From 9a7178f76637f86f8b456e2ef74f58dca3f8840b Mon Sep 17 00:00:00 2001
From: Thomas Gerbet <thomas@gerbet.me>
Date: Wed, 26 Apr 2023 20:06:38 +0200
Subject: [PATCH] code-server: 4.8.3 -> 4.12.0

Fixes CVE-2023-26114.

Changelogs:
https://github.com/coder/code-server/blob/v4.12.0/CHANGELOG.md
---
 pkgs/servers/code-server/default.nix            | 14 ++++----------
 .../remove-cloud-agent-download.patch           | 17 -----------------
 2 files changed, 4 insertions(+), 27 deletions(-)
 delete mode 100644 pkgs/servers/code-server/remove-cloud-agent-download.patch

diff --git a/pkgs/servers/code-server/default.nix b/pkgs/servers/code-server/default.nix
index 8f0416c6ad32..008becc6fed7 100644
--- a/pkgs/servers/code-server/default.nix
+++ b/pkgs/servers/code-server/default.nix
@@ -34,14 +34,14 @@ let
 
 in stdenv.mkDerivation rec {
   pname = "code-server";
-  version = "4.8.3";
+  version = "4.12.0";
 
   src = fetchFromGitHub {
     owner = "coder";
     repo = "code-server";
     rev = "v${version}";
     fetchSubmodules = true;
-    sha256 = "1h5ng60wf3gpsydfkv20x30xsw1f5zcvv77l1mzrqz1mhcw93lvz";
+    hash = "sha256-PQp5dji2Ynp+LJRWBka41umwe1/IR76C+at/wyOWGcI=";
   };
 
   cloudAgent = buildGoModule rec {
@@ -88,7 +88,7 @@ in stdenv.mkDerivation rec {
     outputHashAlgo = "sha256";
 
     # to get hash values use nix-build -A code-server.prefetchYarnCache
-    outputHash = "0jzzbmmgv1nfq975mi9ii9l6c4f1wy10fyy117xgm4s6vxana7qn";
+    outputHash = "sha256-4Vr9u3+W/IhbbTc39jyDyDNQODlmdF+M/N8oJn0Z4+w=";
   };
 
   nativeBuildInputs = [
@@ -101,8 +101,6 @@ in stdenv.mkDerivation rec {
     ];
 
   patches = [
-    # remove download of coder-cloud agent
-    ./remove-cloud-agent-download.patch
     # remove git calls from vscode build script
     ./build-vscode-nogit.patch
   ];
@@ -129,10 +127,6 @@ in stdenv.mkDerivation rec {
     # set offline mirror to yarn cache we created in previous steps
     yarn --offline config set yarn-offline-mirror "${yarnCache}"
 
-    # link coder-cloud agent from nix store
-    mkdir -p lib
-    ln -s "${cloudAgent}/bin/cloud-agent" ./lib/coder-cloud-agent
-
     # skip unnecessary electron download
     export ELECTRON_SKIP_BINARY_DOWNLOAD=1
 
@@ -221,7 +215,7 @@ in stdenv.mkDerivation rec {
     yarn build
 
     # build vscode
-    yarn build:vscode
+    VERSION=${version} yarn build:vscode
 
     # create release
     yarn release
diff --git a/pkgs/servers/code-server/remove-cloud-agent-download.patch b/pkgs/servers/code-server/remove-cloud-agent-download.patch
deleted file mode 100644
index 94590bbcd43e..000000000000
--- a/pkgs/servers/code-server/remove-cloud-agent-download.patch
+++ /dev/null
@@ -1,17 +0,0 @@
---- ./ci/build/npm-postinstall.sh
-+++ ./ci/build/npm-postinstall.sh
-@@ -102,14 +102,6 @@
-     ;;
-   esac
- 
--  mkdir -p ./lib
--
--  if curl -fsSL "https://github.com/coder/cloud-agent/releases/latest/download/cloud-agent-$OS-$ARCH" -o ./lib/coder-cloud-agent; then
--    chmod +x ./lib/coder-cloud-agent
--  else
--    echo "Failed to download cloud agent; --link will not work"
--  fi
--
-   if ! vscode_install; then
-     echo "You may not have the required dependencies to build the native modules."
-     echo "Please see https://github.com/coder/code-server/blob/main/docs/npm.md"