If you visit /login/ instead of /login the cookie will be set at /login
instead of / which means the cookie can't be read at the root. It will
redirect to the login page which *can* read the cookie at /login and
redirect back resulting in an infinite loop.

The previous solution relied on setting the cookie at / (any invalid
value works) which then overrode the login page cookie since
parseCookies only kept a single value. So the login page would see the
same cookie the root was seeing and not redirect back. However, that
behavior depends on the cookies being in the right order which I'm not
sure is guaranteed.

This new method tests all available cookies and always sets the cookie
so the root path will be able to read it in case the login page is
seeing a cookie the root can't.

It also goes a step further and explicitly sets the path on the cookie
which fixes the case where there is a permanent misconfiguration
redirecting /login to /login/. Otherwise the cookie would continually be
set on /login only and you'd have another loop. It also means you only
need to delete one cookie to log out.

Lastly add some properties to make the cookies a bit more secure.

Should prevent endless redirects when the cookie is set on a different path or domain (like with a dot prefix).

Doesn't affect Firefox but it does affect other browsers.

Fixes #1136.

Fixes #933.

Accidentally used local instead of remote.

Fixes #1127.

Bumps [mixin-deep](https://github.com/jonschlinkert/mixin-deep) from 1.3.1 to 1.3.2.
- [Release notes](https://github.com/jonschlinkert/mixin-deep/releases)
- [Commits](https://github.com/jonschlinkert/mixin-deep/compare/1.3.1...1.3.2)
Signed-off-by: Ndependabot[bot] <support@github.com>

Fixes #1076.

Fixes #1104.

It doesn't show in the explorer anymore so there's no point. Also remove
the local scheme transform which is no longer required with the latest
client-side extension implementation.

Partly addresses #1121.

This should fix all those reports of code-server dropping straight to
Node and things like #1121.

This fixes code-server exiting with zero on errors.

Fixes #1118.

Fixes #1119.

Apparently `split` does not work the way I'd expect.

Fixes #1050.

This makes viewing images work. Fixes #1111.

See #1109.

Fixes #1101.

Unfortunately it doesn't allow websockets so it's not working.

See #1103.

Fixes #1062.

Fixes #1081, fixes #918.

See #1062.

Instead of doing a separate redundant build. The main problem was that
the files weren't being cached. There is probably a better way of
solving this but this seems to be the simplest for now.

Also skip the workbench html since we have our own.