diff --git a/kernel-builder/install_kernel b/kernel-builder/install_kernel
index a4a938c..f04d819 100755
--- a/kernel-builder/install_kernel
+++ b/kernel-builder/install_kernel
@@ -2,8 +2,6 @@
 set -e
 set -o pipefail
 
-GRSEC_VERSION=3.1-4.4.5-201603142220
-
 linux_next(){
 	(
 	cd /usr/src
@@ -72,28 +70,10 @@ install_kernel(){
 		git clone --depth 1 --branch aufs${MAJOR_MINOR_VERSION} --single-branch https://github.com/sfjro/aufs4-standalone.git $aufsdir
 	fi
 
-	if [[ "$OPT" == "grsec" ]]; then
-		# get the grsec patches
-		grsecdir=/tmp/grsec
-		if [[ -d $grsecdir ]]; then
-			rm -rf $grsecdir
-		fi
-		mkdir -p $grsecdir
-		curl -sSL -o "${grsecdir}/grsecurity.patch" "https://grsecurity.net/test/grsecurity-${GRSEC_VERSION}.patch"
-		curl -sSL -o "${grsecdir}/grsecurity.patch.sig" "https://grsecurity.net/test/grsecurity-${GRSEC_VERSION}.patch.sig"
-		# add the gpg key
-		gpg --no-tty --keyserver pgp.mit.edu --recv-keys "DE94 52CE 46F4 2094 907F 108B 44D1 C0F8 2525 FE49"
-		# verify the patch
-		gpg --verify $grsecdir/grsecurity.patch.sig
-	fi
-
 	# apply the patches and compile the kernel
 	cd /usr/src/linux-${VERSION}
 
 	# apply the patches
-	if [[ "$OPT" == "grsec" ]]; then
-		patch -p1 < $grsecdir/grsecurity.patch || true
-	fi
 	if [[ "$OPT" == "aufs" ]]; then
 		git apply $aufsdir/aufs4-kbuild.patch
 		git apply $aufsdir/aufs4-base.patch
@@ -107,11 +87,6 @@ install_kernel(){
 		rm -rf $aufsdir
 	fi
 
-	if [[ "$OPT" == "grsec" ]]; then
-		# remove grsecdir
-		rm -rf $grsecdir
-	fi
-
 	if [[ ! -f .config ]] && [[ -f ../config ]]; then
 		cp ../config .config
 		if [[ "$OPT" == "aufs" ]]; then
diff --git a/latest-versions.sh b/latest-versions.sh
index 4a404e7..8f5198b 100755
--- a/latest-versions.sh
+++ b/latest-versions.sh
@@ -47,7 +47,7 @@ get_latest() {
 	if [[ "$tag" =~ "$current" ]] || [[ "$name" =~ "$current" ]] || [[ "$current" =~ "$tag" ]] || [[ "$current" == "master" ]]; then
 		echo -e "\e[36m${dir}:\e[39m current ${current} | ${tag} | ${name}"
 	else
-		if [[ "$dir" != "vscode" ]] && [[ "$dir" != "zookeeper" ]]; then
+		if [[ "$dir" != "zookeeper" ]]; then
 			bad_versions+=( "${dir}" )
 		fi
 		echo -e "\e[31m${dir}:\e[39m current ${current} | ${tag} | ${name} | https://github.com/${repo}/releases"
@@ -65,6 +65,7 @@ curl/curl
 opendnssec/SoftHSMv2
 google/guetzli
 irssi/irssi
+keepassxreboot/keepassxc
 zyedidia/micro
 bitly/oauth2_proxy
 JonnyWong16/plexpy
@@ -75,8 +76,8 @@ tarsnap/tarsnap
 fcambus/telize
 mitchellh/vagrant
 hashicorp/vault
-microsoft/vscode
 facebook/watchman
+wireguard/wireguard
 znc/znc
 apache/zookeeper
 )
diff --git a/vscode/Dockerfile b/vscode/Dockerfile
index 05138d1..4a9bf80 100644
--- a/vscode/Dockerfile
+++ b/vscode/Dockerfile
@@ -12,65 +12,49 @@
 FROM debian:stretch
 LABEL maintainer "Jessie Frazelle <jess@linux.com>"
 
+# Tell debconf to run in non-interactive mode
+ENV DEBIAN_FRONTEND noninteractive
+
 RUN apt-get update && apt-get install -y \
+	apt-transport-https \
+	ca-certificates \
+	curl \
 	gnupg \
+	--no-install-recommends
+
+# Add the vscode debian repo
+RUN curl -sSL https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor | apt-key add -
+RUN echo "deb [arch=amd64] https://packages.microsoft.com/repos/vscode stable main" > /etc/apt/sources.list.d/vscode.list
+
+RUN apt-get update && apt-get -y install \
+	code \
 	libasound2 \
 	libatk1.0-0 \
 	libcairo2 \
 	libcups2 \
-	libdatrie1 \
-	libdbus-1-3 \
+	libexpat1 \
 	libfontconfig1 \
 	libfreetype6 \
-	libgconf-2-4 \
-	libgcrypt20 \
-	libgl1-mesa-dri \
-	libgl1-mesa-glx \
-	libgdk-pixbuf2.0-0 \
-	libglib2.0-0 \
 	libgtk2.0-0 \
-	libgpg-error0 \
-	libgraphite2-3 \
-	libnotify-bin \
-	libnss3 \
-	libnspr4 \
 	libpango-1.0-0 \
-	libpangocairo-1.0-0 \
+	libx11-xcb1 \
 	libxcomposite1 \
 	libxcursor1 \
-	libxdmcp6 \
+	libxdamage1 \
+	libxext6 \
+	libxfixes3 \
 	libxi6 \
 	libxrandr2 \
 	libxrender1 \
 	libxss1 \
 	libxtst6 \
-	liblzma5 \
-	libxkbfile1 \
-	--no-install-recommends
+	--no-install-recommends \
+	&& rm -rf /var/lib/apt/lists/*
 
 ENV HOME /home/user
 RUN useradd --create-home --home-dir $HOME user \
 	&& chown -R user:user $HOME
 
-# https://code.visualstudio.com/Download
-ENV CODE_VERSION 1.12.2-1494422229
-ENV CODE_COMMIT 19222cdc84ce72202478ba1cec5cb557b71163de
-
-# download the source
-RUN buildDeps=' \
-		ca-certificates \
-		curl \
-	' \
-	&& set -x \
-	&& apt-get update && apt-get install -y $buildDeps --no-install-recommends \
-	&& curl -sL https://deb.nodesource.com/setup_6.x | bash - \
-	&& apt-get update && apt-get install -y nodejs --no-install-recommends \
-	&& rm -rf /var/lib/apt/lists/* \
-	&& curl -sSL "https://az764295.vo.msecnd.net/stable/${CODE_COMMIT}/code_${CODE_VERSION}_amd64.deb" -o /tmp/vs.deb \
-	&& apt-get purge -y --auto-remove $buildDeps \
-	&& dpkg -i /tmp/vs.deb \
-	&& rm -rf /tmp/vs.deb
-
 COPY start.sh /usr/local/bin/start.sh
 
 WORKDIR $HOME
diff --git a/wireguard/Dockerfile b/wireguard/Dockerfile
index 77c70d6..d14a259 100644
--- a/wireguard/Dockerfile
+++ b/wireguard/Dockerfile
@@ -17,7 +17,7 @@ RUN apk add --no-cache \
 	libmnl-dev
 
 # https://git.zx2c4.com/WireGuard/refs/
-ENV WIREGUARD_VERSION 0.0.20170517
+ENV WIREGUARD_VERSION 0.0.20170531
 
 RUN set -x \
 	&& apk add --no-cache --virtual .build-deps \