Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

feat: addpasswordFile,hashedPasswordFile,githubAuthTokenFile andabsProxyBasePath options#10

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Merged
DanielleMaywood merged 4 commits intomainfromdm-add-password
Apr 28, 2025

Conversation

DanielleMaywood
Copy link
Collaborator

@DanielleMaywoodDanielleMaywood commentedApr 23, 2025
edited
Loading

Closescoder/internal#462

Adds the final four options

  • passwordFile
  • hashedPasswordFile
  • githubAuthTokenFile
  • absProxyBasePath

The decision to pass credentials via a file instead of embedding them directly in thedevcontainer.json is to allow people the ability to not commit the password to source control.

With these final four options added we should have feature parity with the CLI.

johnstcn reacted with rocket emoji
Copy link

@CopilotCopilotAI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

Pull Request Overview

This PR introduces two new configuration options for code-server to improve security by using external password files instead of hardcoded values.

  • Adds the hashedPasswordFile option, which uses an Argon2-hashed password that takes priority over passwordFile.
  • Adds the passwordFile option to allow direct password authentication via a file.
Files not reviewed (7)
  • src/code-server/devcontainer-feature.json: Language not supported
  • src/code-server/install.sh: Language not supported
  • test/code-server/code-server-hashed-password-file.sh: Language not supported
  • test/code-server/code-server-hashed-password-file/Dockerfile: Language not supported
  • test/code-server/code-server-password-file.sh: Language not supported
  • test/code-server/code-server-password-file/Dockerfile: Language not supported
  • test/code-server/scenarios.json: Language not supported

@DanielleMaywoodDanielleMaywood changed the titlefeat: addpasswordFile andhashedPasswordFile optionsfeat: addpasswordFile,hashedPasswordFile,githubAuthTokenFile andabsProxyBasePath optionsApr 24, 2025
@DanielleMaywoodDanielleMaywood marked this pull request as ready for reviewApril 24, 2025 09:53
Comment on lines 123 to 124
if [[ -f "$PASSWORDFILE" ]]; then
export PASSWORD="\$(cat '$PASSWORDFILE')"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

Suggested change
if [[-f"$PASSWORDFILE" ]];then
export PASSWORD="\$(cat '$PASSWORDFILE')"
export PASSWORD="\$(<"$PASSWORDFILE")"

Minor:useless use of cat 😄 and" is fine within$().

We don't have the same shell safety for inputs here (as withdeclare -p) but arguably if someone passes a file name with" in it then they might have other problems too.

@DanielleMaywoodDanielleMaywood merged commit8772e2b intomainApr 28, 2025
8 checks passed
@DanielleMaywoodDanielleMaywood deleted the dm-add-password branchApril 28, 2025 10:13
Sign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment
Reviewers

Copilot code reviewCopilotCopilot left review comments

@mafredrimafredrimafredri approved these changes

Assignees

@DanielleMaywoodDanielleMaywood

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Create devcontainer feature for code-server
2 participants
@DanielleMaywood@mafredri
[8]ページ先頭
©2009-2025 Movatter.jp