fix: fix launch crash when null device is disabled on Windows

add node flag node::ProcessInitializationFlags::kNoStdioInitialization Co-Authored-By: yangliu <yangliu.leo@bytedance.com>
2026-02-19 03:14:51 -05:00 · 2025-10-10 12:37:45 -04:00
594 changed files with 18401 additions and 30551 deletions
--- a/.claude/.gitignore
+++ b/.claude/.gitignore
@@ -1 +0,0 @@
-settings.local.json
--- a/.claude/settings.json
+++ b/.claude/settings.json
@@ -1,24 +0,0 @@
-{
-  "permissions": {
-    "allow": [
-      "Bash(e sync)",
-      "Bash(e patches --list-targets:*)",
-      "Bash(git add:*)",
-      "Bash(git am:*)",
-      "Bash(git commit:*)",
-      "Bash(git log:*)",
-      "Bash(git show:*)",
-      "Bash(e patches:*)",
-      "Bash(e sync:*)",
-      "Skill(electron-chromium-upgrade)",
-      "Read(*)",
-      "Bash(echo:*)",
-      "Bash(e build:*)",
-      "Bash(tee:*)",
-      "Bash(git diff:*)",
-      "Bash(git rev-parse:*)"
-    ],
-    "deny": [],
-    "ask": []
-  }
-}
--- a/.claude/skills/electron-chromium-upgrade/SKILL.md
+++ b/.claude/skills/electron-chromium-upgrade/SKILL.md
@@ -1,199 +0,0 @@
---
-name: electron-chromium-upgrade
-description: Guide for performing Chromium version upgrades in the Electron project. Use when working on the roller/chromium/main branch to fix patch conflicts during `e sync --3`. Covers the patch application workflow, conflict resolution, analyzing upstream Chromium changes, and proper commit formatting for patch fixes.
---
-
-# Electron Chromium Upgrade: Phase One
-
-## Summary
-
-Run `e sync --3` repeatedly, fixing patch conflicts as they arise, until it succeeds. Then run `e patches all` and commit changes atomically.
-
-## Success Criteria
-
-Phase One is complete when:
- `e sync --3` exits with code 0 (no patch failures)
- `e patches all` has been run to export all changes
- All changes are committed per the commit guidelines below
-
-Do not stop until these criteria are met.
-
-**CRITICAL** Do not delete or skip patches unless 100% certain the patch is no longer needed. Complicated conflicts or hard to resolve issues should be presented to the user after you have exhausted all other options. Do not delete the patch just because you can't solve it.
-
-## Context
-
-The `roller/chromium/main` branch is created by automation to update Electron's Chromium dependency SHA. No work has been done to handle breaking changes between the old and new versions.
-
-**Key directories:**
- Current directory: Electron repo (always run `e` commands here)
- `..` (parent): Chromium repo (where most patches apply)
- `patches/`: Patch files organized by target
- `docs/development/patches.md`: Patch system documentation
-
-## Workflow
-
-1. Delete the `.git/rr-cache` in both the `electron` and `..` folder to ensure no accidental rerere replays occur from before this upgrade phase attempt started
-2. Run `e sync --3` (the `--3` flag enables 3-way merge, always required)
-3. If succeeds → skip to step 6
-4. If patch fails:
-   - Identify target repo and patch from error output
-   - Analyze failure (see references/patch-analysis.md)
-   - Fix conflict in target repo's working directory
-   - Run `git am --continue` in affected repo
-   - Repeat until all patches for that repo apply
-   - IMPORTANT: Once `git am --continue` succeeds you MUST run `e patches {target}` to export fixes
-   - Return to step 1
-5. When `e sync --3` succeeds, run `e patches all`
-6. **Read `references/phase-one-commit-guidelines.md` NOW**, then commit changes following those instructions exactly.
-
-Before committing any Phase One changes, you MUST read `references/phase-one-commit-guidelines.md` and follow its instructions exactly.
-
-## Commands Reference
-
-| Command | Purpose |
-|---------|---------|
-| `e sync --3` | Clone deps and apply patches with 3-way merge |
-| `git am --continue` | Continue after resolving conflict (run in target repo) |
-| `e patches {target}` | Export commits from target repo to patch files |
-| `e patches all` | Export all patches from all targets |
-| `e patches --list-targets` | List targets and config paths |
-
-## Patch System Mental Model
-
-```
-patches/{target}/*.patch  →  [e sync --3]  →  target repo commits
-                          ←  [e patches]   ←
-```
-
-## When to Edit Patches
-
-| Situation | Action |
-|-----------|--------|
-| During active `git am` conflict | Fix in target repo, then `git am --continue` |
-| Modifying patch outside conflict | Edit `.patch` file directly |
-| Creating new patch (rare, avoid) | Commit in target repo, then `e patches {target}` |
-
-Fix existing patches 99% of the time rather than creating new ones.
-
-## Patch Fixing Rules
-
-1. **Preserve authorship**: Keep original author in TODO comments (from patch `From:` field)
-2. **Never change TODO assignees**: `TODO(name)` must retain original name
-3. **Update descriptions**: If upstream changed (e.g., `DCHECK` → `CHECK_IS_TEST`), update patch commit message to reflect current state
-
-## Final Deliverable
-
-After Phase One, write a summary of every change: what was fixed, why, reasoning, and Chromium CL links.
-
-# Electron Chromium Upgrade: Phase Two
-
-## Summary
-
-Run `e build -k 999` repeatedly, fixing build issues as they arise, until it succeeds. Then run `e start --version` to validate Electron launches and commit changes atomically.
-
-Run Phase Two immediately after Phase One is complete.
-
-## Success Criteria
-
-Phase Two is complete when:
- `e build -k 999` exits with code 0 (no build failures)
- `e start --version` has been run to check Electron launches
- All changes are committed per the commit guidelines below
-
-Do not stop until these criteria are met. Do not delete code or features, never comment out code in order to take short cut. Make all existing code, logic and intention work.
-
-## Context
-
-The `roller/chromium/main` branch is created by automation to update Electron's Chromium dependency SHA. No work has been done to handle breaking changes between the old and new versions. Chromium APIs frequently are renamed or refactored. In every case the code in Electron must be updated to account for the change in Chromium, strongly avoid making changes to the code in chromium to fix Electrons build.
-
-**Key directories:**
- Current directory: Electron repo (always run `e` commands here)
- `..` (parent): Chromium repo (do not touch this code to fix build issues, just read it to obtain context)
-
-## Workflow
-
-1. Run `e build -k 999` (the `-k 999` flag is a flag to ninja to say "do not stop until you find that many errors" it is an attempt to get as much error
-  context as possible for each time we run build)
-2. If succeeds → skip to step 6
-3. If build fails:
-    - Identify underlying file in "electron" from the compilation error message
-    - Analyze failure
-    - Fix build issue by adapting Electron's code for the change in Chromium
-    - Run `e build -t {target_that_failed}.o` to build just the failed target we were specifically fixing
-        - You can identify the target_that_failed from the failure line in the build log. E.g. `FAILED: 2e506007-8d5d-4f38-bdd1-b5cd77999a77 "./obj/electron/chromium_src/chrome/process_singleton_posix.o" CXX obj/electron/chromium_src/chrome/process_singleton_posix.o` the target name is `obj/electron/chromium_src/chrome/process_singleton_posix.o`
-    - **Read `references/phase-two-commit-guidelines.md` NOW**, then commit changes following those instructions exactly.
-    - Return to step 1
-4. **CRITICAL**: After ANY commit (especially patch commits), immediately run `git status` in the electron repo
-    - Look for other modified `.patch` files that only have index/hunk header changes
-    - These are dependent patches affected by your fix
-    - Commit them immediately with: `git commit -am "chore: update patch hunk headers"`
-    - This prevents losing track of necessary updates
-5. Return to step 1
-6. When `e build` succeeds, run `e start --version`
-7. Check if you have any pending changes in the Chromium repo by running `git status`
-    - If you have changes follow the instructions below in "A. Patch Fixes" to correctly commit those modifications into the appropriate patch file
-
-Before committing any Phase Two changes, you MUST read `references/phase-two-commit-guidelines.md` and follow its instructions exactly.
-
-## Build Error Detection
-
-When monitoring `e build -k 999` output, filter for errors using this regex pattern:
-error:|FAILED:|fatal:|subcommand failed|build finished
-
-The build output is extremely verbose. Filtering is essential to catch errors quickly.
-
-## Commands Reference
-
-| Command | Purpose |
-|---------|---------|
-| `e build -k 999` | Builds Electron and won't stop until either all targets attempted or 999 errors found |
-| `e build -t {target}.o` | Build just one specific target to verify a fix |
-| `e start --version` | Validate Electron launches after successful build |
-
-## Two Types of Build Fixes
-
-### A. Patch Fixes (for files in chromium_src or patched Chromium files)
-
-When the error is in a file that Electron patches (check with `grep -l "filename" patches/chromium/*.patch`):
-
-1. Edit the file in the Chromium source tree (e.g., `/src/chrome/browser/...`)
-2. Create a fixup commit targeting the original patch commit:
-    ```bash
-    cd ..  # to chromium repo
-    git add <modified-file>
-    git commit --fixup=<original-patch-commit-hash>
-    GIT_SEQUENCE_EDITOR=: git rebase --autosquash --autostash -i <commit>^
-3. Export the updated patch: e patches chromium
-4. Commit the updated patch file in the electron repo following the `references/phase-one-commit-guidelines.md`, then commit changes following those instructions exactly. **READ THESE GUIDELINES BEFORE COMMITTING THESE CHANGES**
-
-To find the original patch commit to fixup: `git log --oneline | grep -i "keyword from patch name"`
-
-The base commit for rebase is the Chromium commit before patches were applied. Find it by checking the `refs/patches/upstream-head` ref.
-
-B. Electron Code Fixes (for files in shell/, electron/, etc.)
-
-When the error is in Electron's own source code:
-
-1. Edit files directly in the electron repo
-2. Commit directly (no patch export needed)
-
-Dependent Patch Updates
-
-IMPORTANT: When you modify a patch, other patches that apply to the same file may have their hunk headers invalidated. After committing a patch fix:
-
-1. Run git status in the electron repo
-2. Look for other modified .patch files with just index/hunk header changes
-3. Commit these with: git commit -m "chore: update patch hunk headers"
-
-# Critical: Read Before Committing
-
- Before ANY Phase One commits: Read `references/phase-one-commit-guidelines.md`
- Before ANY Phase Two commits: Read `references/phase-two-commit-guidelines.md`
-
-# Skill Directory Structure
-This skill has additional reference files in `references/`:
- patch-analysis.md - How to analyze patch failures
- phase-one-commit-guidelines.md - Commit format for Phase One
- phase-two-commit-guidelines.md - Commit format for Phase Two
-
-Read these when referenced in the workflow steps.
--- a/.claude/skills/electron-chromium-upgrade/references/patch-analysis.md
+++ b/.claude/skills/electron-chromium-upgrade/references/patch-analysis.md
@@ -1,69 +0,0 @@
-# Analyzing Patch Failures
-
-## Investigation Steps
-
-1. **Read the patch file** at `patches/{target}/{patch_name}.patch`
-
-2. **Examine current state** of the file in Chromium at mentioned line numbers
-
-3. **Check recent upstream changes:**
-   ```bash
-   cd ..  # or relevant target repo
-   git log --oneline -10 -- {file}
-   ```
-
-4. **Find Chromium CL** in commit messages:
-   ```
-   Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/{CL_NUMBER}
-   ```
-
-## Common Failure Patterns
-
-| Pattern | Cause | Solution |
-|---------|-------|----------|
-| Context lines don't match | Surrounding code changed | Update context in patch |
-| File not found | File renamed/moved | Update patch target path |
-| Function not found | Refactored upstream | Find new function name |
-| `DCHECK` → `CHECK_IS_TEST` | Macro change | Update to new macro |
-| Deleted code | Feature removed | Verify patch still needed |
-
-## Using Git Blame
-
-To find the CL that changed specific lines:
-
-```bash
-cd ..
-git blame -L {start},{end} -- {file}
-git log -1 {commit_sha}  # Look for Reviewed-on: line
-```
-
-## Verifying Patch Necessity
-
-Before deleting a patch, verify:
-1. The patched functionality was intentionally removed upstream
-2. Electron doesn't need the patch for other reasons
-3. No other code depends on the patched behavior
-
-When in doubt, keep the patch and adapt it.
-
-## Phase Two: Build-Time Patch Issues
-
-Sometimes patches that applied successfully in Phase One cause build errors in Phase Two. This can happen when:
-
-1. **Incomplete types**: A patch disables a header include, but new upstream code uses the type
-2. **Missing members**: A patch modifies a class, but upstream added new code referencing the original
-
-### Finding Which Patch Affects a File
-
-```bash
-grep -l "filename.cc" patches/chromium/*.patch
-```
-
-Matching Existing Patch Patterns
-
-When fixing build errors in patched files, examine the existing patch to understand its style:
- Does it use #if 0 / #endif guards?
- Does it use #if BUILDFLAG(...) conditionals?
- What's the pattern for disabled functionality?
-
-Apply fixes consistent with the existing patch style.
--- a/.claude/skills/electron-chromium-upgrade/references/phase-one-commit-guidelines.md
+++ b/.claude/skills/electron-chromium-upgrade/references/phase-one-commit-guidelines.md
@@ -1,52 +0,0 @@
-# Phase One Commit Guidelines
-
-Only follow these instructions if there are uncommitted changes to `patches/` after Phase One succeeds.
-
-Ignore other instructions about making commit messages, our guidelines are CRITICALLY IMPORTANT and must be followed.
-
-## Atomic Commits
-
-For each fix made to a patch, create a separate commit:
-
-```
-fix(patch-conflict): {concise title}
-
-{Brief explanation, 1-2 paragraphs max}
-
-Ref: {Chromium CL link}
-```
-
-IMPORTANT: Ensure that any changes made to patch content as a result of a change in Chromium is committed individually. Each change should have it's own commit message and it's own REF.
-
-IMPORTANT: Try really hard to find the CL reference per the instructions below. Each change you made should in theory have been in response to a change made in Chromium that you identified or can identify. Try for a while to identify and include the ref in the commit message. Do not give up easily.
-
-## Finding CL References
-
-Use `git log` or `git blame` on Chromium source files. Look for:
-
-```
-Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/XXXXXXX
-```
-
-If no CL found after searching: `Ref: Unable to locate CL`
-
-## Final Cleanup
-
-After all fix commits, stage remaining changes:
-
-```bash
-git add patches
-git commit -m "chore: update patch hunk headers"
-```
-
-## Example Commit
-
-```
-fix(patch-conflict): update web_contents_impl.cc context for navigation refactor
-
-The upstream navigation code was refactored to use NavigationRequest directly
-instead of going through NavigationController. Updated surrounding context
-to match new code structure.
-
-Ref: https://chromium-review.googlesource.com/c/chromium/src/+/1234567
-```
--- a/.claude/skills/electron-chromium-upgrade/references/phase-two-commit-guidelines.md
+++ b/.claude/skills/electron-chromium-upgrade/references/phase-two-commit-guidelines.md
@@ -1,82 +0,0 @@
-# Phase Two Commit Guidelines
-
-Only follow these instructions if there are uncommitted changes in the Electron repo after any fixes are made during Phase Two that result a target that was failing, successfully building.
-
-Ignore other instructions about making commit messages, our guidelines are CRITICALLY IMPORTANT and must be followed.
-
-## Two Commit Types
-
-### For Electron Source Changes (shell/, electron/, etc.)
-
-```
-{CL-Number}: {concise description of API change}
-
-{Brief explanation of what upstream changed and how Electron was adapted}
-
-Ref: {Chromium CL link}
-```
-
-IMPORTANT: Ensure that any change made to electron as a result of a change in Chromium is committed individually. Each change should have it's own commit message and it's own REF. Logically grouped into commits that make sense rather than one giant commit.
-
-IMPORTANT: Try really hard to find the CL reference per the instructions below. Each change you made should in theory have been in response to a change made in Chromium that you identified or can identify. Try for a while to identify and include the ref in the commit message. Do not give up easily.
-
-You may include multiple "Ref" links if required.
-
-For a CL link in the format `https://chromium-review.googlesource.com/c/chromium/src/+/2958369` the "CL-Number" is `2958369`
-
-### For Patch Updates (patches/chromium/*.patch)
-
-Use the same fixup workflow as Phase One:
-1. Fix in Chromium source tree
-2. Fixup commit + rebase
-3. Export with `e patches chromium`
-4. Commit the patch file:
-
-```
-fix(patch-update): {concise description}
-
-{Brief explanation}
-
-Ref: {Chromium CL link}
-```
-
-## Dependent Patch Header Updates
-
-After any patch modification, check for other affected patches:
-
-```bash
-git status
-# If other .patch files show as modified with only hunk header changes:
-git add patches/
-git commit -m "chore: update patch hunk headers"
-```
-
-## Finding CL References
-
-Use git log or git blame on Chromium source files. Look for:
-
-Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/XXXXXXX
-
-If no CL found after searching: Ref: Unable to locate CL
-
-## Example Commits
-
-### Electron Source Fix
-
-fix: update GetPlugins to GetPluginsAsync for API change
-
-The upstream Chromium API changed:
- Old: GetPlugins(callback) - took a callback
- New: GetPluginsAsync(callback) - async version takes a callback
-
-Ref: https://chromium-review.googlesource.com/c/chromium/src/+/1234567
-
-### Patch Fix
-
-fix(patch-conflict): update picture-in-picture for gesture handling refactor
-
-Upstream added new gesture handling code that accesses live caption dialog.
-The live caption functionality is disabled in Electron's patch, so wrapped
-the new code in #if 0 guards to match existing pattern.
-
-Ref: https://chromium-review.googlesource.com/c/chromium/src/+/7654321
--- a/.devcontainer/docker-compose.yml
+++ b/.devcontainer/docker-compose.yml
@@ -2,7 +2,7 @@ version: '3'

 services:
  buildtools:
-    image: ghcr.io/electron/devcontainer:a82b87d7a4f5ff0cab61405f8151ac4cf4942aeb
+    image: ghcr.io/electron/devcontainer:933c7d6ff6802706875270bec2e3c891cf8add3f

    volumes:
      - ..:/workspaces/gclient/src/electron:cached
--- a/.devcontainer/on-create-command.sh
+++ b/.devcontainer/on-create-command.sh
@@ -48,8 +48,7 @@ if [ ! -f $buildtools/configs/evm.testing.json ]; then
            \"gen\": {
                \"args\": [
                    \"import(\\\"//electron/build/args/testing.gn\\\")\",
-                    \"use_remoteexec = true\",
-                    \"use_siso=true\"
+                    \"use_remoteexec = true\"
                ],
                \"out\": \"Testing\"
            },
@@ -59,7 +58,7 @@ if [ ! -f $buildtools/configs/evm.testing.json ]; then
            },
            \"\$schema\": \"file:///home/builduser/.electron_build_tools/evm-config.schema.json\",
            \"configValidationLevel\": \"strict\",
-            \"remoteBuild\": \"siso\",
+            \"remoteBuild\": \"reclient\",
            \"preserveSDK\": 5
        }
    " >$buildtools/configs/evm.testing.json
--- a/.github/PULL_REQUEST_TEMPLATE.md
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@@ -10,7 +10,7 @@ Contributors guide: https://github.com/electron/electron/blob/main/CONTRIBUTING.
 #### Checklist
 <!-- Remove items that do not apply. For completed items, change [ ] to [x]. -->

- [ ] PR description included
+- [ ] PR description included and stakeholders cc'd
 - [ ] `npm test` passes
 - [ ] tests are [changed or added](https://github.com/electron/electron/blob/main/docs/development/testing.md)
 - [ ] relevant API documentation, tutorials, and examples are updated and follow the [documentation style guide](https://github.com/electron/electron/blob/main/docs/development/style-guide.md)
--- a/.github/actions/build-electron/action.yml
+++ b/.github/actions/build-electron/action.yml
@@ -45,7 +45,6 @@ runs:
      shell: bash
      run: echo "::add-matcher::src/electron/.github/problem-matchers/clang.json"
    - name: Build Electron ${{ inputs.step-suffix }}
-      if: ${{ inputs.target-platform != 'win' }}
      shell: bash
      run: |
        rm -rf "src/out/Default/Electron Framework.framework"
@@ -61,51 +60,14 @@ runs:
          sudo launchctl limit maxfiles 65536 200000
        fi

-        if [ "${{ inputs.is-release }}" = "true" ]; then
-          NINJA_SUMMARIZE_BUILD=1 e build --target electron:release_build
-        else
-          NINJA_SUMMARIZE_BUILD=1 e build --target electron:testing_build
-        fi
+        NINJA_SUMMARIZE_BUILD=1 e build
        cp out/Default/.ninja_log out/electron_ninja_log
        node electron/script/check-symlinks.js
-
-        # Upload build stats to Datadog
-        if ! [ -z $DD_API_KEY ]; then
-          npx node electron/script/build-stats.mjs out/Default/siso.INFO --upload-stats || true          
-        else
-          echo "Skipping build-stats.mjs upload because DD_API_KEY is not set"
-        fi
-    - name: Build Electron (Windows) ${{ inputs.step-suffix }}
-      if: ${{ inputs.target-platform == 'win' }}
-      shell: powershell
-      run: |
-        cd src\electron
-        git pack-refs
-        cd ..
-
-        $env:NINJA_SUMMARIZE_BUILD = 1
-        if ("${{ inputs.is-release }}" -eq "true") {          
-          e build --target electron:release_build
-        } else {
-          e build --target electron:testing_build
-        }
-        Copy-Item out\Default\.ninja_log out\electron_ninja_log
-        node electron\script\check-symlinks.js
-
-        # Upload build stats to Datadog
-        if ($env:DD_API_KEY) {
-          try {
-            npx node electron\script\build-stats.mjs out\Default\siso.exe.INFO --upload-stats
-          } catch {
-            Write-Host "Build stats upload failed, continuing..."
-          }
-        } else {
-          Write-Host "Skipping build-stats.mjs upload because DD_API_KEY is not set"
-        }
-    - name: Verify dist.zip ${{ inputs.step-suffix }}
+    - name: Build Electron dist.zip ${{ inputs.step-suffix }}
      shell: bash
      run: |
-        cd src        
+        cd src
+        e build --target electron:electron_dist_zip
        if [ "${{ inputs.is-asan }}" != "true" ]; then
          target_os=${{ inputs.target-platform == 'macos' && 'mac' || inputs.target-platform }}
          if [ "${{ inputs.artifact-platform }}" = "mas" ]; then
@@ -113,10 +75,11 @@ runs:
          fi
          electron/script/zip_manifests/check-zip-manifest.py out/Default/dist.zip electron/script/zip_manifests/dist_zip.$target_os.${{ inputs.target-arch }}.manifest
        fi
-    - name: Fixup Mksnapshot ${{ inputs.step-suffix }}
+    - name: Build Mksnapshot ${{ inputs.step-suffix }}
      shell: bash
      run: |
        cd src
+        e build --target electron:electron_mksnapshot_zip
        ELECTRON_DEPOT_TOOLS_DISABLE_LOG=1 e d gn desc out/Default v8:run_mksnapshot_default args > out/Default/mksnapshot_args
        # Remove unused args from mksnapshot_args
        SEDOPTION="-i"
@@ -168,6 +131,11 @@ runs:
          fi
          electron/script/zip_manifests/check-zip-manifest.py out/Default/chromedriver.zip electron/script/zip_manifests/chromedriver_zip.$target_os.${{ inputs.target-arch }}.manifest
        fi
+    - name: Build Node.js headers ${{ inputs.step-suffix }}
+      shell: bash
+      run: |
+        cd src
+        e build --target electron:node_headers
    - name: Create installed_software.json ${{ inputs.step-suffix }}
      shell: powershell
      if: ${{ inputs.is-release == 'true' && inputs.target-platform == 'win' }}
@@ -187,11 +155,17 @@ runs:
        # Needed for msdia140.dll on 64-bit windows
        cd src
        export PATH="$PATH:$(pwd)/third_party/llvm-build/Release+Asserts/bin"
-    - name: Zip Symbols ${{ inputs.step-suffix }}
+    - name: Generate & Zip Symbols ${{ inputs.step-suffix }}
      shell: bash
      run: |
+        # Generate breakpad symbols on release builds
+        if [ "${{ inputs.generate-symbols }}" = "true" ]; then
+          e build --target electron:electron_symbols
+        fi
        cd src
        export BUILD_PATH="$(pwd)/out/Default"
+        e build --target electron:licenses
+        e build --target electron:electron_version_file
        if [ "${{ inputs.is-release }}" = "true" ]; then
          DELETE_DSYMS_AFTER_ZIP=1 electron/script/zip-symbols.py -b $BUILD_PATH
        else
@@ -204,6 +178,18 @@ runs:
        cd src
        gn gen out/ffmpeg --args="import(\"//electron/build/args/ffmpeg.gn\") use_remoteexec=true use_siso=true $GN_EXTRA_ARGS"
        e build --target electron:electron_ffmpeg_zip -C ../../out/ffmpeg
+    - name: Generate Hunspell Dictionaries ${{ inputs.step-suffix }}
+      shell: bash
+      if: ${{ inputs.is-release == 'true' && inputs.target-platform == 'linux' }}
+      run: |
+        e build --target electron:hunspell_dictionaries_zip
+    - name: Generate Libcxx ${{ inputs.step-suffix }}
+      shell: bash
+      if: ${{ inputs.is-release == 'true' && inputs.target-platform == 'linux' }}
+      run: |
+        e build --target electron:libcxx_headers_zip
+        e build --target electron:libcxxabi_headers_zip
+        e build --target electron:libcxx_objects_zip
    - name: Remove Clang problem matcher
      shell: bash
      run: echo "::remove-matcher owner=clang::"
@@ -212,7 +198,7 @@ runs:
      shell: bash
      run: |
        cd src/electron
-        node script/yarn.js create-typescript-definitions
+        node script/yarn create-typescript-definitions
    - name: Publish Electron Dist ${{ inputs.step-suffix }}
      if: ${{ inputs.is-release == 'true' }}
      shell: bash
--- a/.github/actions/checkout/action.yml
+++ b/.github/actions/checkout/action.yml
@@ -143,17 +143,16 @@ runs:
          echo "No changes to patches detected"
        fi
      fi
-  - name: Remove patch conflict problem matchers
+  - name: Remove patch conflict problem matcher
    shell: bash
    run: |
      echo "::remove-matcher owner=merge-conflict::"
      echo "::remove-matcher owner=patch-conflict::"
-      echo "::remove-matcher owner=patch-needs-update::"
  - name: Upload patches stats
    if: ${{ inputs.target-platform == 'linux' && github.ref == 'refs/heads/main' }}
    shell: bash
    run: |
-      node src/electron/script/patches-stats.mjs --upload-stats || true
+      npx node src/electron/script/patches-stats.mjs --upload-stats || true
  # delete all .git directories under src/ except for
  # third_party/angle/ and third_party/dawn/ because of build time generation of files
  # gen/angle/commit.h depends on third_party/angle/.git/HEAD
--- a/.github/actions/fix-sync/action.yml
+++ b/.github/actions/fix-sync/action.yml
@@ -37,22 +37,6 @@ runs:
        installation-dir: third_party/esbuild
        target-platform: ${{ inputs.target-platform }}
        package: infra/3pp/tools/esbuild/${platform}
-    - name: Fix rollup
-      if: ${{ inputs.target-platform != 'linux' }}
-      uses: ./src/electron/.github/actions/cipd-install
-      with:
-        cipd-root-prefix-path: src/third_party/devtools-frontend/src/
-        dependency: rollup_libs
-        deps-file: src/third_party/devtools-frontend/src/DEPS
-        installation-dir: third_party/rollup_libs
-        target-platform: ${{ inputs.target-platform }}
-        package: infra/3pp/tools/rollup_libs/${platform}
-    - name: Sync native rollup libs
-      if: ${{ inputs.target-platform != 'linux' }}
-      shell: bash
-      run : |
-        cd src/third_party/devtools-frontend/src
-        python3 scripts/deps/sync_rollup_libs.py
    - name: Fix rustc
      if: ${{ inputs.target-platform != 'linux' }}
      shell: bash
--- a/.github/actions/free-space-macos/action.yml
+++ b/.github/actions/free-space-macos/action.yml
@@ -17,30 +17,28 @@ runs:
        }

        strip_universal_deep() {
-          if [ -d "$1" ]; then
-            opwd=$(pwd)
-            cd $1
-            f=$(find . -perm +111 -type f)
-            for fp in $f
-            do
-              if [[ $(file "$fp") == *"universal binary"* ]]; then
-                if [ "`arch`" == "arm64" ]; then
-                  if [[ $(file "$fp") == *"x86_64"* ]]; then
-                    sudo lipo -remove x86_64 "$fp" -o "$fp" || true
-                  fi
-                else
-                  if [[ $(file "$fp") == *"arm64e)"* ]]; then
-                    sudo lipo -remove arm64e "$fp" -o "$fp" || true
-                  fi
-                  if [[ $(file "$fp") == *"arm64)"* ]]; then
-                    sudo lipo -remove arm64 "$fp" -o "$fp" || true
-                  fi
+          opwd=$(pwd)
+          cd $1
+          f=$(find . -perm +111 -type f)
+          for fp in $f
+          do
+            if [[ $(file "$fp") == *"universal binary"* ]]; then
+              if [ "`arch`" == "arm64" ]; then
+                if [[ $(file "$fp") == *"x86_64"* ]]; then
+                  sudo lipo -remove x86_64 "$fp" -o "$fp" || true
+                fi
+              else
+                if [[ $(file "$fp") == *"arm64e)"* ]]; then
+                  sudo lipo -remove arm64e "$fp" -o "$fp" || true
+                fi
+                if [[ $(file "$fp") == *"arm64)"* ]]; then
+                  sudo lipo -remove arm64 "$fp" -o "$fp" || true
                fi
              fi
-            done
+            fi
+          done

-            cd $opwd
-          fi
+          cd $opwd
        }

        tmpify /Library/Developer/CoreSimulator
@@ -62,28 +60,18 @@ runs:

        sudo rm -rf /Applications/Safari.app
        sudo rm -rf /Applications/Xcode_16.1.app
-        sudo rm -rf /Applications/Xcode_16.2.app
        sudo rm -rf /Applications/Xcode_16.3.app
-        sudo rm -rf /Applications/Xcode_26*
+        sudo rm -rf /Applications/Xcode_16.2.app
        sudo rm -rf /Applications/Google Chrome.app
+        sudo rm -rf /Applications/Xcode_16.4.app
        sudo rm -rf /Applications/Google Chrome for Testing.app
-        sudo rm -rf /Applications/Firefox.app
-        sudo rm -rf /Applications/Microsoft Edge.app
+        sudo rm -rf	/Applications/Firefox.app
        sudo rm -rf ~/project/src/third_party/catapult/tracing/test_data
        sudo rm -rf ~/project/src/third_party/angle/third_party/VK-GL-CTS
        sudo rm -rf /Users/runner/Library/Android
        sudo rm -rf $JAVA_HOME_11_arm64
        sudo rm -rf $JAVA_HOME_17_arm64
        sudo rm -rf $JAVA_HOME_21_arm64
-        sudo rm -rf $JAVA_HOME_25_arm64
-        sudo rm -rf /Users/runner/.dotnet/
-        sudo rm -rf /Users/runner/.rustup
-
-        # remove homebrew packages we don't need
-        if command -v brew &> /dev/null; then
-          brew uninstall -f --zap aws-sam-cli session-manager-plugin gcc gcc@13 gcc@14 llvm@18 gradle maven ant azure-cli
-          brew autoremove
-        fi

        # lipo off some huge binaries arm64 versions to save space
        strip_universal_deep $(xcode-select -p)/../SharedFrameworks
--- a/.github/actions/generate-types/action.yml
+++ b/.github/actions/generate-types/action.yml
@@ -13,16 +13,12 @@ runs:
  - name: Generating Types for SHA in ${{ inputs.sha-file }}
    shell: bash
    run: |
-      export ELECTRON_DIR=$(pwd)
-      if [ "${{ inputs.sha-file }}" == ".dig-old" ]; then
-        cd /tmp
-        git clone https://github.com/electron/electron.git
-        cd electron
-      fi
-      git checkout $(cat $ELECTRON_DIR/${{ inputs.sha-file }})
-      node script/yarn.js install --immutable
+      git checkout $(cat ${{ inputs.sha-file }})
+      rm -rf node_modules
+      yarn install --frozen-lockfile --ignore-scripts
      echo "#!/usr/bin/env node\nglobal.x=1" > node_modules/typescript/bin/tsc
      node node_modules/.bin/electron-docs-parser --dir=./ --outDir=./ --moduleVersion=0.0.0-development
      node node_modules/.bin/electron-typescript-definitions --api=electron-api.json --outDir=artifacts
-      mv artifacts/electron.d.ts $ELECTRON_DIR/artifacts/${{ inputs.filename }}
+      mv artifacts/electron.d.ts artifacts/${{ inputs.filename }}
+      git checkout .
    working-directory: ./electron
--- a/.github/actions/install-build-tools/action.yml
+++ b/.github/actions/install-build-tools/action.yml
@@ -15,7 +15,7 @@ runs:
        git config --global core.preloadindex true
        git config --global core.longpaths true
      fi
-      export BUILD_TOOLS_SHA=4430e4a505e0f4fa2a41b707a10a36f780bbdd26
+      export BUILD_TOOLS_SHA=706147b2376f55078f718576b28129a0457f1795
      npm i -g @electron/build-tools
      # Update depot_tools to ensure python
      e d update_depot_tools
--- a/.github/actions/install-dependencies/action.yml
+++ b/.github/actions/install-dependencies/action.yml
@@ -6,7 +6,7 @@ runs:
  - name: Get yarn cache directory path
    shell: bash
    id: yarn-cache-dir-path
-    run: echo "dir=$(node src/electron/script/yarn.js config get cacheFolder)" >> $GITHUB_OUTPUT
+    run: echo "dir=$(node src/electron/script/yarn cache dir)" >> $GITHUB_OUTPUT
  - uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
    id: yarn-cache
    with:
@@ -18,14 +18,4 @@ runs:
    shell: bash
    run: |
      cd src/electron
-      if [ "$TARGET_ARCH" = "x86" ]; then
-        export npm_config_arch="ia32"
-      fi
-      # if running on linux arm skip yarn Builds
-      ARCH=$(uname -m)
-      if [ "$ARCH" = "armv7l" ]; then
-        echo "Skipping yarn build on linux arm"
-        node script/yarn.js install --immutable --mode=skip-build
-      else
-        node script/yarn.js install --immutable
-      fi
+      node script/yarn install --frozen-lockfile --prefer-offline
--- a/.github/problem-matchers/patch-conflict.json
+++ b/.github/problem-matchers/patch-conflict.json
@@ -19,16 +19,6 @@
          "line": 3
        }
      ]
-    },
-    {
-      "owner": "patch-needs-update",
-      "pattern": [
-        {
-          "regexp": "^((patches\/.*): needs update)$",
-          "message": 1,
-          "file": 2
-        }
-      ]
    }
  ]
 }
--- a/.github/workflows/archaeologist-dig.yml
+++ b/.github/workflows/archaeologist-dig.yml
@@ -3,23 +3,19 @@ name: Archaeologist
 on:
  pull_request:

-permissions: {}
-
 jobs:
   archaeologist-dig:
    name: Archaeologist Dig
    runs-on: ubuntu-latest
-    permissions:
-      contents: read
    steps:
      - name: Checkout Electron
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #v4.0.2
        with:
          fetch-depth: 0
      - name: Setup Node.js/npm
-        uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f
+        uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444
        with:
-          node-version: 24.12.x
+          node-version: 20.19.x
      - name: Setting Up Dig Site
        run: |
          echo "remote: ${{ github.event.pull_request.head.repo.clone_url }}"
@@ -45,7 +41,7 @@ jobs:
          sha-file: .dig-old
          filename: electron.old.d.ts
      - name: Upload artifacts
-        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f #v6.0.0
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 #v4.6.2
        with:
          name: artifacts
          path: electron/artifacts
--- a/.github/workflows/audit-branch-ci.yml
+++ b/.github/workflows/audit-branch-ci.yml
@@ -16,25 +16,15 @@ jobs:
      contents: read
    steps:
      - name: Setup Node.js
-        uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
+        uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
        with:
          node-version: 22.17.x
-      - name: Sparse checkout repository
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
-        with:
-          sparse-checkout: |
-            .
-            .github
-            .yarn
-      - run: yarn workspaces focus @electron/gha-workflows
+      - run: npm install @actions/cache@4.0.3 @electron/fiddle-core@2.0.1
      - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
        id: audit-errors
        with:
          github-token: ${{ secrets.GITHUB_TOKEN }}
          script: |
-            const { chdir } = require('node:process');
-            chdir('${{ github.workspace }}/.github/workflows');
-
            const cache = require('@actions/cache');
            const { ElectronVersions } = require('@electron/fiddle-core');

@@ -84,7 +74,6 @@ jobs:
                      !message.startsWith("Process completed with exit code") &&
                      !message.startsWith("Response status code does not indicate success") &&
                      !message.startsWith("The hosted runner lost communication with the server") &&
-                      !message.startsWith("Dependabot encountered an error performing the update") &&
                      !/Unable to make request/.test(message) &&
                      !/The requested URL returned error/.test(message),
                  )
--- a/.github/workflows/build-git-cache.yml
+++ b/.github/workflows/build-git-cache.yml
@@ -6,15 +6,11 @@ on:
  schedule:
    - cron: "0 0 * * *"

-permissions: {}
-
 jobs:
  build-git-cache-linux:
    runs-on: electron-arc-centralus-linux-amd64-32core
-    permissions:
-      contents: read
    container:
-      image: ghcr.io/electron/build:a82b87d7a4f5ff0cab61405f8151ac4cf4942aeb
+      image: ghcr.io/electron/build:bc2f48b2415a670de18d13605b1cf0eb5fdbaae1
      options: --user root
      volumes:
        - /mnt/cross-instance-cache:/mnt/cross-instance-cache
@@ -23,7 +19,7 @@ jobs:
      GCLIENT_EXTRA_ARGS: '--custom-var=checkout_arm=True --custom-var=checkout_arm64=True'
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -34,10 +30,8 @@ jobs:

  build-git-cache-windows:
    runs-on: electron-arc-centralus-linux-amd64-32core
-    permissions:
-      contents: read
    container:
-      image: ghcr.io/electron/build:a82b87d7a4f5ff0cab61405f8151ac4cf4942aeb
+      image: ghcr.io/electron/build:bc2f48b2415a670de18d13605b1cf0eb5fdbaae1
      options: --user root --device /dev/fuse --cap-add SYS_ADMIN
      volumes:
        - /mnt/win-cache:/mnt/win-cache
@@ -47,7 +41,7 @@ jobs:
      TARGET_OS: 'win'
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -58,12 +52,10 @@ jobs:

  build-git-cache-macos:
    runs-on: electron-arc-centralus-linux-amd64-32core
-    permissions:
-      contents: read
    # This job updates the same git cache as linux, so it needs to run after the linux one.
    needs: build-git-cache-linux
    container:
-      image: ghcr.io/electron/build:a82b87d7a4f5ff0cab61405f8151ac4cf4942aeb
+      image: ghcr.io/electron/build:bc2f48b2415a670de18d13605b1cf0eb5fdbaae1
      options: --user root
      volumes:
        - /mnt/cross-instance-cache:/mnt/cross-instance-cache
@@ -72,7 +64,7 @@ jobs:
      GCLIENT_EXTRA_ARGS: '--custom-var=checkout_mac=True --custom-var=host_os=mac'
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -6,7 +6,7 @@ on:
      build-image-sha:
        type: string
        description: 'SHA for electron/build image'
-        default: 'a82b87d7a4f5ff0cab61405f8151ac4cf4942aeb'
+        default: '933c7d6ff6802706875270bec2e3c891cf8add3f'
        required: true
      skip-macos:
        type: boolean
@@ -43,13 +43,10 @@ defaults:
  run:
    shell: bash

-permissions: {}
-
 jobs:
  setup:
    runs-on: ubuntu-latest
    permissions:
-      contents: read
      pull-requests: read
    outputs:
        docs: ${{ steps.filter.outputs.docs }}
@@ -57,7 +54,7 @@ jobs:
        build-image-sha: ${{ steps.set-output.outputs.build-image-sha }}
        docs-only: ${{ steps.set-output.outputs.docs-only }}
    steps:
-    - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+    - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #v4.0.2
      with:
        ref: ${{ github.event.pull_request.head.sha }}
    - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
@@ -66,17 +63,13 @@ jobs:
        filters: |
          docs:
            - 'docs/**'
-            - README.md
-            - SECURITY.md
-            - CONTRIBUTING.md
-            - CODE_OF_CONDUCT.md
          src:
            - '!docs/**'
    - name: Set Outputs for Build Image SHA & Docs Only
      id: set-output
      run: |
        if [ -z "${{ inputs.build-image-sha }}" ]; then
-          echo "build-image-sha=a82b87d7a4f5ff0cab61405f8151ac4cf4942aeb" >> "$GITHUB_OUTPUT"
+          echo "build-image-sha=933c7d6ff6802706875270bec2e3c891cf8add3f" >> "$GITHUB_OUTPUT"
        else
          echo "build-image-sha=${{ inputs.build-image-sha }}" >> "$GITHUB_OUTPUT"
        fi
@@ -87,8 +80,6 @@ jobs:
    needs: setup
    if: ${{ !inputs.skip-lint }}
    uses: ./.github/workflows/pipeline-electron-lint.yml
-    permissions:
-      contents: read
    with:
      container: '{"image":"ghcr.io/electron/build:${{ needs.setup.outputs.build-image-sha }}","options":"--user root"}'
    secrets: inherit
@@ -98,8 +89,6 @@ jobs:
    needs: [setup, checkout-linux]
    if: ${{ needs.setup.outputs.docs-only == 'true' }}
    uses: ./.github/workflows/pipeline-electron-docs-only.yml
-    permissions:
-      contents: read
    with:
      container: '{"image":"ghcr.io/electron/build:${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root","volumes":["/mnt/cross-instance-cache:/mnt/cross-instance-cache"]}'
    secrets: inherit
@@ -109,8 +98,6 @@ jobs:
    needs: setup
    if: ${{ needs.setup.outputs.src == 'true' && !inputs.skip-macos}}
    runs-on: electron-arc-centralus-linux-amd64-32core
-    permissions:
-      contents: read
    container:
      image: ghcr.io/electron/build:${{ needs.setup.outputs.build-image-sha }}
      options: --user root
@@ -124,7 +111,7 @@ jobs:
      build-image-sha: ${{ needs.setup.outputs.build-image-sha }}
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -139,8 +126,6 @@ jobs:
    needs: setup
    if: ${{ !inputs.skip-linux}}
    runs-on: electron-arc-centralus-linux-amd64-32core
-    permissions:
-      contents: read
    container:
      image: ghcr.io/electron/build:${{ needs.setup.outputs.build-image-sha }}
      options: --user root
@@ -156,7 +141,7 @@ jobs:
      build-image-sha: ${{ needs.setup.outputs.build-image-sha}}
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -170,8 +155,6 @@ jobs:
    needs: setup
    if: ${{ needs.setup.outputs.src == 'true' && !inputs.skip-windows }}
    runs-on: electron-arc-centralus-linux-amd64-32core
-    permissions:
-      contents: read
    container:
      image: ghcr.io/electron/build:${{ needs.setup.outputs.build-image-sha }}
      options: --user root --device /dev/fuse --cap-add SYS_ADMIN
@@ -188,7 +171,7 @@ jobs:
      build-image-sha: ${{ needs.setup.outputs.build-image-sha}}
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -202,20 +185,16 @@ jobs:
  # GN Check Jobs
  macos-gn-check:
    uses: ./.github/workflows/pipeline-segment-electron-gn-check.yml
-    permissions:
-      contents: read
    needs: checkout-macos
    with:
      target-platform: macos
      target-archs: x64 arm64
-      check-runs-on: macos-15
+      check-runs-on: macos-14
      gn-build-type: testing
    secrets: inherit

  linux-gn-check:
    uses: ./.github/workflows/pipeline-segment-electron-gn-check.yml
-    permissions:
-      contents: read
    needs: checkout-linux
    if: ${{ needs.setup.outputs.src == 'true' }}
    with:
@@ -228,8 +207,6 @@ jobs:

  windows-gn-check:
    uses: ./.github/workflows/pipeline-segment-electron-gn-check.yml
-    permissions:
-      contents: read
    needs: checkout-windows
    with:
      target-platform: win
@@ -248,7 +225,7 @@ jobs:
    uses: ./.github/workflows/pipeline-electron-build-and-test.yml
    needs: checkout-macos
    with:
-      build-runs-on: macos-15-xlarge
+      build-runs-on: macos-14-xlarge
      test-runs-on: macos-15-large
      target-platform: macos
      target-arch: x64
@@ -267,7 +244,7 @@ jobs:
    uses: ./.github/workflows/pipeline-electron-build-and-test.yml
    needs: checkout-macos
    with:
-      build-runs-on: macos-15-xlarge
+      build-runs-on: macos-14-xlarge
      test-runs-on: macos-15
      target-platform: macos
      target-arch: arm64
@@ -333,7 +310,7 @@ jobs:
      build-runs-on: electron-arc-centralus-linux-amd64-32core
      test-runs-on: electron-arc-centralus-linux-arm64-4core
      build-container: '{"image":"ghcr.io/electron/build:${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root","volumes":["/mnt/cross-instance-cache:/mnt/cross-instance-cache"]}'
-      test-container: '{"image":"ghcr.io/electron/test:arm32v7-${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root --privileged --init --memory=12g","volumes":["/home/runner/externals:/mnt/runner-externals"]}'
+      test-container: '{"image":"ghcr.io/electron/test:arm32v7-${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root --privileged --init","volumes":["/home/runner/externals:/mnt/runner-externals"]}'
      target-platform: linux
      target-arch: arm
      is-release: false
@@ -423,8 +400,6 @@ jobs:
  gha-done:
    name: GitHub Actions Completed
    runs-on: ubuntu-latest
-    permissions:
-      contents: read
    needs: [docs-only, macos-x64, macos-arm64, linux-x64, linux-x64-asan, linux-arm, linux-arm64, windows-x64, windows-x86, windows-arm64]
    if: always() && !contains(needs.*.result, 'failure')
    steps: 
--- a/.github/workflows/clean-src-cache.yml
+++ b/.github/workflows/clean-src-cache.yml
@@ -1,20 +1,16 @@
 name: Clean Source Cache

-# Description:
-# This workflow cleans up the source cache on the cross-instance cache volume
-# to free up space. It runs daily at midnight and clears files older than 15 days.
+description: |
+  This workflow cleans up the source cache on the cross-instance cache volume
+  to free up space. It runs daily at midnight and clears files older than 15 days.

 on:
  schedule:
    - cron: "0 0 * * *"

-permissions: {}
-
 jobs:
  clean-src-cache:
    runs-on: electron-arc-centralus-linux-amd64-32core
-    permissions:
-      contents: read
    container:
      image: ghcr.io/electron/build:bc2f48b2415a670de18d13605b1cf0eb5fdbaae1
      options: --user root
--- a/.github/workflows/issue-labeled.yml
+++ b/.github/workflows/issue-labeled.yml
@@ -4,15 +4,14 @@ on:
  issues:
    types: [labeled]

-permissions: {}
+permissions:  # added using https://github.com/step-security/secure-workflows
+  contents: read

 jobs:
  issue-labeled-with-status:
    name: status/{confirmed,reviewed} label added
    if: github.event.label.name == 'status/confirmed' || github.event.label.name == 'status/reviewed'
    runs-on: ubuntu-latest
-    permissions:
-      contents: read
    steps:
      - name: Generate GitHub App token
        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
@@ -32,8 +31,6 @@ jobs:
    name: blocked/* label added
    if: startsWith(github.event.label.name, 'blocked/')
    runs-on: ubuntu-latest
-    permissions:
-      contents: read
    steps:
      - name: Generate GitHub App token
        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
@@ -75,7 +72,7 @@ jobs:
          creds: ${{ secrets.ISSUE_TRIAGE_GH_APP_CREDS }}
      - name: Create comment
        if: ${{ steps.check-for-comment.outputs.SHOULD_COMMENT }}
-        uses: actions-cool/issues-helper@e2ff99831a4f13625d35064e2b3dfe65c07a0396 # v3.7.5
+        uses: actions-cool/issues-helper@50068f49b7b2b3857270ead65e2d02e4459b022c # v3.6.2
        with:
          actions: 'create-comment'
          token: ${{ steps.generate-token.outputs.token }}
--- a/.github/workflows/issue-opened.yml
+++ b/.github/workflows/issue-opened.yml
@@ -11,7 +11,6 @@ jobs:
  add-to-issue-triage:
    if: ${{ contains(github.event.issue.labels.*.name, 'bug :beetle:') }}
    runs-on: ubuntu-latest
-    permissions: {}
    steps:
      - name: Generate GitHub App token
        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
@@ -29,7 +28,6 @@ jobs:
  set-labels:
    if: ${{ contains(github.event.issue.labels.*.name, 'bug :beetle:') }}
    runs-on: ubuntu-latest
-    permissions: {}
    steps:
      - name: Generate GitHub App token
        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
@@ -37,14 +35,7 @@ jobs:
        with:
          creds: ${{ secrets.ISSUE_TRIAGE_GH_APP_CREDS }}
          org: electron
-      - name: Sparse checkout repository
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
-        with:
-          sparse-checkout: |
-            .
-            .github
-            .yarn
-      - run: yarn workspaces focus @electron/gha-workflows
+      - run: npm install @electron/fiddle-core@1.3.3 mdast-util-from-markdown@2.0.0 unist-util-select@5.1.0 semver@7.6.0
      - name: Add labels
        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
        id: add-labels
@@ -53,13 +44,9 @@ jobs:
        with:
          github-token: ${{ steps.generate-token.outputs.token }}
          script: |
-            const { chdir } = require('node:process');
-            chdir('${{ github.workspace }}/.github/workflows');
-
-            const { ElectronVersions } = require('@electron/fiddle-core');
-            const { fromMarkdown } = require('mdast-util-from-markdown');
-            const { select } = require('unist-util-select');
-            const semver = require('semver');
+            const { fromMarkdown } = await import('${{ github.workspace }}/node_modules/mdast-util-from-markdown/index.js');
+            const { select } = await import('${{ github.workspace }}/node_modules/unist-util-select/index.js');
+            const semver = await import('${{ github.workspace }}/node_modules/semver/index.js');

            const [ owner, repo ] = '${{ github.repository }}'.split('/');
            const issue_number = ${{ github.event.issue.number }};
@@ -90,6 +77,7 @@ jobs:
                    labelExists = true;
                  } catch {}

+                  const { ElectronVersions } = await import('${{ github.workspace }}/node_modules/@electron/fiddle-core/dist/index.js');
                  const electronVersions = await ElectronVersions.create(undefined, { ignoreCache: true });
                  const validVersions = [...electronVersions.supportedMajors, ...electronVersions.prereleaseMajors];

@@ -146,7 +134,7 @@ jobs:
            }
      - name: Create unsupported major comment
        if: ${{ steps.add-labels.outputs.unsupportedMajor }}
-        uses: actions-cool/issues-helper@e2ff99831a4f13625d35064e2b3dfe65c07a0396 # v3.7.5
+        uses: actions-cool/issues-helper@50068f49b7b2b3857270ead65e2d02e4459b022c # v3.6.2
        with:
          actions: 'create-comment'
          token: ${{ steps.generate-token.outputs.token }}
--- a/.github/workflows/issue-transferred.yml
+++ b/.github/workflows/issue-transferred.yml
@@ -10,7 +10,6 @@ jobs:
  issue-transferred:
    name: Issue Transferred
    runs-on: ubuntu-latest
-    permissions: {}
    if: ${{ !github.event.changes.new_repository.private }}
    steps:
      - name: Generate GitHub App token
--- a/.github/workflows/issue-unlabeled.yml
+++ b/.github/workflows/issue-unlabeled.yml
@@ -4,15 +4,14 @@ on:
  issues:
    types: [unlabeled]

-permissions: {}
+permissions:
+  contents: read

 jobs:
  issue-unlabeled-blocked:
    name: All blocked/* labels removed
    if: startsWith(github.event.label.name, 'blocked/') && github.event.issue.state == 'open'
    runs-on: ubuntu-latest
-    permissions:
-      contents: read
    steps:
      - name: Check for any blocked labels
        id: check-for-blocked-labels
--- a/.github/workflows/linux-publish.yml
+++ b/.github/workflows/linux-publish.yml
@@ -6,7 +6,7 @@ on:
      build-image-sha:
        type: string
        description: 'SHA for electron/build image'
-        default: 'a82b87d7a4f5ff0cab61405f8151ac4cf4942aeb'
+        default: '933c7d6ff6802706875270bec2e3c891cf8add3f'
      upload-to-storage:
        description: 'Uploads to Azure storage'
        required: false
@@ -17,13 +17,9 @@ on:
        type: boolean
        default: false

-permissions: {}
-
 jobs:
  checkout-linux:
    runs-on: electron-arc-centralus-linux-amd64-32core
-    permissions:
-      contents: read
    container:
      image: ghcr.io/electron/build:${{ inputs.build-image-sha }}
      options: --user root
@@ -35,7 +31,7 @@ jobs:
      GCLIENT_EXTRA_ARGS: '--custom-var=checkout_arm=True --custom-var=checkout_arm64=True'
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -44,8 +40,6 @@ jobs:

  publish-x64:
    uses: ./.github/workflows/pipeline-segment-electron-build.yml
-    permissions:
-      contents: read
    needs: checkout-linux
    with:
      environment: production-release
@@ -61,8 +55,6 @@ jobs:

  publish-arm:
    uses: ./.github/workflows/pipeline-segment-electron-build.yml
-    permissions:
-      contents: read
    needs: checkout-linux
    with:
      environment: production-release
@@ -78,8 +70,6 @@ jobs:

  publish-arm64:
    uses: ./.github/workflows/pipeline-segment-electron-build.yml
-    permissions:
-      contents: read
    needs: checkout-linux
    with:
      environment: production-release
--- a/.github/workflows/macos-disk-cleanup.yml
+++ b/.github/workflows/macos-disk-cleanup.yml
@@ -1,104 +0,0 @@
-name: macOS Disk Space Cleanup
-
-# Description:
-# This workflow runs the disk space reclaimer on macOS runners every night
-# and logs disk space metrics to Datadog for monitoring.
-
-on:
-  schedule:
-    - cron: "0 0 * * *"
-  workflow_dispatch:
-
-permissions: {}
-
-jobs:
-  macos-disk-cleanup:
-    strategy:
-      fail-fast: false
-      matrix:
-        runner:
-          - macos-15
-          - macos-15-large
-          - macos-15-xlarge
-    runs-on: ${{ matrix.runner }}
-    permissions:
-      contents: read
-    steps:
-      - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
-        with:
-          sparse-checkout: |
-            .github/actions/free-space-macos
-          sparse-checkout-cone-mode: false
-
-      - name: Get Disk Space Before Cleanup
-        id: disk-before
-        shell: bash
-        run: |
-          echo "Disk space before cleanup:"
-          df -h /
-          FREE_SPACE_BEFORE=$(df -k / | tail -1 | awk '{print $4}')
-          echo "free_kb=$FREE_SPACE_BEFORE" >> $GITHUB_OUTPUT
-
-      - name: Free Space on macOS
-        uses: ./.github/actions/free-space-macos
-
-      - name: Get Disk Space After Cleanup
-        id: disk-after
-        shell: bash
-        run: |
-          echo "Disk space after cleanup:"
-          df -h /
-          FREE_SPACE_AFTER=$(df -k / | tail -1 | awk '{print $4}')
-          echo "free_kb=$FREE_SPACE_AFTER" >> $GITHUB_OUTPUT
-
-      - name: Log Disk Space to Datadog
-        if: ${{ env.DD_API_KEY != '' }}
-        shell: bash
-        env:
-          DD_API_KEY: ${{ secrets.DD_API_KEY }}
-          FREE_BEFORE: ${{ steps.disk-before.outputs.free_kb }}
-          FREE_AFTER: ${{ steps.disk-after.outputs.free_kb }}
-          MATRIX_RUNNER: ${{ matrix.runner }}
-        run: |
-          TIMESTAMP=$(date +%s)
-          FREE_BEFORE_GB=$(echo "scale=2; $FREE_BEFORE / 1024 / 1024" | bc)
-          FREE_AFTER_GB=$(echo "scale=2; $FREE_AFTER / 1024 / 1024" | bc)
-          SPACE_FREED_GB=$(echo "scale=2; ($FREE_AFTER - $FREE_BEFORE) / 1024 / 1024" | bc)
-
-          echo "Free space before: ${FREE_BEFORE_GB}GB"
-          echo "Free space after: ${FREE_AFTER_GB}GB"
-          echo "Space freed: ${SPACE_FREED_GB}GB"
-
-          curl -s -X POST "https://api.datadoghq.com/api/v2/series" \
-            -H "Content-Type: application/json" \
-            -H "DD-API-KEY: ${DD_API_KEY}" \
-            -d @- << EOF
-          {
-            "series": [
-              {
-                "metric": "electron.macos.disk.free_space_before_cleanup_gb",
-                "points": [{"timestamp": ${TIMESTAMP}, "value": ${FREE_BEFORE_GB}}],
-                "type": 3,
-                "unit": "gigabyte",
-                "tags": ["runner:${MATRIX_RUNNER}", "platform:macos"]
-              },
-              {
-                "metric": "electron.macos.disk.free_space_after_cleanup_gb",
-                "points": [{"timestamp": ${TIMESTAMP}, "value": ${FREE_AFTER_GB}}],
-                "type": 3,
-                "unit": "gigabyte",
-                "tags": ["runner:${MATRIX_RUNNER}", "platform:macos"]
-              },
-              {
-                "metric": "electron.macos.disk.space_freed_gb",
-                "points": [{"timestamp": ${TIMESTAMP}, "value": ${SPACE_FREED_GB}}],
-                "type": 3,
-                "unit": "gigabyte",
-                "tags": ["runner:${MATRIX_RUNNER}", "platform:macos"]
-              }
-            ]
-          }
-          EOF
-
-          echo "Disk space metrics logged to Datadog"
--- a/.github/workflows/macos-publish.yml
+++ b/.github/workflows/macos-publish.yml
@@ -6,7 +6,7 @@ on:
      build-image-sha:
        type: string
        description: 'SHA for electron/build image'
-        default: 'a82b87d7a4f5ff0cab61405f8151ac4cf4942aeb'
+        default: '933c7d6ff6802706875270bec2e3c891cf8add3f'
        required: true
      upload-to-storage:
        description: 'Uploads to Azure storage'
@@ -18,13 +18,9 @@ on:
        type: boolean
        default: false

-permissions: {}
-
 jobs:
  checkout-macos:
    runs-on: electron-arc-centralus-linux-amd64-32core
-    permissions:
-      contents: read
    container:
      image: ghcr.io/electron/build:${{ inputs.build-image-sha }}
      options: --user root
@@ -36,7 +32,7 @@ jobs:
      GCLIENT_EXTRA_ARGS: '--custom-var=checkout_mac=True --custom-var=host_os=mac'
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -48,12 +44,10 @@ jobs:

  publish-x64-darwin:
    uses: ./.github/workflows/pipeline-segment-electron-build.yml
-    permissions:
-      contents: read
    needs: checkout-macos
    with:
      environment: production-release
-      build-runs-on: macos-15-xlarge
+      build-runs-on: macos-14-xlarge
      target-platform: macos
      target-arch: x64
      target-variant: darwin
@@ -65,12 +59,10 @@ jobs:

  publish-x64-mas:
    uses: ./.github/workflows/pipeline-segment-electron-build.yml
-    permissions:
-      contents: read
    needs: checkout-macos
    with:
      environment: production-release
-      build-runs-on: macos-15-xlarge
+      build-runs-on: macos-14-xlarge
      target-platform: macos
      target-arch: x64
      target-variant: mas
@@ -82,12 +74,10 @@ jobs:

  publish-arm64-darwin:
    uses: ./.github/workflows/pipeline-segment-electron-build.yml
-    permissions:
-      contents: read
    needs: checkout-macos
    with:
      environment: production-release
-      build-runs-on: macos-15-xlarge
+      build-runs-on: macos-14-xlarge
      target-platform: macos
      target-arch: arm64
      target-variant: darwin
@@ -99,12 +89,10 @@ jobs:

  publish-arm64-mas:
    uses: ./.github/workflows/pipeline-segment-electron-build.yml
-    permissions:
-      contents: read
    needs: checkout-macos
    with:
      environment: production-release
-      build-runs-on: macos-15-xlarge
+      build-runs-on: macos-14-xlarge
      target-platform: macos
      target-arch: arm64
      target-variant: mas
--- a/.github/workflows/non-maintainer-dependency-change.yml
+++ b/.github/workflows/non-maintainer-dependency-change.yml
@@ -7,8 +7,6 @@ on:
      - 'spec/yarn.lock'
      - '.github/workflows/**'
      - '.github/actions/**'
-      - '.yarn/**'
-      - '.yarnrc.yml'

 permissions: {}

--- a/.github/workflows/package.json
+++ b/.github/workflows/package.json
@@ -1,13 +0,0 @@
-{
-  "name": "@electron/gha-workflows",
-  "version": "0.0.0-development",
-  "private": true,
-  "type": "module",
-  "dependencies": {
-    "@actions/cache": "^4.0.3",
-    "@electron/fiddle-core": "^2.0.1",
-    "mdast-util-from-markdown": "^2.0.0",
-    "semver": "^7.7.2",
-    "unist-util-select": "^5.1.0"
-  }
-}
--- a/.github/workflows/pipeline-electron-build-and-test-and-nan.yml
+++ b/.github/workflows/pipeline-electron-build-and-test-and-nan.yml
@@ -55,8 +55,6 @@ on:
        type: boolean
        default: false

-permissions: {}
-
 concurrency:
  group: electron-build-and-test-and-nan-${{ inputs.target-platform }}-${{ inputs.target-arch }}-${{ github.ref_protected == true && github.run_id || github.ref }}
  cancel-in-progress: ${{ github.ref_protected != true }}
@@ -64,8 +62,6 @@ concurrency:
 jobs:
  build:
    uses: ./.github/workflows/pipeline-segment-electron-build.yml
-    permissions:
-      contents: read
    with:
      build-runs-on: ${{ inputs.build-runs-on }}
      build-container: ${{ inputs.build-container }}
@@ -78,10 +74,6 @@ jobs:
    secrets: inherit
  test:
    uses: ./.github/workflows/pipeline-segment-electron-test.yml
-    permissions:
-      contents: read
-      issues: read
-      pull-requests: read
    needs: build
    with:
      target-arch: ${{ inputs.target-arch }}
@@ -91,8 +83,6 @@ jobs:
    secrets: inherit
  nn-test:
    uses: ./.github/workflows/pipeline-segment-node-nan-test.yml
-    permissions:
-      contents: read
    needs: build
    with:
      target-arch: ${{ inputs.target-arch }}
--- a/.github/workflows/pipeline-electron-build-and-test.yml
+++ b/.github/workflows/pipeline-electron-build-and-test.yml
@@ -64,13 +64,14 @@ concurrency:
  group: electron-build-and-test-${{ inputs.target-platform }}-${{ inputs.target-arch }}-${{ github.ref_protected == true && github.run_id || github.ref }}
  cancel-in-progress: ${{ github.ref_protected != true }}

-permissions: {}
+permissions:
+  contents: read
+  issues: read
+  pull-requests: read  

 jobs:
  build:
    uses: ./.github/workflows/pipeline-segment-electron-build.yml
-    permissions:
-      contents: read
    with:
      build-runs-on: ${{ inputs.build-runs-on }}
      build-container: ${{ inputs.build-container }}
@@ -85,10 +86,6 @@ jobs:
    secrets: inherit
  test:
    uses: ./.github/workflows/pipeline-segment-electron-test.yml
-    permissions:
-      contents: read
-      issues: read
-      pull-requests: read
    needs: build
    with:
      target-arch: ${{ inputs.target-arch }}
--- a/.github/workflows/pipeline-electron-docs-only.yml
+++ b/.github/workflows/pipeline-electron-docs-only.yml
@@ -8,8 +8,6 @@ on:
        description: 'Container to run the docs-only ts compile in'
        type: string

-permissions: {}
-
 concurrency:
  group: electron-docs-only-${{ github.ref }}
  cancel-in-progress: true
@@ -21,13 +19,11 @@ jobs:
  docs-only:
    name: Docs Only Compile
    runs-on: electron-arc-centralus-linux-amd64-4core
-    permissions:
-      contents: read
    timeout-minutes: 20
    container: ${{ fromJSON(inputs.container) }}
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -43,7 +39,7 @@ jobs:
      with:
        target-platform: linux
    - name: Checkout Electron
-      uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -54,12 +50,12 @@ jobs:
      shell: bash
      run: |
        cd src/electron
-        node script/yarn.js create-typescript-definitions
-        node script/yarn.js tsc -p tsconfig.default_app.json --noEmit
+        node script/yarn create-typescript-definitions
+        node script/yarn tsc -p tsconfig.default_app.json --noEmit
        for f in build/webpack/*.js
        do
            out="${f:29}"
            if [ "$out" != "base.js" ]; then
-            node script/yarn.js webpack --config $f --output-filename=$out --output-path=./.tmp --env mode=development
+            node script/yarn webpack --config $f --output-filename=$out --output-path=./.tmp --env mode=development
            fi
        done
--- a/.github/workflows/pipeline-electron-lint.yml
+++ b/.github/workflows/pipeline-electron-lint.yml
@@ -8,8 +8,6 @@ on:
        description: 'Container to run lint in'
        type: string

-permissions: {}
-
 concurrency:
  group: electron-lint-${{ github.ref_protected == true && github.run_id || github.ref }}
  cancel-in-progress: ${{ github.ref_protected != true }}
@@ -21,13 +19,11 @@ jobs:
  lint:
    name: Lint
    runs-on: electron-arc-centralus-linux-amd64-4core
-    permissions:
-      contents: read
    timeout-minutes: 20
    container: ${{ fromJSON(inputs.container) }}
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -78,11 +74,11 @@ jobs:
        # but then we would lint its contents (at least gn format), and it doesn't pass it.

        cd src/electron
-        node script/yarn.js install --immutable
-        node script/yarn.js lint
+        node script/yarn install --frozen-lockfile
+        node script/yarn lint
    - name: Run Script Typechecker
      shell: bash
      run: |
        cd src/electron
-        node script/yarn.js tsc -p tsconfig.script.json
+        node script/yarn tsc -p tsconfig.script.json
    
--- a/.github/workflows/pipeline-segment-electron-build.yml
+++ b/.github/workflows/pipeline-segment-electron-build.yml
@@ -59,8 +59,6 @@ on:
        type: boolean
        default: false

-permissions: {}
-
 concurrency:
  group: electron-build-${{ inputs.target-platform }}-${{ inputs.target-arch }}-${{ inputs.target-variant }}-${{ inputs.is-asan }}-${{ github.ref_protected == true && github.run_id || github.ref }}
  cancel-in-progress: ${{ github.ref_protected != true }}
@@ -68,7 +66,6 @@ concurrency:
 env:
  CHROMIUM_GIT_COOKIE: ${{ secrets.CHROMIUM_GIT_COOKIE }}
  CHROMIUM_GIT_COOKIE_WINDOWS_STRING: ${{ secrets.CHROMIUM_GIT_COOKIE_WINDOWS_STRING }}
-  DD_API_KEY: ${{ secrets.DD_API_KEY }}
  ELECTRON_ARTIFACTS_BLOB_STORAGE: ${{ secrets.ELECTRON_ARTIFACTS_BLOB_STORAGE }}
  ELECTRON_RBE_JWT: ${{ secrets.ELECTRON_RBE_JWT }}
  SUDOWOODO_EXCHANGE_URL: ${{ secrets.SUDOWOODO_EXCHANGE_URL }}
@@ -83,19 +80,16 @@ jobs:
      run:
        shell: bash
    runs-on: ${{ inputs.build-runs-on }}
-    permissions:
-      contents: read
    container: ${{ fromJSON(inputs.build-container) }}
    environment: ${{ inputs.environment }}
    env:
      TARGET_ARCH: ${{ inputs.target-arch }}
-      TARGET_PLATFORM: ${{ inputs.target-platform }}
    steps:
    - name: Create src dir
      run: |
        mkdir src
    - name: Checkout Electron
-      uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -119,9 +113,9 @@ jobs:
      run: df -h
    - name: Setup Node.js/npm
      if: ${{ inputs.target-platform == 'macos' }}
-      uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f
+      uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444
      with:
-        node-version: 22.21.x
+        node-version: 20.19.x
        cache: yarn
        cache-dependency-path: src/electron/yarn.lock
    - name: Install Dependencies
@@ -163,7 +157,7 @@ jobs:
      if: ${{ inputs.target-platform == 'linux' }}
      uses: ./src/electron/.github/actions/restore-cache-aks
    - name: Checkout Electron
-      uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
--- a/.github/workflows/pipeline-segment-electron-gn-check.yml
+++ b/.github/workflows/pipeline-segment-electron-gn-check.yml
@@ -26,8 +26,6 @@ on:
        type: string
        default: testing

-permissions: {}
-
 concurrency:
  group: electron-gn-check-${{ inputs.target-platform }}-${{ github.ref }}
  cancel-in-progress: true
@@ -43,12 +41,10 @@ jobs:
      run:
        shell: bash
    runs-on: ${{ inputs.check-runs-on }}
-    permissions:
-      contents: read
    container: ${{ fromJSON(inputs.check-container) }}
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -115,7 +111,7 @@ jobs:
    - name: Add CHROMIUM_BUILDTOOLS_PATH to env
      run: echo "CHROMIUM_BUILDTOOLS_PATH=$(pwd)/src/buildtools" >> $GITHUB_ENV
    - name: Checkout Electron
-      uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
--- a/.github/workflows/pipeline-segment-electron-test.yml
+++ b/.github/workflows/pipeline-segment-electron-test.yml
@@ -35,7 +35,10 @@ concurrency:
  group: electron-test-${{ inputs.target-platform }}-${{ inputs.target-arch }}-${{ inputs.is-asan }}-${{ github.ref_protected == true && github.run_id || github.ref }}
  cancel-in-progress: ${{ github.ref_protected != true }}

-permissions: {}
+permissions:
+  contents: read
+  issues: read
+  pull-requests: read

 env:
  CHROMIUM_GIT_COOKIE: ${{ secrets.CHROMIUM_GIT_COOKIE }}
@@ -50,10 +53,6 @@ jobs:
      run:
        shell: bash
    runs-on: ${{ inputs.test-runs-on }}
-    permissions:
-      contents: read
-      issues: read
-      pull-requests: read
    container: ${{ fromJSON(inputs.test-container) }}
    strategy:
      fail-fast: false
@@ -69,12 +68,11 @@ jobs:
      if: ${{ inputs.target-arch == 'arm' && inputs.target-platform == 'linux' }}
      run: |
        cp $(which node) /mnt/runner-externals/node20/bin/
-        cp $(which node) /mnt/runner-externals/node24/bin/
    - name: Setup Node.js/npm
      if: ${{ inputs.target-platform == 'win' }}
-      uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f
+      uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444
      with:
-        node-version: 22.21.x
+        node-version: 20.19.x
    - name: Add TCC permissions on macOS
      if: ${{ inputs.target-platform == 'macos' }}
      run: |
@@ -119,7 +117,7 @@ jobs:
      if: ${{ inputs.target-platform == 'macos' }}
      run: sudo xcode-select --switch /Applications/Xcode_16.4.app
    - name: Checkout Electron
-      uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -168,12 +166,12 @@ jobs:
        echo "DISABLE_CRASH_REPORTER_TESTS=true" >> $GITHUB_ENV
        echo "IS_ASAN=true" >> $GITHUB_ENV
    - name: Download Generated Artifacts
-      uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131
+      uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0
      with:
        name: generated_artifacts_${{ env.ARTIFACT_KEY }}
        path: ./generated_artifacts_${{ matrix.build-type }}_${{ inputs.target-arch }}
    - name: Download Src Artifacts
-      uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131
+      uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0
      with:
        name: src_artifacts_${{ env.ARTIFACT_KEY }}
        path: ./src_artifacts_${{ matrix.build-type }}_${{ inputs.target-arch }}
@@ -197,7 +195,10 @@ jobs:
    #    sudo security authorizationdb write com.apple.trust-settings.admin allow
    #    cd src/electron
    #    ./script/codesign/generate-identity.sh
-
+    - name: Install Datadog CLI
+      run: |
+        cd src/electron
+        node script/yarn global add @datadog/datadog-ci
    - name: Run Electron Tests
      shell: bash
      env:
@@ -223,7 +224,7 @@ jobs:
              export ELECTRON_FORCE_TEST_SUITE_EXIT="true"
            fi
          fi
-          node script/yarn.js test --runners=main --enableRerun=3 --trace-uncaught --enable-logging --files $tests_files
+          node script/yarn test --runners=main --enableRerun=3 --trace-uncaught --enable-logging --files $tests_files
        else
          chown :builduser .. && chmod g+w ..
          chown -R :builduser . && chmod -R g+w .
@@ -240,14 +241,9 @@ jobs:
            export MOCHA_TIMEOUT=180000
            echo "Piping output to ASAN_SYMBOLIZE ($ASAN_SYMBOLIZE)"
            cd electron
-            runuser -u builduser -- xvfb-run script/actions/run-tests.sh script/yarn.js test --runners=main --trace-uncaught --enable-logging --files $tests_files | $ASAN_SYMBOLIZE
+            runuser -u builduser -- xvfb-run script/actions/run-tests.sh script/yarn test --runners=main --trace-uncaught --enable-logging --files $tests_files | $ASAN_SYMBOLIZE
          else
-            if [ "${{ inputs.target-arch }}" = "arm" ]; then
-              runuser -u builduser -- xvfb-run script/actions/run-tests.sh script/yarn.js test --skipYarnInstall --runners=main --enableRerun=3 --trace-uncaught --enable-logging --files $tests_files
-            else 
-              runuser -u builduser -- xvfb-run script/actions/run-tests.sh script/yarn.js test --runners=main --enableRerun=3 --trace-uncaught --enable-logging --files $tests_files
-            fi
-            
+            runuser -u builduser -- xvfb-run script/actions/run-tests.sh script/yarn test --runners=main --trace-uncaught --enable-logging --files $tests_files
          fi
        fi
    - name: Upload Test results to Datadog
@@ -259,14 +255,13 @@ jobs:
        DD_TAGS: "os.architecture:${{ inputs.target-arch }},os.family:${{ inputs.target-platform }},os.platform:${{ inputs.target-platform }},asan:${{ inputs.is-asan }}"
      run: |
        if ! [ -z $DD_API_KEY ] && [ -f src/electron/junit/test-results-main.xml ]; then
-          cd src/electron
-          export DATADOG_PATH=`node script/yarn.js bin datadog-ci`
-          $DATADOG_PATH junit upload junit/test-results-main.xml
-        fi
+          export DATADOG_PATH=`node src/electron/script/yarn global bin`
+          $DATADOG_PATH/datadog-ci junit upload src/electron/junit/test-results-main.xml
+        fi          
      if: always() && !cancelled()
    - name: Upload Test Artifacts
      if: always() && !cancelled()
-      uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f
+      uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02
      with:
        name: test_artifacts_${{ env.ARTIFACT_KEY }}_${{ matrix.shard }}
        path: src/electron/spec/artifacts
--- a/.github/workflows/pipeline-segment-node-nan-test.yml
+++ b/.github/workflows/pipeline-segment-node-nan-test.yml
@@ -26,8 +26,6 @@ on:
        type: string
        default: testing

-permissions: {}
-
 concurrency:
  group: electron-node-nan-test-${{ inputs.target-platform }}-${{ inputs.target-arch }}-${{ github.ref_protected == true && github.run_id || github.ref }}
  cancel-in-progress: ${{ github.ref_protected != true }}
@@ -41,8 +39,6 @@ jobs:
  node-tests:
    name: Run Node.js Tests
    runs-on: electron-arc-centralus-linux-amd64-8core
-    permissions:
-      contents: read
    timeout-minutes: 30
    env: 
      TARGET_ARCH: ${{ inputs.target-arch }}
@@ -50,7 +46,7 @@ jobs:
    container: ${{ fromJSON(inputs.test-container) }}
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -65,12 +61,12 @@ jobs:
    - name: Install Dependencies
      uses: ./src/electron/.github/actions/install-dependencies
    - name: Download Generated Artifacts
-      uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131
+      uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0
      with:
        name: generated_artifacts_${{ env.BUILD_TYPE }}_${{ env.TARGET_ARCH }}
        path: ./generated_artifacts_${{ env.BUILD_TYPE }}_${{ env.TARGET_ARCH }}
    - name: Download Src Artifacts
-      uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131
+      uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0
      with:
        name: src_artifacts_linux_${{ env.TARGET_ARCH }}
        path: ./src_artifacts_linux_${{ env.TARGET_ARCH }}
@@ -97,8 +93,6 @@ jobs:
  nan-tests:
    name: Run Nan Tests
    runs-on: electron-arc-centralus-linux-amd64-4core
-    permissions:
-      contents: read
    timeout-minutes: 30
    env: 
      TARGET_ARCH: ${{ inputs.target-arch }}
@@ -106,7 +100,7 @@ jobs:
    container: ${{ fromJSON(inputs.test-container) }}
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -121,12 +115,12 @@ jobs:
    - name: Install Dependencies
      uses: ./src/electron/.github/actions/install-dependencies
    - name: Download Generated Artifacts
-      uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131
+      uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0
      with:
        name: generated_artifacts_${{ env.BUILD_TYPE }}_${{ env.TARGET_ARCH }}
        path: ./generated_artifacts_${{ env.BUILD_TYPE }}_${{ env.TARGET_ARCH }}
    - name: Download Src Artifacts
-      uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131
+      uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0
      with:
        name: src_artifacts_linux_${{ env.TARGET_ARCH }}
        path: ./src_artifacts_linux_${{ env.TARGET_ARCH }}
@@ -138,16 +132,10 @@ jobs:
        unzip -:o dist.zip
    - name: Setup Linux for Headless Testing
      run: sh -e /etc/init.d/xvfb start
-    - name: Add Clang problem matcher
-      shell: bash
-      run: echo "::add-matcher::src/electron/.github/problem-matchers/clang.json"
    - name: Run Nan Tests
      run: |
        cd src
        node electron/script/nan-spec-runner.js
-    - name: Remove Clang problem matcher
-      shell: bash
-      run: echo "::remove-matcher owner=clang::"
    - name: Wait for active SSH sessions
      shell: bash
      if: always() && !cancelled()
--- a/.github/workflows/pull-request-labeled.yml
+++ b/.github/workflows/pull-request-labeled.yml
@@ -11,7 +11,6 @@ jobs:
    name: backport/requested label added
    if: github.event.label.name == 'backport/requested 🗳'
    runs-on: ubuntu-latest
-    permissions: {}
    steps:
      - name: Trigger Slack workflow
        uses: slackapi/slack-github-action@91efab103c0de0a537f72a35f6b8cda0ee76bf0a # v2.1.1
@@ -20,16 +19,12 @@ jobs:
          webhook-type: webhook-trigger
          payload: |
            {
-              "base_ref": ${{ toJSON(github.event.pull_request.base.ref) }},
-              "title": ${{ toJSON(github.event.pull_request.title) }},
-              "url": ${{ toJSON(github.event.pull_request.html_url) }},
-              "user": ${{ toJSON(github.event.pull_request.user.login) }}
+              "url": "${{ github.event.pull_request.html_url }}"
            }
  pull-request-labeled-deprecation-review-complete:
    name: deprecation-review/complete label added
    if: github.event.label.name == 'deprecation-review/complete ✅'
    runs-on: ubuntu-latest
-    permissions: {}
    steps:
      - name: Generate GitHub App token
        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -22,13 +22,13 @@ jobs:

    steps:
      - name: "Checkout code"
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          persist-credentials: false

      # This is a pre-submit / pre-release.
      - name: "Run analysis"
-        uses: ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a # v2.4.3
+        uses: ossf/scorecard-action@05b42c624433fc40578a4040d5cf5e36ddca8cde # v2.4.2
        with:
          results_file: results.sarif
          results_format: sarif
@@ -42,7 +42,7 @@ jobs:
      # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
      # format to the repository Actions tab.
      - name: "Upload artifact"
-        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
        with:
          name: SARIF file
          path: results.sarif
@@ -50,6 +50,6 @@ jobs:

      # Upload the results to GitHub's code scanning dashboard.
      - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@cdefb33c0f6224e58673d9004f47f7cb3e328b89 # v3.29.5
+        uses: github/codeql-action/upload-sarif@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.29.5
        with:
          sarif_file: results.sarif
--- a/.github/workflows/semantic.yml
+++ b/.github/workflows/semantic.yml
@@ -7,7 +7,8 @@ on:
      - edited
      - synchronize

-permissions: {}
+permissions:
+  contents: read

 jobs:
  main:
--- a/.github/workflows/stable-prep-items.yml
+++ b/.github/workflows/stable-prep-items.yml
@@ -11,7 +11,6 @@ jobs:
  check-stable-prep-items:
    name: Check Stable Prep Items
    runs-on: ubuntu-latest
-    permissions: {}
    steps:
      - name: Generate GitHub App token
        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@@ -10,14 +10,13 @@ permissions: {}
 jobs:
  stale:
    runs-on: ubuntu-latest
-    permissions: {}
    steps:
      - name: Generate GitHub App token
        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
        id: generate-token
        with:
          creds: ${{ secrets.ISSUE_TRIAGE_GH_APP_CREDS }}
-      - uses: actions/stale@997185467fa4f803885201cee163a9f38240193d # tag: v10.1.1
+      - uses: actions/stale@5f858e3efba33a5ca4407a664cc011ad407f2008 # tag: v10.1.0
        with:
          repo-token: ${{ steps.generate-token.outputs.token }}
          days-before-stale: 90
@@ -28,11 +27,10 @@ jobs:
            This issue has been automatically marked as stale. **If this issue is still affecting you, please leave any comment** (for example, "bump"), and we'll keep it open. If you have any new additional information—in particular, if this is still reproducible in the [latest version of Electron](https://www.electronjs.org/releases/stable) or in the [beta](https://www.electronjs.org/releases/beta)—please include it with your comment!
          close-issue-message: >
            This issue has been closed due to inactivity, and will not be monitored.  If this is a bug and you can reproduce this issue on a [supported version of Electron](https://www.electronjs.org/docs/latest/tutorial/electron-timelines#timeline) please open a new issue and include instructions for reproducing the issue.
-          exempt-issue-labels: "discussion,security \U0001F512,enhancement :sparkles:,status/confirmed,stale-exempt,upgrade-follow-up,tracking-upstream"
+          exempt-issue-labels: "discussion,security \U0001F512,enhancement :sparkles:,status/confirmed,stale-exempt,upgrade-follow-up"
          only-pr-labels: not-a-real-label
  pending-repro:
    runs-on: ubuntu-latest
-    permissions: {}
    if: ${{ always() }}
    needs: stale
    steps:
@@ -41,7 +39,7 @@ jobs:
        id: generate-token
        with:
          creds: ${{ secrets.ISSUE_TRIAGE_GH_APP_CREDS }}
-      - uses: actions/stale@997185467fa4f803885201cee163a9f38240193d # tag: v10.1.1
+      - uses: actions/stale@5f858e3efba33a5ca4407a664cc011ad407f2008 # tag: v10.1.0
        with:
          repo-token: ${{ steps.generate-token.outputs.token }}
          days-before-stale: -1
--- a/.github/workflows/windows-publish.yml
+++ b/.github/workflows/windows-publish.yml
@@ -6,7 +6,7 @@ on:
      build-image-sha:
        type: string
        description: 'SHA for electron/build image'
-        default: 'a82b87d7a4f5ff0cab61405f8151ac4cf4942aeb'
+        default: '933c7d6ff6802706875270bec2e3c891cf8add3f'
        required: true
      upload-to-storage:
        description: 'Uploads to Azure storage'
@@ -18,13 +18,9 @@ on:
        type: boolean
        default: false

-permissions: {}
-
 jobs:
  checkout-windows:
    runs-on: electron-arc-centralus-linux-amd64-32core
-    permissions:
-      contents: read
    container:
      image: ghcr.io/electron/build:${{ inputs.build-image-sha }}
      options: --user root --device /dev/fuse --cap-add SYS_ADMIN
@@ -40,7 +36,7 @@ jobs:
      build-image-sha: ${{ inputs.build-image-sha }}
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -52,8 +48,6 @@ jobs:

  publish-x64-win:
    uses: ./.github/workflows/pipeline-segment-electron-build.yml
-    permissions:
-      contents: read
    needs: checkout-windows
    with:
      environment: production-release
@@ -68,8 +62,6 @@ jobs:

  publish-arm64-win:
    uses: ./.github/workflows/pipeline-segment-electron-build.yml
-    permissions:
-      contents: read
    needs: checkout-windows
    with:
      environment: production-release
@@ -84,8 +76,6 @@ jobs:

  publish-x86-win:
    uses: ./.github/workflows/pipeline-segment-electron-build.yml
-    permissions:
-      contents: read
    needs: checkout-windows
    with:
      environment: production-release
--- a/.gitignore
+++ b/.gitignore
@@ -53,5 +53,3 @@ ts-gen
 patches/mtime-cache.json

 spec/fixtures/logo.png
-
-.yarn/install-state.gz
--- a/.yarn/releases/yarn-4.12.0.cjs
+++ b/.yarn/releases/yarn-4.12.0.cjs
--- a/.yarnrc.yml
+++ b/.yarnrc.yml
@@ -1,12 +0,0 @@
-enableScripts: false
-
-nmHoistingLimits: workspaces
-
-nodeLinker: node-modules
-
-npmMinimalAgeGate: 10080
-
-npmPreapprovedPackages:
-  - "@electron/*"
-
-yarnPath: .yarn/releases/yarn-4.12.0.cjs
--- a/BUILD.gn
+++ b/BUILD.gn
@@ -446,7 +446,6 @@ source_set("electron_lib") {
    "shell/services/node/public/mojom",
    "//base:base_static",
    "//base/allocator:buildflags",
-    "//build/util:chromium_git_revision",
    "//chrome:strings",
    "//chrome/app:command_ids",
    "//chrome/app/resources:platform_locale_settings",
@@ -481,7 +480,6 @@ source_set("electron_lib") {
    "//device/bluetooth",
    "//device/bluetooth/public/cpp",
    "//gin",
-    "//gpu/ipc/client",
    "//media/capture/mojom:video_capture",
    "//media/mojo/mojom",
    "//media/mojo/mojom:web_speech_recognition",
@@ -529,7 +527,6 @@ source_set("electron_lib") {
    "//base",
    "//base:i18n",
    "//content/public/app",
-    "//ui/base/unowned_user_data",
  ]

  include_dirs = [
@@ -589,13 +586,7 @@ source_set("electron_lib") {
  }

  if (is_mac) {
-    # Disable C++ modules to resolve linking error when including MacOS SDK
-    # headers from third_party/electron_node/deps/uv/include/uv/darwin.h
-    # TODO(samuelmaddock): consider revisiting this in the future
-    use_libcxx_modules = false
-
    deps += [
-      "//components/os_crypt/common:keychain_password_mac",
      "//components/remote_cocoa/app_shim",
      "//components/remote_cocoa/browser",
      "//content/browser:mac_helpers",
@@ -764,13 +755,11 @@ source_set("electron_lib") {
  if (enable_pdf_viewer) {
    deps += [
      "//chrome/browser/resources/pdf:resources",
-      "//chrome/browser/ui:browser_element_identifiers",
      "//components/pdf/browser",
      "//components/pdf/browser:interceptors",
      "//components/pdf/common:constants",
      "//components/pdf/common:util",
      "//components/pdf/renderer",
-      "//components/user_education/webui",
      "//pdf",
      "//pdf:content_restriction",
    ]
@@ -1630,29 +1619,6 @@ group("node_headers") {
  public_deps = [ ":tar_node_headers" ]
 }

-group("testing_build") {
-  public_deps = [
-    ":electron_dist_zip",
-    ":electron_mksnapshot_zip",
-    ":node_headers",
-  ]
-}
-
-group("release_build") {
-  public_deps = [ ":testing_build" ]
-  if (is_official_build) {
-    public_deps += [ ":electron_symbols" ]
-  }
-  if (is_linux) {
-    public_deps += [
-      ":hunspell_dictionaries_zip",
-      ":libcxx_headers_zip",
-      ":libcxx_objects_zip",
-      ":libcxxabi_headers_zip",
-    ]
-  }
-}
-
 if (is_linux && is_official_build) {
  strip_binary("strip_electron_binary") {
    binary_input = "$root_out_dir/$electron_project_name"
--- a/CLAUDE.md
+++ b/CLAUDE.md
@@ -1,226 +0,0 @@
-# Electron Development Guide
-
-## Project Overview
-
-Electron is a framework for building cross-platform desktop applications using web technologies. It embeds Chromium for rendering and Node.js for backend functionality.
-
-## Directory Structure
-
-```text
-electron/                 # This repo (run `e` commands here)
-├── shell/               # Core C++ application code
-│   ├── browser/         # Main process implementation (107+ API modules)
-│   ├── renderer/        # Renderer process code
-│   ├── common/          # Shared code between processes
-│   ├── app/             # Application entry points
-│   └── services/        # Node.js service integration
-├── lib/                 # TypeScript/JavaScript library code
-│   ├── browser/         # Main process JS (47 API implementations)
-│   ├── renderer/        # Renderer process JS
-│   └── common/          # Shared JS modules
-├── patches/             # Patches for upstream dependencies
-│   ├── chromium/        # ~159 patches to Chromium
-│   ├── node/            # ~48 patches to Node.js
-│   └── ...              # Other targets (v8, boringssl, etc.)
-├── spec/                # Test suite (1189+ TypeScript test files)
-├── docs/                # API documentation and guides
-├── build/               # Build configuration
-├── script/              # Build and automation scripts
-└── chromium_src/        # Chromium source overrides
-../                      # Parent directory is Chromium source
-```
-
-## Build Tools Setup
-
-Electron uses `@electron/build-tools` for development. The `e` command is the primary CLI.
-
-**Installation:**
-
-```bash
-npm i -g @electron/build-tools
-```
-
-**Configuration location:** `~/.electron_build_tools/configs/`
-
-## Essential Commands
-
-### Configuration Management
-
-| Command | Purpose |
-|---------|---------|
-| `e init <name> --root=<path> --bootstrap testing` | Create new build config and sync |
-| `e use <name>` | Switch to a different build configuration |
-| `e show current` | Display active configuration name |
-| `e show configs` | List all available configurations |
-
-### Build & Development Loop
-
-| Command | Purpose |
-|---------|---------|
-| `e sync` | Fetch/update all source code and apply patches |
-| `e sync --3` | Sync with 3-way merge (required for Chromium upgrades) |
-| `e build` | Build Electron (runs GN + Ninja) |
-| `e build -k 999` | Build and continue on errors (up to 999) |
-| `e build -t <target>` | Build specific target (e.g., `electron:node_headers`) |
-| `e start` | Run the built Electron executable |
-| `e start --version` | Verify Electron launches and print version |
-| `e test` | Run the test suite |
-| `e debug` | Run Electron in debugger (lldb on macOS, gdb on Linux) |
-
-### Patch Management
-
-| Command | Purpose |
-|---------|---------|
-| `e patches <target>` | Export patches for a target (chromium, node, v8, etc.) |
-| `e patches all` | Export all patches from all targets |
-| `e patches --list-targets` | List available patch targets |
-
-## Typical Development Workflow
-
-```bash
-# 1. Ensure you're on the right config
-e show current
-
-# 2. Sync to get latest code
-e sync
-
-# 3. Make your changes in shell/ or lib/ or ../
-
-# 4. Build
-e build
-
-# 5. Test your changes (Leave the user to do this, don't run these commands unless asked)
-e start
-e test
-
-# 6. If you modified patched files in Chromium:
-cd ..  # Go to Chromium repo
-git add <files>
-git commit -m "description of change"
-cd electron
-e patches chromium  # Export the patch
-```
-
-## Patches System
-
-Electron patches upstream dependencies (Chromium, Node.js, V8, etc.) to add features or modify behavior.
-
-**How patches work:**
-
-```text
-patches/{target}/*.patch  →  [e sync --3]  →  target repo commits
-                          ←  [e patches]   ←
-```
-
-**Patch configuration:** `patches/config.json` maps patch directories to target repos.
-
-**Key rules:**
-
- Fix existing patches 99% of the time rather than creating new ones
- Preserve original authorship in TODO comments
- Never change TODO assignees (`TODO(name)` must retain original name)
- Each patch file includes commit message explaining its purpose
-
-**Creating/modifying patches:**
-
-1. Make changes in the target repo (e.g., `../` for Chromium)
-2. Create a git commit
-3. Run `e patches <target>` to export
-
-## Testing
-
-**Test location:** `spec/` directory
-
-**Running tests:**
-
-```bash
-e test                    # Run full test suite
-```
-
-**Test frameworks:** Mocha, Chai, Sinon
-
-## Build Configuration
-
-**GN build arguments:** Located in `build/args/`:
-
- `testing.gn` - Debug/testing builds
- `release.gn` - Release builds
- `all.gn` - Common arguments for all builds
-
-**Main build file:** `BUILD.gn`
-
-**Feature flags:** `buildflags/buildflags.gni`
-
-## Chromium Upgrade Workflow
-
-When working on the `roller/chromium/main` branch to upgrade Chromium activate the "Electron Chromium Upgrade" skill.
-
-## Code Style
-
-**C++:** Follows Chromium style, enforced by clang-format
-**TypeScript/JavaScript:** ESLint configuration in `.eslintrc.json`
-
-**Linting:**
-
-```bash
-npm run lint              # Run all linters
-npm run lint:clang-format # C++ formatting
-```
-
-## Key Files
-
-| File | Purpose |
-|------|---------|
-| `BUILD.gn` | Main GN build configuration |
-| `DEPS` | Dependency versions and checkout paths |
-| `patches/config.json` | Patch target configuration |
-| `filenames.gni` | Source file lists by platform |
-| `package.json` | Node.js dependencies and scripts |
-
-## Environment Variables
-
-| Variable | Purpose |
-|----------|---------|
-| `GN_EXTRA_ARGS` | Additional GN arguments (useful in CI) |
-| `ELECTRON_RUN_AS_NODE=1` | Run Electron as Node.js |
-
-## Useful Git Commands for Chromium
-
-```bash
-# Find CL that changed a file
-cd ..
-git log --oneline -10 -- {file}
-git blame -L {start},{end} -- {file}
-
-# Look for Chromium CL reference in commit
-git log -1 {commit_sha}  # Find "Reviewed-on:" line
-
-# Find which patch affects a file
-grep -l "filename.cc" patches/chromium/*.patch
-```
-
-## CI/CD
-
-GitHub Actions workflows in `.github/workflows/`:
-
- `build.yml` - Main build workflow
- `pipeline-electron-lint.yml` - Linting
- `pipeline-segment-electron-test.yml` - Testing
-
-## Common Issues
-
-**Patch conflict during sync:**
-
- Use `e sync --3` for 3-way merge
- Check if file was renamed/moved upstream
- Verify patch is still needed
-
-**Build error in patched file:**
-
- Find the patch: `grep -l "filename" patches/chromium/*.patch`
- Match existing patch style (#if 0 guards, BUILDFLAG conditionals, etc.)
-
-**Remote build issues:**
-
- Try `e build --no-remote` to build locally
- Check reclient/siso configuration in your build config
--- a/13
+++ b/13
@@ -2,17 +2,17 @@ gclient_gn_args_from = 'src'

 vars = {
  'chromium_version':
-    '146.0.7633.0',
+    '142.0.7417.0',
  'node_version':
-    'v24.11.1',
+    'v22.20.0',
  'nan_version':
-    '675cefebca42410733da8a454c8d9391fcebfbc2',
+    'e14bdcd1f72d62bca1d541b66da43130384ec213',
  'squirrel.mac_version':
    '0e5d146ba13101a1302d59ea6e6e0b3cace4ae38',
  'reactiveobjc_version':
    '74ab5baccc6f7202c8ac69a8d1e152c29dc1ea76',
  'mantle_version':
-    '2a8e2123a3931038179ee06105c9e6ec336b12ea',
+    '78d3966b3c331292ea29ec38661b25df0a245948',
  'engflow_reclient_configs_version':
    '955335c30a752e9ef7bff375baab5e0819b6c00d',

@@ -30,6 +30,9 @@ vars = {
  # The path of the sysroots.json file.
  'sysroots_json_path': 'electron/script/sysroots.json',

+  # KEEP IN SYNC WITH utils.js FILE
+  'yarn_version': '1.22.22',
+
  # To be able to build clean Chromium from sources.
  'apply_patches': True,

@@ -152,7 +155,7 @@ hooks = [
    'action': [
      'python3',
      '-c',
-      'import os, subprocess; os.chdir(os.path.join("src", "electron")); subprocess.check_call(["node", ".yarn/releases/yarn-4.12.0.cjs", "install", "--immutable"]);',
+      'import os, subprocess; os.chdir(os.path.join("src", "electron")); subprocess.check_call(["python3", "script/lib/npx.py", "yarn@' + (Var("yarn_version")) + '", "install", "--frozen-lockfile"]);',
    ],
  },
  {
--- a/README.md
+++ b/README.md
@@ -37,9 +37,9 @@ For more installation options and troubleshooting tips, see

 Each Electron release provides binaries for macOS, Windows, and Linux.

-* macOS (Monterey and up): Electron provides 64-bit Intel and Apple Silicon / ARM binaries for macOS.
+* macOS (Big Sur and up): Electron provides 64-bit Intel and Apple Silicon / ARM binaries for macOS.
 * Windows (Windows 10 and up): Electron provides `ia32` (`x86`), `x64` (`amd64`), and `arm64` binaries for Windows. Windows on ARM support was added in Electron 5.0.8. Support for Windows 7, 8 and 8.1 was [removed in Electron 23, in line with Chromium's Windows deprecation policy](https://www.electronjs.org/blog/windows-7-to-8-1-deprecation-notice).
-* Linux: The prebuilt binaries of Electron are built on Ubuntu 22.04. They have also been verified to work on:
+* Linux: The prebuilt binaries of Electron are built on Ubuntu 20.04. They have also been verified to work on:
  * Ubuntu 18.04 and newer
  * Fedora 32 and newer
  * Debian 10 and newer
--- a/build/args/all.gn
+++ b/build/args/all.gn
@@ -2,7 +2,7 @@ is_electron_build = true
 root_extra_deps = [ "//electron" ]

 # Registry of NMVs --> https://github.com/nodejs/node/blob/main/doc/abi_version_registry.json
-node_module_version = 145
+node_module_version = 140

 v8_promise_internal_field_count = 1
 v8_embedder_string = "-electron.0"
@@ -19,15 +19,15 @@ proprietary_codecs = true

 enable_printing = true

-# Refs https://chromium-review.googlesource.com/c/chromium/src/+/6986517
-# CI is using MacOS 15.5 which doesn't have the required modulemaps.
-use_clang_modules = false
-
 # Removes DLLs from the build, which are only meant to be used for Chromium development.
 # See https://github.com/electron/electron/pull/17985
 angle_enable_vulkan_validation_layers = false
 dawn_enable_vulkan_validation_layers = false

+# Removes dxc dll's that are only used experimentally.
+# See https://bugs.chromium.org/p/chromium/issues/detail?id=1474897
+dawn_use_built_dxc = false
+
 # These are disabled because they cause the zip manifest to differ between
 # testing and release builds.
 # See https://chromium-review.googlesource.com/c/chromium/src/+/2774898.
--- a/chromium_src/BUILD.gn
+++ b/chromium_src/BUILD.gn
@@ -383,8 +383,6 @@ static_library("chrome") {
        "//chrome/browser/pdf/chrome_pdf_stream_delegate.h",
        "//chrome/browser/pdf/pdf_extension_util.cc",
        "//chrome/browser/pdf/pdf_extension_util.h",
-        "//chrome/browser/pdf/pdf_help_bubble_handler_factory.cc",
-        "//chrome/browser/pdf/pdf_help_bubble_handler_factory.h",
        "//chrome/browser/pdf/pdf_viewer_stream_manager.cc",
        "//chrome/browser/pdf/pdf_viewer_stream_manager.h",
        "//chrome/browser/plugins/pdf_iframe_navigation_throttle.cc",
@@ -393,8 +391,6 @@ static_library("chrome") {
      deps += [
        "//components/pdf/browser",
        "//components/pdf/renderer",
-        "//ui/base/interaction",
-        "//ui/webui/resources/cr_components/help_bubble:mojo_bindings",
      ]
    }
  } else {
--- a/default_app/main.ts
+++ b/default_app/main.ts
@@ -110,9 +110,11 @@ async function loadApplicationPackage (packagePath: string) {
      } else if (packageJson.name) {
        app.name = packageJson.name;
      }
-
-      app.setDesktopName(packageJson.desktopName || `${app.name}.desktop`);
-
+      if (packageJson.desktopName) {
+        app.setDesktopName(packageJson.desktopName);
+      } else {
+        app.setDesktopName(`${app.name}.desktop`);
+      }
      // Set v8 flags, deliberately lazy load so that apps that do not use this
      // feature do not pay the price
      if (packageJson.v8Flags) {
@@ -253,7 +255,7 @@ async function startRepl () {
 if (option.file && !option.webdriver) {
  const file = option.file;
  // eslint-disable-next-line n/no-deprecated-api
-  const protocol = URL.canParse(file) ? new URL(file).protocol : null;
+  const protocol = url.parse(file).protocol;
  const extension = path.extname(file);
  if (protocol === 'http:' || protocol === 'https:' || protocol === 'file:' || protocol === 'chrome:') {
    await loadApplicationByURL(file);
--- a/docs/api/app.md
+++ b/docs/api/app.md
@@ -421,7 +421,6 @@ Returns:
    * `oom` - Process ran out of memory
    * `launch-failed` - Process never successfully launched
    * `integrity-failure` - Windows code integrity checks failed
-    * `memory-eviction` - Process proactively terminated to prevent a future out-of-memory (OOM) situation
  * `exitCode` number - The exit code for the process
      (e.g. status from waitpid if on POSIX, from GetExitCodeProcess on Windows).
  * `serviceName` string (optional) - The non-localized name of the process.
@@ -565,9 +564,8 @@ and subscribing to the `ready` event if the app is not ready yet.
  * `steal` boolean _macOS_ - Make the receiver the active app even if another app is
  currently active.

-On macOS, makes the application the active app. On Windows, focuses on the application's
-first window. On Linux, either focuses on the first visible window (X11) or requests
-focus but may instead show a notification or flash the app icon (Wayland).
+On Linux, focuses on the first visible window. On macOS, makes the application
+the active app. On Windows, focuses on the application's first window.

 You should seek to use the `steal` option as sparingly as possible.

@@ -612,7 +610,7 @@ Returns `string` - The current application directory.
    may backup this directory to cloud storage.
  * `sessionData` The directory for storing data generated by `Session`, such
    as localStorage, cookies, disk cache, downloaded dictionaries, network
-    state, DevTools files. By default this points to `userData`. Chromium may
+    state, devtools files. By default this points to `userData`. Chromium may
    write very large disk cache here, so if your app does not rely on browser
    storage like localStorage or cookies to save user data, it is recommended
    to set this directory to other locations to avoid polluting the `userData`
@@ -1216,13 +1214,6 @@ Disables hardware acceleration for current app.

 This method can only be called before app is ready.

-### `app.isHardwareAccelerationEnabled()`
-
-Returns `boolean` - whether hardware acceleration is currently enabled.
-
- > [!NOTE]
- > This information is only usable after the `gpu-info-update` event is emitted.
-
 ### `app.disableDomainBlockingFor3DAPIs()`

 By default, Chromium disables 3D APIs (e.g. WebGL) until restart on a per
@@ -1406,75 +1397,7 @@ details. Disabled by default.
 This API must be called after the `ready` event is emitted.

 > [!NOTE]
-> Rendering accessibility tree can significantly affect the performance of your app. It should not be enabled by default. Calling this method will enable the following accessibility support features: `nativeAPIs`, `webContents`, `inlineTextBoxes`, and `extendedProperties`.
-
-### `app.getAccessibilitySupportFeatures()` _macOS_ _Windows_
-
-Returns `string[]` - Array of strings naming currently enabled accessibility support components. Possible values:
-
-* `nativeAPIs` - Native OS accessibility APIs integration enabled.
-* `webContents` - Web contents accessibility tree exposure enabled.
-* `inlineTextBoxes` - Inline text boxes (character bounding boxes) enabled.
-* `extendedProperties` - Extended accessibility properties enabled.
-* `screenReader` - Screen reader specific mode enabled.
-* `html` - HTML accessibility tree construction enabled.
-* `labelImages` - Accessibility support for automatic image annotations.
-* `pdfPrinting` - Accessibility support for PDF printing enabled.
-
-Notes:
-
-* The array may be empty if no accessibility modes are active.
-* Use `app.isAccessibilitySupportEnabled()` for the legacy boolean check;
-  prefer this method for granular diagnostics or telemetry.
-
-Example:
-
-```js
-const { app } = require('electron')
-
-app.whenReady().then(() => {
-  if (app.getAccessibilitySupportFeatures().includes('screenReader')) {
-    // Change some app UI to better work with Screen Readers.
-  }
-})
-```
-
-### `app.setAccessibilitySupportFeatures(features)` _macOS_ _Windows_
-
-* `features` string[] - An array of the accessibility features to enable.
-
-Possible values are:
-
-* `nativeAPIs` - Native OS accessibility APIs integration enabled.
-* `webContents` - Web contents accessibility tree exposure enabled.
-* `inlineTextBoxes` - Inline text boxes (character bounding boxes) enabled.
-* `extendedProperties` - Extended accessibility properties enabled.
-* `screenReader` - Screen reader specific mode enabled.
-* `html` - HTML accessibility tree construction enabled.
-* `labelImages` - Accessibility support for automatic image annotations.
-* `pdfPrinting` - Accessibility support for PDF printing enabled.
-
-To disable all supported features, pass an empty array `[]`.
-
-Example:
-
-```js
-const { app } = require('electron')
-
-app.whenReady().then(() => {
-  // Enable a subset of features:
-  app.setAccessibilitySupportFeatures([
-    'screenReader',
-    'pdfPrinting',
-    'webContents'
-  ])
-
-  // Other logic
-
-  // Some time later, disable all features:
-  app.setAccessibilitySupportFeatures([])
-})
-```
+> Rendering accessibility tree can significantly affect the performance of your app. It should not be enabled by default.

 ### `app.showAboutPanel()`

--- a/docs/api/base-window.md
+++ b/docs/api/base-window.md
@@ -1262,16 +1262,15 @@ Sets the properties for the window's taskbar button.

 #### `win.setAccentColor(accentColor)` _Windows_

-* `accentColor` boolean | string | null - The accent color for the window. By default, follows user preference in System Settings. To reset to system default, pass `null`.
+* `accentColor` boolean | string - The accent color for the window. By default, follows user preference in System Settings.

 Sets the system accent color and highlighting of active window border.

 The `accentColor` parameter accepts the following values:

-* **Color string** - Like `true`, but sets a custom accent color using standard CSS color formats (Hex, RGB, RGBA, HSL, HSLA, or named colors). Alpha values in RGBA/HSLA formats are ignored and the color is treated as fully opaque.
-* **`true`** - Enable accent color highlighting for the window with the system accent color regardless of whether accent colors are enabled for windows in System `Settings.`
-* **`false`** - Disable accent color highlighting for the window regardless of whether accent colors are currently enabled for windows in System Settings.
-* **`null`** - Reset window accent color behavior to follow behavior set in System Settings.
+* **Color string** - Sets a custom accent color using standard CSS color formats (Hex, RGB, RGBA, HSL, HSLA, or named colors). Alpha values in RGBA/HSLA formats are ignored and the color is treated as fully opaque.
+* **`true`** - Uses the system's default accent color from user preferences in System Settings.
+* **`false`** - Explicitly disables accent color highlighting for the window.

 Examples:

@@ -1284,14 +1283,11 @@ win.setAccentColor('#ff0000')
 // RGB format (alpha ignored if present).
 win.setAccentColor('rgba(255,0,0,0.5)')

-// Enable accent color, using the color specified in System Settings.
+// Use system accent color.
 win.setAccentColor(true)

 // Disable accent color.
 win.setAccentColor(false)
-
-// Reset window accent color behavior to follow behavior set in System Settings.
-win.setAccentColor(null)
 ```

 #### `win.getAccentColor()` _Windows_
--- a/docs/api/browser-window.md
+++ b/docs/api/browser-window.md
@@ -140,10 +140,6 @@ state is `hidden` in order to minimize power consumption.
  move.
 * On Linux the type of modal windows will be changed to `dialog`.
 * On Linux many desktop environments do not support hiding a modal window.
-* On Wayland (Linux) it is generally not possible to programmatically resize windows
-  after creation, or to position, move, focus, or blur windows without user input.
-  If your app needs these capabilities, run it in Xwayland by appending the flag
-  `--ozone-platform=x11`.

 ## Class: BrowserWindow extends `BaseWindow`

@@ -660,15 +656,10 @@ the [close event](#event-close).

 Focuses on the window.

-On Wayland (Linux), the desktop environment may show a notification or flash
-the app icon if the window or app is not already focused.
-
 #### `win.blur()`

 Removes focus from the window.

-Not supported on Wayland (Linux).
-
 #### `win.isFocused()`

 Returns `boolean` - Whether the window is focused.
@@ -685,8 +676,6 @@ Shows and gives focus to the window.

 Shows the window but doesn't focus on it.

-Not supported on Wayland (Linux).
-
 #### `win.hide()`

 Hides the window.
@@ -835,8 +824,6 @@ Closes the currently open [Quick Look][quick-look] panel.

 Resizes and moves the window to the supplied bounds. Any properties that are not supplied will default to their current values.

-On Wayland (Linux), has the same limitations as `setSize` and `setPosition`.
-
 ```js
 const { BrowserWindow } = require('electron')

@@ -879,8 +866,6 @@ See [Setting `backgroundColor`](#setting-the-backgroundcolor-property).
 Resizes and moves the window's client area (e.g. the web page) to
 the supplied bounds.

-On Wayland (Linux), has the same limitations as `setContentSize` and `setPosition`.
-
 #### `win.getContentBounds()`

 Returns [`Rectangle`](structures/rectangle.md) - The `bounds` of the window's client area as `Object`.
@@ -910,8 +895,6 @@ Returns `boolean` - whether the window is enabled.

 Resizes the window to `width` and `height`. If `width` or `height` are below any set minimum size constraints the window will snap to its minimum size.

-On Wayland (Linux), may not work as some window managers restrict programmatic window resizing.
-
 #### `win.getSize()`

 Returns `Integer[]` - Contains the window's width and height.
@@ -924,8 +907,6 @@ Returns `Integer[]` - Contains the window's width and height.

 Resizes the window's client area (e.g. the web page) to `width` and `height`.

-On Wayland (Linux), may not work as some window managers restrict programmatic window resizing.
-
 #### `win.getContentSize()`

 Returns `Integer[]` - Contains the window's client area's width and height.
@@ -1063,16 +1044,12 @@ this method throws an error.

 #### `win.moveTop()`

-Moves window to top(z-order) regardless of focus.
-
-Not supported on Wayland (Linux).
+Moves window to top(z-order) regardless of focus

 #### `win.center()`

 Moves window to the center of the screen.

-Not supported on Wayland (Linux).
-
 #### `win.setPosition(x, y[, animate])`

 * `x` Integer
@@ -1081,8 +1058,6 @@ Not supported on Wayland (Linux).

 Moves window to `x` and `y`.

-Not supported on Wayland (Linux).
-
 #### `win.getPosition()`

 Returns `Integer[]` - Contains the window's current position.
@@ -1252,8 +1227,7 @@ Captures a snapshot of the page within `rect`. Omitting `rect` will capture the

 Returns `Promise<void>` - the promise will resolve when the page has finished loading
 (see [`did-finish-load`](web-contents.md#event-did-finish-load)), and rejects
-if the page fails to load (see
-[`did-fail-load`](web-contents.md#event-did-fail-load)). A noop rejection handler is already attached, which avoids unhandled rejection errors. If the existing page has a beforeUnload handler, [`did-fail-load`](web-contents.md#event-did-fail-load) will be called unless [`will-prevent-unload`](web-contents.md#event-did-fail-load) is handled.
+if the page fails to load (see [`did-fail-load`](web-contents.md#event-did-fail-load)).

 Same as [`webContents.loadURL(url[, options])`](web-contents.md#contentsloadurlurl-options).

@@ -1468,16 +1442,15 @@ Sets the properties for the window's taskbar button.

 #### `win.setAccentColor(accentColor)` _Windows_

-* `accentColor` boolean | string | null - The accent color for the window. By default, follows user preference in System Settings. To reset to system default, pass `null`.
+* `accentColor` boolean | string - The accent color for the window. By default, follows user preference in System Settings.

 Sets the system accent color and highlighting of active window border.

 The `accentColor` parameter accepts the following values:

-* **Color string** - Like `true`, but sets a custom accent color using standard CSS color formats (Hex, RGB, RGBA, HSL, HSLA, or named colors). Alpha values in RGBA/HSLA formats are ignored and the color is treated as fully opaque.
-* **`true`** - Enable accent color highlighting for the window with the system accent color regardless of whether accent colors are enabled for windows in System `Settings.`
-* **`false`** - Disable accent color highlighting for the window regardless of whether accent colors are currently enabled for windows in System Settings.
-* **`null`** - Reset window accent color behavior to follow behavior set in System Settings.
+* **Color string** - Sets a custom accent color using standard CSS color formats (Hex, RGB, RGBA, HSL, HSLA, or named colors). Alpha values in RGBA/HSLA formats are ignored and the color is treated as fully opaque.
+* **`true`** - Uses the system's default accent color from user preferences in System Settings.
+* **`false`** - Explicitly disables accent color highlighting for the window.

 Examples:

@@ -1490,14 +1463,11 @@ win.setAccentColor('#ff0000')
 // RGB format (alpha ignored if present).
 win.setAccentColor('rgba(255,0,0,0.5)')

-// Enable accent color, using the color specified in System Settings.
+// Use system accent color.
 win.setAccentColor(true)

 // Disable accent color.
 win.setAccentColor(false)
-
-// Reset window accent color behavior to follow behavior set in System Settings.
-win.setAccentColor(null)
 ```

 #### `win.getAccentColor()` _Windows_
--- a/docs/api/client-request.md
+++ b/docs/api/client-request.md
@@ -25,11 +25,6 @@ following properties:
    with which the request is associated. Defaults to the empty string. The
    `session` option supersedes `partition`. Thus if a `session` is explicitly
    specified, `partition` is ignored.
-  * `bypassCustomProtocolHandlers` boolean (optional) - When set to `true`,
-    custom protocol handlers registered for the request's URL scheme will not be
-    called. This allows forwarding an intercepted request to the built-in
-    handler. [webRequest](web-request.md) handlers will still be triggered
-    when bypassing custom protocols. Defaults to `false`.
  * `credentials` string (optional) - Can be `include`, `omit` or
    `same-origin`. Whether to send
    [credentials](https://fetch.spec.whatwg.org/#credentials) with this
--- a/docs/api/clipboard.md
+++ b/docs/api/clipboard.md
@@ -2,13 +2,10 @@

 > Perform copy and paste operations on the system clipboard.

-Process: [Main](../glossary.md#main-process), [Renderer](../glossary.md#renderer-process) _Deprecated_ (non-sandboxed only)
-
-> [!NOTE]
-> Using the `clipoard` API from the renderer process is deprecated.
+Process: [Main](../glossary.md#main-process), [Renderer](../glossary.md#renderer-process) (non-sandboxed only)

 > [!IMPORTANT]
-> If you want to call this API from a renderer process,
+> If you want to call this API from a renderer process with context isolation enabled,
 > place the API call in your preload script and
 > [expose](../tutorial/context-isolation.md#after-context-isolation-enabled) it using the
 > [`contextBridge`](context-bridge.md) API.
--- a/docs/api/command-line-switches.md
+++ b/docs/api/command-line-switches.md
@@ -49,10 +49,6 @@ Disables the disk cache for HTTP requests.

 Disable HTTP/2 and SPDY/3.1 protocols.

-### --disable-geolocation _macOS_
-
-Disables the Geolocation API. Permission requests for geolocation will be denied internally regardless of the decision made by a handler set via `session.setPermissionRequestHandler`. This functionality is currently implemented only for macOS. Has no effect on other platforms.
-
 ### --disable-renderer-backgrounding

 Prevents Chromium from lowering the priority of invisible pages' renderer
@@ -317,7 +313,7 @@ By default inspector websocket url is available in stderr and under /json/list e

 ### `--experimental-network-inspection`

-Enable support for DevTools network inspector events, for visibility into requests made by the nodejs `http` and `https` modules.
+Enable support for devtools network inspector events, for visibility into requests made by the nodejs `http` and `https` modules.

 ### `--no-deprecation`

--- a/docs/api/debugger.md
+++ b/docs/api/debugger.md
@@ -44,7 +44,7 @@ Returns:
 * `reason` string - Reason for detaching debugger.

 Emitted when the debugging session is terminated. This happens either when
-`webContents` is closed or DevTools is invoked for the attached `webContents`.
+`webContents` is closed or devtools is invoked for the attached `webContents`.

 #### Event: 'message'

--- a/docs/api/desktop-capturer.md
+++ b/docs/api/desktop-capturer.md
@@ -102,10 +102,6 @@ Returns `Promise<DesktopCapturerSource[]>` - Resolves with an array of [`Desktop

 ## Caveats

-`desktopCapturer.getSources(options)` only returns a single source on Linux when using Pipewire.
-
-PipeWire supports a single capture for both screens and windows. If you request the window and screen type, the selected source will be returned as a window capture.
-
 `navigator.mediaDevices.getUserMedia` does not work on macOS for audio capture due to a fundamental limitation whereby apps that want to access the system's audio require a [signed kernel extension](https://developer.apple.com/library/archive/documentation/Security/Conceptual/System_Integrity_Protection_Guide/KernelExtensions/KernelExtensions.html). Chromium, and by extension Electron, does not provide this.

 It is possible to circumvent this limitation by capturing system audio with another macOS app like Soundflower and passing it through a virtual audio input device. This virtual device can then be queried with `navigator.mediaDevices.getUserMedia`.
--- a/docs/api/environment-variables.md
+++ b/docs/api/environment-variables.md
@@ -187,13 +187,13 @@ the one downloaded by `npm install`. Usage:
 export ELECTRON_OVERRIDE_DIST_PATH=/Users/username/projects/electron/out/Testing
 ```

-### `ELECTRON_SKIP_BINARY_DOWNLOAD`
+## Set By Electron

-If you want to install your project's dependencies but don't need to use Electron functionality,
-you can set the `ELECTRON_SKIP_BINARY_DOWNLOAD` environment variable to prevent the binary from being
-downloaded. For instance, this feature can be useful in continuous integration environments when
-running unit tests that mock out the `electron` module.
+Electron sets some variables in your environment at runtime.

-```sh
-ELECTRON_SKIP_BINARY_DOWNLOAD=1 npm install
-```
+### `ORIGINAL_XDG_CURRENT_DESKTOP`
+
+This variable is set to the value of `XDG_CURRENT_DESKTOP` that your application
+originally launched with.  Electron sometimes modifies the value of `XDG_CURRENT_DESKTOP`
+to affect other logic within Chromium so if you want access to the _original_ value
+you should look up this environment variable instead.
--- a/docs/api/extensions-api.md
+++ b/docs/api/extensions-api.md
@@ -57,7 +57,7 @@ The following methods are available on instances of `Extensions`:
 * `options` Object (optional)
  * `allowFileAccess` boolean - Whether to allow the extension to read local files over `file://`
    protocol and inject content scripts into `file://` pages. This is required e.g. for loading
-    DevTools extensions on `file://` URLs. Defaults to false.
+    devtools extensions on `file://` URLs. Defaults to false.

 Returns `Promise<Extension>` - resolves when the extension is loaded.

@@ -83,7 +83,7 @@ const path = require('node:path')
 app.whenReady().then(async () => {
  await session.defaultSession.extensions.loadExtension(
    path.join(__dirname, 'react-devtools'),
-    // allowFileAccess is required to load the DevTools extension on file:// URLs.
+    // allowFileAccess is required to load the devtools extension on file:// URLs.
    { allowFileAccess: true }
  )
  // Note that in order to use the React DevTools extension, you'll need to
--- a/docs/api/menu-item.md
+++ b/docs/api/menu-item.md
@@ -34,8 +34,7 @@ See [`Menu`](menu.md) for examples.
  * `sublabel` string (optional) _macOS_ - Available in macOS >= 14.4
  * `toolTip` string (optional) _macOS_ - Hover text for this menu item.
  * `accelerator` string (optional) - An [Accelerator](../tutorial/keyboard-shortcuts.md#accelerators) string.
-  * `icon` ([NativeImage](native-image.md) | string) (optional) - Can be a
-    [NativeImage](native-image.md) or the file path of an icon.
+  * `icon` ([NativeImage](native-image.md) | string) (optional)
  * `enabled` boolean (optional) - If false, the menu item will be greyed out and
    unclickable.
  * `acceleratorWorksWhenHidden` boolean (optional) _macOS_ - default is `true`, and when `false` will prevent the accelerator from triggering the item if the item is not visible.
--- a/docs/api/menu.md
+++ b/docs/api/menu.md
@@ -2,15 +2,10 @@

 ## Class: Menu

-> Create application menus and context menus.
+> Create native application menus and context menus.

 Process: [Main](../glossary.md#main-process)

-The presentation of menus varies depending on the operating system:
-
- Under Windows and Linux, menus are visually similar to Chromium.
- Under macOS, these will be native menus.
-
 > [!TIP]
 > See also: [A detailed guide about how to implement menus in your application](../tutorial/menus.md).

--- a/docs/api/native-image.md
+++ b/docs/api/native-image.md
@@ -202,7 +202,8 @@ Creates a new `NativeImage` instance from `dataUrl`, a base 64 encoded [Data URL
 Returns `NativeImage`

 Creates a new `NativeImage` instance from the `NSImage` that maps to the
-given image name. See Apple's [`NSImageName`](https://developer.apple.com/documentation/appkit/nsimagename#2901388) documentation and [SF Symbols](https://developer.apple.com/sf-symbols/) for a list of possible values.
+given image name. See Apple's [`NSImageName`](https://developer.apple.com/documentation/appkit/nsimagename#2901388)
+documentation for a list of possible values.

 The `hslShift` is applied to the image with the following rules:

@@ -230,15 +231,6 @@ echo -e '#import <Cocoa/Cocoa.h>\nint main() { NSLog(@"%@", SYSTEM_IMAGE_NAME);

 where `SYSTEM_IMAGE_NAME` should be replaced with any value from [this list](https://developer.apple.com/documentation/appkit/nsimagename?language=objc).

-For SF Symbols, usage looks as follows:
-
-```js
-const image = nativeImage.createFromNamedImage('square.and.pencil')
-```
-
-where `'square.and.pencil'` is the symbol name from the
-[SF Symbols app](https://developer.apple.com/sf-symbols/).
-
 ## Class: NativeImage

 > Natively wrap images such as tray, dock, and application icons.
--- a/docs/api/native-theme.md
+++ b/docs/api/native-theme.md
@@ -36,7 +36,7 @@ everything will be reset to the OS default.  By default `themeSource` is `system
 Settings this property to `dark` will have the following effects:

 * `nativeTheme.shouldUseDarkColors` will be `true` when accessed
-* Any UI Electron renders on Linux and Windows including context menus, DevTools, etc. will use the dark UI.
+* Any UI Electron renders on Linux and Windows including context menus, devtools, etc. will use the dark UI.
 * Any UI the OS renders on macOS including menus, window frames, etc. will use the dark UI.
 * The [`prefers-color-scheme`](https://developer.mozilla.org/en-US/docs/Web/CSS/@media/prefers-color-scheme) CSS query will match `dark` mode.
 * The `updated` event will be emitted
@@ -44,7 +44,7 @@ Settings this property to `dark` will have the following effects:
 Settings this property to `light` will have the following effects:

 * `nativeTheme.shouldUseDarkColors` will be `false` when accessed
-* Any UI Electron renders on Linux and Windows including context menus, DevTools, etc. will use the light UI.
+* Any UI Electron renders on Linux and Windows including context menus, devtools, etc. will use the light UI.
 * Any UI the OS renders on macOS including menus, window frames, etc. will use the light UI.
 * The [`prefers-color-scheme`](https://developer.mozilla.org/en-US/docs/Web/CSS/@media/prefers-color-scheme) CSS query will match `light` mode.
 * The `updated` event will be emitted
--- a/docs/api/session.md
+++ b/docs/api/session.md
@@ -66,7 +66,7 @@ The `session` module has the following properties:

 ### `session.defaultSession`

-A `Session` object, the default session object of the app, available after `app.whenReady` is called.
+A `Session` object, the default session object of the app.

 ## Class: Session

@@ -1512,7 +1512,7 @@ will not work on non-persistent (in-memory) sessions.
 * `options` Object (optional)
  * `allowFileAccess` boolean - Whether to allow the extension to read local files over `file://`
    protocol and inject content scripts into `file://` pages. This is required e.g. for loading
-    DevTools extensions on `file://` URLs. Defaults to false.
+    devtools extensions on `file://` URLs. Defaults to false.

 Returns `Promise<Extension>` - resolves when the extension is loaded.

@@ -1538,7 +1538,7 @@ const path = require('node:path')
 app.whenReady().then(async () => {
  await session.defaultSession.loadExtension(
    path.join(__dirname, 'react-devtools'),
-    // allowFileAccess is required to load the DevTools extension on file:// URLs.
+    // allowFileAccess is required to load the devtools extension on file:// URLs.
    { allowFileAccess: true }
  )
  // Note that in order to use the React DevTools extension, you'll need to
--- a/docs/api/shared-texture.md
+++ b/docs/api/shared-texture.md
@@ -1,58 +0,0 @@
-# sharedTexture
-
-> Import shared textures into Electron and converts platform specific handles into [`VideoFrame`](https://developer.mozilla.org/en-US/docs/Web/API/VideoFrame). Supports all Web rendering systems, and can be transferred across Electron processes. Read [here](https://github.com/electron/electron/blob/main/shell/common/api/shared_texture/README.md) for more information.
-
-Process: [Main](../glossary.md#main-process), [Renderer](../glossary.md#renderer-process)
-
-## Methods
-
-The `sharedTexture` module has the following methods:
-
-**Note:** Experimental APIs are marked as such and could be removed in the future.
-
-### `sharedTexture.importSharedTexture(options)` _Experimental_
-
-* `options` Object - Options for importing shared textures.
-  * `textureInfo` [SharedTextureImportTextureInfo](structures/shared-texture-import-texture-info.md) - The information of the shared texture to import.
-  * `allReferencesReleased` Function (optional) - Called when all references in all processes are released. You should keep the imported texture valid until this callback is called.
-
-Imports the shared texture from the given options.
-
-> [!NOTE]
-> This method is only available in the main process.
-
-Returns `SharedTextureImported` - The imported shared texture.
-
-### `sharedTexture.sendSharedTexture(options, ...args)` _Experimental_
-
-* `options` Object - Options for sending shared texture.
-  * `frame` [WebFrameMain](web-frame-main.md) - The target frame to transfer the shared texture to. For `WebContents`, you can pass `webContents.mainFrame`. If you provide a `webFrameMain` that is not a main frame, you'll need to enable `webPreferences.nodeIntegrationInSubFrames` for this, since this feature requires [IPC](https://www.electronjs.org/docs/latest/api/web-frame-main#frameipc-readonly) between main and the frame.
-  * `importedSharedTexture` [SharedTextureImported](structures/shared-texture-imported.md) - The imported shared texture.
-* `...args` any[] - Additional arguments to pass to the renderer process.
-
-Send the imported shared texture to a renderer process. You must register a receiver at renderer process before calling this method. This method has a 1000ms timeout. Ensure the receiver is set and the renderer process is alive before calling this method.
-
-> [!NOTE]
-> This method is only available in the main process.
-
-Returns `Promise<void>` - Resolves when the transfer is complete.
-
-### `sharedTexture.setSharedTextureReceiver(callback)` _Experimental_
-
-* `callback` Function\<Promise\<void\>\> - The function to receive the imported shared texture.
-  * `receivedSharedTextureData` Object - The data received from the main process.
-    * `importedSharedTexture` [SharedTextureImported](structures/shared-texture-imported.md) - The imported shared texture.
-  * `...args` any[] - Additional arguments passed from the main process.
-
-Set a callback to receive imported shared textures from the main process.
-
-> [!NOTE]
-> This method is only available in the renderer process.
-
-## Properties
-
-The `sharedTexture` module has the following properties:
-
-### `sharedTexture.subtle` _Experimental_
-
-A [`SharedTextureSubtle`](structures/shared-texture-subtle.md) property, provides subtle APIs for interacting with shared texture for advanced users.
--- a/docs/api/structures/base-window-options.md
+++ b/docs/api/structures/base-window-options.md
@@ -72,9 +72,6 @@
  some GTK+3 desktop environments. Default is `false`.
 * `transparent` boolean (optional) - Makes the window [transparent](../../tutorial/custom-window-styles.md#transparent-windows).
  Default is `false`. On Windows, does not work unless the window is frameless.
-  When you add a [`View`](../view.md) to a `BaseWindow`, you'll need to call
-  [`view.setBackgroundColor`](../view.md#viewsetbackgroundcolorcolor) with a transparent
-  background color on that view to make its background transparent as well.
 * `type` string (optional) - The type of window, default is normal window. See more about
  this below.
 * `visualEffectState` string (optional) _macOS_ - Specify how the material
@@ -102,13 +99,12 @@
 * `trafficLightPosition` [Point](point.md) (optional) _macOS_ -
  Set a custom position for the traffic light buttons in frameless windows.
 * `roundedCorners` boolean (optional) _macOS_ _Windows_ - Whether frameless window
-  should have rounded corners. Default is `true`. On Windows versions older than
-  Windows 11 Build 22000 this property has no effect, and frameless windows will
-  not have rounded corners.
-* `thickFrame` boolean (optional) _Windows_ - Use `WS_THICKFRAME` style for
-  frameless windows on Windows, which adds the standard window frame. Setting it
-  to `false` will remove window shadow and window animations, and disable window
-  resizing via dragging the window edges. Default is `true`.
+  should have rounded corners. Default is `true`. Setting this property
+  to `false` will prevent the window from being fullscreenable on macOS.
+  On Windows versions older than Windows 11 Build 22000 this property has no effect, and frameless windows will not have rounded corners.
+* `thickFrame` boolean (optional) - Use `WS_THICKFRAME` style for frameless windows on
+  Windows, which adds standard window frame. Setting it to `false` will remove
+  window shadow and window animations. Default is `true`.
 * `vibrancy` string (optional) _macOS_ - Add a type of vibrancy effect to
  the window, only on macOS. Can be `appearance-based`, `titlebar`, `selection`,
  `menu`, `popover`, `sidebar`, `header`, `sheet`, `window`, `hud`, `fullscreen-ui`,
--- a/docs/api/structures/render-process-gone-details.md
+++ b/docs/api/structures/render-process-gone-details.md
@@ -8,7 +8,6 @@
  * `oom` - Process ran out of memory
  * `launch-failed` - Process never successfully launched
  * `integrity-failure` - Windows code integrity checks failed
-  * `memory-eviction` - Process proactively terminated to prevent a future out-of-memory (OOM) situation
 * `exitCode` Integer - The exit code of the process, unless `reason` is
  `launch-failed`, in which case `exitCode` will be a platform-specific
  launch failure error code.
--- a/docs/api/structures/shared-texture-import-texture-info.md
+++ b/docs/api/structures/shared-texture-import-texture-info.md
@@ -1,12 +0,0 @@
-# SharedTextureImportTextureInfo Object
-
-* `pixelFormat` string - The pixel format of the texture.
-  * `bgra` - 32bpp BGRA (byte-order), 1 plane.
-  * `rgba` - 32bpp RGBA (byte-order), 1 plane.
-  * `rgbaf16` - Half float RGBA, 1 plane.
-  * `nv12` - 12bpp with Y plane followed by a 2x2 interleaved UV plane.
-* `colorSpace` [ColorSpace](color-space.md) (optional) - The color space of the texture.
-* `codedSize` [Size](size.md) - The full dimensions of the shared texture.
-* `visibleRect` [Rectangle](rectangle.md) (optional) - A subsection of [0, 0, codedSize.width, codedSize.height]. In common cases, it is the full section area.
-* `timestamp` number (optional) - A timestamp in microseconds that will be reflected to `VideoFrame`.
-* `handle` [SharedTextureHandle](shared-texture-handle.md) - The shared texture handle.
--- a/docs/api/structures/shared-texture-imported-subtle.md
+++ b/docs/api/structures/shared-texture-imported-subtle.md
@@ -1,9 +0,0 @@
-# SharedTextureImportedSubtle Object
-
-* `getVideoFrame` Function\<[VideoFrame](https://developer.mozilla.org/en-US/docs/Web/API/VideoFrame)\> - Create a `VideoFrame` that uses the imported shared texture in the current process. You can call `VideoFrame.close()` once you've finished using the object. The underlying resources will wait for GPU finish internally.
-* `release` Function - Release the resources. If you transferred and get multiple `SharedTextureImported` objects, you have to `release` every one of them. The resource on the GPU process will be destroyed when the last one is released.
-  * `callback` Function (optional) - Callback when the GPU command buffer finishes using this shared texture. It provides a precise event to safely release dependent resources. For example, if this object is created by `finishTransferSharedTexture`, you can use this callback to safely release the original one that called `startTransferSharedTexture` in other processes. You can also release the source shared texture that was used to `importSharedTexture` safely.
-* `startTransferSharedTexture` Function\<[SharedTextureTransfer](shared-texture-transfer.md)\> - Create a `SharedTextureTransfer` that can be serialized and transferred to other processes.
-* `getFrameCreationSyncToken` Function\<[SharedTextureSyncToken](shared-texture-sync-token.md)\> - This method is for advanced users. If used, it is typically called after `finishTransferSharedTexture`, and should be passed to the object which was called `startTransferSharedTexture` to prevent the source object release the underlying resource before the target object actually acquire the reference at gpu process asyncly.
-* `setReleaseSyncToken` Function - This method is for advanced users. If used, this object's underlying resource will not be released until the set sync token is fulfilled at gpu process. By using sync tokens, users are not required to use release callbacks for lifetime management.
-  * `syncToken` [SharedTextureSyncToken](shared-texture-sync-token.md) - The sync token to set.
--- a/docs/api/structures/shared-texture-imported.md
+++ b/docs/api/structures/shared-texture-imported.md
@@ -1,6 +0,0 @@
-# SharedTextureImported Object
-
-* `textureId` string - The unique identifier of the imported shared texture.
-* `getVideoFrame` Function\<[VideoFrame](https://developer.mozilla.org/en-US/docs/Web/API/VideoFrame)\> - Create a `VideoFrame` that uses the imported shared texture in the current process. You can call `VideoFrame.close()` once you've finished using the object. The underlying resources will wait for GPU finish internally.
-* `release` Function - Release this object's reference of the imported shared texture. The underlying resource will be alive until every reference is released.
-* `subtle` [SharedTextureImportedSubtle](shared-texture-imported-subtle.md) - Provides subtle APIs to interact with the imported shared texture for advanced users.
--- a/docs/api/structures/shared-texture-subtle.md
+++ b/docs/api/structures/shared-texture-subtle.md
@@ -1,6 +0,0 @@
-# SharedTextureSubtle Object
-
-* `importSharedTexture` Function\<[SharedTextureImportedSubtle](shared-texture-imported-subtle.md)\> - Imports the shared texture from the given options. Returns the imported shared texture.
-  * `textureInfo` [SharedTextureImportTextureInfo](shared-texture-import-texture-info.md) - The information of shared texture to import.
-* `finishTransferSharedTexture` Function\<[SharedTextureImportedSubtle](shared-texture-imported-subtle.md)\> - Finishes the transfer of the shared texture and gets the transferred shared texture. Returns the imported shared texture from the transfer object.
-  * `transfer` [SharedTextureTransfer](shared-texture-transfer.md) - The transfer object of the shared texture.
--- a/docs/api/structures/shared-texture-sync-token.md
+++ b/docs/api/structures/shared-texture-sync-token.md
@@ -1,3 +0,0 @@
-# SharedTextureSyncToken Object
-
-* `syncToken` string - The opaque data for sync token.
--- a/docs/api/structures/shared-texture-transfer.md
+++ b/docs/api/structures/shared-texture-transfer.md
@@ -1,10 +0,0 @@
-# SharedTextureTransfer Object
-
-* `transfer` string _Readonly_ - The opaque transfer data of the shared texture. This can be transferred across Electron processes.
-* `syncToken` string _Readonly_ - The opaque sync token data for frame creation.
-* `pixelFormat` string _Readonly_ - The pixel format of the transferring texture.
-* `codedSize` [Size](size.md) _Readonly_ - The full dimensions of the shared texture.
-* `visibleRect` [Rectangle](rectangle.md) _Readonly_ - A subsection of [0, 0, codedSize.width(), codedSize.height()]. In common cases, it is the full section area.
-* `timestamp` number _Readonly_ - A timestamp in microseconds that will be reflected to `VideoFrame`.
-
-Use `sharedTexture.subtle.finishTransferSharedTexture` to get [`SharedTextureImportedSubtle`](shared-texture-imported-subtle.md) back.
--- a/docs/api/structures/web-preferences.md
+++ b/docs/api/structures/web-preferences.md
@@ -21,9 +21,7 @@
  associated with the window, making it compatible with the Chromium
  OS-level sandbox and disabling the Node.js engine. This is not the same as
  the `nodeIntegration` option and the APIs available to the preload script
-  are more limited. Default is `true` since Electron 20. The sandbox will
-  automatically be disabled when `nodeIntegration` is set to `true`.
-  Read more about the option [here](../../tutorial/sandbox.md).
+  are more limited. Read more about the option [here](../../tutorial/sandbox.md).
 * `session` [Session](../session.md#class-session) (optional) - Sets the session used by the
  page. Instead of passing the Session object directly, you can also choose to
  use the `partition` option instead, which accepts a partition string. When
--- a/docs/api/system-preferences.md
+++ b/docs/api/system-preferences.md
@@ -14,7 +14,7 @@ console.log(systemPreferences.getEffectiveAppearance())

 The `systemPreferences` object emits the following events:

-### Event: 'accent-color-changed' _Windows_ _Linux_
+### Event: 'accent-color-changed' _Windows_

 Returns:

@@ -182,7 +182,7 @@ Some popular `key` and `type`s are:
 Removes the `key` in `NSUserDefaults`. This can be used to restore the default
 or global value of a `key` previously set with `setUserDefault`.

-### `systemPreferences.getAccentColor()`
+### `systemPreferences.getAccentColor()` _Windows_ _macOS_

 Returns `string` - The users current system wide accent color preference in RGBA
 hexadecimal form.
--- a/docs/api/web-contents.md
+++ b/docs/api/web-contents.md
@@ -62,7 +62,7 @@ console.log(webContents)
 ### `webContents.getAllWebContents()`

 Returns `WebContents[]` - An array of all `WebContents` instances. This will contain web contents
-for all windows, webviews, opened DevTools, and DevTools extension background pages.
+for all windows, webviews, opened devtools, and devtools extension background pages.

 ### `webContents.getFocusedWebContents()`

@@ -958,7 +958,7 @@ win.loadURL('https://github.com')

 #### Event: 'devtools-reload-page'

-Emitted when the DevTools window instructs the webContents to reload
+Emitted when the devtools window instructs the webContents to reload

 #### Event: 'will-attach-webview'

@@ -1079,7 +1079,7 @@ Emitted when the [mainFrame](web-contents.md#contentsmainframe-readonly), an `<i
 Returns `Promise<void>` - the promise will resolve when the page has finished loading
 (see [`did-finish-load`](web-contents.md#event-did-finish-load)), and rejects
 if the page fails to load (see
-[`did-fail-load`](web-contents.md#event-did-fail-load)). A noop rejection handler is already attached, which avoids unhandled rejection errors. If the existing page has a beforeUnload handler, [`did-fail-load`](web-contents.md#event-did-fail-load) will be called unless [`will-prevent-unload`](web-contents.md#event-did-fail-load) is handled.
+[`did-fail-load`](web-contents.md#event-did-fail-load)). A noop rejection handler is already attached, which avoids unhandled rejection errors.

 Loads the `url` in the window. The `url` must contain the protocol prefix,
 e.g. the `http://` or `file://`. If the load should bypass http cache then
@@ -1865,20 +1865,66 @@ Removes the specified path from DevTools workspace.

 * `devToolsWebContents` WebContents

-Uses the `devToolsWebContents` as the target `WebContents` to show DevTools.
+Uses the `devToolsWebContents` as the target `WebContents` to show devtools.

 The `devToolsWebContents` must not have done any navigation, and it should not
 be used for other purposes after the call.

-By default, Electron manages the DevTools by creating an internal `WebContents`
+By default Electron manages the devtools by creating an internal `WebContents`
 with native view, which developers have very limited control of. With the
 `setDevToolsWebContents` method, developers can use any `WebContents` to show
-the DevTools in it, such as [`BrowserWindow`](./browser-window.md) or [`WebContentsView`](./web-contents-view.md).
+the devtools in it, including `BrowserWindow`, `BrowserView` and `<webview>`
+tag.

-Note that closing the DevTools does not destroy the `devToolsWebContents`, it
-is the caller's responsibility to destroy `devToolsWebContents` manually.
+Note that closing the devtools does not destroy the `devToolsWebContents`, it
+is caller's responsibility to destroy `devToolsWebContents`.

-An example of showing DevTools in a `BrowserWindow`:
+An example of showing devtools in a `<webview>` tag:
+
+```html
+<html>
+<head>
+  <style type="text/css">
+    * { margin: 0; }
+    #browser { height: 70%; }
+    #devtools { height: 30%; }
+  </style>
+</head>
+<body>
+  <webview id="browser" src="https://github.com"></webview>
+  <webview id="devtools" src="about:blank"></webview>
+  <script>
+    const { ipcRenderer } = require('electron')
+    const emittedOnce = (element, eventName) => new Promise(resolve => {
+      element.addEventListener(eventName, event => resolve(event), { once: true })
+    })
+    const browserView = document.getElementById('browser')
+    const devtoolsView = document.getElementById('devtools')
+    const browserReady = emittedOnce(browserView, 'dom-ready')
+    const devtoolsReady = emittedOnce(devtoolsView, 'dom-ready')
+    Promise.all([browserReady, devtoolsReady]).then(() => {
+      const targetId = browserView.getWebContentsId()
+      const devtoolsId = devtoolsView.getWebContentsId()
+      ipcRenderer.send('open-devtools', targetId, devtoolsId)
+    })
+  </script>
+</body>
+</html>
+```
+
+```js
+// Main process
+const { ipcMain, webContents } = require('electron')
+
+ipcMain.on('open-devtools', (event, targetContentsId, devtoolsContentsId) => {
+  const target = webContents.fromId(targetContentsId)
+  const devtools = webContents.fromId(devtoolsContentsId)
+  target.setDevToolsWebContents(devtools)
+  target.openDevTools()
+})
+```
+
+An example of showing devtools in a `BrowserWindow`:

 ```js title='main.js'
 const { app, BrowserWindow } = require('electron')
@@ -1898,31 +1944,31 @@ app.whenReady().then(() => {
 #### `contents.openDevTools([options])`

 * `options` Object (optional)
-  * `mode` string - Opens the DevTools with specified dock state, can be
+  * `mode` string - Opens the devtools with specified dock state, can be
    `left`, `right`, `bottom`, `undocked`, `detach`. Defaults to last used dock state.
    In `undocked` mode it's possible to dock back. In `detach` mode it's not.
-  * `activate` boolean (optional) - Whether to bring the opened DevTools window
+  * `activate` boolean (optional) - Whether to bring the opened devtools window
    to the foreground. The default is `true`.
  * `title` string (optional) - A title for the DevTools window (only in `undocked` or `detach` mode).

-Opens the DevTools.
+Opens the devtools.

 When `contents` is a `<webview>` tag, the `mode` would be `detach` by default,
 explicitly passing an empty `mode` can force using last used dock state.

-On Windows, if Windows Control Overlay is enabled, DevTools will be opened with `mode: 'detach'`.
+On Windows, if Windows Control Overlay is enabled, Devtools will be opened with `mode: 'detach'`.

 #### `contents.closeDevTools()`

-Closes the DevTools view.
+Closes the devtools.

 #### `contents.isDevToolsOpened()`

-Returns `boolean` - Whether the DevTools view is opened.
+Returns `boolean` - Whether the devtools is opened.

 #### `contents.isDevToolsFocused()`

-Returns `boolean` - Whether the DevTools view is focused .
+Returns `boolean` - Whether the devtools view is focused .

 #### `contents.getDevToolsTitle()`

--- a/docs/api/web-frame.md
+++ b/docs/api/web-frame.md
@@ -197,7 +197,7 @@ dispatch errors of isolated worlds to foreign worlds.
 * `info` Object
  * `securityOrigin` string (optional) - Security origin for the isolated world.
  * `csp` string (optional) - Content Security Policy for the isolated world.
-  * `name` string (optional) - Name for isolated world. Useful in DevTools.
+  * `name` string (optional) - Name for isolated world. Useful in devtools.

 Set the security origin, content security policy and name of the isolated world.

--- a/docs/breaking-changes.md
+++ b/docs/breaking-changes.md
@@ -12,27 +12,6 @@ This document uses the following convention to categorize breaking changes:
 * **Deprecated:** An API was marked as deprecated. The API will continue to function, but will emit a deprecation warning, and will be removed in a future release.
 * **Removed:** An API or feature was removed, and is no longer supported by Electron.

-## Planned Breaking API Changes (41.0)
-
-### Behavior Changed: PDFs no longer create a separate WebContents
-
-Previously, PDF resources created a separate guest [WebContents](https://www.electronjs.org/docs/latest/api/web-contents) for rendering. Now, PDFs are rendered within the same WebContents instead. If you have code to detect PDF resources, use the [frame tree](https://www.electronjs.org/docs/latest/api/web-frame-main) instead of WebContents.
-
-Under the hood, Chromium [enabled](https://chromium-review.googlesource.com/c/chromium/src/+/7239572) a feature that changes PDFs to use out-of-process iframes (OOPIFs) instead of the `MimeHandlerViewGuest` extension.
-
-## Planned Breaking API Changes (40.0)
-
-### Deprecated: `clipboard` API access from renderer processes
-
-Using the `clipboard` API directly in the renderer process is deprecated.
-If you want to call this API from a renderer process, place the API call in
-your preload script and expose it using the [contextBridge](https://www.electronjs.org/docs/latest/api/context-bridge) API.
-
-### Behavior Changed: MacOS dSYM files now compressed with tar.xz
-
-Debug symbols for MacOS (dSYM) now use xz compression in order to handle larger file sizes. `dsym.zip` files are now
-`dsym.tar.xz` files. End users using debug symbols may need to update their zip utilities.
-
 ## Planned Breaking API Changes (39.0)

 ### Deprecated: `--host-rules` command line switch
@@ -62,21 +41,15 @@ webContents.setWindowOpenHandler((details) => {

 When using shared texture offscreen rendering feature, the `paint` event now emits a more structured object.
 It moves the `sharedTextureHandle`, `planes`, `modifier` into a unified `handle` property.
-See the [OffscreenSharedTexture](./api/structures/offscreen-shared-texture.md) API structure for more details.
+See [here](https://www.electronjs.org/docs/latest/api/structures/offscreen-shared-texture) for more details.

 ## Planned Breaking API Changes (38.0)

 ### Removed: `ELECTRON_OZONE_PLATFORM_HINT` environment variable

-The default value of the `--ozone-platform` flag [changed to `auto`](https://chromium-review.googlesource.com/c/chromium/src/+/6775426).
+The default value of the `--ozone-plaftform` flag [changed to `auto`](https://chromium-review.googlesource.com/c/chromium/src/+/6775426).

-Electron now defaults to running as a native Wayland app when launched in a Wayland session (when `XDG_SESSION_TYPE=wayland`).
-Users can force XWayland by passing `--ozone-platform=x11`.
-
-### Removed: `ORIGINAL_XDG_CURRENT_DESKTOP` environment variable
-
-Previously, Electron changed the value of `XDG_CURRENT_DESKTOP` internally to `Unity`, and stored the original name of the desktop session
-in a separate variable. `XDG_CURRENT_DESKTOP` is no longer overriden and now reflects the actual desktop environment.
+You should use the `XDG_SESSION_TYPE=wayland` environment variable instead to use Wayland.

 ### Removed: macOS 11 support

--- a/docs/development/build-instructions-gn.md
+++ b/docs/development/build-instructions-gn.md
@@ -6,104 +6,30 @@ Follow the guidelines below for building **Electron itself**, for the purposes o

 ## Platform prerequisites

-Check the build prerequisites for your platform before proceeding:
+Check the build prerequisites for your platform before proceeding

 * [macOS](build-instructions-macos.md#prerequisites)
 * [Linux](build-instructions-linux.md#prerequisites)
 * [Windows](build-instructions-windows.md#prerequisites)

-## Setting up `@electron/build-tools` (recommended)
+## Build Tools

-[Electron Build Tools](https://github.com/electron/build-tools) automate much of the setup for
-compiling Electron from source with different configurations and build targets.
-Most of the [manual setup](#manual-setup-advanced) instructions can be replaced by simpler Build Tools commands.
-
-> [!TIP]
-> Build Tools also gives you access to [remote execution and caching of build actions](./reclient.md),
-> which will dramatically improve build times.
-
-Electron Build Tools can be installed globally from npm:
-
-```sh
-npm install -g @electron/build-tools
-```
-
-Once installed, the `e` command should be globally available in your command line. The `e init`
-command bootstraps a local checkout of Electron:
-
-```sh
-# The 'Hello, World!' of build-tools: get and build `main`
-# Choose the directory where Electron's source and build files will reside.
-# You can specify any path you like; this command defaults to `$PWD/electron`.
-# If you're going to use multiple branches, you may want something like:
-# `--root=~/electron/branch` (e.g. `~/electron-gn/main`)
-e init --root=~/electron --bootstrap testing
-```
-
-The `--bootstrap` flag also runs `e sync` (synchronizes source code branches from
-[`DEPS`](https://github.com/electron/electron/blob/main/DEPS) using
-[`gclient`](https://chromium.googlesource.com/chromium/tools/depot_tools.git/+/HEAD/README.gclient.md))
-and `e build` (compiles the Electron binary into the `${root}/src/out` folder).
-
-> [!IMPORTANT]
->
-> Sometime after the initial `e sync` phase, you will be asked to run `e d rbe login` to auth into
-> remote build execution and proceed into the build. This may take about 20-30 minutes!
-
-Once the build is done compiling, you can test it by running `e start` (or by loading it into
-[Electron Fiddle](http://electronjs.org/fiddle)).
-
-### Navigating the project
-
-Some quick tips on building once your checkout is set up:
-
-* **Directory structure:** Within the project, Chromium code is synced to `${root}/src/` while Electron's code (i.e. code in
-  https://github.com/electron/electron) lives in `${root}/src/electron/`. Note that both directories
-  have their own git repositories.
-* **Updating your checkout:** Run git commands such as `git checkout <branch>` and `git pull` from `${root}/src/electron`.
-  Whenever you update your commit `HEAD`, make sure to `e sync` before `e build` to sync dependencies
-  such as Chromium and Node.js. This is especially relevant because the Chromium version in
-  [`DEPS`](https://github.com/electron/electron/blob/main/DEPS) changes frequently.
-* **Rebuilding:** When making changes to code in `${root}/src/electron/` in a local branch, you only need to re-run `e build`.
-* **Adding patches:** When contributing changes in `${root}/src/` outside of `${root}/src/electron/`, you need to do so
-  via Electron's [patch system](./patches.md). The `e patches` command can export all relevant patches to
-  `${root}/src/electron/patches/` once your code change is ready.
-
-> [!IMPORTANT]
-> Unless you're applying upstream patches, you should treat `${root}/src/` as a read-only folder and
-> spend most of your development time in `${root}/src/electron/`. You should not need to make any
-> changes or run `git` commands in `${root}/src/`.
-
-> [!TIP]
-> Detailed documentation for all available `e` commands can be found in the
-> repository's [README.md](https://github.com/electron/build-tools/blob/main/README.md). You can
-> also run `e --help` to list all commands and use the `--help` flag on any command to get more
-> usage info.
-
-> [!TIP]
-> For more information on project structure, see the [Source Code Directory Structure](./source-code-directory-structure.md)
-> guide.
-
-<details>
-<!-- markdownlint-disable-next-line MD033 -->
-<summary><strong>Manual setup (advanced)</strong></summary>
-
-## Manual setup (advanced)
+[Electron's Build Tools](https://github.com/electron/build-tools) automate much of the setup for compiling Electron from source with different configurations and build targets. If you wish to set up the environment manually, the instructions are listed below.

 Electron uses [GN](https://gn.googlesource.com/gn) for project generation and
-[siso](https://chromium.googlesource.com/build/+/refs/heads/main/siso/README.md) for building.
-Project configurations can be found in the `.gn` and `.gni` files in the `electron/electron` repo.
+[ninja](https://ninja-build.org/) for building. Project configurations can
+be found in the `.gn` and `.gni` files.

-### GN files
+## GN Files

 The following `gn` files contain the main rules for building Electron:

-* [`BUILD.gn`](https://github.com/electron/electron/blob/main/BUILD.gn) defines how Electron itself
-  is built and includes the default configurations for linking with Chromium.
-* [`build/args/{testing,release,all}.gn`](https://github.com/electron/electron/tree/main/build/args)
-  contain the default build arguments for building Electron.
+* `BUILD.gn` defines how Electron itself is built and
+  includes the default configurations for linking with Chromium.
+* `build/args/{testing,release,all}.gn` contain the default build arguments for
+  building Electron.

-### GN prerequisites
+## GN prerequisites

 You'll need to install [`depot_tools`][depot-tools], the toolset
 used for fetching Chromium and its dependencies.
@@ -130,7 +56,7 @@ $ mkdir -p "${GIT_CACHE_PATH}"
 # This will use about 16G.
 ```

-### Getting the code
+## Getting the code

 ```sh
 $ mkdir electron && cd electron
@@ -142,7 +68,7 @@ $ gclient sync --with_branch_heads --with_tags
 > Instead of `https://github.com/electron/electron`, you can use your own fork
 > here (something like `https://github.com/<username>/electron`).

-#### A note on pulling/pushing
+### A note on pulling/pushing

 If you intend to `git pull` or `git push` from the official `electron`
 repository in the future, you now need to update the respective folder's
@@ -157,13 +83,12 @@ $ git branch --set-upstream-to=origin/main
 $ cd -
 ```

-> [!TIP]
-> `gclient` works by checking a file called `DEPS` inside the
-`${root}/src/electron` folder for dependencies (like Chromium or Node.js).
+:memo: `gclient` works by checking a file called `DEPS` inside the
+`src/electron` folder for dependencies (like Chromium or Node.js).
 Running `gclient sync -f` ensures that all dependencies required
 to build Electron match that file.

-In order to pull, you'd run the following commands:
+So, in order to pull, you'd run the following commands:

 ```sh
 $ cd src/electron
@@ -171,7 +96,7 @@ $ git pull
 $ gclient sync -f
 ```

-### Building
+## Building

 **Set the environment variable for chromium build tools**

@@ -231,7 +156,7 @@ $ gn gen out/Release --args="import(\`"//electron/build/args/release.gn\`")"
 ```

 > [!NOTE]
-> This will generate a `out/Testing` or `out/Release` build directory under `${root}/src/` with the testing or release build depending upon the configuration passed above. You can replace `Testing|Release` with another names, but it should be a subdirectory of `out`.
+> This will generate a `out/Testing` or `out/Release` build directory under `src/` with the testing or release build depending upon the configuration passed above. You can replace `Testing|Release` with another names, but it should be a subdirectory of `out`.

 Also you shouldn't have to run `gn gen` again—if you want to change the build arguments, you can run `gn args out/Testing` to bring up an editor. To see the list of available build configuration options, run `gn args out/Testing --list`.

@@ -264,7 +189,7 @@ $ ./out/Testing/electron.exe
 $ ./out/Testing/electron
 ```

-#### Packaging
+### Packaging

 To package the electron build as a distributable zip file:

@@ -272,7 +197,7 @@ To package the electron build as a distributable zip file:
 $ ninja -C out/Release electron:electron_dist_zip
 ```

-#### Cross-compiling
+### Cross-compiling

 To compile for a platform that isn't the same as the one you're building on,
 set the `target_cpu` and `target_os` GN arguments. For example, to compile an
@@ -298,7 +223,7 @@ and [`target_cpu`][target_cpu values].
 [target_os values]: https://gn.googlesource.com/gn/+/main/docs/reference.md#built_in-predefined-variables-target_os_the-desired-operating-system-for-the-build-possible-values
 [target_cpu values]: https://gn.googlesource.com/gn/+/main/docs/reference.md#built_in-predefined-variables-target_cpu_the-desired-cpu-architecture-for-the-build-possible-values

-#### Windows on Arm
+#### Windows on Arm (experimental)

 To cross-compile for Windows on Arm, [follow Chromium's guide](https://chromium.googlesource.com/chromium/src/+/refs/heads/main/docs/windows_build_instructions.md#Visual-Studio) to get the necessary dependencies, SDK and libraries, then build with `ELECTRON_BUILDING_WOA=1` in your environment before running `gclient sync`.

@@ -316,12 +241,12 @@ gclient sync -f --with_branch_heads --with_tags

 Next, run `gn gen` as above with `target_cpu="arm64"`.

-### Tests
+## Tests

 To run the tests, you'll first need to build the test modules against the
 same version of Node.js that was built as part of the build process. To
 generate build headers for the modules to compile against, run the following
-under `${root}/src/` directory.
+under `src/` directory.

 ```sh
 $ ninja -C out/Testing electron:node_headers
@@ -337,7 +262,7 @@ $ npm run test -- \
  --enable-logging -g 'BrowserWindow module'
 ```

-### Sharing the git cache between multiple machines
+## Sharing the git cache between multiple machines

 It is possible to share the gclient git cache with other machines by exporting it as
 SMB share on linux, but only one process/machine can be using the cache at a
@@ -359,14 +284,11 @@ This can be set quickly in powershell (ran as administrator):
 New-ItemProperty -Path "HKLM:\System\CurrentControlSet\Services\Lanmanworkstation\Parameters" -Name DirectoryCacheLifetime -Value 0 -PropertyType DWORD -Force
 ```

-</details>
-
 ## Troubleshooting

-### `sync` complains about rebase
+### gclient sync complains about rebase

-If `e sync` (or `gclient sync`) is interrupted, the git tree may be left in a bad state, leading to
-a cryptic message when running `sync` in the future:
+If `gclient sync` is interrupted the git tree may be left in a bad state, leading to a cryptic message when running `gclient sync` in the future:

 ```plaintext
 2> Conflict while rebasing this branch.
@@ -374,19 +296,17 @@ a cryptic message when running `sync` in the future:
 2> See man git-rebase for details.
 ```

-If there are no git conflicts or rebases in `${root}/src/electron`, you may need to abort a `git am`
-in `${root}/src`:
+If there are no git conflicts or rebases in `src/electron`, you may need to abort a `git am` in `src`:

 ```sh
 $ cd ../
 $ git am --abort
 $ cd electron
-$ e sync -f
+$ gclient sync -f
 ```

-This may also happen if you have checked out a branch (as opposed to having a detached head) in `${root}/src/`
-or some other dependency’s repository. If that is the case, a `git checkout --detach HEAD` in the
-appropriate repository should do the trick.
+This may also happen if you have checked out a branch (as opposed to having a detached head) in `electron/src/`
+or some other dependency’s repository. If that is the case, a `git checkout --detach HEAD` in the appropriate repository should do the trick.

 ### I'm being asked for a username/password for chromium-internal.googlesource.com

@@ -395,6 +315,16 @@ If you see a prompt for `Username for 'https://chrome-internal.googlesource.com'
 your locally installed version of Visual Studio (by default, `depot_tools` will
 try to download a Google-internal version that only Googlers have access to).

+### `e` Module not found
+
+If `e` is not recognized despite running `npm i -g @electron/build-tools`, ie:
+
+```sh
+Error: Cannot find module '/Users/<user>/.electron_build_tools/src/e'
+```
+
+We recommend installing Node through [nvm](https://github.com/nvm-sh/nvm). This allows for easier Node version management, and is often a fix for missing `e` modules.
+
 ### RBE authentication randomly fails with "Token not valid"

 This could be caused by the local clock time on the machine being off by a small amount. Use [time.is](https://time.is/) to check.
--- a/docs/development/build-instructions-linux.md
+++ b/docs/development/build-instructions-linux.md
@@ -6,17 +6,77 @@ Follow the guidelines below for building **Electron itself** on Linux, for the p

 ## Prerequisites

-Due to Electron's dependency on Chromium, prerequisites and dependencies for Electron change over time. [Chromium's documentation on building on Linux](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/linux/build_instructions.md) has up to date information for building Chromium on Linux. This documentation can generally
-be followed for building Electron on Linux as well.
+* At least 25GB disk space and 8GB RAM.
+* Python >= 3.9.
+* [Node.js](https://nodejs.org/download/) >= 22.12.0
+* [clang](https://clang.llvm.org/get_started.html) 3.4 or later.
+* Development headers of GTK 3 and libnotify.

-Additionally, Electron's [Linux dependency installer](https://github.com/electron/build-images/blob/main/tools/install-deps.sh) can be referenced to get the current dependencies that Electron requires in addition to what Chromium installs via [build/install-deps.sh](https://chromium.googlesource.com/chromium/src/+/HEAD/build/install-build-deps.sh).
+On Ubuntu >= 20.04, install the following libraries:
+
+```sh
+$ sudo apt-get install build-essential clang libdbus-1-dev libgtk-3-dev \
+                       libnotify-dev libasound2-dev libcap-dev \
+                       libcups2-dev libxtst-dev \
+                       libxss1 libnss3-dev gcc-multilib g++-multilib curl \
+                       gperf bison python3-dbusmock openjdk-8-jre
+```
+
+On Ubuntu < 20.04, install the following libraries:
+
+```sh
+$ sudo apt-get install build-essential clang libdbus-1-dev libgtk-3-dev \
+                       libnotify-dev libgnome-keyring-dev \
+                       libasound2-dev libcap-dev libcups2-dev libxtst-dev \
+                       libxss1 libnss3-dev gcc-multilib g++-multilib curl \
+                       gperf bison python-dbusmock openjdk-8-jre
+```
+
+On RHEL / CentOS, install the following libraries:
+
+```sh
+$ sudo yum install clang dbus-devel gtk3-devel libnotify-devel \
+                   libgnome-keyring-devel xorg-x11-server-utils libcap-devel \
+                   cups-devel libXtst-devel alsa-lib-devel libXrandr-devel \
+                   nss-devel python-dbusmock openjdk-8-jre
+```
+
+On Fedora, install the following libraries:
+
+```sh
+$ sudo dnf install clang dbus-devel gperf gtk3-devel \
+                   libnotify-devel libgnome-keyring-devel libcap-devel \
+                   cups-devel libXtst-devel alsa-lib-devel libXrandr-devel \
+                   nss-devel python-dbusmock
+```
+
+On Arch Linux / Manjaro, install the following libraries:
+
+```sh
+$ sudo pacman -Syu base-devel clang libdbus gtk2 libnotify \
+                   libgnome-keyring alsa-lib libcap libcups libxtst \
+                   libxss nss gcc-multilib curl gperf bison \
+                   python2 python-dbusmock jdk8-openjdk
+```
+
+Other distributions may offer similar packages for installation via package
+managers such as pacman. Or one can compile from source code.

 ### Cross compilation

-If you want to build for an `arm` target, you can use Electron's [Linux dependency installer](https://github.com/electron/build-images/blob/main/tools/install-deps.sh) to install the additional dependencies by passing the `--arm argument`:
+If you want to build for an `arm` target you should also install the following
+dependencies:

 ```sh
-$ sudo install-deps.sh --arm
+$ sudo apt-get install libc6-dev-armhf-cross linux-libc-dev-armhf-cross \
+                       g++-arm-linux-gnueabihf
+```
+
+Similarly for `arm64`, install the following:
+
+```sh
+$ sudo apt-get install libc6-dev-arm64-cross linux-libc-dev-arm64-cross \
+                       g++-aarch64-linux-gnu
 ```

 And to cross-compile for `arm` or targets, you should pass the
--- a/docs/development/build-instructions-macos.md
+++ b/docs/development/build-instructions-macos.md
@@ -6,7 +6,7 @@ Follow the guidelines below for building **Electron itself** on macOS, for the p

 ## Prerequisites

-* macOS >= 12
+* macOS >= 11.6.0
 * [Xcode](https://developer.apple.com/technologies/tools/). The exact version
  needed depends on what branch you are building, but the latest version of
  Xcode is generally a good bet for building `main`.
--- a/docs/development/source-code-directory-structure.md
+++ b/docs/development/source-code-directory-structure.md
@@ -4,40 +4,12 @@ The source code of Electron is separated into a few parts, mostly
 following Chromium on the separation conventions.

 You may need to become familiar with
-[Chromium's multi-process architecture](https://www.chromium.org/developers/design-documents/multi-process-architecture/)
+[Chromium's multi-process architecture](https://dev.chromium.org/developers/design-documents/multi-process-architecture)
 to understand the source code better.

-## Project structure
+## Structure of Source Code

-Electron is a complex project containing multiple upstream dependencies, which are tracked in source
-control via the [`DEPS`](https://github.com/electron/electron/blob/main/DEPS) file. When
-[initializing a local Electron checkout](./build-instructions-gn.md), Electron's source code is just one
-of many nested folders within the project root.
-
-The project contains a single `src` folder that corresponds a specific git checkout of
-[Chromium's `src` folder](https://source.chromium.org/chromium/chromium/src). In addition, Electron's
-repository code is contained in `src/electron` (with its own nested git repository), and other
-Electron-specific third-party dependencies (e.g. [nan](https://github.com/nodejs/nan) or
-[node](https://github.com/nodejs/node)) are located in `src/third_party` (along with all other
-Chromium third-party dependencies, such as WebRTC or ANGLE).
-
-For all code outside of `src/electron`, Electron-specific code changes are maintained via git patches.
-See the [Patches](./patches.md) development guide for more information.
-
-```plaintext
-Project Root
-└── src
-    ├── electron
-    ├── third_party
-    │   ├── nan
-    │   ├── electron_node
-    │   └── ...other third party deps
-    └── ...other folders
-```
-
-## Structure of Electron source code
-
-```plaintext
+```diff
 Electron
 ├── build/ - Build configuration files needed to build with GN.
 ├── buildflags/ - Determines the set of features that can be conditionally built.
@@ -53,23 +25,24 @@ Electron
 ├── lib/ - JavaScript/TypeScript source code.
 |   ├── browser/ - Main process initialization code.
 |   |   ├── api/ - API implementation for main process modules.
+|   |   └── remote/ - Code related to the remote module as it is
+|   |                 used in the main process.
 |   ├── common/ - Relating to logic needed by both main and renderer processes.
 |   |   └── api/ - API implementation for modules that can be used in
 |   |              both the main and renderer processes
 |   ├── isolated_renderer/ - Handles creation of isolated renderer processes when
 |   |                        contextIsolation is enabled.
-|   ├── node/ - Initialization code for Node.js in the main process.
-│   ├── preload_realm/ - Initialization code for sandboxed renderer preload scripts.
-│   │   └── api/ - API implementation for preload scripts.
 |   ├── renderer/ - Renderer process initialization code.
 |   |   ├── api/ - API implementation for renderer process modules.
+|   |   ├── extension/ - Code related to use of Chrome Extensions
+|   |   |                in Electron's renderer process.
+|   |   ├── remote/ - Logic that handles use of the remote module in
+|   |   |             the main process.
 |   |   └── web-view/ - Logic that handles the use of webviews in the
 |   |                   renderer process.
 |   ├── sandboxed_renderer/ - Logic that handles creation of sandboxed renderer
 |   |   |                     processes.
 |   |   └── api/ - API implementation for sandboxed renderer processes.
-│   ├── utility/ - Utility process initialization code.
-│   │   └── api/ - API implementation for utility process modules.
 |   └── worker/ - Logic that handles proper functionality of Node.js
 |                 environments in Web Workers.
 ├── patches/ - Patches applied on top of Electron's core dependencies
@@ -94,30 +67,27 @@ Electron
 |   |   └── resources/ - Icons, platform-dependent files, etc.
 |   ├── renderer/ - Code that runs in renderer process.
 |   |   └── api/ - The implementation of renderer process APIs.
-|   ├── common/ - Code that used by both the main and renderer processes,
-|   |   |         including some helper functions and code to integrate node's
-|   |   |         message loop into Chromium's message loop.
-|   |   └── api/ - The implementation of common APIs, and foundations of
-|   |              Electron's built-in modules.
-│   ├── services/node/ - Provides a Node.js runtime to utility processes. 
-│   └── utility - Code that runs in the utility process.
+|   └── common/ - Code that used by both the main and renderer processes,
+|       |         including some utility functions and code to integrate node's
+|       |         message loop into Chromium's message loop.
+|       └── api/ - The implementation of common APIs, and foundations of
+|                  Electron's built-in modules.
 ├── spec/ - Components of Electron's test suite run in the main process.
-├── typings/ - Internal TypeScript types that aren't exported in electron.d.ts.
 └── BUILD.gn - Building rules of Electron.
 ```

-## Structure of other Electron directories
+## Structure of Other Directories

 * **.github** - GitHub-specific config files including issues templates, CI with GitHub Actions and CODEOWNERS.
 * **dist** - Temporary directory created by `script/create-dist.py` script
  when creating a distribution.
 * **node_modules** - Third party node modules used for building.
 * **npm** - Logic for installation of Electron via npm.
-* **out** - Temporary output directory for `siso`.
+* **out** - Temporary output directory of `ninja`.
 * **script** - Scripts used for development purpose like building, packaging,
  testing, etc.

-```plaintext
+```diff
 script/ - The set of all scripts Electron runs for a variety of purposes.
 ├── codesign/ - Fakes codesigning for Electron apps; used for testing.
 ├── lib/ - Miscellaneous python utility scripts.
--- a/docs/glossary.md
+++ b/docs/glossary.md
@@ -12,15 +12,6 @@ The ASAR format was created primarily to improve performance on Windows when
 reading large quantities of small files (e.g. when loading your app's JavaScript
 dependency tree from `node_modules`).

-### ASAR integrity
-
-ASAR integrity is an security feature that validates the contents of your app's
-ASAR archives at runtime. When enabled, your Electron app will verify the
-header hash of its ASAR archive on runtime. If no hash is present or if there is a mismatch in the
-hashes, the app will forcefully terminate.
-
-See the [ASAR Integrity](./tutorial/asar-integrity.md) guide for more details.
-
 ### code signing

 Code signing is a process where an app developer digitally signs their code to
--- a/docs/tutorial/asar-integrity.md
+++ b/docs/tutorial/asar-integrity.md
@@ -5,7 +5,7 @@ slug: asar-integrity
 hide_title: false
 ---

-ASAR integrity is a security feature that validates the contents of your app's
+ASAR integrity is an experimental feature that validates the contents of your app's
 [ASAR archives](./asar-archives.md) at runtime.

 ## Version support
@@ -77,7 +77,7 @@ on package time. The process of providing this packaged hash is different for ma
 ### Using Electron tooling

 Electron Forge and Electron Packager do this setup automatically for you with no additional
-configuration whenever `asar` is enabled. The minimum required versions for ASAR integrity are:
+configuration. The minimum required versions for ASAR integrity are:

 * `@electron/packager@18.3.1`
 * `@electron/forge@7.4.0`
--- a/docs/tutorial/devtools-extension.md
+++ b/docs/tutorial/devtools-extension.md
@@ -94,7 +94,7 @@ If the extension works on Chrome but not on Electron, file a bug in Electron's
 [issue tracker][issue-tracker] and describe which part
 of the extension is not working as expected.

-[devtools-extension]: https://developer.chrome.com/docs/extensions/how-to/devtools/extend-devtools
+[devtools-extension]: https://developer.chrome.com/extensions/devtools
 [session]: ../api/session.md
 [react-devtools]: https://chrome.google.com/webstore/detail/react-developer-tools/fmkadmapgofadopljbjfkapdkoienihi
 [load-extension]: ../api/extensions-api.md#extensionsloadextensionpath-options
--- a/docs/tutorial/electron-timelines.md
+++ b/docs/tutorial/electron-timelines.md
@@ -9,11 +9,10 @@ check out our [Electron Versioning](./electron-versioning.md) doc.

 | Electron | Alpha | Beta | Stable | EOL | Chrome | Node | Supported |
 | ------- | ----- | ------- | ------ | ------ | ---- | ---- | ---- |
-| 40.0.0 |  2025-Oct-30 | 2025-Dec-03 | 2026-Jan-13 | 2026-Jun-30 | M144 | TBD | ✅ |
-| 39.0.0 |  2025-Sep-04 | 2025-Oct-01 | 2025-Oct-28 | 2026-May-05 | M142 | v22.20 | ✅ |
+| 39.0.0 |  2025-Sep-04 | 2025-Oct-01 | 2025-Oct-28 | 2026-May-05 | M142 | TBD | ✅ |
 | 38.0.0 |  2025-Jun-26 | 2025-Aug-06 | 2025-Sep-02 | 2026-Mar-10 | M140 | v22.18 | ✅ |
 | 37.0.0 |  2025-May-01 | 2025-May-28 | 2025-Jun-24 | 2026-Jan-13 | M138 | v22.16 | ✅ |
-| 36.0.0 |  2025-Mar-06 | 2025-Apr-02 | 2025-Apr-29 | 2025-Oct-28 | M136 | v22.14 | 🚫 |
+| 36.0.0 |  2025-Mar-06 | 2025-Apr-02 | 2025-Apr-29 | 2025-Oct-28 | M136 | v22.14 | ✅ |
 | 35.0.0 |  2025-Jan-16 | 2025-Feb-05 | 2025-Mar-04 | 2025-Sep-02 | M134 | v22.14 | 🚫 |
 | 34.0.0 |  2024-Oct-17 | 2024-Nov-13 | 2025-Jan-14 | 2025-Jun-24 | M132 | v20.18 | 🚫 |
 | 33.0.0 |  2024-Aug-22 | 2024-Sep-18 | 2024-Oct-15 | 2025-Apr-29 | M130 | v20.18 | 🚫 |
@@ -122,3 +121,22 @@ and that number is reduced to two in major version 10, the three-argument versio
 continue to work until, at minimum, major version 12. Past the minimum two-version
 threshold, we will attempt to support backwards compatibility beyond two versions
 until the maintainers feel the maintenance burden is too high to continue doing so.
+
+### End-of-life
+
+When a release branch reaches the end of its support cycle, the series
+will be deprecated in NPM and a final end-of-support release will be
+made. This release will add a warning to inform that an unsupported
+version of Electron is in use.
+
+These steps are to help app developers learn when a branch they're
+using becomes unsupported, but without being excessively intrusive
+to end users.
+
+If an application has exceptional circumstances and needs to stay
+on an unsupported series of Electron, developers can silence the
+end-of-support warning by omitting the final release from the app's
+`package.json` `devDependencies`. For example, since the 1-6-x series
+ended with an end-of-support 1.6.18 release, developers could choose
+to stay in the 1-6-x series without warnings with `devDependency` of
+`"electron": 1.6.0 - 1.6.17`.
--- a/docs/tutorial/fuses.md
+++ b/docs/tutorial/fuses.md
@@ -4,24 +4,11 @@

 ## What are fuses?

-From a security perspective, it makes sense to disable certain unused Electron features
-that are powerful but may make your app's security posture weaker. For example, any app that doesn't
-use the `ELECTRON_RUN_AS_NODE` environment variable would want to disable the feature to prevent a
-subset of "living off the land" attacks.
+For a subset of Electron functionality it makes sense to disable certain features for an entire application.  For example, 99% of apps don't make use of `ELECTRON_RUN_AS_NODE`, these applications want to be able to ship a binary that is incapable of using that feature.  We also don't want Electron consumers building Electron from source as that is both a massive technical challenge and has a high cost of both time and money.

-We also don't want Electron consumers forking to achieve this goal, as building from source and
-maintaining a fork is a massive technical challenge and costs a lot of time and money.
+Fuses are the solution to this problem, at a high level they are "magic bits" in the Electron binary that can be flipped when packaging your Electron app to enable / disable certain features / restrictions.  Because they are flipped at package time before you code sign your app the OS becomes responsible for ensuring those bits aren't flipped back via OS level code signing validation (Gatekeeper / App Locker).

-Fuses are the solution to this problem. At a high level, they are "magic bits" in the Electron binary
-that can be flipped when packaging your Electron app to enable or disable certain features/restrictions.
-
-Because they are flipped at package time before you code sign your app, the OS becomes responsible
-for ensuring those bits aren't flipped back via OS-level code signing validation
-(e.g. [Gatekeeper](https://support.apple.com/en-ca/guide/security/sec5599b66df/web) on macOS or
-[AppLocker](https://learn.microsoft.com/en-us/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-overview)
-on Windows).
-
-## Current fuses
+## Current Fuses

 ### `runAsNode`

@@ -29,11 +16,7 @@ on Windows).

 **@electron/fuses:** `FuseV1Options.RunAsNode`

-The `runAsNode` fuse toggles whether the [`ELECTRON_RUN_AS_NODE`](../api/environment-variables.md)
-environment variable is respected or not. With this fuse disabled, [`child_process.fork`](https://nodejs.org/api/child_process.html#child_processforkmodulepath-args-options) in the main process will not function
-as expected, as it depends on this environment variable to function. Instead, we recommend that you
-use [Utility Processes](../api/utility-process.md), which work for many use cases where you need a
-standalone Node.js process (e.g. a SQLite server process).
+The runAsNode fuse toggles whether the `ELECTRON_RUN_AS_NODE` environment variable is respected or not.  Please note that if this fuse is disabled then `process.fork` in the main process will not function as expected as it depends on this environment variable to function. Instead, we recommend that you use [Utility Processes](../api/utility-process.md), which work for many use cases where you need a standalone Node.js process (like a Sqlite server process or similar scenarios).

 ### `cookieEncryption`

@@ -41,12 +24,7 @@ standalone Node.js process (e.g. a SQLite server process).

 **@electron/fuses:** `FuseV1Options.EnableCookieEncryption`

-The `cookieEncryption` fuse toggles whether the cookie store on disk is encrypted using OS level
-cryptography keys. By default, the SQLite database that Chromium uses to store cookies stores the
-values in plaintext. If you wish to ensure your app's cookies are encrypted in the same way Chrome
-does, then you should enable this fuse. Please note it is a one-way transition—if you enable this
-fuse, existing unencrypted cookies will be encrypted-on-write, but subsequently disabling the fuse
-later will make your cookie store corrupt and useless. Most apps can safely enable this fuse.
+The cookieEncryption fuse toggles whether the cookie store on disk is encrypted using OS level cryptography keys.  By default the sqlite database that Chromium uses to store cookies stores the values in plaintext.  If you wish to ensure your apps cookies are encrypted in the same way Chrome does then you should enable this fuse.  Please note it is a one-way transition, if you enable this fuse existing unencrypted cookies will be encrypted-on-write but if you then disable the fuse again your cookie store will effectively be corrupt and useless.  Most apps can safely enable this fuse.

 ### `nodeOptions`

@@ -54,11 +32,7 @@ later will make your cookie store corrupt and useless. Most apps can safely enab

 **@electron/fuses:** `FuseV1Options.EnableNodeOptionsEnvironmentVariable`

-The `nodeOptions` fuse toggles whether the [`NODE_OPTIONS`](https://nodejs.org/api/cli.html#node_optionsoptions)
-and [`NODE_EXTRA_CA_CERTS`](https://github.com/nodejs/node/blob/main/doc/api/cli.md#node_extra_ca_certsfile)
-environment variables are respected. The `NODE_OPTIONS` environment variable can be used to pass all
-kinds of custom options to the Node.js runtime and isn't typically used by apps in production.
-Most apps can safely disable this fuse.
+The nodeOptions fuse toggles whether the [`NODE_OPTIONS`](https://nodejs.org/api/cli.html#node_optionsoptions)  and [`NODE_EXTRA_CA_CERTS`](https://github.com/nodejs/node/blob/main/doc/api/cli.md#node_extra_ca_certsfile) environment variables are respected.  The `NODE_OPTIONS` environment variable can be used to pass all kinds of custom options to the Node.js runtime and isn't typically used by apps in production.  Most apps can safely disable this fuse.

 ### `nodeCliInspect`

@@ -66,9 +40,7 @@ Most apps can safely disable this fuse.

 **@electron/fuses:** `FuseV1Options.EnableNodeCliInspectArguments`

-The `nodeCliInspect` fuse toggles whether the `--inspect`, `--inspect-brk`, etc. flags are respected
-or not. When disabled, it also ensures that `SIGUSR1` signal does not initialize the main process
-inspector. Most apps can safely disable this fuse.
+The nodeCliInspect fuse toggles whether the `--inspect`, `--inspect-brk`, etc. flags are respected or not.  When disabled it also ensures that `SIGUSR1` signal does not initialize the main process inspector.  Most apps can safely disable this fuse.

 ### `embeddedAsarIntegrityValidation`

@@ -76,12 +48,9 @@ inspector. Most apps can safely disable this fuse.

 **@electron/fuses:** `FuseV1Options.EnableEmbeddedAsarIntegrityValidation`

-The `embeddedAsarIntegrityValidation` fuse toggles a feature on macOS and Windows that validates the
-content of the `app.asar` file when it is loaded. This feature is designed to have a minimal
-performance impact but may marginally slow down file reads from inside the `app.asar` archive.
-Most apps can safely enable this fuse.
+The embeddedAsarIntegrityValidation fuse toggles an experimental feature on macOS and Windows that validates the content of the `app.asar` file when it is loaded.  This feature is designed to have a minimal performance impact but may marginally slow down file reads from inside the `app.asar` archive.

-For more information on how to use ASAR integrity validation, please read the [Asar Integrity](asar-integrity.md) documentation.
+For more information on how to use asar integrity validation please read the [Asar Integrity](asar-integrity.md) documentation.

 ### `onlyLoadAppFromAsar`

@@ -89,15 +58,7 @@ For more information on how to use ASAR integrity validation, please read the [A

 **@electron/fuses:** `FuseV1Options.OnlyLoadAppFromAsar`

-The `onlyLoadAppFromAsar` fuse changes the search system that Electron uses to locate your app code.
-By default, Electron will search for this code in the following order:
-
-1. `app.asar`
-1. `app`
-1. `default_app.asar`
-
-When this fuse is enabled, Electron will _only_ search for `app.asar`. When combined with the [`embeddedAsarIntegrityValidation`](#embeddedasarintegrityvalidation) fuse, this fuse ensures that
-it is impossible to load non-validated code.
+The onlyLoadAppFromAsar fuse changes the search system that Electron uses to locate your app code.  By default Electron will search in the following order `app.asar` -> `app` -> `default_app.asar`.  When this fuse is enabled the search order becomes a single entry `app.asar` thus ensuring that when combined with the `embeddedAsarIntegrityValidation` fuse it is impossible to load non-validated code.

 ### `loadBrowserProcessSpecificV8Snapshot`

@@ -105,17 +66,11 @@ it is impossible to load non-validated code.

 **@electron/fuses:** `FuseV1Options.LoadBrowserProcessSpecificV8Snapshot`

-V8 snapshots can be useful to improve app startup performance. V8 lets you take snapshots of
-initialized heaps and then load them back in to avoid the cost of initializing the heap.
+The loadBrowserProcessSpecificV8Snapshot fuse changes which V8 snapshot file is used for the browser process.  By default Electron's processes will all use the same V8 snapshot file.  When this fuse is enabled the browser process uses the file called `browser_v8_context_snapshot.bin` for its V8 snapshot. The other processes will use the V8 snapshot file that they normally do.

-The `loadBrowserProcessSpecificV8Snapshot` fuse changes which V8 snapshot file is used for the browser
-process. By default, Electron's processes will all use the same V8 snapshot file. When this fuse is
-enabled, the main process uses the file called `browser_v8_context_snapshot.bin` for its V8 snapshot.
-Other processes will use the V8 snapshot file that they normally do.
+V8 snapshots can be useful to improve app startup performance. V8 lets you take snapshots of initialized heaps and then load them back in to avoid the cost of initializing the heap.

-Using separate snapshots for renderer processes and the main process can improve security, especially
-to make sure that the renderer doesn't use a snapshot with `nodeIntegration` enabled.
-See [electron/electron#35170](https://github.com/electron/electron/issues/35170) for details.
+Using separate snapshots for renderer processes and the main process can improve security, especially to make sure that the renderer doesn't use a snapshot with `nodeIntegration` enabled. See [#35170](https://github.com/electron/electron/issues/35170) for details.

 ### `grantFileProtocolExtraPrivileges`

@@ -123,25 +78,19 @@ See [electron/electron#35170](https://github.com/electron/electron/issues/35170)

 **@electron/fuses:** `FuseV1Options.GrantFileProtocolExtraPrivileges`

-The `grantFileProtocolExtraPrivileges` fuse changes whether pages loaded from the `file://` protocol
-are given privileges beyond what they would receive in a traditional web browser. This behavior was
-core to Electron apps in original versions of Electron, but is no longer required as apps should be
-[serving local files from custom protocols](./security.md#18-avoid-usage-of-the-file-protocol-and-prefer-usage-of-custom-protocols) now instead.
-
-If you aren't serving pages from `file://`, you should disable this fuse.
+The grantFileProtocolExtraPrivileges fuse changes whether pages loaded from the `file://` protocol are given privileges beyond what they would receive in a traditional web browser.  This behavior was core to Electron apps in original versions of Electron but is no longer required as apps should be [serving local files from custom protocols](./security.md#18-avoid-usage-of-the-file-protocol-and-prefer-usage-of-custom-protocols) now instead.  If you aren't serving pages from `file://` you should disable this fuse.

 The extra privileges granted to the `file://` protocol by this fuse are incompletely documented below:

 * `file://` protocol pages can use `fetch` to load other assets over `file://`
 * `file://` protocol pages can use service workers
-* `file://` protocol pages have universal access granted to child frames also running on `file://`
-  protocols regardless of sandbox settings
+* `file://` protocol pages have universal access granted to child frames also running on `file://` protocols regardless of sandbox settings

-## How do I flip fuses?
+## How do I flip the fuses?

 ### The easy way

-[`@electron/fuses`](https://npmjs.com/package/@electron/fuses) is a JavaScript utility designed to make flipping these fuses easy. Check out the README of that module for more details on usage and potential error cases.
+We've made a handy module, [`@electron/fuses`](https://npmjs.com/package/@electron/fuses), to make flipping these fuses easy.  Check out the README of that module for more details on usage and potential error cases.

 ```js @ts-nocheck
 const { flipFuses, FuseVersion, FuseV1Options } = require('@electron/fuses')
@@ -157,37 +106,29 @@ flipFuses(
 )
 ```

-You can validate the fuses that have been flipped or check the fuse status of an arbitrary Electron
-app using the `@electron/fuses` CLI.
+You can validate the fuses have been flipped or check the fuse status of an arbitrary Electron app using the fuses CLI.

 ```bash
 npx @electron/fuses read --app /Applications/Foo.app
 ```

->[!NOTE]
-> If you are using Electron Forge to distribute your application, you can flip fuses using
-> [`@electron-forge/plugin-fuses`](https://www.electronforge.io/config/plugins/fuses),
-> which comes pre-installed with all templates.
-
 ### The hard way

-> [!IMPORTANT]
-> Glossary:
->
-> * **Fuse Wire**: A sequence of bytes in the Electron binary used to control the fuses
-> * **Sentinel**: A static known sequence of bytes you can use to locate the fuse wire
-> * **Fuse Schema**: The format/allowed values for the fuse wire
+#### Quick Glossary

-Manually flipping fuses requires editing the Electron binary and modifying the fuse wire to be the
-sequence of bytes that represent the state of the fuses you want.
+* **Fuse Wire**: A sequence of bytes in the Electron binary used to control the fuses
+* **Sentinel**: A static known sequence of bytes you can use to locate the fuse wire
+* **Fuse Schema**: The format / allowed values for the fuse wire

-Somewhere in the Electron binary, there will be a sequence of bytes that look like this:
+Manually flipping fuses requires editing the Electron binary and modifying the fuse wire to be the sequence of bytes that represent the state of the fuses you want.
+
+Somewhere in the Electron binary there will be a sequence of bytes that look like this:

 ```text
 | ...binary | sentinel_bytes | fuse_version | fuse_wire_length | fuse_wire | ...binary |
 ```

-* `sentinel_bytes` is always this exact string: `dL7pKGdnNz796PbbjQWNKmHXBZaB9tsX`
+* `sentinel_bytes` is always this exact string `dL7pKGdnNz796PbbjQWNKmHXBZaB9tsX`
 * `fuse_version` is a single byte whose unsigned integer value represents the version of the fuse schema
 * `fuse_wire_length` is a single byte whose unsigned integer value represents the number of fuses in the following fuse wire
 * `fuse_wire` is a sequence of N bytes, each byte represents a single fuse and its state.
@@ -195,6 +136,6 @@ Somewhere in the Electron binary, there will be a sequence of bytes that look li
  * "1" (0x31) indicates the fuse is enabled
  * "r" (0x72) indicates the fuse has been removed and changing the byte to either 1 or 0 will have no effect.

-To flip a fuse, you find its position in the fuse wire and change it to "0" or "1" depending on the state you'd like.
+To flip a fuse you find its position in the fuse wire and change it to "0" or "1" depending on the state you'd like.

 You can view the current schema [here](https://github.com/electron/electron/blob/main/build/fuses/fuses.json5).
--- a/docs/tutorial/native-file-drag-drop.md
+++ b/docs/tutorial/native-file-drag-drop.md
@@ -110,10 +110,4 @@ the item is a Markdown file located in the root of the project:

 ![Drag and drop](../images/drag-and-drop.gif)

-## Dragging files into your app
-
-You can use the standard
-[Drag and Drop web API](https://developer.mozilla.org/en-US/docs/Web/API/HTML_Drag_and_Drop_API)
-for dragging and dropping files into your app.
-
 [`contextBridge`]: ../api/context-bridge.md
--- a/docs/tutorial/online-offline-events.md
+++ b/docs/tutorial/online-offline-events.md
@@ -2,15 +2,15 @@

 ## Overview

-Online and offline event detection can be implemented in both the main and renderer processes:
-
- **Renderer process**: Use the [`navigator.onLine`](http://html5index.org/Offline%20-%20NavigatorOnLine.html) attribute and [online/offline events](https://developer.mozilla.org/en-US/docs/Online_and_offline_events), part of standard HTML5 API.
- **Main process**: Use the [`net.isOnline()`](../api/net.md#netisonline) method or the [`net.online`](../api/net.md#netonline-readonly) property.
+[Online and offline event](https://developer.mozilla.org/en-US/docs/Online_and_offline_events)
+detection can be implemented in the Renderer process using the
+[`navigator.onLine`](http://html5index.org/Offline%20-%20NavigatorOnLine.html)
+attribute, part of standard HTML5 API.

 The `navigator.onLine` attribute returns:

- `false` if all network requests are guaranteed to fail (e.g. when disconnected from the network).
- `true` in all other cases.
+* `false` if all network requests are guaranteed to fail (e.g. when disconnected from the network).
+* `true` in all other cases.

 Since many cases return `true`, you should treat with care situations of
 getting false positives, as we cannot always assume that `true` value means
@@ -19,27 +19,7 @@ is running a virtualization software that has virtual Ethernet adapters in "alwa
 connected" state. Therefore, if you want to determine the Internet access
 status of Electron, you should develop additional means for this check.

-## Main Process Detection
-
-In the main process, you can use the `net` module to detect online/offline status:
-
-```js
-const { net } = require('electron')
-
-// Method 1: Using net.isOnline()
-const isOnline = net.isOnline()
-console.log('Online status:', isOnline)
-
-// Method 2: Using net.online property
-console.log('Online status:', net.online)
-```
-
-Both `net.isOnline()` and `net.online` return the same boolean value with the same reliability characteristics as `navigator.onLine` - they provide a strong indicator when offline (`false`), but a `true` value doesn't guarantee successful internet connectivity.
-
-> [!NOTE]
-> The `net` module is only available after the app emits the `ready` event.
-
-## Renderer Process Example
+## Example

 Starting with an HTML file `index.html`, this example will demonstrate how the `navigator.onLine` API can be used to build a connection status indicator.

@@ -104,4 +84,4 @@ After launching the Electron application, you should see the notification:
 ![Connection status](../images/connection-status.png)

 > [!NOTE]
-> If you need to check the connection status in the main process, you can use [`net.isOnline()`](../api/net.md#netisonline) directly instead of communicating from the renderer process via [IPC](../api/ipc-renderer.md).
+> If you need to communicate the connection status to the main process, use the [IPC renderer](../api/ipc-renderer.md) API.
--- a/docs/tutorial/sandbox.md
+++ b/docs/tutorial/sandbox.md
@@ -13,13 +13,7 @@ the GPU service and the network service.
 See Chromium's [Sandbox design document][sandbox] for more information.

 Starting from Electron 20, the sandbox is enabled for renderer processes without any
-further configuration.
-
-Sandboxing is tied to Node.js integration. _Enabling Node.js integration_ for a
-renderer process by setting `nodeIntegration: true` _disables the sandbox_ for the
-process.
-
-If you want to disable the sandbox for a process, see the
+further configuration. If you want to disable the sandbox for a process, see the
 [Disabling the sandbox for a single process](#disabling-the-sandbox-for-a-single-process)
 section.

@@ -104,8 +98,7 @@ app.whenReady().then(() => {
 ```

 Sandboxing is also disabled whenever Node.js integration is enabled in the renderer.
-This can be done through the BrowserWindow constructor with the `nodeIntegration: true` flag
-or by providing the respective HTML boolean attribute for a `webview`.
+This can be done through the BrowserWindow constructor with the `nodeIntegration: true` flag.

 ```js title='main.js'
 app.whenReady().then(() => {
@@ -118,10 +111,6 @@ app.whenReady().then(() => {
 })
 ```

-```html title='index.html (Renderer Process)'
-<webview nodeIntegration src="page.html"></webview>
-```
-
 ### Enabling the sandbox globally

 If you want to force sandboxing for all renderers, you can also use the
--- a/docs/tutorial/security.md
+++ b/docs/tutorial/security.md
@@ -98,7 +98,7 @@ either `process.env` or the `window` object.
 You should at least follow these steps to improve the security of your application:

 1. [Only load secure content](#1-only-load-secure-content)
-2. [Do not enable Node.js integration for remote content](#2-do-not-enable-nodejs-integration-for-remote-content)
+2. [Disable the Node.js integration in all renderers that display remote content](#2-do-not-enable-nodejs-integration-for-remote-content)
 3. [Enable context isolation in all renderers](#3-enable-context-isolation)
 4. [Enable process sandboxing](#4-enable-process-sandboxing)
 5. [Use `ses.setPermissionRequestHandler()` in all sessions that load remote content](#5-handle-session-permission-requests-from-remote-content)
@@ -118,6 +118,13 @@ You should at least follow these steps to improve the security of your applicati
 19. [Check which fuses you can change](#19-check-which-fuses-you-can-change)
 20. [Do not expose Electron APIs to untrusted web content](#20-do-not-expose-electron-apis-to-untrusted-web-content)

+To automate the detection of misconfigurations and insecure patterns, it is
+possible to use
+[Electronegativity](https://github.com/doyensec/electronegativity). For
+additional details on potential weaknesses and implementation bugs when
+developing applications using Electron, please refer to this
+[guide for developers and auditors](https://doyensec.com/resources/us-17-Carettoni-Electronegativity-A-Study-Of-Electron-Security-wp.pdf).
+
 ### 1. Only load secure content

 Any resources not included with your application should be loaded using a
@@ -237,10 +244,6 @@ to enable this behavior.
 Even when `nodeIntegration: false` is used, to truly enforce strong isolation
 and prevent the use of Node primitives `contextIsolation` **must** also be used.

-Beware that _disabling context isolation_ for a renderer process by setting
-`nodeIntegration: true` _also disables process sandboxing_ for that process.
-See section below.
-
 :::info
 For more information on what `contextIsolation` is and how to enable it please
 see our dedicated [Context Isolation](context-isolation.md) document.
@@ -248,16 +251,6 @@ see our dedicated [Context Isolation](context-isolation.md) document.

 ### 4. Enable process sandboxing

-:::info
-This recommendation is the default behavior in Electron since 20.0.0.
-
-Additionally, process sandboxing can be enforced for all renderer processes
-application wide: [Enabling the sandbox globally](sandbox.md#enabling-the-sandbox-globally)
-
-_Disabling context isolation_ (see above) _also disables process sandboxing_,
-regardless of the default, `sandbox: false` or globally enabled sandboxing!
-:::
-
 [Sandboxing](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/design/sandbox.md)
 is a Chromium feature that uses the operating system to
 significantly limit what renderer processes have access to. You should enable
@@ -292,7 +285,7 @@ const { session } = require('electron')
 const { URL } = require('node:url')

 session
-  .defaultSession
+  .fromPartition('some-partition')
  .setPermissionRequestHandler((webContents, permission, callback) => {
    const parsedUrl = new URL(webContents.getURL())

@@ -309,8 +302,6 @@ session
  })
 ```

-Note: `session.defaultSession` is only available after `app.whenReady` is called.
-
 ### 6. Do not disable `webSecurity`

 :::info
@@ -401,8 +392,6 @@ session.defaultSession.webRequest.onHeadersReceived((details, callback) => {
 })
 ```

-Note: `session.defaultSession` is only available after `app.whenReady` is called.
-
 #### CSP meta tag

 CSP's preferred delivery mechanism is an HTTP header. However, it is not possible
@@ -815,10 +804,10 @@ that your application might have the rights for.

 #### How?

-[`@electron/fuses`](https://npmjs.com/package/@electron/fuses) is a module we made to make
+We've made a module, [`@electron/fuses`](https://npmjs.com/package/@electron/fuses), to make
 flipping these fuses easy. Check out the README of that module for more details on usage and
 potential error cases, and refer to
-[How do I flip fuses?](./fuses.md#how-do-i-flip-fuses) in our documentation.
+[How do I flip the fuses?](./fuses.md#how-do-i-flip-the-fuses) in our documentation.

 ### 20. Do not expose Electron APIs to untrusted web content

--- a/filenames.auto.gni
+++ b/filenames.auto.gni
@@ -52,7 +52,6 @@ auto_filenames = {
    "docs/api/service-workers.md",
    "docs/api/session.md",
    "docs/api/share-menu.md",
-    "docs/api/shared-texture.md",
    "docs/api/shell.md",
    "docs/api/structures",
    "docs/api/system-preferences.md",
@@ -146,12 +145,6 @@ auto_filenames = {
    "docs/api/structures/shared-dictionary-info.md",
    "docs/api/structures/shared-dictionary-usage-info.md",
    "docs/api/structures/shared-texture-handle.md",
-    "docs/api/structures/shared-texture-import-texture-info.md",
-    "docs/api/structures/shared-texture-imported-subtle.md",
-    "docs/api/structures/shared-texture-imported.md",
-    "docs/api/structures/shared-texture-subtle.md",
-    "docs/api/structures/shared-texture-sync-token.md",
-    "docs/api/structures/shared-texture-transfer.md",
    "docs/api/structures/shared-worker-info.md",
    "docs/api/structures/sharing-item.md",
    "docs/api/structures/shortcut-details.md",
@@ -183,7 +176,6 @@ auto_filenames = {
    "lib/renderer/api/context-bridge.ts",
    "lib/renderer/api/crash-reporter.ts",
    "lib/renderer/api/ipc-renderer.ts",
-    "lib/renderer/api/shared-texture.ts",
    "lib/renderer/api/web-frame.ts",
    "lib/renderer/api/web-utils.ts",
    "lib/renderer/common-init.ts",
@@ -265,7 +257,6 @@ auto_filenames = {
    "lib/browser/api/service-worker-main.ts",
    "lib/browser/api/session.ts",
    "lib/browser/api/share-menu.ts",
-    "lib/browser/api/shared-texture.ts",
    "lib/browser/api/system-preferences.ts",
    "lib/browser/api/touch-bar.ts",
    "lib/browser/api/tray.ts",
@@ -321,7 +312,6 @@ auto_filenames = {
    "lib/renderer/api/exports/electron.ts",
    "lib/renderer/api/ipc-renderer.ts",
    "lib/renderer/api/module-list.ts",
-    "lib/renderer/api/shared-texture.ts",
    "lib/renderer/api/web-frame.ts",
    "lib/renderer/api/web-utils.ts",
    "lib/renderer/common-init.ts",
@@ -362,7 +352,6 @@ auto_filenames = {
    "lib/renderer/api/exports/electron.ts",
    "lib/renderer/api/ipc-renderer.ts",
    "lib/renderer/api/module-list.ts",
-    "lib/renderer/api/shared-texture.ts",
    "lib/renderer/api/web-frame.ts",
    "lib/renderer/api/web-utils.ts",
    "lib/renderer/ipc-renderer-bindings.ts",
--- a/filenames.gni
+++ b/filenames.gni
@@ -194,8 +194,6 @@ filenames = {
    "shell/common/api/electron_api_clipboard_mac.mm",
    "shell/common/api/electron_api_native_image_mac.mm",
    "shell/common/asar/archive_mac.mm",
-    "shell/common/asar/integrity_digest.h",
-    "shell/common/asar/integrity_digest.mm",
    "shell/common/application_info_mac.mm",
    "shell/common/language_util_mac.mm",
    "shell/common/mac/main_application_bundle.h",
@@ -458,6 +456,7 @@ filenames = {
    "shell/browser/net/system_network_context_manager.h",
    "shell/browser/net/url_loader_network_observer.cc",
    "shell/browser/net/url_loader_network_observer.h",
+    "shell/browser/net/web_request_api_interface.h",
    "shell/browser/network_hints_handler_impl.cc",
    "shell/browser/network_hints_handler_impl.h",
    "shell/browser/notifications/notification.cc",
@@ -565,7 +564,6 @@ filenames = {
    "shell/common/api/electron_api_native_image.cc",
    "shell/common/api/electron_api_native_image.h",
    "shell/common/api/electron_api_net.cc",
-    "shell/common/api/electron_api_shared_texture.cc",
    "shell/common/api/electron_api_shell.cc",
    "shell/common/api/electron_api_testing.cc",
    "shell/common/api/electron_api_url_loader.cc",
@@ -582,7 +580,6 @@ filenames = {
    "shell/common/asar/asar_util.h",
    "shell/common/asar/scoped_temporary_file.cc",
    "shell/common/asar/scoped_temporary_file.h",
-    "shell/common/callback_util.h",
    "shell/common/color_util.cc",
    "shell/common/color_util.h",
    "shell/common/crash_keys.cc",
--- a/filenames.hunspell.gni
+++ b/filenames.hunspell.gni
@@ -7,17 +7,21 @@ hunspell_dictionaries = [
  "//third_party/hunspell_dictionaries/da-DK-3-0.bdic",
  "//third_party/hunspell_dictionaries/de-DE-3-0.bdic",
  "//third_party/hunspell_dictionaries/el-GR-3-0.bdic",
+  "//third_party/hunspell_dictionaries/en-AU-10-0.bdic",
  "//third_party/hunspell_dictionaries/en-AU-10-1.bdic",
+  "//third_party/hunspell_dictionaries/en-CA-10-0.bdic",
  "//third_party/hunspell_dictionaries/en-CA-10-1.bdic",
+  "//third_party/hunspell_dictionaries/en-GB-10-0.bdic",
  "//third_party/hunspell_dictionaries/en-GB-10-1.bdic",
+  "//third_party/hunspell_dictionaries/en-GB-oxendict-10-0.bdic",
  "//third_party/hunspell_dictionaries/en-GB-oxendict-10-1.bdic",
+  "//third_party/hunspell_dictionaries/en-US-10-0.bdic",
  "//third_party/hunspell_dictionaries/en-US-10-1.bdic",
  "//third_party/hunspell_dictionaries/es-ES-3-0.bdic",
  "//third_party/hunspell_dictionaries/et-EE-3-0.bdic",
  "//third_party/hunspell_dictionaries/fa-IR-9-0.bdic",
  "//third_party/hunspell_dictionaries/fo-FO-3-0.bdic",
  "//third_party/hunspell_dictionaries/fr-FR-3-0.bdic",
-  "//third_party/hunspell_dictionaries/gl-1-0.bdic",
  "//third_party/hunspell_dictionaries/he-IL-3-0.bdic",
  "//third_party/hunspell_dictionaries/hi-IN-3-0.bdic",
  "//third_party/hunspell_dictionaries/hr-HR-3-0.bdic",
@@ -55,7 +59,6 @@ hunspell_dictionaries = [
 hunspell_licenses = [
  "//third_party/hunspell_dictionaries/COPYING",
  "//third_party/hunspell_dictionaries/COPYING.Apache",
-  "//third_party/hunspell_dictionaries/COPYING.GPL3",
  "//third_party/hunspell_dictionaries/COPYING.LESSER",
  "//third_party/hunspell_dictionaries/COPYING.LGPL",
  "//third_party/hunspell_dictionaries/COPYING.MIT",
--- a/Show More
+++ b/Show More