code-server

Author	SHA1	Message	Date
jan iversen	ece5de699a	Update CONTRIBUTING.md Node needs be v14.x not greater. If installing the standard version ‘brew install node’, both ‘yarn’ and ‘code-server’ (release version) complains. Newest version is v16.x so we are pretty far behind.	2021-06-17 20:57:00 +02:00
dependabot[bot]	bf45e7ca15	chore(deps-dev): bump @types/ws from 7.4.4 to 7.4.5 (#3627 ) Bumps [@types/ws](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/ws) from 7.4.4 to 7.4.5. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/ws) --- updated-dependencies: - dependency-name: "@types/ws" dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2021-06-17 23:49:14 +05:30
dependabot[bot]	9dae4fec25	chore(deps): bump ws from 7.4.6 to 7.5.0 (#3625 ) Bumps [ws](https://github.com/websockets/ws) from 7.4.6 to 7.5.0. - [Release notes](https://github.com/websockets/ws/releases) - [Commits](https://github.com/websockets/ws/compare/7.4.6...7.5.0) --- updated-dependencies: - dependency-name: ws dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2021-06-17 23:49:03 +05:30
Joe Previte	83701f9f6d	Merge pull request #3626 from cdr/dependabot/npm_and_yarn/wtfnode-0.9.0 chore(deps-dev): bump wtfnode from 0.8.4 to 0.9.0	2021-06-17 10:49:40 -07:00
jan iversen	4e14c11fa4	Allow development on any architecture (#3598 )	2021-06-17 12:28:54 -05:00
dependabot[bot]	79f372c1a0	chore(deps-dev): bump wtfnode from 0.8.4 to 0.9.0 Bumps [wtfnode](https://github.com/myndzi/wtfnode) from 0.8.4 to 0.9.0. - [Release notes](https://github.com/myndzi/wtfnode/releases) - [Commits](https://github.com/myndzi/wtfnode/commits) --- updated-dependencies: - dependency-name: wtfnode dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2021-06-17 11:04:04 +00:00
Joe Previte	cbe3192971	Merge pull request #3617 from cdr/dependabot/npm_and_yarn/audit-ci-4.1.0 chore(deps-dev): bump audit-ci from 4.0.0 to 4.1.0	2021-06-16 10:03:35 -07:00
Joe Previte	ddbff58eec	Merge pull request #3602 from patrickcylai/patrickcylai/fix-docs-hashed-password fix: placeholder password in hashed password example	2021-06-16 09:49:53 -07:00
dependabot[bot]	18c0f32c24	chore(deps-dev): bump audit-ci from 4.0.0 to 4.1.0 Bumps [audit-ci](https://github.com/IBM/audit-ci) from 4.0.0 to 4.1.0. - [Release notes](https://github.com/IBM/audit-ci/releases) - [Commits](https://github.com/IBM/audit-ci/compare/v4.0.0...v4.1.0) --- updated-dependencies: - dependency-name: audit-ci dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2021-06-16 11:02:59 +00:00
Asher	b59b3936d0	Fix incorrect logout base (#3611 ) Fixes #3608.	2021-06-15 15:11:01 -05:00
dependabot[bot]	3241a4f521	chore(deps-dev): bump @typescript-eslint/parser from 4.26.1 to 4.27.0 (#3609 ) Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.26.1 to 4.27.0. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.27.0/packages/parser) --- updated-dependencies: - dependency-name: "@typescript-eslint/parser" dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2021-06-15 21:46:00 +05:30
dependabot[bot]	5c9b625acb	chore(deps-dev): bump @typescript-eslint/eslint-plugin (#3610 ) Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.26.1 to 4.27.0. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.27.0/packages/eslint-plugin) --- updated-dependencies: - dependency-name: "@typescript-eslint/eslint-plugin" dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2021-06-15 21:34:56 +05:30
Patrick Lai	5fae520ebe	fix: placeholder password in hashed password example	2021-06-13 01:25:05 +10:00
Joe Previte	4bb7a8ddb9	Merge pull request #3590 from mxschmitt/chore/upgrade-to-latest-playwright chore: upgrade to Playwright 1.12 with its new test-runner	2021-06-10 11:15:41 -07:00
Joe Previte	2c818e3855	Merge pull request #3589 from cdr/dependabot/npm_and_yarn/argon2-0.28.2 chore(deps): bump argon2 from 0.28.0 to 0.28.2	2021-06-10 09:36:45 -07:00
Max Schmitt	dbb34ad710	chore: upgrade to Playwright 1.12 with its new test-runner	2021-06-10 15:09:38 +02:00
dependabot[bot]	fda44240c9	chore(deps): bump argon2 from 0.28.0 to 0.28.2 Bumps [argon2](https://github.com/ranisalt/node-argon2) from 0.28.0 to 0.28.2. - [Release notes](https://github.com/ranisalt/node-argon2/releases) - [Commits](https://github.com/ranisalt/node-argon2/compare/v0.28.0...v0.28.2) --- updated-dependencies: - dependency-name: argon2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2021-06-10 11:01:38 +00:00
Joe Previte	9fc9c041ad	Merge pull request #3588 from cdr/dependabot/npm_and_yarn/lib/vscode/normalize-url-4.5.1 chore(deps): bump normalize-url from 4.5.0 to 4.5.1 in /lib/vscode	2021-06-09 15:06:08 -07:00
Joe Previte	a802a920ac	Merge pull request #3587 from cdr/dependabot/npm_and_yarn/lib/vscode/build/normalize-url-4.5.1 chore(deps): bump normalize-url from 4.5.0 to 4.5.1 in /lib/vscode/build	2021-06-09 15:05:54 -07:00
dependabot[bot]	54684c0ad2	chore(deps): bump normalize-url from 4.5.0 to 4.5.1 in /lib/vscode Bumps [normalize-url](https://github.com/sindresorhus/normalize-url) from 4.5.0 to 4.5.1. - [Release notes](https://github.com/sindresorhus/normalize-url/releases) - [Commits](https://github.com/sindresorhus/normalize-url/commits) --- updated-dependencies: - dependency-name: normalize-url dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2021-06-09 21:32:56 +00:00
dependabot[bot]	2594aa3e41	chore(deps): bump normalize-url from 4.5.0 to 4.5.1 in /lib/vscode/build Bumps [normalize-url](https://github.com/sindresorhus/normalize-url) from 4.5.0 to 4.5.1. - [Release notes](https://github.com/sindresorhus/normalize-url/releases) - [Commits](https://github.com/sindresorhus/normalize-url/commits) --- updated-dependencies: - dependency-name: normalize-url dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2021-06-09 21:32:42 +00:00
Joe Previte	717eaa6470	Merge pull request #3422 from cdr/jsjoeio/fix-password-hash fix: use sufficient computational effort for password hash	2021-06-09 14:32:05 -07:00
Joe Previte	1e55a648a5	feat: check for empty str in isHashMatch	2021-06-08 15:10:59 -07:00
Joe Previte	3b50bfc17d	fix: sanitize password and cookie key	2021-06-08 14:33:17 -07:00
Joe Previte	deaa2242ca	feat: add npm_config_build_from_source to build scripts This is necessary due to argon2 being added and an upstream issue where it uses a Linux build that is too new for CentOS 7.	2021-06-08 14:33:17 -07:00
Joe Previte	8c2bb61af9	refactor: parse options with multiple = in cli There was a case with the hashed-password which had multiple equal signs in the value and it wasn't being parsed correctly. This uses a new function and adds a few tests.	2021-06-08 14:33:17 -07:00
Joe Previte	531b7c0c25	feat: add splitOnFirstEquals function	2021-06-08 14:33:16 -07:00
Joe Previte	517aaf71c5	docs: update FAQ with new hashing instructions	2021-06-08 14:33:16 -07:00
Joe Previte	923761cd78	refactor: password logic in http w/ isCookieValid	2021-06-08 14:33:16 -07:00
Joe Previte	6020480b30	feat: add isCookieValid function and tests	2021-06-08 14:33:16 -07:00
Joe Previte	409b473c82	refactor: rewrite password logic at /login	2021-06-08 14:33:15 -07:00
Joe Previte	a14ea39c4a	feat: add handlePasswordValidation + tests	2021-06-08 14:33:15 -07:00
Joe Previte	7ff4117531	feat: add getPasswordMethod & test for it	2021-06-08 14:33:15 -07:00
Joe Previte	ffa5c16e51	feat: update cli and test for hashed-password	2021-06-08 14:33:15 -07:00
Joe Previte	788b958e20	refactor: update hash fn in test config	2021-06-08 14:33:14 -07:00
Joe Previte	1134780b8b	refactor: make wsProxy async	2021-06-08 14:33:14 -07:00
Joe Previte	91303d4e40	refactor: make ensureAuthenticated async	2021-06-08 14:33:14 -07:00
Joe Previte	0cdbd33b46	refactor: make authenticated async everywhere Since this checks if they are authenticated using the hash/password and it's async, we need to update authenticated to be async, which means we have to update it everywhere it's used.	2021-06-08 14:33:14 -07:00
Joe Previte	fcc3f0d951	refactor: update login logic with new async hashing This adds the proper await logic for the hashing of passwords.	2021-06-08 14:33:13 -07:00
Joe Previte	fd3cb6cfa0	refactor: update unit tests for hash fns Since the hash and isHashMatch are now async, I had to update the tests accordingly. Now everything is working.	2021-06-08 14:33:13 -07:00
Joe Previte	70197bb2a5	refactor: use argon2 instead of bcrypt This uses argon2 instead of bcrypt. Note: this means the hash functions are now async which means we have to refactor a lot of other code around auth.	2021-06-08 14:33:13 -07:00
Joe Previte	51f8341959	chore: update to argon2 in test	2021-06-08 14:33:13 -07:00
Joe Previte	dc2db5c62d	chore: add argon2 package	2021-06-08 14:33:13 -07:00
Joe Previte	fc3326f1f2	feat: add tests using real hashes	2021-06-08 14:33:12 -07:00
Joe Previte	aaf044728f	refactor: add functions to check hash password	2021-06-08 14:33:12 -07:00
Joe Previte	f35120c0a3	feat: add unit test for hash function	2021-06-08 14:33:12 -07:00
Joe Previte	17be8c5cd3	refactor: use bcrypt in e2e setup	2021-06-08 14:33:12 -07:00
Joe Previte	cac667317e	refactor: use bcrypt in hash function	2021-06-08 14:33:11 -07:00
Joe Previte	dd2cb1649a	chore: update CHANGELOG	2021-06-08 14:32:16 -07:00
dependabot[bot]	d8c3ba6a17	chore(deps): bump glob-parent in /lib/vscode/build/lib/watch (#3570 ) Bumps [glob-parent](https://github.com/gulpjs/glob-parent) from 5.1.1 to 5.1.2. - [Release notes](https://github.com/gulpjs/glob-parent/releases) - [Changelog](https://github.com/gulpjs/glob-parent/blob/main/CHANGELOG.md) - [Commits](https://github.com/gulpjs/glob-parent/compare/v5.1.1...v5.1.2) --- updated-dependencies: - dependency-name: glob-parent dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2021-06-09 00:25:30 +05:30

1 2 3 4 5 ...

2679 Commits