Use tag env var in npm publish

Instead of doing our own thing, make use of VS Code's setup script.

.github/workflows/build.yaml

@@ -15,12 +15,6 @@ concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: ${{ github.event_name == 'pull_request' }}
 
-# Note: if: success() is used in several jobs -
-# this ensures that it only executes if all previous jobs succeeded.
-
-# if: steps.cache-node-modules.outputs.cache-hit != 'true'
-# will skip running `npm install` if it successfully fetched from cache
-
 jobs:
   changes:
     runs-on: ubuntu-latest
@@ -31,10 +25,8 @@ jobs:
       docs: ${{ steps.filter.outputs.docs }}
       helm: ${{ steps.filter.outputs.helm }}
     steps:
-      - name: Checkout repo
+      - uses: actions/checkout@v6
-        uses: actions/checkout@v6
+      - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3
-      - name: Check changed files
-        uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3
         id: filter
         with:
           filters: |
@@ -157,20 +149,27 @@ jobs:
           token: ${{ secrets.CODECOV_TOKEN }}
 
   build:
-    name: Build code-server
+    name: linux-x64
     runs-on: ubuntu-22.04
     env:
       CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
       DISABLE_V8_COMPILE_CACHE: 1
+      VERSION: 0.0.0
+      VSCODE_TARGET: linux-x64
+      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      ELECTRON_SKIP_BINARY_DOWNLOAD: 1
+      PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1
+
     steps:
-      - uses: actions/checkout@v6
-        with:
-          submodules: true
       - run: sudo apt update && sudo apt install -y libkrb5-dev
       - uses: awalsh128/cache-apt-pkgs-action@2c09a5e66da6c8016428a2172bd76e5e4f14bb17 # latest
         with:
           packages: quilt
           version: 1.0
+
+      - uses: actions/checkout@v6
+        with:
+          submodules: true
       - run: quilt push -a
       - uses: actions/setup-node@v6
         with:
@@ -181,51 +180,43 @@ jobs:
             test/package-lock.json
       - run: SKIP_SUBMODULE_DEPS=1 npm ci
       - run: npm run build
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
       # Get Code's git hash.  When this changes it means the content is
       # different and we need to rebuild.
       - name: Get latest lib/vscode rev
         id: vscode-rev
         run: echo "rev=$(git rev-parse HEAD:./lib/vscode)" >> $GITHUB_OUTPUT
-      # We need to rebuild when we have a new version of Code, when any of
+      # We need to rebuild when we have a new version of Code, when any of the
-      # the patches changed, or when the code-server version changes (since
+      # patches changed, or when the code-server version changes (since it gets
-      # it gets embedded into the code).  Use VSCODE_CACHE_VERSION to
+      # embedded into the code).  Use VSCODE_CACHE_VERSION to force a rebuild.
-      # force a rebuild.
+      - name: Fetch prebuilt linux-x64 Code package from cache
-      - name: Fetch prebuilt Code package from cache
         id: cache-vscode
         uses: actions/cache@v4
         with:
-          path: lib/vscode-reh-web-*
+          path: lib/vscode-reh-web-linux-x64
-          key: vscode-reh-package-${{ secrets.VSCODE_CACHE_VERSION }}-${{ steps.vscode-rev.outputs.rev }}-${{ hashFiles('patches/*.diff', 'ci/build/build-vscode.sh') }}
+          key: vscode-linux-x64-package-${{ secrets.VSCODE_CACHE_VERSION }}-${{ steps.vscode-rev.outputs.rev }}-${{ hashFiles('patches/*.diff', 'ci/build/build-vscode.sh') }}
       - name: Build vscode
-        env:
-          VERSION: "0.0.0"
         if: steps.cache-vscode.outputs.cache-hit != 'true'
         run: |
           pushd lib/vscode
           npm ci
           popd
           npm run build:vscode
-      # The release package does not contain any native modules
+      # Push up an artifact containing the linux-x64 release.
-      # and is neutral to architecture/os/libc version.
+      - run: KEEP_MODULES=1 npm run release
-      - run: npm run release
-        if: success()
-      # https://github.com/actions/upload-artifact/issues/38
       - run: tar -czf package.tar.gz release
       - uses: actions/upload-artifact@v7
         with:
-          name: npm-package
+          name: linux-x64-package
           path: ./package.tar.gz
 
   test-e2e:
     name: Run e2e tests
     runs-on: ubuntu-22.04
     needs: [changes, build]
-    if: needs.changes.outputs.code == 'true' || needs.changes.outputs.deps == 'true'
+    if: needs.changes.outputs.code == 'true' || needs.changes.outputs.deps == 'true' || needs.changes.outputs.ci == 'true'
+
     steps:
       - uses: actions/checkout@v6
-      - run: sudo apt update && sudo apt install -y libkrb5-dev
       - uses: actions/setup-node@v6
         with:
           node-version-file: .node-version
@@ -234,48 +225,32 @@ jobs:
             package-lock.json
             test/package-lock.json
       - run: SKIP_SUBMODULE_DEPS=1 npm ci
-      - uses: actions/download-artifact@v8
-        with:
-          name: npm-package
-      - run: tar -xzf package.tar.gz
-      - run: cd release && npm install --unsafe-perm --omit=dev
       - name: Install Playwright OS dependencies
         run: |
           ./test/node_modules/.bin/playwright install-deps
           ./test/node_modules/.bin/playwright install
+
+      - uses: actions/download-artifact@v8
+        with:
+          name: linux-x64-package
+      - run: tar -xzf package.tar.gz
+
       - run: CODE_SERVER_TEST_ENTRY=./release npm run test:e2e
       - uses: actions/upload-artifact@v7
         if: always()
         with:
           name: failed-test-videos
           path: ./test/test-results
-      - run: rm -rf ./release ./test/test-results
 
   test-e2e-proxy:
     name: Run e2e tests behind proxy
     runs-on: ubuntu-22.04
+    env:
+      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
     needs: [changes, build]
-    if: needs.changes.outputs.code == 'true' || needs.changes.outputs.deps == 'true'
+    if: needs.changes.outputs.code == 'true' || needs.changes.outputs.deps == 'true' || needs.changes.outputs.ci == 'true'
+
     steps:
-      - uses: actions/checkout@v6
-      - run: sudo apt update && sudo apt install -y libkrb5-dev
-      - uses: actions/setup-node@v6
-        with:
-          node-version-file: .node-version
-          cache: npm
-          cache-dependency-path: |
-            package-lock.json
-            test/package-lock.json
-      - run: SKIP_SUBMODULE_DEPS=1 npm ci
-      - uses: actions/download-artifact@v8
-        with:
-          name: npm-package
-      - run: tar -xzf package.tar.gz
-      - run: cd release && npm install --unsafe-perm --omit=dev
-      - name: Install Playwright OS dependencies
-        run: |
-          ./test/node_modules/.bin/playwright install-deps
-          ./test/node_modules/.bin/playwright install
       - name: Cache Caddy
         uses: actions/cache@v4
         id: caddy-cache
@@ -284,18 +259,35 @@ jobs:
             ~/.cache/caddy
           key: cache-caddy-2.5.2
       - name: Install Caddy
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         if: steps.caddy-cache.outputs.cache-hit != 'true'
         run: |
           gh release download v2.5.2 --repo caddyserver/caddy --pattern "caddy_2.5.2_linux_amd64.tar.gz"
           mkdir -p ~/.cache/caddy
           tar -xzf caddy_2.5.2_linux_amd64.tar.gz --directory ~/.cache/caddy
+
+      - uses: actions/checkout@v6
+      - uses: actions/setup-node@v6
+        with:
+          node-version-file: .node-version
+          cache: npm
+          cache-dependency-path: |
+            package-lock.json
+            test/package-lock.json
+      - run: SKIP_SUBMODULE_DEPS=1 npm ci
+      - name: Install Playwright OS dependencies
+        run: |
+          ./test/node_modules/.bin/playwright install-deps
+          ./test/node_modules/.bin/playwright install
+
+      - uses: actions/download-artifact@v8
+        with:
+          name: linux-x64-package
+      - run: tar -xzf package.tar.gz
+
       - run: ~/.cache/caddy/caddy start --config ./ci/Caddyfile
       - run: CODE_SERVER_TEST_ENTRY=./release npm run test:e2e:proxy
       - run: ~/.cache/caddy/caddy stop --config ./ci/Caddyfile
         if: always()
-
       - uses: actions/upload-artifact@v7
         if: always()
         with:

.github/workflows/publish.yaml

@@ -6,7 +6,6 @@ on:
   workflow_dispatch:
     inputs:
       version:
-        description: The version to publish (include "v", i.e. "v4.9.1").
         type: string
         required: true
 
@@ -23,50 +22,46 @@ concurrency:
 jobs:
   npm:
     runs-on: ubuntu-latest
+    env:
+      TAG: ${{ inputs.version || github.ref_name }}
+      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+      NPM_ENVIRONMENT: "production"
+
     steps:
-      - name: Checkout code-server
+      - name: Set version to tag without leading v
-        uses: actions/checkout@v6
-
-      - name: Install Node.js
-        uses: actions/setup-node@v6
-        with:
-          node-version-file: .node-version
-
-      - name: Download npm package from release artifacts
-        uses: robinraju/release-downloader@daf26c55d821e836577a15f77d86ddc078948b05 # v1.12
-        with:
-          repository: "coder/code-server"
-          tag: ${{ inputs.version || github.ref_name }}
-          fileName: "package.tar.gz"
-          out-file-path: "release-npm-package"
-
-      # Strip out the v (v4.9.1 -> 4.9.1).
-      - name: Get and set VERSION
         run: |
           echo "VERSION=${TAG#v}" >> $GITHUB_ENV
 
-        env:
+      - uses: actions/checkout@v6
-          TAG: ${{ inputs.version || github.ref_name }}
+      - uses: actions/setup-node@v6
-      - run: npm run publish:npm
+        with:
-        env:
+          node-version-file: .node-version
-          VERSION: ${{ env.VERSION }}
+
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - uses: robinraju/release-downloader@daf26c55d821e836577a15f77d86ddc078948b05 # v1.12
-          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+        with:
-          NPM_ENVIRONMENT: "production"
+          repository: "coder/code-server"
+          tag: ${{ env.TAG }}
+          fileName: "package.tar.gz"
+          out-file-path: "release-npm-package"
+
+      - run: tar -xzf release-npm-package/package.tar.gz
+      - run: |
+          echo "//registry.npmjs.org/:_authToken=${NPM_TOKEN}" > ~/.npmrc
+          pushd release
+          npm publish --tag latest --access public
 
   aur:
     runs-on: ubuntu-latest
     timeout-minutes: 10
     env:
       GH_TOKEN: ${{ secrets.HOMEBREW_GITHUB_API_TOKEN }}
+      TAG: ${{ inputs.version || github.ref_name }}
 
     steps:
-      # We need to checkout code-server so we can get the version
+      - name: Set version to tag without leading v
-      - name: Checkout code-server
+        run: |
-        uses: actions/checkout@v6
+          echo "VERSION=${TAG#v}" >> $GITHUB_ENV
-        with:
-          fetch-depth: 0
-          path: "./code-server"
 
       - name: Checkout code-server-aur repo
         uses: actions/checkout@v6
@@ -86,27 +81,14 @@ jobs:
           git config --global user.name cdrci
           git config --global user.email opensource@coder.com
 
-      # Strip out the v (v4.9.1 -> 4.9.1).
-      - name: Get and set VERSION
-        run: |
-          echo "VERSION=${TAG#v}" >> $GITHUB_ENV
-
-        env:
-          TAG: ${{ inputs.version || github.ref_name }}
       - name: Validate package
         uses: heyhusen/archlinux-package-action@c9f94059ccbebe8710d31d582f33ef4e84fe575c # v3.0.0
-        env:
-          VERSION: ${{ env.VERSION }}
         with:
           pkgver: ${{ env.VERSION }}
           updpkgsums: true
           srcinfo: true
 
       - name: Open PR
-        # We need to git push -u otherwise gh will prompt
-        # asking where to push the branch.
-        env:
-          VERSION: ${{ env.VERSION }}
         run: |
           git checkout -b update-version-${{ env.VERSION }}
           git add .
@@ -116,54 +98,40 @@ jobs:
 
   docker:
     runs-on: ubuntu-latest
+    env:
+      GITHUB_TOKEN: ${{ github.token }}
+      TAG: ${{ inputs.version || github.ref_name }}
+
     steps:
-      - name: Checkout code-server
+      - name: Set version to tag without leading v
-        uses: actions/checkout@v6
+        run: |
+          echo "VERSION=${TAG#v}" >> $GITHUB_ENV
 
-      - name: Set up QEMU
+      - uses: actions/checkout@v6
-        uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3
+      - uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3
+      - uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3
 
-      - name: Set up Docker Buildx
+      - uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3
-        uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3
-
-      - name: Login to Docker Hub
-        uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3
         with:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}
-
+      - uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3
-      - name: Login to GHCR
-        uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
-      # Strip out the v (v4.9.1 -> 4.9.1).
+      - uses: robinraju/release-downloader@daf26c55d821e836577a15f77d86ddc078948b05 # v1.12
-      - name: Get and set VERSION
-        run: |
-          echo "VERSION=${TAG#v}" >> $GITHUB_ENV
-
-        env:
-          TAG: ${{ inputs.version || github.ref_name }}
-      - name: Download deb artifacts
-        uses: robinraju/release-downloader@daf26c55d821e836577a15f77d86ddc078948b05 # v1.12
         with:
           repository: "coder/code-server"
           tag: v${{ env.VERSION }}
           fileName: "*.deb"
           out-file-path: "release-packages"
-
+      - uses: robinraju/release-downloader@daf26c55d821e836577a15f77d86ddc078948b05 # v1.12
-      - name: Download rpm artifacts
-        uses: robinraju/release-downloader@daf26c55d821e836577a15f77d86ddc078948b05 # v1.12
         with:
           repository: "coder/code-server"
           tag: v${{ env.VERSION }}
           fileName: "*.rpm"
           out-file-path: "release-packages"
 
-      - name: Publish to Docker
+      - run: npm run publish:docker
-        run: ./ci/steps/docker-buildx-push.sh
-        env:
-          VERSION: ${{ env.VERSION }}
-          GITHUB_TOKEN: ${{ github.token }}

.github/workflows/release.yaml

@@ -4,7 +4,6 @@ on:
   workflow_dispatch:
     inputs:
       version:
-        description: The version to publish (include "v", i.e. "v4.9.1").
         type: string
         required: true
 
@@ -19,51 +18,57 @@ concurrency:
   cancel-in-progress: ${{ github.event_name == 'pull_request' }}
 
 jobs:
-  package-linux-cross:
+  package-linux:
-    name: ${{ matrix.prefix }}
+    name: ${{ format('linux-{0}', matrix.vscode_arch) }}
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
-    timeout-minutes: 15
+
-    needs: npm-version
-    container: "python:3.8-slim-buster"
     strategy:
       matrix:
         include:
-          - prefix: x86_64-linux-gnu
+          - npm_arch: x64
-            npm_arch: x64
+            vscode_arch: x64
-            apt_arch: amd64
             package_arch: amd64
-          - prefix: aarch64-linux-gnu
+          - npm_arch: arm64
-            npm_arch: arm64
+            vscode_arch: arm64
-            apt_arch: arm64
             package_arch: arm64
-          - prefix: arm-linux-gnueabihf
+          - npm_arch: arm
-            npm_arch: armv7l
+            vscode_arch: armhf
-            apt_arch: armhf
             package_arch: armv7l
 
     env:
-      AR: ${{ format('{0}-ar', matrix.prefix) }}
+      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      AS: ${{ format('{0}-as', matrix.prefix) }}
+      ELECTRON_SKIP_BINARY_DOWNLOAD: 1
-      CC: ${{ format('{0}-gcc', matrix.prefix) }}
+      PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1
-      CPP: ${{ format('{0}-cpp', matrix.prefix) }}
+      TAG: ${{ inputs.version || github.ref_name }}
-      CXX: ${{ format('{0}-g++', matrix.prefix) }}
+      # Set release package name.
-      FC: ${{ format('{0}-gfortran', matrix.prefix) }}
+      ARCH: ${{ matrix.package_arch }}
-      LD: ${{ format('{0}-ld', matrix.prefix) }}
+      # Cross-compile target.
-      STRIP: ${{ format('{0}-strip', matrix.prefix) }}
+      VSCODE_ARCH: ${{ matrix.vscode_arch }}
-      PKG_CONFIG_PATH: ${{ format('/usr/lib/{0}/pkgconfig', matrix.prefix) }}
-      TARGET_ARCH: ${{ matrix.apt_arch }}
       npm_config_arch: ${{ matrix.npm_arch }}
-      PKG_ARCH: ${{ matrix.package_arch }}
+      # Gulp target name.
-      # Not building from source results in an x86_64 argon2, as if
+      VSCODE_TARGET: ${{ format('linux-{0}', matrix.vscode_arch) }}
-      # npm_config_arch is being ignored.
-      npm_config_build_from_source: true
 
     steps:
-      - name: Checkout repo
+      - run: sudo apt update && sudo apt install -y libkrb5-dev
-        uses: actions/checkout@v6
+      - uses: awalsh128/cache-apt-pkgs-action@2c09a5e66da6c8016428a2172bd76e5e4f14bb17 # latest
+        with:
+          packages: quilt
+          version: 1.0
+      - name: Install nfpm
+        run: |
+          mkdir -p ~/.local/bin
+          curl -sSfL https://github.com/goreleaser/nfpm/releases/download/v2.3.1/nfpm_2.3.1_`uname -s`_`uname -m`.tar.gz | tar -C ~/.local/bin -zxv nfpm
+          echo "$HOME/.local/bin" >> $GITHUB_PATH
 
-      - name: Install Node.js
+      - name: Set version to tag without leading v
-        uses: actions/setup-node@v6
+        run: |
+          echo "VERSION=${TAG#v}" >> $GITHUB_ENV
+
+      - uses: actions/checkout@v6
+        with:
+          submodules: true
+      - run: quilt push -a
+      - uses: actions/setup-node@v6
         with:
           node-version-file: .node-version
           cache: npm
@@ -71,243 +76,93 @@ jobs:
             package-lock.json
             test/package-lock.json
 
-      - name: Install cross-compiler and system dependencies
+      - name: Build
         run: |
-          sed -i 's/deb\.debian\.org/archive.debian.org/g' /etc/apt/sources.list
+          cd lib/vscode/build
-          dpkg --add-architecture $TARGET_ARCH
+          npm ci
-          apt update && apt install -y --no-install-recommends \
+          cd ..
-            crossbuild-essential-$TARGET_ARCH \
+          source ./build/azure-pipelines/linux/setup-env.sh
-            libx11-dev:$TARGET_ARCH \
+          # Run preinstall script before root dependencies are installed
-            libx11-xcb-dev:$TARGET_ARCH \
+          # so that v8 headers are patched correctly for native modules.
-            libxkbfile-dev:$TARGET_ARCH \
+          node build/npm/preinstall.ts
-            libsecret-1-dev:$TARGET_ARCH \
+          cd ../..
-            libkrb5-dev:$TARGET_ARCH \
+          npm ci
-            ca-certificates \
+          npm run build
-            curl wget rsync gettext-base
+          npm run build:vscode
-
-      - run: SKIP_SUBMODULE_DEPS=1 npm ci
-
-      - name: Install nfpm
-        run: |
-          mkdir -p ~/.local/bin
-          curl -sSfL https://github.com/goreleaser/nfpm/releases/download/v2.3.1/nfpm_2.3.1_`uname -s`_`uname -m`.tar.gz | tar -C ~/.local/bin -zxv nfpm
-          echo "$HOME/.local/bin" >> $GITHUB_PATH
-
-      - name: Download npm package
-        uses: actions/download-artifact@v8
-        with:
-          name: npm-release-package
-
-      - run: tar -xzf package.tar.gz
-      - run: npm run release:standalone
-
-      - name: Replace node with cross-compile equivalent
-        run: |
-          node_version=$(node --version)
-          wget https://nodejs.org/dist/${node_version}/node-${node_version}-linux-${npm_config_arch}.tar.xz
-          tar -xf node-${node_version}-linux-${npm_config_arch}.tar.xz node-${node_version}-linux-${npm_config_arch}/bin/node --strip-components=2
-          mv ./node ./release-standalone/lib/node
-
-      # Strip out the v (v4.9.1 -> 4.9.1).
-      - name: Get and set VERSION
-        run: |
-          echo "VERSION=${TAG#v}" >> $GITHUB_ENV
-
-        env:
-          TAG: ${{ inputs.version || github.ref_name }}
-      - env:
-          VERSION: ${{ env.VERSION }}
-        run: npm run package $PKG_ARCH
-
-      - uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v1
-        with:
-          draft: true
-          discussion_category_name: "📣 Announcements"
-          files: ./release-packages/*
-
-  package-macos-amd64:
-    name: x86-64 macOS build
-    runs-on: macos-15-intel
-    timeout-minutes: 15
-    needs: npm-version
-    env:
-      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-    steps:
-      - name: Checkout repo
-        uses: actions/checkout@v6
-
-      - name: Install Node.js
-        uses: actions/setup-node@v6
-        with:
-          node-version-file: .node-version
-          cache: npm
-          cache-dependency-path: |
-            package-lock.json
-            test/package-lock.json
-
-      - run: SKIP_SUBMODULE_DEPS=1 npm ci
-
-      - name: Install nfpm
-        run: |
-          mkdir -p ~/.local/bin
-          curl -sSfL https://github.com/goreleaser/nfpm/releases/download/v2.3.1/nfpm_2.3.1_`uname -s`_`uname -m`.tar.gz | tar -C ~/.local/bin -zxv nfpm
-          echo "$HOME/.local/bin" >> $GITHUB_PATH
-
-      # The version of node-gyp we use depends on distutils but it was removed
-      # in Python 3.12.  It seems to be fixed in the latest node-gyp so when we
-      # next update Node we can probably remove this.  For now, install
-      # setuptools since it contains distutils.
-      - run: brew install python-setuptools
-
-      - name: Download npm package
-        uses: actions/download-artifact@v8
-        with:
-          name: npm-release-package
-
-      - run: tar -xzf package.tar.gz
-      - run: npm run release:standalone
-      - run: npm run test:native
-
-      # Strip out the v (v4.9.1 -> 4.9.1).
-      - name: Get and set VERSION
-        run: |
-          echo "VERSION=${TAG#v}" >> $GITHUB_ENV
-
-        env:
-          TAG: ${{ inputs.version || github.ref_name }}
-      - name: Build packages with nfpm
-        env:
-          VERSION: ${{ env.VERSION }}
-        run: npm run package
-
-      - uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v1
-        with:
-          draft: true
-          discussion_category_name: "📣 Announcements"
-          files: ./release-packages/*
-
-  package-macos-arm64:
-    name: arm64 macOS build
-    runs-on: macos-latest
-    timeout-minutes: 15
-    needs: npm-version
-    env:
-      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-    steps:
-      - name: Checkout repo
-        uses: actions/checkout@v6
-
-      - name: Install Node.js
-        uses: actions/setup-node@v6
-        with:
-          node-version-file: .node-version
-          cache: npm
-          cache-dependency-path: |
-            package-lock.json
-            test/package-lock.json
-
-      - run: SKIP_SUBMODULE_DEPS=1 npm ci
-
-      - name: Install nfpm
-        run: |
-          mkdir -p ~/.local/bin
-          curl -sSfL https://github.com/goreleaser/nfpm/releases/download/v2.3.1/nfpm_2.3.1_`uname -s`_`uname -m`.tar.gz | tar -C ~/.local/bin -zxv nfpm
-          echo "$HOME/.local/bin" >> $GITHUB_PATH
-
-      # The version of node-gyp we use depends on distutils but it was removed
-      # in Python 3.12.  It seems to be fixed in the latest node-gyp so when we
-      # next update Node we can probably remove this.  For now, install
-      # setuptools since it contains distutils.
-      - run: brew install python-setuptools
-
-      - name: Download npm package
-        uses: actions/download-artifact@v8
-        with:
-          name: npm-release-package
-
-      - run: tar -xzf package.tar.gz
-      - run: npm run release:standalone
-      - run: npm run test:native
-
-      # Strip out the v (v4.9.1 -> 4.9.1).
-      - name: Get and set VERSION
-        run: |
-          echo "VERSION=${TAG#v}" >> $GITHUB_ENV
-
-        env:
-          TAG: ${{ inputs.version || github.ref_name }}
-      - name: Build packages with nfpm
-        env:
-          VERSION: ${{ env.VERSION }}
-        run: npm run package
-
-      - uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v1
-        with:
-          draft: true
-          discussion_category_name: "📣 Announcements"
-          files: ./release-packages/*
-
-  npm-package:
-    name: Upload npm package
-    runs-on: ubuntu-latest
-    timeout-minutes: 15
-    needs: npm-version
-    steps:
-      - name: Download npm package
-        uses: actions/download-artifact@v8
-        with:
-          name: npm-release-package
-
-      - uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v1
-        with:
-          draft: true
-          discussion_category_name: "📣 Announcements"
-          files: ./package.tar.gz
-
-  npm-version:
-    name: Modify package.json version
-    runs-on: ubuntu-latest
-    timeout-minutes: 15
-    steps:
-      - name: Download artifacts
-        uses: dawidd6/action-download-artifact@2536c51d3d126276eb39f74d6bc9c72ac6ef30d3 # v16
-        id: download
-        with:
-          branch: ${{ github.ref }}
-          workflow: build.yaml
-          workflow_conclusion: completed
-          name: npm-package
-          check_artifacts: false
-          if_no_artifact_found: fail
-
-      - run: tar -xzf package.tar.gz
-
-      # Strip out the v (v4.9.1 -> 4.9.1).
-      - name: Get and set VERSION
-        run: |
-          echo "VERSION=${TAG#v}" >> $GITHUB_ENV
-
-        env:
-          TAG: ${{ inputs.version || github.ref_name }}
-      - name: Modify version
-        env:
-          VERSION: ${{ env.VERSION }}
-        run: |
-          echo "Updating version in root package.json"
-          npm version --prefix release "$VERSION"
-
-          echo "Updating version in lib/vscode/product.json"
-          tmp=$(mktemp)
-          jq ".codeServerVersion = \"$VERSION\"" release/lib/vscode/product.json > "$tmp" && mv "$tmp" release/lib/vscode/product.json
-          # Ensure it has the same permissions as before
-          chmod 644 release/lib/vscode/product.json
 
+      # Platform-agnostic NPM package.
+      - run: npm run release
+        if: ${{ matrix.vscode_arch == 'x64' }}
       - run: tar -czf package.tar.gz release
-
+        if: ${{ matrix.vscode_arch == 'x64' }}
-      - name: Upload npm package artifact
+      - uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v1
-        uses: actions/upload-artifact@v7
+        if: ${{ matrix.vscode_arch == 'x64' }}
         with:
-          name: npm-release-package
+          draft: true
-          path: ./package.tar.gz
+          discussion_category_name: "📣 Announcements"
+          files: package.tar.gz
+
+      # Platform-specific release.
+      - run: KEEP_MODULES=1 npm run release
+      - run: npm run package
+      - uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v1
+        with:
+          draft: true
+          discussion_category_name: "📣 Announcements"
+          files: ./release-packages/*
+
+  package-macos:
+    name: ${{ matrix.vscode_target }}
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        include:
+          - os: macos-15-intel
+            vscode_target: darwin-x64
+          - os: macos-latest
+            vscode_target: darwin-arm64
+    env:
+      VSCODE_TARGET: ${{ matrix.vscode_target }}
+      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      TAG: ${{ inputs.version || github.ref_name }}
+
+    steps:
+      # The version of node-gyp we use depends on distutils but it was removed
+      # in Python 3.12.  It seems to be fixed in the latest node-gyp so when we
+      # next update Node we can probably remove this.  For now, install
+      # setuptools since it contains distutils.
+      - run: brew install python-setuptools quilt
+      - name: Install nfpm
+        run: |
+          mkdir -p ~/.local/bin
+          curl -sSfL https://github.com/goreleaser/nfpm/releases/download/v2.3.1/nfpm_2.3.1_`uname -s`_`uname -m`.tar.gz | tar -C ~/.local/bin -zxv nfpm
+          echo "$HOME/.local/bin" >> $GITHUB_PATH
+
+      - name: Set version to tag without leading v
+        run: |
+          echo "VERSION=${TAG#v}" >> $GITHUB_ENV
+
+      - uses: actions/checkout@v6
+        with:
+          submodules: true
+      - run: quilt push -a
+      - uses: actions/setup-node@v6
+        with:
+          node-version-file: .node-version
+          cache: npm
+          cache-dependency-path: |
+            package-lock.json
+            test/package-lock.json
+
+      - run: npm ci
+      - run: npm run build
+      - run: npm run build:vscode
+      - run: KEEP_MODULES=1 npm run release
+      - run: npm run test:native
+
+      - run: npm run package
+      - uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v1
+        with:
+          draft: true
+          discussion_category_name: "📣 Announcements"
+          files: ./release-packages/*

.gitignore

@@ -2,8 +2,6 @@
 .cache
 /out*/
 release/
-release-npm-package/
-release-standalone/
 release-packages/
 release-gcp/
 release-images/

.prettierignore

@@ -1,6 +1,4 @@
-lib/vscode
+lib
-lib/vscode-reh-web-linux-x64
-release-standalone
 release-packages
 release
 helm-chart

CHANGELOG.md

@@ -22,6 +22,39 @@ Code v99.99.999
 
 ## Unreleased
 
+## [4.112.0](https://github.com/coder/code-server/releases/tag/v4.112.0) - 2026-03-19
+
+Code v1.112.0
+
+### Changed
+
+- Update to Code 1.112.0
+
+## [4.111.0](https://github.com/coder/code-server/releases/tag/v4.111.0) - 2026-03-11
+
+Code v1.111.0
+
+### Changed
+
+- Update to Code 1.111.0
+- `--app-name` now affects the error page title.
+
+## [4.110.1](https://github.com/coder/code-server/releases/tag/v4.110.1) - 2026-03-10
+
+Code v1.110.1
+
+### Changed
+
+- Update to Code 1.110.1
+
+## [4.110.0](https://github.com/coder/code-server/releases/tag/v4.110.0) - 2026-03-09
+
+Code v1.110.0
+
+### Changed
+
+- Update to Code 1.110.0
+
 ## [4.109.5](https://github.com/coder/code-server/releases/tag/v4.109.5) - 2026-03-02
 
 Code v1.109.5

ci/README.md

@@ -1,112 +0,0 @@
-# ci
-
-This directory contains scripts used for code-server's continuous integration infrastructure.
-
-Some of these scripts contain more detailed documentation and options
-in header comments.
-
-Any file or directory in this subdirectory should be documented here.
-
-- [./ci/lib.sh](./lib.sh)
-  - Contains code duplicated across these scripts.
-
-## dev
-
-This directory contains scripts used for the development of code-server.
-
-- [./ci/dev/image](./dev/image)
-  - See [./docs/CONTRIBUTING.md](../docs/CONTRIBUTING.md) for docs on the development container.
-- [./ci/dev/fmt.sh](./dev/fmt.sh) (`npm run fmt`)
-  - Runs formatters.
-- [./ci/dev/lint.sh](./dev/lint.sh) (`npm run lint`)
-  - Runs linters.
-- [./ci/dev/test-unit.sh](./dev/test-unit.sh) (`npm run test:unit`)
-  - Runs unit tests.
-- [./ci/dev/test-e2e.sh](./dev/test-e2e.sh) (`npm run test:e2e`)
-  - Runs end-to-end tests.
-- [./ci/dev/watch.ts](./dev/watch.ts) (`npm run watch`)
-  - Starts a process to build and launch code-server and restart on any code changes.
-  - Example usage in [./docs/CONTRIBUTING.md](../docs/CONTRIBUTING.md).
-- [./ci/dev/gen_icons.sh](./dev/gen_icons.sh) (`npm run icons`)
-  - Generates the various icons from a single `.svg` favicon in
-    `src/browser/media/favicon.svg`.
-  - Requires [imagemagick](https://imagemagick.org/index.php)
-
-## build
-
-This directory contains the scripts used to build and release code-server.
-You can disable minification by setting `MINIFY=`.
-
-- [./ci/build/build-code-server.sh](./build/build-code-server.sh) (`npm run build`)
-  - Builds code-server into `./out` and bundles the frontend into `./dist`.
-- [./ci/build/build-vscode.sh](./build/build-vscode.sh) (`npm run build:vscode`)
-  - Builds vscode into `./lib/vscode/out-vscode`.
-- [./ci/build/build-release.sh](./build/build-release.sh) (`npm run release`)
-  - Bundles the output of the above two scripts into a single node module at `./release`.
-- [./ci/build/clean.sh](./build/clean.sh) (`npm run clean`)
-  - Removes all build artifacts.
-  - Useful to do a clean build.
-- [./ci/build/code-server.sh](./build/code-server.sh)
-  - Copied into standalone releases to run code-server with the bundled node binary.
-- [./ci/build/test-standalone-release.sh](./build/test-standalone-release.sh) (`npm run test:standalone-release`)
-  - Ensures code-server in the `./release-standalone` directory works by installing an extension.
-- [./ci/build/build-packages.sh](./build/build-packages.sh) (`npm run package`)
-  - Packages `./release-standalone` into a `.tar.gz` archive in `./release-packages`.
-  - If on linux, [nfpm](https://github.com/goreleaser/nfpm) is used to generate `.deb` and `.rpm`.
-- [./ci/build/nfpm.yaml](./build/nfpm.yaml)
-  - Used to configure [nfpm](https://github.com/goreleaser/nfpm) to generate `.deb` and `.rpm`.
-- [./ci/build/code-server-nfpm.sh](./build/code-server-nfpm.sh)
-  - Entrypoint script for code-server for `.deb` and `.rpm`.
-- [./ci/build/code-server.service](./build/code-server.service)
-  - systemd user service packaged into the `.deb` and `.rpm`.
-- [./ci/build/release-github-draft.sh](./build/release-github-draft.sh) (`npm run release:github-draft`)
-  - Uses [gh](https://github.com/cli/cli) to create a draft release with a template description.
-- [./ci/build/release-github-assets.sh](./build/release-github-assets.sh) (`npm run release:github-assets`)
-  - Downloads the release-package artifacts for the current commit from CI.
-  - Uses [gh](https://github.com/cli/cli) to upload the artifacts to the release
-    specified in `package.json`.
-- [./ci/build/npm-postinstall.sh](./build/npm-postinstall.sh)
-  - Post install script for the npm package.
-  - Bundled by`npm run release`.
-
-## release-image
-
-This directory contains the release docker container image.
-
-- [./ci/steps/build-docker-buildx-push.sh](./steps/docker-buildx-push.sh)
-  - Builds the release containers with tags `codercom/code-server-$ARCH:$VERSION` for amd64 and arm64 with `docker buildx` and pushes them.
-  - Assumes debian releases are ready in `./release-packages`.
-
-## images
-
-This directory contains the images for CI.
-
-## steps
-
-This directory contains the scripts used in CI.
-Helps avoid clobbering the CI configuration.
-
-- [./steps/fmt.sh](./steps/fmt.sh)
-  - Runs `npm run fmt`.
-- [./steps/lint.sh](./steps/lint.sh)
-  - Runs `npm run lint`.
-- [./steps/test-unit.sh](./steps/test-unit.sh)
-  - Runs `npm run test:unit`.
-- [./steps/test-integration.sh](./steps/test-integration.sh)
-  - Runs `npm run test:integration`.
-- [./steps/test-e2e.sh](./steps/test-e2e.sh)
-  - Runs `npm run test:e2e`.
-- [./steps/release.sh](./steps/release.sh)
-  - Runs the release process.
-  - Generates the npm package at `./release`.
-- [./steps/release-packages.sh](./steps/release-packages.sh)
-  - Takes the output of the previous script and generates a standalone release and
-    release packages into `./release-packages`.
-- [./steps/publish-npm.sh](./steps/publish-npm.sh)
-  - Grabs the `npm-package` release artifact for the current commit and publishes it on npm.
-- [./steps/docker-buildx-push.sh](./steps/docker-buildx-push.sh)
-  - Builds the docker image and then pushes it.
-- [./steps/push-docker-manifest.sh](./steps/push-docker-manifest.sh)
-  - Loads all images in `./release-images` and then builds and pushes a multi architecture
-    docker manifest for the amd64 and arm64 images to `codercom/code-server:$VERSION` and
-    `codercom/code-server:latest`.

ci/build/build-packages.sh

@@ -1,21 +1,18 @@
 #!/usr/bin/env bash
 set -euo pipefail
 
-# Given a platform-specific release found in ./release-standalone, generate an
+# Given a release found in $RELEASE_PATH, generate a deb, rpm, and tarball each
-# compressed archives and bundles (as appropriate for the platform) named after
+# named after $ARCH (derived from uname -m but can be overridden for
-# the platform's architecture and OS and place them in ./release-packages and
+# cross-compilation) and $OS (derived from uname and cannot be overridden) and
-# ./release-gcp.
+# place them in ./release-packages and ./release-gcp.
 
 main() {
   cd "$(dirname "${0}")/../.."
   source ./ci/lib.sh
   source ./ci/build/build-lib.sh
 
-  # Allow us to override architecture
+  VERSION=$(jq -r .version "$RELEASE_PATH/package.json")
-  # we use this for our Linux ARM64 cross compile builds
+  export VERSION # for nfpm to use
-  if [ "$#" -eq 1 ] && [ "$1" ]; then
-    ARCH=$1
-  fi
 
   mkdir -p release-packages
 
@@ -29,9 +26,9 @@ main() {
 release_archive() {
   local release_name="code-server-$VERSION-$OS-$ARCH"
   if [[ $OS == "linux" ]]; then
-    tar -czf "release-packages/$release_name.tar.gz" --owner=0 --group=0 --transform "s/^\.\/release-standalone/$release_name/" ./release-standalone
+    tar -czf "release-packages/$release_name.tar.gz" --owner=0 --group=0 --transform "s/^$RELEASE_PATH/$release_name/" "$RELEASE_PATH"
   else
-    tar -czf "release-packages/$release_name.tar.gz" -s "/^release-standalone/$release_name/" release-standalone
+    tar -czf "release-packages/$release_name.tar.gz" -s "/^$RELEASE_PATH/$release_name/" "$RELEASE_PATH"
   fi
 
   echo "done (release-packages/$release_name)"
@@ -52,15 +49,13 @@ release_nfpm() {
 
   export NFPM_ARCH
 
-  PKG_FORMAT="deb"
+  NFPM_ARCH="$(get_nfpm_arch deb "$ARCH")"
-  NFPM_ARCH="$(get_nfpm_arch $PKG_FORMAT "$ARCH")"
   nfpm_config="$(envsubst < ./ci/build/nfpm.yaml)"
   echo "Building deb"
   echo "$nfpm_config" | head --lines=4
   nfpm pkg -f <(echo "$nfpm_config") --target "release-packages/code-server_${VERSION}_${NFPM_ARCH}.deb"
 
-  PKG_FORMAT="rpm"
+  NFPM_ARCH="$(get_nfpm_arch rpm "$ARCH")"
-  NFPM_ARCH="$(get_nfpm_arch $PKG_FORMAT "$ARCH")"
   nfpm_config="$(envsubst < ./ci/build/nfpm.yaml)"
   echo "Building rpm"
   echo "$nfpm_config" | head --lines=4

ci/build/build-release.sh

@@ -4,13 +4,16 @@ set -euo pipefail
 # Once both code-server and VS Code have been built, use this script to copy
 # them into a single directory (./release), prepare the package.json and
 # product.json, and add shrinkwraps.  This results in a generic NPM package that
-# we published to NPM and also use to compile platform-specific packages.
+# we can publish to NPM.
 
 # MINIFY controls whether minified VS Code is bundled. It must match the value
 # used when VS Code was built.
 MINIFY="${MINIFY-true}"
 
 # node_modules are not copied by default.  Set KEEP_MODULES=1 to copy them.
+# Note these modules will be for the platform that built them, making the result
+# no longer generic (it can still be published though as the modules will be
+# ignored when pushing).
 KEEP_MODULES="${KEEP_MODULES-0}"
 
 main() {
@@ -31,6 +34,30 @@ main() {
   rsync ./docs/README.md "$RELEASE_PATH"
   rsync LICENSE "$RELEASE_PATH"
   rsync ./lib/vscode/ThirdPartyNotices.txt "$RELEASE_PATH"
+
+  if [ "$KEEP_MODULES" = 1 ]; then
+    # Copy Node.  Package managers may shim their own "node" wrapper into the
+    # PATH, so run node and ask it for its true path.
+    local node_path
+    node_path="$(node -p process.execPath)"
+    rsync "$node_path" "$RELEASE_PATH/lib/node"
+    chmod 755 "$RELEASE_PATH/lib/node"
+
+    # Copy the code-server launcher.
+    mkdir -p "$RELEASE_PATH/bin"
+    rsync ./ci/build/code-server.sh "$RELEASE_PATH/bin/code-server"
+    chmod 755 "$RELEASE_PATH/bin/code-server"
+
+    # Delete the extra bin scripts.
+    rm "$RELEASE_PATH/lib/vscode/bin/remote-cli/code-darwin.sh"
+    rm "$RELEASE_PATH/lib/vscode/bin/remote-cli/code-linux.sh"
+    rm "$RELEASE_PATH/lib/vscode/bin/helpers/browser-darwin.sh"
+    rm "$RELEASE_PATH/lib/vscode/bin/helpers/browser-linux.sh"
+    if [ "$OS" != windows ] ; then
+      rm "$RELEASE_PATH/lib/vscode/bin/remote-cli/code.cmd"
+      rm "$RELEASE_PATH/lib/vscode/bin/helpers/browser.cmd"
+    fi
+  fi
 }
 
 bundle_code_server() {
@@ -48,6 +75,7 @@ bundle_code_server() {
   jq --slurp '(.[0] | del(.scripts,.jest,.devDependencies)) * .[1]' package.json <(
     cat << EOF
   {
+    "version": "$(jq -r .codeServerVersion "./lib/vscode-reh-web-$VSCODE_TARGET/product.json")",
     "commit": "$(git rev-parse HEAD)",
     "scripts": {
       "postinstall": "sh ./postinstall.sh"
@@ -85,7 +113,7 @@ bundle_vscode() {
     rsync_opts+=(--exclude node_modules)
   fi
 
-  rsync "${rsync_opts[@]}" ./lib/vscode-reh-web-*/ "$VSCODE_OUT_PATH"
+  rsync "${rsync_opts[@]}" "./lib/vscode-reh-web-$VSCODE_TARGET/" "$VSCODE_OUT_PATH"
 
   # Merge the package.json for the web/remote server so we can include
   # dependencies, since we want to ship this via NPM.

ci/build/build-standalone-release.sh

@@ -1,37 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-
-# Once we have an NPM package, use this script to copy it to a separate
-# directory (./release-standalone) and install the dependencies.  This new
-# directory can then be packaged as a platform-specific release.
-
-main() {
-  cd "$(dirname "${0}")/../.."
-
-  source ./ci/lib.sh
-
-  rsync "$RELEASE_PATH/" "$RELEASE_PATH-standalone"
-  RELEASE_PATH+=-standalone
-
-  # Package managers may shim their own "node" wrapper into the PATH, so run
-  # node and ask it for its true path.
-  local node_path
-  node_path="$(node -p process.execPath)"
-
-  mkdir -p "$RELEASE_PATH/bin"
-  mkdir -p "$RELEASE_PATH/lib"
-  rsync ./ci/build/code-server.sh "$RELEASE_PATH/bin/code-server"
-  rsync "$node_path" "$RELEASE_PATH/lib/node"
-
-  chmod 755 "$RELEASE_PATH/lib/node"
-
-  pushd "$RELEASE_PATH"
-  npm install --unsafe-perm --omit=dev
-  # Code deletes some files from the extension node_modules directory which
-  # leaves broken symlinks in the corresponding .bin directory.  nfpm will fail
-  # on these broken symlinks so clean them up.
-  rm -fr "./lib/vscode/extensions/node_modules/.bin"
-  popd
-}
-
-main "$@"

ci/build/build-vscode.sh

@@ -6,33 +6,32 @@ set -euo pipefail
 # MINIFY controls whether a minified version of vscode is built.
 MINIFY=${MINIFY-true}
 
-delete-bin-script() {
+fix-bin-script() {
-  rm -f "lib/vscode-reh-web-linux-x64/bin/$1"
+  local script="lib/vscode-reh-web-$VSCODE_TARGET/bin/$1"
-}
+  sed -i.bak "s/@@VERSION@@/$(vscode_version)/g" "$script"
-
+  sed -i.bak "s/@@COMMIT@@/$BUILD_SOURCEVERSION/g" "$script"
-copy-bin-script() {
+  sed -i.bak "s/@@APPNAME@@/code-server/g" "$script"
-  local script="$1"
-  local dest="lib/vscode-reh-web-linux-x64/bin/$script"
-  cp "lib/vscode/resources/server/bin/$script" "$dest"
-  sed -i.bak "s/@@VERSION@@/$(vscode_version)/g" "$dest"
-  sed -i.bak "s/@@COMMIT@@/$BUILD_SOURCEVERSION/g" "$dest"
-  sed -i.bak "s/@@APPNAME@@/code-server/g" "$dest"
 
   # Fix Node path on Darwin and Linux.
   # We do not want expansion here; this text should make it to the file as-is.
   # shellcheck disable=SC2016
-  sed -i.bak 's/^ROOT=\(.*\)$/VSROOT=\1\nROOT="$(dirname "$(dirname "$VSROOT")")"/g' "$dest"
+  sed -i.bak 's/^ROOT=\(.*\)$/VSROOT=\1\nROOT="$(dirname "$(dirname "$VSROOT")")"/g' "$script"
-  sed -i.bak 's/ROOT\/out/VSROOT\/out/g' "$dest"
+  sed -i.bak 's/ROOT\/out/VSROOT\/out/g' "$script"
   # We do not want expansion here; this text should make it to the file as-is.
   # shellcheck disable=SC2016
-  sed -i.bak 's/$ROOT\/node/${NODE_EXEC_PATH:-$ROOT\/lib\/node}/g' "$dest"
+  sed -i.bak 's/$ROOT\/node/${NODE_EXEC_PATH:-$ROOT\/lib\/node}/g' "$script"
 
   # Fix Node path on Windows.
-  sed -i.bak 's/^set ROOT_DIR=\(.*\)$/set ROOT_DIR=%~dp0..\\..\\..\\..\r\nset VSROOT_DIR=\1/g' "$dest"
+  sed -i.bak 's/^set ROOT_DIR=\(.*\)$/set ROOT_DIR=%~dp0..\\..\\..\\..\r\nset VSROOT_DIR=\1/g' "$script"
-  sed -i.bak 's/%ROOT_DIR%\\out/%VSROOT_DIR%\\out/g' "$dest"
+  sed -i.bak 's/%ROOT_DIR%\\out/%VSROOT_DIR%\\out/g' "$script"
 
-  chmod +x "$dest"
+  chmod +x "$script"
-  rm "$dest.bak"
+  rm "$script.bak"
+}
+
+copy-bin-script() {
+  cp "lib/vscode/resources/server/bin/$1" "lib/vscode-reh-web-$VSCODE_TARGET/bin/$1"
+  fix-bin-script "$1"
 }
 
 main() {
@@ -108,12 +107,8 @@ main() {
 EOF
   ) > product.json
 
-  # Any platform here works since we will do our own packaging.  We have to do
-  # this because we have an NPM package that could be installed on any platform.
-  # The correct platform dependencies and scripts will be installed as part of
-  # the post-install during `npm install` or when building a standalone release.
   npm run gulp core-ci
-  npm run gulp "vscode-reh-web-linux-x64${MINIFY:+-min}-ci"
+  npm run gulp "vscode-reh-web-$VSCODE_TARGET${MINIFY:+-min}-ci"
 
   # Reset so if you develop after building you will not be stuck with the wrong
   # commit (the dev client will use `oss-dev` but the dev server will still use
@@ -122,7 +117,7 @@ EOF
 
   popd
 
-  pushd lib/vscode-reh-web-linux-x64
+  pushd "lib/vscode-reh-web-$VSCODE_TARGET"
   # Make sure Code took the version we set in the environment variable.  Not
   # having a version will break display languages.
   if ! jq -e .commit product.json; then
@@ -131,15 +126,28 @@ EOF
   fi
   popd
 
+  # Set vars and fix paths.
+  case $OS in
+    windows)
+      fix-bin-script remote-cli/code.cmd
+      fix-bin-script helpers/browser.cmd
+      ;;
+    *)
+      fix-bin-script remote-cli/code-server
+      fix-bin-script helpers/browser.sh
+      ;;
+  esac
+
+  # Include bin scripts for other platforms so we can use the right one in the
+  # NPM post-install.
+
   # These provide a `code-server` command in the integrated terminal to open
   # files in the current instance.
-  delete-bin-script remote-cli/code-server
   copy-bin-script remote-cli/code-darwin.sh
   copy-bin-script remote-cli/code-linux.sh
   copy-bin-script remote-cli/code.cmd
 
   # These provide a way for terminal applications to open browser windows.
-  delete-bin-script helpers/browser.sh
   copy-bin-script helpers/browser-darwin.sh
   copy-bin-script helpers/browser-linux.sh
   copy-bin-script helpers/browser.cmd

ci/build/nfpm.yaml

@@ -21,5 +21,5 @@ contents:
   - src: ./ci/build/code-server-user.service
     dst: /usr/lib/systemd/user/code-server.service
 
-  - src: ./release-standalone/*
+  - src: ./release/*
     dst: /usr/lib/code-server

ci/build/npm-postinstall.sh

@@ -23,17 +23,6 @@ symlink() {
   esac
 }
 
-# VS Code bundles some modules into an asar which is an archive format that
-# works like tar. It then seems to get unpacked into node_modules.asar.
-#
-# I don't know why they do this but all the dependencies they bundle already
-# exist in node_modules so just symlink it. We have to do this since not only
-# Code itself but also extensions will look specifically in this directory for
-# files (like the ripgrep binary or the oniguruma wasm).
-symlink_asar() {
-  symlink node_modules node_modules.asar
-}
-
 # Make a symlink at bin/$1/$3 pointing to the platform-specific version of the
 # script in $2.  The extension of the link will be .cmd for Windows otherwise it
 # will be whatever is in $4 (or no extension if $4 is not set).
@@ -145,7 +134,6 @@ vscode_install() {
     return 1
   fi
 
-  symlink_asar
   symlink_bin_script remote-cli code code-server
   symlink_bin_script helpers browser browser .sh
 

ci/dev/test-integration.sh

@@ -2,13 +2,13 @@
 set -euo pipefail
 
 help() {
-  echo >&2 "  You can build the standalone release with 'npm run release:standalone'"
+  echo >&2 "  You can build the release with 'KEEP_MODULES=1 npm run release'"
   echo >&2 "  Or you can pass in a custom path."
   echo >&2 "  CODE_SERVER_PATH='/var/tmp/coder/code-server/bin/code-server' npm run test:integration"
 }
 
 # Make sure a code-server release works. You can pass in the path otherwise it
-# will look for release-standalone in the current directory.
+# will look for $RELEASE_PATH in the current directory.
 #
 # This is to make sure we don't have Node version errors or any other
 # compilation-related errors.
@@ -17,7 +17,7 @@ main() {
 
   source ./ci/lib.sh
 
-  local path="$RELEASE_PATH-standalone/bin/code-server"
+  local path="$RELEASE_PATH/bin/code-server"
   if [[ ! ${CODE_SERVER_PATH-} ]]; then
     echo "Set CODE_SERVER_PATH to test another build of code-server"
   else

ci/dev/test-native.sh

@@ -2,13 +2,13 @@
 set -euo pipefail
 
 help() {
-  echo >&2 "  You can build the standalone release with 'npm run release:standalone'"
+  echo >&2 "  You can build the release with 'KEEP_MODULES=1 npm run release'"
   echo >&2 "  Or you can pass in a custom path."
   echo >&2 "  CODE_SERVER_PATH='/var/tmp/coder/code-server/bin/code-server' npm run test:integration"
 }
 
 # Make sure a code-server release works. You can pass in the path otherwise it
-# will look for release-standalone in the current directory.
+# will look for $RELEASE_PATH in the current directory.
 #
 # This is to make sure we don't have Node version errors or any other
 # compilation-related errors.
@@ -17,7 +17,7 @@ main() {
 
   source ./ci/lib.sh
 
-  local path="$RELEASE_PATH-standalone/bin/code-server"
+  local path="$RELEASE_PATH/bin/code-server"
   if [[ ! ${CODE_SERVER_PATH-} ]]; then
     echo "Set CODE_SERVER_PATH to test another build of code-server"
   else

ci/lib.sh

@@ -44,11 +44,42 @@ rsync() {
   command rsync -a --del "$@"
 }
 
-ARCH="$(arch)"
+if [[ ! ${ARCH-} ]]; then
-export ARCH
+  ARCH=$(arch)
-OS=$(os)
+  export ARCH
-export OS
+fi
+
+if [[ ! ${OS-} ]]; then
+  OS=$(os)
+  export OS
+fi
 
 # RELEASE_PATH is the destination directory for the release from the root.
 # Defaults to release
-RELEASE_PATH="${RELEASE_PATH-release}"
+if [[ ! ${RELEASE_PATH-} ]]; then
+  RELEASE_PATH="release"
+  export RELEASE_PATH
+fi
+
+nodeOS() {
+  osname=$OS
+  case $osname in
+    macos) osname=darwin ;;
+    windows) osname=win32 ;;
+  esac
+  echo "$osname"
+}
+
+nodeArch() {
+  cpu=$ARCH
+  case $cpu in
+    amd64) cpu=x64 ;;
+  esac
+  echo "$cpu"
+}
+
+# See gulpfile.reh.ts for available targets.
+if [[ ! ${VSCODE_TARGET-} ]]; then
+  VSCODE_TARGET="$(nodeOS)-$(nodeArch)"
+  export VSCODE_TARGET
+fi

ci/steps/brew-bump.sh

@@ -1,37 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-
-main() {
-  # Only sourcing this so we get access to $VERSION
-  source ./ci/lib.sh
-  source ./ci/steps/steps-lib.sh
-
-  echo "Checking environment variables"
-
-  # We need VERSION to bump the brew formula
-  if ! is_env_var_set "VERSION"; then
-    echo "VERSION is not set"
-    exit 1
-  fi
-
-  # We need HOMEBREW_GITHUB_API_TOKEN to push up commits
-  if ! is_env_var_set "HOMEBREW_GITHUB_API_TOKEN"; then
-    echo "HOMEBREW_GITHUB_API_TOKEN is not set"
-    exit 1
-  fi
-
-  # Find the docs for bump-formula-pr here
-  # https://github.com/Homebrew/brew/blob/master/Library/Homebrew/dev-cmd/bump-formula-pr.rb#L18
-  local output
-  if ! output=$(brew bump-formula-pr --version="${VERSION}" code-server --no-browse --no-audit --message="PR opened by @${GITHUB_ACTOR}" 2>&1); then
-    if [[ $output == *"Duplicate PRs should not be opened"* ]]; then
-      echo "$VERSION is already submitted"
-      exit 0
-    else
-      echo "$output"
-      exit 1
-    fi
-  fi
-}
-
-main "$@"

ci/steps/publish-npm.sh

@@ -1,149 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-
-main() {
-  cd "$(dirname "$0")/../.."
-  source ./ci/lib.sh
-  source ./ci/steps/steps-lib.sh
-
-  ## Authentication tokens
-  # Needed to publish on NPM
-  if ! is_env_var_set "NPM_TOKEN"; then
-    echo "NPM_TOKEN is not set. Cannot publish to npm without credentials."
-    exit 1
-  fi
-
-  ## Publishing Information
-  # All the variables below are used to determine how we should publish
-  # the npm package. We also use this information for bumping the version.
-  # This is because npm won't publish your package unless it's a new version.
-  # i.e. for development, we bump the version to <current version>-<pr number>-<commit sha>
-  # example: "version": "4.0.1-4769-ad7b23cfe6ffd72914e34781ef7721b129a23040"
-  # We use this to grab the PR_NUMBER
-  if ! is_env_var_set "GITHUB_REF"; then
-    echo "GITHUB_REF is not set. Are you running this locally? We rely on values provided by GitHub."
-    exit 1
-  fi
-
-  # We use this when setting NPM_VERSION
-  if ! is_env_var_set "GITHUB_SHA"; then
-    echo "GITHUB_SHA is not set. Are you running this locally? We rely on values provided by GitHub."
-    exit 1
-  fi
-
-  # We use this to determine the NPM_ENVIRONMENT
-  if ! is_env_var_set "GITHUB_EVENT_NAME"; then
-    echo "GITHUB_EVENT_NAME is not set. Are you running this locally? We rely on values provided by GitHub."
-    exit 1
-  fi
-
-  # Check that we're using at least v7 of npm CLI
-  if ! command -v jq &> /dev/null; then
-    echo "Couldn't find jq"
-    echo "We need this in order to modify the package.json for dev builds."
-    exit 1
-  fi
-
-  # This allows us to publish to npm in CI workflows
-  if [[ ${CI-} ]]; then
-    echo "//registry.npmjs.org/:_authToken=${NPM_TOKEN}" > ~/.npmrc
-  fi
-
-  ## Environment
-  # This string is used to determine how we should tag the npm release.
-  # Environment can be one of three choices:
-  # "development" - this means we tag with the PR number, allowing
-  # a developer to install this version with `npm install code-server@<pr-number>`
-  # "staging" - this means we tag with `beta`, allowing
-  # a developer to install this version with `npm install code-server@beta`
-  # "production" - this means we tag with `latest` (default), allowing
-  # a developer to install this version with `npm install code-server@latest`
-  if ! is_env_var_set "NPM_ENVIRONMENT"; then
-    echo "NPM_ENVIRONMENT is not set."
-    echo "Determining in script based on GITHUB environment variables."
-
-    if [[ "$GITHUB_EVENT_NAME" == 'push' && "$GITHUB_REF" == 'refs/heads/main' ]]; then
-      NPM_ENVIRONMENT="staging"
-    else
-      NPM_ENVIRONMENT="development"
-    fi
-
-  fi
-
-  # NOTE@jsjoeio - this script assumes we have the artifact downloaded on disk
-  # That happens in CI as a step before we run this.
-  # https://github.com/actions/upload-artifact/issues/38
-  tar -xzf release-npm-package/package.tar.gz
-
-  # We use this to set the name of the package in the
-  # package.json
-  PACKAGE_NAME="code-server"
-
-  # NOTES:@jsjoeio
-  # We only need to run npm version for "development" and "staging".
-  # This is because our release:prep script automatically bumps the version
-  # in the package.json and we commit it as part of the release PR.
-  if [[ "$NPM_ENVIRONMENT" == "production" ]]; then
-    NPM_VERSION="$VERSION"
-    # This means the npm version will be published as "stable"
-    # and installed when a user runs `npm install code-server`
-    NPM_TAG="latest"
-  else
-    COMMIT_SHA="$GITHUB_SHA"
-
-    if [[ "$NPM_ENVIRONMENT" == "staging" ]]; then
-      NPM_VERSION="$VERSION-beta-$COMMIT_SHA"
-      # This means the npm version will be tagged with "beta"
-      # and installed when a user runs `npm install code-server@beta`
-      NPM_TAG="beta"
-      PACKAGE_NAME="@coder/code-server-pr"
-    fi
-
-    if [[ "$NPM_ENVIRONMENT" == "development" ]]; then
-      # Source: https://github.com/actions/checkout/issues/58#issuecomment-614041550
-      PR_NUMBER=$(echo "$GITHUB_REF" | awk 'BEGIN { FS = "/" } ; { print $3 }')
-      NPM_VERSION="$VERSION-$PR_NUMBER-$COMMIT_SHA"
-      PACKAGE_NAME="@coder/code-server-pr"
-      # This means the npm version will be tagged with "<pr number>"
-      # and installed when a user runs `npm install code-server@<pr number>`
-      NPM_TAG="$PR_NUMBER"
-    fi
-
-    echo "- tag: $NPM_TAG"
-    echo "- version: $NPM_VERSION"
-    echo "- package name: $PACKAGE_NAME"
-    echo "- npm environment: $NPM_ENVIRONMENT"
-
-    # We modify the version in the package.json
-    # to be the current version + the PR number + commit SHA
-    # or we use current version + beta + commit SHA
-    # Example: "version": "4.0.1-4769-ad7b23cfe6ffd72914e34781ef7721b129a23040"
-    # Example: "version": "4.0.1-beta-ad7b23cfe6ffd72914e34781ef7721b129a23040"
-    pushd release
-    npm version "$NPM_VERSION"
-    # Use the development package name
-    # This is so we don't clutter the code-server versions on npm
-    # with development versions.
-    # jq can't edit in place so we must store in memory and echo
-    local contents
-    contents="$(jq ".name |= \"$PACKAGE_NAME\"" package.json)"
-    echo "${contents}" > package.json
-    popd
-  fi
-
-  # We need to make sure we haven't already published the version.
-  # If we get error, continue with script because we want to publish
-  # If version is valid, we check if we're publishing the same one
-  local hasVersion
-  if hasVersion=$(npm view "$PACKAGE_NAME@$NPM_VERSION" version 2> /dev/null) && [[ $hasVersion == "$NPM_VERSION" ]]; then
-    echo "$NPM_VERSION is already published under $PACKAGE_NAME"
-    return
-  fi
-
-  # Since the dev builds are scoped to @coder
-  # We pass --access public to ensure npm knows it's not private.
-  cd release
-  npm publish --tag "$NPM_TAG" --access public
-}
-
-main "$@"

docs/CONTRIBUTING.md

@@ -9,7 +9,6 @@
   - [Version updates to Code](#version-updates-to-code)
   - [Patching Code](#patching-code)
   - [Build](#build)
-    - [Creating a Standalone Release](#creating-a-standalone-release)
   - [Troubleshooting](#troubleshooting)
     - [I see "Forbidden access" when I load code-server in the browser](#i-see-forbidden-access-when-i-load-code-server-in-the-browser)
     - ["Can only have one anonymous define call per script"](#can-only-have-one-anonymous-define-call-per-script)
@@ -122,7 +121,7 @@ commits first if you are doing this).
 
 ### Build
 
-You can build a full production as follows:
+You can build a full production release as follows:
 
 ```shell
 git submodule update --init
@@ -130,26 +129,32 @@ quilt push -a
 npm install
 npm run build
 VERSION=0.0.0 npm run build:vscode
-npm run release
+KEEP_MODULES=1 npm run release
 ```
 
-This does not keep `node_modules`. If you want them to be kept, use
+You can omit `KEEP_MODULES` if you intend to use this in a platform-agnostic way
-`KEEP_MODULES=1 npm run release`
+(like for publishing to NPM), but since the VS Code build process does
+post-processing deletion of the modules, it is recommended to keep the modules
+when possible, since if you install them later you will have more than is
+required. `KEEP_MODULES` will also bundle Node and the code-server entry script.
 
 Run your build:
 
+```shell
+./release/bin/code-server
+```
+
+Or if you omitted `KEEP_MODULES`:
+
 ```shell
 cd release
-npm install --omit=dev # Skip if you used KEEP_MODULES=1
+npm install --omit=dev
-# Runs the built JavaScript with Node.
 node .
 ```
 
-Then, to build the release package:
+Then, to package the release:
 
 ```shell
-npm run release:standalone
-npm run test:integration
 npm run package
 ```
 
@@ -158,22 +163,6 @@ npm run package
 > If you need your builds to support older distros, run the build commands
 > inside a Docker container with all the build requirements installed.
 
-#### Creating a Standalone Release
-
-Part of the build process involves creating standalone releases. At the time of
-writing, we do this for the following platforms/architectures:
-
-- Linux amd64 (.tar.gz, .deb, and .rpm)
-- Linux arm64 (.tar.gz, .deb, and .rpm)
-- Linux arm7l (.tar.gz)
-- Linux armhf.deb
-- Linux armhf.rpm
-- macOS arm64.tar.gz
-
-Currently, these are compiled in CI using the `npm run release:standalone`
-command in the `release.yaml` workflow. We then upload them to the draft release
-and distribute via GitHub Releases.
-
 ### Troubleshooting
 
 #### I see "Forbidden access" when I load code-server in the browser

docs/MAINTAINING.md

@@ -7,7 +7,6 @@
     - [Release Candidates](#release-candidates)
     - [AUR](#aur)
     - [Docker](#docker)
-    - [Homebrew](#homebrew)
     - [nixpkgs](#nixpkgs)
     - [npm](#npm)
 - [Testing](#testing)
@@ -27,20 +26,18 @@ Most of the work is keeping on top of issues and discussions.
 
 1. Check that the changelog lists all the important changes.
 2. Make sure the changelog entry lists the current version of VS Code.
-3. Update the changelog with the release date.
+3. Go to GitHub Actions > Draft release > Run workflow on the commit you want to
-4. Go to GitHub Actions > Draft release > Run workflow on the commit you want to
+   release. For the version we match VS Code's minor and patch version. The
-   release. Make sure CI has finished the build workflow on that commit or this
-   will fail. For the version we match VS Code's minor and patch version. The
    patch number may become temporarily out of sync if we need to put out a
    patch, but if we make our own minor change then we will not release it until
    the next minor VS Code release.
-5. CI will automatically grab the build artifact on that commit (which is why CI
+4. CI will build an NPM package and platform-specific packages, and upload those
-   has to have completed), inject the provided version into the `package.json`,
+   to a draft release.
-   put together platform-specific packages, and upload those packages to a draft
+5. Update the resulting draft release with the changelog contents.
-   release.
+6. Publish the draft release after validating it.
-6. Update the resulting draft release with the changelog contents.
+7. Update the changelog with the release date and bump the Helm chart version
-7. Publish the draft release after validating it.
+   once the Docker images have published.
-8. Bump the Helm chart version once the Docker images have published.
+8. Merge the PR submitted to coder/code-server-aur repo.
 
 #### Release Candidates
 
@@ -55,38 +52,34 @@ full-blown release. To do this follow the same steps as above but:
 
 #### AUR
 
-We publish to AUR as a package [here](https://aur.archlinux.org/packages/code-server/). This process is manual and can be done by following the steps in [this repo](https://github.com/coder/code-server-aur).
+We publish to AUR as a package
+[here](https://aur.archlinux.org/packages/code-server/). This process is manual
+and can be done by following the steps in [this
+repo](https://github.com/coder/code-server-aur).
 
 #### Docker
 
-We publish code-server as a Docker image [here](https://hub.docker.com/r/codercom/code-server), tagging it both with the version and latest.
+We publish code-server as a Docker image
+[here](https://hub.docker.com/r/codercom/code-server), tagging it both with the
+version and latest.
 
 This is currently automated with the release process.
 
-#### Homebrew
-
-We publish code-server on Homebrew [here](https://github.com/Homebrew/homebrew-core/blob/master/Formula/code-server.rb).
-
-This is currently automated with the release process (but may fail occasionally). If it does, run this locally:
-
-```shell
-# Replace VERSION with version
-brew bump-formula-pr --version="${VERSION}" code-server --no-browse --no-audit
-```
-
 #### nixpkgs
 
 We publish code-server in nixpkgs but it must be updated manually.
 
 #### npm
 
-We publish code-server as a npm package [here](https://www.npmjs.com/package/code-server/v/latest).
+We publish code-server as a npm package
+[here](https://www.npmjs.com/package/code-server/v/latest).
 
 This is currently automated with the release process.
 
 ## Testing
 
-Our testing structure is laid out under our [Contributing docs](https://coder.com/docs/code-server/latest/CONTRIBUTING#test).
+Our testing structure is laid out under our [Contributing
+docs](https://coder.com/docs/code-server/latest/CONTRIBUTING#test).
 
 If you're ever looking to add more tests, here are a few ways to get started:
 

package.json

@@ -14,7 +14,6 @@
     "build:vscode": "./ci/build/build-vscode.sh",
     "doctoc": "./ci/dev/doctoc.sh",
     "release": "./ci/build/build-release.sh",
-    "release:standalone": "./ci/build/build-standalone-release.sh",
     "release:prep": "./ci/build/release-prep.sh",
     "test:e2e": "VSCODE_IPC_HOOK_CLI= ./ci/dev/test-e2e.sh",
     "test:e2e:proxy": "USE_PROXY=1 ./ci/dev/test-e2e.sh",