cubetiq/code-server
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
2,779 Commits 10 Branches 48 Tags
47afa15ecee58d753d36a821c6aebaaf2976b4d5
Commit Graph

2779 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
jan iversen
ece5de699a Update CONTRIBUTING.md 
Node needs be v14.x not greater. If installing the standard version ‘brew install node’, both ‘yarn’ and ‘code-server’ (release version) complains.

Newest version is v16.x so we are pretty far behind.
 2021-06-17 20:57:00 +02:00
dependabot[bot]
bf45e7ca15 chore(deps-dev): bump @types/ws from 7.4.4 to 7.4.5 (#3627) 
Bumps [@types/ws](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/ws) from 7.4.4 to 7.4.5.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/ws)

---
updated-dependencies:
- dependency-name: "@types/ws"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-06-17 23:49:14 +05:30
dependabot[bot]
9dae4fec25 chore(deps): bump ws from 7.4.6 to 7.5.0 (#3625) 
Bumps [ws](https://github.com/websockets/ws) from 7.4.6 to 7.5.0.
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](https://github.com/websockets/ws/compare/7.4.6...7.5.0)

---
updated-dependencies:
- dependency-name: ws
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-06-17 23:49:03 +05:30
Joe Previte
83701f9f6d Merge pull request #3626 from cdr/dependabot/npm_and_yarn/wtfnode-0.9.0 
chore(deps-dev): bump wtfnode from 0.8.4 to 0.9.0
 2021-06-17 10:49:40 -07:00
jan iversen
4e14c11fa4 Allow development on any architecture (#3598) 2021-06-17 12:28:54 -05:00
dependabot[bot]
79f372c1a0 chore(deps-dev): bump wtfnode from 0.8.4 to 0.9.0 
Bumps [wtfnode](https://github.com/myndzi/wtfnode) from 0.8.4 to 0.9.0.
- [Release notes](https://github.com/myndzi/wtfnode/releases)
- [Commits](https://github.com/myndzi/wtfnode/commits)

---
updated-dependencies:
- dependency-name: wtfnode
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-06-17 11:04:04 +00:00
Joe Previte
cbe3192971 Merge pull request #3617 from cdr/dependabot/npm_and_yarn/audit-ci-4.1.0 
chore(deps-dev): bump audit-ci from 4.0.0 to 4.1.0
 2021-06-16 10:03:35 -07:00
Joe Previte
ddbff58eec Merge pull request #3602 from patrickcylai/patrickcylai/fix-docs-hashed-password 
fix: placeholder password in hashed password example
 2021-06-16 09:49:53 -07:00
dependabot[bot]
18c0f32c24 chore(deps-dev): bump audit-ci from 4.0.0 to 4.1.0 
Bumps [audit-ci](https://github.com/IBM/audit-ci) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/IBM/audit-ci/releases)
- [Commits](https://github.com/IBM/audit-ci/compare/v4.0.0...v4.1.0)

---
updated-dependencies:
- dependency-name: audit-ci
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-06-16 11:02:59 +00:00
Asher
b59b3936d0 Fix incorrect logout base (#3611) 
Fixes #3608.
 2021-06-15 15:11:01 -05:00
dependabot[bot]
3241a4f521 chore(deps-dev): bump @typescript-eslint/parser from 4.26.1 to 4.27.0 (#3609) 
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.26.1 to 4.27.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.27.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-06-15 21:46:00 +05:30
dependabot[bot]
5c9b625acb chore(deps-dev): bump @typescript-eslint/eslint-plugin (#3610) 
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.26.1 to 4.27.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.27.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-06-15 21:34:56 +05:30
Patrick Lai
5fae520ebe fix: placeholder password in hashed password example 2021-06-13 01:25:05 +10:00
Joe Previte
4bb7a8ddb9 Merge pull request #3590 from mxschmitt/chore/upgrade-to-latest-playwright 
chore: upgrade to Playwright 1.12 with its new test-runner
 2021-06-10 11:15:41 -07:00
Joe Previte
2c818e3855 Merge pull request #3589 from cdr/dependabot/npm_and_yarn/argon2-0.28.2 
chore(deps): bump argon2 from 0.28.0 to 0.28.2
 2021-06-10 09:36:45 -07:00
Max Schmitt
dbb34ad710 chore: upgrade to Playwright 1.12 with its new test-runner 2021-06-10 15:09:38 +02:00
dependabot[bot]
fda44240c9 chore(deps): bump argon2 from 0.28.0 to 0.28.2 
Bumps [argon2](https://github.com/ranisalt/node-argon2) from 0.28.0 to 0.28.2.
- [Release notes](https://github.com/ranisalt/node-argon2/releases)
- [Commits](https://github.com/ranisalt/node-argon2/compare/v0.28.0...v0.28.2)

---
updated-dependencies:
- dependency-name: argon2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-06-10 11:01:38 +00:00
Joe Previte
9fc9c041ad Merge pull request #3588 from cdr/dependabot/npm_and_yarn/lib/vscode/normalize-url-4.5.1 
chore(deps): bump normalize-url from 4.5.0 to 4.5.1 in /lib/vscode
 2021-06-09 15:06:08 -07:00
Joe Previte
a802a920ac Merge pull request #3587 from cdr/dependabot/npm_and_yarn/lib/vscode/build/normalize-url-4.5.1 
chore(deps): bump normalize-url from 4.5.0 to 4.5.1 in /lib/vscode/build
 2021-06-09 15:05:54 -07:00
dependabot[bot]
54684c0ad2 chore(deps): bump normalize-url from 4.5.0 to 4.5.1 in /lib/vscode 
Bumps [normalize-url](https://github.com/sindresorhus/normalize-url) from 4.5.0 to 4.5.1.
- [Release notes](https://github.com/sindresorhus/normalize-url/releases)
- [Commits](https://github.com/sindresorhus/normalize-url/commits)

---
updated-dependencies:
- dependency-name: normalize-url
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-06-09 21:32:56 +00:00
dependabot[bot]
2594aa3e41 chore(deps): bump normalize-url from 4.5.0 to 4.5.1 in /lib/vscode/build 
Bumps [normalize-url](https://github.com/sindresorhus/normalize-url) from 4.5.0 to 4.5.1.
- [Release notes](https://github.com/sindresorhus/normalize-url/releases)
- [Commits](https://github.com/sindresorhus/normalize-url/commits)

---
updated-dependencies:
- dependency-name: normalize-url
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-06-09 21:32:42 +00:00
Joe Previte
717eaa6470 Merge pull request #3422 from cdr/jsjoeio/fix-password-hash 
fix: use sufficient computational effort for password hash
 2021-06-09 14:32:05 -07:00
Joe Previte
1e55a648a5 feat: check for empty str in isHashMatch 2021-06-08 15:10:59 -07:00
Joe Previte
3b50bfc17d fix: sanitize password and cookie key 2021-06-08 14:33:17 -07:00
Joe Previte
deaa2242ca feat: add npm_config_build_from_source to build scripts 
This is necessary due to argon2 being added and an upstream issue where it uses
a Linux build that is too new for CentOS 7.
 2021-06-08 14:33:17 -07:00
Joe Previte
8c2bb61af9 refactor: parse options with multiple = in cli 
There was a case with the hashed-password which had multiple equal signs in the
value and it wasn't being parsed correctly. This uses a new function and adds a
few tests.
 2021-06-08 14:33:17 -07:00
Joe Previte
531b7c0c25 feat: add splitOnFirstEquals function 2021-06-08 14:33:16 -07:00
Joe Previte
517aaf71c5 docs: update FAQ with new hashing instructions 2021-06-08 14:33:16 -07:00
Joe Previte
923761cd78 refactor: password logic in http w/ isCookieValid 2021-06-08 14:33:16 -07:00
Joe Previte
6020480b30 feat: add isCookieValid function and tests 2021-06-08 14:33:16 -07:00
Joe Previte
409b473c82 refactor: rewrite password logic at /login 2021-06-08 14:33:15 -07:00
Joe Previte
a14ea39c4a feat: add handlePasswordValidation + tests 2021-06-08 14:33:15 -07:00
Joe Previte
7ff4117531 feat: add getPasswordMethod & test for it 2021-06-08 14:33:15 -07:00
Joe Previte
ffa5c16e51 feat: update cli and test for hashed-password 2021-06-08 14:33:15 -07:00
Joe Previte
788b958e20 refactor: update hash fn in test config 2021-06-08 14:33:14 -07:00
Joe Previte
1134780b8b refactor: make wsProxy async 2021-06-08 14:33:14 -07:00
Joe Previte
91303d4e40 refactor: make ensureAuthenticated async 2021-06-08 14:33:14 -07:00
Joe Previte
0cdbd33b46 refactor: make authenticated async everywhere 
Since this checks if they are authenticated using the hash/password and it's
async, we need to update authenticated to be async, which means we have to
update it everywhere it's used.
 2021-06-08 14:33:14 -07:00
Joe Previte
fcc3f0d951 refactor: update login logic with new async hashing 
This adds the proper await logic for the hashing of passwords.
 2021-06-08 14:33:13 -07:00
Joe Previte
fd3cb6cfa0 refactor: update unit tests for hash fns 
Since the hash and isHashMatch are now async, I had to update the tests
accordingly. Now everything is working.
 2021-06-08 14:33:13 -07:00
Joe Previte
70197bb2a5 refactor: use argon2 instead of bcrypt 
This uses argon2 instead of bcrypt.

Note: this means the hash functions are now async which means we have to
refactor a lot of other code around auth.
 2021-06-08 14:33:13 -07:00
Joe Previte
51f8341959 chore: update to argon2 in test 2021-06-08 14:33:13 -07:00
Joe Previte
dc2db5c62d chore: add argon2 package 2021-06-08 14:33:13 -07:00
Joe Previte
fc3326f1f2 feat: add tests using real hashes 2021-06-08 14:33:12 -07:00
Joe Previte
aaf044728f refactor: add functions to check hash password 2021-06-08 14:33:12 -07:00
Joe Previte
f35120c0a3 feat: add unit test for hash function 2021-06-08 14:33:12 -07:00
Joe Previte
17be8c5cd3 refactor: use bcrypt in e2e setup 2021-06-08 14:33:12 -07:00
Joe Previte
cac667317e refactor: use bcrypt in hash function 2021-06-08 14:33:11 -07:00
Joe Previte
dd2cb1649a chore: update CHANGELOG 2021-06-08 14:32:16 -07:00
dependabot[bot]
d8c3ba6a17 chore(deps): bump glob-parent in /lib/vscode/build/lib/watch (#3570) 
Bumps [glob-parent](https://github.com/gulpjs/glob-parent) from 5.1.1 to 5.1.2.
- [Release notes](https://github.com/gulpjs/glob-parent/releases)
- [Changelog](https://github.com/gulpjs/glob-parent/blob/main/CHANGELOG.md)
- [Commits](https://github.com/gulpjs/glob-parent/compare/v5.1.1...v5.1.2)

---
updated-dependencies:
- dependency-name: glob-parent
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-06-09 00:25:30 +05:30