feat(devcontainer): add Claude Code extension and VS Code marketplace URLs

- Add anthropic.claude-code extension to default extensions list
- Allow VS Code marketplace URLs in firewall configuration:
  - marketplace.visualstudio.com (marketplace API)
  - vscode.blob.core.windows.net (extension downloads)
  - update.code.visualstudio.com (VS Code updates/metadata)

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

.devcontainer/Dockerfile

@@ -65,8 +65,8 @@ ENV PATH=$PATH:/usr/local/share/npm-global/bin
 ENV SHELL=/bin/zsh
 
 # Set the default editor and visual
-ENV EDITOR nano
-ENV VISUAL nano
+ENV EDITOR=nano
+ENV VISUAL=nano
 
 # Default powerline10k theme
 ARG ZSH_IN_DOCKER_VERSION=1.2.0

.devcontainer/devcontainer.json

@@ -16,6 +16,7 @@
   "customizations": {
     "vscode": {
       "extensions": [
+        "anthropic.claude-code",
         "dbaeumer.vscode-eslint",
         "esbenp.prettier-vscode",
         "eamodio.gitlens"
@@ -51,5 +52,6 @@
   },
   "workspaceMount": "source=${localWorkspaceFolder},target=/workspace,type=bind,consistency=delegated",
   "workspaceFolder": "/workspace",
-  "postCreateCommand": "sudo /usr/local/bin/init-firewall.sh"
+  "postStartCommand": "sudo /usr/local/bin/init-firewall.sh",
+  "waitFor": "postStartCommand"
 }

.devcontainer/init-firewall.sh

@@ -69,7 +69,10 @@ for domain in \
     "api.anthropic.com" \
     "sentry.io" \
     "statsig.anthropic.com" \
-    "statsig.com"; do
+    "statsig.com" \
+    "marketplace.visualstudio.com" \
+    "vscode.blob.core.windows.net" \
+    "update.code.visualstudio.com"; do
     echo "Resolving $domain..."
     ips=$(dig +noall +answer A "$domain" | awk '$4 == "A" {print $5}')
     if [ -z "$ips" ]; then
@@ -113,6 +116,9 @@ iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
 # Then allow only specific outbound traffic to allowed domains
 iptables -A OUTPUT -m set --match-set allowed-domains dst -j ACCEPT
 
+# Explicitly REJECT all other outbound traffic for immediate feedback
+iptables -A OUTPUT -j REJECT --reject-with icmp-admin-prohibited
+
 echo "Firewall configuration complete"
 echo "Verifying firewall rules..."
 if curl --connect-timeout 5 https://example.com >/dev/null 2>&1; then

CHANGELOG.md

@@ -1,5 +1,13 @@
 # Changelog
 
+## 1.0.93
+
+- Windows: Add alt + v shortcut for pasting images from clipboard
+
+## 1.0.90
+
+- Settings file changes take effect immediately - no restart required
+
 ## 1.0.88
 
 - Fixed issue causing "OAuth authentication is currently not supported"

Script/run_devcontainer_claude_code.ps1

@@ -40,14 +40,18 @@ Write-Host "Using backend: $($Backend)"
 # --- Prerequisite Check ---
 Write-Host "Checking for required commands..."
 try {
-    Get-Command $Backend -ErrorAction Stop | Out-Null
+    if (-not (Get-Command $Backend -ErrorAction SilentlyContinue)) {
+        throw "Required command '$($Backend)' not found."
+    }
     Write-Host "- $($Backend) command found."
-    Get-Command devcontainer -ErrorAction Stop | Out-Null
+    if (-not (Get-Command devcontainer -ErrorAction SilentlyContinue)) {
+        throw "Required command 'devcontainer' not found."
+    }
     Write-Host "- devcontainer command found."
 }
 catch {
-    Write-Error "A required command is not installed or not in your PATH."
-    Write-Error "Please ensure '$($_.Exception.Message.Split(':')[0])' and 'devcontainer' are installed and accessible."
+    Write-Error "A required command is not installed or not in your PATH. $($_.Exception.Message)"
+    Write-Error "Please ensure both '$Backend' and 'devcontainer' are installed and accessible in your system's PATH."
     exit 1
 }