superset-sh · saddlepaddle · Jun 4, 2026 · Jun 4, 2026
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -30,11 +30,7 @@ jobs:
         run: bun install --frozen --ignore-scripts
 
       - name: Sherif
-        # Deliberate version split: web's RemoteTerminal viewer uses the
-        # stable @xterm/xterm@5.x track; desktop uses the beta 6.x track
-        # for kittyKeyboard / scrollbar options that aren't on stable yet.
-        # See the comment in apps/web/.../RemoteTerminal/RemoteTerminal.tsx.
-        run: bunx sherif -i @xterm/addon-fit -i @xterm/xterm
+        run: bunx sherif
 
   lint:
     name: Lint

diff --git a/apps/desktop/src/main/host-service/index.ts b/apps/desktop/src/main/host-service/index.ts
@@ -97,7 +97,6 @@ async function main(): Promise<void> {
 				`http://localhost:${env.DESKTOP_VITE_PORT}`,
 				`http://127.0.0.1:${env.DESKTOP_VITE_PORT}`,
 			],
-			hostServiceSecret: env.HOST_SERVICE_SECRET,
 		},
 		providers: {
 			auth: authProvider,

diff --git a/...Registry/components/TerminalPane/components/TerminalHeaderExtras/TerminalHeaderExtras.tsx b/...Registry/components/TerminalPane/components/TerminalHeaderExtras/TerminalHeaderExtras.tsx
diff --git a/...Id/hooks/usePaneRegistry/components/TerminalPane/components/TerminalHeaderExtras/index.ts b/...Id/hooks/usePaneRegistry/components/TerminalPane/components/TerminalHeaderExtras/index.ts
diff --git a/...nents/TerminalPane/components/TerminalRemoteControlButton/TerminalRemoteControlButton.tsx b/...nents/TerminalPane/components/TerminalRemoteControlButton/TerminalRemoteControlButton.tsx
diff --git a/...s/usePaneRegistry/components/TerminalPane/components/TerminalRemoteControlButton/index.ts b/...s/usePaneRegistry/components/TerminalPane/components/TerminalRemoteControlButton/index.ts
diff --git a/...henticated/_dashboard/v2-workspace/$workspaceId/hooks/usePaneRegistry/usePaneRegistry.tsx b/...henticated/_dashboard/v2-workspace/$workspaceId/hooks/usePaneRegistry/usePaneRegistry.tsx
@@ -55,7 +55,6 @@ import { DiffPaneHeaderExtras } from "./components/DiffPane/components/DiffPaneH
 import { FilePane } from "./components/FilePane";
 import { FilePaneHeaderExtras } from "./components/FilePane/components/FilePaneHeaderExtras";
 import { TerminalPane } from "./components/TerminalPane";
-import { TerminalHeaderExtras } from "./components/TerminalPane/components/TerminalHeaderExtras";
 import { TerminalPaneIcon } from "./components/TerminalPane/components/TerminalPaneIcon";
 import { TerminalSessionDropdown } from "./components/TerminalPane/components/TerminalSessionDropdown";
 
@@ -348,9 +347,6 @@ export function usePaneRegistry({
 						/>
 					</div>
 				),
-				renderHeaderExtras: (ctx: RendererContext<PaneViewerData>) => (
-					<TerminalHeaderExtras context={ctx} workspaceId={workspaceId} />
-				),
 				renderPane: (ctx: RendererContext<PaneViewerData>) => (
 					<TerminalPane
 						ctx={ctx}

diff --git a/apps/relay/src/index.ts b/apps/relay/src/index.ts
@@ -13,12 +13,12 @@ import { startSyntheticCheck } from "./synthetic";
 import { isTrpcPath, trpcErrorResponse } from "./trpc-error";
 import { TunnelManager } from "./tunnel";
 
-// Bearer tokens we never want in stdout. The remote-control viewer must
-// put its token on the WS upgrade URL because browser WebSockets can't
-// send custom headers, and Hono's default `logger()` echoes the full
-// query string. Mask the values before they reach the log sink so the
-// raw token doesn't end up in Fly logs / Sentry breadcrumbs.
-const SENSITIVE_QUERY_RE = /([?&])(remoteControlToken|token)=[^&\s]+/g;
+// Bearer tokens we never want in stdout. Hosts put their JWT on the WS
+// upgrade URL because browser WebSockets can't send custom headers, and
+// Hono's default `logger()` echoes the full query string. Mask the values
+// before they reach the log sink so the raw token doesn't end up in Fly
+// logs / Sentry breadcrumbs.
+const SENSITIVE_QUERY_RE = /([?&])(token)=[^&\s]+/g;
 const redactingLogger = logger((message, ...rest) => {
 	const redacted =
 		typeof message === "string"
@@ -271,35 +271,8 @@ app.get("/hosts/:hostId/_whoowns", async (c) => {
 });
 
 // ── Host proxy (auth required) ──────────────────────────────────────
-//
-// Remote-control viewer WebSockets (`/hosts/:hostId/remote-control/*`)
-// authenticate via a per-session HMAC `remoteControlToken` query param
-// that is verified by the host-service, not by us. Skip the user-JWT
-// gate for those paths only — the HMAC is the credential the cloud
-// hands to viewers, who may not have a Superset user JWT in the URL.
-//
-// We must still run the tunnel-presence + maybeReplay logic that
-// `authMiddleware` does, otherwise viewer links break in multi-region
-// Fly deployments whenever the load balancer lands a request on a
-// relay instance that doesn't own the destination tunnel.
 
-app.use("/hosts/:hostId/*", async (c, next) => {
-	const path = new URL(c.req.url).pathname;
-	const hostId = c.req.param("hostId") ?? "";
-	if (!hostId) return c.json({ error: "Missing hostId" }, 400);
-	const prefix = `/hosts/${hostId}`;
-	const rest = path.slice(prefix.length);
-	if (rest.startsWith("/remote-control/")) {
-		if (!tunnelManager.hasTunnel(hostId)) {
-			const replay = await maybeReplay(hostId);
-			if (replay) return c.body(null, 200, replay.header);
-			return c.json({ error: "Host not connected" }, 503);
-		}
-		c.set("hostId", hostId);
-		return next();
-	}
-	return authMiddleware(c, next);
-});
+app.use("/hosts/:hostId/*", authMiddleware);
 
 app.all("/hosts/:hostId/trpc/*", async (c) => {
 	const hostId = c.get("hostId");