chore: cherry-pick 2 changes from 3-M129 (#44233)

* chore: [30-x-y] cherry-pick 2 changes from 3-M129

* 9542895cdd3d from v8
* 81155a8f3b20 from v8

* chore: update patches

.autofix.markdownlint-cli2.jsonc

@@ -1,8 +0,0 @@
-{
-  "config": {
-    "default": false,
-    "no-trailing-spaces": {
-      "br_spaces": 0
-    }
-  }
-}

.devcontainer/README.md

@@ -25,19 +25,9 @@ Codespaces doesn't lean very well into gclient based checkouts, the directory st
 /workspaces/electron
 ```
 
-## Reclient
+## Goma
 
-If you are a maintainer [with Reclient access](../docs/development/reclient.md) you'll need to ensure you're authenticated when you spin up a new codespaces instance.  You can validate this by checking `e d rbe info` - your build-tools configuration should have `Access` type `Cache & Execute`:
-
-```console
-Authentication Status: Authenticated
-Since:     2024-05-28 10:29:33 +0200 CEST
-Expires:   2024-08-26 10:29:33 +0200 CEST
-...
-Access:    Cache & Execute
-```
-
-To authenticate if you're not logged in, run `e d rbe login` and follow the link to authenticate.
+If you are a maintainer [with Goma access](../docs/development/goma.md) it should be automatically configured and authenticated when you spin up a new codespaces instance.  You can validate this by checking `e d goma_auth info` or by checking that your build-tools configuration has a goma mode of `cluster`.
 
 ## Running Electron
 

.devcontainer/devcontainer.json

@@ -4,8 +4,12 @@
 	"onCreateCommand": ".devcontainer/on-create-command.sh",
 	"updateContentCommand": ".devcontainer/update-content-command.sh",
 	"workspaceFolder": "/workspaces/gclient/src/electron",
-	"forwardPorts": [6080, 5901],
+	"forwardPorts": [8088, 6080, 5901],
 	"portsAttributes": {
+		"8088": {
+			"label": "Goma Control Panel",
+			"onAutoForward": "silent"
+		},
 		"6080": {
 			"label": "VNC web client (noVNC)",
 			"onAutoForward": "silent"

.devcontainer/on-create-command.sh

@@ -59,6 +59,7 @@ if [ ! -f $buildtools/configs/evm.testing.json ]; then
             \"\$schema\": \"file:///home/builduser/.electron_build_tools/evm-config.schema.json\",
             \"configValidationLevel\": \"strict\",
             \"reclient\": \"$1\",
+            \"goma\": \"none\",
             \"preserveXcode\": 5
         }
     " >$buildtools/configs/evm.testing.json

.eslintrc.json

@@ -19,7 +19,40 @@
     "prefer-const": ["error", {
       "destructuring": "all"
     }],
-    "standard/no-callback-literal": "off"
+    "n/no-callback-literal": "off",
+    "import/newline-after-import": "error",
+    "import/order": ["error", {
+      "alphabetize": {
+        "order": "asc"
+      },
+      "newlines-between": "always",
+      "pathGroups": [
+        {
+          "pattern": "@electron/internal/**",
+          "group": "external",
+          "position": "before"
+        },
+        {
+          "pattern": "@electron/**",
+          "group": "external",
+          "position": "before"
+        },
+        {
+          "pattern": "{electron,electron/**}",
+          "group": "external",
+          "position": "before"
+        }
+      ],
+      "pathGroupsExcludedImportTypes": [],
+      "distinctGroup": true,
+      "groups": [
+        "external",
+        "builtin",
+        ["sibling", "parent"],
+        "index",
+        "type"
+      ]
+    }]
   },
   "parserOptions": {
     "ecmaVersion": 6,

.gitattributes

@@ -22,7 +22,6 @@ patches/**/.patches merge=union
 *.md text eol=lf
 *.mm text eol=lf
 *.mojom text eol=lf
-*.patches text eol=lf
 *.proto text eol=lf
 *.py text eol=lf
 *.ps1 text eol=lf

.github/CODEOWNERS

@@ -11,9 +11,6 @@ DEPS                                    @electron/wg-upgrades
 /docs/breaking-changes.md               @electron/wg-releases
 /npm/                                   @electron/wg-releases
 /script/release                         @electron/wg-releases
-appveyor.yml                            @electron/wg-releases
-appveyor-bake.yml                       @electron/wg-releases
-appveyor-woa.yml                        @electron/wg-releases
 
 # Security WG
 /lib/browser/devtools.ts                @electron/wg-security

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -26,8 +26,7 @@ body:
     required: true
 - type: dropdown
   attributes:
-    label: What operating system(s) are you using?
-    multiple: true
+    label: What operating system are you using?
     options:
       - Windows
       - macOS

.github/actions/build-electron/action.yml

@@ -36,7 +36,7 @@ runs:
       shell: bash
       if: ${{ inputs.target-arch == 'x64' && inputs.target-platform == 'macos' }}
       run: |
-        GN_APPENDED_ARGS="$GN_EXTRA_ARGS v8_snapshot_toolchain=\"//build/toolchain/mac:clang_x64\""
+        GN_APPENDED_ARGS="$GN_EXTRA_ARGS target_cpu=\"x64\" v8_snapshot_toolchain=\"//build/toolchain/mac:clang_x64\""
         echo "GN_EXTRA_ARGS=$GN_APPENDED_ARGS" >> $GITHUB_ENV
     - name: Build Electron ${{ inputs.step-suffix }}
       shell: bash
@@ -69,7 +69,7 @@ runs:
       shell: bash
       run: |
         cd src
-        e build electron:electron_dist_zip -j $NUMBER_OF_NINJA_PROCESSES
+        e build --target electron:electron_dist_zip -j $NUMBER_OF_NINJA_PROCESSES
         if [ "${{ inputs.is-asan }}" != "true" ]; then
           target_os=${{ inputs.target-platform == 'linux' && 'linux' || 'mac'}}
           if [ "${{ inputs.artifact-platform }}" = "mas" ]; then
@@ -81,7 +81,7 @@ runs:
       shell: bash
       run: |
         cd src
-        e build electron:electron_mksnapshot -j $NUMBER_OF_NINJA_PROCESSES
+        e build --target electron:electron_mksnapshot -j $NUMBER_OF_NINJA_PROCESSES
         gn desc out/Default v8:run_mksnapshot_default args > out/Default/mksnapshot_args
         # Remove unused args from mksnapshot_args
         SEDOPTION="-i"
@@ -90,6 +90,7 @@ runs:
         fi
         sed $SEDOPTION '/.*builtins-pgo/d' out/Default/mksnapshot_args
         sed $SEDOPTION '/--turbo-profiling-input/d' out/Default/mksnapshot_args
+        sed $SEDOPTION '/The gn arg use_goma=true .*/d' out/Default/mksnapshot_args
 
         if [ "`uname`" = "Linux" ]; then
           if [ "${{ inputs.target-arch }}" = "arm" ]; then
@@ -104,7 +105,7 @@ runs:
           fi
         fi
 
-        e build electron:electron_mksnapshot_zip -j $NUMBER_OF_NINJA_PROCESSES
+        e build --target electron:electron_mksnapshot_zip -j $NUMBER_OF_NINJA_PROCESSES
         (cd out/Default; zip mksnapshot.zip mksnapshot_args gen/v8/embedded.S)
     - name: Generate Cross-Arch Snapshot (arm/arm64)  ${{ inputs.step-suffix }}
       shell: bash
@@ -130,24 +131,24 @@ runs:
       shell: bash
       run: |
         cd src
-        e build electron:electron_chromedriver -j $NUMBER_OF_NINJA_PROCESSES
-        e build electron:electron_chromedriver_zip
+        e build --target electron:electron_chromedriver -j $NUMBER_OF_NINJA_PROCESSES
+        e build --target electron:electron_chromedriver_zip
     - name: Build Node.js headers ${{ inputs.step-suffix }}
       shell: bash
       run: |
         cd src
-        e build electron:node_headers
+        e build --target electron:node_headers
     - name: Generate & Zip Symbols ${{ inputs.step-suffix }}
       shell: bash
       run: |
         # Generate breakpad symbols on release builds
         if [ "${{ inputs.generate-symbols }}" = "true" ]; then
-          e build electron:electron_symbols
+          e build --target electron:electron_symbols
         fi
         cd src
         export BUILD_PATH="$(pwd)/out/Default"
-        e build electron:licenses
-        e build electron:electron_version_file
+        e build --target electron:licenses
+        e build --target electron:electron_version_file
         if [ "${{ inputs.is-release }}" = "true" ]; then
           DELETE_DSYMS_AFTER_ZIP=1 electron/script/zip-symbols.py -b $BUILD_PATH
         else
@@ -216,4 +217,4 @@ runs:
       uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808
       with:
         name: src_artifacts_${{ env.ARTIFACT_KEY }}
-        path: ./src_artifacts_${{ inputs.artifact-platform }}_${{ inputs.target-arch }}
+        path: ./src_artifacts_${{ inputs.artifact-platform }}_${{ inputs.target-arch }}

.github/actions/checkout/action.yml

@@ -75,7 +75,7 @@ runs:
         "$GITHUB_SERVER_URL/$GITHUB_REPOSITORY"
 
       ELECTRON_USE_THREE_WAY_MERGE_FOR_PATCHES=1 gclient sync --with_branch_heads --with_tags -vvvvv
-      if [ "${{ inputs.is-release }}" != "true" ]; then
+      if [ "${{ inputs.is-release }}" != "true" && -n "${{ env.PATCH_UP_APP_CREDS }}" ]; then
         # Re-export all the patches to check if there were changes.
         python3 src/electron/script/export_all_patches.py src/electron/patches/config.json
         cd src/electron
@@ -100,6 +100,7 @@ runs:
             echo "There were changes to the patches when applying."
             echo "Check the CI artifacts for a patch you can apply to fix it."
             echo "======================================================================"
+            cat ../../patches/update-patches.patch
             exit 1
           fi
         fi

.github/actions/fix-sync-macos/action.yml

@@ -46,7 +46,7 @@ runs:
         fi
         python3 src/third_party/depot_tools/download_from_google_storage.py --no_resume --no_auth --bucket chromium-browser-clang -s $DSYM_SHA_FILE -o src/tools/clang/dsymutil/bin/dsymutil
 
-        echo 'infra/3pp/build_support/ninja-1_11_1/${platform}' `gclient getdep --deps-file=src/DEPS -r 'src/third_party/ninja:infra/3pp/build_support/ninja-1_11_1/${platform}'` > ninja_ensure_file
+        echo 'infra/3pp/tools/ninja/${platform}' `gclient getdep --deps-file=src/DEPS -r 'src/third_party/ninja:infra/3pp/tools/ninja/${platform}'` > ninja_ensure_file
         sed $SEDOPTION "s/Updating depot_tools... //g" ninja_ensure_file
         cipd ensure --root src/third_party/ninja -ensure-file ninja_ensure_file
 
@@ -58,4 +58,4 @@ runs:
         cp .git/config .git/config.backup
         git remote remove origin
         mv .git/config.backup .git/config
-        git fetch
+        git fetch

.github/actions/generate-types/action.yml

@@ -0,0 +1,24 @@
+name: 'Generate Types for Archaeologist Dig'
+description: 'Generate Types for Archaeologist Dig'
+inputs:
+  sha-file:
+    description: 'File containing sha'
+    required: true
+  filename:
+    description: 'Filename to write types to'
+    required: true
+runs:
+  using: "composite"
+  steps:
+  - name: Generating Types for SHA in ${{ inputs.sha-file }}
+    shell: bash
+    run: |
+      git checkout $(cat ${{ inputs.sha-file }})
+      rm -rf node_modules
+      yarn install --frozen-lockfile --ignore-scripts
+      echo "#!/usr/bin/env node\nglobal.x=1" > node_modules/typescript/bin/tsc
+      node node_modules/.bin/electron-docs-parser --dir=./ --outDir=./ --moduleVersion=0.0.0-development
+      node node_modules/.bin/electron-typescript-definitions --api=electron-api.json --outDir=artifacts
+      mv artifacts/electron.d.ts artifacts/${{ inputs.filename }}
+      git checkout .
+    working-directory: ./electron

.github/actions/install-build-tools/action.yml

@@ -8,4 +8,4 @@ runs:
     run: |
       export BUILD_TOOLS_SHA=d5b87591842be19058e8d75d2c5b7f1fabe9f450
       npm i -g @electron/build-tools
-      e auto-update disable
+      e auto-update disable

.github/actions/restore-cache-aks/action.yml

@@ -33,4 +33,4 @@ runs:
       fi
 
       echo "Wiping Electron Directory"
-      rm -rf src/electron
+      rm -rf src/electron

.github/dependabot.yml

@@ -1,9 +0,0 @@
-# Keep GitHub Actions up to date with GitHub's Dependabot...
-# https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot
-# https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#package-ecosystem
-version: 2
-updates:
-  - package-ecosystem: github-actions
-    directory: /
-    schedule:
-      interval: weekly

.github/workflows/archaeologist-dig.yml

@@ -0,0 +1,61 @@
+name: Archaeologist
+
+on:
+  pull_request:
+
+jobs:
+   archaeologist-dig:
+    name: Archaeologist Dig
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Electron
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.0.2
+        with:
+          fetch-depth: 0
+      - name: Setting Up Dig Site
+        run: |
+          echo "remote: ${{ github.event.pull_request.head.repo.clone_url }}"
+          echo "sha ${{ github.event.pull_request.head.sha }}"
+          echo "base ref ${{ github.event.pull_request.base.ref }}"
+          git clone https://github.com/electron/electron.git electron          
+          cd electron
+          mkdir -p artifacts
+          git remote add fork ${{ github.event.pull_request.head.repo.clone_url }} && git fetch fork
+          git checkout  ${{ github.event.pull_request.head.sha }}
+          git merge-base origin/${{ github.event.pull_request.base.ref }} HEAD > .dig-old
+          echo  ${{ github.event.pull_request.head.sha }} > .dig-new
+          cp .dig-old artifacts
+
+      - name: Generating Types for SHA in .dig-new
+        uses: ./.github/actions/generate-types
+        with:
+          sha-file: .dig-new
+          filename: electron.new.d.ts
+      - name: Generating Types for SHA in .dig-old
+        uses: ./.github/actions/generate-types
+        with:
+          sha-file: .dig-old
+          filename: electron.old.d.ts
+      - name: Upload artifacts
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 #v4.4.0
+        with:
+          name: artifacts
+          path: electron/artifacts
+          include-hidden-files: true
+      - name: Set job output
+        run: |
+          git diff --no-index electron.old.d.ts electron.new.d.ts > patchfile || true
+          if [ -s patchfile ]; then
+            echo "Changes Detected"
+            echo "## Changes Detected" > $GITHUB_STEP_SUMMARY
+            echo "Looks like the \`electron.d.ts\` file changed." >> $GITHUB_STEP_SUMMARY
+            echo "" >> $GITHUB_STEP_SUMMARY
+            echo "\`\`\`\`\`\`diff" >> $GITHUB_STEP_SUMMARY
+            cat patchfile >> $GITHUB_STEP_SUMMARY
+            echo "\`\`\`\`\`\`" >> $GITHUB_STEP_SUMMARY    
+          else
+            echo "No Changes Detected"
+            echo "## No Changes" > $GITHUB_STEP_SUMMARY
+            echo "We couldn't see any changes in the \`electron.d.ts\` artifact" >> $GITHUB_STEP_SUMMARY
+          fi
+        working-directory: ./electron/artifacts

.github/workflows/build.yml

@@ -40,7 +40,7 @@ jobs:
         build-image-sha: ${{ steps.set-output.outputs.build-image-sha }}
         docs-only: ${{ steps.set-output.outputs.docs-only }}
     steps:
-    - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.0.2
+    - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.0.2
     - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
       id: filter
       with:
@@ -94,7 +94,7 @@ jobs:
       build-image-sha: ${{ needs.setup.outputs.build-image-sha }}
     steps:
     - name: Checkout Electron
-      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+      uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
       with:
         path: src/electron
         fetch-depth: 0
@@ -115,11 +115,12 @@ jobs:
         - /var/run/sas:/var/run/sas
     env:
       GCLIENT_EXTRA_ARGS: '--custom-var=checkout_arm=True --custom-var=checkout_arm64=True'
+      PATCH_UP_APP_CREDS: ${{ secrets.PATCH_UP_APP_CREDS }}
     outputs:
       build-image-sha: ${{ needs.setup.outputs.build-image-sha}}
     steps:
     - name: Checkout Electron
-      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+      uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
       with:
         path: src/electron
         fetch-depth: 0
@@ -136,6 +137,7 @@ jobs:
     needs: checkout-macos
     with:
       build-runs-on: macos-14-xlarge
+      check-runs-on: macos-14
       test-runs-on: macos-13
       target-platform: macos
       target-arch: x64
@@ -154,6 +156,7 @@ jobs:
     needs: checkout-macos
     with:
       build-runs-on: macos-14-xlarge
+      check-runs-on: macos-14
       test-runs-on: macos-14
       target-platform: macos
       target-arch: arm64
@@ -172,6 +175,7 @@ jobs:
     needs: checkout-linux
     with:
       build-runs-on: electron-arc-linux-amd64-32core
+      check-runs-on: electron-arc-linux-amd64-8core
       test-runs-on: electron-arc-linux-amd64-4core
       build-container: '{"image":"ghcr.io/electron/build:${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root","volumes":["/mnt/cross-instance-cache:/mnt/cross-instance-cache"]}'
       test-container: '{"image":"ghcr.io/electron/build:${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root --privileged --init"}'
@@ -192,6 +196,7 @@ jobs:
     needs: checkout-linux
     with:
       build-runs-on: electron-arc-linux-amd64-32core
+      check-runs-on: electron-arc-linux-amd64-8core
       test-runs-on: electron-arc-linux-amd64-4core
       build-container: '{"image":"ghcr.io/electron/build:${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root","volumes":["/mnt/cross-instance-cache:/mnt/cross-instance-cache"]}'
       test-container: '{"image":"ghcr.io/electron/build:${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root --privileged --init"}'
@@ -213,6 +218,7 @@ jobs:
     needs: checkout-linux
     with:
       build-runs-on: electron-arc-linux-amd64-32core
+      check-runs-on: electron-arc-linux-amd64-8core
       test-runs-on: electron-arc-linux-arm64-4core
       build-container: '{"image":"ghcr.io/electron/build:${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root","volumes":["/mnt/cross-instance-cache:/mnt/cross-instance-cache"]}'
       test-container: '{"image":"ghcr.io/electron/test:arm32v7-${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root --privileged --init","volumes":["/home/runner/externals:/mnt/runner-externals"]}'
@@ -233,6 +239,7 @@ jobs:
     needs: checkout-linux
     with:
       build-runs-on: electron-arc-linux-amd64-32core
+      check-runs-on: electron-arc-linux-amd64-8core
       test-runs-on: electron-arc-linux-arm64-4core
       build-container: '{"image":"ghcr.io/electron/build:${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root","volumes":["/mnt/cross-instance-cache:/mnt/cross-instance-cache"]}'
       test-container: '{"image":"ghcr.io/electron/test:arm64v8-${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root --privileged --init"}'
@@ -242,4 +249,4 @@ jobs:
       gn-build-type: testing
       generate-symbols: false
       upload-to-storage: '0'
-    secrets: inherit
+    secrets: inherit

.github/workflows/issue-labeled.yml

@@ -8,24 +8,6 @@ permissions:  # added using https://github.com/step-security/secure-workflows
   contents: read
 
 jobs:
-  issue-labeled-with-status:
-    name: status/{confirmed,reviewed} label added
-    if: github.event.label.name == 'status/confirmed' || github.event.label.name == 'status/reviewed'
-    runs-on: ubuntu-latest
-    steps:
-      - name: Generate GitHub App token
-        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
-        id: generate-token
-        with:
-          creds: ${{ secrets.ISSUE_TRIAGE_GH_APP_CREDS }}
-          org: electron
-      - name: Set status
-        uses: dsanders11/project-actions/edit-item@eb760c48894b5702398529cbb8f6e98378e315d0 # v1.3.0
-        with:
-          token: ${{ steps.generate-token.outputs.token }}
-          project-number: 90
-          field: Status
-          field-value: ✅ Triaged
   issue-labeled-blocked:
     name: blocked/* label added
     if: startsWith(github.event.label.name, 'blocked/')

.github/workflows/issue-opened.yml

@@ -25,91 +25,3 @@ jobs:
           field-value: ${{ github.event.issue.user.login }}
           project-number: 90
           token: ${{ steps.generate-token.outputs.token }}
-  set-labels:
-    if: ${{ contains(github.event.issue.labels.*.name, 'bug :beetle:') }}
-    runs-on: ubuntu-latest
-    steps:
-      - name: Generate GitHub App token
-        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
-        id: generate-token
-        with:
-          creds: ${{ secrets.ISSUE_TRIAGE_GH_APP_CREDS }}
-          org: electron
-      - run: npm install @electron/fiddle-core@1.3.3 mdast-util-from-markdown@2.0.0 unist-util-select@5.1.0 semver@7.6.0
-      - name: Add labels
-        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
-        id: add-labels
-        env:
-          ISSUE_BODY: ${{ github.event.issue.body }}
-        with:
-          github-token: ${{ steps.generate-token.outputs.token }}
-          script: |
-            const { fromMarkdown } = await import('${{ github.workspace }}/node_modules/mdast-util-from-markdown/index.js');
-            const { select } = await import('${{ github.workspace }}/node_modules/unist-util-select/index.js');
-            const semver = await import('${{ github.workspace }}/node_modules/semver/index.js');
-
-            const [ owner, repo ] = '${{ github.repository }}'.split('/');
-            const issue_number = ${{ github.event.issue.number }};
-
-            const tree = fromMarkdown(process.env.ISSUE_BODY);
-
-            const labels = [];
-
-            const electronVersion = select('heading:has(> text[value="Electron Version"]) + paragraph > text', tree)?.value.trim();
-            if (electronVersion !== undefined) {
-              const major = semver.parse(electronVersion)?.major;
-              if (major) {
-                const versionLabel = `${major}-x-y`;
-                let labelExists = false;
-
-                try {
-                  await github.rest.issues.getLabel({
-                    owner,
-                    repo,
-                    name: versionLabel,
-                  });
-                  labelExists = true;
-                } catch {}
-
-                if (labelExists) {
-                  // Check if it's an unsupported major
-                  const { ElectronVersions } = await import('${{ github.workspace }}/node_modules/@electron/fiddle-core/dist/index.js');
-                  const versions = await ElectronVersions.create(undefined, { ignoreCache: true });
-
-                  if (!versions.supportedMajors.includes(major)) {
-                    core.setOutput('unsupportedMajor', true);
-                    labels.push('blocked/need-info ❌');
-                  }
-
-                  labels.push(versionLabel);
-                }
-              }
-            }
-
-            const gistUrl = select('heading:has(> text[value="Testcase Gist URL"]) + paragraph > text', tree)?.value.trim();
-            if (gistUrl !== undefined && gistUrl.startsWith('https://gist.github.com/')) {
-              labels.push('has-repro-gist');
-            }
-
-            if (labels.length) {
-              await github.rest.issues.addLabels({
-                owner,
-                repo,
-                issue_number,
-                labels,
-              });
-            }
-      - name: Create unsupported major comment
-        if: ${{ steps.add-labels.outputs.unsupportedMajor }}
-        uses: actions-cool/issues-helper@a610082f8ac0cf03e357eb8dd0d5e2ba075e017e # v3.6.0
-        with:
-          actions: 'create-comment'
-          token: ${{ steps.generate-token.outputs.token }}
-          body: |
-            <!-- end-of-life -->
-
-            Hello @${{ github.event.issue.user.login }}. Thanks for reporting this and helping to make Electron better!
-            
-            The version of Electron reported in this issue has reached end-of-life and is [no longer supported](https://www.electronjs.org/docs/latest/tutorial/electron-timelines#timeline). If you're still experiencing this issue on a [supported version](https://www.electronjs.org/releases/stable) of Electron, please update this issue to reflect that version of Electron.
-
-            Now adding the https://github.com/electron/electron/labels/blocked%2Fneed-info%20%E2%9D%8C label for this reason. This issue will be closed in 10 days if the above is not addressed.

.github/workflows/linux-publish.yml

@@ -30,7 +30,7 @@ jobs:
       GCLIENT_EXTRA_ARGS: '--custom-var=checkout_arm=True --custom-var=checkout_arm64=True'
     steps:
     - name: Checkout Electron
-      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+      uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
       with:
         path: src/electron
         fetch-depth: 0
@@ -83,4 +83,4 @@ jobs:
       generate-symbols: true
       strip-binaries: true
       upload-to-storage: ${{ inputs.upload-to-storage }}
-    secrets: inherit
+    secrets: inherit

.github/workflows/macos-publish.yml

@@ -31,7 +31,7 @@ jobs:
       GCLIENT_EXTRA_ARGS: '--custom-var=checkout_mac=True --custom-var=host_os=mac'
     steps:
     - name: Checkout Electron
-      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+      uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
       with:
         path: src/electron
         fetch-depth: 0
@@ -40,7 +40,7 @@ jobs:
       with:
         generate-sas-token: 'true'
 
-  publish-x64:
+  publish-x64-darwin:
     uses: ./.github/workflows/pipeline-segment-electron-build.yml
     needs: checkout-macos
     with:
@@ -48,13 +48,29 @@ jobs:
       build-runs-on: macos-14-xlarge
       target-platform: macos
       target-arch: x64
+      target-variant: darwin
       is-release: true
       gn-build-type: release
       generate-symbols: true
       upload-to-storage: ${{ inputs.upload-to-storage }}
     secrets: inherit
 
-  publish-arm64:
+  publish-x64-mas:
+    uses: ./.github/workflows/pipeline-segment-electron-build.yml
+    needs: checkout-macos
+    with:
+      environment: production-release
+      build-runs-on: macos-14-xlarge
+      target-platform: macos
+      target-arch: x64
+      target-variant: mas
+      is-release: true
+      gn-build-type: release
+      generate-symbols: true
+      upload-to-storage: ${{ inputs.upload-to-storage }}
+    secrets: inherit
+
+  publish-arm64-darwin:
     uses: ./.github/workflows/pipeline-segment-electron-build.yml
     needs: checkout-macos
     with:
@@ -62,8 +78,24 @@ jobs:
       build-runs-on: macos-14-xlarge
       target-platform: macos
       target-arch: arm64
+      target-variant: darwin
       is-release: true
       gn-build-type: release
       generate-symbols: true
       upload-to-storage: ${{ inputs.upload-to-storage }}
     secrets: inherit
+
+  publish-arm64-mas:
+    uses: ./.github/workflows/pipeline-segment-electron-build.yml
+    needs: checkout-macos
+    with:
+      environment: production-release
+      build-runs-on: macos-14-xlarge
+      target-platform: macos
+      target-arch: arm64
+      target-variant: mas
+      is-release: true
+      gn-build-type: release
+      generate-symbols: true
+      upload-to-storage: ${{ inputs.upload-to-storage }}
+    secrets: inherit

.github/workflows/non-maintainer-dependency-change.yml

@@ -1,37 +0,0 @@
-name: Check for Non-Maintainer Dependency Change
-
-on:
-  pull_request_target:
-    paths:
-      - 'yarn.lock'
-      - 'spec/yarn.lock'
-
-permissions: {}
-
-jobs:
-  check-for-non-maintainer-dependency-change:
-    name: Check for non-maintainer dependency change
-    if: ${{ !contains(fromJSON('["MEMBER", "OWNER"]'), github.event.pull_request.author_association) && github.event.pull_request.user.type != 'Bot' && !github.event.pull_request.draft }}
-    permissions:
-      contents: read
-      pull-requests: write
-    runs-on: ubuntu-latest
-    steps:
-      - name: Check for existing review
-        id: check-for-review
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          PR_URL: ${{ github.event.pull_request.html_url }}
-        run: |
-          set -eo pipefail
-          REVIEW_COUNT=$(gh pr view $PR_URL --json reviews | jq '[ .reviews[] | select(.author.login == "github-actions") | select(.body | startswith("<!-- no-dependency-change -->")) ] | length')
-          if [[ $REVIEW_COUNT -eq 0 ]]; then
-            echo "SHOULD_REVIEW=1" >> "$GITHUB_OUTPUT"
-          fi
-      - name: Request changes
-        if: ${{ steps.check-for-review.outputs.SHOULD_REVIEW }}
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          PR_URL: ${{ github.event.pull_request.html_url }}
-        run: |
-          printf "<!-- no-dependency-change -->\n\nHello @${{ github.event.pull_request.user.login }}! It looks like this pull request touches one of our dependency files, and per [our contribution policy](https://github.com/electron/electron/blob/main/CONTRIBUTING.md#dependencies-upgrades-policy) we do not accept these types of changes in PRs." | gh pr review $PR_URL -r --body-file=-

.github/workflows/pipeline-electron-build-and-test-and-nan.yml

@@ -15,6 +15,10 @@ on:
         type: string
         description: 'What host to run the build'
         required: true
+      check-runs-on:
+        type: string
+        description: 'What host to run the gn-check'
+        required: true
       test-runs-on:
         type: string
         description: 'What host to run the tests on'
@@ -77,7 +81,7 @@ jobs:
     with:
       target-platform: ${{ inputs.target-platform }}
       target-arch: ${{ inputs.target-arch }}
-      check-runs-on: ${{ inputs.build-runs-on }}
+      check-runs-on: ${{ inputs.check-runs-on }}
       check-container: ${{ inputs.build-container }}
       gn-build-type: ${{ inputs.gn-build-type }}
       is-asan: ${{ inputs.is-asan }}
@@ -100,4 +104,4 @@ jobs:
       test-runs-on: ${{ inputs.test-runs-on }}
       test-container: ${{ inputs.test-container }}
       gn-build-type: ${{ inputs.gn-build-type }}
-    secrets: inherit
+    secrets: inherit

.github/workflows/pipeline-electron-build-and-test.yml

@@ -15,6 +15,10 @@ on:
         type: string
         description: 'What host to run the build'
         required: true
+      check-runs-on:
+        type: string
+        description: 'What host to run the gn-check'
+        required: true
       test-runs-on:
         type: string
         description: 'What host to run the tests on'
@@ -83,7 +87,7 @@ jobs:
     with:
       target-platform: ${{ inputs.target-platform }}
       target-arch: ${{ inputs.target-arch }}
-      check-runs-on: ${{ inputs.build-runs-on }}
+      check-runs-on: ${{ inputs.check-runs-on }}
       check-container: ${{ inputs.build-container }}
       gn-build-type: ${{ inputs.gn-build-type }}
       is-asan: ${{ inputs.is-asan }}
@@ -97,4 +101,4 @@ jobs:
       test-runs-on: ${{ inputs.test-runs-on }}
       test-container: ${{ inputs.test-container }}
       is-asan: ${{ inputs.is-asan}}
-    secrets: inherit
+    secrets: inherit

.github/workflows/pipeline-electron-docs-only.yml

@@ -20,7 +20,7 @@ jobs:
     container: ${{ fromJSON(inputs.container) }}
     steps:
     - name: Checkout Electron
-      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+      uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
       with:
         path: src/electron
         fetch-depth: 0
@@ -40,4 +40,4 @@ jobs:
             if [ "$out" != "base.js" ]; then
             node script/yarn webpack --config $f --output-filename=$out --output-path=./.tmp --env mode=development
             fi
-        done
+        done

.github/workflows/pipeline-electron-lint.yml

@@ -20,7 +20,7 @@ jobs:
     container: ${{ fromJSON(inputs.container) }}
     steps:
     - name: Checkout Electron
-      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+      uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
       with:
         path: src/electron
         fetch-depth: 0
@@ -53,10 +53,10 @@ jobs:
       run: |
         chromium_revision="$(grep -A1 chromium_version src/electron/DEPS | tr -d '\n' | cut -d\' -f4)"
 
-        mkdir -p src/buildtools
-        curl -sL "https://chromium.googlesource.com/chromium/src/+/${chromium_revision}/buildtools/DEPS?format=TEXT" | base64 -d > src/buildtools/DEPS
+        sha1_path='buildtools/linux64/clang-format.sha1'
+        curl -sL "https://chromium.googlesource.com/chromium/src/+/${chromium_revision}/${sha1_path}?format=TEXT" | base64 -d > "src/${sha1_path}"
 
-        gclient sync --spec="solutions=[{'name':'src/buildtools','url':None,'deps_file':'DEPS','custom_vars':{'process_deps':True},'managed':False}]"
+        download_from_google_storage.py --no_resume --no_auth --bucket chromium-clang-format -s "src/${sha1_path}"
     - name: Run Lint
       shell: bash
       run: |

.github/workflows/pipeline-segment-electron-build.yml

@@ -15,6 +15,10 @@ on:
         type: string
         description: 'Arch to build for, can be x64, arm64 or arm'
         required: true
+      target-variant:
+        type: string
+        description: 'Variant to build for, no effect on non-macOS target platforms. Can be darwin, mas or all.'
+        default: all
       build-runs-on:
         type: string
         description: 'What host to run the build'
@@ -57,13 +61,14 @@ on:
 
 
 concurrency:
-  group: electron-build-${{ inputs.target-platform }}-${{ inputs.target-arch }}-${{ inputs.is-asan }}-${{ github.ref }}
+  group: electron-build-${{ inputs.target-platform }}-${{ inputs.target-arch }}-${{ inputs.target-variant }}-${{ inputs.is-asan }}-${{ github.ref }}
   cancel-in-progress: ${{ github.ref != 'refs/heads/main' && !endsWith(github.ref, '-x-y') }}
 
 env:
   ELECTRON_ARTIFACTS_BLOB_STORAGE: ${{ secrets.ELECTRON_ARTIFACTS_BLOB_STORAGE }}
   ELECTRON_RBE_JWT: ${{ secrets.ELECTRON_RBE_JWT }}
-  ELECTRON_GITHUB_TOKEN: ${{ secrets.ELECTRON_GITHUB_TOKEN }}
+  SUDOWOODO_EXCHANGE_URL: ${{ secrets.SUDOWOODO_EXCHANGE_URL }}
+  SUDOWOODO_EXCHANGE_TOKEN: ${{ secrets.SUDOWOODO_EXCHANGE_TOKEN }}
   GCLIENT_EXTRA_ARGS: ${{ inputs.target-platform == 'macos' && '--custom-var=checkout_mac=True --custom-var=host_os=mac' || '--custom-var=checkout_arm=True --custom-var=checkout_arm64=True' }}
   ELECTRON_OUT_DIR: Default
 
@@ -78,13 +83,19 @@ jobs:
     - name: Create src dir
       run: mkdir src
     - name: Checkout Electron
-      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+      uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
       with:
         path: src/electron
         fetch-depth: 0
+    - name: Free up space (macOS)
+      if: ${{ inputs.target-platform == 'macos' }}
+      uses: ./src/electron/.github/actions/free-space-macos
+    - name: Check disk space after freeing up space
+      if: ${{ inputs.target-platform == 'macos' }}
+      run: df -h
     - name: Setup Node.js/npm
       if: ${{ inputs.target-platform == 'macos' }}
-      uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b
+      uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6
       with:
         node-version: 20.11.x
         cache: yarn
@@ -145,7 +156,7 @@ jobs:
       if: ${{ inputs.target-platform == 'linux' }}
       uses: ./src/electron/.github/actions/restore-cache-aks
     - name: Checkout Electron
-      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+      uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
       with:
         path: src/electron
         fetch-depth: 0
@@ -182,6 +193,7 @@ jobs:
       if: ${{ inputs.target-platform == 'macos' }}
       uses: ./src/electron/.github/actions/free-space-macos
     - name: Build Electron
+      if: ${{ inputs.target-platform != 'macos' || (inputs.target-variant == 'all' || inputs.target-variant == 'darwin') }}
       uses: ./src/electron/.github/actions/build-electron
       with:
         target-arch: ${{ inputs.target-arch }}
@@ -193,13 +205,13 @@ jobs:
         upload-to-storage: '${{ inputs.upload-to-storage }}'
         is-asan: '${{ inputs.is-asan }}'
     - name: Set GN_EXTRA_ARGS for MAS Build
-      if: ${{ inputs.target-platform == 'macos' }}
+      if: ${{ inputs.target-platform == 'macos' && (inputs.target-variant == 'all' || inputs.target-variant == 'mas') }}
       run: |
         echo "MAS_BUILD=true" >> $GITHUB_ENV
         GN_EXTRA_ARGS='is_mas_build=true'
         echo "GN_EXTRA_ARGS=$GN_EXTRA_ARGS" >> $GITHUB_ENV
     - name: Build Electron (MAS)
-      if: ${{ inputs.target-platform == 'macos' }}
+      if: ${{ inputs.target-platform == 'macos' && (inputs.target-variant == 'all' || inputs.target-variant == 'mas') }}
       uses: ./src/electron/.github/actions/build-electron
       with:
         target-arch: ${{ inputs.target-arch }}
@@ -208,4 +220,4 @@ jobs:
         is-release: '${{ inputs.is-release }}'
         generate-symbols: '${{ inputs.generate-symbols }}'
         upload-to-storage: '${{ inputs.upload-to-storage }}'
-        step-suffix: '(mas)'
+        step-suffix: '(mas)'

.github/workflows/pipeline-segment-electron-gn-check.yml

@@ -50,10 +50,27 @@ jobs:
       TARGET_ARCH: ${{ inputs.target-arch }}
     steps:
     - name: Checkout Electron
-      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+      uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
       with:
         path: src/electron
         fetch-depth: 0
+    - name: Cleanup disk space on macOS
+      if: ${{ inputs.target-platform == 'macos' }}
+      shell: bash
+      run: |   
+        sudo mkdir -p $TMPDIR/del-target
+
+        tmpify() {
+          if [ -d "$1" ]; then
+            sudo mv "$1" $TMPDIR/del-target/$(echo $1|shasum -a 256|head -n1|cut -d " " -f1)
+          fi
+        }   
+        tmpify /Library/Developer/CoreSimulator
+        tmpify ~/Library/Developer/CoreSimulator
+        sudo rm -rf $TMPDIR/del-target
+    - name: Check disk space after freeing up space
+      if: ${{ inputs.target-platform == 'macos' }}
+      run: df -h        
     - name: Install Build Tools
       uses: ./src/electron/.github/actions/install-build-tools
     - name: Init Build Tools
@@ -111,7 +128,7 @@ jobs:
     - name: Add CHROMIUM_BUILDTOOLS_PATH to env
       run: echo "CHROMIUM_BUILDTOOLS_PATH=$(pwd)/src/buildtools" >> $GITHUB_ENV
     - name: Checkout Electron
-      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+      uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
       with:
         path: src/electron
         fetch-depth: 0
@@ -138,4 +155,4 @@ jobs:
         while [ -f /var/.ssh-lock ]
         do
           sleep 60
-        done
+        done

.github/workflows/pipeline-segment-electron-test.yml

@@ -38,7 +38,6 @@ permissions:
 env:
   ELECTRON_OUT_DIR: Default
   ELECTRON_RBE_JWT: ${{ secrets.ELECTRON_RBE_JWT }}
-  ELECTRON_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
 jobs:
   test:
@@ -92,7 +91,7 @@ jobs:
           fi
         done
     - name: Checkout Electron
-      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+      uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
       with:
         path: src/electron
         fetch-depth: 0
@@ -148,17 +147,21 @@ jobs:
         sudo security authorizationdb write com.apple.trust-settings.admin allow
         cd src/electron
         ./script/codesign/generate-identity.sh
+    - name: Install Datadog CLI
+      run: |
+        cd src/electron
+        node script/yarn global add @datadog/datadog-ci
     - name: Run Electron Tests
       shell: bash
       env:
         MOCHA_REPORTER: mocha-multi-reporters
-        ELECTRON_TEST_RESULTS_DIR: junit
         MOCHA_MULTI_REPORTERS: mocha-junit-reporter, tap
         ELECTRON_DISABLE_SECURITY_WARNINGS: 1
         ELECTRON_SKIP_NATIVE_MODULE_TESTS: true
         DISPLAY: ':99.0'
       run: |
         cd src/electron
+        export ELECTRON_TEST_RESULTS_DIR=`pwd`/junit
         # Get which tests are on this shard
         tests_files=$(node script/split-tests ${{ matrix.shard }} ${{ inputs.target-platform == 'macos' && 2 || 3 }})
 
@@ -187,17 +190,22 @@ jobs:
             runuser -u builduser -- xvfb-run script/actions/run-tests.sh script/yarn test --runners=main --trace-uncaught --enable-logging --files $tests_files
           fi
         fi
-    - name: Upload Test Artifacts
+    - name: Upload Test results to Datadog
+      env:
+        DD_ENV: ci
+        DD_SERVICE: electron
+        DD_API_KEY: ${{ secrets.DD_API_KEY }}
+        DD_CIVISIBILITY_LOGS_ENABLED: true
+        DD_TAGS: "os.architecture:${{ inputs.target-arch }},os.family:${{ inputs.target-platform }},os.platform:${{ inputs.target-platform }},asan:${{ inputs.is-asan }}"
+      run: |
+        if ! [ -z $DD_API_KEY ]; then
+          datadog-ci junit upload src/electron/junit/test-results-main.xml
+        fi          
       if: always() && !cancelled()
-      uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808
-      with:
-        name: test_artifacts_${{ env.ARTIFACT_KEY }}
-        path: src/electron/spec/artifacts
-        if-no-files-found: ignore
     - name: Wait for active SSH sessions
       if: always() && !cancelled()
       run: |
         while [ -f /var/.ssh-lock ]
         do
           sleep 60
-        done
+        done

.github/workflows/pipeline-segment-node-nan-test.yml

@@ -45,7 +45,7 @@ jobs:
     container: ${{ fromJSON(inputs.test-container) }}
     steps:
     - name: Checkout Electron
-      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+      uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
       with:
         path: src/electron
         fetch-depth: 0
@@ -109,7 +109,7 @@ jobs:
     container: ${{ fromJSON(inputs.test-container) }}
     steps:
     - name: Checkout Electron
-      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+      uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
       with:
         path: src/electron
         fetch-depth: 0
@@ -152,7 +152,7 @@ jobs:
         unzip -:o dist.zip
     - name: Setup Linux for Headless Testing
       run: sh -e /etc/init.d/xvfb start
-    - name: Run Nan Tests
+    - name: Run Node.js Tests
       run: |
         cd src
         node electron/script/nan-spec-runner.js
@@ -162,4 +162,4 @@ jobs:
         while [ -f /var/.ssh-lock ]
         do
           sleep 60
-        done
+        done

.github/workflows/pull-request-labeled.yml

@@ -13,7 +13,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Trigger Slack workflow
-        uses: slackapi/slack-github-action@70cd7be8e40a46e8b0eced40b0de447bdb42f68e # v1.26.0
+        uses: slackapi/slack-github-action@37ebaef184d7626c5f204ab8d3baff4262dd30f0 # v1.27.0
         with:
           payload: |
             {

.github/workflows/scorecards.yml

@@ -22,13 +22,13 @@ jobs:
 
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
         with:
           persist-credentials: false
 
       # This is a pre-submit / pre-release.
       - name: "Run analysis"
-        uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3
+        uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1
         with:
           results_file: results.sarif
           results_format: sarif
@@ -42,7 +42,7 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
         with:
           name: SARIF file
           path: results.sarif
@@ -50,6 +50,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@4fa2a7953630fd2f3fb380f21be14ede0169dd4f # v3.25.12
+        uses: github/codeql-action/upload-sarif@294a9d92911152fe08befb9ec03e240add280cb3 # v3.26.8
         with:
           sarif_file: results.sarif

.github/workflows/update_appveyor_image.yml

@@ -6,23 +6,22 @@ on:
   schedule:
     - cron: '0 8 * * 1-5' # runs 8:00 every business day (see https://crontab.guru)
 
-permissions: {}
+permissions:
+  contents: write
+  pull-requests: write
 
 jobs:
   bake-appveyor-image:
     name: Bake AppVeyor Image
+    permissions:
+      contents: write
+      pull-requests: write  # to create a new PR with updated Appveyor images
     runs-on: ubuntu-latest
     steps:
-    - name: Generate GitHub App token
-      uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
-      id: generate-token
-      with:
-        creds: ${{ secrets.APPVEYOR_UPDATER_GH_APP_CREDS }}
     - name: Checkout
-      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+      uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
       with:
         fetch-depth: 0
-        token: ${{ steps.generate-token.outputs.token }}
     - name: Yarn install
       run: |
         node script/yarn.js install --frozen-lockfile
@@ -39,7 +38,7 @@ jobs:
         fi
     - name: (Optionally) Update Appveyor Image
       if: ${{ env.APPVEYOR_IMAGE_VERSION }}
-      uses: mikefarah/yq@f15500b20a1c991c8729870ba60a4dc3524b6a94 # v4.44.2
+      uses: mikefarah/yq@bbdd97482f2d439126582a59689eb1c855944955 # v4.44.3
       with:
         cmd: |
           yq '.image = "${{ env.APPVEYOR_IMAGE_VERSION }}"' "appveyor.yml" > "appveyor2.yml"
@@ -50,24 +49,26 @@ jobs:
         diff -w -B appveyor.yml appveyor2.yml > appveyor.diff || true
         patch -f appveyor.yml < appveyor.diff
         rm appveyor2.yml appveyor.diff
-        git add appveyor.yml
     - name: (Optionally) Generate Commit Diff for WOA
       if: ${{ env.APPVEYOR_IMAGE_VERSION }}
       run: |
         diff -w -B appveyor-woa.yml appveyor-woa2.yml > appveyor-woa.diff || true
         patch -f appveyor-woa.yml < appveyor-woa.diff
         rm appveyor-woa2.yml appveyor-woa.diff
-        git add appveyor-woa.yml
-    - name: (Optionally) Commit to Branch
+    - name: (Optionally) Commit and Pull Request
       if: ${{ env.APPVEYOR_IMAGE_VERSION }}
-      uses: dsanders11/github-app-commit-action@48d2ff8c1a855eb15d16afa97ae12616456d7cbc # v1.4.0
+      uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5
       with:
-        message: 'build: update appveyor image to latest version'
-        ref: bump-appveyor-image
-        token: ${{ steps.generate-token.outputs.token }}
-    - name: (Optionally) Create Pull Request
-      if: ${{ env.APPVEYOR_IMAGE_VERSION }}
-      run: |
-        printf "This PR updates appveyor.yml to the latest baked image, ${{ env.APPVEYOR_IMAGE_VERSION }}.\n\nNotes: none" | gh pr create --head bump-appveyor-image --label no-backport --label semver/none --title 'build: update appveyor image to latest version' --body-file=-
-      env:
-        GITHUB_TOKEN: ${{ steps.generate-token.outputs.token }}
+        token: ${{ secrets.GITHUB_TOKEN }}
+        commit-message: 'build: update appveyor image to latest version'
+        committer: GitHub <noreply@github.com>
+        author: ${{ github.actor }} <${{ github.actor }}@users.noreply.github.com>
+        signoff: false
+        branch: bump-appveyor-image
+        delete-branch: true
+        reviewers: electron/wg-releases
+        title: 'build: update appveyor image to latest version'
+        labels: semver/none,no-backport
+        body: |
+          This PR updates appveyor.yml to the latest baked image, ${{ env.APPVEYOR_IMAGE_VERSION }}.
+          Notes: none

.lint-roller.json

@@ -1,13 +0,0 @@
-{
-  "markdown-ts-check": {
-    "defaultImports": [
-      "import * as childProcess from 'node:child_process'",
-      "import * as fs from 'node:fs'",
-      "import * as path from 'node:path'",
-      "import { app, autoUpdater, contextBridge, crashReporter, dialog, BrowserWindow, ipcMain, ipcRenderer, Menu, MessageChannelMain, nativeImage, net, protocol, session, systemPreferences, Tray, utilityProcess, webFrame, webFrameMain } from 'electron'"
-    ],
-    "typings": [
-      "../electron.d.ts"
-    ]
-  }
-}

.markdownlint-cli2.jsonc

@@ -1,28 +0,0 @@
-{
-  "config": {
-    "extends": "@electron/lint-roller/configs/markdownlint.json",
-    "link-image-style": {
-      "autolink": false,
-      "shortcut": false
-    },
-    "no-angle-brackets": true,
-    "no-curly-braces": true,
-    "no-inline-html": {
-      "allowed_elements": [
-        "br",
-        "details",
-        "img",
-        "li",
-        "summary",
-        "ul",
-        "unknown",
-        "Tabs",
-        "TabItem"
-      ]
-    },
-    "no-newline-in-links": true
-  },
-  "customRules": [
-    "@electron/lint-roller/markdownlint-rules/"
-  ]
-}

.markdownlint.autofix.json

@@ -0,0 +1,6 @@
+{
+  "default": false,
+  "no-trailing-spaces": {
+    "br_spaces": 0
+  }
+}

.markdownlint.json

@@ -0,0 +1,17 @@
+{
+  "extends": "@electron/lint-roller/configs/markdownlint.json",
+  "no-angle-brackets": true,
+  "no-inline-html": {
+    "allowed_elements": [
+      "br",
+      "details",
+      "img",
+      "li",
+      "summary",
+      "ul",
+      "unknown",
+      "Tabs",
+      "TabItem",
+    ]
+  }
+}

.nvmrc

@@ -1 +1 @@
-20
+16

BUILD.gn

@@ -34,6 +34,7 @@ import("js2c_toolchain.gni")
 if (is_mac) {
   import("//build/config/mac/rules.gni")
   import("//third_party/icu/config.gni")
+  import("//ui/gl/features.gni")
   import("//v8/gni/v8.gni")
   import("build/rules.gni")
 
@@ -436,7 +437,6 @@ source_set("electron_lib") {
     "//components/certificate_transparency",
     "//components/compose:buildflags",
     "//components/embedder_support:browser_util",
-    "//components/input:input",
     "//components/language/core/browser",
     "//components/net_log",
     "//components/network_hints/browser",
@@ -465,7 +465,6 @@ source_set("electron_lib") {
     "//gin",
     "//media/capture/mojom:video_capture",
     "//media/mojo/mojom",
-    "//media/mojo/mojom:web_speech_recognition",
     "//net:extras",
     "//net:net_resources",
     "//printing/buildflags",
@@ -497,7 +496,6 @@ source_set("electron_lib") {
     "//ui/native_theme",
     "//ui/shell_dialogs",
     "//ui/views",
-    "//ui/views/controls/webview",
     "//v8",
     "//v8:v8_libplatform",
   ]
@@ -633,6 +631,7 @@ source_set("electron_lib") {
       "//ui/gtk:gtk_config",
       "//ui/linux:linux_ui",
       "//ui/linux:linux_ui_factory",
+      "//ui/views/controls/webview",
       "//ui/wm",
     ]
     if (ozone_platform_x11) {
@@ -659,9 +658,9 @@ source_set("electron_lib") {
     libs += [ "dwmapi.lib" ]
     sources += [ "shell/common/asar/archive_win.cc" ]
     deps += [
-      "//components/app_launch_prefetch",
       "//components/crash/core/app:crash_export_thunks",
       "//ui/native_theme:native_theme_browser",
+      "//ui/views/controls/webview",
       "//ui/wm",
       "//ui/wm/public",
     ]
@@ -742,9 +741,9 @@ source_set("electron_lib") {
       "//components/pdf/browser",
       "//components/pdf/browser:interceptors",
       "//components/pdf/common:constants",
-      "//components/pdf/common:util",
       "//components/pdf/renderer",
       "//pdf",
+      "//pdf:content_restriction",
     ]
     sources += [
       "shell/browser/electron_pdf_document_helper_client.cc",
@@ -811,33 +810,37 @@ if (is_mac) {
     group("electron_framework_libraries") {
     }
   }
+  if (use_egl) {
+    # Add the ANGLE .dylibs in the Libraries directory of the Framework.
+    bundle_data("electron_angle_binaries") {
+      sources = [
+        "$root_out_dir/egl_intermediates/libEGL.dylib",
+        "$root_out_dir/egl_intermediates/libGLESv2.dylib",
+      ]
+      outputs = [ "{{bundle_contents_dir}}/Libraries/{{source_file_part}}" ]
+      public_deps = [ "//ui/gl:angle_library_copy" ]
+    }
 
-  # Add the ANGLE .dylibs in the Libraries directory of the Framework.
-  bundle_data("electron_angle_binaries") {
-    sources = [
-      "$root_out_dir/egl_intermediates/libEGL.dylib",
-      "$root_out_dir/egl_intermediates/libGLESv2.dylib",
-    ]
-    outputs = [ "{{bundle_contents_dir}}/Libraries/{{source_file_part}}" ]
-    public_deps = [ "//ui/gl:angle_library_copy" ]
+    # Add the SwiftShader .dylibs in the Libraries directory of the Framework.
+    bundle_data("electron_swiftshader_binaries") {
+      sources = [
+        "$root_out_dir/vk_intermediates/libvk_swiftshader.dylib",
+        "$root_out_dir/vk_intermediates/vk_swiftshader_icd.json",
+      ]
+      outputs = [ "{{bundle_contents_dir}}/Libraries/{{source_file_part}}" ]
+      public_deps = [ "//ui/gl:swiftshader_vk_library_copy" ]
+    }
   }
-
-  # Add the SwiftShader .dylibs in the Libraries directory of the Framework.
-  bundle_data("electron_swiftshader_binaries") {
-    sources = [
-      "$root_out_dir/vk_intermediates/libvk_swiftshader.dylib",
-      "$root_out_dir/vk_intermediates/vk_swiftshader_icd.json",
-    ]
-    outputs = [ "{{bundle_contents_dir}}/Libraries/{{source_file_part}}" ]
-    public_deps = [ "//ui/gl:swiftshader_vk_library_copy" ]
-  }
-
   group("electron_angle_library") {
-    deps = [ ":electron_angle_binaries" ]
+    if (use_egl) {
+      deps = [ ":electron_angle_binaries" ]
+    }
   }
 
   group("electron_swiftshader_library") {
-    deps = [ ":electron_swiftshader_binaries" ]
+    if (use_egl) {
+      deps = [ ":electron_swiftshader_binaries" ]
+    }
   }
 
   bundle_data("electron_crashpad_helper") {
@@ -850,7 +853,7 @@ if (is_mac) {
     if (is_asan) {
       # crashpad_handler requires the ASan runtime at its @executable_path.
       sources += [ "$root_out_dir/libclang_rt.asan_osx_dynamic.dylib" ]
-      public_deps += [ "//build/config/sanitizers:copy_sanitizer_runtime" ]
+      public_deps += [ "//build/config/sanitizers:copy_asan_runtime" ]
     }
   }
 

DEPS

@@ -2,9 +2,9 @@ gclient_gn_args_from = 'src'
 
 vars = {
   'chromium_version':
-    '128.0.6573.0',
+    '124.0.6367.243',
   'node_version':
-    'v20.15.1',
+    'v20.16.0',
   'nan_version':
     'e14bdcd1f72d62bca1d541b66da43130384ec213',
   'squirrel.mac_version':
@@ -48,9 +48,6 @@ vars = {
   # It's only needed to parse the native tests configurations.
   'checkout_pyyaml': False,
 
-  # Can be used to disable the sysroot hooks.
-  'install_sysroot': True,
-
   'use_rts': False,
 
   'mac_xcode_version': 'default',
@@ -164,54 +161,6 @@ hooks = [
       'import os, subprocess; os.chdir(os.path.join("src", "electron")); subprocess.check_call(["python3", "script/lib/npx.py", "yarn@' + (Var("yarn_version")) + '", "install", "--frozen-lockfile"]);',
     ],
   },
-  {
-    'name': 'sysroot_arm',
-    'pattern': '.',
-    'condition': 'install_sysroot and checkout_linux and checkout_arm',
-    'action': ['python3', 'src/build/linux/sysroot_scripts/install-sysroot.py',
-               '--sysroots-json-path=' + Var('sysroots_json_path'),
-               '--arch=arm'],
-  },
-  {
-    'name': 'sysroot_arm64',
-    'pattern': '.',
-    'condition': 'install_sysroot and checkout_linux and checkout_arm64',
-    'action': ['python3', 'src/build/linux/sysroot_scripts/install-sysroot.py',
-               '--sysroots-json-path=' + Var('sysroots_json_path'),
-               '--arch=arm64'],
-  },
-  {
-    'name': 'sysroot_x86',
-    'pattern': '.',
-    'condition': 'install_sysroot and checkout_linux and (checkout_x86 or checkout_x64)',
-    'action': ['python3', 'src/build/linux/sysroot_scripts/install-sysroot.py',
-               '--sysroots-json-path=' + Var('sysroots_json_path'),
-               '--arch=x86'],
-  },
-  {
-    'name': 'sysroot_mips',
-    'pattern': '.',
-    'condition': 'install_sysroot and checkout_linux and checkout_mips',
-    'action': ['python3', 'src/build/linux/sysroot_scripts/install-sysroot.py',
-               '--sysroots-json-path=' + Var('sysroots_json_path'),
-               '--arch=mips'],
-  },
-  {
-    'name': 'sysroot_mips64',
-    'pattern': '.',
-    'condition': 'install_sysroot and checkout_linux and checkout_mips64',
-    'action': ['python3', 'src/build/linux/sysroot_scripts/install-sysroot.py',
-               '--sysroots-json-path=' + Var('sysroots_json_path'),
-               '--arch=mips64el'],
-  },
-  {
-    'name': 'sysroot_x64',
-    'pattern': '.',
-    'condition': 'install_sysroot and checkout_linux and checkout_x64',
-    'action': ['python3', 'src/build/linux/sysroot_scripts/install-sysroot.py',
-               '--sysroots-json-path=' + Var('sysroots_json_path'),
-               '--arch=x64'],
-  },
 ]
 
 recursedeps = [

appveyor-woa.yml

@@ -29,14 +29,14 @@
 
 version: 1.0.{build}
 build_cloud: electronhq-16-core
-image: e-128.0.6571.0
+image: e-131.0.6734.0
 environment:
   GIT_CACHE_PATH: C:\Users\appveyor\libcc_cache
   ELECTRON_OUT_DIR: Default
   ELECTRON_ENABLE_STACK_DUMPING: 1
   ELECTRON_ALSO_LOG_TO_STDERR: 1
   MOCHA_REPORTER: mocha-multi-reporters
-  MOCHA_MULTI_REPORTERS: "@marshallofsound/mocha-appveyor-reporter, tap"
+  MOCHA_MULTI_REPORTERS: "@marshallofsound/mocha-appveyor-reporter, mocha-junit-reporter, tap"
   DEPOT_TOOLS_WIN_TOOLCHAIN: 1
   DEPOT_TOOLS_WIN_TOOLCHAIN_BASE_URL: "https://dev-cdn.electronjs.org/windows-toolchains/_"
   GYP_MSVS_HASH_7393122652: 3ba76c5c20
@@ -70,8 +70,9 @@ for:
         - job_name: Build Arm on X64 Windows
 
     build_script:
+      # TODO: Remove --ignore-engines once WOA image is up to node 20
       - ps: |
-          node script/yarn.js install --frozen-lockfile
+          node script/yarn.js install --frozen-lockfile --ignore-engines
           node script/doc-only-change.js --prNumber=$env:APPVEYOR_PULL_REQUEST_NUMBER
           $env:SHOULD_SKIP_ARTIFACT_VALIDATION = "false"
           if ($LASTEXITCODE -eq 0) {
@@ -95,6 +96,8 @@ for:
       - git clone --depth=1 https://chromium.googlesource.com/chromium/tools/depot_tools.git
       - ps: New-Item -Name depot_tools\.disable_auto_update -ItemType File
       - depot_tools\bootstrap\win_tools.bat
+      - ps: |
+          Set-Content -Path $pwd\depot_tools\build_telemetry.cfg -Value '{"user": "info@electronjs.org", "status": "opt-out", "countdown": 10, "version": 1}'
       - ps: $env:PATH="$pwd\depot_tools;$env:PATH"
       - ps: >-
           if (Test-Path -Path "$pwd\src\electron") {
@@ -115,6 +118,13 @@ for:
           $env:RBE_experimental_credentials_helper = $env:RECLIENT_HELPER
       - ps: >-
           $env:RBE_experimental_credentials_helper_args = "print"
+      - ps: >-
+          if ($env:ELECTRON_RBE_JWT -eq '') {
+            $env:RBE_fail_early_min_action_count = "0"
+            $env:RBE_fail_early_min_fallback_ratio = "0"
+            $env:RBE_exec_strategy = "local"
+            $env:RBE_remote_update_cache= "false"
+          }
       - cd ..\..
       - ps: $env:CHROMIUM_BUILDTOOLS_PATH="$pwd\src\buildtools"
       - ps: >-
@@ -149,7 +159,7 @@ for:
       - gn desc out/Default v8:run_mksnapshot_default args > out/Default/default_mksnapshot_args
       # Remove unused args from mksnapshot_args
       - ps: >-
-          Get-Content out/Default/default_mksnapshot_args | Where-Object { -not $_.Contains('--turbo-profiling-input') -And -not $_.Contains('builtins-pgo') } | Set-Content out/Default/mksnapshot_args
+          Get-Content out/Default/default_mksnapshot_args | Where-Object { -not $_.Contains('--turbo-profiling-input') -And -not $_.Contains('builtins-pgo') -And -not $_.Contains('The gn arg use_goma=true') } | Set-Content out/Default/mksnapshot_args
       - autoninja -C out/Default electron:electron_mksnapshot_zip
       - cd out\Default
       - 7z a mksnapshot.zip mksnapshot_args gen\v8\embedded.S
@@ -166,8 +176,8 @@ for:
           if ($env:GN_CONFIG -eq 'release') {
             # Needed for msdia140.dll on 64-bit windows
             $env:Path += ";$pwd\third_party\llvm-build\Release+Asserts\bin"
-            autoninja -C out/Default electron:electron_symbols
           }
+      - if "%GN_CONFIG%"=="release" ( autoninja -C out/Default electron:electron_symbols )
       - ps: >-
           if ($env:GN_CONFIG -eq 'release') {
             python3 electron\script\zip-symbols.py
@@ -247,14 +257,18 @@ for:
 
     environment:
         IGNORE_YARN_INSTALL_ERROR: 1
-        ELECTRON_TEST_RESULTS_DIR: junit
-        MOCHA_MULTI_REPORTERS: 'mocha-junit-reporter, tap'
+        ELECTRON_TEST_RESULTS_DIR: C:\projects\src\electron\junit
+        MOCHA_MULTI_REPORTERS: "@marshallofsound/mocha-appveyor-reporter, mocha-junit-reporter, tap"
         MOCHA_REPORTER: mocha-multi-reporters
         ELECTRON_SKIP_NATIVE_MODULE_TESTS: true
+        DD_ENV: ci
+        DD_SERVICE: electron
+        DD_CIVISIBILITY_LOGS_ENABLED: true
+        DD_GIT_REPOSITORY_URL: "https://github.com/electron/electron.git"
 
     build_script:
       - ps: |
-          node script/yarn.js install --frozen-lockfile
+          node script/yarn.js install --frozen-lockfile --ignore-engines
           node script/doc-only-change.js --prNumber=$env:APPVEYOR_PULL_REQUEST_NUMBER
           if ($LASTEXITCODE -eq 0) {
             Write-warning "Skipping build for doc only change"
@@ -262,6 +276,7 @@ for:
           } else {
             $global:LASTEXITCODE = 0
           }
+      - ps: Invoke-WebRequest -Uri "https://github.com/DataDog/datadog-ci/releases/latest/download/datadog-ci_win-x64" -OutFile "C:\projects\src\electron\datadog-ci.exe"
       - cd ..
       - mkdir out\Default
       - cd ..
@@ -282,8 +297,8 @@ for:
                 Invoke-RestMethod -Method Get -Uri "$apiUrl/buildjobs/$jobId/artifacts/$artifact_name" -OutFile $outfile
               }
               # Uncomment the following lines to download the pdb.zip to show real stacktraces when crashes happen during testing
-              Invoke-RestMethod -Method Get -Uri "$apiUrl/buildjobs/$jobId/artifacts/pdb.zip" -OutFile pdb.zip
-              7z x -y -osrc pdb.zip
+              # Invoke-RestMethod -Method Get -Uri "$apiUrl/buildjobs/$jobId/artifacts/pdb.zip" -OutFile pdb.zip
+              # 7z x -y -osrc pdb.zip
             }
           }
       - ps: |
@@ -317,4 +332,13 @@ for:
     on_finish:
       # Uncomment these lines to enable RDP
       # - ps: $blockRdp = $true; iex ((new-object net.webclient).DownloadString('https://raw.githubusercontent.com/appveyor/ci/master/scripts/enable-rdp.ps1'))
-      - if exist electron\electron.log ( appveyor-retry appveyor PushArtifact electron\electron.log )
+      - if exist electron\junit\test-results-main.xml ( appveyor-retry appveyor PushArtifact electron\junit\test-results-main.xml )
+      - ps: |
+          if ($env:DD_API_KEY) {
+            $env:DD_GIT_COMMIT_SHA = $env:APPVEYOR_REPO_COMMIT
+            $env:DD_GIT_BRANCH = $env:APPVEYOR_PULL_REQUEST_HEAD_REPO_BRANCH
+            $env:DD_TAGS = "os.architecture:$env:TARGET_ARCH,os.family:windows,os.platform:win32"
+            if (Test-Path -Path "C:\projects\src\electron\junit\test-results-main.xml") {
+              C:\projects\src\electron\datadog-ci.exe junit upload --verbose C:\projects\src\electron\junit\test-results-main.xml
+            }
+          }

appveyor.yml

@@ -29,14 +29,14 @@
 
 version: 1.0.{build}
 build_cloud: electronhq-16-core
-image: e-128.0.6571.0
+image: e-131.0.6734.0
 environment:
   GIT_CACHE_PATH: C:\Users\appveyor\libcc_cache
   ELECTRON_OUT_DIR: Default
   ELECTRON_ENABLE_STACK_DUMPING: 1
   ELECTRON_ALSO_LOG_TO_STDERR: 1
   MOCHA_REPORTER: mocha-multi-reporters
-  MOCHA_MULTI_REPORTERS: "@marshallofsound/mocha-appveyor-reporter, tap"
+  MOCHA_MULTI_REPORTERS: "@marshallofsound/mocha-appveyor-reporter, mocha-junit-reporter, tap"
   DEPOT_TOOLS_WIN_TOOLCHAIN: 1
   DEPOT_TOOLS_WIN_TOOLCHAIN_BASE_URL: "https://dev-cdn.electronjs.org/windows-toolchains/_"
   GYP_MSVS_HASH_7393122652: 3ba76c5c20
@@ -93,6 +93,8 @@ for:
       - git clone --depth=1 https://chromium.googlesource.com/chromium/tools/depot_tools.git
       - ps: New-Item -Name depot_tools\.disable_auto_update -ItemType File
       - depot_tools\bootstrap\win_tools.bat
+      - ps: |
+          Set-Content -Path $pwd\depot_tools\build_telemetry.cfg -Value '{"user": "info@electronjs.org", "status": "opt-out", "countdown": 10, "version": 1}'
       - ps: $env:PATH="$pwd\depot_tools;$env:PATH"
       - ps: >-
           if (Test-Path -Path "$pwd\src\electron") {
@@ -113,6 +115,13 @@ for:
           $env:RBE_experimental_credentials_helper = $env:RECLIENT_HELPER
       - ps: >-
           $env:RBE_experimental_credentials_helper_args = "print"
+      - ps: >-
+          if ($env:ELECTRON_RBE_JWT -eq '') {
+            $env:RBE_fail_early_min_action_count = "0"
+            $env:RBE_fail_early_min_fallback_ratio = "0"
+            $env:RBE_exec_strategy = "local"
+            $env:RBE_remote_update_cache= "false"
+          }
       - cd ..\..
       - ps: $env:CHROMIUM_BUILDTOOLS_PATH="$pwd\src\buildtools"
       - ps: >-
@@ -147,7 +156,7 @@ for:
       - gn desc out/Default v8:run_mksnapshot_default args > out/Default/default_mksnapshot_args
       # Remove unused args from mksnapshot_args
       - ps: >-
-          Get-Content out/Default/default_mksnapshot_args | Where-Object { -not $_.Contains('--turbo-profiling-input') -And -not $_.Contains('builtins-pgo') } | Set-Content out/Default/mksnapshot_args
+          Get-Content out/Default/default_mksnapshot_args | Where-Object { -not $_.Contains('--turbo-profiling-input') -And -not $_.Contains('builtins-pgo') -And -not $_.Contains('The gn arg use_goma=true') } | Set-Content out/Default/mksnapshot_args
       - autoninja -C out/Default electron:electron_mksnapshot_zip
       - cd out\Default
       - 7z a mksnapshot.zip mksnapshot_args gen\v8\embedded.S
@@ -163,8 +172,8 @@ for:
           if ($env:GN_CONFIG -eq 'release') {
             # Needed for msdia140.dll on 64-bit windows
             $env:Path += ";$pwd\third_party\llvm-build\Release+Asserts\bin"
-            autoninja -C out/Default electron:electron_symbols
           }
+      - if "%GN_CONFIG%"=="release" ( autoninja -C out/Default electron:electron_symbols )
       - ps: >-
           if ($env:GN_CONFIG -eq 'release') {
             python3 electron\script\zip-symbols.py
@@ -238,6 +247,13 @@ for:
       only:
         - job_name: Test
 
+    environment:
+        DD_ENV: ci
+        DD_SERVICE: electron
+        DD_CIVISIBILITY_LOGS_ENABLED: true
+        DD_GIT_REPOSITORY_URL: "https://github.com/electron/electron.git"
+        ELECTRON_TEST_RESULTS_DIR: C:\projects\src\electron\junit
+
     init:
       - ps: |
           if ($env:RUN_TESTS -ne 'true') {
@@ -253,6 +269,7 @@ for:
           } else {
             $global:LASTEXITCODE = 0
           }
+      - npm install -g @datadog/datadog-ci
       - cd ..
       - mkdir out\Default
       - cd ..
@@ -273,8 +290,8 @@ for:
                 Invoke-RestMethod -Method Get -Uri "$apiUrl/buildjobs/$jobId/artifacts/$artifact_name" -OutFile $outfile
               }
               # Uncomment the following lines to download the pdb.zip to show real stacktraces when crashes happen during testing
-              Invoke-RestMethod -Method Get -Uri "$apiUrl/buildjobs/$jobId/artifacts/pdb.zip" -OutFile pdb.zip
-              7z x -y -osrc pdb.zip
+              # Invoke-RestMethod -Method Get -Uri "$apiUrl/buildjobs/$jobId/artifacts/pdb.zip" -OutFile pdb.zip
+              # 7z x -y -osrc pdb.zip
             }
           }
       - ps: |
@@ -298,7 +315,7 @@ for:
           if ($env:TARGET_ARCH -eq 'ia32') {
             $env:npm_config_arch = "ia32"
           }
-      - echo Running main test suite & node script/yarn test -- --trace-uncaught --runners=main --enable-logging=file --log-file=%cd%\electron.log
+      - echo Running main test suite & node script/yarn test -- --trace-uncaught --runners=main --enable-logging
       - cd ..
       - echo Verifying non proprietary ffmpeg & python electron\script\verify-ffmpeg.py --build-dir out\Default --source-root %cd% --ffmpeg-path out\ffmpeg
       - echo "About to verify mksnapshot"
@@ -310,4 +327,13 @@ for:
     on_finish:
       # Uncomment these lines to enable RDP
       # - ps: $blockRdp = $true; iex ((new-object net.webclient).DownloadString('https://raw.githubusercontent.com/appveyor/ci/master/scripts/enable-rdp.ps1'))
-      - if exist electron\electron.log ( appveyor-retry appveyor PushArtifact electron\electron.log )
+      - if exist electron\junit\test-results-main.xml ( appveyor-retry appveyor PushArtifact electron\junit\test-results-main.xml )
+      - ps: |
+          if ($env:RUN_TESTS -eq 'true' -And $env:DD_API_KEY) {
+            $env:DD_GIT_COMMIT_SHA = $env:APPVEYOR_REPO_COMMIT
+            $env:DD_GIT_BRANCH = $env:APPVEYOR_PULL_REQUEST_HEAD_REPO_BRANCH
+            $env:DD_TAGS = "os.architecture:$env:TARGET_ARCH,os.family:windows,os.platform:win32"
+            if (Test-Path -Path "C:\projects\src\electron\junit\test-results-main.xml") {
+              C:\Users\appveyor\AppData\Roaming\npm\datadog-ci.ps1 junit upload --verbose C:\projects\src\electron\junit\test-results-main.xml
+            }
+          }

build/args/all.gn

@@ -2,7 +2,7 @@ is_electron_build = true
 root_extra_deps = [ "//electron" ]
 
 # Registry of NMVs --> https://github.com/nodejs/node/blob/main/doc/abi_version_registry.json
-node_module_version = 128
+node_module_version = 123
 
 v8_promise_internal_field_count = 1
 v8_embedder_string = "-electron.0"
@@ -50,13 +50,16 @@ is_cfi = false
 # TODO: fix this once sysroots have been updated.
 use_qt = false
 
+# https://chromium-review.googlesource.com/c/chromium/src/+/4365718
+# TODO(codebytere): fix perfetto incompatibility with Node.js.
+use_perfetto_client_library = false
+
 # Disables the builtins PGO for V8
 v8_builtins_profiling_log_file = ""
 
 # https://chromium.googlesource.com/chromium/src/+/main/docs/dangling_ptr.md
 # TODO(vertedinde): hunt down dangling pointers on Linux
 enable_dangling_raw_ptr_checks = false
-enable_dangling_raw_ptr_feature_flag = false
 
 # This flag speeds up the performance of fork/execve on linux systems.
 # Ref: https://chromium-review.googlesource.com/c/v8/v8/+/4602858
@@ -64,12 +67,3 @@ v8_enable_private_mapping_fork_optimization = true
 
 # Expose public V8 symbols for native modules.
 v8_expose_public_symbols = true
-
-# Disables unsafe-buffers-usage plugin due to incompatibilities with our reclient implementation
-# Ref: https://chromium-review.googlesource.com/c/chromium/src/+/5426599
-# Ref: https://github.com/electron/electron/commit/8e20f16ea35eeaeb149ae63bad3703d782665f6a
-clang_unsafe_buffers_paths = ""
-
-# Disable snapshotting a page when printing for its content to be analyzed for
-# sensitive content by enterprise users.
-enterprise_cloud_content_analysis = false

build/webpack/webpack.config.base.js

@@ -1,8 +1,9 @@
+const TerserPlugin = require('terser-webpack-plugin');
+const webpack = require('webpack');
+const WrapperPlugin = require('wrapper-webpack-plugin');
+
 const fs = require('node:fs');
 const path = require('node:path');
-const webpack = require('webpack');
-const TerserPlugin = require('terser-webpack-plugin');
-const WrapperPlugin = require('wrapper-webpack-plugin');
 
 const electronRoot = path.resolve(__dirname, '../..');
 

chromium_src/BUILD.gn

@@ -14,8 +14,6 @@ import("//third_party/widevine/cdm/widevine.gni")
 static_library("chrome") {
   visibility = [ "//electron:electron_lib" ]
   sources = [
-    "//ash/style/rounded_rect_cutout_path_builder.cc",
-    "//ash/style/rounded_rect_cutout_path_builder.h",
     "//chrome/browser/app_mode/app_mode_utils.cc",
     "//chrome/browser/app_mode/app_mode_utils.h",
     "//chrome/browser/browser_features.cc",
@@ -96,8 +94,6 @@ static_library("chrome") {
     "//chrome/browser/ui/exclusive_access/exclusive_access_controller_base.h",
     "//chrome/browser/ui/exclusive_access/exclusive_access_manager.cc",
     "//chrome/browser/ui/exclusive_access/exclusive_access_manager.h",
-    "//chrome/browser/ui/exclusive_access/exclusive_access_permission_manager.cc",
-    "//chrome/browser/ui/exclusive_access/exclusive_access_permission_manager.h",
     "//chrome/browser/ui/exclusive_access/fullscreen_controller.cc",
     "//chrome/browser/ui/exclusive_access/fullscreen_controller.h",
     "//chrome/browser/ui/exclusive_access/fullscreen_within_tab_helper.cc",
@@ -119,8 +115,6 @@ static_library("chrome") {
     "//chrome/browser/ui/views/overlay/constants.h",
     "//chrome/browser/ui/views/overlay/hang_up_button.cc",
     "//chrome/browser/ui/views/overlay/hang_up_button.h",
-    "//chrome/browser/ui/views/overlay/minimize_button.cc",
-    "//chrome/browser/ui/views/overlay/minimize_button.h",
     "//chrome/browser/ui/views/overlay/overlay_window_image_button.cc",
     "//chrome/browser/ui/views/overlay/overlay_window_image_button.h",
     "//chrome/browser/ui/views/overlay/playback_image_button.cc",
@@ -193,9 +187,6 @@ static_library("chrome") {
     "//chrome/browser:resource_prefetch_predictor_proto",
     "//chrome/browser/resource_coordinator:mojo_bindings",
     "//chrome/browser/web_applications/mojom:mojom_web_apps_enum",
-    "//components/enterprise/buildflags",
-    "//components/enterprise/common/proto:connectors_proto",
-    "//components/safe_browsing/core/browser/db:safebrowsing_proto",
     "//components/vector_icons:vector_icons",
     "//ui/snapshot",
     "//ui/views/controls/webview",
@@ -246,11 +237,7 @@ static_library("chrome") {
       "//chrome/services/util_win:lib",
       "//components/webapps/common:mojo_bindings",
     ]
-    deps += [
-      "//chrome/services/util_win/public/mojom",
-      "//components/compose/core/browser:mojo_bindings",
-      "//components/segmentation_platform/public/proto",
-    ]
+    deps += [ "//chrome/services/util_win/public/mojom" ]
   }
 
   if (is_mac) {
@@ -288,8 +275,6 @@ static_library("chrome") {
       "//chrome/browser/bad_message.h",
       "//chrome/browser/printing/prefs_util.cc",
       "//chrome/browser/printing/prefs_util.h",
-      "//chrome/browser/printing/print_compositor_util.cc",
-      "//chrome/browser/printing/print_compositor_util.h",
       "//chrome/browser/printing/print_job.cc",
       "//chrome/browser/printing/print_job.h",
       "//chrome/browser/printing/print_job_manager.cc",
@@ -316,8 +301,6 @@ static_library("chrome") {
 
     if (enable_oop_printing) {
       sources += [
-        "//chrome/browser/printing/oop_features.cc",
-        "//chrome/browser/printing/oop_features.h",
         "//chrome/browser/printing/print_backend_service_manager.cc",
         "//chrome/browser/printing/print_backend_service_manager.h",
       ]
@@ -344,8 +327,6 @@ static_library("chrome") {
         "//chrome/browser/printing/pdf_to_emf_converter.h",
         "//chrome/browser/printing/printer_xml_parser_impl.cc",
         "//chrome/browser/printing/printer_xml_parser_impl.h",
-        "//chrome/browser/printing/xps_features.cc",
-        "//chrome/browser/printing/xps_features.h",
       ]
       deps += [ "//printing:printing_base" ]
     }
@@ -369,6 +350,8 @@ static_library("chrome") {
         "//chrome/browser/pdf/chrome_pdf_stream_delegate.h",
         "//chrome/browser/pdf/pdf_extension_util.cc",
         "//chrome/browser/pdf/pdf_extension_util.h",
+        "//chrome/browser/pdf/pdf_frame_util.cc",
+        "//chrome/browser/pdf/pdf_frame_util.h",
         "//chrome/browser/pdf/pdf_viewer_stream_manager.cc",
         "//chrome/browser/pdf/pdf_viewer_stream_manager.h",
         "//chrome/browser/plugins/pdf_iframe_navigation_throttle.cc",

default_app/default_app.ts

@@ -1,5 +1,6 @@
 import { shell } from 'electron/common';
 import { app, dialog, BrowserWindow, ipcMain } from 'electron/main';
+
 import * as path from 'node:path';
 import * as url from 'node:url';
 

default_app/main.ts

@@ -4,6 +4,7 @@ import * as fs from 'node:fs';
 import { Module } from 'node:module';
 import * as path from 'node:path';
 import * as url from 'node:url';
+
 const { app, dialog } = electron;
 
 type DefaultAppOptions = {
@@ -255,6 +256,7 @@ async function startRepl () {
 // start the default app.
 if (option.file && !option.webdriver) {
   const file = option.file;
+  // eslint-disable-next-line n/no-deprecated-api
   const protocol = url.parse(file).protocol;
   const extension = path.extname(file);
   if (protocol === 'http:' || protocol === 'https:' || protocol === 'file:' || protocol === 'chrome:') {

docs/README.md

@@ -98,6 +98,7 @@ These individual tutorials expand on topics discussed in the guide above.
 
 ### Custom DOM Elements:
 
+* [`File` Object](api/file-object.md)
 * [`<webview>` Tag](api/webview-tag.md)
 * [`window.open` Function](api/window-open.md)
 

docs/api/app.md

@@ -1357,7 +1357,7 @@ Show the app's about panel options. These options can be overridden with `app.se
   * `credits` string (optional) _macOS_ _Windows_ - Credit information.
   * `authors` string[] (optional) _Linux_ - List of app authors.
   * `website` string (optional) _Linux_ - The app's website.
-  * `iconPath` string (optional) _Linux_ _Windows_ - Path to the app's icon in a JPEG or PNG file format. On Linux, will be shown as 64x64 pixels while retaining aspect ratio.
+  * `iconPath` string (optional) _Linux_ _Windows_ - Path to the app's icon in a JPEG or PNG file format. On Linux, will be shown as 64x64 pixels while retaining aspect ratio. On Windows, a 48x48 PNG will result in the best visual quality.
 
 Set the about panel options. This will override the values defined in the app's `.plist` file on macOS. See the [Apple docs][about-panel-options] for more details. On Linux, values must be set in order to be shown; there are no defaults.
 
@@ -1489,38 +1489,6 @@ This method can only be called after app is ready.
 
 Returns `Promise<string>` - Resolves with the proxy information for `url` that will be used when attempting to make requests using [Net](net.md) in the [utility process](../glossary.md#utility-process).
 
-### `app.setClientCertRequestPasswordHandler(handler)`  _Linux_
-
-* `handler` Function\<Promise\<string\>\>
-  * `clientCertRequestParams` Object
-    * `hostname` string - the hostname of the site requiring a client certificate
-    * `tokenName` string - the token (or slot) name of the cryptographic device
-    * `isRetry` boolean - whether there have been previous failed attempts at prompting the password
-
-  Returns `Promise<string>` - Resolves with the password
-
-The handler is called when a password is needed to unlock a client certificate for
-`hostname`.
-
-```js
-const { app } = require('electron')
-
-async function passwordPromptUI (text) {
-  return new Promise((resolve, reject) => {
-    // display UI to prompt user for password
-    // ...
-    // ...
-    resolve('the password')
-  })
-}
-
-app.setClientCertRequestPasswordHandler(async ({ hostname, tokenName, isRetry }) => {
-  const text = `Please sign in to ${tokenName} to authenticate to ${hostname} with your certificate`
-  const password = await passwordPromptUI(text)
-  return password
-})
-```
-
 ## Properties
 
 ### `app.accessibilitySupportEnabled` _macOS_ _Windows_

docs/api/base-window.md

@@ -126,10 +126,18 @@ or session log off.
 
 #### Event: 'blur'
 
+Returns:
+
+* `event` Event
+
 Emitted when the window loses focus.
 
 #### Event: 'focus'
 
+Returns:
+
+* `event` Event
+
 Emitted when the window gains focus.
 
 #### Event: 'show'

docs/api/browser-window.md

@@ -690,6 +690,8 @@ Sets whether the window should be in fullscreen mode.
 
 Returns `boolean` - Whether the window is in fullscreen mode.
 
+**Note:** On macOS, fullscreen transitions take place asynchronously. When querying for a BrowserWindow's fullscreen status, you should ensure that either the ['enter-full-screen'](browser-window.md#event-enter-full-screen) or ['leave-full-screen'](browser-window.md#event-leave-full-screen) events have been emitted.
+
 #### `win.setSimpleFullScreen(flag)` _macOS_
 
 * `flag` boolean

docs/api/client-request.md

@@ -53,7 +53,7 @@ following properties:
     [`request.followRedirect`](#requestfollowredirect) is invoked synchronously
     during the [`redirect`](#event-redirect) event.  Defaults to `follow`.
   * `origin` string (optional) - The origin URL of the request.
-  * `referrerPolicy` string (optional) - can be `""`, `no-referrer`,
+  * `referrerPolicy` string (optional) - can be "", `no-referrer`,
     `no-referrer-when-downgrade`, `origin`, `origin-when-cross-origin`,
     `unsafe-url`, `same-origin`, `strict-origin`, or
     `strict-origin-when-cross-origin`. Defaults to

docs/api/command-line-switches.md

@@ -279,7 +279,7 @@ Aliased to `--debug[=[host:]port`.
 
 Specify ways of the inspector web socket url exposure.
 
-By default inspector websocket url is available in stderr and under /json/list endpoint on `http://host:port/json/list`.
+By default inspector websocket url is available in stderr and under /json/list endpoint on http://host:port/json/list.
 
 ### `--no-deprecation`
 

docs/api/context-bridge.md

@@ -129,7 +129,7 @@ has been included below for completeness:
 | `Object` | Complex | ✅ | ✅ | Keys must be supported using only "Simple" types in this table.  Values must be supported in this table.  Prototype modifications are dropped.  Sending custom classes will copy values but not the prototype. |
 | `Array` | Complex | ✅ | ✅ | Same limitations as the `Object` type |
 | `Error` | Complex | ✅ | ✅ | Errors that are thrown are also copied, this can result in the message and stack trace of the error changing slightly due to being thrown in a different context, and any custom properties on the Error object [will be lost](https://github.com/electron/electron/issues/25596) |
-| `Promise` | Complex | ✅ | ✅ | N/A |
+| `Promise` | Complex | ✅ | ✅ | N/A
 | `Function` | Complex | ✅ | ✅ | Prototype modifications are dropped.  Sending classes or constructors will not work. |
 | [Cloneable Types](https://developer.mozilla.org/en-US/docs/Web/API/Web_Workers_API/Structured_clone_algorithm) | Simple | ✅ | ✅ | See the linked document on cloneable types |
 | `Element` | Complex | ✅ | ✅ | Prototype modifications are dropped.  Sending custom elements will not work. |
@@ -138,6 +138,25 @@ has been included below for completeness:
 
 If the type you care about is not in the above table, it is probably not supported.
 
+### Exposing ipcRenderer
+
+Attempting to send the entire `ipcRenderer` module as an object over the `contextBridge` will result in
+an empty object on the receiving side of the bridge. Sending over `ipcRenderer` in full can let any
+code send any message, which is a security footgun. To interact through `ipcRenderer`, provide a safe wrapper
+like below:
+
+```js
+// Preload (Isolated World)
+contextBridge.exposeInMainWorld('electron', {
+  onMyEventName: (callback) => ipcRenderer.on('MyEventName', (e, ...args) => callback(args))
+})
+```
+
+```js @ts-nocheck
+// Renderer (Main World)
+window.electron.onMyEventName(data => { /* ... */ })
+```
+
 ### Exposing Node Global Symbols
 
 The `contextBridge` can be used by the preload script to give your renderer access to Node APIs.

docs/api/desktop-capturer.md

@@ -9,80 +9,66 @@ The following example shows how to capture video from a desktop window whose
 title is `Electron`:
 
 ```js
-// In the main process.
-const { BrowserWindow, desktopCapturer } = require('electron')
+// main.js
+const { app, BrowserWindow, desktopCapturer, session } = require('electron')
 
-const mainWindow = new BrowserWindow()
+app.whenReady().then(() => {
+  const mainWindow = new BrowserWindow()
 
-desktopCapturer.getSources({ types: ['window', 'screen'] }).then(async sources => {
-  for (const source of sources) {
-    if (source.name === 'Electron') {
-      mainWindow.webContents.send('SET_SOURCE', source.id)
-      return
-    }
-  }
-})
-```
-
-```js @ts-nocheck
-// In the preload script.
-const { ipcRenderer } = require('electron')
-
-ipcRenderer.on('SET_SOURCE', async (event, sourceId) => {
-  try {
-    const stream = await navigator.mediaDevices.getUserMedia({
-      audio: false,
-      video: {
-        mandatory: {
-          chromeMediaSource: 'desktop',
-          chromeMediaSourceId: sourceId,
-          minWidth: 1280,
-          maxWidth: 1280,
-          minHeight: 720,
-          maxHeight: 720
-        }
-      }
+  session.defaultSession.setDisplayMediaRequestHandler((request, callback) => {
+    desktopCapturer.getSources({ types: ['screen'] }).then((sources) => {
+      // Grant access to the first screen found.
+      callback({ video: sources[0], audio: 'loopback' })
     })
-    handleStream(stream)
-  } catch (e) {
-    handleError(e)
-  }
+  })
+
+  mainWindow.loadFile('index.html')
 })
-
-function handleStream (stream) {
-  const video = document.querySelector('video')
-  video.srcObject = stream
-  video.onloadedmetadata = (e) => video.play()
-}
-
-function handleError (e) {
-  console.log(e)
-}
 ```
 
-To capture video from a source provided by `desktopCapturer` the constraints
-passed to [`navigator.mediaDevices.getUserMedia`][] must include
-`chromeMediaSource: 'desktop'`, and `audio: false`.
-
-To capture both audio and video from the entire desktop the constraints passed
-to [`navigator.mediaDevices.getUserMedia`][] must include `chromeMediaSource: 'desktop'`,
-for both `audio` and `video`, but should not include a `chromeMediaSourceId` constraint.
-
 ```js
-const constraints = {
-  audio: {
-    mandatory: {
-      chromeMediaSource: 'desktop'
+// renderer.js
+const startButton = document.getElementById('startButton')
+const stopButton = document.getElementById('stopButton')
+const video = document.querySelector('video')
+
+startButton.addEventListener('click', () => {
+  navigator.mediaDevices.getDisplayMedia({
+    audio: true,
+    video: {
+      width: 320,
+      height: 240,
+      frameRate: 30
     }
-  },
-  video: {
-    mandatory: {
-      chromeMediaSource: 'desktop'
-    }
-  }
-}
+  }).then(stream => {
+    video.srcObject = stream
+    video.onloadedmetadata = (e) => video.play()
+  }).catch(e => console.log(e))
+})
+
+stopButton.addEventListener('click', () => {
+  video.pause()
+})
 ```
 
+```html
+<!-- index.html -->
+<html>
+<meta http-equiv="content-security-policy" content="script-src 'self' 'unsafe-inline'" />
+  <body>
+    <button id="startButton" class="button">Start</button>
+    <button id="stopButton" class="button">Stop</button>
+    <video width="320" height="240" autoplay></video>
+    <script src="renderer.js"></script>
+  </body>
+</html>
+```
+
+See [`navigator.mediaDevices.getDisplayMedia`](https://developer.mozilla.org/en-US/docs/Web/API/MediaDevices/getDisplayMedia) for more information.
+
+**Note:** `navigator.mediaDevices.getDisplayMedia` does not permit the use of `deviceId` for
+selection of a source - see [specification](https://w3c.github.io/mediacapture-screen-share/#constraints).
+
 ## Methods
 
 The `desktopCapturer` module has the following methods:

docs/api/dock.md

@@ -80,4 +80,4 @@ Returns `Menu | null` - The application's [dock menu][dock-menu].
 
 Sets the `image` associated with this dock icon.
 
-[dock-menu]: https://developer.apple.com/design/human-interface-guidelines/dock-menus
+[dock-menu]: https://developer.apple.com/macos/human-interface-guidelines/menus/dock-menus/

docs/api/file-object.md

@@ -0,0 +1,36 @@
+# `File` Object
+
+> Use the HTML5 `File` API to work natively with files on the filesystem.
+
+> **Warning**
+> The `path` property that Electron adds to the `File` interface is deprecated
+> and **will** be removed in a future Electron release.  We recommend you
+> use `webUtils.getPathForFile` instead.
+
+The DOM's File interface provides abstraction around native files in order to
+let users work on native files directly with the HTML5 file API. Electron has
+added a `path` attribute to the `File` interface which exposes the file's real
+path on filesystem.
+
+Example of getting a real path from a dragged-onto-the-app file:
+
+```html
+<div id="holder">
+  Drag your file here
+</div>
+
+<script>
+  document.addEventListener('drop', (e) => {
+    e.preventDefault();
+    e.stopPropagation();
+
+    for (const f of e.dataTransfer.files) {
+      console.log('File(s) you dragged here: ', f.path)
+    }
+  });
+  document.addEventListener('dragover', (e) => {
+    e.preventDefault();
+    e.stopPropagation();
+  });
+</script>
+```

docs/api/incoming-message.md

@@ -31,7 +31,7 @@ Emitted when a request has been canceled during an ongoing HTTP transaction.
 
 Returns:
 
-`error` Error - Typically holds an error string identifying failure root cause.
+* `error` Error - Typically holds an error string identifying failure root cause.
 
 Emitted when an error was encountered while streaming response data events. For
 instance, if the server closes the underlying while the response is still

docs/api/native-theme.md

@@ -72,3 +72,7 @@ or is being instructed to use an inverted color scheme.
 
 A `boolean` indicating whether Chromium is in forced colors mode, controlled by system accessibility settings.
 Currently, Windows high contrast is the only system setting that triggers forced colors mode.
+
+### `nativeTheme.prefersReducedTransparency` _Readonly_
+
+A `boolean` that indicates the whether the user has chosen via system accessibility settings to reduce transparency at the OS level.

docs/api/navigation-history.md

@@ -9,24 +9,6 @@ Each navigation entry corresponds to a specific page. The indexing system follow
 
 ### Instance Methods
 
-#### `navigationHistory.canGoBack()`
-
-Returns `boolean` - Whether the browser can go back to previous web page.
-
-#### `navigationHistory.canGoForward()`
-
-Returns `boolean` - Whether the browser can go forward to next web page.
-
-#### `navigationHistory.canGoToOffset(offset)`
-
-* `offset` Integer
-
-Returns `boolean` - Whether the web page can go to the specified `offset` from the current entry.
-
-#### `navigationHistory.clear()`
-
-Clears the navigation history.
-
 #### `navigationHistory.getActiveIndex()`
 
 Returns `Integer` - The index of the current page, from which we would go back/forward or reload.
@@ -42,26 +24,6 @@ Returns `Object`:
 
 If index is out of bounds (greater than history length or less than 0), null will be returned.
 
-#### `navigationHistory.goBack()`
-
-Makes the browser go back a web page.
-
-#### `navigationHistory.goForward()`
-
-Makes the browser go forward a web page.
-
-#### `navigationHistory.goToIndex(index)`
-
-* `index` Integer
-
-Navigates browser to the specified absolute web page index.
-
-#### `navigationHistory.goToOffset(offset)`
-
-* `offset` Integer
-
-Navigates to the specified offset from the current entry.
-
 #### `navigationHistory.length()`
 
 Returns `Integer` - History length.

docs/api/net.md

@@ -130,7 +130,7 @@ won't be able to connect to remote sites. However, a return value of
 whether a particular connection attempt to a particular remote site
 will be successful.
 
-### `net.resolveHost(host, [options])`
+#### `net.resolveHost(host, [options])`
 
 * `host` string - Hostname to resolve.
 * `options` Object (optional)

docs/api/safe-storage.md

@@ -4,19 +4,7 @@
 
 Process: [Main](../glossary.md#main-process)
 
-This module adds extra protection to data being stored on disk by using OS-provided cryptography systems. Current
-security semantics for each platform are outlined below.
-
-* **macOS**: Encryption keys are stored for your app in [Keychain Access](https://support.apple.com/en-ca/guide/keychain-access/kyca1083/mac) in a way that prevents
-other applications from loading them without user override. Therefore, content is protected from other users and other apps running in the same userspace.
-* **Windows**: Encryption keys are generated via [DPAPI](https://learn.microsoft.com/en-us/windows/win32/api/dpapi/nf-dpapi-cryptprotectdata).
-As per the Windows documentation: "Typically, only a user with the same logon credential as the user who encrypted the data can typically
-decrypt the data". Therefore, content is protected from other users on the same machine, but not from other apps running in the
-same userspace.
-* **Linux**: Encryption keys are generated and stored in a secret store that varies depending on your window manager and system setup. Options currently supported are `kwallet`, `kwallet5`, `kwallet6` and `gnome-libsecret`, but more may be available in future versions of Electron. As such, the
-security semantics of content protected via the `safeStorage` API vary between window managers and secret stores.
-  * Note that not all Linux setups have an available secret store. If no secret store is available, items stored in using the `safeStorage` API will be unprotected
-as they are encrypted via hardcoded plaintext password. You can detect when this happens when `safeStorage.getSelectedStorageBackend()` returns `basic_text`.
+This module protects data stored on disk from being accessed by other applications or users with full disk access.
 
 Note that on Mac, access to the system Keychain is required and
 these calls can block the current thread to collect user input.

docs/api/session.md

@@ -143,6 +143,71 @@ Returns:
 Emitted after an extension is loaded and all necessary browser state is
 initialized to support the start of the extension's background page.
 
+#### Event: 'file-system-access-restricted'
+
+Returns:
+
+* `event` Event
+* `details` Object
+  * `origin` string - The origin that initiated access to the blocked path.
+  * `isDirectory` boolean - Whether or not the path is a directory.
+  * `path` string - The blocked path attempting to be accessed.
+* `callback` Function
+  * `action` string - The action to take as a result of the restricted path access attempt.
+    * `allow` - This will allow `path` to be accessed despite restricted status.
+    * `deny` - This will block the access request and trigger an [`AbortError`](https://developer.mozilla.org/en-US/docs/Web/API/AbortController/abort).
+    * `tryAgain` - This will open a new file picker and allow the user to choose another path.
+
+```js
+const { app, dialog, BrowserWindow, session } = require('electron')
+
+async function createWindow () {
+  const mainWindow = new BrowserWindow()
+
+  await mainWindow.loadURL('https://buzzfeed.com')
+
+  session.defaultSession.on('file-system-access-restricted', async (e, details, callback) => {
+    const { origin, path } = details
+    const { response } = await dialog.showMessageBox({
+      message: `Are you sure you want ${origin} to open restricted path ${path}?`,
+      title: 'File System Access Restricted',
+      buttons: ['Choose a different folder', 'Allow', 'Cancel'],
+      cancelId: 2
+    })
+
+    if (response === 0) {
+      callback('tryAgain')
+    } else if (response === 1) {
+      callback('allow')
+    } else {
+      callback('deny')
+    }
+  })
+
+  mainWindow.webContents.executeJavaScript(`
+    window.showDirectoryPicker({
+      id: 'electron-demo',
+      mode: 'readwrite',
+      startIn: 'downloads',
+    }).catch(e => {
+      console.log(e)
+    })`, true
+  )
+}
+
+app.whenReady().then(() => {
+  createWindow()
+
+  app.on('activate', () => {
+    if (BrowserWindow.getAllWindows().length === 0) createWindow()
+  })
+})
+
+app.on('window-all-closed', function () {
+  if (process.platform !== 'darwin') app.quit()
+})
+```
+
 #### Event: 'preconnect'
 
 Returns:
@@ -430,7 +495,7 @@ app.whenReady().then(() => {
 })
 ```
 
-```js
+```js @ts-nocheck
 // Renderer Process
 
 const portConnect = async () => {
@@ -1422,37 +1487,6 @@ is emitted.
 Returns `string | null` - The absolute file system path where data for this
 session is persisted on disk.  For in memory sessions this returns `null`.
 
-#### `ses.clearData([options])`
-
-* `options` Object (optional)
-  * `dataTypes` String[] (optional) - The types of data to clear. By default, this will clear all types of data.
-    * `backgroundFetch` - Background Fetch
-    * `cache` - Cache
-    * `cookies` - Cookies
-    * `downloads` - Downloads
-    * `fileSystems` - File Systems
-    * `indexedDB` - IndexedDB
-    * `localStorage` - Local Storage
-    * `serviceWorkers` - Service Workers
-    * `webSQL` - WebSQL
-  * `origins` String[] (optional) - Clear data for only these origins. Cannot be used with `excludeOrigins`.
-  * `excludeOrigins` String[] (optional) - Clear data for all origins except these ones. Cannot be used with `origins`.
-  * `avoidClosingConnections` boolean (optional) - Skips deleting cookies that would close current network connections. (Default: `false`)
-  * `originMatchingMode` String (optional) - The behavior for matching data to origins.
-    * `third-parties-included` (default) - Storage is matched on origin in first-party contexts and top-level-site in third-party contexts.
-    * `origin-in-all-contexts` - Storage is matched on origin only in all contexts.
-
-Returns `Promise<void>` - resolves when all data has been cleared.
-
-Clears various different types of data.
-
-This method clears more types of data and is more thourough than the
-`clearStorageData` method.
-
-**Note:** Cookies are stored at a broader scope than origins. When removing cookies and filtering by `origins` (or `excludeOrigins`), the cookies will be removed at the [registrable domain](https://url.spec.whatwg.org/#host-registrable-domain) level. For example, clearing cookies for the origin `https://really.specific.origin.example.com/` will end up clearing all cookies for `example.com`. Clearing cookies for the origin `https://my.website.example.co.uk/` will end up clearing all cookies for `example.co.uk`.
-
-For more information, refer to Chromium's [`BrowsingDataRemover` interface](https://source.chromium.org/chromium/chromium/src/+/main:content/public/browser/browsing_data_remover.h).
-
 ### Instance Properties
 
 The following properties are available on instances of `Session`:

docs/api/structures/cpu-usage.md

@@ -2,8 +2,6 @@
 
 * `percentCPUUsage` number - Percentage of CPU used since the last call to getCPUUsage.
   First call returns 0.
-* `cumulativeCPUUsage` number (optional) - Total seconds of CPU time used since process
-  startup.
 * `idleWakeupsPerSecond` number - The number of average idle CPU wakeups per second
   since the last call to getCPUUsage. First call returns 0. Will always return 0 on
   Windows.

docs/api/structures/trace-config.md

@@ -7,8 +7,8 @@
   recording buffer in events.
 * `enable_argument_filter` boolean (optional) - if true, filter event data
   according to a specific list of events that have been manually vetted to not
-  include any PII. See [the implementation in Chromium][trace_event_args_allowlist.cc]
-  for specifics.
+  include any PII. See [the implementation in
+  Chromium][trace_event_args_allowlist.cc] for specifics.
 * `included_categories` string[] (optional) - a list of tracing categories to
   include. Can include glob-like patterns using `*` at the end of the category
   name. See [tracing categories][] for the list of categories.
@@ -21,8 +21,8 @@
   with the trace.
 * `memory_dump_config` Record\<string, any\> (optional) - if the
   `disabled-by-default-memory-infra` category is enabled, this contains
-  optional additional configuration for data collection. See the
-  [Chromium memory-infra docs][memory-infra docs] for more information.
+  optional additional configuration for data collection. See the [Chromium
+  memory-infra docs][memory-infra docs] for more information.
 
 An example TraceConfig that roughly matches what Chrome DevTools records:
 

docs/api/structures/window-open-handler-response.md

@@ -1,7 +0,0 @@
-# WindowOpenHandlerResponse Object
-
-* `action` string - Can be `allow` or `deny`. Controls whether new window should be created.
-* `overrideBrowserWindowOptions` BrowserWindowConstructorOptions (optional) - Allows customization of the created window.
-* `outlivesOpener` boolean (optional) - By default, child windows are closed when their opener is closed. This can be
-  changed by specifying `outlivesOpener: true`, in which case the opened window will not be closed when its opener is closed.
-* `createWindow` (options: BrowserWindowConstructorOptions) => WebContents (optional) - If specified, will be called instead of `new BrowserWindow` to create the new child window and event [`did-create-window`](../web-contents.md#event-did-create-window) will not be emitted. Constructed child window should use passed `options` object. This can be used for example to have the new window open as a BrowserView instead of in a separate window.

docs/api/view.md

@@ -94,12 +94,6 @@ Examples of valid `color` values:
 
 **Note:** Hex format with alpha takes `AARRGGBB` or `ARGB`, _not_ `RRGGBBAA` or `RGB`.
 
-#### `view.setBorderRadius(radius)`
-
-* `radius` Integer - Border radius size in pixels.
-
-**Note:** The area cutout of the view's border still captures clicks.
-
 #### `view.setVisible(visible)`
 
 * `visible` boolean - If false, the view will be hidden from display.

docs/api/web-contents-view.md

@@ -36,9 +36,8 @@ Process: [Main](../glossary.md#main-process)
 
 * `options` Object (optional)
   * `webPreferences` [WebPreferences](structures/web-preferences.md) (optional) - Settings of web page's features.
-  * `webContents` [WebContents](web-contents.md) (optional) - If present, the given WebContents will be adopted by the WebContentsView. A WebContents may only be presented in one WebContentsView at a time.
 
-Creates a WebContentsView.
+Creates an empty WebContentsView.
 
 ### Instance Properties
 

docs/api/web-contents.md

@@ -1124,60 +1124,44 @@ Reloads the current web page.
 
 Reloads current page and ignores cache.
 
-#### `contents.canGoBack()` _Deprecated_
+#### `contents.canGoBack()`
 
 Returns `boolean` - Whether the browser can go back to previous web page.
 
-**Deprecated:** Should use the new [`contents.navigationHistory.canGoBack`](navigation-history.md#navigationhistorycangoback) API.
-
-#### `contents.canGoForward()` _Deprecated_
+#### `contents.canGoForward()`
 
 Returns `boolean` - Whether the browser can go forward to next web page.
 
-**Deprecated:** Should use the new [`contents.navigationHistory.canGoForward`](navigation-history.md#navigationhistorycangoforward) API.
-
-#### `contents.canGoToOffset(offset)` _Deprecated_
+#### `contents.canGoToOffset(offset)`
 
 * `offset` Integer
 
 Returns `boolean` - Whether the web page can go to `offset`.
 
-**Deprecated:** Should use the new [`contents.navigationHistory.canGoToOffset`](navigation-history.md#navigationhistorycangotooffsetoffset) API.
-
-#### `contents.clearHistory()` _Deprecated_
+#### `contents.clearHistory()`
 
 Clears the navigation history.
 
-**Deprecated:** Should use the new [`contents.navigationHistory.clear`](navigation-history.md#navigationhistoryclear) API.
-
-#### `contents.goBack()` _Deprecated_
+#### `contents.goBack()`
 
 Makes the browser go back a web page.
 
-**Deprecated:** Should use the new [`contents.navigationHistory.goBack`](navigation-history.md#navigationhistorygoback) API.
-
-#### `contents.goForward()` _Deprecated_
+#### `contents.goForward()`
 
 Makes the browser go forward a web page.
 
-**Deprecated:** Should use the new [`contents.navigationHistory.goForward`](navigation-history.md#navigationhistorygoforward) API.
-
-#### `contents.goToIndex(index)` _Deprecated_
+#### `contents.goToIndex(index)`
 
 * `index` Integer
 
 Navigates browser to the specified absolute web page index.
 
-**Deprecated:** Should use the new [`contents.navigationHistory.goToIndex`](navigation-history.md#navigationhistorygotoindexindex) API.
-
-#### `contents.goToOffset(offset)` _Deprecated_
+#### `contents.goToOffset(offset)`
 
 * `offset` Integer
 
 Navigates to the specified offset from the "current entry".
 
-**Deprecated:** Should use the new [`contents.navigationHistory.goToOffset`](navigation-history.md#navigationhistorygotooffsetoffset) API.
-
 #### `contents.isCrashed()`
 
 Returns `boolean` - Whether the renderer process has crashed.
@@ -1302,7 +1286,7 @@ Ignore application menu shortcuts while this web contents is focused.
 
 #### `contents.setWindowOpenHandler(handler)`
 
-* `handler` Function\<[WindowOpenHandlerResponse](structures/window-open-handler-response.md)\>
+* `handler` Function\<\{action: 'deny'\} | \{action: 'allow', outlivesOpener?: boolean, overrideBrowserWindowOptions?: BrowserWindowConstructorOptions\}\>
   * `details` Object
     * `url` string - The _resolved_ version of the URL passed to `window.open()`. e.g. opening a window with `window.open('foo')` will yield something like `https://the-origin/the/current/path/foo`.
     * `frameName` string - Name of the window provided in `window.open()`
@@ -1317,8 +1301,11 @@ Ignore application menu shortcuts while this web contents is focused.
       be set. If no post data is to be sent, the value will be `null`. Only defined
       when the window is being created by a form that set `target=_blank`.
 
-  Returns `WindowOpenHandlerResponse` - When set to `{ action: 'deny' }` cancels the creation of the new
-  window. `{ action: 'allow' }` will allow the new window to be created.
+  Returns `{action: 'deny'} | {action: 'allow', outlivesOpener?: boolean, overrideBrowserWindowOptions?: BrowserWindowConstructorOptions}` - `deny` cancels the creation of the new
+  window. `allow` will allow the new window to be created. Specifying `overrideBrowserWindowOptions` allows customization of the created window.
+  By default, child windows are closed when their opener is closed. This can be
+  changed by specifying `outlivesOpener: true`, in which case the opened window
+  will not be closed when its opener is closed.
   Returning an unrecognized value such as a null, undefined, or an object
   without a recognized 'action' value will result in a console error and have
   the same effect as returning `{action: 'deny'}`.
@@ -1329,26 +1316,6 @@ submitting a form with `<form target="_blank">`. See
 [`window.open()`](window-open.md) for more details and how to use this in
 conjunction with `did-create-window`.
 
-An example showing how to customize the process of new `BrowserWindow` creation to be `BrowserView` attached to main window instead:
-
-```js
-const { BrowserView, BrowserWindow } = require('electron')
-
-const mainWindow = new BrowserWindow()
-
-mainWindow.webContents.setWindowOpenHandler((details) => {
-  return {
-    action: 'allow',
-    createWindow: (options) => {
-      const browserView = new BrowserView(options)
-      mainWindow.addBrowserView(browserView)
-      browserView.setBounds({ x: 0, y: 0, width: 640, height: 480 })
-      return browserView.webContents
-    }
-  }
-})
-```
-
 #### `contents.setAudioMuted(muted)`
 
 * `muted` boolean
@@ -1566,7 +1533,7 @@ If you would like the page to stay hidden, you should ensure that `stayHidden` i
 #### `contents.isBeingCaptured()`
 
 Returns `boolean` - Whether this page is being captured. It returns true when the capturer count
-is greater than 0.
+is large then 0.
 
 #### `contents.getPrintersAsync()`
 

docs/breaking-changes.md

@@ -12,83 +12,6 @@ This document uses the following convention to categorize breaking changes:
 * **Deprecated:** An API was marked as deprecated. The API will continue to function, but will emit a deprecation warning, and will be removed in a future release.
 * **Removed:** An API or feature was removed, and is no longer supported by Electron.
 
-## Planned Breaking API Changes (32.0)
-
-### Removed: `File.path`
-
-The nonstandard `path` property of the Web `File` object was added in an early version of Electron as a convenience method for working with native files when doing everything in the renderer was more common. However, it represents a deviation from the standard and poses a minor security risk as well, so beginning in Electron 32.0 it has been removed in favor of the [`webUtils.getPathForFile`](api/web-utils.md#webutilsgetpathforfilefile) method.
-
-```js
-// Before (renderer)
-
-const file = document.querySelector('input[type=file]')
-alert(`Uploaded file path was: ${file.path}`)
-```
-
-```js
-// After (renderer)
-
-const file = document.querySelector('input[type=file]')
-electron.showFilePath(file)
-
-// (preload)
-const { contextBridge, webUtils } = require('electron')
-
-contextBridge.exposeInMainWorld('electron', {
-  showFilePath (file) {
-    // It's best not to expose the full file path to the web content if
-    // possible.
-    const path = webUtils.getPathForFile(file)
-    alert(`Uploaded file path was: ${path}`)
-  }
-})
-```
-
-### Deprecated: `clearHistory`, `canGoBack`, `goBack`, `canGoForward`, `goForward`, `canGoToOffset`, `goToOffset` on `WebContents`
-
-The navigation-related APIs are now deprecated.
-
-These APIs have been moved to the `navigationHistory` property of `WebContents` to provide a more structured and intuitive interface for managing navigation history.
-
-```js
-// Deprecated
-win.webContents.clearHistory()
-win.webContents.canGoBack()
-win.webContents.goBack()
-win.webContents.canGoForward()
-win.webContents.goForward()
-win.webContents.canGoToOffset()
-win.webContents.goToOffset(index)
-
-// Replace with
-win.webContents.navigationHistory.clear()
-win.webContents.navigationHistory.canGoBack()
-win.webContents.navigationHistory.goBack()
-win.webContents.navigationHistory.canGoForward()
-win.webContents.navigationHistory.goForward()
-win.webContents.navigationHistory.canGoToOffset()
-win.webContents.navigationHistory.goToOffset(index)
-```
-
-## Planned Breaking API Changes (31.0)
-
-### Removed: `WebSQL` support
-
-Chromium has removed support for WebSQL upstream, transitioning it to Android only. See
-[Chromium's intent to remove discussion](https://groups.google.com/a/chromium.org/g/blink-dev/c/fWYb6evVA-w/m/wGI863zaAAAJ)
-for more information.
-
-### Behavior Changed: `nativeImage.toDataURL` will preserve PNG colorspace
-
-PNG decoder implementation has been changed to preserve colorspace data, the
-encoded data returned from this function now matches it.
-
-See [crbug.com/332584706](https://issues.chromium.org/issues/332584706) for more information.
-
-### Behavior Changed: `window.flashFrame(bool)` will flash dock icon continuously on macOS
-
-This brings the behavior to parity with Windows and Linux. Prior behavior: The first `flashFrame(true)` bounces the dock icon only once (using the [NSInformationalRequest](https://developer.apple.com/documentation/appkit/nsrequestuserattentiontype/nsinformationalrequest) level) and `flashFrame(false)` does nothing. New behavior: Flash continuously until `flashFrame(false)` is called. This uses the [NSCriticalRequest](https://developer.apple.com/documentation/appkit/nsrequestuserattentiontype/nscriticalrequest) level instead. To explicitly use `NSInformationalRequest` to cause a single dock icon bounce, it is still possible to use [`dock.bounce('informational')`](https://www.electronjs.org/docs/latest/api/dock#dockbouncetype-macos).
-
 ## Planned Breaking API Changes (30.0)
 
 ### Behavior Changed: cross-origin iframes now use Permission Policy to access features

docs/development/build-instructions-gn.md

@@ -329,7 +329,3 @@ Error: Cannot find module '/Users/<user>/.electron_build_tools/src/e'
 ```
 
 We recommend installing Node through [nvm](https://github.com/nvm-sh/nvm). This allows for easier Node version management, and is often a fix for missing `e` modules.
-
-### RBE authentication randomly fails with "Token not valid"
-
-This could be caused by the local clock time on the machine being off by a small amount. Use [time.is](https://time.is/) to check.

docs/development/coding-style.md

@@ -41,7 +41,7 @@ etc.
 
 * Write [remark](https://github.com/remarkjs/remark) markdown style.
 
-You can run `npm run lint:docs` to ensure that your documentation changes are
+You can run `npm run lint-docs` to ensure that your documentation changes are
 formatted correctly.
 
 ## JavaScript

docs/development/goma.md

@@ -0,0 +1,6 @@
+# Goma
+
+> Goma is a distributed compiler service for open-source projects such as
+> Chromium and Android.
+
+Electron's deployment of Goma is deprecated and we are gradually shifting all usage to the [reclient](reclient.md) system. At some point in 2024 the Goma backend will be shutdown.

docs/fiddles/features/dark-mode/index.html

@@ -14,5 +14,6 @@
     <button id="reset-to-system">Reset to System Theme</button>
 
     <script src="renderer.js"></script>
+  </body>
 </body>
 </html>

docs/tutorial/asar-integrity.md

@@ -125,7 +125,7 @@ in the form included below:
 ]
 ```
 
-:::info
+::: info
 
 For an implementation example, see [`src/resedit.ts`](https://github.com/electron/packager/blob/main/src/resedit.ts)
 in the Electron Packager code.

docs/tutorial/dark-mode.md

@@ -75,6 +75,7 @@ Starting with the `index.html` file:
     <button id="reset-to-system">Reset to System Theme</button>
 
     <script src="renderer.js"></script>
+  </body>
 </body>
 </html>
 ```

docs/tutorial/electron-timelines.md

@@ -9,11 +9,10 @@ check out our [Electron Versioning](./electron-versioning.md) doc.
 
 | Electron | Alpha | Beta | Stable | EOL | Chrome | Node | Supported |
 | ------- | ----- | ------- | ------ | ------ | ---- | ---- | ---- |
-| 32.0.0 |  2024-Jun-14 | 2024-Jul-24 | 2024-Aug-20 | 2025-Mar-04 | M128 | TBD | ✅ |
-| 31.0.0 |  2024-Apr-18 | 2024-May-15 | 2024-Jun-11 | 2025-Jan-07 | M126 | v20.14 | ✅ |
+| 31.0.0 |  2024-Apr-18 | 2024-May-15 | 2024-Jun-11 | 2025-Jan-07 | M126 | TBD | ✅ |
 | 30.0.0 |  2024-Feb-22 | 2024-Mar-20 | 2024-Apr-16 | 2024-Oct-15 | M124 | v20.11 | ✅ |
 | 29.0.0 |  2023-Dec-07 | 2024-Jan-24 | 2024-Feb-20 | 2024-Aug-20 | M122 | v20.9 | ✅ |
-| 28.0.0 |  2023-Oct-11 | 2023-Nov-06 | 2023-Dec-05 | 2024-Jun-11 | M120 | v18.18 | 🚫 |
+| 28.0.0 |  2023-Oct-11 | 2023-Nov-06 | 2023-Dec-05 | 2024-Jun-11 | M120 | v18.18 | ✅ |
 | 27.0.0 |  2023-Aug-17 | 2023-Sep-13 | 2023-Oct-10 | 2024-Apr-16 | M118 | v18.17 | 🚫 |
 | 26.0.0 | 2023-Jun-01 | 2023-Jun-27 | 2023-Aug-15 | 2024-Feb-20 | M116 | v18.16 | 🚫 |
 | 25.0.0 | 2023-Apr-10 | 2023-May-02 | 2023-May-30 | 2023-Dec-05 | M114 | v18.15 | 🚫 |
@@ -98,19 +97,12 @@ is as follows:
 
 <img src="https://raw.githubusercontent.com/nodejs/Release/main/schedule.svg?sanitize=true" alt="Releases">
 
-As a rule, stable branches of Electron do not receive Node.js upgrades after they have been cut.
 If Electron has recently updated its `main` branch to a new major version of Node.js, the next stable
 branch to be cut will be released with the new version.
 
-Patch upgrades of Node that contain significant security or bug fixes, and are submitted
-more than 2 weeks prior to a stable release date, will be accepted into an Electron alpha
-or beta release branch.
-
-Minor upgrades of Node that contain significant security or bug fixes, and are submitted
-more than 2 weeks prior to a stable release date may be accepted into an Electron alpha or
-beta release branch on a case-by-case basis. These requests will be reviewed and voted on
-by the [Releases Working Group](https://github.com/electron/governance/tree/main/wg-releases),
-to ensure minimal disruption for developers who may be consuming alpha or beta releases.
+Stable release lines of Electron will receive minor and patch bumps of Node.js after they are released.
+Patch bumps to Node.js will be released in patch releases of Electron, and minor bumps to Node.js will result in a minor release of Electron.
+Security-only release branches will receive security-related changes from Node.js releases, but not the full release.
 
 ### Breaking API changes
 

docs/tutorial/esm.md

@@ -59,7 +59,7 @@ need to be called **before** the app's `ready` event is emitted.
 With top-level `await` available in Node.js ESM, make sure to `await` every Promise that you need to
 execute before the `ready` event. Otherwise, your app may be `ready` before your code executes.
 
-This is particularly important to keep in mind for dynamic ESM import statements (static imports are unaffected).
+This is particularly important to keep in mind for dynamic ESM import statmements (static imports are unaffected).
 For example, if `index.mjs` calls `import('./set-up-paths.mjs')` at the top level, the app will
 likely already be `ready` by the time that dynamic import resolves.
 

docs/tutorial/mac-app-store-submission-guide.md

@@ -20,7 +20,7 @@ You also have to register an Apple Developer account and join the
 
 Electron apps can be distributed through Mac App Store or outside it. Each way
 requires different ways of signing and testing. This guide focuses on
-distribution via Mac App Store.
+distribution via Mac App Store, but will also mention other methods.
 
 The following steps describe how to get the certificates from Apple, how to sign
 Electron apps, and how to test them.
@@ -104,15 +104,26 @@ the App Sandbox. The standard darwin build of Electron will fail to launch
 when run under App Sandbox.
 
 When signing the app with `@electron/osx-sign`, it will automatically add the
-necessary entitlements to your app's entitlements.
+necessary entitlements to your app's entitlements, but if you are using custom
+entitlements, you must ensure App Sandbox capacity is added:
 
-<details>
-<summary>Extra steps without `electron-osx-sign`</summary>
+```xml
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+  <dict>
+    <key>com.apple.security.app-sandbox</key>
+    <true/>
+  </dict>
+</plist>
+```
+
+#### Extra steps without `electron-osx-sign`
 
 If you are signing your app without using `@electron/osx-sign`, you must ensure
 the app bundle's entitlements have at least following keys:
 
-```xml title='entitlements.plist'
+```xml
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
 <plist version="1.0">
@@ -163,7 +174,6 @@ When using `@electron/osx-sign` the `ElectronTeamID` key will be added
 automatically by extracting the Team ID from the certificate's name. You may
 need to manually add this key if `@electron/osx-sign` could not find the correct
 Team ID.
-</details>
 
 ### Sign apps for development
 
@@ -171,14 +181,8 @@ To sign an app that can run on your development machine, you must sign it with
 the "Apple Development" certificate and pass the provisioning profile to
 `@electron/osx-sign`.
 
-```js @ts-nocheck
-const { signAsync } = require('@electron/osx-sign')
-
-signAsync({
-  app: '/path/to/your.app',
-  identity: 'Apple Development',
-  provisioningProfile: '/path/to/your.provisionprofile'
-})
+```bash
+electron-osx-sign YourApp.app --identity='Apple Development' --provisioning-profile=/path/to/yourapp.provisionprofile
 ```
 
 If you are signing without `@electron/osx-sign`, you must place the provisioning
@@ -194,16 +198,30 @@ To sign an app that will be submitted to Mac App Store, you must sign it with
 the "Apple Distribution" certificate. Note that apps signed with this
 certificate will not run anywhere, unless it is downloaded from Mac App Store.
 
-```js @ts-nocheck
-const { signAsync } = require('@electron/osx-sign')
-
-signAsync({
-  app: 'path/to/your.app',
-  identity: 'Apple Distribution'
-})
+```bash
+electron-osx-sign YourApp.app --identity='Apple Distribution'
 ```
 
-## Submit apps to the Mac App Store
+### Sign apps for distribution outside the Mac App Store
+
+If you don't plan to submit the app to Mac App Store, you can sign it the
+"Developer ID Application" certificate. In this way there is no requirement on
+App Sandbox, and you should use the normal darwin build of Electron if you don't
+use App Sandbox.
+
+```bash
+electron-osx-sign YourApp.app --identity='Developer ID Application' --no-gatekeeper-assess
+```
+
+By passing `--no-gatekeeper-assess`, `@electron/osx-sign` will skip the macOS
+GateKeeper check as your app usually has not been notarized yet by this step.
+
+<!-- TODO(zcbenz): Add a chapter about App Notarization -->
+This guide does not cover [App Notarization][app-notarization], but you might
+want to do it otherwise Apple may prevent users from using your app outside Mac
+App Store.
+
+## Submit Apps to the Mac App Store
 
 After signing the app with the "Apple Distribution" certificate, you can
 continue to submit it to Mac App Store.
@@ -245,43 +263,10 @@ more information.
 
 ### Additional entitlements
 
-Every app running under the App Sandbox will run under a limited set of permissions,
-which limits potential damage from malicious code.
 Depending on which Electron APIs your app uses, you may need to add additional
 entitlements to your app's entitlements file. Otherwise, the App Sandbox may
 prevent you from using them.
 
-Entitlements are specified using a file with format like
-property list (`.plist`) or XML. You must provide an entitlement file for the
-application bundle itself and a child entitlement file which basically describes
-an inheritance of properties, specified for all other enclosing executable files
-like binaries, frameworks (`.framework`), and dynamically linked libraries (`.dylib`).
-
-A full list of entitlements is available in the [App Sandbox][app-sandboxing]
-documentation, but below are a few entitlements you might need for your
-MAS app.
-
-With `@electron/osx-sign`, you can set custom entitlements per file as such:
-
-```js @ts-nocheck
-const { signAsync } = require('@electron/osx-sign')
-
-function getEntitlementsForFile (filePath) {
-  if (filePath.startsWith('my-path-1')) {
-    return './my-path-1.plist'
-  } else {
-    return './alternate.plist'
-  }
-}
-
-signAsync({
-  optionsForFile: (filePath) => ({
-    // Ensure you return the right entitlements path here based on the file being signed.
-    entitlements: getEntitlementsForFile(filePath)
-  })
-})
-```
-
 #### Network access
 
 Enable outgoing network connections to allow your app to connect to a server:
@@ -357,11 +342,12 @@ Electron uses following cryptographic algorithms:
 
 [developer-program]: https://developer.apple.com/support/compare-memberships/
 [@electron/osx-sign]: https://github.com/electron/osx-sign
-[app-sandboxing]: https://developer.apple.com/documentation/security/app_sandbox
-[submitting-your-app]: https://help.apple.com/xcode/mac/current/#/dev067853c94
-[create-record]: https://developer.apple.com/help/app-store-connect/create-an-app-record/add-a-new-app
+[app-sandboxing]: https://developer.apple.com/app-sandboxing/
+[app-notarization]: https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution
+[submitting-your-app]: https://developer.apple.com/library/mac/documentation/IDEs/Conceptual/AppDistributionGuide/SubmittingYourApp/SubmittingYourApp.html
+[create-record]: https://help.apple.com/app-store-connect/#/dev2cd126805
 [apple-transporter]: https://help.apple.com/itc/transporteruserguide/en.lproj/static.html
-[submit-for-review]: https://developer.apple.com/help/app-store-connect/manage-submissions-to-app-review/submit-for-review
+[submit-for-review]: https://developer.apple.com/library/ios/documentation/LanguagesUtilities/Conceptual/iTunesConnect_Guide/Chapters/SubmittingTheApp.html
 [export-compliance]: https://help.apple.com/app-store-connect/#/devc3f64248f
 [user-selected]: https://developer.apple.com/library/mac/documentation/Miscellaneous/Reference/EntitlementKeyReference/Chapters/EnablingAppSandbox.html#//apple_ref/doc/uid/TP40011195-CH4-SW6
 [network-access]: https://developer.apple.com/library/ios/documentation/Miscellaneous/Reference/EntitlementKeyReference/Chapters/EnablingAppSandbox.html#//apple_ref/doc/uid/TP40011195-CH4-SW9

docs/tutorial/notifications.md

@@ -161,7 +161,7 @@ Notifications are sent using `libnotify`, which can show notifications on any
 desktop environment that follows [Desktop Notifications Specification][notification-spec],
 including Cinnamon, Enlightenment, Unity, GNOME, and KDE.
 
-[notification-spec]: https://specifications.freedesktop.org/notification-spec/notification-spec-latest.html
+[notification-spec]: https://developer-old.gnome.org/notification-spec/
 [app-user-model-id]: https://learn.microsoft.com/en-us/windows/win32/shell/appids
 [set-app-user-model-id]: ../api/app.md#appsetappusermodelidid-windows
 [squirrel-events]: https://github.com/electron/windows-installer/blob/main/README.md#handling-squirrel-events

docs/tutorial/offscreen-rendering.md

@@ -82,5 +82,4 @@ app.on('window-all-closed', () => {
 
 After launching the Electron application, navigate to your application's
 working folder, where you'll find the rendered image.
-
 [disablehardwareacceleration]: ../api/app.md#appdisablehardwareacceleration

docs/tutorial/progress-bar.md

@@ -112,5 +112,4 @@ For macOS, the progress bar will also be indicated for your application
 when using [Mission Control](https://support.apple.com/en-us/HT204100):
 
 ![Mission Control Progress Bar](../images/mission-control-progress-bar.png)
-
 [setprogressbar]: ../api/browser-window.md#winsetprogressbarprogress-options

docs/tutorial/security.md

@@ -121,8 +121,8 @@ To automate the detection of misconfigurations and insecure patterns, it is
 possible to use
 [Electronegativity](https://github.com/doyensec/electronegativity). For
 additional details on potential weaknesses and implementation bugs when
-developing applications using Electron, please refer to this
-[guide for developers and auditors](https://doyensec.com/resources/us-17-Carettoni-Electronegativity-A-Study-Of-Electron-Security-wp.pdf).
+developing applications using Electron, please refer to this [guide for
+developers and auditors](https://doyensec.com/resources/us-17-Carettoni-Electronegativity-A-Study-Of-Electron-Security-wp.pdf).
 
 ### 1. Only load secure content
 
@@ -246,7 +246,7 @@ and prevent the use of Node primitives `contextIsolation` **must** also be used.
 :::info
 For more information on what `contextIsolation` is and how to enable it please
 see our dedicated [Context Isolation](context-isolation.md) document.
-:::
+:::info
 
 ### 4. Enable process sandboxing
 
@@ -259,7 +259,7 @@ content in an unsandboxed process, including the main process, is not advised.
 :::info
 For more information on what Process Sandboxing is and how to enable it please
 see our dedicated [Process Sandboxing](sandbox.md) document.
-:::
+:::info
 
 ### 5. Handle session permission requests from remote content
 
@@ -644,8 +644,8 @@ windows at runtime.
 
 #### How?
 
-[`webContents`][web-contents] will delegate to its
-[window open handler][window-open-handler] before creating new windows. The handler will
+[`webContents`][web-contents] will delegate to its [window open
+handler][window-open-handler] before creating new windows. The handler will
 receive, amongst other parameters, the `url` the window was requested to open
 and the options used to create it. We recommend that you register a handler to
 monitor the creation of windows, and deny any unexpected window creation.

docs/tutorial/tutorial-6-publishing-updating.md

@@ -32,7 +32,7 @@ at [https://update.electronjs.org](https://update.electronjs.org). Its requireme
 - Your app runs on macOS or Windows
 - Your app has a public GitHub repository
 - Builds are published to [GitHub releases][]
-- Builds are [code signed][code-signed] **(macOS only)**
+- Builds are [code signed][code-signed]
 
 At this point, we'll assume that you have already pushed all your
 code to a public GitHub repository.

docs/tutorial/updates.md

@@ -10,114 +10,6 @@ The easiest and officially supported one is taking advantage of the built-in
 [Squirrel](https://github.com/Squirrel) framework and
 Electron's [autoUpdater](../api/auto-updater.md) module.
 
-## Using cloud object storage (serverless)
-
-For a simple serverless update flow, Electron's autoUpdater module can
-check if updates are available by pointing to a static storage URL
-containing latest release metadata.
-
-When a new release is available, this metadata needs to be published to
-cloud storage alongside the release itself. The metadata format is
-different for macOS and Windows.
-
-### Publishing release metadata
-
-With Electron Forge, you can set up static file storage updates by publishing
-metadata artifacts from the ZIP Maker (macOS) with `macUpdateManifestBaseUrl`
-and the Squirrel.Windows Maker (Windows) with `remoteReleases`.
-
-See Forge's [Auto updating from S3](https://www.electronforge.io/config/publishers/s3#auto-updating-from-s3)
-guide for an end-to-end example.
-
-<details>
-<summary>Manual publishing</summary>
-
-On macOS, Squirrel.Mac can receive updates by reading a `releases.json` file with the
-following JSON format:
-
-```json title='releases.json'
-{
-  "currentRelease": "1.2.3",
-  "releases": [
-    {
-      "version": "1.2.1",
-      "updateTo": {
-        "version": "1.2.1",
-        "pub_date": "2023-09-18T12:29:53+01:00",
-        "notes": "Theses are some release notes innit",
-        "name": "1.2.1",
-        "url": "https://mycompany.example.com/myapp/releases/myrelease"
-      }
-    },
-    {
-      "version": "1.2.3",
-      "updateTo": {
-        "version": "1.2.3",
-        "pub_date": "2024-09-18T12:29:53+01:00",
-        "notes": "Theses are some more release notes innit",
-        "name": "1.2.3",
-        "url": "https://mycompany.example.com/myapp/releases/myrelease3"
-      }
-    }
-  ]
-}
-```
-
-On Windows, Squirrel.Windows can receive updates by reading from the RELEASES
-file generated during the build process. This file details the `.nupkg` delta
-package to update to.
-
-```plaintext title='RELEASES'
-B0892F3C7AC91D72A6271FF36905FEF8FE993520 electron-fiddle-0.36.3-full.nupkg 103298365
-```
-
-These files should live in the same directory as your release, under a folder
-structure that is aware of your app's platform and architecture.
-
-For example:
-
-```plaintext
-my-app-updates/
-├─ darwin/
-│  ├─ x64/
-│  │  ├─ my-app-1.0.0-darwin-x64.zip
-│  │  ├─ my-app-1.1.0-darwin-x64.zip
-│  │  ├─ RELEASES.json
-│  ├─ arm64/
-│  │  ├─ my-app-1.0.0-darwin-arm64.zip
-│  │  ├─ my-app-1.1.0-darwin-arm64.zip
-│  │  ├─ RELEASES.json
-├─ win32/
-│  ├─ x64/
-│  │  ├─ my-app-1.0.0-win32-x64.exe
-│  │  ├─ my-app-1.0.0-win32-x64.nupkg
-│  │  ├─ my-app-1.1.0-win32-x64.exe
-│  │  ├─ my-app-1.1.0-win32-x64.nupkg
-│  │  ├─ RELEASES
-```
-
-</details>
-
-### Reading release metadata
-
-The easiest way to consume metadata is by installing [update-electron-app][],
-a drop-in Node.js module that sets up autoUpdater and prompts the user with
-a native dialog.
-
-For static storage updates, point the `updateSource.baseUrl` parameter to
-the directory containing your release metadata files.
-
-```js title="main.js" @ts-nocheck
-const { updateElectronApp, UpdateSourceType } = require('update-electron-app')
-
-updateElectronApp({
-  updateSource: {
-    type: UpdateSourceType.StaticStorage,
-    baseUrl: `https://my-bucket.s3.amazonaws.com/my-app-updates/${process.platform}/${process.arch}`
-  }
-})
-```
-
 ## Using update.electronjs.org
 
 The Electron team maintains [update.electronjs.org][], a free and open-source
@@ -127,7 +19,7 @@ for Electron apps that meet the following criteria:
 - App runs on macOS or Windows
 - App has a public GitHub repository
 - Builds are published to [GitHub Releases][gh-releases]
-- Builds are [code-signed](./code-signing.md) **(macOS only)**
+- Builds are [code-signed](./code-signing.md)
 
 The easiest way to use this service is by installing [update-electron-app][],
 a Node.js module preconfigured for use with update.electronjs.org.
@@ -259,10 +151,6 @@ server-communication aspect of the process by loading your update from a local d
 
 :::
 
-## Update server specification
-
-A Squirrel-compatible update server has different
-
 [vercel]: https://vercel.com
 [hazel]: https://github.com/vercel/hazel
 [nuts]: https://github.com/GitbookIO/nuts

docs/tutorial/using-native-node-modules.md

@@ -40,8 +40,8 @@ npm install --save-dev @electron/rebuild
 .\node_modules\.bin\electron-rebuild.cmd
 ```
 
-For more information on usage and integration with other tools such as
-[Electron Packager][electron-packager], consult the project's README.
+For more information on usage and integration with other tools such as [Electron
+Packager][electron-packager], consult the project's README.
 
 ### Using `npm`
 
@@ -108,8 +108,8 @@ the following things:
 On Windows, by default, `node-gyp` links native modules against `node.dll`.
 However, in Electron 4.x and higher, the symbols needed by native modules are
 exported by `electron.exe`, and there is no `node.dll`. In order to load native
-modules on Windows, `node-gyp` installs a
-[delay-load hook](https://learn.microsoft.com/en-us/cpp/build/reference/error-handling-and-notification?view=msvc-170#notification-hooks) that triggers
+modules on Windows, `node-gyp` installs a [delay-load
+hook](https://learn.microsoft.com/en-us/cpp/build/reference/error-handling-and-notification?view=msvc-170#notification-hooks) that triggers
 when the native module is loaded, and redirects the `node.dll` reference to use
 the loading executable instead of looking for `node.dll` in the library search
 path (which would turn up nothing). As such, on Electron 4.x and higher,

docs/tutorial/web-embeds.md

@@ -23,8 +23,8 @@ and only allow the capabilities you want to support.
 [we do not recommend you to use WebViews](../api/webview-tag.md#warning),
 as this tag undergoes dramatic architectural changes that may affect stability
 of your application. Consider switching to alternatives, like `iframe` and
-Electron's [`WebContentsView`](../api/web-contents-view.md), or an architecture
-that avoids embedded content by design.
+Electron's `BrowserView`, or an architecture that avoids embedded content
+by design.
 
 [WebViews](../api/webview-tag.md) are based on Chromium's WebViews and are not
 explicitly supported by Electron. We do not guarantee that the WebView API will

electron_paks.gni

@@ -187,9 +187,9 @@ template("electron_paks") {
       "${root_gen_dir}/device/bluetooth/strings/bluetooth_strings_",
       "${root_gen_dir}/extensions/strings/extensions_strings_",
       "${root_gen_dir}/services/strings/services_strings_",
+      "${root_gen_dir}/third_party/blink/public/strings/blink_accessibility_strings_",
       "${root_gen_dir}/third_party/blink/public/strings/blink_strings_",
       "${root_gen_dir}/ui/strings/app_locale_settings_",
-      "${root_gen_dir}/ui/strings/auto_image_annotation_strings_",
       "${root_gen_dir}/ui/strings/ax_strings_",
       "${root_gen_dir}/ui/strings/ui_strings_",
     ]
@@ -204,8 +204,8 @@ template("electron_paks") {
       "//extensions/strings",
       "//services/strings",
       "//third_party/blink/public/strings",
+      "//third_party/blink/public/strings:accessibility_strings",
       "//ui/strings:app_locale_settings",
-      "//ui/strings:auto_image_annotation_strings",
       "//ui/strings:ax_strings",
       "//ui/strings:ui_strings",
     ]

filenames.auto.gni

@@ -22,6 +22,7 @@ auto_filenames = {
     "docs/api/download-item.md",
     "docs/api/environment-variables.md",
     "docs/api/extensions.md",
+    "docs/api/file-object.md",
     "docs/api/global-shortcut.md",
     "docs/api/in-app-purchase.md",
     "docs/api/incoming-message.md",
@@ -148,7 +149,6 @@ auto_filenames = {
     "docs/api/structures/web-preferences.md",
     "docs/api/structures/web-request-filter.md",
     "docs/api/structures/web-source.md",
-    "docs/api/structures/window-open-handler-response.md",
   ]
 
   sandbox_bundle_deps = [

filenames.gni

@@ -159,8 +159,12 @@ filenames = {
     "shell/browser/osr/osr_web_contents_view_mac.mm",
     "shell/browser/relauncher_mac.cc",
     "shell/browser/ui/certificate_trust_mac.mm",
+    "shell/browser/ui/cocoa/delayed_native_view_host.h",
+    "shell/browser/ui/cocoa/delayed_native_view_host.mm",
     "shell/browser/ui/cocoa/electron_bundle_mover.h",
     "shell/browser/ui/cocoa/electron_bundle_mover.mm",
+    "shell/browser/ui/cocoa/electron_inspectable_web_contents_view.h",
+    "shell/browser/ui/cocoa/electron_inspectable_web_contents_view.mm",
     "shell/browser/ui/cocoa/electron_menu_controller.h",
     "shell/browser/ui/cocoa/electron_menu_controller.mm",
     "shell/browser/ui/cocoa/electron_native_widget_mac.h",
@@ -187,6 +191,8 @@ filenames = {
     "shell/browser/ui/cocoa/window_buttons_proxy.mm",
     "shell/browser/ui/drag_util_mac.mm",
     "shell/browser/ui/file_dialog_mac.mm",
+    "shell/browser/ui/inspectable_web_contents_view_mac.h",
+    "shell/browser/ui/inspectable_web_contents_view_mac.mm",
     "shell/browser/ui/message_box_mac.mm",
     "shell/browser/ui/tray_icon_cocoa.h",
     "shell/browser/ui/tray_icon_cocoa.mm",
@@ -202,7 +208,6 @@ filenames = {
     "shell/common/node_bindings_mac.cc",
     "shell/common/node_bindings_mac.h",
     "shell/common/platform_util_mac.mm",
-    "shell/browser/ui/views/inspectable_web_contents_view_mac.mm",
   ]
 
   lib_sources_views = [
@@ -217,6 +222,8 @@ filenames = {
     "shell/browser/ui/views/electron_views_delegate.h",
     "shell/browser/ui/views/frameless_view.cc",
     "shell/browser/ui/views/frameless_view.h",
+    "shell/browser/ui/views/inspectable_web_contents_view_views.cc",
+    "shell/browser/ui/views/inspectable_web_contents_view_views.h",
     "shell/browser/ui/views/menu_bar.cc",
     "shell/browser/ui/views/menu_bar.h",
     "shell/browser/ui/views/menu_delegate.cc",
@@ -362,8 +369,6 @@ filenames = {
     "shell/browser/electron_browser_context.h",
     "shell/browser/electron_browser_main_parts.cc",
     "shell/browser/electron_browser_main_parts.h",
-    "shell/browser/electron_crypto_module_delegate_nss.cc",
-    "shell/browser/electron_crypto_module_delegate_nss.h",
     "shell/browser/electron_download_manager_delegate.cc",
     "shell/browser/electron_download_manager_delegate.h",
     "shell/browser/electron_gpu_client.cc",
@@ -542,7 +547,6 @@ filenames = {
     "shell/common/api/electron_api_clipboard.h",
     "shell/common/api/electron_api_command_line.cc",
     "shell/common/api/electron_api_environment.cc",
-    "shell/common/api/electron_api_key_weak_map.h",
     "shell/common/api/electron_api_native_image.cc",
     "shell/common/api/electron_api_native_image.h",
     "shell/common/api/electron_api_net.cc",
@@ -554,8 +558,6 @@ filenames = {
     "shell/common/api/electron_bindings.cc",
     "shell/common/api/electron_bindings.h",
     "shell/common/api/features.cc",
-    "shell/common/api/object_life_monitor.cc",
-    "shell/common/api/object_life_monitor.h",
     "shell/common/application_info.cc",
     "shell/common/application_info.h",
     "shell/common/asar/archive.cc",
@@ -763,6 +765,8 @@ filenames = {
     "shell/common/extensions/electron_extensions_client.h",
     "shell/common/gin_converters/extension_converter.cc",
     "shell/common/gin_converters/extension_converter.h",
+    "shell/renderer/extensions/electron_extensions_dispatcher_delegate.cc",
+    "shell/renderer/extensions/electron_extensions_dispatcher_delegate.h",
     "shell/renderer/extensions/electron_extensions_renderer_api_provider.cc",
     "shell/renderer/extensions/electron_extensions_renderer_api_provider.h",
     "shell/renderer/extensions/electron_extensions_renderer_client.cc",

filenames.libcxx.gni

@@ -73,7 +73,37 @@ libcxx_headers = [
   "//third_party/libc++/src/include/__algorithm/partition_point.h",
   "//third_party/libc++/src/include/__algorithm/pop_heap.h",
   "//third_party/libc++/src/include/__algorithm/prev_permutation.h",
-  "//third_party/libc++/src/include/__algorithm/pstl.h",
+  "//third_party/libc++/src/include/__algorithm/pstl_any_all_none_of.h",
+  "//third_party/libc++/src/include/__algorithm/pstl_backend.h",
+  "//third_party/libc++/src/include/__algorithm/pstl_backends/cpu_backend.h",
+  "//third_party/libc++/src/include/__algorithm/pstl_backends/cpu_backends/any_of.h",
+  "//third_party/libc++/src/include/__algorithm/pstl_backends/cpu_backends/backend.h",
+  "//third_party/libc++/src/include/__algorithm/pstl_backends/cpu_backends/fill.h",
+  "//third_party/libc++/src/include/__algorithm/pstl_backends/cpu_backends/find_if.h",
+  "//third_party/libc++/src/include/__algorithm/pstl_backends/cpu_backends/for_each.h",
+  "//third_party/libc++/src/include/__algorithm/pstl_backends/cpu_backends/libdispatch.h",
+  "//third_party/libc++/src/include/__algorithm/pstl_backends/cpu_backends/merge.h",
+  "//third_party/libc++/src/include/__algorithm/pstl_backends/cpu_backends/serial.h",
+  "//third_party/libc++/src/include/__algorithm/pstl_backends/cpu_backends/stable_sort.h",
+  "//third_party/libc++/src/include/__algorithm/pstl_backends/cpu_backends/thread.h",
+  "//third_party/libc++/src/include/__algorithm/pstl_backends/cpu_backends/transform.h",
+  "//third_party/libc++/src/include/__algorithm/pstl_backends/cpu_backends/transform_reduce.h",
+  "//third_party/libc++/src/include/__algorithm/pstl_copy.h",
+  "//third_party/libc++/src/include/__algorithm/pstl_count.h",
+  "//third_party/libc++/src/include/__algorithm/pstl_equal.h",
+  "//third_party/libc++/src/include/__algorithm/pstl_fill.h",
+  "//third_party/libc++/src/include/__algorithm/pstl_find.h",
+  "//third_party/libc++/src/include/__algorithm/pstl_for_each.h",
+  "//third_party/libc++/src/include/__algorithm/pstl_frontend_dispatch.h",
+  "//third_party/libc++/src/include/__algorithm/pstl_generate.h",
+  "//third_party/libc++/src/include/__algorithm/pstl_is_partitioned.h",
+  "//third_party/libc++/src/include/__algorithm/pstl_merge.h",
+  "//third_party/libc++/src/include/__algorithm/pstl_move.h",
+  "//third_party/libc++/src/include/__algorithm/pstl_replace.h",
+  "//third_party/libc++/src/include/__algorithm/pstl_rotate_copy.h",
+  "//third_party/libc++/src/include/__algorithm/pstl_sort.h",
+  "//third_party/libc++/src/include/__algorithm/pstl_stable_sort.h",
+  "//third_party/libc++/src/include/__algorithm/pstl_transform.h",
   "//third_party/libc++/src/include/__algorithm/push_heap.h",
   "//third_party/libc++/src/include/__algorithm/ranges_adjacent_find.h",
   "//third_party/libc++/src/include/__algorithm/ranges_all_of.h",
@@ -188,7 +218,6 @@ libcxx_headers = [
   "//third_party/libc++/src/include/__algorithm/shift_right.h",
   "//third_party/libc++/src/include/__algorithm/shuffle.h",
   "//third_party/libc++/src/include/__algorithm/sift_down.h",
-  "//third_party/libc++/src/include/__algorithm/simd_utils.h",
   "//third_party/libc++/src/include/__algorithm/sort.h",
   "//third_party/libc++/src/include/__algorithm/sort_heap.h",
   "//third_party/libc++/src/include/__algorithm/stable_partition.h",
@@ -209,7 +238,6 @@ libcxx_headers = [
   "//third_party/libc++/src/include/__atomic/atomic_flag.h",
   "//third_party/libc++/src/include/__atomic/atomic_init.h",
   "//third_party/libc++/src/include/__atomic/atomic_lock_free.h",
-  "//third_party/libc++/src/include/__atomic/atomic_ref.h",
   "//third_party/libc++/src/include/__atomic/atomic_sync.h",
   "//third_party/libc++/src/include/__atomic/check_memory_order.h",
   "//third_party/libc++/src/include/__atomic/contention_t.h",
@@ -218,7 +246,7 @@ libcxx_headers = [
   "//third_party/libc++/src/include/__atomic/is_always_lock_free.h",
   "//third_party/libc++/src/include/__atomic/kill_dependency.h",
   "//third_party/libc++/src/include/__atomic/memory_order.h",
-  "//third_party/libc++/src/include/__atomic/to_gcc_order.h",
+  "//third_party/libc++/src/include/__availability",
   "//third_party/libc++/src/include/__bit/bit_cast.h",
   "//third_party/libc++/src/include/__bit/bit_ceil.h",
   "//third_party/libc++/src/include/__bit/bit_floor.h",
@@ -250,14 +278,11 @@ libcxx_headers = [
   "//third_party/libc++/src/include/__chrono/convert_to_tm.h",
   "//third_party/libc++/src/include/__chrono/day.h",
   "//third_party/libc++/src/include/__chrono/duration.h",
-  "//third_party/libc++/src/include/__chrono/exception.h",
   "//third_party/libc++/src/include/__chrono/file_clock.h",
   "//third_party/libc++/src/include/__chrono/formatter.h",
   "//third_party/libc++/src/include/__chrono/hh_mm_ss.h",
   "//third_party/libc++/src/include/__chrono/high_resolution_clock.h",
-  "//third_party/libc++/src/include/__chrono/leap_second.h",
   "//third_party/libc++/src/include/__chrono/literals.h",
-  "//third_party/libc++/src/include/__chrono/local_info.h",
   "//third_party/libc++/src/include/__chrono/month.h",
   "//third_party/libc++/src/include/__chrono/month_weekday.h",
   "//third_party/libc++/src/include/__chrono/monthday.h",
@@ -265,7 +290,6 @@ libcxx_headers = [
   "//third_party/libc++/src/include/__chrono/parser_std_format_spec.h",
   "//third_party/libc++/src/include/__chrono/statically_widen.h",
   "//third_party/libc++/src/include/__chrono/steady_clock.h",
-  "//third_party/libc++/src/include/__chrono/sys_info.h",
   "//third_party/libc++/src/include/__chrono/system_clock.h",
   "//third_party/libc++/src/include/__chrono/time_point.h",
   "//third_party/libc++/src/include/__chrono/time_zone.h",
@@ -277,7 +301,6 @@ libcxx_headers = [
   "//third_party/libc++/src/include/__chrono/year_month.h",
   "//third_party/libc++/src/include/__chrono/year_month_day.h",
   "//third_party/libc++/src/include/__chrono/year_month_weekday.h",
-  "//third_party/libc++/src/include/__chrono/zoned_time.h",
   "//third_party/libc++/src/include/__compare/common_comparison_category.h",
   "//third_party/libc++/src/include/__compare/compare_partial_order_fallback.h",
   "//third_party/libc++/src/include/__compare/compare_strong_order_fallback.h",
@@ -316,17 +339,11 @@ libcxx_headers = [
   "//third_party/libc++/src/include/__condition_variable/condition_variable.h",
   "//third_party/libc++/src/include/__config",
   "//third_party/libc++/src/include/__config_site.in",
-  "//third_party/libc++/src/include/__configuration/abi.h",
-  "//third_party/libc++/src/include/__configuration/availability.h",
-  "//third_party/libc++/src/include/__configuration/compiler.h",
-  "//third_party/libc++/src/include/__configuration/language.h",
-  "//third_party/libc++/src/include/__configuration/platform.h",
   "//third_party/libc++/src/include/__coroutine/coroutine_handle.h",
   "//third_party/libc++/src/include/__coroutine/coroutine_traits.h",
   "//third_party/libc++/src/include/__coroutine/noop_coroutine_handle.h",
   "//third_party/libc++/src/include/__coroutine/trivial_awaitables.h",
   "//third_party/libc++/src/include/__debug_utils/randomize_range.h",
-  "//third_party/libc++/src/include/__debug_utils/sanitizers.h",
   "//third_party/libc++/src/include/__debug_utils/strict_weak_ordering_check.h",
   "//third_party/libc++/src/include/__exception/exception.h",
   "//third_party/libc++/src/include/__exception/exception_ptr.h",
@@ -365,6 +382,7 @@ libcxx_headers = [
   "//third_party/libc++/src/include/__format/format_context.h",
   "//third_party/libc++/src/include/__format/format_error.h",
   "//third_party/libc++/src/include/__format/format_functions.h",
+  "//third_party/libc++/src/include/__format/format_fwd.h",
   "//third_party/libc++/src/include/__format/format_parse_context.h",
   "//third_party/libc++/src/include/__format/format_string.h",
   "//third_party/libc++/src/include/__format/format_to_n_result.h",
@@ -378,7 +396,6 @@ libcxx_headers = [
   "//third_party/libc++/src/include/__format/formatter_pointer.h",
   "//third_party/libc++/src/include/__format/formatter_string.h",
   "//third_party/libc++/src/include/__format/formatter_tuple.h",
-  "//third_party/libc++/src/include/__format/indic_conjunct_break_table.h",
   "//third_party/libc++/src/include/__format/parser_std_format_spec.h",
   "//third_party/libc++/src/include/__format/range_default_formatter.h",
   "//third_party/libc++/src/include/__format/range_formatter.h",
@@ -415,32 +432,25 @@ libcxx_headers = [
   "//third_party/libc++/src/include/__fwd/array.h",
   "//third_party/libc++/src/include/__fwd/bit_reference.h",
   "//third_party/libc++/src/include/__fwd/complex.h",
-  "//third_party/libc++/src/include/__fwd/deque.h",
-  "//third_party/libc++/src/include/__fwd/format.h",
   "//third_party/libc++/src/include/__fwd/fstream.h",
   "//third_party/libc++/src/include/__fwd/functional.h",
   "//third_party/libc++/src/include/__fwd/ios.h",
   "//third_party/libc++/src/include/__fwd/istream.h",
   "//third_party/libc++/src/include/__fwd/mdspan.h",
-  "//third_party/libc++/src/include/__fwd/memory.h",
   "//third_party/libc++/src/include/__fwd/memory_resource.h",
   "//third_party/libc++/src/include/__fwd/ostream.h",
   "//third_party/libc++/src/include/__fwd/pair.h",
-  "//third_party/libc++/src/include/__fwd/queue.h",
   "//third_party/libc++/src/include/__fwd/span.h",
   "//third_party/libc++/src/include/__fwd/sstream.h",
-  "//third_party/libc++/src/include/__fwd/stack.h",
   "//third_party/libc++/src/include/__fwd/streambuf.h",
   "//third_party/libc++/src/include/__fwd/string.h",
   "//third_party/libc++/src/include/__fwd/string_view.h",
   "//third_party/libc++/src/include/__fwd/subrange.h",
   "//third_party/libc++/src/include/__fwd/tuple.h",
-  "//third_party/libc++/src/include/__fwd/vector.h",
   "//third_party/libc++/src/include/__hash_table",
   "//third_party/libc++/src/include/__ios/fpos.h",
   "//third_party/libc++/src/include/__iterator/access.h",
   "//third_party/libc++/src/include/__iterator/advance.h",
-  "//third_party/libc++/src/include/__iterator/aliasing_iterator.h",
   "//third_party/libc++/src/include/__iterator/back_insert_iterator.h",
   "//third_party/libc++/src/include/__iterator/bounded_iter.h",
   "//third_party/libc++/src/include/__iterator/common_iterator.h",
@@ -569,31 +579,13 @@ libcxx_headers = [
   "//third_party/libc++/src/include/__numeric/iota.h",
   "//third_party/libc++/src/include/__numeric/midpoint.h",
   "//third_party/libc++/src/include/__numeric/partial_sum.h",
-  "//third_party/libc++/src/include/__numeric/pstl.h",
+  "//third_party/libc++/src/include/__numeric/pstl_reduce.h",
+  "//third_party/libc++/src/include/__numeric/pstl_transform_reduce.h",
   "//third_party/libc++/src/include/__numeric/reduce.h",
   "//third_party/libc++/src/include/__numeric/saturation_arithmetic.h",
   "//third_party/libc++/src/include/__numeric/transform_exclusive_scan.h",
   "//third_party/libc++/src/include/__numeric/transform_inclusive_scan.h",
   "//third_party/libc++/src/include/__numeric/transform_reduce.h",
-  "//third_party/libc++/src/include/__ostream/basic_ostream.h",
-  "//third_party/libc++/src/include/__ostream/print.h",
-  "//third_party/libc++/src/include/__pstl/backend.h",
-  "//third_party/libc++/src/include/__pstl/backend_fwd.h",
-  "//third_party/libc++/src/include/__pstl/backends/default.h",
-  "//third_party/libc++/src/include/__pstl/backends/libdispatch.h",
-  "//third_party/libc++/src/include/__pstl/backends/serial.h",
-  "//third_party/libc++/src/include/__pstl/backends/std_thread.h",
-  "//third_party/libc++/src/include/__pstl/cpu_algos/any_of.h",
-  "//third_party/libc++/src/include/__pstl/cpu_algos/cpu_traits.h",
-  "//third_party/libc++/src/include/__pstl/cpu_algos/fill.h",
-  "//third_party/libc++/src/include/__pstl/cpu_algos/find_if.h",
-  "//third_party/libc++/src/include/__pstl/cpu_algos/for_each.h",
-  "//third_party/libc++/src/include/__pstl/cpu_algos/merge.h",
-  "//third_party/libc++/src/include/__pstl/cpu_algos/stable_sort.h",
-  "//third_party/libc++/src/include/__pstl/cpu_algos/transform.h",
-  "//third_party/libc++/src/include/__pstl/cpu_algos/transform_reduce.h",
-  "//third_party/libc++/src/include/__pstl/dispatch.h",
-  "//third_party/libc++/src/include/__pstl/handle_exception.h",
   "//third_party/libc++/src/include/__random/bernoulli_distribution.h",
   "//third_party/libc++/src/include/__random/binomial_distribution.h",
   "//third_party/libc++/src/include/__random/cauchy_distribution.h",
@@ -711,14 +703,13 @@ libcxx_headers = [
   "//third_party/libc++/src/include/__thread/thread.h",
   "//third_party/libc++/src/include/__thread/timed_backoff_policy.h",
   "//third_party/libc++/src/include/__tree",
-  "//third_party/libc++/src/include/__tuple/find_index.h",
   "//third_party/libc++/src/include/__tuple/make_tuple_types.h",
+  "//third_party/libc++/src/include/__tuple/pair_like.h",
   "//third_party/libc++/src/include/__tuple/sfinae_helpers.h",
   "//third_party/libc++/src/include/__tuple/tuple_element.h",
   "//third_party/libc++/src/include/__tuple/tuple_indices.h",
   "//third_party/libc++/src/include/__tuple/tuple_like.h",
   "//third_party/libc++/src/include/__tuple/tuple_like_ext.h",
-  "//third_party/libc++/src/include/__tuple/tuple_like_no_subrange.h",
   "//third_party/libc++/src/include/__tuple/tuple_size.h",
   "//third_party/libc++/src/include/__tuple/tuple_types.h",
   "//third_party/libc++/src/include/__type_traits/add_const.h",
@@ -730,6 +721,7 @@ libcxx_headers = [
   "//third_party/libc++/src/include/__type_traits/aligned_storage.h",
   "//third_party/libc++/src/include/__type_traits/aligned_union.h",
   "//third_party/libc++/src/include/__type_traits/alignment_of.h",
+  "//third_party/libc++/src/include/__type_traits/apply_cv.h",
   "//third_party/libc++/src/include/__type_traits/can_extract_key.h",
   "//third_party/libc++/src/include/__type_traits/common_reference.h",
   "//third_party/libc++/src/include/__type_traits/common_type.h",
@@ -740,7 +732,6 @@ libcxx_headers = [
   "//third_party/libc++/src/include/__type_traits/datasizeof.h",
   "//third_party/libc++/src/include/__type_traits/decay.h",
   "//third_party/libc++/src/include/__type_traits/dependent_type.h",
-  "//third_party/libc++/src/include/__type_traits/desugars_to.h",
   "//third_party/libc++/src/include/__type_traits/disjunction.h",
   "//third_party/libc++/src/include/__type_traits/enable_if.h",
   "//third_party/libc++/src/include/__type_traits/extent.h",
@@ -765,7 +756,10 @@ libcxx_headers = [
   "//third_party/libc++/src/include/__type_traits/is_constant_evaluated.h",
   "//third_party/libc++/src/include/__type_traits/is_constructible.h",
   "//third_party/libc++/src/include/__type_traits/is_convertible.h",
+  "//third_party/libc++/src/include/__type_traits/is_copy_assignable.h",
+  "//third_party/libc++/src/include/__type_traits/is_copy_constructible.h",
   "//third_party/libc++/src/include/__type_traits/is_core_convertible.h",
+  "//third_party/libc++/src/include/__type_traits/is_default_constructible.h",
   "//third_party/libc++/src/include/__type_traits/is_destructible.h",
   "//third_party/libc++/src/include/__type_traits/is_empty.h",
   "//third_party/libc++/src/include/__type_traits/is_enum.h",
@@ -781,10 +775,17 @@ libcxx_headers = [
   "//third_party/libc++/src/include/__type_traits/is_member_function_pointer.h",
   "//third_party/libc++/src/include/__type_traits/is_member_object_pointer.h",
   "//third_party/libc++/src/include/__type_traits/is_member_pointer.h",
+  "//third_party/libc++/src/include/__type_traits/is_move_assignable.h",
+  "//third_party/libc++/src/include/__type_traits/is_move_constructible.h",
   "//third_party/libc++/src/include/__type_traits/is_nothrow_assignable.h",
   "//third_party/libc++/src/include/__type_traits/is_nothrow_constructible.h",
   "//third_party/libc++/src/include/__type_traits/is_nothrow_convertible.h",
+  "//third_party/libc++/src/include/__type_traits/is_nothrow_copy_assignable.h",
+  "//third_party/libc++/src/include/__type_traits/is_nothrow_copy_constructible.h",
+  "//third_party/libc++/src/include/__type_traits/is_nothrow_default_constructible.h",
   "//third_party/libc++/src/include/__type_traits/is_nothrow_destructible.h",
+  "//third_party/libc++/src/include/__type_traits/is_nothrow_move_assignable.h",
+  "//third_party/libc++/src/include/__type_traits/is_nothrow_move_constructible.h",
   "//third_party/libc++/src/include/__type_traits/is_null_pointer.h",
   "//third_party/libc++/src/include/__type_traits/is_object.h",
   "//third_party/libc++/src/include/__type_traits/is_pod.h",
@@ -805,9 +806,14 @@ libcxx_headers = [
   "//third_party/libc++/src/include/__type_traits/is_trivial.h",
   "//third_party/libc++/src/include/__type_traits/is_trivially_assignable.h",
   "//third_party/libc++/src/include/__type_traits/is_trivially_constructible.h",
+  "//third_party/libc++/src/include/__type_traits/is_trivially_copy_assignable.h",
+  "//third_party/libc++/src/include/__type_traits/is_trivially_copy_constructible.h",
   "//third_party/libc++/src/include/__type_traits/is_trivially_copyable.h",
+  "//third_party/libc++/src/include/__type_traits/is_trivially_default_constructible.h",
   "//third_party/libc++/src/include/__type_traits/is_trivially_destructible.h",
   "//third_party/libc++/src/include/__type_traits/is_trivially_lexicographically_comparable.h",
+  "//third_party/libc++/src/include/__type_traits/is_trivially_move_assignable.h",
+  "//third_party/libc++/src/include/__type_traits/is_trivially_move_constructible.h",
   "//third_party/libc++/src/include/__type_traits/is_trivially_relocatable.h",
   "//third_party/libc++/src/include/__type_traits/is_unbounded_array.h",
   "//third_party/libc++/src/include/__type_traits/is_union.h",
@@ -825,6 +831,7 @@ libcxx_headers = [
   "//third_party/libc++/src/include/__type_traits/nat.h",
   "//third_party/libc++/src/include/__type_traits/negation.h",
   "//third_party/libc++/src/include/__type_traits/noexcept_move_assign_container.h",
+  "//third_party/libc++/src/include/__type_traits/operation_traits.h",
   "//third_party/libc++/src/include/__type_traits/promote.h",
   "//third_party/libc++/src/include/__type_traits/rank.h",
   "//third_party/libc++/src/include/__type_traits/remove_all_extents.h",
@@ -858,13 +865,11 @@ libcxx_headers = [
   "//third_party/libc++/src/include/__utility/in_place.h",
   "//third_party/libc++/src/include/__utility/integer_sequence.h",
   "//third_party/libc++/src/include/__utility/is_pointer_in_range.h",
-  "//third_party/libc++/src/include/__utility/is_valid_range.h",
   "//third_party/libc++/src/include/__utility/move.h",
   "//third_party/libc++/src/include/__utility/no_destroy.h",
   "//third_party/libc++/src/include/__utility/pair.h",
   "//third_party/libc++/src/include/__utility/piecewise_construct.h",
   "//third_party/libc++/src/include/__utility/priority_tag.h",
-  "//third_party/libc++/src/include/__utility/private_constructor_tag.h",
   "//third_party/libc++/src/include/__utility/rel_ops.h",
   "//third_party/libc++/src/include/__utility/small_buffer.h",
   "//third_party/libc++/src/include/__utility/swap.h",
@@ -955,6 +960,7 @@ libcxx_headers = [
   "//third_party/libc++/src/include/istream",
   "//third_party/libc++/src/include/iterator",
   "//third_party/libc++/src/include/latch",
+  "//third_party/libc++/src/include/libcxx.imp",
   "//third_party/libc++/src/include/limits",
   "//third_party/libc++/src/include/list",
   "//third_party/libc++/src/include/locale",
@@ -964,7 +970,7 @@ libcxx_headers = [
   "//third_party/libc++/src/include/mdspan",
   "//third_party/libc++/src/include/memory",
   "//third_party/libc++/src/include/memory_resource",
-  "//third_party/libc++/src/include/module.modulemap",
+  "//third_party/libc++/src/include/module.modulemap.in",
   "//third_party/libc++/src/include/mutex",
   "//third_party/libc++/src/include/new",
   "//third_party/libc++/src/include/numbers",

lib/browser/api/app.ts

@@ -1,7 +1,7 @@
-import * as fs from 'fs';
-
 import { Menu } from 'electron/main';
 
+import * as fs from 'fs';
+
 const bindings = process._linkedBinding('electron_browser_app');
 const commandLine = process._linkedBinding('electron_common_command_line');
 const { app } = bindings;
@@ -111,19 +111,3 @@ for (const name of events) {
     webContents.emit(name, event, ...args);
   });
 }
-
-app._clientCertRequestPasswordHandler = null;
-app.setClientCertRequestPasswordHandler = function (handler: (params: Electron.ClientCertRequestParams) => Promise<string>) {
-  app._clientCertRequestPasswordHandler = handler;
-};
-
-app.on('-client-certificate-request-password', async (event: Electron.Event<Electron.ClientCertRequestParams>, callback: (password: string) => void) => {
-  event.preventDefault();
-  const { hostname, tokenName, isRetry } = event;
-  if (!app._clientCertRequestPasswordHandler) {
-    callback('');
-    return;
-  }
-  const password = await app._clientCertRequestPasswordHandler({ hostname, tokenName, isRetry });
-  callback(password);
-});

lib/browser/api/auto-updater/auto-updater-win.ts

@@ -1,7 +1,9 @@
-import { app } from 'electron/main';
-import { EventEmitter } from 'events';
 import * as squirrelUpdate from '@electron/internal/browser/api/auto-updater/squirrel-update-win';
 
+import { app } from 'electron/main';
+
+import { EventEmitter } from 'events';
+
 class AutoUpdater extends EventEmitter implements Electron.AutoUpdater {
   updateAvailable: boolean = false;
   updateURL: string | null = null;

lib/browser/api/auto-updater/squirrel-update-win.ts

@@ -1,6 +1,6 @@
+import { spawn, ChildProcessWithoutNullStreams } from 'child_process';
 import * as fs from 'fs';
 import * as path from 'path';
-import { spawn, ChildProcessWithoutNullStreams } from 'child_process';
 
 // i.e. my-app/app-0.1.13/
 const appFolder = path.dirname(process.execPath);

lib/browser/api/base-window.ts

@@ -1,5 +1,8 @@
-import { EventEmitter } from 'events';
+import { TouchBar } from 'electron/main';
 import type { BaseWindow as TLWT } from 'electron/main';
+
+import { EventEmitter } from 'events';
+
 const { BaseWindow } = process._linkedBinding('electron_browser_base_window') as { BaseWindow: typeof TLWT };
 
 Object.setPrototypeOf(BaseWindow.prototype, EventEmitter.prototype);
@@ -15,6 +18,10 @@ BaseWindow.prototype._init = function (this: TLWT) {
   }
 };
 
+BaseWindow.prototype.setTouchBar = function (touchBar) {
+  (TouchBar as any)._setOnWindow(touchBar, this);
+};
+
 // Properties
 
 Object.defineProperty(BaseWindow.prototype, 'autoHideMenuBar', {

lib/browser/api/browser-view.ts

@@ -4,9 +4,6 @@ const v8Util = process._linkedBinding('electron_common_v8_util');
 
 export default class BrowserView {
   #webContentsView: WebContentsView;
-  #ownerWindow: BrowserWindow | null = null;
-
-  #destroyListener: ((e: any) => void) | null = null;
 
   // AutoResize state
   #resizeListener: ((...args: any[]) => void) | null = null;
@@ -20,9 +17,6 @@ export default class BrowserView {
     }
     webPreferences.type = 'browserView';
     this.#webContentsView = new WebContentsView({ webPreferences });
-
-    this.#destroyListener = this.#onDestroy.bind(this);
-    this.#webContentsView.webContents.once('destroyed', this.#destroyListener);
   }
 
   get webContents () {
@@ -61,39 +55,23 @@ export default class BrowserView {
 
   // Internal methods
   get ownerWindow (): BrowserWindow | null {
-    return this.#ownerWindow;
+    return !this.webContents.isDestroyed() ? this.webContents.getOwnerBrowserWindow() : null;
   }
 
-  // We can't rely solely on the webContents' owner window because
-  // a webContents can be closed by the user while the BrowserView
-  // remains alive and attached to a BrowserWindow.
   set ownerWindow (w: BrowserWindow | null) {
-    if (this.#ownerWindow && this.#resizeListener) {
-      this.#ownerWindow.off('resize', this.#resizeListener);
+    if (this.webContents.isDestroyed()) return;
+    const oldWindow = this.webContents.getOwnerBrowserWindow();
+    if (oldWindow && this.#resizeListener) {
+      oldWindow.off('resize', this.#resizeListener);
       this.#resizeListener = null;
     }
-
-    if (this.webContents && !this.webContents.isDestroyed()) {
-      this.webContents._setOwnerWindow(w);
-    }
-
-    this.#ownerWindow = w;
+    this.webContents._setOwnerWindow(w);
     if (w) {
       this.#lastWindowSize = w.getBounds();
       w.on('resize', this.#resizeListener = this.#autoResize.bind(this));
-      w.on('closed', () => {
-        this.#ownerWindow = null;
-        this.#destroyListener = null;
-      });
     }
   }
 
-  #onDestroy () {
-    // Ensure that if #webContentsView's webContents is destroyed,
-    // the WebContentsView is removed from the view hierarchy.
-    this.#ownerWindow?.contentView.removeChildView(this.webContentsView);
-  }
-
   #autoHorizontalProportion: {width: number, left: number} | null = null;
   #autoVerticalProportion: {height: number, top: number} | null = null;
   #autoResize () {

lib/browser/api/browser-window.ts

@@ -1,5 +1,6 @@
-import { BaseWindow, WebContents, TouchBar, BrowserView } from 'electron/main';
+import { BaseWindow, WebContents, BrowserView } from 'electron/main';
 import type { BrowserWindow as BWT } from 'electron/main';
+
 const { BrowserWindow } = process._linkedBinding('electron_browser_window') as { BrowserWindow: typeof BWT };
 
 Object.setPrototypeOf(BrowserWindow.prototype, BaseWindow.prototype);
@@ -36,29 +37,6 @@ BrowserWindow.prototype._init = function (this: BWT) {
     app.emit('browser-window-focus', event, this);
   });
 
-  let unresponsiveEvent: NodeJS.Timeout | null = null;
-  const emitUnresponsiveEvent = () => {
-    unresponsiveEvent = null;
-    if (!this.isDestroyed() && this.isEnabled()) { this.emit('unresponsive'); }
-  };
-  this.webContents.on('unresponsive', () => {
-    if (!unresponsiveEvent) { unresponsiveEvent = setTimeout(emitUnresponsiveEvent, 50); }
-  });
-  this.webContents.on('responsive', () => {
-    if (unresponsiveEvent) {
-      clearTimeout(unresponsiveEvent);
-      unresponsiveEvent = null;
-    }
-    this.emit('responsive');
-  });
-  this.on('close', () => {
-    if (!unresponsiveEvent) { unresponsiveEvent = setTimeout(emitUnresponsiveEvent, 5000); }
-  });
-  this.webContents.on('destroyed', () => {
-    if (unresponsiveEvent) clearTimeout(unresponsiveEvent);
-    unresponsiveEvent = null;
-  });
-
   // Subscribe to visibilityState changes and pass to renderer process.
   let isVisible = this.isVisible() && !this.isMinimized();
   const visibilityChanged = () => {
@@ -123,10 +101,6 @@ BrowserWindow.fromBrowserView = (browserView: BrowserView) => {
   return BrowserWindow.fromWebContents(browserView.webContents);
 };
 
-BrowserWindow.prototype.setTouchBar = function (touchBar) {
-  (TouchBar as any)._setOnWindow(touchBar, this);
-};
-
 // Forwarded to webContents:
 
 BrowserWindow.prototype.loadURL = function (...args) {
@@ -222,9 +196,7 @@ BrowserWindow.prototype.removeBrowserView = function (browserView: BrowserView)
 };
 
 BrowserWindow.prototype.getBrowserView = function () {
-  if (this._browserViews.length > 1) {
-    throw new Error('This BrowserWindow has multiple BrowserViews - use getBrowserViews() instead');
-  }
+  if (this._browserViews.length > 1) { throw new Error('This BrowserWindow has multiple BrowserViews, use getBrowserViews() instead'); }
   return this._browserViews[0] ?? null;
 };
 
@@ -233,9 +205,7 @@ BrowserWindow.prototype.getBrowserViews = function () {
 };
 
 BrowserWindow.prototype.setTopBrowserView = function (browserView: BrowserView) {
-  if (browserView.ownerWindow !== this) {
-    throw new Error('Given BrowserView is not attached to the window');
-  }
+  if (browserView.ownerWindow !== this) { throw new Error('Given BrowserView is not attached to the window'); }
   const idx = this._browserViews.indexOf(browserView);
   if (idx >= 0) {
     this.contentView.addChildView(browserView.webContentsView);

lib/browser/api/crash-reporter.ts

@@ -1,6 +1,7 @@
-import { app } from 'electron/main';
 import * as deprecate from '@electron/internal/common/deprecate';
 
+import { app } from 'electron/main';
+
 const binding = process._linkedBinding('electron_browser_crash_reporter');
 
 class CrashReporter implements Electron.CrashReporter {

lib/browser/api/dialog.ts

@@ -1,5 +1,6 @@
 import { app, BaseWindow } from 'electron/main';
 import type { OpenDialogOptions, OpenDialogReturnValue, MessageBoxOptions, SaveDialogOptions, SaveDialogReturnValue, MessageBoxReturnValue, CertificateTrustDialogOptions } from 'electron/main';
+
 const dialogBinding = process._linkedBinding('electron_browser_dialog');
 
 enum SaveFileDialogProperties {