{"id":"demyx-code-server","name":"code-server","homepage":"https://hub.docker.com/r/demyx/code-server","repo_url":"https://hub.docker.com/r/demyx/code-server","category":"devtools","subcategories":[],"tags":["devtools","ide","web","self-hosted","vscode","web-terminal","extensions"],"what_it_does":"code-server is a self-hosted way to run Visual Studio Code in the browser, typically by proxying VS Code’s web UI and wiring it to a backend that runs the editor environment (including extensions) on your server.","use_cases":["Browser-based code editing for remote teams","Self-hosted development environments (e.g., workstations, VMs, containers)","Education/training labs where learners need a consistent IDE via the browser","Running VS Code extensions and tooling on a server rather than local machines","Quick onboarding for developers who need an editor without local installation"],"not_for":["Fully managed SaaS IDE experiences that require zero admin/ops","Highly regulated environments that require formally documented security/compliance guarantees (beyond what the operator can control)","Use cases needing a simple third-party API for programmatic code editing tasks (it’s an application/server, not an API product)"],"best_when":"You want to self-host an interactive IDE accessible over HTTPS behind your own infrastructure (auth, network controls, reverse proxy, and scaling).","avoid_when":"You cannot provide secure network exposure (TLS, access control, rate limiting/WAF) or you want to avoid running a long-lived backend process that executes user code/extensions.","alternatives":["VS Code (local)","Theia-based IDEs","JupyterLab for notebook-centric workflows","GitHub Codespaces / other managed cloud IDEs","Eclipse Che"],"af_score":26.8,"security_score":50.0,"reliability_score":36.2,"package_type":"mcp_server","discovery_source":["docker_mcp"],"priority":"low","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-04-04T19:43:34.128067+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":false,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["Built-in web auth options (operator-configured; e.g., password/token depending on deployment configuration)","Reverse-proxy authentication (e.g., OAuth/OIDC/SSO via external proxy)"],"oauth":false,"scopes":false,"notes":"code-server is typically deployed with operator-controlled authentication, commonly via its own configuration and/or via an upstream reverse proxy. The specific auth method and scope granularity depend on the chosen deployment configuration."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"Open-source self-hosted; costs come from your infrastructure and any hosting/reverse-proxy resources."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":26.8,"security_score":50.0,"reliability_score":36.2,"mcp_server_quality":0.0,"documentation_accuracy":55.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":55.0,"rate_limit_clarity":15.0,"tls_enforcement":70.0,"auth_strength":55.0,"scope_granularity":20.0,"dependency_hygiene":55.0,"secret_handling":50.0,"security_notes":"Security is largely an operational responsibility: you must ensure HTTPS (TLS), strong access controls, and safe exposure (ideally only behind authenticated reverse proxies). Auth typically isn’t fine-grained at an API scope level because this is an IDE application, not a scoped API. Extension execution increases risk; treat the environment as running user-controlled code.","uptime_documented":0.0,"version_stability":60.0,"breaking_changes_history":55.0,"error_recovery":30.0,"idempotency_support":"false","idempotency_notes":null,"pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["code-server is an interactive web app rather than a tool/API; agent integration typically requires driving the UI or using the underlying environment (not provided as a standard interface in this evaluation)","Security depends heavily on operator configuration (reverse proxy headers, TLS, auth, and restricting extension/command execution)"]}}