chore: bump Helm chart

chore: update CHANGELOG
chore: update reviewers in release-prep
2026-06-10 06:14:32 +00:00 · 2022-08-31 10:52:35 -07:00 · 2022-08-31 10:52:27 -07:00 · 2022-08-31 10:45:07 -07:00 · 2022-08-31 10:42:55 -07:00
59 changed files with 1858 additions and 815 deletions
--- a/.github/PULL_REQUEST_TEMPLATE/release_template.md
+++ b/.github/PULL_REQUEST_TEMPLATE/release_template.md
@@ -12,6 +12,5 @@ Follow "Publishing a release" steps in `ci/README.md`

 <!-- Note some of these steps below are redundant since they're listed in the "Publishing a release" docs -->

- [ ] update `CHANGELOG.md`
- [ ] manually run "Draft release" workflow after merging this PR
- [ ] merge PR opened in [code-server-aur](https://github.com/coder/code-server-aur)
+- [ ] publish release and merge PR
+- [ ] update the AUR package
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -18,99 +18,31 @@ concurrency:
 # Note: if: success() is used in several jobs -
 # this ensures that it only executes if all previous jobs succeeded.

-# if: steps.cache-node-modules.outputs.cache-hit != 'true'
+# if: steps.cache-yarn.outputs.cache-hit != 'true'
 # will skip running `yarn install` if it successfully fetched from cache

 jobs:
-  fmt:
-    name: Format with Prettier
+  prebuild:
+    name: Pre-build checks
    runs-on: ubuntu-latest
-    timeout-minutes: 5
+    timeout-minutes: 15
    steps:
      - name: Checkout repo
        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+          submodules: true

      - name: Install Node.js v16
        uses: actions/setup-node@v3
        with:
          node-version: "16"

-      - name: Fetch dependencies from cache
-        id: cache-node-modules
-        uses: actions/cache@v3
-        with:
-          path: "**/node_modules"
-          key: yarn-build-${{ hashFiles('**/yarn.lock') }}
-          restore-keys: |
-            yarn-build-
-
-      - name: Install dependencies
-        if: steps.cache-node-modules.outputs.cache-hit != 'true'
-        run: SKIP_SUBMODULE_DEPS=1 yarn --frozen-lockfile
-
-      - name: Format files with Prettier
-        run: yarn fmt
-
-  lint-helm:
-    name: Lint Helm chart
-    runs-on: ubuntu-latest
-    timeout-minutes: 5
-    steps:
-      - name: Checkout repo
-        uses: actions/checkout@v3
-        with:
-          fetch-depth: 2
-
-      - name: Get changed files
-        id: changed-files
-        uses: tj-actions/changed-files@v26.1
-        with:
-          files: |
-            ci/helm-chart/**
-
      - name: Install helm
-        if: steps.changed-files.outputs.any_changed == 'true'
        uses: azure/setup-helm@v3.3
-        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Install helm kubeval plugin
-        if: steps.changed-files.outputs.any_changed == 'true'
-        run: helm plugin install https://github.com/instrumenta/helm-kubeval
-
-      - name: Lint Helm chart
-        if: steps.changed-files.outputs.any_changed == 'true'
-        run: helm kubeval ci/helm-chart
-
-  lint-ts:
-    name: Lint TypeScript files
-    runs-on: ubuntu-latest
-    timeout-minutes: 5
-    steps:
-      - name: Checkout repo
-        uses: actions/checkout@v3
-        with:
-          fetch-depth: 2
-
-      - name: Get changed files
-        id: changed-files
-        uses: tj-actions/changed-files@v26.1
-        with:
-          files: |
-            **/*.ts
-            **/*.js
-          files_ignore: |
-            lib/vscode/**
-
-      - name: Install Node.js v16
-        if: steps.changed-files.outputs.any_changed == 'true'
-        uses: actions/setup-node@v3
-        with:
-          node-version: "16"

      - name: Fetch dependencies from cache
-        if: steps.changed-files.outputs.any_changed == 'true'
-        id: cache-node-modules
+        id: cache-yarn
        uses: actions/cache@v3
        with:
          path: "**/node_modules"
@@ -119,15 +51,54 @@ jobs:
            yarn-build-

      - name: Install dependencies
-        if: steps.changed-files.outputs.any_changed == 'true' && steps.cache-node-modules.outputs.cache-hit != 'true'
-        run: SKIP_SUBMODULE_DEPS=1 yarn --frozen-lockfile
+        if: steps.cache-yarn.outputs.cache-hit != 'true'
+        run: yarn --frozen-lockfile

-      - name: Lint TypeScript files
-        if: steps.changed-files.outputs.any_changed == 'true'
-        run: yarn lint:ts
+      - name: Run yarn fmt
+        run: yarn fmt
+        if: success()
+
+      - name: Run yarn lint
+        run: yarn lint
+        if: success()
+
+  audit-ci:
+    name: Run audit-ci
+    needs: prebuild
+    runs-on: ubuntu-latest
+    timeout-minutes: 15
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+          submodules: true
+
+      - name: Install Node.js v16
+        uses: actions/setup-node@v3
+        with:
+          node-version: "16"
+
+      - name: Fetch dependencies from cache
+        id: cache-yarn
+        uses: actions/cache@v3
+        with:
+          path: "**/node_modules"
+          key: yarn-build-${{ hashFiles('**/yarn.lock') }}
+          restore-keys: |
+            yarn-build-
+
+      - name: Install dependencies
+        if: steps.cache-yarn.outputs.cache-hit != 'true'
+        run: yarn --frozen-lockfile
+
+      - name: Audit for vulnerabilities
+        run: yarn _audit
+        if: success()

  build:
-    name: Build code-server
+    name: Build
+    needs: prebuild
    runs-on: ubuntu-latest
    timeout-minutes: 30
    env:
@@ -136,13 +107,11 @@ jobs:
      - name: Checkout repo
        uses: actions/checkout@v3
        with:
+          fetch-depth: 0
          submodules: true

      - name: Install quilt
-        uses: awalsh128/cache-apt-pkgs-action@latest
-        with:
-          packages: quilt
-          version: 1.0
+        run: sudo apt update && sudo apt install quilt

      - name: Patch Code
        run: quilt push -a
@@ -153,7 +122,7 @@ jobs:
          node-version: "16"

      - name: Fetch dependencies from cache
-        id: cache-node-modules
+        id: cache-yarn
        uses: actions/cache@v3
        with:
          path: "**/node_modules"
@@ -162,7 +131,7 @@ jobs:
            yarn-build-

      - name: Install dependencies
-        if: steps.cache-node-modules.outputs.cache-hit != 'true'
+        if: steps.cache-yarn.outputs.cache-hit != 'true'
        run: yarn --frozen-lockfile

      - name: Build code-server
@@ -223,7 +192,6 @@ jobs:
          path: ./package.tar.gz

  npm:
-    name: Publish npm package
    # the npm-package gets uploaded as an artifact in Build
    # so we need that to complete before this runs
    needs: build
@@ -237,6 +205,8 @@ jobs:
    steps:
      - name: Checkout repo
        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0

      - name: Download artifact
        uses: actions/download-artifact@v3
@@ -275,28 +245,43 @@ jobs:
            npm install -g @coder/code-server-pr@${{ github.event.number }}
            ```

-  test-e2e:
-    name: Run e2e tests
+  # TODO: cache building yarn --production
+  # possibly 2m30s of savings(?)
+  # this requires refactoring our release scripts
+  package-linux-amd64:
+    name: x86-64 Linux build
    needs: build
    runs-on: ubuntu-latest
    timeout-minutes: 15
+    container: "centos:7"
+
    steps:
      - name: Checkout repo
        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0

      - name: Install Node.js v16
        uses: actions/setup-node@v3
        with:
          node-version: "16"

-      - name: Fetch dependencies from cache
-        id: cache-node-modules
-        uses: actions/cache@v3
-        with:
-          path: "**/node_modules"
-          key: yarn-build-${{ hashFiles('**/yarn.lock') }}
-          restore-keys: |
-            yarn-build-
+      - name: Install development tools
+        run: |
+          yum install -y epel-release centos-release-scl
+          yum install -y devtoolset-9-{make,gcc,gcc-c++} jq rsync python3
+
+      - name: Install nfpm and envsubst
+        run: |
+          mkdir -p ~/.local/bin
+          curl -sSfL https://github.com/goreleaser/nfpm/releases/download/v2.3.1/nfpm_2.3.1_`uname -s`_`uname -m`.tar.gz | tar -C ~/.local/bin -zxv nfpm
+          curl -sSfL https://github.com/a8m/envsubst/releases/download/v1.1.0/envsubst-`uname -s`-`uname -m` -o envsubst
+          chmod +x envsubst
+          mv envsubst ~/.local/bin
+          echo "$HOME/.local/bin" >> $GITHUB_PATH
+
+      - name: Install yarn
+        run: npm install -g yarn

      - name: Download npm package
        uses: actions/download-artifact@v3
@@ -306,11 +291,205 @@ jobs:
      - name: Decompress npm package
        run: tar -xzf package.tar.gz

-      - name: Install release package dependencies
-        run: cd release && yarn install
+      # NOTE: && here is deliberate - GitHub puts each line in its own `.sh`
+      # file when running inside a docker container.
+      - name: Build standalone release
+        run: source scl_source enable devtoolset-9 && yarn release:standalone
+
+      - name: Install test dependencies
+        run: SKIP_SUBMODULE_DEPS=1 yarn install
+
+      - name: Run integration tests on standalone release
+        run: yarn test:integration
+
+      - name: Build packages with nfpm
+        run: yarn package
+
+      - name: Upload release artifacts
+        uses: actions/upload-artifact@v3
+        with:
+          name: release-packages
+          path: ./release-packages
+
+  # NOTE@oxy:
+  # We use Ubuntu 16.04 here, so that our build is more compatible
+  # with older libc versions. We used to (Q1'20) use CentOS 7 here,
+  # but it has a full update EOL of Q4'20 and a 'critical security'
+  # update EOL of 2024. We're dropping full support a few years before
+  # the final EOL, but I don't believe CentOS 7 has a large arm64 userbase.
+  # It is not feasible to cross-compile with CentOS.
+
+  # Cross-compile notes: To compile native dependencies for arm64,
+  # we install the aarch64/armv7l cross toolchain and then set it as the default
+  # compiler/linker/etc. with the AR/CC/CXX/LINK environment variables.
+  # qemu-user-static on ubuntu-16.04 currently doesn't run Node correctly,
+  # so we just build with "native"/x86_64 node, then download arm64/armv7l node
+  # and then put it in our release. We can't smoke test the cross build this way,
+  # but this means we don't need to maintain a self-hosted runner!
+
+  # NOTE@jsjoeio:
+  # We used to use 16.04 until GitHub deprecated it on September 20, 2021
+  # See here: https://github.com/actions/virtual-environments/pull/3862/files
+  package-linux-cross:
+    name: Linux cross-compile builds
+    needs: build
+    runs-on: ubuntu-18.04
+    timeout-minutes: 15
+    strategy:
+      matrix:
+        include:
+          - prefix: aarch64-linux-gnu
+            arch: arm64
+          - prefix: arm-linux-gnueabihf
+            arch: armv7l
+
+    env:
+      AR: ${{ format('{0}-ar', matrix.prefix) }}
+      CC: ${{ format('{0}-gcc', matrix.prefix) }}
+      CXX: ${{ format('{0}-g++', matrix.prefix) }}
+      LINK: ${{ format('{0}-g++', matrix.prefix) }}
+      NPM_CONFIG_ARCH: ${{ matrix.arch }}
+      NODE_VERSION: v16.13.0
+
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Install Node.js v16
+        uses: actions/setup-node@v3
+        with:
+          node-version: "16"
+
+      - name: Install nfpm
+        run: |
+          mkdir -p ~/.local/bin
+          curl -sSfL https://github.com/goreleaser/nfpm/releases/download/v2.3.1/nfpm_2.3.1_`uname -s`_`uname -m`.tar.gz | tar -C ~/.local/bin -zxv nfpm
+          echo "$HOME/.local/bin" >> $GITHUB_PATH
+
+      - name: Install cross-compiler
+        run: sudo apt update && sudo apt install $PACKAGE
+        env:
+          PACKAGE: ${{ format('g++-{0}', matrix.prefix) }}
+
+      - name: Download npm package
+        uses: actions/download-artifact@v3
+        with:
+          name: npm-package
+
+      - name: Decompress npm package
+        run: tar -xzf package.tar.gz
+
+      - name: Build standalone release
+        run: yarn release:standalone
+
+      - name: Replace node with cross-compile equivalent
+        run: |
+          wget https://nodejs.org/dist/${NODE_VERSION}/node-${NODE_VERSION}-linux-${NPM_CONFIG_ARCH}.tar.xz
+          tar -xf node-${NODE_VERSION}-linux-${NPM_CONFIG_ARCH}.tar.xz node-${NODE_VERSION}-linux-${NPM_CONFIG_ARCH}/bin/node --strip-components=2
+          mv ./node ./release-standalone/lib/node
+
+      - name: Build packages with nfpm
+        run: yarn package ${NPM_CONFIG_ARCH}
+
+      - name: Upload release artifacts
+        uses: actions/upload-artifact@v3
+        with:
+          name: release-packages
+          path: ./release-packages
+
+  package-macos-amd64:
+    name: x86-64 macOS build
+    needs: build
+    runs-on: macos-latest
+    timeout-minutes: 15
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Install Node.js v16
+        uses: actions/setup-node@v3
+        with:
+          node-version: "16"
+
+      - name: Install nfpm
+        run: |
+          mkdir -p ~/.local/bin
+          curl -sSfL https://github.com/goreleaser/nfpm/releases/download/v2.3.1/nfpm_2.3.1_`uname -s`_`uname -m`.tar.gz | tar -C ~/.local/bin -zxv nfpm
+          echo "$HOME/.local/bin" >> $GITHUB_PATH
+
+      - name: Download npm package
+        uses: actions/download-artifact@v3
+        with:
+          name: npm-package
+
+      - name: Decompress npm package
+        run: tar -xzf package.tar.gz
+
+      - name: Build standalone release
+        run: yarn release:standalone
+
+      - name: Install test dependencies
+        run: SKIP_SUBMODULE_DEPS=1 yarn install
+
+      - name: Run integration tests on standalone release
+        run: yarn test:integration
+
+      - name: Build packages with nfpm
+        run: yarn package
+
+      - name: Upload release artifacts
+        uses: actions/upload-artifact@v3
+        with:
+          name: release-packages
+          path: ./release-packages
+
+  test-e2e:
+    name: End-to-end tests
+    needs: package-linux-amd64
+    runs-on: ubuntu-latest
+    timeout-minutes: 15
+    env:
+      # Since we build code-server we might as well run tests from the release
+      # since VS Code will load faster due to the bundling.
+      CODE_SERVER_TEST_ENTRY: "./release-packages/code-server-linux-amd64"
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Install Node.js v16
+        uses: actions/setup-node@v3
+        with:
+          node-version: "16"
+
+      - name: Fetch dependencies from cache
+        id: cache-yarn
+        uses: actions/cache@v3
+        with:
+          path: "**/node_modules"
+          key: yarn-build-${{ hashFiles('**/yarn.lock') }}
+          restore-keys: |
+            yarn-build-
+
+      - name: Download release packages
+        uses: actions/download-artifact@v3
+        with:
+          name: release-packages
+          path: ./release-packages
+
+      - name: Untar code-server release
+        run: |
+          cd release-packages
+          tar -xzf code-server*-linux-amd64.tar.gz
+          mv code-server*-linux-amd64 code-server-linux-amd64

      - name: Install dependencies
-        if: steps.cache-node-modules.outputs.cache-hit != 'true'
+        if: steps.cache-yarn.outputs.cache-hit != 'true'
        run: SKIP_SUBMODULE_DEPS=1 yarn --frozen-lockfile

      - name: Install Playwright OS dependencies
@@ -319,7 +498,7 @@ jobs:
          ./test/node_modules/.bin/playwright install

      - name: Run end-to-end tests
-        run: CODE_SERVER_TEST_ENTRY=./release yarn test:e2e --global-timeout 840000
+        run: yarn test:e2e --global-timeout 840000

      - name: Upload test artifacts
        if: always()
@@ -329,16 +508,22 @@ jobs:
          path: ./test/test-results

      - name: Remove release packages and test artifacts
-        run: rm -rf ./release ./test/test-results
+        run: rm -rf ./release-packages ./test/test-results

  test-e2e-proxy:
-    name: Run e2e tests behind proxy
-    needs: build
+    name: End-to-end tests behind proxy
+    needs: package-linux-amd64
    runs-on: ubuntu-latest
    timeout-minutes: 25
+    env:
+      # Since we build code-server we might as well run tests from the release
+      # since VS Code will load faster due to the bundling.
+      CODE_SERVER_TEST_ENTRY: "./release-packages/code-server-linux-amd64"
    steps:
      - name: Checkout repo
        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0

      - name: Install Node.js v16
        uses: actions/setup-node@v3
@@ -346,7 +531,7 @@ jobs:
          node-version: "16"

      - name: Fetch dependencies from cache
-        id: cache-node-modules
+        id: cache-yarn
        uses: actions/cache@v3
        with:
          path: "**/node_modules"
@@ -354,19 +539,20 @@ jobs:
          restore-keys: |
            yarn-build-

-      - name: Download npm package
+      - name: Download release packages
        uses: actions/download-artifact@v3
        with:
-          name: npm-package
+          name: release-packages
+          path: ./release-packages

-      - name: Decompress npm package
-        run: tar -xzf package.tar.gz
-
-      - name: Install release package dependencies
-        run: cd release && yarn install
+      - name: Untar code-server release
+        run: |
+          cd release-packages
+          tar -xzf code-server*-linux-amd64.tar.gz
+          mv code-server*-linux-amd64 code-server-linux-amd64

      - name: Install dependencies
-        if: steps.cache-node-modules.outputs.cache-hit != 'true'
+        if: steps.cache-yarn.outputs.cache-hit != 'true'
        run: SKIP_SUBMODULE_DEPS=1 yarn --frozen-lockfile

      - name: Install Playwright OS dependencies
@@ -395,7 +581,7 @@ jobs:
        run: sudo ~/.cache/caddy/caddy start --config ./ci/Caddyfile

      - name: Run end-to-end tests
-        run: CODE_SERVER_TEST_ENTRY=./release yarn test:e2e:proxy --global-timeout 840000
+        run: yarn test:e2e:proxy

      - name: Stop Caddy
        if: always()
@@ -409,4 +595,31 @@ jobs:
          path: ./test/test-results

      - name: Remove release packages and test artifacts
-        run: rm -rf ./release ./test/test-results
+        run: rm -rf ./release-packages ./test/test-results
+
+  trivy-scan-repo:
+    permissions:
+      contents: read # for actions/checkout to fetch code
+      security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
+    runs-on: ubuntu-20.04
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Run Trivy vulnerability scanner in repo mode
+        uses: aquasecurity/trivy-action@d63413b0a4a4482237085319f7f4a1ce99a8f2ac
+        with:
+          scan-type: "fs"
+          scan-ref: "."
+          ignore-unfixed: true
+          format: "template"
+          template: "@/contrib/sarif.tpl"
+          output: "trivy-repo-results.sarif"
+          severity: "HIGH,CRITICAL"
+
+      - name: Upload Trivy scan results to GitHub Security tab
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: "trivy-repo-results.sarif"
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -0,0 +1,47 @@
+name: "Code Scanning"
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [main]
+  schedule:
+    # Runs every Monday morning PST
+    - cron: "17 15 * * 1"
+
+# Cancel in-progress runs for pull requests when developers push
+# additional changes, and serialize builds in branches.
+# https://docs.github.com/en/actions/using-jobs/using-concurrency#example-using-concurrency-to-cancel-any-in-progress-job-or-run
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: ${{ github.event_name == 'pull_request' }}
+
+permissions:
+  contents: read
+
+jobs:
+  analyze:
+    permissions:
+      actions: read # for github/codeql-action/init to get workflow details
+      contents: read # for actions/checkout to fetch code
+      security-events: write # for github/codeql-action/autobuild to send a status report
+    name: Analyze
+    runs-on: ubuntu-20.04
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          config-file: ./.github/codeql-config.yml
+          languages: javascript
+
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v2
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2
--- a/.github/workflows/installer.yaml
+++ b/.github/workflows/installer.yaml
@@ -6,13 +6,11 @@ on:
      - main
    paths:
      - "install.sh"
-      - ".github/workflows/installer.yaml"
  pull_request:
    branches:
      - main
    paths:
      - "install.sh"
-      - ".github/workflows/installer.yaml"

 # Cancel in-progress runs for pull requests when developers push
 # additional changes, and serialize builds in branches.
@@ -35,8 +33,8 @@ jobs:
      - name: Install code-server
        run: ./install.sh

-      - name: Test code-server was installed globally
-        run: code-server --help
+      - name: Test code-server
+        run: CODE_SERVER_PATH="code-server" yarn test:integration

  alpine:
    name: Test installer on Alpine
@@ -56,11 +54,6 @@ jobs:
      - name: Test standalone to a non-existent prefix
        run: su coder -c "./install.sh --method standalone --prefix /tmp/does/not/yet/exist"

-      # We do not actually have Alpine standalone builds so running code-server
-      # will not work.
-      - name: Test code-server was installed to prefix
-        run: test -f /tmp/does/not/yet/exist/bin/code-server
-
  macos:
    name: Test installer on macOS
    runs-on: macos-latest
@@ -72,5 +65,5 @@ jobs:
      - name: Install code-server
        run: ./install.sh

-      - name: Test code-server was installed globally
-        run: code-server --help
+      - name: Test code-server
+        run: CODE_SERVER_PATH="code-server" yarn test:integration
--- a/.github/workflows/publish.yaml
+++ b/.github/workflows/publish.yaml
@@ -33,7 +33,7 @@ jobs:
        id: download
        with:
          branch: release/v${{ steps.version.outputs.version }}
-          workflow: build.yaml
+          workflow: ci.yaml
          workflow_conclusion: completed
          name: "npm-package"
          path: release-npm-package
@@ -95,7 +95,6 @@ jobs:
        with:
          repository: "cdrci/code-server-aur"
          token: ${{ secrets.HOMEBREW_GITHUB_API_TOKEN }}
-          ref: "master"

      - name: Configure git
        run: |
@@ -148,7 +147,7 @@ jobs:
        run: echo "::set-output name=version::$(jq -r .version package.json)"

      - name: Download release artifacts
-        uses: robinraju/release-downloader@v1.5
+        uses: robinraju/release-downloader@v1.4
        with:
          repository: "coder/code-server"
          tag: v${{ steps.version.outputs.version }}
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -1,251 +0,0 @@
-name: Draft release
-
-on:
-  workflow_dispatch:
-
-permissions:
-  contents: write # For creating releases.
-  discussions: write #  For creating a discussion.
-
-# Cancel in-progress runs for pull requests when developers push
-# additional changes
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: ${{ github.event_name == 'pull_request' }}
-
-jobs:
-  # TODO: cache building yarn --production
-  # possibly 2m30s of savings(?)
-  # this requires refactoring our release scripts
-  package-linux-amd64:
-    name: x86-64 Linux build
-    runs-on: ubuntu-latest
-    timeout-minutes: 15
-    container: "centos:7"
-    env:
-      CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
-
-    steps:
-      - name: Checkout repo
-        uses: actions/checkout@v3
-
-      - name: Install Node.js v16
-        uses: actions/setup-node@v3
-        with:
-          node-version: "16"
-
-      - name: Install development tools
-        run: |
-          yum install -y epel-release centos-release-scl make
-          yum install -y devtoolset-9-{make,gcc,gcc-c++} jq rsync python3
-
-      - name: Install nfpm and envsubst
-        run: |
-          mkdir -p ~/.local/bin
-          curl -sSfL https://github.com/goreleaser/nfpm/releases/download/v2.3.1/nfpm_2.3.1_`uname -s`_`uname -m`.tar.gz | tar -C ~/.local/bin -zxv nfpm
-          curl -sSfL https://github.com/a8m/envsubst/releases/download/v1.1.0/envsubst-`uname -s`-`uname -m` -o envsubst
-          chmod +x envsubst
-          mv envsubst ~/.local/bin
-          echo "$HOME/.local/bin" >> $GITHUB_PATH
-
-      - name: Install yarn
-        run: npm install -g yarn
-
-      - name: Download artifacts
-        uses: dawidd6/action-download-artifact@v2
-        id: download
-        with:
-          branch: ${{ github.ref }}
-          workflow: build.yaml
-          workflow_conclusion: completed
-          check_artifacts: true
-          name: npm-package
-
-      - name: Decompress npm package
-        run: tar -xzf package.tar.gz
-
-      # NOTE: && here is deliberate - GitHub puts each line in its own `.sh`
-      # file when running inside a docker container.
-      - name: Build standalone release
-        run: source scl_source enable devtoolset-9 && yarn release:standalone
-
-      - name: Fetch dependencies from cache
-        id: cache-node-modules
-        uses: actions/cache@v3
-        with:
-          path: "**/node_modules"
-          key: yarn-build-${{ hashFiles('**/yarn.lock') }}
-          restore-keys: |
-            yarn-build-
-
-      - name: Install test dependencies
-        if: steps.cache-node-modules.outputs.cache-hit != 'true'
-        run: SKIP_SUBMODULE_DEPS=1 yarn --frozen-lockfile
-
-      - name: Run integration tests on standalone release
-        run: yarn test:integration
-
-      - name: Upload coverage report to Codecov
-        uses: codecov/codecov-action@v3
-        with:
-          token: ${{ secrets.CODECOV_TOKEN }}
-        if: success()
-
-      - name: Build packages with nfpm
-        run: yarn package
-
-      - uses: softprops/action-gh-release@v1
-        with:
-          draft: true
-          discussion_category_name: "📣 Announcements"
-          files: ./release-packages/*
-
-  # NOTE@oxy:
-  # We use Ubuntu 16.04 here, so that our build is more compatible
-  # with older libc versions. We used to (Q1'20) use CentOS 7 here,
-  # but it has a full update EOL of Q4'20 and a 'critical security'
-  # update EOL of 2024. We're dropping full support a few years before
-  # the final EOL, but I don't believe CentOS 7 has a large arm64 userbase.
-  # It is not feasible to cross-compile with CentOS.
-
-  # Cross-compile notes: To compile native dependencies for arm64,
-  # we install the aarch64/armv7l cross toolchain and then set it as the default
-  # compiler/linker/etc. with the AR/CC/CXX/LINK environment variables.
-  # qemu-user-static on ubuntu-16.04 currently doesn't run Node correctly,
-  # so we just build with "native"/x86_64 node, then download arm64/armv7l node
-  # and then put it in our release. We can't smoke test the cross build this way,
-  # but this means we don't need to maintain a self-hosted runner!
-
-  # NOTE@jsjoeio:
-  # We used to use 16.04 until GitHub deprecated it on September 20, 2021
-  # See here: https://github.com/actions/virtual-environments/pull/3862/files
-  package-linux-cross:
-    name: Linux cross-compile builds
-    runs-on: ubuntu-18.04
-    timeout-minutes: 15
-    strategy:
-      matrix:
-        include:
-          - prefix: aarch64-linux-gnu
-            arch: arm64
-          - prefix: arm-linux-gnueabihf
-            arch: armv7l
-
-    env:
-      AR: ${{ format('{0}-ar', matrix.prefix) }}
-      CC: ${{ format('{0}-gcc', matrix.prefix) }}
-      CXX: ${{ format('{0}-g++', matrix.prefix) }}
-      LINK: ${{ format('{0}-g++', matrix.prefix) }}
-      NPM_CONFIG_ARCH: ${{ matrix.arch }}
-      NODE_VERSION: v16.13.0
-
-    steps:
-      - name: Checkout repo
-        uses: actions/checkout@v3
-
-      - name: Install Node.js v16
-        uses: actions/setup-node@v3
-        with:
-          node-version: "16"
-
-      - name: Install nfpm
-        run: |
-          mkdir -p ~/.local/bin
-          curl -sSfL https://github.com/goreleaser/nfpm/releases/download/v2.3.1/nfpm_2.3.1_`uname -s`_`uname -m`.tar.gz | tar -C ~/.local/bin -zxv nfpm
-          echo "$HOME/.local/bin" >> $GITHUB_PATH
-
-      - name: Install cross-compiler
-        run: sudo apt update && sudo apt install $PACKAGE
-        env:
-          PACKAGE: ${{ format('g++-{0}', matrix.prefix) }}
-
-      - name: Download artifacts
-        uses: dawidd6/action-download-artifact@v2
-        id: download
-        with:
-          branch: ${{ github.ref }}
-          workflow: build.yaml
-          workflow_conclusion: completed
-          check_artifacts: true
-          name: npm-package
-
-      - name: Decompress npm package
-        run: tar -xzf package.tar.gz
-
-      - name: Build standalone release
-        run: yarn release:standalone
-
-      - name: Replace node with cross-compile equivalent
-        run: |
-          wget https://nodejs.org/dist/${NODE_VERSION}/node-${NODE_VERSION}-linux-${NPM_CONFIG_ARCH}.tar.xz
-          tar -xf node-${NODE_VERSION}-linux-${NPM_CONFIG_ARCH}.tar.xz node-${NODE_VERSION}-linux-${NPM_CONFIG_ARCH}/bin/node --strip-components=2
-          mv ./node ./release-standalone/lib/node
-
-      - name: Build packages with nfpm
-        run: yarn package ${NPM_CONFIG_ARCH}
-
-      - uses: softprops/action-gh-release@v1
-        with:
-          draft: true
-          discussion_category_name: "📣 Announcements"
-          files: ./release-packages/*
-
-  package-macos-amd64:
-    name: x86-64 macOS build
-    runs-on: macos-latest
-    timeout-minutes: 15
-    steps:
-      - name: Checkout repo
-        uses: actions/checkout@v3
-
-      - name: Install Node.js v16
-        uses: actions/setup-node@v3
-        with:
-          node-version: "16"
-
-      - name: Install nfpm
-        run: |
-          mkdir -p ~/.local/bin
-          curl -sSfL https://github.com/goreleaser/nfpm/releases/download/v2.3.1/nfpm_2.3.1_`uname -s`_`uname -m`.tar.gz | tar -C ~/.local/bin -zxv nfpm
-          echo "$HOME/.local/bin" >> $GITHUB_PATH
-
-      - name: Download artifacts
-        uses: dawidd6/action-download-artifact@v2
-        id: download
-        with:
-          branch: ${{ github.ref }}
-          workflow: build.yaml
-          workflow_conclusion: completed
-          check_artifacts: true
-          name: npm-package
-
-      - name: Decompress npm package
-        run: tar -xzf package.tar.gz
-
-      - name: Build standalone release
-        run: yarn release:standalone
-
-      - name: Fetch dependencies from cache
-        id: cache-node-modules
-        uses: actions/cache@v3
-        with:
-          path: "**/node_modules"
-          key: yarn-build-${{ hashFiles('**/yarn.lock') }}
-          restore-keys: |
-            yarn-build-
-
-      - name: Install test dependencies
-        if: steps.cache-node-modules.outputs.cache-hit != 'true'
-        run: SKIP_SUBMODULE_DEPS=1 yarn install
-
-      - name: Run native module tests on standalone release
-        run: yarn test:native
-
-      - name: Build packages with nfpm
-        run: yarn package
-
-      - uses: softprops/action-gh-release@v1
-        with:
-          draft: true
-          discussion_category_name: "📣 Announcements"
-          files: ./release-packages/*
--- a/.github/workflows/scripts.yaml
+++ b/.github/workflows/scripts.yaml
@@ -51,17 +51,3 @@ jobs:

      - name: Run script unit tests
        run: ./ci/dev/test-scripts.sh
-
-  lint:
-    name: Lint shell files
-    runs-on: ubuntu-latest
-    timeout-minutes: 5
-    steps:
-      - name: Checkout repo
-        uses: actions/checkout@v3
-
-      - name: Install lint utilities
-        run: sudo apt install shellcheck
-
-      - name: Lint shell files
-        run: ./ci/dev/lint-scripts.sh
--- a/.github/workflows/security.yaml
+++ b/.github/workflows/security.yaml
@@ -1,106 +0,0 @@
-name: Security
-
-on:
-  push:
-    branches: [main]
-    paths:
-      - "package.json"
-  pull_request:
-    paths:
-      - "package.json"
-  schedule:
-    # Runs every Monday morning PST
-    - cron: "17 15 * * 1"
-
-# Cancel in-progress runs for pull requests when developers push
-# additional changes, and serialize builds in branches.
-# https://docs.github.com/en/actions/using-jobs/using-concurrency#example-using-concurrency-to-cancel-any-in-progress-job-or-run
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: ${{ github.event_name == 'pull_request' }}
-
-jobs:
-  audit-ci:
-    name: Audit node modules
-    runs-on: ubuntu-latest
-    timeout-minutes: 15
-    steps:
-      - name: Checkout repo
-        uses: actions/checkout@v3
-        with:
-          fetch-depth: 0
-
-      - name: Install Node.js v16
-        uses: actions/setup-node@v3
-        with:
-          node-version: "16"
-
-      - name: Fetch dependencies from cache
-        id: cache-yarn
-        uses: actions/cache@v3
-        with:
-          path: "**/node_modules"
-          key: yarn-build-${{ hashFiles('**/yarn.lock') }}
-          restore-keys: |
-            yarn-build-
-
-      - name: Install dependencies
-        if: steps.cache-yarn.outputs.cache-hit != 'true'
-        run: SKIP_SUBMODULE_DEPS=1 yarn --frozen-lockfile
-
-      - name: Audit for vulnerabilities
-        run: yarn _audit
-        if: success()
-
-  trivy-scan-repo:
-    name: Scan repo with Trivy
-    permissions:
-      contents: read # for actions/checkout to fetch code
-      security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
-    runs-on: ubuntu-20.04
-    steps:
-      - name: Checkout repo
-        uses: actions/checkout@v3
-        with:
-          fetch-depth: 0
-
-      - name: Run Trivy vulnerability scanner in repo mode
-        uses: aquasecurity/trivy-action@d63413b0a4a4482237085319f7f4a1ce99a8f2ac
-        with:
-          scan-type: "fs"
-          scan-ref: "."
-          ignore-unfixed: true
-          format: "template"
-          template: "@/contrib/sarif.tpl"
-          output: "trivy-repo-results.sarif"
-          severity: "HIGH,CRITICAL"
-
-      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v2
-        with:
-          sarif_file: "trivy-repo-results.sarif"
-
-  codeql-analyze:
-    permissions:
-      actions: read # for github/codeql-action/init to get workflow details
-      contents: read # for actions/checkout to fetch code
-      security-events: write # for github/codeql-action/autobuild to send a status report
-    name: Analyze with CodeQL
-    runs-on: ubuntu-20.04
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v3
-
-      # Initializes the CodeQL tools for scanning.
-      - name: Initialize CodeQL
-        uses: github/codeql-action/init@v2
-        with:
-          config-file: ./.github/codeql-config.yml
-          languages: javascript
-
-      - name: Autobuild
-        uses: github/codeql-action/autobuild@v2
-
-      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v2
--- a/.stylelintrc.yaml
+++ b/.stylelintrc.yaml
@@ -0,0 +1,2 @@
+extends:
+  - stylelint-config-recommended
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -20,43 +20,14 @@ Code v99.99.999

 -->

-## [4.7.1](https://github.com/coder/code-server/releases/tag/v4.7.1) - 2022-09-30
-
-Code v1.71.2
-
-### Changed
-
- Updated Code to 1.71.2
-
-### Fixed
-
- Fixed install script not upgrading code-server when already installed on RPM-based machines
- Fixed install script failing to gain root permissions on FreeBSD
-
-## [4.7.0](https://github.com/coder/code-server/releases/tag/v4.7.0) - 2022-09-09
-
-Code v1.71.0
-
-### Changed
-
- Updated Code to 1.71.0
-
-### Removed
-
- Dropped heartbeat patch because it was implemented upstream
-
-### Fixed
-
- Add flags --unsafe-perm --legacy-peer-deps in `npm-postinstsall.sh` which ensures installing with npm works correctly
-
-## [4.6.1](https://github.com/coder/code-server/releases/tag/v4.6.1) - 2022-09-31
+## [4.6.1](https://github.com/coder/code-server/releases/tag/v4.6.1) - 2022-08-31

 Code v1.70.2

 ### Changed

- Updated Code to 1.70.2
- Updated `argon2` to 0.29.0 which should fix issues on FreeBSD
+- Updated Code to 1.70.2.
+- Updated `argon2` to 0.29.0 which should fix issues on FreeBSD.
 - Updated docs to suggest using `npm` instead of `yarn`

 ### Removed
@@ -65,7 +36,7 @@ Code v1.70.2

 ### Fixed

- Fixed preservation of `process.execArgv` which means you can pass `--prof` to profile code-server
+- Fixed preservation of `process.execArgv` which means you can pass `--prof` to profile code-server.

 ## [4.6.0](https://github.com/coder/code-server/releases/tag/v4.6.0) - 2022-08-17

--- a/ci/build/build-standalone-release.sh
+++ b/ci/build/build-standalone-release.sh
@@ -24,8 +24,11 @@ main() {
  rsync ./ci/build/code-server.sh "$RELEASE_PATH/bin/code-server"
  rsync "$node_path" "$RELEASE_PATH/lib/node"

+  ln -s "./bin/code-server" "$RELEASE_PATH/code-server"
+  ln -s "./lib/node" "$RELEASE_PATH/node"
+
  pushd "$RELEASE_PATH"
-  npm install --unsafe-perm --omit=dev
+  yarn --production --frozen-lockfile
  popd
 }

--- a/ci/build/build-vscode.sh
+++ b/ci/build/build-vscode.sh
@@ -23,9 +23,6 @@ copy-bin-script() {
  # shellcheck disable=SC2016
  sed -i.bak 's/^ROOT=\(.*\)$/VSROOT=\1\nROOT="$(dirname "$(dirname "$VSROOT")")"/g' "$dest"
  sed -i.bak 's/ROOT\/out/VSROOT\/out/g' "$dest"
-  # We do not want expansion here; this text should make it to the file as-is.
-  # shellcheck disable=SC2016
-  sed -i.bak 's/$ROOT\/node/${NODE_EXEC_PATH:-$ROOT\/lib\/node}/g' "$dest"

  # Fix Node path on Windows.
  sed -i.bak 's/^set ROOT_DIR=\(.*\)$/set ROOT_DIR=%~dp0..\\..\\..\\..\r\nset VSROOT_DIR=\1/g' "$dest"
@@ -82,10 +79,7 @@ main() {
    "newsletterSignupUrl": "https://www.research.net/r/vsc-newsletter",
    "linkProtectionTrustedDomains": [
      "https://open-vsx.org"
-    ],
-    "aiConfig": {
-      "ariaKey": "code-server"
-    }
+    ]
  }
 EOF
  ) > product.json
--- a/ci/build/code-server.sh
+++ b/ci/build/code-server.sh
@@ -11,6 +11,14 @@ _realpath() {
  cd "$(dirname "$script")"

  while [ -L "$(basename "$script")" ]; do
+    if [ -L "./node" ] && [ -L "./code-server" ] \
+      && [ -f "package.json" ] \
+      && cat package.json | grep -q '^  "name": "code-server",$'; then
+      echo "***** Please use the script in bin/code-server instead!" >&2
+      echo "***** This script will soon be removed!" >&2
+      echo "***** See the release notes at https://github.com/coder/code-server/releases/tag/v3.4.0" >&2
+    fi
+
    script="$(readlink "$(basename "$script")")"
    cd "$(dirname "$script")"
  done
--- a/ci/build/npm-postinstall.sh
+++ b/ci/build/npm-postinstall.sh
@@ -140,10 +140,7 @@ install_with_yarn_or_npm() {
        echo "yarn.lock file present, running in development mode. use yarn to install code-server!"
        exit 1
      else
-        # HACK: NPM's use of semver doesn't like resolving some peerDependencies that vscode (upstream) brings in the form of pre-releases.
-        # The legacy behavior doesn't complain about pre-releases being used, falling back to that for now.
-        # See https://github.com//pull/5071
-        npm install --unsafe-perm --legacy-peer-deps --omit=dev
+        npm install --omit=dev
      fi
      ;;
    *)
--- a/ci/build/release-github-assets.sh
+++ b/ci/build/release-github-assets.sh
@@ -0,0 +1,28 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+# Downloads the release artifacts from CI for the current
+# commit and then uploads them to the release with the version
+# in package.json.
+# You will need $GITHUB_TOKEN set.
+
+main() {
+  cd "$(dirname "$0")/../.."
+  source ./ci/lib.sh
+  source ./ci/steps/steps-lib.sh
+
+  # NOTE@jsjoeio - only needed if we use the download_artifact
+  # because we talk to the GitHub API.
+  # Needed to use GitHub API
+  if ! is_env_var_set "GITHUB_TOKEN"; then
+    echo "GITHUB_TOKEN is not set. Cannot download npm release-packages without GitHub credentials."
+    exit 1
+  fi
+
+  download_artifact release-packages ./release-packages
+  local assets=(./release-packages/code-server*"$VERSION"*{.tar.gz,.deb,.rpm})
+
+  EDITOR=true gh release upload "v$VERSION" "${assets[@]}" --clobber
+}
+
+main "$@"
--- a/ci/build/release-github-draft.sh
+++ b/ci/build/release-github-draft.sh
@@ -0,0 +1,50 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+# Creates a draft release with the template for the version in package.json
+
+main() {
+  cd "$(dirname "$0")/../.."
+  source ./ci/lib.sh
+
+  gh release create "v$VERSION" \
+    --notes-file - \
+    --target "$(git rev-parse HEAD)" \
+    --draft << EOF
+v$VERSION
+
+VS Code v$(vscode_version)
+
+Upgrading is as easy as installing the new version over the old one. code-server
+maintains all user data in \`~/.local/share/code-server\` so that it is preserved in between
+installations.
+
+## New Features
+
+⭐ Summarize new features here with references to issues
+
+  - item
+
+## Bug Fixes
+
+⭐ Summarize bug fixes here with references to issues
+
+  - item
+
+## Documentation
+
+⭐ Summarize doc changes here with references to issues
+
+  - item
+
+## Development
+
+⭐ Summarize development/testing changes here with references to issues
+
+  - item
+
+Cheers! 🍻
+EOF
+}
+
+main "$@"
--- a/ci/build/release-prep.sh
+++ b/ci/build/release-prep.sh
@@ -9,9 +9,6 @@

 set -euo pipefail

-CHECKMARK="\xE2\x9C\x94"
-DASH="-"
-
 main() {
  if [ "${DRY_RUN-}" = 1 ]; then
    echo "Performing a dry run..."
@@ -79,12 +76,11 @@ main() {
  CODE_SERVER_CURRENT_VERSION=$(node -pe "require('./package.json').version")
  # Ask which version we should update to
  # In the future, we'll automate this and determine the latest version automatically
-  echo -e "$DASH Current version: ${CODE_SERVER_CURRENT_VERSION}"
+  echo "Current version: ${CODE_SERVER_CURRENT_VERSION}"
  # The $'\n' adds a line break. See: https://stackoverflow.com/a/39581815/3015595
-  CODE_SERVER_VERSION_TO_UPDATE=$(git rev-parse --abbrev-ref HEAD | perl -pe '($_)=/([0-9]+([.][0-9]+)+)/')
-  echo -e "$CHECKMARK Version in branch name"
-  echo -e "$CHECKMARK Updating to: $CODE_SERVER_VERSION_TO_UPDATE"
+  read -r -p "What version of code-server do you want to update to?"$'\n' CODE_SERVER_VERSION_TO_UPDATE

+  echo -e "Great! We'll prep a PR for updating to $CODE_SERVER_VERSION_TO_UPDATE\n"
  $CMD rg -g '!yarn.lock' -g '!*.svg' -g '!CHANGELOG.md' -g '!lib/vscode/**' --files-with-matches --fixed-strings "${CODE_SERVER_CURRENT_VERSION}" | $CMD xargs sd "$CODE_SERVER_CURRENT_VERSION" "$CODE_SERVER_VERSION_TO_UPDATE"

  $CMD git commit --no-verify -am "chore(release): bump version to $CODE_SERVER_VERSION_TO_UPDATE"
--- a/ci/dev/lint-scripts.sh
+++ b/ci/dev/lint-scripts.sh
@@ -1,9 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-
-main() {
-  cd "$(dirname "$0")/../.."
-  shellcheck -e SC2046,SC2164,SC2154,SC1091,SC1090,SC2002 $(git ls-files '*.sh' | grep -v 'lib/vscode')
-}
-
-main "$@"
--- a/ci/dev/lint.sh
+++ b/ci/dev/lint.sh
@@ -0,0 +1,18 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+main() {
+  cd "$(dirname "$0")/../.."
+
+  eslint --max-warnings=0 --fix $(git ls-files "*.ts" "*.tsx" "*.js" | grep -v "lib/vscode")
+  stylelint $(git ls-files "*.css" | grep -v "lib/vscode")
+  tsc --noEmit --skipLibCheck
+  shellcheck -e SC2046,SC2164,SC2154,SC1091,SC1090,SC2002 $(git ls-files "*.sh" | grep -v "lib/vscode")
+  if command -v helm && helm kubeval --help > /dev/null; then
+    helm kubeval ci/helm-chart
+  fi
+
+  cd "$OLDPWD"
+}
+
+main "$@"
--- a/ci/dev/test-native.sh
+++ b/ci/dev/test-native.sh
@@ -1,39 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-
-help() {
-  echo >&2 "  You can build the standalone release with 'yarn release:standalone'"
-  echo >&2 "  Or you can pass in a custom path."
-  echo >&2 "  CODE_SERVER_PATH='/var/tmp/coder/code-server/bin/code-server' yarn test:integration"
-}
-
-# Make sure a code-server release works. You can pass in the path otherwise it
-# will look for release-standalone in the current directory.
-#
-# This is to make sure we don't have Node version errors or any other
-# compilation-related errors.
-main() {
-  cd "$(dirname "$0")/../.."
-
-  source ./ci/lib.sh
-
-  local path="$RELEASE_PATH-standalone/bin/code-server"
-  if [[ ! ${CODE_SERVER_PATH-} ]]; then
-    echo "Set CODE_SERVER_PATH to test another build of code-server"
-  else
-    path="$CODE_SERVER_PATH"
-  fi
-
-  echo "Running tests with code-server binary: '$path'"
-
-  if [[ ! -f $path ]]; then
-    echo >&2 "No code-server build detected"
-    echo >&2 "Looked in $path"
-    help
-    exit 1
-  fi
-
-  CODE_SERVER_PATH="$path" ./test/node_modules/.bin/jest "$@" --coverage=false --testRegex "./test/integration/help.test.ts"
-}
-
-main "$@"
--- a/ci/helm-chart/Chart.yaml
+++ b/ci/helm-chart/Chart.yaml
@@ -15,9 +15,9 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 3.2.3
+version: 3.2.1

 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
-appVersion: 4.7.1
+appVersion: 4.6.1
--- a/ci/helm-chart/values.yaml
+++ b/ci/helm-chart/values.yaml
@@ -6,7 +6,7 @@ replicaCount: 1

 image:
  repository: codercom/code-server
-  tag: '4.7.1'
+  tag: '4.6.1'
  pullPolicy: Always

 # Specifies one or more secrets to be used when pulling images from a
--- a/ci/lib.sh
+++ b/ci/lib.sh
@@ -44,6 +44,47 @@ arch() {
  echo "$cpu"
 }

+# Grabs the most recent ci.yaml github workflow run that was triggered from the
+# pull request of the release branch for this version (regardless of whether
+# that run succeeded or failed). The release branch name must be in semver
+# format with a v prepended.
+# This will contain the artifacts we want.
+# https://developer.github.com/v3/actions/workflow-runs/#list-workflow-runs
+get_artifacts_url() {
+  local artifacts_url
+  local version_branch="release/v$VERSION"
+  local workflow_runs_url="repos/:owner/:repo/actions/workflows/ci.yaml/runs?event=pull_request&branch=$version_branch"
+  artifacts_url=$(gh api "$workflow_runs_url" | jq -r ".workflow_runs[] | select(.head_branch == \"$version_branch\") | .artifacts_url" | head -n 1)
+  if [[ -z "$artifacts_url" ]]; then
+    echo >&2 "ERROR: artifacts_url came back empty"
+    echo >&2 "We looked for a successful run triggered by a pull_request with for code-server version: $VERSION and a branch named $version_branch"
+    echo >&2 "URL used for gh API call: $workflow_runs_url"
+    exit 1
+  fi
+
+  echo "$artifacts_url"
+}
+
+# Grabs the artifact's download url.
+# https://developer.github.com/v3/actions/artifacts/#list-workflow-run-artifacts
+get_artifact_url() {
+  local artifact_name="$1"
+  gh api "$(get_artifacts_url)" | jq -r ".artifacts[] | select(.name == \"$artifact_name\") | .archive_download_url" | head -n 1
+}
+
+# Uses the above two functions to download a artifact into a directory.
+download_artifact() {
+  local artifact_name="$1"
+  local dst="$2"
+
+  local tmp_file
+  tmp_file="$(mktemp)"
+
+  gh api "$(get_artifact_url "$artifact_name")" > "$tmp_file"
+  unzip -q -o "$tmp_file" -d "$dst"
+  rm "$tmp_file"
+}
+
 rsync() {
  command rsync -a --del "$@"
 }
--- a/docs/CONTRIBUTING.md
+++ b/docs/CONTRIBUTING.md
@@ -111,15 +111,6 @@ re-apply the patches.
 6. Commit the updated submodule and patches to `code-server`.
 7. Open a PR.

-Tip: if you're certain all patches are applied correctly and you simply need to
-refresh, you can use this trick:
-
-```shell
-while quilt push; do quilt refresh; done
-```
-
-[Source](https://raphaelhertzog.com/2012/08/08/how-to-use-quilt-to-manage-patches-in-debian-packages/)
-
 ### Patching Code

 0. You can go through the patch stack with `quilt push` and `quilt pop`.
--- a/docs/MAINTAINING.md
+++ b/docs/MAINTAINING.md
@@ -8,6 +8,7 @@
 - [Workflow](#workflow)
  - [Milestones](#milestones)
  - [Triage](#triage)
+  - [Project boards](#project-boards)
 - [Versioning](#versioning)
 - [Pull requests](#pull-requests)
  - [Merge strategies](#merge-strategies)
@@ -41,7 +42,7 @@ Occasionally, other Coder employees may step in time to time to assist with code

 To onboard a new maintainer to the project, please make sure to do the following:

- [ ] Add to [coder/code-server](https://github.com/orgs/coder/teams/code-server)
+- [ ] Add to [coder/code-server-reviewers](https://github.com/orgs/coder/teams/code-server-reviewers)
 - [ ] Add as Admin under [Repository Settings > Access](https://github.com/coder/code-server/settings/access)
 - [ ] Add to [npm Coder org](https://www.npmjs.com/org/coder)
 - [ ] Add as [AUR maintainer](https://aur.archlinux.org/packages/code-server/) (talk to Colin)
@@ -71,7 +72,7 @@ Here are the milestones we use and how we use them:
 - "On Deck" -> Work under consideration for upcoming milestones.
 - "Backlog Candidates" -> Work that is not yet accepted for the backlog. We wait
  for the community to weigh in.
- "<Month>" -> Work to be done for said month.
+- "<0.0.0>" -> Work to be done for a specific version.

 With this flow, any un-assigned issues are essentially in triage state. Once
 triaged, issues are either "Backlog" or "Backlog Candidates". They will
@@ -90,6 +91,19 @@ We use the following process for triaging GitHub issues:
   2. If not urgent, add to "Backlog"
   3. Otherwise, add to "Backlog Candidate" for future consideration

+### Project boards
+
+We use project boards for projects or goals that span multiple milestones.
+
+Think of this as a place to put miscellaneous things (like testing, clean up
+stuff, etc). As a maintainer, random tasks may come up here and there. The
+project boards give you places to add temporary notes before opening a new
+issue. Given that our release milestones function off of issues, we believe
+tasks should have dedicated issues.
+
+Project boards also give us a way to separate the issue triage from
+bigger-picture, long-term work.
+
 ## Versioning

 `<major.minor.patch>`
@@ -137,19 +151,43 @@ changelog](https://github.com/emacs-mirror/emacs/blob/master/etc/NEWS).

 ## Releases

+With each release, we rotate the role of release manager to ensure every
+maintainer goes through the process. This helps us keep documentation up-to-date
+and encourages us to continually review and improve the flow.
+
+If you're the current release manager, follow these steps:
+
+1. Create a [release issue](../.github/ISSUE_TEMPLATE/release.md)
+1. Fill out checklist
+1. Publish the release
+1. After release is published, close release milestone
+
 ### Publishing a release

 1. Create a new branch called `release/v0.0.0` (replace 0s with actual version aka v4.5.0)
   1. If you don't do this, the `npm-brew` GitHub workflow will fail. It looks for the release artifacts under the branch pattern.
-1. Run `yarn release:prep`
+1. Run `yarn release:prep` and type in the new version (e.g., `3.8.1`)
+1. GitHub Actions will generate the `npm-package`, `release-packages` and
+   `release-images` artifacts. You do not have to wait for this step to complete
+   before proceeding.
+1. Run `yarn release:github-draft` to create a GitHub draft release from the
+   template with the updated version. Make sure to update the `CHANGELOG.md`.
 1. Bump chart version in `Chart.yaml`.
-1. Summarize the major changes in the `CHANGELOG.md`
-1. Download CI artifacts and make sure code-server works locally.
-1. Merge PR and wait for CI build on `main` to finish.
-1. Go to GitHub Actions > Draft release > Run workflow off `main`. CI will automatically upload the artifacts to the release.
-1. Add the release notes from the `CHANGELOG.md` and publish release. CI will automatically grab the
+1. Summarize the major changes in the release notes and link to the relevant
+   issues.
+1. Change the @ to target the version branch. Example: `v3.9.0 @ Target: release/v3.9.0`
+1. Wait for the `npm-package`, `release-packages` and `release-images` artifacts
+   to build.
+1. Run `yarn release:github-assets` to download the `release-packages` artifact.
+   They will upload them to the draft release.
+1. Run some basic sanity tests on one of the released packages (pay special
+   attention to making sure the terminal works).
+1. Publish the release and merge the PR. CI will automatically grab the
   artifacts, publish the NPM package from `npm-package`, and publish the Docker
   Hub image from `release-images`.
+1. Update the AUR package. Instructions for updating the AUR package are at
+   [coder/code-server-aur](https://github.com/coder/code-server-aur).
+1. Wait for the npm package to be published.

 #### AUR

--- a/docs/SECURITY.md
+++ b/docs/SECURITY.md
@@ -16,10 +16,10 @@ We use the following tools to help us stay on top of vulnerability mitigation.
  - [trivy](https://github.com/aquasecurity/trivy)
    - Comprehensive vulnerability scanner that runs on PRs into the default
      branch and scans both our container image and repository code (see
-      `trivy-scan-repo` and `trivy-scan-image` jobs in `build.yaml`)
+      `trivy-scan-repo` and `trivy-scan-image` jobs in `ci.yaml`)
 - [`audit-ci`](https://github.com/IBM/audit-ci)
  - Audits npm and Yarn dependencies in CI (see `Audit for vulnerabilities` step
-    in `build.yaml`) on PRs into the default branch and fails CI if moderate or
+    in `ci.yaml`) on PRs into the default branch and fails CI if moderate or
    higher vulnerabilities (see the `audit.sh` script) are present.

 ## Supported Versions
--- a/docs/collaboration.md
+++ b/docs/collaboration.md
@@ -60,6 +60,6 @@ As `code-server` is based on VS Code, you can follow the steps described on Duck
   code-server --enable-proposed-api genuitecllc.codetogether
   ```

-   Another option would be to add a value in code-server's [config file](https://coder.com/docs/code-server/latest/FAQ#how-does-the-config-file-work).
+   Another option would be to add a value in code-server's [config file](https://coder.com/docs/code-server/v4.6.1/FAQ#how-does-the-config-file-work).

 3. Refresh code-server and navigate to the CodeTogether icon in the sidebar to host or join a coding session.
--- a/docs/helm.md
+++ b/docs/helm.md
@@ -1,6 +1,6 @@
 # code-server Helm Chart

-[![Version: 1.0.0](https://img.shields.io/badge/Version-1.0.0-informational?style=flat-square)](https://img.shields.io/badge/Version-1.0.0-informational?style=flat-square) [![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)](https://img.shields.io/badge/Type-application-informational?style=flat-square) [![AppVersion: 4.7.1](https://img.shields.io/badge/AppVersion-4.7.1-informational?style=flat-square)](https://img.shields.io/badge/AppVersion-4.7.1-informational?style=flat-square)
+[![Version: 1.0.0](https://img.shields.io/badge/Version-1.0.0-informational?style=flat-square)](https://img.shields.io/badge/Version-1.0.0-informational?style=flat-square) [![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)](https://img.shields.io/badge/Type-application-informational?style=flat-square) [![AppVersion: 4.6.1](https://img.shields.io/badge/AppVersion-4.6.1-informational?style=flat-square)](https://img.shields.io/badge/AppVersion-4.6.1-informational?style=flat-square)

 [code-server](https://github.com/coder/code-server) code-server is VS Code running
 on a remote server, accessible through the browser.
@@ -73,7 +73,7 @@ and their default values.
 | hostnameOverride                            | string | `""`                     |
 | image.pullPolicy                            | string | `"Always"`               |
 | image.repository                            | string | `"codercom/code-server"` |
-| image.tag                                   | string | `"4.7.1"`                |
+| image.tag                                   | string | `"4.6.1"`                |
 | imagePullSecrets                            | list   | `[]`                     |
 | ingress.enabled                             | bool   | `false`                  |
 | nameOverride                                | string | `""`                     |
--- a/docs/install.md
+++ b/docs/install.md
@@ -109,7 +109,7 @@ We recommend installing with `npm` when:

 Installing code-server with `npm` builds native modules on install.

-This process requires C dependencies; see our guide on [installing with npm](./npm.md) for more information.
+This process requires C dependencies; see our guide on [installing with npm][./npm.md](./npm.md) for more information.

 ## Standalone releases

@@ -154,8 +154,8 @@ code-server
 > upgrade or [build with npm](#npm).

 ```bash
-curl -fOL https://github.com/coder/code-server/releases/download/v$VERSION/code-server_${VERSION}_amd64.deb
-sudo dpkg -i code-server_${VERSION}_amd64.deb
+curl -fOL https://github.com/coder/code-server/releases/download/v$VERSION/code-server_$VERSION_amd64.deb
+sudo dpkg -i code-server_$VERSION_amd64.deb
 sudo systemctl enable --now code-server@$USER
 # Now visit http://127.0.0.1:8080. Your password is in ~/.config/code-server/config.yaml
 ```
--- a/docs/manifest.json
+++ b/docs/manifest.json
@@ -1,5 +1,5 @@
 {
-  "versions": ["v4.7.1"],
+  "versions": ["v4.6.1"],
  "routes": [
    {
      "title": "Home",
--- a/install.sh
+++ b/install.sh
@@ -364,7 +364,7 @@ install_rpm() {

  fetch "https://github.com/coder/code-server/releases/download/v$VERSION/code-server-$VERSION-$ARCH.rpm" \
    "$CACHE_DIR/code-server-$VERSION-$ARCH.rpm"
-  sudo_sh_c rpm -U "$CACHE_DIR/code-server-$VERSION-$ARCH.rpm"
+  sudo_sh_c rpm -i "$CACHE_DIR/code-server-$VERSION-$ARCH.rpm"

  echo_systemd_postinstall rpm
 }
@@ -556,7 +556,7 @@ sudo_sh_c() {
  elif command_exists sudo; then
    sh_c "sudo $*"
  elif command_exists su; then
-    sh_c "su root -c '$*'"
+    sh_c "su - -c '$*'"
  else
    echoh
    echoerr "This script needs to run the following command as root."
--- a/lib/vscode
+++ b/lib/vscode
--- a/package.json
+++ b/package.json
@@ -1,7 +1,7 @@
 {
  "name": "code-server",
  "license": "MIT",
-  "version": "4.7.1",
+  "version": "4.6.1",
  "description": "Run VS Code on a remote server.",
  "homepage": "https://github.com/coder/code-server",
  "bugs": {
@@ -14,12 +14,13 @@
    "build:vscode": "./ci/build/build-vscode.sh",
    "release": "./ci/build/build-release.sh",
    "release:standalone": "./ci/build/build-standalone-release.sh",
+    "release:github-draft": "./ci/build/release-github-draft.sh",
+    "release:github-assets": "./ci/build/release-github-assets.sh",
    "release:prep": "./ci/build/release-prep.sh",
    "test:e2e": "VSCODE_IPC_HOOK_CLI= ./ci/dev/test-e2e.sh",
    "test:e2e:proxy": "USE_PROXY=1 ./ci/dev/test-e2e.sh",
    "test:unit": "./ci/dev/test-unit.sh --forceExit --detectOpenHandles",
    "test:integration": "./ci/dev/test-integration.sh",
-    "test:native": "./ci/dev/test-native.sh",
    "test:scripts": "./ci/dev/test-scripts.sh",
    "package": "./ci/build/build-packages.sh",
    "postinstall": "./ci/dev/postinstall.sh",
@@ -27,8 +28,7 @@
    "publish:docker": "./ci/steps/docker-buildx-push.sh",
    "_audit": "./ci/dev/audit.sh",
    "fmt": "./ci/dev/fmt.sh",
-    "lint:scripts": "./ci/dev/lint-scripts.sh",
-    "lint:ts": "eslint --max-warnings=0 --fix $(git ls-files '*.ts' '*.js' | grep -v 'lib/vscode')",
+    "lint": "./ci/dev/lint.sh",
    "test": "echo 'Run yarn test:unit or yarn test:e2e' && exit 1",
    "ci": "./ci/dev/ci.sh",
    "watch": "VSCODE_DEV=1 VSCODE_IPC_HOOK_CLI= NODE_OPTIONS='--max_old_space_size=32384 --trace-warnings' ts-node ./ci/dev/watch.ts",
@@ -55,12 +55,15 @@
    "audit-ci": "^6.0.0",
    "doctoc": "^2.0.0",
    "eslint": "^7.7.0",
-    "eslint-config-prettier": "^8.5.0",
+    "eslint-config-prettier": "^8.1.0",
    "eslint-import-resolver-typescript": "^2.5.0",
    "eslint-plugin-import": "^2.18.2",
    "eslint-plugin-prettier": "^4.0.0",
    "prettier": "^2.2.1",
    "prettier-plugin-sh": "^0.12.0",
+    "shellcheck": "^1.0.0",
+    "stylelint": "^13.0.0",
+    "stylelint-config-recommended": "^5.0.0",
    "ts-node": "^10.0.0",
    "typescript": "^4.6.2"
  },
@@ -75,7 +78,7 @@
    "vfile-message": "^2.0.2",
    "tar": "^6.1.9",
    "path-parse": "^1.0.7",
-    "vm2": "^3.9.11",
+    "vm2": "^3.9.6",
    "follow-redirects": "^1.14.8",
    "node-fetch": "^2.6.7",
    "nanoid": "^3.1.31",
@@ -84,7 +87,7 @@
    "@types/node": "^16.0.0"
  },
  "dependencies": {
-    "@coder/logger": "^3.0.0",
+    "@coder/logger": "1.1.16",
    "argon2": "^0.29.0",
    "compression": "^1.7.4",
    "cookie-parser": "^1.4.5",
--- a/patches/cli-window-open.diff
+++ b/patches/cli-window-open.diff
@@ -13,15 +13,62 @@ To test:
 The file or directory should only open from the instance attached to that
 terminal.

+Index: code-server/lib/vscode/src/vs/server/node/remoteTerminalChannel.ts
+===================================================================
+--- code-server.orig/lib/vscode/src/vs/server/node/remoteTerminalChannel.ts
+++ code-server/lib/vscode/src/vs/server/node/remoteTerminalChannel.ts
+@@ -89,7 +89,7 @@ export class RemoteTerminalChannel exten
+ 		uriTransformer: IURITransformer;
+ 	}>();
+ 
+-	private readonly _onExecuteCommand = this._register(new Emitter<{ reqId: number; commandId: string; commandArgs: any[] }>());
+	private readonly _onExecuteCommand = this._register(new Emitter<{ reqId: number; terminalId: number; commandId: string; commandArgs: any[] }>());
+ 	readonly onExecuteCommand = this._onExecuteCommand.event;
+ 
+ 	constructor(
+@@ -241,20 +241,20 @@ export class RemoteTerminalChannel exten
+ 		const ipcHandlePath = createRandomIPCHandle();
+ 		env.VSCODE_IPC_HOOK_CLI = ipcHandlePath;
+ 		const commandsExecuter: ICommandsExecuter = {
+-			executeCommand: <T>(id: string, ...args: any[]): Promise<T> => this._executeCommand(id, args, uriTransformer)
+			executeCommand: <T>(commandId: string, ...args: any[]): Promise<T> => this._executeCommand(terminalId, commandId, args, uriTransformer)
+ 		};
+ 		const cliServer = new CLIServerBase(commandsExecuter, this._logService, ipcHandlePath);
+ 
+-		const id = await this._ptyService.createProcess(shellLaunchConfig, initialCwd, args.cols, args.rows, args.unicodeVersion, env, baseEnv, args.options, args.shouldPersistTerminal, args.workspaceId, args.workspaceName);
+-		this._ptyService.onProcessExit(e => e.id === id && cliServer.dispose());
+		const terminalId = await this._ptyService.createProcess(shellLaunchConfig, initialCwd, args.cols, args.rows, args.unicodeVersion, env, baseEnv, args.options, args.shouldPersistTerminal, args.workspaceId, args.workspaceName);
+		this._ptyService.onProcessExit(e => e.id === terminalId && cliServer.dispose());
+ 
+ 		return {
+-			persistentTerminalId: id,
+			persistentTerminalId: terminalId,
+ 			resolvedShellLaunchConfig: shellLaunchConfig
+ 		};
+ 	}
+ 
+-	private _executeCommand<T>(commandId: string, commandArgs: any[], uriTransformer: IURITransformer): Promise<T> {
+	private _executeCommand<T>(terminalId: number, commandId: string, commandArgs: any[], uriTransformer: IURITransformer): Promise<T> {
+ 		let resolve!: (data: any) => void;
+ 		let reject!: (err: any) => void;
+ 		const result = new Promise<T>((_resolve, _reject) => {
+@@ -277,6 +277,7 @@ export class RemoteTerminalChannel exten
+ 		});
+ 		this._onExecuteCommand.fire({
+ 			reqId,
+			terminalId,
+ 			commandId,
+ 			commandArgs: serializedCommandArgs
+ 		});
 Index: code-server/lib/vscode/src/vs/workbench/contrib/terminal/browser/remoteTerminalBackend.ts
 ===================================================================
 --- code-server.orig/lib/vscode/src/vs/workbench/contrib/terminal/browser/remoteTerminalBackend.ts
 +++ code-server/lib/vscode/src/vs/workbench/contrib/terminal/browser/remoteTerminalBackend.ts
-@@ -99,10 +99,14 @@ class RemoteTerminalBackend extends Base
- 			}
+@@ -94,10 +94,14 @@ class RemoteTerminalBackend extends Base
+ 		this._remoteTerminalChannel.onExecuteCommand(async e => {
 			const reqId = e.reqId;
 			const commandId = e.commandId;
-+			const terminalId = e.persistentProcessId;
+			const terminalId = e.terminalId;
 			if (!allowedCommands.includes(commandId)) {
 				this._remoteTerminalChannel.sendCommandResult(reqId, true, 'Invalid remote cli command: ' + commandId);
 				return;
@@ -32,3 +79,18 @@ Index: code-server/lib/vscode/src/vs/workbench/contrib/terminal/browser/remoteTe
 			const commandArgs = e.commandArgs.map(arg => revive(arg));
 			try {
 				const result = await this._commandService.executeCommand(e.commandId, ...commandArgs);
+Index: code-server/lib/vscode/src/vs/workbench/contrib/terminal/common/remoteTerminalChannel.ts
+===================================================================
+--- code-server.orig/lib/vscode/src/vs/workbench/contrib/terminal/common/remoteTerminalChannel.ts
+++ code-server/lib/vscode/src/vs/workbench/contrib/terminal/common/remoteTerminalChannel.ts
+@@ -88,8 +88,8 @@ export class RemoteTerminalChannelClient
+ 	get onProcessOrphanQuestion(): Event<{ id: number }> {
+ 		return this._channel.listen<{ id: number }>('$onProcessOrphanQuestion');
+ 	}
+-	get onExecuteCommand(): Event<{ reqId: number; commandId: string; commandArgs: any[] }> {
+-		return this._channel.listen<{ reqId: number; commandId: string; commandArgs: any[] }>('$onExecuteCommand');
+	get onExecuteCommand(): Event<{ reqId: number; terminalId: number; commandId: string; commandArgs: any[] }> {
+		return this._channel.listen<{ reqId: number; terminalId: number; commandId: string; commandArgs: any[] }>('$onExecuteCommand');
+ 	}
+ 	get onDidRequestDetach(): Event<{ requestId: number; workspaceId: string; instanceId: number }> {
+ 		return this._channel.listen<{ requestId: number; workspaceId: string; instanceId: number }>('$onDidRequestDetach');
--- a/patches/connection-type.diff
+++ b/patches/connection-type.diff
@@ -0,0 +1,26 @@
+Add connection type to web sockets
+
+This allows the backend to distinguish them.  In our case we use them to count a
+single "open" of Code so we need to be able to distinguish between web sockets
+from two instances and two web sockets used in a single instance.
+
+To test this,
+1. Run code-server
+2. Open Network tab in Browser DevTools and filter for websocket requests
+3. You should see the `type=<connection-type>` in the request url
+
+
+Index: code-server/lib/vscode/src/vs/platform/remote/common/remoteAgentConnection.ts
+===================================================================
+--- code-server.orig/lib/vscode/src/vs/platform/remote/common/remoteAgentConnection.ts
+++ code-server/lib/vscode/src/vs/platform/remote/common/remoteAgentConnection.ts
+@@ -233,7 +233,8 @@ async function connectToRemoteExtensionH
+ 
+ 	let socket: ISocket;
+ 	try {
+-		socket = await createSocket(options.logService, options.socketFactory, options.host, options.port, getRemoteServerRootPath(options), `reconnectionToken=${options.reconnectionToken}&reconnection=${options.reconnectionProtocol ? 'true' : 'false'}`, `renderer-${connectionTypeToString(connectionType)}-${options.reconnectionToken}`, timeoutCancellationToken);
+
+		socket = await createSocket(options.logService, options.socketFactory, options.host, options.port, getRemoteServerRootPath(options), `type=${connectionTypeToString(connectionType)}&reconnectionToken=${options.reconnectionToken}&reconnection=${options.reconnectionProtocol ? 'true' : 'false'}`, `renderer-${connectionTypeToString(connectionType)}-${options.reconnectionToken}`, timeoutCancellationToken);
+ 	} catch (error) {
+ 		options.logService.error(`${logPrefix} socketFactory.connect() failed or timed out. Error:`);
+ 		options.logService.error(error);
--- a/patches/disable-builtin-ext-update.diff
+++ b/patches/disable-builtin-ext-update.diff
@@ -7,7 +7,7 @@ Index: code-server/lib/vscode/src/vs/workbench/contrib/extensions/browser/extens
 ===================================================================
 --- code-server.orig/lib/vscode/src/vs/workbench/contrib/extensions/browser/extensionsWorkbenchService.ts
 +++ code-server/lib/vscode/src/vs/workbench/contrib/extensions/browser/extensionsWorkbenchService.ts
-@@ -236,6 +236,10 @@ export class Extension implements IExten
+@@ -237,6 +237,10 @@ export class Extension implements IExten
 			if (this.type === ExtensionType.System && this.productService.quality === 'stable') {
 				return false;
 			}
@@ -18,7 +18,7 @@ Index: code-server/lib/vscode/src/vs/workbench/contrib/extensions/browser/extens
 			if (!this.local.preRelease && this.gallery.properties.isPreReleaseVersion) {
 				return false;
 			}
-@@ -1121,6 +1125,10 @@ export class ExtensionsWorkbenchService 
+@@ -1122,6 +1126,10 @@ export class ExtensionsWorkbenchService 
 				// Skip if check updates only for builtin extensions and current extension is not builtin.
 				continue;
 			}
--- a/patches/exec-argv.diff
+++ b/patches/exec-argv.diff
@@ -1,13 +1,6 @@
 Preserve process.execArgv

-This ensures flags like `--prof` are passed down to the code-server process so
-we can profile everything.
-
-To test this:
-1. run `./lib/node --prof .` 
-2. in another terminal, run `ps -ejww`
-
-You should see `--prof` next to every code-server process. 
+This ensures flags like --prof are passed down so we can profile everything.

 Index: code-server/lib/vscode/src/vs/server/node/extensionHostConnection.ts
 ===================================================================
--- a/patches/heartbeat.diff
+++ b/patches/heartbeat.diff
@@ -0,0 +1,37 @@
+Add a heartbeat to web socket connections
+
+This prevents them from being killed when they are idle.  To test run behind
+NGINX, make sure the sockets are idle (check dev tools), then wait 60+ seconds.
+
+Index: code-server/lib/vscode/src/vs/base/parts/ipc/common/ipc.net.ts
+===================================================================
+--- code-server.orig/lib/vscode/src/vs/base/parts/ipc/common/ipc.net.ts
+++ code-server/lib/vscode/src/vs/base/parts/ipc/common/ipc.net.ts
+@@ -7,6 +7,7 @@ import { VSBuffer } from 'vs/base/common
+ import { Emitter, Event } from 'vs/base/common/event';
+ import { Disposable, dispose, IDisposable } from 'vs/base/common/lifecycle';
+ import { IIPCLogger, IMessagePassingProtocol, IPCClient } from 'vs/base/parts/ipc/common/ipc';
+import { isWeb } from 'vs/base/common/platform';
+ 
+ export const enum SocketDiagnosticsEventType {
+ 	Created = 'created',
+@@ -829,6 +830,19 @@ export class PersistentProtocol implemen
+ 		this._socketDisposables.push(this._socketWriter);
+ 		this._socketReader = new ProtocolReader(this._socket);
+ 		this._socketDisposables.push(this._socketReader);
+		// Send empty messages to keep the socket alive.  We only need this on the
+		// web where sockets can be killed by reverse proxies for inactivity.
+		if (isWeb) {
+			const timer = setInterval(() => {
+				const msg = new ProtocolMessage(ProtocolMessageType.None, 0, 0, getEmptyBuffer());
+				this._socketWriter.write(msg);
+			}, 45000); // NGINX has a 60 second default timeout so try 45 seconds.
+			this._socketDisposables.push({
+				dispose: () => {
+					clearInterval(timer);
+				},
+			});
+		}
+ 		this._socketDisposables.push(this._socketReader.onMessage(msg => this._receiveMessage(msg)));
+ 		this._socketDisposables.push(this._socket.onClose((e) => this._onSocketClose.fire(e)));
+ 		if (initialChunk) {
--- a/patches/insecure-notification.diff
+++ b/patches/insecure-notification.diff
@@ -27,7 +27,7 @@ Index: code-server/lib/vscode/src/vs/workbench/browser/client.ts
 	) {
 		super();
 	}
-@@ -42,5 +45,31 @@ export class CodeServerClient extends Di
+@@ -42,5 +45,32 @@ export class CodeServerClient extends Di
 				}
 			});
 		}
@@ -49,6 +49,7 @@ Index: code-server/lib/vscode/src/vs/workbench/browser/client.ts
 +							class: undefined,
 +							enabled: true,
 +							checked: true,
+							dispose: () => undefined,
 +							run: () => {
 +								return Promise.resolve();
 +							},
--- a/patches/logout.diff
+++ b/patches/logout.diff
@@ -68,7 +68,7 @@ Index: code-server/lib/vscode/src/vs/workbench/browser/client.ts
 	constructor (
 		@ILogService private logService: ILogService,
 		@INotificationService private notificationService: INotificationService,
-@@ -81,6 +85,10 @@ export class CodeServerClient extends Di
+@@ -82,6 +86,10 @@ export class CodeServerClient extends Di
 		if (this.productService.updateEndpoint) {
 			this.checkUpdates(this.productService.updateEndpoint)
 		}
@@ -79,7 +79,7 @@ Index: code-server/lib/vscode/src/vs/workbench/browser/client.ts
 	}
 
 	private checkUpdates(updateEndpoint: string) {
-@@ -132,4 +140,25 @@ export class CodeServerClient extends Di
+@@ -133,4 +141,25 @@ export class CodeServerClient extends Di
 
 		updateLoop();
 	}
--- a/patches/proposed-api.diff
+++ b/patches/proposed-api.diff
@@ -9,7 +9,7 @@ Index: code-server/lib/vscode/src/vs/workbench/services/extensions/common/abstra
 ===================================================================
 --- code-server.orig/lib/vscode/src/vs/workbench/services/extensions/common/abstractExtensionService.ts
 +++ code-server/lib/vscode/src/vs/workbench/services/extensions/common/abstractExtensionService.ts
-@@ -1458,7 +1458,7 @@ class ProposedApiController {
+@@ -1460,7 +1460,7 @@ class ProposedApiController {
 
 		this._envEnabledExtensions = new Set((_environmentService.extensionEnabledProposedApi ?? []).map(id => ExtensionIdentifier.toKey(id)));
 
--- a/patches/proxy-uri.diff
+++ b/patches/proxy-uri.diff
@@ -35,19 +35,19 @@ Index: code-server/lib/vscode/src/vs/platform/remote/browser/remoteAuthorityReso
 import { getRemoteServerRootPath, parseAuthorityWithOptionalPort } from 'vs/platform/remote/common/remoteHosts';
 
 export class RemoteAuthorityResolverService extends Disposable implements IRemoteAuthorityResolverService {
-@@ -23,7 +23,7 @@ export class RemoteAuthorityResolverServ
- 	private readonly _connectionToken: Promise<string> | string | undefined;
+@@ -22,7 +22,7 @@ export class RemoteAuthorityResolverServ
+ 	private readonly _connectionToken: string | undefined;
 	private readonly _connectionTokens: Map<string, string>;
 
-	constructor(@IProductService productService: IProductService, connectionToken: Promise<string> | string | undefined, resourceUriProvider: ((uri: URI) => URI) | undefined) {
-+	constructor(@IProductService productService: IProductService, connectionToken: Promise<string> | string | undefined, resourceUriProvider: ((uri: URI) => URI) | undefined, private readonly proxyEndpointTemplate?: string) {
+-	constructor(@IProductService productService: IProductService, connectionToken: string | undefined, resourceUriProvider: ((uri: URI) => URI) | undefined) {
+	constructor(@IProductService productService: IProductService, connectionToken: string | undefined, resourceUriProvider: ((uri: URI) => URI) | undefined, private readonly proxyEndpointTemplate?: string) {
 		super();
+ 		this._cache = new Map<string, ResolverResult>();
 		this._connectionToken = connectionToken;
- 		this._connectionTokens = new Map<string, string>();
-@@ -61,9 +61,14 @@ export class RemoteAuthorityResolverServ
+@@ -62,9 +62,14 @@ export class RemoteAuthorityResolverServ
 
- 	private async _doResolveAuthority(authority: string): Promise<ResolverResult> {
- 		const connectionToken = await Promise.resolve(this._connectionTokens.get(authority) || this._connectionToken);
+ 	private _doResolveAuthority(authority: string): ResolverResult {
+ 		const connectionToken = this._connectionTokens.get(authority) || this._connectionToken;
 +		let options: ResolvedOptions | undefined;
 +		if (this.proxyEndpointTemplate) {
 +			const proxyUrl = new URL(this.proxyEndpointTemplate, window.location.href);
@@ -55,11 +55,11 @@ Index: code-server/lib/vscode/src/vs/platform/remote/browser/remoteAuthorityReso
 +		}
 		const defaultPort = (/^https:/.test(window.location.href) ? 443 : 80);
 		const { host, port } = parseAuthorityWithOptionalPort(authority, defaultPort);
-		const result: ResolverResult = { authority: { authority, host: host, port: port, connectionToken } };
-+		const result: ResolverResult = { authority: { authority, host: host, port: port, connectionToken }, options };
- 		RemoteAuthorities.set(authority, result.authority.host, result.authority.port);
- 		this._cache.set(authority, result);
- 		this._onDidChangeConnectionData.fire();
+-		return { authority: { authority, host: host, port: port, connectionToken } };
+		return { authority: { authority, host: host, port: port, connectionToken }, options };
+ 	}
+ 
+ 	_clearResolvedAuthority(authority: string): void {
 Index: code-server/lib/vscode/src/vs/server/node/webClientServer.ts
 ===================================================================
 --- code-server.orig/lib/vscode/src/vs/server/node/webClientServer.ts
@@ -76,7 +76,7 @@ Index: code-server/lib/vscode/src/vs/workbench/browser/web.main.ts
 ===================================================================
 --- code-server.orig/lib/vscode/src/vs/workbench/browser/web.main.ts
 +++ code-server/lib/vscode/src/vs/workbench/browser/web.main.ts
-@@ -247,7 +247,7 @@ export class BrowserMain extends Disposa
+@@ -239,7 +239,7 @@ export class BrowserMain extends Disposa
 
 		// Remote
 		const connectionToken = environmentService.options.connectionToken || getCookieValue(connectionTokenCookieName);
--- a/patches/series
+++ b/patches/series
@@ -14,9 +14,11 @@ unique-db.diff
 log-level.diff
 local-storage.diff
 service-worker.diff
+connection-type.diff
 sourcemaps.diff
 disable-downloads.diff
 telemetry.diff
 display-language.diff
 cli-window-open.diff
+heartbeat.diff
 exec-argv.diff
--- a/patches/service-worker.diff
+++ b/patches/service-worker.diff
@@ -36,7 +36,7 @@ Index: code-server/lib/vscode/src/vs/workbench/browser/client.ts
 ===================================================================
 --- code-server.orig/lib/vscode/src/vs/workbench/browser/client.ts
 +++ code-server/lib/vscode/src/vs/workbench/browser/client.ts
-@@ -89,6 +89,10 @@ export class CodeServerClient extends Di
+@@ -90,6 +90,10 @@ export class CodeServerClient extends Di
 		if (this.productService.logoutEndpoint) {
 			this.addLogoutCommand(this.productService.logoutEndpoint);
 		}
@@ -47,7 +47,7 @@ Index: code-server/lib/vscode/src/vs/workbench/browser/client.ts
 	}
 
 	private checkUpdates(updateEndpoint: string) {
-@@ -161,4 +165,17 @@ export class CodeServerClient extends Di
+@@ -162,4 +166,17 @@ export class CodeServerClient extends Di
 			});
 		}
 	}
--- a/patches/sourcemaps.diff
+++ b/patches/sourcemaps.diff
@@ -10,7 +10,7 @@ Index: code-server/lib/vscode/build/gulpfile.reh.js
 ===================================================================
 --- code-server.orig/lib/vscode/build/gulpfile.reh.js
 +++ code-server/lib/vscode/build/gulpfile.reh.js
-@@ -196,8 +196,7 @@ function packageTask(type, platform, arc
+@@ -194,8 +194,7 @@ function packageTask(type, platform, arc
 
 		const src = gulp.src(sourceFolderName + '/**', { base: '.' })
 			.pipe(rename(function (path) { path.dirname = path.dirname.replace(new RegExp('^' + sourceFolderName), 'out'); }))
@@ -20,7 +20,7 @@ Index: code-server/lib/vscode/build/gulpfile.reh.js
 
 		const workspaceExtensionPoints = ['debuggers', 'jsonValidation'];
 		const isUIExtension = (manifest) => {
-@@ -236,9 +235,9 @@ function packageTask(type, platform, arc
+@@ -234,9 +233,9 @@ function packageTask(type, platform, arc
 			.map(name => `.build/extensions/${name}/**`);
 
 		const extensions = gulp.src(extensionPaths, { base: '.build', dot: true });
@@ -32,7 +32,7 @@ Index: code-server/lib/vscode/build/gulpfile.reh.js
 
 		let version = packageJson.version;
 		const quality = product.quality;
-@@ -373,7 +372,7 @@ function tweakProductForServerWeb(produc
+@@ -371,7 +370,7 @@ function tweakProductForServerWeb(produc
 	const minifyTask = task.define(`minify-vscode-${type}`, task.series(
 		optimizeTask,
 		util.rimraf(`out-vscode-${type}-min`),
--- a/patches/telemetry.diff
+++ b/patches/telemetry.diff
@@ -1,12 +1,5 @@
 Add support for telemetry endpoint

-To test:
-1. Create a RequestBin - https://requestbin.io/
-2. Run code-server with `CS_TELEMETRY_URL` set: 
-  i.e. `CS_TELEMETRY_URL="https://requestbin.io/1ebub9z1" ./code-server-4.7.1-macos-amd64/bin/code-server`
-3. Load code-server in browser an do things (i.e. open a file)
-4. Refresh RequestBin and you should see logs
-
 Index: code-server/lib/vscode/src/vs/server/node/serverServices.ts
 ===================================================================
 --- code-server.orig/lib/vscode/src/vs/server/node/serverServices.ts
@@ -89,6 +82,58 @@ Index: code-server/lib/vscode/src/vs/server/node/telemetryClient.ts
 +		} catch (error) {}
 +	}
 +}
+Index: code-server/lib/vscode/src/vs/workbench/services/telemetry/browser/telemetryService.ts
+===================================================================
+--- code-server.orig/lib/vscode/src/vs/workbench/services/telemetry/browser/telemetryService.ts
+++ code-server/lib/vscode/src/vs/workbench/services/telemetry/browser/telemetryService.ts
+@@ -38,26 +38,30 @@ export class TelemetryService extends Di
+ 	) {
+ 		super();
+ 
+-		if (supportsTelemetry(productService, environmentService) && productService.aiConfig?.ariaKey) {
+		if (supportsTelemetry(productService, environmentService)) {
+ 			// If remote server is present send telemetry through that, else use the client side appender
+ 			const appenders = [];
+ 			const isInternal = isInternalTelemetry(productService, configurationService);
+-			const telemetryProvider: ITelemetryAppender = remoteAgentService.getConnection() !== null ? { log: remoteAgentService.logTelemetry.bind(remoteAgentService), flush: remoteAgentService.flushTelemetry.bind(remoteAgentService) } : new OneDataSystemWebAppender(isInternal, 'monacoworkbench', null, productService.aiConfig?.ariaKey);
+-			appenders.push(telemetryProvider);
+-			appenders.push(new TelemetryLogAppender(loggerService, environmentService));
+-			const config: ITelemetryServiceConfig = {
+-				appenders,
+-				commonProperties: resolveWorkbenchCommonProperties(storageService, productService.commit, productService.version, isInternal, environmentService.remoteAuthority, productService.embedderIdentifier, productService.removeTelemetryMachineId, environmentService.options && environmentService.options.resolveCommonTelemetryProperties),
+-				sendErrorTelemetry: this.sendErrorTelemetry,
+-			};
+-			this.impl = this._register(new BaseTelemetryService(config, configurationService, productService));
+-
+-			if (getTelemetryLevel(configurationService) !== TelemetryLevel.NONE) {
+-				// If we cannot fetch the endpoint it means it is down and we should not send any telemetry.
+-				// This is most likely due to ad blockers
+-				fetch(telemetryEndpointUrl, { method: 'POST' }).catch(err => {
+-					this.impl = NullTelemetryService;
+-				});
+			const telemetryProvider: ITelemetryAppender | undefined = remoteAgentService.getConnection() !== null ? { log: remoteAgentService.logTelemetry.bind(remoteAgentService), flush: remoteAgentService.flushTelemetry.bind(remoteAgentService) } : productService.aiConfig?.ariaKey ? new OneDataSystemWebAppender(isInternal, 'monacoworkbench', null, productService.aiConfig?.ariaKey) : undefined;
+			if (telemetryProvider) {
+				appenders.push(telemetryProvider);
+				appenders.push(new TelemetryLogAppender(loggerService, environmentService));
+				const config: ITelemetryServiceConfig = {
+					appenders,
+					commonProperties: resolveWorkbenchCommonProperties(storageService, productService.commit, productService.version, isInternal, environmentService.remoteAuthority, productService.embedderIdentifier, productService.removeTelemetryMachineId, environmentService.options && environmentService.options.resolveCommonTelemetryProperties),
+					sendErrorTelemetry: this.sendErrorTelemetry,
+				};
+				this.impl = this._register(new BaseTelemetryService(config, configurationService, productService));
+
+				if (remoteAgentService.getConnection() === null && getTelemetryLevel(configurationService) !== TelemetryLevel.NONE) {
+					// If we cannot fetch the endpoint it means it is down and we should not send any telemetry.
+					// This is most likely due to ad blockers
+					fetch(telemetryEndpointUrl, { method: 'POST' }).catch(err => {
+						this.impl = NullTelemetryService;
+					});
+				}
+			} else {
+				this.impl = NullTelemetryService;
+ 			}
+ 		} else {
+ 			this.impl = NullTelemetryService;
 Index: code-server/lib/vscode/src/vs/server/node/webClientServer.ts
 ===================================================================
 --- code-server.orig/lib/vscode/src/vs/server/node/webClientServer.ts
--- a/patches/update-check.diff
+++ b/patches/update-check.diff
@@ -29,7 +29,7 @@ Index: code-server/lib/vscode/src/vs/workbench/browser/client.ts
 	) {
 		super();
 	}
-@@ -71,5 +77,59 @@ export class CodeServerClient extends Di
+@@ -72,5 +78,59 @@ export class CodeServerClient extends Di
 				},
 			});
 		}
--- a/src/node/cli.ts
+++ b/src/node/cli.ts
@@ -501,7 +501,7 @@ export async function setDefaults(cliArgs: UserProvidedArgs, configArgs?: Config
      args.verbose = false
      break
    case LogLevel.Warn:
-      logger.level = Level.Warn
+      logger.level = Level.Warning
      args.verbose = false
      break
    case LogLevel.Error:
--- a/src/node/wrapper.ts
+++ b/src/node/wrapper.ts
@@ -321,7 +321,6 @@ export class ParentProcess extends Process {
      env: {
        ...process.env,
        CODE_SERVER_PARENT_PID: process.pid.toString(),
-        NODE_EXEC_PATH: process.execPath,
      },
      stdio: ["pipe", "pipe", "pipe", "ipc"],
    })
--- a/test/e2e/displayLang.test.ts
+++ b/test/e2e/displayLang.test.ts
@@ -1,14 +0,0 @@
-import * as path from "path"
-import { describe, test, expect } from "./baseFixture"
-
-// Given a code-server environment with Spanish Language Pack extension installed
-// and a languagepacks.json in the data-dir
-describe("--locale es", ["--extensions-dir", path.join(__dirname, "./extensions"), "--locale", "es"], {}, () => {
-  test("should load code-server in Spanish", async ({ codeServerPage }) => {
-    // When
-    const visible = await codeServerPage.page.isVisible("text=Explorador")
-
-    // Then
-    expect(visible).toBe(true)
-  })
-})
--- a/test/e2e/extensions/ms-ceintl.vscode-language-pack-es-1.70.0/package.json
+++ b/test/e2e/extensions/ms-ceintl.vscode-language-pack-es-1.70.0/package.json
@@ -1,32 +0,0 @@
-{
-  "name": "vscode-language-pack-es",
-  "displayName": "Spanish Language Pack for Visual Studio Code",
-  "description": "Language pack extension for Spanish",
-  "version": "1.70.0",
-  "publisher": "MS-CEINTL",
-  "repository": {
-    "type": "git",
-    "url": "https://github.com/Microsoft/vscode-loc"
-  },
-  "engines": {
-    "vscode": "^1.70.0"
-  },
-  "categories": [
-    "Language Packs"
-  ],
-  "contributes": {
-    "localizations": [
-      {
-        "languageId": "es",
-        "languageName": "Spanish",
-        "localizedLanguageName": "español",
-        "translations": [
-          {
-            "id": "vscode",
-            "path": "./translations/main.i18n.json"
-          }
-        ]
-      }
-    ]
-  }
-}
--- a/test/e2e/extensions/ms-ceintl.vscode-language-pack-es-1.70.0/translations/main.i18n.json
+++ b/test/e2e/extensions/ms-ceintl.vscode-language-pack-es-1.70.0/translations/main.i18n.json
@@ -1,15 +0,0 @@
-{
-  "": [
-    "--------------------------------------------------------------------------------------------",
-    "Copyright (c) Microsoft Corporation. All rights reserved.",
-    "Licensed under the MIT License. See License.txt in the project root for license information.",
-    "--------------------------------------------------------------------------------------------",
-    "Do not edit this file. It is machine generated."
-  ],
-  "version": "1.0.0",
-  "contents": {
-    "vs/workbench/contrib/files/browser/explorerViewlet": {
-      "explore": "Explorador"
-    }
-  }
-}
--- a/test/e2e/extensions/test-extension/package.json
+++ b/test/e2e/extensions/test-extension/package.json
@@ -3,7 +3,6 @@
  "description": "code-server test extension",
  "version": "0.0.1",
  "publisher": "coder",
-  "license": "MIT",
  "activationEvents": [
    "onStartupFinished"
  ],
--- a/test/e2e/models/CodeServer.ts
+++ b/test/e2e/models/CodeServer.ts
@@ -88,30 +88,6 @@ export class CodeServer {
      }),
      "utf8",
    )
-
-    const extensionsDir = path.join(__dirname, "../extensions")
-    const languagepacksContent = {
-      es: {
-        hash: "8d919a946475223861fa0c62665a4c50",
-        extensions: [
-          {
-            extensionIdentifier: {
-              id: "ms-ceintl.vscode-language-pack-es",
-              uuid: "47e020a1-33db-4cc0-a1b4-42f97781749a",
-            },
-            version: "1.70.0",
-          },
-        ],
-        translations: {
-          vscode: `${extensionsDir}/ms-ceintl.vscode-language-pack-es-1.70.0/translations/main.i18n.json`,
-        },
-        label: "español",
-      },
-    }
-
-    // NOTE@jsjoeio - code-server should automatically generate the languagepacks.json for
-    // using different display languages. This is a temporary workaround until we fix that.
-    await fs.writeFile(path.join(dir, "languagepacks.json"), JSON.stringify(languagepacksContent))
    return dir
  }

--- a/test/e2e/terminal.test.ts
+++ b/test/e2e/terminal.test.ts
@@ -30,7 +30,6 @@ describe("Integrated Terminal", [], {}, () => {
    expect(stdout).toMatch(address)
  })

-  // TODO@jsjoeio - add test to make sure full code-server path works
  test("should be able to invoke `code-server` to open a file", async ({ codeServerPage }) => {
    const tmpFolderPath = await tmpdir(testName)
    const tmpFile = path.join(tmpFolderPath, "test-file")
--- a/test/tsconfig.json
+++ b/test/tsconfig.json
@@ -1,5 +1,4 @@
 {
  "extends": "../tsconfig.json",
-  "include": ["./**/*.ts"],
-  "exclude": ["./unit/node/test-plugin"]
+  "include": ["./**/*.ts"]
 }
--- a/test/unit/node/routes/vscode.test.ts
+++ b/test/unit/node/routes/vscode.test.ts
@@ -4,8 +4,6 @@ import { clean, tmpdir } from "../../../utils/helpers"
 import * as httpserver from "../../../utils/httpserver"
 import * as integration from "../../../utils/integration"

-// TODO@jsjoeio - move these to integration tests since they rely on Code
-// to be built
 describe("vscode", () => {
  let codeServer: httpserver.HttpServer | undefined

--- a/test/unit/node/test-plugin/package.json
+++ b/test/unit/node/test-plugin/package.json
@@ -3,7 +3,7 @@
  "name": "test-plugin",
  "version": "1.0.0",
  "engines": {
-    "code-server": "^4.7.1"
+    "code-server": "^4.0.1"
  },
  "main": "out/index.js",
  "devDependencies": {
--- a/yarn.lock
+++ b/yarn.lock
Author	SHA1	Message	Date
Joe Previte	5e33857855	chore: bump Helm chart	2022-08-31 10:52:35 -07:00
Joe Previte	6ee1a80977	chore: update CHANGELOG	2022-08-31 10:52:27 -07:00
Joe Previte	b97a815688	chore: update reviewers in release-prep	2022-08-31 10:45:07 -07:00
Joe Previte	536c570885	chore(release): bump version to 4.6.1	2022-08-31 10:42:55 -07:00