (#7291)
cd4d1b6 
Bumps [eslint](https://github.com/eslint/eslint) from 9.13.0 to 9.23.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](eslint/eslint@v9.13.0...v9.23.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
chore: bump @eslint/eslintrc from 3.2.0 to 3.3.1 (#7292)
7eb8f4b 
Bumps [@eslint/eslintrc](https://github.com/eslint/eslintrc) from 3.2.0 to 3.3.1.
- [Release notes](https://github.com/eslint/eslintrc/releases)
- [Changelog](https://github.com/eslint/eslintrc/blob/main/CHANGELOG.md)
- [Commits](eslint/eslintrc@v3.2.0...v3.3.1)

---
updated-dependencies:
- dependency-name: "@eslint/eslintrc"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
chore: bump proxy-agent from 6.4.0 to 6.5.0 (#7294)
cb29e65 
Bumps [proxy-agent](https://github.com/TooTallNate/proxy-agents/tree/HEAD/packages/proxy-agent) from 6.4.0 to 6.5.0.
- [Release notes](https://github.com/TooTallNate/proxy-agents/releases)
- [Changelog](https://github.com/TooTallNate/proxy-agents/blob/main/packages/proxy-agent/CHANGELOG.md)
- [Commits](https://github.com/TooTallNate/proxy-agents/commits/[email protected]/packages/proxy-agent)

---
updated-dependencies:
- dependency-name: proxy-agent
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
chore: bump robinraju/release-downloader from 1.11 to 1.12 (#7289)
9045919 
Bumps [robinraju/release-downloader](https://github.com/robinraju/release-downloader) from 1.11 to 1.12.
- [Release notes](https://github.com/robinraju/release-downloader/releases)
- [Commits](robinraju/release-downloader@v1.11...v1.12)

---
updated-dependencies:
- dependency-name: robinraju/release-downloader
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@helgehatt
Add skip-auth-preflight flag to allow OPTIONS requests through proxy (#…
bbf2e24 
…7284)
@partev
Remove extra closing parentheses from docs (#7309)
ec0899a
@dependabot
chore: bump @babel/runtime from 7.25.7 to 7.27.0 (#7312)
3b7634c 
Bumps [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) from 7.25.7 to 7.27.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.27.0/packages/babel-runtime)

---
updated-dependencies:
- dependency-name: "@babel/runtime"
  dependency-version: 7.27.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@benz0li
Update Code to 1.99.3 (#7314)
c36b2d3
@code-asher
Use ubuntu-latest in Docker publish step
5d5b7b1 
Seems 20.04 has been removed.
kylecarbs and others added 16 commits May 2, 2025 10:08
@kylecarbs
fix: parse part in path proxy (#7337)
47d6d3a
@code-asher
Release v4.99.4
3f2e334
@code-asher
Allow setting trusted domains for links at run-time
ea2caf0 
It can be set either:

1. In the product.json (normally the product.json is embedded during the
   build and not read at run-time).
2. With the --link-protection-trusted-domains flag.
@code-asher
Place locale and abs-proxy-base-path in correct interfaces
0c72b20
@code-asher
Fix repeatable flags in config
c8257a3 
Fixes #6149.
@dependabot
chore: bump @types/semver from 7.5.8 to 7.7.0
e5b8d44
@dependabot
chore: bump eslint from 9.23.0 to 9.25.1 (#7332)
8b55b50 
Bumps [eslint](https://github.com/eslint/eslint) from 9.23.0 to 9.25.1.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](eslint/eslint@v9.23.0...v9.25.1)

---
updated-dependencies:
- dependency-name: eslint
  dependency-version: 9.25.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@bartekgatzcoder
Mention code-server devcontainer feature (#7342)
7af90ea
@benz0li
Update Code to 1.100.0 (#7343)
2c9b4e7
@code-asher
Fix port parseInt error handling
9bd3b83 
parseInt returns NaN rather than throwing.
@code-asher
Update devcontainer feature link
d0e20d5 
I think we meant to link to the feature readme rather than the general
repo readme.
@code-asher
Release v4.100.0
e05219d
@benz0li
Update Code to 1.101 (#7347)
1aca01f
@benz0li
Update Code to 1.100.2 (#7348)
9dd999b
@code-asher
Release v4.100.1 and v4.100.2
cade03e
@dependabot
chore: bump globals from 15.14.0 to 16.0.0 (#7333)
35e78fe 
Bumps [globals](https://github.com/sindresorhus/globals) from 15.14.0 to 16.0.0.
- [Release notes](https://github.com/sindresorhus/globals/releases)
- [Commits](sindresorhus/globals@v15.14.0...v16.0.0)

---
updated-dependencies:
- dependency-name: globals
  dependency-version: 16.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.