Delete '.nvmrc'

Update requirements.md (#4882 )
Grammar/typo correction. Co-authored-by: Joe Previte <jjprevite@gmail.com>
2022-02-23 02:53:35 +00:00 · 2022-02-18 11:06:58 -07:00 · 2022-02-17 15:18:17 -07:00 · 2022-02-15 16:19:22 -07:00 · 2022-02-15 14:51:42 -07:00 · 2022-02-15 14:15:53 -07:00
191 changed files with 8899 additions and 9515 deletions
--- a/.eslintrc.yaml
+++ b/.eslintrc.yaml
@ -36,11 +36,8 @@ rules:
  import/order:
    [error, { alphabetize: { order: "asc" }, groups: [["builtin", "external", "internal"], "parent", "sibling"] }]
  no-async-promise-executor: off
-  # This isn't a real module, just types, which apparently doesn't resolve.
-  import/no-unresolved: [error, { ignore: ["express-serve-static-core"] }]

 settings:
-  # Does not work with CommonJS unfortunately.
-  import/ignore:
-    - env-paths
-    - xdg-basedir
+  import/resolver:
+    typescript:
+      alwaysTryTypes: true
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@ -1,3 +1,3 @@
-* @cdr/code-server-reviewers
+* @coder/code-server-reviewers

-ci/helm-chart @Matthew-Beckett @alexgorbatchev
+ci/helm-chart/ @Matthew-Beckett @alexgorbatchev
--- a/.github/ISSUE_TEMPLATE/bug-report.md
+++ b/.github/ISSUE_TEMPLATE/bug-report.md
@ -1,74 +0,0 @@
---
-name: Bug report
-about: Report a bug and help us improve
-title: ""
-labels: ""
-assignees: ""
---
-
-<!--
-
-Hi there! 👋
-
-Thanks for reporting a bug.
-
-Please search for existing issues before filing, as they may contain additional
-information about the problem and descriptions of workarounds. Provide as much
-information as you can, so that we can reproduce the issue. Otherwise, we may
-not be able to help diagnose the problem, and may close the issue as
-unreproducible or incomplete. For visual defects, please include screenshots to
-help us understand the issue.
-->
-
-## OS/Web Information
-
- Web Browser:
- Local OS:
- Remote OS:
- Remote Architecture:
- `code-server --version`:
-
-## Steps to Reproduce
-
-1.
-2.
-3.
-
-## Expected
-
-<!-- What should happen? -->
-
-## Actual
-
-<!-- What actually happens? -->
-
-## Logs
-
-<!--
-First run code-server with at least debug logging (or trace to be really
-thorough) by setting the --log flag or the LOG_LEVEL environment variable. -vvv
-and --verbose are aliases for --log trace. For example:
-
-code-server --log debug
-
-Once this is done, replicate the issue you're having then collect logging
-information from the following places:
-
-    1. The most recent files from ~/.local/share/code-server/coder-logs.
-    2. The browser console.
-    3. The browser network tab.
-
-Additionally, collecting core dumps (you may need to enable them first) if
-code-server crashes can be helpful.
-->
-
-## Screenshot
-
-<!-- Ideally provide a screenshot, gif, video or screen recording. -->
-
-## Notes
-
-<!-- If you can reproduce the issue on vanilla VS Code,
-please file the issue at the VS Code repository instead. -->
-
-This issue can be reproduced in VS Code: Yes/No
--- a/.github/ISSUE_TEMPLATE/bug-report.yml
+++ b/.github/ISSUE_TEMPLATE/bug-report.yml
@ -0,0 +1,86 @@
+name: Bug report
+description: File a bug report
+title: "[Bug]: "
+labels: ["bug", "triage"]
+body:
+  - type: checkboxes
+    attributes:
+      label: Is there an existing issue for this?
+      description: Please search to see if an issue already exists for the bug you encountered.
+      options:
+        - label: I have searched the existing issues
+          required: true
+  - type: textarea
+    attributes:
+      label: OS/Web Information
+      description: |
+        examples:
+          - **Web Browser**: Chrome
+          - **Local OS**: macOS
+          - **Remote OS**: Ubuntu
+          - **Remote Architecture**: amd64
+          - **`code-server --version`**: 4.0.1
+      value: |
+        - Web Browser:
+        - Local OS:
+        - Remote OS:
+        - Remote Architecture:
+        - `code-server --version`:
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Steps to Reproduce
+      description: |
+        1. open code-server
+        2. install extension
+        3. run command
+      value: |
+        1. 
+        2.
+        3.
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Expected
+      description: What should happen?
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Actual
+      description: What actually happens?
+    validations:
+      required: true
+  - type: textarea
+    id: logs
+    attributes:
+      label: Logs
+      description: Run code-server with the --verbose flag and then paste any relevant logs from the server, from the browser console and/or the browser network tab. For issues with installation, include installation logs (i.e. output of `yarn global add code-server`).
+  - type: textarea
+    attributes:
+      label: Screenshot/Video
+      description: Please include a screenshot, gif or screen recording of your issue.
+    validations:
+      required: false
+  - type: checkboxes
+    attributes:
+      label: Does this issue happen in VS Code?
+      description: Please try reproducing this issue in VS Code
+      options:
+        - label: I cannot reproduce this in VS Code.
+          required: true
+  - type: checkboxes
+    attributes:
+      label: Are you accessing code-server over HTTPS?
+      description: code-server relies on service workers for many features. Double-check that you are using HTTPS.
+      options:
+        - label: I am using HTTPS.
+          required: true
+  - type: textarea
+    attributes:
+      label: Notes
+      description: Please include any addition notes that will help us resolve this issue.
+    validations:
+      required: false
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@ -1,8 +1,8 @@
 blank_issues_enabled: false
 contact_links:
-  - name: Question
-    url: https://github.com/cdr/code-server/discussions/new?category_id=22503114
+  - name: Question?
+    url: https://github.com/coder/code-server/discussions/new?category_id=22503114
    about: Ask the community for help on our GitHub Discussions board
-  - name: Chat
-    about: Need immediate help or just want to talk? Hop in our Slack
+  - name: code-server Slack Community
+    about: Need immediate help or just want to talk? Hop in our Slack. Note - this Slack is not actively monitored by code-server maintainers.
    url: https://cdr.co/join-community
--- a/.github/ISSUE_TEMPLATE/doc.md
+++ b/.github/ISSUE_TEMPLATE/doc.md
@ -1,7 +1,13 @@
 ---
 name: Documentation improvement
 about: Suggest a documentation improvement
-title: ""
+title: "[Docs]: "
 labels: "docs"
-assignees: ""
+assignees: "@jsjoeio"
 ---
+
+## What is your suggestion?
+
+## How will this improve the docs?
+
+## Are you interested in submitting a PR for this?
--- a/.github/ISSUE_TEMPLATE/extension-request.md
+++ b/.github/ISSUE_TEMPLATE/extension-request.md
@ -1,18 +0,0 @@
---
-name: Extension request
-about: Request an extension missing from the code-server marketplace
-title: ""
-labels: extension-request
-assignees: ""
---
-
-<!--
-Details on the code-server extension marketplace are at
-
-https://github.com/cdr/code-server/blob/master/docs/FAQ.md#whats-the-deal-with-extensions
-
-Please fill in the issue template!
-->
-
- [ ] Extension name:
- [ ] Extension GitHub or homepage:
--- a/.github/ISSUE_TEMPLATE/feature-request.md
+++ b/.github/ISSUE_TEMPLATE/feature-request.md
@ -1,13 +1,15 @@
 ---
 name: Feature request
-about: Suggest an idea
-title: ""
-labels: feature
+about: Suggest an idea to improve code-server
+title: "[Feat]: "
+labels: enhancement
 assignees: ""
 ---

-<!--
-Please search for existing issues before filing.
+## What is your suggestion?

-Please describe the feature as clearly as possible!
-->
+## Why do you want this feature?
+
+## Are there any workarounds to get this functionality today?
+
+## Are you interested in submitting a PR for this?
--- a/.github/ISSUE_TEMPLATE/release.md
+++ b/.github/ISSUE_TEMPLATE/release.md
@ -1,16 +0,0 @@
---
-name: Release
-about: "*For maintainers only*"
-title: "release: 0.0.0"
-labels: ""
-assignees: "@cdr/code-server-reviewers"
---
-
-<!-- Maintainer: fill out the checklist -->
-
-## Checklist
-
- [ ] Assign to next release manager
- [ ] Close previous release milestone
- [ ] Create next release milestone
- [ ] Associate issue with next release milestone
--- a/.github/codecov.yml
+++ b/.github/codecov.yml
@ -6,7 +6,16 @@ coverage:
  precision: 2
  round: down
  range: "40...70"
-  patch: off
+  status:
+    patch: off
+  notify:
+    slack:
+      default:
+        url: secret:v1::tXC7VwEIKYjNU8HRgRv2GdKOSCt5UzpykKZb+o1eCDqBgb2PEqwE3A26QUPYMLo4BO2qtrJhFIvwhUvlPwyzDCNGoNiuZfXr0UeZZ0y1TcZu672R/NBNMwEPO/e1Ye0pHxjzKHnuH7HqbjFucox/RBQLtiL3J56SWGE3JtbkC6o=
+        threshold: 1%
+        only_pulls: false
+        branches:
+          - "main"

 parsers:
  gcov:
--- a/.github/codeql-config.yml
+++ b/.github/codeql-config.yml
@ -1,4 +1 @@
 name: "code-server CodeQL config"
-
-paths-ignore:
-  - lib/vscode
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@ -1,32 +0,0 @@
-version: 2
-updates:
-  - package-ecosystem: "github-actions"
-    directory: "/"
-    schedule:
-      interval: "daily"
-      time: "11:00"
-    ignore:
-      # GitHub always delivers the latest versions for each major
-      # release tag, so handle updates manually
-      - dependency-name: "actions/*"
-      - dependency-name: "github/codeql-action/*"
-      - dependency-name: "microsoft/playwright-github-action"
-
-  - package-ecosystem: "npm"
-    directory: "/"
-    schedule:
-      interval: "daily"
-      time: "11:00"
-    ignore:
-      - dependency-name: "@types/node"
-        update-types: ["version-update:semver-major"]
-      - dependency-name: "xdg-basedir"
-        # 5.0.0 has breaking changes as they switch to named exports
-        # and convert the module to ESM
-        # We can't use it until we switch to ESM across the project
-        # See release notes: https://github.com/sindresorhus/xdg-basedir/releases/tag/v5.0.0
-        versions: ["5.x"]
-      - dependency-name: "limiter"
-        # 2.0.0 has breaking changes
-        # so we can't update yet.
-        versions: ["2.x"]
--- a/.github/lock.yml
+++ b/.github/lock.yml
@ -1,37 +0,0 @@
-# Configuration for Lock Threads - https://github.com/dessant/lock-threads-app
-
-# Number of days of inactivity before a closed issue or pull request is locked
-daysUntilLock: 90
-
-# Skip issues and pull requests created before a given timestamp. Timestamp must
-# follow ISO 8601 (`YYYY-MM-DD`). Set to `false` to disable
-skipCreatedBefore: false
-
-# Issues and pull requests with these labels will be ignored. Set to `[]` to disable
-exemptLabels: []
-
-# Label to add before locking, such as `outdated`. Set to `false` to disable
-lockLabel: false
-
-# Comment to post before locking. Set to `false` to disable
-lockComment: >
-  This thread has been automatically locked since there has not been
-  any recent activity after it was closed. Please open a new issue for
-  related bugs.
-
-# Assign `resolved` as the reason for locking. Set to `false` to disable
-setLockReason: true
-# Limit to only `issues` or `pulls`
-# only: issues
-
-# Optionally, specify configuration settings just for `issues` or `pulls`
-# issues:
-#   exemptLabels:
-#     - help-wanted
-#   lockLabel: outdated
-
-# pulls:
-#   daysUntilLock: 30
-
-# Repository to extend settings from
-# _extends: repo
--- a/.github/ranger.yml
+++ b/.github/ranger.yml
@ -15,26 +15,10 @@ labels:
  "squash when passing": merge
  "rebase when passing": merge
  "merge when passing": merge
-  stale:
-    action: close
-    delay: 7 days
-    comment: "⚠️ This issue has been marked stale and will automatically be closed in $DELAY."
  "new contributor":
    action: comment
    delay: 5s
    message: "Thanks for making your first contribution! :slightly_smiling_face:"
-  extension-request:
-    action: close
-    delay: 5s
-    comment: >
-      Thanks for opening an extension request!
-      We are currently in the process of switching extension
-      marketplaces and transitioning over to [Open VSX](https://open-vsx.org/).
-      Once https://github.com/eclipse/openvsx/issues/249 is implemented, we
-      can fully make this transition. Therefore, we are no longer accepting
-      new requests for extension requests. We suggest installing the VSIX
-      file and then installing into code-server as a temporary workaround.
-      See [docs](https://github.com/cdr/code-server/blob/main/docs/FAQ.md#installing-vsix-extensions-via-the-command-line) for more info.
  "upstream:vscode":
    action: close
    delay: 5s
--- a/.github/semantic.yaml
+++ b/.github/semantic.yaml
@ -0,0 +1,63 @@
+###############################################################################
+# This file configures "Semantic Pull Requests", which is documented here:
+# https://github.com/zeke/semantic-pull-requests
+###############################################################################
+
+# Scopes are optionally supplied after a 'type'. For example, in
+#
+# feat(docs): autostart ui
+#
+# '(docs)' is the scope. Scopes are used to signify where the change occurred.
+scopes:
+  # docs: changes to the code-server documentation.
+  - docs
+
+  # vendor: changes to vendored dependencies.
+  - vendor
+
+  # deps: changes to code-server's dependencies.
+  - deps
+
+  # cs: changes to code specific to code-server.
+  - cs
+
+  # cli: changes to the command-line interface.
+  - cli
+
+# We only check that the PR title is semantic. The PR title is automatically
+# applied to the "Squash & Merge" flow as the suggested commit message, so this
+# should suffice unless someone drastically alters the message in that flow.
+titleOnly: true
+
+# Types are the 'tag' types in a commit or PR title. For example, in
+#
+# chore: fix thing
+#
+# 'chore' is the type.
+types:
+  # A build of any kind.
+  - build
+
+  # A user-facing change that corrects a defect in code-server.
+  - fix
+
+  # Any code task that is ignored for changelog purposes. Examples include
+  # devbin scripts and internal-only configurations.
+  - chore
+
+  # Any work performed on CI.
+  - ci
+
+  # Work that directly implements or supports the implementation of a feature.
+  - feat
+
+  # A refactor changes code structure without any behavioral change.
+  - refactor
+
+  # A git revert for any style of commit.
+  - revert
+
+  # Adding tests of any kind. Should be separate from feature or fix
+  # implementations. For example, if a commit adds a fix + test, it's a fix
+  # commit. If a commit is simply bumping coverage, it's a test commit.
+  - test
--- a/.github/stale.yml
+++ b/.github/stale.yml
@ -0,0 +1,12 @@
+# Number of days of inactivity before an issue becomes stale
+daysUntilStale: 180
+# Number of days of inactivity before a stale issue is closed
+daysUntilClose: 5
+# Label to apply when stale.
+staleLabel: stale
+# Comment to post when marking an issue as stale. Set to `false` to disable
+markComment: >
+  This issue has been automatically marked as stale because it has not had
+  recent activity. It will be closed if no activity occurs in the next 5 days.
+# Comment to post when closing a stale issue. Set to `false` to disable
+closeComment: false
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@ -19,8 +19,6 @@ jobs:
    name: Pre-build checks
    runs-on: ubuntu-latest
    timeout-minutes: 15
-    env:
-      CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
    steps:
      - name: Checkout repo
        uses: actions/checkout@v2
@ -33,17 +31,21 @@ jobs:
      - name: Install helm
        uses: azure/setup-helm@v1.1

-      - name: Fetch dependencies from cache
-        id: cache-yarn
-        uses: actions/cache@v2
-        with:
-          path: "**/node_modules"
-          key: yarn-build-${{ hashFiles('**/yarn.lock') }}
-          restore-keys: |
-            yarn-build-
+      # NOTE@jsjoeio
+      # disabling this until we can audit the build process
+      # and the usefulness of this step
+      # See: https://github.com/coder/code-server/issues/4287
+      # - name: Fetch dependencies from cache
+      #   id: cache-yarn
+      #   uses: actions/cache@v2
+      #   with:
+      #     path: "**/node_modules"
+      #     key: yarn-build-${{ hashFiles('**/yarn.lock') }}
+      #     restore-keys: |
+      #       yarn-build-

      - name: Install dependencies
-        if: steps.cache-yarn.outputs.cache-hit != 'true'
+        # if: steps.cache-yarn.outputs.cache-hit != 'true'
        run: yarn --frozen-lockfile

      - name: Run yarn fmt
@ -54,19 +56,11 @@ jobs:
        run: yarn lint
        if: success()

-      - name: Run code-server unit tests
-        run: yarn test:unit
-        if: success()
-
-      - name: Upload coverage report to Codecov
-        run: yarn coverage
-        if: success()
-
  audit-ci:
    name: Run audit-ci
    needs: prebuild
    runs-on: ubuntu-latest
-    timeout-minutes: 5
+    timeout-minutes: 15
    steps:
      - name: Checkout repo
        uses: actions/checkout@v2
@ -98,6 +92,8 @@ jobs:
    needs: prebuild
    runs-on: ubuntu-latest
    timeout-minutes: 30
+    env:
+      CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
    steps:
      - uses: actions/checkout@v2
        with:
@ -108,48 +104,63 @@ jobs:
        with:
          node-version: "14"

-      - name: Fetch dependencies from cache
-        id: cache-yarn
-        uses: actions/cache@v2
-        with:
-          path: "**/node_modules"
-          key: yarn-build-${{ hashFiles('**/yarn.lock') }}
-          restore-keys: |
-            yarn-build-
+      # TODO@Teffen investigate why this omits code-oss-dev/node_modules
+      # - name: Fetch dependencies from cache
+      #   id: cache-yarn
+      #   uses: actions/cache@v2
+      #   with:
+      #     path: |
+      #       "**/node_modules"
+      #       "**/vendor/modules"
+      #       "**/vendor/modules/code-oss-dev/node_modules"
+      #     key: yarn-build-${{ hashFiles('**/yarn.lock') }}-${{ hashFiles('**/vendor/yarn.lock') }}
+      #     restore-keys: |
+      #       yarn-build-

      - name: Install dependencies
-        if: steps.cache-yarn.outputs.cache-hit != 'true'
+        # if: steps.cache-yarn.outputs.cache-hit != 'true'
        run: yarn --frozen-lockfile

      - name: Build code-server
        run: yarn build

-      # Parse the hash of the latest commit inside lib/vscode
+      # Parse the hash of the latest commit inside vendor/modules/code-oss-dev
      # use this to avoid rebuilding it if nothing changed
      # How it works: the `git log` command fetches the hash of the last commit
-      # that changed a file inside `lib/vscode`. If a commit changes any file in there,
+      # that changed a file inside `vendor/modules/code-oss-dev`. If a commit changes any file in there,
      # the hash returned will change, and we rebuild vscode. If the hash did not change,
      # (for example, a change to `src/` or `docs/`), we reuse the same build as last time.
      # This saves a lot of time in CI, as compiling VSCode can take anywhere from 5-10 minutes.
-      - name: Get latest lib/vscode rev
+      - name: Get latest vendor/modules/code-oss-dev rev
        id: vscode-rev
-        run: echo "::set-output name=rev::$(git log -1 --format='%H' ./lib/vscode)"
+        run: echo "::set-output name=rev::$(jq -r '.devDependencies["code-oss-dev"]' vendor/package.json | sed -r 's|.*#(.*)$|\1|')"

      - name: Attempt to fetch vscode build from cache
        id: cache-vscode
        uses: actions/cache@v2
        with:
          path: |
-            lib/vscode/.build
-            lib/vscode/out-build
-            lib/vscode/out-vscode
-            lib/vscode/out-vscode-min
-          key: vscode-build-${{ steps.vscode-rev.outputs.rev }}
+            vendor/modules/code-oss-dev/.build
+            vendor/modules/code-oss-dev/out-build
+            vendor/modules/code-oss-dev/out-vscode-reh-web
+            vendor/modules/code-oss-dev/out-vscode-reh-web-min
+          key: vscode-reh-build-${{ steps.vscode-rev.outputs.rev }}

      - name: Build vscode
        if: steps.cache-vscode.outputs.cache-hit != 'true'
        run: yarn build:vscode

+      # Our code imports code from VS Code's `out` directory meaning VS Code
+      # must be built before running these tests.
+      # TODO: Move to its own step?
+      - name: Run code-server unit tests
+        run: yarn test:unit
+        if: success()
+
+      - name: Upload coverage report to Codecov
+        run: yarn coverage
+        if: success()
+
      # The release package does not contain any native modules
      # and is neutral to architecture/os/libc version.
      - name: Create release package
@ -166,6 +177,33 @@ jobs:
          name: npm-package
          path: ./package.tar.gz

+  npm:
+    # the npm-package gets uploaded as an artifact in Build
+    # so we need that to complete before this runs
+    needs: build
+    # This environment "npm" requires someone from
+    # coder/code-server-reviewers to approve the PR before this job runs.
+    environment: npm
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+
+      - uses: actions/download-artifact@v2
+        id: download
+        with:
+          name: "npm-package"
+          path: release-npm-package
+
+      - name: Run ./ci/steps/publish-npm.sh
+        run: yarn publish:npm
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+          # NOTE@jsjoeio
+          # NPM_ENVIRONMENT intentionally not set here.
+          # Instead, itis determined in publish-npm.sh script
+          # using GITHUB environment variables
+
  # TODO: cache building yarn --production
  # possibly 2m30s of savings(?)
  # this requires refactoring our release scripts
@ -234,23 +272,36 @@ jobs:
  # It is not feasible to cross-compile with CentOS.

  # Cross-compile notes: To compile native dependencies for arm64,
-  # we install the aarch64 cross toolchain and then set it as the default
+  # we install the aarch64/armv7l cross toolchain and then set it as the default
  # compiler/linker/etc. with the AR/CC/CXX/LINK environment variables.
  # qemu-user-static on ubuntu-16.04 currently doesn't run Node correctly,
-  # so we just build with "native"/x86_64 node, then download arm64 node
-  # and then put it in our release. We can't smoke test the arm64 build this way,
+  # so we just build with "native"/x86_64 node, then download arm64/armv7l node
+  # and then put it in our release. We can't smoke test the cross build this way,
  # but this means we don't need to maintain a self-hosted runner!
-  package-linux-arm64:
-    name: Linux ARM64 cross-compile build
+
+  # NOTE@jsjoeio:
+  # We used to use 16.04 until GitHub deprecated it on September 20, 2021
+  # See here: https://github.com/actions/virtual-environments/pull/3862/files
+  package-linux-cross:
+    name: Linux cross-compile builds
    needs: build
-    runs-on: ubuntu-16.04
+    runs-on: ubuntu-18.04
    timeout-minutes: 15
+    strategy:
+      matrix:
+        include:
+          - prefix: aarch64-linux-gnu
+            arch: arm64
+          - prefix: arm-linux-gnueabihf
+            arch: armv7l
+
    env:
-      AR: aarch64-linux-gnu-ar
-      CC: aarch64-linux-gnu-gcc
-      CXX: aarch64-linux-gnu-g++
-      LINK: aarch64-linux-gnu-g++
-      NPM_CONFIG_ARCH: arm64
+      AR: ${{ format('{0}-ar', matrix.prefix) }}
+      CC: ${{ format('{0}-gcc', matrix.prefix) }}
+      CXX: ${{ format('{0}-g++', matrix.prefix) }}
+      LINK: ${{ format('{0}-g++', matrix.prefix) }}
+      NPM_CONFIG_ARCH: ${{ matrix.arch }}
+      NODE_VERSION: v14.17.4

    steps:
      - uses: actions/checkout@v2
@ -266,7 +317,9 @@ jobs:
          echo "$HOME/.local/bin" >> $GITHUB_PATH

      - name: Install cross-compiler
-        run: sudo apt install g++-aarch64-linux-gnu
+        run: sudo apt update && sudo apt install $PACKAGE
+        env:
+          PACKAGE: ${{ format('g++-{0}', matrix.prefix) }}

      - name: Download npm package
        uses: actions/download-artifact@v2
@ -279,14 +332,14 @@ jobs:
      - name: Build standalone release
        run: yarn release:standalone

-      - name: Replace node with arm64 equivalent
+      - name: Replace node with cross-compile equivalent
        run: |
-          wget https://nodejs.org/dist/v14.17.0/node-v14.17.0-linux-arm64.tar.xz
-          tar -xf node-v14.17.0-linux-arm64.tar.xz node-v14.17.0-linux-arm64/bin/node --strip-components=2
+          wget https://nodejs.org/dist/${NODE_VERSION}/node-${NODE_VERSION}-linux-${NPM_CONFIG_ARCH}.tar.xz
+          tar -xf node-${NODE_VERSION}-linux-${NPM_CONFIG_ARCH}.tar.xz node-${NODE_VERSION}-linux-${NPM_CONFIG_ARCH}/bin/node --strip-components=2
          mv ./node ./release-standalone/lib/node

      - name: Build packages with nfpm
-        run: yarn package arm64
+        run: yarn package ${NPM_CONFIG_ARCH}

      - name: Upload release artifacts
        uses: actions/upload-artifact@v2
@ -352,9 +405,6 @@ jobs:
        with:
          node-version: "14"

-      - name: Install playwright
-        uses: microsoft/playwright-github-action@v1
-
      - name: Fetch dependencies from cache
        id: cache-yarn
        uses: actions/cache@v2
@ -380,14 +430,10 @@ jobs:
        if: steps.cache-yarn.outputs.cache-hit != 'true'
        run: yarn --frozen-lockfile

-      # HACK: this shouldn't need to exist, but put it here anyway
-      # in an attempt to solve Playwright cache failures.
-      - name: Reinstall playwright
-        if: steps.cache-yarn.outputs.cache-hit == 'true'
+      - name: Install Playwright OS dependencies
        run: |
-          cd test/
-          rm -r node_modules/playwright
-          yarn install --check-files
+          ./test/node_modules/.bin/playwright install-deps
+          ./test/node_modules/.bin/playwright install

      - name: Run end-to-end tests
        run: yarn test:e2e
@ -402,73 +448,6 @@ jobs:
      - name: Remove release packages and test artifacts
        run: rm -rf ./release-packages ./test/test-results

-  # Builds both amd64 and arm64 images
-  docker-images:
-    runs-on: ubuntu-latest
-    needs: [package-linux-amd64, package-linux-arm64]
-    steps:
-      - uses: actions/checkout@v2
-
-      - name: Download release package
-        uses: actions/download-artifact@v2
-        with:
-          name: release-packages
-          path: ./release-packages
-
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v1
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
-
-      - name: Run ./ci/steps/build-docker-image.sh
-        run: ./ci/steps/build-docker-image.sh
-
-      - name: Upload release images
-        uses: actions/upload-artifact@v2
-        with:
-          name: release-images
-          path: ./release-images
-
-  trivy-scan-image:
-    runs-on: ubuntu-20.04
-    needs: docker-images
-    # NOTE@jsjoeio: disabling due to a memory issue upstream
-    # See: https://github.com/github/codeql-action/issues/528
-    if: 1 == 2
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v2
-
-      - name: Download release images
-        uses: actions/download-artifact@v2
-        with:
-          name: release-images
-          path: ./release-images
-
-      - name: Run Trivy vulnerability scanner in image mode
-        # Commit SHA for v0.0.17
-        uses: aquasecurity/trivy-action@ac8de07fd168680dd0331bef43681c0e150e9ad1
-        with:
-          input: "./release-images/code-server-amd64-*.tar"
-          scan-type: "image"
-          ignore-unfixed: true
-          format: "template"
-          template: "@/contrib/sarif.tpl"
-          output: "trivy-image-results.sarif"
-          severity: "HIGH,CRITICAL"
-
-      - name: Debug Trivy SARIF file
-        run: cat trivy-image-results.sarif && ls -l trivy-image-results.sarif
-
-      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v1
-        with:
-          sarif_file: "trivy-image-results.sarif"
-
-  # We have to use two trivy jobs
-  # because GitHub only allows
-  # codeql/upload-sarif action per job
  trivy-scan-repo:
    runs-on: ubuntu-20.04
    steps:
@ -476,7 +455,7 @@ jobs:
        uses: actions/checkout@v2
      - name: Run Trivy vulnerability scanner in repo mode
        #Commit SHA for v0.0.17
-        uses: aquasecurity/trivy-action@ac8de07fd168680dd0331bef43681c0e150e9ad1
+        uses: aquasecurity/trivy-action@a7a829a4345428ddd92ca57b18257440f6a18c90
        with:
          scan-type: "fs"
          scan-ref: "."
--- a/.github/workflows/docker.yaml
+++ b/.github/workflows/docker.yaml
@ -0,0 +1,34 @@
+name: Publish on Docker
+
+on:
+  # Shows the manual trigger in GitHub UI
+  # helpful as a back-up in case the GitHub Actions Workflow fails
+  workflow_dispatch:
+
+  release:
+    types:
+      - released
+
+jobs:
+  docker-images:
+    runs-on: ubuntu-20.04
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+
+      - name: Run ./ci/steps/docker-buildx-push.sh
+        run: ./ci/steps/docker-buildx-push.sh
+        env:
+          GITHUB_TOKEN: ${{ github.token }}
--- a/.github/workflows/docs-preview.yaml
+++ b/.github/workflows/docs-preview.yaml
@ -0,0 +1,95 @@
+name: Docs preview
+
+on:
+  pull_request:
+    branches:
+      - main
+
+permissions:
+  actions: none
+  checks: none
+  contents: read
+  deployments: none
+  issues: none
+  packages: none
+  pull-requests: write
+  repository-projects: none
+  security-events: none
+  statuses: none
+
+jobs:
+  preview:
+    name: Docs preview
+    runs-on: ubuntu-20.04
+    environment: CI
+    steps:
+      - name: Cancel Previous Runs
+        uses: styfle/cancel-workflow-action@0.9.1
+
+      - name: Checkout m
+        uses: actions/checkout@v2
+        with:
+          repository: coder/m
+          ref: refs/heads/master
+          ssh-key: ${{ secrets.READONLY_M_DEPLOY_KEY }}
+          submodules: true
+          fetch-depth: 0
+
+      - name: Install Node.js
+        uses: actions/setup-node@v2
+        with:
+          node-version: 14
+
+      - name: Cache Node Modules
+        uses: actions/cache@v2
+        with:
+          path: "/node_modules"
+          key: node-${{ hashFiles('yarn.lock') }}
+
+      - name: Create Deployment
+        id: deployment
+        run: ./ci/scripts/github_deployment.sh create
+        env:
+          GITHUB_TOKEN: ${{ github.token }}
+          DEPLOY_ENVIRONMENT: codercom-preview-docs
+
+      - name: Deploy Preview to Vercel
+        id: preview
+        run: ./ci/scripts/deploy_vercel.sh
+        env:
+          VERCEL_ORG_ID: team_tGkWfhEGGelkkqUUm9nXq17r
+          VERCEL_PROJECT_ID: QmZRucMRh3GFk1817ZgXjRVuw5fhTspHPHKct3JNQDEPGd
+          VERCEL_TOKEN: ${{ secrets.VERCEL_TOKEN }}
+          CODE_SERVER_DOCS_MAIN_BRANCH: ${{ github.event.pull_request.head.sha }}
+
+      - name: Install node_modules
+        run: yarn install
+
+      - name: Check docs
+        run: yarn ts-node ./product/coder.com/site/scripts/checkDocs.ts
+        env:
+          BASE_URL: ${{ steps.preview.outputs.url }}
+
+      - name: Update Deployment
+        # If we don't specify always, it won't run this check if failed.
+        # This means the deployment would be stuck pending.
+        if: always()
+        run: ./ci/scripts/github_deployment.sh update
+        env:
+          GITHUB_DEPLOYMENT: ${{ steps.deployment.outputs.id }}
+          GITHUB_TOKEN: ${{ github.token }}
+          DEPLOY_STATUS: ${{ steps.preview.outcome }}
+          DEPLOY_URL: ${{ steps.preview.outputs.url }}
+
+      - name: Comment Credentials
+        uses: marocchino/sticky-pull-request-comment@v2
+        if: always()
+        with:
+          header: codercom-preview-docs
+          message: |
+            ✨ Coder.com for PR #${{ github.event.number }} deployed! It will be updated on every commit.
+
+            * _Host_: ${{ steps.preview.outputs.url }}/docs/code-server
+            * _Last deploy status_: ${{ steps.preview.outcome }}
+            * _Commit_: ${{ github.event.pull_request.head.sha }}
+            * _Workflow status_: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
--- a/.github/workflows/installer.yml
+++ b/.github/workflows/installer.yml
@ -5,10 +5,12 @@ on:
    branches:
      - main
    paths:
-      - "installer.sh"
+      - "install.sh"
  pull_request:
    branches:
      - main
+    paths:
+      - "install.sh"

 jobs:
  ubuntu:
--- a/.github/workflows/npm-brew.yaml
+++ b/.github/workflows/npm-brew.yaml
@ -1,4 +1,4 @@
-name: publish
+name: Publish on npm and brew

 on:
  # Shows the manual trigger in GitHub UI
@ -6,7 +6,7 @@ on:
  workflow_dispatch:

  release:
-    types: [published]
+    types: [released]

 jobs:
  # NOTE: this job requires curl, jq and yarn
@ -16,25 +16,18 @@ jobs:
    steps:
      - uses: actions/checkout@v2

-      - name: Run ./ci/steps/publish-npm.sh
-        run: ./ci/steps/publish-npm.sh
+      - uses: actions/download-artifact@v2
+        id: download
+        with:
+          name: "npm-package"
+          path: release-npm-package
+
+      - name: Publish npm package and tag with "latest"
+        run: yarn publish:npm
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
-
-  # NOTE: this job requires curl, jq and docker
-  # All of them are included in ubuntu-latest.
-  docker:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-
-      - name: Run ./ci/steps/push-docker-manifest.sh
-        run: ./ci/steps/push-docker-manifest.sh
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
-          DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
+          NPM_ENVIRONMENT: "production"

  homebrew:
    # The newest version of code-server needs to be available on npm when this runs
--- a/.github/workflows/scripts.yml
+++ b/.github/workflows/scripts.yml
@ -5,10 +5,14 @@ on:
    branches:
      - main
    paths:
-      - "installer.sh"
+      - "**.sh"
+      - "**.bats"
  pull_request:
    branches:
      - main
+    paths:
+      - "**.sh"
+      - "**.bats"

 jobs:
  test:
--- a/.gitignore
+++ b/.gitignore
@ -8,7 +8,7 @@ release-packages/
 release-gcp/
 release-images/
 node_modules
-/lib/vscode/node_modules.asar
+vendor/modules
 node-*
 /plugins
 /lib/coder-cloud-agent
--- a/.nvmrc
+++ b/.nvmrc
@ -1 +0,0 @@
-.node-version
--- a/.prettierrc.yaml
+++ b/.prettierrc.yaml
@ -2,3 +2,16 @@ printWidth: 120
 semi: false
 trailingComma: all
 arrowParens: always
+singleQuote: false
+useTabs: false
+
+overrides:
+  # Attempt to keep VScode's existing code style intact.
+  - files: "vendor/modules/code-oss-dev/**/*.ts"
+    options:
+      # No limit defined upstream.
+      printWidth: 10000
+      semi: true
+      singleQuote: true
+      useTabs: true
+      arrowParens: avoid
--- a/.tours/contributing.tour
+++ b/.tours/contributing.tour
@ -50,7 +50,7 @@
    {
      "file": "src/node/heart.ts",
      "line": 7,
-      "description": "code-server's heart beats to indicate recent activity.\n\nAlso documented here: [https://github.com/cdr/code-server/blob/master/docs/FAQ.md#heartbeat-file](https://github.com/cdr/code-server/blob/master/docs/FAQ.md#heartbeat-file)"
+      "description": "code-server's heart beats to indicate recent activity.\n\nAlso documented here: [https://github.com/coder/code-server/blob/master/docs/FAQ.md#heartbeat-file](https://github.com/coder/code-server/blob/master/docs/FAQ.md#heartbeat-file)"
    },
    {
      "file": "src/node/socket.ts",
@ -80,12 +80,12 @@
    {
      "file": "src/node/routes/domainProxy.ts",
      "line": 18,
-      "description": "code-server provides a built-in proxy to help in developing web-based applications. This is the code for the domain-based proxy.\n\nAlso documented here: [https://github.com/cdr/code-server/blob/master/docs/FAQ.md#how-do-i-securely-access-web-services](https://github.com/cdr/code-server/blob/master/docs/FAQ.md#how-do-i-securely-access-web-services)"
+      "description": "code-server provides a built-in proxy to help in developing web-based applications. This is the code for the domain-based proxy.\n\nAlso documented here: [https://github.com/coder/code-server/blob/master/docs/FAQ.md#how-do-i-securely-access-web-services](https://github.com/coder/code-server/blob/master/docs/FAQ.md#how-do-i-securely-access-web-services)"
    },
    {
      "file": "src/node/routes/pathProxy.ts",
      "line": 19,
-      "description": "Here is the path-based version of the proxy.\n\nAlso documented here: [https://github.com/cdr/code-server/blob/master/docs/FAQ.md#how-do-i-securely-access-web-services](https://github.com/cdr/code-server/blob/master/docs/FAQ.md#how-do-i-securely-access-web-services)"
+      "description": "Here is the path-based version of the proxy.\n\nAlso documented here: [https://github.com/coder/code-server/blob/master/docs/FAQ.md#how-do-i-securely-access-web-services](https://github.com/coder/code-server/blob/master/docs/FAQ.md#how-do-i-securely-access-web-services)"
    },
    {
      "file": "src/node/proxy.ts",
@ -95,7 +95,7 @@
    {
      "file": "src/node/routes/health.ts",
      "line": 5,
-      "description": "A simple endpoint that lets you see if code-server is up.\n\nAlso documented here: [https://github.com/cdr/code-server/blob/master/docs/FAQ.md#healthz-endpoint](https://github.com/cdr/code-server/blob/master/docs/FAQ.md#healthz-endpoint)"
+      "description": "A simple endpoint that lets you see if code-server is up.\n\nAlso documented here: [https://github.com/coder/code-server/blob/master/docs/FAQ.md#healthz-endpoint](https://github.com/coder/code-server/blob/master/docs/FAQ.md#healthz-endpoint)"
    },
    {
      "file": "src/node/routes/login.ts",
@ -143,9 +143,9 @@
      "description": "Static images and the manifest live here in `src/browser/media` (see the explorer)."
    },
    {
-      "directory": "lib/vscode",
+      "directory": "vendor/modules/code-oss-dev",
      "line": 1,
-      "description": "code-server makes use of VS Code's frontend web/remote support. Most of the modifications implement the remote server since that portion of the code is closed source and not released with VS Code.\n\nWe also have a few bug fixes and have added some features (like client-side extensions). See [https://github.com/cdr/code-server/blob/master/docs/CONTRIBUTING.md#modifications-to-vs-code](https://github.com/cdr/code-server/blob/master/docs/CONTRIBUTING.md#modifications-to-vs-code) for a list.\n\nWe make an effort to keep the modifications as few as possible."
+      "description": "code-server makes use of VS Code's frontend web/remote support. Most of the modifications implement the remote server since that portion of the code is closed source and not released with VS Code.\n\nWe also have a few bug fixes and have added some features (like client-side extensions). See [https://github.com/coder/code-server/blob/master/docs/CONTRIBUTING.md#modifications-to-vs-code](https://github.com/coder/code-server/blob/master/docs/CONTRIBUTING.md#modifications-to-vs-code) for a list.\n\nWe make an effort to keep the modifications as few as possible."
    }
  ]
-}
+}
--- a/.tours/start-development.tour
+++ b/.tours/start-development.tour
@ -20,7 +20,7 @@
    {
      "file": "src/node/app.ts",
      "line": 62,
-      "description": "## That's it!\n\n\nThat's all there is to it! When this tour ends, your terminal session may stop, but just use `yarn watch` to start developing from here on out!\n\n\nIf you haven't already, be sure to check out these resources:\n- [Tour: Contributing](command:codetour.startTourByTitle?[\"Contributing\")\n- [Docs: FAQ.md](https://github.com/cdr/code-server/blob/master/docs/FAQ.md)\n- [Docs: CONTRIBUTING.md](https://github.com/cdr/code-server/blob/master/docs/CONTRIBUTING.md)\n- [Community: GitHub Discussions](https://github.com/cdr/code-server/discussions)\n- [Community: Slack](https://community.coder.com)"
+      "description": "## That's it!\n\n\nThat's all there is to it! When this tour ends, your terminal session may stop, but just use `yarn watch` to start developing from here on out!\n\n\nIf you haven't already, be sure to check out these resources:\n- [Tour: Contributing](command:codetour.startTourByTitle?[\"Contributing\")\n- [Docs: FAQ.md](https://github.com/coder/code-server/blob/master/docs/FAQ.md)\n- [Docs: CONTRIBUTING.md](https://github.com/coder/code-server/blob/master/docs/CONTRIBUTING.md)\n- [Community: GitHub Discussions](https://github.com/coder/code-server/discussions)\n- [Community: Slack](https://community.coder.com)"
    }
  ]
 }
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,175 +1,161 @@
 # Changelog

-<!--
+All notable changes to this project will be documented in this file.

-This should be updated on every PR.
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

-We copy from here into the release notes.
+<!-- Example:

- -->
+## [9.99.999] - 9090-09-09

-<!--
-Add next version above previous version but below this line using the template
+VS Code v99.99.999

-## Next Version
-
-VS Code v0.00.0
-
-### New Features
-
- item
-
-### Bug Fixes
-
- fix(socket): did this thing #321 @githubuser
-
-### Documentation
-
- item
-
-### Development
-
- item
+### Changed
+### Added
+### Deprecated
+### Removed
+### Fixed
+### Security

 -->

-## Next Version
+## [Unreleased](https://github.com/coder/code-server/releases)

 VS Code v0.00.0

-### New Features
+### Changed

- item
+- Add here

-### Bug Fixes
+## [4.0.2](https://github.com/coder/code-server/releases/tag/v4.0.2) - 2022-01-27

- Fix logout when using a base path (#3608)
+VS Code v1.63.0

-### Documentation
+### Fixed

- docs: add Pomerium #3424 @desimone
- docs: fix confusing sentence in pull requests section #3460 @shiv-tyagi
- docs: remove toc from changelog @oxy @jsjoeio
- docs(MAINTAINING): add information about CHANGELOG #3467 @jsjoeio
- docs: move release process to MAINTAINING.md #3441 @oxy @Prashant168
- docs: format 'Caddy' from guide.md @PisecesPeng
+- Unset the `BROWSER` environment variable. This fixes applications that hard
+  exit when trying to spawn the helper script `BROWSER` points to because the
+  file is missing. While we do include the script now we are leaving the
+  variable omitted because the script does not work yet.

-### Development
+## [4.0.1](https://github.com/coder/code-server/releases/tag/v4.0.1) - 2022-01-04

- chore: cross-compile docker images with buildx #3166 @oxy
- chore: update node to v14 #3458 @oxy
- chore: update .gitignore #3557 @cuining
- fix: use sufficient computational effort for password hash #3422 @jsjoeio
- docs(CONTRIBUTING): add section on testing #3629 @jsjoeio
+VS Code v1.63.0

-### Development
+code-server has been rebased on upstream's newly open-sourced server
+implementation (#4414).

- fix(publish): update cdrci fork in brew-bump.sh #3468 @jsjoeio
- chore(dev): migrate away from parcel #3578 @jsjoeio
+### Changed

-## 3.10.2
+- Web socket compression has been made the default (when supported). This means
+  the `--enable` flag will no longer take `permessage-deflate` as an option.
+- The static endpoint can no longer reach outside code-server. However the
+  vscode-remote-resource endpoint still can.
+- OpenVSX has been made the default marketplace.
+- The last opened folder/workspace is no longer stored separately in the
+  settings file (we rely on the already-existing query object instead).
+- The marketplace override environment variables `SERVICE_URL` and `ITEM_URL`
+  have been replaced with a single `EXTENSIONS_GALLERY` variable that
+  corresponds to `extensionsGallery` in VS Code's `product.json`.
+
+### Added
+
+- `VSCODE_PROXY_URI` env var for use in the terminal and extensions.
+
+### Removed
+
+- Extra extension directories have been removed. The `--extra-extensions-dir`
+  and `--extra-builtin-extensions-dir` flags will no longer be accepted.
+- The `--install-source` flag has been removed.
+
+### Deprecated
+
+- `--link` is now deprecated (#4562).
+
+### Security
+
+- We fixed a XSS vulnerability by escaping HTML from messages in the error page (#4430).
+
+## [3.12.0](https://github.com/coder/code-server/releases/tag/v3.12.0) - 2021-09-15
+
+VS Code v1.60.0
+
+### Changed
+
+- Upgrade VS Code to 1.60.0.
+
+### Fixed
+
+- Fix logout when using a base path (#3608).
+
+## [3.11.1](https://github.com/coder/code-server/releases/tag/v3.11.1) - 2021-08-06
+
+Undocumented (see releases page).
+
+## [3.11.0](https://github.com/coder/code-server/releases/tag/v3.11.0) - 2021-06-14
+
+Undocumented (see releases page).
+
+## [3.10.2](https://github.com/coder/code-server/releases/tag/v3.10.2) - 2021-05-21

 VS Code v1.56.1

-### New Features
+### Added

- feat: support `extraInitContainers` in helm chart values #3393 @strowk
- feat: change `extraContainers` to support templating in helm chart #3393 @strowk
+- Support `extraInitContainers` in helm chart values (#3393).

-### Bug Fixes
+### Changed

- fix: use correct command to Open Folder on Welcome page #3437 @jsjoeio
+- Change `extraContainers` to support templating in helm chart (#3393).

-### Development
+### Fixed

- fix(ci): update brew-bump.sh to update remote first #3438 @jsjoeio
+- Fix "Open Folder" on welcome page (#3437).

-## 3.10.1
+## [3.10.1](https://github.com/coder/code-server/releases/tag/v3.10.1) - 2021-05-17

 VS Code v1.56.1

-### Bug Fixes
+### Fixed

- fix: Check the logged user instead of $USER #3330 @videlanicolas
- fix: Fix broken node_modules.asar symlink in npm package #3355 @code-asher
- fix: Update cloud agent to fix version issue #3342 @oxy
+- Check the logged user instead of $USER (#3330).
+- Fix broken node_modules.asar symlink in npm package (#3355).
+- Update cloud agent to fix version issue (#3342).

-### Documentation
+### Changed

- docs(install): add raspberry pi section #3376 @jsjoeio
- docs(maintaining): add pull requests section #3378 @jsjoeio
- docs(maintaining): add merge strategies section #3379 @jsjoeio
- refactor: move default PR template #3375 @jsjoeio
- docs(contributing): add commits section #3377 @jsjoeio
+- Use xdgBasedir.runtime instead of tmp (#3304).

-### Development
-
- chore: ignore updates to microsoft/playwright-github-action
- fix(socket): use xdgBasedir.runtime instead of tmp #3304 @jsjoeio
- fix(ci): re-enable trivy-scan-repo #3368 @jsjoeio
-
-## 3.10.0
+## [3.10.0](https://github.com/coder/code-server/releases/tag/v3.10.0) - 2021-05-10

 VS Code v1.56.0

-### New Features
+### Changed

- feat: minor connections refactor #3178 @code-asher
- feat(security): add code-scanning with CodeQL #3229 @jsjoeio
- feat(ci): add trivy job for security #3261 @jsjoeio
- feat(vscode): update to version 1.56.0 #3269 @oxy
- feat: use ptyHostService #3308 @code-asher
+- Update to VS Code 1.56.0 (#3269).
+- Minor connections refactor (#3178). Improves connection stability.
+- Use ptyHostService (#3308). This brings us closer to upstream VS Code.

-### Bug Fixes
+### Added

- fix(socket): did this thing #321 @githubuser
- fix(login): rate limiter shouldn't count successful logins #3141 @jsjoeio
- chore(lib/vscode): update netmask #3187 @oxy
- chore(deps): update dependencies with CVEs #3223 @oxy
- fix: refactor logout #3277 @code-asher
- fix: add flag for toggling permessage-deflate #3286 @code-asher
- fix: make sure directories exist #3309 @code-asher
+- Add flag for toggling permessage-deflate (#3286). The default is off so
+  compression will no longer be used by default. Use the --enable flag to
+  toggle it back on.

-### Documentation
+### Fixed

- docs(FAQ): add mention of sysbox #3087 @bpmct
- docs: add security policy #3148 @jsjoeio
- docs(guide.md): add `caddy` example for serving from sub-path #3217 @catthehacker
- docs: revamp debugging section #3224 @code-asher
- docs(readme): refactor to use codecov shield #3227 @jsjoeio
- docs(maintaining): use milestones over boards #3228 @jsjoeio
- docs(faq): add entry for accessing OSX folders #3247 @bpmct
- docs(termux): add workaround for Android backspace issue #3251 @jsjoeio
- docs(maintaining): add triage to workflow #3284 @jsjoeio
- docs(security): add section for tools #3287 @jsjoeio
- docs(maintaining): add versioning #3288 @jsjoeio
- docs: add changelog #3337 @jsjoeio
+- Make rate limiter not count against successful logins (#3141).
+- Refactor logout (#3277). This fixes logging out in some scenarios.
+- Make sure directories exist (#3309). This fixes some errors on startup.

-### Development
+### Security

- fix(update-vscode): add check/docs for git-subtree #3129 @oxy
- refactor(testing): migrate to playwright-test from jest-playwright #3133 @jsjoeio
- refactor(ci): remove unmaintained CI images and update release workflow #3147 @oxy
- chore(ci): migrate from hub to gh #3168 @oxy
- feat(testing): add e2e tests for code-server and terminal #3169 @jsjoeio
- chore(ranger): fix syntax for extension-request #3172 @oxy
- feat(testing): add codecov to generate test coverage reports #3194 @jsjoeio
- feat(testing): add tests for registerServiceWorker #3200 @jsjoeio
- refactor(testing): fix flaky terminal test #3230 @jsjoeio
- chore: ignore 15.x @types/node updates #3244 @jsjoeio
- chore(build): compile vscode+extensions in parallel #3250 @oxy
- fix(deps): remove eslint-plugin-jest-playwright #3260 @jsjoeio
- fix(testing): reduce flakiness of terminal.test.ts and use 1 worker for e2e tests #3263 @jsjoeio
- feat(testing): add isConnected check #3271 @jsjoeio
- feat(testing): add test for src/node/constants.ts #3290 @jsjoeio
- feat: test static route #3297 @code-asher
- refactor(ci): split audit from prebuild #3298 @oxy
- chore(lib/vscode): cleanup/update build deps #3314 @oxy
- fix(build): download correct cloud-agent for arch #3331 @oxy
- fix: xmldom and underscore #3332 @oxy
+- Update dependencies with CVEs (#3223).

 ## Previous versions

-This was added with `3.10.0`, which means any previous versions are not documented in the changelog.
+This was added with `3.10.0`, which means any previous versions are not
+documented in the changelog.

-To see those, please visit the [Releases page](https://github.com/cdr/code-server/releases).
+To see those, please visit the [Releases page](https://github.com/coder/code-server/releases).
--- a/ci/README.md
+++ b/ci/README.md
@ -78,8 +78,8 @@ You can disable minification by setting `MINIFY=`.

 This directory contains the release docker container image.

- [./ci/steps/build-docker-image.sh](./ci/steps/build-docker-image.sh)
-  - Builds the release containers with tags `codercom/code-server-$ARCH:$VERSION` for amd64 and arm64 with `docker buildx`.
+- [./ci/steps/build-docker-buildx-push.sh](./ci/steps/docker-buildx-push.sh)
+  - Builds the release containers with tags `codercom/code-server-$ARCH:$VERSION` for amd64 and arm64 with `docker buildx` and pushes them.
  - Assumes debian releases are ready in `./release-packages`.

 ## images
@ -107,8 +107,8 @@ Helps avoid clobbering the CI configuration.
    release packages into `./release-packages`.
 - [./steps/publish-npm.sh](./steps/publish-npm.sh)
  - Grabs the `npm-package` release artifact for the current commit and publishes it on npm.
- [./steps/build-docker-image.sh](./steps/build-docker-image.sh)
-  - Builds the docker image and then saves it into `./release-images/code-server-$ARCH-$VERSION.tar`.
+- [./steps/docker-buildx-push.sh](./steps/docker-buildx-push.sh)
+  - Builds the docker image and then pushes it.
 - [./steps/push-docker-manifest.sh](./steps/push-docker-manifest.sh)
  - Loads all images in `./release-images` and then builds and pushes a multi architecture
    docker manifest for the amd64 and arm64 images to `codercom/code-server:$VERSION` and
--- a/ci/build/build-code-server.sh
+++ b/ci/build/build-code-server.sh
@ -15,24 +15,21 @@ main() {
    chmod +x out/node/entry.js
  fi

+  # for arch; we do not use OS from lib.sh and get our own.
+  # lib.sh normalizes macos to darwin - but cloud-agent's binaries do not
+  source ./ci/lib.sh
+  OS="$(uname | tr '[:upper:]' '[:lower:]')"
+
  mkdir -p ./lib
+
  if ! [ -f ./lib/coder-cloud-agent ]; then
    echo "Downloading the cloud agent..."

-    # for arch; we do not use OS from lib.sh and get our own.
-    # lib.sh normalizes macos to darwin - but cloud-agent's binaries do not
-    source ./ci/lib.sh
-    OS="$(uname | tr '[:upper:]' '[:lower:]')"
-
    set +e
-    curl -fsSL "https://github.com/cdr/cloud-agent/releases/latest/download/cloud-agent-$OS-$ARCH" -o ./lib/coder-cloud-agent
+    curl -fsSL "https://github.com/coder/cloud-agent/releases/latest/download/cloud-agent-$OS-$ARCH" -o ./lib/coder-cloud-agent
    chmod +x ./lib/coder-cloud-agent
    set -e
  fi
-
-  yarn browserify out/browser/register.js -o out/browser/register.browserified.js
-  yarn browserify out/browser/pages/login.js -o out/browser/pages/login.browserified.js
-  yarn browserify out/browser/pages/vscode.js -o out/browser/pages/vscode.browserified.js
 }

 main "$@"
--- a/ci/build/build-lib.sh
+++ b/ci/build/build-lib.sh
@ -0,0 +1,28 @@
+#!/usr/bin/env bash
+
+# This is a library which contains functions used inside ci/build
+#
+# We separated it into it's own file so that we could easily unit test
+# these functions and helpers.
+
+# On some CPU architectures (notably node/uname "armv7l", default on Raspberry Pis),
+# different package managers have different labels for the same CPU (deb=armhf, rpm=armhfp).
+# This function returns the overriden arch on platforms
+# with alternate labels, or the same arch otherwise.
+get_nfpm_arch() {
+  local PKG_FORMAT="${1:-}"
+  local ARCH="${2:-}"
+
+  case "$ARCH" in
+    armv7l)
+      if [ "$PKG_FORMAT" = "deb" ]; then
+        echo armhf
+      elif [ "$PKG_FORMAT" = "rpm" ]; then
+        echo armhfp
+      fi
+      ;;
+    *)
+      echo "$ARCH"
+      ;;
+  esac
+}
--- a/ci/build/build-packages.sh
+++ b/ci/build/build-packages.sh
@ -7,6 +7,7 @@ set -euo pipefail
 main() {
  cd "$(dirname "${0}")/../.."
  source ./ci/lib.sh
+  source ./ci/build/build-lib.sh

  # Allow us to override architecture
  # we use this for our Linux ARM64 cross compile builds
@ -46,11 +47,22 @@ release_gcp() {
 # Generates deb and rpm packages.
 release_nfpm() {
  local nfpm_config
-  nfpm_config="$(envsubst < ./ci/build/nfpm.yaml)"

-  # The underscores are convention for .deb.
-  nfpm pkg -f <(echo "$nfpm_config") --target "release-packages/code-server_${VERSION}_$ARCH.deb"
-  nfpm pkg -f <(echo "$nfpm_config") --target "release-packages/code-server-$VERSION-$ARCH.rpm"
+  export NFPM_ARCH
+
+  PKG_FORMAT="deb"
+  NFPM_ARCH="$(get_nfpm_arch $PKG_FORMAT "$ARCH")"
+  nfpm_config="$(envsubst < ./ci/build/nfpm.yaml)"
+  echo "Building deb"
+  echo "$nfpm_config" | head --lines=4
+  nfpm pkg -f <(echo "$nfpm_config") --target "release-packages/code-server_${VERSION}_${NFPM_ARCH}.deb"
+
+  PKG_FORMAT="rpm"
+  NFPM_ARCH="$(get_nfpm_arch $PKG_FORMAT "$ARCH")"
+  nfpm_config="$(envsubst < ./ci/build/nfpm.yaml)"
+  echo "Building rpm"
+  echo "$nfpm_config" | head --lines=4
+  nfpm pkg -f <(echo "$nfpm_config") --target "release-packages/code-server-$VERSION-$NFPM_ARCH.rpm"
 }

 main "$@"
--- a/ci/build/build-release.sh
+++ b/ci/build/build-release.sh
@ -12,10 +12,11 @@ KEEP_MODULES="${KEEP_MODULES-0}"

 main() {
  cd "$(dirname "${0}")/../.."
+
  source ./ci/lib.sh

-  VSCODE_SRC_PATH="lib/vscode"
-  VSCODE_OUT_PATH="$RELEASE_PATH/lib/vscode"
+  VSCODE_SRC_PATH="vendor/modules/code-oss-dev"
+  VSCODE_OUT_PATH="$RELEASE_PATH/vendor/modules/code-oss-dev"

  mkdir -p "$RELEASE_PATH"

@ -24,7 +25,7 @@ main() {

  rsync ./docs/README.md "$RELEASE_PATH"
  rsync LICENSE.txt "$RELEASE_PATH"
-  rsync ./lib/vscode/ThirdPartyNotices.txt "$RELEASE_PATH"
+  rsync ./vendor/modules/code-oss-dev/ThirdPartyNotices.txt "$RELEASE_PATH"
 }

 bundle_code_server() {
@ -48,7 +49,7 @@ bundle_code_server() {
  {
    "commit": "$(git rev-parse HEAD)",
    "scripts": {
-      "postinstall": "./postinstall.sh"
+      "postinstall": "sh ./postinstall.sh"
    }
  }
 EOF
@ -66,7 +67,7 @@ EOF
 bundle_vscode() {
  mkdir -p "$VSCODE_OUT_PATH"
  rsync "$VSCODE_SRC_PATH/yarn.lock" "$VSCODE_OUT_PATH"
-  rsync "$VSCODE_SRC_PATH/out-vscode${MINIFY:+-min}/" "$VSCODE_OUT_PATH/out"
+  rsync "$VSCODE_SRC_PATH/out-vscode-reh-web${MINIFY:+-min}/" "$VSCODE_OUT_PATH/out"

  rsync "$VSCODE_SRC_PATH/.build/extensions/" "$VSCODE_OUT_PATH/extensions"
  if [ "$KEEP_MODULES" = 0 ]; then
@ -78,9 +79,15 @@ bundle_vscode() {
  rsync "$VSCODE_SRC_PATH/extensions/yarn.lock" "$VSCODE_OUT_PATH/extensions"
  rsync "$VSCODE_SRC_PATH/extensions/postinstall.js" "$VSCODE_OUT_PATH/extensions"

-  mkdir -p "$VSCODE_OUT_PATH/resources/"{linux,web}
-  rsync "$VSCODE_SRC_PATH/resources/linux/code.png" "$VSCODE_OUT_PATH/resources/linux/code.png"
-  rsync "$VSCODE_SRC_PATH/resources/web/callback.html" "$VSCODE_OUT_PATH/resources/web/callback.html"
+  mkdir -p "$VSCODE_OUT_PATH/resources/"
+  rsync "$VSCODE_SRC_PATH/resources/" "$VSCODE_OUT_PATH/resources/"
+
+  # TODO: We should look into using VS Code's packaging task (see
+  # gulpfile.reh.js).  For now copy this directory into the right spot (for some
+  # reason VS Code uses a different path in production).
+  mkdir -p "$VSCODE_OUT_PATH/bin/helpers"
+  rsync "$VSCODE_SRC_PATH/resources/server/bin/helpers/" "$VSCODE_OUT_PATH/bin/helpers"
+  chmod +x "$VSCODE_OUT_PATH/bin/helpers/browser.sh"

  # Add the commit and date and enable telemetry. This just makes telemetry
  # available; telemetry can still be disabled by flag or setting.
@ -88,8 +95,10 @@ bundle_vscode() {
    cat << EOF
  {
    "enableTelemetry": true,
-    "commit": "$(git rev-parse HEAD)",
-    "date": $(jq -n 'now | todate')
+    "commit": "$(cd "$VSCODE_SRC_PATH" && git rev-parse HEAD)",
+    "quality": "stable",
+    "date": $(jq -n 'now | todate'),
+    "codeServerVersion": "$VERSION"
  }
 EOF
  ) > "$VSCODE_OUT_PATH/product.json"
--- a/ci/build/build-standalone-release.sh
+++ b/ci/build/build-standalone-release.sh
@ -7,6 +7,7 @@ export npm_config_build_from_source=true

 main() {
  cd "$(dirname "${0}")/../.."
+
  source ./ci/lib.sh

  rsync "$RELEASE_PATH/" "$RELEASE_PATH-standalone"
@ -19,6 +20,7 @@ main() {
  node_path="$(yarn -s node <<< 'console.info(process.execPath)')"

  mkdir -p "$RELEASE_PATH/bin"
+  mkdir -p "$RELEASE_PATH/lib"
  rsync ./ci/build/code-server.sh "$RELEASE_PATH/bin/code-server"
  rsync "$node_path" "$RELEASE_PATH/lib/node"

@ -32,7 +34,7 @@ main() {
  # leaves a few stray symlinks. Clean them up so nfpm does not fail.
  # Remove this line when its no longer needed.

-  rm -fr "$RELEASE_PATH/lib/vscode/extensions/node_modules/.bin"
+  rm -fr "$RELEASE_PATH/vendor/modules/code-oss-dev/extensions/node_modules/.bin"
 }

 main "$@"
--- a/ci/build/build-vscode.sh
+++ b/ci/build/build-vscode.sh
@ -1,20 +1,18 @@
 #!/usr/bin/env bash
 set -euo pipefail

-# Builds vscode into lib/vscode/out-vscode.
+# Builds vscode into vendor/modules/code-oss-dev/out-vscode.

 # MINIFY controls whether a minified version of vscode is built.
 MINIFY=${MINIFY-true}

 main() {
  cd "$(dirname "${0}")/../.."
-  cd node_modules/code-oss-dev

-  yarn gulp compile-build compile-extensions-build
-  yarn gulp optimize --gulpfile ./coder.js
-  if [[ $MINIFY ]]; then
-    yarn gulp minify --gulpfile ./coder.js
-  fi
+  cd vendor/modules/code-oss-dev
+
+  # Any platform works since we have our own packaging step (for now).
+  yarn gulp "vscode-reh-web-linux-x64${MINIFY:+-min}"
 }

 main "$@"
--- a/ci/build/clean.sh
+++ b/ci/build/clean.sh
@ -6,10 +6,6 @@ main() {
  source ./ci/lib.sh

  git clean -Xffd
-
-  # pushd lib/vscode
-  # git clean -xffd
-  # popd
 }

 main "$@"
--- a/ci/build/code-server.sh
+++ b/ci/build/code-server.sh
@ -5,7 +5,7 @@ set -eu
 # Runs code-server with the bundled node binary.

 _realpath() {
-  # See https://github.com/cdr/code-server/issues/1537 on why no realpath or readlink -f.
+  # See https://github.com/coder/code-server/issues/1537 on why no realpath or readlink -f.

  script="$1"
  cd "$(dirname "$script")"
@ -16,7 +16,7 @@ _realpath() {
      && cat package.json | grep -q '^  "name": "code-server",$'; then
      echo "***** Please use the script in bin/code-server instead!" >&2
      echo "***** This script will soon be removed!" >&2
-      echo "***** See the release notes at https://github.com/cdr/code-server/releases/tag/v3.4.0" >&2
+      echo "***** See the release notes at https://github.com/coder/code-server/releases/tag/v3.4.0" >&2
    fi

    script="$(readlink "$(basename "$script")")"
--- a/ci/build/nfpm.yaml
+++ b/ci/build/nfpm.yaml
@ -1,5 +1,5 @@
 name: "code-server"
-arch: "${ARCH}"
+arch: "${NFPM_ARCH}"
 platform: "linux"
 version: "v${VERSION}"
 section: "devel"
@ -8,7 +8,7 @@ maintainer: "Anmol Sethi <hi@nhooyr.io>"
 description: |
  Run VS Code in the browser.
 vendor: "Coder"
-homepage: "https://github.com/cdr/code-server"
+homepage: "https://github.com/coder/code-server"
 license: "MIT"

 contents:
--- a/ci/build/npm-postinstall.sh
+++ b/ci/build/npm-postinstall.sh
@ -57,7 +57,10 @@ main() {
  esac

  OS="$(uname | tr '[:upper:]' '[:lower:]')"
-  if curl -fsSL "https://github.com/cdr/cloud-agent/releases/latest/download/cloud-agent-$OS-$ARCH" -o ./lib/coder-cloud-agent; then
+
+  mkdir -p ./lib
+
+  if curl -fsSL "https://github.com/coder/cloud-agent/releases/latest/download/cloud-agent-$OS-$ARCH" -o ./lib/coder-cloud-agent; then
    chmod +x ./lib/coder-cloud-agent
  else
    echo "Failed to download cloud agent; --link will not work"
@ -65,7 +68,7 @@ main() {

  if ! vscode_yarn; then
    echo "You may not have the required dependencies to build the native modules."
-    echo "Please see https://github.com/cdr/code-server/blob/master/docs/npm.md"
+    echo "Please see https://github.com/coder/code-server/blob/master/docs/npm.md"
    exit 1
  fi

@ -87,13 +90,15 @@ symlink_asar() {
 }

 vscode_yarn() {
-  cd lib/vscode
+  echo 'Installing vendor dependencies...'
+  cd vendor/modules/code-oss-dev
  yarn --production --frozen-lockfile

  symlink_asar

  cd extensions
  yarn --production --frozen-lockfile
+
  for ext in */; do
    ext="${ext%/}"
    echo "extensions/$ext: installing dependencies"
--- a/ci/build/release-github-assets.sh
+++ b/ci/build/release-github-assets.sh
@ -13,7 +13,7 @@ main() {
  download_artifact release-packages ./release-packages
  local assets=(./release-packages/code-server*"$VERSION"*{.tar.gz,.deb,.rpm})

-  EDITOR=true gh release upload "v$VERSION" "${assets[@]}"
+  EDITOR=true gh release upload "v$VERSION" "${assets[@]}" --clobber
 }

 main "$@"
--- a/ci/build/release-prep.sh
+++ b/ci/build/release-prep.sh
@ -83,14 +83,14 @@ main() {
  echo -e "Great! We'll prep a PR for updating to $CODE_SERVER_VERSION_TO_UPDATE\n"
  $CMD rg -g '!yarn.lock' -g '!*.svg' -g '!CHANGELOG.md' --files-with-matches --fixed-strings "${CODE_SERVER_CURRENT_VERSION}" | $CMD xargs sd "$CODE_SERVER_CURRENT_VERSION" "$CODE_SERVER_VERSION_TO_UPDATE"

-  $CMD git commit -am "chore(release): bump version to $CODE_SERVER_VERSION_TO_UPDATE"
+  $CMD git commit --no-verify -am "chore(release): bump version to $CODE_SERVER_VERSION_TO_UPDATE"

  # This runs from the root so that's why we use this path vs. ../../
  RELEASE_TEMPLATE_STRING=$(cat ./.github/PULL_REQUEST_TEMPLATE/release_template.md)

  echo -e "\nOpening a draft PR on GitHub"
  # To read about these flags, visit the docs: https://cli.github.com/manual/gh_pr_create
-  $CMD gh pr create --base main --title "release: $CODE_SERVER_VERSION_TO_UPDATE" --body "$RELEASE_TEMPLATE_STRING" --reviewer @cdr/code-server-reviewers --repo cdr/code-server --draft --assignee "@me"
+  $CMD gh pr create --base main --title "release: $CODE_SERVER_VERSION_TO_UPDATE" --body "$RELEASE_TEMPLATE_STRING" --reviewer @coder/code-server-reviewers --repo coder/code-server --draft --assignee "@me"

  # Open PR in browser
  $CMD gh pr view --web
--- a/ci/dev/fmt.sh
+++ b/ci/dev/fmt.sh
@ -19,7 +19,7 @@ main() {
    "*.sh"
  )
  prettier --write --loglevel=warn $(
-    git ls-files "${prettierExts[@]}" | grep -v 'helm-chart'
+    git ls-files "${prettierExts[@]}" | grep -v "lib/vscode" | grep -v "vendor/modules/code-oss-dev" | grep -v 'helm-chart'
  )

  doctoc --title '# FAQ' docs/FAQ.md > /dev/null
@ -32,6 +32,7 @@ main() {
  doctoc --title '# iPad' docs/ipad.md > /dev/null
  doctoc --title '# Termux' docs/termux.md > /dev/null

+  # TODO: replace with a method that generates fewer false positives.
  if [[ ${CI-} && $(git ls-files --other --modified --exclude-standard) ]]; then
    echo "Files need generation or are formatted incorrectly:"
    git -c color.ui=always status | grep --color=no '\[31m'
--- a/ci/dev/lint.sh
+++ b/ci/dev/lint.sh
@ -4,17 +4,14 @@ set -euo pipefail
 main() {
  cd "$(dirname "$0")/../.."

-  eslint --max-warnings=0 --fix $(git ls-files "*.ts" "*.tsx" "*.js")
-  stylelint $(git ls-files "*.css")
+  eslint --max-warnings=0 --fix $(git ls-files "*.ts" "*.tsx" "*.js" | grep -v "vendor/modules/code-oss-dev" | grep -v "lib/vscode")
+  stylelint $(git ls-files "*.css" | grep -v "vendor/modules/code-oss-dev" | grep -v "lib/vscode")
  tsc --noEmit --skipLibCheck
-  shellcheck -e SC2046,SC2164,SC2154,SC1091,SC1090,SC2002 $(git ls-files "*.sh")
+  shellcheck -e SC2046,SC2164,SC2154,SC1091,SC1090,SC2002 $(git ls-files "*.sh" | grep -v "vendor/modules/code-oss-dev" | grep -v "lib/vscode")
  if command -v helm && helm kubeval --help > /dev/null; then
    helm kubeval ci/helm-chart
  fi

-  cd lib/vscode
-  # Run this periodically in vanilla VS code to make sure we don't add any more warnings.
-  yarn -s eslint --max-warnings=3
  cd "$OLDPWD"
 }

--- a/ci/dev/postinstall.sh
+++ b/ci/dev/postinstall.sh
@ -5,15 +5,46 @@ main() {
  cd "$(dirname "$0")/../.."
  source ./ci/lib.sh

-  # This installs the dependencies needed for testing
-  cd test
-  yarn
-  cd ..
+  pushd test
+  echo "Installing dependencies for $PWD"
+  yarn install
+  popd

-  # cd lib/vscode
-  # yarn ${CI+--frozen-lockfile}
+  local args=(install)
+  if [[ ${CI-} ]]; then
+    args+=(--frozen-lockfile)
+  fi

-  # symlink_asar
+  pushd test
+  echo "Installing dependencies for $PWD"
+  yarn "${args[@]}"
+  popd
+
+  pushd test/e2e/extensions/test-extension
+  echo "Installing dependencies for $PWD"
+  yarn "${args[@]}"
+  popd
+
+  pushd vendor
+  echo "Installing dependencies for $PWD"
+
+  # We install in 'modules' instead of 'node_modules' because VS Code's
+  # extensions use a webpack config which cannot differentiate between its own
+  # node_modules and itself being in a directory with the same name.
+  args+=(--modules-folder modules)
+
+  # We ignore scripts because NPM/Yarn's default behavior is to assume that
+  # devDependencies are not needed, and that even git repo based packages are
+  # assumed to be compiled. Because the default behavior for VS Code's
+  # `postinstall` assumes we're also compiled, this needs to be ignored.
+  args+=(--ignore-scripts)
+
+  yarn "${args[@]}"
+
+  # Finally, run the vendor `postinstall`
+  yarn run postinstall
+
+  popd
 }

 main "$@"
--- a/ci/dev/test-e2e.sh
+++ b/ci/dev/test-e2e.sh
@ -1,10 +1,23 @@
 #!/usr/bin/env bash
 set -euo pipefail

+help() {
+  echo >&2 "  You can build with 'yarn watch' or you can build a release"
+  echo >&2 "  For example: 'yarn build && yarn build:vscode && KEEP_MODULES=1 yarn release'"
+  echo >&2 "  Then 'CODE_SERVER_TEST_ENTRY=./release yarn test:e2e'"
+  echo >&2 "  You can manually run that release with 'node ./release'"
+}
+
 main() {
  cd "$(dirname "$0")/../.."
+
  source ./ci/lib.sh

+  pushd test/e2e/extensions/test-extension
+  echo "Building test extension"
+  yarn build
+  popd
+
  local dir="$PWD"
  if [[ ! ${CODE_SERVER_TEST_ENTRY-} ]]; then
    echo "Set CODE_SERVER_TEST_ENTRY to test another build of code-server"
@ -20,13 +33,13 @@ main() {
  # wrong (native modules version issues, incomplete build, etc).
  if [[ ! -d $dir/out ]]; then
    echo >&2 "No code-server build detected"
-    echo >&2 "You can build it with 'yarn build' or 'yarn watch'"
+    help
    exit 1
  fi

-  if [[ ! -d $dir/lib/vscode/out ]]; then
+  if [[ ! -d $dir/vendor/modules/code-oss-dev/out ]]; then
    echo >&2 "No VS Code build detected"
-    echo >&2 "You can build it with 'yarn build:vscode' or 'yarn watch'"
+    help
    exit 1
  fi

--- a/ci/dev/test-unit.sh
+++ b/ci/dev/test-unit.sh
@ -3,12 +3,27 @@ set -euo pipefail

 main() {
  cd "$(dirname "$0")/../.."
-  cd test/unit/test-plugin
+
+  source ./ci/lib.sh
+
+  echo "Building test plugin"
+  pushd test/unit/node/test-plugin
  make -s out/index.js
+  popd
+
+  # Our code imports from `out` in order to work during development but if you
+  # have only built for production you will have not have this directory.  In
+  # that case symlink `out` to a production build directory.
+  local vscode="vendor/modules/code-oss-dev"
+  local link="$vscode/out"
+  local target="out-build"
+  if [[ ! -e $link ]] && [[ -d $vscode/$target ]]; then
+    ln -s "$target" "$link"
+  fi
+
  # We must keep jest in a sub-directory. See ../../test/package.json for more
  # information. We must also run it from the root otherwise coverage will not
  # include our source files.
-  cd "$OLDPWD"
  CS_DISABLE_PLUGINS=true ./test/node_modules/.bin/jest "$@"
 }

--- a/ci/dev/update-vscode.sh
+++ b/ci/dev/update-vscode.sh
@ -1,133 +0,0 @@
-#!/usr/bin/env bash
-# Description: This is a script to make the process of updating vscode versions easier
-# Run it with `yarn update:vscode` and it will do the following:
-# 1. Check that you have a remote called `vscode`
-# 2. Ask you which version you want to upgrade to
-# 3. Grab the exact version from the package.json i.e. 1.53.2
-# 4. Fetch the vscode remote branches to run the subtree update
-# 5. Run the subtree update and pull in the vscode update
-# 6. Commit the changes (including merge conflicts)
-# 7. Open a draft PR
-
-set -euo pipefail
-
-# This function expects two arguments
-# 1. the vscode version we're updating to
-# 2. the list of merge conflict files
-make_pr_body() {
-  local BODY="This PR updates vscode to $1
-
-## TODOS
-
- [ ] test editor locally
- [ ] test terminal locally
- [ ] make notes about any significant changes in docs/CONTRIBUTING.md#notes-about-changes
-
-## Files with conflicts (fix these)
-$2"
-  echo "$BODY"
-}
-
-main() {
-  cd "$(dirname "$0")/../.."
-
-  # Check if the remote exists
-  # if it doesn't, we add it
-  if ! git config remote.vscode.url > /dev/null; then
-    echo "Could not find 'vscode' as a remote"
-    echo "Adding with: git remote add vscode https://github.com/microsoft/vscode.git"
-    git remote add vscode https://github.com/microsoft/vscode.git
-  fi
-
-  # Ask which version we should update to
-  # In the future, we'll automate this and grab the latest version automatically
-  read -r -p "What version of VSCode would you like to update to? (i.e. 1.52) " VSCODE_VERSION_TO_UPDATE
-
-  # Check that this version exists
-  if [[ -z $(git ls-remote --heads vscode release/"$VSCODE_VERSION_TO_UPDATE") ]]; then
-    echo "Oops, that doesn't look like a valid version."
-    echo "You entered: $VSCODE_VERSION_TO_UPDATE"
-    echo "Verify that this branches exists here: https://github.com/microsoft/vscode/branches/all?query=release%2F$VSCODE_VERSION_TO_UPDATE"
-    exit 1
-  fi
-
-  # Check that they have jq installed
-  if ! command -v jq &> /dev/null; then
-    echo "jq could not be found."
-    echo "We use this when looking up the exact version to update to in the package.json in VS Code."
-    echo -e "See docs here: https://stedolan.github.io/jq/download/"
-    exit 1
-  fi
-
-  # Note: `git subtree` returns 129 when installed, and prints help;
-  # but when uninstalled, returns 1.
-  set +e
-  git subtree &> /dev/null
-  if [ $? -ne 129 ]; then
-    echo "git-subtree could not be found."
-    echo "We use this to fetch and update the lib/vscode subtree."
-    echo -e "Please install git subtree."
-    exit 1
-  fi
-  set -e
-
-  # Grab the exact version from package.json
-  VSCODE_EXACT_VERSION=$(curl -s "https://raw.githubusercontent.com/microsoft/vscode/release/$VSCODE_VERSION_TO_UPDATE/package.json" | jq -r ".version")
-
-  echo -e "Great! We'll prep a PR for updating to $VSCODE_EXACT_VERSION\n"
-
-  # For some reason the subtree update doesn't work
-  # unless we fetch all the branches
-  echo -e "Fetching vscode branches..."
-  echo -e "Note: this might take a while"
-  git fetch vscode
-
-  # Check if GitHub CLI is installed
-  if ! command -v gh &> /dev/null; then
-    echo "GitHub CLI could not be found."
-    echo "If you install it before you run this script next time, we'll open a draft PR for you!"
-    echo -e "See docs here: https://github.com/cli/cli#installation\n"
-    exit
-  fi
-
-  # Push branch to remote if not already pushed
-  # If we don't do this, the opening a draft PR step won't work
-  # because it will stop and ask where you want to push the branch
-  CURRENT_BRANCH=$(git branch | grep '\*' | cut -d' ' -f2-)
-  if [[ -z $(git config "branch.${CURRENT_BRANCH}.remote") ]]; then
-    echo "Doesn't look like you've pushed this branch to remote"
-    echo -e "Pushing now using: git push origin $CURRENT_BRANCH\n"
-    # Note: we need to set upstream as well or the gh pr create step will fail
-    # See: https://github.com/cli/cli/issues/575
-    echo "Please set the upstream and re-run the script"
-    exit 1
-  fi
-
-  echo "Going to try to update vscode for you..."
-  echo -e "Running: git subtree pull --prefix lib/vscode vscode release/${VSCODE_VERSION_TO_UPDATE} --squash\n"
-  # Try to run subtree update command
-  # Note: we add `|| true` because we want the script to keep running even if the squash fails
-  # We know the squash fails everytime because there will always be merge conflicts
-  git subtree pull --prefix lib/vscode vscode release/"${VSCODE_VERSION_TO_UPDATE}" --squash || true
-
-  # Get the files with conflicts before we commit them
-  # so we can list them in the PR body as todo items
-  CONFLICTS=$(git diff --name-only --diff-filter=U | while read -r line; do echo "- [ ] $line"; done)
-  PR_BODY=$(make_pr_body "$VSCODE_EXACT_VERSION" "$CONFLICTS")
-
-  echo -e "\nForcing a commit with conflicts"
-  echo "Note: this is intentional"
-  echo "If we don't do this, code review is impossible."
-  echo -e "For more info, see docs: docs/CONTRIBUTING.md#updating-vs-code\n"
-  # We need --no-verify to skip the husky pre-commit hook
-  # which fails because of the merge conflicts
-  git add . && git commit -am "chore(vscode): update to $VSCODE_EXACT_VERSION" --no-verify
-
-  # Note: we can't open a draft PR unless their are changes.
-  # Hence why we do this after the subtree update.
-  echo "Opening a draft PR on GitHub"
-  # To read about these flags, visit the docs: https://cli.github.com/manual/gh_pr_create
-  gh pr create --base main --title "feat(vscode): update to version $VSCODE_EXACT_VERSION" --body "$PR_BODY" --reviewer @cdr/code-server-reviewers --repo cdr/code-server --draft
-}
-
-main "$@"
--- a/ci/dev/watch.ts
+++ b/ci/dev/watch.ts
@ -1,157 +1,140 @@
-import browserify from "browserify"
-import * as cp from "child_process"
-import * as fs from "fs"
+import { spawn, fork, ChildProcess } from "child_process"
 import * as path from "path"
-import { onLine } from "../../src/node/util"
+import { onLine, OnLineCallback } from "../../src/node/util"
+
+interface DevelopmentCompilers {
+  [key: string]: ChildProcess | undefined
+  vscode: ChildProcess
+  vscodeWebExtensions: ChildProcess
+  codeServer: ChildProcess
+  plugins: ChildProcess | undefined
+}
+
+class Watcher {
+  private rootPath = path.resolve(process.cwd())
+  private readonly paths = {
+    /** Path to uncompiled VS Code source. */
+    vscodeDir: path.join(this.rootPath, "vendor", "modules", "code-oss-dev"),
+    pluginDir: process.env.PLUGIN_DIR,
+  }
+
+  //#region Web Server
+
+  /** Development web server. */
+  private webServer: ChildProcess | undefined
+
+  private reloadWebServer = (): void => {
+    if (this.webServer) {
+      this.webServer.kill()
+    }
+
+    // Pass CLI args, save for `node` and the initial script name.
+    const args = process.argv.slice(2)
+    this.webServer = fork(path.join(this.rootPath, "out/node/entry.js"), args)
+    const { pid } = this.webServer
+
+    this.webServer.on("exit", () => console.log("[Code Server]", `Web process ${pid} exited`))
+
+    console.log("\n[Code Server]", `Spawned web server process ${pid}`)
+  }
+
+  //#endregion
+
+  //#region Compilers
+
+  private readonly compilers: DevelopmentCompilers = {
+    codeServer: spawn("tsc", ["--watch", "--pretty", "--preserveWatchOutput"], { cwd: this.rootPath }),
+    vscode: spawn("yarn", ["watch"], { cwd: this.paths.vscodeDir }),
+    vscodeWebExtensions: spawn("yarn", ["watch-web"], { cwd: this.paths.vscodeDir }),
+    plugins: this.paths.pluginDir ? spawn("yarn", ["build", "--watch"], { cwd: this.paths.pluginDir }) : undefined,
+  }
+
+  public async initialize(): Promise<void> {
+    for (const event of ["SIGINT", "SIGTERM"]) {
+      process.on(event, () => this.dispose(0))
+    }
+
+    for (const [processName, devProcess] of Object.entries(this.compilers)) {
+      if (!devProcess) continue
+
+      devProcess.on("exit", (code) => {
+        console.log(`[${processName}]`, "Terminated unexpectedly")
+        this.dispose(code)
+      })
+
+      if (devProcess.stderr) {
+        devProcess.stderr.on("data", (d: string | Uint8Array) => process.stderr.write(d))
+      }
+    }
+
+    onLine(this.compilers.vscode, this.parseVSCodeLine)
+    onLine(this.compilers.codeServer, this.parseCodeServerLine)
+
+    if (this.compilers.plugins) {
+      onLine(this.compilers.plugins, this.parsePluginLine)
+    }
+  }
+
+  //#endregion
+
+  //#region Line Parsers
+
+  private parseVSCodeLine: OnLineCallback = (strippedLine, originalLine) => {
+    if (!strippedLine.length) return
+
+    console.log("[VS Code]", originalLine)
+
+    if (strippedLine.includes("Finished compilation with")) {
+      console.log("[VS Code] ✨ Finished compiling! ✨", "(Refresh your web browser ♻️)")
+      this.reloadWebServer()
+    }
+  }
+
+  private parseCodeServerLine: OnLineCallback = (strippedLine, originalLine) => {
+    if (!strippedLine.length) return
+
+    console.log("[Compiler][Code Server]", originalLine)
+
+    if (strippedLine.includes("Watching for file changes")) {
+      console.log("[Compiler][Code Server]", "Finished compiling!", "(Refresh your web browser ♻️)")
+      this.reloadWebServer()
+    }
+  }
+
+  private parsePluginLine: OnLineCallback = (strippedLine, originalLine) => {
+    if (!strippedLine.length) return
+
+    console.log("[Compiler][Plugin]", originalLine)
+
+    if (strippedLine.includes("Watching for file changes...")) {
+      this.reloadWebServer()
+    }
+  }
+
+  //#endregion
+
+  //#region Utilities
+
+  private dispose(code: number | null): void {
+    for (const [processName, devProcess] of Object.entries(this.compilers)) {
+      console.log(`[${processName}]`, "Killing...\n")
+      devProcess?.removeAllListeners()
+      devProcess?.kill()
+    }
+    process.exit(typeof code === "number" ? code : 0)
+  }
+
+  //#endregion
+}

 async function main(): Promise<void> {
  try {
    const watcher = new Watcher()
-    await watcher.watch()
-  } catch (error) {
+    await watcher.initialize()
+  } catch (error: any) {
    console.error(error.message)
    process.exit(1)
  }
 }

-class Watcher {
-  private readonly rootPath = path.resolve(__dirname, "../..")
-  private readonly vscodeSourcePath = path.join(this.rootPath, "node_modules/code-oss-dev")
-
-  private static log(message: string, skipNewline = false): void {
-    process.stdout.write(message)
-    if (!skipNewline) {
-      process.stdout.write("\n")
-    }
-  }
-
-  public async watch(): Promise<void> {
-    let server: cp.ChildProcess | undefined
-    const restartServer = (): void => {
-      if (server) {
-        server.kill()
-      }
-      const s = cp.fork(path.join(this.rootPath, "out/node/entry.js"), process.argv.slice(2))
-      console.log(`[server] spawned process ${s.pid}`)
-      s.on("exit", () => console.log(`[server] process ${s.pid} exited`))
-      server = s
-    }
-
-    const vscode = cp.spawn("yarn", ["watch"], { cwd: this.vscodeSourcePath })
-    const tsc = cp.spawn("tsc", ["--watch", "--pretty", "--preserveWatchOutput"], { cwd: this.rootPath })
-    const plugin = process.env.PLUGIN_DIR
-      ? cp.spawn("yarn", ["build", "--watch"], { cwd: process.env.PLUGIN_DIR })
-      : undefined
-
-    const cleanup = (code?: number | null): void => {
-      Watcher.log("killing vs code watcher")
-      vscode.removeAllListeners()
-      vscode.kill()
-
-      Watcher.log("killing tsc")
-      tsc.removeAllListeners()
-      tsc.kill()
-
-      if (plugin) {
-        Watcher.log("killing plugin")
-        plugin.removeAllListeners()
-        plugin.kill()
-      }
-
-      if (server) {
-        Watcher.log("killing server")
-        server.removeAllListeners()
-        server.kill()
-      }
-
-      Watcher.log("killing watch")
-      process.exit(code || 0)
-    }
-
-    process.on("SIGINT", () => cleanup())
-    process.on("SIGTERM", () => cleanup())
-
-    vscode.on("exit", (code) => {
-      Watcher.log("vs code watcher terminated unexpectedly")
-      cleanup(code)
-    })
-    tsc.on("exit", (code) => {
-      Watcher.log("tsc terminated unexpectedly")
-      cleanup(code)
-    })
-    if (plugin) {
-      plugin.on("exit", (code) => {
-        Watcher.log("plugin terminated unexpectedly")
-        cleanup(code)
-      })
-    }
-
-    vscode.stderr.on("data", (d) => process.stderr.write(d))
-    tsc.stderr.on("data", (d) => process.stderr.write(d))
-    if (plugin) {
-      plugin.stderr.on("data", (d) => process.stderr.write(d))
-    }
-
-    const browserFiles = [
-      path.join(this.rootPath, "out/browser/register.js"),
-      path.join(this.rootPath, "out/browser/pages/login.js"),
-      path.join(this.rootPath, "out/browser/pages/vscode.js"),
-    ]
-
-    let startingVscode = false
-    let startedVscode = false
-    onLine(vscode, (line, original) => {
-      console.log("[vscode]", original)
-      // Wait for watch-client since "Finished compilation" will appear multiple
-      // times before the client starts building.
-      if (!startingVscode && line.includes("Starting watch-client")) {
-        startingVscode = true
-      } else if (startingVscode && line.includes("Finished compilation")) {
-        if (startedVscode) {
-          restartServer()
-        }
-        startedVscode = true
-      }
-    })
-
-    onLine(tsc, (line, original) => {
-      // tsc outputs blank lines; skip them.
-      if (line !== "") {
-        console.log("[tsc]", original)
-      }
-      if (line.includes("Watching for file changes")) {
-        bundleBrowserCode(browserFiles)
-        restartServer()
-      }
-    })
-
-    if (plugin) {
-      onLine(plugin, (line, original) => {
-        // tsc outputs blank lines; skip them.
-        if (line !== "") {
-          console.log("[plugin]", original)
-        }
-        if (line.includes("Watching for file changes")) {
-          restartServer()
-        }
-      })
-    }
-  }
-}
-
-function bundleBrowserCode(inputFiles: string[]) {
-  console.log(`[browser] bundling...`)
-  inputFiles.forEach(async (path: string) => {
-    const outputPath = path.replace(".js", ".browserified.js")
-    browserify()
-      .add(path)
-      .bundle()
-      .on("error", function (error: Error) {
-        console.error(error.toString())
-      })
-      .pipe(fs.createWriteStream(outputPath))
-  })
-  console.log(`[browser] done bundling`)
-}
-
 main()
--- a/ci/helm-chart/Chart.yaml
+++ b/ci/helm-chart/Chart.yaml
@ -1,6 +1,6 @@
 apiVersion: v2
 name: code-server
-description: A Helm chart for cdr/code-server
+description: A Helm chart for coder/code-server

 # A chart can be either an 'application' or a 'library' chart.
 #
@ -15,9 +15,9 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 1.0.3
+version: 2.1.0

 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
-appVersion: 3.11.0
+appVersion: 4.0.2
--- a/ci/helm-chart/README.md
+++ b/ci/helm-chart/README.md
@ -1,162 +0,0 @@
-# code-server
-
-![Version: 1.0.0](https://img.shields.io/badge/Version-1.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 3.11.0](https://img.shields.io/badge/AppVersion-3.11.0-informational?style=flat-square)
-
-[code-server](https://github.com/cdr/code-server) code-server is VS Code running
-on a remote server, accessible through the browser.
-
-This chart is community maintained by [@Matthew-Beckett](https://github.com/Matthew-Beckett) and [@alexgorbatchev](https://github.com/alexgorbatchev)
-
-## TL;DR;
-
-```console
-$ git clone https://github.com/cdr/code-server
-$ cd code-server
-$ helm upgrade --install code-server ci/helm-chart
-```
-
-## Introduction
-
-This chart bootstraps a code-server deployment on a
-[Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh)
-package manager.
-
-## Prerequisites
-
-  - Kubernetes 1.6+
-
-## Installing the Chart
-
-To install the chart with the release name `code-server`:
-
-```console
-$ git clone https://github.com/cdr/code-server
-$ cd code-server
-$ helm upgrade --install code-server ci/helm-chart
-```
-
-The command deploys code-server on the Kubernetes cluster in the default
-configuration. The [configuration](#configuration) section lists the parameters
-that can be configured during installation.
-
-> **Tip**: List all releases using `helm list`
-
-## Uninstalling the Chart
-
-To uninstall/delete the `code-server` deployment:
-
-```console
-$ helm delete code-server
-```
-
-The command removes all the Kubernetes components associated with the chart and
-deletes the release.
-
-## Configuration
-
-The following table lists the configurable parameters of the code-server chart
-and their default values.
-
-## Values
-
-| Key | Type | Default | Description |
-|-----|------|---------|-------------|
-| affinity | object | `{}` |  |
-| extraArgs | list | `[]` |  |
-| extraConfigmapMounts | list | `[]` |  |
-| extraContainers | string | `""` |  |
-| extraInitContainers | string | `""` |  |
-| extraSecretMounts | list | `[]` |  |
-| extraVars | list | `[]` |  |
-| extraVolumeMounts | list | `[]` |  |
-| fullnameOverride | string | `""` |  |
-| hostnameOverride | string | `""` |  |
-| image.pullPolicy | string | `"Always"` |  |
-| image.repository | string | `"codercom/code-server"` |  |
-| image.tag | string | `"3.11.0"` |  |
-| imagePullSecrets | list | `[]` |  |
-| ingress.enabled | bool | `false` |  |
-| nameOverride | string | `""` |  |
-| nodeSelector | object | `{}` |  |
-| persistence.accessMode | string | `"ReadWriteOnce"` |  |
-| persistence.annotations | object | `{}` |  |
-| persistence.enabled | bool | `true` |  |
-| persistence.size | string | `"1Gi"` |  |
-| podAnnotations | object | `{}` |  |
-| podSecurityContext | object | `{}` |  |
-| replicaCount | int | `1` |  |
-| resources | object | `{}` |  |
-| securityContext.enabled | bool | `true` |  |
-| securityContext.fsGroup | int | `1000` |  |
-| securityContext.runAsUser | int | `1000` |  |
-| service.port | int | `8443` |  |
-| service.type | string | `"ClusterIP"` |  |
-| serviceAccount.create | bool | `true` |  |
-| serviceAccount.name | string | `nil` |  |
-| tolerations | list | `[]` |  |
-| volumePermissions.enabled | bool | `true` |  |
-| volumePermissions.securityContext.runAsUser | int | `0` |  |
-
-Specify each parameter using the `--set key=value[,key=value]` argument to `helm
-install`. For example,
-
-```console
-$ helm upgrade --install code-server \
-    ci/helm-chart \
-    --set persistence.enabled=false
-```
-
-The above command sets the the persistence storage to false.
-
-Alternatively, a YAML file that specifies the values for the above parameters
-can be provided while installing the chart. For example,
-
-```console
-$ helm upgrade --install code-server ci/helm-chart -f values.yaml
-```
-
-> **Tip**: You can use the default [values.yaml](values.yaml)
-
-# Extra Containers
-
-There are two parameters which allow to add more containers to pod.
-Use `extraContainers` to add regular containers 
-and `extraInitContainers` to add init containers. You can read more
-about init containers in [k8s documentation](https://kubernetes.io/docs/concepts/workloads/pods/init-containers/).
-
-Both parameters accept strings and use them as a templates
-
-Example of using `extraInitContainers`:
-
-``` yaml
-extraInitContainers: |
-  - name: customization
-    image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
-    imagePullPolicy: IfNotPresent
-    env:
-      - name: SERVICE_URL
-        value: https://open-vsx.org/vscode/gallery
-      - name: ITEM_URL
-        value: https://open-vsx.org/vscode/item
-    command:
-      - sh
-      - -c
-      - |
-        code-server --install-extension ms-python.python
-        code-server --install-extension golang.Go
-    volumeMounts:
-      - name: data
-        mountPath: /home/coder
-
-```
-
-With this yaml in file `init.yaml`, you can execute 
-
-```console
-$ helm upgrade --install code-server \
-    ci/helm-chart \
-    --values init.yaml
-```
-
-to deploy code-server with python and golang extensions preinstalled
-before main container have started. 
--- a/ci/helm-chart/templates/NOTES.txt
+++ b/ci/helm-chart/templates/NOTES.txt
@ -15,9 +15,8 @@
  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "code-server.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
  echo http://$SERVICE_IP:{{ .Values.service.port }}
 {{- else if contains "ClusterIP" .Values.service.type }}
-  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "code-server.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
  echo "Visit http://127.0.0.1:8080 to use your application"
-  kubectl port-forward $POD_NAME 8080:80
+  kubectl port-forward --namespace {{ .Release.Namespace }} service/{{ include "code-server.fullname" . }} 8080:http
 {{- end }}

 Administrator credentials:
--- a/ci/helm-chart/templates/deployment.yaml
+++ b/ci/helm-chart/templates/deployment.yaml
@ -21,6 +21,7 @@ spec:
        app.kubernetes.io/name: {{ include "code-server.name" . }}
        app.kubernetes.io/instance: {{ .Release.Name }}
    spec:
+      imagePullSecrets: {{- toYaml .Values.imagePullSecrets | nindent 8 }}
      {{- if .Values.hostnameOverride }}
      hostname: {{ .Values.hostnameOverride }}
      {{- end }}
@ -142,6 +143,12 @@ spec:
          secretName: {{ .secretName }}
          defaultMode: {{ .defaultMode }}
      {{- end }}
+      {{- range .Values.extraConfigmapMounts }}
+      - name: {{ .name }}
+        configMap:
+          name: {{ .configMap }}
+          defaultMode: {{ .defaultMode }}
+      {{- end }}
      {{- range .Values.extraVolumeMounts }}
      - name: {{ .name }}
        {{- if .existingClaim }}
--- a/ci/helm-chart/templates/ingress.yaml
+++ b/ci/helm-chart/templates/ingress.yaml
@ -1,7 +1,9 @@
 {{- if .Values.ingress.enabled -}}
 {{- $fullName := include "code-server.fullname" . -}}
 {{- $svcPort := .Values.service.port -}}
-{{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+{{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion -}}
+apiVersion: networking.k8s.io/v1
+{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
 apiVersion: networking.k8s.io/v1beta1
 {{- else -}}
 apiVersion: extensions/v1beta1
@ -16,6 +18,9 @@ metadata:
    {{- toYaml . | nindent 4 }}
  {{- end }}
 spec:
+  {{- if .Values.ingress.ingressClassName }}
+  ingressClassName: {{ .Values.ingress.ingressClassName }}
+  {{- end }}
  {{- if .Values.ingress.tls }}
  tls:
    {{- range .Values.ingress.tls }}
@ -27,6 +32,22 @@ spec:
    {{- end }}
  {{- end }}
  rules:
+  {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion -}}
+    {{- range .Values.ingress.hosts }}
+    - host: {{ .host | quote }}
+      http:
+        paths:
+          {{- range .paths }}
+          - path: {{ . }}
+            pathType: Prefix
+            backend:
+              service:
+                name: {{ $fullName }}
+                port: 
+                  number: {{ $svcPort }}
+          {{- end }}
+    {{- end }}
+  {{- else -}}
    {{- range .Values.ingress.hosts }}
    - host: {{ .host | quote }}
      http:
@ -39,3 +60,4 @@ spec:
          {{- end }}
    {{- end }}
  {{- end }}
+{{- end }}
--- a/ci/helm-chart/values.yaml
+++ b/ci/helm-chart/values.yaml
@ -6,10 +6,15 @@ replicaCount: 1

 image:
  repository: codercom/code-server
-  tag: '3.11.0'
+  tag: '4.0.2'
  pullPolicy: Always

+# Specifies one or more secrets to be used when pulling images from a
+# private container repository
+# https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry
 imagePullSecrets: []
+#  - name: registry-creds
+
 nameOverride: ""
 fullnameOverride: ""
 hostnameOverride: ""
@ -28,14 +33,6 @@ podAnnotations: {}
 podSecurityContext: {}
  # fsGroup: 2000

-securityContext: {}
-  # capabilities:
-  #   drop:
-  #   - ALL
-  # readOnlyRootFilesystem: true
-  # runAsNonRoot: true
-  # runAsUser: 1000
-
 service:
  type: ClusterIP
  port: 8080
@ -43,13 +40,12 @@ service:
 ingress:
  enabled: false
  #annotations:
-  #  kubernetes.io/ingress.class: nginx
  #  kubernetes.io/tls-acme: "true"
  #hosts:
  #  - host: code-server.example.loc
  #    paths:
  #      - /
-
+  ingressClassName: ""
  #tls:
  #  - secretName: code-server
  #    hosts:
@ -57,8 +53,18 @@ ingress:

 # Optional additional arguments
 extraArgs: []
-#  - --allow-http
-#  - --no-auth
+  # These are the arguments normally passed to code-server; run
+  # code-server --help for a list of available options.
+  #
+  # Each argument and parameter must have its own entry; if you use
+  # --param value on the command line, then enter it here as:
+  #
+  # - --param
+  # - value
+  #
+  # If you receive an error like "Unknown option --param value", it may be
+  # because both the parameter and value are specified as a single argument,
+  # rather than two separate arguments (e.g. "- --param value" on a line).

 # Optional additional environment variables
 extraVars: []
@ -117,10 +123,6 @@ persistence:
  # existingClaim: ""
  # hostPath: /data

-serviceAccount:
-  create: true
-  name:
-
 ## Enable an Specify container in extraContainers.
 ## This is meant to allow adding code-server dependencies, like docker-dind.
 extraContainers: |
--- a/ci/lib.sh
+++ b/ci/lib.sh
@ -14,7 +14,7 @@ pkg_json_version() {
 }

 vscode_version() {
-  jq -r .version node_modules/code-oss-dev/package.json
+  jq -r .version vendor/modules/code-oss-dev/package.json
 }

 os() {
@ -57,8 +57,8 @@ arch() {
 # https://developer.github.com/v3/actions/workflow-runs/#list-workflow-runs
 get_artifacts_url() {
  local artifacts_url
-  local workflow_runs_url="repos/:owner/:repo/actions/workflows/ci.yaml/runs?event=pull_request"
  local version_branch="v$VERSION"
+  local workflow_runs_url="repos/:owner/:repo/actions/workflows/ci.yaml/runs?event=pull_request&branch=$version_branch"
  artifacts_url=$(gh api "$workflow_runs_url" | jq -r ".workflow_runs[] | select(.head_branch == \"$version_branch\") | .artifacts_url" | head -n 1)
  if [[ -z "$artifacts_url" ]]; then
    echo >&2 "ERROR: artifacts_url came back empty"
--- a/ci/release-image/Dockerfile
+++ b/ci/release-image/Dockerfile
@ -1,4 +1,4 @@
-FROM debian:10
+FROM debian:11

 RUN apt-get update \
 && apt-get install -y \
@ -10,11 +10,13 @@ RUN apt-get update \
    man \
    nano \
    git \
+    git-lfs \
    procps \
    openssh-client \
    sudo \
    vim.tiny \
    lsb-release \
+  && git lfs install \
  && rm -rf /var/lib/apt/lists/*

 # https://wiki.debian.org/Locale#Manually
--- a/ci/release-image/docker-bake.hcl
+++ b/ci/release-image/docker-bake.hcl
@ -7,19 +7,14 @@ variable "VERSION" {
 }

 group "default" {
-    targets = ["code-server-amd64", "code-server-arm64"]
+    targets = ["code-server"]
 }

-target "code-server-amd64" {
+target "code-server" {
    dockerfile = "ci/release-image/Dockerfile"
-    tags = ["docker.io/codercom/code-server-amd64:${VERSION}"]
-    platforms = ["linux/amd64"]
-    output = ["type=tar,dest=./release-images/code-server-amd64-${VERSION}.tar"]
-}
-
-target "code-server-arm64" {
-    dockerfile = "ci/release-image/Dockerfile"
-    tags = ["docker.io/codercom/code-server-arm64:${VERSION}"]
-    platforms = ["linux/arm64"]
-    output = ["type=tar,dest=./release-images/code-server-arm64-${VERSION}.tar"]
+    tags = [
+        "docker.io/codercom/code-server:latest",
+        notequal("latest",VERSION) ? "docker.io/codercom/code-server:${VERSION}" : "",
+    ]
+    platforms = ["linux/amd64", "linux/arm64"]
 }
--- a/ci/release-image/entrypoint.sh
+++ b/ci/release-image/entrypoint.sh
@ -18,4 +18,4 @@ if [ "${DOCKER_USER-}" ]; then
  fi
 fi

-dumb-init /usr/bin/code-server "$@"
+exec dumb-init /usr/bin/code-server "$@"
--- a/ci/steps/brew-bump.sh
+++ b/ci/steps/brew-bump.sh
@ -5,35 +5,88 @@ main() {
  cd "$(dirname "$0")/../.."
  # Only sourcing this so we get access to $VERSION
  source ./ci/lib.sh
+  source ./ci/steps/steps-lib.sh

-  # NOTE: we need to make sure cdrci/homebrew-core
+  echo "Checking environment variables"
+
+  # We need VERSION to bump the brew formula
+  if ! is_env_var_set "VERSION"; then
+    echo "VERSION is not set"
+    exit 1
+  fi
+
+  # We need HOMEBREW_GITHUB_API_TOKEN to push up commits
+  if ! is_env_var_set "HOMEBREW_GITHUB_API_TOKEN"; then
+    echo "HOMEBREW_GITHUB_API_TOKEN is not set"
+    exit 1
+  fi
+
+  # NOTE: we need to make sure coderci/homebrew-core
  # is up-to-date
  # otherwise, brew bump-formula-pr will use an
  # outdated base
-  echo "Cloning cdrci/homebrew-core"
-  git clone https://github.com/cdrci/homebrew-core.git
+  echo "Cloning coderci/homebrew-core"
+  git clone https://github.com/coderci/homebrew-core.git
+
+  # Make sure the git clone step is successful
+  if directory_exists "homebrew-core"; then
+    echo "git clone failed. Cannot find homebrew-core directory."
+    ls -la
+    exit 1
+  fi

  echo "Changing into homebrew-core directory"
-  cd homebrew-core && pwd
+  pushd homebrew-core && pwd

-  echo "Adding Homebrew/homebrew-core as $(upstream)"
+  echo "Adding Homebrew/homebrew-core"
  git remote add upstream https://github.com/Homebrew/homebrew-core.git

+  # Make sure the git remote step is successful
+  if ! git config remote.upstream.url > /dev/null; then
+    echo "git remote add upstream failed."
+    echo "Could not find upstream in list of remotes."
+    git remote -v
+    exit 1
+  fi
+
+  # TODO@jsjoeio - can I somehow check that this succeeded?
  echo "Fetching upstream Homebrew/hombrew-core commits"
  git fetch upstream

+  # TODO@jsjoeio - can I somehow check that this succeeded?
  echo "Merging in latest Homebrew/homebrew-core changes"
  git merge upstream/master

-  echo "Pushing changes to cdrci/homebrew-core fork on GitHub"
-  # Source: https://serverfault.com/a/912788
-  # shellcheck disable=SC2016,SC2028
-  echo '#!/bin/sh\nexec echo "$HOMEBREW_GITHUB_API_TOKEN"' > "$HOME"/.git-askpass.sh
-  # Ensure it's executable since we just created it
-  chmod +x "$HOME/.git-askpass.sh"
+  echo "Pushing changes to coderci/homebrew-core fork on GitHub"
+
  # GIT_ASKPASS lets us use the password when pushing without revealing it in the process list
  # See: https://serverfault.com/a/912788
-  GIT_ASKPASS="$HOME/.git-askpass.sh" git push https://cdr-oss@github.com/cdr-oss/homebrew-core.git --all
+  PATH_TO_GIT_ASKPASS="$HOME/git-askpass.sh"
+  # Source: https://serverfault.com/a/912788
+  # shellcheck disable=SC2016,SC2028
+  echo 'echo $HOMEBREW_GITHUB_API_TOKEN' > "$PATH_TO_ASKPASS"
+
+  # Make sure the git-askpass.sh file creation is successful
+  if file_exists "$PATH_TO_GIT_ASKPASS"; then
+    echo "git-askpass.sh not found in $HOME."
+    ls -la "$HOME"
+    exit 1
+  fi
+
+  # Ensure it's executable since we just created it
+  chmod +x "$PATH_TO_GIT_ASKPASS"
+
+  # Make sure the git-askpass.sh file is executable
+  if is_executable "$PATH_TO_GIT_ASKPASS"; then
+    echo "$PATH_TO_GIT_ASKPASS is not executable."
+    ls -la "$PATH_TO_GIT_ASKPASS"
+    exit 1
+  fi
+
+  # Export the variables so git sees them
+  export HOMEBREW_GITHUB_API_TOKEN="$HOMEBREW_GITHUB_API_TOKEN"
+  export GIT_ASKPASS="$PATH_TO_ASKPASS"
+  git push https://coder-oss@github.com/coder-oss/homebrew-core.git --all

  # Find the docs for bump-formula-pr here
  # https://github.com/Homebrew/brew/blob/master/Library/Homebrew/dev-cmd/bump-formula-pr.rb#L18
@ -48,8 +101,14 @@ main() {
  fi

  # Clean up and remove homebrew-core
-  cd ..
+  popd
  rm -rf homebrew-core
+
+  # Make sure homebrew-core is removed
+  if directory_exists "homebrew-core"; then
+    echo "rm -rf homebrew-core failed."
+    ls -la
+  fi
 }

 main "$@"
--- a/ci/steps/build-docker-image.sh
+++ b/ci/steps/build-docker-image.sh
@ -1,12 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-
-main() {
-  cd "$(dirname "$0")/../.."
-  source ./ci/lib.sh
-
-  mkdir -p release-images
-  docker buildx bake -f ci/release-image/docker-bake.hcl
-}
-
-main "$@"
--- a/ci/steps/docker-buildx-push.sh
+++ b/ci/steps/docker-buildx-push.sh
@ -0,0 +1,16 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+main() {
+  cd "$(dirname "$0")/../.."
+
+  # ci/lib.sh sets VERSION and provides download_artifact here
+  source ./ci/lib.sh
+
+  # Download the release-packages artifact
+  download_artifact release-packages ./release-packages
+
+  docker buildx bake -f ci/release-image/docker-bake.hcl --push
+}
+
+main "$@"
--- a/ci/steps/publish-npm.sh
+++ b/ci/steps/publish-npm.sh
@ -4,23 +4,144 @@ set -euo pipefail
 main() {
  cd "$(dirname "$0")/../.."
  source ./ci/lib.sh
+  source ./ci/steps/steps-lib.sh

-  # npm view won't exit with non-zero so we have to check the output.
-  local hasVersion
-  hasVersion=$(npm view "code-server@$VERSION" version)
-  if [[ $hasVersion == "$VERSION" ]]; then
-    echo "$VERSION is already published"
-    return
+  ## Authentication tokens
+  # Needed to publish on NPM
+  if ! is_env_var_set "NPM_TOKEN"; then
+    echo "NPM_TOKEN is not set. Cannot publish to npm without credentials."
+    exit 1
  fi

+  # NOTE@jsjoeio - only needed if we use the download_artifact
+  # because we talk to the GitHub API.
+  # Needed to use GitHub API
+  if ! is_env_var_set "GITHUB_TOKEN"; then
+    echo "GITHUB_TOKEN is not set. Cannot download npm release artifact without GitHub credentials."
+    exit 1
+  fi
+
+  ## Publishing Information
+  # All the variables below are used to determine how we should publish
+  # the npm package. We also use this information for bumping the version.
+  # This is because npm won't publish your package unless it's a new version.
+  # i.e. for development, we bump the version to <current version>-<pr number>-<commit sha>
+  # example: "version": "4.0.1-4769-ad7b23cfe6ffd72914e34781ef7721b129a23040"
+  # We need the current package.json VERSION
+  if ! is_env_var_set "VERSION"; then
+    echo "VERSION is not set. Cannot publish to npm without VERSION."
+    exit 1
+  fi
+
+  # We use this to grab the PR_NUMBER
+  if ! is_env_var_set "GITHUB_REF"; then
+    echo "GITHUB_REF is not set. Are you running this locally? We rely on values provided by GitHub."
+    exit 1
+  fi
+
+  # We use this when setting NPM_VERSION
+  if ! is_env_var_set "GITHUB_SHA"; then
+    echo "GITHUB_SHA is not set. Are you running this locally? We rely on values provided by GitHub."
+    exit 1
+  fi
+
+  # We use this to determine the NPM_ENVIRONMENT
+  if ! is_env_var_set "GITHUB_EVENT_NAME"; then
+    echo "GITHUB_EVENT_NAME is not set. Are you running this locally? We rely on values provided by GitHub."
+    exit 1
+  fi
+
+  # This allows us to publish to npm in CI workflows
  if [[ ${CI-} ]]; then
    echo "//registry.npmjs.org/:_authToken=${NPM_TOKEN}" > ~/.npmrc
  fi

-  download_artifact npm-package ./release-npm-package
+  ## Environment
+  # This string is used to determine how we should tag the npm release.
+  # Environment can be one of three choices:
+  # "development" - this means we tag with the PR number, allowing
+  # a developer to install this version with `yarn add code-server@<pr-number>`
+  # "staging" - this means we tag with `beta`, allowing
+  # a developer to install this version with `yarn add code-server@beta`
+  # "production" - this means we tag with `latest` (default), allowing
+  # a developer to install this version with `yarn add code-server@latest`
+  if ! is_env_var_set "NPM_ENVIRONMENT"; then
+    echo "NPM_ENVIRONMENT is not set. Determining in script based on GITHUB environment variables."
+
+    if [[ "$GITHUB_EVENT_NAME" == 'push' && "$GITHUB_REF" == 'refs/heads/main' ]]; then
+      NPM_ENVIRONMENT="staging"
+    else
+      NPM_ENVIRONMENT="development"
+    fi
+
+    echo "Using npm environment: $NPM_ENVIRONMENT"
+  fi
+
+  # NOTE@jsjoeio - this script assumes we have the artifact downloaded on disk
+  # That happens in CI as a step before we run this.
  # https://github.com/actions/upload-artifact/issues/38
  tar -xzf release-npm-package/package.tar.gz
-  yarn publish --non-interactive release
+
+  # Ignore symlink when publishing npm package
+  # See: https://github.com/coder/code-server/pull/3935
+  echo "node_modules.asar" > release/.npmignore
+
+  # NOTES:@jsjoeio
+  # We only need to run npm version for "development" and "staging".
+  # This is because our release:prep script automatically bumps the version
+  # in the package.json and we commit it as part of the release PR.
+  if [[ "$NPM_ENVIRONMENT" == "production" ]]; then
+    NPM_VERSION="$VERSION"
+    # This means the npm version will be published as "stable"
+    # and installed when a user runs `yarn install code-server`
+    NPM_TAG="latest"
+  else
+    COMMIT_SHA="$GITHUB_SHA"
+    echo "Not a production environment"
+    echo "Found environment: $NPM_ENVIRONMENT"
+    echo "Manually bumping npm version..."
+
+    if [[ "$NPM_ENVIRONMENT" == "staging" ]]; then
+      NPM_VERSION="$VERSION-beta-$COMMIT_SHA"
+      # This means the npm version will be tagged with "beta"
+      # and installed when a user runs `yarn install code-server@beta`
+      NPM_TAG="beta"
+    fi
+
+    if [[ "$NPM_ENVIRONMENT" == "development" ]]; then
+      # Source: https://github.com/actions/checkout/issues/58#issuecomment-614041550
+      PR_NUMBER=$(echo "$GITHUB_REF" | awk 'BEGIN { FS = "/" } ; { print $3 }')
+      NPM_VERSION="$VERSION-$PR_NUMBER-$COMMIT_SHA"
+      # This means the npm version will be tagged with "<pr number>"
+      # and installed when a user runs `yarn install code-server@<pr number>`
+      NPM_TAG="$PR_NUMBER"
+    fi
+
+    echo "using tag: $NPM_TAG"
+
+    # We modify the version in the package.json
+    # to be the current version + the PR number + commit SHA
+    # or we use current version + beta + commit SHA
+    # Example: "version": "4.0.1-4769-ad7b23cfe6ffd72914e34781ef7721b129a23040"
+    # Example: "version": "4.0.1-beta-ad7b23cfe6ffd72914e34781ef7721b129a23040"
+    pushd release
+    # NOTE:@jsjoeio
+    # I originally tried to use `yarn version` but ran into issues and abandoned it.
+    npm version "$NPM_VERSION"
+    popd
+  fi
+
+  # We need to make sure we haven't already published the version.
+  # This is because npm view won't exit with non-zero so we have
+  # to check the output.
+  local hasVersion
+  hasVersion=$(npm view "code-server@$NPM_VERSION" version)
+  if [[ $hasVersion == "$NPM_VERSION" ]]; then
+    echo "$NPM_VERSION is already published"
+    return
+  fi
+
+  yarn publish --non-interactive release --tag "$NPM_TAG"
 }

 main "$@"
--- a/ci/steps/push-docker-manifest.sh
+++ b/ci/steps/push-docker-manifest.sh
@ -1,56 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-
-# See if this version already exists on Docker Hub.
-function version_exists() {
-  local output
-  output=$(curl --silent "https://index.docker.io/v1/repositories/codercom/code-server/tags/$VERSION")
-  if [[ $output == "Tag not found" ]]; then
-    return 1
-  else
-    return 0
-  fi
-}
-
-# Import and push the Docker image for the provided arch. We must have
-# individual arch repositories pushed remotely in order to use `docker
-# manifest` to create single a multi-arch image.
-# TODO: Switch to buildx? Seems it can do this more simply.
-push() {
-  local arch=$1
-  local tag="codercom/code-server-$arch:$VERSION"
-  docker import "./release-images/code-server-$arch-$VERSION.tar" "$tag"
-  docker push "$tag"
-}
-
-main() {
-  cd "$(dirname "$0")/../.."
-  source ./ci/lib.sh
-
-  if version_exists; then
-    echo "$VERSION is already pushed"
-    return
-  fi
-
-  download_artifact release-images ./release-images
-  if [[ ${CI-} ]]; then
-    echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin
-  fi
-
-  push "amd64"
-  push "arm64"
-
-  export DOCKER_CLI_EXPERIMENTAL=enabled
-
-  docker manifest create "codercom/code-server:$VERSION" \
-    "codercom/code-server-amd64:$VERSION" \
-    "codercom/code-server-arm64:$VERSION"
-  docker manifest push --purge "codercom/code-server:$VERSION"
-
-  docker manifest create "codercom/code-server:latest" \
-    "codercom/code-server-amd64:$VERSION" \
-    "codercom/code-server-arm64:$VERSION"
-  docker manifest push --purge "codercom/code-server:latest"
-}
-
-main "$@"
--- a/ci/steps/steps-lib.sh
+++ b/ci/steps/steps-lib.sh
@ -0,0 +1,47 @@
+#!/usr/bin/env bash
+
+# This is a library which contains functions used inside ci/steps
+#
+# We separated it into it's own file so that we could easily unit test
+# these functions and helpers
+
+# Checks whether and environment variable is set.
+# Source: https://stackoverflow.com/a/62210688/3015595
+is_env_var_set() {
+  local name="${1:-}"
+  if test -n "${!name:-}"; then
+    return 0
+  else
+    return 1
+  fi
+}
+
+# Checks whether a directory exists.
+directory_exists() {
+  local dir="${1:-}"
+  if [[ -d "${dir:-}" ]]; then
+    return 0
+  else
+    return 1
+  fi
+}
+
+# Checks whether a file exists.
+file_exists() {
+  local file="${1:-}"
+  if test -f "${file:-}"; then
+    return 0
+  else
+    return 1
+  fi
+}
+
+# Checks whether a file is executable.
+is_executable() {
+  local file="${1:-}"
+  if [ -f "${file}" ] && [ -r "${file}" ] && [ -x "${file}" ]; then
+    return 0
+  else
+    return 1
+  fi
+}
--- a/docs/CONTRIBUTING.md
+++ b/docs/CONTRIBUTING.md
@ -3,13 +3,16 @@
 # Contributing

 - [Requirements](#requirements)
+  - [Linux-specific requirements](#linux-specific-requirements)
 - [Creating pull requests](#creating-pull-requests)
  - [Commits and commit history](#commits-and-commit-history)
 - [Development workflow](#development-workflow)
  - [Updates to VS Code](#updates-to-vs-code)
  - [Build](#build)
-  - [Test](#test)
+  - [Help](#help)
+- [Test](#test)
  - [Unit tests](#unit-tests)
+  - [Script tests](#script-tests)
  - [Integration tests](#integration-tests)
  - [End-to-end tests](#end-to-end-tests)
 - [Structure](#structure)
@ -32,7 +35,7 @@ Here is what is needed:
 - [`git-lfs`](https://git-lfs.github.com)
 - [`yarn`](https://classic.yarnpkg.com/en/)
  - Used to install JS packages and run scripts
- [`nfpm`](https://classic.yarnpkg.com/en/)
+- [`nfpm`](https://nfpm.goreleaser.com/)
  - Used to build `.deb` and `.rpm` packages
 - [`jq`](https://stedolan.github.io/jq/)
  - Used to build code-server releases
@ -41,16 +44,24 @@ Here is what is needed:
    signature
    verification](https://docs.github.com/en/github/authenticating-to-github/managing-commit-signature-verification)
    or follow [this tutorial](https://joeprevite.com/verify-commits-on-github)
- `build-essential` (Linux only - used by VS Code)
-  - Get this by running `apt-get install -y build-essential`
 - `rsync` and `unzip`
  - Used for code-server releases
 - `bats`
  - Used to run script unit tests

+### Linux-specific requirements
+
+If you're developing code-server on Linux, make sure you have installed or install the following dependencies:
+
+```shell
+sudo apt-get install build-essential g++ libx11-dev libxkbfile-dev libsecret-1-dev python-is-python3
+```
+
+These are required by VS Code. See [their Wiki](https://github.com/microsoft/vscode/wiki/How-to-Contribute#prerequisites) for more information.
+
 ## Creating pull requests

-Please create a [GitHub Issue](https://github.com/cdr/code-server/issues) that
+Please create a [GitHub Issue](https://github.com/coder/code-server/issues) that
 includes context for issues that you see. You can skip this if the proposed fix
 is minor.

@ -67,33 +78,40 @@ we'll guide you.

 ## Development workflow

-```shell
-yarn
-yarn watch
-# Visit http://localhost:8080 once the build is completed.
-```
+The current development workflow is a bit tricky because we have this repo and we use our `coder/vscode` fork inside it with [`yarn link`](https://classic.yarnpkg.com/lang/en/docs/cli/link/).

-`yarn watch` will live reload changes to the source.
+Here are these steps you should follow to get your dev environment setup:
+
+1. `git clone https://github.com/coder/code-server.git` - Clone `code-server`
+2. `git clone https://github.com/coder/vscode.git` - Clone `vscode`
+3. `cd vscode && yarn install` - install the dependencies in the `vscode` repo
+4. `cd code-server && yarn install` - install the dependencies in the `code-server` repo
+5. `cd vscode && yarn link` - use `yarn` to create a symlink to the `vscode` repo (`code-oss-dev` package)
+6. `cd code-server && yarn link code-oss-dev --modules-folder vendor/modules` - links your local `vscode` repo (`code-oss-dev` package) inside your local version of code-server
+7. `cd code-server && yarn watch` - this will spin up code-server on localhost:8080 which you can start developing. It will live reload changes to the source.

 ### Updates to VS Code

-Updating VS Code requires `git subtree`. On some RPM-based Linux distros, `git subtree` is not included by default and needs to be installed separately. To
-install, run `dnf install git-subtree` or `yum install git-subtree`.
+If changes are made and merged into `main` in the [`coder/vscode`](https://github.com/coder/vscode) repo, then you'll need to update the version in the `code-server` repo by following these steps:

-To update VS Code:
+1. Update the package tag listed in `vendor/package.json`:

-1. Run `yarn update:vscode`.
-2. Enter a version (e.g., `1.53`)
-3. This will open a draft pull request for you.
-4. There will be merge conflicts. Commit them first, since it will be impossible
-   for us to review your PR if you don't.
-5. Fix the conflicts. Then, test code-server locally to make sure everything
-   works.
-6. Check the Node.js version that's used by Electron (which is shipped with VS
+```json
+{
+  "devDependencies": {
+    "vscode": "coder/vscode#<latest-commit-sha>"
+  }
+}
+```
+
+2. From the code-server **project root**, run `yarn install`.
+   Then, test code-server locally to make sure everything works.
+3. Check the Node.js version that's used by Electron (which is shipped with VS
   Code. If necessary, update your version of Node.js to match.
+4. Open a PR

 > Watch for updates to
-> `lib/vscode/src/vs/code/browser/workbench/workbench.html`. You may need to
+> `vendor/modules/code-oss-dev/src/vs/code/browser/workbench/workbench.html`. You may need to
 > make changes to `src/browser/pages/vscode.html`.

 ### Build
@ -128,13 +146,18 @@ yarn package
 > If you need your builds to support older distros, run the build commands
 > inside a Docker container with all the build requirements installed.

-### Test
+### Help

-There are three kinds of tests in code-server:
+If you get stuck or need help, you can always start a new GitHub Discussion [here](https://github.com/coder/code-server/discussions). One of the maintainers will respond and help you out.
+
+## Test
+
+There are four kinds of tests in code-server:

 1. Unit tests
-2. Integration tests
-3. End-to-end tests
+2. Script tests
+3. Integration tests
+4. End-to-end tests

 ### Unit tests

@ -143,7 +166,15 @@ Our unit tests are written in TypeScript and run using

 These live under [test/unit](../test/unit).

-We use unit tests for functions and things that can be tested in isolation.
+We use unit tests for functions and things that can be tested in isolation. The file structure is modeled closely after `/src` so it's easy for people to know where test files should live.
+
+### Script tests
+
+Our script tests are written in bash and run using [bats](https://github.com/bats-core/bats-core).
+
+These tests live under `test/scripts`.
+
+We use these to test anything related to our scripts (most of which live under `ci`).

 ### Integration tests

@ -184,7 +215,7 @@ The CLI code is in [src/node](../src/node) and the HTTP routes are implemented
 in [src/node/routes](../src/node/routes).

 Most of the meaty parts are in the VS Code portion of the codebase under
-[lib/vscode](../lib/vscode), which we describe next.
+[vendor/modules/code-oss-dev](../vendor/modules/code-oss-dev), which we describe next.

 ### Modifications to VS Code

@ -197,66 +228,66 @@ Over time, Microsoft added support to VS Code to run it on the web. They have
 made the front-end open source, but not the server. As such, code-server v2 (and
 later) uses the VS Code front-end and implements the server. We do this by using
 a Git subtree to fork and modify VS Code. This code lives under
-[lib/vscode](../lib/vscode).
+[vendor/modules/code-oss-dev](../vendor/modules/code-oss-dev).

 Some noteworthy changes in our version of VS Code include:

- Adding our build file, [`lib/vscode/coder.js`](../lib/vscode/coder.js), which includes build steps specific to code-server
- Node.js version detection changes in [`build/lib/node.ts`](../lib/vscode/build/lib/node.ts) and [`build/lib/util.ts`](../lib/vscode/build/lib/util.ts)
+- Adding our build file, [`vendor/modules/code-oss-dev/coder.js`](../vendor/modules/code-oss-dev/coder.js), which includes build steps specific to code-server
+- Node.js version detection changes in [`build/lib/node.ts`](../vendor/modules/code-oss-dev/build/lib/node.ts) and [`build/lib/util.ts`](../vendor/modules/code-oss-dev/build/lib/util.ts)
 - Allowing extra extension directories
-  - Added extra arguments to [`src/vs/platform/environment/common/argv.ts`](../lib/vscode/src/vs/platform/environment/common/argv.ts) and to [`src/vs/platform/environment/node/argv.ts`](../lib/vscode/src/vs/platform/environment/node/argv.ts)
-  - Added extra environment state to [`src/vs/platform/environment/common/environment.ts`](../lib/vscode/src/vs/platform/environment/common/environment.ts);
-  - Added extra getters to [`src/vs/platform/environment/common/environmentService.ts`](../lib/vscode/src/vs/platform/environment/common/environmentService.ts)
-  - Added extra scanning paths to [`src/vs/platform/extensionManagement/node/extensionsScanner.ts`](../lib/vscode/src/vs/platform/extensionManagement/node/extensionsScanner.ts)
- Additions/removals from [`package.json`](../lib/vscode/package.json):
+  - Added extra arguments to [`src/vs/platform/environment/common/argv.ts`](../vendor/modules/code-oss-dev/src/vs/platform/environment/common/argv.ts) and to [`src/vs/platform/environment/node/argv.ts`](../vendor/modules/code-oss-dev/src/vs/platform/environment/node/argv.ts)
+  - Added extra environment state to [`src/vs/platform/environment/common/environment.ts`](../vendor/modules/code-oss-dev/src/vs/platform/environment/common/environment.ts);
+  - Added extra getters to [`src/vs/platform/environment/common/environmentService.ts`](../vendor/modules/code-oss-dev/src/vs/platform/environment/common/environmentService.ts)
+  - Added extra scanning paths to [`src/vs/platform/extensionManagement/node/extensionsScanner.ts`](../vendor/modules/code-oss-dev/src/vs/platform/extensionManagement/node/extensionsScanner.ts)
+- Additions/removals from [`package.json`](../vendor/modules/code-oss-dev/package.json):
  - Removing `electron`, `keytar` and `native-keymap` to avoid pulling in desktop dependencies during build on Linux
  - Removing `gulp-azure-storage` and `gulp-tar` (unsued in our build process, may pull in outdated dependencies)
  - Adding `proxy-agent`, `proxy-from-env` (for proxying) and `rimraf` (used during build/install steps)
 - Adding our branding/custom URLs/version:
-  - [`product.json`](../lib/vscode/product.json)
-  - [`src/vs/base/common/product.ts`](../lib/vscode/src/vs/base/common/product.ts)
-  - [`src/vs/workbench/browser/parts/dialogs/dialogHandler.ts`](../lib/vscode/src/vs/workbench/browser/parts/dialogs/dialogHandler.ts)
-  - [`src/vs/workbench/contrib/welcome/page/browser/vs_code_welcome_page.ts`](../lib/vscode/src/vs/workbench/contrib/welcome/page/browser/vs_code_welcome_page.ts)
-  - [`src/vs/workbench/contrib/welcome/page/browser/welcomePage.ts`](../lib/vscode/src/vs/workbench/contrib/welcome/page/browser/welcomePage.ts)
- Removing azure/macOS signing related dependencies from [`build/package.json`](../lib/vscode/build/package.json)
+  - [`product.json`](../vendor/modules/code-oss-dev/product.json)
+  - [`src/vs/base/common/product.ts`](../vendor/modules/code-oss-dev/src/vs/base/common/product.ts)
+  - [`src/vs/workbench/browser/parts/dialogs/dialogHandler.ts`](../vendor/modules/code-oss-dev/src/vs/workbench/browser/parts/dialogs/dialogHandler.ts)
+  - [`src/vs/workbench/contrib/welcome/page/browser/vs_code_welcome_page.ts`](../vendor/modules/code-oss-dev/src/vs/workbench/contrib/welcome/page/browser/vs_code_welcome_page.ts)
+  - [`src/vs/workbench/contrib/welcome/page/browser/welcomePage.ts`](../vendor/modules/code-oss-dev/src/vs/workbench/contrib/welcome/page/browser/welcomePage.ts)
+- Removing azure/macOS signing related dependencies from [`build/package.json`](../vendor/modules/code-oss-dev/build/package.json)
 - Modifying `.gitignore` to allow us to add files to `src/vs/server` and modifying `.eslintignore` to ignore lint on the shared files below (we use different formatter settings than VS Code).
 - Sharing some files with our codebase via symlinks:
-  - [`src/vs/base/common/ipc.d.ts`](../lib/vscode/src/vs/base/common/ipc.d.ts) points to [`typings/ipc.d.ts`](../typings/ipc.d.ts)
-  - [`src/vs/base/common/util.ts`](../lib/vscode/src/vs/base/common/util.ts) points to [`src/common/util.ts`](../src/common/util.ts)
-  - [`src/vs/base/node/proxy_agent.ts`](../lib/vscode/src/vs/base/node/proxy_agent.ts) points to [`src/node/proxy_agent.ts`](../src/node/proxy_agent.ts)
- Allowing socket changes by adding `setSocket` in [`src/vs/base/parts/ipc/common/ipc.net.ts`](../lib/vscode/src/vs/base/parts/ipc/common/ipc.net.ts)
+  - [`src/vs/base/common/ipc.d.ts`](../vendor/modules/code-oss-dev/src/vs/base/common/ipc.d.ts) points to [`typings/ipc.d.ts`](../typings/ipc.d.ts)
+  - [`src/vs/base/common/util.ts`](../vendor/modules/code-oss-dev/src/vs/base/common/util.ts) points to [`src/common/util.ts`](../src/common/util.ts)
+  - [`src/vs/base/node/proxy_agent.ts`](../vendor/modules/code-oss-dev/src/vs/base/node/proxy_agent.ts) points to [`src/node/proxy_agent.ts`](../src/node/proxy_agent.ts)
+- Allowing socket changes by adding `setSocket` in [`src/vs/base/parts/ipc/common/ipc.net.ts`](../vendor/modules/code-oss-dev/src/vs/base/parts/ipc/common/ipc.net.ts)
  - We use this for connection persistence in our server-side code.
 - Added our server-side Node.JS code to `src/vs/server`.
  - This code includes the logic to spawn the various services (extension host, terminal, etc.) and some glue
- Added [`src/vs/workbench/browser/client.ts`](../lib/vscode/src/vs/workbench/browser/client.ts) to hold some server customizations.
+- Added [`src/vs/workbench/browser/client.ts`](../vendor/modules/code-oss-dev/src/vs/workbench/browser/client.ts) to hold some server customizations.
  - Includes the functionality for the Log Out command and menu item
-  - Also, imported and called `initialize` from the main web file, [`src/vs/workbench/browser/web.main.ts`](../lib/vscode/src/vs/workbench/browser/web.main.ts)
- Added a (hopefully temporary) hotfix to [`src/vs/workbench/common/resources.ts`](../lib/vscode/src/vs/workbench/common/resources.ts) to get context menu actions working for the Git integration.
- Added connection type to WebSocket query parameters in [`src/vs/platform/remote/common/remoteAgentConnection.ts`](../lib/vscode/src/vs/platform/remote/common/remoteAgentConnection.ts)
- Added `CODE_SERVER*` variables to the sanitization list in [`src/vs/base/common/processes.ts`](../lib/vscode/src/vs/base/common/processes.ts)
+  - Also, imported and called `initialize` from the main web file, [`src/vs/workbench/browser/web.main.ts`](../vendor/modules/code-oss-dev/src/vs/workbench/browser/web.main.ts)
+- Added a (hopefully temporary) hotfix to [`src/vs/workbench/common/resources.ts`](../vendor/modules/code-oss-dev/src/vs/workbench/common/resources.ts) to get context menu actions working for the Git integration.
+- Added connection type to WebSocket query parameters in [`src/vs/platform/remote/common/remoteAgentConnection.ts`](../vendor/modules/code-oss-dev/src/vs/platform/remote/common/remoteAgentConnection.ts)
+- Added `CODE_SERVER*` variables to the sanitization list in [`src/vs/base/common/processes.ts`](../vendor/modules/code-oss-dev/src/vs/base/common/processes.ts)
 - Fix localization support:
-  - Added file [`src/vs/workbench/services/localizations/browser/localizationsService.ts`](../lib/vscode/src/vs/workbench/services/localizations/browser/localizationsService.ts).
-  - Modified file [`src/vs/base/common/platform.ts`](../lib/vscode/src/vs/base/common/platform.ts)
-  - Modified file [`src/vs/base/node/languagePacks.js`](../lib/vscode/src/vs/base/node/languagePacks.js)
- Added code to allow server to inject settings to [`src/vs/platform/product/common/product.ts`](../lib/vscode/src/vs/platform/product/common/product.ts)
+  - Added file [`src/vs/workbench/services/localizations/browser/localizationsService.ts`](../vendor/modules/code-oss-dev/src/vs/workbench/services/localizations/browser/localizationsService.ts).
+  - Modified file [`src/vs/base/common/platform.ts`](../vendor/modules/code-oss-dev/src/vs/base/common/platform.ts)
+  - Modified file [`src/vs/base/node/languagePacks.js`](../vendor/modules/code-oss-dev/src/vs/base/node/languagePacks.js)
+- Added code to allow server to inject settings to [`src/vs/platform/product/common/product.ts`](../vendor/modules/code-oss-dev/src/vs/platform/product/common/product.ts)
 - Extension fixes:
-  - Avoid disabling extensions by extensionKind in [`src/vs/workbench/services/extensionManagement/browser/extensionEnablementService.ts`](../lib/vscode/src/vs/workbench/services/extensionManagement/browser/extensionEnablementService.ts) (Needed for vscode-icons)
-  - Remove broken symlinks in [`extensions/postinstall.js`](../lib/vscode/extensions/postinstall.js)
-  - Add tip about extension gallery in [`src/vs/workbench/contrib/extensions/browser/extensionsViewlet.ts`](../lib/vscode/src/vs/workbench/contrib/extensions/browser/extensionsViewlet.ts)
-  - Use our own server for GitHub authentication in [`extensions/github-authentication/src/githubServer.ts`](../lib/vscode/extensions/github-authentication/src/githubServer.ts)
-  - Settings persistence on the server in [`src/vs/workbench/services/environment/browser/environmentService.ts`](../lib/vscode/src/vs/workbench/services/environment/browser/environmentService.ts)
-  - Add extension install fallback in [`src/vs/workbench/services/extensionManagement/common/extensionManagementService.ts`](../lib/vscode/src/vs/workbench/services/extensionManagement/common/extensionManagementService.ts)
-  - Add proxy-agent monkeypatch and keep extension host indefinitely running in [`src/vs/workbench/services/extensions/node/extensionHostProcessSetup.ts`](../lib/vscode/src/vs/workbench/services/extensions/node/extensionHostProcessSetup.ts)
-  - Patch build system to avoid removing extension dependencies for `yarn global add` users in [`build/lib/extensions.ts`](../lib/vscode/build/lib/extensions.ts)
-  - Allow all extensions to use proposed APIs in [`src/vs/workbench/services/environment/browser/environmentService.ts`](../lib/vscode/src/vs/workbench/services/environment/browser/environmentService.ts)
-  - Make storage writes async to allow extensions to wait for them to complete in [`src/vs/platform/storage/common/storage.ts`](../lib/vscode/src/vs/platform/storage/common/storage.ts)
- Specify webview path in [`src/vs/code/browser/workbench/workbench.ts`](../lib/vscode/src/vs/code/browser/workbench/workbench.ts)
- URL readability improvements for folder/workspace in [`src/vs/code/browser/workbench/workbench.ts`](../lib/vscode/src/vs/code/browser/workbench/workbench.ts)
+  - Avoid disabling extensions by extensionKind in [`src/vs/workbench/services/extensionManagement/browser/extensionEnablementService.ts`](../vendor/modules/code-oss-dev/src/vs/workbench/services/extensionManagement/browser/extensionEnablementService.ts) (Needed for vscode-icons)
+  - Remove broken symlinks in [`extensions/postinstall.js`](../vendor/modules/code-oss-dev/extensions/postinstall.js)
+  - Add tip about extension gallery in [`src/vs/workbench/contrib/extensions/browser/extensionsViewlet.ts`](../vendor/modules/code-oss-dev/src/vs/workbench/contrib/extensions/browser/extensionsViewlet.ts)
+  - Use our own server for GitHub authentication in [`extensions/github-authentication/src/githubServer.ts`](../vendor/modules/code-oss-dev/extensions/github-authentication/src/githubServer.ts)
+  - Settings persistence on the server in [`src/vs/workbench/services/environment/browser/environmentService.ts`](../vendor/modules/code-oss-dev/src/vs/workbench/services/environment/browser/environmentService.ts)
+  - Add extension install fallback in [`src/vs/workbench/services/extensionManagement/common/extensionManagementService.ts`](../vendor/modules/code-oss-dev/src/vs/workbench/services/extensionManagement/common/extensionManagementService.ts)
+  - Add proxy-agent monkeypatch and keep extension host indefinitely running in [`src/vs/workbench/services/extensions/node/extensionHostProcessSetup.ts`](../vendor/modules/code-oss-dev/src/vs/workbench/services/extensions/node/extensionHostProcessSetup.ts)
+  - Patch build system to avoid removing extension dependencies for `yarn global add` users in [`build/lib/extensions.ts`](../vendor/modules/code-oss-dev/build/lib/extensions.ts)
+  - Allow all extensions to use proposed APIs in [`src/vs/workbench/services/environment/browser/environmentService.ts`](../vendor/modules/code-oss-dev/src/vs/workbench/services/environment/browser/environmentService.ts)
+  - Make storage writes async to allow extensions to wait for them to complete in [`src/vs/platform/storage/common/storage.ts`](../vendor/modules/code-oss-dev/src/vs/platform/storage/common/storage.ts)
+- Specify webview path in [`src/vs/code/browser/workbench/workbench.ts`](../vendor/modules/code-oss-dev/src/vs/code/browser/workbench/workbench.ts)
+- URL readability improvements for folder/workspace in [`src/vs/code/browser/workbench/workbench.ts`](../vendor/modules/code-oss-dev/src/vs/code/browser/workbench/workbench.ts)
 - Socket/Authority-related fixes (for remote proxying etc.):
-  - [`src/vs/code/browser/workbench/workbench.ts`](../lib/vscode/src/vs/code/browser/workbench/workbench.ts)
-  - [`src/vs/platform/remote/browser/browserSocketFactory.ts`](../lib/vscode/src/vs/platform/remote/browser/browserSocketFactory.ts)
-  - [`src/vs/base/common/network.ts`](../lib/vscode/src/vs/base/common/network.ts)
- Added code to write out IPC path in [`src/vs/workbench/api/node/extHostCLIServer.ts`](../lib/vscode/src/vs/workbench/api/node/extHostCLIServer.ts)
+  - [`src/vs/code/browser/workbench/workbench.ts`](../vendor/modules/code-oss-dev/src/vs/code/browser/workbench/workbench.ts)
+  - [`src/vs/platform/remote/browser/browserSocketFactory.ts`](../vendor/modules/code-oss-dev/src/vs/platform/remote/browser/browserSocketFactory.ts)
+  - [`src/vs/base/common/network.ts`](../vendor/modules/code-oss-dev/src/vs/base/common/network.ts)
+- Added code to write out IPC path in [`src/vs/workbench/api/node/extHostCLIServer.ts`](../vendor/modules/code-oss-dev/src/vs/workbench/api/node/extHostCLIServer.ts)

 As the web portion of VS Code matures, we'll be able to shrink and possibly
 eliminate our modifications. In the meantime, upgrading the VS Code version requires
--- a/docs/FAQ.md
+++ b/docs/FAQ.md
@ -26,16 +26,18 @@
 - [Can I use Docker in a code-server container?](#can-i-use-docker-in-a-code-server-container)
 - [How do I disable telemetry?](#how-do-i-disable-telemetry)
 - [What's the difference between code-server and Theia?](#whats-the-difference-between-code-server-and-theia)
- [What's the difference between code-server and VS Code Codespaces?](#whats-the-difference-between-code-server-and-vs-code-codespaces)
+- [What's the difference between code-server and OpenVSCode-Server?](#whats-the-difference-between-code-server-and-openvscode-server)
+- [What's the difference between code-server and GitHub Codespaces?](#whats-the-difference-between-code-server-and-github-codespaces)
 - [Does code-server have any security login validation?](#does-code-server-have-any-security-login-validation)
 - [Are there community projects involving code-server?](#are-there-community-projects-involving-code-server)
+- [How do I change the port?](#how-do-i-change-the-port)

 <!-- END doctoc generated TOC please keep comment here to allow auto update -->

 ## Questions?

 Please file all questions and support requests at
-<https://github.com/cdr/code-server/discussions>.
+<https://github.com/coder/code-server/discussions>.

 ## How should I expose code-server to the internet?

@ -99,32 +101,28 @@ Service](https://cdn.vsassets.io/v/M146_20190123.39/_content/Microsoft-Visual-St
 > Visual Studio Products and Services.

 Because of this, we can't offer any extensions on Microsoft's marketplace.
-Instead, we've created a marketplace offering open-source extensions. The
-marketplace works by scraping GitHub for VS Code extensions and building them.
+Instead, we use the [Open-VSX extension gallery](https://open-vsx.org), which is also used by various other forks.
+It isn't perfect, but its getting better by the day with more and more extensions.
+
+We also offer our own marketplace for open source extensions, but plan to
+deprecate it at a future date and completely migrate to Open-VSX.

 These are the closed-source extensions that are presently unavailable:

 1. [Live Share](https://visualstudio.microsoft.com/services/live-share). We may
   implement something similar (see
-   [#33](https://github.com/cdr/code-server/issues/33))
+   [#33](https://github.com/coder/code-server/issues/33))
 1. [Remote Extensions (SSH, Containers,
   WSL)](https://github.com/microsoft/vscode-remote-release). We may implement
   these again at some point, see
-   ([#1315](https://github.com/cdr/code-server/issues/1315)).
+   ([#1315](https://github.com/coder/code-server/issues/1315)).

 For more about the closed source portions of VS Code, see [vscodium/vscodium](https://github.com/VSCodium/vscodium#why-does-this-exist).

 ## How can I request an extension that's missing from the marketplace?

-We are in the process of transitioning to [Open VSX](https://open-vsx.org/).
-Once we've [implemented Open
-VSX](https://github.com/eclipse/openvsx/issues/249), we can finalize this
-transition. As such, we are not currently accepting new extension requests.
-
-In the meantime, we suggest:
-
- [Switching to Open VSX](#how-do-i-configure-the-marketplace-url) now
- Downloading and [installing the extension manually](#installing-an-extension-manually)
+To add an extension to Open-VSX, please see [open-vsx/publish-extensions](https://github.com/open-vsx/publish-extensions).
+We no longer plan to add new extensions to our legacy extension gallery.

 ## How do I install an extension?

@ -157,20 +155,19 @@ You can also download extensions using the command line. For instance,
 downloading from OpenVSX can be done like this:

 ```shell
-SERVICE_URL=https://open-vsx.org/vscode/gallery ITEM_URL=https://open-vsx.org/vscode/item code-server --install-extension <extension id>
+code-server --install-extension <extension id>
 ```

 ## How do I use my own extensions marketplace?

 If you own a marketplace that implements the VS Code Extension Gallery API, you
-can point code-server to it by setting `$SERVICE_URL` and `$ITEM_URL`. These correspond directly
-to `serviceUrl` and `itemUrl` in VS Code's `product.json`.
+can point code-server to it by setting `$EXTENSIONS_GALLERY`.
+This corresponds directly with the `extensionsGallery` entry in in VS Code's `product.json`.

-For example, to use [open-vsx.org](https://open-vsx.org), run:
+For example, to use the legacy Coder extensions marketplace:

 ```bash
-export SERVICE_URL=https://open-vsx.org/vscode/gallery
-export ITEM_URL=https://open-vsx.org/vscode/item
+export EXTENSIONS_GALLERY='{"serviceUrl": "https://extensions.coder.com/api"}'
 ```

 Though you can technically use Microsoft's marketplace in this manner, we
@ -225,7 +222,7 @@ You may have to give Node.js full disk access, since it doesn't implement any of
   Privacy** > **Privacy** > **Full Disk Access**. Then, click the 🔒 to unlock,
   click **+**, and select the Node.js binary you located in the previous step.

-See [#2794](https://github.com/cdr/code-server/issues/2794) for additional context.
+See [#2794](https://github.com/coder/code-server/issues/2794) for additional context.

 ## How do I direct server-side requests through a proxy?

@ -305,7 +302,7 @@ after a predetermined amount of time, you can do so by checking continuously for
 the last modified time on the heartbeat file. If it is older than X minutes (or
 whatever amount of time you'd like), you can kill code-server.

-Eventually, [#1636](https://github.com/cdr/code-server/issues/1636) will make
+Eventually, [#1636](https://github.com/coder/code-server/issues/1636) will make
 this process better.

 ## How do I change the password?
@ -376,18 +373,31 @@ for extensions.

 Theia doesn't allow you to reuse your existing VS Code config.

-## What's the difference between code-server and VS Code Codespaces?
+## What's the difference between code-server and OpenVSCode-Server?

-Both code-server and VS Code Codespaces allow you to access VS Code via a
-browser.
+code-server and OpenVSCode-Server both allow you to access VS Code via a
+browser. The two projects also use their own [forks of VS Code](https://github.com/coder/vscode) to
+leverage modern VS Code APIs and stay up to date with the upsteam version.

-VS Code Codespaces, however, is a closed-source, paid service offered by
-Microsoft. While you can self-host environments with VS Code Codespaces, you
-still need an Azure billing account, and you must access VS Code via the
-Codespaces web dashboard instead of connecting directly to it.
+However, OpenVSCode-Server is scoped at only making VS Code available in the web browser.
+code-server includes some other features:

-On the other hand, code-server is free, open-source, and can be run on any
-machine with few limitations.
+- password auth
+- proxy web ports
+- certificate support
+- plugin API
+- settings sync (coming soon)
+
+For more details, see [this discussion post](https://github.com/coder/code-server/discussions/4267#discussioncomment-1411583).
+
+## What's the difference between code-server and GitHub Codespaces?
+
+Both code-server and GitHub Codespaces allow you to access VS Code via a
+browser. GitHub Codespaces, however, is a closed-source, paid service offered by
+GitHub and Microsoft.
+
+On the other hand, code-server is self-hosted, free, open-source, and
+can be run on any machine with few limitations.

 ## Does code-server have any security login validation?

@ -396,6 +406,13 @@ minute plus an additional twelve per hour.

 ## Are there community projects involving code-server?

-Visit the [awesome-code-server](https://github.com/cdr/awesome-code-server)
+Visit the [awesome-code-server](https://github.com/coder/awesome-code-server)
 repository to view community projects and guides with code-server! Feel free to
 add your own!
+
+## How do I change the port?
+
+There are two ways to change the port on which code-server runs:
+
+1. with an environment variable e.g. `PORT=3000 code-server`
+2. using the flag `--bind-addr` e.g. `code-server --bind-addr localhost:3000`
--- a/docs/MAINTAINING.md
+++ b/docs/MAINTAINING.md
@ -2,6 +2,9 @@
 <!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
 # Maintaining

+- [Team](#team)
+  - [Onboarding](#onboarding)
+  - [Offboarding](#offboarding)
 - [Workflow](#workflow)
  - [Milestones](#milestones)
  - [Triage](#triage)
@ -12,17 +15,45 @@
  - [Changelog](#changelog)
 - [Releases](#releases)
  - [Publishing a release](#publishing-a-release)
+    - [AUR](#aur)
+    - [Docker](#docker)
+    - [Homebrew](#homebrew)
+    - [npm](#npm)
+- [Syncing with Upstream VS Code](#syncing-with-upstream-vs-code)
+- [Testing](#testing)
+- [Documentation](#documentation)
+  - [Troubleshooting](#troubleshooting)

 <!-- END doctoc generated TOC please keep comment here to allow auto update -->

+This document is meant to serve current and future maintainers of code-server,
+as well as share our workflow for maintaining the project.
+
+## Team
+
 Current maintainers:

 - @code-asher
- @oxy
+- @TeffenEllis
 - @jsjoeio

-This document is meant to serve current and future maintainers of code-server,
-as well as share our workflow for maintaining the project.
+Occasionally, other Coder employees may step in time to time to assist with code-server.
+
+### Onboarding
+
+To onboard a new maintainer to the project, please make sure to do the following:
+
+- [ ] Add to [coder/code-server-reviewers](https://github.com/orgs/coder/teams/code-server-reviewers)
+- [ ] Add as Admin under [Repository Settings > Access](https://github.com/coder/code-server/settings/access)
+- [ ] Add to [npm Coder org](https://www.npmjs.com/org/coder)
+- [ ] Add as [AUR maintainer](https://aur.archlinux.org/packages/code-server/) (talk to Colin)
+- [ ] Introduce to community via Discussion (see [example](https://github.com/coder/code-server/discussions/3955))
+
+### Offboarding
+
+Very similar to Onboarding but Remove maintainer from all teams and revoke access. Please also do the following:
+
+- [ ] Write farewell post via Discussion (see [example](https://github.com/coder/code-server/discussions/3933))

 ## Workflow

@ -33,7 +64,7 @@ contributing on day one.
 ### Milestones

 We operate mainly using
-[milestones](https://github.com/cdr/code-server/milestones). This was heavily
+[milestones](https://github.com/coder/code-server/milestones). This was heavily
 inspired by our friends over at [vscode](https://github.com/microsoft/vscode).

 Here are the milestones we use and how we use them:
@ -96,8 +127,7 @@ the issue.

 ### Merge strategies

-For most things, we recommend the **squash and merge** strategy. If you're
-updating `lib/vscode`, we suggest using the **rebase and merge** strategy. There
+For most things, we recommend the **squash and merge** strategy. There
 may be times where **creating a merge commit** makes sense as well. Use your
 best judgment. If you're unsure, you can always discuss in the PR with the team.

@ -135,6 +165,7 @@ If you're the current release manager, follow these steps:

 ### Publishing a release

+1. Create a release branch called `v0.0.0` but replace with new version
 1. Run `yarn release:prep` and type in the new version (e.g., `3.8.1`)
 1. GitHub Actions will generate the `npm-package`, `release-packages` and
   `release-images` artifacts. You do not have to wait for this step to complete
@ -154,5 +185,72 @@ If you're the current release manager, follow these steps:
   artifacts, publish the NPM package from `npm-package`, and publish the Docker
   Hub image from `release-images`.
 1. Update the AUR package. Instructions for updating the AUR package are at
-   [cdr/code-server-aur](https://github.com/cdr/code-server-aur).
+   [coder/code-server-aur](https://github.com/coder/code-server-aur).
 1. Wait for the npm package to be published.
+
+#### AUR
+
+We publish to AUR as a package [here](https://aur.archlinux.org/packages/code-server/). This process is manual and can be done by following the steps in [this repo](https://github.com/coder/code-server-aur).
+
+#### Docker
+
+We publish code-server as a Docker image [here](https://registry.hub.docker.com/r/codercom/code-server), tagging it both with the version and latest.
+
+This is currently automated with the release process.
+
+#### Homebrew
+
+We publish code-server on Homebrew [here](https://github.com/Homebrew/homebrew-core/blob/master/Formula/code-server.rb).
+
+This is currently automated with the release process (but may fail occasionally). If it does, run this locally:
+
+```shell
+# Replace VERSION with version
+brew bump-formula-pr --version="${VERSION}" code-server --no-browse --no-audit
+```
+
+#### npm
+
+We publish code-server as a npm package [here](https://www.npmjs.com/package/code-server/v/latest).
+
+This is currently automated with the release process.
+
+## Syncing with Upstream VS Code
+
+The VS Code portion of code-server lives under [`coder/vscode`](https://github.com/coder/vscode). To update VS Code for code-server, follow these steps:
+
+1. `git checkout -b vscode-update` - Create a new branch locally based off `main`
+2. `git fetch upstream` - Fetch upstream (VS Code)'s latest branches
+3. `git merge upstream/release/1.64` - Merge it locally
+   1. replace `1.64` with the version you're upgrading to
+   1. If there are merge conflicts, commit first, then fix them locally.
+4. Open a PR merging your branch (`vscode-update`) into `main` and add the code-server review team
+
+Ideally, our fork stays as close to upstream as possible. See the differences between our fork and upstream [here](https://github.com/microsoft/vscode/compare/main...coder:main).
+
+## Testing
+
+Our testing structure is laid out under our [Contributing docs](https://coder.com/docs/code-server/latest/CONTRIBUTING#test).
+
+We hope to eventually hit 100% test coverage with our unit tests, and maybe one day our scripts (coverage not tracked currently).
+
+If you're ever looking to add more tests, here are a few ways to get started:
+
+- run `yarn test:unit` and look at the coverage chart. You'll see all the uncovered lines. This is a good place to start.
+- look at `test/scripts` to see which scripts are tested. We can always use more tests there.
+- look at `test/e2e`. We can always use more end-to-end tests.
+
+Otherwise, talk to a current maintainer and ask which part of the codebase is lacking most when it comes to tests.
+
+## Documentation
+
+### Troubleshooting
+
+Our docs are hosted on [Vercel](https://vercel.com/). Vercel only shows logs in realtime, which means you need to have the logs open in one tab and reproduce your error in another tab. Since our logs are private to Coder the organization, you can only follow these steps if you're a Coder employee. Ask a maintainer for help if you need it.
+
+Taking a real scenario, let's say you wanted to troubleshoot [this docs change](https://github.com/coder/code-server/pull/4042). Here is how you would do it:
+
+1. Go to https://vercel.com/codercom/codercom
+2. Click "View Function Logs"
+3. In a separate tab, open the preview link from github-actions-bot
+4. Now look at the function logs and see if there are errors in the logs
--- a/docs/README.md
+++ b/docs/README.md
@ -1,6 +1,6 @@
 # code-server

-[!["GitHub Discussions"](https://img.shields.io/badge/%20GitHub-%20Discussions-gray.svg?longCache=true&logo=github&colorB=purple)](https://github.com/cdr/code-server/discussions) [!["Join us on Slack"](https://img.shields.io/badge/join-us%20on%20slack-gray.svg?longCache=true&logo=slack&colorB=brightgreen)](https://cdr.co/join-community) [![Twitter Follow](https://img.shields.io/twitter/follow/CoderHQ?label=%40CoderHQ&style=social)](https://twitter.com/coderhq) [![codecov](https://codecov.io/gh/cdr/code-server/branch/main/graph/badge.svg?token=5iM9farjnC)](https://codecov.io/gh/cdr/code-server) [![See v3.11.0 docs](https://img.shields.io/static/v1?label=Docs&message=see%20v3.11.0%20&color=blue)](https://github.com/cdr/code-server/tree/v3.11.0/docs)
+[!["GitHub Discussions"](https://img.shields.io/badge/%20GitHub-%20Discussions-gray.svg?longCache=true&logo=github&colorB=purple)](https://github.com/coder/code-server/discussions) [!["Join us on Slack"](https://img.shields.io/badge/join-us%20on%20slack-gray.svg?longCache=true&logo=slack&colorB=brightgreen)](https://coder.com/community) [![Twitter Follow](https://img.shields.io/twitter/follow/CoderHQ?label=%40CoderHQ&style=social)](https://twitter.com/coderhq) [![codecov](https://codecov.io/gh/coder/code-server/branch/main/graph/badge.svg?token=5iM9farjnC)](https://codecov.io/gh/coder/code-server) [![See v4.0.2 docs](https://img.shields.io/static/v1?label=Docs&message=see%20v4.0.2%20&color=blue)](https://github.com/coder/code-server/tree/v4.0.2/docs)

 Run [VS Code](https://github.com/Microsoft/vscode) on any machine anywhere and
 access it in the browser.
@ -14,6 +14,9 @@ access it in the browser.
 - Preserve battery life when you're on the go; all intensive tasks run on your
  server

+| 🔔 code-server is a free browser-based IDE while [Coder](https://coder.com/) is our enterprise developer workspace platform. For more information, visit [Coder.com](https://coder.com/docs/comparison)
+| ---
+
 ## Requirements

 See [requirements](requirements.md) for minimum specs, as well as instructions
@ -26,13 +29,13 @@ on how to set up a Google VM on which you can install code-server.
 There are three ways to get started:

 1. Using the [install
-   script](https://github.com/cdr/code-server/blob/main/install.sh), which
+   script](https://github.com/coder/code-server/blob/main/install.sh), which
   automates most of the process. The script uses the system package manager if
   possible.
 2. Manually [installing
-   code-server](https://coder.com/docs/code-server/v3.11.0/install)
+   code-server](https://coder.com/docs/code-server/latest/install)
 3. Using our one-click buttons and guides to [deploy code-server to a cloud
-   provider](https://github.com/cdr/deploy-code-server) ⚡
+   provider](https://github.com/coder/deploy-code-server) ⚡

 If you use the install script, you can preview what occurs during the install
 process:
@ -51,31 +54,16 @@ When done, the install script prints out instructions for running and starting
 code-server.

 We also have an in-depth [setup and
-configuration](https://coder.com/docs/code-server/v3.11.0/guide) guide.
-
-### code-server --link
-
-We're working on a cloud platform that makes deploying and managing code-server
-easier. Consider running code-server with the beta flag `--link` if you don't
-want to worry about:
-
- TLS
- Authentication
- Port forwarding
-
-```bash
-$ code-server --link
-Proxying code-server, you can access your IDE at https://example.cdr.co
-```
+configuration](https://coder.com/docs/code-server/latest/guide) guide.

 ## Questions?

 See answers to [frequently asked
-questions](https://coder.com/docs/code-server/v3.11.0/FAQ).
+questions](https://coder.com/docs/code-server/latest/FAQ).

 ## Want to help?

-See [Contributing](https://coder.com/docs/code-server/v3.11.0/CONTRIBUTING) for
+See [Contributing](https://coder.com/docs/code-server/latest/CONTRIBUTING) for
 details.

 ## Hiring
--- a/docs/SECURITY.md
+++ b/docs/SECURITY.md
@ -26,9 +26,9 @@ We use the following tools to help us stay on top of vulnerability mitigation.

 Coder sponsors the development and maintenance of the code-server project. We will fix security issues within 90 days of receiving a report and publish the fix in a subsequent release. The code-server project does not provide backports or patch releases for security issues at this time.

-| Version                                               | Supported          |
-| ----------------------------------------------------- | ------------------ |
-| [Latest](https://github.com/cdr/code-server/releases) | :white_check_mark: |
+| Version                                                 | Supported          |
+| ------------------------------------------------------- | ------------------ |
+| [Latest](https://github.com/coder/code-server/releases) | :white_check_mark: |

 ## Reporting a Vulnerability

--- a/docs/android.md
+++ b/docs/android.md
@ -0,0 +1,23 @@
+# Running code-server using UserLAnd
+
+1. Install UserLAnd from [Google Play](https://play.google.com/store/apps/details?id=tech.ula&hl=en_US&gl=US)
+2. Install an Ubuntu VM
+3. Start app
+4. Install Node.js, `curl` and `yarn` using `sudo apt install nodejs npm yarn curl -y`
+5. Install `nvm`:
+
+```shell
+curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.0/install.sh | bash
+```
+
+6. Exit the terminal using `exit` and then reopen the terminal
+7. Install and use Node.js 14:
+
+```shell
+nvm install 14
+nvm use 14
+```
+
+8. Install code-server globally on device with: `npm i -g code-server`
+9. Run code-server with `code-server`
+10. Access on localhost:8080 in your browser
--- a/docs/assets/screenshot.png
+++ b/docs/assets/screenshot.png
--- a/docs/collaboration.md
+++ b/docs/collaboration.md
@ -0,0 +1,65 @@
+# Collaboration
+
+With third-party extensions, you can use code-server to collaborate with other developers in real time.
+
+## Code sharing using Duckly
+
+[Duckly](https://duckly.com/) allows you to share your code in real-time even with people using different IDEs (like JetBrains and VSCode).
+
+- Cross-IDE support,
+- Real-time typing,
+- P2P encrypted,
+- Voice and audio chat,
+- Terminal sharing
+
+### Installing the Duckly Extension
+
+Duckly uses an extension to provide real time sharing features
+
+1. Install the Duckly extension from OpenVSX on `code-server`.
+
+```bash
+SERVICE_URL=https://open-vsx.org/vscode/gallery \
+  ITEM_URL=https://open-vsx.org/vscode/item \
+  code-server --install-extension gitduck.code-streaming
+```
+
+2. Refresh you `code-server` window. You should now be able to see the Duckly extension.
+
+### Sharing with Duckly
+
+As `code-server` is based on VS Code, you can follow the steps described on Duckly's [Pair programming with VS Code](https://duckly.com/tools/vscode) page and skip the installation step.
+
+## Code sharing using CodeTogether
+
+[CodeTogether](https://www.codetogether.com/) is a real-time cross-IDE replacement for Microsoft Live Share providing:
+
+- Cross-IDE support - between VS Code, Eclipse, IntelliJ and IDEs based on them (browser or desktop)
+- Real-time editing - shared or individual cursors for pairing, mobbing, swarming, or whatever
+- P2P encrypted - servers can't decrypt the traffic ([Security Details](https://codetogether.com/download/security/))
+- SaaS or [On-premises](https://codetogether.com/on-premises/) options
+- Shared servers, terminals, and consoles
+- Unit Testing - with support for Red, Green, Refactor TDD
+- Joining via a web browser or your preferred IDE
+- Free unlimited 1 hour sessions with 4 participants
+- Multiple plans including [free or paid options](https://www.codetogether.com/pricing/)
+
+### Installing the CodeTogether extension
+
+1. Install the CodeTogether extension from OpenVSX on `code-server`.
+
+   ```sh
+   SERVICE_URL=https://open-vsx.org/vscode/gallery \
+     ITEM_URL=https://open-vsx.org/vscode/item \
+     code-server --install-extension genuitecllc.codetogether
+   ```
+
+2. CodeTogether requires VS Code's proposed API to run. Start code-server with the following flag:
+
+   ```sh
+   code-server --enable-proposed-api genuitecllc.codetogether
+   ```
+
+   Another option would be to add a value in code-server's [config file](https://coder.com/docs/code-server/v4.0.2/FAQ#how-does-the-config-file-work).
+
+3. Refresh code-server and navigate to the CodeTogether icon in the sidebar to host or join a coding session.
--- a/docs/guide.md
+++ b/docs/guide.md
@ -7,6 +7,7 @@
  - [Using Let's Encrypt with Caddy](#using-lets-encrypt-with-caddy)
  - [Using Let's Encrypt with NGINX](#using-lets-encrypt-with-nginx)
  - [Using a self-signed certificate](#using-a-self-signed-certificate)
+  - [TLS 1.3 and Safari](#tls-13-and-safari)
 - [External authentication](#external-authentication)
 - [HTTPS and self-signed certificates](#https-and-self-signed-certificates)
 - [Accessing web services](#accessing-web-services)
@ -14,6 +15,10 @@
  - [Using a subpath](#using-a-subpath)
  - [Stripping `/proxy/<port>` from the request path](#stripping-proxyport-from-the-request-path)
  - [Proxying to create a React app](#proxying-to-create-a-react-app)
+  - [Proxying to a Vue app](#proxying-to-a-vue-app)
+- [SSH into code-server on VS Code](#ssh-into-code-server-on-vs-code)
+  - [Option 1: cloudflared tunnel](#option-1-cloudflared-tunnel)
+  - [Option 2: ngrok tunnel](#option-2-ngrok-tunnel)

 <!-- END doctoc generated TOC please keep comment here to allow auto update -->

@ -33,7 +38,7 @@ testing, but it doesn't work if you want to access code-server from a different
 machine.

 > **Rate limits:** code-server rate limits password authentication attempts to
-> two per minute and twelve per hour.
+> two per minute plus an additional twelve per hour.

 There are several approaches to operating and exposing code-server securely:

@ -110,7 +115,7 @@ we recommend using another method, such as [Let's Encrypt](#let-encrypt) instead
 Using [Let's Encrypt](https://letsencrypt.org) is an option if you want to
 access code-server on an iPad or do not want to use SSH port forwarding.

-1. This option requires that the remote machine be exposed to the internet. Make sure that your instance allows HTTP/HTTP traffic.
+1. This option requires that the remote machine be exposed to the internet. Make sure that your instance allows HTTP/HTTPS traffic.

 1. You'll need a domain name (if you don't have one, you can purchase one from
   [Google Domains](https://domains.google.com) or the domain service of your
@ -141,7 +146,7 @@ sudo apt install caddy
   mydomain.com/code/* {
     uri strip_prefix /code
     reverse_proxy 127.0.0.1:8080
-      }
+   }
   ```

   Remember to replace `mydomain.com` with your domain name!
@ -157,7 +162,7 @@ At this point, you should be able to access code-server via

 ### Using Let's Encrypt with NGINX

-1. This option requires that the remote machine be exposed to the internet. Make sure that your instance allows HTTP/HTTP traffic.
+1. This option requires that the remote machine be exposed to the internet. Make sure that your instance allows HTTP/HTTPS traffic.

 1. You'll need a domain name (if you don't have one, you can purchase one from
   [Google Domains](https://domains.google.com) or the domain service of your
@ -224,7 +229,7 @@ code-server. You should only proceed with this option if:
 To use a self-signed certificate:

 1. This option requires that the remote machine be exposed to the internet. Make
-   sure that your instance allows HTTP/HTTP traffic.
+   sure that your instance allows HTTP/HTTPS traffic.

 1. SSH into your instance and edit your code-server config file to use a
   randomly generated self-signed certificate:
@ -252,6 +257,13 @@ self-signed certificate, you can use [mkcert](https://mkcert.dev) to create a
 self-signed certificate that's trusted by your operating system, then pass the
 certificate to code-server via the `cert` and `cert-key` config fields.

+### TLS 1.3 and Safari
+
+If you will be using Safari and your configuration does not allow anything less
+than TLS 1.3 you will need to add support for TLS 1.2 since Safari does not
+support TLS 1.3 for web sockets at the time of writing. If this is the case you
+should see OSSStatus: 9836 in the browser console.
+
 ## External authentication

 If you want to use external authentication mechanism (e.g., Sign in with
@ -282,7 +294,7 @@ Note: if you set `proxy_set_header Host $host;` in your reverse proxy config, it

 ## Accessing web services

-If you're working on web services and want to access it locally, code-server
+If you're working on web services and want to access them locally, code-server
 can proxy to any port using either a subdomain or a subpath, allowing you to
 securely access these services using code-server's built-in authentication.

@ -333,8 +345,8 @@ instead and the path will be passed as is (e.g., `/absproxy/3000/my-app-path`).
 ### Proxying to create a React app

 You must use `/absproxy/<port>` with `create-react-app` (see
-[#2565](https://github.com/cdr/code-server/issues/2565) and
-[#2222](https://github.com/cdr/code-server/issues/2222) for more information).
+[#2565](https://github.com/coder/code-server/issues/2565) and
+[#2222](https://github.com/coder/code-server/issues/2222) for more information).
 You will need to inform `create-react-app` of the path at which you are serving
 via `$PUBLIC_URL` and webpack via `$WDS_SOCKET_PATH`:

@ -348,3 +360,114 @@ You should then be able to visit `https://my-code-server-address.io/absproxy/300
 code-server!

 > We highly recommend using the subdomain approach instead to avoid this class of issue.
+
+### Proxying to a Vue app
+
+Similar to the situation with React apps, you have to make a few modifications to proxy a Vue app.
+
+1. add `vue.config.js`
+2. update the values to match this (you can use any free port):
+
+```js
+module.exports = {
+  devServer: {
+    port: 3454,
+    sockPath: "sockjs-node",
+  },
+  publicPath: "/absproxy/3454",
+}
+```
+
+3. access app at `<code-server-root>/absproxy/3454` e.g. `http://localhost:8080/absproxy/3454`
+
+Read more about `publicPath` in the [Vue.js docs](https://cli.vuejs.org/config/#publicpath)
+
+## SSH into code-server on VS Code
+
+[![SSH](https://img.shields.io/badge/SSH-363636?style=for-the-badge&logo=GNU+Bash&logoColor=ffffff)](https://ohmyz.sh/) [![Terminal](https://img.shields.io/badge/Terminal-2E2E2E?style=for-the-badge&logo=Windows+Terminal&logoColor=ffffff)](https://img.shields.io/badge/Terminal-2E2E2E?style=for-the-badge&logo=Windows+Terminal&logoColor=ffffff) [![Visual Studio Code](https://img.shields.io/badge/Visual_Studio_Code-007ACC?style=for-the-badge&logo=Visual+Studio+Code&logoColor=ffffff)](vscode:extension/ms-vscode-remote.remote-ssh)
+
+Follow these steps where code-server is running:
+
+1. Install `openssh-server`, `wget`, and `unzip`.
+
+```bash
+# example for Debian and Ubuntu operating systems
+sudo apt update
+sudo apt install wget unzip openssh-server
+```
+
+2. Start the SSH server and set the password for your user, if you haven't already. If you use [deploy-code-server](https://github.com/coder/deploy-code-server),
+
+```bash
+sudo service ssh start
+sudo passwd {user} # replace user with your code-server user
+```
+
+### Option 1: cloudflared tunnel
+
+[![Cloudflared](https://img.shields.io/badge/Cloudflared-E4863B?style=for-the-badge&logo=cloudflare&logoColor=ffffff)](https://github.com/cloudflare/cloudflared)
+
+1.  Install [cloudflared](https://github.com/cloudflare/cloudflared#installing-cloudflared) on your local computer
+2.  Then go to `~/.ssh/config` and add the following:
+
+```shell
+Host *.trycloudflare.com
+HostName %h
+User root
+Port 22
+ProxyCommand "cloudflared location" access ssh --hostname %h
+```
+
+3. Run `cloudflared tunnel --url ssh://localhost:22` on the remote server
+
+4. Finally on VS Code or any IDE that supports SSH, run `ssh coder@https://your-link.trycloudflare.com` or `ssh coder@your-link.trycloudflare.com`
+
+### Option 2: ngrok tunnel
+
+[![Ngrok](https://img.shields.io/badge/Ngrok-1F1E37?style=for-the-badge&logo=ngrok&logoColor=ffffff)](https://ngrok.com/)
+
+1.  Make a new account for ngrok [here](https://dashboard.ngrok.com/login)
+
+2.  Now, get the ngrok binary with `wget` and unzip it with `unzip`:
+
+```bash
+wget "https://bin.equinox.io/c/4VmDzA7iaHb/ngrok-stable-linux-amd64.zip"
+unzip "ngrok-stable-linux-amd64.zip"
+```
+
+5.  Then, go to [dashboard.ngrok.com](https://dashboard.ngrok.com) and go to the `Your Authtoken` section.
+6.  Copy the Authtoken shown there.
+7.  Now, go to the folder where you unzipped ngrok and store the Authtoken from the ngrok Dashboard.
+
+```bash
+./ngrok authtoken YOUR_AUTHTOKEN # replace YOUR_AUTHTOKEN with the ngrok authtoken.
+```
+
+8.  Now, forward port 22, which is the SSH port with this command:
+
+```bash
+./ngrok tcp 22
+```
+
+Now, you get a screen in the terminal like this:
+
+```console
+ngrok by @inconshreveable(Ctrl+C to quit)
+
+Session Status                online
+Account                       {Your name} (Plan: Free)
+Version                       2.3.40
+Region                        United States (us)
+Web Interface                 http://127.0.0.1:4040
+Forwarding                    tcp://0.tcp.ngrok.io:19028 -> localhost:22
+```
+
+In this case, copy the forwarded link `0.tcp.ngrok.io` and remember the port number `19028`. Type this on your local Visual Studio Code:
+
+```bash
+ssh user@0.tcp.ngrok.io -p 19028
+```
+
+The port redirects you to the default SSH port 22, and you can then successfully connect to code-server by entering the password you set for the user.
+
+Note: the port and the url provided by ngrok will change each time you run it so modify as needed.
--- a/docs/helm.md
+++ b/docs/helm.md
@ -0,0 +1,160 @@
+# code-server Helm Chart
+
+[![Version: 1.0.0](https://img.shields.io/badge/Version-1.0.0-informational?style=flat-square)](https://img.shields.io/badge/Version-1.0.0-informational?style=flat-square) [![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)](https://img.shields.io/badge/Type-application-informational?style=flat-square) [![AppVersion: 4.0.2](https://img.shields.io/badge/AppVersion-4.0.2-informational?style=flat-square)](https://img.shields.io/badge/AppVersion-4.0.2-informational?style=flat-square)
+
+[code-server](https://github.com/coder/code-server) code-server is VS Code running
+on a remote server, accessible through the browser.
+
+This chart is community maintained by [@Matthew-Beckett](https://github.com/Matthew-Beckett) and [@alexgorbatchev](https://github.com/alexgorbatchev)
+
+## Quickstart
+
+```console
+$ git clone https://github.com/coder/code-server
+$ cd code-server
+$ helm upgrade --install code-server ci/helm-chart
+```
+
+## Introduction
+
+This chart bootstraps a code-server deployment on a
+[Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh)
+package manager.
+
+## Prerequisites
+
+- Kubernetes 1.6+
+
+## Installing the Chart
+
+To install the chart with the release name `code-server`:
+
+```console
+$ git clone https://github.com/coder/code-server
+$ cd code-server
+$ helm upgrade --install code-server ci/helm-chart
+```
+
+The command deploys code-server on the Kubernetes cluster in the default
+configuration. The [configuration](#configuration) section lists the parameters
+that can be configured during installation.
+
+> **Tip**: List all releases using `helm list`
+
+## Uninstalling the Chart
+
+To uninstall/delete the `code-server` deployment:
+
+```console
+$ helm delete code-server
+```
+
+The command removes all the Kubernetes components associated with the chart and
+deletes the release.
+
+## Configuration
+
+The following table lists the configurable parameters of the code-server chart
+and their default values.
+
+## Values
+
+| Key                                         | Type   | Default                  |
+| ------------------------------------------- | ------ | ------------------------ |
+| affinity                                    | object | `{}`                     |
+| extraArgs                                   | list   | `[]`                     |
+| extraConfigmapMounts                        | list   | `[]`                     |
+| extraContainers                             | string | `""`                     |
+| extraInitContainers                         | string | `""`                     |
+| extraSecretMounts                           | list   | `[]`                     |
+| extraVars                                   | list   | `[]`                     |
+| extraVolumeMounts                           | list   | `[]`                     |
+| fullnameOverride                            | string | `""`                     |
+| hostnameOverride                            | string | `""`                     |
+| image.pullPolicy                            | string | `"Always"`               |
+| image.repository                            | string | `"codercom/code-server"` |
+| image.tag                                   | string | `"4.0.2"`                |
+| imagePullSecrets                            | list   | `[]`                     |
+| ingress.enabled                             | bool   | `false`                  |
+| nameOverride                                | string | `""`                     |
+| nodeSelector                                | object | `{}`                     |
+| persistence.accessMode                      | string | `"ReadWriteOnce"`        |
+| persistence.annotations                     | object | `{}`                     |
+| persistence.enabled                         | bool   | `true`                   |
+| persistence.size                            | string | `"1Gi"`                  |
+| podAnnotations                              | object | `{}`                     |
+| podSecurityContext                          | object | `{}`                     |
+| replicaCount                                | int    | `1`                      |
+| resources                                   | object | `{}`                     |
+| securityContext.enabled                     | bool   | `true`                   |
+| securityContext.fsGroup                     | int    | `1000`                   |
+| securityContext.runAsUser                   | int    | `1000`                   |
+| service.port                                | int    | `8443`                   |
+| service.type                                | string | `"ClusterIP"`            |
+| serviceAccount.create                       | bool   | `true`                   |
+| serviceAccount.name                         | string | `nil`                    |
+| tolerations                                 | list   | `[]`                     |
+| volumePermissions.enabled                   | bool   | `true`                   |
+| volumePermissions.securityContext.runAsUser | int    | `0`                      |
+
+Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
+
+```console
+$ helm upgrade --install code-server \
+  ci/helm-chart \
+  --set persistence.enabled=false
+```
+
+The above command sets the the persistence storage to false.
+
+Alternatively, a YAML file that specifies the values for the above parameters
+can be provided while installing the chart. For example,
+
+```console
+$ helm upgrade --install code-server ci/helm-chart -f values.yaml
+```
+
+> **Tip**: You can use the default [values.yaml](values.yaml)
+
+# Extra Containers
+
+There are two parameters which allow to add more containers to pod.
+Use `extraContainers` to add regular containers
+and `extraInitContainers` to add init containers. You can read more
+about init containers in [k8s documentation](https://kubernetes.io/docs/concepts/workloads/pods/init-containers/).
+
+Both parameters accept strings and use them as a templates
+
+Example of using `extraInitContainers`:
+
+```yaml
+extraInitContainers: |
+  - name: customization
+    image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
+    imagePullPolicy: IfNotPresent
+    env:
+      - name: SERVICE_URL
+        value: https://open-vsx.org/vscode/gallery
+      - name: ITEM_URL
+        value: https://open-vsx.org/vscode/item
+    command:
+      - sh
+      - -c
+      - |
+        code-server --install-extension ms-python.python
+        code-server --install-extension golang.Go
+    volumeMounts:
+      - name: data
+        mountPath: /home/coder
+```
+
+With this yaml in file `init.yaml`, you can execute
+
+```console
+$ helm upgrade --install code-server \
+  ci/helm-chart \
+  --values init.yaml
+```
+
+to deploy code-server with python and golang extensions preinstalled
+before main container have started.
--- a/docs/install.md
+++ b/docs/install.md
@ -12,9 +12,15 @@
 - [macOS](#macos)
 - [Docker](#docker)
 - [Helm](#helm)
+- [Windows](#windows)
 - [Raspberry Pi](#raspberry-pi)
 - [Termux](#termux)
 - [Cloud providers](#cloud-providers)
+- [Uninstall](#uninstall)
+  - [install.sh](#installsh-1)
+  - [Homebrew](#homebrew)
+  - [yarn, npm](#yarn-npm-1)
+  - [Debian, Ubuntu](#debian-ubuntu-1)

 <!-- END doctoc generated TOC please keep comment here to allow auto update -->

@ -24,7 +30,7 @@ operating systems.
 ## install.sh

 The easiest way to install code-server is to use our [install
-script](../install.sh) for Linux, macOS and FreeBSD. The install script
+script](https://github.com/coder/code-server/blob/main/install.sh) for Linux, macOS and FreeBSD. The install script
 [attempts to use the system package manager](#detection-reference) if possible.

 You can preview what occurs during the install process:
@ -61,7 +67,7 @@ code-server.

 If you prefer to install code-server manually, despite the [detection
 references](#detection-reference) and `--dry-run` feature, then continue on for
-information on how to do this. The [`install.sh`](../install.sh) script runs the
+information on how to do this. The [`install.sh`](https://github.com/coder/code-server/blob/main/install.sh) script runs the
 _exact_ same commands presented in the rest of this document.

 ### Detection reference
@ -94,32 +100,21 @@ _exact_ same commands presented in the rest of this document.
 We recommend installing with `yarn` or `npm` when:

 1. You aren't using a machine with `amd64` or `arm64`.
-2. You're on Linux with `glibc` < v2.17, `glibcxx` < v3.4.18 on `amd64`, `glibc`
+1. You are installing code-server on Windows
+1. You're on Linux with `glibc` < v2.17, `glibcxx` < v3.4.18 on `amd64`, `glibc`
   < v2.23, or `glibcxx` < v3.4.21 on `arm64`.
-3. You're running Alpine Linux or are using a non-glibc libc. See
-   [#1430](https://github.com/cdr/code-server/issues/1430#issuecomment-629883198)
+1. You're running Alpine Linux or are using a non-glibc libc. See
+   [#1430](https://github.com/coder/code-server/issues/1430#issuecomment-629883198)
   for more information.

 Installing code-server with `yarn` or `npm` builds native modules on install.
-This process requires C dependencies; see our guide on [installing these
-dependencies][./npm.md](./npm.md) for more information.

-You must have Node.js v12 (or later) installed. See
-[#1633](https://github.com/cdr/code-server/issues/1633).
-
-To install:
-
-```bash
-yarn global add code-server
-# Or: npm install -g code-server
-code-server
-# Now visit http://127.0.0.1:8080. Your password is in ~/.config/code-server/config.yaml
-```
+This process requires C dependencies; see our guide on [installing with yarn and npm][./npm.md](./npm.md) for more information.

 ## Standalone releases

 We publish self-contained `.tar.gz` archives for every release on
-[GitHub](https://github.com/cdr/code-server/releases). The archives bundle the
+[GitHub](https://github.com/coder/code-server/releases). The archives bundle the
 node binary and node modules.

 We create the standalone releases using the [npm package](#yarn-npm), and we
@ -132,7 +127,7 @@ requirement).
 To use a standalone release:

 1. Download the latest release archive for your system from
-   [GitHub](https://github.com/cdr/code-server/releases).
+   [GitHub](https://github.com/coder/code-server/releases).
 2. Unpack the release.
 3. Run code-server by executing `./bin/code-server`.

@ -144,7 +139,7 @@ release on Linux:

 ```bash
 mkdir -p ~/.local/lib ~/.local/bin
-curl -fL https://github.com/cdr/code-server/releases/download/v$VERSION/code-server-$VERSION-linux-amd64.tar.gz \
+curl -fL https://github.com/coder/code-server/releases/download/v$VERSION/code-server-$VERSION-linux-amd64.tar.gz \
  | tar -C ~/.local/lib -xz
 mv ~/.local/lib/code-server-$VERSION-linux-amd64 ~/.local/lib/code-server-$VERSION
 ln -s ~/.local/lib/code-server-$VERSION/bin/code-server ~/.local/bin/code-server
@ -159,7 +154,7 @@ code-server
 > upgrade or [build with yarn](#yarn-npm).

 ```bash
-curl -fOL https://github.com/cdr/code-server/releases/download/v$VERSION/code-server_$VERSION_amd64.deb
+curl -fOL https://github.com/coder/code-server/releases/download/v$VERSION/code-server_$VERSION_amd64.deb
 sudo dpkg -i code-server_$VERSION_amd64.deb
 sudo systemctl enable --now code-server@$USER
 # Now visit http://127.0.0.1:8080. Your password is in ~/.config/code-server/config.yaml
@ -171,7 +166,7 @@ sudo systemctl enable --now code-server@$USER
 > with yarn](#yarn-npm).

 ```bash
-curl -fOL https://github.com/cdr/code-server/releases/download/v$VERSION/code-server-$VERSION-amd64.rpm
+curl -fOL https://github.com/coder/code-server/releases/download/v$VERSION/code-server-$VERSION-amd64.rpm
 sudo rpm -i code-server-$VERSION-amd64.rpm
 sudo systemctl enable --now code-server@$USER
 # Now visit http://127.0.0.1:8080. Your password is in ~/.config/code-server/config.yaml
@ -229,7 +224,13 @@ alternative](https://hub.docker.com/r/linuxserver/code-server).

 ## Helm

-You can install code-server via [Helm](../ci/helm-chart/README.md).
+You can install code-server using the [Helm package manager](https://coder.com/docs/code-server/latest/helm).
+
+## Windows
+
+We currently [do not publish Windows releases](https://github.com/coder/code-server/issues/1397). We recommend installing code-server onto Windows with [`yarn` or `npm`](#yarn-npm).
+
+> Note: You will also need to [build coder/cloud-agent manually](https://github.com/coder/cloud-agent/issues/17) if you would like to use `code-server --link` on Windows.

 ## Raspberry Pi

@ -244,5 +245,56 @@ information.
 ## Cloud providers

 We maintain [one-click apps and install scripts for cloud
-providers](https://github.com/cdr/deploy-code-server) such as DigitalOcean,
+providers](https://github.com/coder/deploy-code-server) such as DigitalOcean,
 Railway, Heroku, and Azure.
+
+## Uninstall
+
+code-server can be completely uninstalled by removing the application directory, and your user configuration directory.
+
+To delete settings and data:
+
+```shell
+rm -rf ~/.local/share/code-server ~/.config/code-server
+```
+
+### install.sh
+
+If you installed with the install script, by default code-server will be in `~/.local/lib/code-server-<version>` and you can remove it with `rm -rf`. e.g.
+
+```shell
+rm -rf ~/.local/lib/code-server-*
+```
+
+### Homebrew
+
+To remove the code-server homebrew package, run:
+
+```shell
+brew remove code-server
+
+# Alternatively
+brew uninstall code-server
+```
+
+### yarn, npm
+
+To remove the code-server global module, run:
+
+```shell
+yarn global remove code-server
+```
+
+or
+
+```shell
+npm uninstall -g code-server
+```
+
+### Debian, Ubuntu
+
+To uninstall, run:
+
+```shell
+sudo apt remove code-server
+```
--- a/docs/ios.md
+++ b/docs/ios.md
@ -0,0 +1,7 @@
+# Using code-server on iOS with iSH
+
+1. Install iSH from the [App Store](https://apps.apple.com/us/app/ish-shell/id1436902243)
+2. Install `curl` with `apk add curl`
+3. Install code-server with `curl -fsSL https://code-server.dev/install.sh | sh`
+4. Run code-server with `code-server`
+5. Access on localhost:8080 in your browser
--- a/docs/ipad.md
+++ b/docs/ipad.md
@ -3,14 +3,14 @@
 # iPad

 - [Using the code-server progressive web app (PWA)](#using-the-code-server-progressive-web-app-pwa)
- [Access code-server with a self-signed certificate on an iPad](#access-code-server-with-a-self-signed-certificate-on-an-ipad)
-  - [Certificate requirements](#certificate-requirements)
-  - [Sharing a self-signed certificate with an iPad](#sharing-a-self-signed-certificate-with-an-ipad)
 - [Access code-server using Servediter](#access-code-server-using-servediter)
 - [Raspberry Pi USB-C network](#raspberry-pi-usb-c-network)
 - [Recommendations](#recommendations)
 - [Known issues](#known-issues)
  - [Workaround for issue with `ctrl+c` not stopping a running process in the terminal](#workaround-for-issue-with-ctrlc-not-stopping-a-running-process-in-the-terminal)
+- [Access code-server with a self-signed certificate on an iPad](#access-code-server-with-a-self-signed-certificate-on-an-ipad)
+  - [Certificate requirements](#certificate-requirements)
+  - [Sharing a self-signed certificate with an iPad](#sharing-a-self-signed-certificate-with-an-ipad)

 <!-- END doctoc generated TOC please keep comment here to allow auto update -->

@ -45,51 +45,6 @@ can add this to `keybindings.json`:

 4. Test the command by using `cmd+w` to close an active file.

-## Access code-server with a self-signed certificate on an iPad
-
-If you've installed code-server and are [running it with a self-signed
-certificate](./guide.md#using-a-self-signed-certificate), you may see multiple
-security warnings from Safari. To fix this, you'll need to install the
-self-signed certificate generated by code-server as a profile on your device (you'll also need to do this to
-enable WebSocket connections).
-
-### Certificate requirements
-
- We're assuming that you're using the self-signed certificate code-server
-  generates for you (if not, make sure that your certificate [abides by the
-  guidelines issued by Apple](https://support.apple.com/en-us/HT210176)).
- We've noticed that the certificate has to include `basicConstraints=CA:true`.
- Your certificate must have a subject alt name that matches the hostname you'll
-  use to access code-server from the iPad. You can pass this name to code-server
-  so that it generates the certificate correctly using `--cert-host`.
-
-### Sharing a self-signed certificate with an iPad
-
-To share a self-signed certificate with an iPad:
-
-1. Get the location of the certificate code-server generated; code-server prints
-   the certificate's location in its logs:
-
-   ```console
-   [2020-10-30T08:55:45.139Z] info - Using generated certificate and key for HTTPS: ~/.local/share/code-server/mymbp_local.crt
-   ```
-
-2. Send the certificate to the iPad, either by emailing it to yourself or using
-   Apple's Airdrop feature.
-
-3. Open the `*.crt` file so that you're prompted to go into Settings to install.
-
-4. Go to **Settings** > **General** > **Profile**, and select the profile. Tap **Install**.
-
-5. Go to **Settings** > **About** > **Certificate Trust Settings** and [enable
-   full trust for your certificate](https://support.apple.com/en-us/HT204477).
-
-You should be able to access code-server without all of Safari's warnings now.
-
-**warning**: Your iPad must access code-server via a domain name. It could be local
-DNS like `mymacbookpro.local`, but it must be a domain name. Otherwise, Safari will
-not allow WebSockets connections.
-
 ## Access code-server using Servediter

 If you are unable to get the self-signed certificate working, or you do not have a domain
@ -149,30 +104,26 @@ and tricks helpful:
  process](#access-code-server-with-a-self-signed-certificate-on-an-ipad)
 - Keyboard issues:
  - The keyboard disappear sometimes
-    [#1313](https://github.com/cdr/code-server/issues/1313),
-    [#979](https://github.com/cdr/code-server/issues/979)
+    [#979](https://github.com/coder/code-server/issues/979)
  - Some expectations regarding shortcuts may not be met:
    - `cmd + n` opens new browser window instead of new file, and it's difficult
      to set alternative as a workaround
    - In general, expect to edit your keyboard shortcuts
  - There's no escape key by default on the Magic Keyboard, so most users set
    the globe key to be an escape key
- Trackpad scrolling does not work
-  ([#1455](https://github.com/cdr/code-server/issues/1455))
-  - Bug tracking of a WebKit fix
-    [here](https://bugs.webkit.org/show_bug.cgi?id=210071#c13)
-  - Tracking of [WebKit patch](https://trac.webkit.org/changeset/270712/webkit)
-  - Alternatives:
-    - Install line-jump extension and use keyboard to navigate by jumping large
-      amount of lines
-    - Use touch scrolling
+- Trackpad scrolling does not work on iPadOS < 14.5
+  ([#1455](https://github.com/coder/code-server/issues/1455))
+  - [WebKit fix](https://bugs.webkit.org/show_bug.cgi?id=210071#c13)
+- Keyboard may lose focus in Safari / split view [#4182](https://github.com/coder/code-server/issues/4182)
+- Terminal text does not appear by default [#3824](https://github.com/coder/code-server/issues/3824)
+- Copy & paste in terminal does not work well with keyboard shortcuts [#3491](https://github.com/coder/code-server/issues/3491)
 - `ctrl+c` does not stop a long-running process in the browser
  - Tracking upstream issue here:
    [#114009](https://github.com/microsoft/vscode/issues/114009)
  - See [workaround](#ctrl-c-workaround)

-Additionally, see [issues in the code-server repo that are tagged with the iPad
-label](https://github.com/cdr/code-server/issues?q=is%3Aopen+is%3Aissue+label%3AiPad)
+Additionally, see [issues in the code-server repo that are tagged with the `os-ios`
+label](https://github.com/coder/code-server/issues?q=is%3Aopen+is%3Aissue+label%3Aos-ios)
 for more information.

 ### Workaround for issue with `ctrl+c` not stopping a running process in the terminal
@ -199,3 +150,48 @@ In the meantime, you can manually define a shortcut as a workaround:
   ```

 _Source: [StackOverflow](https://stackoverflow.com/a/52735954/3015595)_
+
+## Access code-server with a self-signed certificate on an iPad
+
+If you've installed code-server and are [running it with a self-signed
+certificate](./guide.md#using-a-self-signed-certificate), you may see multiple
+security warnings from Safari. To fix this, you'll need to install the
+self-signed certificate generated by code-server as a profile on your device (you'll also need to do this to
+enable WebSocket connections).
+
+### Certificate requirements
+
+- We're assuming that you're using the self-signed certificate code-server
+  generates for you (if not, make sure that your certificate [abides by the
+  guidelines issued by Apple](https://support.apple.com/en-us/HT210176)).
+- We've noticed that the certificate has to include `basicConstraints=CA:true`.
+- Your certificate must have a subject alt name that matches the hostname you'll
+  use to access code-server from the iPad. You can pass this name to code-server
+  so that it generates the certificate correctly using `--cert-host`.
+
+### Sharing a self-signed certificate with an iPad
+
+To share a self-signed certificate with an iPad:
+
+1. Get the location of the certificate code-server generated; code-server prints
+   the certificate's location in its logs:
+
+   ```console
+   [2020-10-30T08:55:45.139Z] info - Using generated certificate and key for HTTPS: ~/.local/share/code-server/mymbp_local.crt
+   ```
+
+2. Send the certificate to the iPad, either by emailing it to yourself or using
+   Apple's Airdrop feature.
+
+3. Open the `*.crt` file so that you're prompted to go into Settings to install.
+
+4. Go to **Settings** > **General** > **Profile**, and select the profile. Tap **Install**.
+
+5. Go to **Settings** > **About** > **Certificate Trust Settings** and [enable
+   full trust for your certificate](https://support.apple.com/en-us/HT204477).
+
+You should be able to access code-server without all of Safari's warnings now.
+
+**warning**: Your iPad must access code-server via a domain name. It could be local
+DNS like `mymacbookpro.local`, but it must be a domain name. Otherwise, Safari will
+not allow WebSockets connections.
--- a/docs/link.md
+++ b/docs/link.md
@ -0,0 +1,11 @@
+# code-server --link
+
+> Note: This feature is no longer recommended due to instability. Stay tuned for a revised version.
+
+Run code-server with the flag `--link` and you'll get TLS, authentication, and a dedicated URL
+for accessing your IDE out of the box.
+
+```console
+$ code-server --link
+Proxying code-server, you can access your IDE at https://example.coder.co
+```
--- a/docs/manifest.json
+++ b/docs/manifest.json
@ -1,5 +1,5 @@
 {
-  "versions": ["v3.11.0", "v3.10.2"],
+  "versions": ["v4.0.2"],
  "routes": [
    {
      "title": "Home",
@ -23,6 +23,11 @@
          "title": "npm",
          "description": "How to install code-server using npm or yarn",
          "path": "./npm.md"
+        },
+        {
+          "title": "Helm",
+          "description": "How to install code-server using the Helm package manager",
+          "path": "./helm.md"
        }
      ]
    },
@ -32,6 +37,11 @@
      "icon": "<svg viewBox=\"0 0 16 16\" xmlns=\"http://www.w3.org/2000/svg\"><path d=\"M4 6H2v14c0 1.1.9 2 2 2h14v-2H4V6zm16-4H8c-1.1 0-2 .9-2 2v12c0 1.1.9 2 2 2h12c1.1 0 2-.9 2-2V4c0-1.1-.9-2-2-2zm0 10l-2.5-1.5L15 12V4h5v8z\"></path></svg>",
      "path": "./guide.md",
      "children": [
+        {
+          "title": "--link",
+          "description": "How to run code-server --link",
+          "path": "./link.md"
+        },
        {
          "title": "iPad",
          "description": "How to access your code-server installation using an iPad.",
@ -41,13 +51,29 @@
          "title": "Termux",
          "description": "How to install Termux to run code-server on an Android device.",
          "path": "./termux.md"
+        },
+        {
+          "title": "iOS",
+          "description": "How to use code-server on iOS with iSH.",
+          "path": "./ios.md"
+        },
+        {
+          "title": "Android",
+          "description": "How to run code-server on an Android device using UserLAnd.",
+          "path": "./android.md"
        }
      ]
    },
+    {
+      "title": "Collaboration",
+      "description": "How to setup real time collaboration using code server.",
+      "icon": "<svg width=\"20\" height=\"20\" viewBox=\"0 0 20 20\" fill=\"none\" xmlns=\"http://www.w3.org/2000/svg\"> <path d=\"M12.2 13.4357L9.5 11.4357C10.4 10.7357 11 9.7357 11 8.5357V7.7357C11 5.8357 9.6 4.1357 7.7 4.0357C5.7 3.9357 4 5.5357 4 7.5357V8.5357C4 9.7357 4.6 10.7357 5.5 11.4357L2.8 13.5357C2.3 13.9357 2 14.5357 2 15.1357V17.0357C2 17.6357 2.4 18.0357 3 18.0357H12C12.6 18.0357 13 17.6357 13 17.0357V15.0357C13 14.4357 12.7 13.8357 12.2 13.4357Z\"/> <path d=\"M17.1 8.43436L15.3 7.23436C15.7 6.83436 16 6.23436 16 5.53436V4.63436C16 3.43436 15.1 2.23436 13.9 2.03436C12.7 1.83436 11.7 2.53436 11.2 3.43436C12.3 4.43436 13 5.83436 13 7.43436V8.43436C13 9.33436 12.8 10.2344 12.4 10.9344C12.4 10.9344 13.6 11.8344 13.6 11.9344H17C17.6 11.9344 18 11.5344 18 10.9344V10.1344C18 9.43436 17.7 8.83436 17.1 8.43436Z\"/></svg>",
+      "path": "./collaboration.md"
+    },
    {
      "title": "Upgrade",
      "description": "How to upgrade code-server.",
-      "icon": "<svg width=\"20\" height=\"20\" viewBox=\"0 0 20 20\" fill=\"none\" xmlns=\"http://www.w3.org/2000/svg\"><path d=\"M17.8049 2.19795C17.7385 2.1311 17.6587 2.07899 17.5708 2.04504C17.4829 2.01108 17.3889 1.99604 17.2948 2.00089C7.89216 2.49153 4.4188 10.8673 4.38528 10.9517C4.33624 11.0736 4.32406 11.2071 4.35028 11.3358C4.3765 11.4645 4.43995 11.5827 4.53274 11.6756L8.32449 15.4674C8.41787 15.5606 8.53669 15.6242 8.66606 15.6502C8.79543 15.6762 8.92959 15.6634 9.05174 15.6135C9.13552 15.5793 17.4664 12.0671 17.9986 2.7087C18.0039 2.61474 17.9895 2.5207 17.9561 2.4327C17.9227 2.3447 17.8712 2.26471 17.8049 2.19795ZM12.3314 9.56427C12.1439 9.75179 11.9051 9.87951 11.645 9.93126C11.385 9.98302 11.1154 9.9565 10.8704 9.85505C10.6254 9.7536 10.4161 9.58178 10.2687 9.36131C10.1214 9.14085 10.0428 8.88166 10.0428 8.6165C10.0428 8.35135 10.1214 8.09215 10.2687 7.87169C10.4161 7.65123 10.6254 7.47941 10.8704 7.37796C11.1154 7.27651 11.385 7.24998 11.645 7.30174C11.9051 7.3535 12.1439 7.48121 12.3314 7.66873C12.5827 7.92012 12.7239 8.26104 12.7239 8.6165C12.7239 8.97197 12.5827 9.31288 12.3314 9.56427Z\"/><path d=\"M2.74602 14.5444C2.92281 14.3664 3.133 14.2251 3.36454 14.1285C3.59608 14.0319 3.8444 13.9819 4.09529 13.9815C4.34617 13.9811 4.59466 14.0302 4.82653 14.126C5.05839 14.2218 5.26907 14.3624 5.44647 14.5398C5.62386 14.7172 5.7645 14.9279 5.86031 15.1598C5.95612 15.3916 6.00522 15.6401 6.00479 15.891C6.00437 16.1419 5.95442 16.3902 5.85782 16.6218C5.76122 16.8533 5.61987 17.0635 5.44186 17.2403C4.69719 17.985 2 18.0004 2 18.0004C2 18.0004 2 15.2884 2.74602 14.5444Z\"/><path d=\"M8.9416 3.48269C7.99688 3.31826 7.02645 3.38371 6.11237 3.67352C5.19828 3.96332 4.36741 4.46894 3.68999 5.14765C3.33153 5.50944 3.01988 5.91477 2.76233 6.35415C2.68692 6.4822 2.6562 6.63169 2.67501 6.77911C2.69381 6.92652 2.76108 7.06351 2.86623 7.16853L4.1994 8.50238C5.43822 6.53634 7.04911 4.83119 8.9416 3.48269Z\"/><path d=\"M16.5181 11.0585C16.6825 12.0033 16.6171 12.9737 16.3273 13.8878C16.0375 14.8019 15.5318 15.6327 14.8531 16.3101C14.4914 16.6686 14.086 16.9803 13.6466 17.2378C13.5186 17.3132 13.3691 17.3439 13.2217 17.3251C13.0743 17.3063 12.9373 17.2391 12.8323 17.1339L11.4984 15.8007C13.4645 14.5619 15.1696 12.951 16.5181 11.0585Z\"/></svg>",
+      "icon": "<svg width=\"20\" height=\"20\" viewBox=\"0 0 20 20\" fill=\"none\" xmlns=\"http://www.w3.org/2000/svg\"><path d=\"M17.8049 2.19795C17.7385 2.1311 17.6587 2.07899 17.5708 2.04504C17.4829 2.01108 17.3889 1.99604 17.2948 2.00089C7.89216 2.49153 4.4188 10.8673 4.38528 10.9517C4.33624 11.0736 4.32406 11.2071 4.35028 11.3358C4.3765 11.4645 4.43995 11.5827 4.53274 11.6756L8.32449 15.4674C8.41787 15.5606 8.53669 15.6242 8.66606 15.6502C8.79543 15.6762 8.92959 15.6634 9.05174 15.6135C9.13552 15.5793 17.4664 12.0671 17.9986 2.7087C18.0039 2.61474 17.9895 2.5207 17.9561 2.4327C17.9227 2.3447 17.8712 2.26471 17.8049 2.19795ZM12.3314 9.56427C12.1439 9.75179 11.9051 9.87951 11.645 9.93126C11.385 9.98302 11.1154 9.9565 10.8704 9.85505C10.6254 9.7536 10.4161 9.58178 10.2687 9.36131C10.1214 9.14085 10.0428 8.88166 10.0428 8.6165C10.0428 8.35135 10.1214 8.09215 10.2687 7.87169C10.4161 7.65123 10.6254 7.47941 10.8704 7.37796C11.1154 7.27651 11.385 7.24998 11.645 7.30174C11.9051 7.3535 12.1439 7.48121 12.3314 7.66873C12.5827 7.92012 12.7239 8.26104 12.7239 8.6165C12.7239 8.97197 12.5827 9.31288 12.3314 9.56427Z\"/><path d=\"M2.74602 14.5444C2.92281 14.3664 3.133 14.2251 3.36454 14.1285C3.59608 14.0319 3.8444 13.9819 4.09529 13.9815C4.34617 13.9811 4.59466 14.0.12 4.82653 14.126C5.05839 14.2218 5.26907 14.3624 5.44647 14.5398C5.62386 14.7172 5.7645 14.9279 5.86031 15.1598C5.95612 15.3916 6.00522 15.6401 6.00479 15.891C6.00437 16.1419 5.95442 16.3902 5.85782 16.6218C5.76122 16.8533 5.61987 17.0635 5.44186 17.2403C4.69719 17.985 2 18.0004 2 18.0004C2 18.0004 2 15.2884 2.74602 14.5444Z\"/><path d=\"M8.9416 3.48269C7.99688 3.31826 7.02645 3.38371 6.11237 3.67352C5.19828 3.96332 4.36741 4.46894 3.68999 5.14765C3.33153 5.50944 3.01988 5.91477 2.76233 6.35415C2.68692 6.4822 2.6562 6.63169 2.67501 6.77911C2.69381 6.92652 2.76108 7.06351 2.86623 7.16853L4.1994 8.50238C5.43822 6.53634 7.04911 4.83119 8.9416 3.48269Z\"/><path d=\"M16.5181 11.0585C16.6825 12.0033 16.6171 12.9737 16.3273 13.8878C16.0375 14.8019 15.5318 15.6327 14.8531 16.3101C14.4914 16.6686 14.086 16.9803 13.6466 17.2378C13.5186 17.3132 13.3691 17.3439 13.2217 17.3251C13.0743 17.3063 12.9373 17.2391 12.8323 17.1339L11.4984 15.8007C13.4645 14.5619 15.1696 12.951 16.5181 11.0585Z\"/></svg>",
      "path": "./upgrade.md"
    },
    {
--- a/docs/npm.md
+++ b/docs/npm.md
@ -8,7 +8,11 @@
 - [Alpine](#alpine)
 - [macOS](#macos)
 - [FreeBSD](#freebsd)
- [Issues with Node.js after version upgrades](#issues-with-nodejs-after-version-upgrades)
+- [Windows](#windows)
+- [Installing](#installing)
+- [Troubleshooting](#troubleshooting)
+  - [Issues with Node.js after version upgrades](#issues-with-nodejs-after-version-upgrades)
+  - [Debugging install issues with npm](#debugging-install-issues-with-npm)

 <!-- END doctoc generated TOC please keep comment here to allow auto update -->

@ -23,7 +27,7 @@ which is currently `14.x`. VS Code also [lists Node.js
 requirements](https://github.com/microsoft/vscode/wiki/How-to-Contribute#prerequisites).

 Using other versions of Node.js [may lead to unexpected
-behavior](https://github.com/cdr/code-server/issues/1633).
+behavior](https://github.com/coder/code-server/issues/1633).

 ## Ubuntu, Debian

@ -35,6 +39,8 @@ sudo apt-get install -y \
 npm config set python python3
 ```

+Proceed to [installing](#installing)
+
 ## Fedora, CentOS, RHEL

 ```bash
@ -44,6 +50,8 @@ sudo yum install -y python2
 npm config set python python2
 ```

+Proceed to [installing](#installing)
+
 ## Alpine

 ```bash
@ -51,12 +59,16 @@ apk add alpine-sdk bash libstdc++ libc6-compat
 npm config set python python3
 ```

+Proceed to [installing](#installing)
+
 ## macOS

 ```bash
 xcode-select --install
 ```

+Proceed to [installing](#installing)
+
 ## FreeBSD

 ```sh
@ -64,7 +76,49 @@ pkg install -y git python npm-node14 yarn-node14 pkgconf
 pkg install -y libinotify
 ```

-## Issues with Node.js after version upgrades
+Proceed to [installing](#installing)
+
+## Windows
+
+Installing code-server requires all of the [prerequisites for VS Code development](https://github.com/Microsoft/vscode/wiki/How-to-Contribute#prerequisites). When installing the C++ compiler tool chain, we recommend using "Option 2: Visual Studio 2019" for best results.
+
+Next, install code-server with:
+
+```bash
+yarn global add code-server
+# Or: npm install -g code-server
+code-server
+# Now visit http://127.0.0.1:8080. Your password is in ~/.config/code-server/config.yaml
+```
+
+A `postinstall.sh` script will attempt to run. Select your terminal (e.g., Git bash) as the default application for `.sh` files. If an additional dialog does not appear, run the install command again.
+
+If the `code-server` command is not found, you'll need to [add a directory to your PATH](https://www.architectryan.com/2018/03/17/add-to-the-path-on-windows-10/). To find the directory, use the following command:
+
+```shell
+yarn global bin
+# Or: npm config get prefix
+```
+
+For help and additional troubleshooting, see [#1397](https://github.com/coder/code-server/issues/1397).
+
+## Installing
+
+After adding the dependencies for your OS, install the code-server package globally:
+
+```bash
+yarn global add code-server
+# Or: npm install -g code-server
+code-server
+# Now visit http://127.0.0.1:8080. Your password is in ~/.config/code-server/config.yaml
+```
+
+## Troubleshooting
+
+If you need further assistance, post on our [GitHub Discussions
+page](https://github.com/coder/code-server/discussions).
+
+### Issues with Node.js after version upgrades

 Occasionally, you may run into issues with Node.js.

@ -80,5 +134,14 @@ A step-by-step example of how you might do this is:
 3. Recompile the native modules: `npm rebuild`
 4. Restart code-server

-If you need further assistance, post on our [GitHub Discussions
-page](https://github.com/cdr/code-server/discussions).
+### Debugging install issues with npm
+
+`yarn` suppresses logs when running `yarn global add`, so to debug installation issues, install with `npm` instead:
+
+```shell
+# Uninstall
+npm uninstall -g --unsafe-perm code-server > /dev/null 2>&1
+
+# Install with logging
+npm install --loglevel verbose -g --unsafe-perm code-server
+```
--- a/docs/requirements.md
+++ b/docs/requirements.md
@ -9,7 +9,7 @@ At the minimum, we recommend:
 - 2 CPU cores

 You can use any Linux distribution, but [our
-docs](https://coder.com/docs/code-server/v3.11.0/guide) assume that you're using
+docs](https://coder.com/docs/code-server/latest/guide) assume that you're using
 Debian hosted by Google Cloud (see the following section for instructions on
 setting this up).

@ -33,7 +33,7 @@ new Compute Engine VM instance:
 4. Choose the **region** that's closest to you based on [GCP
   ping](https://gcping.com/).
 5. Choose a **zone** (any option is fine).
-6. We recommend choose an **E2 series instance** from the [general-purpose
+6. We recommend choosing an **E2 series instance** from the [general-purpose
   family](https://cloud.google.com/compute/docs/machine-types#general_purpose).
 7. Change the instance type to **custom** and set at least **2 cores** and **2
   GB of RAM**. You can add more resources if desired, though you can also edit
@ -53,3 +53,4 @@ Notes:

 - To lower costs, you can shut down your server when you're not using it.
 - We recommend using the `gcloud cli` to avoid using the GCP Dashboard if possible.
+- For serving code-server over HTTPS, we recommend using an external domain name along with a service such as Let's Encrypt
--- a/docs/termux.md
+++ b/docs/termux.md
@ -5,67 +5,144 @@
 - [Install](#install)
 - [Upgrade](#upgrade)
 - [Known Issues](#known-issues)
-  - [Search doesn't work](#search-doesnt-work)
-  - [Backspace doesn't work](#backspace-doesnt-work)
+  - [Git won't work in `/sdcard`](#git-wont-work-in-sdcard)
+- [Extra](#extra)
+  - [Create a new user](#create-a-new-user)
+  - [Install Go](#install-go)
+  - [Install Python](#install-python)

 <!-- END doctoc generated TOC please keep comment here to allow auto update -->

-Termux is a terminal application and Linux environment that you can also use to
-run code-server from your Android phone.
-
 ## Install

-1. Install Termux from [F-Droid](https://f-droid.org/en/packages/com.termux/).
-1. Make sure it's up-to-date: `apt update && apt upgrade`
-1. Install required packages: `apt install build-essential python git nodejs yarn`
-1. Install code-server: `yarn global add code-server`
-1. Run code-server: `code-server` and navigate to localhost:8080 in your browser
+1. Get [Termux](https://f-droid.org/en/packages/com.termux/) from **F-Droid**.
+2. Install Debian by running the following.
+   - Run `termux-setup-storage` to allow storage access, or else code-server won't be able to read from `/sdcard`.\
+      If you used the Andronix command then you may have to edit the `start-debian.sh` script to mount `/sdcard` just as simple as uncommenting the `command+=" -b /sdcard"` line.
+     > The following command was extracted from [Andronix](https://andronix.app/) you can also use [proot-distro](https://github.com/termux/proot-distro).
+     > After Debian is installed the `~ $` will change to `root@localhost`.
+
+```bash
+pkg update -y && pkg install wget curl proot tar -y && wget https://raw.githubusercontent.com/AndronixApp/AndronixOrigin/master/Installer/Debian/debian.sh -O debian.sh && chmod +x debian.sh && bash debian.sh
+```
+
+3. Run the following commands to setup Debian.
+
+```bash
+apt update
+apt upgrade -y
+apt-get install nano vim sudo curl wget git -y
+```
+
+4. Install [NVM](https://github.com/nvm-sh/nvm) by following the install guide in the README, just a curl/wget command.
+5. Set up NVM for multi-user. After installing NVM it automatically adds the necessary commands for it to work, but it will only work if you are logged in as root;
+
+   - Copy the lines NVM asks you to run after running the install script.
+   - Run `nano /root/.bashrc` and comment out those lines by adding a `#` at the start.
+   - Run `nano /etc/profile` and paste those lines at the end and make sure to replace `$HOME` with `/root`
+   - Now run `exit` and start Debain again.
+
+6. After following the instructions and setting up NVM you can now install the [required node version](https://coder.com/docs/code-server/latest/npm#nodejs-version) using `nvm install version_here`.
+7. To install `code-server` run the following.
+   > To check the install process (Will not actually install code-server)
+   > If it all looks good, you can install code-server by running the second command
+
+```bash
+curl -fsSL https://code-server.dev/install.sh | sh -s -- --dry-run
+```
+
+```bash
+curl -fsSL https://code-server.dev/install.sh | sh
+```
+
+8. You can now start code server by simply running `code-server`.
+
+> Consider using a new user instead of root, read [here](https://www.howtogeek.com/124950/htg-explains-why-you-shouldnt-log-into-your-linux-system-as-root/) why using root is not recommended.\
+> Learn how to add a user [here](#create-a-new-user).

 ## Upgrade

-To upgrade run: `yarn global upgrade code-server --latest`
+1. Remove all previous installs `rm -rf ~/.local/lib/code-server-*`
+2. Run the install script again `curl -fsSL https://code-server.dev/install.sh | sh`

 ## Known Issues

-The following details known issues and suggested workarounds for using
-code-server with Termux.
+### Git won't work in `/sdcard`

-### Search doesn't work
+Issue : Using git in the `/sdcard` directory will fail during cloning/commit/staging/etc...\
+Fix : None\
+Potential Workaround :

-There is a known issue with search not working on Android because it's missing
-`bin/rg` ([context](https://github.com/cdr/code-server/issues/1730#issuecomment-721515979)). To fix this:
+1. Create a soft-link from the debian-fs to your folder in `/sdcard`
+2. Use git from termux (preferred)

-1. Install `ripgrep` with `pkg`
+## Extra

-   ```sh
-   pkg install ripgrep
-   ```
+### Create a new user

-1. Make a soft link using `ln -s`
+To create a new user follow these simple steps -

-   ```sh
-   # run this command inside the code-server directory
-   ln -s $PREFIX/bin/rg ./lib/vscode/node_modules/vscode-ripgrep/bin/rg
-   ```
+1. Create a new user by running `useradd username -m`.
+2. Change the password by running `passwd username`.
+3. Give your new user sudo access by runnning `visudo`, scroll down to `User privilege specification` and add the following line after root `username ALL=(ALL:ALL) ALL`.
+4. Now edit the `/etc/passwd` file with your commadline editor of choice and at the end of the line that specifies your user change `/bin/sh` to `/bin/bash`.
+5. Now switch users, by running `su - username`

-### Backspace doesn't work
+- Remember the `-` betweeen `su` and username is required to execute `/etc/profile`,\
+  since `/etc/profile` may have some necessary things to be executed you should always add a `-`.

-When using Android's on-screen keyboard, the backspace key doesn't work
-properly. This is a known upstream issue:
+### Install Go

- [Issues with backspace in Codespaces on Android (Surface Duo)](https://github.com/microsoft/vscode/issues/107602)
- [Support mobile platforms](https://github.com/xtermjs/xterm.js/issues/1101)
+> From https://golang.org/doc/install

-There are two workarounds.
+1. Go to https://golang.org/dl/ and copy the download link for `linux arm` and run the following.

-**Option 1:** Modify keyboard dispatch settings
+```bash
+wget download_link
+```

-1. Open the Command Palette
-2. Search for **Preferences: Open Settings (JSON)**
-3. Add `"keyboard.dispatch": "keyCode"`
+2. Extract the downloaded archive. (This step will erase all previous GO installs, make sure to create a backup if you have previously installed GO)

-The backspace button should work at this point.
+```bash
+rm -rf /usr/local/go && tar -C /usr/local -xzf archive_name
+```

-_Thanks to @Nefomemes for the [suggestion](https://github.com/cdr/code-server/issues/1141#issuecomment-789463707)!_
+3. Run `nano /etc/profile` and add the following line `export PATH=$PATH:/usr/local/go/bin`.
+4. Now run `exit` (depending on if you have switched users or not, you may have to run `exit` multiple times to get to normal termux shell) and start Debian again.
+5. Check if your install was successful by running `go version`

-**Option 2:** Use a Bluetooth keyboard.
+### Install Python
+
+> Run these commands as root
+
+1. Run the following command to install required packages to build python.
+
+```bash
+sudo apt-get update
+sudo apt-get install make build-essential libssl-dev zlib1g-dev \
+  libbz2-dev libreadline-dev libsqlite3-dev wget curl llvm \
+  libncursesw5-dev xz-utils tk-dev libxml2-dev libxmlsec1-dev libffi-dev liblzma-dev
+```
+
+2. Install [pyenv](https://github.com/pyenv/pyenv/) from [pyenv-installer](https://github.com/pyenv/pyenv-installer) by running.
+
+```bash
+curl -L https://github.com/pyenv/pyenv-installer/raw/master/bin/pyenv-installer | bash
+```
+
+3. Run `nano /etc/profile` and add the following
+
+```bash
+export PYENV_ROOT="/root/.pyenv"
+export PATH="/root/.pyenv/bin:$PATH"
+eval "$(pyenv init --path)"
+eval "$(pyenv virtualenv-init -)"
+```
+
+4. Exit start Debian again.
+5. Run `pyenv versions` to list all installable versions.
+6. Run `pyenv install version` to install the desired python version.
+   > The build process may take some time (an hour or 2 depending on your device).
+7. Run `touch /root/.pyenv/version && echo "your_version_here" > /root/.pyenv/version`
+8. (You may have to start Debian again) Run `python3 -V` to verify if PATH works or not.
+   > If `python3` doesn't work but pyenv says that the install was successful in step 6 then try running `$PYENV_ROOT/versions/your_version/bin/python3`.
--- a/docs/triage.md
+++ b/docs/triage.md
@ -28,8 +28,8 @@ This will show issues that:
 1. If more information is required, please ask the submitter and tag as
   `waiting-for-info` and wait.
 1. Finally, the issue should be moved into the
-   [code-server](https://github.com/cdr/code-server/projects/1) project where we
+   [code-server](https://github.com/coder/code-server/projects/1) project where we
   pick out issues to fix and track their progress.

-We also use [milestones](https://github.com/cdr/code-server/milestones) to track
+We also use [milestones](https://github.com/coder/code-server/milestones) to track
 what issues are planned/or were closed for what release.
--- a/install.sh
+++ b/install.sh
@ -2,7 +2,7 @@
 set -eu

 # code-server's automatic install script.
-# See https://coder.com/docs/code-server/v3.11.0/install
+# See https://coder.com/docs/code-server/latest/install

 usage() {
  arg0="$0"
@ -23,7 +23,7 @@ The remote host must have internet access.
 ${not_curl_usage-}
 Usage:

-  $arg0 [--dry-run] [--version X.X.X] [--method detect] \
+  $arg0 [--dry-run] [--version X.X.X] [--edge] [--method detect] \
        [--prefix ~/.local] [--rsh ssh] [user@host]

  --dry-run
@ -32,6 +32,9 @@ Usage:
  --version X.X.X
      Install a specific version instead of the latest.

+  --edge
+      Install the latest edge version instead of the latest stable version.
+
  --method [detect | standalone]
      Choose the installation method. Defaults to detect.
      - detect detects the system package manager and tries to use it.
@ -66,14 +69,18 @@ fall back to npm so on architectures without pre-built releases this will error.

 The installer will cache all downloaded assets into ~/.cache/code-server

-More installation docs are at https://coder.com/docs/code-server/v3.11.0/install
+More installation docs are at https://coder.com/docs/code-server/latest/install
 EOF
 }

 echo_latest_version() {
-  # https://gist.github.com/lukechilds/a83e1d7127b78fef38c2914c4ececc3c#gistcomment-2758860
-  version="$(curl -fsSLI -o /dev/null -w "%{url_effective}" https://github.com/cdr/code-server/releases/latest)"
-  version="${version#https://github.com/cdr/code-server/releases/tag/}"
+  if [ "${EDGE-}" ]; then
+    version="$(curl -fsSL https://api.github.com/repos/coder/code-server/releases | awk 'match($0,/.*"html_url": "(.*\/releases\/tag\/.*)".*/)' | head -n 1 | awk -F '"' '{print $4}')"
+  else
+    # https://gist.github.com/lukechilds/a83e1d7127b78fef38c2914c4ececc3c#gistcomment-2758860
+    version="$(curl -fsSLI -o /dev/null -w "%{url_effective}" https://github.com/coder/code-server/releases/latest)"
+  fi
+  version="${version#https://github.com/coder/code-server/releases/tag/}"
  version="${version#v}"
  echo "$version"
 }
@ -135,6 +142,7 @@ main() {
    OPTIONAL \
    ALL_FLAGS \
    RSH_ARGS \
+    EDGE \
    RSH

  ALL_FLAGS=""
@ -170,6 +178,9 @@ main() {
      --version=*)
        VERSION="$(parse_arg "$@")"
        ;;
+      --edge)
+        EDGE=1
+        ;;
      --rsh)
        RSH="$(parse_arg "$@")"
        shift
@ -340,7 +351,7 @@ install_deb() {
  echoh "Installing v$VERSION of the $ARCH deb package from GitHub."
  echoh

-  fetch "https://github.com/cdr/code-server/releases/download/v$VERSION/code-server_${VERSION}_$ARCH.deb" \
+  fetch "https://github.com/coder/code-server/releases/download/v$VERSION/code-server_${VERSION}_$ARCH.deb" \
    "$CACHE_DIR/code-server_${VERSION}_$ARCH.deb"
  sudo_sh_c dpkg -i "$CACHE_DIR/code-server_${VERSION}_$ARCH.deb"

@ -351,7 +362,7 @@ install_rpm() {
  echoh "Installing v$VERSION of the $ARCH rpm package from GitHub."
  echoh

-  fetch "https://github.com/cdr/code-server/releases/download/v$VERSION/code-server-$VERSION-$ARCH.rpm" \
+  fetch "https://github.com/coder/code-server/releases/download/v$VERSION/code-server-$VERSION-$ARCH.rpm" \
    "$CACHE_DIR/code-server-$VERSION-$ARCH.rpm"
  sudo_sh_c rpm -i "$CACHE_DIR/code-server-$VERSION-$ARCH.rpm"

@ -377,7 +388,7 @@ install_standalone() {
  echoh "Installing v$VERSION of the $ARCH release from GitHub."
  echoh

-  fetch "https://github.com/cdr/code-server/releases/download/v$VERSION/code-server-$VERSION-$OS-$ARCH.tar.gz" \
+  fetch "https://github.com/coder/code-server/releases/download/v$VERSION/code-server-$VERSION-$OS-$ARCH.tar.gz" \
    "$CACHE_DIR/code-server-$VERSION-$OS-$ARCH.tar.gz"

  # -w only works if the directory exists so try creating it first. If this
@ -433,7 +444,7 @@ install_npm() {
  fi
  echoerr "Please install npm or yarn to install code-server!"
  echoerr "You will need at least node v12 and a few C dependencies."
-  echoerr "See the docs https://coder.com/docs/code-server/v3.11.0/install#yarn-npm"
+  echoerr "See the docs https://coder.com/docs/code-server/latest/install#yarn-npm"

  exit 1
 }
--- a/package.json
+++ b/package.json
@ -1,13 +1,13 @@
 {
  "name": "code-server",
  "license": "MIT",
-  "version": "3.11.0",
+  "version": "4.0.2",
  "description": "Run VS Code on a remote server.",
-  "homepage": "https://github.com/cdr/code-server",
+  "homepage": "https://github.com/coder/code-server",
  "bugs": {
-    "url": "https://github.com/cdr/code-server/issues"
+    "url": "https://github.com/coder/code-server/issues"
  },
-  "repository": "https://github.com/cdr/code-server",
+  "repository": "https://github.com/coder/code-server",
  "scripts": {
    "clean": "./ci/build/clean.sh",
    "build": "./ci/build/build-code-server.sh",
@ -17,28 +17,25 @@
    "release:github-draft": "./ci/build/release-github-draft.sh",
    "release:github-assets": "./ci/build/release-github-assets.sh",
    "release:prep": "./ci/build/release-prep.sh",
-    "test:e2e": "./ci/dev/test-e2e.sh",
+    "test:e2e": "VSCODE_IPC_HOOK_CLI= ./ci/dev/test-e2e.sh",
    "test:standalone-release": "./ci/build/test-standalone-release.sh",
-    "test:unit": "./ci/dev/test-unit.sh",
+    "test:unit": "./ci/dev/test-unit.sh --forceExit --detectOpenHandles",
    "test:scripts": "./ci/dev/test-scripts.sh",
    "package": "./ci/build/build-packages.sh",
    "postinstall": "./ci/dev/postinstall.sh",
-    "update:vscode": "./ci/dev/update-vscode.sh",
-    "_____": "",
+    "publish:npm": "./ci/steps/publish-npm.sh",
    "_audit": "./ci/dev/audit.sh",
    "fmt": "./ci/dev/fmt.sh",
    "lint": "./ci/dev/lint.sh",
    "test": "echo 'Run yarn test:unit or yarn test:e2e' && exit 1",
    "ci": "./ci/dev/ci.sh",
-    "watch": "VSCODE_IPC_HOOK_CLI= NODE_OPTIONS='--max_old_space_size=32384 --trace-warnings' ts-node ./ci/dev/watch.ts",
+    "watch": "VSCODE_DEV=1 VSCODE_IPC_HOOK_CLI= NODE_OPTIONS='--max_old_space_size=32384 --trace-warnings' ts-node ./ci/dev/watch.ts",
    "icons": "./ci/dev/gen_icons.sh",
    "coverage": "codecov"
  },
  "main": "out/node/entry.js",
  "devDependencies": {
    "@schemastore/package": "^0.0.6",
-    "@types/body-parser": "^1.19.0",
-    "@types/browserify": "^12.0.36",
    "@types/compression": "^1.7.0",
    "@types/cookie-parser": "^1.4.2",
    "@types/express": "^4.17.8",
@ -50,42 +47,45 @@
    "@types/safe-compare": "^1.1.0",
    "@types/semver": "^7.1.0",
    "@types/split2": "^3.2.0",
-    "@types/tar-fs": "^2.0.0",
-    "@types/tar-stream": "^2.1.0",
-    "@types/ws": "^7.2.6",
-    "@typescript-eslint/eslint-plugin": "^4.7.0",
-    "@typescript-eslint/parser": "^4.7.0",
-    "audit-ci": "^4.0.0",
-    "browserify": "^17.0.0",
+    "@types/trusted-types": "^2.0.2",
+    "@types/ws": "^8.0.0",
+    "@typescript-eslint/eslint-plugin": "^5.0.0",
+    "@typescript-eslint/parser": "^5.0.0",
+    "audit-ci": "^5.0.0",
    "codecov": "^3.8.3",
    "doctoc": "^2.0.0",
    "eslint": "^7.7.0",
    "eslint-config-prettier": "^8.1.0",
-    "eslint-import-resolver-alias": "^1.1.2",
+    "eslint-import-resolver-typescript": "^2.5.0",
    "eslint-plugin-import": "^2.18.2",
-    "eslint-plugin-prettier": "^3.1.0",
+    "eslint-plugin-prettier": "^4.0.0",
    "prettier": "^2.2.1",
-    "prettier-plugin-sh": "^0.7.1",
+    "prettier-plugin-sh": "^0.8.0",
    "shellcheck": "^1.0.0",
    "stylelint": "^13.0.0",
    "stylelint-config-recommended": "^5.0.0",
    "ts-node": "^10.0.0",
-    "typescript": "^4.1.3"
+    "typescript": "^4.4.0-dev.20210528"
  },
  "resolutions": {
+    "ansi-regex": "^5.0.1",
    "normalize-package-data": "^3.0.0",
    "doctoc/underscore": "^1.13.1",
    "doctoc/**/trim": "^1.0.0",
    "postcss": "^8.2.1",
    "browserslist": "^4.16.5",
    "safe-buffer": "^5.1.1",
-    "vfile-message": "^2.0.2"
+    "vfile-message": "^2.0.2",
+    "tar": "^6.1.9",
+    "path-parse": "^1.0.7",
+    "vm2": "^3.9.6",
+    "follow-redirects": "^1.14.8",
+    "node-fetch": "^2.6.7",
+    "nanoid": "^3.1.31"
  },
  "dependencies": {
    "@coder/logger": "1.1.16",
    "argon2": "^0.28.0",
-    "body-parser": "^1.19.0",
-    "code-oss-dev": "../vscode",
    "compression": "^1.7.4",
    "cookie-parser": "^1.4.5",
    "env-paths": "^2.2.0",
@ -96,15 +96,13 @@
    "limiter": "^1.1.5",
    "pem": "^1.14.2",
    "proxy-agent": "^5.0.0",
-    "proxy-from-env": "^1.1.0",
-    "qs": "6.7.0",
-    "rotating-file-stream": "^2.1.1",
+    "qs": "6.10.3",
+    "rotating-file-stream": "^3.0.0",
    "safe-buffer": "^5.1.1",
    "safe-compare": "^1.1.4",
    "semver": "^7.1.3",
-    "split2": "^3.2.2",
-    "tar-fs": "^2.0.0",
-    "ws": "^7.2.0",
+    "split2": "^4.0.0",
+    "ws": "^8.0.0",
    "xdg-basedir": "^4.0.0",
    "yarn": "^1.22.4"
  },
@ -120,7 +118,7 @@
    "browser-ide"
  ],
  "engines": {
-    "node": "= 14"
+    "node": ">= 14"
  },
  "jest": {
    "transform": {
@ -129,6 +127,7 @@
    "testEnvironment": "node",
    "testPathIgnorePatterns": [
      "/node_modules/",
+      "/vendor/",
      "/lib/",
      "/out/",
      "test/e2e"
@ -153,16 +152,17 @@
      }
    },
    "modulePathIgnorePatterns": [
-      "<rootDir>/lib/vscode",
      "<rootDir>/release-packages",
      "<rootDir>/release",
      "<rootDir>/release-standalone",
      "<rootDir>/release-npm-package",
      "<rootDir>/release-gcp",
-      "<rootDir>/release-images"
+      "<rootDir>/release-images",
+      "<rootDir>/vendor"
    ],
    "moduleNameMapper": {
      "^.+\\.(css|less)$": "<rootDir>/test/utils/cssStub.ts"
-    }
+    },
+    "globalSetup": "<rootDir>/test/utils/globalUnitSetup.ts"
  }
 }
--- a/renovate.json
+++ b/renovate.json
@ -6,10 +6,6 @@
      "matchUpdateTypes": ["minor", "patch", "digest"],
      "automerge": true,
      "groupName": "Minor dependency updates"
-    },
-    {
-      "matchPaths": ["lib/vscode/"],
-      "enabled": false
    }
  ],
  "vulnerabilityAlerts": {
--- a/src/browser/media/manifest.json
+++ b/src/browser/media/manifest.json
@ -1,20 +0,0 @@
-{
-  "name": "code-server",
-  "short_name": "code-server",
-  "start_url": "{{BASE}}",
-  "display": "fullscreen",
-  "background-color": "#fff",
-  "description": "Run editors on a remote server.",
-  "icons": [
-    {
-      "src": "{{CS_STATIC_BASE}}/src/browser/media/pwa-icon-192.png",
-      "type": "image/png",
-      "sizes": "192x192"
-    },
-    {
-      "src": "{{CS_STATIC_BASE}}/src/browser/media/pwa-icon-512.png",
-      "type": "image/png",
-      "sizes": "512x512"
-    }
-  ]
-}
--- a/src/browser/pages/error.html
+++ b/src/browser/pages/error.html
@ -10,10 +10,11 @@
      http-equiv="Content-Security-Policy"
      content="style-src 'self'; manifest-src 'self'; img-src 'self' data:; font-src 'self' data:;"
    />
+
    <title>{{ERROR_TITLE}} - code-server</title>
    <link rel="icon" href="{{CS_STATIC_BASE}}/src/browser/media/favicon-dark-support.svg" />
    <link rel="alternate icon" href="{{CS_STATIC_BASE}}/src/browser/media/favicon.ico" />
-    <link rel="manifest" href="{{CS_STATIC_BASE}}/src/browser/media/manifest.json" crossorigin="use-credentials" />
+    <link rel="manifest" href="/manifest.json" crossorigin="use-credentials" />
    <link rel="apple-touch-icon" sizes="192x192" href="{{CS_STATIC_BASE}}/src/browser/media/pwa-icon-192.png" />
    <link rel="apple-touch-icon" sizes="512x512" href="{{CS_STATIC_BASE}}/src/browser/media/pwa-icon-512.png" />
    <link href="{{CS_STATIC_BASE}}/src/browser/pages/global.css" rel="stylesheet" />
@ -30,6 +31,5 @@
        </div>
      </div>
    </div>
-    <script data-cfasync="false" src="{{CS_STATIC_BASE}}/out/browser/register.browserified.js"></script>
  </body>
 </html>
--- a/src/browser/pages/login.html
+++ b/src/browser/pages/login.html
@ -13,7 +13,7 @@
    <title>code-server login</title>
    <link rel="icon" href="{{CS_STATIC_BASE}}/src/browser/media/favicon-dark-support.svg" />
    <link rel="alternate icon" href="{{CS_STATIC_BASE}}/src/browser/media/favicon.ico" />
-    <link rel="manifest" href="{{CS_STATIC_BASE}}/src/browser/media/manifest.json" crossorigin="use-credentials" />
+    <link rel="manifest" href="{{BASE}}/manifest.json" crossorigin="use-credentials" />
    <link rel="apple-touch-icon" sizes="192x192" href="{{CS_STATIC_BASE}}/src/browser/media/pwa-icon-192.png" />
    <link rel="apple-touch-icon" sizes="512x512" href="{{CS_STATIC_BASE}}/src/browser/media/pwa-icon-512.png" />
    <link href="{{CS_STATIC_BASE}}/src/browser/pages/global.css" rel="stylesheet" />
@ -30,7 +30,8 @@
        <div class="content">
          <form class="login-form" method="post">
            <input class="user" type="text" autocomplete="username" />
-            <input id="base" type="hidden" name="base" value="/" />
+            <input id="base" type="hidden" name="base" value="{{BASE}}" />
+            <input id="href" type="hidden" name="href" value="" />
            <div class="field">
              <input
                required
@ -48,6 +49,13 @@
        </div>
      </div>
    </div>
+    <script>
+      // Inform the backend about the path since the proxy might have rewritten
+      // it out of the headers and cookies must be set with absolute paths.
+      const el = document.getElementById("href")
+      if (el) {
+        el.value = location.href
+      }
+    </script>
  </body>
-  <script data-cfasync="false" src="{{CS_STATIC_BASE}}/out/browser/pages/login.browserified.js"></script>
 </html>
--- a/src/browser/pages/login.ts
+++ b/src/browser/pages/login.ts
@ -1,8 +0,0 @@
-import { getOptions } from "../../common/util"
-import "../register"
-
-const options = getOptions()
-const el = document.getElementById("base") as HTMLInputElement
-if (el) {
-  el.value = options.base
-}
--- a/src/browser/pages/vscode.html
+++ b/src/browser/pages/vscode.html
@ -1,54 +0,0 @@
-<!-- Copyright (C) Microsoft Corporation. All rights reserved. -->
-<!DOCTYPE html>
-<html>
-  <head>
-    <script>
-      performance.mark("code/didStartRenderer")
-    </script>
-
-    <meta charset="utf-8" />
-
-    <!-- Disable pinch zooming -->
-    <meta
-      name="viewport"
-      content="width=device-width, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0, user-scalable=no"
-    />
-
-    <!-- Workbench Configuration -->
-    <meta id="vscode-workbench-web-configuration" data-settings="{{WORKBENCH_WEB_CONFIGURATION}}" />
-
-    <!-- Workarounds/Hacks (remote user data uri) -->
-    <meta id="vscode-remote-user-data-uri" data-settings="{{REMOTE_USER_DATA_URI}}" />
-    <meta id="vscode-remote-product-configuration" data-settings="{{PRODUCT_CONFIGURATION}}" />
-    <meta id="vscode-remote-nls-configuration" data-settings="{{NLS_CONFIGURATION}}" />
-
-    <!-- Workbench Icon/Manifest/CSS -->
-    <link rel="icon" href="{{CS_STATIC_BASE}}/src/browser/media/favicon-dark-support.svg" />
-    <link rel="alternate icon" href="{{CS_STATIC_BASE}}/src/browser/media/favicon.ico" />
-    <link rel="manifest" href="{{CS_STATIC_BASE}}/src/browser/media/manifest.json" crossorigin="use-credentials" />
-    <!-- PROD_ONLY
-    <link data-name="vs/workbench/workbench.web.api" rel="stylesheet" href="{{CS_STATIC_BASE}}/node_modules/code-oss-dev/out/vs/workbench/workbench.web.api.css">
-    END_PROD_ONLY -->
-    <link rel="apple-touch-icon" sizes="192x192" href="{{CS_STATIC_BASE}}/src/browser/media/pwa-icon-192.png" />
-    <link rel="apple-touch-icon" sizes="512x512" href="{{CS_STATIC_BASE}}/src/browser/media/pwa-icon-512.png" />
-    <meta name="apple-mobile-web-app-capable" content="yes" />
-
-    <meta id="coder-options" data-settings="{{OPTIONS}}" />
-  </head>
-
-  <body aria-label=""></body>
-
-  <!-- Startup (do not modify order of script tags!) -->
-  <script data-cfasync="false" src="{{CS_STATIC_BASE}}/out/browser/pages/vscode.browserified.js"></script>
-  <script data-cfasync="false" src="{{CS_STATIC_BASE}}/node_modules/code-oss-dev/out/vs/loader.js"></script>
-  <script>
-    performance.mark("code/willLoadWorkbenchMain")
-  </script>
-  <!-- PROD_ONLY
-  <script data-cfasync="false" src="{{CS_STATIC_BASE}}/node_modules/code-oss-dev/out/vs/workbench/workbench.web.api.nls.js"></script>
-  <script data-cfasync="false" src="{{CS_STATIC_BASE}}/node_modules/code-oss-dev/out/vs/workbench/workbench.web.api.js"></script>
-  END_PROD_ONLY -->
-  <script>
-    require(["vs/code/browser/workbench/workbench"], function () {})
-  </script>
-</html>
--- a/src/browser/pages/vscode.ts
+++ b/src/browser/pages/vscode.ts
@ -1,251 +0,0 @@
-import { getOptions, Options } from "../../common/util"
-import "../register"
-
-// TODO@jsjoeio: Add proper types.
-type FixMeLater = any
-
-// NOTE@jsjoeio
-// This lives here ../../../lib/vscode/src/vs/base/common/platform.ts#L106
-export const nlsConfigElementId = "vscode-remote-nls-configuration"
-
-type NlsConfiguration = {
-  locale: string
-  availableLanguages: { [key: string]: string } | {}
-  _languagePackId?: string
-  _translationsConfigFile?: string
-  _cacheRoot?: string
-  _resolvedLanguagePackCoreLocation?: string
-  _corruptedFile?: string
-  _languagePackSupport?: boolean
-  loadBundle?: FixMeLater
-}
-
-/**
- * Helper function to create the path to the bundle
- * for getNlsConfiguration.
- */
-export function createBundlePath(_resolvedLanguagePackCoreLocation: string, bundle: string) {
-  // NOTE@jsjoeio - this comment was here before me
-  // Refers to operating systems that use a different path separator.
-  // Probably just Windows but we're not sure if "/" breaks on Windows
-  // so we'll leave it alone for now.
-  // FIXME: Only works if path separators are /.
-  return _resolvedLanguagePackCoreLocation + "/" + bundle.replace(/\//g, "!") + ".nls.json"
-}
-
-/**
- * A helper function to get the NLS Configuration settings.
- *
- * This is used by VSCode for localizations (i.e. changing
- * the display language).
- *
- * Make sure to wrap this in a try/catch block when you call it.
- **/
-export function getNlsConfiguration(_document: Document, base: string) {
-  const errorMsgPrefix = "[vscode]"
-  const nlsConfigElement = _document?.getElementById(nlsConfigElementId)
-  const dataSettings = nlsConfigElement?.getAttribute("data-settings")
-
-  if (!nlsConfigElement) {
-    throw new Error(
-      `${errorMsgPrefix} Could not parse NLS configuration. Could not find nlsConfigElement with id: ${nlsConfigElementId}`,
-    )
-  }
-
-  if (!dataSettings) {
-    throw new Error(
-      `${errorMsgPrefix} Could not parse NLS configuration. Found nlsConfigElement but missing data-settings attribute.`,
-    )
-  }
-
-  const nlsConfig = JSON.parse(dataSettings) as NlsConfiguration
-
-  if (nlsConfig._resolvedLanguagePackCoreLocation) {
-    // NOTE@jsjoeio
-    // Not sure why we use Object.create(null) instead of {}
-    // They are not the same
-    // See: https://stackoverflow.com/a/15518712/3015595
-    // We copied this from ../../../lib/vscode/src/bootstrap.js#L143
-    const bundles: {
-      [key: string]: string
-    } = Object.create(null)
-
-    type LoadBundleCallback = (_: undefined, result?: string) => void
-
-    nlsConfig.loadBundle = (bundle: string, _language: string, cb: LoadBundleCallback): void => {
-      const result = bundles[bundle]
-      if (result) {
-        return cb(undefined, result)
-      }
-      // FIXME: Only works if path separators are /.
-      const path = createBundlePath(nlsConfig._resolvedLanguagePackCoreLocation || "", bundle)
-      fetch(`${base}/vscode/resource/?path=${encodeURIComponent(path)}`)
-        .then((response) => response.json())
-        .then((json) => {
-          bundles[bundle] = json
-          cb(undefined, json)
-        })
-        .catch(cb)
-    }
-  }
-
-  return nlsConfig
-}
-
-type GetLoaderParams = {
-  nlsConfig: NlsConfiguration
-  options: Options
-  _window: Window
-}
-
-/**
- * Link to types in the loader source repo
- * https://github.com/microsoft/vscode-loader/blob/main/src/loader.d.ts#L280
- */
-type Loader = {
-  baseUrl: string
-  recordStats: boolean
-  // TODO@jsjoeio: There don't appear to be any types for trustedTypes yet.
-  trustedTypesPolicy: FixMeLater
-  paths: {
-    [key: string]: string
-  }
-  "vs/nls": NlsConfiguration
-}
-
-/**
- * A helper function which creates a script url if the value
- * is valid.
- *
- * Extracted into a function to make it easier to test
- */
-export function _createScriptURL(value: string, origin: string): string {
-  if (value.startsWith(origin)) {
-    return value
-  }
-  throw new Error(`Invalid script url: ${value}`)
-}
-
-/**
- * A helper function to get the require loader
- *
- * This used by VSCode/code-server
- * to load files.
- *
- * We extracted the logic into a function so that
- * it's easier to test.
- **/
-export function getConfigurationForLoader({ nlsConfig, options, _window }: GetLoaderParams) {
-  const loader: Loader = {
-    // Without the full URL VS Code will try to load file://.
-    baseUrl: `${window.location.origin}${options.csStaticBase}/node_modules/code-oss-dev/out`,
-    recordStats: true,
-    trustedTypesPolicy: (_window as FixMeLater).trustedTypes?.createPolicy("amdLoader", {
-      createScriptURL(value: string): string {
-        return _createScriptURL(value, window.location.origin)
-      },
-    }),
-    paths: {
-      "vscode-textmate": `../node_modules/vscode-textmate/release/main`,
-      "vscode-oniguruma": `../node_modules/vscode-oniguruma/release/main`,
-      xterm: `../node_modules/xterm/lib/xterm.js`,
-      "xterm-addon-search": `../node_modules/xterm-addon-search/lib/xterm-addon-search.js`,
-      "xterm-addon-unicode11": `../node_modules/xterm-addon-unicode11/lib/xterm-addon-unicode11.js`,
-      "xterm-addon-webgl": `../node_modules/xterm-addon-webgl/lib/xterm-addon-webgl.js`,
-      "tas-client-umd": `../node_modules/tas-client-umd/lib/tas-client-umd.js`,
-      "iconv-lite-umd": `../node_modules/iconv-lite-umd/lib/iconv-lite-umd.js`,
-      jschardet: `../node_modules/jschardet/dist/jschardet.min.js`,
-    },
-    "vs/nls": nlsConfig,
-  }
-
-  return loader
-}
-
-/**
- * Sets the body background color to match the theme.
- */
-export function setBodyBackgroundToThemeBackgroundColor(_document: Document, _localStorage: Storage) {
-  const errorMsgPrefix = "[vscode]"
-  const colorThemeData = _localStorage.getItem("colorThemeData")
-
-  if (!colorThemeData) {
-    throw new Error(
-      `${errorMsgPrefix} Could not set body background to theme background color. Could not find colorThemeData in localStorage.`,
-    )
-  }
-
-  let _colorThemeData
-  try {
-    // We wrap this JSON.parse logic in a try/catch
-    // because it can throw if the JSON is invalid.
-    // and instead of throwing a random error
-    // we can throw our own error, which will be more helpful
-    // to the end user.
-    _colorThemeData = JSON.parse(colorThemeData)
-  } catch {
-    throw new Error(
-      `${errorMsgPrefix} Could not set body background to theme background color. Could not parse colorThemeData from localStorage.`,
-    )
-  }
-
-  const hasColorMapProperty = Object.prototype.hasOwnProperty.call(_colorThemeData, "colorMap")
-  if (!hasColorMapProperty) {
-    throw new Error(
-      `${errorMsgPrefix} Could not set body background to theme background color. colorThemeData is missing colorMap.`,
-    )
-  }
-
-  const editorBgColor = _colorThemeData.colorMap["editor.background"]
-
-  if (!editorBgColor) {
-    throw new Error(
-      `${errorMsgPrefix} Could not set body background to theme background color. colorThemeData.colorMap["editor.background"] is undefined.`,
-    )
-  }
-
-  _document.body.style.background = editorBgColor
-
-  return null
-}
-
-/**
- * A helper function to encapsulate all the
- * logic used in this file.
- *
- * We purposely include all of this in a single function
- * so that it's easier to test.
- */
-export function main(_document: Document | undefined, _window: Window | undefined, _localStorage: Storage | undefined) {
-  if (!_document) {
-    throw new Error(`document is undefined.`)
-  }
-
-  if (!_window) {
-    throw new Error(`window is undefined.`)
-  }
-
-  if (!_localStorage) {
-    throw new Error(`localStorage is undefined.`)
-  }
-
-  const options = getOptions()
-  const nlsConfig = getNlsConfiguration(_document, options.base)
-
-  const loader = getConfigurationForLoader({
-    nlsConfig,
-    options,
-    _window,
-  })
-
-  ;(self.require as unknown as Loader) = loader
-
-  setBodyBackgroundToThemeBackgroundColor(_document, _localStorage)
-}
-
-try {
-  main(document, window, localStorage)
-} catch (error) {
-  console.error("[vscode] failed to initialize VS Code")
-  console.error(error)
-}
--- a/src/browser/register.ts
+++ b/src/browser/register.ts
@ -1,23 +0,0 @@
-import { logger } from "@coder/logger"
-import { getOptions, normalize, logError } from "../common/util"
-
-export async function registerServiceWorker(): Promise<void> {
-  const options = getOptions()
-  logger.level = options.logLevel
-
-  const path = normalize(`${options.csStaticBase}/out/browser/serviceWorker.js`)
-  try {
-    await navigator.serviceWorker.register(path, {
-      scope: options.base + "/",
-    })
-    logger.info(`[Service Worker] registered`)
-  } catch (error) {
-    logError(logger, `[Service Worker] registration`, error)
-  }
-}
-
-if (typeof navigator !== "undefined" && "serviceWorker" in navigator) {
-  registerServiceWorker()
-} else {
-  logger.error(`[Service Worker] navigator is undefined`)
-}
--- a/src/browser/serviceWorker.ts
+++ b/src/browser/serviceWorker.ts
@ -1,14 +0,0 @@
-/* eslint-disable @typescript-eslint/no-explicit-any */
-
-self.addEventListener("install", () => {
-  console.log("[Service Worker] installed")
-})
-
-self.addEventListener("activate", (event: any) => {
-  event.waitUntil((self as any).clients.claim())
-  console.log("[Service Worker] activated")
-})
-
-self.addEventListener("fetch", () => {
-  // Without this event handler we won't be recognized as a PWA.
-})
--- a/src/common/emitter.ts
+++ b/src/common/emitter.ts
@ -7,7 +7,7 @@ import { logger } from "@coder/logger"
 export type Callback<T, R = void | Promise<void>> = (t: T, p: Promise<void>) => R

 export interface Disposable {
-  dispose(): void
+  dispose(): void | Promise<void>
 }

 export interface Event<T> {
@ -46,7 +46,7 @@ export class Emitter<T> {
      this.listeners.map(async (cb) => {
        try {
          await cb(value, promise)
-        } catch (error) {
+        } catch (error: any) {
          logger.error(error.message)
        }
      }),
--- a/src/common/http.ts
+++ b/src/common/http.ts
@ -13,8 +13,12 @@ export enum HttpCode {
 * used in the HTTP response.
 */
 export class HttpError extends Error {
-  public constructor(message: string, public readonly status: HttpCode, public readonly details?: object) {
+  public constructor(message: string, public readonly statusCode: HttpCode, public readonly details?: object) {
    super(message)
    this.name = this.constructor.name
  }
 }
+
+export enum CookieKeys {
+  Session = "code-server-session",
+}
--- a/src/common/util.ts
+++ b/src/common/util.ts
@ -1,19 +1,3 @@
-/*
- * This file exists in two locations:
- * - src/common/util.ts
- * - lib/vscode/src/vs/server/common/util.ts
- * The second is a symlink to the first.
- */
-
-/**
- * Base options included on every page.
- */
-export interface Options {
-  base: string
-  csStaticBase: string
-  logLevel: number
-}
-
 /**
 * Split a string up to the delimiter. If the delimiter doesn't exist the first
 * item will have all the text and the second item will be an empty string.
@ -39,6 +23,12 @@ export const generateUuid = (length = 24): string => {

 /**
 * Remove extra slashes in a URL.
+ *
+ * This is meant to fill the job of `path.join` so you can concatenate paths and
+ * then normalize out any extra slashes.
+ *
+ * If you are using `path.join` you do not need this but note that `path` is for
+ * file system paths, not URLs.
 */
 export const normalize = (url: string, keepTrailing = false): string => {
  return url.replace(/\/\/+/g, "/").replace(/\/+$/, keepTrailing ? "/" : "")
@ -51,50 +41,6 @@ export const trimSlashes = (url: string): string => {
  return url.replace(/^\/+|\/+$/g, "")
 }

-/**
- * Resolve a relative base against the window location. This is used for
- * anything that doesn't work with a relative path.
- */
-export const resolveBase = (base?: string): string => {
-  // After resolving the base will either start with / or be an empty string.
-  if (!base || base.startsWith("/")) {
-    return base ?? ""
-  }
-  const parts = location.pathname.split("/")
-  parts[parts.length - 1] = base
-  const url = new URL(location.origin + "/" + parts.join("/"))
-  return normalize(url.pathname)
-}
-
-/**
- * Get options embedded in the HTML or query params.
- */
-export const getOptions = <T extends Options>(): T => {
-  let options: T
-  try {
-    options = JSON.parse(document.getElementById("coder-options")!.getAttribute("data-settings")!)
-  } catch (error) {
-    options = {} as T
-  }
-
-  // You can also pass options in stringified form to the options query
-  // variable. Options provided here will override the ones in the options
-  // element.
-  const params = new URLSearchParams(location.search)
-  const queryOpts = params.get("options")
-  if (queryOpts) {
-    options = {
-      ...options,
-      ...JSON.parse(queryOpts),
-    }
-  }
-
-  options.base = resolveBase(options.base)
-  options.csStaticBase = resolveBase(options.csStaticBase)
-
-  return options
-}
-
 /**
 * Wrap the value in an array if it's not already an array. If the value is
 * undefined return an empty array.
@ -109,19 +55,8 @@ export const arrayify = <T>(value?: T | T[]): T[] => {
  return [value]
 }

-/**
- * Get the first string. If there's no string return undefined.
- */
-export const getFirstString = (value: string | string[] | object | undefined): string | undefined => {
-  if (Array.isArray(value)) {
-    return value[0]
-  }
-
-  return typeof value === "string" ? value : undefined
-}
-
 // TODO: Might make sense to add Error handling to the logger itself.
-export function logError(logger: { error: (msg: string) => void }, prefix: string, err: Error | string): void {
+export function logError(logger: { error: (msg: string) => void }, prefix: string, err: unknown): void {
  if (err instanceof Error) {
    logger.error(`${prefix}: ${err.message} ${err.stack}`)
  } else {
--- a/src/node/app.ts
+++ b/src/node/app.ts
@ -4,17 +4,57 @@ import express, { Express } from "express"
 import { promises as fs } from "fs"
 import http from "http"
 import * as httpolyglot from "httpolyglot"
+import { Disposable } from "../common/emitter"
 import * as util from "../common/util"
 import { DefaultedArgs } from "./cli"
+import { disposer } from "./http"
+import { isNodeJSErrnoException } from "./util"
 import { handleUpgrade } from "./wsRouter"

+type ListenOptions = Pick<DefaultedArgs, "socket" | "port" | "host">
+
+export interface App extends Disposable {
+  /** Handles regular HTTP requests. */
+  router: Express
+  /** Handles websocket requests. */
+  wsRouter: Express
+  /** The underlying HTTP server. */
+  server: http.Server
+}
+
+const listen = (server: http.Server, { host, port, socket }: ListenOptions) => {
+  return new Promise<void>(async (resolve, reject) => {
+    server.on("error", reject)
+
+    const onListen = () => {
+      // Promise resolved earlier so this is an unrelated error.
+      server.off("error", reject)
+      server.on("error", (err) => util.logError(logger, "http server error", err))
+
+      resolve()
+    }
+
+    if (socket) {
+      try {
+        await fs.unlink(socket)
+      } catch (error: any) {
+        handleArgsSocketCatchError(error)
+      }
+
+      server.listen(socket, onListen)
+    } else {
+      // [] is the correct format when using :: but Node errors with them.
+      server.listen(port, host.replace(/^\[|\]$/g, ""), onListen)
+    }
+  })
+}
+
 /**
 * Create an Express app and an HTTP/S server to serve it.
 */
-export const createApp = async (args: DefaultedArgs): Promise<[Express, Express, http.Server]> => {
-  const app = express()
-
-  app.use(compression())
+export const createApp = async (args: DefaultedArgs): Promise<App> => {
+  const router = express()
+  router.use(compression())

  const server = args.cert
    ? httpolyglot.createServer(
@ -22,57 +62,73 @@ export const createApp = async (args: DefaultedArgs): Promise<[Express, Express,
          cert: args.cert && (await fs.readFile(args.cert.value)),
          key: args["cert-key"] && (await fs.readFile(args["cert-key"])),
        },
-        app,
+        router,
      )
-    : http.createServer(app)
+    : http.createServer(router)

-  let resolved = false
-  await new Promise<void>(async (resolve2, reject) => {
-    const resolve = () => {
-      resolved = true
-      resolve2()
-    }
-    server.on("error", (err) => {
-      if (!resolved) {
-        reject(err)
-      } else {
-        // Promise resolved earlier so this is an unrelated error.
-        util.logError(logger, "http server error", err)
-      }
-    })
+  const dispose = disposer(server)

-    if (args.socket) {
-      try {
-        await fs.unlink(args.socket)
-      } catch (error) {
-        if (error.code !== "ENOENT") {
-          logger.error(error.message)
-        }
-      }
-      server.listen(args.socket, resolve)
-    } else {
-      // [] is the correct format when using :: but Node errors with them.
-      server.listen(args.port, args.host.replace(/^\[|\]$/g, ""), resolve)
-    }
-  })
+  await listen(server, args)

-  const wsApp = express()
-  handleUpgrade(wsApp, server)
+  const wsRouter = express()
+  handleUpgrade(wsRouter, server)

-  return [app, wsApp, server]
+  return { router, wsRouter, server, dispose }
 }

 /**
 * Get the address of a server as a string (protocol *is* included) while
 * ensuring there is one (will throw if there isn't).
+ *
+ * The address might be a URL or it might be a pipe or socket path.
 */
-export const ensureAddress = (server: http.Server): string => {
+export const ensureAddress = (server: http.Server, protocol: string): URL | string => {
  const addr = server.address()
+
  if (!addr) {
-    throw new Error("server has no address")
+    throw new Error("Server has no address")
  }
+
  if (typeof addr !== "string") {
-    return `http://${addr.address}:${addr.port}`
+    return new URL(`${protocol}://${addr.address}:${addr.port}`)
  }
+
+  // If this is a string then it is a pipe or Unix socket.
  return addr
 }
+
+/**
+ * Handles error events from the server.
+ *
+ * If the outlying Promise didn't resolve
+ * then we reject with the error.
+ *
+ * Otherwise, we log the error.
+ *
+ * We extracted into a function so that we could
+ * test this logic more easily.
+ */
+export const handleServerError = (resolved: boolean, err: Error, reject: (err: Error) => void) => {
+  // Promise didn't resolve earlier so this means it's an error
+  // that occurs before the server can successfully listen.
+  // Possibly triggered by listening on an invalid port or socket.
+  if (!resolved) {
+    reject(err)
+  } else {
+    // Promise resolved earlier so this is an unrelated error.
+    util.logError(logger, "http server error", err)
+  }
+}
+
+/**
+ * Handles the error that occurs in the catch block
+ * after we try fs.unlink(args.socket).
+ *
+ * We extracted into a function so that we could
+ * test this logic more easily.
+ */
+export const handleArgsSocketCatchError = (error: any) => {
+  if (!isNodeJSErrnoException(error) || error.code !== "ENOENT") {
+    logger.error(error.message ? error.message : error)
+  }
+}
--- a/src/node/cli.ts
+++ b/src/node/cli.ts
@ -3,12 +3,21 @@ import { promises as fs } from "fs"
 import yaml from "js-yaml"
 import * as os from "os"
 import * as path from "path"
-import { Args as VsArgs } from "../../typings/ipc"
-import { canConnect, generateCertificate, generatePassword, humanPath, paths } from "./util"
+import {
+  canConnect,
+  generateCertificate,
+  generatePassword,
+  humanPath,
+  paths,
+  isNodeJSErrnoException,
+  isFile,
+} from "./util"
+
+const DEFAULT_SOCKET_PATH = path.join(os.tmpdir(), "vscode-ipc")

 export enum Feature {
-  /** Web socket compression. */
-  PermessageDeflate = "permessage-deflate",
+  // No current experimental features!
+  Placeholder = "placeholder",
 }

 export enum AuthType {
@ -30,7 +39,13 @@ export enum LogLevel {

 export class OptionalString extends Optional<string> {}

-export interface Args extends VsArgs {
+/**
+ * Arguments that the user explicitly provided on the command line.  All
+ * arguments must be optional.
+ *
+ * For arguments with defaults see DefaultedArgs.
+ */
+export interface UserProvidedArgs {
  config?: string
  auth?: AuthType
  password?: string
@ -38,30 +53,40 @@ export interface Args extends VsArgs {
  cert?: OptionalString
  "cert-host"?: string
  "cert-key"?: string
-  "disable-telemetry"?: boolean
  "disable-update-check"?: boolean
  enable?: string[]
  help?: boolean
  host?: string
+  locale?: string
+  port?: number
  json?: boolean
  log?: LogLevel
  open?: boolean
-  port?: number
  "bind-addr"?: string
  socket?: string
  version?: boolean
-  force?: boolean
-  "list-extensions"?: boolean
-  "install-extension"?: string[]
-  "show-versions"?: boolean
-  "uninstall-extension"?: string[]
  "proxy-domain"?: string[]
-  locale?: string
-  _: string[]
  "reuse-window"?: boolean
  "new-window"?: boolean
-
+  "ignore-last-opened"?: boolean
  link?: OptionalString
+  verbose?: boolean
+  /* Positional arguments. */
+  _?: string[]
+
+  // VS Code flags.
+  "disable-telemetry"?: boolean
+  force?: boolean
+  "user-data-dir"?: string
+  "enable-proposed-api"?: string[]
+  "extensions-dir"?: string
+  "builtin-extensions-dir"?: string
+  "install-extension"?: string[]
+  "uninstall-extension"?: string[]
+  "list-extensions"?: boolean
+  "locate-extension"?: string[]
+  "show-versions"?: boolean
+  category?: string
 }

 interface Option<T> {
@ -80,9 +105,9 @@ interface Option<T> {
  description?: string

  /**
-   * If marked as beta, the option is marked as beta in help.
+   * If marked as deprecated, the option is marked as deprecated in help.
   */
-  beta?: boolean
+  deprecated?: boolean
 }

 type OptionType<T> = T extends boolean
@ -105,7 +130,7 @@ type Options<T> = {
  [P in keyof T]: Option<OptionType<T[P]>>
 }

-const options: Options<Required<Args>> = {
+const options: Options<Required<UserProvidedArgs>> = {
  auth: { type: AuthType, description: "The type of authentication to use." },
  password: {
    type: "string",
@ -139,6 +164,7 @@ const options: Options<Required<Args>> = {
  enable: { type: "string[]" },
  help: { type: "boolean", short: "h", description: "Show this output." },
  json: { type: "boolean" },
+  locale: { type: "string" }, // The preferred way to set the locale is via the UI.
  open: { type: "boolean", description: "Open in browser on startup. Does not work remotely." },

  "bind-addr": {
@ -162,10 +188,10 @@ const options: Options<Required<Args>> = {
  "user-data-dir": { type: "string", path: true, description: "Path to the user data directory." },
  "extensions-dir": { type: "string", path: true, description: "Path to the extensions directory." },
  "builtin-extensions-dir": { type: "string", path: true },
-  "extra-extensions-dir": { type: "string[]", path: true },
-  "extra-builtin-extensions-dir": { type: "string[]", path: true },
  "list-extensions": { type: "boolean", description: "List installed VS Code extensions." },
  force: { type: "boolean", description: "Avoid prompts when installing VS Code extensions." },
+  "locate-extension": { type: "string[]" },
+  category: { type: "string" },
  "install-extension": {
    type: "string[]",
    description:
@ -196,7 +222,6 @@ const options: Options<Required<Args>> = {
    description: "Force to open a file or folder in an already opened window.",
  },

-  locale: { type: "string" },
  log: { type: LogLevel },
  verbose: { type: "boolean", short: "vvv", description: "Enable verbose logging." },

@ -204,10 +229,10 @@ const options: Options<Required<Args>> = {
    type: OptionalString,
    description: `
      Securely bind code-server via our cloud service with the passed name. You'll get a URL like
-      https://hostname-username.cdr.co at which you can easily access your code-server instance.
+      https://hostname-username.coder.co at which you can easily access your code-server instance.
      Authorization is done via GitHub.
    `,
-    beta: true,
+    deprecated: true,
  },
 }

@ -230,7 +255,7 @@ export const optionDescriptions = (): string[] => {
        .map((line, i) => {
          line = line.trim()
          if (i === 0) {
-            return " ".repeat(widths.long - k.length) + (v.beta ? "(beta) " : "") + line
+            return " ".repeat(widths.long - k.length) + (v.deprecated ? "(deprecated) " : "") + line
          }
          return " ".repeat(widths.long + widths.short + 6) + line
        })
@ -253,12 +278,16 @@ export function splitOnFirstEquals(str: string): string[] {
  return split
 }

+/**
+ * Parse arguments into UserProvidedArgs.  This should not go beyond checking
+ * that arguments are valid types and have values when required.
+ */
 export const parse = (
  argv: string[],
  opts?: {
    configFile?: string
  },
-): Args => {
+): UserProvidedArgs => {
  const error = (msg: string): Error => {
    if (opts?.configFile) {
      msg = `error reading ${opts.configFile}: ${msg}`
@ -267,7 +296,7 @@ export const parse = (
    return new Error(msg)
  }

-  const args: Args = { _: [] }
+  const args: UserProvidedArgs = {}
  let ended = false

  for (let i = 0; i < argv.length; ++i) {
@ -281,17 +310,17 @@ export const parse = (

    // Options start with a dash and require a value if non-boolean.
    if (!ended && arg.startsWith("-")) {
-      let key: keyof Args | undefined
+      let key: keyof UserProvidedArgs | undefined
      let value: string | undefined
      if (arg.startsWith("--")) {
        const split = splitOnFirstEquals(arg.replace(/^--/, ""))
-        key = split[0] as keyof Args
+        key = split[0] as keyof UserProvidedArgs
        value = split[1]
      } else {
        const short = arg.replace(/^-/, "")
        const pair = Object.entries(options).find(([, v]) => v.short === short)
        if (pair) {
-          key = pair[0] as keyof Args
+          key = pair[0] as keyof UserProvidedArgs
        }
      }

@ -366,6 +395,10 @@ export const parse = (
    }

    // Everything else goes into _.
+    if (typeof args._ === "undefined") {
+      args._ = []
+    }
+
    args._.push(arg)
  }

@ -374,11 +407,19 @@ export const parse = (
    throw new Error("--cert-key is missing")
  }

-  logger.debug(() => ["parsed command line", field("args", { ...args, password: undefined })])
+  logger.debug(() => [
+    `parsed ${opts?.configFile ? "config" : "command line"}`,
+    field("args", { ...args, password: undefined }),
+  ])

  return args
 }

+/**
+ * User-provided arguments with defaults.  The distinction between user-provided
+ * args and defaulted args exists so we can tell the difference between end
+ * values and what the user actually provided on the command line.
+ */
 export interface DefaultedArgs extends ConfigArgs {
  auth: AuthType
  cert?: {
@ -392,6 +433,8 @@ export interface DefaultedArgs extends ConfigArgs {
  usingEnvHashedPassword: boolean
  "extensions-dir": string
  "user-data-dir": string
+  /* Positional arguments. */
+  _: []
 }

 /**
@ -399,7 +442,7 @@ export interface DefaultedArgs extends ConfigArgs {
 * with the defaults set. Arguments from the CLI are prioritized over config
 * arguments.
 */
-export async function setDefaults(cliArgs: Args, configArgs?: ConfigArgs): Promise<DefaultedArgs> {
+export async function setDefaults(cliArgs: UserProvidedArgs, configArgs?: ConfigArgs): Promise<DefaultedArgs> {
  const args = Object.assign({}, configArgs || {}, cliArgs)

  if (!args["user-data-dir"]) {
@ -454,7 +497,7 @@ export async function setDefaults(cliArgs: Args, configArgs?: ConfigArgs): Promi
    args.auth = AuthType.Password
  }

-  const addr = bindAddrFromAllSources(configArgs || { _: [] }, cliArgs)
+  const addr = bindAddrFromAllSources(configArgs || {}, cliArgs)
  args.host = addr.host
  args.port = addr.port

@ -495,6 +538,10 @@ export async function setDefaults(cliArgs: Args, configArgs?: ConfigArgs): Promi
  const proxyDomains = new Set((args["proxy-domain"] || []).map((d) => d.replace(/^\*\./, "")))
  args["proxy-domain"] = Array.from(proxyDomains)

+  if (typeof args._ === "undefined") {
+    args._ = []
+  }
+
  return {
    ...args,
    usingEnvPassword,
@ -502,15 +549,26 @@ export async function setDefaults(cliArgs: Args, configArgs?: ConfigArgs): Promi
  } as DefaultedArgs // TODO: Technically no guarantee this is fulfilled.
 }

-async function defaultConfigFile(): Promise<string> {
+/**
+ * Helper function to return the default config file.
+ *
+ * @param {string} password - Password passed in (usually from generatePassword())
+ * @returns The default config file:
+ *
+ * - bind-addr: 127.0.0.1:8080
+ * - auth: password
+ * - password: <password>
+ * - cert: false
+ */
+export function defaultConfigFile(password: string): string {
  return `bind-addr: 127.0.0.1:8080
 auth: password
-password: ${await generatePassword()}
+password: ${password}
 cert: false
 `
 }

-interface ConfigArgs extends Args {
+interface ConfigArgs extends UserProvidedArgs {
  config: string
 }

@ -530,11 +588,12 @@ export async function readConfigFile(configPath?: string): Promise<ConfigArgs> {
  await fs.mkdir(path.dirname(configPath), { recursive: true })

  try {
-    await fs.writeFile(configPath, await defaultConfigFile(), {
+    const generatedPassword = await generatePassword()
+    await fs.writeFile(configPath, defaultConfigFile(generatedPassword), {
      flag: "wx", // wx means to fail if the path exists.
    })
-    logger.info(`Wrote default config file to ${humanPath(configPath)}`)
-  } catch (error) {
+    logger.info(`Wrote default config file to ${humanPath(os.homedir(), configPath)}`)
+  } catch (error: any) {
    // EEXIST is fine; we don't want to overwrite existing configurations.
    if (error.code !== "EEXIST") {
      throw error
@ -551,7 +610,7 @@ export async function readConfigFile(configPath?: string): Promise<ConfigArgs> {
 */
 export function parseConfigFile(configFile: string, configPath: string): ConfigArgs {
  if (!configFile) {
-    return { _: [], config: configPath }
+    return { config: configPath }
  }

  const config = yaml.load(configFile, {
@ -594,7 +653,11 @@ interface Addr {
  port: number
 }

-function bindAddrFromArgs(addr: Addr, args: Args): Addr {
+/**
+ * This function creates the bind address
+ * using the CLI args.
+ */
+export function bindAddrFromArgs(addr: Addr, args: UserProvidedArgs): Addr {
  addr = { ...addr }
  if (args["bind-addr"]) {
    addr = parseBindAddr(args["bind-addr"])
@ -612,7 +675,7 @@ function bindAddrFromArgs(addr: Addr, args: Args): Addr {
  return addr
 }

-function bindAddrFromAllSources(...argsConfig: Args[]): Addr {
+function bindAddrFromAllSources(...argsConfig: UserProvidedArgs[]): Addr {
  let addr: Addr = {
    host: "localhost",
    port: 8080,
@ -625,51 +688,92 @@ function bindAddrFromAllSources(...argsConfig: Args[]): Addr {
  return addr
 }

-export const shouldRunVsCodeCli = (args: Args): boolean => {
-  return !!args["list-extensions"] || !!args["install-extension"] || !!args["uninstall-extension"]
+/**
+ * Reads the socketPath based on path passed in.
+ *
+ * The one usually passed in is the DEFAULT_SOCKET_PATH.
+ *
+ * If it can't read the path, it throws an error and returns undefined.
+ */
+export async function readSocketPath(path: string): Promise<string | undefined> {
+  try {
+    return await fs.readFile(path, "utf8")
+  } catch (error) {
+    // If it doesn't exist, we don't care.
+    // But if it fails for some reason, we should throw.
+    // We want to surface that to the user.
+    if (!isNodeJSErrnoException(error) || error.code !== "ENOENT") {
+      throw error
+    }
+  }
+  return undefined
 }

 /**
 * Determine if it looks like the user is trying to open a file or folder in an
 * existing instance. The arguments here should be the arguments the user
- * explicitly passed on the command line, not defaults or the configuration.
+ * explicitly passed on the command line, *NOT DEFAULTS* or the configuration.
 */
-export const shouldOpenInExistingInstance = async (args: Args): Promise<string | undefined> => {
+export const shouldOpenInExistingInstance = async (args: UserProvidedArgs): Promise<string | undefined> => {
  // Always use the existing instance if we're running from VS Code's terminal.
  if (process.env.VSCODE_IPC_HOOK_CLI) {
+    logger.debug("Found VSCODE_IPC_HOOK_CLI")
    return process.env.VSCODE_IPC_HOOK_CLI
  }

-  const readSocketPath = async (): Promise<string | undefined> => {
-    try {
-      return await fs.readFile(path.join(os.tmpdir(), "vscode-ipc"), "utf8")
-    } catch (error) {
-      if (error.code !== "ENOENT") {
-        throw error
-      }
-    }
-    return undefined
-  }
-
  // If these flags are set then assume the user is trying to open in an
  // existing instance since these flags have no effect otherwise.
  const openInFlagCount = ["reuse-window", "new-window"].reduce((prev, cur) => {
-    return args[cur as keyof Args] ? prev + 1 : prev
+    return args[cur as keyof UserProvidedArgs] ? prev + 1 : prev
  }, 0)
  if (openInFlagCount > 0) {
-    return readSocketPath()
+    logger.debug("Found --reuse-window or --new-window")
+    return readSocketPath(DEFAULT_SOCKET_PATH)
  }

  // It's possible the user is trying to spawn another instance of code-server.
-  // Check if any unrelated flags are set (check against one because `_` always
-  // exists), that a file or directory was passed, and that the socket is
-  // active.
-  if (Object.keys(args).length === 1 && args._.length > 0) {
-    const socketPath = await readSocketPath()
+  // 1. Check if any unrelated flags are set (this should only run when
+  //    code-server is invoked exactly like this: `code-server my-file`).
+  // 2. That a file or directory was passed.
+  // 3. That the socket is active.
+  if (Object.keys(args).length === 1 && typeof args._ !== "undefined" && args._.length > 0) {
+    const socketPath = await readSocketPath(DEFAULT_SOCKET_PATH)
    if (socketPath && (await canConnect(socketPath))) {
+      logger.debug("Found existing code-server socket")
      return socketPath
    }
  }

  return undefined
 }
+
+/**
+ * Convert our arguments to VS Code server arguments.
+ */
+export const toVsCodeArgs = async (args: DefaultedArgs): Promise<CodeServerLib.ServerParsedArgs> => {
+  let workspace = ""
+  let folder = ""
+  if (args._.length) {
+    const lastEntry = path.resolve(args._[args._.length - 1])
+    const entryIsFile = await isFile(lastEntry)
+    if (entryIsFile && path.extname(lastEntry) === ".code-workspace") {
+      workspace = lastEntry
+    } else if (!entryIsFile) {
+      folder = lastEntry
+    }
+    // Otherwise it is a regular file.  Spawning VS Code with a file is not yet
+    // supported but it can be done separately after code-server spawns.
+  }
+
+  return {
+    "connection-token": "0000",
+    ...args,
+    workspace,
+    folder,
+    "accept-server-license-terms": true,
+    /** Type casting. */
+    help: !!args.help,
+    version: !!args.version,
+    port: args.port?.toString(),
+  }
+}
--- a/src/node/coder_cloud.ts
+++ b/src/node/coder_cloud.ts
@ -3,7 +3,7 @@ import { spawn } from "child_process"
 import path from "path"
 import split2 from "split2"

-// https://github.com/cdr/coder-cloud
+// https://github.com/coder/coder-cloud
 const coderCloudAgent = path.resolve(__dirname, "../../lib/coder-cloud-agent")

 function runAgent(...args: string[]): Promise<void> {
@ -33,9 +33,11 @@ function runAgent(...args: string[]): Promise<void> {
  })
 }

-export function coderCloudBind(csAddr: string, serverName = ""): Promise<void> {
-  // addr needs to be in host:port format.
-  // So we trim the protocol.
-  csAddr = csAddr.replace(/^https?:\/\//, "")
-  return runAgent("bind", `--code-server-addr=${csAddr}`, serverName)
+export function coderCloudBind(address: URL | string, serverName = ""): Promise<void> {
+  if (typeof address === "string") {
+    throw new Error("Cannot link socket paths")
+  }
+
+  // Address needs to be in hostname:port format without the protocol.
+  return runAgent("bind", `--code-server-addr=${address.host}`, serverName)
 }
--- a/Show More
+++ b/Show More