docs: fix 7 broken relative links in CONTRIBUTING.md

Relative paths like ../test/unit resolve correctly on GitHub but produce
404s when the page is rendered at coder.com/docs/code-server/CONTRIBUTING.
Replace all 7 with absolute github.com/coder/code-server/tree/main/... URLs.

Closes https://linear.app/codercom/issue/DOCS-244

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

.github/workflows/publish.yaml

@@ -38,7 +38,7 @@ jobs:
         with:
           node-version-file: .node-version
 
-      - uses: robinraju/release-downloader@daf26c55d821e836577a15f77d86ddc078948b05 # v1.12
+      - uses: robinraju/release-downloader@28fc21f50d76778e7023361aa1f863e717d3d56f # v1.13
         with:
           repository: "coder/code-server"
           tag: ${{ env.TAG }}
@@ -122,13 +122,13 @@ jobs:
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
-      - uses: robinraju/release-downloader@daf26c55d821e836577a15f77d86ddc078948b05 # v1.12
+      - uses: robinraju/release-downloader@28fc21f50d76778e7023361aa1f863e717d3d56f # v1.13
         with:
           repository: "coder/code-server"
           tag: v${{ env.VERSION }}
           fileName: "*.deb"
           out-file-path: "release-packages"
-      - uses: robinraju/release-downloader@daf26c55d821e836577a15f77d86ddc078948b05 # v1.12
+      - uses: robinraju/release-downloader@28fc21f50d76778e7023361aa1f863e717d3d56f # v1.13
         with:
           repository: "coder/code-server"
           tag: v${{ env.VERSION }}

.github/workflows/release.yaml

@@ -10,7 +10,7 @@ on:
     types:
       - closed
     branches:
-      - "update/**"
+      - main
 
 permissions:
   contents: write # For creating releases.
@@ -26,7 +26,9 @@ jobs:
   package-linux:
     name: ${{ format('linux-{0}', matrix.vscode_arch) }}
     runs-on: ubuntu-22.04
-    if: github.event_name == 'workflow_dispatch' || github.event.pull_request.merged == true
+    if: >-
+      (github.event_name == 'workflow_dispatch') ||
+      (github.event_name == 'pull_request_target' && github.event.pull_request.merged == true && startsWith(github.head_ref, 'update/'))
 
     strategy:
       matrix:
@@ -117,7 +119,7 @@ jobs:
           files: package.tar.gz
           tag_name: v${{ env.VERSION }}
           name: v${{ env.VERSION }}
-          body: .cache/release-notes
+          body_path: .cache/release-notes
 
       # Platform-specific release.
       - run: KEEP_MODULES=1 npm run release
@@ -133,7 +135,9 @@ jobs:
   package-macos:
     name: ${{ matrix.vscode_target }}
     runs-on: ${{ matrix.os }}
-    if: github.event_name == 'workflow_dispatch' || github.event.pull_request_merged == true
+    if: >-
+      (github.event_name == 'workflow_dispatch') ||
+      (github.event_name == 'pull_request_target' && github.event.pull_request.merged == true && startsWith(github.head_ref, 'update/'))
     strategy:
       matrix:
         include:

.github/workflows/security.yaml

@@ -51,7 +51,7 @@ jobs:
           fetch-depth: 0
 
       - name: Run Trivy vulnerability scanner in repo mode
-        uses: aquasecurity/trivy-action@97e0b3872f55f89b95b2f65b3dbab56962816478 # latest
+        uses: aquasecurity/trivy-action@314ff8b43182423b84c50b1670b0e10f858f2d98 # latest
         with:
           scan-type: "fs"
           scan-ref: "."

.github/workflows/trivy-docker.yaml

@@ -49,7 +49,7 @@ jobs:
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
       - name: Run Trivy vulnerability scanner in image mode
-        uses: aquasecurity/trivy-action@97e0b3872f55f89b95b2f65b3dbab56962816478 # latest
+        uses: aquasecurity/trivy-action@314ff8b43182423b84c50b1670b0e10f858f2d98 # latest
         with:
           image-ref: "docker.io/codercom/code-server:latest"
           ignore-unfixed: true

.github/workflows/update.yaml

@@ -63,10 +63,10 @@ jobs:
           git config --global user.email opensource@coder.com
           git checkout -b "update/$VERSION"
           git add .
-          git commit -m "Update VS Code to $VERSION"
+          git commit -m "Update Code to $VERSION"
           git push -u origin "$(git branch --show)"
           gh pr create \
             --repo coder/code-server \
-            --title "Update VS Code to $VERSION" \
+            --title "Update Code to $VERSION" \
             --body-file .cache/checklist \
             --draft

CHANGELOG.md

@@ -22,20 +22,14 @@ Code v99.99.999
 
 ## Unreleased
 
+## [4.121.0](https://github.com/coder/code-server/releases/tag/v4.121.0) - 2026-05-20
+
 Code v1.121.0
 
 ### Changed
 
 - Update to Code 1.121.0
 
-## [4.119.0](https://github.com/coder/code-server/releases/tag/v4.119.0) - 2026-05-07
-
-Code v1.119.0
-
-### Changed
-
-- Update to Code 1.119.0
-
 ## [4.118.0](https://github.com/coder/code-server/releases/tag/v4.118.0) - 2026-05-06
 
 Code v1.118.0

ci/build/update-vscode.sh

@@ -132,12 +132,12 @@ function main() {
     fi
     target_vscode_version="${VERSION#v}"
     steps+=(
-      "Update VS Code to $target_vscode_version" "update_vscode"
+      "Update Code to $target_vscode_version" "update_vscode"
-      "Refresh VS Code patches" "refresh_patches"
+      "Refresh Code patches" "refresh_patches"
     )
   else
     target_vscode_version="$(git -C lib/vscode describe --tags --exact-match)"
-    echo "Detected VS Code version $target_vscode_version"
+    echo "Detected Code version $target_vscode_version"
   fi
 
   steps+=(

ci/helm-chart/Chart.yaml

@@ -15,9 +15,9 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 3.35.0
+version: 3.36.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
-appVersion: 4.116.0
+appVersion: 4.121.0

ci/helm-chart/values.yaml

@@ -6,7 +6,7 @@ replicaCount: 1
 
 image:
   repository: codercom/code-server
-  tag: '4.116.0'
+  tag: '4.121.0'
   pullPolicy: Always
 
 # Specifies one or more secrets to be used when pulling images from a

docs/CONTRIBUTING.md

@@ -201,7 +201,7 @@ There are four kinds of tests in code-server:
 Our unit tests are written in TypeScript and run using
 [Jest](https://jestjs.io/), the testing framework].
 
-These live under [test/unit](../test/unit).
+These live under [test/unit](https://github.com/coder/code-server/tree/main/test/unit).
 
 We use unit tests for functions and things that can be tested in isolation. The
 file structure is modeled closely after `/src` so it's easy for people to know
@@ -230,7 +230,7 @@ testing the CLI requires us to build and package code-server.
 The end-to-end (e2e) tests are written in TypeScript and run using
 [Playwright](https://playwright.dev/).
 
-These live under [test/e2e](../test/e2e).
+These live under [test/e2e](https://github.com/coder/code-server/tree/main/test/e2e).
 
 Before the e2e tests run, we run `globalSetup`, which eliminates the need to log
 in before each test by preserving the authentication state.
@@ -246,15 +246,15 @@ We also have a model where you can create helpers to use within tests. See
 code-server essentially serves as an HTTP API for logging in and starting a
 remote Code process.
 
-The CLI code is in [src/node](../src/node) and the HTTP routes are implemented
+The CLI code is in [src/node](https://github.com/coder/code-server/tree/main/src/node) and the HTTP routes are implemented
-in [src/node/routes](../src/node/routes).
+in [src/node/routes](https://github.com/coder/code-server/tree/main/src/node/routes).
 
 Most of the meaty parts are in the Code portion of the codebase under
-[lib/vscode](../lib/vscode), which we describe next.
+[lib/vscode](https://github.com/coder/code-server/tree/main/lib/vscode), which we describe next.
 
 ### Modifications to Code
 
-Our modifications to Code can be found in the [patches](../patches) directory.
+Our modifications to Code can be found in the [patches](https://github.com/coder/code-server/tree/main/patches) directory.
 We pull in Code as a submodule pointing to an upstream release branch.
 
 In v1 of code-server, we had Code as a submodule and used a single massive patch
@@ -277,7 +277,7 @@ requires us to ensure that our changes are still applied correctly and work as
 intended. In the future, we'd like to run Code unit tests against our builds to
 ensure that features work as expected.
 
-> We have [extension docs](../ci/README.md) on the CI and build system.
+> We have [extension docs](https://github.com/coder/code-server/tree/main/ci) on the CI and build system.
 
 If the functionality you're working on does NOT depend on code from Code, please
 move it out and into code-server.

package-lock.json

@@ -58,7 +58,7 @@
         "eslint-plugin-import": "^2.28.1",
         "eslint-plugin-prettier": "^5.0.0",
         "globals": "^16.1.0",
-        "prettier": "3.6.2",
+        "prettier": "3.8.3",
         "prettier-plugin-sh": "^0.18.0",
         "ts-node": "^10.9.1",
         "typescript": "^5.6.2",
@@ -5100,9 +5100,9 @@
       }
     },
     "node_modules/prettier": {
-      "version": "3.6.2",
+      "version": "3.8.3",
-      "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.6.2.tgz",
+      "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.8.3.tgz",
-      "integrity": "sha512-I7AIg5boAr5R0FFtJ6rCfD+LFsWHp81dolrFD8S79U9tb8Az2nGrJncnMSnys+bpQJfRUzqs9hnA81OAA3hCuQ==",
+      "integrity": "sha512-7igPTM53cGHMW8xWuVTydi2KO233VFiTNyF5hLJqpilHfmn8C8gPf+PS7dUT64YcXFbiMGZxS9pCSxL/Dxm/Jw==",
       "dev": true,
       "license": "MIT",
       "bin": {
@@ -6613,9 +6613,9 @@
       "license": "ISC"
     },
     "node_modules/ws": {
-      "version": "8.19.0",
+      "version": "8.20.1",
-      "resolved": "https://registry.npmjs.org/ws/-/ws-8.19.0.tgz",
+      "resolved": "https://registry.npmjs.org/ws/-/ws-8.20.1.tgz",
-      "integrity": "sha512-blAT2mjOEIi0ZzruJfIhb3nps74PRWTCz1IjglWEEpQl5XS/UNama6u2/rjFkDDouqr4L67ry+1aGIALViWjDg==",
+      "integrity": "sha512-It4dO0K5v//JtTXuPkfEOaI3uUN87iYPnqo/ZzqCoG3g8uhA66QUMs/SrM0YK7/NAu+r4LMh/9dq2A7k+rHs+w==",
       "license": "MIT",
       "engines": {
         "node": ">=10.0.0"

package.json

@@ -60,7 +60,7 @@
     "eslint-plugin-import": "^2.28.1",
     "eslint-plugin-prettier": "^5.0.0",
     "globals": "^16.1.0",
-    "prettier": "3.6.2",
+    "prettier": "3.8.3",
     "prettier-plugin-sh": "^0.18.0",
     "ts-node": "^10.9.1",
     "typescript": "^5.6.2",

patches/app-name.diff

@@ -0,0 +1,46 @@
+Apply --app-name to VS Code web page titles
+
+VS Code's `${appName}` title variable comes from `productService.nameLong` in the
+web client. code-server already injects per-request product configuration into
+VS Code's web bootstrap, so set `nameShort`/`nameLong` from the existing
+`--app-name` CLI arg there.
+
+This keeps the patch minimal and makes browser tab titles honor `--app-name`
+without changing unrelated product metadata.
+
+Index: code-server/lib/vscode/src/vs/server/node/serverEnvironmentService.ts
+===================================================================
+--- code-server.orig/lib/vscode/src/vs/server/node/serverEnvironmentService.ts
++++ code-server/lib/vscode/src/vs/server/node/serverEnvironmentService.ts
+@@ -24,6 +24,7 @@ export const serverOptions: OptionDescri
+ 	'disable-getting-started-override': { type: 'boolean' },
+ 	'locale': { type: 'string' },
+ 	'link-protection-trusted-domains': { type: 'string[]' },
++	'app-name': { type: 'string' },
+ 
+ 	/* ----- server setup ----- */
+ 
+@@ -120,6 +121,7 @@ export interface ServerParsedArgs {
+ 	'disable-getting-started-override'?: boolean,
+ 	'locale'?: string
+ 	'link-protection-trusted-domains'?: string[],
++	'app-name'?: string,
+ 
+ 	/* ----- server setup ----- */
+ 
+Index: code-server/lib/vscode/src/vs/server/node/webClientServer.ts
+===================================================================
+--- code-server.orig/lib/vscode/src/vs/server/node/webClientServer.ts
++++ code-server/lib/vscode/src/vs/server/node/webClientServer.ts
+@@ -366,8 +366,11 @@ export class WebClientServer {
+ 			linkProtectionTrustedDomains.push(...this._productService.linkProtectionTrustedDomains);
+ 		}
+ 
++		const appName = this._environmentService.args['app-name'];
+ 		const productConfiguration: Partial<Mutable<IProductConfiguration>> = {
+ 			codeServerVersion: this._productService.codeServerVersion,
++			nameShort: appName,
++			nameLong: appName,
+ 			rootEndpoint: rootBase,
+ 			updateEndpoint: !this._environmentService.args['disable-update-check'] ? rootBase + '/update/check' : undefined,
+ 			logoutEndpoint: this._environmentService.args['auth'] && this._environmentService.args['auth'] !== "none" ? rootBase + '/logout' : undefined,

patches/series

@@ -23,3 +23,4 @@ display-language.diff
 trusted-domains.diff
 signature-verification.diff
 copilot.diff
+app-name.diff

src/node/cli.ts

@@ -677,9 +677,7 @@ export async function setDefaults(cliArgs: UserProvidedArgs, configArgs?: Config
   }
   args["proxy-domain"] = finalProxies
 
-  if (!args["app-name"]) {
+  args["app-name"] ??= process.env.CODE_SERVER_APP_NAME || "code-server"
-    args["app-name"] = "code-server"
-  }
 
   args._ = getResolvedPathsFromArgs(args)
 

test/e2e/appName.test.ts

@@ -0,0 +1,9 @@
+import { version } from "../../src/node/constants"
+import { describe, test, expect } from "./baseFixture"
+
+const appName = "testnäme"
+describe("--app-name", [`--app-name=${appName}`], {}, () => {
+  test("should use app-name for the title", async ({ codeServerPage }) => {
+    expect(await codeServerPage.page.title()).toContain(appName)
+  })
+})

test/playwright.config.ts

@@ -5,10 +5,10 @@ import path from "path"
 // The default configuration runs all tests in three browsers with workers equal
 // to half the available threads. See 'npm run test:e2e --help' to customize
 // from the command line. For example:
-//   npm run test:e2e --workers 1        # Run with one worker
+//   npm run test:e2e -- --workers 1        # Run with one worker
-//   npm run test:e2e --project Chromium # Only run on Chromium
+//   npm run test:e2e -- --project Chromium # Only run on Chromium
-//   npm run test:e2e --grep login       # Run tests matching "login"
+//   npm run test:e2e -- --grep login       # Run tests matching "login"
-//   PWDEBUG=1 npm run test:e2e          # Run Playwright inspector
+//   PWDEBUG=1 npm run test:e2e             # Run Playwright inspector
 const config: PlaywrightTestConfig = {
   testDir: path.join(__dirname, "e2e"), // Search for tests in this directory.
   timeout: 60000, // Each test is given 60 seconds.