feat: [net] add "priority" option to net.request

document the default value of priority option Update the priority test to not use the httpbin.org as server Fixed the lint errors Fixed the build error
2026-02-19 03:14:51 -05:00 · 2025-05-21 19:08:49 -04:00
1179 changed files with 28174 additions and 59510 deletions
--- a/.claude/.gitignore
+++ b/.claude/.gitignore
@@ -1 +0,0 @@
-settings.local.json
--- a/.claude/settings.json
+++ b/.claude/settings.json
@@ -1,24 +0,0 @@
-{
-  "permissions": {
-    "allow": [
-      "Bash(e sync)",
-      "Bash(e patches --list-targets:*)",
-      "Bash(git add:*)",
-      "Bash(git am:*)",
-      "Bash(git commit:*)",
-      "Bash(git log:*)",
-      "Bash(git show:*)",
-      "Bash(e patches:*)",
-      "Bash(e sync:*)",
-      "Skill(electron-chromium-upgrade)",
-      "Read(*)",
-      "Bash(echo:*)",
-      "Bash(e build:*)",
-      "Bash(tee:*)",
-      "Bash(git diff:*)",
-      "Bash(git rev-parse:*)"
-    ],
-    "deny": [],
-    "ask": []
-  }
-}
--- a/.claude/skills/electron-chromium-upgrade/SKILL.md
+++ b/.claude/skills/electron-chromium-upgrade/SKILL.md
@@ -1,199 +0,0 @@
---
-name: electron-chromium-upgrade
-description: Guide for performing Chromium version upgrades in the Electron project. Use when working on the roller/chromium/main branch to fix patch conflicts during `e sync --3`. Covers the patch application workflow, conflict resolution, analyzing upstream Chromium changes, and proper commit formatting for patch fixes.
---
-
-# Electron Chromium Upgrade: Phase One
-
-## Summary
-
-Run `e sync --3` repeatedly, fixing patch conflicts as they arise, until it succeeds. Then run `e patches all` and commit changes atomically.
-
-## Success Criteria
-
-Phase One is complete when:
- `e sync --3` exits with code 0 (no patch failures)
- `e patches all` has been run to export all changes
- All changes are committed per the commit guidelines below
-
-Do not stop until these criteria are met.
-
-**CRITICAL** Do not delete or skip patches unless 100% certain the patch is no longer needed. Complicated conflicts or hard to resolve issues should be presented to the user after you have exhausted all other options. Do not delete the patch just because you can't solve it.
-
-## Context
-
-The `roller/chromium/main` branch is created by automation to update Electron's Chromium dependency SHA. No work has been done to handle breaking changes between the old and new versions.
-
-**Key directories:**
- Current directory: Electron repo (always run `e` commands here)
- `..` (parent): Chromium repo (where most patches apply)
- `patches/`: Patch files organized by target
- `docs/development/patches.md`: Patch system documentation
-
-## Workflow
-
-1. Delete the `.git/rr-cache` in both the `electron` and `..` folder to ensure no accidental rerere replays occur from before this upgrade phase attempt started
-2. Run `e sync --3` (the `--3` flag enables 3-way merge, always required)
-3. If succeeds → skip to step 6
-4. If patch fails:
-   - Identify target repo and patch from error output
-   - Analyze failure (see references/patch-analysis.md)
-   - Fix conflict in target repo's working directory
-   - Run `git am --continue` in affected repo
-   - Repeat until all patches for that repo apply
-   - IMPORTANT: Once `git am --continue` succeeds you MUST run `e patches {target}` to export fixes
-   - Return to step 1
-5. When `e sync --3` succeeds, run `e patches all`
-6. **Read `references/phase-one-commit-guidelines.md` NOW**, then commit changes following those instructions exactly.
-
-Before committing any Phase One changes, you MUST read `references/phase-one-commit-guidelines.md` and follow its instructions exactly.
-
-## Commands Reference
-
-| Command | Purpose |
-|---------|---------|
-| `e sync --3` | Clone deps and apply patches with 3-way merge |
-| `git am --continue` | Continue after resolving conflict (run in target repo) |
-| `e patches {target}` | Export commits from target repo to patch files |
-| `e patches all` | Export all patches from all targets |
-| `e patches --list-targets` | List targets and config paths |
-
-## Patch System Mental Model
-
-```
-patches/{target}/*.patch  →  [e sync --3]  →  target repo commits
-                          ←  [e patches]   ←
-```
-
-## When to Edit Patches
-
-| Situation | Action |
-|-----------|--------|
-| During active `git am` conflict | Fix in target repo, then `git am --continue` |
-| Modifying patch outside conflict | Edit `.patch` file directly |
-| Creating new patch (rare, avoid) | Commit in target repo, then `e patches {target}` |
-
-Fix existing patches 99% of the time rather than creating new ones.
-
-## Patch Fixing Rules
-
-1. **Preserve authorship**: Keep original author in TODO comments (from patch `From:` field)
-2. **Never change TODO assignees**: `TODO(name)` must retain original name
-3. **Update descriptions**: If upstream changed (e.g., `DCHECK` → `CHECK_IS_TEST`), update patch commit message to reflect current state
-
-## Final Deliverable
-
-After Phase One, write a summary of every change: what was fixed, why, reasoning, and Chromium CL links.
-
-# Electron Chromium Upgrade: Phase Two
-
-## Summary
-
-Run `e build -k 999` repeatedly, fixing build issues as they arise, until it succeeds. Then run `e start --version` to validate Electron launches and commit changes atomically.
-
-Run Phase Two immediately after Phase One is complete.
-
-## Success Criteria
-
-Phase Two is complete when:
- `e build -k 999` exits with code 0 (no build failures)
- `e start --version` has been run to check Electron launches
- All changes are committed per the commit guidelines below
-
-Do not stop until these criteria are met. Do not delete code or features, never comment out code in order to take short cut. Make all existing code, logic and intention work.
-
-## Context
-
-The `roller/chromium/main` branch is created by automation to update Electron's Chromium dependency SHA. No work has been done to handle breaking changes between the old and new versions. Chromium APIs frequently are renamed or refactored. In every case the code in Electron must be updated to account for the change in Chromium, strongly avoid making changes to the code in chromium to fix Electrons build.
-
-**Key directories:**
- Current directory: Electron repo (always run `e` commands here)
- `..` (parent): Chromium repo (do not touch this code to fix build issues, just read it to obtain context)
-
-## Workflow
-
-1. Run `e build -k 999` (the `-k 999` flag is a flag to ninja to say "do not stop until you find that many errors" it is an attempt to get as much error
-  context as possible for each time we run build)
-2. If succeeds → skip to step 6
-3. If build fails:
-    - Identify underlying file in "electron" from the compilation error message
-    - Analyze failure
-    - Fix build issue by adapting Electron's code for the change in Chromium
-    - Run `e build -t {target_that_failed}.o` to build just the failed target we were specifically fixing
-        - You can identify the target_that_failed from the failure line in the build log. E.g. `FAILED: 2e506007-8d5d-4f38-bdd1-b5cd77999a77 "./obj/electron/chromium_src/chrome/process_singleton_posix.o" CXX obj/electron/chromium_src/chrome/process_singleton_posix.o` the target name is `obj/electron/chromium_src/chrome/process_singleton_posix.o`
-    - **Read `references/phase-two-commit-guidelines.md` NOW**, then commit changes following those instructions exactly.
-    - Return to step 1
-4. **CRITICAL**: After ANY commit (especially patch commits), immediately run `git status` in the electron repo
-    - Look for other modified `.patch` files that only have index/hunk header changes
-    - These are dependent patches affected by your fix
-    - Commit them immediately with: `git commit -am "chore: update patch hunk headers"`
-    - This prevents losing track of necessary updates
-5. Return to step 1
-6. When `e build` succeeds, run `e start --version`
-7. Check if you have any pending changes in the Chromium repo by running `git status`
-    - If you have changes follow the instructions below in "A. Patch Fixes" to correctly commit those modifications into the appropriate patch file
-
-Before committing any Phase Two changes, you MUST read `references/phase-two-commit-guidelines.md` and follow its instructions exactly.
-
-## Build Error Detection
-
-When monitoring `e build -k 999` output, filter for errors using this regex pattern:
-error:|FAILED:|fatal:|subcommand failed|build finished
-
-The build output is extremely verbose. Filtering is essential to catch errors quickly.
-
-## Commands Reference
-
-| Command | Purpose |
-|---------|---------|
-| `e build -k 999` | Builds Electron and won't stop until either all targets attempted or 999 errors found |
-| `e build -t {target}.o` | Build just one specific target to verify a fix |
-| `e start --version` | Validate Electron launches after successful build |
-
-## Two Types of Build Fixes
-
-### A. Patch Fixes (for files in chromium_src or patched Chromium files)
-
-When the error is in a file that Electron patches (check with `grep -l "filename" patches/chromium/*.patch`):
-
-1. Edit the file in the Chromium source tree (e.g., `/src/chrome/browser/...`)
-2. Create a fixup commit targeting the original patch commit:
-    ```bash
-    cd ..  # to chromium repo
-    git add <modified-file>
-    git commit --fixup=<original-patch-commit-hash>
-    GIT_SEQUENCE_EDITOR=: git rebase --autosquash --autostash -i <commit>^
-3. Export the updated patch: e patches chromium
-4. Commit the updated patch file in the electron repo following the `references/phase-one-commit-guidelines.md`, then commit changes following those instructions exactly. **READ THESE GUIDELINES BEFORE COMMITTING THESE CHANGES**
-
-To find the original patch commit to fixup: `git log --oneline | grep -i "keyword from patch name"`
-
-The base commit for rebase is the Chromium commit before patches were applied. Find it by checking the `refs/patches/upstream-head` ref.
-
-B. Electron Code Fixes (for files in shell/, electron/, etc.)
-
-When the error is in Electron's own source code:
-
-1. Edit files directly in the electron repo
-2. Commit directly (no patch export needed)
-
-Dependent Patch Updates
-
-IMPORTANT: When you modify a patch, other patches that apply to the same file may have their hunk headers invalidated. After committing a patch fix:
-
-1. Run git status in the electron repo
-2. Look for other modified .patch files with just index/hunk header changes
-3. Commit these with: git commit -m "chore: update patch hunk headers"
-
-# Critical: Read Before Committing
-
- Before ANY Phase One commits: Read `references/phase-one-commit-guidelines.md`
- Before ANY Phase Two commits: Read `references/phase-two-commit-guidelines.md`
-
-# Skill Directory Structure
-This skill has additional reference files in `references/`:
- patch-analysis.md - How to analyze patch failures
- phase-one-commit-guidelines.md - Commit format for Phase One
- phase-two-commit-guidelines.md - Commit format for Phase Two
-
-Read these when referenced in the workflow steps.
--- a/.claude/skills/electron-chromium-upgrade/references/patch-analysis.md
+++ b/.claude/skills/electron-chromium-upgrade/references/patch-analysis.md
@@ -1,69 +0,0 @@
-# Analyzing Patch Failures
-
-## Investigation Steps
-
-1. **Read the patch file** at `patches/{target}/{patch_name}.patch`
-
-2. **Examine current state** of the file in Chromium at mentioned line numbers
-
-3. **Check recent upstream changes:**
-   ```bash
-   cd ..  # or relevant target repo
-   git log --oneline -10 -- {file}
-   ```
-
-4. **Find Chromium CL** in commit messages:
-   ```
-   Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/{CL_NUMBER}
-   ```
-
-## Common Failure Patterns
-
-| Pattern | Cause | Solution |
-|---------|-------|----------|
-| Context lines don't match | Surrounding code changed | Update context in patch |
-| File not found | File renamed/moved | Update patch target path |
-| Function not found | Refactored upstream | Find new function name |
-| `DCHECK` → `CHECK_IS_TEST` | Macro change | Update to new macro |
-| Deleted code | Feature removed | Verify patch still needed |
-
-## Using Git Blame
-
-To find the CL that changed specific lines:
-
-```bash
-cd ..
-git blame -L {start},{end} -- {file}
-git log -1 {commit_sha}  # Look for Reviewed-on: line
-```
-
-## Verifying Patch Necessity
-
-Before deleting a patch, verify:
-1. The patched functionality was intentionally removed upstream
-2. Electron doesn't need the patch for other reasons
-3. No other code depends on the patched behavior
-
-When in doubt, keep the patch and adapt it.
-
-## Phase Two: Build-Time Patch Issues
-
-Sometimes patches that applied successfully in Phase One cause build errors in Phase Two. This can happen when:
-
-1. **Incomplete types**: A patch disables a header include, but new upstream code uses the type
-2. **Missing members**: A patch modifies a class, but upstream added new code referencing the original
-
-### Finding Which Patch Affects a File
-
-```bash
-grep -l "filename.cc" patches/chromium/*.patch
-```
-
-Matching Existing Patch Patterns
-
-When fixing build errors in patched files, examine the existing patch to understand its style:
- Does it use #if 0 / #endif guards?
- Does it use #if BUILDFLAG(...) conditionals?
- What's the pattern for disabled functionality?
-
-Apply fixes consistent with the existing patch style.
--- a/.claude/skills/electron-chromium-upgrade/references/phase-one-commit-guidelines.md
+++ b/.claude/skills/electron-chromium-upgrade/references/phase-one-commit-guidelines.md
@@ -1,52 +0,0 @@
-# Phase One Commit Guidelines
-
-Only follow these instructions if there are uncommitted changes to `patches/` after Phase One succeeds.
-
-Ignore other instructions about making commit messages, our guidelines are CRITICALLY IMPORTANT and must be followed.
-
-## Atomic Commits
-
-For each fix made to a patch, create a separate commit:
-
-```
-fix(patch-conflict): {concise title}
-
-{Brief explanation, 1-2 paragraphs max}
-
-Ref: {Chromium CL link}
-```
-
-IMPORTANT: Ensure that any changes made to patch content as a result of a change in Chromium is committed individually. Each change should have it's own commit message and it's own REF.
-
-IMPORTANT: Try really hard to find the CL reference per the instructions below. Each change you made should in theory have been in response to a change made in Chromium that you identified or can identify. Try for a while to identify and include the ref in the commit message. Do not give up easily.
-
-## Finding CL References
-
-Use `git log` or `git blame` on Chromium source files. Look for:
-
-```
-Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/XXXXXXX
-```
-
-If no CL found after searching: `Ref: Unable to locate CL`
-
-## Final Cleanup
-
-After all fix commits, stage remaining changes:
-
-```bash
-git add patches
-git commit -m "chore: update patch hunk headers"
-```
-
-## Example Commit
-
-```
-fix(patch-conflict): update web_contents_impl.cc context for navigation refactor
-
-The upstream navigation code was refactored to use NavigationRequest directly
-instead of going through NavigationController. Updated surrounding context
-to match new code structure.
-
-Ref: https://chromium-review.googlesource.com/c/chromium/src/+/1234567
-```
--- a/.claude/skills/electron-chromium-upgrade/references/phase-two-commit-guidelines.md
+++ b/.claude/skills/electron-chromium-upgrade/references/phase-two-commit-guidelines.md
@@ -1,82 +0,0 @@
-# Phase Two Commit Guidelines
-
-Only follow these instructions if there are uncommitted changes in the Electron repo after any fixes are made during Phase Two that result a target that was failing, successfully building.
-
-Ignore other instructions about making commit messages, our guidelines are CRITICALLY IMPORTANT and must be followed.
-
-## Two Commit Types
-
-### For Electron Source Changes (shell/, electron/, etc.)
-
-```
-{CL-Number}: {concise description of API change}
-
-{Brief explanation of what upstream changed and how Electron was adapted}
-
-Ref: {Chromium CL link}
-```
-
-IMPORTANT: Ensure that any change made to electron as a result of a change in Chromium is committed individually. Each change should have it's own commit message and it's own REF. Logically grouped into commits that make sense rather than one giant commit.
-
-IMPORTANT: Try really hard to find the CL reference per the instructions below. Each change you made should in theory have been in response to a change made in Chromium that you identified or can identify. Try for a while to identify and include the ref in the commit message. Do not give up easily.
-
-You may include multiple "Ref" links if required.
-
-For a CL link in the format `https://chromium-review.googlesource.com/c/chromium/src/+/2958369` the "CL-Number" is `2958369`
-
-### For Patch Updates (patches/chromium/*.patch)
-
-Use the same fixup workflow as Phase One:
-1. Fix in Chromium source tree
-2. Fixup commit + rebase
-3. Export with `e patches chromium`
-4. Commit the patch file:
-
-```
-fix(patch-update): {concise description}
-
-{Brief explanation}
-
-Ref: {Chromium CL link}
-```
-
-## Dependent Patch Header Updates
-
-After any patch modification, check for other affected patches:
-
-```bash
-git status
-# If other .patch files show as modified with only hunk header changes:
-git add patches/
-git commit -m "chore: update patch hunk headers"
-```
-
-## Finding CL References
-
-Use git log or git blame on Chromium source files. Look for:
-
-Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/XXXXXXX
-
-If no CL found after searching: Ref: Unable to locate CL
-
-## Example Commits
-
-### Electron Source Fix
-
-fix: update GetPlugins to GetPluginsAsync for API change
-
-The upstream Chromium API changed:
- Old: GetPlugins(callback) - took a callback
- New: GetPluginsAsync(callback) - async version takes a callback
-
-Ref: https://chromium-review.googlesource.com/c/chromium/src/+/1234567
-
-### Patch Fix
-
-fix(patch-conflict): update picture-in-picture for gesture handling refactor
-
-Upstream added new gesture handling code that accesses live caption dialog.
-The live caption functionality is disabled in Electron's patch, so wrapped
-the new code in #if 0 guards to match existing pattern.
-
-Ref: https://chromium-review.googlesource.com/c/chromium/src/+/7654321
--- a/.devcontainer/docker-compose.yml
+++ b/.devcontainer/docker-compose.yml
@@ -2,7 +2,7 @@ version: '3'

 services:
  buildtools:
-    image: ghcr.io/electron/devcontainer:a82b87d7a4f5ff0cab61405f8151ac4cf4942aeb
+    image: ghcr.io/electron/devcontainer:424eedbf277ad9749ffa9219068aa72ed4a5e373

    volumes:
      - ..:/workspaces/gclient/src/electron:cached
--- a/.devcontainer/on-create-command.sh
+++ b/.devcontainer/on-create-command.sh
@@ -48,8 +48,7 @@ if [ ! -f $buildtools/configs/evm.testing.json ]; then
            \"gen\": {
                \"args\": [
                    \"import(\\\"//electron/build/args/testing.gn\\\")\",
-                    \"use_remoteexec = true\",
-                    \"use_siso=true\"
+                    \"use_remoteexec = true\"
                ],
                \"out\": \"Testing\"
            },
@@ -59,13 +58,13 @@ if [ ! -f $buildtools/configs/evm.testing.json ]; then
            },
            \"\$schema\": \"file:///home/builduser/.electron_build_tools/evm-config.schema.json\",
            \"configValidationLevel\": \"strict\",
-            \"remoteBuild\": \"siso\",
-            \"preserveSDK\": 5
+            \"reclient\": \"$1\",
+            \"preserveXcode\": 5
        }
    " >$buildtools/configs/evm.testing.json
  }

-  write_config
+  write_config remote_exec

  e use testing 
 else
--- a/.github/ISSUE_TEMPLATE/bug_report.yml
+++ b/.github/ISSUE_TEMPLATE/bug_report.yml
@@ -58,16 +58,6 @@ body:
    label: Last Known Working Electron version
    description: What is the last version of Electron this worked in, if applicable?
    placeholder: 16.0.0
- type: dropdown
-  attributes:
-    label: Does the issue also appear in Chromium / Google Chrome?
-    description: If it does, please report the issue in the [Chromium issue tracker](https://issues.chromium.org/issues), not against Electron. Electron will inherit the fix once Chromium resolves the issue.
-    options:
-      - I don't know how to test
-      - "Yes"
-      - "No"
-  validations:
-    required: true
 - type: textarea
  attributes:
    label: Expected Behavior
--- a/.github/PULL_REQUEST_TEMPLATE.md
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@@ -10,8 +10,7 @@ Contributors guide: https://github.com/electron/electron/blob/main/CONTRIBUTING.
 #### Checklist
 <!-- Remove items that do not apply. For completed items, change [ ] to [x]. -->

- [ ] PR description included
- [ ] I have built and tested this PR
+- [ ] PR description included and stakeholders cc'd
 - [ ] `npm test` passes
 - [ ] tests are [changed or added](https://github.com/electron/electron/blob/main/docs/development/testing.md)
 - [ ] relevant API documentation, tutorials, and examples are updated and follow the [documentation style guide](https://github.com/electron/electron/blob/main/docs/development/style-guide.md)
--- a/.github/actions/build-electron/action.yml
+++ b/.github/actions/build-electron/action.yml
@@ -17,6 +17,9 @@ inputs:
  is-release:
    description: 'Is release build'
    required: true
+  strip-binaries:
+    description: 'Strip binaries (Linux only)'
+    required: false
  generate-symbols:
    description: 'Generate symbols'
    required: true
@@ -26,9 +29,6 @@ inputs:
  is-asan:
    description: 'The ASan Linux build'
    required: false
-  upload-out-gen-artifacts:
-    description: 'Whether to upload the out/${dir}/gen artifacts'
-    required: false
 runs:
  using: "composite"
  steps:
@@ -38,17 +38,7 @@ runs:
      run: |
        GN_APPENDED_ARGS="$GN_EXTRA_ARGS target_cpu=\"x64\" v8_snapshot_toolchain=\"//build/toolchain/mac:clang_x64\""
        echo "GN_EXTRA_ARGS=$GN_APPENDED_ARGS" >> $GITHUB_ENV
-    - name: Set GN_EXTRA_ARGS for Windows
-      shell: bash
-      if: ${{inputs.target-arch != 'x64' && inputs.target-platform == 'win' }}
-      run: |
-        GN_APPENDED_ARGS="$GN_EXTRA_ARGS target_cpu=\"${{ inputs.target-arch }}\""
-        echo "GN_EXTRA_ARGS=$GN_APPENDED_ARGS" >> $GITHUB_ENV
-    - name: Add Clang problem matcher
-      shell: bash
-      run: echo "::add-matcher::src/electron/.github/problem-matchers/clang.json"
    - name: Build Electron ${{ inputs.step-suffix }}
-      if: ${{ inputs.target-platform != 'win' }}
      shell: bash
      run: |
        rm -rf "src/out/Default/Electron Framework.framework"
@@ -64,51 +54,22 @@ runs:
          sudo launchctl limit maxfiles 65536 200000
        fi

-        if [ "${{ inputs.is-release }}" = "true" ]; then
-          NINJA_SUMMARIZE_BUILD=1 e build --target electron:release_build
-        else
-          NINJA_SUMMARIZE_BUILD=1 e build --target electron:testing_build
-        fi
+        NINJA_SUMMARIZE_BUILD=1 e build -j $NUMBER_OF_NINJA_PROCESSES
        cp out/Default/.ninja_log out/electron_ninja_log
        node electron/script/check-symlinks.js
-
-        # Upload build stats to Datadog
-        if ! [ -z $DD_API_KEY ]; then
-          npx node electron/script/build-stats.mjs out/Default/siso.INFO --upload-stats || true          
-        else
-          echo "Skipping build-stats.mjs upload because DD_API_KEY is not set"
-        fi
-    - name: Build Electron (Windows) ${{ inputs.step-suffix }}
-      if: ${{ inputs.target-platform == 'win' }}
-      shell: powershell
+    - name: Strip Electron Binaries ${{ inputs.step-suffix }}
+      shell: bash
+      if: ${{ inputs.strip-binaries == 'true' }}
      run: |
-        cd src\electron
-        git pack-refs
-        cd ..
-
-        $env:NINJA_SUMMARIZE_BUILD = 1
-        if ("${{ inputs.is-release }}" -eq "true") {          
-          e build --target electron:release_build
-        } else {
-          e build --target electron:testing_build
-        }
-        Copy-Item out\Default\.ninja_log out\electron_ninja_log
-        node electron\script\check-symlinks.js
-
-        # Upload build stats to Datadog
-        if ($env:DD_API_KEY) {
-          try {
-            npx node electron\script\build-stats.mjs out\Default\siso.exe.INFO --upload-stats
-          } catch {
-            Write-Host "Build stats upload failed, continuing..."
-          }
-        } else {
-          Write-Host "Skipping build-stats.mjs upload because DD_API_KEY is not set"
-        }
-    - name: Verify dist.zip ${{ inputs.step-suffix }}
+        cd src
+        electron/script/copy-debug-symbols.py --target-cpu="${{ inputs.target-arch }}" --out-dir=out/Default/debug --compress
+        electron/script/strip-binaries.py --target-cpu="${{ inputs.target-arch }}" --verbose
+        electron/script/add-debug-link.py --target-cpu="${{ inputs.target-arch }}" --debug-dir=out/Default/debug
+    - name: Build Electron dist.zip ${{ inputs.step-suffix }}
      shell: bash
      run: |
-        cd src        
+        cd src
+        e build --target electron:electron_dist_zip -j $NUMBER_OF_NINJA_PROCESSES -d explain
        if [ "${{ inputs.is-asan }}" != "true" ]; then
          target_os=${{ inputs.target-platform == 'macos' && 'mac' || inputs.target-platform }}
          if [ "${{ inputs.artifact-platform }}" = "mas" ]; then
@@ -116,10 +77,11 @@ runs:
          fi
          electron/script/zip_manifests/check-zip-manifest.py out/Default/dist.zip electron/script/zip_manifests/dist_zip.$target_os.${{ inputs.target-arch }}.manifest
        fi
-    - name: Fixup Mksnapshot ${{ inputs.step-suffix }}
+    - name: Build Mksnapshot ${{ inputs.step-suffix }}
      shell: bash
      run: |
        cd src
+        e build --target electron:electron_mksnapshot -j $NUMBER_OF_NINJA_PROCESSES
        ELECTRON_DEPOT_TOOLS_DISABLE_LOG=1 e d gn desc out/Default v8:run_mksnapshot_default args > out/Default/mksnapshot_args
        # Remove unused args from mksnapshot_args
        SEDOPTION="-i"
@@ -129,6 +91,20 @@ runs:
        sed $SEDOPTION '/.*builtins-pgo/d' out/Default/mksnapshot_args
        sed $SEDOPTION '/--turbo-profiling-input/d' out/Default/mksnapshot_args

+        if [ "${{ inputs.target-platform }}" = "linux" ]; then
+          if [ "${{ inputs.target-arch }}" = "arm" ]; then
+            electron/script/strip-binaries.py --file $PWD/out/Default/clang_x86_v8_arm/mksnapshot
+            electron/script/strip-binaries.py --file $PWD/out/Default/clang_x86_v8_arm/v8_context_snapshot_generator
+          elif [ "${{ inputs.target-arch }}" = "arm64" ]; then
+            electron/script/strip-binaries.py --file $PWD/out/Default/clang_x64_v8_arm64/mksnapshot
+            electron/script/strip-binaries.py --file $PWD/out/Default/clang_x64_v8_arm64/v8_context_snapshot_generator
+          else
+            electron/script/strip-binaries.py --file $PWD/out/Default/mksnapshot
+            electron/script/strip-binaries.py --file $PWD/out/Default/v8_context_snapshot_generator
+          fi
+        fi
+
+        e build --target electron:electron_mksnapshot_zip -j $NUMBER_OF_NINJA_PROCESSES
        if [ "${{ inputs.target-platform }}" = "win" ]; then
          cd out/Default
          powershell Compress-Archive -update mksnapshot_args mksnapshot.zip
@@ -162,15 +138,13 @@ runs:
      shell: bash
      run: |
        cd src
+        e build --target electron:electron_chromedriver -j $NUMBER_OF_NINJA_PROCESSES
        e build --target electron:electron_chromedriver_zip
-
-        if [ "${{ inputs.is-asan }}" != "true" ]; then
-          target_os=${{ inputs.target-platform == 'macos' && 'mac' || inputs.target-platform }}
-          if [ "${{ inputs.artifact-platform }}" = "mas" ]; then
-            target_os="${target_os}_mas"
-          fi
-          electron/script/zip_manifests/check-zip-manifest.py out/Default/chromedriver.zip electron/script/zip_manifests/chromedriver_zip.$target_os.${{ inputs.target-arch }}.manifest
-        fi
+    - name: Build Node.js headers ${{ inputs.step-suffix }}
+      shell: bash
+      run: |
+        cd src
+        e build --target electron:node_headers
    - name: Create installed_software.json ${{ inputs.step-suffix }}
      shell: powershell
      if: ${{ inputs.is-release == 'true' && inputs.target-platform == 'win' }}
@@ -190,11 +164,17 @@ runs:
        # Needed for msdia140.dll on 64-bit windows
        cd src
        export PATH="$PATH:$(pwd)/third_party/llvm-build/Release+Asserts/bin"
-    - name: Zip Symbols ${{ inputs.step-suffix }}
+    - name: Generate & Zip Symbols ${{ inputs.step-suffix }}
      shell: bash
      run: |
+        # Generate breakpad symbols on release builds
+        if [ "${{ inputs.generate-symbols }}" = "true" ]; then
+          e build --target electron:electron_symbols
+        fi
        cd src
        export BUILD_PATH="$(pwd)/out/Default"
+        e build --target electron:licenses
+        e build --target electron:electron_version_file
        if [ "${{ inputs.is-release }}" = "true" ]; then
          DELETE_DSYMS_AFTER_ZIP=1 electron/script/zip-symbols.py -b $BUILD_PATH
        else
@@ -205,21 +185,29 @@ runs:
      if: ${{ inputs.is-release == 'true' }}
      run: |
        cd src
-        gn gen out/ffmpeg --args="import(\"//electron/build/args/ffmpeg.gn\") use_remoteexec=true use_siso=true $GN_EXTRA_ARGS"
-        e build --target electron:electron_ffmpeg_zip -C ../../out/ffmpeg
-    - name: Remove Clang problem matcher
+        gn gen out/ffmpeg --args="import(\"//electron/build/args/ffmpeg.gn\") use_remoteexec=true $GN_EXTRA_ARGS"
+        e build --target electron:electron_ffmpeg_zip -C ../../out/ffmpeg -j $NUMBER_OF_NINJA_PROCESSES
+    - name: Generate Hunspell Dictionaries ${{ inputs.step-suffix }}
      shell: bash
-      run: echo "::remove-matcher owner=clang::"
+      if: ${{ inputs.is-release == 'true' && inputs.target-platform == 'linux' }}
+      run: |
+        e build --target electron:hunspell_dictionaries_zip -j $NUMBER_OF_NINJA_PROCESSES
+    - name: Generate Libcxx ${{ inputs.step-suffix }}
+      shell: bash
+      if: ${{ inputs.is-release == 'true' && inputs.target-platform == 'linux' }}
+      run: |
+        e build --target electron:libcxx_headers_zip -j $NUMBER_OF_NINJA_PROCESSES
+        e build --target electron:libcxxabi_headers_zip -j $NUMBER_OF_NINJA_PROCESSES
+        e build --target electron:libcxx_objects_zip -j $NUMBER_OF_NINJA_PROCESSES
    - name: Generate TypeScript Definitions ${{ inputs.step-suffix }}
      if: ${{ inputs.is-release == 'true' }}
      shell: bash
      run: |
        cd src/electron
-        node script/yarn.js create-typescript-definitions
+        node script/yarn create-typescript-definitions
    - name: Publish Electron Dist ${{ inputs.step-suffix }}
      if: ${{ inputs.is-release == 'true' }}
      shell: bash
-      id: github-upload
      run: |
        rm -rf src/out/Default/obj
        cd src/electron
@@ -230,34 +218,7 @@ runs:
          echo 'Uploading Electron release distribution to GitHub releases'
          script/release/uploaders/upload.py --verbose
        fi
-    - name: Generate artifact attestation
-      if: ${{ inputs.is-release == 'true' }}
-      uses: actions/attest-build-provenance@96278af6caaf10aea03fd8d33a09a777ca52d62f # v3.2.0
-      with:
-        subject-path: ${{ steps.github-upload.outputs.UPLOADED_PATHS }}
-    - name: Generate siso report
-      if: ${{ inputs.target-platform != 'win' && !cancelled() }}
-      shell: bash
-      run: |
-        cd src
-        e d siso report -C out/Default > siso_report.txt
-        SISO_REPORT_PATH=$(grep -o '/.*siso-report-[^ ]*' siso_report.txt)
-        echo "SISO_REPORT_PATH=$SISO_REPORT_PATH" >> $GITHUB_ENV
-        cat siso_report.txt
-        echo "SISO REPORT AT $SISO_REPORT_PATH"
-    - name: Generate siso report (Windows)
-      if: ${{ inputs.target-platform == 'win' && !cancelled() }}
-      shell: powershell
-      run: |
-        cd src
-        e d siso report -C out\Default > siso_report.txt
-        $SISO_REPORT_PATH = Get-Content "siso_report.txt" | Select-String "report file:\s*(.+)" | ForEach-Object { 
-          $_.Matches.Groups[1].Value.Trim() 
-        }
-        echo "SISO_REPORT_PATH=$SISO_REPORT_PATH"
-        echo "SISO_REPORT_PATH=$SISO_REPORT_PATH" >> $env:GITHUB_ENV
    - name: Generate Artifact Key
-      if: always() && !cancelled()
      shell: bash
      run: |
        if [ "${{ inputs.is-asan }}" = "true" ]; then 
@@ -269,11 +230,9 @@ runs:
    # The current generated_artifacts_<< artifact.key >> name was taken from CircleCI
    # to ensure we don't break anything, but we may be able to improve that.
    - name: Move all Generated Artifacts to Upload Folder ${{ inputs.step-suffix }}
-      if: always() && !cancelled()
      shell: bash
      run: ./src/electron/script/actions/move-artifacts.sh
    - name: Upload Generated Artifacts ${{ inputs.step-suffix }}
-      if: always() && !cancelled()
      uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808
      with:
        name: generated_artifacts_${{ env.ARTIFACT_KEY }}
@@ -283,9 +242,3 @@ runs:
      with:
        name: src_artifacts_${{ env.ARTIFACT_KEY }}
        path: ./src_artifacts_${{ inputs.artifact-platform }}_${{ inputs.target-arch }}
-    - name: Upload Out Gen Artifacts ${{ inputs.step-suffix }}
-      if: ${{ inputs.upload-out-gen-artifacts == 'true' }}
-      uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808
-      with:
-        name: out_gen_artifacts_${{ env.ARTIFACT_KEY }}
-        path: ./src/out/Default/gen
--- a/.github/actions/build-git-cache/action.yml
+++ b/.github/actions/build-git-cache/action.yml
@@ -1,83 +0,0 @@
-name: 'Build Git Cache'
-description: 'Runs a gclient sync to build the git cache for Electron'
-inputs:
-  target-platform:
-    description: 'Target platform, should be linux, win, macos'    
-runs:
-  using: "composite"
-  steps:
-  - name: Set GIT_CACHE_PATH to make gclient to use the cache
-    shell: bash
-    run: |
-      echo "GIT_CACHE_PATH=$(pwd)/git-cache" >> $GITHUB_ENV
-  - name: Set Chromium Git Cookie
-    uses: ./src/electron/.github/actions/set-chromium-cookie
-  - name: Install Build Tools
-    uses: ./src/electron/.github/actions/install-build-tools
-  - name: Set up cache drive
-    shell: bash
-    run: |
-      if [ "${{ inputs.target-platform }}" = "win" ]; then
-        echo "CACHE_DRIVE=/mnt/win-cache" >> $GITHUB_ENV
-      else
-        echo "CACHE_DRIVE=/mnt/cross-instance-cache" >> $GITHUB_ENV
-      fi
-  - name: Check cross instance cache disk space
-    shell: bash
-    run: |    
-      # if there is less than 35 GB free space then creating the cache might fail so exit early
-      freespace=`df -m $CACHE_DRIVE | grep -w $CACHE_DRIVE | awk '{print $4}'`
-      freespace_human=`df -h $CACHE_DRIVE | grep -w $CACHE_DRIVE | awk '{print $4}'`
-      if [ $freespace -le 35000 ]; then
-        echo "The cross mount cache has $freespace_human free space which is not enough - exiting"
-        exit 1
-      else
-        echo "The cross mount cache has $freespace_human free space - continuing"
-      fi
-  - name: Restore gitcache
-    shell: bash
-    run: |
-      GIT_CACHE_TAR="$CACHE_DRIVE/gitcache.tar"
-      if [ ! -f "$GIT_CACHE_TAR" ]; then
-        echo "Git cache tar file does not exist, skipping restore"
-        exit 0
-      fi
-      echo "Restoring git cache from $GIT_CACHE_TAR to $GIT_CACHE_PATH"
-      mkdir -p $GIT_CACHE_PATH
-      tar -xf $GIT_CACHE_TAR -C $GIT_CACHE_PATH
-  - name: Gclient Sync
-    shell: bash
-    run: |
-      e d gclient config \
-        --name "src/electron" \
-        --unmanaged \
-        ${GCLIENT_EXTRA_ARGS} \
-        "$GITHUB_SERVER_URL/$GITHUB_REPOSITORY"
-
-      if [ "$TARGET_OS" != "" ]; then
-        echo "target_os=['$TARGET_OS']" >> ./.gclient
-      fi
-
-      ELECTRON_USE_THREE_WAY_MERGE_FOR_PATCHES=1 e d gclient sync --with_branch_heads --with_tags --nohooks -vv 
-  - name: Compress Git Cache Directory
-    shell: bash
-    run: |
-      echo "Uncompressed gitcache size: $(du -sh $GIT_CACHE_PATH | cut -f1 -d' ')"
-      cd $GIT_CACHE_PATH
-      tar -cf ../gitcache.tar .
-      cd ..
-      echo "Compressed gitcache to $(du -sh gitcache.tar | cut -f1 -d' ')"
-      # remove the old cache file if it exists 
-      if [ -f $CACHE_DRIVE/gitcache.tar ]; then
-        echo "Removing old gitcache.tar from $CACHE_DRIVE"
-        rm $CACHE_DRIVE/gitcache.tar
-      fi      
-      cp ./gitcache.tar $CACHE_DRIVE/
-  - name: Wait for active SSH sessions
-    shell: bash
-    if: always() && !cancelled()
-    run: |
-      while [ -f /var/.ssh-lock ]
-      do
-        sleep 60
-      done
--- a/.github/actions/checkout/action.yml
+++ b/.github/actions/checkout/action.yml
@@ -40,10 +40,10 @@ runs:
    if: ${{ inputs.generate-sas-token == 'true' }}
    shell: bash
    run: |
-      curl --unix-socket /var/run/sas/sas.sock --fail "http://foo/$CACHE_FILE?platform=${{ inputs.target-platform }}&getAccountName=true" > sas-token
+      curl --unix-socket /var/run/sas/sas.sock --fail "http://foo/$CACHE_FILE?platform=${{ inputs.target-platform }}" > sas-token
  - name: Save SAS Key
    if: ${{ inputs.generate-sas-token == 'true' }}
-    uses: actions/cache/save@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
+    uses: actions/cache/save@d4323d4df104b026a6aa633fdb11d772146be0bf
    with:
      path: sas-token
      key: sas-key-${{ inputs.target-platform }}-${{ github.run_number }}-${{ github.run_attempt }}
@@ -80,21 +80,6 @@ runs:
      else
        echo "The cross mount cache has $freespace_human free space - continuing"
      fi
-  - name: Add patch conflict problem matcher
-    shell: bash
-    run: echo "::add-matcher::src/electron/.github/problem-matchers/patch-conflict.json"
-  - name: Restore gitcache
-    if: steps.check-cache.outputs.cache_exists == 'false'
-    shell: bash
-    run: |
-      GIT_CACHE_TAR="$CACHE_DRIVE/gitcache.tar"
-      if [ ! -f "$GIT_CACHE_TAR" ]; then
-        echo "Git cache tar file does not exist, skipping restore"
-        exit 0
-      fi
-      echo "Restoring git cache from $GIT_CACHE_TAR to $GIT_CACHE_PATH"
-      mkdir -p $GIT_CACHE_PATH
-      tar -xf $GIT_CACHE_TAR -C $GIT_CACHE_PATH
  - name: Gclient Sync
    if: steps.check-cache.outputs.cache_exists == 'false'
    shell: bash
@@ -117,7 +102,12 @@ runs:
        git update-index --refresh || true
        if ! git diff-index --quiet HEAD --; then
          # There are changes to the patches. Make a git commit with the updated patches
-          if node ./script/patch-up.js; then
+          git add patches
+          GIT_COMMITTER_NAME="PatchUp" GIT_COMMITTER_EMAIL="73610968+patchup[bot]@users.noreply.github.com" git commit -m "chore: update patches" --author="PatchUp <73610968+patchup[bot]@users.noreply.github.com>"
+          # Export it
+          mkdir -p ../../patches
+          git format-patch -1 --stdout --keep-subject --no-stat --full-index > ../../patches/update-patches.patch
+          if node ./script/push-patch.js; then
            echo
            echo "======================================================================"
            echo "Changes to the patches when applying, we have auto-pushed the diff to the current branch"
@@ -125,11 +115,6 @@ runs:
            echo "======================================================================"
            exit 1
          else
-            git add patches
-            GIT_COMMITTER_NAME="PatchUp" GIT_COMMITTER_EMAIL="73610968+patchup[bot]@users.noreply.github.com" git commit -m "chore: update patches" --author="PatchUp <73610968+patchup[bot]@users.noreply.github.com>"
-            # Export it
-            mkdir -p ../../patches
-            git format-patch -1 --stdout --keep-subject --no-stat --full-index > ../../patches/update-patches.patch
            echo
            echo "======================================================================"
            echo "There were changes to the patches when applying."
@@ -143,17 +128,7 @@ runs:
          echo "No changes to patches detected"
        fi
      fi
-  - name: Remove patch conflict problem matchers
-    shell: bash
-    run: |
-      echo "::remove-matcher owner=merge-conflict::"
-      echo "::remove-matcher owner=patch-conflict::"
-      echo "::remove-matcher owner=patch-needs-update::"
-  - name: Upload patches stats
-    if: ${{ inputs.target-platform == 'linux' && github.ref == 'refs/heads/main' }}
-    shell: bash
-    run: |
-      node src/electron/script/patches-stats.mjs --upload-stats || true
+
  # delete all .git directories under src/ except for
  # third_party/angle/ and third_party/dawn/ because of build time generation of files
  # gen/angle/commit.h depends on third_party/angle/.git/HEAD
@@ -173,6 +148,7 @@ runs:
    run: |
      rm -rf src/android_webview
      rm -rf src/ios/chrome
+      rm -rf src/third_party/blink/web_tests
      rm -rf src/third_party/blink/perf_tests
      rm -rf src/chrome/test/data/xr/webvr_info
      rm -rf src/third_party/angle/third_party/VK-GL-CTS/src
--- a/.github/actions/cipd-install/action.yml
+++ b/.github/actions/cipd-install/action.yml
@@ -14,9 +14,6 @@ inputs:
    description: 'Target platform, should be linux, win, macos'
  package:
    description: 'Package to install'
-  dependency-version:
-    description: 'Version of the dependency to install'
-    default: ''
 runs:
  using: "composite"
  steps:
@@ -25,23 +22,15 @@ runs:
      run : |
        rm -rf ${{ inputs.cipd-root-prefix-path }}${{ inputs.installation-dir }}
    - name: Create ensure file for ${{ inputs.dependency }}
-      if: ${{ inputs.dependency-version == '' }}
      shell: bash
      run: |
        echo '${{ inputs.package }}' `e d gclient getdep --deps-file=${{ inputs.deps-file }} -r '${{ inputs.installation-dir }}:${{ inputs.package }}'` > ${{ inputs.dependency }}_ensure_file
        cat ${{ inputs.dependency }}_ensure_file
-
-    - name: Create ensure file for ${{ inputs.dependency }} from dependency-version
-      if: ${{ inputs.dependency-version != '' }}
-      shell: bash
-      run: |
-        echo '${{ inputs.package }} ${{ inputs.dependency-version }}'  > ${{ inputs.dependency }}_ensure_file
-        cat ${{ inputs.dependency }}_ensure_file
    - name: CIPD installation of ${{ inputs.dependency }} (macOS)
-      if: ${{ inputs.target-platform != 'win' }}
+      if: ${{ inputs.target-platform == 'macos' }}
      shell: bash
      run: |
-        echo "ensuring ${{ inputs.dependency }}"
+        echo "ensuring ${{ inputs.dependency }} on macOS"
        e d cipd ensure --root ${{ inputs.cipd-root-prefix-path }}${{ inputs.installation-dir }} -ensure-file ${{ inputs.dependency }}_ensure_file
    - name: CIPD installation of ${{ inputs.dependency }} (Windows)
      if: ${{ inputs.target-platform == 'win' }}
--- a/.github/actions/fix-sync/action.yml
+++ b/.github/actions/fix-sync/action.yml
@@ -19,16 +19,12 @@ inputs:
 runs:
  using: "composite"
  steps:
-    - name: Fix llvm toolchain
-      if: ${{ inputs.target-platform != 'linux' }}
+    - name: Fix clang
      shell: bash
      run : |
        rm -rf src/third_party/llvm-build
        python3 src/tools/clang/scripts/update.py
-        # Refs https://chromium-review.googlesource.com/c/chromium/src/+/6667681
-        python3 src/tools/clang/scripts/update.py --package objdump
    - name: Fix esbuild
-      if: ${{ inputs.target-platform != 'linux' }}
      uses: ./src/electron/.github/actions/cipd-install
      with:
        cipd-root-prefix-path: src/third_party/devtools-frontend/src/
@@ -37,24 +33,7 @@ runs:
        installation-dir: third_party/esbuild
        target-platform: ${{ inputs.target-platform }}
        package: infra/3pp/tools/esbuild/${platform}
-    - name: Fix rollup
-      if: ${{ inputs.target-platform != 'linux' }}
-      uses: ./src/electron/.github/actions/cipd-install
-      with:
-        cipd-root-prefix-path: src/third_party/devtools-frontend/src/
-        dependency: rollup_libs
-        deps-file: src/third_party/devtools-frontend/src/DEPS
-        installation-dir: third_party/rollup_libs
-        target-platform: ${{ inputs.target-platform }}
-        package: infra/3pp/tools/rollup_libs/${platform}
-    - name: Sync native rollup libs
-      if: ${{ inputs.target-platform != 'linux' }}
-      shell: bash
-      run : |
-        cd src/third_party/devtools-frontend/src
-        python3 scripts/deps/sync_rollup_libs.py
    - name: Fix rustc
-      if: ${{ inputs.target-platform != 'linux' }}
      shell: bash
      run : |
        rm -rf src/third_party/rust-toolchain
@@ -78,7 +57,6 @@ runs:
        target-platform: ${{ inputs.target-platform }}
        package: gn/gn/windows-amd64
    - name: Fix reclient
-      if: ${{ inputs.target-platform != 'linux' }}
      uses: ./src/electron/.github/actions/cipd-install
      with:
        dependency: reclient
@@ -87,7 +65,6 @@ runs:
        target-platform: ${{ inputs.target-platform }}
        package: infra/rbe/client/${platform}
    - name: Configure reclient configs
-      if: ${{ inputs.target-platform != 'linux' }}
      shell: bash
      run : |
        python3 src/buildtools/reclient_cfgs/configure_reclient_cfgs.py --rbe_instance "projects/rbe-chrome-untrusted/instances/default_instance" --reproxy_cfg_template reproxy.cfg.template --rewrapper_cfg_project "" --skip_remoteexec_cfg_fetch
@@ -105,7 +82,6 @@ runs:
          python3 src/third_party/depot_tools/download_from_google_storage.py --no_resume --no_auth --bucket chromium-browser-clang -s $DSYM_SHA_FILE -o src/tools/clang/dsymutil/bin/dsymutil
        fi
    - name: Fix ninja
-      if: ${{ inputs.target-platform != 'linux' }}
      uses: ./src/electron/.github/actions/cipd-install
      with:
        dependency: ninja
@@ -114,20 +90,10 @@ runs:
        target-platform: ${{ inputs.target-platform }}
        package: infra/3pp/tools/ninja/${platform}
    - name: Set ninja in path
-      if: ${{ inputs.target-platform != 'linux' }}
      shell: bash
      run : |
        echo "$(pwd)/src/third_party/ninja" >> $GITHUB_PATH
-    - name: Fix siso
-      uses: ./src/electron/.github/actions/cipd-install
-      with:
-        dependency: siso
-        deps-file: src/DEPS
-        installation-dir: src/third_party/siso/cipd
-        target-platform: ${{ inputs.target-platform }}
-        package: build/siso/${platform}
    - name: Fixup angle git
-      if: ${{ inputs.target-platform != 'linux' }}
      shell: bash
      run : |
        cd src/third_party/angle
--- a/.github/actions/free-space-macos/action.yml
+++ b/.github/actions/free-space-macos/action.yml
@@ -6,8 +6,6 @@ runs:
    - name: Free Space on MacOS
      shell: bash
      run: |
-        echo "Disk usage before cleanup:"
-        df -h
        sudo mkdir -p $TMPDIR/del-target

        tmpify() {
@@ -17,30 +15,28 @@ runs:
        }

        strip_universal_deep() {
-          if [ -d "$1" ]; then
-            opwd=$(pwd)
-            cd $1
-            f=$(find . -perm +111 -type f)
-            for fp in $f
-            do
-              if [[ $(file "$fp") == *"universal binary"* ]]; then
-                if [ "`arch`" == "arm64" ]; then
-                  if [[ $(file "$fp") == *"x86_64"* ]]; then
-                    sudo lipo -remove x86_64 "$fp" -o "$fp" || true
-                  fi
-                else
-                  if [[ $(file "$fp") == *"arm64e)"* ]]; then
-                    sudo lipo -remove arm64e "$fp" -o "$fp" || true
-                  fi
-                  if [[ $(file "$fp") == *"arm64)"* ]]; then
-                    sudo lipo -remove arm64 "$fp" -o "$fp" || true
-                  fi
+          opwd=$(pwd)
+          cd $1
+          f=$(find . -perm +111 -type f)
+          for fp in $f
+          do
+            if [[ $(file "$fp") == *"universal binary"* ]]; then
+              if [ "`arch`" == "arm64" ]; then
+                if [[ $(file "$fp") == *"x86_64"* ]]; then
+                  sudo lipo -remove x86_64 "$fp" -o "$fp" || true
+                fi
+              else
+                if [[ $(file "$fp") == *"arm64e)"* ]]; then
+                  sudo lipo -remove arm64e "$fp" -o "$fp" || true
+                fi
+                if [[ $(file "$fp") == *"arm64)"* ]]; then
+                  sudo lipo -remove arm64 "$fp" -o "$fp" || true
                fi
              fi
-            done
+            fi
+          done

-            cd $opwd
-          fi
+          cd $opwd
        }

        tmpify /Library/Developer/CoreSimulator
@@ -61,31 +57,9 @@ runs:
        sudo rm -rf $TMPDIR/del-target

        sudo rm -rf /Applications/Safari.app
-        sudo rm -rf /Applications/Xcode_16.1.app
-        sudo rm -rf /Applications/Xcode_16.2.app
-        sudo rm -rf /Applications/Xcode_16.3.app
-        sudo rm -rf /Applications/Xcode_26*
-        sudo rm -rf /Applications/Google Chrome.app
-        sudo rm -rf /Applications/Google Chrome for Testing.app
-        sudo rm -rf /Applications/Firefox.app
-        sudo rm -rf /Applications/Microsoft Edge.app
        sudo rm -rf ~/project/src/third_party/catapult/tracing/test_data
        sudo rm -rf ~/project/src/third_party/angle/third_party/VK-GL-CTS
-        sudo rm -rf /Users/runner/Library/Android
-        sudo rm -rf $JAVA_HOME_11_arm64
-        sudo rm -rf $JAVA_HOME_17_arm64
-        sudo rm -rf $JAVA_HOME_21_arm64
-        sudo rm -rf $JAVA_HOME_25_arm64
-        sudo rm -rf /Users/runner/.dotnet/
-        sudo rm -rf /Users/runner/.rustup
-
-        # remove homebrew packages we don't need
-        if command -v brew &> /dev/null; then
-          brew uninstall -f --zap aws-sam-cli session-manager-plugin gcc gcc@13 gcc@14 llvm@18 gradle maven ant azure-cli
-          brew autoremove
-        fi

        # lipo off some huge binaries arm64 versions to save space
        strip_universal_deep $(xcode-select -p)/../SharedFrameworks
-        # strip_arm_deep /System/Volumes/Data/Library/Developer/CommandLineTools/usr
-        sudo mdutil -a -i off
+        # strip_arm_deep /System/Volumes/Data/Library/Developer/CommandLineTools/usr
--- a/.github/actions/generate-types/action.yml
+++ b/.github/actions/generate-types/action.yml
@@ -13,16 +13,12 @@ runs:
  - name: Generating Types for SHA in ${{ inputs.sha-file }}
    shell: bash
    run: |
-      export ELECTRON_DIR=$(pwd)
-      if [ "${{ inputs.sha-file }}" == ".dig-old" ]; then
-        cd /tmp
-        git clone https://github.com/electron/electron.git
-        cd electron
-      fi
-      git checkout $(cat $ELECTRON_DIR/${{ inputs.sha-file }})
-      node script/yarn.js install --immutable
+      git checkout $(cat ${{ inputs.sha-file }})
+      rm -rf node_modules
+      yarn install --frozen-lockfile --ignore-scripts
      echo "#!/usr/bin/env node\nglobal.x=1" > node_modules/typescript/bin/tsc
      node node_modules/.bin/electron-docs-parser --dir=./ --outDir=./ --moduleVersion=0.0.0-development
      node node_modules/.bin/electron-typescript-definitions --api=electron-api.json --outDir=artifacts
-      mv artifacts/electron.d.ts $ELECTRON_DIR/artifacts/${{ inputs.filename }}
+      mv artifacts/electron.d.ts artifacts/${{ inputs.filename }}
+      git checkout .
    working-directory: ./electron
--- a/.github/actions/install-build-tools/action.yml
+++ b/.github/actions/install-build-tools/action.yml
@@ -11,22 +11,15 @@ runs:
        git config --global core.autocrlf false
        git config --global branch.autosetuprebase always
        git config --global core.fscache true
-        git config --global core.longpaths true
        git config --global core.preloadindex true
-        git config --global core.longpaths true
      fi
-      export BUILD_TOOLS_SHA=a0cc95a1884a631559bcca0c948465b725d9295a
+      export BUILD_TOOLS_SHA=6e8526315ea3b4828882497e532b8340e64e053c
      npm i -g @electron/build-tools
-      # Update depot_tools to ensure python
-      e d update_depot_tools
      e auto-update disable
-      # Disable further updates of depot_tools
      e d auto-update disable
      if [ "$(expr substr $(uname -s) 1 10)" == "MSYS_NT-10" ]; then
        e d cipd.bat --version
        cp "C:\Python311\python.exe" "C:\Python311\python3.exe"
-        echo "C:\Users\ContainerAdministrator\.electron_build_tools\third_party\depot_tools" >> $GITHUB_PATH
-      else
-        echo "$HOME/.electron_build_tools/third_party/depot_tools" >> $GITHUB_PATH
-        echo "$HOME/.electron_build_tools/third_party/depot_tools/python-bin" >> $GITHUB_PATH
-      fi
+      fi
+      echo "$HOME/.electron_build_tools/third_party/depot_tools" >> $GITHUB_PATH
+      echo "$HOME/.electron_build_tools/third_party/depot_tools/python-bin" >> $GITHUB_PATH
--- a/.github/actions/install-dependencies/action.yml
+++ b/.github/actions/install-dependencies/action.yml
@@ -6,8 +6,8 @@ runs:
  - name: Get yarn cache directory path
    shell: bash
    id: yarn-cache-dir-path
-    run: echo "dir=$(node src/electron/script/yarn.js config get cacheFolder)" >> $GITHUB_OUTPUT
-  - uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
+    run: echo "dir=$(node src/electron/script/yarn cache dir)" >> $GITHUB_OUTPUT
+  - uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57
    id: yarn-cache
    with:
      path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
@@ -18,14 +18,4 @@ runs:
    shell: bash
    run: |
      cd src/electron
-      if [ "$TARGET_ARCH" = "x86" ]; then
-        export npm_config_arch="ia32"
-      fi
-      # if running on linux arm skip yarn Builds
-      ARCH=$(uname -m)
-      if [ "$ARCH" = "armv7l" ]; then
-        echo "Skipping yarn build on linux arm"
-        node script/yarn.js install --immutable --mode=skip-build
-      else
-        node script/yarn.js install --immutable
-      fi
+      node script/yarn install --frozen-lockfile --prefer-offline
--- a/.github/actions/restore-cache-azcopy/action.yml
+++ b/.github/actions/restore-cache-azcopy/action.yml
@@ -8,14 +8,14 @@ runs:
  steps:
  - name: Obtain SAS Key
    continue-on-error: true
-    uses: actions/cache/restore@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
+    uses: actions/cache/restore@d4323d4df104b026a6aa633fdb11d772146be0bf
    with:
      path: sas-token
      key: sas-key-${{ inputs.target-platform }}-${{ github.run_number }}-1
      enableCrossOsArchive: true
  - name: Obtain SAS Key
    continue-on-error: true
-    uses: actions/cache/restore@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
+    uses: actions/cache/restore@d4323d4df104b026a6aa633fdb11d772146be0bf
    with:
      path: sas-token
      key: sas-key-${{ inputs.target-platform }}-${{ github.run_number }}-${{ github.run_attempt }}
@@ -32,23 +32,22 @@ runs:
      shell: bash
      command: |
        sas_token=$(cat sas-token)
-        if [ -z "$sas_token" ]; then
+        if [ -z $sas-token ]; then
          echo "SAS Token not found; exiting src cache download early..."
          exit 1
        else
-          sas_token=$(jq -r '.sasToken' sas-token)
-          account_name=$(jq -r '.accountName' sas-token)
          if [ "${{ inputs.target-platform }}" = "win" ]; then
            azcopy copy --log-level=ERROR \
-            "https://$account_name.file.core.windows.net/${{ env.AZURE_AKS_WIN_CACHE_SHARE_NAME }}/${{ env.CACHE_PATH }}?$sas_token" $DEPSHASH.tar
+            "https://${{ env.AZURE_AKS_CACHE_STORAGE_ACCOUNT }}.file.core.windows.net/${{ env.AZURE_AKS_WIN_CACHE_SHARE_NAME }}/${{ env.CACHE_PATH }}?$sas_token" $DEPSHASH.tar
          else
            azcopy copy --log-level=ERROR \
-            "https://$account_name.file.core.windows.net/${{ env.AZURE_AKS_CACHE_SHARE_NAME }}/${{ env.CACHE_PATH }}?$sas_token" $DEPSHASH.tar
+            "https://${{ env.AZURE_AKS_CACHE_STORAGE_ACCOUNT }}.file.core.windows.net/${{ env.AZURE_AKS_CACHE_SHARE_NAME }}/${{ env.CACHE_PATH }}?$sas_token" $DEPSHASH.tar
          fi            
        fi
    env:
-      AZURE_AKS_CACHE_SHARE_NAME: linux-cache
-      AZURE_AKS_WIN_CACHE_SHARE_NAME: windows-cache
+      AZURE_AKS_CACHE_STORAGE_ACCOUNT: f723719aa87a34622b5f7f3
+      AZURE_AKS_CACHE_SHARE_NAME: pvc-f6a4089f-b082-4bee-a3f9-c3e1c0c02d8f
+      AZURE_AKS_WIN_CACHE_SHARE_NAME: pvc-71dec4f2-0d44-4fd1-a2c3-add049d70bdf
  - name: Clean SAS Key
    shell: bash
    run: rm -f sas-token
@@ -97,7 +96,7 @@ runs:

      $TEMP_DIR=New-Item -ItemType Directory -Path temp-cache
      $TEMP_DIR_PATH = $TEMP_DIR.FullName
-      C:\ProgramData\Chocolatey\bin\7z.exe -y -snld20 x $src_cache -o"$TEMP_DIR_PATH"
+      C:\ProgramData\Chocolatey\bin\7z.exe -y x $src_cache -o"$TEMP_DIR_PATH"

  - name: Move Src Cache (Windows)
    if: ${{ inputs.target-platform == 'win' }}
--- a/.github/actions/ssh-debug/action.yml
+++ b/.github/actions/ssh-debug/action.yml
@@ -1,20 +0,0 @@
-name: Debug via SSH
-description: Setup a SSH server with a tunnel to access it to debug via SSH.
-inputs:
-  tunnel:
-    description: 'Enable SSH tunneling via cloudflared'
-    required: true
-    default: 'false'
-  timeout:
-    description: 'SSH session timeout in seconds'
-    required: false
-    type: number
-    default: 3600
-runs:
-  using: composite
-  steps:
-    - run: $GITHUB_ACTION_PATH/setup-ssh.sh
-      shell: bash
-      env:
-        TUNNEL: ${{ inputs.tunnel }}
-        TIMEOUT: ${{ inputs.timeout }}
--- a/.github/actions/ssh-debug/bashrc
+++ b/.github/actions/ssh-debug/bashrc
@@ -1,4 +0,0 @@
-# If we're in an interactive SSH session and we're not already in tmux and there's no explicit SSH command, auto attach tmux
-if [ -n "$SSH_TTY" ] && [ -z "$TMUX" ] && [ -z "$SSH_ORIGINAL_COMMAND" ]; then
-    exec tmux attach || exec tmux
-fi
--- a/.github/actions/ssh-debug/setup-ssh.sh
+++ b/.github/actions/ssh-debug/setup-ssh.sh
@@ -1,146 +0,0 @@
-#!/bin/bash -e
-
-if [ "${TUNNEL}" != "true" ]; then
-    echo "SSH tunneling is disabled. Set enable-tunnel: true to enable remote access."
-    echo "Local SSH server would be available on localhost:2222 if this were a local environment."
-    exit 0
-fi
-
-echo ::group::Configuring Tunnel
-
-echo "SSH tunneling enabled. Setting up remote access..."
-
-EXTERNAL_DEPS="curl jq ssh-keygen"
-
-for dep in $EXTERNAL_DEPS; do
-    if ! command -v "${dep}" > /dev/null 2>&1; then
-       echo "Command ${dep} not installed on the system!" >&2
-       exit 1
-    fi
-done
-
-cd "$GITHUB_ACTION_PATH"
-
-bashrc_path=$(pwd)/bashrc
-
-# Source `bashrc` to auto start tmux on SSH login.
-if ! grep -q "${bashrc_path}" ~/.bash_profile; then
-    echo >> ~/.bash_profile # On macOS runner there's no newline at the end of the file
-    echo "source \"${bashrc_path}\"" >> ~/.bash_profile
-fi
-
-OS=$(uname -s | tr '[:upper:]' '[:lower:]')
-ARCH=$(uname -m)
-
-if [ "${ARCH}" = "x86_64" ]; then
-    ARCH="amd64"
-elif [ "${ARCH}" = "aarch64" ]; then
-    ARCH="arm64"
-fi
-
-if [ "${OS}" = "darwin" ] && ! command -v tmux > /dev/null 2>&1; then
-    echo "Installing tmux..."
-    brew install tmux
-fi
-
-if [ "$OS" = "darwin" ]; then
-    cloudflared_url="https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-${OS}-${ARCH}.tgz"
-    echo "Downloading \`cloudflared\` from <$cloudflared_url>..."
-    curl --location --silent --output cloudflared.tgz "${cloudflared_url}"
-    tar xf cloudflared.tgz
-    rm cloudflared.tgz
-fi
-
-chmod +x cloudflared
-
-echo 'Creating SSH server key...'
-ssh-keygen -q -f ssh_host_rsa_key -N ''
-
-echo 'Creating SSH server config...'
-sed "s,\$PWD,${PWD},;s,\$USER,${USER}," sshd_config.template > sshd_config
-
-echo 'Starting SSH server...'
-sudo /usr/sbin/sshd -f sshd_config -D &
-sshd_pid=$!
-
-echo "SSH server started successfully (PID: ${sshd_pid})"
-
-echo 'Starting tmux session...'
-(cd "${GITHUB_WORKSPACE}" && tmux new-session -d -s debug)
-
-mkdir ~/.cloudflared
-CLEAN_TUNNEL_CERT=$(printf '%s\n' "${CLOUDFLARE_TUNNEL_CERT}" | tr -d '\r' | sed '/^[[:space:]]*$/d')
-
-echo "${CLEAN_TUNNEL_CERT}" > ~/.cloudflared/cert.pem
-
-CLEAN_USER_CA_CERT=$(printf '%s\n' "${CLOUDFLARE_USER_CA_CERT}" | tr -d '\r' | sed '/^[[:space:]]*$/d')
-
-echo "${CLEAN_USER_CA_CERT}" | sudo tee /etc/ssh/ca.pub > /dev/null
-sudo chmod 644 /etc/ssh/ca.pub
-
-random_suffix=$(openssl rand -hex 5 | cut -c1-10)
-tunnel_name="${GITHUB_SHA}-${GITHUB_RUN_ID}-${random_suffix}"
-tunnel_url="${tunnel_name}.${CLOUDFLARE_TUNNEL_HOSTNAME}"
-
-if ./cloudflared tunnel list | grep -q "${tunnel_name}"; then
-    echo "Deleting existing tunnel: ${tunnel_name}"
-    ./cloudflared tunnel delete ${tunnel_name}
-fi
-
-echo "Creating new cloudflare tunnel: ${tunnel_name}"
-./cloudflared tunnel create ${tunnel_name}
-
-credentials_file=$(find ~/.cloudflared -name "*.json" | head -n 1)
-if [ -z "${credentials_file}" ]; then
-    echo "Error: Could not find tunnel credentials file"
-    exit 1
-fi
-
-echo "Found credentials file: ${credentials_file}"
-
-echo 'Creating tunnel configuration...'
-cat > tunnel_config.yml << EOF
-tunnel: ${tunnel_name}
-credentials-file: ${credentials_file}
-
-ingress:
-  - hostname: ${tunnel_url}
-    service: ssh://localhost:2222
-  - service: http_status:404
-EOF
-
-echo 'Setting up DNS routing for tunnel...'
-./cloudflared tunnel route dns ${tunnel_name} ${tunnel_url}
-
-echo 'Running cloudflare tunnel...'
-./cloudflared tunnel --no-autoupdate --config tunnel_config.yml run 2>&1 | tee cloudflared.log | sed -u 's/^/cloudflared: /' &
-cloudflared_pid=$!
-
-echo ::endgroup::
-
-echo ::notice title=SSH Debug Session Ready::ssh ${tunnel_url}
-
-
-(
-    echo '    '
-    echo '    '
-    echo '🔗 SSH Debug Session Ready!'
-    echo '━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━'
-    echo '    '
-    echo '📋 Infra WG can copy and run this command to connect:'
-    echo '    '
-    echo "ssh ${tunnel_url}"
-    echo '    '
-    echo "⏰ Session expires automatically in ${TIMEOUT} seconds"
-    echo '━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━'
-    echo '    '
-    echo '    '
-) | cat
-
-echo ::group::Starting Background Session
-echo 'Starting SSH session in background...'
-./ssh-session.sh "${sshd_pid}" "${cloudflared_pid}" "${TIMEOUT}" "${tunnel_name}" &
-
-echo 'SSH session is running in background. GitHub Action will continue.'
-echo 'Session will auto-cleanup after timeout or when processes end.'
-echo ::endgroup::
--- a/.github/actions/ssh-debug/ssh-session.sh
+++ b/.github/actions/ssh-debug/ssh-session.sh
@@ -1,52 +0,0 @@
-#!/bin/bash
-
-SSHD_PID=$1
-CLOUDFLARED_PID=$2
-SESSION_TIMEOUT=${3:-10000}
-TUNNEL_NAME=$4
-
-cleanup() {
-    # Kill processes.
-    for pid in "$SLEEP_PID" "$SSHD_PID" "$CLOUDFLARED_PID"; do
-        if [ -n "$pid" ] && kill -0 "$pid" 2>/dev/null; then
-            kill "$pid" 2>/dev/null || true
-        fi
-    done
-
-    # Clean up tunnel.
-    if [ -n "$TUNNEL_NAME" ]; then
-        cd "$GITHUB_ACTION_PATH"
-        ./cloudflared tunnel delete "$TUNNEL_NAME" 2>/dev/null || {
-            echo "Failed to delete tunnel"
-        }
-    fi
-
-    echo "Session ended at $(date)"
-    exit 0
-}
-
-# Trap signals to ensure cleanup.
-trap cleanup SIGTERM SIGINT SIGQUIT SIGHUP EXIT
-
-# Wait for timeout or until processes die.
-sleep "$SESSION_TIMEOUT" &
-SLEEP_PID=$!
-
-# Monitor processes
-while kill -0 "$SLEEP_PID" 2>/dev/null; do
-    # Check SSH daemon.
-    if ! kill -0 "$SSHD_PID" 2>/dev/null; then
-        echo "SSH daemon died at $(date)"
-        break
-    fi
-
-    # Check cloudflared,
-    if ! kill -0 "$CLOUDFLARED_PID" 2>/dev/null; then
-        echo "Cloudflared died at $(date)"
-        break
-    fi
-
-    sleep 10
-done
-
-cleanup
--- a/.github/actions/ssh-debug/sshd_config.template
+++ b/.github/actions/ssh-debug/sshd_config.template
@@ -1,25 +0,0 @@
-Port 2222
-HostKey $PWD/ssh_host_rsa_key
-PidFile $PWD/sshd.pid
-
-# Connection settings
-ClientAliveInterval 30
-ClientAliveCountMax 10
-MaxStartups 10
-LoginGraceTime 120
-
-# Allow TCP forwarding for tunneling
-AllowTcpForwarding yes
-
-# Try to prevent timeouts
-TCPKeepAlive yes
-
-# Security
-TrustedUserCAKeys /etc/ssh/ca.pub
-PubkeyAuthentication yes
-PasswordAuthentication no
-
-AuthorizedPrincipalsCommand /bin/bash -c "echo '%t %k' | ssh-keygen -L -f - | grep -A1 Principals"
-AuthorizedPrincipalsCommandUser nobody
-
-PubkeyAcceptedKeyTypes ssh-rsa,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com
--- a/.github/problem-matchers/clang.json
+++ b/.github/problem-matchers/clang.json
@@ -1,18 +0,0 @@
-{
-  "problemMatcher": [
-    {
-      "owner": "clang",
-      "fromPath": "src/out/Default/args.gn",
-      "pattern": [
-        {
-          "regexp": "^(.+)[(:](\\d+)[:,](\\d+)\\)?:\\s+(warning|error):\\s+(.*)$",
-          "file": 1,
-          "line": 2,
-          "column": 3,
-          "severity": 4,
-          "message": 5
-        }
-      ]
-    }
-  ]
-}
--- a/.github/problem-matchers/eslint-stylish.json
+++ b/.github/problem-matchers/eslint-stylish.json
@@ -1,22 +0,0 @@
-{
-  "problemMatcher": [
-    {
-      "owner": "eslint-stylish",
-      "pattern": [
-        {
-          "regexp": "^\\s*([^\\s].*)$",
-          "file": 1
-        },
-        {
-          "regexp": "^\\s+(\\d+):(\\d+)\\s+(error|warning|info)\\s+(.*)\\s\\s+(.*)$",
-          "line": 1,
-          "column": 2,
-          "severity": 3,
-          "message": 4,
-          "code": 5,
-          "loop": true
-        }
-      ]
-    }
-  ]
-}
--- a/.github/problem-matchers/markdownlint.json
+++ b/.github/problem-matchers/markdownlint.json
@@ -1,16 +0,0 @@
-{
-  "problemMatcher": [
-    {
-      "owner": "markdownlint",
-      "pattern": [
-        {
-          "regexp": "^(.+):(\\d+):(\\d+)\\s+(.*)$",
-          "file": 1,
-          "line": 2,
-          "column": 3,
-          "message": 4
-        }
-      ]
-    }
-  ]
-}
--- a/.github/problem-matchers/patch-conflict.json
+++ b/.github/problem-matchers/patch-conflict.json
@@ -1,34 +0,0 @@
-{
-  "problemMatcher": [
-    {
-      "owner": "merge-conflict",
-      "pattern": [
-        {
-          "regexp": "^CONFLICT\\s\\(\\S+\\): (Merge conflict in \\S+)$",
-          "message": 1
-        }
-      ]
-    },
-    {
-      "owner": "patch-conflict",
-      "pattern": [
-        {
-          "regexp": "^error: (patch failed: (\\S+):(\\d+))$",
-          "message": 1,
-          "file": 2,
-          "line": 3
-        }
-      ]
-    },
-    {
-      "owner": "patch-needs-update",
-      "pattern": [
-        {
-          "regexp": "^((patches\/.*): needs update)$",
-          "message": 1,
-          "file": 2
-        }
-      ]
-    }
-  ]
-}
--- a/.github/workflows/apply-patches.yml
+++ b/.github/workflows/apply-patches.yml
@@ -1,73 +0,0 @@
-name: Apply Patches
-
-on:
-  pull_request:
-
-permissions: {}
-
-concurrency:
-  group: apply-patches-${{ github.ref }}
-  cancel-in-progress: true
-
-jobs:
-  setup:
-    if: github.repository == 'electron/electron'
-    runs-on: ubuntu-slim
-    permissions:
-      contents: read
-      pull-requests: read
-    outputs:
-      has-patches: ${{ steps.filter.outputs.patches }}
-    steps:
-    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
-      with:
-        persist-credentials: false
-        ref: ${{ github.event.pull_request.head.sha }}
-    # Use dorny/paths-filter instead of the path filter under the on: pull_request: block
-    # so that the output can be used to conditionally run the apply-patches job, which lets
-    # the job be marked as a required status check (conditional skip counts as a success).
-    - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
-      id: filter
-      with:
-        filters: |
-          patches:
-            - DEPS
-            - 'patches/**'
-
-  apply-patches:
-    needs: setup
-    if: ${{ needs.setup.outputs.has-patches == 'true' }}
-    runs-on: electron-arc-centralus-linux-amd64-32core
-    permissions:
-      contents: read
-    container:
-      image: ghcr.io/electron/build:a82b87d7a4f5ff0cab61405f8151ac4cf4942aeb
-      options: --user root
-      volumes:
-        - /mnt/cross-instance-cache:/mnt/cross-instance-cache
-        - /var/run/sas:/var/run/sas
-    env:
-      CHROMIUM_GIT_COOKIE: ${{ secrets.CHROMIUM_GIT_COOKIE }}
-      GCLIENT_EXTRA_ARGS: '--custom-var=checkout_arm=True --custom-var=checkout_arm64=True'
-    steps:
-    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
-      with:
-        path: src/electron
-        fetch-depth: 0
-        persist-credentials: false
-        ref: ${{ github.event.pull_request.base.ref }}
-    - name: Merge PR HEAD
-      working-directory: src/electron
-      env:
-        PR_NUMBER: ${{ github.event.pull_request.number }}
-      run: |
-        git config user.email "electron@github.com"
-        git config user.name "Electron Bot"
-        git fetch origin refs/pull/${PR_NUMBER}/head
-        git merge --squash FETCH_HEAD
-        git commit -n -m "Squashed commits"
-    - name: Checkout & Sync & Save
-      uses: ./src/electron/.github/actions/checkout
-      with:
-        target-platform: linux
--- a/.github/workflows/archaeologist-dig.yml
+++ b/.github/workflows/archaeologist-dig.yml
@@ -3,23 +3,19 @@ name: Archaeologist
 on:
  pull_request:

-permissions: {}
-
 jobs:
   archaeologist-dig:
    name: Archaeologist Dig
    runs-on: ubuntu-latest
-    permissions:
-      contents: read
    steps:
      - name: Checkout Electron
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #v4.0.2
        with:
          fetch-depth: 0
      - name: Setup Node.js/npm
-        uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238
+        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020
        with:
-          node-version: 24.12.x
+          node-version: 20.19.x
      - name: Setting Up Dig Site
        run: |
          echo "remote: ${{ github.event.pull_request.head.repo.clone_url }}"
@@ -45,7 +41,7 @@ jobs:
          sha-file: .dig-old
          filename: electron.old.d.ts
      - name: Upload artifacts
-        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f #v6.0.0
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 #v4.6.2
        with:
          name: artifacts
          path: electron/artifacts
--- a/.github/workflows/audit-branch-ci.yml
+++ b/.github/workflows/audit-branch-ci.yml
@@ -1,162 +0,0 @@
-name: Audit CI on Branches
-
-on:
-  workflow_dispatch:
-  schedule:
-    # Run every 2 hours
-    - cron: '0 */2 * * *'
-
-permissions: {}
-
-jobs:
-  audit_branch_ci:
-    name: Audit CI on Branches
-    if: github.repository == 'electron/electron'
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-    steps:
-      - name: Setup Node.js
-        uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
-        with:
-          node-version: 22.17.x
-      - name: Sparse checkout repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          sparse-checkout: |
-            .
-            .github
-            .yarn
-      - run: yarn workspaces focus @electron/gha-workflows
-      - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
-        id: audit-errors
-        with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-          script: |
-            const { chdir } = require('node:process');
-            chdir('${{ github.workspace }}/.github/workflows');
-
-            const cache = require('@actions/cache');
-            const { ElectronVersions } = require('@electron/fiddle-core');
-
-            const runsWithErrors = [];
-
-            // Only want the most recent workflow run that wasn't skipped or cancelled
-            const isValidWorkflowRun = (run) => !['skipped', 'cancelled'].includes(run.conclusion);
-
-            const versions = await ElectronVersions.create({ ignoreCache: true });
-            const branches = versions.supportedMajors.map((branch) => `${branch}-x-y`);
-
-            for (const branch of ["main", ...branches]) {
-              const latestCheckRuns = new Map();
-              const allCheckRuns = await github.paginate(github.rest.checks.listForRef, {
-                owner: "electron",
-                repo: "electron",
-                ref: branch,
-                status: 'completed',
-              });
-
-              // Sort the check runs by completed_at so that multiple check runs on the
-              // same ref (like a scheduled workflow) only looks at the most recent one
-              for (const checkRun of allCheckRuns.filter(
-                (run) => !['skipped', 'cancelled'].includes(run.conclusion),
-              ).sort((a, b) => new Date(b.completed_at) - new Date(a.completed_at))) {
-                if (!latestCheckRuns.has(checkRun.name)) {
-                  latestCheckRuns.set(checkRun.name, checkRun);
-                }
-              }
-
-              // Check for runs which had error annotations
-              for (const checkRun of Array.from(latestCheckRuns.values())) {
-                if (checkRun.name === "Audit CI on Branches") {
-                  continue; // Skip the audit workflow itself
-                }
-
-                const annotations = (await github.rest.checks.listAnnotations({
-                  owner: "electron",
-                  repo: "electron",
-                  check_run_id: checkRun.id,
-                })).data ?? [];
-
-                if (
-                  annotations.find(
-                    ({ annotation_level, message }) =>
-                      annotation_level === "failure" &&
-                      !message.startsWith("Process completed with exit code") &&
-                      !message.startsWith("Response status code does not indicate success") &&
-                      !message.startsWith("The hosted runner lost communication with the server") &&
-                      !message.startsWith("Dependabot encountered an error performing the update") &&
-                      !/Unable to make request/.test(message) &&
-                      !/The requested URL returned error/.test(message),
-                  )
-                ) {
-                  checkRun.hasErrorAnnotations = true;
-                } else {
-                  continue;
-                }
-
-                // Check if this is a known failure from a previous audit run
-                const cacheKey = `check-run-error-annotations-${checkRun.id}`;
-                const cacheHit =
-                  (await cache.restoreCache(['/dev/null'], cacheKey, undefined, {
-                    lookupOnly: true,
-                  })) !== undefined;
-
-                if (cacheHit) {
-                  checkRun.isStale = true;
-                }
-
-                checkRun.branch = branch;
-                runsWithErrors.push(checkRun);
-  
-                // Create a cache entry (only the name matters) to keep track of
-                // failures we've seen from previous runs to mark them as stale
-                if (!cacheHit) {
-                  await cache.saveCache(['/dev/null'], cacheKey);
-                }
-              }
-            }
-
-            if (runsWithErrors.length > 0) {
-              core.summary.addHeading('⚠️ Runs with Errors');
-              core.summary.addTable([
-                [
-                  { data: 'Branch', header: true },
-                  { data: 'Workflow Run', header: true },
-                  { data: 'Status', header: true },
-                ],
-                ...runsWithErrors
-                  .sort(
-                    (a, b) =>
-                      a.branch.localeCompare(b.branch) ||
-                      a.name.localeCompare(b.name),
-                  )
-                  .map((run) => [
-                    run.branch,
-                    `<a href="${run.html_url}">${run.name}</a>`,
-                    run.isStale
-                      ? '📅 Stale'
-                      : run.hasErrorAnnotations
-                      ? '⚠️ Errors'
-                      : '✅ Succeeded',
-                  ]),
-              ]);
-
-              // Set this as failed so it's easy to scan runs to find failures
-              if (runsWithErrors.find((run) => !run.isStale)) {
-                core.setOutput('errorsFound', true);
-                process.exitCode = 1;
-              }
-            } else {
-              core.summary.addRaw('🎉 No runs with errors');
-            }
-
-            await core.summary.write();
-      - name: Send Slack message if errors
-        if: ${{ always() && steps.audit-errors.outputs.errorsFound && github.ref == 'refs/heads/main' }}
-        uses: slackapi/slack-github-action@91efab103c0de0a537f72a35f6b8cda0ee76bf0a # v2.1.1
-        with:
-          payload: |
-            link: "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}"
-          webhook: ${{ secrets.CI_ERRORS_SLACK_WEBHOOK_URL }}
-          webhook-type: webhook-trigger
--- a/.github/workflows/branch-created.yml
+++ b/.github/workflows/branch-created.yml
@@ -14,7 +14,7 @@ permissions: {}
 jobs:
  release-branch-created:
    name: Release Branch Created
-    if: ${{ github.repository == 'electron/electron' && (github.event_name == 'workflow_dispatch' || (github.event.ref_type == 'branch' && endsWith(github.event.ref, '-x-y') && !startsWith(github.event.ref, 'roller'))) }}
+    if: ${{ github.event_name == 'workflow_dispatch' || (github.event.ref_type == 'branch' && endsWith(github.event.ref, '-x-y') && !startsWith(github.event.ref, 'roller')) }}
    permissions:
      contents: read
      pull-requests: write
@@ -68,14 +68,14 @@ jobs:
          done
      - name: Generate GitHub App token
        if: ${{ steps.check-major-version.outputs.MAJOR }}
-        uses: electron/github-app-auth-action@e14e47722ed120360649d0789e25b9baece12725 # v2.0.0
+        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
        id: generate-token
        with:
          creds: ${{ secrets.RELEASE_BOARD_GH_APP_CREDS }}
          org: electron
      - name: Generate Release Project Board Metadata
        if: ${{ steps.check-major-version.outputs.MAJOR }}
-        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
+        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
        id: generate-project-metadata
        with:
          script: |
--- a/.github/workflows/build-git-cache.yml
+++ b/.github/workflows/build-git-cache.yml
@@ -1,85 +0,0 @@
-name: Build Git Cache
-# This workflow updates git cache on the cross-instance cache volumes
-# It runs daily at midnight.
-
-on:  
-  schedule:
-    - cron: "0 0 * * *"
-
-permissions: {}
-
-jobs:
-  build-git-cache-linux:
-    if: github.repository == 'electron/electron'
-    runs-on: electron-arc-centralus-linux-amd64-32core
-    permissions:
-      contents: read
-    container:
-      image: ghcr.io/electron/build:a82b87d7a4f5ff0cab61405f8151ac4cf4942aeb
-      options: --user root
-      volumes:
-        - /mnt/cross-instance-cache:/mnt/cross-instance-cache
-    env:
-      CHROMIUM_GIT_COOKIE: ${{ secrets.CHROMIUM_GIT_COOKIE }}      
-      GCLIENT_EXTRA_ARGS: '--custom-var=checkout_arm=True --custom-var=checkout_arm64=True'
-    steps:
-    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
-      with:
-        path: src/electron
-        fetch-depth: 0
-    - name: Build Git Cache
-      uses: ./src/electron/.github/actions/build-git-cache
-      with:
-        target-platform: linux
-
-  build-git-cache-windows:
-    if: github.repository == 'electron/electron'
-    runs-on: electron-arc-centralus-linux-amd64-32core
-    permissions:
-      contents: read
-    container:
-      image: ghcr.io/electron/build:a82b87d7a4f5ff0cab61405f8151ac4cf4942aeb
-      options: --user root --device /dev/fuse --cap-add SYS_ADMIN
-      volumes:
-        - /mnt/win-cache:/mnt/win-cache
-    env:
-      CHROMIUM_GIT_COOKIE: ${{ secrets.CHROMIUM_GIT_COOKIE }}
-      GCLIENT_EXTRA_ARGS: '--custom-var=checkout_win=True'
-      TARGET_OS: 'win'
-    steps:
-    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
-      with:
-        path: src/electron
-        fetch-depth: 0
-    - name: Build Git Cache
-      uses: ./src/electron/.github/actions/build-git-cache
-      with:
-        target-platform: win
-
-  build-git-cache-macos:
-    if: github.repository == 'electron/electron'
-    runs-on: electron-arc-centralus-linux-amd64-32core
-    permissions:
-      contents: read
-    # This job updates the same git cache as linux, so it needs to run after the linux one.
-    needs: build-git-cache-linux
-    container:
-      image: ghcr.io/electron/build:a82b87d7a4f5ff0cab61405f8151ac4cf4942aeb
-      options: --user root
-      volumes:
-        - /mnt/cross-instance-cache:/mnt/cross-instance-cache
-    env:
-      CHROMIUM_GIT_COOKIE: ${{ secrets.CHROMIUM_GIT_COOKIE }}
-      GCLIENT_EXTRA_ARGS: '--custom-var=checkout_mac=True --custom-var=host_os=mac'
-    steps:
-    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
-      with:
-        path: src/electron
-        fetch-depth: 0
-    - name: Build Git Cache
-      uses: ./src/electron/.github/actions/build-git-cache
-      with:
-        target-platform: macos
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -6,7 +6,7 @@ on:
      build-image-sha:
        type: string
        description: 'SHA for electron/build image'
-        default: 'a82b87d7a4f5ff0cab61405f8151ac4cf4942aeb'
+        default: '424eedbf277ad9749ffa9219068aa72ed4a5e373'
        required: true
      skip-macos:
        type: boolean
@@ -28,11 +28,6 @@ on:
        description: 'Skip lint check'
        default: false
        required: false
-      enable-ssh:
-        description: 'Enable SSH debugging'
-        required: false
-        type: boolean
-        default: false
  push:
    branches:
      - main
@@ -43,14 +38,10 @@ defaults:
  run:
    shell: bash

-permissions: {}
-
 jobs:
  setup:
-    if: github.repository == 'electron/electron'
    runs-on: ubuntu-latest
    permissions:
-      contents: read
      pull-requests: read
    outputs:
        docs: ${{ steps.filter.outputs.docs }}
@@ -58,7 +49,7 @@ jobs:
        build-image-sha: ${{ steps.set-output.outputs.build-image-sha }}
        docs-only: ${{ steps.set-output.outputs.docs-only }}
    steps:
-    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+    - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #v4.0.2
      with:
        ref: ${{ github.event.pull_request.head.sha }}
    - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
@@ -67,17 +58,13 @@ jobs:
        filters: |
          docs:
            - 'docs/**'
-            - README.md
-            - SECURITY.md
-            - CONTRIBUTING.md
-            - CODE_OF_CONDUCT.md
          src:
            - '!docs/**'
    - name: Set Outputs for Build Image SHA & Docs Only
      id: set-output
      run: |
        if [ -z "${{ inputs.build-image-sha }}" ]; then
-          echo "build-image-sha=a82b87d7a4f5ff0cab61405f8151ac4cf4942aeb" >> "$GITHUB_OUTPUT"
+          echo "build-image-sha=424eedbf277ad9749ffa9219068aa72ed4a5e373" >> "$GITHUB_OUTPUT"
        else
          echo "build-image-sha=${{ inputs.build-image-sha }}" >> "$GITHUB_OUTPUT"
        fi
@@ -88,30 +75,24 @@ jobs:
    needs: setup
    if: ${{ !inputs.skip-lint }}
    uses: ./.github/workflows/pipeline-electron-lint.yml
-    permissions:
-      contents: read
    with:
      container: '{"image":"ghcr.io/electron/build:${{ needs.setup.outputs.build-image-sha }}","options":"--user root"}'
    secrets: inherit

  # Docs Only Jobs
  docs-only:
-    needs: [setup, checkout-linux]
+    needs: setup
    if: ${{ needs.setup.outputs.docs-only == 'true' }}
    uses: ./.github/workflows/pipeline-electron-docs-only.yml
-    permissions:
-      contents: read
    with:
-      container: '{"image":"ghcr.io/electron/build:${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root","volumes":["/mnt/cross-instance-cache:/mnt/cross-instance-cache"]}'
+      container: '{"image":"ghcr.io/electron/build:${{ needs.setup.outputs.build-image-sha }}","options":"--user root"}'
    secrets: inherit

  # Checkout Jobs
  checkout-macos:
    needs: setup
    if: ${{ needs.setup.outputs.src == 'true' && !inputs.skip-macos}}
-    runs-on: electron-arc-centralus-linux-amd64-32core
-    permissions:
-      contents: read
+    runs-on: electron-arc-linux-amd64-32core
    container:
      image: ghcr.io/electron/build:${{ needs.setup.outputs.build-image-sha }}
      options: --user root
@@ -125,7 +106,7 @@ jobs:
      build-image-sha: ${{ needs.setup.outputs.build-image-sha }}
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -138,10 +119,8 @@ jobs:

  checkout-linux:
    needs: setup
-    if: ${{ !inputs.skip-linux}}
-    runs-on: electron-arc-centralus-linux-amd64-32core
-    permissions:
-      contents: read
+    if: ${{ needs.setup.outputs.src == 'true' && !inputs.skip-linux}}
+    runs-on: electron-arc-linux-amd64-32core
    container:
      image: ghcr.io/electron/build:${{ needs.setup.outputs.build-image-sha }}
      options: --user root
@@ -150,29 +129,24 @@ jobs:
        - /var/run/sas:/var/run/sas
    env:
      CHROMIUM_GIT_COOKIE: ${{ secrets.CHROMIUM_GIT_COOKIE }}
-      DD_API_KEY: ${{ secrets.DD_API_KEY }}
      GCLIENT_EXTRA_ARGS: '--custom-var=checkout_arm=True --custom-var=checkout_arm64=True'
      PATCH_UP_APP_CREDS: ${{ secrets.PATCH_UP_APP_CREDS }}
    outputs:
      build-image-sha: ${{ needs.setup.outputs.build-image-sha}}
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
        ref: ${{ github.event.pull_request.head.sha }}
    - name: Checkout & Sync & Save
      uses: ./src/electron/.github/actions/checkout
-      with:
-        target-platform: linux

  checkout-windows:
    needs: setup
    if: ${{ needs.setup.outputs.src == 'true' && !inputs.skip-windows }}
-    runs-on: electron-arc-centralus-linux-amd64-32core
-    permissions:
-      contents: read
+    runs-on: electron-arc-linux-amd64-32core
    container:
      image: ghcr.io/electron/build:${{ needs.setup.outputs.build-image-sha }}
      options: --user root --device /dev/fuse --cap-add SYS_ADMIN
@@ -189,7 +163,7 @@ jobs:
      build-image-sha: ${{ needs.setup.outputs.build-image-sha}}
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -203,39 +177,32 @@ jobs:
  # GN Check Jobs
  macos-gn-check:
    uses: ./.github/workflows/pipeline-segment-electron-gn-check.yml
-    permissions:
-      contents: read
    needs: checkout-macos
    with:
      target-platform: macos
      target-archs: x64 arm64
-      check-runs-on: macos-15
+      check-runs-on: macos-14
      gn-build-type: testing
    secrets: inherit

  linux-gn-check:
    uses: ./.github/workflows/pipeline-segment-electron-gn-check.yml
-    permissions:
-      contents: read
    needs: checkout-linux
-    if: ${{ needs.setup.outputs.src == 'true' }}
    with:
      target-platform: linux
      target-archs: x64 arm arm64
-      check-runs-on: electron-arc-centralus-linux-amd64-8core
+      check-runs-on: electron-arc-linux-amd64-8core
      check-container: '{"image":"ghcr.io/electron/build:${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root","volumes":["/mnt/cross-instance-cache:/mnt/cross-instance-cache"]}'
      gn-build-type: testing
    secrets: inherit

  windows-gn-check:
    uses: ./.github/workflows/pipeline-segment-electron-gn-check.yml
-    permissions:
-      contents: read
    needs: checkout-windows
    with:
      target-platform: win
      target-archs: x64 x86 arm64
-      check-runs-on: electron-arc-centralus-linux-amd64-8core
+      check-runs-on: electron-arc-linux-amd64-8core
      check-container: '{"image":"ghcr.io/electron/build:${{ needs.checkout-windows.outputs.build-image-sha }}","options":"--user root --device /dev/fuse --cap-add SYS_ADMIN","volumes":["/mnt/win-cache:/mnt/win-cache"]}'
      gn-build-type: testing
    secrets: inherit
@@ -249,15 +216,14 @@ jobs:
    uses: ./.github/workflows/pipeline-electron-build-and-test.yml
    needs: checkout-macos
    with:
-      build-runs-on: macos-15-xlarge
-      test-runs-on: macos-15-large
+      build-runs-on: macos-14-xlarge
+      test-runs-on: macos-13
      target-platform: macos
      target-arch: x64
      is-release: false
      gn-build-type: testing
      generate-symbols: false
      upload-to-storage: '0'
-      enable-ssh: ${{ inputs.enable-ssh || false }}
    secrets: inherit
  
  macos-arm64:
@@ -268,15 +234,14 @@ jobs:
    uses: ./.github/workflows/pipeline-electron-build-and-test.yml
    needs: checkout-macos
    with:
-      build-runs-on: macos-15-xlarge
-      test-runs-on: macos-15
+      build-runs-on: macos-14-xlarge
+      test-runs-on: macos-14
      target-platform: macos
      target-arch: arm64
      is-release: false
      gn-build-type: testing
      generate-symbols: false
      upload-to-storage: '0'
-      enable-ssh: ${{ inputs.enable-ssh || false }}
    secrets: inherit

  linux-x64:
@@ -284,15 +249,12 @@ jobs:
      contents: read
      issues: read
      pull-requests: read
-    uses: ./.github/workflows/pipeline-electron-build-and-tidy-and-test-and-nan.yml
+    uses: ./.github/workflows/pipeline-electron-build-and-test-and-nan.yml
    needs: checkout-linux
-    if: ${{ needs.setup.outputs.src == 'true' }}
    with:
-      build-runs-on: electron-arc-centralus-linux-amd64-32core
-      clang-tidy-runs-on: electron-arc-centralus-linux-amd64-8core
-      test-runs-on: electron-arc-centralus-linux-amd64-4core
+      build-runs-on: electron-arc-linux-amd64-32core
+      test-runs-on: electron-arc-linux-amd64-4core
      build-container: '{"image":"ghcr.io/electron/build:${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root","volumes":["/mnt/cross-instance-cache:/mnt/cross-instance-cache"]}'
-      clang-tidy-container: '{"image":"ghcr.io/electron/build:${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root","volumes":["/mnt/cross-instance-cache:/mnt/cross-instance-cache"]}'
      test-container: '{"image":"ghcr.io/electron/build:${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root --privileged --init"}'
      target-platform: linux
      target-arch: x64
@@ -309,10 +271,9 @@ jobs:
      pull-requests: read
    uses: ./.github/workflows/pipeline-electron-build-and-test.yml
    needs: checkout-linux
-    if: ${{ needs.setup.outputs.src == 'true' }}
    with:
-      build-runs-on: electron-arc-centralus-linux-amd64-32core
-      test-runs-on: electron-arc-centralus-linux-amd64-4core
+      build-runs-on: electron-arc-linux-amd64-32core
+      test-runs-on: electron-arc-linux-amd64-4core
      build-container: '{"image":"ghcr.io/electron/build:${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root","volumes":["/mnt/cross-instance-cache:/mnt/cross-instance-cache"]}'
      test-container: '{"image":"ghcr.io/electron/build:${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root --privileged --init"}'
      target-platform: linux
@@ -331,12 +292,11 @@ jobs:
      pull-requests: read
    uses: ./.github/workflows/pipeline-electron-build-and-test.yml
    needs: checkout-linux
-    if: ${{ needs.setup.outputs.src == 'true' }}
    with:
-      build-runs-on: electron-arc-centralus-linux-amd64-32core
-      test-runs-on: electron-arc-centralus-linux-arm64-4core
+      build-runs-on: electron-arc-linux-amd64-32core
+      test-runs-on: electron-arc-linux-arm64-4core
      build-container: '{"image":"ghcr.io/electron/build:${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root","volumes":["/mnt/cross-instance-cache:/mnt/cross-instance-cache"]}'
-      test-container: '{"image":"ghcr.io/electron/test:arm32v7-${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root --privileged --init --memory=12g","volumes":["/home/runner/externals:/mnt/runner-externals"]}'
+      test-container: '{"image":"ghcr.io/electron/test:arm32v7-${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root --privileged --init","volumes":["/home/runner/externals:/mnt/runner-externals"]}'
      target-platform: linux
      target-arch: arm
      is-release: false
@@ -352,10 +312,9 @@ jobs:
      pull-requests: read
    uses: ./.github/workflows/pipeline-electron-build-and-test.yml
    needs: checkout-linux
-    if: ${{ needs.setup.outputs.src == 'true' }}
    with:
-      build-runs-on: electron-arc-centralus-linux-amd64-32core
-      test-runs-on: ubuntu-22.04-arm
+      build-runs-on: electron-arc-linux-amd64-32core
+      test-runs-on: electron-arc-linux-arm64-4core
      build-container: '{"image":"ghcr.io/electron/build:${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root","volumes":["/mnt/cross-instance-cache:/mnt/cross-instance-cache"]}'
      test-container: '{"image":"ghcr.io/electron/test:arm64v8-${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root --privileged --init"}'
      target-platform: linux
@@ -375,7 +334,7 @@ jobs:
    needs: checkout-windows
    if: ${{ needs.setup.outputs.src == 'true' && !inputs.skip-windows }}
    with:
-      build-runs-on: electron-arc-centralus-windows-amd64-16core
+      build-runs-on: electron-arc-windows-amd64-16core
      test-runs-on: windows-latest
      target-platform: win
      target-arch: x64
@@ -394,7 +353,7 @@ jobs:
    needs: checkout-windows
    if: ${{ needs.setup.outputs.src == 'true' && !inputs.skip-windows }}
    with:
-      build-runs-on: electron-arc-centralus-windows-amd64-16core
+      build-runs-on: electron-arc-windows-amd64-16core
      test-runs-on: windows-latest
      target-platform: win
      target-arch: x86
@@ -413,8 +372,8 @@ jobs:
    needs: checkout-windows
    if: ${{ needs.setup.outputs.src == 'true' && !inputs.skip-windows }}
    with:
-      build-runs-on: electron-arc-centralus-windows-amd64-16core
-      test-runs-on: windows-11-arm
+      build-runs-on: electron-arc-windows-amd64-16core
+      test-runs-on: electron-hosted-windows-arm64-4core
      target-platform: win
      target-arch: arm64
      is-release: false
@@ -426,10 +385,8 @@ jobs:
  gha-done:
    name: GitHub Actions Completed
    runs-on: ubuntu-latest
-    permissions:
-      contents: read
    needs: [docs-only, macos-x64, macos-arm64, linux-x64, linux-x64-asan, linux-arm, linux-arm64, windows-x64, windows-x86, windows-arm64]
-    if: always() && github.repository == 'electron/electron' && !contains(needs.*.result, 'failure')
+    if: always() && !contains(needs.*.result, 'failure')
    steps: 
    - name: GitHub Actions Jobs Done
      run: |
--- a/.github/workflows/clean-src-cache.yml
+++ b/.github/workflows/clean-src-cache.yml
@@ -1,21 +1,16 @@
 name: Clean Source Cache

-# Description:
-# This workflow cleans up the source cache on the cross-instance cache volume
-# to free up space. It runs daily at midnight and clears files older than 15 days.
+description: |
+  This workflow cleans up the source cache on the cross-instance cache volume
+  to free up space. It runs daily at midnight and clears files older than 15 days.

 on:
  schedule:
    - cron: "0 0 * * *"

-permissions: {}
-
 jobs:
  clean-src-cache:
-    if: github.repository == 'electron/electron'
-    runs-on: electron-arc-centralus-linux-amd64-32core
-    permissions:
-      contents: read
+    runs-on: electron-arc-linux-amd64-32core
    container:
      image: ghcr.io/electron/build:bc2f48b2415a670de18d13605b1cf0eb5fdbaae1
      options: --user root
--- a/.github/workflows/issue-commented.yml
+++ b/.github/workflows/issue-commented.yml
@@ -10,24 +10,15 @@ permissions: {}
 jobs:
  issue-commented:
    name: Remove blocked/{need-info,need-repro} on comment
-    if: ${{ (contains(github.event.issue.labels.*.name, 'blocked/need-repro') || contains(github.event.issue.labels.*.name, 'blocked/need-info ❌')) && github.event.comment.user.type != 'Bot' }}
+    if: ${{ (contains(github.event.issue.labels.*.name, 'blocked/need-repro') || contains(github.event.issue.labels.*.name, 'blocked/need-info ❌')) && !contains(fromJSON('["MEMBER", "OWNER", "COLLABORATOR"]'), github.event.comment.author_association) && github.event.comment.user.type != 'Bot' }}
    runs-on: ubuntu-latest
    steps:
-      - name: Get author association
-        id: get-author-association
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          AUTHOR_ASSOCIATION=$(gh api /repos/electron/electron/issues/comments/${{ github.event.comment.id }} --jq '.author_association')
-          echo "author_association=$AUTHOR_ASSOCIATION" >> "$GITHUB_OUTPUT"
      - name: Generate GitHub App token
-        uses: electron/github-app-auth-action@e14e47722ed120360649d0789e25b9baece12725 # v2.0.0
-        if: ${{ !contains(fromJSON('["MEMBER", "OWNER", "COLLABORATOR"]'), steps.get-author-association.outputs.author_association) }}
+        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
        id: generate-token
        with:
          creds: ${{ secrets.ISSUE_TRIAGE_GH_APP_CREDS }}
      - name: Remove label
-        if: ${{ !contains(fromJSON('["MEMBER", "OWNER", "COLLABORATOR"]'), steps.get-author-association.outputs.author_association) }}
        env:
          GITHUB_TOKEN: ${{ steps.generate-token.outputs.token }}
          ISSUE_URL: ${{ github.event.issue.html_url }}
--- a/.github/workflows/issue-labeled.yml
+++ b/.github/workflows/issue-labeled.yml
@@ -4,18 +4,17 @@ on:
  issues:
    types: [labeled]

-permissions: {}
+permissions:  # added using https://github.com/step-security/secure-workflows
+  contents: read

 jobs:
  issue-labeled-with-status:
    name: status/{confirmed,reviewed} label added
    if: github.event.label.name == 'status/confirmed' || github.event.label.name == 'status/reviewed'
    runs-on: ubuntu-latest
-    permissions:
-      contents: read
    steps:
      - name: Generate GitHub App token
-        uses: electron/github-app-auth-action@e14e47722ed120360649d0789e25b9baece12725 # v2.0.0
+        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
        id: generate-token
        with:
          creds: ${{ secrets.ISSUE_TRIAGE_GH_APP_CREDS }}
@@ -32,11 +31,9 @@ jobs:
    name: blocked/* label added
    if: startsWith(github.event.label.name, 'blocked/')
    runs-on: ubuntu-latest
-    permissions:
-      contents: read
    steps:
      - name: Generate GitHub App token
-        uses: electron/github-app-auth-action@e14e47722ed120360649d0789e25b9baece12725 # v2.0.0
+        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
        id: generate-token
        with:
          creds: ${{ secrets.ISSUE_TRIAGE_GH_APP_CREDS }}
@@ -69,13 +66,13 @@ jobs:
          fi
      - name: Generate GitHub App token
        if: ${{ steps.check-for-comment.outputs.SHOULD_COMMENT }}
-        uses: electron/github-app-auth-action@e14e47722ed120360649d0789e25b9baece12725 # v2.0.0
+        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
        id: generate-token
        with:
          creds: ${{ secrets.ISSUE_TRIAGE_GH_APP_CREDS }}
      - name: Create comment
        if: ${{ steps.check-for-comment.outputs.SHOULD_COMMENT }}
-        uses: actions-cool/issues-helper@e2ff99831a4f13625d35064e2b3dfe65c07a0396 # v3.7.5
+        uses: actions-cool/issues-helper@a610082f8ac0cf03e357eb8dd0d5e2ba075e017e # v3.6.0
        with:
          actions: 'create-comment'
          token: ${{ steps.generate-token.outputs.token }}
--- a/.github/workflows/issue-opened.yml
+++ b/.github/workflows/issue-opened.yml
@@ -11,10 +11,9 @@ jobs:
  add-to-issue-triage:
    if: ${{ contains(github.event.issue.labels.*.name, 'bug :beetle:') }}
    runs-on: ubuntu-latest
-    permissions: {}
    steps:
      - name: Generate GitHub App token
-        uses: electron/github-app-auth-action@e14e47722ed120360649d0789e25b9baece12725 # v2.0.0
+        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
        id: generate-token
        with:
          creds: ${{ secrets.ISSUE_TRIAGE_GH_APP_CREDS }}
@@ -29,37 +28,25 @@ jobs:
  set-labels:
    if: ${{ contains(github.event.issue.labels.*.name, 'bug :beetle:') }}
    runs-on: ubuntu-latest
-    permissions: {}
    steps:
      - name: Generate GitHub App token
-        uses: electron/github-app-auth-action@e14e47722ed120360649d0789e25b9baece12725 # v2.0.0
+        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
        id: generate-token
        with:
          creds: ${{ secrets.ISSUE_TRIAGE_GH_APP_CREDS }}
          org: electron
-      - name: Sparse checkout repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          sparse-checkout: |
-            .
-            .github
-            .yarn
-      - run: yarn workspaces focus @electron/gha-workflows
+      - run: npm install @electron/fiddle-core@1.3.3 mdast-util-from-markdown@2.0.0 unist-util-select@5.1.0 semver@7.6.0
      - name: Add labels
-        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
+        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
        id: add-labels
        env:
          ISSUE_BODY: ${{ github.event.issue.body }}
        with:
          github-token: ${{ steps.generate-token.outputs.token }}
          script: |
-            const { chdir } = require('node:process');
-            chdir('${{ github.workspace }}/.github/workflows');
-
-            const { ElectronVersions } = require('@electron/fiddle-core');
-            const { fromMarkdown } = require('mdast-util-from-markdown');
-            const { select } = require('unist-util-select');
-            const semver = require('semver');
+            const { fromMarkdown } = await import('${{ github.workspace }}/node_modules/mdast-util-from-markdown/index.js');
+            const { select } = await import('${{ github.workspace }}/node_modules/unist-util-select/index.js');
+            const semver = await import('${{ github.workspace }}/node_modules/semver/index.js');

            const [ owner, repo ] = '${{ github.repository }}'.split('/');
            const issue_number = ${{ github.event.issue.number }};
@@ -73,8 +60,6 @@ jobs:
              // It's possible for multiple versions to be listed -
              // for now check for comma or space separated version.
              const versions = electronVersion.split(/, | /);
-              let hasSupportedVersion = false;
-
              for (const version of versions) {
                const major = semver.coerce(version, { loose: true })?.major;
                if (major) {
@@ -90,19 +75,19 @@ jobs:
                    labelExists = true;
                  } catch {}

-                  const electronVersions = await ElectronVersions.create(undefined, { ignoreCache: true });
-                  const validVersions = [...electronVersions.supportedMajors, ...electronVersions.prereleaseMajors];
+                  if (labelExists) {
+                    // Check if it's an unsupported major
+                    const { ElectronVersions } = await import('${{ github.workspace }}/node_modules/@electron/fiddle-core/dist/index.js');
+                    const versions = await ElectronVersions.create(undefined, { ignoreCache: true });

-                  if (validVersions.includes(major)) {
-                    hasSupportedVersion = true;
-                    if (labelExists) {
+                    const validVersions = [...versions.supportedMajors, ...versions.prereleaseMajors];
+                    if (validVersions.includes(major)) {
                      labels.push(versionLabel);
                    }
                  }
                }
              }
-
-              if (!hasSupportedVersion) {
+              if (labels.length === 0) {
                core.setOutput('unsupportedMajor', true);
                labels.push('blocked/need-info ❌');
              }
@@ -146,7 +131,7 @@ jobs:
            }
      - name: Create unsupported major comment
        if: ${{ steps.add-labels.outputs.unsupportedMajor }}
-        uses: actions-cool/issues-helper@e2ff99831a4f13625d35064e2b3dfe65c07a0396 # v3.7.5
+        uses: actions-cool/issues-helper@a610082f8ac0cf03e357eb8dd0d5e2ba075e017e # v3.6.0
        with:
          actions: 'create-comment'
          token: ${{ steps.generate-token.outputs.token }}
--- a/.github/workflows/issue-transferred.yml
+++ b/.github/workflows/issue-transferred.yml
@@ -10,11 +10,10 @@ jobs:
  issue-transferred:
    name: Issue Transferred
    runs-on: ubuntu-latest
-    permissions: {}
    if: ${{ !github.event.changes.new_repository.private }}
    steps:
      - name: Generate GitHub App token
-        uses: electron/github-app-auth-action@e14e47722ed120360649d0789e25b9baece12725 # v2.0.0
+        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
        id: generate-token
        with:
          creds: ${{ secrets.ISSUE_TRIAGE_GH_APP_CREDS }}
--- a/.github/workflows/issue-unlabeled.yml
+++ b/.github/workflows/issue-unlabeled.yml
@@ -4,15 +4,14 @@ on:
  issues:
    types: [unlabeled]

-permissions: {}
+permissions:
+  contents: read

 jobs:
  issue-unlabeled-blocked:
    name: All blocked/* labels removed
    if: startsWith(github.event.label.name, 'blocked/') && github.event.issue.state == 'open'
    runs-on: ubuntu-latest
-    permissions:
-      contents: read
    steps:
      - name: Check for any blocked labels
        id: check-for-blocked-labels
@@ -24,7 +23,7 @@ jobs:
          fi
      - name: Generate GitHub App token
        if: ${{ steps.check-for-blocked-labels.outputs.NOT_BLOCKED }}
-        uses: electron/github-app-auth-action@e14e47722ed120360649d0789e25b9baece12725 # v2.0.0
+        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
        id: generate-token
        with:
          creds: ${{ secrets.ISSUE_TRIAGE_GH_APP_CREDS }}
--- a/.github/workflows/linux-publish.yml
+++ b/.github/workflows/linux-publish.yml
@@ -6,7 +6,7 @@ on:
      build-image-sha:
        type: string
        description: 'SHA for electron/build image'
-        default: 'a82b87d7a4f5ff0cab61405f8151ac4cf4942aeb'
+        default: '424eedbf277ad9749ffa9219068aa72ed4a5e373'
      upload-to-storage:
        description: 'Uploads to Azure storage'
        required: false
@@ -17,14 +17,9 @@ on:
        type: boolean
        default: false

-permissions: {}
-
 jobs:
  checkout-linux:
-    if: github.repository == 'electron/electron'
-    runs-on: electron-arc-centralus-linux-amd64-32core
-    permissions:
-      contents: read
+    runs-on: electron-arc-linux-amd64-32core
    container:
      image: ghcr.io/electron/build:${{ inputs.build-image-sha }}
      options: --user root
@@ -36,7 +31,7 @@ jobs:
      GCLIENT_EXTRA_ARGS: '--custom-var=checkout_arm=True --custom-var=checkout_arm64=True'
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -44,61 +39,49 @@ jobs:
      uses: ./src/electron/.github/actions/checkout

  publish-x64:
-    uses: ./.github/workflows/pipeline-segment-electron-publish.yml
-    permissions:
-      artifact-metadata: write
-      attestations: write
-      contents: read
-      id-token: write
+    uses: ./.github/workflows/pipeline-segment-electron-build.yml
    needs: checkout-linux
    with:
      environment: production-release
-      build-runs-on: electron-arc-centralus-linux-amd64-32core
+      build-runs-on: electron-arc-linux-amd64-32core
      build-container: '{"image":"ghcr.io/electron/build:${{ inputs.build-image-sha }}","options":"--user root","volumes":["/mnt/cross-instance-cache:/mnt/cross-instance-cache"]}'
      target-platform: linux
      target-arch: x64
      is-release: true
      gn-build-type: release
      generate-symbols: true
+      strip-binaries: true
      upload-to-storage: ${{ inputs.upload-to-storage }}
    secrets: inherit

  publish-arm:
-    uses: ./.github/workflows/pipeline-segment-electron-publish.yml
-    permissions:
-      artifact-metadata: write
-      attestations: write
-      contents: read
-      id-token: write
+    uses: ./.github/workflows/pipeline-segment-electron-build.yml
    needs: checkout-linux
    with:
      environment: production-release
-      build-runs-on: electron-arc-centralus-linux-amd64-32core
+      build-runs-on: electron-arc-linux-amd64-32core
      build-container: '{"image":"ghcr.io/electron/build:${{ inputs.build-image-sha }}","options":"--user root","volumes":["/mnt/cross-instance-cache:/mnt/cross-instance-cache"]}'
      target-platform: linux
      target-arch: arm
      is-release: true
      gn-build-type: release
      generate-symbols: true
+      strip-binaries: true
      upload-to-storage: ${{ inputs.upload-to-storage }}
    secrets: inherit

  publish-arm64:
-    uses: ./.github/workflows/pipeline-segment-electron-publish.yml
-    permissions:
-      artifact-metadata: write
-      attestations: write
-      contents: read
-      id-token: write
+    uses: ./.github/workflows/pipeline-segment-electron-build.yml
    needs: checkout-linux
    with:
      environment: production-release
-      build-runs-on: electron-arc-centralus-linux-amd64-32core
+      build-runs-on: electron-arc-linux-amd64-32core
      build-container: '{"image":"ghcr.io/electron/build:${{ inputs.build-image-sha }}","options":"--user root","volumes":["/mnt/cross-instance-cache:/mnt/cross-instance-cache"]}'
      target-platform: linux
      target-arch: arm64
      is-release: true
      gn-build-type: release
      generate-symbols: true
+      strip-binaries: true
      upload-to-storage: ${{ inputs.upload-to-storage }}
    secrets: inherit
--- a/.github/workflows/macos-disk-cleanup.yml
+++ b/.github/workflows/macos-disk-cleanup.yml
@@ -1,105 +0,0 @@
-name: macOS Disk Space Cleanup
-
-# Description:
-# This workflow runs the disk space reclaimer on macOS runners every night
-# and logs disk space metrics to Datadog for monitoring.
-
-on:
-  schedule:
-    - cron: "0 0 * * *"
-  workflow_dispatch:
-
-permissions: {}
-
-jobs:
-  macos-disk-cleanup:
-    if: github.repository == 'electron/electron'
-    strategy:
-      fail-fast: false
-      matrix:
-        runner:
-          - macos-15
-          - macos-15-large
-          - macos-15-xlarge
-    runs-on: ${{ matrix.runner }}
-    permissions:
-      contents: read
-    steps:
-      - name: Checkout
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          sparse-checkout: |
-            .github/actions/free-space-macos
-          sparse-checkout-cone-mode: false
-
-      - name: Get Disk Space Before Cleanup
-        id: disk-before
-        shell: bash
-        run: |
-          echo "Disk space before cleanup:"
-          df -h /
-          FREE_SPACE_BEFORE=$(df -k / | tail -1 | awk '{print $4}')
-          echo "free_kb=$FREE_SPACE_BEFORE" >> $GITHUB_OUTPUT
-
-      - name: Free Space on macOS
-        uses: ./.github/actions/free-space-macos
-
-      - name: Get Disk Space After Cleanup
-        id: disk-after
-        shell: bash
-        run: |
-          echo "Disk space after cleanup:"
-          df -h /
-          FREE_SPACE_AFTER=$(df -k / | tail -1 | awk '{print $4}')
-          echo "free_kb=$FREE_SPACE_AFTER" >> $GITHUB_OUTPUT
-
-      - name: Log Disk Space to Datadog
-        if: ${{ env.DD_API_KEY != '' }}
-        shell: bash
-        env:
-          DD_API_KEY: ${{ secrets.DD_API_KEY }}
-          FREE_BEFORE: ${{ steps.disk-before.outputs.free_kb }}
-          FREE_AFTER: ${{ steps.disk-after.outputs.free_kb }}
-          MATRIX_RUNNER: ${{ matrix.runner }}
-        run: |
-          TIMESTAMP=$(date +%s)
-          FREE_BEFORE_GB=$(echo "scale=2; $FREE_BEFORE / 1024 / 1024" | bc)
-          FREE_AFTER_GB=$(echo "scale=2; $FREE_AFTER / 1024 / 1024" | bc)
-          SPACE_FREED_GB=$(echo "scale=2; ($FREE_AFTER - $FREE_BEFORE) / 1024 / 1024" | bc)
-
-          echo "Free space before: ${FREE_BEFORE_GB}GB"
-          echo "Free space after: ${FREE_AFTER_GB}GB"
-          echo "Space freed: ${SPACE_FREED_GB}GB"
-
-          curl -s -X POST "https://api.datadoghq.com/api/v2/series" \
-            -H "Content-Type: application/json" \
-            -H "DD-API-KEY: ${DD_API_KEY}" \
-            -d @- << EOF
-          {
-            "series": [
-              {
-                "metric": "electron.macos.disk.free_space_before_cleanup_gb",
-                "points": [{"timestamp": ${TIMESTAMP}, "value": ${FREE_BEFORE_GB}}],
-                "type": 3,
-                "unit": "gigabyte",
-                "tags": ["runner:${MATRIX_RUNNER}", "platform:macos"]
-              },
-              {
-                "metric": "electron.macos.disk.free_space_after_cleanup_gb",
-                "points": [{"timestamp": ${TIMESTAMP}, "value": ${FREE_AFTER_GB}}],
-                "type": 3,
-                "unit": "gigabyte",
-                "tags": ["runner:${MATRIX_RUNNER}", "platform:macos"]
-              },
-              {
-                "metric": "electron.macos.disk.space_freed_gb",
-                "points": [{"timestamp": ${TIMESTAMP}, "value": ${SPACE_FREED_GB}}],
-                "type": 3,
-                "unit": "gigabyte",
-                "tags": ["runner:${MATRIX_RUNNER}", "platform:macos"]
-              }
-            ]
-          }
-          EOF
-
-          echo "Disk space metrics logged to Datadog"
--- a/.github/workflows/macos-publish.yml
+++ b/.github/workflows/macos-publish.yml
@@ -6,7 +6,7 @@ on:
      build-image-sha:
        type: string
        description: 'SHA for electron/build image'
-        default: 'a82b87d7a4f5ff0cab61405f8151ac4cf4942aeb'
+        default: '424eedbf277ad9749ffa9219068aa72ed4a5e373'
        required: true
      upload-to-storage:
        description: 'Uploads to Azure storage'
@@ -18,14 +18,9 @@ on:
        type: boolean
        default: false

-permissions: {}
-
 jobs:
  checkout-macos:
-    if: github.repository == 'electron/electron'
-    runs-on: electron-arc-centralus-linux-amd64-32core
-    permissions:
-      contents: read
+    runs-on: electron-arc-linux-amd64-32core
    container:
      image: ghcr.io/electron/build:${{ inputs.build-image-sha }}
      options: --user root
@@ -37,7 +32,7 @@ jobs:
      GCLIENT_EXTRA_ARGS: '--custom-var=checkout_mac=True --custom-var=host_os=mac'
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -48,16 +43,11 @@ jobs:
        target-platform: macos

  publish-x64-darwin:
-    uses: ./.github/workflows/pipeline-segment-electron-publish.yml
-    permissions:
-      artifact-metadata: write
-      attestations: write
-      contents: read
-      id-token: write
+    uses: ./.github/workflows/pipeline-segment-electron-build.yml
    needs: checkout-macos
    with:
      environment: production-release
-      build-runs-on: macos-15-xlarge
+      build-runs-on: macos-14-xlarge
      target-platform: macos
      target-arch: x64
      target-variant: darwin
@@ -68,16 +58,11 @@ jobs:
    secrets: inherit

  publish-x64-mas:
-    uses: ./.github/workflows/pipeline-segment-electron-publish.yml
-    permissions:
-      artifact-metadata: write
-      attestations: write
-      contents: read
-      id-token: write
+    uses: ./.github/workflows/pipeline-segment-electron-build.yml
    needs: checkout-macos
    with:
      environment: production-release
-      build-runs-on: macos-15-xlarge
+      build-runs-on: macos-14-xlarge
      target-platform: macos
      target-arch: x64
      target-variant: mas
@@ -88,16 +73,11 @@ jobs:
    secrets: inherit

  publish-arm64-darwin:
-    uses: ./.github/workflows/pipeline-segment-electron-publish.yml
-    permissions:
-      artifact-metadata: write
-      attestations: write
-      contents: read
-      id-token: write
+    uses: ./.github/workflows/pipeline-segment-electron-build.yml
    needs: checkout-macos
    with:
      environment: production-release
-      build-runs-on: macos-15-xlarge
+      build-runs-on: macos-14-xlarge
      target-platform: macos
      target-arch: arm64
      target-variant: darwin
@@ -108,16 +88,11 @@ jobs:
    secrets: inherit

  publish-arm64-mas:
-    uses: ./.github/workflows/pipeline-segment-electron-publish.yml
-    permissions:
-      artifact-metadata: write
-      attestations: write
-      contents: read
-      id-token: write
+    uses: ./.github/workflows/pipeline-segment-electron-build.yml
    needs: checkout-macos
    with:
      environment: production-release
-      build-runs-on: macos-15-xlarge
+      build-runs-on: macos-14-xlarge
      target-platform: macos
      target-arch: arm64
      target-variant: mas
--- a/.github/workflows/non-maintainer-dependency-change.yml
+++ b/.github/workflows/non-maintainer-dependency-change.yml
@@ -1,42 +1,30 @@
-name: Check for Disallowed Non-Maintainer Change
+name: Check for Non-Maintainer Dependency Change

 on:
  pull_request_target:
    paths:
      - 'yarn.lock'
      - 'spec/yarn.lock'
-      - '.github/workflows/**'
-      - '.github/actions/**'
-      - '.yarn/**'
-      - '.yarnrc.yml'

 permissions: {}

 jobs:
  check-for-non-maintainer-dependency-change:
-    name: Check for disallowed non-maintainer change
-    if: ${{ github.event.pull_request.user.type != 'Bot' && !github.event.pull_request.draft }}
+    name: Check for non-maintainer dependency change
+    if: ${{ !contains(fromJSON('["MEMBER", "OWNER"]'), github.event.pull_request.author_association) && github.event.pull_request.user.type != 'Bot' && !github.event.pull_request.draft }}
    permissions:
      contents: read
      pull-requests: write
    runs-on: ubuntu-latest
    steps:
-      - name: Get author association
-        id: get-author-association
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          AUTHOR_ASSOCIATION=$(gh api /repos/electron/electron/pulls/${{ github.event.pull_request.number }} --jq '.author_association')
-          echo "author_association=$AUTHOR_ASSOCIATION" >> "$GITHUB_OUTPUT"
      - name: Check for existing review
        id: check-for-review
-        if: ${{ !contains(fromJSON('["MEMBER", "OWNER"]'), steps.get-author-association.outputs.author_association) }}
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          PR_URL: ${{ github.event.pull_request.html_url }}
        run: |
          set -eo pipefail
-          REVIEW_COUNT=$(gh pr view $PR_URL --json reviews | jq '[ .reviews[] | select(.author.login == "github-actions") | select(.body | startswith("<!-- disallowed-non-maintainer-change -->")) ] | length')
+          REVIEW_COUNT=$(gh pr view $PR_URL --json reviews | jq '[ .reviews[] | select(.author.login == "github-actions") | select(.body | startswith("<!-- no-dependency-change -->")) ] | length')
          if [[ $REVIEW_COUNT -eq 0 ]]; then
            echo "SHOULD_REVIEW=1" >> "$GITHUB_OUTPUT"
          fi
@@ -46,4 +34,4 @@ jobs:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          PR_URL: ${{ github.event.pull_request.html_url }}
        run: |
-          printf "<!-- disallowed-non-maintainer-change -->\n\nHello @${{ github.event.pull_request.user.login }}! It looks like this pull request touches one of our dependency or CI files, and per [our contribution policy](https://github.com/electron/electron/blob/main/CONTRIBUTING.md#dependencies-upgrades-policy) we do not accept these types of changes in PRs." | gh pr review $PR_URL -r --body-file=-
+          printf "<!-- no-dependency-change -->\n\nHello @${{ github.event.pull_request.user.login }}! It looks like this pull request touches one of our dependency files, and per [our contribution policy](https://github.com/electron/electron/blob/main/CONTRIBUTING.md#dependencies-upgrades-policy) we do not accept these types of changes in PRs." | gh pr review $PR_URL -r --body-file=-
--- a/.github/workflows/package.json
+++ b/.github/workflows/package.json
@@ -1,13 +0,0 @@
-{
-  "name": "@electron/gha-workflows",
-  "version": "0.0.0-development",
-  "private": true,
-  "type": "module",
-  "dependencies": {
-    "@actions/cache": "^4.0.3",
-    "@electron/fiddle-core": "^2.0.1",
-    "mdast-util-from-markdown": "^2.0.0",
-    "semver": "^7.7.2",
-    "unist-util-select": "^5.1.0"
-  }
-}
--- a/.github/workflows/pipeline-electron-build-and-test-and-nan.yml
+++ b/.github/workflows/pipeline-electron-build-and-test-and-nan.yml
@@ -55,8 +55,6 @@ on:
        type: boolean
        default: false

-permissions: {}
-
 concurrency:
  group: electron-build-and-test-and-nan-${{ inputs.target-platform }}-${{ inputs.target-arch }}-${{ github.ref_protected == true && github.run_id || github.ref }}
  cancel-in-progress: ${{ github.ref_protected != true }}
@@ -64,8 +62,6 @@ concurrency:
 jobs:
  build:
    uses: ./.github/workflows/pipeline-segment-electron-build.yml
-    permissions:
-      contents: read
    with:
      build-runs-on: ${{ inputs.build-runs-on }}
      build-container: ${{ inputs.build-container }}
@@ -78,10 +74,6 @@ jobs:
    secrets: inherit
  test:
    uses: ./.github/workflows/pipeline-segment-electron-test.yml
-    permissions:
-      contents: read
-      issues: read
-      pull-requests: read
    needs: build
    with:
      target-arch: ${{ inputs.target-arch }}
@@ -91,8 +83,6 @@ jobs:
    secrets: inherit
  nn-test:
    uses: ./.github/workflows/pipeline-segment-node-nan-test.yml
-    permissions:
-      contents: read
    needs: build
    with:
      target-arch: ${{ inputs.target-arch }}
--- a/.github/workflows/pipeline-electron-build-and-test.yml
+++ b/.github/workflows/pipeline-electron-build-and-test.yml
@@ -54,23 +54,19 @@ on:
        required: false
        type: boolean
        default: false
-      enable-ssh:
-        description: 'Enable SSH debugging'
-        required: false
-        type: boolean
-        default: false

 concurrency:
  group: electron-build-and-test-${{ inputs.target-platform }}-${{ inputs.target-arch }}-${{ github.ref_protected == true && github.run_id || github.ref }}
  cancel-in-progress: ${{ github.ref_protected != true }}

-permissions: {}
+permissions:
+  contents: read
+  issues: read
+  pull-requests: read  

 jobs:
  build:
    uses: ./.github/workflows/pipeline-segment-electron-build.yml
-    permissions:
-      contents: read
    with:
      build-runs-on: ${{ inputs.build-runs-on }}
      build-container: ${{ inputs.build-container }}
@@ -80,21 +76,15 @@ jobs:
      gn-build-type: ${{ inputs.gn-build-type }}
      generate-symbols: ${{ inputs.generate-symbols }}
      upload-to-storage: ${{ inputs.upload-to-storage }}
-      is-asan: ${{ inputs.is-asan }}
-      enable-ssh: ${{ inputs.enable-ssh }}
+      is-asan: ${{ inputs.is-asan}}
    secrets: inherit
  test:
    uses: ./.github/workflows/pipeline-segment-electron-test.yml
-    permissions:
-      contents: read
-      issues: read
-      pull-requests: read
    needs: build
    with:
      target-arch: ${{ inputs.target-arch }}
      target-platform: ${{ inputs.target-platform }}
      test-runs-on: ${{ inputs.test-runs-on }}
      test-container: ${{ inputs.test-container }}
-      is-asan: ${{ inputs.is-asan }}
-      enable-ssh: ${{ inputs.enable-ssh }}
+      is-asan: ${{ inputs.is-asan}}
    secrets: inherit
--- a/.github/workflows/pipeline-electron-build-and-tidy-and-test-and-nan.yml
+++ b/.github/workflows/pipeline-electron-build-and-tidy-and-test-and-nan.yml
@@ -1,124 +0,0 @@
-name: Electron Build & Clang Tidy & Test (+ Node + NaN) Pipeline
-
-on:
-  workflow_call:
-    inputs:
-      target-platform:
-        type: string
-        description: 'Platform to run on, can be macos, win or linux.'
-        required: true
-      target-arch:
-        type: string
-        description: 'Arch to build for, can be x64, arm64 or arm'
-        required: true
-      build-runs-on:
-        type: string
-        description: 'What host to run the build'
-        required: true
-      clang-tidy-runs-on:
-        type: string
-        description: 'What host to run clang-tidy on'
-        required: true
-      test-runs-on:
-        type: string
-        description: 'What host to run the tests on'
-        required: true
-      build-container:
-        type: string
-        description: 'JSON container information for aks runs-on'
-        required: false
-        default: '{"image":null}'
-      clang-tidy-container:
-        type: string
-        description: 'JSON container information to run clang-tidy on'
-        required: false
-        default: '{"image":null}'
-      test-container:
-        type: string
-        description: 'JSON container information for testing'
-        required: false
-        default: '{"image":null}'
-      is-release:
-        description: 'Whether this build job is a release job'
-        required: true
-        type: boolean
-        default: false
-      gn-build-type:
-        description: 'The gn build type - testing or release'
-        required: true
-        type: string
-        default: testing
-      generate-symbols: 
-        description: 'Whether or not to generate symbols'
-        required: true
-        type: boolean
-        default: false
-      upload-to-storage: 
-        description: 'Whether or not to upload build artifacts to external storage'
-        required: true
-        type: string
-        default: '0'
-      is-asan: 
-        description: 'Building the Address Sanitizer (ASan) Linux build'
-        required: false
-        type: boolean
-        default: false
-
-permissions: {}
-
-concurrency:
-  group: electron-build-and-test-and-nan-${{ inputs.target-platform }}-${{ inputs.target-arch }}-${{ github.ref_protected == true && github.run_id || github.ref }}
-  cancel-in-progress: ${{ github.ref_protected != true }}
-
-jobs:
-  build:
-    uses: ./.github/workflows/pipeline-segment-electron-build.yml
-    permissions:
-      contents: read
-    with:
-      build-runs-on: ${{ inputs.build-runs-on }}
-      build-container: ${{ inputs.build-container }}
-      target-platform: ${{ inputs.target-platform }}
-      target-arch: ${{ inputs.target-arch }}
-      is-release: ${{ inputs.is-release }}
-      gn-build-type: ${{ inputs.gn-build-type }}
-      generate-symbols: ${{ inputs.generate-symbols }}
-      upload-to-storage: ${{ inputs.upload-to-storage }}
-      upload-out-gen-artifacts: true
-    secrets: inherit
-  clang-tidy:
-    uses: ./.github/workflows/pipeline-segment-electron-clang-tidy.yml
-    permissions:
-      contents: read
-    needs: build
-    with:
-      clang-tidy-runs-on: ${{ inputs.clang-tidy-runs-on }}
-      clang-tidy-container: ${{ inputs.clang-tidy-container }}
-      target-platform: ${{ inputs.target-platform }}
-      target-arch: ${{ inputs.target-arch }}
-    secrets: inherit
-  test:
-    uses: ./.github/workflows/pipeline-segment-electron-test.yml
-    permissions:
-      contents: read
-      issues: read
-      pull-requests: read
-    needs: build
-    with:
-      target-arch: ${{ inputs.target-arch }}
-      target-platform: ${{ inputs.target-platform }}
-      test-runs-on: ${{ inputs.test-runs-on }}
-      test-container: ${{ inputs.test-container }}
-    secrets: inherit
-  nn-test:
-    uses: ./.github/workflows/pipeline-segment-node-nan-test.yml
-    permissions:
-      contents: read
-    needs: build
-    with:
-      target-arch: ${{ inputs.target-arch }}
-      target-platform: ${{ inputs.target-platform }}
-      test-runs-on: ${{ inputs.test-runs-on }}
-      test-container: ${{ inputs.test-container }}
-      gn-build-type: ${{ inputs.gn-build-type }}
-    secrets: inherit
--- a/.github/workflows/pipeline-electron-build-and-tidy-and-test.yml
+++ b/.github/workflows/pipeline-electron-build-and-tidy-and-test.yml
@@ -1,121 +0,0 @@
-name: Electron Build & Clang Tidy & Test Pipeline
-
-on:
-  workflow_call:
-    inputs:
-      target-platform:
-        type: string
-        description: 'Platform to run on, can be macos, win or linux'
-        required: true
-      target-arch:
-        type: string
-        description: 'Arch to build for, can be x64, arm64 or arm'
-        required: true
-      build-runs-on:
-        type: string
-        description: 'What host to run the build'
-        required: true
-      clang-tidy-runs-on:
-        type: string
-        description: 'What host to run clang-tidy on'
-        required: true
-      test-runs-on:
-        type: string
-        description: 'What host to run the tests on'
-        required: true
-      build-container:
-        type: string
-        description: 'JSON container information for aks runs-on'
-        required: false
-        default: '{"image":null}'
-      clang-tidy-container:
-        type: string
-        description: 'JSON container information to run clang-tidy on'
-        required: false
-        default: '{"image":null}'
-      test-container:
-        type: string
-        description: 'JSON container information for testing'
-        required: false
-        default: '{"image":null}'
-      is-release:
-        description: 'Whether this build job is a release job'
-        required: true
-        type: boolean
-        default: false
-      gn-build-type:
-        description: 'The gn build type - testing or release'
-        required: true
-        type: string
-        default: testing
-      generate-symbols: 
-        description: 'Whether or not to generate symbols'
-        required: true
-        type: boolean
-        default: false
-      upload-to-storage: 
-        description: 'Whether or not to upload build artifacts to external storage'
-        required: true
-        type: string
-        default: '0'
-      is-asan: 
-        description: 'Building the Address Sanitizer (ASan) Linux build'
-        required: false
-        type: boolean
-        default: false
-      enable-ssh:
-        description: 'Enable SSH debugging'
-        required: false
-        type: boolean
-        default: false
-
-concurrency:
-  group: electron-build-and-tidy-and-test-${{ inputs.target-platform }}-${{ inputs.target-arch }}-${{ github.ref_protected == true && github.run_id || github.ref }}
-  cancel-in-progress: ${{ github.ref_protected != true }}
-
-permissions: {}
-
-jobs:
-  build:
-    uses: ./.github/workflows/pipeline-segment-electron-build.yml
-    permissions:
-      contents: read
-    with:
-      build-runs-on: ${{ inputs.build-runs-on }}
-      build-container: ${{ inputs.build-container }}
-      target-platform: ${{ inputs.target-platform }}
-      target-arch: ${{ inputs.target-arch }}
-      is-release: ${{ inputs.is-release }}
-      gn-build-type: ${{ inputs.gn-build-type }}
-      generate-symbols: ${{ inputs.generate-symbols }}
-      upload-to-storage: ${{ inputs.upload-to-storage }}
-      is-asan: ${{ inputs.is-asan }}
-      enable-ssh: ${{ inputs.enable-ssh }}
-      upload-out-gen-artifacts: true
-    secrets: inherit
-  clang-tidy:
-    uses: ./.github/workflows/pipeline-segment-electron-clang-tidy.yml
-    permissions:
-      contents: read
-    needs: build
-    with:
-      clang-tidy-runs-on: ${{ inputs.clang-tidy-runs-on }}
-      clang-tidy-container: ${{ inputs.clang-tidy-container }}
-      target-platform: ${{ inputs.target-platform }}
-      target-arch: ${{ inputs.target-arch }}
-    secrets: inherit
-  test:
-    uses: ./.github/workflows/pipeline-segment-electron-test.yml
-    permissions:
-      contents: read
-      issues: read
-      pull-requests: read
-    needs: build
-    with:
-      target-arch: ${{ inputs.target-arch }}
-      target-platform: ${{ inputs.target-platform }}
-      test-runs-on: ${{ inputs.test-runs-on }}
-      test-container: ${{ inputs.test-container }}
-      is-asan: ${{ inputs.is-asan }}
-      enable-ssh: ${{ inputs.enable-ssh }}
-    secrets: inherit
--- a/.github/workflows/pipeline-electron-docs-only.yml
+++ b/.github/workflows/pipeline-electron-docs-only.yml
@@ -8,42 +8,19 @@ on:
        description: 'Container to run the docs-only ts compile in'
        type: string

-permissions: {}
-
 concurrency:
  group: electron-docs-only-${{ github.ref }}
  cancel-in-progress: true

-env:  
-  GCLIENT_EXTRA_ARGS: --custom-var=checkout_arm=True --custom-var=checkout_arm64=True
-
 jobs:
  docs-only:
    name: Docs Only Compile
-    runs-on: electron-arc-centralus-linux-amd64-4core
-    permissions:
-      contents: read
+    runs-on: electron-arc-linux-amd64-4core
    timeout-minutes: 20
    container: ${{ fromJSON(inputs.container) }}
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
-      with:
-        path: src/electron
-        fetch-depth: 0
-        ref: ${{ github.event.pull_request.head.sha }}
-    - name: Generate DEPS Hash
-      run: |
-        node src/electron/script/generate-deps-hash.js
-        DEPSHASH=v1-src-cache-$(cat src/electron/.depshash)
-        echo "DEPSHASH=$DEPSHASH" >> $GITHUB_ENV
-        echo "CACHE_PATH=$DEPSHASH.tar" >> $GITHUB_ENV
-    - name: Restore src cache via AKS
-      uses: ./src/electron/.github/actions/restore-cache-aks
-      with:
-        target-platform: linux
-    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -54,12 +31,12 @@ jobs:
      shell: bash
      run: |
        cd src/electron
-        node script/yarn.js create-typescript-definitions
-        node script/yarn.js tsc -p tsconfig.default_app.json --noEmit
+        node script/yarn create-typescript-definitions
+        node script/yarn tsc -p tsconfig.default_app.json --noEmit
        for f in build/webpack/*.js
        do
            out="${f:29}"
            if [ "$out" != "base.js" ]; then
-            node script/yarn.js webpack --config $f --output-filename=$out --output-path=./.tmp --env mode=development
+            node script/yarn webpack --config $f --output-filename=$out --output-path=./.tmp --env mode=development
            fi
        done
--- a/.github/workflows/pipeline-electron-lint.yml
+++ b/.github/workflows/pipeline-electron-lint.yml
@@ -8,8 +8,6 @@ on:
        description: 'Container to run lint in'
        type: string

-permissions: {}
-
 concurrency:
  group: electron-lint-${{ github.ref_protected == true && github.run_id || github.ref }}
  cancel-in-progress: ${{ github.ref_protected != true }}
@@ -20,14 +18,12 @@ env:
 jobs:
  lint:
    name: Lint
-    runs-on: electron-arc-centralus-linux-amd64-4core
-    permissions:
-      contents: read
+    runs-on: electron-arc-linux-amd64-4core
    timeout-minutes: 20
    container: ${{ fromJSON(inputs.container) }}
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -65,11 +61,6 @@ jobs:
        curl -sL "https://chromium.googlesource.com/chromium/src/+/${chromium_revision}/buildtools/DEPS?format=TEXT" | base64 -d > src/buildtools/DEPS

        gclient sync --spec="solutions=[{'name':'src/buildtools','url':None,'deps_file':'DEPS','custom_vars':{'process_deps':True},'managed':False}]"
-    - name: Add problem matchers
-      shell: bash
-      run: |
-        echo "::add-matcher::src/electron/.github/problem-matchers/eslint-stylish.json"
-        echo "::add-matcher::src/electron/.github/problem-matchers/markdownlint.json"
    - name: Run Lint
      shell: bash
      run: |
@@ -80,15 +71,11 @@ jobs:
        # but then we would lint its contents (at least gn format), and it doesn't pass it.

        cd src/electron
-        node script/yarn.js install --immutable
-        node script/yarn.js lint
+        node script/yarn install --frozen-lockfile
+        node script/yarn lint
    - name: Run Script Typechecker
      shell: bash
      run: |
        cd src/electron
-        node script/yarn.js tsc -p tsconfig.script.json
-    - name: Check GHA Workflows
-      shell: bash
-      run: |
-        cd src/electron
-        node script/copy-pipeline-segment-publish.js --check
+        node script/yarn tsc -p tsconfig.script.json
+    
--- a/.github/workflows/pipeline-segment-electron-build.yml
+++ b/.github/workflows/pipeline-segment-electron-build.yml
@@ -48,23 +48,17 @@ on:
        required: true
        type: string
        default: '0'
+      strip-binaries: 
+        description: 'Strip the binaries before release (Linux only)'
+        required: false
+        type: boolean
+        default: false
      is-asan: 
        description: 'Building the Address Sanitizer (ASan) Linux build'
        required: false
        type: boolean
        default: false
-      upload-out-gen-artifacts:
-        description: 'Whether to upload the src/gen artifacts'
-        required: false
-        type: boolean
-        default: false
-      enable-ssh:
-        description: 'Enable SSH debugging'
-        required: false
-        type: boolean
-        default: false

-permissions: {}

 concurrency:
  group: electron-build-${{ inputs.target-platform }}-${{ inputs.target-arch }}-${{ inputs.target-variant }}-${{ inputs.is-asan }}-${{ github.ref_protected == true && github.run_id || github.ref }}
@@ -73,14 +67,12 @@ concurrency:
 env:
  CHROMIUM_GIT_COOKIE: ${{ secrets.CHROMIUM_GIT_COOKIE }}
  CHROMIUM_GIT_COOKIE_WINDOWS_STRING: ${{ secrets.CHROMIUM_GIT_COOKIE_WINDOWS_STRING }}
-  DD_API_KEY: ${{ secrets.DD_API_KEY }}
  ELECTRON_ARTIFACTS_BLOB_STORAGE: ${{ secrets.ELECTRON_ARTIFACTS_BLOB_STORAGE }}
  ELECTRON_RBE_JWT: ${{ secrets.ELECTRON_RBE_JWT }}
  SUDOWOODO_EXCHANGE_URL: ${{ secrets.SUDOWOODO_EXCHANGE_URL }}
  SUDOWOODO_EXCHANGE_TOKEN: ${{ secrets.SUDOWOODO_EXCHANGE_TOKEN }}
  GCLIENT_EXTRA_ARGS: ${{ inputs.target-platform == 'macos' && '--custom-var=checkout_mac=True --custom-var=host_os=mac' || inputs.target-platform == 'win' && '--custom-var=checkout_win=True' || '--custom-var=checkout_arm=True --custom-var=checkout_arm64=True' }}
  ELECTRON_OUT_DIR: Default
-  ACTIONS_STEP_DEBUG: ${{ secrets.ACTIONS_STEP_DEBUG }}

 jobs:
  build:
@@ -88,34 +80,20 @@ jobs:
      run:
        shell: bash
    runs-on: ${{ inputs.build-runs-on }}
-    permissions:
-      contents: read
    container: ${{ fromJSON(inputs.build-container) }}
    environment: ${{ inputs.environment }}
    env:
      TARGET_ARCH: ${{ inputs.target-arch }}
-      TARGET_PLATFORM: ${{ inputs.target-platform }}
    steps:
    - name: Create src dir
      run: |
        mkdir src
    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
        ref: ${{ github.event.pull_request.head.sha }}
-    - name: Setup SSH Debugging
-      if: ${{ inputs.target-platform == 'macos' && (inputs.enable-ssh || env.ACTIONS_STEP_DEBUG == 'true') }}
-      uses: ./src/electron/.github/actions/ssh-debug
-      with:
-        tunnel: 'true'
-      env:
-        CLOUDFLARE_TUNNEL_CERT: ${{ secrets.CLOUDFLARE_TUNNEL_CERT }}
-        CLOUDFLARE_TUNNEL_HOSTNAME: ${{ vars.CLOUDFLARE_TUNNEL_HOSTNAME }}
-        CLOUDFLARE_USER_CA_CERT: ${{ secrets.CLOUDFLARE_USER_CA_CERT }}
-        AUTHORIZED_USERS: ${{ secrets.SSH_DEBUG_AUTHORIZED_USERS }}
-        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    - name: Free up space (macOS)
      if: ${{ inputs.target-platform == 'macos' }}
      uses: ./src/electron/.github/actions/free-space-macos
@@ -124,9 +102,9 @@ jobs:
      run: df -h
    - name: Setup Node.js/npm
      if: ${{ inputs.target-platform == 'macos' }}
-      uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238
+      uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020
      with:
-        node-version: 22.21.x
+        node-version: 20.19.x
        cache: yarn
        cache-dependency-path: src/electron/yarn.lock
    - name: Install Dependencies
@@ -168,7 +146,7 @@ jobs:
      if: ${{ inputs.target-platform == 'linux' }}
      uses: ./src/electron/.github/actions/restore-cache-aks
    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -182,7 +160,7 @@ jobs:
        ELECTRON_DEPOT_TOOLS_DISABLE_LOG: true
    - name: Init Build Tools
      run: |
-        e init -f --root=$(pwd) --out=Default ${{ inputs.gn-build-type }} --import ${{ inputs.gn-build-type }} --target-cpu ${{ inputs.target-arch }} --remote-build siso
+        e init -f --root=$(pwd) --out=Default ${{ inputs.gn-build-type }} --import ${{ inputs.gn-build-type }} --target-cpu ${{ inputs.target-arch }}
    - name: Run Electron Only Hooks
      run: |
        e d gclient runhooks --spec="solutions=[{'name':'src/electron','url':None,'deps_file':'DEPS','custom_vars':{'process_deps':False},'managed':False}]"
@@ -192,6 +170,9 @@ jobs:
        echo "DEPSHASH=$(cat src/electron/.depshash)" >> $GITHUB_ENV
    - name: Add CHROMIUM_BUILDTOOLS_PATH to env
      run: echo "CHROMIUM_BUILDTOOLS_PATH=$(pwd)/src/buildtools" >> $GITHUB_ENV
+    - name: Setup Number of Ninja Processes
+      run: |
+        echo "NUMBER_OF_NINJA_PROCESSES=${{ inputs.target-platform != 'macos' && '300' || '200' }}" >> $GITHUB_ENV
    - name: Free up space (macOS)
      if: ${{ inputs.target-platform == 'macos' }}
      uses: ./src/electron/.github/actions/free-space-macos
@@ -204,9 +185,9 @@ jobs:
        artifact-platform: ${{ inputs.target-platform == 'macos' && 'darwin' || inputs.target-platform }}
        is-release: '${{ inputs.is-release }}'
        generate-symbols: '${{ inputs.generate-symbols }}'
+        strip-binaries: '${{ inputs.strip-binaries }}'
        upload-to-storage: '${{ inputs.upload-to-storage }}'
        is-asan: '${{ inputs.is-asan }}'
-        upload-out-gen-artifacts: '${{ inputs.upload-out-gen-artifacts }}'
    - name: Set GN_EXTRA_ARGS for MAS Build
      if: ${{ inputs.target-platform == 'macos' && (inputs.target-variant == 'all' || inputs.target-variant == 'mas') }}
      run: |
--- a/.github/workflows/pipeline-segment-electron-clang-tidy.yml
+++ b/.github/workflows/pipeline-segment-electron-clang-tidy.yml
@@ -1,159 +0,0 @@
-name: Pipeline Segment - Electron Clang-Tidy
-
-on:
-  workflow_call:
-    inputs:
-      target-platform:
-        type: string
-        description: 'Platform to run on, can be macos, win or linux'
-        required: true
-      target-arch:
-        type: string
-        description: 'Arch to build for, can be x64, arm64 or arm'
-        required: true
-      clang-tidy-runs-on:
-        type: string
-        description: 'What host to run clang-tidy on'
-        required: true
-      clang-tidy-container:
-        type: string
-        description: 'JSON container information for aks runs-on'
-        required: false
-        default: '{"image":null}'
-
-permissions: {}
-
-concurrency:
-  group: electron-clang-tidy-${{ inputs.target-platform }}-${{ inputs.target-arch }}-${{ github.ref }}
-  cancel-in-progress: true
-
-env:
-  GCLIENT_EXTRA_ARGS: ${{ inputs.target-platform == 'macos' && '--custom-var=checkout_mac=True --custom-var=host_os=mac' || (inputs.target-platform == 'linux' && '--custom-var=checkout_arm=True --custom-var=checkout_arm64=True' || '--custom-var=checkout_win=True') }}
-  ELECTRON_OUT_DIR: Default
-
-jobs:
-  clang-tidy:
-    defaults:
-      run:
-        shell: bash
-    runs-on: ${{ inputs.clang-tidy-runs-on }}
-    permissions:
-      contents: read
-    container: ${{ fromJSON(inputs.clang-tidy-container) }}
-    env:
-      BUILD_TYPE: ${{ inputs.target-platform == 'macos' && 'darwin' || inputs.target-platform }}
-      TARGET_ARCH: ${{ inputs.target-arch }}
-      TARGET_PLATFORM: ${{ inputs.target-platform }}
-      ARTIFACT_KEY: ${{ inputs.target-platform == 'macos' && 'darwin' || inputs.target-platform }}_${{ inputs.target-arch }}
-    steps:
-    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
-      with:
-        path: src/electron
-        fetch-depth: 0
-        ref: ${{ github.event.pull_request.head.sha }}
-    - name: Cleanup disk space on macOS
-      if: ${{ inputs.target-platform == 'macos' }}
-      shell: bash
-      run: |   
-        sudo mkdir -p $TMPDIR/del-target
-
-        tmpify() {
-          if [ -d "$1" ]; then
-            sudo mv "$1" $TMPDIR/del-target/$(echo $1|shasum -a 256|head -n1|cut -d " " -f1)
-          fi
-        }   
-        tmpify /Library/Developer/CoreSimulator
-        tmpify ~/Library/Developer/CoreSimulator
-        sudo rm -rf $TMPDIR/del-target
-    - name: Check disk space after freeing up space
-      if: ${{ inputs.target-platform == 'macos' }}
-      run: df -h
-    - name: Set Chromium Git Cookie
-      uses: ./src/electron/.github/actions/set-chromium-cookie
-    - name: Install Build Tools
-      uses: ./src/electron/.github/actions/install-build-tools
-    - name: Enable windows toolchain
-      if: ${{ inputs.target-platform == 'win' }}
-      run: |
-        echo "ELECTRON_DEPOT_TOOLS_WIN_TOOLCHAIN=1" >> $GITHUB_ENV
-    - name: Generate DEPS Hash
-      run: |
-        node src/electron/script/generate-deps-hash.js
-        DEPSHASH=v1-src-cache-$(cat src/electron/.depshash)
-        echo "DEPSHASH=$DEPSHASH" >> $GITHUB_ENV
-        echo "CACHE_PATH=$DEPSHASH.tar" >> $GITHUB_ENV
-    - name: Restore src cache via AZCopy
-      if: ${{ inputs.target-platform == 'macos' }}
-      uses: ./src/electron/.github/actions/restore-cache-azcopy
-      with:
-        target-platform: ${{ inputs.target-platform }}      
-    - name: Restore src cache via AKS
-      if: ${{ inputs.target-platform == 'linux' || inputs.target-platform == 'win' }}
-      uses: ./src/electron/.github/actions/restore-cache-aks
-      with:
-        target-platform: ${{ inputs.target-platform }}
-    - name: Run Electron Only Hooks
-      run: |
-        echo "solutions=[{'name':'src/electron','url':None,'deps_file':'DEPS','custom_vars':{'process_deps':False},'managed':False}]" > tmpgclient
-        if [ "${{ inputs.target-platform }}" = "win" ]; then
-          echo "solutions=[{'name':'src/electron','url':None,'deps_file':'DEPS','custom_vars':{'process_deps':False,'install_sysroot':False,'checkout_win':True},'managed':False}]" > tmpgclient
-          echo "target_os=['win']" >> tmpgclient
-        fi
-        e d gclient runhooks --gclientfile=tmpgclient
-
-        # Fix VS Toolchain
-        if [ "${{ inputs.target-platform }}" = "win" ]; then
-          rm -rf src/third_party/depot_tools/win_toolchain/vs_files
-          e d python3 src/build/vs_toolchain.py update --force
-        fi
-    - name: Regenerate DEPS Hash
-      run: |
-        (cd src/electron && git checkout .) && node src/electron/script/generate-deps-hash.js
-        echo "DEPSHASH=$(cat src/electron/.depshash)" >> $GITHUB_ENV
-    - name: Add CHROMIUM_BUILDTOOLS_PATH to env
-      run: echo "CHROMIUM_BUILDTOOLS_PATH=$(pwd)/src/buildtools" >> $GITHUB_ENV
-    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
-      with:
-        path: src/electron
-        fetch-depth: 0
-        ref: ${{ github.event.pull_request.head.sha }}
-    - name: Install Dependencies
-      uses: ./src/electron/.github/actions/install-dependencies
-    - name: Default GN gen
-      run: |
-        cd src/electron
-        git pack-refs
-    - name: Download Out Gen Artifacts
-      uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131
-      with:
-        name: out_gen_artifacts_${{ env.ARTIFACT_KEY }}
-        path: ./src/out/${{ env.ELECTRON_OUT_DIR }}/gen
-    - name: Add Clang problem matcher
-      shell: bash
-      run: echo "::add-matcher::src/electron/.github/problem-matchers/clang.json"
-    - name: Run Clang-Tidy
-      run: |
-        e init -f --root=$(pwd) --out=${ELECTRON_OUT_DIR} testing --target-cpu ${TARGET_ARCH}
-
-        export GN_EXTRA_ARGS="target_cpu=\"${TARGET_ARCH}\""
-        if [ "${{ inputs.target-platform }}" = "win" ]; then
-          export GN_EXTRA_ARGS="$GN_EXTRA_ARGS use_v8_context_snapshot=true target_os=\"win\""
-        fi
-
-        e build --only-gen
-
-        cd src/electron
-        node script/yarn.js lint:clang-tidy --jobs 8 --out-dir ../out/${ELECTRON_OUT_DIR}
-    - name: Remove Clang problem matcher
-      shell: bash
-      run: echo "::remove-matcher owner=clang::"
-    - name: Wait for active SSH sessions
-      if: always() && !cancelled()
-      shell: bash
-      run: |
-        while [ -f /var/.ssh-lock ]
-        do
-          sleep 60
-        done
--- a/.github/workflows/pipeline-segment-electron-gn-check.yml
+++ b/.github/workflows/pipeline-segment-electron-gn-check.yml
@@ -26,8 +26,6 @@ on:
        type: string
        default: testing

-permissions: {}
-
 concurrency:
  group: electron-gn-check-${{ inputs.target-platform }}-${{ github.ref }}
  cancel-in-progress: true
@@ -43,12 +41,10 @@ jobs:
      run:
        shell: bash
    runs-on: ${{ inputs.check-runs-on }}
-    permissions:
-      contents: read
    container: ${{ fromJSON(inputs.check-container) }}
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -115,7 +111,7 @@ jobs:
    - name: Add CHROMIUM_BUILDTOOLS_PATH to env
      run: echo "CHROMIUM_BUILDTOOLS_PATH=$(pwd)/src/buildtools" >> $GITHUB_ENV
    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
--- a/.github/workflows/pipeline-segment-electron-publish.yml
+++ b/.github/workflows/pipeline-segment-electron-publish.yml
@@ -1,243 +0,0 @@
-# AUTOGENERATED FILE - DO NOT EDIT MANUALLY
-# ONLY EDIT .github/workflows/pipeline-segment-electron-build.yml
-
-name: Pipeline Segment - Electron Build
-on:
-  workflow_call:
-    inputs:
-      environment:
-        description: using the production or testing environment
-        required: false
-        type: string
-      target-platform:
-        type: string
-        description: Platform to run on, can be macos, win or linux
-        required: true
-      target-arch:
-        type: string
-        description: Arch to build for, can be x64, arm64, ia32 or arm
-        required: true
-      target-variant:
-        type: string
-        description: Variant to build for, no effect on non-macOS target platforms. Can
-          be darwin, mas or all.
-        default: all
-      build-runs-on:
-        type: string
-        description: What host to run the build
-        required: true
-      build-container:
-        type: string
-        description: JSON container information for aks runs-on
-        required: false
-        default: '{"image":null}'
-      is-release:
-        description: Whether this build job is a release job
-        required: true
-        type: boolean
-        default: false
-      gn-build-type:
-        description: The gn build type - testing or release
-        required: true
-        type: string
-        default: testing
-      generate-symbols:
-        description: Whether or not to generate symbols
-        required: true
-        type: boolean
-        default: false
-      upload-to-storage:
-        description: Whether or not to upload build artifacts to external storage
-        required: true
-        type: string
-        default: "0"
-      is-asan:
-        description: Building the Address Sanitizer (ASan) Linux build
-        required: false
-        type: boolean
-        default: false
-      upload-out-gen-artifacts:
-        description: Whether to upload the src/gen artifacts
-        required: false
-        type: boolean
-        default: false
-      enable-ssh:
-        description: Enable SSH debugging
-        required: false
-        type: boolean
-        default: false
-permissions: {}
-concurrency:
-  group: electron-build-${{ inputs.target-platform }}-${{ inputs.target-arch
-    }}-${{ inputs.target-variant }}-${{ inputs.is-asan }}-${{
-    github.ref_protected == true && github.run_id || github.ref }}
-  cancel-in-progress: ${{ github.ref_protected != true }}
-env:
-  CHROMIUM_GIT_COOKIE: ${{ secrets.CHROMIUM_GIT_COOKIE }}
-  CHROMIUM_GIT_COOKIE_WINDOWS_STRING: ${{ secrets.CHROMIUM_GIT_COOKIE_WINDOWS_STRING }}
-  DD_API_KEY: ${{ secrets.DD_API_KEY }}
-  ELECTRON_ARTIFACTS_BLOB_STORAGE: ${{ secrets.ELECTRON_ARTIFACTS_BLOB_STORAGE }}
-  ELECTRON_RBE_JWT: ${{ secrets.ELECTRON_RBE_JWT }}
-  SUDOWOODO_EXCHANGE_URL: ${{ secrets.SUDOWOODO_EXCHANGE_URL }}
-  SUDOWOODO_EXCHANGE_TOKEN: ${{ secrets.SUDOWOODO_EXCHANGE_TOKEN }}
-  GCLIENT_EXTRA_ARGS: ${{ inputs.target-platform == 'macos' &&
-    '--custom-var=checkout_mac=True --custom-var=host_os=mac' ||
-    inputs.target-platform == 'win' && '--custom-var=checkout_win=True' ||
-    '--custom-var=checkout_arm=True --custom-var=checkout_arm64=True' }}
-  ELECTRON_OUT_DIR: Default
-  ACTIONS_STEP_DEBUG: ${{ secrets.ACTIONS_STEP_DEBUG }}
-jobs:
-  build:
-    defaults:
-      run:
-        shell: bash
-    runs-on: ${{ inputs.build-runs-on }}
-    permissions:
-      artifact-metadata: write
-      attestations: write
-      contents: read
-      id-token: write
-    container: ${{ fromJSON(inputs.build-container) }}
-    environment: ${{ inputs.environment }}
-    env:
-      TARGET_ARCH: ${{ inputs.target-arch }}
-      TARGET_PLATFORM: ${{ inputs.target-platform }}
-    steps:
-      - name: Create src dir
-        run: |
-          mkdir src
-      - name: Checkout Electron
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
-        with:
-          path: src/electron
-          fetch-depth: 0
-          ref: ${{ github.event.pull_request.head.sha }}
-      - name: Setup SSH Debugging
-        if: ${{ inputs.target-platform == 'macos' && (inputs.enable-ssh ||
-          env.ACTIONS_STEP_DEBUG == 'true') }}
-        uses: ./src/electron/.github/actions/ssh-debug
-        with:
-          tunnel: "true"
-        env:
-          CLOUDFLARE_TUNNEL_CERT: ${{ secrets.CLOUDFLARE_TUNNEL_CERT }}
-          CLOUDFLARE_TUNNEL_HOSTNAME: ${{ vars.CLOUDFLARE_TUNNEL_HOSTNAME }}
-          CLOUDFLARE_USER_CA_CERT: ${{ secrets.CLOUDFLARE_USER_CA_CERT }}
-          AUTHORIZED_USERS: ${{ secrets.SSH_DEBUG_AUTHORIZED_USERS }}
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      - name: Free up space (macOS)
-        if: ${{ inputs.target-platform == 'macos' }}
-        uses: ./src/electron/.github/actions/free-space-macos
-      - name: Check disk space after freeing up space
-        if: ${{ inputs.target-platform == 'macos' }}
-        run: df -h
-      - name: Setup Node.js/npm
-        if: ${{ inputs.target-platform == 'macos' }}
-        uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238
-        with:
-          node-version: 22.21.x
-          cache: yarn
-          cache-dependency-path: src/electron/yarn.lock
-      - name: Install Dependencies
-        uses: ./src/electron/.github/actions/install-dependencies
-      - name: Install AZCopy
-        if: ${{ inputs.target-platform == 'macos' }}
-        run: brew install azcopy
-      - name: Set GN_EXTRA_ARGS for Linux
-        if: ${{ inputs.target-platform == 'linux' }}
-        run: >
-          if [ "${{ inputs.target-arch  }}" = "arm" ]; then
-            if [ "${{ inputs.is-release  }}" = true ]; then
-              GN_EXTRA_ARGS='target_cpu="arm" build_tflite_with_xnnpack=false symbol_level=1'
-            else
-              GN_EXTRA_ARGS='target_cpu="arm" build_tflite_with_xnnpack=false'
-            fi
-          elif [ "${{ inputs.target-arch }}" = "arm64" ]; then
-            GN_EXTRA_ARGS='target_cpu="arm64" fatal_linker_warnings=false enable_linux_installer=false'
-          elif [ "${{ inputs.is-asan }}" = true ]; then
-            GN_EXTRA_ARGS='is_asan=true'
-          fi
-
-          echo "GN_EXTRA_ARGS=$GN_EXTRA_ARGS" >> $GITHUB_ENV
-      - name: Set Chromium Git Cookie
-        uses: ./src/electron/.github/actions/set-chromium-cookie
-      - name: Install Build Tools
-        uses: ./src/electron/.github/actions/install-build-tools
-      - name: Generate DEPS Hash
-        run: |
-          node src/electron/script/generate-deps-hash.js
-          DEPSHASH=v1-src-cache-$(cat src/electron/.depshash)
-          echo "DEPSHASH=$DEPSHASH" >> $GITHUB_ENV
-          echo "CACHE_PATH=$DEPSHASH.tar" >> $GITHUB_ENV
-      - name: Restore src cache via AZCopy
-        if: ${{ inputs.target-platform != 'linux' }}
-        uses: ./src/electron/.github/actions/restore-cache-azcopy
-        with:
-          target-platform: ${{ inputs.target-platform }}
-      - name: Restore src cache via AKS
-        if: ${{ inputs.target-platform == 'linux' }}
-        uses: ./src/electron/.github/actions/restore-cache-aks
-      - name: Checkout Electron
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
-        with:
-          path: src/electron
-          fetch-depth: 0
-          ref: ${{ github.event.pull_request.head.sha }}
-      - name: Fix Sync
-        if: ${{ inputs.target-platform != 'linux' }}
-        uses: ./src/electron/.github/actions/fix-sync
-        with:
-          target-platform: ${{ inputs.target-platform }}
-        env:
-          ELECTRON_DEPOT_TOOLS_DISABLE_LOG: true
-      - name: Init Build Tools
-        run: >
-          e init -f --root=$(pwd) --out=Default ${{ inputs.gn-build-type }}
-          --import ${{ inputs.gn-build-type }} --target-cpu ${{
-          inputs.target-arch }} --remote-build siso
-      - name: Run Electron Only Hooks
-        run: |
-          e d gclient runhooks --spec="solutions=[{'name':'src/electron','url':None,'deps_file':'DEPS','custom_vars':{'process_deps':False},'managed':False}]"
-      - name: Regenerate DEPS Hash
-        run: >
-          (cd src/electron && git checkout .) && node
-          src/electron/script/generate-deps-hash.js
-
-          echo "DEPSHASH=$(cat src/electron/.depshash)" >> $GITHUB_ENV
-      - name: Add CHROMIUM_BUILDTOOLS_PATH to env
-        run: echo "CHROMIUM_BUILDTOOLS_PATH=$(pwd)/src/buildtools" >> $GITHUB_ENV
-      - name: Free up space (macOS)
-        if: ${{ inputs.target-platform == 'macos' }}
-        uses: ./src/electron/.github/actions/free-space-macos
-      - name: Build Electron
-        if: ${{ inputs.target-platform != 'macos' || (inputs.target-variant == 'all' ||
-          inputs.target-variant == 'darwin') }}
-        uses: ./src/electron/.github/actions/build-electron
-        with:
-          target-arch: ${{ inputs.target-arch }}
-          target-platform: ${{ inputs.target-platform }}
-          artifact-platform: ${{ inputs.target-platform == 'macos' && 'darwin' ||
-            inputs.target-platform }}
-          is-release: ${{ inputs.is-release }}
-          generate-symbols: ${{ inputs.generate-symbols }}
-          upload-to-storage: ${{ inputs.upload-to-storage }}
-          is-asan: ${{ inputs.is-asan }}
-          upload-out-gen-artifacts: ${{ inputs.upload-out-gen-artifacts }}
-      - name: Set GN_EXTRA_ARGS for MAS Build
-        if: ${{ inputs.target-platform == 'macos' && (inputs.target-variant == 'all' ||
-          inputs.target-variant == 'mas') }}
-        run: |
-          echo "MAS_BUILD=true" >> $GITHUB_ENV
-          GN_EXTRA_ARGS='is_mas_build=true'
-          echo "GN_EXTRA_ARGS=$GN_EXTRA_ARGS" >> $GITHUB_ENV
-      - name: Build Electron (MAS)
-        if: ${{ inputs.target-platform == 'macos' && (inputs.target-variant == 'all' ||
-          inputs.target-variant == 'mas') }}
-        uses: ./src/electron/.github/actions/build-electron
-        with:
-          target-arch: ${{ inputs.target-arch }}
-          target-platform: ${{ inputs.target-platform }}
-          artifact-platform: mas
-          is-release: ${{ inputs.is-release }}
-          generate-symbols: ${{ inputs.generate-symbols }}
-          upload-to-storage: ${{ inputs.upload-to-storage }}
-          step-suffix: (mas)
--- a/.github/workflows/pipeline-segment-electron-test.yml
+++ b/.github/workflows/pipeline-segment-electron-test.yml
@@ -25,24 +25,21 @@ on:
        required: false
        type: boolean
        default: false
-      enable-ssh:
-        description: 'Enable SSH debugging'
-        required: false
-        type: boolean
-        default: false

 concurrency:
  group: electron-test-${{ inputs.target-platform }}-${{ inputs.target-arch }}-${{ inputs.is-asan }}-${{ github.ref_protected == true && github.run_id || github.ref }}
  cancel-in-progress: ${{ github.ref_protected != true }}

-permissions: {}
+permissions:
+  contents: read
+  issues: read
+  pull-requests: read

 env:
  CHROMIUM_GIT_COOKIE: ${{ secrets.CHROMIUM_GIT_COOKIE }}
  CHROMIUM_GIT_COOKIE_WINDOWS_STRING: ${{ secrets.CHROMIUM_GIT_COOKIE_WINDOWS_STRING }}
  ELECTRON_OUT_DIR: Default
  ELECTRON_RBE_JWT: ${{ secrets.ELECTRON_RBE_JWT }}
-  ACTIONS_STEP_DEBUG: ${{ secrets.ACTIONS_STEP_DEBUG }}

 jobs:
  test:
@@ -50,10 +47,6 @@ jobs:
      run:
        shell: bash
    runs-on: ${{ inputs.test-runs-on }}
-    permissions:
-      contents: read
-      issues: read
-      pull-requests: read
    container: ${{ fromJSON(inputs.test-container) }}
    strategy:
      fail-fast: false
@@ -69,16 +62,29 @@ jobs:
      if: ${{ inputs.target-arch == 'arm' && inputs.target-platform == 'linux' }}
      run: |
        cp $(which node) /mnt/runner-externals/node20/bin/
-        cp $(which node) /mnt/runner-externals/node24/bin/
+    - name: Install Git on Windows arm64 runners
+      if: ${{ inputs.target-arch == 'arm64' && inputs.target-platform == 'win' }}
+      shell: powershell
+      run: |
+        Set-ExecutionPolicy Bypass -Scope Process -Force
+        [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072
+        iex ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1'))
+        choco install -y --no-progress git.install --params "'/GitAndUnixToolsOnPath'"
+        choco install -y --no-progress git
+        choco install -y --no-progress python --version 3.11.9
+        choco install -y --no-progress visualstudio2022-workload-vctools --package-parameters "--add Microsoft.VisualStudio.Component.VC.Tools.ARM64"
+        echo "C:\Program Files\Git\cmd" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append
+        echo "C:\Program Files\Git\bin" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append
+        echo "C:\Python311" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append
+        cp "C:\Python311\python.exe" "C:\Python311\python3.exe"
    - name: Setup Node.js/npm
      if: ${{ inputs.target-platform == 'win' }}
-      uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238
+      uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020
      with:
-        node-version: 22.21.x
+        node-version: 20.19.x
    - name: Add TCC permissions on macOS
      if: ${{ inputs.target-platform == 'macos' }}
      run: |
-        epochdate=$(($(date +'%s * 1000 + %-N / 1000000')))
        configure_user_tccdb () {
          local values=$1
          local dbPath="$HOME/Library/Application Support/com.apple.TCC/TCC.db"
@@ -94,17 +100,14 @@ jobs:
        }

        userValuesArray=(
+            "'kTCCServiceMicrophone','/usr/local/opt/runner/provisioner/provisioner',1,2,4,1,NULL,NULL,0,'UNUSED',NULL,0,1687786159"
            "'kTCCServiceCamera','/usr/local/opt/runner/provisioner/provisioner',1,2,4,1,NULL,NULL,0,'UNUSED',NULL,0,1687786159"
            "'kTCCServiceBluetoothAlways','/usr/local/opt/runner/provisioner/provisioner',1,2,4,1,NULL,NULL,0,'UNUSED',NULL,0,1687786159"
-            "'kTCCServiceAppleEvents','/usr/local/opt/runner/provisioner/provisioner',1,2,4,1,NULL,NULL,0,'UNUSED',NULL,0,1687786159"
-            "'kTCCServiceCamera','/opt/hca/hosted-compute-agent',1,2,4,1,NULL,NULL,0,'UNUSED',NULL,0,1687786159"
-            "'kTCCServiceBluetoothAlways','/opt/hca/hosted-compute-agent',1,2,4,1,NULL,NULL,0,'UNUSED',NULL,0,1687786159"
-            "'kTCCServiceScreenCapture','/bin/bash',1,2,3,1,NULL,NULL,NULL,'UNUSED',NULL,0,$epochdate"
        )
        for values in "${userValuesArray[@]}"; do
          # Sonoma and higher have a few extra values
          # Ref: https://github.com/actions/runner-images/blob/main/images/macos/scripts/build/configure-tccdb-macos.sh
-          if [ "$OSTYPE" = "darwin23" ] || [ "$OSTYPE" = "darwin24" ]; then
+          if [ "$OSTYPE" = "darwin23" ]; then
            configure_user_tccdb "$values,NULL,NULL,'UNUSED',${values##*,}"
            configure_sys_tccdb "$values,NULL,NULL,'UNUSED',${values##*,}"
          else
@@ -115,32 +118,12 @@ jobs:
    - name: Turn off the unexpectedly quit dialog on macOS
      if: ${{ inputs.target-platform == 'macos' }}
      run: defaults write com.apple.CrashReporter DialogType server
-    - name: Set xcode to 16.4
-      if: ${{ inputs.target-platform == 'macos' }}
-      run: sudo xcode-select --switch /Applications/Xcode_16.4.app
    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
        ref: ${{ github.event.pull_request.head.sha }}
-    - name: Turn off screenshot nag on macOS
-      if: ${{ inputs.target-platform == 'macos' }}
-      run: |
-        defaults write ~/Library/Group\ Containers/group.com.apple.replayd/ScreenCaptureApprovals.plist "/bin/bash" -date "3024-09-23 12:00:00 +0000"
-        src/electron/script/actions/screencapture-nag-remover.sh -a $(which bash)
-        src/electron/script/actions/screencapture-nag-remover.sh -a /opt/hca/hosted-compute-agent
-    - name: Setup SSH Debugging
-      if: ${{ inputs.target-platform == 'macos' && (inputs.enable-ssh || env.ACTIONS_STEP_DEBUG == 'true') }}
-      uses: ./src/electron/.github/actions/ssh-debug
-      with:
-        tunnel: 'true'
-      env:
-        CLOUDFLARE_TUNNEL_CERT: ${{ secrets.CLOUDFLARE_TUNNEL_CERT }}
-        CLOUDFLARE_TUNNEL_HOSTNAME: ${{ vars.CLOUDFLARE_TUNNEL_HOSTNAME }}
-        CLOUDFLARE_USER_CA_CERT: ${{ secrets.CLOUDFLARE_USER_CA_CERT }}
-        AUTHORIZED_USERS: ${{ secrets.SSH_DEBUG_AUTHORIZED_USERS }}
-        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    - name: Install Dependencies
      uses: ./src/electron/.github/actions/install-dependencies
    - name: Set Chromium Git Cookie
@@ -152,9 +135,7 @@ jobs:
        git config --global core.autocrlf false
        git config --global branch.autosetuprebase always
        git config --global core.fscache true
-        git config --global core.longpaths true
        git config --global core.preloadindex true
-        git config --global core.longpaths true
        git clone --filter=tree:0 https://chromium.googlesource.com/chromium/tools/depot_tools.git
        # Ensure depot_tools does not update.
        test -d depot_tools && cd depot_tools
@@ -168,48 +149,50 @@ jobs:
        echo "DISABLE_CRASH_REPORTER_TESTS=true" >> $GITHUB_ENV
        echo "IS_ASAN=true" >> $GITHUB_ENV
    - name: Download Generated Artifacts
-      uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131
+      uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093
      with:
        name: generated_artifacts_${{ env.ARTIFACT_KEY }}
        path: ./generated_artifacts_${{ matrix.build-type }}_${{ inputs.target-arch }}
    - name: Download Src Artifacts
-      uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131
+      uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093
      with:
        name: src_artifacts_${{ env.ARTIFACT_KEY }}
        path: ./src_artifacts_${{ matrix.build-type }}_${{ inputs.target-arch }}
    - name: Restore Generated Artifacts
      run: ./src/electron/script/actions/restore-artifacts.sh
-    - name: Unzip Dist (win)
+    - name: Unzip Dist, Mksnapshot & Chromedriver (win)
      if: ${{ inputs.target-platform == 'win' }}
      shell: powershell
      run: |
        Set-ExecutionPolicy Bypass -Scope Process -Force
        cd src/out/Default
        Expand-Archive -Force dist.zip -DestinationPath ./
-    - name: Unzip Dist (unix)
+        Expand-Archive -Force chromedriver.zip -DestinationPath ./
+        Expand-Archive -Force mksnapshot.zip -DestinationPath ./
+    - name: Unzip Dist, Mksnapshot & Chromedriver (unix)
      if: ${{ inputs.target-platform != 'win' }}
      run: |
        cd src/out/Default
        unzip -:o dist.zip
+        unzip -:o chromedriver.zip
+        unzip -:o mksnapshot.zip
    - name: Import & Trust Self-Signed Codesigning Cert on MacOS
-      if: ${{ inputs.target-platform == 'macos' }}
+      if: ${{ inputs.target-platform == 'macos' && inputs.target-arch == 'x64' }}
      run: |
+        sudo security authorizationdb write com.apple.trust-settings.admin allow
        cd src/electron
        ./script/codesign/generate-identity.sh
-    - name: Sign Electron.app for macOS tests
-      if: ${{ inputs.target-platform == 'macos' }}
+    - name: Install Datadog CLI
      run: |
-        identity=$(src/electron/script/codesign/get-trusted-identity.sh)
-        if [ -n "$identity" ]; then
-          codesign -s "$identity" --deep --force src/out/Default/Electron.app
-        fi
-
+        cd src/electron
+        node script/yarn global add @datadog/datadog-ci
    - name: Run Electron Tests
      shell: bash
      env:
        MOCHA_REPORTER: mocha-multi-reporters
        MOCHA_MULTI_REPORTERS: mocha-junit-reporter, tap
        ELECTRON_DISABLE_SECURITY_WARNINGS: 1
+        ELECTRON_SKIP_NATIVE_MODULE_TESTS: true
        DISPLAY: ':99.0'
        NPM_CONFIG_MSVS_VERSION: '2022'
      run: |
@@ -229,7 +212,7 @@ jobs:
              export ELECTRON_FORCE_TEST_SUITE_EXIT="true"
            fi
          fi
-          node script/yarn.js test --runners=main --enableRerun=3 --trace-uncaught --enable-logging --files $tests_files
+          node script/yarn test --runners=main --trace-uncaught --enable-logging --files $tests_files
        else
          chown :builduser .. && chmod g+w ..
          chown -R :builduser . && chmod -R g+w .
@@ -246,14 +229,9 @@ jobs:
            export MOCHA_TIMEOUT=180000
            echo "Piping output to ASAN_SYMBOLIZE ($ASAN_SYMBOLIZE)"
            cd electron
-            runuser -u builduser -- xvfb-run script/actions/run-tests.sh script/yarn.js test --runners=main --trace-uncaught --enable-logging --files $tests_files | $ASAN_SYMBOLIZE
+            runuser -u builduser -- xvfb-run script/actions/run-tests.sh script/yarn test --runners=main --trace-uncaught --enable-logging --files $tests_files | $ASAN_SYMBOLIZE
          else
-            if [ "${{ inputs.target-arch }}" = "arm" ]; then
-              runuser -u builduser -- xvfb-run script/actions/run-tests.sh script/yarn.js test --skipYarnInstall --runners=main --enableRerun=3 --trace-uncaught --enable-logging --files $tests_files
-            else 
-              runuser -u builduser -- xvfb-run script/actions/run-tests.sh script/yarn.js test --runners=main --enableRerun=3 --trace-uncaught --enable-logging --files $tests_files
-            fi
-            
+            runuser -u builduser -- xvfb-run script/actions/run-tests.sh script/yarn test --runners=main --trace-uncaught --enable-logging --files $tests_files
          fi
        fi
    - name: Upload Test results to Datadog
@@ -265,14 +243,13 @@ jobs:
        DD_TAGS: "os.architecture:${{ inputs.target-arch }},os.family:${{ inputs.target-platform }},os.platform:${{ inputs.target-platform }},asan:${{ inputs.is-asan }}"
      run: |
        if ! [ -z $DD_API_KEY ] && [ -f src/electron/junit/test-results-main.xml ]; then
-          cd src/electron
-          export DATADOG_PATH=`node script/yarn.js bin datadog-ci`
-          $DATADOG_PATH junit upload junit/test-results-main.xml
-        fi
+          export DATADOG_PATH=`node src/electron/script/yarn global bin`
+          $DATADOG_PATH/datadog-ci junit upload src/electron/junit/test-results-main.xml
+        fi          
      if: always() && !cancelled()
    - name: Upload Test Artifacts
      if: always() && !cancelled()
-      uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f
+      uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02
      with:
        name: test_artifacts_${{ env.ARTIFACT_KEY }}_${{ matrix.shard }}
        path: src/electron/spec/artifacts
--- a/.github/workflows/pipeline-segment-node-nan-test.yml
+++ b/.github/workflows/pipeline-segment-node-nan-test.yml
@@ -26,8 +26,6 @@ on:
        type: string
        default: testing

-permissions: {}
-
 concurrency:
  group: electron-node-nan-test-${{ inputs.target-platform }}-${{ inputs.target-arch }}-${{ github.ref_protected == true && github.run_id || github.ref }}
  cancel-in-progress: ${{ github.ref_protected != true }}
@@ -40,9 +38,7 @@ env:
 jobs:
  node-tests:
    name: Run Node.js Tests
-    runs-on: electron-arc-centralus-linux-amd64-8core
-    permissions:
-      contents: read
+    runs-on: electron-arc-linux-amd64-8core
    timeout-minutes: 30
    env: 
      TARGET_ARCH: ${{ inputs.target-arch }}
@@ -50,7 +46,7 @@ jobs:
    container: ${{ fromJSON(inputs.test-container) }}
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -65,12 +61,12 @@ jobs:
    - name: Install Dependencies
      uses: ./src/electron/.github/actions/install-dependencies
    - name: Download Generated Artifacts
-      uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131
+      uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093
      with:
        name: generated_artifacts_${{ env.BUILD_TYPE }}_${{ env.TARGET_ARCH }}
        path: ./generated_artifacts_${{ env.BUILD_TYPE }}_${{ env.TARGET_ARCH }}
    - name: Download Src Artifacts
-      uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131
+      uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093
      with:
        name: src_artifacts_linux_${{ env.TARGET_ARCH }}
        path: ./src_artifacts_linux_${{ env.TARGET_ARCH }}
@@ -96,9 +92,7 @@ jobs:
        done
  nan-tests:
    name: Run Nan Tests
-    runs-on: electron-arc-centralus-linux-amd64-4core
-    permissions:
-      contents: read
+    runs-on: electron-arc-linux-amd64-4core
    timeout-minutes: 30
    env: 
      TARGET_ARCH: ${{ inputs.target-arch }}
@@ -106,7 +100,7 @@ jobs:
    container: ${{ fromJSON(inputs.test-container) }}
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -121,12 +115,12 @@ jobs:
    - name: Install Dependencies
      uses: ./src/electron/.github/actions/install-dependencies
    - name: Download Generated Artifacts
-      uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131
+      uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093
      with:
        name: generated_artifacts_${{ env.BUILD_TYPE }}_${{ env.TARGET_ARCH }}
        path: ./generated_artifacts_${{ env.BUILD_TYPE }}_${{ env.TARGET_ARCH }}
    - name: Download Src Artifacts
-      uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131
+      uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093
      with:
        name: src_artifacts_linux_${{ env.TARGET_ARCH }}
        path: ./src_artifacts_linux_${{ env.TARGET_ARCH }}
@@ -138,16 +132,10 @@ jobs:
        unzip -:o dist.zip
    - name: Setup Linux for Headless Testing
      run: sh -e /etc/init.d/xvfb start
-    - name: Add Clang problem matcher
-      shell: bash
-      run: echo "::add-matcher::src/electron/.github/problem-matchers/clang.json"
    - name: Run Nan Tests
      run: |
        cd src
        node electron/script/nan-spec-runner.js
-    - name: Remove Clang problem matcher
-      shell: bash
-      run: echo "::remove-matcher owner=clang::"
    - name: Wait for active SSH sessions
      shell: bash
      if: always() && !cancelled()
--- a/.github/workflows/pull-request-labeled.yml
+++ b/.github/workflows/pull-request-labeled.yml
@@ -11,28 +11,23 @@ jobs:
    name: backport/requested label added
    if: github.event.label.name == 'backport/requested 🗳'
    runs-on: ubuntu-latest
-    permissions: {}
    steps:
      - name: Trigger Slack workflow
-        uses: slackapi/slack-github-action@91efab103c0de0a537f72a35f6b8cda0ee76bf0a # v2.1.1
+        uses: slackapi/slack-github-action@b0fa283ad8fea605de13dc3f449259339835fc52 # v2.1.0
        with:
          webhook: ${{ secrets.BACKPORT_REQUESTED_SLACK_WEBHOOK_URL }} 
          webhook-type: webhook-trigger
          payload: |
            {
-              "base_ref": ${{ toJSON(github.event.pull_request.base.ref) }},
-              "title": ${{ toJSON(github.event.pull_request.title) }},
-              "url": ${{ toJSON(github.event.pull_request.html_url) }},
-              "user": ${{ toJSON(github.event.pull_request.user.login) }}
+              "url": "${{ github.event.pull_request.html_url }}"
            }
  pull-request-labeled-deprecation-review-complete:
    name: deprecation-review/complete label added
    if: github.event.label.name == 'deprecation-review/complete ✅'
    runs-on: ubuntu-latest
-    permissions: {}
    steps:
      - name: Generate GitHub App token
-        uses: electron/github-app-auth-action@e14e47722ed120360649d0789e25b9baece12725 # v2.0.0
+        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
        id: generate-token
        with:
          creds: ${{ secrets.RELEASE_BOARD_GH_APP_CREDS }}
@@ -44,35 +39,3 @@ jobs:
          project-number: 94
          field: Status
          field-value: ✅ Reviewed
-  pull-request-labeled-ai-pr:
-    name: ai-pr label added
-    if: github.event.label.name == 'ai-pr'
-    runs-on: ubuntu-latest
-    permissions: {}
-    steps:
-    - name: Generate GitHub App token
-      uses: electron/github-app-auth-action@e14e47722ed120360649d0789e25b9baece12725 # v2.0.0
-      id: generate-token
-      with:
-        creds: ${{ secrets.ISSUE_TRIAGE_GH_APP_CREDS }}
-    - name: Create comment
-      uses: actions-cool/issues-helper@e2ff99831a4f13625d35064e2b3dfe65c07a0396 # v3.7.5
-      with:
-        actions: 'create-comment'
-        token: ${{ steps.generate-token.outputs.token }}
-        issue-number: ${{ github.event.pull_request.number }}
-        body: |
-          <!-- ai-pr -->
-
-          *AI PR Detected*
-
-          Hello @${{ github.event.pull_request.user.login }}. Due to the high amount of AI spam PRs we receive, if a PR is detected to be majority AI-generated without disclosure and untested, we will automatically close the PR.
-
-          We welcome the use of AI tools, as long as the PR meets our quality standards and has clearly been built and tested. If you believe your PR was closed in error, we welcome you to resubmit. However, please read our [CONTRIBUTING.md](http://contributing.md/) carefully before reopening. Thanks for your contribution.
-    - name: Close the pull request
-      env:
-        GITHUB_TOKEN: ${{ steps.generate-token.outputs.token }}
-        GH_REPO: electron/electron
-        PR_NUMBER: ${{ github.event.pull_request.number }}
-      run: |
-        gh pr close "$PR_NUMBER"
--- a/.github/workflows/rerun-apply-patches.yml
+++ b/.github/workflows/rerun-apply-patches.yml
@@ -1,71 +0,0 @@
-name: Rerun PR Apply Patches
-
-on:
-  push:
-    branches:
-      - main
-      - '[1-9][0-9]-x-y'
-    paths:
-      - 'DEPS'
-      - 'patches/**'
-
-permissions: {}
-
-jobs:
-  rerun-apply-patches:
-    runs-on: ubuntu-latest
-    permissions:
-      actions: write
-      checks: read
-      contents: read
-      pull-requests: read
-    steps:
-      - name: Find PRs and Rerun Apply Patches
-        env:
-          GH_REPO: ${{ github.repository }}
-          GH_TOKEN: ${{ github.token }}
-        run: |
-          BRANCH="${GITHUB_REF#refs/heads/}"
-
-          # Find all open PRs targeting this branch
-          PRS=$(gh pr list --base "$BRANCH" --state open --limit 250 --json number)
-
-          echo "$PRS" | jq -c '.[]' | while read -r pr; do
-            PR_NUMBER=$(echo "$pr" | jq -r '.number')
-            echo "Processing PR #${PR_NUMBER}"
-
-            # Find the Apply Patches workflow check for this PR
-            CHECK=$(gh pr view "$PR_NUMBER" --json statusCheckRollup --jq '[.statusCheckRollup[] | select(.workflowName == "Apply Patches" and .name == "apply-patches")] | first')
-
-            if [ -z "$CHECK" ] || [ "$CHECK" = "null" ]; then
-              echo "  No Apply Patches workflow found for PR #${PR_NUMBER}"
-              continue
-            fi
-
-            CONCLUSION=$(echo "$CHECK" | jq -r '.conclusion')
-            if [ "$CONCLUSION" = "SKIPPED" ]; then
-              echo "  apply-patches job was skipped for PR #${PR_NUMBER} (no patches)"
-              continue
-            fi
-
-            LINK=$(echo "$CHECK" | jq -r '.detailsUrl')
-
-            # Extract the run ID from the link (format: .../runs/RUN_ID/job/JOB_ID)
-            RUN_ID=$(echo "$LINK" | grep -oE 'runs/[0-9]+' | cut -d'/' -f2)
-
-            if [ -z "$RUN_ID" ]; then
-              echo "  Could not extract run ID from link: ${LINK}"
-              continue
-            fi
-
-            # Check if the workflow is currently in progress
-            RUN_STATUS=$(gh run view "$RUN_ID" --json status --jq '.status')
-
-            if [ "$RUN_STATUS" = "in_progress" ] || [ "$RUN_STATUS" = "queued" ] || [ "$RUN_STATUS" = "waiting" ]; then
-              echo "  Workflow run ${RUN_ID} is ${RUN_STATUS}, cancelling..."
-              gh run cancel "$RUN_ID" --force
-              gh run watch "$RUN_ID"
-            fi
-
-            gh run rerun "$RUN_ID"
-          done
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -13,7 +13,6 @@ permissions: read-all
 jobs:
  analysis:
    name: Scorecards analysis
-    if: github.repository == 'electron/electron'
    runs-on: ubuntu-latest
    permissions:
      # Needed to upload the results to code-scanning dashboard.
@@ -23,13 +22,13 @@ jobs:

    steps:
      - name: "Checkout code"
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          persist-credentials: false

      # This is a pre-submit / pre-release.
      - name: "Run analysis"
-        uses: ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a # v2.4.3
+        uses: ossf/scorecard-action@f49aabe0b5af0936a0987cfb85d86b75731b0186 # v2.4.1
        with:
          results_file: results.sarif
          results_format: sarif
@@ -43,7 +42,7 @@ jobs:
      # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
      # format to the repository Actions tab.
      - name: "Upload artifact"
-        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
        with:
          name: SARIF file
          path: results.sarif
@@ -51,6 +50,6 @@ jobs:

      # Upload the results to GitHub's code scanning dashboard.
      - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v3.29.5
+        uses: github/codeql-action/upload-sarif@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15
        with:
          sarif_file: results.sarif
--- a/.github/workflows/semantic.yml
+++ b/.github/workflows/semantic.yml
@@ -7,7 +7,8 @@ on:
      - edited
      - synchronize

-permissions: {}
+permissions:
+  contents: read

 jobs:
  main:
@@ -18,7 +19,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: semantic-pull-request
-        uses: amannn/action-semantic-pull-request@48f256284bd46cdaab1048c3721360e808335d50 # v6.1.1
+        uses: amannn/action-semantic-pull-request@0723387faaf9b38adef4775cd42cfd5155ed6017 # v5.5.3
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
--- a/.github/workflows/stable-prep-items.yml
+++ b/.github/workflows/stable-prep-items.yml
@@ -10,12 +10,10 @@ permissions: {}
 jobs:
  check-stable-prep-items:
    name: Check Stable Prep Items
-    if: github.repository == 'electron/electron'
    runs-on: ubuntu-latest
-    permissions: {}
    steps:
      - name: Generate GitHub App token
-        uses: electron/github-app-auth-action@e14e47722ed120360649d0789e25b9baece12725 # v2.0.0
+        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
        id: generate-token
        with:
          creds: ${{ secrets.RELEASE_BOARD_GH_APP_CREDS }}
--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@@ -9,16 +9,14 @@ permissions: {}

 jobs:
  stale:
-    if: github.repository == 'electron/electron'
    runs-on: ubuntu-latest
-    permissions: {}
    steps:
      - name: Generate GitHub App token
-        uses: electron/github-app-auth-action@e14e47722ed120360649d0789e25b9baece12725 # v2.0.0
+        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
        id: generate-token
        with:
          creds: ${{ secrets.ISSUE_TRIAGE_GH_APP_CREDS }}
-      - uses: actions/stale@997185467fa4f803885201cee163a9f38240193d # tag: v10.1.1
+      - uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 # tag: v9.1.0
        with:
          repo-token: ${{ steps.generate-token.outputs.token }}
          days-before-stale: 90
@@ -29,20 +27,19 @@ jobs:
            This issue has been automatically marked as stale. **If this issue is still affecting you, please leave any comment** (for example, "bump"), and we'll keep it open. If you have any new additional information—in particular, if this is still reproducible in the [latest version of Electron](https://www.electronjs.org/releases/stable) or in the [beta](https://www.electronjs.org/releases/beta)—please include it with your comment!
          close-issue-message: >
            This issue has been closed due to inactivity, and will not be monitored.  If this is a bug and you can reproduce this issue on a [supported version of Electron](https://www.electronjs.org/docs/latest/tutorial/electron-timelines#timeline) please open a new issue and include instructions for reproducing the issue.
-          exempt-issue-labels: "discussion,security \U0001F512,enhancement :sparkles:,status/confirmed,stale-exempt,upgrade-follow-up,tracking-upstream"
+          exempt-issue-labels: "discussion,security \U0001F512,enhancement :sparkles:,status/confirmed,stale-exempt"
          only-pr-labels: not-a-real-label
  pending-repro:
    runs-on: ubuntu-latest
-    permissions: {}
-    if: ${{ always() && github.repository == 'electron/electron' }}
+    if: ${{ always() }}
    needs: stale
    steps:
      - name: Generate GitHub App token
-        uses: electron/github-app-auth-action@e14e47722ed120360649d0789e25b9baece12725 # v2.0.0
+        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
        id: generate-token
        with:
          creds: ${{ secrets.ISSUE_TRIAGE_GH_APP_CREDS }}
-      - uses: actions/stale@997185467fa4f803885201cee163a9f38240193d # tag: v10.1.1
+      - uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 # tag: v9.1.0
        with:
          repo-token: ${{ steps.generate-token.outputs.token }}
          days-before-stale: -1
--- a/.github/workflows/update-website-docs.yml
+++ b/.github/workflows/update-website-docs.yml
@@ -1,39 +0,0 @@
-name: Update Website Docs
-
-on:
-  release:
-    types: [published]
-
-permissions: {}
-
-jobs:
-  update-website-docs:
-    name: Update Website Docs
-    runs-on: ubuntu-latest
-    environment: website-docs-updater
-    permissions:
-      contents: read
-      id-token: write # needed for secret-service-action
-    steps:
-      - name: Get GitHub App token
-        id: secret-service
-        uses: electron/secret-service-action@3476425e8b30555aac15b1b7096938e254b0e155 # v1.0.0
-      - name: Check if this release is the latest
-        id: check-if-latest-release
-        env:
-          GH_REPO: electron/electron
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          LATEST_RELEASE_TAG="$(gh release view --json tagName --jq '.tagName')"
-          if [ "$LATEST_RELEASE_TAG" = "${GITHUB_REF#refs/tags/}" ]; then
-            echo "isLatestRelease=true" >> $GITHUB_OUTPUT
-          else
-            echo "isLatestRelease=false" >> $GITHUB_OUTPUT
-          fi
-      - name: Trigger website docs update
-        if: ${{ steps.check-if-latest-release.outputs.isLatestRelease }}
-        env:
-          GH_REPO: electron/website
-          GH_TOKEN: ${{ fromJSON(steps.secret-service.outputs.secrets).WEBSITE_DOCS_UPDATER_APP_TOKEN }}
-        run: |
-          gh workflow run update-docs.yml -f sha=$GITHUB_SHA
--- a/.github/workflows/windows-publish.yml
+++ b/.github/workflows/windows-publish.yml
@@ -6,7 +6,7 @@ on:
      build-image-sha:
        type: string
        description: 'SHA for electron/build image'
-        default: 'a82b87d7a4f5ff0cab61405f8151ac4cf4942aeb'
+        default: '424eedbf277ad9749ffa9219068aa72ed4a5e373'
        required: true
      upload-to-storage:
        description: 'Uploads to Azure storage'
@@ -18,14 +18,9 @@ on:
        type: boolean
        default: false

-permissions: {}
-
 jobs:
  checkout-windows:
-    if: github.repository == 'electron/electron'
-    runs-on: electron-arc-centralus-linux-amd64-32core
-    permissions:
-      contents: read
+    runs-on: electron-arc-linux-amd64-32core
    container:
      image: ghcr.io/electron/build:${{ inputs.build-image-sha }}
      options: --user root --device /dev/fuse --cap-add SYS_ADMIN
@@ -41,7 +36,7 @@ jobs:
      build-image-sha: ${{ inputs.build-image-sha }}
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -52,16 +47,11 @@ jobs:
        target-platform: win

  publish-x64-win:
-    uses: ./.github/workflows/pipeline-segment-electron-publish.yml
-    permissions:
-      artifact-metadata: write
-      attestations: write
-      contents: read
-      id-token: write
+    uses: ./.github/workflows/pipeline-segment-electron-build.yml
    needs: checkout-windows
    with:
      environment: production-release
-      build-runs-on: electron-arc-centralus-windows-amd64-16core
+      build-runs-on: electron-arc-windows-amd64-16core
      target-platform: win
      target-arch: x64
      is-release: true
@@ -71,16 +61,11 @@ jobs:
    secrets: inherit

  publish-arm64-win:
-    uses: ./.github/workflows/pipeline-segment-electron-publish.yml
-    permissions:
-      artifact-metadata: write
-      attestations: write
-      contents: read
-      id-token: write
+    uses: ./.github/workflows/pipeline-segment-electron-build.yml
    needs: checkout-windows
    with:
      environment: production-release
-      build-runs-on: electron-arc-centralus-windows-amd64-16core
+      build-runs-on: electron-arc-windows-amd64-16core
      target-platform: win
      target-arch: arm64
      is-release: true
@@ -90,16 +75,11 @@ jobs:
    secrets: inherit

  publish-x86-win:
-    uses: ./.github/workflows/pipeline-segment-electron-publish.yml
-    permissions:
-      artifact-metadata: write
-      attestations: write
-      contents: read
-      id-token: write
+    uses: ./.github/workflows/pipeline-segment-electron-build.yml
    needs: checkout-windows
    with:
      environment: production-release
-      build-runs-on: electron-arc-centralus-windows-amd64-16core
+      build-runs-on: electron-arc-windows-amd64-16core
      target-platform: win
      target-arch: x86
      is-release: true
--- a/.gitignore
+++ b/.gitignore
@@ -53,5 +53,3 @@ ts-gen
 patches/mtime-cache.json

 spec/fixtures/logo.png
-
-.yarn/install-state.gz
--- a/.husky/pre-commit
+++ b/.husky/pre-commit
@@ -1 +1,4 @@
+#!/bin/sh
+. "$(dirname "$0")/_/husky.sh"
+
 npm run precommit
--- a/.husky/pre-push
+++ b/.husky/pre-push
@@ -1 +1,4 @@
+#!/bin/sh
+. "$(dirname "$0")/_/husky.sh"
+
 npm run prepack
--- a/.markdownlint-cli2.jsonc
+++ b/.markdownlint-cli2.jsonc
@@ -21,9 +21,7 @@
        "ul",
        "unknown",
        "Tabs",
-        "TabItem",
-        "DocCardList",
-        "kbd"
+        "TabItem"
      ]
    },
    "no-newline-in-links": true
--- a/.nvmrc
+++ b/.nvmrc
@@ -1 +1 @@
-22
+20
--- a/.yarn/releases/yarn-4.12.0.cjs
+++ b/.yarn/releases/yarn-4.12.0.cjs
--- a/.yarnrc.yml
+++ b/.yarnrc.yml
@@ -1,12 +0,0 @@
-enableScripts: false
-
-nmHoistingLimits: workspaces
-
-nodeLinker: node-modules
-
-npmMinimalAgeGate: 10080
-
-npmPreapprovedPackages:
-  - "@electron/*"
-
-yarnPath: .yarn/releases/yarn-4.12.0.cjs
--- a/BUILD.gn
+++ b/BUILD.gn
@@ -4,9 +4,9 @@ import("//build/config/win/manifest.gni")
 import("//components/os_crypt/sync/features.gni")
 import("//components/spellcheck/spellcheck_build_features.gni")
 import("//content/public/app/mac_helpers.gni")
-import("//content/public/common/features.gni")
 import("//extensions/buildflags/buildflags.gni")
 import("//pdf/features.gni")
+import("//ppapi/buildflags/buildflags.gni")
 import("//printing/buildflags/buildflags.gni")
 import("//testing/test.gni")
 import("//third_party/electron_node/node.gni")
@@ -38,13 +38,12 @@ if (is_mac) {
  import("build/rules.gni")

  assert(
-      mac_deployment_target == "12.0",
-      "Chromium has updated the mac_deployment_target, please update this assert and flag this as a breaking change (docs/breaking-changes.md)")
+      mac_deployment_target == "11.0",
+      "Chromium has updated the mac_deployment_target, please update this assert, update the supported versions documentation (docs/tutorial/support.md) and flag this as a breaking change")
 }

 if (is_linux) {
  import("//build/config/linux/pkg_config.gni")
-  import("//electron/build/linux/strip_binary.gni")
  import("//tools/generate_stubs/rules.gni")

  pkg_config("gio_unix") {
@@ -446,7 +445,6 @@ source_set("electron_lib") {
    "shell/services/node/public/mojom",
    "//base:base_static",
    "//base/allocator:buildflags",
-    "//build/util:chromium_git_revision",
    "//chrome:strings",
    "//chrome/app:command_ids",
    "//chrome/app/resources:platform_locale_settings",
@@ -454,7 +452,7 @@ source_set("electron_lib") {
    "//components/certificate_transparency",
    "//components/compose:buildflags",
    "//components/embedder_support:user_agent",
-    "//components/input",
+    "//components/input:input",
    "//components/language/core/browser",
    "//components/net_log",
    "//components/network_hints/browser",
@@ -481,14 +479,13 @@ source_set("electron_lib") {
    "//device/bluetooth",
    "//device/bluetooth/public/cpp",
    "//gin",
-    "//gpu/ipc/client",
    "//media/capture/mojom:video_capture",
    "//media/mojo/mojom",
    "//media/mojo/mojom:web_speech_recognition",
    "//net:extras",
    "//net:net_resources",
    "//printing/buildflags",
-    "//services/device/public/cpp/bluetooth",
+    "//services/device/public/cpp/bluetooth:bluetooth",
    "//services/device/public/cpp/geolocation",
    "//services/device/public/cpp/hid",
    "//services/device/public/mojom",
@@ -502,7 +499,6 @@ source_set("electron_lib") {
    "//third_party/blink/public/platform/media",
    "//third_party/boringssl",
    "//third_party/electron_node:libnode",
-    "//third_party/highway:libhwy",
    "//third_party/inspector_protocol:crdtp",
    "//third_party/leveldatabase",
    "//third_party/libyuv",
@@ -522,15 +518,10 @@ source_set("electron_lib") {
    "//v8:v8_libplatform",
  ]

-  if (v8_use_external_startup_data && use_v8_context_snapshot) {
-    deps += [ ":mksnapshot_checksum_gen" ]
-  }
-
  public_deps = [
    "//base",
    "//base:i18n",
    "//content/public/app",
-    "//ui/base/unowned_user_data",
  ]

  include_dirs = [
@@ -590,14 +581,7 @@ source_set("electron_lib") {
  }

  if (is_mac) {
-    # Disable C++ modules to resolve linking error when including MacOS SDK
-    # headers from third_party/electron_node/deps/uv/include/uv/darwin.h
-    # TODO(samuelmaddock): consider revisiting this in the future
-    use_libcxx_modules = false
-
    deps += [
-      "//components/os_crypt/async/browser:keychain_key_provider",
-      "//components/os_crypt/common:keychain_password_mac",
      "//components/remote_cocoa/app_shim",
      "//components/remote_cocoa/browser",
      "//content/browser:mac_helpers",
@@ -659,9 +643,6 @@ source_set("electron_lib") {
      ":libnotify_loader",
      "//build/config/linux/gtk",
      "//components/crash/content/browser",
-      "//components/os_crypt/async/browser:freedesktop_secret_key_provider",
-      "//components/os_crypt/async/browser:posix_key_provider",
-      "//components/os_crypt/async/browser:secret_portal_key_provider",
      "//dbus",
      "//device/bluetooth",
      "//third_party/crashpad/crashpad/client",
@@ -669,7 +650,6 @@ source_set("electron_lib") {
      "//ui/events/devices/x11",
      "//ui/events/platform/x11",
      "//ui/gtk:gtk_config",
-      "//ui/linux:display_server_utils",
      "//ui/linux:linux_ui",
      "//ui/linux:linux_ui_factory",
      "//ui/wm",
@@ -702,8 +682,7 @@ source_set("electron_lib") {
    deps += [
      "//components/app_launch_prefetch",
      "//components/crash/core/app:crash_export_thunks",
-      "//components/os_crypt/async/browser:dpapi_key_provider",
-      "//third_party/libxml:xml_writer",
+      "//ui/native_theme:native_theme_browser",
      "//ui/wm",
      "//ui/wm/public",
    ]
@@ -748,7 +727,7 @@ source_set("electron_lib") {
      "shell/common/extensions/api:extensions_features",
      "//chrome/browser/resources:component_extension_resources",
      "//components/guest_view/common:mojom",
-      "//components/update_client",
+      "//components/update_client:update_client",
      "//components/zoom",
      "//extensions/browser",
      "//extensions/browser/api:api_provider",
@@ -770,13 +749,11 @@ source_set("electron_lib") {
  if (enable_pdf_viewer) {
    deps += [
      "//chrome/browser/resources/pdf:resources",
-      "//chrome/browser/ui:browser_element_identifiers",
      "//components/pdf/browser",
      "//components/pdf/browser:interceptors",
      "//components/pdf/common:constants",
      "//components/pdf/common:util",
      "//components/pdf/renderer",
-      "//components/user_education/webui",
      "//pdf",
      "//pdf:content_restriction",
    ]
@@ -795,18 +772,6 @@ source_set("electron_lib") {
  }
 }

-action("mksnapshot_checksum_gen") {
-  script = "build/checksum_header.py"
-
-  outputs = [ "$target_gen_dir/snapshot_checksum.h" ]
-  inputs = [ "$root_out_dir/$v8_context_snapshot_filename" ]
-  args = rebase_path(inputs)
-
-  args += rebase_path(outputs)
-
-  deps = [ "//tools/v8_context_snapshot" ]
-}
-
 electron_paks("packed_resources") {
  if (is_mac) {
    output_dir = "$root_gen_dir/electron_repack"
@@ -850,7 +815,7 @@ if (is_mac) {
      sources = []
      public_deps = []
      sources += [ "$root_out_dir/libffmpeg.dylib" ]
-      public_deps += [ "//third_party/ffmpeg" ]
+      public_deps += [ "//third_party/ffmpeg:ffmpeg" ]
      outputs = [ "{{bundle_contents_dir}}/Libraries/{{source_file_part}}" ]
    }
  } else {
@@ -1265,7 +1230,7 @@ if (is_mac) {
    }

    if (use_v8_context_snapshot) {
-      public_deps = [ "//tools/v8_context_snapshot" ]
+      public_deps = [ "//tools/v8_context_snapshot:v8_context_snapshot" ]
    }

    if (is_linux) {
@@ -1444,18 +1409,6 @@ dist_zip("electron_dist_zip") {
    ":licenses",
  ]
  if (is_linux) {
-    if (is_official_build) {
-      data_deps += [
-        ":strip_chrome_crashpad_handler",
-        ":strip_chrome_sandbox",
-        ":strip_electron_binary",
-        ":strip_libEGL_shlib",
-        ":strip_libGLESv2_shlib",
-        ":strip_libffmpeg_shlib",
-        ":strip_libvk_swiftshader_shlib",
-      ]
-    }
-
    data_deps += [ "//sandbox/linux:chrome_sandbox" ]
  }
  deps = data_deps
@@ -1501,16 +1454,6 @@ group("electron_mksnapshot") {

 dist_zip("electron_mksnapshot_zip") {
  data_deps = mksnapshot_deps
-  if (is_linux && is_official_build) {
-    data_deps += [
-      ":strip_libEGL_shlib",
-      ":strip_libGLESv2_shlib",
-      ":strip_libffmpeg_shlib",
-      ":strip_libvk_swiftshader_shlib",
-      ":strip_mksnapshot_binary",
-      ":strip_v8_context_snapshot_generator_binary",
-    ]
-  }
  deps = data_deps
  outputs = [ "$root_build_dir/mksnapshot.zip" ]
 }
@@ -1635,101 +1578,3 @@ group("copy_node_headers") {
 group("node_headers") {
  public_deps = [ ":tar_node_headers" ]
 }
-
-group("testing_build") {
-  public_deps = [
-    ":electron_dist_zip",
-    ":electron_mksnapshot_zip",
-    ":node_headers",
-  ]
-}
-
-group("release_build") {
-  public_deps = [ ":testing_build" ]
-  if (is_official_build) {
-    public_deps += [ ":electron_symbols" ]
-  }
-  if (is_linux) {
-    public_deps += [
-      ":hunspell_dictionaries_zip",
-      ":libcxx_headers_zip",
-      ":libcxx_objects_zip",
-      ":libcxxabi_headers_zip",
-    ]
-  }
-}
-
-if (is_linux && is_official_build) {
-  strip_binary("strip_electron_binary") {
-    binary_input = "$root_out_dir/$electron_project_name"
-    symbol_output = "$root_out_dir/debug/$electron_project_name.debug"
-    compress_debug_sections = true
-    deps = [ ":electron_app" ]
-  }
-
-  strip_binary("strip_chrome_crashpad_handler") {
-    binary_input = "$root_out_dir/chrome_crashpad_handler"
-    symbol_output = "$root_out_dir/debug/chrome_crashpad_handler.debug"
-    compress_debug_sections = true
-    deps = [ "//components/crash/core/app:chrome_crashpad_handler" ]
-  }
-
-  strip_binary("strip_chrome_sandbox") {
-    binary_input = "$root_out_dir/chrome_sandbox"
-    symbol_output = "$root_out_dir/debug/chrome-sandbox.debug"
-    compress_debug_sections = true
-    deps = [ "//sandbox/linux:chrome_sandbox" ]
-  }
-
-  strip_binary("strip_libEGL_shlib") {
-    binary_input = "$root_out_dir/libEGL.so"
-    symbol_output = "$root_out_dir/debug/libEGL.so.debug"
-    compress_debug_sections = true
-    deps = [ "//third_party/angle:libEGL" ]
-  }
-
-  strip_binary("strip_libGLESv2_shlib") {
-    binary_input = "$root_out_dir/libGLESv2.so"
-    symbol_output = "$root_out_dir/debug/libGLESv2.so.debug"
-    compress_debug_sections = true
-    deps = [ "//third_party/angle:libGLESv2" ]
-  }
-
-  strip_binary("strip_libffmpeg_shlib") {
-    binary_input = "$root_out_dir/libffmpeg.so"
-    symbol_output = "$root_out_dir/debug/libffmpeg.so.debug"
-    compress_debug_sections = true
-    deps = [ "//third_party/ffmpeg" ]
-  }
-
-  strip_binary("strip_libvk_swiftshader_shlib") {
-    binary_input = "$root_out_dir/libvk_swiftshader.so"
-    symbol_output = "$root_out_dir/debug/libvk_swiftshader.so.debug"
-    compress_debug_sections = true
-    deps = [ "//third_party/swiftshader/src/Vulkan:swiftshader_libvulkan" ]
-  }
-
-  strip_binary("strip_mksnapshot_binary") {
-    _binary_path = rebase_path(
-            get_label_info(
-                    ":v8_context_snapshot_generator($v8_snapshot_toolchain)",
-                    "root_out_dir") + "/mksnapshot",
-            root_build_dir)
-    binary_input = "$root_out_dir/$_binary_path"
-    symbol_output = "$root_out_dir/debug/${_binary_path}.debug"
-    compress_debug_sections = true
-    deps = mksnapshot_deps
-  }
-
-  strip_binary("strip_v8_context_snapshot_generator_binary") {
-    _binary_path = rebase_path(
-            get_label_info(
-                    ":v8_context_snapshot_generator($v8_snapshot_toolchain)",
-                    "root_out_dir") + "/v8_context_snapshot_generator",
-            root_build_dir)
-    binary_input = "$root_out_dir/$_binary_path"
-    symbol_output = "$root_out_dir/debug/${_binary_path}.debug"
-    compress_debug_sections = true
-    deps = mksnapshot_deps
-  }
-}
--- a/CLAUDE.md
+++ b/CLAUDE.md
@@ -1,226 +0,0 @@
-# Electron Development Guide
-
-## Project Overview
-
-Electron is a framework for building cross-platform desktop applications using web technologies. It embeds Chromium for rendering and Node.js for backend functionality.
-
-## Directory Structure
-
-```text
-electron/                 # This repo (run `e` commands here)
-├── shell/               # Core C++ application code
-│   ├── browser/         # Main process implementation (107+ API modules)
-│   ├── renderer/        # Renderer process code
-│   ├── common/          # Shared code between processes
-│   ├── app/             # Application entry points
-│   └── services/        # Node.js service integration
-├── lib/                 # TypeScript/JavaScript library code
-│   ├── browser/         # Main process JS (47 API implementations)
-│   ├── renderer/        # Renderer process JS
-│   └── common/          # Shared JS modules
-├── patches/             # Patches for upstream dependencies
-│   ├── chromium/        # ~159 patches to Chromium
-│   ├── node/            # ~48 patches to Node.js
-│   └── ...              # Other targets (v8, boringssl, etc.)
-├── spec/                # Test suite (1189+ TypeScript test files)
-├── docs/                # API documentation and guides
-├── build/               # Build configuration
-├── script/              # Build and automation scripts
-└── chromium_src/        # Chromium source overrides
-../                      # Parent directory is Chromium source
-```
-
-## Build Tools Setup
-
-Electron uses `@electron/build-tools` for development. The `e` command is the primary CLI.
-
-**Installation:**
-
-```bash
-npm i -g @electron/build-tools
-```
-
-**Configuration location:** `~/.electron_build_tools/configs/`
-
-## Essential Commands
-
-### Configuration Management
-
-| Command | Purpose |
-|---------|---------|
-| `e init <name> --root=<path> --bootstrap testing` | Create new build config and sync |
-| `e use <name>` | Switch to a different build configuration |
-| `e show current` | Display active configuration name |
-| `e show configs` | List all available configurations |
-
-### Build & Development Loop
-
-| Command | Purpose |
-|---------|---------|
-| `e sync` | Fetch/update all source code and apply patches |
-| `e sync --3` | Sync with 3-way merge (required for Chromium upgrades) |
-| `e build` | Build Electron (runs GN + Ninja) |
-| `e build -k 999` | Build and continue on errors (up to 999) |
-| `e build -t <target>` | Build specific target (e.g., `electron:node_headers`) |
-| `e start` | Run the built Electron executable |
-| `e start --version` | Verify Electron launches and print version |
-| `e test` | Run the test suite |
-| `e debug` | Run Electron in debugger (lldb on macOS, gdb on Linux) |
-
-### Patch Management
-
-| Command | Purpose |
-|---------|---------|
-| `e patches <target>` | Export patches for a target (chromium, node, v8, etc.) |
-| `e patches all` | Export all patches from all targets |
-| `e patches --list-targets` | List available patch targets |
-
-## Typical Development Workflow
-
-```bash
-# 1. Ensure you're on the right config
-e show current
-
-# 2. Sync to get latest code
-e sync
-
-# 3. Make your changes in shell/ or lib/ or ../
-
-# 4. Build
-e build
-
-# 5. Test your changes (Leave the user to do this, don't run these commands unless asked)
-e start
-e test
-
-# 6. If you modified patched files in Chromium:
-cd ..  # Go to Chromium repo
-git add <files>
-git commit -m "description of change"
-cd electron
-e patches chromium  # Export the patch
-```
-
-## Patches System
-
-Electron patches upstream dependencies (Chromium, Node.js, V8, etc.) to add features or modify behavior.
-
-**How patches work:**
-
-```text
-patches/{target}/*.patch  →  [e sync --3]  →  target repo commits
-                          ←  [e patches]   ←
-```
-
-**Patch configuration:** `patches/config.json` maps patch directories to target repos.
-
-**Key rules:**
-
- Fix existing patches 99% of the time rather than creating new ones
- Preserve original authorship in TODO comments
- Never change TODO assignees (`TODO(name)` must retain original name)
- Each patch file includes commit message explaining its purpose
-
-**Creating/modifying patches:**
-
-1. Make changes in the target repo (e.g., `../` for Chromium)
-2. Create a git commit
-3. Run `e patches <target>` to export
-
-## Testing
-
-**Test location:** `spec/` directory
-
-**Running tests:**
-
-```bash
-e test                    # Run full test suite
-```
-
-**Test frameworks:** Mocha, Chai, Sinon
-
-## Build Configuration
-
-**GN build arguments:** Located in `build/args/`:
-
- `testing.gn` - Debug/testing builds
- `release.gn` - Release builds
- `all.gn` - Common arguments for all builds
-
-**Main build file:** `BUILD.gn`
-
-**Feature flags:** `buildflags/buildflags.gni`
-
-## Chromium Upgrade Workflow
-
-When working on the `roller/chromium/main` branch to upgrade Chromium activate the "Electron Chromium Upgrade" skill.
-
-## Code Style
-
-**C++:** Follows Chromium style, enforced by clang-format
-**TypeScript/JavaScript:** ESLint configuration in `.eslintrc.json`
-
-**Linting:**
-
-```bash
-npm run lint              # Run all linters
-npm run lint:clang-format # C++ formatting
-```
-
-## Key Files
-
-| File | Purpose |
-|------|---------|
-| `BUILD.gn` | Main GN build configuration |
-| `DEPS` | Dependency versions and checkout paths |
-| `patches/config.json` | Patch target configuration |
-| `filenames.gni` | Source file lists by platform |
-| `package.json` | Node.js dependencies and scripts |
-
-## Environment Variables
-
-| Variable | Purpose |
-|----------|---------|
-| `GN_EXTRA_ARGS` | Additional GN arguments (useful in CI) |
-| `ELECTRON_RUN_AS_NODE=1` | Run Electron as Node.js |
-
-## Useful Git Commands for Chromium
-
-```bash
-# Find CL that changed a file
-cd ..
-git log --oneline -10 -- {file}
-git blame -L {start},{end} -- {file}
-
-# Look for Chromium CL reference in commit
-git log -1 {commit_sha}  # Find "Reviewed-on:" line
-
-# Find which patch affects a file
-grep -l "filename.cc" patches/chromium/*.patch
-```
-
-## CI/CD
-
-GitHub Actions workflows in `.github/workflows/`:
-
- `build.yml` - Main build workflow
- `pipeline-electron-lint.yml` - Linting
- `pipeline-segment-electron-test.yml` - Testing
-
-## Common Issues
-
-**Patch conflict during sync:**
-
- Use `e sync --3` for 3-way merge
- Check if file was renamed/moved upstream
- Verify patch is still needed
-
-**Build error in patched file:**
-
- Find the patch: `grep -l "filename" patches/chromium/*.patch`
- Match existing patch style (#if 0 guards, BUILDFLAG conditionals, etc.)
-
-**Remote build issues:**
-
- Try `e build --no-remote` to build locally
- Check reclient/siso configuration in your build config
--- a/13
+++ b/13
@@ -2,17 +2,17 @@ gclient_gn_args_from = 'src'

 vars = {
  'chromium_version':
-    '146.0.7666.0',
+    '138.0.7178.0',
  'node_version':
-    'v24.13.1',
+    'v22.15.1',
  'nan_version':
-    '675cefebca42410733da8a454c8d9391fcebfbc2',
+    'e14bdcd1f72d62bca1d541b66da43130384ec213',
  'squirrel.mac_version':
    '0e5d146ba13101a1302d59ea6e6e0b3cace4ae38',
  'reactiveobjc_version':
    '74ab5baccc6f7202c8ac69a8d1e152c29dc1ea76',
  'mantle_version':
-    '2a8e2123a3931038179ee06105c9e6ec336b12ea',
+    '78d3966b3c331292ea29ec38661b25df0a245948',
  'engflow_reclient_configs_version':
    '955335c30a752e9ef7bff375baab5e0819b6c00d',

@@ -30,6 +30,9 @@ vars = {
  # The path of the sysroots.json file.
  'sysroots_json_path': 'electron/script/sysroots.json',

+  # KEEP IN SYNC WITH utils.js FILE
+  'yarn_version': '1.15.2',
+
  # To be able to build clean Chromium from sources.
  'apply_patches': True,

@@ -152,7 +155,7 @@ hooks = [
    'action': [
      'python3',
      '-c',
-      'import os, subprocess; os.chdir(os.path.join("src", "electron")); subprocess.check_call(["node", ".yarn/releases/yarn-4.12.0.cjs", "install", "--immutable"]);',
+      'import os, subprocess; os.chdir(os.path.join("src", "electron")); subprocess.check_call(["python3", "script/lib/npx.py", "yarn@' + (Var("yarn_version")) + '", "install", "--frozen-lockfile"]);',
    ],
  },
  {
--- a/README.md
+++ b/README.md
@@ -37,24 +37,36 @@ For more installation options and troubleshooting tips, see

 Each Electron release provides binaries for macOS, Windows, and Linux.

-* macOS (Monterey and up): Electron provides 64-bit Intel and Apple Silicon / ARM binaries for macOS.
+* macOS (Big Sur and up): Electron provides 64-bit Intel and Apple Silicon / ARM binaries for macOS.
 * Windows (Windows 10 and up): Electron provides `ia32` (`x86`), `x64` (`amd64`), and `arm64` binaries for Windows. Windows on ARM support was added in Electron 5.0.8. Support for Windows 7, 8 and 8.1 was [removed in Electron 23, in line with Chromium's Windows deprecation policy](https://www.electronjs.org/blog/windows-7-to-8-1-deprecation-notice).
-* Linux: The prebuilt binaries of Electron are built on Ubuntu 22.04. They have also been verified to work on:
+* Linux: The prebuilt binaries of Electron are built on Ubuntu 20.04. They have also been verified to work on:
  * Ubuntu 18.04 and newer
  * Fedora 32 and newer
  * Debian 10 and newer

-## Electron Fiddle
+## Quick start & Electron Fiddle

 Use [`Electron Fiddle`](https://github.com/electron/fiddle)
 to build, run, and package small Electron experiments, to see code examples for all of Electron's APIs, and
 to try out different versions of Electron. It's designed to make the start of your journey with
 Electron easier.

+Alternatively, clone and run the
+[electron/electron-quick-start](https://github.com/electron/electron-quick-start)
+repository to see a minimal Electron app in action:
+
+```sh
+git clone https://github.com/electron/electron-quick-start
+cd electron-quick-start
+npm install
+npm start
+```
+
 ## Resources for learning Electron

 * [electronjs.org/docs](https://electronjs.org/docs) - All of Electron's documentation
 * [electron/fiddle](https://github.com/electron/fiddle) - A tool to build, run, and package small Electron experiments
+* [electron/electron-quick-start](https://github.com/electron/electron-quick-start) - A very basic starter Electron app
 * [electronjs.org/community#boilerplates](https://electronjs.org/community#boilerplates) - Sample starter apps created by the community

 ## Programmatic usage
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -8,12 +8,6 @@ The Electron team will send a response indicating the next steps in handling you

 Report security bugs in third-party modules to the person or team maintaining the module. You can also report a vulnerability through the [npm contact form](https://www.npmjs.com/support) by selecting "I'm reporting a security vulnerability".

-## Escalation
-
-If you do not receive an acknowledgement of your report within 6 business days, or if you cannot find a private security contact for the project, you may escalate to the OpenJS Foundation CNA at `security@lists.openjsf.org`.
-
-If the project acknowledges your report but does not provide any further response or engagement within 14 days, escalation is also appropriate.
-
 ## The Electron Security Notification Process

 For context on Electron's security notification process, please see the [Notifications](https://github.com/electron/governance/blob/main/wg-security/membership-and-notifications.md#notifications) section of the Security WG's [Membership and Notifications](https://github.com/electron/governance/blob/main/wg-security/membership-and-notifications.md) Governance document.
--- a/build/.eslintrc.json
+++ b/build/.eslintrc.json
@@ -1,8 +1,8 @@
 {
  "plugins": [
-    "import"
+    "unicorn"
  ],
  "rules": {
-    "import/enforce-node-protocol-usage": ["error", "always"]
+    "unicorn/prefer-node-protocol": "error"
  }
 }
--- a/build/args/all.gn
+++ b/build/args/all.gn
@@ -2,7 +2,7 @@ is_electron_build = true
 root_extra_deps = [ "//electron" ]

 # Registry of NMVs --> https://github.com/nodejs/node/blob/main/doc/abi_version_registry.json
-node_module_version = 145
+node_module_version = 136

 v8_promise_internal_field_count = 1
 v8_embedder_string = "-electron.0"
@@ -19,15 +19,15 @@ proprietary_codecs = true

 enable_printing = true

-# Refs https://chromium-review.googlesource.com/c/chromium/src/+/6986517
-# CI is using MacOS 15.5 which doesn't have the required modulemaps.
-use_clang_modules = false
-
 # Removes DLLs from the build, which are only meant to be used for Chromium development.
 # See https://github.com/electron/electron/pull/17985
 angle_enable_vulkan_validation_layers = false
 dawn_enable_vulkan_validation_layers = false

+# Removes dxc dll's that are only used experimentally.
+# See https://bugs.chromium.org/p/chromium/issues/detail?id=1474897
+dawn_use_built_dxc = false
+
 # These are disabled because they cause the zip manifest to differ between
 # testing and release builds.
 # See https://chromium-review.googlesource.com/c/chromium/src/+/2774898.
@@ -70,8 +70,6 @@ v8_expose_public_symbols = true
 # sensitive content by enterprise users.
 enterprise_cloud_content_analysis = false

-# We don't use anything from here, and it causes target collisions
-enable_linux_installer = false
-
-# Disable "Save to Drive" feature in PDF viewer
-enable_pdf_save_to_drive = false
+# TODO: remove dependency on legacy ipc
+# https://issues.chromium.org/issues/40943039
+content_enable_legacy_ipc = true
--- a/build/checksum_header.py
+++ b/build/checksum_header.py
@@ -1,37 +0,0 @@
-#!/usr/bin/env python3
-
-import os
-import sys
-import hashlib
-
-dir_path = os.path.dirname(os.path.realpath(__file__))
-
-TEMPLATE_H = """
-#ifndef ELECTRON_SNAPSHOT_CHECKSUM_H_
-#define ELECTRON_SNAPSHOT_CHECKSUM_H_
-
-namespace electron::snapshot_checksum {
-
-inline constexpr std::string_view kChecksum = "{checksum}";
-
-}  // namespace electron::snapshot_checksum
-
-#endif  // ELECTRON_SNAPSHOT_CHECKSUM_H_
-"""
-
-def calculate_sha256(filepath):
-    sha256_hash = hashlib.sha256()
-    with open(filepath, "rb") as f:
-        for byte_block in iter(lambda: f.read(4096), b""):
-            sha256_hash.update(byte_block)
-    return sha256_hash.hexdigest()
-
-input_file = sys.argv[1]
-output_file = sys.argv[2]
-
-checksum = calculate_sha256(input_file)
-
-checksum_h = TEMPLATE_H.replace("{checksum}", checksum)
-
-with open(output_file, 'w') as f:
-    f.write(checksum_h)
--- a/build/linux/strip_binary.gni
+++ b/build/linux/strip_binary.gni
@@ -1,70 +0,0 @@
-# Copyright 2021 The Chromium Authors
-# Use of this source code is governed by a BSD-style license that can be
-# found in the LICENSE file.
-
-# This has been adapted from https://source.chromium.org/chromium/chromium/src/+/main:build/linux/strip_binary.gni;drc=c220a41e0422d45f1657c28146d32e99cc53640b
-# The notable difference is it has an option to compress the debug sections
-
-import("//build/config/clang/clang.gni")
-import("//build/toolchain/toolchain.gni")
-
-# Extracts symbols from a binary into a symbol file.
-#
-# Args:
-#   binary_input: Path to the binary containing symbols to extract, e.g.:
-#       "$root_out_dir/chrome"
-#   symbol_output: Desired output file for symbols, e.g.:
-#       "$root_out_dir/chrome.debug"
-#   stripped_binary_output: Desired output file for stripped file, e.g.:
-#       "$root_out_dir/chrome.stripped"
-#   compress_debug_sections: If true, compress the extracted debug sections
-template("strip_binary") {
-  forward_variables_from(invoker,
-                         [
-                           "deps",
-                           "testonly",
-                         ])
-  action("${target_name}") {
-    llvm_strip_binary = "${clang_base_path}/bin/llvm-strip"
-    llvm_objcopy_binary = "${clang_base_path}/bin/llvm-objcopy"
-    script = "//electron/build/linux/strip_binary.py"
-
-    if (defined(invoker.stripped_binary_output)) {
-      stripped_binary_output = invoker.stripped_binary_output
-    } else {
-      stripped_binary_output = invoker.binary_input + ".stripped"
-    }
-    if (defined(invoker.symbol_output)) {
-      symbol_output = invoker.symbol_output
-    } else {
-      symbol_output = invoker.binary_input + ".debug"
-    }
-
-    inputs = [
-      invoker.binary_input,
-      llvm_strip_binary,
-      llvm_objcopy_binary,
-    ]
-    outputs = [
-      symbol_output,
-      stripped_binary_output,
-    ]
-    args = [
-      "--llvm-strip-binary-path",
-      rebase_path(llvm_strip_binary, root_build_dir),
-      "--llvm-objcopy-binary-path",
-      rebase_path(llvm_objcopy_binary, root_build_dir),
-      "--symbol-output",
-      rebase_path(symbol_output, root_build_dir),
-      "--stripped-binary-output",
-      rebase_path(stripped_binary_output, root_build_dir),
-      "--binary-input",
-      rebase_path(invoker.binary_input, root_build_dir),
-    ]
-
-    if (defined(invoker.compress_debug_sections) &&
-        invoker.compress_debug_sections) {
-      args += [ "--compress-debug-sections" ]
-    }
-  }
-}
--- a/build/linux/strip_binary.py
+++ b/build/linux/strip_binary.py
@@ -1,63 +0,0 @@
-#!/usr/bin/env python3
-#
-# Copyright 2021 The Chromium Authors
-# Use of this source code is governed by a BSD-style license that can be
-# found in the LICENSE file.
-
-# This has been adapted from https://source.chromium.org/chromium/chromium/src/+/main:build/linux/strip_binary.py;drc=c220a41e0422d45f1657c28146d32e99cc53640b
-# The notable difference is it has an option to compress the debug sections
-
-import argparse
-import subprocess
-import sys
-
-
-def main() -> int:
-  parser = argparse.ArgumentParser(description="Strip binary using LLVM tools.")
-  parser.add_argument("--llvm-strip-binary-path",
-                      help="Path to llvm-strip executable.")
-  parser.add_argument("--llvm-objcopy-binary-path",
-                      required=True,
-                      help="Path to llvm-objcopy executable.")
-  parser.add_argument("--binary-input", help="Input ELF binary.")
-  parser.add_argument("--symbol-output",
-                      help="File to write extracted debug info (.debug).")
-  parser.add_argument("--compress-debug-sections",
-                      action="store_true",
-                      help="Compress extracted debug info.")
-  parser.add_argument("--stripped-binary-output",
-                      help="File to write stripped binary.")
-  args = parser.parse_args()
-
-  # Replicate the behavior of:
-  # eu-strip <binary_input> -o <stripped_binary_output> -f <symbol_output>
-
-  objcopy_args = [
-      "--only-keep-debug",
-      args.binary_input,
-      args.symbol_output,
-  ]
-
-  if args.compress_debug_sections:
-    objcopy_args.insert(0, "--compress-debug-sections")
-
-  subprocess.check_output([args.llvm_objcopy_binary_path] + objcopy_args)
-  subprocess.check_output([
-      args.llvm_strip_binary_path,
-      "--strip-debug",
-      "--strip-unneeded",
-      "-o",
-      args.stripped_binary_output,
-      args.binary_input,
-  ])
-  subprocess.check_output([
-      args.llvm_objcopy_binary_path,
-      f"--add-gnu-debuglink={args.symbol_output}",
-      args.stripped_binary_output,
-  ])
-
-  return 0
-
-
-if __name__ == "__main__":
-  sys.exit(main())
--- a/build/rules.gni
+++ b/build/rules.gni
@@ -67,6 +67,10 @@ template("mac_xib_bundle_data") {
    ibtool_flags = [
      "--minimum-deployment-target",
      mac_deployment_target,
+
+      # TODO(rsesek): Enable this once all the bots are on Xcode 7+.
+      # "--target-device",
+      # "mac",
    ]
  }

--- a/build/webpack/webpack.config.base.js
+++ b/build/webpack/webpack.config.base.js
@@ -121,7 +121,6 @@ if ((globalThis.process || binding.process).argv.includes("--profile-electron-in
          'electron/main$': electronAPIFile,
          'electron/renderer$': electronAPIFile,
          'electron/common$': electronAPIFile,
-          'electron/utility$': electronAPIFile,
          // Force timers to resolve to our dependency that doesn't use window.postMessage
          timers: path.resolve(electronRoot, 'node_modules', 'timers-browserify', 'main.js')
        },
@@ -144,9 +143,7 @@ if ((globalThis.process || binding.process).argv.includes("--profile-electron-in
            transpileOnly: onlyPrintingGraph,
            ignoreDiagnostics: [
              // File '{0}' is not under 'rootDir' '{1}'.
-              6059,
-              // Private field '{0}' must be declared in an enclosing class.
-              1111
+              6059
            ]
          }
        }]
--- a/build/zip.py
+++ b/build/zip.py
@@ -41,8 +41,6 @@ PATHS_TO_SKIP = [
  'resources/inspector',
  'gen/third_party/devtools-frontend/src',
  'gen/ui/webui',
-  # Skip because these get zipped separately in script/zip-symbols.py
-  'debug',
 ]

 def skip_path(dep, dist_zip, target_cpu):
@@ -82,11 +80,6 @@ def main(argv):
      dep = dep.strip()
      if not skip_path(dep, dist_zip, target_cpu):
        dist_files.add(dep)
-  # On Linux, filter out any files which have a .stripped companion
-  if sys.platform == 'linux':
-    dist_files = {
-      dep for dep in dist_files if f"{dep.removeprefix('./')}.stripped" not in dist_files
-    }
  if sys.platform == 'darwin' and not should_flatten:
    execute(['zip', '-r', '-y', dist_zip] + list(dist_files))
  else:
@@ -103,13 +96,10 @@ def main(argv):
          dirname = os.path.dirname(dep)
          arcname = (
            os.path.join(dirname, 'chrome-sandbox')
-            if basename.removesuffix('.stripped') == 'chrome_sandbox'
+            if basename == 'chrome_sandbox'
            else dep
          )
          name_to_write = arcname
-          # On Linux, strip the .stripped suffix from the name before zipping
-          if sys.platform == 'linux':
-            name_to_write = name_to_write.removesuffix('.stripped')
          if should_flatten:
            if flatten_relative_to:
              if name_to_write.startswith(flatten_relative_to):
--- a/chromium_src/BUILD.gn
+++ b/chromium_src/BUILD.gn
@@ -23,8 +23,6 @@ static_library("chrome") {
    "//chrome/browser/browser_process.h",
    "//chrome/browser/devtools/devtools_contents_resizing_strategy.cc",
    "//chrome/browser/devtools/devtools_contents_resizing_strategy.h",
-    "//chrome/browser/devtools/devtools_dispatch_http_request_params.cc",
-    "//chrome/browser/devtools/devtools_dispatch_http_request_params.h",
    "//chrome/browser/devtools/devtools_embedder_message_dispatcher.cc",
    "//chrome/browser/devtools/devtools_embedder_message_dispatcher.h",
    "//chrome/browser/devtools/devtools_eye_dropper.cc",
@@ -68,8 +66,6 @@ static_library("chrome") {
    "//chrome/browser/picture_in_picture/picture_in_picture_occlusion_tracker.h",
    "//chrome/browser/picture_in_picture/picture_in_picture_occlusion_tracker_observer.cc",
    "//chrome/browser/picture_in_picture/picture_in_picture_occlusion_tracker_observer.h",
-    "//chrome/browser/picture_in_picture/picture_in_picture_widget_fade_animator.cc",
-    "//chrome/browser/picture_in_picture/picture_in_picture_widget_fade_animator.h",
    "//chrome/browser/picture_in_picture/picture_in_picture_window_manager.cc",
    "//chrome/browser/picture_in_picture/picture_in_picture_window_manager.h",
    "//chrome/browser/picture_in_picture/picture_in_picture_window_manager_uma_helper.cc",
@@ -78,8 +74,14 @@ static_library("chrome") {
    "//chrome/browser/picture_in_picture/scoped_picture_in_picture_occlusion_observation.h",
    "//chrome/browser/platform_util.cc",
    "//chrome/browser/platform_util.h",
+    "//chrome/browser/predictors/preconnect_manager.cc",
+    "//chrome/browser/predictors/preconnect_manager.h",
    "//chrome/browser/predictors/predictors_features.cc",
    "//chrome/browser/predictors/predictors_features.h",
+    "//chrome/browser/predictors/proxy_lookup_client_impl.cc",
+    "//chrome/browser/predictors/proxy_lookup_client_impl.h",
+    "//chrome/browser/predictors/resolve_host_client_impl.cc",
+    "//chrome/browser/predictors/resolve_host_client_impl.h",
    "//chrome/browser/process_singleton.h",
    "//chrome/browser/process_singleton_internal.cc",
    "//chrome/browser/process_singleton_internal.h",
@@ -126,12 +128,8 @@ static_library("chrome") {
    "//chrome/browser/ui/views/overlay/hang_up_button.h",
    "//chrome/browser/ui/views/overlay/minimize_button.cc",
    "//chrome/browser/ui/views/overlay/minimize_button.h",
-    "//chrome/browser/ui/views/overlay/overlay_controls_fade_animation.cc",
-    "//chrome/browser/ui/views/overlay/overlay_controls_fade_animation.h",
    "//chrome/browser/ui/views/overlay/overlay_window_image_button.cc",
    "//chrome/browser/ui/views/overlay/overlay_window_image_button.h",
-    "//chrome/browser/ui/views/overlay/overlay_window_live_caption_button.cc",
-    "//chrome/browser/ui/views/overlay/overlay_window_live_caption_button.h",
    "//chrome/browser/ui/views/overlay/playback_image_button.cc",
    "//chrome/browser/ui/views/overlay/playback_image_button.h",
    "//chrome/browser/ui/views/overlay/resize_handle_button.cc",
@@ -146,10 +144,6 @@ static_library("chrome") {
    "//chrome/browser/ui/views/overlay/toggle_microphone_button.h",
    "//chrome/browser/ui/views/overlay/video_overlay_window_views.cc",
    "//chrome/browser/ui/views/overlay/video_overlay_window_views.h",
-    "//chrome/browser/ui/views/picture_in_picture/picture_in_picture_bounds_change_animation.cc",
-    "//chrome/browser/ui/views/picture_in_picture/picture_in_picture_bounds_change_animation.h",
-    "//chrome/browser/ui/views/picture_in_picture/picture_in_picture_tucker.cc",
-    "//chrome/browser/ui/views/picture_in_picture/picture_in_picture_tucker.h",
    "//chrome/browser/ui/webui/accessibility/accessibility_ui.cc",
    "//chrome/browser/ui/webui/accessibility/accessibility_ui.h",
    "//chrome/browser/usb/usb_blocklist.cc",
@@ -213,7 +207,7 @@ static_library("chrome") {
    "//components/enterprise/common/proto:connectors_proto",
    "//components/enterprise/obfuscation/core:enterprise_obfuscation",
    "//components/safe_browsing/core/browser/db:safebrowsing_proto",
-    "//components/vector_icons",
+    "//components/vector_icons:vector_icons",
    "//ui/base/accelerators/global_accelerator_listener",
    "//ui/snapshot",
    "//ui/views/controls/webview",
@@ -223,8 +217,8 @@ static_library("chrome") {
    sources += [
      "//chrome/browser/platform_util_aura.cc",
      "//chrome/browser/ui/views/eye_dropper/eye_dropper_aura.cc",
-      "//ui/native_window_tracker/native_window_tracker_aura.cc",
-      "//ui/native_window_tracker/native_window_tracker_aura.h",
+      "//ui/views/native_window_tracker_aura.cc",
+      "//ui/views/native_window_tracker_aura.h",
    ]
    deps += [ "//components/eye_dropper" ]
  }
@@ -280,8 +274,6 @@ static_library("chrome") {
      "//chrome/browser/process_singleton_mac.mm",
      "//chrome/browser/ui/views/eye_dropper/eye_dropper_view_mac.h",
      "//chrome/browser/ui/views/eye_dropper/eye_dropper_view_mac.mm",
-      "//chrome/browser/ui/views/overlay/video_overlay_window_native_widget_mac.h",
-      "//chrome/browser/ui/views/overlay/video_overlay_window_native_widget_mac.mm",
    ]
    deps += [ ":system_media_capture_permissions_mac_conflict" ]
  }
@@ -383,8 +375,6 @@ static_library("chrome") {
        "//chrome/browser/pdf/chrome_pdf_stream_delegate.h",
        "//chrome/browser/pdf/pdf_extension_util.cc",
        "//chrome/browser/pdf/pdf_extension_util.h",
-        "//chrome/browser/pdf/pdf_help_bubble_handler_factory.cc",
-        "//chrome/browser/pdf/pdf_help_bubble_handler_factory.h",
        "//chrome/browser/pdf/pdf_viewer_stream_manager.cc",
        "//chrome/browser/pdf/pdf_viewer_stream_manager.h",
        "//chrome/browser/plugins/pdf_iframe_navigation_throttle.cc",
@@ -393,8 +383,6 @@ static_library("chrome") {
      deps += [
        "//components/pdf/browser",
        "//components/pdf/renderer",
-        "//ui/base/interaction",
-        "//ui/webui/resources/cr_components/help_bubble:mojo_bindings",
      ]
    }
  } else {
@@ -508,17 +496,15 @@ source_set("chrome_spellchecker") {
  ]
 }

-if (is_mac) {
-  # These sources create an object file conflict with one in |:chrome|, so they
-  # must live in a separate target.
-  # Conflicting sources:
-  #   //chrome/browser/media/webrtc/system_media_capture_permissions_stats_mac.mm
-  #   //chrome/browser/permissions/system/system_media_capture_permissions_mac.mm
-  source_set("system_media_capture_permissions_mac_conflict") {
-    sources = [
-      "//chrome/browser/permissions/system/system_media_capture_permissions_mac.h",
-      "//chrome/browser/permissions/system/system_media_capture_permissions_mac.mm",
-    ]
-    deps = [ "//chrome/common" ]
-  }
+# These sources create an object file conflict with one in |:chrome|, so they
+# must live in a separate target.
+# Conflicting sources:
+#   //chrome/browser/media/webrtc/system_media_capture_permissions_stats_mac.mm
+#   //chrome/browser/permissions/system/system_media_capture_permissions_mac.mm
+source_set("system_media_capture_permissions_mac_conflict") {
+  sources = [
+    "//chrome/browser/permissions/system/system_media_capture_permissions_mac.h",
+    "//chrome/browser/permissions/system/system_media_capture_permissions_mac.mm",
+  ]
+  deps = [ "//chrome/common" ]
 }
--- a/default_app/.eslintrc.json
+++ b/default_app/.eslintrc.json
@@ -1,8 +1,8 @@
 {
  "plugins": [
-    "import"
+    "unicorn"
  ],
  "rules": {
-    "import/enforce-node-protocol-usage": ["error", "always"]
+    "unicorn/prefer-node-protocol": "error"
  }
 }
--- a/default_app/main.ts
+++ b/default_app/main.ts
@@ -110,9 +110,11 @@ async function loadApplicationPackage (packagePath: string) {
      } else if (packageJson.name) {
        app.name = packageJson.name;
      }
-
-      app.setDesktopName(packageJson.desktopName || `${app.name}.desktop`);
-
+      if (packageJson.desktopName) {
+        app.setDesktopName(packageJson.desktopName);
+      } else {
+        app.setDesktopName(`${app.name}.desktop`);
+      }
      // Set v8 flags, deliberately lazy load so that apps that do not use this
      // feature do not pay the price
      if (packageJson.v8Flags) {
--- a/docs/.eslintrc.json
+++ b/docs/.eslintrc.json
@@ -1,35 +0,0 @@
-{
-  "extends": "standard",
-  "plugins": [
-    "import",
-    "markdown"
-  ],
-  "overrides": [
-    {
-      "files": ["*.md", "**/*.md"],
-      "processor": "markdown/markdown"
-    }
-  ],
-  "rules": {
-    "@typescript-eslint/no-unused-vars": "off",
-    "import/order": ["error", {
-      "alphabetize": {
-        "order": "asc"
-      },
-      "newlines-between": "always",
-      "pathGroups": [
-        {
-          "pattern": "{electron,electron/**}",
-          "group": "builtin",
-          "position": "before"
-        }
-      ],
-      "pathGroupsExcludedImportTypes": []
-    }],
-    "n/no-callback-literal": "off",
-    "no-undef": "off",
-    "no-unused-expressions": "off",
-    "no-unused-vars": "off",
-    "import/enforce-node-protocol-usage": ["error", "always"]
-  }
-}
--- a/docs/README.md
+++ b/docs/README.md
@@ -113,7 +113,6 @@ These individual tutorials expand on topics discussed in the guide above.
 * [dialog](api/dialog.md)
 * [globalShortcut](api/global-shortcut.md)
 * [inAppPurchase](api/in-app-purchase.md)
-* [ImageView](api/image-view.md)
 * [ipcMain](api/ipc-main.md)
 * [Menu](api/menu.md)
 * [MenuItem](api/menu-item.md)
--- a/docs/api/accelerator.md
+++ b/docs/api/accelerator.md
@@ -0,0 +1,82 @@
+# Accelerator
+
+> Define keyboard shortcuts.
+
+Accelerators are strings that can contain multiple modifiers and a single key code,
+combined by the `+` character, and are used to define keyboard shortcuts
+throughout your application. Accelerators are case insensitive.
+
+Examples:
+
+* `CommandOrControl+A`
+* `CommandOrControl+Shift+Z`
+
+Shortcuts are registered with the [`globalShortcut`](global-shortcut.md) module
+using the [`register`](global-shortcut.md#globalshortcutregisteraccelerator-callback)
+method, i.e.
+
+```js
+const { app, globalShortcut } = require('electron')
+
+app.whenReady().then(() => {
+  // Register a 'CommandOrControl+Y' shortcut listener.
+  globalShortcut.register('CommandOrControl+Y', () => {
+    // Do stuff when Y and either Command/Control is pressed.
+  })
+})
+```
+
+## Platform notice
+
+On Linux and Windows, the `Command` key does not have any effect so
+use `CommandOrControl` which represents `Command` on macOS and `Control` on
+Linux and Windows to define some accelerators.
+
+Use `Alt` instead of `Option`. The `Option` key only exists on macOS, whereas
+the `Alt` key is available on all platforms.
+
+The `Super` (or `Meta`) key is mapped to the `Windows` key on Windows and Linux and
+`Cmd` on macOS.
+
+## Available modifiers
+
+* `Command` (or `Cmd` for short)
+* `Control` (or `Ctrl` for short)
+* `CommandOrControl` (or `CmdOrCtrl` for short)
+* `Alt`
+* `Option`
+* `AltGr`
+* `Shift`
+* `Super`
+* `Meta`
+
+## Available key codes
+
+* `0` to `9`
+* `A` to `Z`
+* `F1` to `F24`
+* Various Punctuation: `)`, `!`, `@`, `#`, `$`, `%`, `^`, `&`, `*`, `(`, `:`, `;`, `:`, `+`, `=`, `<`, `,`, `_`, `-`, `>`, `.`, `?`, `/`, `~`, `` ` ``, `{`, `]`, `[`, `|`, `\`, `}`, `"`
+* `Plus`
+* `Space`
+* `Tab`
+* `Capslock`
+* `Numlock`
+* `Scrolllock`
+* `Backspace`
+* `Delete`
+* `Insert`
+* `Return` (or `Enter` as alias)
+* `Up`, `Down`, `Left` and `Right`
+* `Home` and `End`
+* `PageUp` and `PageDown`
+* `Escape` (or `Esc` for short)
+* `VolumeUp`, `VolumeDown` and `VolumeMute`
+* `MediaNextTrack`, `MediaPreviousTrack`, `MediaStop` and `MediaPlayPause`
+* `PrintScreen`
+* NumPad Keys
+  * `num0` - `num9`
+  * `numdec` - decimal key
+  * `numadd` - numpad `+` key
+  * `numsub` - numpad `-` key
+  * `nummult` - numpad `*` key
+  * `numdiv` - numpad `÷` key
--- a/docs/api/app.md
+++ b/docs/api/app.md
@@ -9,7 +9,6 @@ closed:

 ```js
 const { app } = require('electron')
-
 app.on('window-all-closed', () => {
  app.quit()
 })
@@ -421,7 +420,6 @@ Returns:
    * `oom` - Process ran out of memory
    * `launch-failed` - Process never successfully launched
    * `integrity-failure` - Windows code integrity checks failed
-    * `memory-eviction` - Process proactively terminated to prevent a future out-of-memory (OOM) situation
  * `exitCode` number - The exit code for the process
      (e.g. status from waitpid if on POSIX, from GetExitCodeProcess on Windows).
  * `serviceName` string (optional) - The non-localized name of the process.
@@ -565,9 +563,8 @@ and subscribing to the `ready` event if the app is not ready yet.
  * `steal` boolean _macOS_ - Make the receiver the active app even if another app is
  currently active.

-On macOS, makes the application the active app. On Windows, focuses on the application's
-first window. On Linux, either focuses on the first visible window (X11) or requests
-focus but may instead show a notification or flash the app icon (Wayland).
+On Linux, focuses on the first visible window. On macOS, makes the application
+the active app. On Windows, focuses on the application's first window.

 You should seek to use the `steal` option as sparingly as possible.

@@ -604,7 +601,6 @@ Returns `string` - The current application directory.
    * `%APPDATA%` on Windows
    * `$XDG_CONFIG_HOME` or `~/.config` on Linux
    * `~/Library/Application Support` on macOS
-  * `assets` The directory where app assets such as `resources.pak` are stored. By default this is the same as the folder containing the `exe` path. Available on Windows and Linux only.
  * `userData` The directory for storing your app's configuration files, which
    by default is the `appData` directory appended with your app's name. By
    convention files storing user data should be written to this directory, and
@@ -612,14 +608,14 @@ Returns `string` - The current application directory.
    may backup this directory to cloud storage.
  * `sessionData` The directory for storing data generated by `Session`, such
    as localStorage, cookies, disk cache, downloaded dictionaries, network
-    state, DevTools files. By default this points to `userData`. Chromium may
+    state, devtools files. By default this points to `userData`. Chromium may
    write very large disk cache here, so if your app does not rely on browser
    storage like localStorage or cookies to save user data, it is recommended
    to set this directory to other locations to avoid polluting the `userData`
    directory.
  * `temp` Temporary directory.
  * `exe` The current executable file.
-  * `module` The location of the Chromium module. By default this is synonymous with `exe`.
+  * `module` The `libchromiumcontent` library.
  * `desktop` The current user's Desktop directory.
  * `documents` Directory for a user's "My Documents".
  * `downloads` Directory for a user's downloads.
@@ -633,7 +629,7 @@ Returns `string` - The current application directory.
 Returns `string` - A path to a special directory or file associated with `name`. On
 failure, an `Error` is thrown.

-If `app.getPath('logs')` is called without calling `app.setAppLogsPath()` being called first, a default log directory will be created equivalent to calling `app.setAppLogsPath()` without a `path` parameter.
+If `app.getPath('logs')` is called without called `app.setAppLogsPath()` being called first, a default log directory will be created equivalent to calling `app.setAppLogsPath()` without a `path` parameter.

 ### `app.getFileIcon(path[, options])`

@@ -648,7 +644,7 @@ Returns `Promise<NativeImage>` - fulfilled with the app's icon, which is a [Nati

 Fetches a path's associated icon.

-On _Windows_, there are 2 kinds of icons:
+On _Windows_, there a 2 kinds of icons:

 * Icons associated with certain file extensions, like `.mp3`, `.png`, etc.
 * Icons inside the file itself, like `.exe`, `.dll`, `.ico`.
@@ -764,7 +760,7 @@ app.getPreferredSystemLanguages() // ['fr-CA', 'en-US', 'zh-Hans-FI', 'es-419']

 Both the available languages and regions and the possible return values differ between the two operating systems.

-As can be seen with the example above, on Windows, it is possible that a preferred system language has no country code, and that one of the preferred system languages corresponds with the language used for the regional format. On macOS, the region serves more as a default country code: the user doesn't need to have Finnish as a preferred language to use Finland as the region, and the country code `FI` is used as the country code for preferred system languages that do not have associated countries in the language name.
+As can be seen with the example above, on Windows, it is possible that a preferred system language has no country code, and that one of the preferred system languages corresponds with the language used for the regional format. On macOS, the region serves more as a default country code: the user doesn't need to have Finnish as a preferred language to use Finland as the region,and the country code `FI` is used as the country code for preferred system languages that do not have associated countries in the language name.

 ### `app.addRecentDocument(path)` _macOS_ _Windows_

@@ -779,22 +775,6 @@ bar, and on macOS, you can visit it from dock menu.

 Clears the recent documents list.

-### `app.getRecentDocuments()` _macOS_ _Windows_
-
-Returns `string[]` - An array containing documents in the most recent documents list.
-
-```js
-const { app } = require('electron')
-
-const path = require('node:path')
-
-const file = path.join(app.getPath('desktop'), 'foo.txt')
-app.addRecentDocument(file)
-
-const recents = app.getRecentDocuments()
-console.log(recents) // ['/path/to/desktop/foo.txt'}
-```
-
 ### `app.setAsDefaultProtocolClient(protocol[, path, args])`

 * `protocol` string - The name of your protocol, without `://`. For example,
@@ -1043,7 +1023,6 @@ starts:

 ```js
 const { app, BrowserWindow } = require('electron')
-
 let myWindow = null

 const additionalData = { myKey: 'myValue' }
@@ -1122,19 +1101,6 @@ Updates the current activity if its type matches `type`, merging the entries fro

 Changes the [Application User Model ID][app-user-model-id] to `id`.

-### `app.setToastActivatorCLSID(id)` _Windows_
-
-* `id` string
-
-Changes the [Toast Activator CLSID][toast-activator-clsid] to `id`. If one is not set via this method, it will be randomly generated for the app.
-
-* The value must be a valid GUID/CLSID in one of the following forms:
-  * Canonical brace-wrapped: `{XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}` (preferred)
-  * Canonical without braces: `XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX` (braces will be added automatically)
-* Hex digits are case-insensitive.
-
-This method should be called early (before showing notifications) so the value is baked into the registration/shortcut. Supplying an empty string or an unparsable value throws and leaves the existing (or generated) CLSID unchanged. If this method is never called, a random CLSID is generated once per run and exposed via `app.toastActivatorCLSID`.
-
 ### `app.setActivationPolicy(policy)` _macOS_

 * `policy` string - Can be 'regular', 'accessory', or 'prohibited'.
@@ -1229,17 +1195,10 @@ Disables hardware acceleration for current app.

 This method can only be called before app is ready.

-### `app.isHardwareAccelerationEnabled()`
-
-Returns `boolean` - whether hardware acceleration is currently enabled.
-
- > [!NOTE]
- > This information is only usable after the `gpu-info-update` event is emitted.
-
 ### `app.disableDomainBlockingFor3DAPIs()`

 By default, Chromium disables 3D APIs (e.g. WebGL) until restart on a per
-domain basis if the GPU process crashes too frequently. This function
+domain basis if the GPU processes crashes too frequently. This function
 disables that behavior.

 This method can only be called before app is ready.
@@ -1267,8 +1226,6 @@ For `infoType` equal to `complete`:
 For `infoType` equal to `basic`:
  Promise is fulfilled with `Object` containing fewer attributes than when requested with `complete`. Here's an example of basic response:

-<!-- eslint-skip -->
-
 ```js
 {
  auxAttributes:
@@ -1298,8 +1255,6 @@ For `infoType` equal to `basic`:

 Using `basic` should be preferred if only basic information like `vendorId` or `deviceId` is needed.

-Promise is rejected if the GPU is completely disabled, i.e. no hardware and software implementations are available.
-
 ### `app.setBadgeCount([count])` _Linux_ _macOS_

 * `count` Integer (optional) - If a value is provided, set the badge to the provided value otherwise, on macOS, display a plain white dot (e.g. unknown number of notifications). On Linux, if a value is not provided the badge will not display.
@@ -1384,7 +1339,6 @@ latest version.

 ``` js
 const { app } = require('electron')
-
 const path = require('node:path')

 const appFolder = path.dirname(process.execPath)
@@ -1421,75 +1375,7 @@ details. Disabled by default.
 This API must be called after the `ready` event is emitted.

 > [!NOTE]
-> Rendering accessibility tree can significantly affect the performance of your app. It should not be enabled by default. Calling this method will enable the following accessibility support features: `nativeAPIs`, `webContents`, `inlineTextBoxes`, and `extendedProperties`.
-
-### `app.getAccessibilitySupportFeatures()` _macOS_ _Windows_
-
-Returns `string[]` - Array of strings naming currently enabled accessibility support components. Possible values:
-
-* `nativeAPIs` - Native OS accessibility APIs integration enabled.
-* `webContents` - Web contents accessibility tree exposure enabled.
-* `inlineTextBoxes` - Inline text boxes (character bounding boxes) enabled.
-* `extendedProperties` - Extended accessibility properties enabled.
-* `screenReader` - Screen reader specific mode enabled.
-* `html` - HTML accessibility tree construction enabled.
-* `labelImages` - Accessibility support for automatic image annotations.
-* `pdfPrinting` - Accessibility support for PDF printing enabled.
-
-Notes:
-
-* The array may be empty if no accessibility modes are active.
-* Use `app.isAccessibilitySupportEnabled()` for the legacy boolean check;
-  prefer this method for granular diagnostics or telemetry.
-
-Example:
-
-```js
-const { app } = require('electron')
-
-app.whenReady().then(() => {
-  if (app.getAccessibilitySupportFeatures().includes('screenReader')) {
-    // Change some app UI to better work with Screen Readers.
-  }
-})
-```
-
-### `app.setAccessibilitySupportFeatures(features)` _macOS_ _Windows_
-
-* `features` string[] - An array of the accessibility features to enable.
-
-Possible values are:
-
-* `nativeAPIs` - Native OS accessibility APIs integration enabled.
-* `webContents` - Web contents accessibility tree exposure enabled.
-* `inlineTextBoxes` - Inline text boxes (character bounding boxes) enabled.
-* `extendedProperties` - Extended accessibility properties enabled.
-* `screenReader` - Screen reader specific mode enabled.
-* `html` - HTML accessibility tree construction enabled.
-* `labelImages` - Accessibility support for automatic image annotations.
-* `pdfPrinting` - Accessibility support for PDF printing enabled.
-
-To disable all supported features, pass an empty array `[]`.
-
-Example:
-
-```js
-const { app } = require('electron')
-
-app.whenReady().then(() => {
-  // Enable a subset of features:
-  app.setAccessibilitySupportFeatures([
-    'screenReader',
-    'pdfPrinting',
-    'webContents'
-  ])
-
-  // Other logic
-
-  // Some time later, disable all features:
-  app.setAccessibilitySupportFeatures([])
-})
-```
+> Rendering accessibility tree can significantly affect the performance of your app. It should not be enabled by default.

 ### `app.showAboutPanel()`

@@ -1527,7 +1413,6 @@ Returns `Function` - This function **must** be called once you have finished acc

 ```js
 const { app, dialog } = require('electron')
-
 const fs = require('node:fs')

 let filepath
@@ -1717,13 +1602,8 @@ platforms) that allows you to perform actions on your app icon in the user's doc

 A `boolean` property that returns  `true` if the app is packaged, `false` otherwise. For many apps, this property can be used to distinguish development and production environments.

-### `app.toastActivatorCLSID` _Windows_ _Readonly_
-
-A `string` property that returns the app's [Toast Activator CLSID][toast-activator-clsid].
-
 [tasks]:https://learn.microsoft.com/en-us/windows/win32/shell/taskbar-extensions#tasks
 [app-user-model-id]: https://learn.microsoft.com/en-us/windows/win32/shell/appids
-[toast-activator-clsid]: https://learn.microsoft.com/en-us/windows/win32/properties/props-system-appusermodel-toastactivatorclsid
 [electron-forge]: https://www.electronforge.io/
 [electron-packager]: https://github.com/electron/packager
 [CFBundleURLTypes]: https://developer.apple.com/library/ios/documentation/General/Reference/InfoPlistKeyReference/Articles/CoreFoundationKeys.html#//apple_ref/doc/uid/TP40009249-102207-TPXREF115
--- a/docs/api/auto-updater.md
+++ b/docs/api/auto-updater.md
@@ -32,19 +32,9 @@ update process. Apps that need to disable ATS can add the

 ### Windows

-On Windows, the `autoUpdater` module automatically selects the appropriate update mechanism
-based on how your app is packaged:
-
-* **MSIX packages**: If your app is running as an MSIX package (created with [electron-windows-msix][msix-lib] and detected via [`process.windowsStore`](process.md#processwindowsstore-readonly)),
-  the module uses the MSIX updater, which supports direct MSIX file links and JSON update feeds.
-* **Squirrel.Windows**: For apps installed via traditional installers (created with
-  [electron-winstaller][installer-lib] or [Electron Forge's Squirrel.Windows maker][electron-forge-lib]),
-  the module uses Squirrel.Windows for updates.
-
-You don't need to configure which updater to use; Electron automatically detects the packaging
-format and uses the appropriate one.
-
-#### Squirrel.Windows
+On Windows, you have to install your app into a user's machine before you can
+use the `autoUpdater`, so it is recommended that you use
+[electron-winstaller][installer-lib] or [Electron Forge's Squirrel.Windows maker][electron-forge-lib] to generate a Windows installer.

 Apps built with Squirrel.Windows will trigger [custom launch events](https://github.com/Squirrel/Squirrel.Windows/blob/51f5e2cb01add79280a53d51e8d0cfa20f8c9f9f/docs/using/custom-squirrel-events-non-cs.md#application-startup-commands)
 that must be handled by your Electron application to ensure proper setup and teardown.
@@ -65,14 +55,6 @@ The installer generated with Squirrel.Windows will create a shortcut icon with a
 same ID for your app with `app.setAppUserModelId` API, otherwise Windows will
 not be able to pin your app properly in task bar.

-#### MSIX Packages
-
-When your app is packaged as an MSIX, the `autoUpdater` module provides additional
-functionality:
-
-* Use the `allowAnyVersion` option in `setFeedURL()` to allow updates to older versions (downgrades)
-* Support for direct MSIX file links or JSON update feeds (similar to Squirrel.Mac format)
-
 ## Events

 The `autoUpdater` object emits the following events:
@@ -110,7 +92,7 @@ Returns:

 Emitted when an update has been downloaded.

-With Squirrel.Windows only `releaseName` is available.
+On Windows only `releaseName` is available.

 > [!NOTE]
 > It is not strictly necessary to handle this event. A successfully
@@ -118,13 +100,6 @@ With Squirrel.Windows only `releaseName` is available.

 ### Event: 'before-quit-for-update'

-<!--
-```YAML history
-added:
-  - pr-url: https://github.com/electron/electron/pull/12619
-```
-->
-
 This event is emitted after a user calls `quitAndInstall()`.

 When this API is called, the `before-quit` event is not emitted before all windows are closed. As a result you should listen to this event if you wish to perform actions before the windows are closed while a process is quitting, as well as listening to `before-quit`.
@@ -135,23 +110,11 @@ The `autoUpdater` object has the following methods:

 ### `autoUpdater.setFeedURL(options)`

-<!--
-```YAML history
-changes:
-  - pr-url: https://github.com/electron/electron/pull/5879
-    description: "Added `headers` as a second parameter."
-  - pr-url: https://github.com/electron/electron/pull/11925
-    description: "Changed API to accept a single `options` argument (contains `url`, `headers`, and `serverType` properties)."
-```
-->
-
 * `options` Object
-  * `url` string - The update server URL. For _Windows_ MSIX, this can be either a direct link to an MSIX file (e.g., `https://example.com/update.msix`) or a JSON endpoint that returns update information (see the [Squirrel.Mac][squirrel-mac] README for more information).
+  * `url` string
  * `headers` Record\<string, string\> (optional) _macOS_ - HTTP request headers.
  * `serverType` string (optional) _macOS_ - Can be `json` or `default`, see the [Squirrel.Mac][squirrel-mac]
    README for more information.
-  * `allowAnyVersion` boolean (optional) _Windows_ - If `true`, allows downgrades to older versions for MSIX packages.
-    Defaults to `false`.

 Sets the `url` and initialize the auto updater.

@@ -188,4 +151,3 @@ closed.
 [electron-forge-lib]: https://www.electronforge.io/config/makers/squirrel.windows
 [app-user-model-id]: https://learn.microsoft.com/en-us/windows/win32/shell/appids
 [event-emitter]: https://nodejs.org/api/events.html#events_class_eventemitter
-[msix-lib]:  https://github.com/electron-userland/electron-windows-msix
--- a/docs/api/base-window.md
+++ b/docs/api/base-window.md
@@ -99,10 +99,6 @@ Process: [Main](../glossary.md#main-process)

 It creates a new `BaseWindow` with native properties as set by the `options`.

-> [!WARNING]
-> Electron's built-in classes cannot be subclassed in user code.
-> For more information, see [the FAQ](../faq.md#class-inheritance-does-not-work-with-electron-built-in-modules).
-
 ### `new BaseWindow([options])`

 * `options` [BaseWindowConstructorOptions](structures/base-window-options.md?inline) (optional)
@@ -298,7 +294,6 @@ e.g. `APPCOMMAND_BROWSER_BACKWARD` is emitted as `browser-backward`.

 ```js
 const { BaseWindow } = require('electron')
-
 const win = new BaseWindow()
 win.on('app-command', (e, cmd) => {
  // Navigate the window back when the user hits their mouse back button
@@ -507,7 +502,6 @@ A `boolean` property that determines whether the window is excluded from the app

 ```js @ts-expect-error=[12]
 const { Menu, BaseWindow } = require('electron')
-
 const win = new BaseWindow({ height: 600, width: 600 })

 const template = [
@@ -733,7 +727,6 @@ Resizes and moves the window to the supplied bounds. Any properties that are not

 ```js
 const { BaseWindow } = require('electron')
-
 const win = new BaseWindow()

 // set all bounds properties
@@ -756,9 +749,6 @@ Returns [`Rectangle`](structures/rectangle.md) - The `bounds` of the window as `
 > [!NOTE]
 > On macOS, the y-coordinate value returned will be at minimum the [Tray](tray.md) height. For example, calling `win.setBounds({ x: 25, y: 20, width: 800, height: 600 })` with a tray height of 38 means that `win.getBounds()` will return `{ x: 25, y: 38, width: 800, height: 600 }`.

-> [!NOTE]
-> On Wayland, this method will return `{ x: 0, y: 0, ... }` as introspecting or programmatically changing the global window coordinates is prohibited.
-
 #### `win.getBackgroundColor()`

 Returns `string` - Gets the background color of the window in Hex (`#RRGGBB`) format.
@@ -972,9 +962,6 @@ Moves window to `x` and `y`.

 Returns `Integer[]` - Contains the window's current position.

-> [!NOTE]
-> On Wayland, this method will return `[0, 0]` as introspecting or programmatically changing the global window coordinates is prohibited.
-
 #### `win.setTitle(title)`

 * `title` string
@@ -1000,7 +987,6 @@ a HTML-rendered toolbar. For example:

 ```js
 const { BaseWindow } = require('electron')
-
 const win = new BaseWindow()

 const toolbarRect = document.getElementById('toolbar').getBoundingClientRect()
@@ -1049,7 +1035,7 @@ under this mode apps can choose to optimize their UI for tablets, such as
 enlarging the titlebar and hiding titlebar buttons.

 This API returns whether the window is in tablet mode, and the `resize` event
-can be used to listen to changes to tablet mode.
+can be be used to listen to changes to tablet mode.

 #### `win.getMediaSourceId()`

@@ -1266,47 +1252,6 @@ Sets the properties for the window's taskbar button.
 > `relaunchCommand` and `relaunchDisplayName` must always be set
 > together. If one of those properties is not set, then neither will be used.

-#### `win.setAccentColor(accentColor)` _Windows_
-
-* `accentColor` boolean | string | null - The accent color for the window. By default, follows user preference in System Settings. To reset to system default, pass `null`.
-
-Sets the system accent color and highlighting of active window border.
-
-The `accentColor` parameter accepts the following values:
-
-* **Color string** - Like `true`, but sets a custom accent color using standard CSS color formats (Hex, RGB, RGBA, HSL, HSLA, or named colors). Alpha values in RGBA/HSLA formats are ignored and the color is treated as fully opaque.
-* **`true`** - Enable accent color highlighting for the window with the system accent color regardless of whether accent colors are enabled for windows in System `Settings.`
-* **`false`** - Disable accent color highlighting for the window regardless of whether accent colors are currently enabled for windows in System Settings.
-* **`null`** - Reset window accent color behavior to follow behavior set in System Settings.
-
-Examples:
-
-```js
-const win = new BrowserWindow({ frame: false })
-
-// Set red accent color.
-win.setAccentColor('#ff0000')
-
-// RGB format (alpha ignored if present).
-win.setAccentColor('rgba(255,0,0,0.5)')
-
-// Enable accent color, using the color specified in System Settings.
-win.setAccentColor(true)
-
-// Disable accent color.
-win.setAccentColor(false)
-
-// Reset window accent color behavior to follow behavior set in System Settings.
-win.setAccentColor(null)
-```
-
-#### `win.getAccentColor()` _Windows_
-
-Returns `string | boolean` - the system accent color and highlighting of active window border in Hex RGB format.
-
-If a color has been set for the window that differs from the system accent color, the window accent color will
-be returned. Otherwise, a boolean will be returned, with `true` indicating that the window uses the global system accent color, and `false` indicating that accent color highlighting is disabled for this window.
-
 #### `win.setIcon(icon)` _Windows_ _Linux_

 * `icon` [NativeImage](native-image.md) | string
@@ -1401,10 +1346,6 @@ On Windows it calls SetWindowDisplayAffinity with `WDA_EXCLUDEFROMCAPTURE`.
 For Windows 10 version 2004 and up the window will be removed from capture entirely,
 older Windows versions behave as if `WDA_MONITOR` is applied capturing a black window.

-#### `win.isContentProtected()` _macOS_ _Windows_
-
-Returns `boolean` - whether or not content protection is currently enabled.
-
 #### `win.setFocusable(focusable)` _macOS_ _Windows_

 * `focusable` boolean
--- a/docs/api/browser-view.md
+++ b/docs/api/browser-view.md
@@ -38,10 +38,6 @@ Process: [Main](../glossary.md#main-process)
 This module cannot be used until the `ready` event of the `app`
 module is emitted.

-> [!WARNING]
-> Electron's built-in classes cannot be subclassed in user code.
-> For more information, see [the FAQ](../faq.md#class-inheritance-does-not-work-with-electron-built-in-modules).
-
 ### Example

 ```js
--- a/docs/api/browser-window.md
+++ b/docs/api/browser-window.md
@@ -40,7 +40,6 @@ the window after this event will have no visual flash:

 ```js
 const { BrowserWindow } = require('electron')
-
 const win = new BrowserWindow({ show: false })
 win.once('ready-to-show', () => {
  win.show()
@@ -140,10 +139,6 @@ state is `hidden` in order to minimize power consumption.
  move.
 * On Linux the type of modal windows will be changed to `dialog`.
 * On Linux many desktop environments do not support hiding a modal window.
-* On Wayland (Linux) it is generally not possible to programmatically resize windows
-  after creation, or to position, move, focus, or blur windows without user input.
-  If your app needs these capabilities, run it in Xwayland by appending the flag
-  `--ozone-platform=x11`.

 ## Class: BrowserWindow extends `BaseWindow`

@@ -155,10 +150,6 @@ Process: [Main](../glossary.md#main-process)

 It creates a new `BrowserWindow` with native properties as set by the `options`.

-> [!WARNING]
-> Electron's built-in classes cannot be subclassed in user code.
-> For more information, see [the FAQ](../faq.md#class-inheritance-does-not-work-with-electron-built-in-modules).
-
 ### `new BrowserWindow([options])`

 * `options` [BrowserWindowConstructorOptions](structures/browser-window-options.md?inline) (optional)
@@ -382,7 +373,6 @@ e.g. `APPCOMMAND_BROWSER_BACKWARD` is emitted as `browser-backward`.

 ```js
 const { BrowserWindow } = require('electron')
-
 const win = new BrowserWindow()
 win.on('app-command', (e, cmd) => {
  // Navigate the window back when the user hits their mouse back button
@@ -660,15 +650,10 @@ the [close event](#event-close).

 Focuses on the window.

-On Wayland (Linux), the desktop environment may show a notification or flash
-the app icon if the window or app is not already focused.
-
 #### `win.blur()`

 Removes focus from the window.

-Not supported on Wayland (Linux).
-
 #### `win.isFocused()`

 Returns `boolean` - Whether the window is focused.
@@ -685,8 +670,6 @@ Shows and gives focus to the window.

 Shows the window but doesn't focus on it.

-Not supported on Wayland (Linux).
-
 #### `win.hide()`

 Hides the window.
@@ -835,11 +818,8 @@ Closes the currently open [Quick Look][quick-look] panel.

 Resizes and moves the window to the supplied bounds. Any properties that are not supplied will default to their current values.

-On Wayland (Linux), has the same limitations as `setSize` and `setPosition`.
-
 ```js
 const { BrowserWindow } = require('electron')
-
 const win = new BrowserWindow()

 // set all bounds properties
@@ -862,9 +842,6 @@ Returns [`Rectangle`](structures/rectangle.md) - The `bounds` of the window as `
 > [!NOTE]
 > On macOS, the y-coordinate value returned will be at minimum the [Tray](tray.md) height. For example, calling `win.setBounds({ x: 25, y: 20, width: 800, height: 600 })` with a tray height of 38 means that `win.getBounds()` will return `{ x: 25, y: 38, width: 800, height: 600 }`.

-> [!NOTE]
-> On Wayland, this method will return `{ x: 0, y: 0, ... }` as introspecting or programmatically changing the global window coordinates is prohibited.
-
 #### `win.getBackgroundColor()`

 Returns `string` - Gets the background color of the window in Hex (`#RRGGBB`) format.
@@ -882,8 +859,6 @@ See [Setting `backgroundColor`](#setting-the-backgroundcolor-property).
 Resizes and moves the window's client area (e.g. the web page) to
 the supplied bounds.

-On Wayland (Linux), has the same limitations as `setContentSize` and `setPosition`.
-
 #### `win.getContentBounds()`

 Returns [`Rectangle`](structures/rectangle.md) - The `bounds` of the window's client area as `Object`.
@@ -913,8 +888,6 @@ Returns `boolean` - whether the window is enabled.

 Resizes the window to `width` and `height`. If `width` or `height` are below any set minimum size constraints the window will snap to its minimum size.

-On Wayland (Linux), may not work as some window managers restrict programmatic window resizing.
-
 #### `win.getSize()`

 Returns `Integer[]` - Contains the window's width and height.
@@ -927,8 +900,6 @@ Returns `Integer[]` - Contains the window's width and height.

 Resizes the window's client area (e.g. the web page) to `width` and `height`.

-On Wayland (Linux), may not work as some window managers restrict programmatic window resizing.
-
 #### `win.getContentSize()`

 Returns `Integer[]` - Contains the window's client area's width and height.
@@ -1066,16 +1037,12 @@ this method throws an error.

 #### `win.moveTop()`

-Moves window to top(z-order) regardless of focus.
-
-Not supported on Wayland (Linux).
+Moves window to top(z-order) regardless of focus

 #### `win.center()`

 Moves window to the center of the screen.

-Not supported on Wayland (Linux).
-
 #### `win.setPosition(x, y[, animate])`

 * `x` Integer
@@ -1084,15 +1051,10 @@ Not supported on Wayland (Linux).

 Moves window to `x` and `y`.

-Not supported on Wayland (Linux).
-
 #### `win.getPosition()`

 Returns `Integer[]` - Contains the window's current position.

-> [!NOTE]
-> On Wayland, this method will return `[0, 0]` as introspecting or programmatically changing the global window coordinates is prohibited.
-
 #### `win.setTitle(title)`

 * `title` string
@@ -1118,7 +1080,6 @@ a HTML-rendered toolbar. For example:

 ```js
 const { BrowserWindow } = require('electron')
-
 const win = new BrowserWindow()

 const toolbarRect = document.getElementById('toolbar').getBoundingClientRect()
@@ -1165,7 +1126,7 @@ under this mode apps can choose to optimize their UI for tablets, such as
 enlarging the titlebar and hiding titlebar buttons.

 This API returns whether the window is in tablet mode, and the `resize` event
-can be used to listen to changes to tablet mode.
+can be be used to listen to changes to tablet mode.

 #### `win.getMediaSourceId()`

@@ -1258,8 +1219,7 @@ Captures a snapshot of the page within `rect`. Omitting `rect` will capture the

 Returns `Promise<void>` - the promise will resolve when the page has finished loading
 (see [`did-finish-load`](web-contents.md#event-did-finish-load)), and rejects
-if the page fails to load (see
-[`did-fail-load`](web-contents.md#event-did-fail-load)). A noop rejection handler is already attached, which avoids unhandled rejection errors. If the existing page has a beforeUnload handler, [`did-fail-load`](web-contents.md#event-did-fail-load) will be called unless [`will-prevent-unload`](web-contents.md#event-did-fail-load) is handled.
+if the page fails to load (see [`did-fail-load`](web-contents.md#event-did-fail-load)).

 Same as [`webContents.loadURL(url[, options])`](web-contents.md#contentsloadurlurl-options).

@@ -1272,10 +1232,9 @@ method:

 ```js
 const { BrowserWindow } = require('electron')
-
 const win = new BrowserWindow()

-const url = require('node:url').format({
+const url = require('url').format({
  protocol: 'file',
  slashes: true,
  pathname: require('node:path').join(__dirname, 'index.html')
@@ -1289,7 +1248,6 @@ the following:

 ```js
 const { BrowserWindow } = require('electron')
-
 const win = new BrowserWindow()

 win.loadURL('http://localhost:8000/post', {
@@ -1472,47 +1430,6 @@ Sets the properties for the window's taskbar button.
 > `relaunchCommand` and `relaunchDisplayName` must always be set
 > together. If one of those properties is not set, then neither will be used.

-#### `win.setAccentColor(accentColor)` _Windows_
-
-* `accentColor` boolean | string | null - The accent color for the window. By default, follows user preference in System Settings. To reset to system default, pass `null`.
-
-Sets the system accent color and highlighting of active window border.
-
-The `accentColor` parameter accepts the following values:
-
-* **Color string** - Like `true`, but sets a custom accent color using standard CSS color formats (Hex, RGB, RGBA, HSL, HSLA, or named colors). Alpha values in RGBA/HSLA formats are ignored and the color is treated as fully opaque.
-* **`true`** - Enable accent color highlighting for the window with the system accent color regardless of whether accent colors are enabled for windows in System `Settings.`
-* **`false`** - Disable accent color highlighting for the window regardless of whether accent colors are currently enabled for windows in System Settings.
-* **`null`** - Reset window accent color behavior to follow behavior set in System Settings.
-
-Examples:
-
-```js
-const win = new BrowserWindow({ frame: false })
-
-// Set red accent color.
-win.setAccentColor('#ff0000')
-
-// RGB format (alpha ignored if present).
-win.setAccentColor('rgba(255,0,0,0.5)')
-
-// Enable accent color, using the color specified in System Settings.
-win.setAccentColor(true)
-
-// Disable accent color.
-win.setAccentColor(false)
-
-// Reset window accent color behavior to follow behavior set in System Settings.
-win.setAccentColor(null)
-```
-
-#### `win.getAccentColor()` _Windows_
-
-Returns `string | boolean` - the system accent color and highlighting of active window border in Hex RGB format.
-
-If a color has been set for the window that differs from the system accent color, the window accent color will
-be returned. Otherwise, a boolean will be returned, with `true` indicating that the window uses the global system accent color, and `false` indicating that accent color highlighting is disabled for this window.
-
 #### `win.showDefinitionForSelection()` _macOS_

 Same as `webContents.showDefinitionForSelection()`.
@@ -1606,22 +1523,11 @@ events.

 Prevents the window contents from being captured by other apps.

-On Windows, it calls [`SetWindowDisplayAffinity`](https://learn.microsoft.com/en-us/windows/win32/api/winuser/nf-winuser-setwindowdisplayaffinity) with `WDA_EXCLUDEFROMCAPTURE`.
+On macOS it sets the NSWindow's sharingType to NSWindowSharingNone.
+On Windows it calls SetWindowDisplayAffinity with `WDA_EXCLUDEFROMCAPTURE`.
 For Windows 10 version 2004 and up the window will be removed from capture entirely,
 older Windows versions behave as if `WDA_MONITOR` is applied capturing a black window.

-On macOS, it sets the `NSWindow`'s
-[`sharingType`](https://developer.apple.com/documentation/appkit/nswindow/sharingtype-swift.property?language=objc)
-to
-[`NSWindowSharingNone`](https://developer.apple.com/documentation/appkit/nswindow/sharingtype-swift.enum/none?language=objc).
-Unfortunately, due to an intentional change in macOS, newer Mac applications that use
-`ScreenCaptureKit` will capture your window despite `win.setContentProtection(true)`.
-See [here](https://github.com/electron/electron/issues/48258#issuecomment-3269893618).
-
-#### `win.isContentProtected()` _macOS_ _Windows_
-
-Returns `boolean` - whether or not content protection is currently enabled.
-
 #### `win.setFocusable(focusable)` _macOS_ _Windows_

 * `focusable` boolean
--- a/docs/api/client-request.md
+++ b/docs/api/client-request.md
@@ -25,11 +25,6 @@ following properties:
    with which the request is associated. Defaults to the empty string. The
    `session` option supersedes `partition`. Thus if a `session` is explicitly
    specified, `partition` is ignored.
-  * `bypassCustomProtocolHandlers` boolean (optional) - When set to `true`,
-    custom protocol handlers registered for the request's URL scheme will not be
-    called. This allows forwarding an intercepted request to the built-in
-    handler. [webRequest](web-request.md) handlers will still be triggered
-    when bypassing custom protocols. Defaults to `false`.
  * `credentials` string (optional) - Can be `include`, `omit` or
    `same-origin`. Whether to send
    [credentials](https://fetch.spec.whatwg.org/#credentials) with this
@@ -264,7 +259,7 @@ will not be allowed. The `finish` event is emitted just after the end operation.
 Cancels an ongoing HTTP transaction. If the request has already emitted the
 `close` event, the abort operation will have no effect. Otherwise an ongoing
 event will emit `abort` and `close` events. Additionally, if there is an ongoing
-response object, it will emit the `aborted` event.
+response object,it will emit the `aborted` event.

 #### `request.followRedirect()`

--- a/docs/api/clipboard.md
+++ b/docs/api/clipboard.md
@@ -2,16 +2,7 @@

 > Perform copy and paste operations on the system clipboard.

-Process: [Main](../glossary.md#main-process), [Renderer](../glossary.md#renderer-process) _Deprecated_ (non-sandboxed only)
-
-> [!NOTE]
-> Using the `clipboard` API from the renderer process is deprecated.
-
-> [!IMPORTANT]
-> If you want to call this API from a renderer process,
-> place the API call in your preload script and
-> [expose](../tutorial/context-isolation.md#after-context-isolation-enabled) it using the
-> [`contextBridge`](context-bridge.md) API.
+Process: [Main](../glossary.md#main-process), [Renderer](../glossary.md#renderer-process) (non-sandboxed only)

 On Linux, there is also a `selection` clipboard. To manipulate it
 you need to pass `selection` to each method:
--- a/docs/api/command-line-switches.md
+++ b/docs/api/command-line-switches.md
@@ -8,7 +8,6 @@ is emitted:

 ```js
 const { app } = require('electron')
-
 app.commandLine.appendSwitch('remote-debugging-port', '8315')
 app.commandLine.appendSwitch('host-rules', 'MAP * 127.0.0.1')

@@ -49,10 +48,6 @@ Disables the disk cache for HTTP requests.

 Disable HTTP/2 and SPDY/3.1 protocols.

-### --disable-geolocation _macOS_
-
-Disables the Geolocation API. Permission requests for geolocation will be denied internally regardless of the decision made by a handler set via `session.setPermissionRequestHandler`. This functionality is currently implemented only for macOS. Has no effect on other platforms.
-
 ### --disable-renderer-backgrounding

 Prevents Chromium from lowering the priority of invisible pages' renderer
@@ -90,7 +85,7 @@ Field trials to be forcefully enabled or disabled.

 For example: `WebRTC-Audio-Red-For-Opus/Enabled/`

-### --host-rules=`rules` _Deprecated_
+### --host-rules=`rules`

 A comma-separated list of `rules` that control how hostnames are mapped.

@@ -108,23 +103,9 @@ These mappings apply to the endpoint host in a net request (the TCP connect
 and host resolver in a direct connection, and the `CONNECT` in an HTTP proxy
 connection, and the endpoint host in a `SOCKS` proxy connection).

-**Deprecated:** Use the `--host-resolver-rules` switch instead.
-
 ### --host-resolver-rules=`rules`

-A comma-separated list of `rules` that control how hostnames are mapped.
-
-For example:
-
-* `MAP * 127.0.0.1` Forces all hostnames to be mapped to 127.0.0.1
-* `MAP *.google.com proxy` Forces all google.com subdomains to be resolved to
-  "proxy".
-* `MAP test.com [::1]:77` Forces "test.com" to resolve to IPv6 loopback. Will
-  also force the port of the resulting socket address to be 77.
-* `MAP * baz, EXCLUDE www.google.com` Remaps everything to "baz", except for
-  "www.google.com".
-
-These `rules` only apply to the host resolver.
+Like `--host-rules` but these `rules` only apply to the host resolver.

 ### --ignore-certificate-errors

@@ -172,7 +153,7 @@ Enables net log events to be saved and writes them to `path`.
 Sets the verbosity of logging when used together with `--enable-logging`.
 `N` should be one of [Chrome's LogSeverities][severities].

-Note that two complementary logging mechanisms in Chromium -- `LOG()`
+Note that two complimentary logging mechanisms in Chromium -- `LOG()`
 and `VLOG()` -- are controlled by different switches. `--log-level`
 controls `LOG()` messages, while `--v` and `--vmodule` control `VLOG()`
 messages. So you may want to use a combination of these three switches
@@ -197,11 +178,6 @@ Disables the Chromium [sandbox](https://www.chromium.org/developers/design-docum
 Forces renderer process and Chromium helper processes to run un-sandboxed.
 Should only be used for testing.

-### --no-stdio-init
-
-Disable stdio initialization during node initialization.
-Used to avoid node initialization crash when the nul device is disabled on Windows platform.
-
 ### --proxy-bypass-list=`hosts`

 Instructs Electron to bypass the proxy server for the given semi-colon-separated
@@ -212,7 +188,6 @@ For example:

 ```js
 const { app } = require('electron')
-
 app.commandLine.appendSwitch('proxy-bypass-list', '<local>;*.google.com;*foo.com;1.2.3.4:5678')
 ```

@@ -315,9 +290,9 @@ Specify ways of the inspector web socket url exposure.

 By default inspector websocket url is available in stderr and under /json/list endpoint on `http://host:port/json/list`.

-### `--experimental-network-inspection`
+### `--experimental-network-inspector`

-Enable support for DevTools network inspector events, for visibility into requests made by the nodejs `http` and `https` modules.
+Enable support for devtools network inspector events, for visibility into requests made by the nodejs `http` and `https` modules.

 ### `--no-deprecation`

@@ -350,33 +325,6 @@ Set the directory to which all Node.js diagnostic output files are written. Defa

 Affects the default output directory of [v8.setHeapSnapshotNearHeapLimit](https://nodejs.org/docs/latest/api/v8.html#v8setheapsnapshotnearheaplimitlimit).

-### `--no-experimental-global-navigator`
-
-Disable exposition of [Navigator API][] on the global scope from Node.js.
-
-## Chromium Flags
-
-There isn't a documented list of all Chromium switches, but there are a few ways to find them.
-
-The easiest way is through Chromium's flags page, which you can access at `about://flags`. These flags don't directly match switch names, but they show up in the process's command-line arguments.
-
-To see these arguments, enable a flag in `about://flags`, then go to `about://version` in Chromium. You'll find a list of command-line arguments, including `--flag-switches-begin --your --list --flag-switches-end`, which contains the list of your flag enabled switches.
-
-Most flags are included as part of `--enable-features=`, but some are standalone switches, like `--enable-experimental-web-platform-features`.
-
-A complete list of flags exists in [Chromium's flag metadata page](https://source.chromium.org/chromium/chromium/src/+/main:chrome/browser/flag-metadata.json), but this list includes platform, environment and GPU specific, expired and potentially non-functional flags, so many of them might not always work in every situation.
-
-Keep in mind that standalone switches can sometimes be split into individual features, so there's no fully complete list of switches.
-
-Finally, you'll need to ensure that the version of Chromium in Electron matches the version of the browser you're using to cross-reference the switches.
-
-### Chromium features relevant to Electron apps
-
-* `AlwaysLogLOAFURL`: enables script attribution for
-  [`long-animation-frame`](https://developer.mozilla.org/en-US/docs/Web/API/Performance_API/Long_animation_frame_timing)
-  `PerformanceObserver` events for non-http(s), non-data, non-blob URLs (such as `file:` or custom
-  protocol URLs).
-
 [app]: app.md
 [append-switch]: command-line.md#commandlineappendswitchswitch-value
 [debugging-main-process]: ../tutorial/debugging-main-process.md
@@ -385,4 +333,3 @@ Finally, you'll need to ensure that the version of Chromium in Electron matches
 [play-silent-audio]: https://github.com/atom/atom/pull/9485/files
 [ready]: app.md#event-ready
 [severities]: https://source.chromium.org/chromium/chromium/src/+/main:base/logging.h?q=logging::LogSeverity&ss=chromium
-[Navigator API]: https://github.com/nodejs/node/blob/main/doc/api/globals.md#navigator
--- a/Show More
+++ b/Show More