code-server 4.115.0 (new cask)

[cho-m]

---

After making any changes to a cask, existing or new, verify:

• The submission is for a stable version or documented exception.
• brew audit --cask --online <cask> is error-free.
• brew style --fix <cask> reports no offenses.

Additionally, if adding a new cask:

• Named the cask according to the token reference.
• Checked the cask was not already refused (add your cask's name to the end of the search field).
• brew audit --cask --new <cask> worked successfully.
• HOMEBREW_NO_INSTALL_FROM_API=1 brew install --cask <cask> worked successfully.
• brew uninstall --cask <cask> worked successfully.

---

• AI was used to generate or assist with generating this PR. Please specify below how you used AI to help you, and what steps you have taken to manually verify the changes, including zap stanza paths.

---

Looking into tap migration for

• code-server 4.115.0 homebrew-core#276736

[cho-m]

Bundled node is fine but some dependencies like argon2.node may not be.

❯ gktool scan /opt/homebrew/Caskroom/code-server/4.115.0/code-server-4.115.0-macos-arm64/node_modules/argon2/build/Release/argon2.node
Scan completed, but failed because the software is not signed by a distributor that meets the system Gatekeeper requirements.

Code-server seems to discard the prebuilds included in argon2 (https://registry.npmjs.org/argon2/-/argon2-0.44.0.tgz) that are signed

❯ gktool scan prebuilds/darwin-arm64/argon2.armv8.glibc.node
Progress: 93081/93081
Scan completed and software is allowed by system policy.

---

Also looks like argon2.node doesn't trigger GateKeeper check though it will generate the possible malicious software popup.

Apple could not verify “argon2.node” is free of malware that may harm your Mac or compromise your privacy.

[cho-m]

Closing due to above. If upstream builds a Node SEA binary or fixes the signing of *.node files then can reconsider.