fix: validate protocol scheme names in setAsDefaultProtocolClient (#50157 )

fix: validate protocol scheme names in setAsDefaultProtocolClient On Windows, `app.setAsDefaultProtocolClient(protocol)` directly concatenates the protocol string into the registry key path with no validation. A protocol name containing `\` could write to an arbitrary subkey under `HKCU\Software\Classes\`, potentially hijacking existing protocol handlers. To fix this, add `Browser::IsValidProtocolScheme()` which validates that a protocol name conforms to the RFC 3986 scheme grammar: scheme = ALPHA *( ALPHA / DIGIT / "+" / "-" / "." ) This rejects backslashes, forward slashes, whitespace, and any other characters not permitted in URI schemes. Co-authored-by: trop[bot] <37223003+trop[bot]@users.noreply.github.com> Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>
fix: strictly validate sender for internal IPC reply channels (#50160 )
2026-03-19 03:02:02 -04:00 · 2026-03-10 07:28:57 -04:00 · 2026-03-10 11:09:42 +00:00 · 2026-03-10 09:22:13 +00:00 · 2026-03-09 22:02:49 -07:00 · 2026-03-09 22:02:19 -07:00
793 changed files with 13904 additions and 23569 deletions
--- a/.claude/.gitignore
+++ b/.claude/.gitignore
@@ -1 +0,0 @@
-settings.local.json
--- a/.claude/settings.json
+++ b/.claude/settings.json
@@ -1,24 +0,0 @@
-{
-  "permissions": {
-    "allow": [
-      "Bash(e sync)",
-      "Bash(e patches --list-targets:*)",
-      "Bash(git add:*)",
-      "Bash(git am:*)",
-      "Bash(git commit:*)",
-      "Bash(git log:*)",
-      "Bash(git show:*)",
-      "Bash(e patches:*)",
-      "Bash(e sync:*)",
-      "Skill(electron-chromium-upgrade)",
-      "Read(*)",
-      "Bash(echo:*)",
-      "Bash(e build:*)",
-      "Bash(tee:*)",
-      "Bash(git diff:*)",
-      "Bash(git rev-parse:*)"
-    ],
-    "deny": [],
-    "ask": []
-  }
-}
--- a/.claude/skills/electron-chromium-upgrade/SKILL.md
+++ b/.claude/skills/electron-chromium-upgrade/SKILL.md
@@ -1,199 +0,0 @@
---
-name: electron-chromium-upgrade
-description: Guide for performing Chromium version upgrades in the Electron project. Use when working on the roller/chromium/main branch to fix patch conflicts during `e sync --3`. Covers the patch application workflow, conflict resolution, analyzing upstream Chromium changes, and proper commit formatting for patch fixes.
---
-
-# Electron Chromium Upgrade: Phase One
-
-## Summary
-
-Run `e sync --3` repeatedly, fixing patch conflicts as they arise, until it succeeds. Then run `e patches all` and commit changes atomically.
-
-## Success Criteria
-
-Phase One is complete when:
- `e sync --3` exits with code 0 (no patch failures)
- `e patches all` has been run to export all changes
- All changes are committed per the commit guidelines below
-
-Do not stop until these criteria are met.
-
-**CRITICAL** Do not delete or skip patches unless 100% certain the patch is no longer needed. Complicated conflicts or hard to resolve issues should be presented to the user after you have exhausted all other options. Do not delete the patch just because you can't solve it.
-
-## Context
-
-The `roller/chromium/main` branch is created by automation to update Electron's Chromium dependency SHA. No work has been done to handle breaking changes between the old and new versions.
-
-**Key directories:**
- Current directory: Electron repo (always run `e` commands here)
- `..` (parent): Chromium repo (where most patches apply)
- `patches/`: Patch files organized by target
- `docs/development/patches.md`: Patch system documentation
-
-## Workflow
-
-1. Delete the `.git/rr-cache` in both the `electron` and `..` folder to ensure no accidental rerere replays occur from before this upgrade phase attempt started
-2. Run `e sync --3` (the `--3` flag enables 3-way merge, always required)
-3. If succeeds → skip to step 6
-4. If patch fails:
-   - Identify target repo and patch from error output
-   - Analyze failure (see references/patch-analysis.md)
-   - Fix conflict in target repo's working directory
-   - Run `git am --continue` in affected repo
-   - Repeat until all patches for that repo apply
-   - IMPORTANT: Once `git am --continue` succeeds you MUST run `e patches {target}` to export fixes
-   - Return to step 1
-5. When `e sync --3` succeeds, run `e patches all`
-6. **Read `references/phase-one-commit-guidelines.md` NOW**, then commit changes following those instructions exactly.
-
-Before committing any Phase One changes, you MUST read `references/phase-one-commit-guidelines.md` and follow its instructions exactly.
-
-## Commands Reference
-
-| Command | Purpose |
-|---------|---------|
-| `e sync --3` | Clone deps and apply patches with 3-way merge |
-| `git am --continue` | Continue after resolving conflict (run in target repo) |
-| `e patches {target}` | Export commits from target repo to patch files |
-| `e patches all` | Export all patches from all targets |
-| `e patches --list-targets` | List targets and config paths |
-
-## Patch System Mental Model
-
-```
-patches/{target}/*.patch  →  [e sync --3]  →  target repo commits
-                          ←  [e patches]   ←
-```
-
-## When to Edit Patches
-
-| Situation | Action |
-|-----------|--------|
-| During active `git am` conflict | Fix in target repo, then `git am --continue` |
-| Modifying patch outside conflict | Edit `.patch` file directly |
-| Creating new patch (rare, avoid) | Commit in target repo, then `e patches {target}` |
-
-Fix existing patches 99% of the time rather than creating new ones.
-
-## Patch Fixing Rules
-
-1. **Preserve authorship**: Keep original author in TODO comments (from patch `From:` field)
-2. **Never change TODO assignees**: `TODO(name)` must retain original name
-3. **Update descriptions**: If upstream changed (e.g., `DCHECK` → `CHECK_IS_TEST`), update patch commit message to reflect current state
-
-## Final Deliverable
-
-After Phase One, write a summary of every change: what was fixed, why, reasoning, and Chromium CL links.
-
-# Electron Chromium Upgrade: Phase Two
-
-## Summary
-
-Run `e build -k 999` repeatedly, fixing build issues as they arise, until it succeeds. Then run `e start --version` to validate Electron launches and commit changes atomically.
-
-Run Phase Two immediately after Phase One is complete.
-
-## Success Criteria
-
-Phase Two is complete when:
- `e build -k 999` exits with code 0 (no build failures)
- `e start --version` has been run to check Electron launches
- All changes are committed per the commit guidelines below
-
-Do not stop until these criteria are met. Do not delete code or features, never comment out code in order to take short cut. Make all existing code, logic and intention work.
-
-## Context
-
-The `roller/chromium/main` branch is created by automation to update Electron's Chromium dependency SHA. No work has been done to handle breaking changes between the old and new versions. Chromium APIs frequently are renamed or refactored. In every case the code in Electron must be updated to account for the change in Chromium, strongly avoid making changes to the code in chromium to fix Electrons build.
-
-**Key directories:**
- Current directory: Electron repo (always run `e` commands here)
- `..` (parent): Chromium repo (do not touch this code to fix build issues, just read it to obtain context)
-
-## Workflow
-
-1. Run `e build -k 999` (the `-k 999` flag is a flag to ninja to say "do not stop until you find that many errors" it is an attempt to get as much error
-  context as possible for each time we run build)
-2. If succeeds → skip to step 6
-3. If build fails:
-    - Identify underlying file in "electron" from the compilation error message
-    - Analyze failure
-    - Fix build issue by adapting Electron's code for the change in Chromium
-    - Run `e build -t {target_that_failed}.o` to build just the failed target we were specifically fixing
-        - You can identify the target_that_failed from the failure line in the build log. E.g. `FAILED: 2e506007-8d5d-4f38-bdd1-b5cd77999a77 "./obj/electron/chromium_src/chrome/process_singleton_posix.o" CXX obj/electron/chromium_src/chrome/process_singleton_posix.o` the target name is `obj/electron/chromium_src/chrome/process_singleton_posix.o`
-    - **Read `references/phase-two-commit-guidelines.md` NOW**, then commit changes following those instructions exactly.
-    - Return to step 1
-4. **CRITICAL**: After ANY commit (especially patch commits), immediately run `git status` in the electron repo
-    - Look for other modified `.patch` files that only have index/hunk header changes
-    - These are dependent patches affected by your fix
-    - Commit them immediately with: `git commit -am "chore: update patch hunk headers"`
-    - This prevents losing track of necessary updates
-5. Return to step 1
-6. When `e build` succeeds, run `e start --version`
-7. Check if you have any pending changes in the Chromium repo by running `git status`
-    - If you have changes follow the instructions below in "A. Patch Fixes" to correctly commit those modifications into the appropriate patch file
-
-Before committing any Phase Two changes, you MUST read `references/phase-two-commit-guidelines.md` and follow its instructions exactly.
-
-## Build Error Detection
-
-When monitoring `e build -k 999` output, filter for errors using this regex pattern:
-error:|FAILED:|fatal:|subcommand failed|build finished
-
-The build output is extremely verbose. Filtering is essential to catch errors quickly.
-
-## Commands Reference
-
-| Command | Purpose |
-|---------|---------|
-| `e build -k 999` | Builds Electron and won't stop until either all targets attempted or 999 errors found |
-| `e build -t {target}.o` | Build just one specific target to verify a fix |
-| `e start --version` | Validate Electron launches after successful build |
-
-## Two Types of Build Fixes
-
-### A. Patch Fixes (for files in chromium_src or patched Chromium files)
-
-When the error is in a file that Electron patches (check with `grep -l "filename" patches/chromium/*.patch`):
-
-1. Edit the file in the Chromium source tree (e.g., `/src/chrome/browser/...`)
-2. Create a fixup commit targeting the original patch commit:
-    ```bash
-    cd ..  # to chromium repo
-    git add <modified-file>
-    git commit --fixup=<original-patch-commit-hash>
-    GIT_SEQUENCE_EDITOR=: git rebase --autosquash --autostash -i <commit>^
-3. Export the updated patch: e patches chromium
-4. Commit the updated patch file in the electron repo following the `references/phase-one-commit-guidelines.md`, then commit changes following those instructions exactly. **READ THESE GUIDELINES BEFORE COMMITTING THESE CHANGES**
-
-To find the original patch commit to fixup: `git log --oneline | grep -i "keyword from patch name"`
-
-The base commit for rebase is the Chromium commit before patches were applied. Find it by checking the `refs/patches/upstream-head` ref.
-
-B. Electron Code Fixes (for files in shell/, electron/, etc.)
-
-When the error is in Electron's own source code:
-
-1. Edit files directly in the electron repo
-2. Commit directly (no patch export needed)
-
-Dependent Patch Updates
-
-IMPORTANT: When you modify a patch, other patches that apply to the same file may have their hunk headers invalidated. After committing a patch fix:
-
-1. Run git status in the electron repo
-2. Look for other modified .patch files with just index/hunk header changes
-3. Commit these with: git commit -m "chore: update patch hunk headers"
-
-# Critical: Read Before Committing
-
- Before ANY Phase One commits: Read `references/phase-one-commit-guidelines.md`
- Before ANY Phase Two commits: Read `references/phase-two-commit-guidelines.md`
-
-# Skill Directory Structure
-This skill has additional reference files in `references/`:
- patch-analysis.md - How to analyze patch failures
- phase-one-commit-guidelines.md - Commit format for Phase One
- phase-two-commit-guidelines.md - Commit format for Phase Two
-
-Read these when referenced in the workflow steps.
--- a/.claude/skills/electron-chromium-upgrade/references/patch-analysis.md
+++ b/.claude/skills/electron-chromium-upgrade/references/patch-analysis.md
@@ -1,69 +0,0 @@
-# Analyzing Patch Failures
-
-## Investigation Steps
-
-1. **Read the patch file** at `patches/{target}/{patch_name}.patch`
-
-2. **Examine current state** of the file in Chromium at mentioned line numbers
-
-3. **Check recent upstream changes:**
-   ```bash
-   cd ..  # or relevant target repo
-   git log --oneline -10 -- {file}
-   ```
-
-4. **Find Chromium CL** in commit messages:
-   ```
-   Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/{CL_NUMBER}
-   ```
-
-## Common Failure Patterns
-
-| Pattern | Cause | Solution |
-|---------|-------|----------|
-| Context lines don't match | Surrounding code changed | Update context in patch |
-| File not found | File renamed/moved | Update patch target path |
-| Function not found | Refactored upstream | Find new function name |
-| `DCHECK` → `CHECK_IS_TEST` | Macro change | Update to new macro |
-| Deleted code | Feature removed | Verify patch still needed |
-
-## Using Git Blame
-
-To find the CL that changed specific lines:
-
-```bash
-cd ..
-git blame -L {start},{end} -- {file}
-git log -1 {commit_sha}  # Look for Reviewed-on: line
-```
-
-## Verifying Patch Necessity
-
-Before deleting a patch, verify:
-1. The patched functionality was intentionally removed upstream
-2. Electron doesn't need the patch for other reasons
-3. No other code depends on the patched behavior
-
-When in doubt, keep the patch and adapt it.
-
-## Phase Two: Build-Time Patch Issues
-
-Sometimes patches that applied successfully in Phase One cause build errors in Phase Two. This can happen when:
-
-1. **Incomplete types**: A patch disables a header include, but new upstream code uses the type
-2. **Missing members**: A patch modifies a class, but upstream added new code referencing the original
-
-### Finding Which Patch Affects a File
-
-```bash
-grep -l "filename.cc" patches/chromium/*.patch
-```
-
-Matching Existing Patch Patterns
-
-When fixing build errors in patched files, examine the existing patch to understand its style:
- Does it use #if 0 / #endif guards?
- Does it use #if BUILDFLAG(...) conditionals?
- What's the pattern for disabled functionality?
-
-Apply fixes consistent with the existing patch style.
--- a/.claude/skills/electron-chromium-upgrade/references/phase-one-commit-guidelines.md
+++ b/.claude/skills/electron-chromium-upgrade/references/phase-one-commit-guidelines.md
@@ -1,52 +0,0 @@
-# Phase One Commit Guidelines
-
-Only follow these instructions if there are uncommitted changes to `patches/` after Phase One succeeds.
-
-Ignore other instructions about making commit messages, our guidelines are CRITICALLY IMPORTANT and must be followed.
-
-## Atomic Commits
-
-For each fix made to a patch, create a separate commit:
-
-```
-fix(patch-conflict): {concise title}
-
-{Brief explanation, 1-2 paragraphs max}
-
-Ref: {Chromium CL link}
-```
-
-IMPORTANT: Ensure that any changes made to patch content as a result of a change in Chromium is committed individually. Each change should have it's own commit message and it's own REF.
-
-IMPORTANT: Try really hard to find the CL reference per the instructions below. Each change you made should in theory have been in response to a change made in Chromium that you identified or can identify. Try for a while to identify and include the ref in the commit message. Do not give up easily.
-
-## Finding CL References
-
-Use `git log` or `git blame` on Chromium source files. Look for:
-
-```
-Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/XXXXXXX
-```
-
-If no CL found after searching: `Ref: Unable to locate CL`
-
-## Final Cleanup
-
-After all fix commits, stage remaining changes:
-
-```bash
-git add patches
-git commit -m "chore: update patch hunk headers"
-```
-
-## Example Commit
-
-```
-fix(patch-conflict): update web_contents_impl.cc context for navigation refactor
-
-The upstream navigation code was refactored to use NavigationRequest directly
-instead of going through NavigationController. Updated surrounding context
-to match new code structure.
-
-Ref: https://chromium-review.googlesource.com/c/chromium/src/+/1234567
-```
--- a/.claude/skills/electron-chromium-upgrade/references/phase-two-commit-guidelines.md
+++ b/.claude/skills/electron-chromium-upgrade/references/phase-two-commit-guidelines.md
@@ -1,82 +0,0 @@
-# Phase Two Commit Guidelines
-
-Only follow these instructions if there are uncommitted changes in the Electron repo after any fixes are made during Phase Two that result a target that was failing, successfully building.
-
-Ignore other instructions about making commit messages, our guidelines are CRITICALLY IMPORTANT and must be followed.
-
-## Two Commit Types
-
-### For Electron Source Changes (shell/, electron/, etc.)
-
-```
-{CL-Number}: {concise description of API change}
-
-{Brief explanation of what upstream changed and how Electron was adapted}
-
-Ref: {Chromium CL link}
-```
-
-IMPORTANT: Ensure that any change made to electron as a result of a change in Chromium is committed individually. Each change should have it's own commit message and it's own REF. Logically grouped into commits that make sense rather than one giant commit.
-
-IMPORTANT: Try really hard to find the CL reference per the instructions below. Each change you made should in theory have been in response to a change made in Chromium that you identified or can identify. Try for a while to identify and include the ref in the commit message. Do not give up easily.
-
-You may include multiple "Ref" links if required.
-
-For a CL link in the format `https://chromium-review.googlesource.com/c/chromium/src/+/2958369` the "CL-Number" is `2958369`
-
-### For Patch Updates (patches/chromium/*.patch)
-
-Use the same fixup workflow as Phase One:
-1. Fix in Chromium source tree
-2. Fixup commit + rebase
-3. Export with `e patches chromium`
-4. Commit the patch file:
-
-```
-fix(patch-update): {concise description}
-
-{Brief explanation}
-
-Ref: {Chromium CL link}
-```
-
-## Dependent Patch Header Updates
-
-After any patch modification, check for other affected patches:
-
-```bash
-git status
-# If other .patch files show as modified with only hunk header changes:
-git add patches/
-git commit -m "chore: update patch hunk headers"
-```
-
-## Finding CL References
-
-Use git log or git blame on Chromium source files. Look for:
-
-Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/XXXXXXX
-
-If no CL found after searching: Ref: Unable to locate CL
-
-## Example Commits
-
-### Electron Source Fix
-
-fix: update GetPlugins to GetPluginsAsync for API change
-
-The upstream Chromium API changed:
- Old: GetPlugins(callback) - took a callback
- New: GetPluginsAsync(callback) - async version takes a callback
-
-Ref: https://chromium-review.googlesource.com/c/chromium/src/+/1234567
-
-### Patch Fix
-
-fix(patch-conflict): update picture-in-picture for gesture handling refactor
-
-Upstream added new gesture handling code that accesses live caption dialog.
-The live caption functionality is disabled in Electron's patch, so wrapped
-the new code in #if 0 guards to match existing pattern.
-
-Ref: https://chromium-review.googlesource.com/c/chromium/src/+/7654321
--- a/.devcontainer/on-create-command.sh
+++ b/.devcontainer/on-create-command.sh
@@ -48,8 +48,7 @@ if [ ! -f $buildtools/configs/evm.testing.json ]; then
            \"gen\": {
                \"args\": [
                    \"import(\\\"//electron/build/args/testing.gn\\\")\",
-                    \"use_remoteexec = true\",
-                    \"use_siso=true\"
+                    \"use_remoteexec = true\"
                ],
                \"out\": \"Testing\"
            },
@@ -59,7 +58,7 @@ if [ ! -f $buildtools/configs/evm.testing.json ]; then
            },
            \"\$schema\": \"file:///home/builduser/.electron_build_tools/evm-config.schema.json\",
            \"configValidationLevel\": \"strict\",
-            \"remoteBuild\": \"siso\",
+            \"remoteBuild\": \"reclient\",
            \"preserveSDK\": 5
        }
    " >$buildtools/configs/evm.testing.json
--- a/.github/ISSUE_TEMPLATE/bug_report.yml
+++ b/.github/ISSUE_TEMPLATE/bug_report.yml
@@ -58,16 +58,6 @@ body:
    label: Last Known Working Electron version
    description: What is the last version of Electron this worked in, if applicable?
    placeholder: 16.0.0
- type: dropdown
-  attributes:
-    label: Does the issue also appear in Chromium / Google Chrome?
-    description: If it does, please report the issue in the [Chromium issue tracker](https://issues.chromium.org/issues), not against Electron. Electron will inherit the fix once Chromium resolves the issue.
-    options:
-      - I don't know how to test
-      - "Yes"
-      - "No"
-  validations:
-    required: true
 - type: textarea
  attributes:
    label: Expected Behavior
--- a/.github/PULL_REQUEST_TEMPLATE.md
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@@ -10,8 +10,7 @@ Contributors guide: https://github.com/electron/electron/blob/main/CONTRIBUTING.
 #### Checklist
 <!-- Remove items that do not apply. For completed items, change [ ] to [x]. -->

- [ ] PR description included
- [ ] I have built and tested this PR
+- [ ] PR description included and stakeholders cc'd
 - [ ] `npm test` passes
 - [ ] tests are [changed or added](https://github.com/electron/electron/blob/main/docs/development/testing.md)
 - [ ] relevant API documentation, tutorials, and examples are updated and follow the [documentation style guide](https://github.com/electron/electron/blob/main/docs/development/style-guide.md)
--- a/.github/actions/build-electron/action.yml
+++ b/.github/actions/build-electron/action.yml
@@ -26,9 +26,6 @@ inputs:
  is-asan:
    description: 'The ASan Linux build'
    required: false
-  upload-out-gen-artifacts:
-    description: 'Whether to upload the out/${dir}/gen artifacts'
-    required: false
 runs:
  using: "composite"
  steps:
@@ -48,7 +45,6 @@ runs:
      shell: bash
      run: echo "::add-matcher::src/electron/.github/problem-matchers/clang.json"
    - name: Build Electron ${{ inputs.step-suffix }}
-      if: ${{ inputs.target-platform != 'win' }}
      shell: bash
      run: |
        rm -rf "src/out/Default/Electron Framework.framework"
@@ -74,37 +70,10 @@ runs:

        # Upload build stats to Datadog
        if ! [ -z $DD_API_KEY ]; then
-          npx node electron/script/build-stats.mjs out/Default/siso.INFO --upload-stats || true          
+          npx node electron/script/build-stats.mjs out/Default/siso.INFO --upload-stats || true
        else
          echo "Skipping build-stats.mjs upload because DD_API_KEY is not set"
        fi
-    - name: Build Electron (Windows) ${{ inputs.step-suffix }}
-      if: ${{ inputs.target-platform == 'win' }}
-      shell: powershell
-      run: |
-        cd src\electron
-        git pack-refs
-        cd ..
-
-        $env:NINJA_SUMMARIZE_BUILD = 1
-        if ("${{ inputs.is-release }}" -eq "true") {          
-          e build --target electron:release_build
-        } else {
-          e build --target electron:testing_build
-        }
-        Copy-Item out\Default\.ninja_log out\electron_ninja_log
-        node electron\script\check-symlinks.js
-
-        # Upload build stats to Datadog
-        if ($env:DD_API_KEY) {
-          try {
-            npx node electron\script\build-stats.mjs out\Default\siso.exe.INFO --upload-stats
-          } catch {
-            Write-Host "Build stats upload failed, continuing..."
-          }
-        } else {
-          Write-Host "Skipping build-stats.mjs upload because DD_API_KEY is not set"
-        }
    - name: Verify dist.zip ${{ inputs.step-suffix }}
      shell: bash
      run: |
@@ -163,14 +132,6 @@ runs:
      run: |
        cd src
        e build --target electron:electron_chromedriver_zip
-
-        if [ "${{ inputs.is-asan }}" != "true" ]; then
-          target_os=${{ inputs.target-platform == 'macos' && 'mac' || inputs.target-platform }}
-          if [ "${{ inputs.artifact-platform }}" = "mas" ]; then
-            target_os="${target_os}_mas"
-          fi
-          electron/script/zip_manifests/check-zip-manifest.py out/Default/chromedriver.zip electron/script/zip_manifests/chromedriver_zip.$target_os.${{ inputs.target-arch }}.manifest
-        fi
    - name: Create installed_software.json ${{ inputs.step-suffix }}
      shell: powershell
      if: ${{ inputs.is-release == 'true' && inputs.target-platform == 'win' }}
@@ -283,9 +244,3 @@ runs:
      with:
        name: src_artifacts_${{ env.ARTIFACT_KEY }}
        path: ./src_artifacts_${{ inputs.artifact-platform }}_${{ inputs.target-arch }}
-    - name: Upload Out Gen Artifacts ${{ inputs.step-suffix }}
-      if: ${{ inputs.upload-out-gen-artifacts == 'true' }}
-      uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808
-      with:
-        name: out_gen_artifacts_${{ env.ARTIFACT_KEY }}
-        path: ./src/out/Default/gen
--- a/.github/actions/checkout/action.yml
+++ b/.github/actions/checkout/action.yml
@@ -173,6 +173,7 @@ runs:
    run: |
      rm -rf src/android_webview
      rm -rf src/ios/chrome
+      rm -rf src/third_party/blink/web_tests
      rm -rf src/third_party/blink/perf_tests
      rm -rf src/chrome/test/data/xr/webvr_info
      rm -rf src/third_party/angle/third_party/VK-GL-CTS/src
--- a/.github/actions/fix-sync/action.yml
+++ b/.github/actions/fix-sync/action.yml
@@ -37,22 +37,6 @@ runs:
        installation-dir: third_party/esbuild
        target-platform: ${{ inputs.target-platform }}
        package: infra/3pp/tools/esbuild/${platform}
-    - name: Fix rollup
-      if: ${{ inputs.target-platform != 'linux' }}
-      uses: ./src/electron/.github/actions/cipd-install
-      with:
-        cipd-root-prefix-path: src/third_party/devtools-frontend/src/
-        dependency: rollup_libs
-        deps-file: src/third_party/devtools-frontend/src/DEPS
-        installation-dir: third_party/rollup_libs
-        target-platform: ${{ inputs.target-platform }}
-        package: infra/3pp/tools/rollup_libs/${platform}
-    - name: Sync native rollup libs
-      if: ${{ inputs.target-platform != 'linux' }}
-      shell: bash
-      run : |
-        cd src/third_party/devtools-frontend/src
-        python3 scripts/deps/sync_rollup_libs.py
    - name: Fix rustc
      if: ${{ inputs.target-platform != 'linux' }}
      shell: bash
--- a/.github/actions/free-space-macos/action.yml
+++ b/.github/actions/free-space-macos/action.yml
@@ -6,8 +6,6 @@ runs:
    - name: Free Space on MacOS
      shell: bash
      run: |
-        echo "Disk usage before cleanup:"
-        df -h
        sudo mkdir -p $TMPDIR/del-target

        tmpify() {
@@ -17,30 +15,28 @@ runs:
        }

        strip_universal_deep() {
-          if [ -d "$1" ]; then
-            opwd=$(pwd)
-            cd $1
-            f=$(find . -perm +111 -type f)
-            for fp in $f
-            do
-              if [[ $(file "$fp") == *"universal binary"* ]]; then
-                if [ "`arch`" == "arm64" ]; then
-                  if [[ $(file "$fp") == *"x86_64"* ]]; then
-                    sudo lipo -remove x86_64 "$fp" -o "$fp" || true
-                  fi
-                else
-                  if [[ $(file "$fp") == *"arm64e)"* ]]; then
-                    sudo lipo -remove arm64e "$fp" -o "$fp" || true
-                  fi
-                  if [[ $(file "$fp") == *"arm64)"* ]]; then
-                    sudo lipo -remove arm64 "$fp" -o "$fp" || true
-                  fi
+          opwd=$(pwd)
+          cd $1
+          f=$(find . -perm +111 -type f)
+          for fp in $f
+          do
+            if [[ $(file "$fp") == *"universal binary"* ]]; then
+              if [ "`arch`" == "arm64" ]; then
+                if [[ $(file "$fp") == *"x86_64"* ]]; then
+                  sudo lipo -remove x86_64 "$fp" -o "$fp" || true
+                fi
+              else
+                if [[ $(file "$fp") == *"arm64e)"* ]]; then
+                  sudo lipo -remove arm64e "$fp" -o "$fp" || true
+                fi
+                if [[ $(file "$fp") == *"arm64)"* ]]; then
+                  sudo lipo -remove arm64 "$fp" -o "$fp" || true
                fi
              fi
-            done
+            fi
+          done

-            cd $opwd
-          fi
+          cd $opwd
        }

        tmpify /Library/Developer/CoreSimulator
@@ -62,30 +58,19 @@ runs:

        sudo rm -rf /Applications/Safari.app
        sudo rm -rf /Applications/Xcode_16.1.app
-        sudo rm -rf /Applications/Xcode_16.2.app
        sudo rm -rf /Applications/Xcode_16.3.app
-        sudo rm -rf /Applications/Xcode_26*
+        sudo rm -rf /Applications/Xcode_16.2.app
        sudo rm -rf /Applications/Google Chrome.app
+        sudo rm -rf /Applications/Xcode_16.4.app
        sudo rm -rf /Applications/Google Chrome for Testing.app
-        sudo rm -rf /Applications/Firefox.app
-        sudo rm -rf /Applications/Microsoft Edge.app
+        sudo rm -rf	/Applications/Firefox.app
        sudo rm -rf ~/project/src/third_party/catapult/tracing/test_data
        sudo rm -rf ~/project/src/third_party/angle/third_party/VK-GL-CTS
        sudo rm -rf /Users/runner/Library/Android
        sudo rm -rf $JAVA_HOME_11_arm64
        sudo rm -rf $JAVA_HOME_17_arm64
        sudo rm -rf $JAVA_HOME_21_arm64
-        sudo rm -rf $JAVA_HOME_25_arm64
-        sudo rm -rf /Users/runner/.dotnet/
-        sudo rm -rf /Users/runner/.rustup
-
-        # remove homebrew packages we don't need
-        if command -v brew &> /dev/null; then
-          brew uninstall -f --zap aws-sam-cli session-manager-plugin gcc gcc@13 gcc@14 llvm@18 gradle maven ant azure-cli
-          brew autoremove
-        fi

        # lipo off some huge binaries arm64 versions to save space
        strip_universal_deep $(xcode-select -p)/../SharedFrameworks
-        # strip_arm_deep /System/Volumes/Data/Library/Developer/CommandLineTools/usr
-        sudo mdutil -a -i off
+        # strip_arm_deep /System/Volumes/Data/Library/Developer/CommandLineTools/usr
--- a/.github/actions/install-build-tools/action.yml
+++ b/.github/actions/install-build-tools/action.yml
@@ -15,7 +15,7 @@ runs:
        git config --global core.preloadindex true
        git config --global core.longpaths true
      fi
-      export BUILD_TOOLS_SHA=4430e4a505e0f4fa2a41b707a10a36f780bbdd26
+      export BUILD_TOOLS_SHA=a0cc95a1884a631559bcca0c948465b725d9295a
      npm i -g @electron/build-tools
      # Update depot_tools to ensure python
      e d update_depot_tools
--- a/.github/copilot-instructions.md
+++ b/.github/copilot-instructions.md
@@ -0,0 +1,122 @@
+# Copilot Instructions for Electron
+
+## Build System
+
+Electron uses `@electron/build-tools` (`e` CLI). Install with `npm i -g @electron/build-tools`.
+
+```bash
+e sync              # Fetch sources and apply patches
+e build             # Build Electron (GN + Ninja)
+e build -k 999      # Build, continuing through errors
+e start             # Run built Electron
+e start --version   # Verify Electron launches
+e test              # Run full test suite
+e debug             # Run in debugger (lldb on macOS, gdb on Linux)
+```
+
+### Linting
+
+```bash
+npm run lint              # Run all linters (JS, C++, Python, GN, docs)
+npm run lint:js           # JavaScript/TypeScript only
+npm run lint:clang-format # C++ formatting only
+npm run lint:cpp          # C++ linting only
+npm run lint:docs         # Documentation only
+```
+
+### Running a Single Test
+
+```bash
+npm run test -- -g "pattern"   # Run tests matching a regex pattern
+# Example: npm run test -- -g "ipc"
+```
+
+### Running a Single Node.js Test
+
+```bash
+node script/node-spec-runner.js parallel/test-crypto-keygen
+```
+
+## Architecture
+
+Electron embeds Chromium (rendering) and Node.js (backend) to enable desktop apps with web technologies. The parent directory (`../`) is the Chromium source tree.
+
+### Process Model
+
+Electron has two primary process types, mirroring Chromium:
+
+- **Main process** (`shell/browser/` + `lib/browser/`): Controls app lifecycle, creates windows, system APIs
+- **Renderer process** (`shell/renderer/` + `lib/renderer/`): Runs web content in BrowserWindows
+
+### Native ↔ JavaScript Bridge
+
+Each API is implemented as a C++/JS pair:
+
+- C++ side: `shell/browser/api/electron_api_{name}.cc/.h` — uses `gin::Wrappable` and `ObjectTemplateBuilder`
+- JS side: `lib/browser/api/{name}.ts` — exports the module, registered in `lib/browser/api/module-list.ts`
+- Binding: `NODE_LINKED_BINDING_CONTEXT_AWARE(electron_browser_{name}, Initialize)` in C++ and registered in `shell/common/node_bindings.cc`
+- Type declaration: `typings/internal-ambient.d.ts` maps `process._linkedBinding('electron_browser_{name}')`
+
+### Patches System
+
+Electron patches upstream dependencies (Chromium, Node.js, V8, etc.) rather than forking them. Patches live in `patches/` organized by target, with `patches/config.json` mapping directories to repos.
+
+```text
+patches/{target}/*.patch  →  [e sync]   →  target repo commits
+                          ←  [e patches] ←
+```
+
+Key rules:
+
+- Fix existing patches rather than creating new ones
+- Preserve original authorship in TODO comments — never change `TODO(name)` assignees
+- Each patch commit message must explain why the patch exists
+- After modifying patches, run `e patches {target}` to export
+
+When working on the `roller/chromium/main` branch for Chromium upgrades, use `e sync --3` for 3-way merge conflict resolution.
+
+## Conventions
+
+### File Naming
+
+- JS/TS files: kebab-case (`file-name.ts`)
+- C++ files: snake_case with `electron_api_` prefix (`electron_api_safe_storage.cc`)
+- Test files: `api-{module-name}-spec.ts` in `spec/`
+- Source file lists are maintained in `filenames.gni` (with platform-specific sections)
+
+### JavaScript/TypeScript
+
+- Semicolons required (`"semi": ["error", "always"]`)
+- `const` and `let` only (no `var`)
+- Arrow functions preferred
+- Import order enforced: `@electron/internal` → `@electron` → `electron` → external → builtin → relative
+- API naming: `PascalCase` for classes (`BrowserWindow`), `camelCase` for module APIs (`globalShortcut`)
+- Prefer getters/setters over jQuery-style `.text([text])` patterns
+
+### C++
+
+- Follows Chromium coding style, enforced by `clang-format` and `clang-tidy`
+- Uses Chromium abstractions (`base::`, `content::`, etc.)
+- Header guards: `#ifndef ELECTRON_SHELL_BROWSER_API_ELECTRON_API_{NAME}_H_`
+- Platform-specific files: `_mac.mm`, `_win.cc`, `_linux.cc`
+
+### Testing
+
+- Framework: Mocha + Chai + Sinon
+- Test helpers in `spec/lib/` (e.g., `spec-helpers.ts`, `window-helpers.ts`)
+- Use `defer()` from spec-helpers for cleanup, `closeAllWindows()` for window teardown
+- Tests import from `electron/main` or `electron/renderer`
+
+### Documentation
+
+- API docs in `docs/api/` as Markdown, parsed by `@electron/docs-parser` to generate `electron.d.ts`
+- API history tracked via YAML blocks in HTML comments within doc files
+- Docs must pass `npm run lint:docs`
+
+### Build Configuration
+
+- `BUILD.gn`: Main GN build config
+- `buildflags/buildflags.gni`: Feature flags (PDF viewer, extensions, spellchecker)
+- `build/args/`: Build argument profiles (`testing.gn`, `release.gn`, `all.gn`)
+- `DEPS`: Dependency versions and checkout paths
+- `chromium_src/`: Chromium source file overrides (compiled instead of originals)
--- a/.github/workflows/apply-patches.yml
+++ b/.github/workflows/apply-patches.yml
@@ -1,73 +0,0 @@
-name: Apply Patches
-
-on:
-  pull_request:
-
-permissions: {}
-
-concurrency:
-  group: apply-patches-${{ github.ref }}
-  cancel-in-progress: true
-
-jobs:
-  setup:
-    if: github.repository == 'electron/electron'
-    runs-on: ubuntu-slim
-    permissions:
-      contents: read
-      pull-requests: read
-    outputs:
-      has-patches: ${{ steps.filter.outputs.patches }}
-    steps:
-    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
-      with:
-        persist-credentials: false
-        ref: ${{ github.event.pull_request.head.sha }}
-    # Use dorny/paths-filter instead of the path filter under the on: pull_request: block
-    # so that the output can be used to conditionally run the apply-patches job, which lets
-    # the job be marked as a required status check (conditional skip counts as a success).
-    - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
-      id: filter
-      with:
-        filters: |
-          patches:
-            - DEPS
-            - 'patches/**'
-
-  apply-patches:
-    needs: setup
-    if: ${{ needs.setup.outputs.has-patches == 'true' }}
-    runs-on: electron-arc-centralus-linux-amd64-32core
-    permissions:
-      contents: read
-    container:
-      image: ghcr.io/electron/build:a82b87d7a4f5ff0cab61405f8151ac4cf4942aeb
-      options: --user root
-      volumes:
-        - /mnt/cross-instance-cache:/mnt/cross-instance-cache
-        - /var/run/sas:/var/run/sas
-    env:
-      CHROMIUM_GIT_COOKIE: ${{ secrets.CHROMIUM_GIT_COOKIE }}
-      GCLIENT_EXTRA_ARGS: '--custom-var=checkout_arm=True --custom-var=checkout_arm64=True'
-    steps:
-    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
-      with:
-        path: src/electron
-        fetch-depth: 0
-        persist-credentials: false
-        ref: ${{ github.event.pull_request.base.ref }}
-    - name: Merge PR HEAD
-      working-directory: src/electron
-      env:
-        PR_NUMBER: ${{ github.event.pull_request.number }}
-      run: |
-        git config user.email "electron@github.com"
-        git config user.name "Electron Bot"
-        git fetch origin refs/pull/${PR_NUMBER}/head
-        git merge --squash FETCH_HEAD
-        git commit -n -m "Squashed commits"
-    - name: Checkout & Sync & Save
-      uses: ./src/electron/.github/actions/checkout
-      with:
-        target-platform: linux
--- a/.github/workflows/archaeologist-dig.yml
+++ b/.github/workflows/archaeologist-dig.yml
@@ -13,13 +13,13 @@ jobs:
      contents: read
    steps:
      - name: Checkout Electron
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #v4.0.2
        with:
          fetch-depth: 0
      - name: Setup Node.js/npm
-        uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238
+        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020
        with:
-          node-version: 24.12.x
+          node-version: 20.19.x
      - name: Setting Up Dig Site
        run: |
          echo "remote: ${{ github.event.pull_request.head.repo.clone_url }}"
@@ -45,7 +45,7 @@ jobs:
          sha-file: .dig-old
          filename: electron.old.d.ts
      - name: Upload artifacts
-        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f #v6.0.0
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 #v4.6.2
        with:
          name: artifacts
          path: electron/artifacts
--- a/.github/workflows/audit-branch-ci.yml
+++ b/.github/workflows/audit-branch-ci.yml
@@ -11,31 +11,16 @@ permissions: {}
 jobs:
  audit_branch_ci:
    name: Audit CI on Branches
-    if: github.repository == 'electron/electron'
    runs-on: ubuntu-latest
    permissions:
      contents: read
    steps:
-      - name: Setup Node.js
-        uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
-        with:
-          node-version: 22.17.x
-      - name: Sparse checkout repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          sparse-checkout: |
-            .
-            .github
-            .yarn
-      - run: yarn workspaces focus @electron/gha-workflows
-      - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
+      - run: npm install @actions/cache @electron/fiddle-core
+      - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
        id: audit-errors
        with:
          github-token: ${{ secrets.GITHUB_TOKEN }}
          script: |
-            const { chdir } = require('node:process');
-            chdir('${{ github.workspace }}/.github/workflows');
-
            const cache = require('@actions/cache');
            const { ElectronVersions } = require('@electron/fiddle-core');

@@ -44,7 +29,7 @@ jobs:
            // Only want the most recent workflow run that wasn't skipped or cancelled
            const isValidWorkflowRun = (run) => !['skipped', 'cancelled'].includes(run.conclusion);

-            const versions = await ElectronVersions.create({ ignoreCache: true });
+            const versions = await ElectronVersions.create(undefined, { ignoreCache: true });
            const branches = versions.supportedMajors.map((branch) => `${branch}-x-y`);

            for (const branch of ["main", ...branches]) {
@@ -84,8 +69,6 @@ jobs:
                      annotation_level === "failure" &&
                      !message.startsWith("Process completed with exit code") &&
                      !message.startsWith("Response status code does not indicate success") &&
-                      !message.startsWith("The hosted runner lost communication with the server") &&
-                      !message.startsWith("Dependabot encountered an error performing the update") &&
                      !/Unable to make request/.test(message) &&
                      !/The requested URL returned error/.test(message),
                  )
@@ -118,6 +101,7 @@ jobs:
            }

            if (runsWithErrors.length > 0) {
+              core.setOutput('errorsFound', true);
              core.summary.addHeading('⚠️ Runs with Errors');
              core.summary.addTable([
                [
@@ -144,7 +128,6 @@ jobs:

              // Set this as failed so it's easy to scan runs to find failures
              if (runsWithErrors.find((run) => !run.isStale)) {
-                core.setOutput('errorsFound', true);
                process.exitCode = 1;
              }
            } else {
@@ -154,7 +137,7 @@ jobs:
            await core.summary.write();
      - name: Send Slack message if errors
        if: ${{ always() && steps.audit-errors.outputs.errorsFound && github.ref == 'refs/heads/main' }}
-        uses: slackapi/slack-github-action@91efab103c0de0a537f72a35f6b8cda0ee76bf0a # v2.1.1
+        uses: slackapi/slack-github-action@b0fa283ad8fea605de13dc3f449259339835fc52 # v2.1.0
        with:
          payload: |
            link: "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}"
--- a/.github/workflows/branch-created.yml
+++ b/.github/workflows/branch-created.yml
@@ -14,7 +14,7 @@ permissions: {}
 jobs:
  release-branch-created:
    name: Release Branch Created
-    if: ${{ github.repository == 'electron/electron' && (github.event_name == 'workflow_dispatch' || (github.event.ref_type == 'branch' && endsWith(github.event.ref, '-x-y') && !startsWith(github.event.ref, 'roller'))) }}
+    if: ${{ github.event_name == 'workflow_dispatch' || (github.event.ref_type == 'branch' && endsWith(github.event.ref, '-x-y') && !startsWith(github.event.ref, 'roller')) }}
    permissions:
      contents: read
      pull-requests: write
@@ -68,14 +68,14 @@ jobs:
          done
      - name: Generate GitHub App token
        if: ${{ steps.check-major-version.outputs.MAJOR }}
-        uses: electron/github-app-auth-action@e14e47722ed120360649d0789e25b9baece12725 # v2.0.0
+        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
        id: generate-token
        with:
          creds: ${{ secrets.RELEASE_BOARD_GH_APP_CREDS }}
          org: electron
      - name: Generate Release Project Board Metadata
        if: ${{ steps.check-major-version.outputs.MAJOR }}
-        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
+        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
        id: generate-project-metadata
        with:
          script: |
--- a/.github/workflows/build-git-cache.yml
+++ b/.github/workflows/build-git-cache.yml
@@ -10,7 +10,6 @@ permissions: {}

 jobs:
  build-git-cache-linux:
-    if: github.repository == 'electron/electron'
    runs-on: electron-arc-centralus-linux-amd64-32core
    permissions:
      contents: read
@@ -24,7 +23,7 @@ jobs:
      GCLIENT_EXTRA_ARGS: '--custom-var=checkout_arm=True --custom-var=checkout_arm64=True'
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -34,7 +33,6 @@ jobs:
        target-platform: linux

  build-git-cache-windows:
-    if: github.repository == 'electron/electron'
    runs-on: electron-arc-centralus-linux-amd64-32core
    permissions:
      contents: read
@@ -49,7 +47,7 @@ jobs:
      TARGET_OS: 'win'
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -59,7 +57,6 @@ jobs:
        target-platform: win

  build-git-cache-macos:
-    if: github.repository == 'electron/electron'
    runs-on: electron-arc-centralus-linux-amd64-32core
    permissions:
      contents: read
@@ -75,7 +72,7 @@ jobs:
      GCLIENT_EXTRA_ARGS: '--custom-var=checkout_mac=True --custom-var=host_os=mac'
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -47,7 +47,6 @@ permissions: {}

 jobs:
  setup:
-    if: github.repository == 'electron/electron'
    runs-on: ubuntu-latest
    permissions:
      contents: read
@@ -58,7 +57,7 @@ jobs:
        build-image-sha: ${{ steps.set-output.outputs.build-image-sha }}
        docs-only: ${{ steps.set-output.outputs.docs-only }}
    steps:
-    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+    - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #v4.0.2
      with:
        ref: ${{ github.event.pull_request.head.sha }}
    - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
@@ -125,7 +124,7 @@ jobs:
      build-image-sha: ${{ needs.setup.outputs.build-image-sha }}
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -157,7 +156,7 @@ jobs:
      build-image-sha: ${{ needs.setup.outputs.build-image-sha}}
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -189,7 +188,7 @@ jobs:
      build-image-sha: ${{ needs.setup.outputs.build-image-sha}}
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -209,7 +208,7 @@ jobs:
    with:
      target-platform: macos
      target-archs: x64 arm64
-      check-runs-on: macos-15
+      check-runs-on: macos-14
      gn-build-type: testing
    secrets: inherit

@@ -249,8 +248,8 @@ jobs:
    uses: ./.github/workflows/pipeline-electron-build-and-test.yml
    needs: checkout-macos
    with:
-      build-runs-on: macos-15-xlarge
-      test-runs-on: macos-15-large
+      build-runs-on: macos-14-xlarge
+      test-runs-on: macos-14-large 
      target-platform: macos
      target-arch: x64
      is-release: false
@@ -268,8 +267,8 @@ jobs:
    uses: ./.github/workflows/pipeline-electron-build-and-test.yml
    needs: checkout-macos
    with:
-      build-runs-on: macos-15-xlarge
-      test-runs-on: macos-15
+      build-runs-on: macos-14-xlarge
+      test-runs-on: macos-14
      target-platform: macos
      target-arch: arm64
      is-release: false
@@ -284,15 +283,13 @@ jobs:
      contents: read
      issues: read
      pull-requests: read
-    uses: ./.github/workflows/pipeline-electron-build-and-tidy-and-test-and-nan.yml
+    uses: ./.github/workflows/pipeline-electron-build-and-test-and-nan.yml
    needs: checkout-linux
    if: ${{ needs.setup.outputs.src == 'true' }}
    with:
      build-runs-on: electron-arc-centralus-linux-amd64-32core
-      clang-tidy-runs-on: electron-arc-centralus-linux-amd64-8core
      test-runs-on: electron-arc-centralus-linux-amd64-4core
      build-container: '{"image":"ghcr.io/electron/build:${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root","volumes":["/mnt/cross-instance-cache:/mnt/cross-instance-cache"]}'
-      clang-tidy-container: '{"image":"ghcr.io/electron/build:${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root","volumes":["/mnt/cross-instance-cache:/mnt/cross-instance-cache"]}'
      test-container: '{"image":"ghcr.io/electron/build:${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root --privileged --init"}'
      target-platform: linux
      target-arch: x64
@@ -429,7 +426,7 @@ jobs:
    permissions:
      contents: read
    needs: [docs-only, macos-x64, macos-arm64, linux-x64, linux-x64-asan, linux-arm, linux-arm64, windows-x64, windows-x86, windows-arm64]
-    if: always() && github.repository == 'electron/electron' && !contains(needs.*.result, 'failure')
+    if: always() && !contains(needs.*.result, 'failure')
    steps: 
    - name: GitHub Actions Jobs Done
      run: |
--- a/.github/workflows/clean-src-cache.yml
+++ b/.github/workflows/clean-src-cache.yml
@@ -12,7 +12,6 @@ permissions: {}

 jobs:
  clean-src-cache:
-    if: github.repository == 'electron/electron'
    runs-on: electron-arc-centralus-linux-amd64-32core
    permissions:
      contents: read
--- a/.github/workflows/issue-commented.yml
+++ b/.github/workflows/issue-commented.yml
@@ -10,24 +10,15 @@ permissions: {}
 jobs:
  issue-commented:
    name: Remove blocked/{need-info,need-repro} on comment
-    if: ${{ (contains(github.event.issue.labels.*.name, 'blocked/need-repro') || contains(github.event.issue.labels.*.name, 'blocked/need-info ❌')) && github.event.comment.user.type != 'Bot' }}
+    if: ${{ (contains(github.event.issue.labels.*.name, 'blocked/need-repro') || contains(github.event.issue.labels.*.name, 'blocked/need-info ❌')) && !contains(fromJSON('["MEMBER", "OWNER", "COLLABORATOR"]'), github.event.comment.author_association) && github.event.comment.user.type != 'Bot' }}
    runs-on: ubuntu-latest
    steps:
-      - name: Get author association
-        id: get-author-association
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          AUTHOR_ASSOCIATION=$(gh api /repos/electron/electron/issues/comments/${{ github.event.comment.id }} --jq '.author_association')
-          echo "author_association=$AUTHOR_ASSOCIATION" >> "$GITHUB_OUTPUT"
      - name: Generate GitHub App token
-        uses: electron/github-app-auth-action@e14e47722ed120360649d0789e25b9baece12725 # v2.0.0
-        if: ${{ !contains(fromJSON('["MEMBER", "OWNER", "COLLABORATOR"]'), steps.get-author-association.outputs.author_association) }}
+        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
        id: generate-token
        with:
          creds: ${{ secrets.ISSUE_TRIAGE_GH_APP_CREDS }}
      - name: Remove label
-        if: ${{ !contains(fromJSON('["MEMBER", "OWNER", "COLLABORATOR"]'), steps.get-author-association.outputs.author_association) }}
        env:
          GITHUB_TOKEN: ${{ steps.generate-token.outputs.token }}
          ISSUE_URL: ${{ github.event.issue.html_url }}
--- a/.github/workflows/issue-labeled.yml
+++ b/.github/workflows/issue-labeled.yml
@@ -15,7 +15,7 @@ jobs:
      contents: read
    steps:
      - name: Generate GitHub App token
-        uses: electron/github-app-auth-action@e14e47722ed120360649d0789e25b9baece12725 # v2.0.0
+        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
        id: generate-token
        with:
          creds: ${{ secrets.ISSUE_TRIAGE_GH_APP_CREDS }}
@@ -36,7 +36,7 @@ jobs:
      contents: read
    steps:
      - name: Generate GitHub App token
-        uses: electron/github-app-auth-action@e14e47722ed120360649d0789e25b9baece12725 # v2.0.0
+        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
        id: generate-token
        with:
          creds: ${{ secrets.ISSUE_TRIAGE_GH_APP_CREDS }}
@@ -69,13 +69,13 @@ jobs:
          fi
      - name: Generate GitHub App token
        if: ${{ steps.check-for-comment.outputs.SHOULD_COMMENT }}
-        uses: electron/github-app-auth-action@e14e47722ed120360649d0789e25b9baece12725 # v2.0.0
+        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
        id: generate-token
        with:
          creds: ${{ secrets.ISSUE_TRIAGE_GH_APP_CREDS }}
      - name: Create comment
        if: ${{ steps.check-for-comment.outputs.SHOULD_COMMENT }}
-        uses: actions-cool/issues-helper@e2ff99831a4f13625d35064e2b3dfe65c07a0396 # v3.7.5
+        uses: actions-cool/issues-helper@a610082f8ac0cf03e357eb8dd0d5e2ba075e017e # v3.6.0
        with:
          actions: 'create-comment'
          token: ${{ steps.generate-token.outputs.token }}
--- a/.github/workflows/issue-opened.yml
+++ b/.github/workflows/issue-opened.yml
@@ -14,7 +14,7 @@ jobs:
    permissions: {}
    steps:
      - name: Generate GitHub App token
-        uses: electron/github-app-auth-action@e14e47722ed120360649d0789e25b9baece12725 # v2.0.0
+        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
        id: generate-token
        with:
          creds: ${{ secrets.ISSUE_TRIAGE_GH_APP_CREDS }}
@@ -32,34 +32,23 @@ jobs:
    permissions: {}
    steps:
      - name: Generate GitHub App token
-        uses: electron/github-app-auth-action@e14e47722ed120360649d0789e25b9baece12725 # v2.0.0
+        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
        id: generate-token
        with:
          creds: ${{ secrets.ISSUE_TRIAGE_GH_APP_CREDS }}
          org: electron
-      - name: Sparse checkout repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          sparse-checkout: |
-            .
-            .github
-            .yarn
-      - run: yarn workspaces focus @electron/gha-workflows
+      - run: npm install @electron/fiddle-core@1.3.3 mdast-util-from-markdown@2.0.0 unist-util-select@5.1.0 semver@7.6.0
      - name: Add labels
-        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
+        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
        id: add-labels
        env:
          ISSUE_BODY: ${{ github.event.issue.body }}
        with:
          github-token: ${{ steps.generate-token.outputs.token }}
          script: |
-            const { chdir } = require('node:process');
-            chdir('${{ github.workspace }}/.github/workflows');
-
-            const { ElectronVersions } = require('@electron/fiddle-core');
-            const { fromMarkdown } = require('mdast-util-from-markdown');
-            const { select } = require('unist-util-select');
-            const semver = require('semver');
+            const { fromMarkdown } = await import('${{ github.workspace }}/node_modules/mdast-util-from-markdown/index.js');
+            const { select } = await import('${{ github.workspace }}/node_modules/unist-util-select/index.js');
+            const semver = await import('${{ github.workspace }}/node_modules/semver/index.js');

            const [ owner, repo ] = '${{ github.repository }}'.split('/');
            const issue_number = ${{ github.event.issue.number }};
@@ -90,6 +79,7 @@ jobs:
                    labelExists = true;
                  } catch {}

+                  const { ElectronVersions } = await import('${{ github.workspace }}/node_modules/@electron/fiddle-core/dist/index.js');
                  const electronVersions = await ElectronVersions.create(undefined, { ignoreCache: true });
                  const validVersions = [...electronVersions.supportedMajors, ...electronVersions.prereleaseMajors];

@@ -146,7 +136,7 @@ jobs:
            }
      - name: Create unsupported major comment
        if: ${{ steps.add-labels.outputs.unsupportedMajor }}
-        uses: actions-cool/issues-helper@e2ff99831a4f13625d35064e2b3dfe65c07a0396 # v3.7.5
+        uses: actions-cool/issues-helper@a610082f8ac0cf03e357eb8dd0d5e2ba075e017e # v3.6.0
        with:
          actions: 'create-comment'
          token: ${{ steps.generate-token.outputs.token }}
--- a/.github/workflows/issue-transferred.yml
+++ b/.github/workflows/issue-transferred.yml
@@ -14,7 +14,7 @@ jobs:
    if: ${{ !github.event.changes.new_repository.private }}
    steps:
      - name: Generate GitHub App token
-        uses: electron/github-app-auth-action@e14e47722ed120360649d0789e25b9baece12725 # v2.0.0
+        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
        id: generate-token
        with:
          creds: ${{ secrets.ISSUE_TRIAGE_GH_APP_CREDS }}
--- a/.github/workflows/issue-unlabeled.yml
+++ b/.github/workflows/issue-unlabeled.yml
@@ -24,7 +24,7 @@ jobs:
          fi
      - name: Generate GitHub App token
        if: ${{ steps.check-for-blocked-labels.outputs.NOT_BLOCKED }}
-        uses: electron/github-app-auth-action@e14e47722ed120360649d0789e25b9baece12725 # v2.0.0
+        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
        id: generate-token
        with:
          creds: ${{ secrets.ISSUE_TRIAGE_GH_APP_CREDS }}
--- a/.github/workflows/linux-publish.yml
+++ b/.github/workflows/linux-publish.yml
@@ -21,7 +21,6 @@ permissions: {}

 jobs:
  checkout-linux:
-    if: github.repository == 'electron/electron'
    runs-on: electron-arc-centralus-linux-amd64-32core
    permissions:
      contents: read
@@ -36,7 +35,7 @@ jobs:
      GCLIENT_EXTRA_ARGS: '--custom-var=checkout_arm=True --custom-var=checkout_arm64=True'
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -46,6 +45,7 @@ jobs:
  publish-x64:
    uses: ./.github/workflows/pipeline-segment-electron-publish.yml
    permissions:
+      artifact-metadata: write
      attestations: write
      contents: read
      id-token: write
@@ -65,6 +65,7 @@ jobs:
  publish-arm:
    uses: ./.github/workflows/pipeline-segment-electron-publish.yml
    permissions:
+      artifact-metadata: write
      attestations: write
      contents: read
      id-token: write
@@ -84,6 +85,7 @@ jobs:
  publish-arm64:
    uses: ./.github/workflows/pipeline-segment-electron-publish.yml
    permissions:
+      artifact-metadata: write
      attestations: write
      contents: read
      id-token: write
--- a/.github/workflows/macos-disk-cleanup.yml
+++ b/.github/workflows/macos-disk-cleanup.yml
@@ -1,105 +0,0 @@
-name: macOS Disk Space Cleanup
-
-# Description:
-# This workflow runs the disk space reclaimer on macOS runners every night
-# and logs disk space metrics to Datadog for monitoring.
-
-on:
-  schedule:
-    - cron: "0 0 * * *"
-  workflow_dispatch:
-
-permissions: {}
-
-jobs:
-  macos-disk-cleanup:
-    if: github.repository == 'electron/electron'
-    strategy:
-      fail-fast: false
-      matrix:
-        runner:
-          - macos-15
-          - macos-15-large
-          - macos-15-xlarge
-    runs-on: ${{ matrix.runner }}
-    permissions:
-      contents: read
-    steps:
-      - name: Checkout
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          sparse-checkout: |
-            .github/actions/free-space-macos
-          sparse-checkout-cone-mode: false
-
-      - name: Get Disk Space Before Cleanup
-        id: disk-before
-        shell: bash
-        run: |
-          echo "Disk space before cleanup:"
-          df -h /
-          FREE_SPACE_BEFORE=$(df -k / | tail -1 | awk '{print $4}')
-          echo "free_kb=$FREE_SPACE_BEFORE" >> $GITHUB_OUTPUT
-
-      - name: Free Space on macOS
-        uses: ./.github/actions/free-space-macos
-
-      - name: Get Disk Space After Cleanup
-        id: disk-after
-        shell: bash
-        run: |
-          echo "Disk space after cleanup:"
-          df -h /
-          FREE_SPACE_AFTER=$(df -k / | tail -1 | awk '{print $4}')
-          echo "free_kb=$FREE_SPACE_AFTER" >> $GITHUB_OUTPUT
-
-      - name: Log Disk Space to Datadog
-        if: ${{ env.DD_API_KEY != '' }}
-        shell: bash
-        env:
-          DD_API_KEY: ${{ secrets.DD_API_KEY }}
-          FREE_BEFORE: ${{ steps.disk-before.outputs.free_kb }}
-          FREE_AFTER: ${{ steps.disk-after.outputs.free_kb }}
-          MATRIX_RUNNER: ${{ matrix.runner }}
-        run: |
-          TIMESTAMP=$(date +%s)
-          FREE_BEFORE_GB=$(echo "scale=2; $FREE_BEFORE / 1024 / 1024" | bc)
-          FREE_AFTER_GB=$(echo "scale=2; $FREE_AFTER / 1024 / 1024" | bc)
-          SPACE_FREED_GB=$(echo "scale=2; ($FREE_AFTER - $FREE_BEFORE) / 1024 / 1024" | bc)
-
-          echo "Free space before: ${FREE_BEFORE_GB}GB"
-          echo "Free space after: ${FREE_AFTER_GB}GB"
-          echo "Space freed: ${SPACE_FREED_GB}GB"
-
-          curl -s -X POST "https://api.datadoghq.com/api/v2/series" \
-            -H "Content-Type: application/json" \
-            -H "DD-API-KEY: ${DD_API_KEY}" \
-            -d @- << EOF
-          {
-            "series": [
-              {
-                "metric": "electron.macos.disk.free_space_before_cleanup_gb",
-                "points": [{"timestamp": ${TIMESTAMP}, "value": ${FREE_BEFORE_GB}}],
-                "type": 3,
-                "unit": "gigabyte",
-                "tags": ["runner:${MATRIX_RUNNER}", "platform:macos"]
-              },
-              {
-                "metric": "electron.macos.disk.free_space_after_cleanup_gb",
-                "points": [{"timestamp": ${TIMESTAMP}, "value": ${FREE_AFTER_GB}}],
-                "type": 3,
-                "unit": "gigabyte",
-                "tags": ["runner:${MATRIX_RUNNER}", "platform:macos"]
-              },
-              {
-                "metric": "electron.macos.disk.space_freed_gb",
-                "points": [{"timestamp": ${TIMESTAMP}, "value": ${SPACE_FREED_GB}}],
-                "type": 3,
-                "unit": "gigabyte",
-                "tags": ["runner:${MATRIX_RUNNER}", "platform:macos"]
-              }
-            ]
-          }
-          EOF
-
-          echo "Disk space metrics logged to Datadog"
--- a/.github/workflows/macos-publish.yml
+++ b/.github/workflows/macos-publish.yml
@@ -22,7 +22,6 @@ permissions: {}

 jobs:
  checkout-macos:
-    if: github.repository == 'electron/electron'
    runs-on: electron-arc-centralus-linux-amd64-32core
    permissions:
      contents: read
@@ -37,7 +36,7 @@ jobs:
      GCLIENT_EXTRA_ARGS: '--custom-var=checkout_mac=True --custom-var=host_os=mac'
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -50,13 +49,14 @@ jobs:
  publish-x64-darwin:
    uses: ./.github/workflows/pipeline-segment-electron-publish.yml
    permissions:
+      artifact-metadata: write
      attestations: write
      contents: read
      id-token: write
    needs: checkout-macos
    with:
      environment: production-release
-      build-runs-on: macos-15-xlarge
+      build-runs-on: macos-14-xlarge
      target-platform: macos
      target-arch: x64
      target-variant: darwin
@@ -69,13 +69,14 @@ jobs:
  publish-x64-mas:
    uses: ./.github/workflows/pipeline-segment-electron-publish.yml
    permissions:
+      artifact-metadata: write
      attestations: write
      contents: read
      id-token: write
    needs: checkout-macos
    with:
      environment: production-release
-      build-runs-on: macos-15-xlarge
+      build-runs-on: macos-14-xlarge
      target-platform: macos
      target-arch: x64
      target-variant: mas
@@ -88,13 +89,14 @@ jobs:
  publish-arm64-darwin:
    uses: ./.github/workflows/pipeline-segment-electron-publish.yml
    permissions:
+      artifact-metadata: write
      attestations: write
      contents: read
      id-token: write
    needs: checkout-macos
    with:
      environment: production-release
-      build-runs-on: macos-15-xlarge
+      build-runs-on: macos-14-xlarge
      target-platform: macos
      target-arch: arm64
      target-variant: darwin
@@ -107,13 +109,14 @@ jobs:
  publish-arm64-mas:
    uses: ./.github/workflows/pipeline-segment-electron-publish.yml
    permissions:
+      artifact-metadata: write
      attestations: write
      contents: read
      id-token: write
    needs: checkout-macos
    with:
      environment: production-release
-      build-runs-on: macos-15-xlarge
+      build-runs-on: macos-14-xlarge
      target-platform: macos
      target-arch: arm64
      target-variant: mas
--- a/.github/workflows/non-maintainer-dependency-change.yml
+++ b/.github/workflows/non-maintainer-dependency-change.yml
@@ -15,22 +15,14 @@ permissions: {}
 jobs:
  check-for-non-maintainer-dependency-change:
    name: Check for disallowed non-maintainer change
-    if: ${{ github.event.pull_request.user.type != 'Bot' && !github.event.pull_request.draft }}
+    if: ${{ !contains(fromJSON('["MEMBER", "OWNER"]'), github.event.pull_request.author_association) && github.event.pull_request.user.type != 'Bot' && !github.event.pull_request.draft }}
    permissions:
      contents: read
      pull-requests: write
    runs-on: ubuntu-latest
    steps:
-      - name: Get author association
-        id: get-author-association
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          AUTHOR_ASSOCIATION=$(gh api /repos/electron/electron/pulls/${{ github.event.pull_request.number }} --jq '.author_association')
-          echo "author_association=$AUTHOR_ASSOCIATION" >> "$GITHUB_OUTPUT"
      - name: Check for existing review
        id: check-for-review
-        if: ${{ !contains(fromJSON('["MEMBER", "OWNER"]'), steps.get-author-association.outputs.author_association) }}
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          PR_URL: ${{ github.event.pull_request.html_url }}
--- a/.github/workflows/package.json
+++ b/.github/workflows/package.json
@@ -1,13 +0,0 @@
-{
-  "name": "@electron/gha-workflows",
-  "version": "0.0.0-development",
-  "private": true,
-  "type": "module",
-  "dependencies": {
-    "@actions/cache": "^4.0.3",
-    "@electron/fiddle-core": "^2.0.1",
-    "mdast-util-from-markdown": "^2.0.0",
-    "semver": "^7.7.2",
-    "unist-util-select": "^5.1.0"
-  }
-}
--- a/.github/workflows/pipeline-electron-build-and-tidy-and-test-and-nan.yml
+++ b/.github/workflows/pipeline-electron-build-and-tidy-and-test-and-nan.yml
@@ -1,124 +0,0 @@
-name: Electron Build & Clang Tidy & Test (+ Node + NaN) Pipeline
-
-on:
-  workflow_call:
-    inputs:
-      target-platform:
-        type: string
-        description: 'Platform to run on, can be macos, win or linux.'
-        required: true
-      target-arch:
-        type: string
-        description: 'Arch to build for, can be x64, arm64 or arm'
-        required: true
-      build-runs-on:
-        type: string
-        description: 'What host to run the build'
-        required: true
-      clang-tidy-runs-on:
-        type: string
-        description: 'What host to run clang-tidy on'
-        required: true
-      test-runs-on:
-        type: string
-        description: 'What host to run the tests on'
-        required: true
-      build-container:
-        type: string
-        description: 'JSON container information for aks runs-on'
-        required: false
-        default: '{"image":null}'
-      clang-tidy-container:
-        type: string
-        description: 'JSON container information to run clang-tidy on'
-        required: false
-        default: '{"image":null}'
-      test-container:
-        type: string
-        description: 'JSON container information for testing'
-        required: false
-        default: '{"image":null}'
-      is-release:
-        description: 'Whether this build job is a release job'
-        required: true
-        type: boolean
-        default: false
-      gn-build-type:
-        description: 'The gn build type - testing or release'
-        required: true
-        type: string
-        default: testing
-      generate-symbols: 
-        description: 'Whether or not to generate symbols'
-        required: true
-        type: boolean
-        default: false
-      upload-to-storage: 
-        description: 'Whether or not to upload build artifacts to external storage'
-        required: true
-        type: string
-        default: '0'
-      is-asan: 
-        description: 'Building the Address Sanitizer (ASan) Linux build'
-        required: false
-        type: boolean
-        default: false
-
-permissions: {}
-
-concurrency:
-  group: electron-build-and-test-and-nan-${{ inputs.target-platform }}-${{ inputs.target-arch }}-${{ github.ref_protected == true && github.run_id || github.ref }}
-  cancel-in-progress: ${{ github.ref_protected != true }}
-
-jobs:
-  build:
-    uses: ./.github/workflows/pipeline-segment-electron-build.yml
-    permissions:
-      contents: read
-    with:
-      build-runs-on: ${{ inputs.build-runs-on }}
-      build-container: ${{ inputs.build-container }}
-      target-platform: ${{ inputs.target-platform }}
-      target-arch: ${{ inputs.target-arch }}
-      is-release: ${{ inputs.is-release }}
-      gn-build-type: ${{ inputs.gn-build-type }}
-      generate-symbols: ${{ inputs.generate-symbols }}
-      upload-to-storage: ${{ inputs.upload-to-storage }}
-      upload-out-gen-artifacts: true
-    secrets: inherit
-  clang-tidy:
-    uses: ./.github/workflows/pipeline-segment-electron-clang-tidy.yml
-    permissions:
-      contents: read
-    needs: build
-    with:
-      clang-tidy-runs-on: ${{ inputs.clang-tidy-runs-on }}
-      clang-tidy-container: ${{ inputs.clang-tidy-container }}
-      target-platform: ${{ inputs.target-platform }}
-      target-arch: ${{ inputs.target-arch }}
-    secrets: inherit
-  test:
-    uses: ./.github/workflows/pipeline-segment-electron-test.yml
-    permissions:
-      contents: read
-      issues: read
-      pull-requests: read
-    needs: build
-    with:
-      target-arch: ${{ inputs.target-arch }}
-      target-platform: ${{ inputs.target-platform }}
-      test-runs-on: ${{ inputs.test-runs-on }}
-      test-container: ${{ inputs.test-container }}
-    secrets: inherit
-  nn-test:
-    uses: ./.github/workflows/pipeline-segment-node-nan-test.yml
-    permissions:
-      contents: read
-    needs: build
-    with:
-      target-arch: ${{ inputs.target-arch }}
-      target-platform: ${{ inputs.target-platform }}
-      test-runs-on: ${{ inputs.test-runs-on }}
-      test-container: ${{ inputs.test-container }}
-      gn-build-type: ${{ inputs.gn-build-type }}
-    secrets: inherit
--- a/.github/workflows/pipeline-electron-build-and-tidy-and-test.yml
+++ b/.github/workflows/pipeline-electron-build-and-tidy-and-test.yml
@@ -1,121 +0,0 @@
-name: Electron Build & Clang Tidy & Test Pipeline
-
-on:
-  workflow_call:
-    inputs:
-      target-platform:
-        type: string
-        description: 'Platform to run on, can be macos, win or linux'
-        required: true
-      target-arch:
-        type: string
-        description: 'Arch to build for, can be x64, arm64 or arm'
-        required: true
-      build-runs-on:
-        type: string
-        description: 'What host to run the build'
-        required: true
-      clang-tidy-runs-on:
-        type: string
-        description: 'What host to run clang-tidy on'
-        required: true
-      test-runs-on:
-        type: string
-        description: 'What host to run the tests on'
-        required: true
-      build-container:
-        type: string
-        description: 'JSON container information for aks runs-on'
-        required: false
-        default: '{"image":null}'
-      clang-tidy-container:
-        type: string
-        description: 'JSON container information to run clang-tidy on'
-        required: false
-        default: '{"image":null}'
-      test-container:
-        type: string
-        description: 'JSON container information for testing'
-        required: false
-        default: '{"image":null}'
-      is-release:
-        description: 'Whether this build job is a release job'
-        required: true
-        type: boolean
-        default: false
-      gn-build-type:
-        description: 'The gn build type - testing or release'
-        required: true
-        type: string
-        default: testing
-      generate-symbols: 
-        description: 'Whether or not to generate symbols'
-        required: true
-        type: boolean
-        default: false
-      upload-to-storage: 
-        description: 'Whether or not to upload build artifacts to external storage'
-        required: true
-        type: string
-        default: '0'
-      is-asan: 
-        description: 'Building the Address Sanitizer (ASan) Linux build'
-        required: false
-        type: boolean
-        default: false
-      enable-ssh:
-        description: 'Enable SSH debugging'
-        required: false
-        type: boolean
-        default: false
-
-concurrency:
-  group: electron-build-and-tidy-and-test-${{ inputs.target-platform }}-${{ inputs.target-arch }}-${{ github.ref_protected == true && github.run_id || github.ref }}
-  cancel-in-progress: ${{ github.ref_protected != true }}
-
-permissions: {}
-
-jobs:
-  build:
-    uses: ./.github/workflows/pipeline-segment-electron-build.yml
-    permissions:
-      contents: read
-    with:
-      build-runs-on: ${{ inputs.build-runs-on }}
-      build-container: ${{ inputs.build-container }}
-      target-platform: ${{ inputs.target-platform }}
-      target-arch: ${{ inputs.target-arch }}
-      is-release: ${{ inputs.is-release }}
-      gn-build-type: ${{ inputs.gn-build-type }}
-      generate-symbols: ${{ inputs.generate-symbols }}
-      upload-to-storage: ${{ inputs.upload-to-storage }}
-      is-asan: ${{ inputs.is-asan }}
-      enable-ssh: ${{ inputs.enable-ssh }}
-      upload-out-gen-artifacts: true
-    secrets: inherit
-  clang-tidy:
-    uses: ./.github/workflows/pipeline-segment-electron-clang-tidy.yml
-    permissions:
-      contents: read
-    needs: build
-    with:
-      clang-tidy-runs-on: ${{ inputs.clang-tidy-runs-on }}
-      clang-tidy-container: ${{ inputs.clang-tidy-container }}
-      target-platform: ${{ inputs.target-platform }}
-      target-arch: ${{ inputs.target-arch }}
-    secrets: inherit
-  test:
-    uses: ./.github/workflows/pipeline-segment-electron-test.yml
-    permissions:
-      contents: read
-      issues: read
-      pull-requests: read
-    needs: build
-    with:
-      target-arch: ${{ inputs.target-arch }}
-      target-platform: ${{ inputs.target-platform }}
-      test-runs-on: ${{ inputs.test-runs-on }}
-      test-container: ${{ inputs.test-container }}
-      is-asan: ${{ inputs.is-asan }}
-      enable-ssh: ${{ inputs.enable-ssh }}
-    secrets: inherit
--- a/.github/workflows/pipeline-electron-docs-only.yml
+++ b/.github/workflows/pipeline-electron-docs-only.yml
@@ -27,7 +27,7 @@ jobs:
    container: ${{ fromJSON(inputs.container) }}
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -43,7 +43,7 @@ jobs:
      with:
        target-platform: linux
    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
--- a/.github/workflows/pipeline-electron-lint.yml
+++ b/.github/workflows/pipeline-electron-lint.yml
@@ -27,7 +27,7 @@ jobs:
    container: ${{ fromJSON(inputs.container) }}
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -46,7 +46,7 @@ jobs:
      shell: bash
      run: |
        chromium_revision="$(grep -A1 chromium_version src/electron/DEPS | tr -d '\n' | cut -d\' -f4)"
-        gn_version="$(curl -sL "https://chromium.googlesource.com/chromium/src/+/${chromium_revision}/DEPS?format=TEXT" | base64 -d | grep gn_version | head -n1 | cut -d\' -f4)"
+        gn_version="$(curl -sL -b ~/.gitcookies "https://chromium.googlesource.com/chromium/src/+/${chromium_revision}/DEPS?format=TEXT" | base64 -d | grep gn_version | head -n1 | cut -d\' -f4)"

        cipd ensure -ensure-file - -root . <<-CIPD
        \$ServiceURL https://chrome-infra-packages.appspot.com/
@@ -62,7 +62,7 @@ jobs:
        chromium_revision="$(grep -A1 chromium_version src/electron/DEPS | tr -d '\n' | cut -d\' -f4)"

        mkdir -p src/buildtools
-        curl -sL "https://chromium.googlesource.com/chromium/src/+/${chromium_revision}/buildtools/DEPS?format=TEXT" | base64 -d > src/buildtools/DEPS
+        curl -sL -b ~/.gitcookies "https://chromium.googlesource.com/chromium/src/+/${chromium_revision}/buildtools/DEPS?format=TEXT" | base64 -d > src/buildtools/DEPS

        gclient sync --spec="solutions=[{'name':'src/buildtools','url':None,'deps_file':'DEPS','custom_vars':{'process_deps':True},'managed':False}]"
    - name: Add ESLint problem matcher
--- a/.github/workflows/pipeline-segment-electron-build.yml
+++ b/.github/workflows/pipeline-segment-electron-build.yml
@@ -53,11 +53,6 @@ on:
        required: false
        type: boolean
        default: false
-      upload-out-gen-artifacts:
-        description: 'Whether to upload the src/gen artifacts'
-        required: false
-        type: boolean
-        default: false
      enable-ssh:
        description: 'Enable SSH debugging'
        required: false
@@ -100,7 +95,7 @@ jobs:
      run: |
        mkdir src
    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -124,9 +119,9 @@ jobs:
      run: df -h
    - name: Setup Node.js/npm
      if: ${{ inputs.target-platform == 'macos' }}
-      uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238
+      uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020
      with:
-        node-version: 22.21.x
+        node-version: 20.19.x
        cache: yarn
        cache-dependency-path: src/electron/yarn.lock
    - name: Install Dependencies
@@ -168,7 +163,7 @@ jobs:
      if: ${{ inputs.target-platform == 'linux' }}
      uses: ./src/electron/.github/actions/restore-cache-aks
    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -206,7 +201,6 @@ jobs:
        generate-symbols: '${{ inputs.generate-symbols }}'
        upload-to-storage: '${{ inputs.upload-to-storage }}'
        is-asan: '${{ inputs.is-asan }}'
-        upload-out-gen-artifacts: '${{ inputs.upload-out-gen-artifacts }}'
    - name: Set GN_EXTRA_ARGS for MAS Build
      if: ${{ inputs.target-platform == 'macos' && (inputs.target-variant == 'all' || inputs.target-variant == 'mas') }}
      run: |
--- a/.github/workflows/pipeline-segment-electron-clang-tidy.yml
+++ b/.github/workflows/pipeline-segment-electron-clang-tidy.yml
@@ -1,159 +0,0 @@
-name: Pipeline Segment - Electron Clang-Tidy
-
-on:
-  workflow_call:
-    inputs:
-      target-platform:
-        type: string
-        description: 'Platform to run on, can be macos, win or linux'
-        required: true
-      target-arch:
-        type: string
-        description: 'Arch to build for, can be x64, arm64 or arm'
-        required: true
-      clang-tidy-runs-on:
-        type: string
-        description: 'What host to run clang-tidy on'
-        required: true
-      clang-tidy-container:
-        type: string
-        description: 'JSON container information for aks runs-on'
-        required: false
-        default: '{"image":null}'
-
-permissions: {}
-
-concurrency:
-  group: electron-clang-tidy-${{ inputs.target-platform }}-${{ inputs.target-arch }}-${{ github.ref }}
-  cancel-in-progress: true
-
-env:
-  GCLIENT_EXTRA_ARGS: ${{ inputs.target-platform == 'macos' && '--custom-var=checkout_mac=True --custom-var=host_os=mac' || (inputs.target-platform == 'linux' && '--custom-var=checkout_arm=True --custom-var=checkout_arm64=True' || '--custom-var=checkout_win=True') }}
-  ELECTRON_OUT_DIR: Default
-
-jobs:
-  clang-tidy:
-    defaults:
-      run:
-        shell: bash
-    runs-on: ${{ inputs.clang-tidy-runs-on }}
-    permissions:
-      contents: read
-    container: ${{ fromJSON(inputs.clang-tidy-container) }}
-    env:
-      BUILD_TYPE: ${{ inputs.target-platform == 'macos' && 'darwin' || inputs.target-platform }}
-      TARGET_ARCH: ${{ inputs.target-arch }}
-      TARGET_PLATFORM: ${{ inputs.target-platform }}
-      ARTIFACT_KEY: ${{ inputs.target-platform == 'macos' && 'darwin' || inputs.target-platform }}_${{ inputs.target-arch }}
-    steps:
-    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
-      with:
-        path: src/electron
-        fetch-depth: 0
-        ref: ${{ github.event.pull_request.head.sha }}
-    - name: Cleanup disk space on macOS
-      if: ${{ inputs.target-platform == 'macos' }}
-      shell: bash
-      run: |   
-        sudo mkdir -p $TMPDIR/del-target
-
-        tmpify() {
-          if [ -d "$1" ]; then
-            sudo mv "$1" $TMPDIR/del-target/$(echo $1|shasum -a 256|head -n1|cut -d " " -f1)
-          fi
-        }   
-        tmpify /Library/Developer/CoreSimulator
-        tmpify ~/Library/Developer/CoreSimulator
-        sudo rm -rf $TMPDIR/del-target
-    - name: Check disk space after freeing up space
-      if: ${{ inputs.target-platform == 'macos' }}
-      run: df -h
-    - name: Set Chromium Git Cookie
-      uses: ./src/electron/.github/actions/set-chromium-cookie
-    - name: Install Build Tools
-      uses: ./src/electron/.github/actions/install-build-tools
-    - name: Enable windows toolchain
-      if: ${{ inputs.target-platform == 'win' }}
-      run: |
-        echo "ELECTRON_DEPOT_TOOLS_WIN_TOOLCHAIN=1" >> $GITHUB_ENV
-    - name: Generate DEPS Hash
-      run: |
-        node src/electron/script/generate-deps-hash.js
-        DEPSHASH=v1-src-cache-$(cat src/electron/.depshash)
-        echo "DEPSHASH=$DEPSHASH" >> $GITHUB_ENV
-        echo "CACHE_PATH=$DEPSHASH.tar" >> $GITHUB_ENV
-    - name: Restore src cache via AZCopy
-      if: ${{ inputs.target-platform == 'macos' }}
-      uses: ./src/electron/.github/actions/restore-cache-azcopy
-      with:
-        target-platform: ${{ inputs.target-platform }}      
-    - name: Restore src cache via AKS
-      if: ${{ inputs.target-platform == 'linux' || inputs.target-platform == 'win' }}
-      uses: ./src/electron/.github/actions/restore-cache-aks
-      with:
-        target-platform: ${{ inputs.target-platform }}
-    - name: Run Electron Only Hooks
-      run: |
-        echo "solutions=[{'name':'src/electron','url':None,'deps_file':'DEPS','custom_vars':{'process_deps':False},'managed':False}]" > tmpgclient
-        if [ "${{ inputs.target-platform }}" = "win" ]; then
-          echo "solutions=[{'name':'src/electron','url':None,'deps_file':'DEPS','custom_vars':{'process_deps':False,'install_sysroot':False,'checkout_win':True},'managed':False}]" > tmpgclient
-          echo "target_os=['win']" >> tmpgclient
-        fi
-        e d gclient runhooks --gclientfile=tmpgclient
-
-        # Fix VS Toolchain
-        if [ "${{ inputs.target-platform }}" = "win" ]; then
-          rm -rf src/third_party/depot_tools/win_toolchain/vs_files
-          e d python3 src/build/vs_toolchain.py update --force
-        fi
-    - name: Regenerate DEPS Hash
-      run: |
-        (cd src/electron && git checkout .) && node src/electron/script/generate-deps-hash.js
-        echo "DEPSHASH=$(cat src/electron/.depshash)" >> $GITHUB_ENV
-    - name: Add CHROMIUM_BUILDTOOLS_PATH to env
-      run: echo "CHROMIUM_BUILDTOOLS_PATH=$(pwd)/src/buildtools" >> $GITHUB_ENV
-    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
-      with:
-        path: src/electron
-        fetch-depth: 0
-        ref: ${{ github.event.pull_request.head.sha }}
-    - name: Install Dependencies
-      uses: ./src/electron/.github/actions/install-dependencies
-    - name: Default GN gen
-      run: |
-        cd src/electron
-        git pack-refs
-    - name: Download Out Gen Artifacts
-      uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131
-      with:
-        name: out_gen_artifacts_${{ env.ARTIFACT_KEY }}
-        path: ./src/out/${{ env.ELECTRON_OUT_DIR }}/gen
-    - name: Add Clang problem matcher
-      shell: bash
-      run: echo "::add-matcher::src/electron/.github/problem-matchers/clang.json"
-    - name: Run Clang-Tidy
-      run: |
-        e init -f --root=$(pwd) --out=${ELECTRON_OUT_DIR} testing --target-cpu ${TARGET_ARCH}
-
-        export GN_EXTRA_ARGS="target_cpu=\"${TARGET_ARCH}\""
-        if [ "${{ inputs.target-platform }}" = "win" ]; then
-          export GN_EXTRA_ARGS="$GN_EXTRA_ARGS use_v8_context_snapshot=true target_os=\"win\""
-        fi
-
-        e build --only-gen
-
-        cd src/electron
-        node script/yarn.js lint:clang-tidy --jobs 8 --out-dir ../out/${ELECTRON_OUT_DIR}
-    - name: Remove Clang problem matcher
-      shell: bash
-      run: echo "::remove-matcher owner=clang::"
-    - name: Wait for active SSH sessions
-      if: always() && !cancelled()
-      shell: bash
-      run: |
-        while [ -f /var/.ssh-lock ]
-        do
-          sleep 60
-        done
--- a/.github/workflows/pipeline-segment-electron-gn-check.yml
+++ b/.github/workflows/pipeline-segment-electron-gn-check.yml
@@ -48,7 +48,7 @@ jobs:
    container: ${{ fromJSON(inputs.check-container) }}
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -115,7 +115,7 @@ jobs:
    - name: Add CHROMIUM_BUILDTOOLS_PATH to env
      run: echo "CHROMIUM_BUILDTOOLS_PATH=$(pwd)/src/buildtools" >> $GITHUB_ENV
    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
--- a/.github/workflows/pipeline-segment-electron-publish.yml
+++ b/.github/workflows/pipeline-segment-electron-publish.yml
@@ -56,11 +56,6 @@ on:
        required: false
        type: boolean
        default: false
-      upload-out-gen-artifacts:
-        description: Whether to upload the src/gen artifacts
-        required: false
-        type: boolean
-        default: false
      enable-ssh:
        description: Enable SSH debugging
        required: false
@@ -93,6 +88,7 @@ jobs:
        shell: bash
    runs-on: ${{ inputs.build-runs-on }}
    permissions:
+      artifact-metadata: write
      attestations: write
      contents: read
      id-token: write
@@ -106,7 +102,7 @@ jobs:
        run: |
          mkdir src
      - name: Checkout Electron
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
        with:
          path: src/electron
          fetch-depth: 0
@@ -131,9 +127,9 @@ jobs:
        run: df -h
      - name: Setup Node.js/npm
        if: ${{ inputs.target-platform == 'macos' }}
-        uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238
+        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020
        with:
-          node-version: 22.21.x
+          node-version: 20.19.x
          cache: yarn
          cache-dependency-path: src/electron/yarn.lock
      - name: Install Dependencies
@@ -176,7 +172,7 @@ jobs:
        if: ${{ inputs.target-platform == 'linux' }}
        uses: ./src/electron/.github/actions/restore-cache-aks
      - name: Checkout Electron
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
        with:
          path: src/electron
          fetch-depth: 0
@@ -220,7 +216,6 @@ jobs:
          generate-symbols: ${{ inputs.generate-symbols }}
          upload-to-storage: ${{ inputs.upload-to-storage }}
          is-asan: ${{ inputs.is-asan }}
-          upload-out-gen-artifacts: ${{ inputs.upload-out-gen-artifacts }}
      - name: Set GN_EXTRA_ARGS for MAS Build
        if: ${{ inputs.target-platform == 'macos' && (inputs.target-variant == 'all' ||
          inputs.target-variant == 'mas') }}
--- a/.github/workflows/pipeline-segment-electron-test.yml
+++ b/.github/workflows/pipeline-segment-electron-test.yml
@@ -69,16 +69,14 @@ jobs:
      if: ${{ inputs.target-arch == 'arm' && inputs.target-platform == 'linux' }}
      run: |
        cp $(which node) /mnt/runner-externals/node20/bin/
-        cp $(which node) /mnt/runner-externals/node24/bin/
    - name: Setup Node.js/npm
      if: ${{ inputs.target-platform == 'win' }}
-      uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238
+      uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020
      with:
-        node-version: 22.21.x
+        node-version: 20.19.x
    - name: Add TCC permissions on macOS
      if: ${{ inputs.target-platform == 'macos' }}
      run: |
-        epochdate=$(($(date +'%s * 1000 + %-N / 1000000')))
        configure_user_tccdb () {
          local values=$1
          local dbPath="$HOME/Library/Application Support/com.apple.TCC/TCC.db"
@@ -97,14 +95,11 @@ jobs:
            "'kTCCServiceCamera','/usr/local/opt/runner/provisioner/provisioner',1,2,4,1,NULL,NULL,0,'UNUSED',NULL,0,1687786159"
            "'kTCCServiceBluetoothAlways','/usr/local/opt/runner/provisioner/provisioner',1,2,4,1,NULL,NULL,0,'UNUSED',NULL,0,1687786159"
            "'kTCCServiceAppleEvents','/usr/local/opt/runner/provisioner/provisioner',1,2,4,1,NULL,NULL,0,'UNUSED',NULL,0,1687786159"
-            "'kTCCServiceCamera','/opt/hca/hosted-compute-agent',1,2,4,1,NULL,NULL,0,'UNUSED',NULL,0,1687786159"
-            "'kTCCServiceBluetoothAlways','/opt/hca/hosted-compute-agent',1,2,4,1,NULL,NULL,0,'UNUSED',NULL,0,1687786159"
-            "'kTCCServiceScreenCapture','/bin/bash',1,2,3,1,NULL,NULL,NULL,'UNUSED',NULL,0,$epochdate"
        )
        for values in "${userValuesArray[@]}"; do
          # Sonoma and higher have a few extra values
          # Ref: https://github.com/actions/runner-images/blob/main/images/macos/scripts/build/configure-tccdb-macos.sh
-          if [ "$OSTYPE" = "darwin23" ] || [ "$OSTYPE" = "darwin24" ]; then
+          if [ "$OSTYPE" = "darwin23" ]; then
            configure_user_tccdb "$values,NULL,NULL,'UNUSED',${values##*,}"
            configure_sys_tccdb "$values,NULL,NULL,'UNUSED',${values##*,}"
          else
@@ -115,21 +110,12 @@ jobs:
    - name: Turn off the unexpectedly quit dialog on macOS
      if: ${{ inputs.target-platform == 'macos' }}
      run: defaults write com.apple.CrashReporter DialogType server
-    - name: Set xcode to 16.4
-      if: ${{ inputs.target-platform == 'macos' }}
-      run: sudo xcode-select --switch /Applications/Xcode_16.4.app
    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
        ref: ${{ github.event.pull_request.head.sha }}
-    - name: Turn off screenshot nag on macOS
-      if: ${{ inputs.target-platform == 'macos' }}
-      run: |
-        defaults write ~/Library/Group\ Containers/group.com.apple.replayd/ScreenCaptureApprovals.plist "/bin/bash" -date "3024-09-23 12:00:00 +0000"
-        src/electron/script/actions/screencapture-nag-remover.sh -a $(which bash)
-        src/electron/script/actions/screencapture-nag-remover.sh -a /opt/hca/hosted-compute-agent
    - name: Setup SSH Debugging
      if: ${{ inputs.target-platform == 'macos' && (inputs.enable-ssh || env.ACTIONS_STEP_DEBUG == 'true') }}
      uses: ./src/electron/.github/actions/ssh-debug
@@ -168,12 +154,12 @@ jobs:
        echo "DISABLE_CRASH_REPORTER_TESTS=true" >> $GITHUB_ENV
        echo "IS_ASAN=true" >> $GITHUB_ENV
    - name: Download Generated Artifacts
-      uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131
+      uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093
      with:
        name: generated_artifacts_${{ env.ARTIFACT_KEY }}
        path: ./generated_artifacts_${{ matrix.build-type }}_${{ inputs.target-arch }}
    - name: Download Src Artifacts
-      uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131
+      uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093
      with:
        name: src_artifacts_${{ env.ARTIFACT_KEY }}
        path: ./src_artifacts_${{ matrix.build-type }}_${{ inputs.target-arch }}
@@ -191,13 +177,12 @@ jobs:
      run: |
        cd src/out/Default
        unzip -:o dist.zip
-    #- name: Import & Trust Self-Signed Codesigning Cert on MacOS
-    #  if: ${{ inputs.target-platform == 'macos' && inputs.target-arch == 'x64' }}
-    #  run: |
-    #    sudo security authorizationdb write com.apple.trust-settings.admin allow
-    #    cd src/electron
-    #    ./script/codesign/generate-identity.sh
-
+    - name: Import & Trust Self-Signed Codesigning Cert on MacOS
+      if: ${{ inputs.target-platform == 'macos' && inputs.target-arch == 'x64' }}
+      run: |
+        sudo security authorizationdb write com.apple.trust-settings.admin allow
+        cd src/electron
+        ./script/codesign/generate-identity.sh
    - name: Run Electron Tests
      shell: bash
      env:
@@ -266,7 +251,7 @@ jobs:
      if: always() && !cancelled()
    - name: Upload Test Artifacts
      if: always() && !cancelled()
-      uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f
+      uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02
      with:
        name: test_artifacts_${{ env.ARTIFACT_KEY }}_${{ matrix.shard }}
        path: src/electron/spec/artifacts
--- a/.github/workflows/pipeline-segment-node-nan-test.yml
+++ b/.github/workflows/pipeline-segment-node-nan-test.yml
@@ -50,7 +50,7 @@ jobs:
    container: ${{ fromJSON(inputs.test-container) }}
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -65,12 +65,12 @@ jobs:
    - name: Install Dependencies
      uses: ./src/electron/.github/actions/install-dependencies
    - name: Download Generated Artifacts
-      uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131
+      uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093
      with:
        name: generated_artifacts_${{ env.BUILD_TYPE }}_${{ env.TARGET_ARCH }}
        path: ./generated_artifacts_${{ env.BUILD_TYPE }}_${{ env.TARGET_ARCH }}
    - name: Download Src Artifacts
-      uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131
+      uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093
      with:
        name: src_artifacts_linux_${{ env.TARGET_ARCH }}
        path: ./src_artifacts_linux_${{ env.TARGET_ARCH }}
@@ -106,7 +106,7 @@ jobs:
    container: ${{ fromJSON(inputs.test-container) }}
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -121,12 +121,12 @@ jobs:
    - name: Install Dependencies
      uses: ./src/electron/.github/actions/install-dependencies
    - name: Download Generated Artifacts
-      uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131
+      uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093
      with:
        name: generated_artifacts_${{ env.BUILD_TYPE }}_${{ env.TARGET_ARCH }}
        path: ./generated_artifacts_${{ env.BUILD_TYPE }}_${{ env.TARGET_ARCH }}
    - name: Download Src Artifacts
-      uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131
+      uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093
      with:
        name: src_artifacts_linux_${{ env.TARGET_ARCH }}
        path: ./src_artifacts_linux_${{ env.TARGET_ARCH }}
--- a/.github/workflows/pull-request-labeled.yml
+++ b/.github/workflows/pull-request-labeled.yml
@@ -14,7 +14,7 @@ jobs:
    permissions: {}
    steps:
      - name: Trigger Slack workflow
-        uses: slackapi/slack-github-action@91efab103c0de0a537f72a35f6b8cda0ee76bf0a # v2.1.1
+        uses: slackapi/slack-github-action@b0fa283ad8fea605de13dc3f449259339835fc52 # v2.1.0
        with:
          webhook: ${{ secrets.BACKPORT_REQUESTED_SLACK_WEBHOOK_URL }} 
          webhook-type: webhook-trigger
@@ -32,7 +32,7 @@ jobs:
    permissions: {}
    steps:
      - name: Generate GitHub App token
-        uses: electron/github-app-auth-action@e14e47722ed120360649d0789e25b9baece12725 # v2.0.0
+        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
        id: generate-token
        with:
          creds: ${{ secrets.RELEASE_BOARD_GH_APP_CREDS }}
@@ -44,35 +44,3 @@ jobs:
          project-number: 94
          field: Status
          field-value: ✅ Reviewed
-  pull-request-labeled-ai-pr:
-    name: ai-pr label added
-    if: github.event.label.name == 'ai-pr'
-    runs-on: ubuntu-latest
-    permissions: {}
-    steps:
-    - name: Generate GitHub App token
-      uses: electron/github-app-auth-action@e14e47722ed120360649d0789e25b9baece12725 # v2.0.0
-      id: generate-token
-      with:
-        creds: ${{ secrets.ISSUE_TRIAGE_GH_APP_CREDS }}
-    - name: Create comment
-      uses: actions-cool/issues-helper@e2ff99831a4f13625d35064e2b3dfe65c07a0396 # v3.7.5
-      with:
-        actions: 'create-comment'
-        token: ${{ steps.generate-token.outputs.token }}
-        issue-number: ${{ github.event.pull_request.number }}
-        body: |
-          <!-- ai-pr -->
-
-          *AI PR Detected*
-
-          Hello @${{ github.event.pull_request.user.login }}. Due to the high amount of AI spam PRs we receive, if a PR is detected to be majority AI-generated without disclosure and untested, we will automatically close the PR.
-
-          We welcome the use of AI tools, as long as the PR meets our quality standards and has clearly been built and tested. If you believe your PR was closed in error, we welcome you to resubmit. However, please read our [CONTRIBUTING.md](http://contributing.md/) carefully before reopening. Thanks for your contribution.
-    - name: Close the pull request
-      env:
-        GITHUB_TOKEN: ${{ steps.generate-token.outputs.token }}
-        GH_REPO: electron/electron
-        PR_NUMBER: ${{ github.event.pull_request.number }}
-      run: |
-        gh pr close "$PR_NUMBER"
--- a/.github/workflows/rerun-apply-patches.yml
+++ b/.github/workflows/rerun-apply-patches.yml
@@ -1,71 +0,0 @@
-name: Rerun PR Apply Patches
-
-on:
-  push:
-    branches:
-      - main
-      - '[1-9][0-9]-x-y'
-    paths:
-      - 'DEPS'
-      - 'patches/**'
-
-permissions: {}
-
-jobs:
-  rerun-apply-patches:
-    runs-on: ubuntu-latest
-    permissions:
-      actions: write
-      checks: read
-      contents: read
-      pull-requests: read
-    steps:
-      - name: Find PRs and Rerun Apply Patches
-        env:
-          GH_REPO: ${{ github.repository }}
-          GH_TOKEN: ${{ github.token }}
-        run: |
-          BRANCH="${GITHUB_REF#refs/heads/}"
-
-          # Find all open PRs targeting this branch
-          PRS=$(gh pr list --base "$BRANCH" --state open --limit 250 --json number)
-
-          echo "$PRS" | jq -c '.[]' | while read -r pr; do
-            PR_NUMBER=$(echo "$pr" | jq -r '.number')
-            echo "Processing PR #${PR_NUMBER}"
-
-            # Find the Apply Patches workflow check for this PR
-            CHECK=$(gh pr view "$PR_NUMBER" --json statusCheckRollup --jq '[.statusCheckRollup[] | select(.workflowName == "Apply Patches" and .name == "apply-patches")] | first')
-
-            if [ -z "$CHECK" ] || [ "$CHECK" = "null" ]; then
-              echo "  No Apply Patches workflow found for PR #${PR_NUMBER}"
-              continue
-            fi
-
-            CONCLUSION=$(echo "$CHECK" | jq -r '.conclusion')
-            if [ "$CONCLUSION" = "SKIPPED" ]; then
-              echo "  apply-patches job was skipped for PR #${PR_NUMBER} (no patches)"
-              continue
-            fi
-
-            LINK=$(echo "$CHECK" | jq -r '.detailsUrl')
-
-            # Extract the run ID from the link (format: .../runs/RUN_ID/job/JOB_ID)
-            RUN_ID=$(echo "$LINK" | grep -oE 'runs/[0-9]+' | cut -d'/' -f2)
-
-            if [ -z "$RUN_ID" ]; then
-              echo "  Could not extract run ID from link: ${LINK}"
-              continue
-            fi
-
-            # Check if the workflow is currently in progress
-            RUN_STATUS=$(gh run view "$RUN_ID" --json status --jq '.status')
-
-            if [ "$RUN_STATUS" = "in_progress" ] || [ "$RUN_STATUS" = "queued" ] || [ "$RUN_STATUS" = "waiting" ]; then
-              echo "  Workflow run ${RUN_ID} is ${RUN_STATUS}, cancelling..."
-              gh run cancel "$RUN_ID" --force
-              gh run watch "$RUN_ID"
-            fi
-
-            gh run rerun "$RUN_ID"
-          done
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -13,7 +13,6 @@ permissions: read-all
 jobs:
  analysis:
    name: Scorecards analysis
-    if: github.repository == 'electron/electron'
    runs-on: ubuntu-latest
    permissions:
      # Needed to upload the results to code-scanning dashboard.
@@ -23,13 +22,13 @@ jobs:

    steps:
      - name: "Checkout code"
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          persist-credentials: false

      # This is a pre-submit / pre-release.
      - name: "Run analysis"
-        uses: ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a # v2.4.3
+        uses: ossf/scorecard-action@05b42c624433fc40578a4040d5cf5e36ddca8cde # v2.4.2
        with:
          results_file: results.sarif
          results_format: sarif
@@ -43,7 +42,7 @@ jobs:
      # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
      # format to the repository Actions tab.
      - name: "Upload artifact"
-        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
        with:
          name: SARIF file
          path: results.sarif
@@ -51,6 +50,6 @@ jobs:

      # Upload the results to GitHub's code scanning dashboard.
      - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@6bc82e05fd0ea64601dd4b465378bbcf57de0314 # v3.29.5
+        uses: github/codeql-action/upload-sarif@ce28f5bb42b7a9f2c824e633a3f6ee835bab6858 # v3.29.0
        with:
          sarif_file: results.sarif
--- a/.github/workflows/semantic.yml
+++ b/.github/workflows/semantic.yml
@@ -18,7 +18,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: semantic-pull-request
-        uses: amannn/action-semantic-pull-request@48f256284bd46cdaab1048c3721360e808335d50 # v6.1.1
+        uses: amannn/action-semantic-pull-request@0723387faaf9b38adef4775cd42cfd5155ed6017 # v5.5.3
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
--- a/.github/workflows/stable-prep-items.yml
+++ b/.github/workflows/stable-prep-items.yml
@@ -10,12 +10,11 @@ permissions: {}
 jobs:
  check-stable-prep-items:
    name: Check Stable Prep Items
-    if: github.repository == 'electron/electron'
    runs-on: ubuntu-latest
    permissions: {}
    steps:
      - name: Generate GitHub App token
-        uses: electron/github-app-auth-action@e14e47722ed120360649d0789e25b9baece12725 # v2.0.0
+        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
        id: generate-token
        with:
          creds: ${{ secrets.RELEASE_BOARD_GH_APP_CREDS }}
--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@@ -9,16 +9,15 @@ permissions: {}

 jobs:
  stale:
-    if: github.repository == 'electron/electron'
    runs-on: ubuntu-latest
    permissions: {}
    steps:
      - name: Generate GitHub App token
-        uses: electron/github-app-auth-action@e14e47722ed120360649d0789e25b9baece12725 # v2.0.0
+        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
        id: generate-token
        with:
          creds: ${{ secrets.ISSUE_TRIAGE_GH_APP_CREDS }}
-      - uses: actions/stale@997185467fa4f803885201cee163a9f38240193d # tag: v10.1.1
+      - uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 # tag: v9.1.0
        with:
          repo-token: ${{ steps.generate-token.outputs.token }}
          days-before-stale: 90
@@ -29,20 +28,20 @@ jobs:
            This issue has been automatically marked as stale. **If this issue is still affecting you, please leave any comment** (for example, "bump"), and we'll keep it open. If you have any new additional information—in particular, if this is still reproducible in the [latest version of Electron](https://www.electronjs.org/releases/stable) or in the [beta](https://www.electronjs.org/releases/beta)—please include it with your comment!
          close-issue-message: >
            This issue has been closed due to inactivity, and will not be monitored.  If this is a bug and you can reproduce this issue on a [supported version of Electron](https://www.electronjs.org/docs/latest/tutorial/electron-timelines#timeline) please open a new issue and include instructions for reproducing the issue.
-          exempt-issue-labels: "discussion,security \U0001F512,enhancement :sparkles:,status/confirmed,stale-exempt,upgrade-follow-up,tracking-upstream"
+          exempt-issue-labels: "discussion,security \U0001F512,enhancement :sparkles:,status/confirmed,stale-exempt,upgrade-follow-up"
          only-pr-labels: not-a-real-label
  pending-repro:
    runs-on: ubuntu-latest
    permissions: {}
-    if: ${{ always() && github.repository == 'electron/electron' }}
+    if: ${{ always() }}
    needs: stale
    steps:
      - name: Generate GitHub App token
-        uses: electron/github-app-auth-action@e14e47722ed120360649d0789e25b9baece12725 # v2.0.0
+        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
        id: generate-token
        with:
          creds: ${{ secrets.ISSUE_TRIAGE_GH_APP_CREDS }}
-      - uses: actions/stale@997185467fa4f803885201cee163a9f38240193d # tag: v10.1.1
+      - uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 # tag: v9.1.0
        with:
          repo-token: ${{ steps.generate-token.outputs.token }}
          days-before-stale: -1
--- a/.github/workflows/update-website-docs.yml
+++ b/.github/workflows/update-website-docs.yml
@@ -1,39 +0,0 @@
-name: Update Website Docs
-
-on:
-  release:
-    types: [published]
-
-permissions: {}
-
-jobs:
-  update-website-docs:
-    name: Update Website Docs
-    runs-on: ubuntu-latest
-    environment: website-docs-updater
-    permissions:
-      contents: read
-      id-token: write # needed for secret-service-action
-    steps:
-      - name: Get GitHub App token
-        id: secret-service
-        uses: electron/secret-service-action@3476425e8b30555aac15b1b7096938e254b0e155 # v1.0.0
-      - name: Check if this release is the latest
-        id: check-if-latest-release
-        env:
-          GH_REPO: electron/electron
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          LATEST_RELEASE_TAG="$(gh release view --json tagName --jq '.tagName')"
-          if [ "$LATEST_RELEASE_TAG" = "${GITHUB_REF#refs/tags/}" ]; then
-            echo "isLatestRelease=true" >> $GITHUB_OUTPUT
-          else
-            echo "isLatestRelease=false" >> $GITHUB_OUTPUT
-          fi
-      - name: Trigger website docs update
-        if: ${{ steps.check-if-latest-release.outputs.isLatestRelease }}
-        env:
-          GH_REPO: electron/website
-          GH_TOKEN: ${{ fromJSON(steps.secret-service.outputs.secrets).WEBSITE_DOCS_UPDATER_APP_TOKEN }}
-        run: |
-          gh workflow run update-docs.yml -f sha=$GITHUB_SHA
--- a/.github/workflows/windows-publish.yml
+++ b/.github/workflows/windows-publish.yml
@@ -22,7 +22,6 @@ permissions: {}

 jobs:
  checkout-windows:
-    if: github.repository == 'electron/electron'
    runs-on: electron-arc-centralus-linux-amd64-32core
    permissions:
      contents: read
@@ -41,7 +40,7 @@ jobs:
      build-image-sha: ${{ inputs.build-image-sha }}
    steps:
    - name: Checkout Electron
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      with:
        path: src/electron
        fetch-depth: 0
@@ -54,6 +53,7 @@ jobs:
  publish-x64-win:
    uses: ./.github/workflows/pipeline-segment-electron-publish.yml
    permissions:
+      artifact-metadata: write
      attestations: write
      contents: read
      id-token: write
@@ -72,6 +72,7 @@ jobs:
  publish-arm64-win:
    uses: ./.github/workflows/pipeline-segment-electron-publish.yml
    permissions:
+      artifact-metadata: write
      attestations: write
      contents: read
      id-token: write
@@ -90,6 +91,7 @@ jobs:
  publish-x86-win:
    uses: ./.github/workflows/pipeline-segment-electron-publish.yml
    permissions:
+      artifact-metadata: write
      attestations: write
      contents: read
      id-token: write
--- a/.nvmrc
+++ b/.nvmrc
@@ -1 +1 @@
-22
+20
--- a/BUILD.gn
+++ b/BUILD.gn
@@ -446,7 +446,6 @@ source_set("electron_lib") {
    "shell/services/node/public/mojom",
    "//base:base_static",
    "//base/allocator:buildflags",
-    "//build/util:chromium_git_revision",
    "//chrome:strings",
    "//chrome/app:command_ids",
    "//chrome/app/resources:platform_locale_settings",
@@ -481,7 +480,6 @@ source_set("electron_lib") {
    "//device/bluetooth",
    "//device/bluetooth/public/cpp",
    "//gin",
-    "//gpu/ipc/client",
    "//media/capture/mojom:video_capture",
    "//media/mojo/mojom",
    "//media/mojo/mojom:web_speech_recognition",
@@ -502,7 +500,6 @@ source_set("electron_lib") {
    "//third_party/blink/public/platform/media",
    "//third_party/boringssl",
    "//third_party/electron_node:libnode",
-    "//third_party/highway:libhwy",
    "//third_party/inspector_protocol:crdtp",
    "//third_party/leveldatabase",
    "//third_party/libyuv",
@@ -530,7 +527,6 @@ source_set("electron_lib") {
    "//base",
    "//base:i18n",
    "//content/public/app",
-    "//ui/base/unowned_user_data",
  ]

  include_dirs = [
@@ -590,13 +586,7 @@ source_set("electron_lib") {
  }

  if (is_mac) {
-    # Disable C++ modules to resolve linking error when including MacOS SDK
-    # headers from third_party/electron_node/deps/uv/include/uv/darwin.h
-    # TODO(samuelmaddock): consider revisiting this in the future
-    use_libcxx_modules = false
-
    deps += [
-      "//components/os_crypt/common:keychain_password_mac",
      "//components/remote_cocoa/app_shim",
      "//components/remote_cocoa/browser",
      "//content/browser:mac_helpers",
@@ -699,6 +689,7 @@ source_set("electron_lib") {
      "//components/app_launch_prefetch",
      "//components/crash/core/app:crash_export_thunks",
      "//third_party/libxml:xml_writer",
+      "//ui/native_theme:native_theme_browser",
      "//ui/wm",
      "//ui/wm/public",
    ]
@@ -765,13 +756,11 @@ source_set("electron_lib") {
  if (enable_pdf_viewer) {
    deps += [
      "//chrome/browser/resources/pdf:resources",
-      "//chrome/browser/ui:browser_element_identifiers",
      "//components/pdf/browser",
      "//components/pdf/browser:interceptors",
      "//components/pdf/common:constants",
      "//components/pdf/common:util",
      "//components/pdf/renderer",
-      "//components/user_education/webui",
      "//pdf",
      "//pdf:content_restriction",
    ]
@@ -792,13 +781,9 @@ source_set("electron_lib") {

 action("mksnapshot_checksum_gen") {
  script = "build/checksum_header.py"
-
  outputs = [ "$target_gen_dir/snapshot_checksum.h" ]
  inputs = [ "$root_out_dir/$v8_context_snapshot_filename" ]
-  args = rebase_path(inputs)
-
-  args += rebase_path(outputs)
-
+  args = rebase_path(inputs) + rebase_path(outputs)
  deps = [ "//tools/v8_context_snapshot" ]
 }

--- a/CLAUDE.md
+++ b/CLAUDE.md
@@ -1,226 +0,0 @@
-# Electron Development Guide
-
-## Project Overview
-
-Electron is a framework for building cross-platform desktop applications using web technologies. It embeds Chromium for rendering and Node.js for backend functionality.
-
-## Directory Structure
-
-```text
-electron/                 # This repo (run `e` commands here)
-├── shell/               # Core C++ application code
-│   ├── browser/         # Main process implementation (107+ API modules)
-│   ├── renderer/        # Renderer process code
-│   ├── common/          # Shared code between processes
-│   ├── app/             # Application entry points
-│   └── services/        # Node.js service integration
-├── lib/                 # TypeScript/JavaScript library code
-│   ├── browser/         # Main process JS (47 API implementations)
-│   ├── renderer/        # Renderer process JS
-│   └── common/          # Shared JS modules
-├── patches/             # Patches for upstream dependencies
-│   ├── chromium/        # ~159 patches to Chromium
-│   ├── node/            # ~48 patches to Node.js
-│   └── ...              # Other targets (v8, boringssl, etc.)
-├── spec/                # Test suite (1189+ TypeScript test files)
-├── docs/                # API documentation and guides
-├── build/               # Build configuration
-├── script/              # Build and automation scripts
-└── chromium_src/        # Chromium source overrides
-../                      # Parent directory is Chromium source
-```
-
-## Build Tools Setup
-
-Electron uses `@electron/build-tools` for development. The `e` command is the primary CLI.
-
-**Installation:**
-
-```bash
-npm i -g @electron/build-tools
-```
-
-**Configuration location:** `~/.electron_build_tools/configs/`
-
-## Essential Commands
-
-### Configuration Management
-
-| Command | Purpose |
-|---------|---------|
-| `e init <name> --root=<path> --bootstrap testing` | Create new build config and sync |
-| `e use <name>` | Switch to a different build configuration |
-| `e show current` | Display active configuration name |
-| `e show configs` | List all available configurations |
-
-### Build & Development Loop
-
-| Command | Purpose |
-|---------|---------|
-| `e sync` | Fetch/update all source code and apply patches |
-| `e sync --3` | Sync with 3-way merge (required for Chromium upgrades) |
-| `e build` | Build Electron (runs GN + Ninja) |
-| `e build -k 999` | Build and continue on errors (up to 999) |
-| `e build -t <target>` | Build specific target (e.g., `electron:node_headers`) |
-| `e start` | Run the built Electron executable |
-| `e start --version` | Verify Electron launches and print version |
-| `e test` | Run the test suite |
-| `e debug` | Run Electron in debugger (lldb on macOS, gdb on Linux) |
-
-### Patch Management
-
-| Command | Purpose |
-|---------|---------|
-| `e patches <target>` | Export patches for a target (chromium, node, v8, etc.) |
-| `e patches all` | Export all patches from all targets |
-| `e patches --list-targets` | List available patch targets |
-
-## Typical Development Workflow
-
-```bash
-# 1. Ensure you're on the right config
-e show current
-
-# 2. Sync to get latest code
-e sync
-
-# 3. Make your changes in shell/ or lib/ or ../
-
-# 4. Build
-e build
-
-# 5. Test your changes (Leave the user to do this, don't run these commands unless asked)
-e start
-e test
-
-# 6. If you modified patched files in Chromium:
-cd ..  # Go to Chromium repo
-git add <files>
-git commit -m "description of change"
-cd electron
-e patches chromium  # Export the patch
-```
-
-## Patches System
-
-Electron patches upstream dependencies (Chromium, Node.js, V8, etc.) to add features or modify behavior.
-
-**How patches work:**
-
-```text
-patches/{target}/*.patch  →  [e sync --3]  →  target repo commits
-                          ←  [e patches]   ←
-```
-
-**Patch configuration:** `patches/config.json` maps patch directories to target repos.
-
-**Key rules:**
-
- Fix existing patches 99% of the time rather than creating new ones
- Preserve original authorship in TODO comments
- Never change TODO assignees (`TODO(name)` must retain original name)
- Each patch file includes commit message explaining its purpose
-
-**Creating/modifying patches:**
-
-1. Make changes in the target repo (e.g., `../` for Chromium)
-2. Create a git commit
-3. Run `e patches <target>` to export
-
-## Testing
-
-**Test location:** `spec/` directory
-
-**Running tests:**
-
-```bash
-e test                    # Run full test suite
-```
-
-**Test frameworks:** Mocha, Chai, Sinon
-
-## Build Configuration
-
-**GN build arguments:** Located in `build/args/`:
-
- `testing.gn` - Debug/testing builds
- `release.gn` - Release builds
- `all.gn` - Common arguments for all builds
-
-**Main build file:** `BUILD.gn`
-
-**Feature flags:** `buildflags/buildflags.gni`
-
-## Chromium Upgrade Workflow
-
-When working on the `roller/chromium/main` branch to upgrade Chromium activate the "Electron Chromium Upgrade" skill.
-
-## Code Style
-
-**C++:** Follows Chromium style, enforced by clang-format
-**TypeScript/JavaScript:** ESLint configuration in `.eslintrc.json`
-
-**Linting:**
-
-```bash
-npm run lint              # Run all linters
-npm run lint:clang-format # C++ formatting
-```
-
-## Key Files
-
-| File | Purpose |
-|------|---------|
-| `BUILD.gn` | Main GN build configuration |
-| `DEPS` | Dependency versions and checkout paths |
-| `patches/config.json` | Patch target configuration |
-| `filenames.gni` | Source file lists by platform |
-| `package.json` | Node.js dependencies and scripts |
-
-## Environment Variables
-
-| Variable | Purpose |
-|----------|---------|
-| `GN_EXTRA_ARGS` | Additional GN arguments (useful in CI) |
-| `ELECTRON_RUN_AS_NODE=1` | Run Electron as Node.js |
-
-## Useful Git Commands for Chromium
-
-```bash
-# Find CL that changed a file
-cd ..
-git log --oneline -10 -- {file}
-git blame -L {start},{end} -- {file}
-
-# Look for Chromium CL reference in commit
-git log -1 {commit_sha}  # Find "Reviewed-on:" line
-
-# Find which patch affects a file
-grep -l "filename.cc" patches/chromium/*.patch
-```
-
-## CI/CD
-
-GitHub Actions workflows in `.github/workflows/`:
-
- `build.yml` - Main build workflow
- `pipeline-electron-lint.yml` - Linting
- `pipeline-segment-electron-test.yml` - Testing
-
-## Common Issues
-
-**Patch conflict during sync:**
-
- Use `e sync --3` for 3-way merge
- Check if file was renamed/moved upstream
- Verify patch is still needed
-
-**Build error in patched file:**
-
- Find the patch: `grep -l "filename" patches/chromium/*.patch`
- Match existing patch style (#if 0 guards, BUILDFLAG conditionals, etc.)
-
-**Remote build issues:**
-
- Try `e build --no-remote` to build locally
- Check reclient/siso configuration in your build config
--- a/8
+++ b/8
@@ -2,17 +2,17 @@ gclient_gn_args_from = 'src'

 vars = {
  'chromium_version':
-    '146.0.7650.0',
+    '140.0.7339.249',
  'node_version':
-    'v24.13.0',
+    'v22.22.0',
  'nan_version':
-    '675cefebca42410733da8a454c8d9391fcebfbc2',
+    'e14bdcd1f72d62bca1d541b66da43130384ec213',
  'squirrel.mac_version':
    '0e5d146ba13101a1302d59ea6e6e0b3cace4ae38',
  'reactiveobjc_version':
    '74ab5baccc6f7202c8ac69a8d1e152c29dc1ea76',
  'mantle_version':
-    '2a8e2123a3931038179ee06105c9e6ec336b12ea',
+    '78d3966b3c331292ea29ec38661b25df0a245948',
  'engflow_reclient_configs_version':
    '955335c30a752e9ef7bff375baab5e0819b6c00d',

--- a/README.md
+++ b/README.md
@@ -37,7 +37,7 @@ For more installation options and troubleshooting tips, see

 Each Electron release provides binaries for macOS, Windows, and Linux.

-* macOS (Monterey and up): Electron provides 64-bit Intel and Apple Silicon / ARM binaries for macOS.
+* macOS (Big Sur and up): Electron provides 64-bit Intel and Apple Silicon / ARM binaries for macOS.
 * Windows (Windows 10 and up): Electron provides `ia32` (`x86`), `x64` (`amd64`), and `arm64` binaries for Windows. Windows on ARM support was added in Electron 5.0.8. Support for Windows 7, 8 and 8.1 was [removed in Electron 23, in line with Chromium's Windows deprecation policy](https://www.electronjs.org/blog/windows-7-to-8-1-deprecation-notice).
 * Linux: The prebuilt binaries of Electron are built on Ubuntu 22.04. They have also been verified to work on:
  * Ubuntu 18.04 and newer
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -8,12 +8,6 @@ The Electron team will send a response indicating the next steps in handling you

 Report security bugs in third-party modules to the person or team maintaining the module. You can also report a vulnerability through the [npm contact form](https://www.npmjs.com/support) by selecting "I'm reporting a security vulnerability".

-## Escalation
-
-If you do not receive an acknowledgement of your report within 6 business days, or if you cannot find a private security contact for the project, you may escalate to the OpenJS Foundation CNA at `security@lists.openjsf.org`.
-
-If the project acknowledges your report but does not provide any further response or engagement within 14 days, escalation is also appropriate.
-
 ## The Electron Security Notification Process

 For context on Electron's security notification process, please see the [Notifications](https://github.com/electron/governance/blob/main/wg-security/membership-and-notifications.md#notifications) section of the Security WG's [Membership and Notifications](https://github.com/electron/governance/blob/main/wg-security/membership-and-notifications.md) Governance document.
--- a/build/args/all.gn
+++ b/build/args/all.gn
@@ -2,7 +2,7 @@ is_electron_build = true
 root_extra_deps = [ "//electron" ]

 # Registry of NMVs --> https://github.com/nodejs/node/blob/main/doc/abi_version_registry.json
-node_module_version = 145
+node_module_version = 139

 v8_promise_internal_field_count = 1
 v8_embedder_string = "-electron.0"
@@ -19,10 +19,6 @@ proprietary_codecs = true

 enable_printing = true

-# Refs https://chromium-review.googlesource.com/c/chromium/src/+/6986517
-# CI is using MacOS 15.5 which doesn't have the required modulemaps.
-use_clang_modules = false
-
 # Removes DLLs from the build, which are only meant to be used for Chromium development.
 # See https://github.com/electron/electron/pull/17985
 angle_enable_vulkan_validation_layers = false
--- a/build/checksum_header.py
+++ b/build/checksum_header.py
@@ -12,7 +12,7 @@ TEMPLATE_H = """

 namespace electron::snapshot_checksum {

-inline constexpr std::string_view kChecksum = "{checksum}";
+const std::string kChecksum = "{checksum}";

 }  // namespace electron::snapshot_checksum

--- a/build/rules.gni
+++ b/build/rules.gni
@@ -67,6 +67,10 @@ template("mac_xib_bundle_data") {
    ibtool_flags = [
      "--minimum-deployment-target",
      mac_deployment_target,
+
+      # TODO(rsesek): Enable this once all the bots are on Xcode 7+.
+      # "--target-device",
+      # "mac",
    ]
  }

--- a/chromium_src/BUILD.gn
+++ b/chromium_src/BUILD.gn
@@ -23,8 +23,6 @@ static_library("chrome") {
    "//chrome/browser/browser_process.h",
    "//chrome/browser/devtools/devtools_contents_resizing_strategy.cc",
    "//chrome/browser/devtools/devtools_contents_resizing_strategy.h",
-    "//chrome/browser/devtools/devtools_dispatch_http_request_params.cc",
-    "//chrome/browser/devtools/devtools_dispatch_http_request_params.h",
    "//chrome/browser/devtools/devtools_embedder_message_dispatcher.cc",
    "//chrome/browser/devtools/devtools_embedder_message_dispatcher.h",
    "//chrome/browser/devtools/devtools_eye_dropper.cc",
@@ -144,6 +142,8 @@ static_library("chrome") {
    "//chrome/browser/ui/views/overlay/toggle_camera_button.h",
    "//chrome/browser/ui/views/overlay/toggle_microphone_button.cc",
    "//chrome/browser/ui/views/overlay/toggle_microphone_button.h",
+    "//chrome/browser/ui/views/overlay/video_overlay_window_native_widget_mac.h",
+    "//chrome/browser/ui/views/overlay/video_overlay_window_native_widget_mac.mm",
    "//chrome/browser/ui/views/overlay/video_overlay_window_views.cc",
    "//chrome/browser/ui/views/overlay/video_overlay_window_views.h",
    "//chrome/browser/ui/views/picture_in_picture/picture_in_picture_bounds_change_animation.cc",
@@ -280,8 +280,6 @@ static_library("chrome") {
      "//chrome/browser/process_singleton_mac.mm",
      "//chrome/browser/ui/views/eye_dropper/eye_dropper_view_mac.h",
      "//chrome/browser/ui/views/eye_dropper/eye_dropper_view_mac.mm",
-      "//chrome/browser/ui/views/overlay/video_overlay_window_native_widget_mac.h",
-      "//chrome/browser/ui/views/overlay/video_overlay_window_native_widget_mac.mm",
    ]
    deps += [ ":system_media_capture_permissions_mac_conflict" ]
  }
@@ -383,8 +381,6 @@ static_library("chrome") {
        "//chrome/browser/pdf/chrome_pdf_stream_delegate.h",
        "//chrome/browser/pdf/pdf_extension_util.cc",
        "//chrome/browser/pdf/pdf_extension_util.h",
-        "//chrome/browser/pdf/pdf_help_bubble_handler_factory.cc",
-        "//chrome/browser/pdf/pdf_help_bubble_handler_factory.h",
        "//chrome/browser/pdf/pdf_viewer_stream_manager.cc",
        "//chrome/browser/pdf/pdf_viewer_stream_manager.h",
        "//chrome/browser/plugins/pdf_iframe_navigation_throttle.cc",
@@ -393,8 +389,6 @@ static_library("chrome") {
      deps += [
        "//components/pdf/browser",
        "//components/pdf/renderer",
-        "//ui/base/interaction",
-        "//ui/webui/resources/cr_components/help_bubble:mojo_bindings",
      ]
    }
  } else {
@@ -508,17 +502,15 @@ source_set("chrome_spellchecker") {
  ]
 }

-if (is_mac) {
-  # These sources create an object file conflict with one in |:chrome|, so they
-  # must live in a separate target.
-  # Conflicting sources:
-  #   //chrome/browser/media/webrtc/system_media_capture_permissions_stats_mac.mm
-  #   //chrome/browser/permissions/system/system_media_capture_permissions_mac.mm
-  source_set("system_media_capture_permissions_mac_conflict") {
-    sources = [
-      "//chrome/browser/permissions/system/system_media_capture_permissions_mac.h",
-      "//chrome/browser/permissions/system/system_media_capture_permissions_mac.mm",
-    ]
-    deps = [ "//chrome/common" ]
-  }
+# These sources create an object file conflict with one in |:chrome|, so they
+# must live in a separate target.
+# Conflicting sources:
+#   //chrome/browser/media/webrtc/system_media_capture_permissions_stats_mac.mm
+#   //chrome/browser/permissions/system/system_media_capture_permissions_mac.mm
+source_set("system_media_capture_permissions_mac_conflict") {
+  sources = [
+    "//chrome/browser/permissions/system/system_media_capture_permissions_mac.h",
+    "//chrome/browser/permissions/system/system_media_capture_permissions_mac.mm",
+  ]
+  deps = [ "//chrome/common" ]
 }
--- a/default_app/main.ts
+++ b/default_app/main.ts
@@ -110,9 +110,11 @@ async function loadApplicationPackage (packagePath: string) {
      } else if (packageJson.name) {
        app.name = packageJson.name;
      }
-
-      app.setDesktopName(packageJson.desktopName || `${app.name}.desktop`);
-
+      if (packageJson.desktopName) {
+        app.setDesktopName(packageJson.desktopName);
+      } else {
+        app.setDesktopName(`${app.name}.desktop`);
+      }
      // Set v8 flags, deliberately lazy load so that apps that do not use this
      // feature do not pay the price
      if (packageJson.v8Flags) {
--- a/docs/api/app.md
+++ b/docs/api/app.md
@@ -421,7 +421,6 @@ Returns:
    * `oom` - Process ran out of memory
    * `launch-failed` - Process never successfully launched
    * `integrity-failure` - Windows code integrity checks failed
-    * `memory-eviction` - Process proactively terminated to prevent a future out-of-memory (OOM) situation
  * `exitCode` number - The exit code for the process
      (e.g. status from waitpid if on POSIX, from GetExitCodeProcess on Windows).
  * `serviceName` string (optional) - The non-localized name of the process.
@@ -565,9 +564,8 @@ and subscribing to the `ready` event if the app is not ready yet.
  * `steal` boolean _macOS_ - Make the receiver the active app even if another app is
  currently active.

-On macOS, makes the application the active app. On Windows, focuses on the application's
-first window. On Linux, either focuses on the first visible window (X11) or requests
-focus but may instead show a notification or flash the app icon (Wayland).
+On Linux, focuses on the first visible window. On macOS, makes the application
+the active app. On Windows, focuses on the application's first window.

 You should seek to use the `steal` option as sparingly as possible.

@@ -612,7 +610,7 @@ Returns `string` - The current application directory.
    may backup this directory to cloud storage.
  * `sessionData` The directory for storing data generated by `Session`, such
    as localStorage, cookies, disk cache, downloaded dictionaries, network
-    state, DevTools files. By default this points to `userData`. Chromium may
+    state, devtools files. By default this points to `userData`. Chromium may
    write very large disk cache here, so if your app does not rely on browser
    storage like localStorage or cookies to save user data, it is recommended
    to set this directory to other locations to avoid polluting the `userData`
@@ -1218,7 +1216,7 @@ This method can only be called before app is ready.

 ### `app.isHardwareAccelerationEnabled()`

-Returns `boolean` - whether hardware acceleration is currently enabled.
+Returns `boolean` - whether hardware acceleration is currently disabled.

 > [!NOTE]
 > This information is only usable after the `gpu-info-update` event is emitted.
@@ -1285,8 +1283,6 @@ For `infoType` equal to `basic`:

 Using `basic` should be preferred if only basic information like `vendorId` or `deviceId` is needed.

-Promise is rejected if the GPU is completely disabled, i.e. no hardware and software implementations are available.
-
 ### `app.setBadgeCount([count])` _Linux_ _macOS_

 * `count` Integer (optional) - If a value is provided, set the badge to the provided value otherwise, on macOS, display a plain white dot (e.g. unknown number of notifications). On Linux, if a value is not provided the badge will not display.
--- a/docs/api/auto-updater.md
+++ b/docs/api/auto-updater.md
@@ -32,19 +32,9 @@ update process. Apps that need to disable ATS can add the

 ### Windows

-On Windows, the `autoUpdater` module automatically selects the appropriate update mechanism
-based on how your app is packaged:
-
-* **MSIX packages**: If your app is running as an MSIX package (created with [electron-windows-msix][msix-lib] and detected via [`process.windowsStore`](process.md#processwindowsstore-readonly)),
-  the module uses the MSIX updater, which supports direct MSIX file links and JSON update feeds.
-* **Squirrel.Windows**: For apps installed via traditional installers (created with
-  [electron-winstaller][installer-lib] or [Electron Forge's Squirrel.Windows maker][electron-forge-lib]),
-  the module uses Squirrel.Windows for updates.
-
-You don't need to configure which updater to use; Electron automatically detects the packaging
-format and uses the appropriate one.
-
-#### Squirrel.Windows
+On Windows, you have to install your app into a user's machine before you can
+use the `autoUpdater`, so it is recommended that you use
+[electron-winstaller][installer-lib] or [Electron Forge's Squirrel.Windows maker][electron-forge-lib] to generate a Windows installer.

 Apps built with Squirrel.Windows will trigger [custom launch events](https://github.com/Squirrel/Squirrel.Windows/blob/51f5e2cb01add79280a53d51e8d0cfa20f8c9f9f/docs/using/custom-squirrel-events-non-cs.md#application-startup-commands)
 that must be handled by your Electron application to ensure proper setup and teardown.
@@ -65,14 +55,6 @@ The installer generated with Squirrel.Windows will create a shortcut icon with a
 same ID for your app with `app.setAppUserModelId` API, otherwise Windows will
 not be able to pin your app properly in task bar.

-#### MSIX Packages
-
-When your app is packaged as an MSIX, the `autoUpdater` module provides additional
-functionality:
-
-* Use the `allowAnyVersion` option in `setFeedURL()` to allow updates to older versions (downgrades)
-* Support for direct MSIX file links or JSON update feeds (similar to Squirrel.Mac format)
-
 ## Events

 The `autoUpdater` object emits the following events:
@@ -110,7 +92,7 @@ Returns:

 Emitted when an update has been downloaded.

-With Squirrel.Windows only `releaseName` is available.
+On Windows only `releaseName` is available.

 > [!NOTE]
 > It is not strictly necessary to handle this event. A successfully
@@ -118,13 +100,6 @@ With Squirrel.Windows only `releaseName` is available.

 ### Event: 'before-quit-for-update'

-<!--
-```YAML history
-added:
-  - pr-url: https://github.com/electron/electron/pull/12619
-```
-->
-
 This event is emitted after a user calls `quitAndInstall()`.

 When this API is called, the `before-quit` event is not emitted before all windows are closed. As a result you should listen to this event if you wish to perform actions before the windows are closed while a process is quitting, as well as listening to `before-quit`.
@@ -135,23 +110,11 @@ The `autoUpdater` object has the following methods:

 ### `autoUpdater.setFeedURL(options)`

-<!--
-```YAML history
-changes:
-  - pr-url: https://github.com/electron/electron/pull/5879
-    description: "Added `headers` as a second parameter."
-  - pr-url: https://github.com/electron/electron/pull/11925
-    description: "Changed API to accept a single `options` argument (contains `url`, `headers`, and `serverType` properties)."
-```
-->
-
 * `options` Object
-  * `url` string - The update server URL. For _Windows_ MSIX, this can be either a direct link to an MSIX file (e.g., `https://example.com/update.msix`) or a JSON endpoint that returns update information (see the [Squirrel.Mac][squirrel-mac] README for more information).
+  * `url` string
  * `headers` Record\<string, string\> (optional) _macOS_ - HTTP request headers.
  * `serverType` string (optional) _macOS_ - Can be `json` or `default`, see the [Squirrel.Mac][squirrel-mac]
    README for more information.
-  * `allowAnyVersion` boolean (optional) _Windows_ - If `true`, allows downgrades to older versions for MSIX packages.
-    Defaults to `false`.

 Sets the `url` and initialize the auto updater.

@@ -188,4 +151,3 @@ closed.
 [electron-forge-lib]: https://www.electronforge.io/config/makers/squirrel.windows
 [app-user-model-id]: https://learn.microsoft.com/en-us/windows/win32/shell/appids
 [event-emitter]: https://nodejs.org/api/events.html#events_class_eventemitter
-[msix-lib]:  https://github.com/electron-userland/electron-windows-msix
--- a/docs/api/base-window.md
+++ b/docs/api/base-window.md
@@ -756,9 +756,6 @@ Returns [`Rectangle`](structures/rectangle.md) - The `bounds` of the window as `
 > [!NOTE]
 > On macOS, the y-coordinate value returned will be at minimum the [Tray](tray.md) height. For example, calling `win.setBounds({ x: 25, y: 20, width: 800, height: 600 })` with a tray height of 38 means that `win.getBounds()` will return `{ x: 25, y: 38, width: 800, height: 600 }`.

-> [!NOTE]
-> On Wayland, this method will return `{ x: 0, y: 0, ... }` as introspecting or programmatically changing the global window coordinates is prohibited.
-
 #### `win.getBackgroundColor()`

 Returns `string` - Gets the background color of the window in Hex (`#RRGGBB`) format.
@@ -972,9 +969,6 @@ Moves window to `x` and `y`.

 Returns `Integer[]` - Contains the window's current position.

-> [!NOTE]
-> On Wayland, this method will return `[0, 0]` as introspecting or programmatically changing the global window coordinates is prohibited.
-
 #### `win.setTitle(title)`

 * `title` string
--- a/docs/api/browser-window.md
+++ b/docs/api/browser-window.md
@@ -140,10 +140,6 @@ state is `hidden` in order to minimize power consumption.
  move.
 * On Linux the type of modal windows will be changed to `dialog`.
 * On Linux many desktop environments do not support hiding a modal window.
-* On Wayland (Linux) it is generally not possible to programmatically resize windows
-  after creation, or to position, move, focus, or blur windows without user input.
-  If your app needs these capabilities, run it in Xwayland by appending the flag
-  `--ozone-platform=x11`.

 ## Class: BrowserWindow extends `BaseWindow`

@@ -660,15 +656,10 @@ the [close event](#event-close).

 Focuses on the window.

-On Wayland (Linux), the desktop environment may show a notification or flash
-the app icon if the window or app is not already focused.
-
 #### `win.blur()`

 Removes focus from the window.

-Not supported on Wayland (Linux).
-
 #### `win.isFocused()`

 Returns `boolean` - Whether the window is focused.
@@ -685,8 +676,6 @@ Shows and gives focus to the window.

 Shows the window but doesn't focus on it.

-Not supported on Wayland (Linux).
-
 #### `win.hide()`

 Hides the window.
@@ -835,8 +824,6 @@ Closes the currently open [Quick Look][quick-look] panel.

 Resizes and moves the window to the supplied bounds. Any properties that are not supplied will default to their current values.

-On Wayland (Linux), has the same limitations as `setSize` and `setPosition`.
-
 ```js
 const { BrowserWindow } = require('electron')

@@ -862,9 +849,6 @@ Returns [`Rectangle`](structures/rectangle.md) - The `bounds` of the window as `
 > [!NOTE]
 > On macOS, the y-coordinate value returned will be at minimum the [Tray](tray.md) height. For example, calling `win.setBounds({ x: 25, y: 20, width: 800, height: 600 })` with a tray height of 38 means that `win.getBounds()` will return `{ x: 25, y: 38, width: 800, height: 600 }`.

-> [!NOTE]
-> On Wayland, this method will return `{ x: 0, y: 0, ... }` as introspecting or programmatically changing the global window coordinates is prohibited.
-
 #### `win.getBackgroundColor()`

 Returns `string` - Gets the background color of the window in Hex (`#RRGGBB`) format.
@@ -882,8 +866,6 @@ See [Setting `backgroundColor`](#setting-the-backgroundcolor-property).
 Resizes and moves the window's client area (e.g. the web page) to
 the supplied bounds.

-On Wayland (Linux), has the same limitations as `setContentSize` and `setPosition`.
-
 #### `win.getContentBounds()`

 Returns [`Rectangle`](structures/rectangle.md) - The `bounds` of the window's client area as `Object`.
@@ -913,8 +895,6 @@ Returns `boolean` - whether the window is enabled.

 Resizes the window to `width` and `height`. If `width` or `height` are below any set minimum size constraints the window will snap to its minimum size.

-On Wayland (Linux), may not work as some window managers restrict programmatic window resizing.
-
 #### `win.getSize()`

 Returns `Integer[]` - Contains the window's width and height.
@@ -927,8 +907,6 @@ Returns `Integer[]` - Contains the window's width and height.

 Resizes the window's client area (e.g. the web page) to `width` and `height`.

-On Wayland (Linux), may not work as some window managers restrict programmatic window resizing.
-
 #### `win.getContentSize()`

 Returns `Integer[]` - Contains the window's client area's width and height.
@@ -1066,16 +1044,12 @@ this method throws an error.

 #### `win.moveTop()`

-Moves window to top(z-order) regardless of focus.
-
-Not supported on Wayland (Linux).
+Moves window to top(z-order) regardless of focus

 #### `win.center()`

 Moves window to the center of the screen.

-Not supported on Wayland (Linux).
-
 #### `win.setPosition(x, y[, animate])`

 * `x` Integer
@@ -1084,15 +1058,10 @@ Not supported on Wayland (Linux).

 Moves window to `x` and `y`.

-Not supported on Wayland (Linux).
-
 #### `win.getPosition()`

 Returns `Integer[]` - Contains the window's current position.

-> [!NOTE]
-> On Wayland, this method will return `[0, 0]` as introspecting or programmatically changing the global window coordinates is prohibited.
-
 #### `win.setTitle(title)`

 * `title` string
@@ -1258,8 +1227,7 @@ Captures a snapshot of the page within `rect`. Omitting `rect` will capture the

 Returns `Promise<void>` - the promise will resolve when the page has finished loading
 (see [`did-finish-load`](web-contents.md#event-did-finish-load)), and rejects
-if the page fails to load (see
-[`did-fail-load`](web-contents.md#event-did-fail-load)). A noop rejection handler is already attached, which avoids unhandled rejection errors. If the existing page has a beforeUnload handler, [`did-fail-load`](web-contents.md#event-did-fail-load) will be called unless [`will-prevent-unload`](web-contents.md#event-did-fail-load) is handled.
+if the page fails to load (see [`did-fail-load`](web-contents.md#event-did-fail-load)).

 Same as [`webContents.loadURL(url[, options])`](web-contents.md#contentsloadurlurl-options).

--- a/docs/api/clipboard.md
+++ b/docs/api/clipboard.md
@@ -2,13 +2,10 @@

 > Perform copy and paste operations on the system clipboard.

-Process: [Main](../glossary.md#main-process), [Renderer](../glossary.md#renderer-process) _Deprecated_ (non-sandboxed only)
-
-> [!NOTE]
-> Using the `clipoard` API from the renderer process is deprecated.
+Process: [Main](../glossary.md#main-process), [Renderer](../glossary.md#renderer-process) (non-sandboxed only)

 > [!IMPORTANT]
-> If you want to call this API from a renderer process,
+> If you want to call this API from a renderer process with context isolation enabled,
 > place the API call in your preload script and
 > [expose](../tutorial/context-isolation.md#after-context-isolation-enabled) it using the
 > [`contextBridge`](context-bridge.md) API.
--- a/docs/api/command-line-switches.md
+++ b/docs/api/command-line-switches.md
@@ -49,10 +49,6 @@ Disables the disk cache for HTTP requests.

 Disable HTTP/2 and SPDY/3.1 protocols.

-### --disable-geolocation _macOS_
-
-Disables the Geolocation API. Permission requests for geolocation will be denied internally regardless of the decision made by a handler set via `session.setPermissionRequestHandler`. This functionality is currently implemented only for macOS. Has no effect on other platforms.
-
 ### --disable-renderer-backgrounding

 Prevents Chromium from lowering the priority of invisible pages' renderer
@@ -90,7 +86,7 @@ Field trials to be forcefully enabled or disabled.

 For example: `WebRTC-Audio-Red-For-Opus/Enabled/`

-### --host-rules=`rules` _Deprecated_
+### --host-rules=`rules`

 A comma-separated list of `rules` that control how hostnames are mapped.

@@ -108,23 +104,9 @@ These mappings apply to the endpoint host in a net request (the TCP connect
 and host resolver in a direct connection, and the `CONNECT` in an HTTP proxy
 connection, and the endpoint host in a `SOCKS` proxy connection).

-**Deprecated:** Use the `--host-resolver-rules` switch instead.
-
 ### --host-resolver-rules=`rules`

-A comma-separated list of `rules` that control how hostnames are mapped.
-
-For example:
-
-* `MAP * 127.0.0.1` Forces all hostnames to be mapped to 127.0.0.1
-* `MAP *.google.com proxy` Forces all google.com subdomains to be resolved to
-  "proxy".
-* `MAP test.com [::1]:77` Forces "test.com" to resolve to IPv6 loopback. Will
-  also force the port of the resulting socket address to be 77.
-* `MAP * baz, EXCLUDE www.google.com` Remaps everything to "baz", except for
-  "www.google.com".
-
-These `rules` only apply to the host resolver.
+Like `--host-rules` but these `rules` only apply to the host resolver.

 ### --ignore-certificate-errors

@@ -197,11 +179,6 @@ Disables the Chromium [sandbox](https://www.chromium.org/developers/design-docum
 Forces renderer process and Chromium helper processes to run un-sandboxed.
 Should only be used for testing.

-### --no-stdio-init
-
-Disable stdio initialization during node initialization.
-Used to avoid node initialization crash when the nul device is disabled on Windows platform.
-
 ### --proxy-bypass-list=`hosts`

 Instructs Electron to bypass the proxy server for the given semi-colon-separated
@@ -317,7 +294,7 @@ By default inspector websocket url is available in stderr and under /json/list e

 ### `--experimental-network-inspection`

-Enable support for DevTools network inspector events, for visibility into requests made by the nodejs `http` and `https` modules.
+Enable support for devtools network inspector events, for visibility into requests made by the nodejs `http` and `https` modules.

 ### `--no-deprecation`

@@ -354,22 +331,6 @@ Affects the default output directory of [v8.setHeapSnapshotNearHeapLimit](https:

 Disable exposition of [Navigator API][] on the global scope from Node.js.

-## Chromium Flags
-
-There isn't a documented list of all Chromium switches, but there are a few ways to find them.
-
-The easiest way is through Chromium's flags page, which you can access at `about://flags`. These flags don't directly match switch names, but they show up in the process's command-line arguments.
-
-To see these arguments, enable a flag in `about://flags`, then go to `about://version` in Chromium. You'll find a list of command-line arguments, including `--flag-switches-begin --your --list --flag-switches-end`, which contains the list of your flag enabled switches.
-
-Most flags are included as part of `--enable-features=`, but some are standalone switches, like `--enable-experimental-web-platform-features`.
-
-A complete list of flags exists in [Chromium's flag metadata page](https://source.chromium.org/chromium/chromium/src/+/main:chrome/browser/flag-metadata.json), but this list includes platform, environment and GPU specific, expired and potentially non-functional flags, so many of them might not always work in every situation.
-
-Keep in mind that standalone switches can sometimes be split into individual features, so there's no fully complete list of switches.
-
-Finally, you'll need to ensure that the version of Chromium in Electron matches the version of the browser you're using to cross-reference the switches.
-
 [app]: app.md
 [append-switch]: command-line.md#commandlineappendswitchswitch-value
 [debugging-main-process]: ../tutorial/debugging-main-process.md
--- a/docs/api/context-bridge.md
+++ b/docs/api/context-bridge.md
@@ -157,7 +157,6 @@ has been included below for completeness:
 | [Cloneable Types](https://developer.mozilla.org/en-US/docs/Web/API/Web_Workers_API/Structured_clone_algorithm) | Simple | ✅ | ✅ | See the linked document on cloneable types |
 | `Element` | Complex | ✅ | ✅ | Prototype modifications are dropped.  Sending custom elements will not work. |
 | `Blob` | Complex | ✅ | ✅ | N/A |
-| `VideoFrame` | Complex | ✅ | ✅ | N/A |
 | `Symbol` | N/A | ❌ | ❌ | Symbols cannot be copied across contexts so they are dropped |

 If the type you care about is not in the above table, it is probably not supported.
--- a/docs/api/cookies.md
+++ b/docs/api/cookies.md
@@ -51,12 +51,7 @@ Returns:
 * `event` Event
 * `cookie` [Cookie](structures/cookie.md) - The cookie that was changed.
 * `cause` string - The cause of the change with one of the following values:
-  * `inserted` -  The cookie was inserted.
-  * `inserted-no-change-overwrite` - The newly inserted cookie overwrote a cookie but
-    did not result in any change. For example, inserting an identical cookie will produce this cause.
-  * `inserted-no-value-change-overwrite` - The newly inserted cookie overwrote a cookie but
-    did not result in any value change, but it's web observable (e.g. updates the expiry).
-  * `explicit` - The cookie was deleted directly by a consumer's action.
+  * `explicit` - The cookie was changed directly by a consumer's action.
  * `overwrite` - The cookie was automatically removed due to an insert
    operation that overwrote it.
  * `expired` - The cookie was automatically removed as it expired.
--- a/docs/api/debugger.md
+++ b/docs/api/debugger.md
@@ -44,7 +44,7 @@ Returns:
 * `reason` string - Reason for detaching debugger.

 Emitted when the debugging session is terminated. This happens either when
-`webContents` is closed or DevTools is invoked for the attached `webContents`.
+`webContents` is closed or devtools is invoked for the attached `webContents`.

 #### Event: 'message'

--- a/docs/api/desktop-capturer.md
+++ b/docs/api/desktop-capturer.md
@@ -102,10 +102,6 @@ Returns `Promise<DesktopCapturerSource[]>` - Resolves with an array of [`Desktop

 ## Caveats

-`desktopCapturer.getSources(options)` only returns a single source on Linux when using Pipewire.
-
-PipeWire supports a single capture for both screens and windows. If you request the window and screen type, the selected source will be returned as a window capture.
-
 `navigator.mediaDevices.getUserMedia` does not work on macOS for audio capture due to a fundamental limitation whereby apps that want to access the system's audio require a [signed kernel extension](https://developer.apple.com/library/archive/documentation/Security/Conceptual/System_Integrity_Protection_Guide/KernelExtensions/KernelExtensions.html). Chromium, and by extension Electron, does not provide this.

 It is possible to circumvent this limitation by capturing system audio with another macOS app like Soundflower and passing it through a virtual audio input device. This virtual device can then be queried with `navigator.mediaDevices.getUserMedia`.
--- a/docs/api/environment-variables.md
+++ b/docs/api/environment-variables.md
@@ -159,22 +159,6 @@ Notification activated (com.github.Electron:notification:EAF7B87C-A113-43D7-8E76
 Notification replied to (com.github.Electron:notification:EAF7B87C-A113-43D7-8E76-F88EC9D73D44)
 ```

-### `ELECTRON_DEBUG_MSIX_UPDATER`
-
-Adds extra logs to MSIX updater operations on Windows to aid in debugging. Extra logging will be displayed when MSIX update operations are initiated, including package updates, package registration, and restart registration. This helps diagnose issues with MSIX package updates and deployments.
-
-Sample output:
-
-```sh
-UpdateMsix called with URI: https://example.com/app.msix
-DoUpdateMsix: Starting
-Calling AddPackageByUriAsync... URI: https://example.com/app.msix
-Update options - deferRegistration: true, developerMode: false, forceShutdown: false, forceTargetShutdown: false, forceUpdateFromAnyVersion: false
-Waiting for deployment...
-Deployment finished.
-MSIX Deployment completed.
-```
-
 ### `ELECTRON_LOG_ASAR_READS`

 When Electron reads from an ASAR file, log the read offset and file path to
@@ -202,14 +186,3 @@ the one downloaded by `npm install`. Usage:
 ```sh
 export ELECTRON_OVERRIDE_DIST_PATH=/Users/username/projects/electron/out/Testing
 ```
-
-### `ELECTRON_SKIP_BINARY_DOWNLOAD`
-
-If you want to install your project's dependencies but don't need to use Electron functionality,
-you can set the `ELECTRON_SKIP_BINARY_DOWNLOAD` environment variable to prevent the binary from being
-downloaded. For instance, this feature can be useful in continuous integration environments when
-running unit tests that mock out the `electron` module.
-
-```sh
-ELECTRON_SKIP_BINARY_DOWNLOAD=1 npm install
-```
--- a/docs/api/extensions-api.md
+++ b/docs/api/extensions-api.md
@@ -57,7 +57,7 @@ The following methods are available on instances of `Extensions`:
 * `options` Object (optional)
  * `allowFileAccess` boolean - Whether to allow the extension to read local files over `file://`
    protocol and inject content scripts into `file://` pages. This is required e.g. for loading
-    DevTools extensions on `file://` URLs. Defaults to false.
+    devtools extensions on `file://` URLs. Defaults to false.

 Returns `Promise<Extension>` - resolves when the extension is loaded.

@@ -83,7 +83,7 @@ const path = require('node:path')
 app.whenReady().then(async () => {
  await session.defaultSession.extensions.loadExtension(
    path.join(__dirname, 'react-devtools'),
-    // allowFileAccess is required to load the DevTools extension on file:// URLs.
+    // allowFileAccess is required to load the devtools extension on file:// URLs.
    { allowFileAccess: true }
  )
  // Note that in order to use the React DevTools extension, you'll need to
--- a/docs/api/menu-item.md
+++ b/docs/api/menu-item.md
@@ -17,7 +17,7 @@ See [`Menu`](menu.md) for examples.
 * `options` Object
  * `click` Function (optional) - Will be called with
    `click(menuItem, window, event)` when the menu item is clicked.
-    * `menuItem` [MenuItem](menu-item.md)
+    * `menuItem` MenuItem
    * `window` [BaseWindow](base-window.md) | undefined - This will not be defined if no window is open.
    * `event` [KeyboardEvent](structures/keyboard-event.md)
  * `role` string (optional) - Can be `undo`, `redo`, `cut`, `copy`, `paste`, `pasteAndMatchStyle`, `delete`, `selectAll`, `reload`, `forceReload`, `toggleDevTools`, `resetZoom`, `zoomIn`, `zoomOut`, `toggleSpellChecker`, `togglefullscreen`, `window`, `minimize`, `close`, `help`, `about`, `services`, `hide`, `hideOthers`, `unhide`, `quit`, `showSubstitutions`, `toggleSmartQuotes`, `toggleSmartDashes`, `toggleTextReplacement`, `startSpeaking`, `stopSpeaking`, `zoom`, `front`, `appMenu`, `fileMenu`, `editMenu`, `viewMenu`, `shareMenu`, `recentDocuments`, `toggleTabBar`, `selectNextTab`, `selectPreviousTab`, `showAllTabs`, `mergeAllWindows`, `clearRecentDocuments`, `moveTabToNewWindow` or `windowMenu` - Define the action of the menu item, when specified the
@@ -34,8 +34,7 @@ See [`Menu`](menu.md) for examples.
  * `sublabel` string (optional) _macOS_ - Available in macOS >= 14.4
  * `toolTip` string (optional) _macOS_ - Hover text for this menu item.
  * `accelerator` string (optional) - An [Accelerator](../tutorial/keyboard-shortcuts.md#accelerators) string.
-  * `icon` ([NativeImage](native-image.md) | string) (optional) - Can be a
-    [NativeImage](native-image.md) or the file path of an icon.
+  * `icon` ([NativeImage](native-image.md) | string) (optional)
  * `enabled` boolean (optional) - If false, the menu item will be greyed out and
    unclickable.
  * `acceleratorWorksWhenHidden` boolean (optional) _macOS_ - default is `true`, and when `false` will prevent the accelerator from triggering the item if the item is not visible.
@@ -91,7 +90,7 @@ It can be called with `menuItem.click(event, focusedWindow, focusedWebContents)`

 #### `menuItem.submenu`

-A [`Menu`](menu.md) (optional) containing the menu
+A `Menu` (optional) containing the menu
 item's submenu, if present.

 #### `menuItem.type`
@@ -107,7 +106,7 @@ A `string` (optional) indicating the item's role, if set. Can be `undo`, `redo`,

 #### `menuItem.accelerator`

-An `Accelerator | null` indicating the item's accelerator, if set.
+An `Accelerator` (optional) indicating the item's accelerator, if set.

 #### `menuItem.userAccelerator` _Readonly_ _macOS_

@@ -171,4 +170,4 @@ A `number` indicating an item's sequential unique id.

 #### `menuItem.menu`

-A [`Menu`](menu.md) that the item is a part of.
+A `Menu` that the item is a part of.
--- a/docs/api/menu.md
+++ b/docs/api/menu.md
@@ -2,15 +2,10 @@

 ## Class: Menu

-> Create application menus and context menus.
+> Create native application menus and context menus.

 Process: [Main](../glossary.md#main-process)

-The presentation of menus varies depending on the operating system:
-
- Under Windows and Linux, menus are visually similar to Chromium.
- Under macOS, these will be native menus.
-
 > [!TIP]
 > See also: [A detailed guide about how to implement menus in your application](../tutorial/menus.md).

@@ -28,7 +23,7 @@ The `Menu` class has the following static methods:

 #### `Menu.setApplicationMenu(menu)`

- `menu` [Menu](menu.md) | null
+- `menu` Menu | null

 Sets `menu` as the application menu on macOS. On Windows and Linux, the
 `menu` will be set as each window's top menu.
@@ -70,9 +65,9 @@ for more information on macOS' native actions.

 #### `Menu.buildFromTemplate(template)`

- `template` (MenuItemConstructorOptions | [MenuItem](menu-item.md))[]
+- `template` (MenuItemConstructorOptions | MenuItem)[]

-Returns [`Menu`](menu.md)
+Returns `Menu`

 Generally, the `template` is an array of `options` for constructing a
 [MenuItem](menu-item.md). The usage can be referenced above.
@@ -123,7 +118,7 @@ Appends the `menuItem` to the menu.

 - `id` string

-Returns [`MenuItem | null`](menu-item.md) - the item with the specified `id`
+Returns `MenuItem | null` the item with the specified `id`

 #### `menu.insert(pos, menuItem)`

--- a/docs/api/native-image.md
+++ b/docs/api/native-image.md
@@ -202,7 +202,8 @@ Creates a new `NativeImage` instance from `dataUrl`, a base 64 encoded [Data URL
 Returns `NativeImage`

 Creates a new `NativeImage` instance from the `NSImage` that maps to the
-given image name. See Apple's [`NSImageName`](https://developer.apple.com/documentation/appkit/nsimagename#2901388) documentation and [SF Symbols](https://developer.apple.com/sf-symbols/) for a list of possible values.
+given image name. See Apple's [`NSImageName`](https://developer.apple.com/documentation/appkit/nsimagename#2901388)
+documentation for a list of possible values.

 The `hslShift` is applied to the image with the following rules:

@@ -230,15 +231,6 @@ echo -e '#import <Cocoa/Cocoa.h>\nint main() { NSLog(@"%@", SYSTEM_IMAGE_NAME);

 where `SYSTEM_IMAGE_NAME` should be replaced with any value from [this list](https://developer.apple.com/documentation/appkit/nsimagename?language=objc).

-For SF Symbols, usage looks as follows:
-
-```js
-const image = nativeImage.createFromNamedImage('square.and.pencil')
-```
-
-where `'square.and.pencil'` is the symbol name from the
-[SF Symbols app](https://developer.apple.com/sf-symbols/).
-
 ## Class: NativeImage

 > Natively wrap images such as tray, dock, and application icons.
--- a/docs/api/native-theme.md
+++ b/docs/api/native-theme.md
@@ -36,7 +36,7 @@ everything will be reset to the OS default.  By default `themeSource` is `system
 Settings this property to `dark` will have the following effects:

 * `nativeTheme.shouldUseDarkColors` will be `true` when accessed
-* Any UI Electron renders on Linux and Windows including context menus, DevTools, etc. will use the dark UI.
+* Any UI Electron renders on Linux and Windows including context menus, devtools, etc. will use the dark UI.
 * Any UI the OS renders on macOS including menus, window frames, etc. will use the dark UI.
 * The [`prefers-color-scheme`](https://developer.mozilla.org/en-US/docs/Web/CSS/@media/prefers-color-scheme) CSS query will match `dark` mode.
 * The `updated` event will be emitted
@@ -44,7 +44,7 @@ Settings this property to `dark` will have the following effects:
 Settings this property to `light` will have the following effects:

 * `nativeTheme.shouldUseDarkColors` will be `false` when accessed
-* Any UI Electron renders on Linux and Windows including context menus, DevTools, etc. will use the light UI.
+* Any UI Electron renders on Linux and Windows including context menus, devtools, etc. will use the light UI.
 * Any UI the OS renders on macOS including menus, window frames, etc. will use the light UI.
 * The [`prefers-color-scheme`](https://developer.mozilla.org/en-US/docs/Web/CSS/@media/prefers-color-scheme) CSS query will match `light` mode.
 * The `updated` event will be emitted
--- a/docs/api/process.md
+++ b/docs/api/process.md
@@ -71,7 +71,7 @@ will disable the support for `asar` archives in Node's built-in modules.

 ### `process.noDeprecation`

-A `boolean` (optional) that controls whether or not deprecation warnings are printed to `stderr`.
+A `boolean` that controls whether or not deprecation warnings are printed to `stderr`.
 Setting this to `true` will silence deprecation warnings. This property is used
 instead of the `--no-deprecation` command line flag.

@@ -128,8 +128,8 @@ A `string` representing Electron's version string.

 ### `process.windowsStore` _Readonly_

-A `boolean`. If the app is running as an MSIX package (including AppX for Windows Store),
-this property is `true`, otherwise it is `undefined`.
+A `boolean`. If the app is running as a Windows Store app (appx), this property is `true`,
+for otherwise it is `undefined`.

 ### `process.contextId` _Readonly_

--- a/docs/api/session.md
+++ b/docs/api/session.md
@@ -66,7 +66,7 @@ The `session` module has the following properties:

 ### `session.defaultSession`

-A `Session` object, the default session object of the app, available after `app.whenReady` is called.
+A `Session` object, the default session object of the app.

 ## Class: Session

@@ -1512,7 +1512,7 @@ will not work on non-persistent (in-memory) sessions.
 * `options` Object (optional)
  * `allowFileAccess` boolean - Whether to allow the extension to read local files over `file://`
    protocol and inject content scripts into `file://` pages. This is required e.g. for loading
-    DevTools extensions on `file://` URLs. Defaults to false.
+    devtools extensions on `file://` URLs. Defaults to false.

 Returns `Promise<Extension>` - resolves when the extension is loaded.

@@ -1538,7 +1538,7 @@ const path = require('node:path')
 app.whenReady().then(async () => {
  await session.defaultSession.loadExtension(
    path.join(__dirname, 'react-devtools'),
-    // allowFileAccess is required to load the DevTools extension on file:// URLs.
+    // allowFileAccess is required to load the devtools extension on file:// URLs.
    { allowFileAccess: true }
  )
  // Note that in order to use the React DevTools extension, you'll need to
--- a/docs/api/share-menu.md
+++ b/docs/api/share-menu.md
@@ -9,13 +9,6 @@ For including the share menu as a submenu of other menus, please use the

 ## Class: ShareMenu

-<!--
-```YAML history
-added:
-  - pr-url: https://github.com/electron/electron/pull/25629
-```
-->
-
 > Create share menu on macOS.

 Process: [Main](../glossary.md#main-process)
--- a/docs/api/shared-texture.md
+++ b/docs/api/shared-texture.md
@@ -1,58 +0,0 @@
-# sharedTexture
-
-> Import shared textures into Electron and converts platform specific handles into [`VideoFrame`](https://developer.mozilla.org/en-US/docs/Web/API/VideoFrame). Supports all Web rendering systems, and can be transferred across Electron processes. Read [here](https://github.com/electron/electron/blob/main/shell/common/api/shared_texture/README.md) for more information.
-
-Process: [Main](../glossary.md#main-process), [Renderer](../glossary.md#renderer-process)
-
-## Methods
-
-The `sharedTexture` module has the following methods:
-
-**Note:** Experimental APIs are marked as such and could be removed in the future.
-
-### `sharedTexture.importSharedTexture(options)` _Experimental_
-
-* `options` Object - Options for importing shared textures.
-  * `textureInfo` [SharedTextureImportTextureInfo](structures/shared-texture-import-texture-info.md) - The information of the shared texture to import.
-  * `allReferencesReleased` Function (optional) - Called when all references in all processes are released. You should keep the imported texture valid until this callback is called.
-
-Imports the shared texture from the given options.
-
-> [!NOTE]
-> This method is only available in the main process.
-
-Returns [`SharedTextureImported`](structures/shared-texture-imported.md) - The imported shared texture.
-
-### `sharedTexture.sendSharedTexture(options, ...args)` _Experimental_
-
-* `options` Object - Options for sending shared texture.
-  * `frame` [WebFrameMain](web-frame-main.md) - The target frame to transfer the shared texture to. For `WebContents`, you can pass `webContents.mainFrame`. If you provide a `webFrameMain` that is not a main frame, you'll need to enable `webPreferences.nodeIntegrationInSubFrames` for this, since this feature requires [IPC](https://www.electronjs.org/docs/latest/api/web-frame-main#frameipc-readonly) between main and the frame.
-  * `importedSharedTexture` [SharedTextureImported](structures/shared-texture-imported.md) - The imported shared texture.
-* `...args` any[] - Additional arguments to pass to the renderer process.
-
-Send the imported shared texture to a renderer process. You must register a receiver at renderer process before calling this method. This method has a 1000ms timeout. Ensure the receiver is set and the renderer process is alive before calling this method.
-
-> [!NOTE]
-> This method is only available in the main process.
-
-Returns `Promise<void>` - Resolves when the transfer is complete.
-
-### `sharedTexture.setSharedTextureReceiver(callback)` _Experimental_
-
-* `callback` Function\<Promise\<void\>\> - The function to receive the imported shared texture.
-  * `receivedSharedTextureData` Object - The data received from the main process.
-    * `importedSharedTexture` [SharedTextureImported](structures/shared-texture-imported.md) - The imported shared texture.
-  * `...args` any[] - Additional arguments passed from the main process.
-
-Set a callback to receive imported shared textures from the main process.
-
-> [!NOTE]
-> This method is only available in the renderer process.
-
-## Properties
-
-The `sharedTexture` module has the following properties:
-
-### `sharedTexture.subtle` _Experimental_
-
-A [`SharedTextureSubtle`](structures/shared-texture-subtle.md) property, provides subtle APIs for interacting with shared texture for advanced users.
--- a/docs/api/shell.md
+++ b/docs/api/shell.md
@@ -29,14 +29,6 @@ Show the given file in a file manager. If possible, select the file.

 ### `shell.openPath(path)`

-<!--
-```YAML history
-added:
-  - pr-url: https://github.com/electron/electron/pull/20682
-    breaking-changes-header: api-changed-shellopenitem-is-now-shellopenpath
-```
-->
-
 * `path` string

 Returns `Promise<string>` - Resolves with a string containing the error message corresponding to the failure if a failure occurred, otherwise "".
@@ -45,18 +37,6 @@ Open the given file in the desktop's default manner.

 ### `shell.openExternal(url[, options])`

-<!--
-```YAML history
-changes:
-  - pr-url: https://github.com/electron/electron/pull/4508
-    description: "Added `activate` option."
-  - pr-url: https://github.com/electron/electron/pull/15065
-    description: "Added `workingDirectory` option."
-  - pr-url: https://github.com/electron/electron/pull/37139
-    description: "Added `logUsage` option."
-```
-->
-
 * `url` string - Max 2081 characters on Windows.
 * `options` Object (optional)
  * `activate` boolean (optional) _macOS_ - `true` to bring the opened application to the foreground. The default is `true`.
@@ -70,14 +50,6 @@ Open the given external protocol URL in the desktop's default manner. (For examp

 ### `shell.trashItem(path)`

-<!--
-```YAML history
-added:
-  - pr-url: https://github.com/electron/electron/pull/25114
-    breaking-changes-header: deprecated-shellmoveitemtotrash
-```
-->
-
 * `path` string - path to the item to be moved to the trash.

 Returns `Promise<void>` - Resolves when the operation has been completed.
@@ -86,10 +58,6 @@ Rejects if there was an error while deleting the requested item.
 This moves a path to the OS-specific trash location (Trash on macOS, Recycle
 Bin on Windows, and a desktop-environment-specific location on Linux).

-The path must use the default path separator for the platform (backslash on
-Windows). Use `path.resolve()` from the `node:path` module to ensure correct
-handling on all filesystems.
-
 ### `shell.beep()`

 Play the beep sound.
--- a/docs/api/structures/base-window-options.md
+++ b/docs/api/structures/base-window-options.md
@@ -72,9 +72,6 @@
  some GTK+3 desktop environments. Default is `false`.
 * `transparent` boolean (optional) - Makes the window [transparent](../../tutorial/custom-window-styles.md#transparent-windows).
  Default is `false`. On Windows, does not work unless the window is frameless.
-  When you add a [`View`](../view.md) to a `BaseWindow`, you'll need to call
-  [`view.setBackgroundColor`](../view.md#viewsetbackgroundcolorcolor) with a transparent
-  background color on that view to make its background transparent as well.
 * `type` string (optional) - The type of window, default is normal window. See more about
  this below.
 * `visualEffectState` string (optional) _macOS_ - Specify how the material
@@ -102,9 +99,9 @@
 * `trafficLightPosition` [Point](point.md) (optional) _macOS_ -
  Set a custom position for the traffic light buttons in frameless windows.
 * `roundedCorners` boolean (optional) _macOS_ _Windows_ - Whether frameless window
-  should have rounded corners. Default is `true`. On Windows versions older than
-  Windows 11 Build 22000 this property has no effect, and frameless windows will
-  not have rounded corners.
+  should have rounded corners. Default is `true`. Setting this property
+  to `false` will prevent the window from being fullscreenable on macOS.
+  On Windows versions older than Windows 11 Build 22000 this property has no effect, and frameless windows will not have rounded corners.
 * `thickFrame` boolean (optional) _Windows_ - Use `WS_THICKFRAME` style for
  frameless windows on Windows, which adds the standard window frame. Setting it
  to `false` will remove window shadow and window animations, and disable window
--- a/docs/api/structures/color-space.md
+++ b/docs/api/structures/color-space.md
@@ -1,195 +0,0 @@
-# ColorSpace Object
-
-* `primaries` string - The color primaries of the color space. Can be one of the following values:
-  * `bt709` - BT709 primaries (also used for sRGB)
-  * `bt470m` - BT470M primaries
-  * `bt470bg` - BT470BG primaries
-  * `smpte170m` - SMPTE170M primaries
-  * `smpte240m` - SMPTE240M primaries
-  * `film` - Film primaries
-  * `bt2020` - BT2020 primaries
-  * `smptest428-1` - SMPTEST428-1 primaries
-  * `smptest431-2` - SMPTEST431-2 primaries
-  * `p3` - P3 primaries
-  * `xyz-d50` - XYZ D50 primaries
-  * `adobe-rgb` - Adobe RGB primaries
-  * `apple-generic-rgb` - Apple Generic RGB primaries
-  * `wide-gamut-color-spin` - Wide Gamut Color Spin primaries
-  * `ebu-3213-e` - EBU 3213-E primaries
-  * `custom` - Custom primaries
-  * `invalid` - Invalid primaries
-
-* `transfer` string - The transfer function of the color space. Can be one of the following values:
-  * `bt709` - BT709 transfer function
-  * `bt709-apple` - BT709 Apple transfer function
-  * `gamma18` - Gamma 1.8 transfer function
-  * `gamma22` - Gamma 2.2 transfer function
-  * `gamma24` - Gamma 2.4 transfer function
-  * `gamma28` - Gamma 2.8 transfer function
-  * `smpte170m` - SMPTE170M transfer function
-  * `smpte240m` - SMPTE240M transfer function
-  * `linear` - Linear transfer function
-  * `log` - Log transfer function
-  * `log-sqrt` - Log Square Root transfer function
-  * `iec61966-2-4` - IEC61966-2-4 transfer function
-  * `bt1361-ecg` - BT1361 ECG transfer function
-  * `srgb` - sRGB transfer function
-  * `bt2020-10` - BT2020-10 transfer function
-  * `bt2020-12` - BT2020-12 transfer function
-  * `pq` - PQ (Perceptual Quantizer) transfer function
-  * `smptest428-1` - SMPTEST428-1 transfer function
-  * `hlg` - HLG (Hybrid Log-Gamma) transfer function
-  * `srgb-hdr` - sRGB HDR transfer function
-  * `linear-hdr` - Linear HDR transfer function
-  * `custom` - Custom transfer function
-  * `custom-hdr` - Custom HDR transfer function
-  * `scrgb-linear-80-nits` - scRGB Linear 80 nits transfer function
-  * `invalid` - Invalid transfer function
-
-* `matrix` string - The color matrix of the color space. Can be one of the following values:
-  * `rgb` - RGB matrix
-  * `bt709` - BT709 matrix
-  * `fcc` - FCC matrix
-  * `bt470bg` - BT470BG matrix
-  * `smpte170m` - SMPTE170M matrix
-  * `smpte240m` - SMPTE240M matrix
-  * `ycocg` - YCoCg matrix
-  * `bt2020-ncl` - BT2020 NCL matrix
-  * `ydzdx` - YDzDx matrix
-  * `gbr` - GBR matrix
-  * `invalid` - Invalid matrix
-
-* `range` string - The color range of the color space. Can be one of the following values:
-  * `limited` - Limited color range (RGB values ranging from 16 to 235)
-  * `full` - Full color range (RGB values from 0 to 255)
-  * `derived` - Range defined by the transfer function and matrix
-  * `invalid` - Invalid range
-
-## Common `ColorSpace` definitions
-
-### Standard Color Spaces
-
-**sRGB**:
-
-  ```js
-  const cs = {
-    primaries: 'bt709',
-    transfer: 'srgb',
-    matrix: 'rgb',
-    range: 'full'
-  }
-  ```
-
-**Display P3**:
-
-  ```js
-  const cs = {
-    primaries: 'p3',
-    transfer: 'srgb',
-    matrix: 'rgb',
-    range: 'full'
-  }
-  ```
-
-**XYZ D50**:
-
-  ```js
-  const cs = {
-    primaries: 'xyz-d50',
-    transfer: 'linear',
-    matrix: 'rgb',
-    range: 'full'
-  }
-  ```
-
-### HDR Color Spaces
-
-**Extended sRGB** (extends sRGB to all real values):
-
-  ```js
-  const cs = {
-    primaries: 'bt709',
-    transfer: 'srgb-hdr',
-    matrix: 'rgb',
-    range: 'full'
-  }
-  ```
-
-**scRGB Linear** (linear transfer function for all real values):
-
-  ```js
-  const cs = {
-    primaries: 'bt709',
-    transfer: 'linear-hdr',
-    matrix: 'rgb',
-    range: 'full'
-  }
-  ```
-
-**scRGB Linear 80 Nits** (with an SDR white level of 80 nits):
-
-  ```js
-  const cs = {
-    primaries: 'bt709',
-    transfer: 'scrgb-linear-80-nits',
-    matrix: 'rgb',
-    range: 'full'
-  }
-  ```
-
-**HDR10** (BT.2020 primaries with PQ transfer function):
-
-  ```js
-  const cs = {
-    primaries: 'bt2020',
-    transfer: 'pq',
-    matrix: 'rgb',
-    range: 'full'
-  }
-  ```
-
-**HLG** (BT.2020 primaries with HLG transfer function):
-
-  ```js
-  const cs = {
-    primaries: 'bt2020',
-    transfer: 'hlg',
-    matrix: 'rgb',
-    range: 'full'
-  }
-  ```
-
-### Video Color Spaces
-
-**Rec. 601** (SDTV):
-
-  ```js
-  const cs = {
-    primaries: 'smpte170m',
-    transfer: 'smpte170m',
-    matrix: 'smpte170m',
-    range: 'limited'
-  }
-  ```
-
-**Rec. 709** (HDTV):
-
-  ```js
-  const cs = {
-    primaries: 'bt709',
-    transfer: 'bt709',
-    matrix: 'bt709',
-    range: 'limited'
-  }
-  ```
-
-**JPEG** (typical color space for JPEG images):
-
-  ```js
-  const cs = {
-    primaries: 'bt709',
-    transfer: 'srgb',
-    matrix: 'smpte170m',
-    range: 'full'
-  }
-  ```
--- a/docs/api/structures/offscreen-shared-texture.md
+++ b/docs/api/structures/offscreen-shared-texture.md
@@ -2,13 +2,9 @@

 * `textureInfo` Object - The shared texture info.
  * `widgetType` string - The widget type of the texture. Can be `popup` or `frame`.
-  * `pixelFormat` string - The pixel format of the texture.
-    * `rgba` - The texture format is 8-bit unorm RGBA.
-    * `bgra` - The texture format is 8-bit unorm BGRA.
-    * `rgbaf16` - The texture format is 16-bit float RGBA.
+  * `pixelFormat` string - The pixel format of the texture. Can be `rgba` or `bgra`.
  * `codedSize` [Size](size.md) - The full dimensions of the video frame.
-  * `colorSpace` [ColorSpace](color-space.md) - The color space of the video frame.
-  * `visibleRect` [Rectangle](rectangle.md) - A subsection of [0, 0, codedSize.width, codedSize.height]. In OSR case, it is expected to have the full section area.
+  * `visibleRect` [Rectangle](rectangle.md) - A subsection of [0, 0, codedSize.width(), codedSize.height()]. In OSR case, it is expected to have the full section area.
  * `contentRect` [Rectangle](rectangle.md) - The region of the video frame that capturer would like to populate. In OSR case, it is the same with `dirtyRect` that needs to be painted.
  * `timestamp` number - The time in microseconds since the capture start.
  * `metadata` Object - Extra metadata. See comments in src\media\base\video_frame_metadata.h for accurate details.
@@ -16,6 +12,13 @@
    * `regionCaptureRect` [Rectangle](rectangle.md) (optional) - May reflect the frame's contents origin if region capture is used internally.
    * `sourceSize` [Rectangle](rectangle.md) (optional) - Full size of the source frame.
    * `frameCount` number (optional) - The increasing count of captured frame. May contain gaps if frames are dropped between two consecutively received frames.
-  * `handle` [SharedTextureHandle](shared-texture-handle.md) - The shared texture handle data.
+  * `sharedTextureHandle` Buffer _Windows_ _macOS_ - The handle to the shared texture.
+  * `planes` Object[] _Linux_ - Each plane's info of the shared texture.
+    * `stride` number - The strides and offsets in bytes to be used when accessing the buffers via a memory mapping. One per plane per entry.
+    * `offset` number - The strides and offsets in bytes to be used when accessing the buffers via a memory mapping. One per plane per entry.
+    * `size` number - Size in bytes of the plane. This is necessary to map the buffers.
+    * `fd` number - File descriptor for the underlying memory object (usually dmabuf).
+  * `modifier` string _Linux_ - The modifier is retrieved from GBM library and passed to EGL driver.
 * `release` Function - Release the resources. The `texture` cannot be directly passed to another process, users need to maintain texture lifecycles in
-  main process, but it is safe to pass the `textureInfo` to another process. Only a limited number of textures can exist at the same time, so it's important that you call `texture.release()` as soon as you're done with the texture.
+  main process, but it is safe to pass the `textureInfo` to another process. Only a limited number of textures can exist at the same time, so it's important
+  that you call `texture.release()` as soon as you're done with the texture.
--- a/docs/api/structures/render-process-gone-details.md
+++ b/docs/api/structures/render-process-gone-details.md
@@ -8,7 +8,6 @@
  * `oom` - Process ran out of memory
  * `launch-failed` - Process never successfully launched
  * `integrity-failure` - Windows code integrity checks failed
-  * `memory-eviction` - Process proactively terminated to prevent a future out-of-memory (OOM) situation
 * `exitCode` Integer - The exit code of the process, unless `reason` is
  `launch-failed`, in which case `exitCode` will be a platform-specific
  launch failure error code.
--- a/docs/api/structures/shared-texture-handle.md
+++ b/docs/api/structures/shared-texture-handle.md
@@ -1,12 +0,0 @@
-# SharedTextureHandle Object
-
-* `ntHandle` Buffer (optional) _Windows_ - NT HANDLE holds the shared texture. Note that this NT HANDLE is local to current process.
-* `ioSurface` Buffer (optional) _macOS_ - IOSurfaceRef holds the shared texture. Note that this IOSurface is local to current process (not global).
-* `nativePixmap` Object (optional) _Linux_ - Structure contains planes of shared texture.
-  * `planes` Object[] _Linux_ - Each plane's info of the shared texture.
-    * `stride` number - The strides and offsets in bytes to be used when accessing the buffers via a memory mapping. One per plane per entry.
-    * `offset` number - The strides and offsets in bytes to be used when accessing the buffers via a memory mapping. One per plane per entry.
-    * `size` number - Size in bytes of the plane. This is necessary to map the buffers.
-    * `fd` number - File descriptor for the underlying memory object (usually dmabuf).
-  * `modifier` string _Linux_ - The modifier is retrieved from GBM library and passed to EGL driver.
-  * `supportsZeroCopyWebGpuImport` boolean _Linux_ - Indicates whether supports zero copy import to WebGPU.
--- a/docs/api/structures/shared-texture-import-texture-info.md
+++ b/docs/api/structures/shared-texture-import-texture-info.md
@@ -1,13 +0,0 @@
-# SharedTextureImportTextureInfo Object
-
-* `pixelFormat` string - The pixel format of the texture.
-  * `bgra` - 32bpp BGRA (byte-order), 1 plane.
-  * `rgba` - 32bpp RGBA (byte-order), 1 plane.
-  * `rgbaf16` - Half float RGBA, 1 plane.
-  * `nv12` - 12bpp with Y plane followed by a 2x2 interleaved UV plane.
-  * `p010le` - 4:2:0 10-bit YUV (little-endian), Y plane followed by a 2x2 interleaved UV plane.
-* `colorSpace` [ColorSpace](color-space.md) (optional) - The color space of the texture.
-* `codedSize` [Size](size.md) - The full dimensions of the shared texture.
-* `visibleRect` [Rectangle](rectangle.md) (optional) - A subsection of [0, 0, codedSize.width, codedSize.height]. In common cases, it is the full section area.
-* `timestamp` number (optional) - A timestamp in microseconds that will be reflected to `VideoFrame`.
-* `handle` [SharedTextureHandle](shared-texture-handle.md) - The shared texture handle.
--- a/docs/api/structures/shared-texture-imported-subtle.md
+++ b/docs/api/structures/shared-texture-imported-subtle.md
@@ -1,9 +0,0 @@
-# SharedTextureImportedSubtle Object
-
-* `getVideoFrame` Function\<[VideoFrame](https://developer.mozilla.org/en-US/docs/Web/API/VideoFrame)\> - Create a `VideoFrame` that uses the imported shared texture in the current process. You can call `VideoFrame.close()` once you've finished using the object. The underlying resources will wait for GPU finish internally.
-* `release` Function - Release the resources. If you transferred and get multiple `SharedTextureImported` objects, you have to `release` every one of them. The resource on the GPU process will be destroyed when the last one is released.
-  * `callback` Function (optional) - Callback when the GPU command buffer finishes using this shared texture. It provides a precise event to safely release dependent resources. For example, if this object is created by `finishTransferSharedTexture`, you can use this callback to safely release the original one that called `startTransferSharedTexture` in other processes. You can also release the source shared texture that was used to `importSharedTexture` safely.
-* `startTransferSharedTexture` Function\<[SharedTextureTransfer](shared-texture-transfer.md)\> - Create a `SharedTextureTransfer` that can be serialized and transferred to other processes.
-* `getFrameCreationSyncToken` Function\<[SharedTextureSyncToken](shared-texture-sync-token.md)\> - This method is for advanced users. If used, it is typically called after `finishTransferSharedTexture`, and should be passed to the object which was called `startTransferSharedTexture` to prevent the source object release the underlying resource before the target object actually acquire the reference at gpu process asyncly.
-* `setReleaseSyncToken` Function - This method is for advanced users. If used, this object's underlying resource will not be released until the set sync token is fulfilled at gpu process. By using sync tokens, users are not required to use release callbacks for lifetime management.
-  * `syncToken` [SharedTextureSyncToken](shared-texture-sync-token.md) - The sync token to set.
--- a/docs/api/structures/shared-texture-imported.md
+++ b/docs/api/structures/shared-texture-imported.md
@@ -1,6 +0,0 @@
-# SharedTextureImported Object
-
-* `textureId` string - The unique identifier of the imported shared texture.
-* `getVideoFrame` Function\<[VideoFrame](https://developer.mozilla.org/en-US/docs/Web/API/VideoFrame)\> - Create a `VideoFrame` that uses the imported shared texture in the current process. You can call `VideoFrame.close()` once you've finished using the object. The underlying resources will wait for GPU finish internally.
-* `release` Function - Release this object's reference of the imported shared texture. The underlying resource will be alive until every reference is released.
-* `subtle` [SharedTextureImportedSubtle](shared-texture-imported-subtle.md) - Provides subtle APIs to interact with the imported shared texture for advanced users.
--- a/docs/api/structures/shared-texture-subtle.md
+++ b/docs/api/structures/shared-texture-subtle.md
@@ -1,6 +0,0 @@
-# SharedTextureSubtle Object
-
-* `importSharedTexture` Function\<[SharedTextureImportedSubtle](shared-texture-imported-subtle.md)\> - Imports the shared texture from the given options. Returns the imported shared texture.
-  * `textureInfo` [SharedTextureImportTextureInfo](shared-texture-import-texture-info.md) - The information of shared texture to import.
-* `finishTransferSharedTexture` Function\<[SharedTextureImportedSubtle](shared-texture-imported-subtle.md)\> - Finishes the transfer of the shared texture and gets the transferred shared texture. Returns the imported shared texture from the transfer object.
-  * `transfer` [SharedTextureTransfer](shared-texture-transfer.md) - The transfer object of the shared texture.
--- a/docs/api/structures/shared-texture-sync-token.md
+++ b/docs/api/structures/shared-texture-sync-token.md
@@ -1,3 +0,0 @@
-# SharedTextureSyncToken Object
-
-* `syncToken` string - The opaque data for sync token.
--- a/docs/api/structures/shared-texture-transfer.md
+++ b/docs/api/structures/shared-texture-transfer.md
@@ -1,10 +0,0 @@
-# SharedTextureTransfer Object
-
-* `transfer` string _Readonly_ - The opaque transfer data of the shared texture. This can be transferred across Electron processes.
-* `syncToken` string _Readonly_ - The opaque sync token data for frame creation.
-* `pixelFormat` string _Readonly_ - The pixel format of the transferring texture.
-* `codedSize` [Size](size.md) _Readonly_ - The full dimensions of the shared texture.
-* `visibleRect` [Rectangle](rectangle.md) _Readonly_ - A subsection of [0, 0, codedSize.width(), codedSize.height()]. In common cases, it is the full section area.
-* `timestamp` number _Readonly_ - A timestamp in microseconds that will be reflected to `VideoFrame`.
-
-Use `sharedTexture.subtle.finishTransferSharedTexture` to get [`SharedTextureImportedSubtle`](shared-texture-imported-subtle.md) back.
--- a/docs/api/structures/usb-device.md
+++ b/docs/api/structures/usb-device.md
@@ -1,35 +1,17 @@
 # USBDevice Object

-* `configuration` Object (optional) - A [USBConfiguration](https://developer.mozilla.org/en-US/docs/Web/API/USBConfiguration) object containing information about the currently selected configuration of a USB device.
-  * `configurationValue` Integer - the configuration value of this configuration.
-  * `configurationName` string - the name provided by the device to describe this configuration.
-  * `interfaces` Object[] - An array of [USBInterface](https://developer.mozilla.org/en-US/docs/Web/API/USBInterface) objects containing information about an interface provided by the USB device.
-    * `interfaceNumber` Integer - the interface number of this interface.
-    * `alternate` Object - the currently selected alternative configuration of this interface.
-      * `alternateSetting` Integer - the alternate setting number of this interface.
-      * `interfaceClass` Integer - the class of this interface. See [USB.org](https://www.usb.org/defined-class-codes) for class code descriptions.
-      * `interfaceSubclass` Integer - the subclass of this interface.
-      * `interfaceProtocol` Integer - the protocol supported by this interface.
-      * `interfaceName` string (optional) - the name of the interface, if one is provided by the device.
-      * `endpoints` Object[] - an array containing instances of the [USBEndpoint interface](https://developer.mozilla.org/en-US/docs/Web/API/USBEndpoint) describing each of the endpoints that are part of this interface.
-        * `endpointNumber` Integer - this endpoint's "endpoint number" which is a value from 1 to 15.
-        * `direction` string - the direction in which this endpoint transfers data - can be either 'in' or 'out'.
-        * `type` string - the type of this endpoint - can be either 'bulk', 'interrupt', or 'isochronous'.
-        * `packetSize` Integer - the size of the packets that data sent through this endpoint will be divided into.
-    * `alternates` Object[] - an array containing instances of the [USBAlternateInterface](https://developer.mozilla.org/en-US/docs/Web/API/USBAlternateInterface) interface describing each of the alternative configurations possible for this interface.
-* `configurations` Object[] - An array of [USBConfiguration](https://developer.mozilla.org/en-US/docs/Web/API/USBConfiguration) interfaces for controlling a paired USB device.
-* `deviceClass` Integer - The device class for the communication interface supported by the device.
 * `deviceId` string - Unique identifier for the device.
-* `deviceProtocol` Integer - The device protocol for the communication interface supported by the device.
-* `deviceSubclass` Integer - The device subclass for the communication interface supported by the device.
-* `deviceVersionMajor` Integer - The major version number of the device as defined by the device manufacturer.
-* `deviceVersionMinor` Integer - The minor version number of the device as defined by the device manufacturer.
-* `deviceVersionSubminor` Integer - The subminor version number of the device as defined by the device manufacturer.
-* `manufacturerName` string (optional) - The manufacturer name of the device.
+* `vendorId` Integer - The USB vendor ID.
 * `productId` Integer - The USB product ID.
 * `productName` string (optional) - Name of the device.
 * `serialNumber` string (optional) - The USB device serial number.
-* `usbVersionMajor` Integer - The USB protocol major version supported by the device.
-* `usbVersionMinor` Integer - The USB protocol minor version supported by the device.
-* `usbVersionSubminor` Integer - The USB protocol subminor version supported by the device.
-* `vendorId` Integer - The USB vendor ID.
+* `manufacturerName` string (optional) - The manufacturer name of the device.
+* `usbVersionMajor` Integer - The USB protocol major version supported by the device
+* `usbVersionMinor` Integer - The USB protocol minor version supported by the device
+* `usbVersionSubminor` Integer - The USB protocol subminor version supported by the device
+* `deviceClass` Integer - The device class for the communication interface supported by the device
+* `deviceSubclass` Integer - The device subclass for the communication interface supported by the device
+* `deviceProtocol` Integer - The device protocol for the communication interface supported by the device
+* `deviceVersionMajor` Integer - The major version number of the device as defined by the device manufacturer.
+* `deviceVersionMinor` Integer - The minor version number of the device as defined by the device manufacturer.
+* `deviceVersionSubminor` Integer - The subminor version number of the device as defined by the device manufacturer.
--- a/docs/api/structures/web-preferences.md
+++ b/docs/api/structures/web-preferences.md
@@ -89,12 +89,6 @@
     paint event. Defaults to `false`. See the
    [offscreen rendering tutorial](../../tutorial/offscreen-rendering.md) for
    more details.
-  * `sharedTexturePixelFormat` string (optional) _Experimental_ - The requested output format of the shared texture. Defaults to `argb`.
-    The name is originated from Chromium [`media::VideoPixelFormat`](https://source.chromium.org/chromium/chromium/src/+/main:media/base/video_types.h) enum suffix and only subset of them are supported.
-    The actual output pixel format and color space of the texture should refer to [`OffscreenSharedTexture`](../structures/offscreen-shared-texture.md) object in the `paint` event.
-    * `argb` - The requested output texture format is 8-bit unorm RGBA, with SRGB SDR color space.
-    * `rgbaf16` - The requested output texture format is 16-bit float RGBA, with scRGB HDR color space.
-  * `deviceScaleFactor` number (optional) _Experimental_ - The device scale factor of the offscreen rendering output. If not set, will use primary display's scale factor as default.
 * `contextIsolation` boolean (optional) - Whether to run Electron APIs and
  the specified `preload` script in a separate JavaScript context. Defaults
  to `true`. The context that the `preload` script runs in will only have
@@ -157,8 +151,6 @@
  `WebContents` when the preferred size changes. Default is `false`.
 * `transparent` boolean (optional) - Whether to enable background transparency for the guest page. Default is `true`. **Note:** The guest page's text and background colors are derived from the [color scheme](https://developer.mozilla.org/en-US/docs/Web/CSS/color-scheme) of its root element. When transparency is enabled, the text color will still change accordingly but the background will remain transparent.
 * `enableDeprecatedPaste` boolean (optional) _Deprecated_ - Whether to enable the `paste` [execCommand](https://developer.mozilla.org/en-US/docs/Web/API/Document/execCommand). Default is `false`.
-* `focusOnNavigation` boolean (optional) - Whether to focus the WebContents
-  when navigating. Default is `true`.

 [chrome-content-scripts]: https://developer.chrome.com/extensions/content_scripts#execution-environment
 [runtime-enabled-features]: https://source.chromium.org/chromium/chromium/src/+/main:third_party/blink/renderer/platform/runtime_enabled_features.json5
--- a/docs/api/system-preferences.md
+++ b/docs/api/system-preferences.md
@@ -14,7 +14,7 @@ console.log(systemPreferences.getEffectiveAppearance())

 The `systemPreferences` object emits the following events:

-### Event: 'accent-color-changed' _Windows_ _Linux_
+### Event: 'accent-color-changed' _Windows_

 Returns:

@@ -182,7 +182,7 @@ Some popular `key` and `type`s are:
 Removes the `key` in `NSUserDefaults`. This can be used to restore the default
 or global value of a `key` previously set with `setUserDefault`.

-### `systemPreferences.getAccentColor()`
+### `systemPreferences.getAccentColor()` _Windows_ _macOS_

 Returns `string` - The users current system wide accent color preference in RGBA
 hexadecimal form.
--- a/docs/api/utility-process.md
+++ b/docs/api/utility-process.md
@@ -36,12 +36,6 @@ Process: [Main](../glossary.md#main-process)<br />
    `com.apple.security.cs.allow-unsigned-executable-memory` entitlements. This will allow the utility process
    to load unsigned libraries. Unless you specifically need this capability, it is best to leave this disabled.
    Default is `false`.
-  * `disclaim` boolean (optional) _macOS_ - With this flag, the utility process will disclaim
-    responsibility for the child process. This causes the operating system to consider the child
-    process as a separate entity for purposes of security policies like Transparency, Consent, and
-    Control (TCC). When responsibility is disclaimed, the parent process will not be attributed
-    for any TCC requests initiated by the child process. This is useful when launching processes
-    that run third-party or otherwise untrusted code. Default is `false`.
  * `respondToAuthRequestsFromMainProcess` boolean (optional) - With this flag, all HTTP 401 and 407 network
    requests created via the [net module](net.md) will allow responding to them via the
    [`app#login`](app.md#event-login) event in the main process instead of the default
--- a/docs/api/view.md
+++ b/docs/api/view.md
@@ -62,17 +62,9 @@ it becomes the topmost view.

 If the view passed as a parameter is not a child of this view, this method is a no-op.

-#### `view.setBounds(bounds[, options])`
+#### `view.setBounds(bounds)`

 * `bounds` [Rectangle](structures/rectangle.md) - New bounds of the View.
-* `options` Object (optional) - Options for setting the bounds.
-  * `animate` boolean | Object (optional) - If true, the bounds change will be animated. If an object is passed, it can contain the following properties:
-    * `duration` Integer (optional) - Duration of the animation in milliseconds. Default is `250`.
-    * `easing` string (optional) - Easing function for the animation. Default is `linear`.
-      * `linear`
-      * `ease-in`
-      * `ease-out`
-      * `ease-in-out`

 #### `view.getBounds()`

--- a/docs/api/web-contents.md
+++ b/docs/api/web-contents.md
@@ -62,7 +62,7 @@ console.log(webContents)
 ### `webContents.getAllWebContents()`

 Returns `WebContents[]` - An array of all `WebContents` instances. This will contain web contents
-for all windows, webviews, opened DevTools, and DevTools extension background pages.
+for all windows, webviews, opened devtools, and devtools extension background pages.

 ### `webContents.getFocusedWebContents()`

@@ -958,7 +958,7 @@ win.loadURL('https://github.com')

 #### Event: 'devtools-reload-page'

-Emitted when the DevTools window instructs the webContents to reload
+Emitted when the devtools window instructs the webContents to reload

 #### Event: 'will-attach-webview'

@@ -1079,7 +1079,7 @@ Emitted when the [mainFrame](web-contents.md#contentsmainframe-readonly), an `<i
 Returns `Promise<void>` - the promise will resolve when the page has finished loading
 (see [`did-finish-load`](web-contents.md#event-did-finish-load)), and rejects
 if the page fails to load (see
-[`did-fail-load`](web-contents.md#event-did-fail-load)). A noop rejection handler is already attached, which avoids unhandled rejection errors. If the existing page has a beforeUnload handler, [`did-fail-load`](web-contents.md#event-did-fail-load) will be called unless [`will-prevent-unload`](web-contents.md#event-did-fail-load) is handled.
+[`did-fail-load`](web-contents.md#event-did-fail-load)). A noop rejection handler is already attached, which avoids unhandled rejection errors.

 Loads the `url` in the window. The `url` must contain the protocol prefix,
 e.g. the `http://` or `file://`. If the load should bypass http cache then
@@ -1865,20 +1865,66 @@ Removes the specified path from DevTools workspace.

 * `devToolsWebContents` WebContents

-Uses the `devToolsWebContents` as the target `WebContents` to show DevTools.
+Uses the `devToolsWebContents` as the target `WebContents` to show devtools.

 The `devToolsWebContents` must not have done any navigation, and it should not
 be used for other purposes after the call.

-By default, Electron manages the DevTools by creating an internal `WebContents`
+By default Electron manages the devtools by creating an internal `WebContents`
 with native view, which developers have very limited control of. With the
 `setDevToolsWebContents` method, developers can use any `WebContents` to show
-the DevTools in it, such as [`BrowserWindow`](./browser-window.md) or [`WebContentsView`](./web-contents-view.md).
+the devtools in it, including `BrowserWindow`, `BrowserView` and `<webview>`
+tag.

-Note that closing the DevTools does not destroy the `devToolsWebContents`, it
-is the caller's responsibility to destroy `devToolsWebContents` manually.
+Note that closing the devtools does not destroy the `devToolsWebContents`, it
+is caller's responsibility to destroy `devToolsWebContents`.

-An example of showing DevTools in a `BrowserWindow`:
+An example of showing devtools in a `<webview>` tag:
+
+```html
+<html>
+<head>
+  <style type="text/css">
+    * { margin: 0; }
+    #browser { height: 70%; }
+    #devtools { height: 30%; }
+  </style>
+</head>
+<body>
+  <webview id="browser" src="https://github.com"></webview>
+  <webview id="devtools" src="about:blank"></webview>
+  <script>
+    const { ipcRenderer } = require('electron')
+    const emittedOnce = (element, eventName) => new Promise(resolve => {
+      element.addEventListener(eventName, event => resolve(event), { once: true })
+    })
+    const browserView = document.getElementById('browser')
+    const devtoolsView = document.getElementById('devtools')
+    const browserReady = emittedOnce(browserView, 'dom-ready')
+    const devtoolsReady = emittedOnce(devtoolsView, 'dom-ready')
+    Promise.all([browserReady, devtoolsReady]).then(() => {
+      const targetId = browserView.getWebContentsId()
+      const devtoolsId = devtoolsView.getWebContentsId()
+      ipcRenderer.send('open-devtools', targetId, devtoolsId)
+    })
+  </script>
+</body>
+</html>
+```
+
+```js
+// Main process
+const { ipcMain, webContents } = require('electron')
+
+ipcMain.on('open-devtools', (event, targetContentsId, devtoolsContentsId) => {
+  const target = webContents.fromId(targetContentsId)
+  const devtools = webContents.fromId(devtoolsContentsId)
+  target.setDevToolsWebContents(devtools)
+  target.openDevTools()
+})
+```
+
+An example of showing devtools in a `BrowserWindow`:

 ```js title='main.js'
 const { app, BrowserWindow } = require('electron')
@@ -1898,31 +1944,31 @@ app.whenReady().then(() => {
 #### `contents.openDevTools([options])`

 * `options` Object (optional)
-  * `mode` string - Opens the DevTools with specified dock state, can be
+  * `mode` string - Opens the devtools with specified dock state, can be
    `left`, `right`, `bottom`, `undocked`, `detach`. Defaults to last used dock state.
    In `undocked` mode it's possible to dock back. In `detach` mode it's not.
-  * `activate` boolean (optional) - Whether to bring the opened DevTools window
+  * `activate` boolean (optional) - Whether to bring the opened devtools window
    to the foreground. The default is `true`.
  * `title` string (optional) - A title for the DevTools window (only in `undocked` or `detach` mode).

-Opens the DevTools.
+Opens the devtools.

 When `contents` is a `<webview>` tag, the `mode` would be `detach` by default,
 explicitly passing an empty `mode` can force using last used dock state.

-On Windows, if Windows Control Overlay is enabled, DevTools will be opened with `mode: 'detach'`.
+On Windows, if Windows Control Overlay is enabled, Devtools will be opened with `mode: 'detach'`.

 #### `contents.closeDevTools()`

-Closes the DevTools view.
+Closes the devtools.

 #### `contents.isDevToolsOpened()`

-Returns `boolean` - Whether the DevTools view is opened.
+Returns `boolean` - Whether the devtools is opened.

 #### `contents.isDevToolsFocused()`

-Returns `boolean` - Whether the DevTools view is focused .
+Returns `boolean` - Whether the devtools view is focused .

 #### `contents.getDevToolsTitle()`

@@ -2168,7 +2214,7 @@ Returns `boolean` - If _offscreen rendering_ is enabled returns whether it is cu
 * `fps` Integer

 If _offscreen rendering_ is enabled sets the frame rate to the specified number.
-When `webPreferences.offscreen.useSharedTexture` is `false` only values between 1 and 240 are accepted.
+Only values between 1 and 240 are accepted.

 #### `contents.getFrameRate()`

@@ -2364,8 +2410,7 @@ A [`NavigationHistory`](navigation-history.md) used by this webContents.

 #### `contents.hostWebContents` _Readonly_

-A `WebContents | null` property that represents a [`WebContents`](web-contents.md)
-instance that might own this `WebContents`.
+A [`WebContents`](web-contents.md) instance that might own this `WebContents`.

 #### `contents.devToolsWebContents` _Readonly_

--- a/docs/api/web-frame.md
+++ b/docs/api/web-frame.md
@@ -197,7 +197,7 @@ dispatch errors of isolated worlds to foreign worlds.
 * `info` Object
  * `securityOrigin` string (optional) - Security origin for the isolated world.
  * `csp` string (optional) - Content Security Policy for the isolated world.
-  * `name` string (optional) - Name for isolated world. Useful in DevTools.
+  * `name` string (optional) - Name for isolated world. Useful in devtools.

 Set the security origin, content security policy and name of the isolated world.

--- a/Show More
+++ b/Show More