Bump v10.0.0-beta.19

* feat: add worldSafe flag for executeJS results

* chore: do not log warning for webContents.executeJS

* Apply suggestions from code review

Co-authored-by: Jeremy Rose <jeremya@chromium.org>

* chore: apply PR feedback

* chore: split logic a bit

* chore: allow primitives through the world safe checl

* chore: clean up per PR feedback

* chore: flip boolean logic

* chore: update per PR feedback

* chore: fix typo

* chore: fix spec

* Update web-frame.ts

Co-authored-by: Samuel Attard <samuel.r.attard@gmail.com>
Co-authored-by: Samuel Attard <sattard@slack-corp.com>
Co-authored-by: Jeremy Rose <jeremya@chromium.org>

.circleci/config.yml

@@ -231,7 +231,25 @@ step-gclient-sync: &step-gclient-sync
           $GCLIENT_EXTRA_ARGS \
           "$CIRCLE_REPOSITORY_URL"
 
-        gclient sync --with_branch_heads --with_tags
+        ELECTRON_USE_THREE_WAY_MERGE_FOR_PATCHES=1 gclient sync --with_branch_heads --with_tags
+        # Re-export all the patches to check if there were changes.
+        python src/electron/script/export_all_patches.py src/electron/patches/config.json
+        cd src/electron
+        git update-index --refresh || true
+        if ! git diff-index --quiet HEAD --; then
+          # There are changes to the patches. Make a git commit with the updated patches
+          git add patches
+          GIT_COMMITTER_NAME="Electron Bot" GIT_COMMITTER_EMAIL="anonymous@electronjs.org" git commit -m "update patches" --author="Electron Bot <anonymous@electronjs.org>"
+          # Export it
+          mkdir -p ../../patches
+          git format-patch -1 --stdout --keep-subject --no-stat --full-index > ../../patches/update-patches.patch
+          echo
+          echo "======================================================================"
+          echo "There were changes to the patches when applying."
+          echo "Check the CI artifacts for a patch you can apply to fix it."
+          echo "======================================================================"
+          exit 1
+        fi
       fi
 
 step-setup-env-for-build: &step-setup-env-for-build
@@ -295,12 +313,15 @@ step-get-more-space-on-mac: &step-get-more-space-on-mac
     command: |
       if [ "`uname`" == "Darwin" ]; then
         sudo rm -rf /Library/Developer/CoreSimulator
-        sudo rm -rf /Applications/Xcode.app/Contents/Developer/Platforms/AppleTVOS.platform
-        sudo rm -rf /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform
-        sudo rm -rf /Applications/Xcode.app/Contents/Developer/Platforms/WatchOS.platform
-        sudo rm -rf /Applications/Xcode.app/Contents/Developer/Platforms/WatchSimulator.platform
-        sudo rm -rf /Applications/Xcode.app/Contents/Developer/Platforms/AppleTVSimulator.platform
-        sudo rm -rf /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneSimulator.platform
+        sudo rm -rf $(xcode-select -p)/Platforms/AppleTVOS.platform
+        sudo rm -rf $(xcode-select -p)/Platforms/iPhoneOS.platform
+        sudo rm -rf $(xcode-select -p)/Platforms/WatchOS.platform
+        sudo rm -rf $(xcode-select -p)/Platforms/WatchSimulator.platform
+        sudo rm -rf $(xcode-select -p)/Platforms/AppleTVSimulator.platform
+        sudo rm -rf $(xcode-select -p)/Platforms/iPhoneSimulator.platform
+        sudo rm -rf ~/.rubies
+        sudo rm -rf ~/Library/Caches/Homebrew
+        sudo rm -rf /usr/local/Homebrew
       fi
 
 # On macOS delete all .git directories under src/ expect for
@@ -400,6 +421,7 @@ step-electron-build: &step-electron-build
       fi
       cd src
       ninja -C out/Default electron -j $NUMBER_OF_NINJA_PROCESSES
+      node electron/script/check-symlinks.js
 
 step-native-unittests-build: &step-native-unittests-build
   run:
@@ -652,8 +674,10 @@ step-mksnapshot-build: &step-mksnapshot-build
       if [ "`uname`" != "Darwin" ]; then
         if [ "$TARGET_ARCH" == "arm" ]; then
           electron/script/strip-binaries.py --file $PWD/out/Default/clang_x86_v8_arm/mksnapshot
+          electron/script/strip-binaries.py --file $PWD/out/Default/clang_x86_v8_arm/v8_context_snapshot_generator
         elif [ "$TARGET_ARCH" == "arm64" ]; then
           electron/script/strip-binaries.py --file $PWD/out/Default/clang_x64_v8_arm64/mksnapshot
+          electron/script/strip-binaries.py --file $PWD/out/Default/clang_x64_v8_arm64/v8_context_snapshot_generator
         else
           electron/script/strip-binaries.py --file $PWD/out/Default/mksnapshot
           electron/script/strip-binaries.py --file $PWD/out/Default/v8_context_snapshot_generator
@@ -686,12 +710,11 @@ step-hunspell-store: &step-hunspell-store
 step-maybe-generate-breakpad-symbols: &step-maybe-generate-breakpad-symbols
   run:
     name: Generate breakpad symbols
+    no_output_timeout: 30m
     command: |
       if [ "$GENERATE_SYMBOLS" == "true" ]; then
         cd src
         ninja -C out/Default electron:electron_symbols
-        cd out/Default/breakpad_symbols
-        find . -name \*.sym -print0 | xargs -0 npx @sentry/cli@1.51.1 difutil bundle-sources
       fi
 
 step-maybe-zip-symbols: &step-maybe-zip-symbols
@@ -810,7 +833,7 @@ step-restore-out-cache: &step-restore-out-cache
     paths:
       - ./src/out/Default
     keys:
-      - v7-out-cache-{{ checksum "src/electron/.depshash" }}-{{ checksum "src/electron/.depshash-target" }}
+      - v8-out-cache-{{ checksum "src/electron/.depshash" }}-{{ checksum "src/electron/.depshash-target" }}
     name: Restoring out cache
 
 step-set-git-cache-path: &step-set-git-cache-path
@@ -834,7 +857,7 @@ step-save-out-cache: &step-save-out-cache
   save_cache:
     paths:
       - ./src/out/Default
-    key: v7-out-cache-{{ checksum "src/electron/.depshash" }}-{{ checksum "src/electron/.depshash-target" }}
+    key: v8-out-cache-{{ checksum "src/electron/.depshash" }}-{{ checksum "src/electron/.depshash-target" }}
     name: Persisting out cache
 
 step-run-electron-only-hooks: &step-run-electron-only-hooks
@@ -981,6 +1004,8 @@ steps-checkout-and-save-cache: &steps-checkout-and-save-cache
     - *step-set-git-cache-path
     # This sync call only runs if .circle-sync-done is an EMPTY file
     - *step-gclient-sync
+    - store_artifacts:
+        path: patches
     - *step-save-git-cache
     # These next few steps reset Electron to the correct commit regardless of which cache was restored
     - run:
@@ -1019,8 +1044,8 @@ steps-electron-ts-compile-for-doc-change: &steps-electron-ts-compile-for-doc-cha
     - *step-depot-tools-get
     - *step-depot-tools-add-to-path
     - *step-restore-brew-cache
-    - *step-get-more-space-on-mac
     - *step-install-gnutar-on-mac
+    - *step-get-more-space-on-mac
     - *step-generate-deps-hash
     - *step-touch-sync-done
     - maybe-restore-portaled-src-cache
@@ -1142,8 +1167,8 @@ steps-tests: &steps-tests
           ELECTRON_DISABLE_SECURITY_WARNINGS: 1
         command: |
           cd src
-          (cd electron && node script/yarn test --runners=main --enable-logging --files $(circleci tests glob spec-main/*-spec.ts | circleci tests split))
-          (cd electron && node script/yarn test --runners=remote --enable-logging --files $(circleci tests glob spec/*-spec.js | circleci tests split))
+          (cd electron && node script/yarn test --runners=main --trace-uncaught --enable-logging --files $(circleci tests glob spec-main/*-spec.ts | circleci tests split))
+          (cd electron && node script/yarn test --runners=remote --trace-uncaught --enable-logging --files $(circleci tests glob spec/*-spec.js | circleci tests split))
     - run:
         name: Check test results existence
         command: |
@@ -1301,6 +1326,8 @@ commands:
             - *step-set-git-cache-path
             # This sync call only runs if .circle-sync-done is an EMPTY file
             - *step-gclient-sync
+            - store_artifacts:
+                path: patches
             # These next few steps reset Electron to the correct commit regardless of which cache was restored
             - when:
                 condition: << parameters.preserve-vendor-dirs >>

.eslintrc.json

@@ -27,7 +27,12 @@
     "sourceType": "module"
   },
   "globals": {
-    "standardScheme": "readonly"
+    "standardScheme": "readonly",
+    "BUILDFLAG": "readonly",
+    "ENABLE_DESKTOP_CAPTURER": "readonly",
+    "ENABLE_REMOTE_MODULE": "readonly",
+    "ENABLE_VIEWS_API": "readonly",
+    "BigInt": "readonly"
   },
   "overrides": [
     {

BUILD.gn

@@ -3,6 +3,7 @@ import("//build/config/ui.gni")
 import("//build/config/win/manifest.gni")
 import("//components/spellcheck/spellcheck_build_features.gni")
 import("//content/public/app/mac_helpers.gni")
+import("//extensions/buildflags/buildflags.gni")
 import("//pdf/features.gni")
 import("//ppapi/buildflags/buildflags.gni")
 import("//printing/buildflags/buildflags.gni")
@@ -58,6 +59,17 @@ if (is_mas_build) {
          "It doesn't make sense to build a MAS build on a non-mac platform")
 }
 
+if (enable_pdf_viewer) {
+  assert(enable_pdf, "PDF viewer support requires enable_pdf=true")
+  assert(enable_electron_extensions,
+         "PDF viewer support requires enable_electron_extensions=true")
+}
+
+if (enable_electron_extensions) {
+  assert(enable_extensions,
+         "Chrome extension support requires enable_extensions=true")
+}
+
 config("branding") {
   defines = [
     "ELECTRON_PRODUCT_NAME=\"$electron_product_name\"",
@@ -127,15 +139,6 @@ webpack_build("electron_isolated_renderer_bundle") {
   out_file = "$target_gen_dir/js2c/isolated_bundle.js"
 }
 
-webpack_build("electron_content_script_bundle") {
-  deps = [ ":build_electron_definitions" ]
-
-  inputs = auto_filenames.content_script_bundle_deps
-
-  config_file = "//electron/build/webpack/webpack.config.content_script.js"
-  out_file = "$target_gen_dir/js2c/content_script_bundle.js"
-}
-
 copy("electron_js2c_copy") {
   sources = [
     "lib/common/asar.js",
@@ -147,7 +150,6 @@ copy("electron_js2c_copy") {
 action("electron_js2c") {
   deps = [
     ":electron_browser_bundle",
-    ":electron_content_script_bundle",
     ":electron_isolated_renderer_bundle",
     ":electron_js2c_copy",
     ":electron_renderer_bundle",
@@ -157,7 +159,6 @@ action("electron_js2c") {
 
   webpack_sources = [
     "$target_gen_dir/js2c/browser_init.js",
-    "$target_gen_dir/js2c/content_script_bundle.js",
     "$target_gen_dir/js2c/isolated_bundle.js",
     "$target_gen_dir/js2c/renderer_init.js",
     "$target_gen_dir/js2c/sandbox_bundle.js",
@@ -321,6 +322,7 @@ source_set("electron_lib") {
     "shell/common/api:mojo",
     "//base:base_static",
     "//base/allocator:buildflags",
+    "//chrome/app:command_ids",
     "//chrome/app/resources:platform_locale_settings",
     "//chrome/services/printing/public/mojom",
     "//components/certificate_transparency",
@@ -330,7 +332,10 @@ source_set("electron_lib") {
     "//components/network_hints/common:mojo_bindings",
     "//components/network_hints/renderer",
     "//components/network_session_configurator/common",
+    "//components/pref_registry",
     "//components/prefs",
+    "//components/upload_list",
+    "//components/user_prefs",
     "//components/viz/host",
     "//components/viz/service",
     "//content/public/browser",
@@ -359,6 +364,7 @@ source_set("electron_lib") {
     "//third_party/blink/public:blink",
     "//third_party/boringssl",
     "//third_party/electron_node:node_lib",
+    "//third_party/inspector_protocol:crdtp",
     "//third_party/leveldatabase",
     "//third_party/libyuv",
     "//third_party/webrtc_overrides:webrtc_component",
@@ -376,7 +382,7 @@ source_set("electron_lib") {
   public_deps = [
     "//base",
     "//base:i18n",
-    "//content/public/app:both",
+    "//content/public/app",
   ]
 
   include_dirs = [
@@ -426,6 +432,9 @@ source_set("electron_lib") {
       "*\bviews/*",
     ]
   }
+  if (!is_mas_build) {
+    deps += [ "//components/crash/core/app" ]
+  }
 
   set_sources_assignment_filter(
       sources_assignment_filter + extra_source_filters)
@@ -443,6 +452,10 @@ source_set("electron_lib") {
     ]
   }
 
+  if (is_linux) {
+    deps += [ "//components/crash/content/browser" ]
+  }
+
   if (is_mac) {
     deps += [
       "//components/remote_cocoa/app_shim",
@@ -450,6 +463,10 @@ source_set("electron_lib") {
       "//ui/accelerated_widget_mac",
     ]
 
+    if (!is_mas_build) {
+      deps += [ "//third_party/crashpad/crashpad/client" ]
+    }
+
     libs = [
       "AVFoundation.framework",
       "Carbon.framework",
@@ -468,12 +485,14 @@ source_set("electron_lib") {
     ]
     if (is_mas_build) {
       sources += [ "shell/browser/api/electron_api_app_mas.mm" ]
-      sources -= [
-        "shell/browser/auto_updater_mac.mm",
-        "shell/common/crash_reporter/crash_reporter_mac.h",
-        "shell/common/crash_reporter/crash_reporter_mac.mm",
-      ]
+      sources -= [ "shell/browser/auto_updater_mac.mm" ]
       defines += [ "MAS_BUILD" ]
+      sources -= [
+        "shell/app/electron_crash_reporter_client.cc",
+        "shell/app/electron_crash_reporter_client.h",
+        "shell/common/crash_keys.cc",
+        "shell/common/crash_keys.h",
+      ]
     } else {
       libs += [
         "Squirrel.framework",
@@ -493,17 +512,21 @@ source_set("electron_lib") {
     deps += [
       ":libnotify_loader",
       "//build/config/linux/gtk",
-      "//chrome/browser/ui/gtk",
       "//dbus",
       "//device/bluetooth",
-      "//third_party/breakpad:client",
       "//ui/events/devices/x11",
       "//ui/events/platform/x11",
+      "//ui/gtk",
       "//ui/views/controls/webview",
       "//ui/wm",
     ]
+    if (use_x11) {
+      deps += [
+        "//ui/gfx/x",
+        "//ui/gtk/x",
+      ]
+    }
     configs += [ ":gio_unix" ]
-    include_dirs += [ "//third_party/breakpad" ]
     configs += [ "//build/config/linux:x11" ]
     defines += [
       # Disable warnings for g_settings_list_schemas.
@@ -512,6 +535,16 @@ source_set("electron_lib") {
 
     sources += filenames.lib_sources_nss
     sources += [
+      "shell/browser/ui/gtk/app_indicator_icon.cc",
+      "shell/browser/ui/gtk/app_indicator_icon.h",
+      "shell/browser/ui/gtk/app_indicator_icon_menu.cc",
+      "shell/browser/ui/gtk/app_indicator_icon_menu.h",
+      "shell/browser/ui/gtk/gtk_status_icon.cc",
+      "shell/browser/ui/gtk/gtk_status_icon.h",
+      "shell/browser/ui/gtk/menu_util.cc",
+      "shell/browser/ui/gtk/menu_util.h",
+      "shell/browser/ui/gtk/status_icon.cc",
+      "shell/browser/ui/gtk/status_icon.h",
       "shell/browser/ui/gtk_util.cc",
       "shell/browser/ui/gtk_util.h",
     ]
@@ -519,6 +552,7 @@ source_set("electron_lib") {
   if (is_win) {
     libs += [ "dwmapi.lib" ]
     deps += [
+      "//components/crash/core/app:crash_export_thunks",
       "//ui/native_theme:native_theme_browser",
       "//ui/views/controls/webview",
       "//ui/wm",
@@ -530,14 +564,6 @@ source_set("electron_lib") {
     ]
   }
 
-  if ((is_mac && !is_mas_build) || is_win) {
-    sources += [
-      "shell/common/crash_reporter/crash_reporter_crashpad.cc",
-      "shell/common/crash_reporter/crash_reporter_crashpad.h",
-    ]
-    deps += [ "//third_party/crashpad/crashpad/client" ]
-  }
-
   if (enable_plugins) {
     deps += [ "chromium_src:plugins" ]
     sources += [
@@ -577,8 +603,6 @@ source_set("electron_lib") {
 
   if (enable_remote_module) {
     sources += [
-      "shell/common/api/remote/object_life_monitor.cc",
-      "shell/common/api/remote/object_life_monitor.h",
       "shell/common/api/remote/remote_callback_freer.cc",
       "shell/common/api/remote/remote_callback_freer.h",
       "shell/common/api/remote/remote_object_freer.cc",
@@ -616,15 +640,6 @@ source_set("electron_lib") {
     deps += [ "//components/printing/common:mojo_interfaces" ]
   }
 
-  deps += [
-    "//components/pref_registry",
-    "//components/user_prefs",
-    "//extensions/browser",
-    "//extensions/browser:core_api_provider",
-    "//extensions/common",
-    "//extensions/common:core_api_provider",
-    "//extensions/renderer",
-  ]
   if (enable_electron_extensions) {
     sources += filenames.lib_sources_extensions
     deps += [
@@ -633,6 +648,11 @@ source_set("electron_lib") {
       "shell/common/extensions/api:extensions_features",
       "//chrome/browser/resources:component_extension_resources",
       "//components/zoom",
+      "//extensions/browser",
+      "//extensions/browser:core_api_provider",
+      "//extensions/common",
+      "//extensions/common:core_api_provider",
+      "//extensions/renderer",
     ]
   }
 
@@ -746,11 +766,17 @@ if (is_mac) {
   }
 
   bundle_data("electron_crashpad_helper") {
-    sources = [ "$root_out_dir/crashpad_handler" ]
+    sources = [ "$root_out_dir/chrome_crashpad_handler" ]
 
-    outputs = [ "{{bundle_resources_dir}}/{{source_file_part}}" ]
+    outputs = [ "{{bundle_contents_dir}}/Helpers/{{source_file_part}}" ]
 
-    public_deps = [ "//third_party/crashpad/crashpad/handler:crashpad_handler" ]
+    public_deps = [ "//components/crash/core/app:chrome_crashpad_handler" ]
+
+    if (is_asan) {
+      # crashpad_handler requires the ASan runtime at its @executable_path.
+      sources += [ "$root_out_dir/libclang_rt.asan_osx_dynamic.dylib" ]
+      public_deps += [ "//build/config/sanitizers:copy_asan_runtime" ]
+    }
   }
 
   mac_framework_bundle("electron_framework") {
@@ -760,6 +786,9 @@ if (is_mac) {
       "Resources",
       "Libraries",
     ]
+    if (!is_mas_build) {
+      framework_contents += [ "Helpers" ]
+    }
     public_deps = [
       ":electron_framework_libraries",
       ":electron_lib",
@@ -982,21 +1011,24 @@ if (is_mac) {
     }
 
     extract_symbols("crashpad_handler_syms") {
-      binary = "$root_out_dir/crashpad_handler"
+      binary = "$root_out_dir/chrome_crashpad_handler"
       symbol_dir = "$root_out_dir/breakpad_symbols"
-      dsym_file = "$root_out_dir/crashpad_handler.dSYM/Contents/Resources/DWARF/crashpad_handler"
-      deps = [ "//third_party/crashpad/crashpad/handler:crashpad_handler" ]
+      dsym_file = "$root_out_dir/chrome_crashpad_handler.dSYM/Contents/Resources/DWARF/chrome_crashpad_handler"
+      deps = [ "//components/crash/core/app:chrome_crashpad_handler" ]
     }
 
     group("electron_symbols") {
       deps = [
-        ":crashpad_handler_syms",
         ":electron_app_syms",
         ":electron_framework_syms",
         ":swiftshader_egl_syms",
         ":swiftshader_gles_syms",
       ]
 
+      if (!is_mas_build) {
+        deps += [ ":crashpad_handler_syms" ]
+      }
+
       foreach(helper_params, content_mac_helpers) {
         _helper_target = helper_params[0]
         deps += [ ":electron_helper_syms_${_helper_target}" ]
@@ -1026,6 +1058,7 @@ if (is_mac) {
       ":electron_app_manifest",
       ":electron_lib",
       ":packed_resources",
+      "//components/crash/core/app",
       "//content:sandbox_helper_win",
       "//electron/buildflags",
       "//ui/strings",
@@ -1051,10 +1084,15 @@ if (is_mac) {
     if (is_win) {
       sources += [
         # TODO: we should be generating our .rc files more like how chrome does
-        "shell/browser/resources/win/atom.rc",
+        "shell/browser/resources/win/electron.rc",
         "shell/browser/resources/win/resource.h",
       ]
 
+      deps += [
+        "//components/browser_watcher:browser_watcher_client",
+        "//components/crash/core/app:run_as_crashpad_handler",
+      ]
+
       libs = [
         "comctl32.lib",
         "uiautomationcore.lib",
@@ -1078,7 +1116,7 @@ if (is_mac) {
       # See https://github.com/nodejs/node-gyp/commit/52ceec3a6d15de3a8f385f43dbe5ecf5456ad07a
       ldflags += [ "/DEF:" + rebase_path("build/electron.def", root_build_dir) ]
       inputs = [
-        "shell/browser/resources/win/atom.ico",
+        "shell/browser/resources/win/electron.ico",
         "build/electron.def",
       ]
     }
@@ -1258,7 +1296,7 @@ dist_zip("electron_chromedriver_zip") {
 
 mksnapshot_deps = [
   ":licenses",
-  "//tools/v8_context_snapshot:v8_context_snapshot_generator",
+  "//tools/v8_context_snapshot:v8_context_snapshot_generator($v8_snapshot_toolchain)",
   "//v8:mksnapshot($v8_snapshot_toolchain)",
 ]
 

CODE_OF_CONDUCT.md

@@ -1,46 +1,135 @@
-# Contributor Covenant Code of Conduct:
+# Code of Conduct
 
-## Our Pledge
+As a member project of the OpenJS Foundation, Electron uses [Contributor Covenant v2.0](https://contributor-covenant.org/version/2/0/code_of_conduct) as their code of conduct. The full text is included [below](#contributor-covenant-code-of-conduct) in English, and translations are available from the Contributor Covenant organisation:
 
-In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to making participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, or sexual identity and orientation.
+- [contributor-covenant.org/translations](https://www.contributor-covenant.org/translations)
+- [github.com/ContributorCovenant](https://github.com/ContributorCovenant/contributor_covenant/tree/release/content/version/2/0)
 
-## Our Standards
+## Contributor Covenant Code of Conduct
 
-Examples of behavior that contributes to creating a positive environment include:
+### Our Pledge
 
-* Using welcoming and inclusive language
-* Being respectful of differing viewpoints and experiences
-* Gracefully accepting constructive criticism
-* Focusing on what is best for the community
-* Showing empathy towards other community members
+We as members, contributors, and leaders pledge to make participation in our
+community a harassment-free experience for everyone, regardless of age, body
+size, visible or invisible disability, ethnicity, sex characteristics, gender
+identity and expression, level of experience, education, socio-economic status,
+nationality, personal appearance, race, religion, or sexual identity
+and orientation.
 
-Examples of unacceptable behavior by participants include:
+We pledge to act and interact in ways that contribute to an open, welcoming,
+diverse, inclusive, and healthy community.
 
-* The use of sexualized language or imagery and unwelcome sexual attention or advances
-* Trolling, insulting/derogatory comments, and personal or political attacks
+### Our Standards
+
+Examples of behavior that contributes to a positive environment for our
+community include:
+
+* Demonstrating empathy and kindness toward other people
+* Being respectful of differing opinions, viewpoints, and experiences
+* Giving and gracefully accepting constructive feedback
+* Accepting responsibility and apologizing to those affected by our mistakes,
+  and learning from the experience
+* Focusing on what is best not just for us as individuals, but for the
+  overall community
+
+Examples of unacceptable behavior include:
+
+* The use of sexualized language or imagery, and sexual attention or
+  advances of any kind
+* Trolling, insulting or derogatory comments, and personal or political attacks
 * Public or private harassment
-* Publishing others' private information, such as a physical or electronic address, without explicit permission
-* Other conduct which could reasonably be considered inappropriate in a professional setting
+* Publishing others' private information, such as a physical or email
+  address, without their explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
 
-## Our Responsibilities
+### Enforcement Responsibilities
 
-Project maintainers are responsible for clarifying the standards of acceptable behavior and are expected to take appropriate and fair corrective action in response to any instances of unacceptable behavior.
+Community leaders are responsible for clarifying and enforcing our standards of
+acceptable behavior and will take appropriate and fair corrective action in
+response to any behavior that they deem inappropriate, threatening, offensive,
+or harmful.
 
-Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, or to ban temporarily or permanently any contributor for other behaviors that they deem inappropriate, threatening, offensive, or harmful.
+Community leaders have the right and responsibility to remove, edit, or reject
+comments, commits, code, wiki edits, issues, and other contributions that are
+not aligned to this Code of Conduct, and will communicate reasons for moderation
+decisions when appropriate.
 
-## Scope
+### Scope
 
-This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or its community. Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event. Representation of a project may be further defined and clarified by project maintainers.
+This Code of Conduct applies within all community spaces, and also applies when
+an individual is officially representing the community in public spaces.
+Examples of representing our community include using an official e-mail address,
+posting via an official social media account, or acting as an appointed
+representative at an online or offline event.
 
-## Enforcement
+### Enforcement
 
-Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team at [coc@electronjs.org](mailto:coc@electronjs.org). All complaints will be reviewed and investigated and will result in a response that is deemed necessary and appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident. Further details of specific enforcement policies may be posted separately.
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported to the community leaders responsible for enforcement at
+[coc@electronjs.org](mailto:coc@electronjs.org).
+All complaints will be reviewed and investigated promptly and fairly.
 
-Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership.
+All community leaders are obligated to respect the privacy and security of the
+reporter of any incident.
 
-## Attribution
+### Enforcement Guidelines
 
-This Code of Conduct is adapted from the [Contributor-Covenant][homepage], version 1.4, available at [https://contributor-covenant.org/version/1/4][version]
+Community leaders will follow these Community Impact Guidelines in determining
+the consequences for any action they deem in violation of this Code of Conduct:
 
-[homepage]: https://contributor-covenant.org
-[version]: https://contributor-covenant.org/version/1/4/
+#### 1. Correction
+
+**Community Impact**: Use of inappropriate language or other behavior deemed
+unprofessional or unwelcome in the community.
+
+**Consequence**: A private, written warning from community leaders, providing
+clarity around the nature of the violation and an explanation of why the
+behavior was inappropriate. A public apology may be requested.
+
+#### 2. Warning
+
+**Community Impact**: A violation through a single incident or series
+of actions.
+
+**Consequence**: A warning with consequences for continued behavior. No
+interaction with the people involved, including unsolicited interaction with
+those enforcing the Code of Conduct, for a specified period of time. This
+includes avoiding interactions in community spaces as well as external channels
+like social media. Violating these terms may lead to a temporary or
+permanent ban.
+
+#### 3. Temporary Ban
+
+**Community Impact**: A serious violation of community standards, including
+sustained inappropriate behavior.
+
+**Consequence**: A temporary ban from any sort of interaction or public
+communication with the community for a specified period of time. No public or
+private interaction with the people involved, including unsolicited interaction
+with those enforcing the Code of Conduct, is allowed during this period.
+Violating these terms may lead to a permanent ban.
+
+#### 4. Permanent Ban
+
+**Community Impact**: Demonstrating a pattern of violation of community
+standards, including sustained inappropriate behavior,  harassment of an
+individual, or aggression toward or disparagement of classes of individuals.
+
+**Consequence**: A permanent ban from any sort of public interaction within
+the community.
+
+### Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage],
+version 2.0, available at
+https://www.contributor-covenant.org/version/2/0/code_of_conduct.html.
+
+Community Impact Guidelines were inspired by [Mozilla's code of conduct
+enforcement ladder](https://github.com/mozilla/diversity).
+
+[homepage]: https://www.contributor-covenant.org
+
+For answers to common questions about this code of conduct, see the FAQ at
+https://www.contributor-covenant.org/faq. Translations are available at
+https://www.contributor-covenant.org/translations.

DEPS

@@ -5,16 +5,18 @@ gclient_gn_args = [
   'checkout_android_native_support',
   'checkout_libaom',
   'checkout_nacl',
+  'checkout_pgo_profiles',
   'checkout_oculus_sdk',
   'checkout_openxr',
-  'checkout_google_benchmark'
+  'checkout_google_benchmark',
+  'mac_xcode_version',
 ]
 
 vars = {
   'chromium_version':
-    '0f55a0804ce1ba9678489174a6123358a7683f37',
+    '85.0.4183.39',
   'node_version':
-    'v12.16.1',
+    'v12.16.3',
   'nan_version':
     '2c4ee8a32a299eada3cd6e468bbd0a473bfea96d',
 
@@ -42,6 +44,7 @@ vars = {
   'checkout_chromium': True,
   'checkout_node': True,
   'checkout_nan': True,
+  'checkout_pgo_profiles': True,
 
   # It's only needed to parse the native tests configurations.
   'checkout_pyyaml': False,
@@ -49,6 +52,8 @@ vars = {
   # Python "requests" module is used for releases only.
   'checkout_requests': False,
 
+  'mac_xcode_version': 'default',
+
   # To allow running hooks without parsing the DEPS tree
   'process_deps': True,
 

ELECTRON_VERSION

@@ -1 +1 @@
-10.0.0-nightly.20200407
+10.0.0-beta.19

appveyor.yml

@@ -29,7 +29,7 @@
 
 version: 1.0.{build}
 build_cloud: electron-16-core
-image: vs2019bt-16.4.0
+image: vs2019bt-16.6.2
 environment:
   GIT_CACHE_PATH: C:\Users\electron\libcc_cache
   ELECTRON_OUT_DIR: Default
@@ -152,7 +152,11 @@ build_script:
   - ninja -C out/ffmpeg electron:electron_ffmpeg_zip
   - ninja -C out/Default electron:electron_dist_zip
   - ninja -C out/Default shell_browser_ui_unittests
+  - gn desc out/Default v8:run_mksnapshot_default args > out/Default/mksnapshot_args
   - ninja -C out/Default electron:electron_mksnapshot_zip
+  - cd out\Default
+  - 7z a mksnapshot.zip mksnapshot_args gen\v8\embedded.S
+  - cd ..\..
   - ninja -C out/Default electron:hunspell_dictionaries_zip
   - ninja -C out/Default electron:electron_chromedriver_zip
   - ninja -C out/Default third_party/electron_node:headers
@@ -200,11 +204,10 @@ test_script:
         echo "Skipping tests for $env:GN_CONFIG build"
       }
   - cd electron
-  - if "%RUN_TESTS%"=="true" ( echo Running test suite & node script/yarn test -- --enable-logging)
+  - if "%RUN_TESTS%"=="true" ( echo Running test suite & node script/yarn test -- --trace-uncaught --enable-logging)
   - cd ..
   - if "%RUN_TESTS%"=="true" ( echo Verifying non proprietary ffmpeg & python electron\script\verify-ffmpeg.py --build-dir out\Default --source-root %cd% --ffmpeg-path out\ffmpeg )
-  - echo "About to verify mksnapshot"  
-  - if "%RUN_TESTS%"=="true" ( gn desc out\Default v8:run_mksnapshot_default args > out\Default\mksnapshot_args )
+  - echo "About to verify mksnapshot"
   - if "%RUN_TESTS%"=="true" ( echo Verifying mksnapshot & python electron\script\verify-mksnapshot.py --build-dir out\Default --source-root %cd% )
   - echo "Done verifying mksnapshot"
   - if "%RUN_TESTS%"=="true" ( echo Verifying chromedriver & python electron\script\verify-chromedriver.py --build-dir out\Default --source-root %cd% )

azure-pipelines-woa.yml

@@ -88,5 +88,6 @@ steps:
 - powershell: |
     Get-Process | Where Name –Like "electron*" | Stop-Process
     Get-Process | Where Name –Like "MicrosoftEdge*" | Stop-Process
+    Get-Process | Where Name –Like "msedge*" | Stop-Process
   displayName: 'Kill processes left running from last test run'
   condition: always()

build/args/all.gn

@@ -20,7 +20,3 @@ angle_enable_vulkan_validation_layers = false
 dawn_enable_vulkan_validation_layers = false
 
 is_cfi = false
-
-enable_osr = true
-
-enable_electron_extensions = true

build/webpack/run-compiler.js

@@ -1,3 +1,4 @@
+const fs = require('fs');
 const path = require('path')
 const webpack = require('webpack')
 
@@ -9,6 +10,9 @@ config.output = {
   filename: path.basename(outPath)
 }
 
+const { wrapInitWithProfilingTimeout } = config;
+delete config.wrapInitWithProfilingTimeout;
+
 webpack(config, (err, stats) => {
   if (err) {
     console.error(err)
@@ -17,6 +21,18 @@ webpack(config, (err, stats) => {
     console.error(stats.toString('normal'))
     process.exit(1)
   } else {
+    if (wrapInitWithProfilingTimeout) {
+      const contents = fs.readFileSync(outPath, 'utf8');
+      const newContents = `function ___electron_webpack_init__() {
+${contents}
+};
+if ((globalThis.process || binding.process).argv.includes("--profile-electron-init")) {
+  setTimeout(___electron_webpack_init__, 0);
+} else {
+  ___electron_webpack_init__();
+}`;
+      fs.writeFileSync(outPath, newContents);
+    }
     process.exit(0)
   }
 })

build/webpack/webpack.config.base.js

@@ -1,6 +1,7 @@
 const fs = require('fs')
 const path = require('path')
 const webpack = require('webpack')
+const TerserPlugin = require('terser-webpack-plugin');
 
 const electronRoot = path.resolve(__dirname, '../..')
 
@@ -20,11 +21,55 @@ class AccessDependenciesPlugin {
   }
 }
 
+const defines = {
+  BUILDFLAG: onlyPrintingGraph ? '(a => a)' : ''
+}
+
+const buildFlagsPrefix = '--buildflags='
+const buildFlagArg = process.argv.find(arg => arg.startsWith(buildFlagsPrefix));
+
+if (buildFlagArg) {
+  const buildFlagPath = buildFlagArg.substr(buildFlagsPrefix.length)
+
+  const flagFile = fs.readFileSync(buildFlagPath, 'utf8')
+  for (const line of flagFile.split(/(\r\n|\r|\n)/g)) {
+    const flagMatch = line.match(/#define BUILDFLAG_INTERNAL_(.+?)\(\) \(([01])\)/)
+    if (flagMatch) {
+      const [, flagName, flagValue] = flagMatch;
+      defines[flagName] = JSON.stringify(Boolean(parseInt(flagValue, 10)));
+    }
+  }
+}
+
+const ignoredModules = []
+
+if (defines['ENABLE_DESKTOP_CAPTURER'] === 'false') {
+  ignoredModules.push(
+    '@electron/internal/browser/desktop-capturer',
+    '@electron/internal/browser/api/desktop-capturer',
+    '@electron/internal/renderer/api/desktop-capturer'
+  )
+}
+
+if (defines['ENABLE_REMOTE_MODULE'] === 'false') {
+  ignoredModules.push(
+    '@electron/internal/browser/remote/server',
+    '@electron/internal/renderer/api/remote'
+  )
+}
+
+if (defines['ENABLE_VIEWS_API'] === 'false') {
+  ignoredModules.push(
+    '@electron/internal/browser/api/views/image-view.js'
+  )
+}
+
 module.exports = ({
   alwaysHasNode,
   loadElectronFromAlternateTarget,
   targetDeletesNodeGlobals,
-  target
+  target,
+  wrapInitWithProfilingTimeout
 }) => {
   let entry = path.resolve(electronRoot, 'lib', target, 'init.ts')
   if (!fs.existsSync(entry)) {
@@ -33,29 +78,36 @@ module.exports = ({
 
   return ({
     mode: 'development',
-    devtool: 'inline-source-map',
+    devtool: false,
     entry,
     target: alwaysHasNode ? 'node' : 'web',
     output: {
       filename: `${target}.bundle.js`
     },
+    wrapInitWithProfilingTimeout,
     resolve: {
       alias: {
         '@electron/internal': path.resolve(electronRoot, 'lib'),
         'electron': path.resolve(electronRoot, 'lib', loadElectronFromAlternateTarget || target, 'api', 'exports', 'electron.ts'),
-        // Force timers to resolve to our dependency that doens't use window.postMessage
+        // Force timers to resolve to our dependency that doesn't use window.postMessage
         'timers': path.resolve(electronRoot, 'node_modules', 'timers-browserify', 'main.js')
       },
       extensions: ['.ts', '.js']
     },
     module: {
       rules: [{
+        test: (moduleName) => !onlyPrintingGraph && ignoredModules.includes(moduleName),
+        loader: 'null-loader',
+      }, {
         test: /\.ts$/,
         loader: 'ts-loader',
         options: {
           configFile: path.resolve(electronRoot, 'tsconfig.electron.json'),
           transpileOnly: onlyPrintingGraph,
-          ignoreDiagnostics: [6059]
+          ignoreDiagnostics: [
+            // File '{0}' is not under 'rootDir' '{1}'.
+            6059,
+          ]
         }
       }]
     },
@@ -66,6 +118,17 @@ module.exports = ({
       // one of our renderer bundles should import it from the 'timers' package
       setImmediate: false,
     },
+    optimization: {
+      minimize: true,
+      minimizer: [
+        new TerserPlugin({
+          terserOptions: {
+            keep_classnames: true,
+            keep_fnames: true,
+          },
+        }),
+      ],
+    },
     plugins: [
       new AccessDependenciesPlugin(),
       ...(targetDeletesNodeGlobals ? [
@@ -78,6 +141,7 @@ module.exports = ({
       new webpack.ProvidePlugin({
         Promise: ['@electron/internal/common/webpack-globals-provider', 'Promise'],
       }),
+      new webpack.DefinePlugin(defines),
     ]
   })
 }

build/webpack/webpack.config.content_script.js

@@ -1,4 +0,0 @@
-module.exports = require('./webpack.config.base')({
-  target: 'content_script',
-  alwaysHasNode: false
-})

build/webpack/webpack.config.renderer.js

@@ -1,5 +1,6 @@
 module.exports = require('./webpack.config.base')({
   target: 'renderer',
   alwaysHasNode: true,
-  targetDeletesNodeGlobals: true
+  targetDeletesNodeGlobals: true,
+  wrapInitWithProfilingTimeout: true
 })

build/webpack/webpack.config.sandboxed_renderer.js

@@ -1,4 +1,5 @@
 module.exports = require('./webpack.config.base')({
   target: 'sandboxed_renderer',
-  alwaysHasNode: false
+  alwaysHasNode: false,
+  wrapInitWithProfilingTimeout: true,
 })

build/webpack/webpack.gni

@@ -16,6 +16,7 @@ template("webpack_build") {
     inputs = [
                invoker.config_file,
                "//electron/build/webpack/webpack.config.base.js",
+               "//electron/build/webpack/run-compiler.js",
                "//electron/tsconfig.json",
                "//electron/yarn.lock",
                "//electron/typings/internal-ambient.d.ts",
@@ -25,7 +26,9 @@ template("webpack_build") {
     args = [
       rebase_path(invoker.config_file),
       rebase_path(invoker.out_file),
+      "--buildflags=" + rebase_path("$target_gen_dir/buildflags/buildflags.h"),
     ]
+    deps += [ "buildflags" ]
 
     outputs = [ invoker.out_file ]
   }

build/zip.py

@@ -25,6 +25,13 @@ PATHS_TO_SKIP = [
   # //chrome/browser/resources/ssl/ssl_error_assistant, but we don't need to
   # ship it.
   'pyproto',
+
+  # On Windows, this binary doesn't exist (the crashpad handler is built-in).
+  # On MacOS, the binary is called 'chrome_crashpad_handler' and is inside the
+  # app bundle.
+  # On Linux, we don't use crashpad, but this binary is still built for some
+  # reason. Exclude it from the zip.
+  './crashpad_handler',
 ]
 
 def skip_path(dep, dist_zip, target_cpu):

buildflags/buildflags.gni

@@ -32,7 +32,7 @@ declare_args() {
   enable_pepper_flash = true
 
   # Enable Chrome extensions support.
-  enable_electron_extensions = false
+  enable_electron_extensions = true
 
   # Enable Spellchecker support
   enable_builtin_spellchecker = true

chromium_src/BUILD.gn

@@ -14,6 +14,8 @@ static_library("chrome") {
   sources = [
     "//chrome/browser/browser_process.cc",
     "//chrome/browser/browser_process.h",
+    "//chrome/browser/crash_upload_list/crash_upload_list_crashpad.cc",
+    "//chrome/browser/crash_upload_list/crash_upload_list_crashpad.h",
     "//chrome/browser/devtools/devtools_contents_resizing_strategy.cc",
     "//chrome/browser/devtools/devtools_contents_resizing_strategy.h",
     "//chrome/browser/devtools/devtools_embedder_message_dispatcher.cc",
@@ -51,10 +53,12 @@ static_library("chrome") {
     "//chrome/browser/ssl/security_state_tab_helper.cc",
     "//chrome/browser/ssl/security_state_tab_helper.h",
     "//chrome/browser/ssl/tls_deprecation_config.cc",
-    "//chrome/browser/ui/autofill/popup_view_common.cc",
-    "//chrome/browser/ui/autofill/popup_view_common.h",
+    "//chrome/browser/ui/views/autofill/autofill_popup_view_utils.cc",
+    "//chrome/browser/ui/views/autofill/autofill_popup_view_utils.h",
     "//chrome/browser/win/chrome_process_finder.cc",
     "//chrome/browser/win/chrome_process_finder.h",
+    "//chrome/child/v8_crashpad_support_win.cc",
+    "//chrome/child/v8_crashpad_support_win.h",
     "//extensions/browser/app_window/size_constraints.cc",
     "//extensions/browser/app_window/size_constraints.h",
   ]
@@ -68,7 +72,9 @@ static_library("chrome") {
   ]
   deps = [
     "//chrome/browser:resource_prefetch_predictor_proto",
+    "//chrome/services/speech:buildflags",
     "//components/feature_engagement:buildflags",
+    "//components/optimization_guide/proto:optimization_guide_proto",
   ]
 
   if (is_linux) {
@@ -87,6 +93,14 @@ static_library("chrome") {
     ]
   }
 
+  if (is_win) {
+    sources += [
+      "//chrome/browser/win/icon_reader_service.cc",
+      "//chrome/browser/win/icon_reader_service.h",
+    ]
+    public_deps += [ "//chrome/services/util_win:lib" ]
+  }
+
   if (enable_desktop_capturer) {
     sources += [
       "//chrome/browser/media/webrtc/desktop_media_list.h",
@@ -147,13 +161,6 @@ static_library("chrome") {
     }
   }
 
-  if (enable_tts) {
-    sources += [
-      "//chrome/browser/speech/tts_controller_delegate_impl.cc",
-      "//chrome/browser/speech/tts_controller_delegate_impl.h",
-    ]
-  }
-
   if (enable_widevine) {
     sources += [
       "//chrome/renderer/media/chrome_key_systems.cc",
@@ -238,17 +245,22 @@ static_library("chrome") {
     sources += [
       "//chrome/browser/extensions/chrome_url_request_util.cc",
       "//chrome/browser/extensions/chrome_url_request_util.h",
-      "//chrome/browser/pdf/pdf_extension_util.cc",
-      "//chrome/browser/pdf/pdf_extension_util.h",
       "//chrome/browser/plugins/plugin_response_interceptor_url_loader_throttle.cc",
       "//chrome/browser/plugins/plugin_response_interceptor_url_loader_throttle.h",
       "//chrome/renderer/extensions/extension_hooks_delegate.cc",
       "//chrome/renderer/extensions/extension_hooks_delegate.h",
       "//chrome/renderer/extensions/tabs_hooks_delegate.cc",
       "//chrome/renderer/extensions/tabs_hooks_delegate.h",
-      "//chrome/renderer/pepper/chrome_pdf_print_client.cc",
-      "//chrome/renderer/pepper/chrome_pdf_print_client.h",
     ]
+
+    if (enable_pdf_viewer) {
+      sources += [
+        "//chrome/browser/pdf/pdf_extension_util.cc",
+        "//chrome/browser/pdf/pdf_extension_util.h",
+        "//chrome/renderer/pepper/chrome_pdf_print_client.cc",
+        "//chrome/renderer/pepper/chrome_pdf_print_client.h",
+      ]
+    }
   }
 }
 
@@ -267,12 +279,14 @@ source_set("plugins") {
     "//chrome/browser/renderer_host/pepper/pepper_isolated_file_system_message_filter.h",
   ]
   deps += [
-    "//components/pdf/browser",
     "//media:media_buildflags",
     "//ppapi/buildflags",
     "//ppapi/proxy:ipc",
     "//services/device/public/mojom",
   ]
+  if (enable_pdf_viewer) {
+    deps += [ "//components/pdf/browser" ]
+  }
   if (enable_pepper_flash) {
     sources += [
       "//chrome/browser/renderer_host/pepper/pepper_flash_browser_host.cc",
@@ -318,9 +332,11 @@ source_set("plugins") {
       "//chrome/renderer/pepper/pepper_flash_font_file_host.cc",
       "//chrome/renderer/pepper/pepper_flash_font_file_host.h",
     ]
+    if (enable_pdf_viewer) {
+      deps += [ "//components/pdf/renderer" ]
+    }
   }
   deps += [
-    "//components/pdf/renderer",
     "//components/strings",
     "//media:media_buildflags",
     "//ppapi/host",

chromium_src/chrome/browser/certificate_manager_model.cc

@@ -69,12 +69,12 @@ net::NSSCertDatabase* GetNSSCertDatabaseForResourceContext(
 
 // static
 void CertificateManagerModel::Create(content::BrowserContext* browser_context,
-                                     const CreationCallback& callback) {
+                                     CreationCallback callback) {
   DCHECK_CURRENTLY_ON(BrowserThread::UI);
-  base::PostTask(
-      FROM_HERE, {BrowserThread::IO},
-      base::BindOnce(&CertificateManagerModel::GetCertDBOnIOThread,
-                     browser_context->GetResourceContext(), callback));
+  base::PostTask(FROM_HERE, {BrowserThread::IO},
+                 base::BindOnce(&CertificateManagerModel::GetCertDBOnIOThread,
+                                browser_context->GetResourceContext(),
+                                std::move(callback)));
 }
 
 CertificateManagerModel::CertificateManagerModel(
@@ -129,17 +129,17 @@ bool CertificateManagerModel::Delete(CERTCertificate* cert) {
 void CertificateManagerModel::DidGetCertDBOnUIThread(
     net::NSSCertDatabase* cert_db,
     bool is_user_db_available,
-    const CreationCallback& callback) {
+    CreationCallback callback) {
   DCHECK_CURRENTLY_ON(BrowserThread::UI);
 
   std::unique_ptr<CertificateManagerModel> model(
       new CertificateManagerModel(cert_db, is_user_db_available));
-  callback.Run(std::move(model));
+  std::move(callback).Run(std::move(model));
 }
 
 // static
 void CertificateManagerModel::DidGetCertDBOnIOThread(
-    const CreationCallback& callback,
+    CreationCallback callback,
     net::NSSCertDatabase* cert_db) {
   DCHECK_CURRENTLY_ON(BrowserThread::IO);
 
@@ -147,17 +147,24 @@ void CertificateManagerModel::DidGetCertDBOnIOThread(
   base::PostTask(
       FROM_HERE, {BrowserThread::UI},
       base::BindOnce(&CertificateManagerModel::DidGetCertDBOnUIThread, cert_db,
-                     is_user_db_available, callback));
+                     is_user_db_available, std::move(callback)));
 }
 
 // static
 void CertificateManagerModel::GetCertDBOnIOThread(
     content::ResourceContext* context,
-    const CreationCallback& callback) {
+    CreationCallback callback) {
   DCHECK_CURRENTLY_ON(BrowserThread::IO);
-  net::NSSCertDatabase* cert_db = GetNSSCertDatabaseForResourceContext(
-      context, base::BindOnce(&CertificateManagerModel::DidGetCertDBOnIOThread,
-                              callback));
+
+  auto did_get_cert_db_callback = base::AdaptCallbackForRepeating(
+      base::BindOnce(&CertificateManagerModel::DidGetCertDBOnIOThread,
+                     std::move(callback)));
+
+  net::NSSCertDatabase* cert_db =
+      GetNSSCertDatabaseForResourceContext(context, did_get_cert_db_callback);
+
+  // If the NSS database was already available, |cert_db| is non-null and
+  // |did_get_cert_db_callback| has not been called. Call it explicitly.
   if (cert_db)
-    DidGetCertDBOnIOThread(callback, cert_db);
+    did_get_cert_db_callback.Run(cert_db);
 }

chromium_src/chrome/browser/certificate_manager_model.h

@@ -24,14 +24,14 @@ class ResourceContext;
 // manager dialog, and processes changes from the view.
 class CertificateManagerModel {
  public:
-  typedef base::Callback<void(std::unique_ptr<CertificateManagerModel>)>
-      CreationCallback;
+  using CreationCallback =
+      base::OnceCallback<void(std::unique_ptr<CertificateManagerModel>)>;
 
   // Creates a CertificateManagerModel. The model will be passed to the callback
   // when it is ready. The caller must ensure the model does not outlive the
   // |browser_context|.
   static void Create(content::BrowserContext* browser_context,
-                     const CreationCallback& callback);
+                     CreationCallback callback);
 
   ~CertificateManagerModel();
 
@@ -100,11 +100,11 @@ class CertificateManagerModel {
   // file for details.
   static void DidGetCertDBOnUIThread(net::NSSCertDatabase* cert_db,
                                      bool is_user_db_available,
-                                     const CreationCallback& callback);
-  static void DidGetCertDBOnIOThread(const CreationCallback& callback,
+                                     CreationCallback callback);
+  static void DidGetCertDBOnIOThread(CreationCallback callback,
                                      net::NSSCertDatabase* cert_db);
   static void GetCertDBOnIOThread(content::ResourceContext* context,
-                                  const CreationCallback& callback);
+                                  CreationCallback callback);
 
   net::NSSCertDatabase* cert_db_;
   // Whether the certificate database has a public slot associated with the

chromium_src/chrome/browser/process_singleton_posix.cc

@@ -68,7 +68,6 @@
 #include "base/logging.h"
 #include "base/macros.h"
 #include "base/memory/ref_counted.h"
-#include "base/message_loop/message_loop.h"
 #include "base/metrics/histogram_macros.h"
 #include "base/path_service.h"
 #include "base/posix/eintr_wrapper.h"

chromium_src/chrome/browser/ui/views/frame/global_menu_bar_registrar_x11.cc

@@ -24,18 +24,18 @@ GlobalMenuBarRegistrarX11* GlobalMenuBarRegistrarX11::GetInstance() {
   return base::Singleton<GlobalMenuBarRegistrarX11>::get();
 }
 
-void GlobalMenuBarRegistrarX11::OnWindowMapped(unsigned long xid) {
-  live_xids_.insert(xid);
+void GlobalMenuBarRegistrarX11::OnWindowMapped(x11::Window window) {
+  live_windows_.insert(window);
 
   if (registrar_proxy_)
-    RegisterXID(xid);
+    RegisterXWindow(window);
 }
 
-void GlobalMenuBarRegistrarX11::OnWindowUnmapped(unsigned long xid) {
+void GlobalMenuBarRegistrarX11::OnWindowUnmapped(x11::Window window) {
   if (registrar_proxy_)
-    UnregisterXID(xid);
+    UnregisterXWindow(window);
 
-  live_xids_.erase(xid);
+  live_windows_.erase(window);
 }
 
 GlobalMenuBarRegistrarX11::GlobalMenuBarRegistrarX11()
@@ -63,9 +63,9 @@ GlobalMenuBarRegistrarX11::~GlobalMenuBarRegistrarX11() {
   }
 }
 
-void GlobalMenuBarRegistrarX11::RegisterXID(unsigned long xid) {
+void GlobalMenuBarRegistrarX11::RegisterXWindow(x11::Window window) {
   DCHECK(registrar_proxy_);
-  std::string path = electron::GlobalMenuBarX11::GetPathForWindow(xid);
+  std::string path = electron::GlobalMenuBarX11::GetPathForWindow(window);
 
   ANNOTATE_SCOPED_MEMORY_LEAK;  // http://crbug.com/314087
   // TODO(erg): The mozilla implementation goes to a lot of callback trouble
@@ -76,13 +76,13 @@ void GlobalMenuBarRegistrarX11::RegisterXID(unsigned long xid) {
   // I don't see any reason why we should care if "RegisterWindow" completes or
   // not.
   g_dbus_proxy_call(registrar_proxy_, "RegisterWindow",
-                    g_variant_new("(uo)", xid, path.c_str()),
+                    g_variant_new("(uo)", window, path.c_str()),
                     G_DBUS_CALL_FLAGS_NONE, -1, nullptr, nullptr, nullptr);
 }
 
-void GlobalMenuBarRegistrarX11::UnregisterXID(unsigned long xid) {
+void GlobalMenuBarRegistrarX11::UnregisterXWindow(x11::Window window) {
   DCHECK(registrar_proxy_);
-  std::string path = electron::GlobalMenuBarX11::GetPathForWindow(xid);
+  std::string path = electron::GlobalMenuBarX11::GetPathForWindow(window);
 
   ANNOTATE_SCOPED_MEMORY_LEAK;  // http://crbug.com/314087
   // TODO(erg): The mozilla implementation goes to a lot of callback trouble
@@ -93,7 +93,7 @@ void GlobalMenuBarRegistrarX11::UnregisterXID(unsigned long xid) {
   // I don't see any reason why we should care if "UnregisterWindow" completes
   // or not.
   g_dbus_proxy_call(registrar_proxy_, "UnregisterWindow",
-                    g_variant_new("(u)", xid), G_DBUS_CALL_FLAGS_NONE, -1,
+                    g_variant_new("(u)", window), G_DBUS_CALL_FLAGS_NONE, -1,
                     nullptr, nullptr, nullptr);
 }
 
@@ -120,10 +120,10 @@ void GlobalMenuBarRegistrarX11::OnProxyCreated(GObject* source,
 
 void GlobalMenuBarRegistrarX11::OnNameOwnerChanged(GObject* /* ignored */,
                                                    GParamSpec* /* ignored */) {
-  // If the name owner changed, we need to reregister all the live xids with
-  // the system.
-  for (std::set<unsigned long>::const_iterator it = live_xids_.begin();
-       it != live_xids_.end(); ++it) {
-    RegisterXID(*it);
+  // If the name owner changed, we need to reregister all the live x11::Window
+  // with the system.
+  for (std::set<x11::Window>::const_iterator it = live_windows_.begin();
+       it != live_windows_.end(); ++it) {
+    RegisterXWindow(*it);
   }
 }

chromium_src/chrome/browser/ui/views/frame/global_menu_bar_registrar_x11.h

@@ -12,19 +12,20 @@
 #include "base/memory/ref_counted.h"
 #include "base/memory/singleton.h"
 #include "ui/base/glib/glib_signal.h"
+#include "ui/gfx/x/xproto.h"
 
 // Advertises our menu bars to Unity.
 //
 // GlobalMenuBarX11 is responsible for managing the DbusmenuServer for each
-// XID. We need a separate object to own the dbus channel to
+// x11::Window. We need a separate object to own the dbus channel to
 // com.canonical.AppMenu.Registrar and to register/unregister the mapping
-// between a XID and the DbusmenuServer instance we are offering.
+// between a x11::Window and the DbusmenuServer instance we are offering.
 class GlobalMenuBarRegistrarX11 {
  public:
   static GlobalMenuBarRegistrarX11* GetInstance();
 
-  void OnWindowMapped(unsigned long xid);
-  void OnWindowUnmapped(unsigned long xid);
+  void OnWindowMapped(x11::Window window);
+  void OnWindowUnmapped(x11::Window window);
 
  private:
   friend struct base::DefaultSingletonTraits<GlobalMenuBarRegistrarX11>;
@@ -33,8 +34,8 @@ class GlobalMenuBarRegistrarX11 {
   ~GlobalMenuBarRegistrarX11();
 
   // Sends the actual message.
-  void RegisterXID(unsigned long xid);
-  void UnregisterXID(unsigned long xid);
+  void RegisterXWindow(x11::Window window);
+  void UnregisterXWindow(x11::Window window);
 
   CHROMEG_CALLBACK_1(GlobalMenuBarRegistrarX11,
                      void,
@@ -49,9 +50,9 @@ class GlobalMenuBarRegistrarX11 {
 
   GDBusProxy* registrar_proxy_;
 
-  // Window XIDs which want to be registered, but haven't yet been because
+  // x11::Window which want to be registered, but haven't yet been because
   // we're waiting for the proxy to become available.
-  std::set<unsigned long> live_xids_;
+  std::set<x11::Window> live_windows_;
 
   DISALLOW_COPY_AND_ASSIGN(GlobalMenuBarRegistrarX11);
 };

default_app/default_app.ts

@@ -1,5 +1,6 @@
 import { app, dialog, BrowserWindow, shell, ipcMain } from 'electron';
 import * as path from 'path';
+import * as url from 'url';
 
 let mainWindow: BrowserWindow | null = null;
 
@@ -29,12 +30,11 @@ function isTrustedSender (webContents: Electron.WebContents) {
     return false;
   }
 
-  const parsedUrl = new URL(webContents.getURL());
-  const urlPath = process.platform === 'win32'
-    // Strip the prefixed "/" that occurs on windows
-    ? path.resolve(parsedUrl.pathname.substr(1))
-    : parsedUrl.pathname;
-  return parsedUrl.protocol === 'file:' && urlPath === indexPath;
+  try {
+    return url.fileURLToPath(webContents.getURL()) === indexPath;
+  } catch {
+    return false;
+  }
 }
 
 ipcMain.handle('bootstrap', (event) => {

docs/api/app.md

@@ -359,7 +359,7 @@ Returns:
 
 Emitted when the GPU process crashes or is killed.
 
-### Event: 'renderer-process-crashed'
+### Event: 'renderer-process-crashed' _Deprecated_
 
 Returns:
 
@@ -369,6 +369,30 @@ Returns:
 
 Emitted when the renderer process of `webContents` crashes or is killed.
 
+**Deprecated:** This event is superceded by the `render-process-gone` event
+which contains more information about why the render process dissapeared. It
+isn't always because it crashed.  The `killed` boolean can be replaced by
+checking `reason === 'killed'` when you switch to that event.
+
+#### Event: 'render-process-gone'
+
+Returns:
+
+* `event` Event
+* `webContents` [WebContents](web-contents.md)
+* `details` Object
+  * `reason` String - The reason the render process is gone.  Possible values:
+    * `clean-exit` - Process exited with an exit code of zero
+    * `abnormal-exit` - Process exited with a non-zero exit code
+    * `killed` - Process was sent a SIGTERM or otherwise killed externally
+    * `crashed` - Process crashed
+    * `oom` - Process ran out of memory
+    * `launch-failure` - Process never successfully launched
+    * `integrity-failure` - Windows code integrity checks failed
+
+Emitted when the renderer process unexpectedly dissapears.  This is normally
+because it was crashed or killed.
+
 ### Event: 'accessibility-support-changed' _macOS_ _Windows_
 
 Returns:
@@ -414,6 +438,8 @@ and `workingDirectory` is its current working directory. Usually
 applications respond to this by making their primary window focused and
 non-minimized.
 
+**Note:** If the second instance is started by a different user than the first, the `argv` array will not include the arguments.
+
 This event is guaranteed to be emitted after the `ready` event of `app`
 gets emitted.
 
@@ -606,8 +632,10 @@ Returns `String` - The current application directory.
   * `music` Directory for a user's music.
   * `pictures` Directory for a user's pictures.
   * `videos` Directory for a user's videos.
+  * `recent` Directory for the user's recent files (Windows only).
   * `logs` Directory for your app's log folder.
   * `pepperFlashSystemPlugin` Full path to the system version of the Pepper Flash plugin.
+  * `crashDumps` Directory where crash dumps are stored.
 
 Returns `String` - A path to a special directory or file associated with `name`. On
 failure, an `Error` is thrown.
@@ -1276,6 +1304,25 @@ app.moveToApplicationsFolder({
 
 Would mean that if an app already exists in the user directory, if the user chooses to 'Continue Move' then the function would continue with its default behavior and the existing app will be trashed and the active app moved into its place.
 
+### `app.isSecureKeyboardEntryEnabled()` _macOS_
+
+Returns `Boolean` - whether `Secure Keyboard Entry` is enabled.
+
+By default this API will return `false`.
+
+### `app.setSecureKeyboardEntryEnabled(enabled)` _macOS_
+
+* `enabled` Boolean - Enable or disable `Secure Keyboard Entry`
+
+Set the `Secure Keyboard Entry` is enabled in your application.
+
+By using this API, important information such as password and other sensitive information can be prevented from being intercepted by other processes.
+
+See [Apple's documentation](https://developer.apple.com/library/archive/technotes/tn2150/_index.html) for more
+details.
+
+**Note:** Enable `Secure Keyboard Entry` only when it is needed and disable it when it is no longer needed.
+
 ## Properties
 
 ### `app.accessibilitySupportEnabled` _macOS_ _Windows_
@@ -1302,6 +1349,9 @@ On macOS, setting this with any nonzero integer shows on the dock icon. On Linux
 **Note:** Unity launcher requires the existence of a `.desktop` file to work,
 for more information please read [Desktop Environment Integration][unity-requirement].
 
+**Note:** On macOS, you need to ensure that your application has the permission
+to display notifications for this property to take effect.
+
 ### `app.commandLine` _Readonly_
 
 A [`CommandLine`](./command-line.md) object that allows you to read and manipulate the
@@ -1353,7 +1403,7 @@ in your app's initialization to ensure that your overridden value is used.
 
 A `Boolean` which when `true` disables the overrides that Electron has in place
 to ensure renderer processes are restarted on every navigation.  The current
-default value for this property is `false`.
+default value for this property is `true`.
 
 The intention is for these overrides to become disabled by default and then at
 some point in the future this property will be removed.  This property impacts

docs/api/browser-window.md

@@ -348,6 +348,9 @@ It creates a new `BrowserWindow` with native properties as set by the `options`.
       You can access this context in the dev tools by selecting the
       'Electron Isolated Context' entry in the combo box at the top of the
       Console tab.
+    * `worldSafeExecuteJavaScript` Boolean (optional) - If true, values returned from `webFrame.executeJavaScript` will be sanitized to ensure JS values
+      can't unsafely cross between worlds when using `contextIsolation`.  The default
+      is `false`. In Electron 12, the default will be changed to `true`. _Deprecated_
     * `nativeWindowOpen` Boolean (optional) - Whether to use native
       `window.open()`. Defaults to `false`. Child windows will always have node
       integration disabled unless `nodeIntegrationInSubFrames` is true. **Note:** This option is currently
@@ -385,6 +388,15 @@ It creates a new `BrowserWindow` with native properties as set by the `options`.
       visible to users.
     * `spellcheck` Boolean (optional) - Whether to enable the builtin spellchecker.
       Default is `true`.
+    * `enableWebSQL` Boolean (optional) - Whether to enable the [WebSQL api](https://www.w3.org/TR/webdatabase/).
+      Default is `true`.
+    * `v8CacheOptions` String (optional) - Enforces the v8 code caching policy
+      used by blink. Accepted values are
+      * `none` - Disables code caching
+      * `code` - Heuristic based code caching
+      * `bypassHeatCheck` - Bypass code caching heuristics but with lazy compilation
+      * `bypassHeatCheckAndEagerCompile` - Same as above except compilation is eager.
+      Default policy is `code`.
 
 When setting minimum or maximum window size with `minWidth`/`maxWidth`/
 `minHeight`/`maxHeight`, it only constrains the users. It won't prevent you from
@@ -623,6 +635,12 @@ Returns:
 
 Emitted on 3-finger swipe. Possible directions are `up`, `right`, `down`, `left`.
 
+The method underlying this event is built to handle older macOS-style trackpad swiping,
+where the content on the screen doesn't move with the swipe. Most macOS trackpads are not
+configured to allow this kind of swiping anymore, so in order for it to emit properly the
+'Swipe between pages' preference in `System Preferences > Trackpad > More Gestures` must be
+set to 'Swipe with two or three fingers'.
+
 #### Event: 'rotate-gesture' _macOS_
 
 Returns:
@@ -801,6 +819,10 @@ hide it immediately.
 
 A `Boolean` property that determines whether the window is in simple (pre-Lion) fullscreen mode.
 
+#### `win.fullScreen`
+
+A `Boolean` property that determines whether the window is in fullscreen mode.
+
 #### `win.visibleOnAllWorkspaces`
 
 A `Boolean` property that determines whether the window is visible on all workspaces.
@@ -1104,7 +1126,7 @@ Disable or enable the window.
 
 #### `win.isEnabled()`
 
-Returns Boolean - whether the window is enabled.
+Returns `Boolean` - whether the window is enabled.
 
 #### `win.setSize(width, height[, animate])`
 

docs/api/command-line-switches.md

@@ -36,6 +36,10 @@ for integrated authentication. Without `*` prefix the URL has to match exactly.
 A comma-separated list of servers for which delegation of user credentials is required.
 Without `*` prefix the URL has to match exactly.
 
+### --disable-ntlm-v2
+
+Disables NTLM v2 for posix platforms, no effect elsewhere.
+
 ### --disable-http-cache
 
 Disables the disk cache for HTTP requests.

docs/api/crash-reporter.md

@@ -4,18 +4,13 @@
 
 Process: [Main](../glossary.md#main-process), [Renderer](../glossary.md#renderer-process)
 
-The following is an example of automatically submitting a crash report to a
-remote server:
+The following is an example of setting up Electron to automatically submit
+crash reports to a remote server:
 
 ```javascript
 const { crashReporter } = require('electron')
 
-crashReporter.start({
-  productName: 'YourName',
-  companyName: 'YourCompany',
-  submitURL: 'https://your-domain.com/url-to-submit',
-  uploadToServer: true
-})
+crashReporter.start({ submitURL: 'https://your-domain.com/url-to-submit' })
 ```
 
 For setting up a server to accept and process crash reports, you can use
@@ -30,11 +25,19 @@ Or use a 3rd party hosted solution:
 * [Sentry](https://docs.sentry.io/clients/electron)
 * [BugSplat](https://www.bugsplat.com/docs/platforms/electron)
 
-Crash reports are saved locally in an application-specific temp directory folder.
-For a `productName` of `YourName`, crash reports will be stored in a folder
-named `YourName Crashes` inside the temp directory. You can customize this temp
-directory location for your app by calling the `app.setPath('temp', '/my/custom/temp')`
-API before starting the crash reporter.
+Crash reports are stored temporarily before being uploaded in a directory
+underneath the app's user data directory (called 'Crashpad' on Windows and Mac,
+or 'Crash Reports' on Linux). You can override this directory by calling
+`app.setPath('crashDumps', '/path/to/crashes')` before starting the crash
+reporter.
+
+On Windows and macOS, Electron uses
+[crashpad](https://chromium.googlesource.com/crashpad/crashpad/+/master/README.md)
+to monitor and report crashes. On Linux, Electron uses
+[breakpad](https://chromium.googlesource.com/breakpad/breakpad/+/master/). This
+is an implementation detail driven by Chromium, and it may change in future. In
+particular, crashpad is newer and will likely eventually replace breakpad on
+all platforms.
 
 ## Methods
 
@@ -43,40 +46,67 @@ The `crashReporter` module has the following methods:
 ### `crashReporter.start(options)`
 
 * `options` Object
-  * `companyName` String
   * `submitURL` String - URL that crash reports will be sent to as POST.
   * `productName` String (optional) - Defaults to `app.name`.
-  * `uploadToServer` Boolean (optional) - Whether crash reports should be sent to the server. Default is `true`.
-  * `ignoreSystemCrashHandler` Boolean (optional) - Default is `false`.
-  * `extra` Record<String, String> (optional) - An object you can define that will be sent along with the
-    report. Only string properties are sent correctly. Nested objects are not
-    supported. When using Windows, the property names and values must be fewer than 64 characters.
-  * `crashesDirectory` String (optional) - Directory to store the crash reports temporarily (only used when the crash reporter is started via `process.crashReporter.start`).
+  * `companyName` String (optional) _Deprecated_ - Deprecated alias for
+    `{ globalExtra: { _companyName: ... } }`.
+  * `uploadToServer` Boolean (optional) - Whether crash reports should be sent
+    to the server. If false, crash reports will be collected and stored in the
+    crashes directory, but not uploaded. Default is `true`.
+  * `ignoreSystemCrashHandler` Boolean (optional) - If true, crashes generated
+    in the main process will not be forwarded to the system crash handler.
+    Default is `false`.
+  * `rateLimit` Boolean (optional) _macOS_ _Windows_ - If true, limit the
+    number of crashes uploaded to 1/hour. Default is `false`.
+  * `compress` Boolean (optional) - If true, crash reports will be compressed
+    and uploaded with `Content-Encoding: gzip`. Default is `false`.
+  * `extra` Record<String, String> (optional) - Extra string key/value
+    annotations that will be sent along with crash reports that are generated
+    in the main process. Only string values are supported. Crashes generated in
+    child processes will not contain these extra
+    parameters to crash reports generated from child processes, call
+    [`addExtraParameter`](#crashreporteraddextraparameterkey-value) from the
+    child process.
+  * `globalExtra` Record<String, String> (optional) - Extra string key/value
+    annotations that will be sent along with any crash reports generated in any
+    process. These annotations cannot be changed once the crash reporter has
+    been started. If a key is present in both the global extra parameters and
+    the process-specific extra parameters, then the global one will take
+    precedence. By default, `productName` and the app version are included, as
+    well as the Electron version.
 
-You are required to call this method before using any other `crashReporter` APIs
-and in each process (main/renderer) from which you want to collect crash reports.
-You can pass different options to `crashReporter.start` when calling from different processes.
+This method must be called before using any other `crashReporter` APIs. Once
+initialized this way, the crashpad handler collects crashes from all
+subsequently created processes. The crash reporter cannot be disabled once
+started.
 
-**Note** Child processes created via the `child_process` module will not have access to the Electron modules.
-Therefore, to collect crash reports from them, use `process.crashReporter.start` instead. Pass the same options as above
-along with an additional one called `crashesDirectory` that should point to a directory to store the crash
-reports temporarily. You can test this out by calling `process.crash()` to crash the child process.
+This method should be called as early as possible in app startup, preferably
+before `app.on('ready')`. If the crash reporter is not initialized at the time
+a renderer process is created, then that renderer process will not be monitored
+by the crash reporter.
 
-**Note:** If you need send additional/updated `extra` parameters after your
-first call `start` you can call `addExtraParameter` on macOS or call `start`
-again with the new/updated `extra` parameters on Linux and Windows.
+**Note:** You can test out the crash reporter by generating a crash using
+`process.crash()`.
 
-**Note:** On macOS and windows, Electron uses a new `crashpad` client for crash collection and reporting.
-If you want to enable crash reporting, initializing `crashpad` from the main process using `crashReporter.start` is required
-regardless of which process you want to collect crashes from. Once initialized this way, the crashpad handler collects
-crashes from all processes. You still have to call `crashReporter.start` from the renderer or child process, otherwise crashes from
-them will get reported without `companyName`, `productName` or any of the `extra` information.
+**Note:** If you need to send additional/updated `extra` parameters after your
+first call `start` you can call `addExtraParameter`.
+
+**Note:** Parameters passed in `extra`, `globalExtra` or set with
+`addExtraParameter` have limits on the length of the keys and values. Key names
+must be at most 39 bytes long, and values must be no longer than 127 bytes.
+Keys with names longer than the maximum will be silently ignored. Key values
+longer than the maximum length will be truncated.
+
+**Note:** Calling this method from the renderer process is deprecated.
 
 ### `crashReporter.getLastCrashReport()`
 
-Returns [`CrashReport`](structures/crash-report.md):
+Returns [`CrashReport`](structures/crash-report.md) - The date and ID of the
+last crash report. Only crash reports that have been uploaded will be returned;
+even if a crash report is present on disk it will not be returned until it is
+uploaded. In the case that there are no uploaded reports, `null` is returned.
 
-Returns the date and ID of the last crash report. Only crash reports that have been uploaded will be returned; even if a crash report is present on disk it will not be returned until it is uploaded. In the case that there are no uploaded reports, `null` is returned.
+**Note:** Calling this method from the renderer process is deprecated.
 
 ### `crashReporter.getUploadedReports()`
 
@@ -85,43 +115,61 @@ Returns [`CrashReport[]`](structures/crash-report.md):
 Returns all uploaded crash reports. Each report contains the date and uploaded
 ID.
 
+**Note:** Calling this method from the renderer process is deprecated.
+
 ### `crashReporter.getUploadToServer()`
 
 Returns `Boolean` - Whether reports should be submitted to the server. Set through
 the `start` method or `setUploadToServer`.
 
-**Note:** This API can only be called from the main process.
+**Note:** Calling this method from the renderer process is deprecated.
 
 ### `crashReporter.setUploadToServer(uploadToServer)`
 
-* `uploadToServer` Boolean _macOS_ - Whether reports should be submitted to the server.
+* `uploadToServer` Boolean - Whether reports should be submitted to the server.
 
 This would normally be controlled by user preferences. This has no effect if
 called before `start` is called.
 
-**Note:** This API can only be called from the main process.
+**Note:** Calling this method from the renderer process is deprecated.
 
-### `crashReporter.addExtraParameter(key, value)` _macOS_ _Windows_
+### `crashReporter.getCrashesDirectory()` _Deprecated_
 
-* `key` String - Parameter key, must be less than 64 characters long.
-* `value` String - Parameter value, must be less than 64 characters long.
+Returns `String` - The directory where crashes are temporarily stored before being uploaded.
 
-Set an extra parameter to be sent with the crash report. The values
-specified here will be sent in addition to any values set via the `extra` option when `start` was called. This API is only available on macOS and windows, if you need to add/update extra parameters on Linux after your first call to `start` you can call `start` again with the updated `extra` options.
+**Note:** This method is deprecated, use `app.getPath('crashDumps')` instead.
 
-### `crashReporter.removeExtraParameter(key)` _macOS_ _Windows_
+### `crashReporter.addExtraParameter(key, value)`
 
-* `key` String - Parameter key, must be less than 64 characters long.
+* `key` String - Parameter key, must be no longer than 39 bytes.
+* `value` String - Parameter value, must be no longer than 127 bytes.
 
-Remove a extra parameter from the current set of parameters so that it will not be sent with the crash report.
+Set an extra parameter to be sent with the crash report. The values specified
+here will be sent in addition to any values set via the `extra` option when
+`start` was called.
+
+Parameters added in this fashion (or via the `extra` parameter to
+`crashReporter.start`) are specific to the calling process. Adding extra
+parameters in the main process will not cause those parameters to be sent along
+with crashes from renderer or other child processes. Similarly, adding extra
+parameters in a renderer process will not result in those parameters being sent
+with crashes that occur in other renderer processes or in the main process.
+
+**Note:** Parameters have limits on the length of the keys and values. Key
+names must be no longer than 39 bytes, and values must be no longer than 127
+bytes. Keys with names longer than the maximum will be silently ignored. Key
+values longer than the maximum length will be truncated.
+
+### `crashReporter.removeExtraParameter(key)`
+
+* `key` String - Parameter key, must be no longer than 39 bytes.
+
+Remove a extra parameter from the current set of parameters. Future crashes
+will not include this parameter.
 
 ### `crashReporter.getParameters()`
 
-See all of the current parameters being passed to the crash reporter.
-
-### `crashReporter.getCrashesDirectory()`
-
-Returns `String` - The directory where crashes are temporarily stored before being uploaded.
+Returns `Record<String, String>` - The current 'extra' parameters of the crash reporter.
 
 ## Crash Report Payload
 

docs/api/debugger.md

@@ -52,6 +52,8 @@ Returns:
 * `method` String - Method name.
 * `params` any - Event parameters defined by the 'parameters'
    attribute in the remote debugging protocol.
+* `sessionId` String - Unique identifier of attached debugging session,
+   will match the value sent from `debugger.sendCommand`.
 
 Emitted whenever the debugging target issues an instrumentation event.
 
@@ -74,11 +76,16 @@ Returns `Boolean` - Whether a debugger is attached to the `webContents`.
 
 Detaches the debugger from the `webContents`.
 
-#### `debugger.sendCommand(method[, commandParams])`
+#### `debugger.sendCommand(method[, commandParams, sessionId])`
 
 * `method` String - Method name, should be one of the methods defined by the
    [remote debugging protocol][rdp].
 * `commandParams` any (optional) - JSON object with request parameters.
+* `sessionId` String (optional) - send command to the target with associated
+   debugging session id. The initial value can be obtained by sending
+   [Target.attachToTarget][attachToTarget] message.
+
+[attachToTarget]: https://chromedevtools.github.io/devtools-protocol/tot/Target/#method-attachToTarget
 
 Returns `Promise<any>` - A promise that resolves with the response defined by
 the 'returns' attribute of the command description in the remote debugging protocol

docs/api/desktop-capturer.md

@@ -3,7 +3,7 @@
 > Access information about media sources that can be used to capture audio and
 > video from the desktop using the [`navigator.mediaDevices.getUserMedia`] API.
 
-Process: [Renderer](../glossary.md#renderer-process)
+Process: [Main](../glossary.md#main-process), [Renderer](../glossary.md#renderer-process)
 
 The following example shows how to capture video from a desktop window whose
 title is `Electron`:

docs/api/dialog.md

@@ -269,6 +269,7 @@ Shows a message box, it will block the process until the message box is closed.
 It returns the index of the clicked button.
 
 The `browserWindow` argument allows the dialog to attach itself to a parent window, making it modal.
+If `browserWindow` is not shown dialog will not be attached to it. In such case It will be displayed as independed window.
 
 ### `dialog.showMessageBox([browserWindow, ]options)`
 

docs/api/environment-variables.md

@@ -147,3 +147,14 @@ the one downloaded by `npm install`. Usage:
 ```sh
 export ELECTRON_OVERRIDE_DIST_PATH=/Users/username/projects/electron/out/Testing
 ```
+
+## Set By Electron
+
+Electron sets some variables in your environment at runtime.
+
+### `ORIGINAL_XDG_CURRENT_DESKTOP`
+
+This variable is set to the value of `XDG_CURRENT_DESKTOP` that your application
+originally launched with.  Electron sometimes modifies the value of `XDG_CURRENT_DESKTOP`
+to affect other logic within Chromium so if you want access to the _original_ value
+you should look up this environment variable instead.

docs/api/menu-item.md

@@ -12,9 +12,9 @@ See [`Menu`](menu.md) for examples.
   * `click` Function (optional) - Will be called with
     `click(menuItem, browserWindow, event)` when the menu item is clicked.
     * `menuItem` MenuItem
-    * `browserWindow` [BrowserWindow](browser-window.md)
+    * `browserWindow` [BrowserWindow](browser-window.md) | undefined - This will not be defined if no window is open.
     * `event` [KeyboardEvent](structures/keyboard-event.md)
-  * `role` String (optional) - Can be `undo`, `redo`, `cut`, `copy`, `paste`, `pasteAndMatchStyle`, `delete`, `selectAll`, `reload`, `forceReload`, `toggleDevTools`, `resetZoom`, `zoomIn`, `zoomOut`, `togglefullscreen`, `window`, `minimize`, `close`, `help`, `about`, `services`, `hide`, `hideOthers`, `unhide`, `quit`, `startSpeaking`, `stopSpeaking`, `minimize`, `zoom`, `front`, `appMenu`, `fileMenu`, `editMenu`, `viewMenu`, `recentDocuments`, `toggleTabBar`, `selectNextTab`, `selectPreviousTab`, `mergeAllWindows`, `clearRecentDocuments`, `moveTabToNewWindow` or `windowMenu` - Define the action of the menu item, when specified the
+  * `role` String (optional) - Can be `undo`, `redo`, `cut`, `copy`, `paste`, `pasteAndMatchStyle`, `delete`, `selectAll`, `reload`, `forceReload`, `toggleDevTools`, `resetZoom`, `zoomIn`, `zoomOut`, `togglefullscreen`, `window`, `minimize`, `close`, `help`, `about`, `services`, `hide`, `hideOthers`, `unhide`, `quit`, `startSpeaking`, `stopSpeaking`, `zoom`, `front`, `appMenu`, `fileMenu`, `editMenu`, `viewMenu`, `recentDocuments`, `toggleTabBar`, `selectNextTab`, `selectPreviousTab`, `mergeAllWindows`, `clearRecentDocuments`, `moveTabToNewWindow` or `windowMenu` - Define the action of the menu item, when specified the
     `click` property will be ignored. See [roles](#roles).
   * `type` String (optional) - Can be `normal`, `separator`, `submenu`, `checkbox` or
     `radio`.
@@ -69,6 +69,7 @@ a `type`.
 The `role` property can have following values:
 
 * `undo`
+* `about` - Trigger a native about panel (custom message box on Window, which does not provide its own).
 * `redo`
 * `cut`
 * `copy`
@@ -94,7 +95,6 @@ The `role` property can have following values:
 The following additional roles are available on _macOS_:
 
 * `appMenu` - Whole default "App" menu (About, Services, etc.)
-* `about` - Map to the `orderFrontStandardAboutPanel` action.
 * `hide` - Map to the `hide` action.
 * `hideOthers` - Map to the `hideOtherApplications` action.
 * `unhide` - Map to the `unhideAllApplications` action.
@@ -151,7 +151,7 @@ A `String` indicating the type of the item. Can be `normal`, `separator`, `subme
 
 #### `menuItem.role`
 
-A `String` (optional) indicating the item's role, if set. Can be `undo`, `redo`, `cut`, `copy`, `paste`, `pasteAndMatchStyle`, `delete`, `selectAll`, `reload`, `forceReload`, `toggleDevTools`, `resetZoom`, `zoomIn`, `zoomOut`, `togglefullscreen`, `window`, `minimize`, `close`, `help`, `about`, `services`, `hide`, `hideOthers`, `unhide`, `quit`, `startSpeaking`, `stopSpeaking`, `close`, `minimize`, `zoom`, `front`, `appMenu`, `fileMenu`, `editMenu`, `viewMenu`, `recentDocuments`, `toggleTabBar`, `selectNextTab`, `selectPreviousTab`, `mergeAllWindows`, `clearRecentDocuments`, `moveTabToNewWindow` or `windowMenu`
+A `String` (optional) indicating the item's role, if set. Can be `undo`, `redo`, `cut`, `copy`, `paste`, `pasteAndMatchStyle`, `delete`, `selectAll`, `reload`, `forceReload`, `toggleDevTools`, `resetZoom`, `zoomIn`, `zoomOut`, `togglefullscreen`, `window`, `minimize`, `close`, `help`, `about`, `services`, `hide`, `hideOthers`, `unhide`, `quit`, `startSpeaking`, `stopSpeaking`, `zoom`, `front`, `appMenu`, `fileMenu`, `editMenu`, `viewMenu`, `recentDocuments`, `toggleTabBar`, `selectNextTab`, `selectPreviousTab`, `mergeAllWindows`, `clearRecentDocuments`, `moveTabToNewWindow` or `windowMenu`
 
 #### `menuItem.accelerator`
 

docs/api/modernization/property-updates.md

@@ -34,6 +34,7 @@ The Electron team is currently undergoing an initiative to convert separate gett
   * `fullscreenable`
   * `movable`
   * `closable`
+  * `backgroundThrottling`
 * `NativeImage`
   * `isMacTemplateImage`
 * `SystemPreferences` module

docs/api/native-image.md

@@ -266,9 +266,13 @@ image instead of a copy, so you _must_ ensure that the associated
 
 Returns `Boolean` - Whether the image is empty.
 
-#### `image.getSize()`
+#### `image.getSize([scaleFactor])`
 
-Returns [`Size`](structures/size.md)
+* `scaleFactor` Double (optional) - Defaults to 1.0.
+
+Returns [`Size`](structures/size.md).
+
+If `scaleFactor` is passed, this will return the size corresponding to the image representation most closely matching the passed value.
 
 #### `image.setTemplateImage(option)`
 
@@ -303,10 +307,18 @@ Returns `NativeImage` - The resized image.
 If only the `height` or the `width` are specified then the current aspect ratio
 will be preserved in the resized image.
 
-#### `image.getAspectRatio()`
+#### `image.getAspectRatio([scaleFactor])`
+
+* `scaleFactor` Double (optional) - Defaults to 1.0.
 
 Returns `Float` - The image's aspect ratio.
 
+If `scaleFactor` is passed, this will return the aspect ratio corresponding to the image representation most closely matching the passed value.
+
+#### `image.getScaleFactors()`
+
+Returns `Float[]` - An array of all scale factors corresponding to representations for a given nativeImage.
+
 #### `image.addRepresentation(options)`
 
 * `options` Object

docs/api/power-monitor.md

@@ -8,11 +8,11 @@ Process: [Main](../glossary.md#main-process)
 
 The `powerMonitor` module emits the following events:
 
-### Event: 'suspend'
+### Event: 'suspend' _Linux_ _Windows_
 
 Emitted when the system is suspending.
 
-### Event: 'resume'
+### Event: 'resume' _Linux_ _Windows_
 
 Emitted when system is resuming.
 

docs/api/protocol-ns.md

@@ -1,309 +0,0 @@
-# protocol (NetworkService) (Draft)
-
-This document describes the new protocol APIs based on the [NetworkService](https://www.chromium.org/servicification).
-
-We don't currently have an estimate of when we will enable the `NetworkService` by
-default in Electron, but as Chromium is already removing non-`NetworkService`
-code, we will probably switch before Electron 10.
-
-The content of this document should be moved to `protocol.md` after we have
-enabled the `NetworkService` by default in Electron.
-
-> Register a custom protocol and intercept existing protocol requests.
-
-Process: [Main](../glossary.md#main-process)
-
-An example of implementing a protocol that has the same effect as the
-`file://` protocol:
-
-```javascript
-const { app, protocol } = require('electron')
-const path = require('path')
-
-app.whenReady().then(() => {
-  protocol.registerFileProtocol('atom', (request, callback) => {
-    const url = request.url.substr(7)
-    callback({ path: path.normalize(`${__dirname}/${url}`) })
-  })
-})
-```
-
-**Note:** All methods unless specified can only be used after the `ready` event
-of the `app` module gets emitted.
-
-## Using `protocol` with a custom `partition` or `session`
-
-A protocol is registered to a specific Electron [`session`](./session.md)
-object. If you don't specify a session, then your `protocol` will be applied to
-the default session that Electron uses. However, if you define a `partition` or
-`session` on your `browserWindow`'s `webPreferences`, then that window will use
-a different session and your custom protocol will not work if you just use
-`electron.protocol.XXX`.
-
-To have your custom protocol work in combination with a custom session, you need
-to register it to that session explicitly.
-
-```javascript
-const { session, app, protocol } = require('electron')
-const path = require('path')
-
-app.whenReady().then(() => {
-  const partition = 'persist:example'
-  const ses = session.fromPartition(partition)
-
-  ses.protocol.registerFileProtocol('atom', (request, callback) => {
-    const url = request.url.substr(7)
-    callback({ path: path.normalize(`${__dirname}/${url}`) })
-  })
-
-  mainWindow = new BrowserWindow({ webPreferences: { partition } })
-})
-```
-
-## Methods
-
-The `protocol` module has the following methods:
-
-### `protocol.registerSchemesAsPrivileged(customSchemes)`
-
-* `customSchemes` [CustomScheme[]](structures/custom-scheme.md)
-
-**Note:** This method can only be used before the `ready` event of the `app`
-module gets emitted and can be called only once.
-
-Registers the `scheme` as standard, secure, bypasses content security policy for
-resources, allows registering ServiceWorker and supports fetch API. Specify a
-privilege with the value of `true` to enable the capability.
-
-An example of registering a privileged scheme, that bypasses Content Security
-Policy:
-
-```javascript
-const { protocol } = require('electron')
-protocol.registerSchemesAsPrivileged([
-  { scheme: 'foo', privileges: { bypassCSP: true } }
-])
-```
-
-A standard scheme adheres to what RFC 3986 calls [generic URI
-syntax](https://tools.ietf.org/html/rfc3986#section-3). For example `http` and
-`https` are standard schemes, while `file` is not.
-
-Registering a scheme as standard allows relative and absolute resources to
-be resolved correctly when served. Otherwise the scheme will behave like the
-`file` protocol, but without the ability to resolve relative URLs.
-
-For example when you load following page with custom protocol without
-registering it as standard scheme, the image will not be loaded because
-non-standard schemes can not recognize relative URLs:
-
-```html
-<body>
-  <img src='test.png'>
-</body>
-```
-
-Registering a scheme as standard will allow access to files through the
-[FileSystem API][file-system-api]. Otherwise the renderer will throw a security
-error for the scheme.
-
-By default web storage apis (localStorage, sessionStorage, webSQL, indexedDB,
-cookies) are disabled for non standard schemes. So in general if you want to
-register a custom protocol to replace the `http` protocol, you have to register
-it as a standard scheme.
-
-### `protocol.registerFileProtocol(scheme, handler)`
-
-* `scheme` String
-* `handler` Function
-  * `request` ProtocolRequest
-  * `callback` Function
-    * `response` (String | [ProtocolResponse](structures/protocol-response.md))
-
-Registers a protocol of `scheme` that will send a file as the response. The
-`handler` will be called with `request` and `callback` where `request` is
-an incoming request for the `scheme`.
-
-To handle the `request`, the `callback` should be called with either the file's
-path or an object that has a `path` property, e.g. `callback(filePath)` or
-`callback({ path: filePath })`. The `filePath` must be an absolute path.
-
-By default the `scheme` is treated like `http:`, which is parsed differently
-from protocols that follow the "generic URI syntax" like `file:`.
-
-### `protocol.registerBufferProtocol(scheme, handler)`
-
-* `scheme` String
-* `handler` Function
-  * `request` ProtocolRequest
-  * `callback` Function
-    * `response` (Buffer | [ProtocolResponse](structures/protocol-response.md))
-
-Registers a protocol of `scheme` that will send a `Buffer` as a response.
-
-The usage is the same with `registerFileProtocol`, except that the `callback`
-should be called with either a `Buffer` object or an object that has the `data`
-property.
-
-Example:
-
-```javascript
-protocol.registerBufferProtocol('atom', (request, callback) => {
-  callback({ mimeType: 'text/html', data: Buffer.from('<h5>Response</h5>') })
-})
-```
-
-### `protocol.registerStringProtocol(scheme, handler)`
-
-* `scheme` String
-* `handler` Function
-  * `request` ProtocolRequest
-  * `callback` Function
-    * `response` (String | [ProtocolResponse](structures/protocol-response.md))
-
-Registers a protocol of `scheme` that will send a `String` as a response.
-
-The usage is the same with `registerFileProtocol`, except that the `callback`
-should be called with either a `String` or an object that has the `data`
-property.
-
-### `protocol.registerHttpProtocol(scheme, handler)`
-
-* `scheme` String
-* `handler` Function
-  * `request` ProtocolRequest
-  * `callback` Function
-    * `response` ProtocolResponse
-
-Registers a protocol of `scheme` that will send an HTTP request as a response.
-
-The usage is the same with `registerFileProtocol`, except that the `callback`
-should be called with an object that has the `url` property.
-
-### `protocol.registerStreamProtocol(scheme, handler)`
-
-* `scheme` String
-* `handler` Function
-  * `request` ProtocolRequest
-  * `callback` Function
-    * `response` (ReadableStream | [ProtocolResponse](structures/protocol-response.md))
-
-Registers a protocol of `scheme` that will send a stream as a response.
-
-The usage is the same with `registerFileProtocol`, except that the
-`callback` should be called with either a [`ReadableStream`](https://nodejs.org/api/stream.html#stream_class_stream_readable) object or an object that
-has the `data` property.
-
-Example:
-
-```javascript
-const { protocol } = require('electron')
-const { PassThrough } = require('stream')
-
-function createStream (text) {
-  const rv = new PassThrough() // PassThrough is also a Readable stream
-  rv.push(text)
-  rv.push(null)
-  return rv
-}
-
-protocol.registerStreamProtocol('atom', (request, callback) => {
-  callback({
-    statusCode: 200,
-    headers: {
-      'content-type': 'text/html'
-    },
-    data: createStream('<h5>Response</h5>')
-  })
-})
-```
-
-It is possible to pass any object that implements the readable stream API (emits
-`data`/`end`/`error` events). For example, here's how a file could be returned:
-
-```javascript
-protocol.registerStreamProtocol('atom', (request, callback) => {
-  callback(fs.createReadStream('index.html'))
-})
-```
-
-### `protocol.unregisterProtocol(scheme)`
-
-* `scheme` String
-
-Unregisters the custom protocol of `scheme`.
-
-### `protocol.isProtocolRegistered(scheme)`
-
-* `scheme` String
-
-Returns `Boolean` - Whether `scheme` is already registered.
-
-### `protocol.interceptFileProtocol(scheme, handler)`
-
-* `scheme` String
-* `handler` Function
-  * `request` ProtocolRequest
-  * `callback` Function
-    * `response` (String | [ProtocolResponse](structures/protocol-response.md))
-
-Intercepts `scheme` protocol and uses `handler` as the protocol's new handler
-which sends a file as a response.
-
-### `protocol.interceptStringProtocol(scheme, handler)`
-
-* `scheme` String
-* `handler` Function
-  * `request` ProtocolRequest
-  * `callback` Function
-    * `response` (String | [ProtocolResponse](structures/protocol-response.md))
-
-Intercepts `scheme` protocol and uses `handler` as the protocol's new handler
-which sends a `String` as a response.
-
-### `protocol.interceptBufferProtocol(scheme, handler)`
-
-* `scheme` String
-* `handler` Function
-  * `request` ProtocolRequest
-  * `callback` Function
-    * `response` (Buffer | [ProtocolResponse](structures/protocol-response.md))
-
-Intercepts `scheme` protocol and uses `handler` as the protocol's new handler
-which sends a `Buffer` as a response.
-
-### `protocol.interceptHttpProtocol(scheme, handler)`
-
-* `scheme` String
-* `handler` Function
-  * `request` ProtocolRequest
-  * `callback` Function
-    * `response` ProtocolResponse
-
-Intercepts `scheme` protocol and uses `handler` as the protocol's new handler
-which sends a new HTTP request as a response.
-
-### `protocol.interceptStreamProtocol(scheme, handler)`
-
-* `scheme` String
-* `handler` Function
-  * `request` ProtocolRequest
-  * `callback` Function
-    * `response` (ReadableStream | [ProtocolResponse](structures/protocol-response.md))
-
-Same as `protocol.registerStreamProtocol`, except that it replaces an existing
-protocol handler.
-
-### `protocol.uninterceptProtocol(scheme)`
-
-* `scheme` String
-
-Remove the interceptor installed for `scheme` and restore its original handler.
-
-### `protocol.isProtocolIntercepted(scheme)`
-
-* `scheme` String
-
-Returns `Boolean` - Whether `scheme` is already intercepted.
-
-[file-system-api]: https://developer.mozilla.org/en-US/docs/Web/API/LocalFileSystem

docs/api/protocol.md

@@ -15,8 +15,6 @@ app.whenReady().then(() => {
   protocol.registerFileProtocol('atom', (request, callback) => {
     const url = request.url.substr(7)
     callback({ path: path.normalize(`${__dirname}/${url}`) })
-  }, (error) => {
-    if (error) console.error('Failed to register protocol')
   })
 })
 ```
@@ -26,9 +24,15 @@ of the `app` module gets emitted.
 
 ## Using `protocol` with a custom `partition` or `session`
 
-A protocol is registered to a specific Electron [`session`](./session.md) object. If you don't specify a session, then your `protocol` will be applied to the default session that Electron uses. However, if you define a `partition` or `session` on your `browserWindow`'s `webPreferences`, then that window will use a different session and your custom protocol will not work if you just use `electron.protocol.XXX`.
+A protocol is registered to a specific Electron [`session`](./session.md)
+object. If you don't specify a session, then your `protocol` will be applied to
+the default session that Electron uses. However, if you define a `partition` or
+`session` on your `browserWindow`'s `webPreferences`, then that window will use
+a different session and your custom protocol will not work if you just use
+`electron.protocol.XXX`.
 
-To have your custom protocol work in combination with a custom session, you need to register it to that session explicitly.
+To have your custom protocol work in combination with a custom session, you need
+to register it to that session explicitly.
 
 ```javascript
 const { session, app, protocol } = require('electron')
@@ -41,17 +45,9 @@ app.whenReady().then(() => {
   ses.protocol.registerFileProtocol('atom', (request, callback) => {
     const url = request.url.substr(7)
     callback({ path: path.normalize(`${__dirname}/${url}`) })
-  }, (error) => {
-    if (error) console.error('Failed to register protocol')
   })
 
-  mainWindow = new BrowserWindow({
-    width: 800,
-    height: 600,
-    webPreferences: {
-      partition: partition
-    }
-  })
+  mainWindow = new BrowserWindow({ webPreferences: { partition } })
 })
 ```
 
@@ -63,15 +59,15 @@ The `protocol` module has the following methods:
 
 * `customSchemes` [CustomScheme[]](structures/custom-scheme.md)
 
-
 **Note:** This method can only be used before the `ready` event of the `app`
 module gets emitted and can be called only once.
 
-Registers the `scheme` as standard, secure, bypasses content security policy for resources,
-allows registering ServiceWorker and supports fetch API.
+Registers the `scheme` as standard, secure, bypasses content security policy for
+resources, allows registering ServiceWorker and supports fetch API. Specify a
+privilege with the value of `true` to enable the capability.
 
-Specify a privilege with the value of `true` to enable the capability.
-An example of registering a privileged scheme, with bypassing Content Security Policy:
+An example of registering a privileged scheme, that bypasses Content Security
+Policy:
 
 ```javascript
 const { protocol } = require('electron')
@@ -84,7 +80,7 @@ A standard scheme adheres to what RFC 3986 calls [generic URI
 syntax](https://tools.ietf.org/html/rfc3986#section-3). For example `http` and
 `https` are standard schemes, while `file` is not.
 
-Registering a scheme as standard, will allow relative and absolute resources to
+Registering a scheme as standard allows relative and absolute resources to
 be resolved correctly when served. Otherwise the scheme will behave like the
 `file` protocol, but without the ability to resolve relative URLs.
 
@@ -102,168 +98,102 @@ Registering a scheme as standard will allow access to files through the
 [FileSystem API][file-system-api]. Otherwise the renderer will throw a security
 error for the scheme.
 
-By default web storage apis (localStorage, sessionStorage, webSQL, indexedDB, cookies)
-are disabled for non standard schemes. So in general if you want to register a
-custom protocol to replace the `http` protocol, you have to register it as a standard scheme.
+By default web storage apis (localStorage, sessionStorage, webSQL, indexedDB,
+cookies) are disabled for non standard schemes. So in general if you want to
+register a custom protocol to replace the `http` protocol, you have to register
+it as a standard scheme.
 
-`protocol.registerSchemesAsPrivileged` can be used to replicate the functionality of the previous `protocol.registerStandardSchemes`, `webFrame.registerURLSchemeAs*` and `protocol.registerServiceWorkerSchemes` functions that existed prior to Electron 5.0.0, for example:
-
-**before (<= v4.x)**
-```javascript
-// Main
-protocol.registerStandardSchemes(['scheme1', 'scheme2'], { secure: true })
-// Renderer
-webFrame.registerURLSchemeAsPrivileged('scheme1', { secure: true })
-webFrame.registerURLSchemeAsPrivileged('scheme2', { secure: true })
-```
-
-**after (>= v5.x)**
-```javascript
-protocol.registerSchemesAsPrivileged([
-  { scheme: 'scheme1', privileges: { standard: true, secure: true } },
-  { scheme: 'scheme2', privileges: { standard: true, secure: true } }
-])
-```
-
-### `protocol.registerFileProtocol(scheme, handler[, completion])`
+### `protocol.registerFileProtocol(scheme, handler)`
 
 * `scheme` String
 * `handler` Function
-  * `request` Object
-    * `url` String
-    * `headers` Record<String, String>
-    * `referrer` String
-    * `method` String
-    * `uploadData` [UploadData[]](structures/upload-data.md)
+  * `request` ProtocolRequest
   * `callback` Function
-    * `filePath` String | [FilePathWithHeaders](structures/file-path-with-headers.md) (optional)
-* `completion` Function (optional)
-  * `error` Error
+    * `response` (String | [ProtocolResponse](structures/protocol-response.md))
 
-Registers a protocol of `scheme` that will send the file as a response. The
-`handler` will be called with `handler(request, callback)` when a `request` is
-going to be created with `scheme`. `completion` will be called with
-`completion(null)` when `scheme` is successfully registered or
-`completion(error)` when failed.
+Returns `Boolean` - Whether the protocol was successfully registered
+
+Registers a protocol of `scheme` that will send a file as the response. The
+`handler` will be called with `request` and `callback` where `request` is
+an incoming request for the `scheme`.
 
 To handle the `request`, the `callback` should be called with either the file's
 path or an object that has a `path` property, e.g. `callback(filePath)` or
-`callback({ path: filePath })`. The object may also have a `headers` property
-which gives a map of headers to values for the response headers, e.g.
-`callback({ path: filePath, headers: {"Content-Security-Policy": "default-src 'none'"]})`.
-
-When `callback` is called with nothing, a number, or an object that has an
-`error` property, the `request` will fail with the `error` number you
-specified. For the available error numbers you can use, please see the
-[net error list][net-error].
+`callback({ path: filePath })`. The `filePath` must be an absolute path.
 
 By default the `scheme` is treated like `http:`, which is parsed differently
-than protocols that follow the "generic URI syntax" like `file:`.
+from protocols that follow the "generic URI syntax" like `file:`.
 
-### `protocol.registerBufferProtocol(scheme, handler[, completion])`
+### `protocol.registerBufferProtocol(scheme, handler)`
 
 * `scheme` String
 * `handler` Function
-  * `request` Object
-    * `url` String
-    * `headers` Record<String, String>
-    * `referrer` String
-    * `method` String
-    * `uploadData` [UploadData[]](structures/upload-data.md)
+  * `request` ProtocolRequest
   * `callback` Function
-    * `buffer` (Buffer | [MimeTypedBuffer](structures/mime-typed-buffer.md)) (optional)
-* `completion` Function (optional)
-  * `error` Error
+    * `response` (Buffer | [ProtocolResponse](structures/protocol-response.md))
+
+Returns `Boolean` - Whether the protocol was successfully registered
 
 Registers a protocol of `scheme` that will send a `Buffer` as a response.
 
 The usage is the same with `registerFileProtocol`, except that the `callback`
-should be called with either a `Buffer` object or an object that has the `data`,
-`mimeType`, and `charset` properties.
+should be called with either a `Buffer` object or an object that has the `data`
+property.
 
 Example:
 
 ```javascript
-const { protocol } = require('electron')
-
 protocol.registerBufferProtocol('atom', (request, callback) => {
   callback({ mimeType: 'text/html', data: Buffer.from('<h5>Response</h5>') })
-}, (error) => {
-  if (error) console.error('Failed to register protocol')
 })
 ```
 
-### `protocol.registerStringProtocol(scheme, handler[, completion])`
+### `protocol.registerStringProtocol(scheme, handler)`
 
 * `scheme` String
 * `handler` Function
-  * `request` Object
-    * `url` String
-    * `headers` Record<String, String>
-    * `referrer` String
-    * `method` String
-    * `uploadData` [UploadData[]](structures/upload-data.md)
+  * `request` ProtocolRequest
   * `callback` Function
-    * `data` (String | [StringProtocolResponse](structures/string-protocol-response.md)) (optional)
-* `completion` Function (optional)
-  * `error` Error
+    * `response` (String | [ProtocolResponse](structures/protocol-response.md))
+
+Returns `Boolean` - Whether the protocol was successfully registered
 
 Registers a protocol of `scheme` that will send a `String` as a response.
 
 The usage is the same with `registerFileProtocol`, except that the `callback`
-should be called with either a `String` or an object that has the `data`,
-`mimeType`, and `charset` properties.
+should be called with either a `String` or an object that has the `data`
+property.
 
-### `protocol.registerHttpProtocol(scheme, handler[, completion])`
+### `protocol.registerHttpProtocol(scheme, handler)`
 
 * `scheme` String
 * `handler` Function
-  * `request` Object
-    * `url` String
-    * `headers` Record<String, String>
-    * `referrer` String
-    * `method` String
-    * `uploadData` [UploadData[]](structures/upload-data.md)
+  * `request` ProtocolRequest
   * `callback` Function
-    * `redirectRequest` Object
-      * `url` String
-      * `method` String (optional)
-      * `session` Session | null (optional)
-      * `uploadData` [ProtocolResponseUploadData](structures/protocol-response-upload-data.md) (optional)
-* `completion` Function (optional)
-  * `error` Error
+    * `response` ProtocolResponse
+
+Returns `Boolean` - Whether the protocol was successfully registered
 
 Registers a protocol of `scheme` that will send an HTTP request as a response.
 
 The usage is the same with `registerFileProtocol`, except that the `callback`
-should be called with a `redirectRequest` object that has the `url`, `method`,
-`referrer`, `uploadData` and `session` properties.
+should be called with an object that has the `url` property.
 
-By default the HTTP request will reuse the current session. If you want the
-request to have a different session you should set `session` to `null`.
-
-For POST requests the `uploadData` object must be provided.
-
-### `protocol.registerStreamProtocol(scheme, handler[, completion])`
+### `protocol.registerStreamProtocol(scheme, handler)`
 
 * `scheme` String
 * `handler` Function
-  * `request` Object
-    * `url` String
-    * `headers` Record<String, String>
-    * `referrer` String
-    * `method` String
-    * `uploadData` [UploadData[]](structures/upload-data.md)
+  * `request` ProtocolRequest
   * `callback` Function
-    * `stream` (ReadableStream | [StreamProtocolResponse](structures/stream-protocol-response.md)) (optional)
-* `completion` Function (optional)
-  * `error` Error
+    * `response` (ReadableStream | [ProtocolResponse](structures/protocol-response.md))
 
-Registers a protocol of `scheme` that will send a `Readable` as a response.
+Returns `Boolean` - Whether the protocol was successfully registered
 
-The usage is similar to the other `register{Any}Protocol`, except that the
-`callback` should be called with either a `Readable` object or an object that
-has the `data`, `statusCode`, and `headers` properties.
+Registers a protocol of `scheme` that will send a stream as a response.
+
+The usage is the same with `registerFileProtocol`, except that the
+`callback` should be called with either a [`ReadableStream`](https://nodejs.org/api/stream.html#stream_class_stream_readable) object or an object that
+has the `data` property.
 
 Example:
 
@@ -286,8 +216,6 @@ protocol.registerStreamProtocol('atom', (request, callback) => {
     },
     data: createStream('<h5>Response</h5>')
   })
-}, (error) => {
-  if (error) console.error('Failed to register protocol')
 })
 ```
 
@@ -295,132 +223,102 @@ It is possible to pass any object that implements the readable stream API (emits
 `data`/`end`/`error` events). For example, here's how a file could be returned:
 
 ```javascript
-const { protocol } = require('electron')
-const fs = require('fs')
-
 protocol.registerStreamProtocol('atom', (request, callback) => {
   callback(fs.createReadStream('index.html'))
-}, (error) => {
-  if (error) console.error('Failed to register protocol')
 })
 ```
 
-### `protocol.unregisterProtocol(scheme[, completion])`
+### `protocol.unregisterProtocol(scheme)`
 
 * `scheme` String
-* `completion` Function (optional)
-  * `error` Error
+
+Returns `Boolean` - Whether the protocol was successfully unregistered
 
 Unregisters the custom protocol of `scheme`.
 
-### `protocol.isProtocolHandled(scheme)`
+### `protocol.isProtocolRegistered(scheme)`
 
 * `scheme` String
 
-Returns `Promise<Boolean>` - fulfilled with a boolean that indicates whether there is
-already a handler for `scheme`.
+Returns `Boolean` - Whether `scheme` is already registered.
 
-### `protocol.interceptFileProtocol(scheme, handler[, completion])`
+### `protocol.interceptFileProtocol(scheme, handler)`
 
 * `scheme` String
 * `handler` Function
-  * `request` Object
-    * `url` String
-    * `headers` Record<String, String>
-    * `referrer` String
-    * `method` String
-    * `uploadData` [UploadData[]](structures/upload-data.md)
+  * `request` ProtocolRequest
   * `callback` Function
-    * `filePath` String
-* `completion` Function (optional)
-  * `error` Error
+    * `response` (String | [ProtocolResponse](structures/protocol-response.md))
+
+Returns `Boolean` - Whether the protocol was successfully intercepted
 
 Intercepts `scheme` protocol and uses `handler` as the protocol's new handler
 which sends a file as a response.
 
-### `protocol.interceptStringProtocol(scheme, handler[, completion])`
+### `protocol.interceptStringProtocol(scheme, handler)`
 
 * `scheme` String
 * `handler` Function
-  * `request` Object
-    * `url` String
-    * `headers` Record<String, String>
-    * `referrer` String
-    * `method` String
-    * `uploadData` [UploadData[]](structures/upload-data.md)
+  * `request` ProtocolRequest
   * `callback` Function
-    * `data` (String | [StringProtocolResponse](structures/string-protocol-response.md)) (optional)
-* `completion` Function (optional)
-  * `error` Error
+    * `response` (String | [ProtocolResponse](structures/protocol-response.md))
+
+Returns `Boolean` - Whether the protocol was successfully intercepted
 
 Intercepts `scheme` protocol and uses `handler` as the protocol's new handler
 which sends a `String` as a response.
 
-### `protocol.interceptBufferProtocol(scheme, handler[, completion])`
+### `protocol.interceptBufferProtocol(scheme, handler)`
 
 * `scheme` String
 * `handler` Function
-  * `request` Object
-    * `url` String
-    * `headers` Record<String, String>
-    * `referrer` String
-    * `method` String
-    * `uploadData` [UploadData[]](structures/upload-data.md)
+  * `request` ProtocolRequest
   * `callback` Function
-    * `buffer` Buffer (optional)
-* `completion` Function (optional)
-  * `error` Error
+    * `response` (Buffer | [ProtocolResponse](structures/protocol-response.md))
+
+Returns `Boolean` - Whether the protocol was successfully intercepted
 
 Intercepts `scheme` protocol and uses `handler` as the protocol's new handler
 which sends a `Buffer` as a response.
 
-### `protocol.interceptHttpProtocol(scheme, handler[, completion])`
+### `protocol.interceptHttpProtocol(scheme, handler)`
 
 * `scheme` String
 * `handler` Function
-  * `request` Object
-    * `url` String
-    * `headers` Record<String, String>
-    * `referrer` String
-    * `method` String
-    * `uploadData` [UploadData[]](structures/upload-data.md)
+  * `request` ProtocolRequest
   * `callback` Function
-    * `redirectRequest` Object
-      * `url` String
-      * `method` String (optional)
-      * `session` Session | null (optional)
-      * `uploadData` [ProtocolResponseUploadData](structures/protocol-response-upload-data.md) (optional)
-* `completion` Function (optional)
-  * `error` Error
+    * `response` [ProtocolResponse](structures/protocol-response.md)
+
+Returns `Boolean` - Whether the protocol was successfully intercepted
 
 Intercepts `scheme` protocol and uses `handler` as the protocol's new handler
 which sends a new HTTP request as a response.
 
-### `protocol.interceptStreamProtocol(scheme, handler[, completion])`
+### `protocol.interceptStreamProtocol(scheme, handler)`
 
 * `scheme` String
 * `handler` Function
-  * `request` Object
-    * `url` String
-    * `headers` Record<String, String>
-    * `referrer` String
-    * `method` String
-    * `uploadData` [UploadData[]](structures/upload-data.md)
+  * `request` ProtocolRequest
   * `callback` Function
-    * `stream` (ReadableStream | [StreamProtocolResponse](structures/stream-protocol-response.md)) (optional)
-* `completion` Function (optional)
-  * `error` Error
+    * `response` (ReadableStream | [ProtocolResponse](structures/protocol-response.md))
+
+Returns `Boolean` - Whether the protocol was successfully intercepted
 
 Same as `protocol.registerStreamProtocol`, except that it replaces an existing
 protocol handler.
 
-### `protocol.uninterceptProtocol(scheme[, completion])`
+### `protocol.uninterceptProtocol(scheme)`
 
 * `scheme` String
-* `completion` Function (optional)
-  * `error` Error
+
+Returns `Boolean` - Whether the protocol was successfully unintercepted
 
 Remove the interceptor installed for `scheme` and restore its original handler.
 
-[net-error]: https://code.google.com/p/chromium/codesearch#chromium/src/net/base/net_error_list.h
+### `protocol.isProtocolIntercepted(scheme)`
+
+* `scheme` String
+
+Returns `Boolean` - Whether `scheme` is already intercepted.
+
 [file-system-api]: https://developer.mozilla.org/en-US/docs/Web/API/LocalFileSystem

docs/api/sandbox-option.md

@@ -154,24 +154,43 @@ More may be added as needed to expose more Electron APIs in the sandbox, but any
 module in the main process can already be used through
 `electron.remote.require`.
 
-## Status
+## Rendering untrusted content
 
-Please use the `sandbox` option with care, as it is still an experimental
-feature. We are still not aware of the security implications of exposing some
-Electron renderer APIs to the preload script, but here are some things to
-consider before rendering untrusted content:
+Rendering untrusted content in Electron is still somewhat uncharted territory,
+though some apps are finding success (e.g. Beaker Browser). Our goal is to get
+as close to Chrome as we can in terms of the security of sandboxed content, but
+ultimately we will always be behind due to a few fundamental issues:
+
+1. We do not have the dedicated resources or expertise that Chromium has to
+   apply to the security of its product. We do our best to make use of what we
+   have, to inherit everything we can from Chromium, and to respond quickly to
+   security issues, but Electron cannot be as secure as Chromium without the
+   resources that Chromium is able to dedicate.
+2. Some security features in Chrome (such as Safe Browsing and Certificate
+   Transparency) require a centralized authority and dedicated servers, both of
+   which run counter to the goals of the Electron project. As such, we disable
+   those features in Electron, at the cost of the associated security they
+   would otherwise bring.
+3. There is only one Chromium, whereas there are many thousands of apps built
+   on Electron, all of which behave slightly differently. Accounting for those
+   differences can yield a huge possibility space, and make it challenging to
+   ensure the security of the platform in unusual use cases.
+4. We can't push security updates to users directly, so we rely on app vendors
+   to upgrade the version of Electron underlying their app in order for
+   security updates to reach users.
+
+Here are some things to consider before rendering untrusted content:
 
 - A preload script can accidentally leak privileged APIs to untrusted code,
   unless [`contextIsolation`](../tutorial/security.md#3-enable-context-isolation-for-remote-content)
   is also enabled.
-- Some bug in V8 engine may allow malicious code to access the renderer preload
-  APIs, effectively granting full access to the system through the `remote`
-  module. Therefore, it is highly recommended to
-  [disable the `remote` module](../tutorial/security.md#15-disable-the-remote-module).
-  If disabling is not feasible, you should selectively
-  [filter the `remote` module](../tutorial/security.md#16-filter-the-remote-module).
-
-Since rendering untrusted content in Electron is still uncharted territory,
-the APIs exposed to the sandbox preload script should be considered more
-unstable than the rest of Electron APIs, and may have breaking changes to fix
-security issues.
+- Some bug in the V8 engine may allow malicious code to access the renderer
+  preload APIs, effectively granting full access to the system through the
+  `remote` module. Therefore, it is highly recommended to [disable the `remote`
+  module](../tutorial/security.md#15-disable-the-remote-module).
+  If disabling is not feasible, you should selectively [filter the `remote`
+  module](../tutorial/security.md#16-filter-the-remote-module).
+- While we make our best effort to backport Chromium security fixes to older
+  versions of Electron, we do not make a guarantee that every fix will be
+  backported. Your best chance at staying secure is to be on the latest stable
+  version of Electron.

docs/api/shell.md

@@ -2,7 +2,7 @@
 
 > Manage files and URLs using their default applications.
 
-Process: [Main](../glossary.md#main-process), [Renderer](../glossary.md#renderer-process)
+Process: [Main](../glossary.md#main-process), [Renderer](../glossary.md#renderer-process) (non-sandboxed only)
 
 The `shell` module provides functions related to desktop integration.
 
@@ -14,6 +14,8 @@ const { shell } = require('electron')
 shell.openExternal('https://github.com')
 ```
 
+**Note:** While the `shell` module can be used in the renderer process, it will not function in a sandboxed renderer.
+
 ## Methods
 
 The `shell` module has the following methods:

docs/api/structures/mime-typed-buffer.md

@@ -1,4 +1,5 @@
 # MimeTypedBuffer Object
 
-* `mimeType` String - The mimeType of the Buffer that you are sending.
+* `mimeType` String (optional) - MIME type of the buffer.
+* `charset` String (optional) - Charset of the buffer.
 * `data` Buffer - The actual Buffer content.

docs/api/structures/new-window-web-contents-event.md

@@ -0,0 +1,4 @@
+# NewWindowWebContentsEvent Object extends `Event`
+
+* `newGuest` BrowserWindow (optional)
+

docs/api/structures/protocol-request.md

@@ -4,3 +4,4 @@
 * `referrer` String
 * `method` String
 * `uploadData` [UploadData[]](upload-data.md) (optional)
+* `headers` Record<String, String>

docs/api/system-preferences.md

@@ -180,7 +180,7 @@ Some popular `key` and `type`s are:
 ### `systemPreferences.setUserDefault(key, type, value)` _macOS_
 
 * `key` String
-* `type` String - See [`getUserDefault`](#systempreferencesgetuserdefaultkey-type-macos).
+* `type` String - Can be `string`, `boolean`, `integer`, `float`, `double`, `url`, `array` or `dictionary`.
 * `value` String
 
 Set the value of `key` in `NSUserDefaults`.
@@ -416,7 +416,7 @@ This API itself will not protect your user data; rather, it is a mechanism to al
 
 Returns `Boolean` - `true` if the current process is a trusted accessibility client and `false` if it is not.
 
-### `systemPreferences.getMediaAccessStatus(mediaType)` _macOS_
+### `systemPreferences.getMediaAccessStatus(mediaType)` _Windows_ _macOS_
 
 * `mediaType` String - Can be `microphone`, `camera` or `screen`.
 
@@ -426,6 +426,9 @@ This user consent was not required on macOS 10.13 High Sierra or lower so this m
 macOS 10.14 Mojave or higher requires consent for `microphone` and `camera` access.
 macOS 10.15 Catalina or higher requires consent for `screen` access.
 
+Windows 10 has a global setting controlling `microphone` and `camera` access for all win32 applications.
+It will always return `granted` for `screen` and for all media types on older versions of Windows.
+
 ### `systemPreferences.askForMediaAccess(mediaType)` _macOS_
 
 * `mediaType` String - the type of media being requested; can be `microphone`, `camera`.

docs/api/web-contents.md

@@ -138,7 +138,7 @@ Emitted when page receives favicon urls.
 
 Returns:
 
-* `event` Event
+* `event` NewWindowWebContentsEvent
 * `url` String
 * `frameName` String
 * `disposition` String - Can be `default`, `foreground-tab`, `background-tab`,
@@ -338,7 +338,7 @@ win.webContents.on('will-prevent-unload', (event) => {
 })
 ```
 
-#### Event: 'crashed'
+#### Event: 'crashed' _Deprecated_
 
 Returns:
 
@@ -347,6 +347,29 @@ Returns:
 
 Emitted when the renderer process crashes or is killed.
 
+**Deprecated:** This event is superceded by the `render-process-gone` event
+which contains more information about why the render process dissapeared. It
+isn't always because it crashed.  The `killed` boolean can be replaced by
+checking `reason === 'killed'` when you switch to that event.
+
+#### Event: 'render-process-gone'
+
+Returns:
+
+* `event` Event
+* `details` Object
+  * `reason` String - The reason the render process is gone.  Possible values:
+    * `clean-exit` - Process exited with an exit code of zero
+    * `abnormal-exit` - Process exited with a non-zero exit code
+    * `killed` - Process was sent a SIGTERM or otherwise killed externally
+    * `crashed` - Process crashed
+    * `oom` - Process ran out of memory
+    * `launch-failure` - Process never successfully launched
+    * `integrity-failure` - Windows code integrity checks failed
+
+Emitted when the renderer process unexpectedly dissapears.  This is normally
+because it was crashed or killed.
+
 #### Event: 'unresponsive'
 
 Emitted when the web page becomes unresponsive.
@@ -379,6 +402,7 @@ Returns:
   * `key` String - Equivalent to [KeyboardEvent.key][keyboardevent].
   * `code` String - Equivalent to [KeyboardEvent.code][keyboardevent].
   * `isAutoRepeat` Boolean - Equivalent to [KeyboardEvent.repeat][keyboardevent].
+  * `isComposing` Boolean - Equivalent to [KeyboardEvent.isComposing][keyboardevent].
   * `shift` Boolean - Equivalent to [KeyboardEvent.shiftKey][keyboardevent].
   * `control` Boolean - Equivalent to [KeyboardEvent.controlKey][keyboardevent].
   * `alt` Boolean - Equivalent to [KeyboardEvent.altKey][keyboardevent].
@@ -884,10 +908,10 @@ Returns `String` - The URL of the current web page.
 ```javascript
 const { BrowserWindow } = require('electron')
 let win = new BrowserWindow({ width: 800, height: 600 })
-win.loadURL('http://github.com')
-
-let currentURL = win.webContents.getURL()
-console.log(currentURL)
+win.loadURL('http://github.com').then(() => {
+  const currentURL = win.webContents.getURL()
+  console.log(currentURL)
+})
 ```
 
 #### `contents.getTitle()`
@@ -1287,6 +1311,8 @@ Returns [`PrinterInfo[]`](structures/printer-info.md)
   * `success` Boolean - Indicates success of the print call.
   * `failureReason` String - Error description called back if the print fails.
 
+When a custom `pageSize` is passed, Chromium attempts to validate platform specific minumum values for `width_microns` and `height_microns`. Width and height must both be minimum 353 microns but may be higher on some operating systems.
+
 Prints window's web page. When `silent` is set to `true`, Electron will pick
 the system's default printer if `deviceName` is empty and the default settings for printing.
 
@@ -1310,13 +1336,12 @@ win.webContents.print(options, (success, errorType) => {
   * `landscape` Boolean (optional) - `true` for landscape, `false` for portrait.
   * `marginsType` Integer (optional) - Specifies the type of margins to use. Uses 0 for
     default margin, 1 for no margin, and 2 for minimum margin.
-    and `width` in microns.
   * `scaleFactor` Number (optional) - The scale factor of the web page. Can range from 0 to 100.
   * `pageRanges` Record<string, number> (optional) - The page range to print.
     * `from` Number - the first page to print.
     * `to` Number - the last page to print (inclusive).
   * `pageSize` String | Size (optional) - Specify page size of the generated PDF. Can be `A3`,
-  `A4`, `A5`, `Legal`, `Letter`, `Tabloid` or an Object containing `height`
+  `A4`, `A5`, `Legal`, `Letter`, `Tabloid` or an Object containing `height` and `width` in microns.
   * `printBackground` Boolean (optional) - Whether to print CSS backgrounds.
   * `printSelectionOnly` Boolean (optional) - Whether to print selection only.
 
@@ -1347,6 +1372,8 @@ An example of `webContents.printToPDF`:
 ```javascript
 const { BrowserWindow } = require('electron')
 const fs = require('fs')
+const path = require('path')
+const os = require('os')
 
 let win = new BrowserWindow({ width: 800, height: 600 })
 win.loadURL('http://github.com')
@@ -1354,12 +1381,13 @@ win.loadURL('http://github.com')
 win.webContents.on('did-finish-load', () => {
   // Use default printing options
   win.webContents.printToPDF({}).then(data => {
-    fs.writeFile('/tmp/print.pdf', data, (error) => {
+    const pdfPath = path.join(os.homedir(), 'Desktop', 'temp.pdf')
+    fs.writeFile(pdfPath, data, (error) => {
       if (error) throw error
-      console.log('Write PDF successfully.')
+      console.log(`Wrote PDF successfully to ${pdfPath}`)
     })
   }).catch(error => {
-    console.log(error)
+    console.log(`Failed to write PDF to ${pdfPath}: `, error)
   })
 })
 ```
@@ -1789,6 +1817,11 @@ Returns `Promise<void>` - Indicates whether the snapshot has been created succes
 
 Takes a V8 heap snapshot and saves it to `filePath`.
 
+#### `contents.getBackgroundThrottling()`
+
+Returns `Boolean` - whether or not this WebContents will throttle animations and timers
+when the page becomes backgrounded. This also affects the Page Visibility API.
+
 #### `contents.setBackgroundThrottling(allowed)`
 
 * `allowed` Boolean
@@ -1843,7 +1876,7 @@ A [`WebContents`](web-contents.md) instance that might own this `WebContents`.
 
 #### `contents.devToolsWebContents` _Readonly_
 
-A `WebContents` of DevTools for this `WebContents`.
+A `WebContents | null` property that represents the of DevTools `WebContents` associated with a given `WebContents`.
 
 **Note:** Users should never store this object because it may become `null`
 when the DevTools has been closed.
@@ -1856,3 +1889,8 @@ A [`Debugger`](debugger.md) instance for this webContents.
 [event-emitter]: https://nodejs.org/api/events.html#events_class_eventemitter
 [SCA]: https://developer.mozilla.org/en-US/docs/Web/API/Web_Workers_API/Structured_clone_algorithm
 [`postMessage`]: https://developer.mozilla.org/en-US/docs/Web/API/Window/postMessage
+
+#### `contents.backgroundThrottling`
+
+A `Boolean` property that determines whether or not this WebContents will throttle animations and timers
+when the page becomes backgrounded. This also affects the Page Visibility API.

docs/api/web-frame.md

@@ -162,10 +162,14 @@ this limitation.
   * `error` Error
 
 Returns `Promise<any>` - A promise that resolves with the result of the executed
-code or is rejected if execution throws or results in a rejected promise.
+code or is rejected if execution could not start.
 
 Works like `executeJavaScript` but evaluates `scripts` in an isolated context.
 
+Note that when the execution of script fails, the returned promise will not
+reject and the `result` would be `undefined`. This is because Chromium does not
+dispatch errors of isolated worlds to foreign worlds.
+
 ### `webFrame.setIsolatedWorldInfo(worldId, info)`
 * `worldId` Integer - The ID of the world to run the javascript in, `0` is the default world, `999` is the world used by Electrons `contextIsolation` feature. Chrome extensions reserve the range of IDs in `[1 << 20, 1 << 29)`. You can provide any integer here.
 * `info` Object

docs/breaking-changes.md

@@ -12,8 +12,92 @@ This document uses the following convention to categorize breaking changes:
 - **Deprecated:** An API was marked as deprecated. The API will continue to function, but will emit a deprecation warning, and will be removed in a future release.
 - **Removed:** An API or feature was removed, and is no longer supported by Electron.
 
+## Planned Breaking API Changes (12.0)
+
+### Removed: `crashReporter` methods in the renderer process
+
+The following `crashReporter` methods are no longer available in the renderer
+process:
+
+- `crashReporter.start`
+- `crashReporter.getLastCrashReport`
+- `crashReporter.getUploadedReports`
+- `crashReporter.getUploadToServer`
+- `crashReporter.setUploadToServer`
+- `crashReporter.getCrashesDirectory`
+
+They should be called only from the main process.
+
+See [#23265](https://github.com/electron/electron/pull/23265) for more details.
+
+### Default Changed: `crashReporter.start({ compress: true })`
+
+The default value of the `compress` option to `crashReporter.start` has changed
+from `false` to `true`. This means that crash dumps will be uploaded to the
+crash ingestion server with the `Content-Encoding: gzip` header, and the body
+will be compressed.
+
+If your crash ingestion server does not support compressed payloads, you can
+turn off compression by specifying `{ compress: false }` in the crash reporter
+options.
+
+## Planned Breaking API Changes (11.0)
+
+There are no breaking changes planned for 11.0.
+
 ## Planned Breaking API Changes (10.0)
 
+### Deprecated: `companyName` argument to `crashReporter.start()`
+
+The `companyName` argument to `crashReporter.start()`, which was previously
+required, is now optional, and further, is deprecated. To get the same
+behavior in a non-deprecated way, you can pass a `companyName` value in
+`globalExtra`.
+
+```js
+// Deprecated in Electron 10
+crashReporter.start({ companyName: 'Umbrella Corporation' })
+// Replace with
+crashReporter.start({ globalExtra: { _companyName: 'Umbrella Corporation' } })
+```
+
+### Deprecated: `crashReporter.getCrashesDirectory()`
+
+The `crashReporter.getCrashesDirectory` method has been deprecated. Usage
+should be replaced by `app.getPath('crashDumps')`.
+
+```js
+// Deprecated in Electron 10
+crashReporter.getCrashesDirectory()
+// Replace with
+app.getPath('crashDumps')
+```
+
+### Deprecated: `crashReporter` methods in the renderer process
+
+Calling the following `crashReporter` methods from the renderer process is
+deprecated:
+
+- `crashReporter.start`
+- `crashReporter.getLastCrashReport`
+- `crashReporter.getUploadedReports`
+- `crashReporter.getUploadToServer`
+- `crashReporter.setUploadToServer`
+- `crashReporter.getCrashesDirectory`
+
+The only non-deprecated methods remaining in the `crashReporter` module in the
+renderer are `addExtraParameter`, `removeExtraParameter` and `getParameters`.
+
+All above methods remain non-deprecated when called from the main process.
+
+See [#23265](https://github.com/electron/electron/pull/23265) for more details.
+
+### Deprecated: `crashReporter.start({ compress: false })`
+
+Setting `{ compress: false }` in `crashReporter.start` is deprecated. Nearly
+all crash ingestion servers support gzip compression. This option will be
+removed in a future version of Electron.
+
 ### Removed: Browser Window Affinity
 
 The `affinity` option when constructing a new `BrowserWindow` will be removed

docs/development/atom-shell-vs-node-webkit.md

@@ -1,52 +0,0 @@
-# Technical Differences Between Electron and NW.js (formerly node-webkit)
-
-__Note: Electron was previously named Atom Shell.__
-
-Like NW.js, Electron provides a platform to write desktop applications
-with JavaScript and HTML and has Node integration to grant access to the low
-level system from web pages.
-
-But there are also fundamental differences between the two projects that make
-Electron a completely separate product from NW.js:
-
-__1. Entry of Application__
-
-In NW.js the main entry point of an application is a web page or a JS script. You specify a
-html or js file in the `package.json` and it is opened in a browser window as
-the application's main window (in case of an html entrypoint) or the script is executed.
-
-In Electron, the entry point is a JavaScript script. Instead of
-providing a URL directly, you manually create a browser window and load
-an HTML file using the API. You also need to listen to window events
-to decide when to quit the application.
-
-Electron works more like the Node.js runtime. Electron's APIs are lower level
-so you can use it for browser testing in place of [PhantomJS](http://phantomjs.org/).
-
-__2. Build System__
-
-In order to avoid the complexity of building all of Chromium, Electron uses [`libchromiumcontent`](https://github.com/electron/libchromiumcontent) to access
-Chromium's Content API. `libchromiumcontent` is a single shared library that
-includes the Chromium Content module and all of its dependencies. Users don't
-need a powerful machine to build Electron.
-
-__3. Node Integration__
-
-In NW.js, the Node integration in web pages requires patching Chromium to
-work, while in Electron we chose a different way to integrate the libuv loop
-with each platform's message loop to avoid hacking Chromium. See the
-[`node_bindings`][node-bindings] code for how that was done.
-
-__4. Multi-context__
-
-If you are an experienced NW.js user, you should be familiar with the
-concept of Node context and web context. These concepts were invented because
-of how NW.js was implemented.
-
-By using the [multi-context](https://github.com/nodejs/node-v0.x-archive/commit/756b622)
-feature of Node, Electron doesn't introduce a new JavaScript context in web
-pages.
-
-Note: NW.js has optionally supported multi-context since 0.13.
-
-[node-bindings]: https://github.com/electron/electron/tree/master/atom/common

docs/development/build-instructions-gn.md

@@ -24,13 +24,12 @@ try to download a Google-internal version that only Googlers have access to).
 
 [depot-tools]: http://commondatastorage.googleapis.com/chrome-infra-docs/flat/depot_tools/docs/html/depot_tools_tutorial.html#_setting_up
 
-## Cached builds (optional step)
+### Setting up the git cache
 
-### GIT\_CACHE\_PATH
-
-If you plan on building Electron more than once, adding a git cache will
-speed up subsequent calls to `gclient`. To do this, set a `GIT_CACHE_PATH`
-environment variable:
+If you plan on checking out Electron more than once (for example, to have
+multiple parallel directories checked out to different branches), using the git
+cache will speed up subsequent calls to `gclient`. To do this, set a
+`GIT_CACHE_PATH` environment variable:
 
 ```sh
 $ export GIT_CACHE_PATH="${HOME}/.git_cache"
@@ -38,22 +37,10 @@ $ mkdir -p "${GIT_CACHE_PATH}"
 # This will use about 16G.
 ```
 
-### sccache
-
-Thousands of files must be compiled to build Chromium and Electron.
-You can avoid much of the wait by reusing Electron CI's build output via
-[sccache](https://github.com/mozilla/sccache). This requires some
-optional steps (listed below) and these two environment variables:
-
-```sh
-export SCCACHE_BUCKET="electronjs-sccache-ci"
-export SCCACHE_TWO_TIER=true
-```
-
 ## Getting the code
 
 ```sh
-$ mkdir electron-gn && cd electron-gn
+$ mkdir electron && cd electron
 $ gclient config --name "src/electron" --unmanaged https://github.com/electron/electron
 $ gclient sync --with_branch_heads --with_tags
 # This will take a while, go get a coffee.

docs/development/debug-instructions-windows.md

@@ -3,7 +3,7 @@
 If you experience crashes or issues in Electron that you believe are not caused
 by your JavaScript application, but instead by Electron itself, debugging can
 be a little bit tricky, especially for developers not used to native/C++
-debugging. However, using Visual Studio, GitHub's hosted Electron Symbol Server,
+debugging. However, using Visual Studio, Electron's hosted Symbol Server,
 and the Electron source code, you can enable step-through debugging
 with breakpoints inside Electron's source code.
 
@@ -22,7 +22,7 @@ with breakpoints inside Electron's source code.
 
 * **Visual Studio with C++ Tools**: The free community editions of Visual
   Studio 2013 and Visual Studio 2015 both work. Once installed,
-  [configure Visual Studio to use GitHub's Electron Symbol server](setting-up-symbol-server.md).
+  [configure Visual Studio to use Electron's Symbol server](setting-up-symbol-server.md).
   It will enable Visual Studio to gain a better understanding of what happens
   inside Electron, making it easier to present variables in a human-readable
   format.

docs/development/electron-vs-nwjs.md

@@ -0,0 +1,75 @@
+# Technical Differences Between Electron and NW.js
+
+Like [NW.js][nwjs], Electron provides a platform to write desktop applications with web
+technologies. Both platforms enable developers to utilize HTML, JavaScript, and
+Node.js. On the surface, they seem very similar.
+
+There are however fundamental differences between the two projects that make
+Electron a completely separate product from NW.js.
+
+## 1) Entry of Application
+
+In NW.js, the main entry point of an application can be an HTML web page. In
+that case, NW.js will open the given entry point in a browser window.
+
+In Electron, the entry point is always a JavaScript script. Instead of providing a
+URL directly, you manually create a browser window and load an HTML file using
+the API. You also need to listen to window events to decide when to quit the
+application.
+
+Electron works more like the Node.js runtime. Electron's APIs are lower level so
+you can use it for browser testing in place of
+[PhantomJS](http://phantomjs.org/).
+
+## 2) Node Integration
+
+In NW.js, the Node integration in web pages requires patching Chromium to work,
+while in Electron we chose a different way to integrate the `libuv` loop with
+each platform's message loop to avoid hacking Chromium. See the
+[`node_bindings`][node-bindings] code for how that was done.
+
+## 3) JavaScript Contexts
+
+If you are an experienced NW.js user, you should be familiar with the concept of
+Node context and web context. These concepts were invented because of how NW.js
+was implemented.
+
+By using the
+[multi-context](https://github.com/nodejs/node-v0.x-archive/commit/756b622)
+feature of Node, Electron doesn't introduce a new JavaScript context in web
+pages.
+
+Note: NW.js has optionally supported multi-context since 0.13.
+
+## 4) Legacy Support
+
+NW.js still offers a "legacy release" that supports Windows XP. It doesn't
+receive security updates.
+
+Given that hardware manufacturers, Microsoft, Chromium, and Node.js haven't
+released even critical security updates for that system, we have to warn you
+that using Windows XP is wildly insecure and outright irresponsible.
+
+However, we understand that requirements outside our wildest imagination may
+exist, so if you're looking for something like Electron that runs on Windows XP,
+the NW.js legacy release might be the right fit for you.
+
+## 5) Features
+
+There are numerous differences in the amount of supported features. Electron has
+a bigger community, more production apps using it, and [a large amount of
+userland modules available on npm][electron-modules].
+
+As an example, Electron has built-in support for automatic updates and countless
+tools that make the creation of installers easier. As an example in favor of
+NW.js, NW.js supports more `Chrome.*` APIs for the development of Chrome Apps.
+
+Naturally, we believe that Electron is the better platform for polished
+production applications built with web technologies (like Visual Studio Code,
+Slack, or Facebook Messenger); however, we want to be fair to our web technology
+friends. If you have feature needs that Electron does not meet, you might want
+to try NW.js.
+
+[nwjs]: https://nwjs.io/
+[electron-modules]: https://www.npmjs.com/search?q=electron
+[node-bindings]: https://github.com/electron/electron/tree/master/lib/common

docs/faq.md

@@ -139,32 +139,7 @@ When using Electron's built-in module you might encounter an error like this:
 Uncaught TypeError: Cannot read property 'setZoomLevel' of undefined
 ```
 
-This is because you have the [npm `electron` module][electron-module] installed
-either locally or globally, which overrides Electron's built-in module.
-
-To verify whether you are using the correct built-in module, you can print the
-path of the `electron` module:
-
-```javascript
-console.log(require.resolve('electron'))
-```
-
-and then check if it is in the following form:
-
-```sh
-"/path/to/Electron.app/Contents/Resources/atom.asar/renderer/api/lib/exports/electron.js"
-```
-
-If it is something like `node_modules/electron/index.js`, then you have to
-either remove the npm `electron` module, or rename it.
-
-```sh
-npm uninstall electron
-npm uninstall -g electron
-```
-
-However if you are using the built-in module but still getting this error, it
-is very likely you are using the module in the wrong process. For example
+It is very likely you are using the module in the wrong process. For example
 `electron.app` can only be used in the main process, while `electron.webFrame`
 is only available in renderer processes.
 

docs/tutorial/application-distribution.md

@@ -74,7 +74,7 @@ before distributing it to users.
 ### Windows
 
 You can rename `electron.exe` to any name you like, and edit its icon and other
-information with tools like [rcedit](https://github.com/atom/rcedit).
+information with tools like [rcedit](https://github.com/electron/rcedit).
 
 ### macOS
 

docs/tutorial/code-signing.md

@@ -6,52 +6,153 @@ created by you.
 On macOS the system can detect any change to the app, whether the change is
 introduced accidentally or by malicious code.
 
-On Windows the system assigns a trust level to your code signing certificate which
-if you don't have, or if your trust level is low will cause security dialogs to
-appear when users start using your application.  Trust level builds over time
-so it's better to start code signing as early as possible.
+On Windows, the system assigns a trust level to your code signing certificate
+which if you don't have, or if your trust level is low, will cause security
+dialogs to appear when users start using your application.  Trust level builds
+over time so it's better to start code signing as early as possible.
 
 While it is possible to distribute unsigned apps, it is not recommended. Both
-Windows and macOS will, by default, prevent either the download or the
-execution of unsigned applications. Starting with macOS Catalina (version 10.15),
-users have to go through multiple manual steps to open unsigned applications.
+Windows and macOS will, by default, prevent either the download or the execution
+of unsigned applications. Starting with macOS Catalina (version 10.15), users
+have to go through multiple manual steps to open unsigned applications.
 
-![macOS Catalina Gatekeeper warning: The app cannot be opened because the developer cannot be verified](../images/gatekeeper.png)
+![macOS Catalina Gatekeeper warning: The app cannot be opened because the
+developer cannot be verified](../images/gatekeeper.png)
 
 As you can see, users get two options: Move the app straight to the trash or
 cancel running it. You don't want your users to see that dialog.
 
 If you are building an Electron app that you intend to package and distribute,
-it should be code-signed. The Mac and Windows app stores do not allow unsigned
-apps.
+it should be code-signed.
 
-# Signing macOS builds
+# Signing & notarizing macOS builds
 
-Before signing macOS builds, you must do the following:
+Properly preparing macOS applications for release requires two steps: First, the
+app needs to be code-signed. Then, the app needs to be uploaded to Apple for a
+process called "notarization", where automated systems will further verify that
+your app isn't doing anything to endanger its users.
+
+To start the process, ensure that you fulfill the requirements for signing and
+notarizing your app:
 
 1. Enroll in the [Apple Developer Program] (requires an annual fee)
-2. Download and install [Xcode]
+2. Download and install [Xcode] - this requires a computer running macOS
 3. Generate, download, and install [signing certificates]
 
-There are a number of tools for signing your packaged app:
+Electron's ecosystem favors configuration and freedom, so there are multiple
+ways to get your application signed and notarized.
 
-- [`electron-osx-sign`] is a standalone tool for signing macOS packages.
-- [`electron-packager`] bundles `electron-osx-sign`. If you're using `electron-packager`,
-pass the `--osx-sign=true` flag to sign your build.
-  - [`electron-forge`] uses `electron-packager` internally, you can set the `osxSign` option
-    in your forge config.
-- [`electron-builder`] has built-in code-signing capabilities. See [electron.build/code-signing](https://www.electron.build/code-signing)
+## `electron-forge`
 
-## Notarization
+If you're using Electron's favorite build tool, getting your application signed
+and notarized requires a few additions to your configuration. [Forge](https://electronforge.io) is a
+collection of the official Electron tools, using [`electron-packager`],
+[`electron-osx-sign`], and [`electron-notarize`] under the hood.
 
-Starting with macOS Catalina, Apple requires applications to be notarized.
-"Notarization" as defined by Apple means that you upload your previously signed
-application to Apple for additional verification _before_ distributing the app
-to your users.
+Let's take a look at an example configuration with all required fields. Not all
+of them are required: the tools will be clever enough to automatically find a
+suitable `identity`, for instance, but we recommend that you are explicit.
 
-To automate this process, you can use the [`electron-notarize`] module. You
-do not necessarily need to complete this step for every build you make – just
-the builds you intend to ship to users.
+```json
+{
+  "name": "my-app",
+  "version": "0.0.1",
+  "config": {
+    "forge": {
+      "packagerConfig": {
+        "osxSign": {
+          "identity": "Developer ID Application: Felix Rieseberg (LT94ZKYDCJ)",
+          "hardened-runtime": true,
+          "entitlements": "entitlements.plist",
+          "entitlements-inherit": "entitlements.plist",
+          "signature-flags": "library"
+        },
+        "osxNotarize": {
+          "appleId": "felix@felix.fun",
+          "appleIdPassword": "my-apple-id-password",
+        }
+      }
+    }
+  }
+}
+```
+
+The `plist` file referenced here needs the following macOS-specific entitlements
+to assure the Apple security mechanisms that your app is doing these things
+without meaning any harm:
+
+```xml
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+  <dict>
+    <key>com.apple.security.cs.allow-jit</key>
+    <true/>
+    <key>com.apple.security.cs.allow-unsigned-executable-memory</key>
+    <true/>
+    <key>com.apple.security.cs.debugger</key>
+    <true/>
+  </dict>
+</plist>
+```
+
+To see all of this in action, check out Electron Fiddle's source code,
+[especially its `electron-forge` configuration
+file](https://github.com/electron/fiddle/blob/master/forge.config.js).
+
+
+## `electron-builder`
+
+Electron Builder comes with a custom solution for signing your application. You
+can find [its documentation here](https://www.electron.build/code-signing).
+
+## `electron-packager`
+
+If you're not using an integrated build pipeline like Forge or Builder, you
+are likely using [`electron-packager`], which includes [`electron-osx-sign`] and
+[`electron-notarize`].
+
+If you're using Packager's API, you can pass [in configuration that both signs
+and notarizes your
+application](https://electron.github.io/electron-packager/master/interfaces/electronpackager.options.html).
+
+```js
+const packager = require('electron-packager')
+
+packager({
+  dir: '/path/to/my/app',
+  osxSign: {
+    identity: 'Developer ID Application: Felix Rieseberg (LT94ZKYDCJ)',
+    'hardened-runtime': true,
+    entitlements: 'entitlements.plist',
+    'entitlements-inherit': 'entitlements.plist',
+    'signature-flags': 'library'
+  },
+  osxNotarize: {
+    appleId: 'felix@felix.fun',
+    appleIdPassword: 'my-apple-id-password'
+  }
+})
+```
+
+The `plist` file referenced here needs the following macOS-specific entitlements
+to assure the Apple security mechanisms that your app is doing these things
+without meaning any harm:
+
+```xml
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+  <dict>
+    <key>com.apple.security.cs.allow-jit</key>
+    <true/>
+    <key>com.apple.security.cs.allow-unsigned-executable-memory</key>
+    <true/>
+    <key>com.apple.security.cs.debugger</key>
+    <true/>
+  </dict>
+</plist>
+```
 
 ## Mac App Store
 
@@ -62,19 +163,24 @@ See the [Mac App Store Guide].
 Before signing Windows builds, you must do the following:
 
 1. Get a Windows Authenticode code signing certificate (requires an annual fee)
-2. Install Visual Studio 2015/2017 (to get the signing utility)
+2. Install Visual Studio to get the signing utility (the free [Community
+   Edition](https://visualstudio.microsoft.com/vs/community/) is enough)
 
-You can get a code signing certificate from a lot of resellers. Prices vary, so it may be worth your time to shop around. Popular resellers include:
+You can get a code signing certificate from a lot of resellers. Prices vary, so
+it may be worth your time to shop around. Popular resellers include:
 
 * [digicert](https://www.digicert.com/code-signing/microsoft-authenticode.htm)
 * [Comodo](https://www.comodo.com/landing/ssl-certificate/authenticode-signature/)
 * [GoDaddy](https://au.godaddy.com/web-security/code-signing-certificate)
-* Amongst others, please shop around to find one that suits your needs, Google is your friend :)
+* Amongst others, please shop around to find one that suits your needs, Google
+  is your friend 😄
 
 There are a number of tools for signing your packaged app:
 
-- [`electron-winstaller`] will generate an installer for windows and sign it for you
-- [`electron-forge`] can sign installers it generates through the Squirrel.Windows or MSI targets.
+- [`electron-winstaller`] will generate an installer for windows and sign it for
+  you
+- [`electron-forge`] can sign installers it generates through the
+  Squirrel.Windows or MSI targets.
 - [`electron-builder`] can sign some of its windows targets
 
 ## Windows Store

docs/tutorial/context-isolation.md

@@ -0,0 +1,70 @@
+# Context Isolation
+
+## What is it?
+
+Context Isolation is a feature that ensures that both your `preload` scripts and Electron's internal logic run in a separate context to the website you load in a [`webContents`](../api/web-contents.md).  This is important for security purposes as it helps prevent the website from accessing Electron internals or the powerful APIs your preload script has access to.
+
+This means that the `window` object that your preload script has access to is actually a **different** object than the website would have access to.  For example, if you set `window.hello = 'wave'` in your preload script and context isolation is enabled `window.hello` will be undefined if the website tries to access it.
+
+Every single application should have context isolation enabled and from Electron 12 it will be enabled by default.
+
+## How do I enable it?
+
+From Electron 12, it will be enabled by default. For lower versions it is an option in the `webPreferences` option when constructing `new BrowserWindow`'s.
+
+```javascript
+const mainWindow = new BrowserWindow({
+  webPreferences: {
+    contextIsolation: true
+  }
+})
+```
+
+## Migration
+
+> I used to provide APIs from my preload script using `window.X = apiObject` now what?
+
+Exposing APIs from your preload script to the loaded website is a common usecase and there is a dedicated module in Electron to help you do this in a painless way.
+
+**Before: With context isolation disabled**
+
+```javascript
+window.myAPI = {
+  doAThing: () => {}
+}
+```
+
+**After: With context isolation enabled**
+
+```javascript
+const { contextBridge } = require('electron')
+
+contextBridge.exposeInMainWorld('myAPI', {
+  doAThing: () => {}
+})
+```
+
+The [`contextBridge`](../api/context-bridge.md) module can be used to **safely** expose APIs from the isolated context your preload script runs in to the context the website is running in. The API will also be accessible from the website on `window.myAPI` just like it was before.
+
+You should read the `contextBridge` documentation linked above to fully understand its limitations.  For instance you can't send custom prototypes or symbols over the bridge.
+
+## Security Considerations
+
+Just enabling `contextIsolation` and using `contextBridge` does not automatically mean that everything you do is safe.  For instance this code is **unsafe**.
+
+```javascript
+// ❌ Bad code
+contextBridge.exposeInMainWorld('myAPI', {
+  send: ipcRenderer.send
+})
+```
+
+It directly exposes a powerful API without any kind of argument filtering. This would allow any website to send arbitrary IPC messages which you do not want to be possible. The correct way to expose IPC-based APIs would instead be to provide one method per IPC message.
+
+```javascript
+// ✅ Good code
+contextBridge.exposeInMainWorld('myAPI', {
+  loadPreferences: () => ipcRenderer.invoke('load-prefs')
+})
+```
+

docs/tutorial/devtools-extension.md

@@ -64,7 +64,7 @@ Following Devtools Extensions are tested and guaranteed to work in Electron:
 * [jQuery Debugger](https://chrome.google.com/webstore/detail/jquery-debugger/dbhhnnnpaeobfddmlalhnehgclcmjimi)
 * [AngularJS Batarang](https://chrome.google.com/webstore/detail/angularjs-batarang/ighdmehidhipcmcojjgiloacoafjmpfk)
 * [Vue.js devtools](https://chrome.google.com/webstore/detail/vuejs-devtools/nhdogjmejiglipccpnnnanhbledajbpd)
-* [Cerebral Debugger](https://cerebraljs.com/docs/introduction/debugger.html)
+* [Cerebral Debugger](https://cerebraljs.com/docs/introduction/devtools.html)
 * [Redux DevTools Extension](https://chrome.google.com/webstore/detail/redux-devtools/lmhkpmbekcpmknklioeibfkpmmfibljd)
 * [MobX Developer Tools](https://chrome.google.com/webstore/detail/mobx-developer-tools/pfgnfdagidkfgccljigdamigbcnndkod)
 

docs/tutorial/electron-timelines.md

@@ -4,15 +4,17 @@
 * We strive for weekly beta releases, however we often release more betas than scheduled.
 * All dates are our goals but there may be reasons for adjusting the stable deadline, such as security bugs.
 * Take a look at the [5.0.0 Timeline blog post](https://electronjs.org/blog/electron-5-0-timeline) for info about publicizing our release dates.
+* Since Electron 6.0, we've been targetting every other Chromium version and releasing our stable on the same day as Chrome stable. You can reference Chromium's release schedule [here](https://chromiumdash.appspot.com/schedule). See [Electron's new release cadence blog post](https://www.electronjs.org/blog/12-week-cadence) for more details on our release schedule.
 
 | Version | -beta.1 | Stable | Chrome | Node |
 | ------- | ------- | ------ | ------ | ---- |
-| 2.0.0 | 2018-02-21 | 2018-05-01 | M61 | v8 |
-| 3.0.0 | 2018-06-21 | 2018-09-18 | M66 | v10 |
-| 4.0.0 | 2018-10-11 | 2018-12-20 | M69 | v10 |
-| 5.0.0 | 2019-01-22 | 2019-04-24 | M73 | v12 |
-| 6.0.0 | 2019-05-01 | 2019-07-30 | M76 | v12 |
-| 7.0.0 | 2019-08-01 | 2019-10-22 | M78 | v12 |
-| 8.0.0 | 2019-10-24 | 2020-02-04 | M80 | v12 |
-| 9.0.0 | 2020-02-06 | 2020-05-19 | M83 | v12 |
-| 10.0.0 | TBD | TBD | TBD | TBD |
+| 2.0.0 | 2018-02-21 | 2018-05-01 | M61 | v8.9 |
+| 3.0.0 | 2018-06-21 | 2018-09-18 | M66 | v10.2 |
+| 4.0.0 | 2018-10-11 | 2018-12-20 | M69 | v10.11 |
+| 5.0.0 | 2019-01-22 | 2019-04-24 | M73 | v12.0 |
+| 6.0.0 | 2019-05-01 | 2019-07-30 | M76 | v12.4 |
+| 7.0.0 | 2019-08-01 | 2019-10-22 | M78 | v12.8 |
+| 8.0.0 | 2019-10-24 | 2020-02-04 | M80 | v12.13 |
+| 9.0.0 | 2020-02-06 | 2020-05-19 | M83 | v12.14 |
+| 10.0.0 | 2020-05-21 | 2020-08-25 | M85 | v12.x |
+| 11.0.0 | TBD | TBD | TBD| TBD |

docs/tutorial/electron-versioning.md

@@ -57,7 +57,7 @@ Stabilization branches are branches that run parallel to master, taking in only
 
 ![](../images/versioning-sketch-1.png)
 
-Stabilization branches are always either **major** or **minor** version lines, and named against the following template `$MAJOR-$MINOR-x` e.g. `2-0-x`.
+Since Electron 8, stabilization branches are always **major** version lines, and named against the following template `$MAJOR-x-y` e.g. `8-x-y`.  Prior to that we used **minor** version lines and named them as `$MAJOR-$MINOR-x` e.g. `2-0-x`
 
 We allow for multiple stabilization branches to exist simultaneously, and intend to support at least two in parallel at all times, backporting security fixes as necessary.
 ![](../images/versioning-sketch-2.png)

docs/tutorial/performance.md

@@ -42,7 +42,7 @@ improve performance.
 
 To learn more about how to profile your app's code, familiarize yourself with
 the Chrome Developer Tools. For advanced analysis looking at multiple processes
-at once, consider the [Chrome Tracing] tool.
+at once, consider the [Chrome Tracing](https://www.chromium.org/developers/how-tos/trace-event-profiling-tool) tool.
 
 ### Recommended Reading
 
@@ -352,7 +352,7 @@ Many users of Electron start with an entirely web-based app that they're
 turning into a desktop application. As web developers, we are used to loading
 resources from a variety of content delivery networks. Now that you are
 shipping a proper desktop application, attempt to "cut the cord" where possible
- - and avoid letting your users wait for resources that never change and could
+and avoid letting your users wait for resources that never change and could
 easily be included  in your app.
 
 A typical example is Google Fonts. Many developers make use of Google's

docs/tutorial/security.md

@@ -239,51 +239,10 @@ to enable this behavior.
 Even when you use `nodeIntegration: false` to enforce strong isolation and
 prevent the use of Node primitives, `contextIsolation` must also be used.
 
-### Why?
+### Why & How?
 
-Context isolation allows each of the scripts running in the renderer to make
-changes to its JavaScript environment without worrying about conflicting with
-the scripts in the Electron API or the preload script.
-
-While still an experimental Electron feature, context isolation adds an
-additional layer of security. It creates a new JavaScript world for Electron
-APIs and preload scripts, which mitigates so-called "Prototype Pollution" attacks.
-
-At the same time, preload scripts still have access to the  `document` and
-`window` objects. In other words, you're getting a decent return on a likely
-very small investment.
-
-### How?
-
-```js
-// Main process
-const mainWindow = new BrowserWindow({
-  webPreferences: {
-    contextIsolation: true,
-    preload: path.join(app.getAppPath(), 'preload.js')
-  }
-})
-```
-
-```js
-// Preload script
-
-// Set a variable in the page before it loads
-webFrame.executeJavaScript('window.foo = "foo";')
-
-// The loaded page will not be able to access this, it is only available
-// in this context
-window.bar = 'bar'
-
-document.addEventListener('DOMContentLoaded', () => {
-  // Will log out 'undefined' since window.foo is only available in the main
-  // context
-  console.log(window.foo)
-
-  // Will log out 'bar' since window.bar is available in this context
-  console.log(window.bar)
-})
-```
+For more information on what `contextIsolation` is and how to enable it please
+see our dedicated [Context Isolation](context-isolation.md) document.
 
 
 ## 4) Handle Session Permission Requests From Remote Content

docs/tutorial/spellchecker.md

@@ -0,0 +1,74 @@
+# SpellChecker
+
+Electron has built-in support for Chromium's spellchecker since Electron 8.  On Windows and Linux this is powered by Hunspell dictionaries, and on macOS it makes use of the native spellchecker APIs.
+
+## How to enable the spellchecker?
+
+For Electron 9 and higher the spellchecker is enabled by default.  For Electron 8 you need to enable it in `webPreferences`.
+
+```js
+const myWindow = new BrowserWindow({
+  webPreferences: {
+    spellcheck: true
+  }
+})
+```
+
+## How to set the languages the spellchecker uses?
+
+On macOS as we use the native APIs there is no way to set the language that the spellchecker uses. By default on macOS the native spellchecker will automatically detect the language being used for you.
+
+For Windows and Linux there are a few Electron APIs you should use to set the languages for the spellchecker.
+
+```js
+// Sets the spellchecker to check English US and French
+myWindow.session.setSpellCheckerLanguages(['en-US', 'fr'])
+
+// An array of all available language codes
+const possibleLanguages = myWindow.session.availableSpellCheckerLanguages
+```
+
+By default the spellchecker will enable the language matching the current OS locale.
+
+## How do I put the results of the spellchecker in my context menu?
+
+All the required information to generate a context menu is provided in the [`context-menu`](../api/web-contents.md#event-context-menu) event on each `webContents` instance.  A small example
+of how to make a context menu with this information is provided below.
+
+```js
+const { Menu, MenuItem } = require('electron')
+
+myWindow.webContents.on('context-menu', (event, params) => {
+  const menu = new Menu()
+
+  // Add each spelling suggestion
+  for (const suggestion of params.dictionarySuggestions) {
+    menu.append(new MenuItem({
+      label: suggestion,
+      click: () => mainWindow.webContents.replaceMisspelling(suggestion)
+    }))
+  }
+
+  // Allow users to add the misspelled word to the dictionary
+  if (params.misspelledWord) {
+    menu.append(
+      new MenuItem({
+        label: 'Add to dictionary',
+        click: () => mainWindow.webContents.session.addWordToSpellCheckerDictionary(params.misspelledWord)
+      })
+    )
+  }
+
+  menu.popup()
+})
+```
+
+## Does the spellchecker use any Google services?
+
+Although the spellchecker itself does not send any typings, words or user input to Google services the hunspell dictionary files are downloaded from a Google CDN by default.  If you want to avoid this you can provide an alternative URL to download the dictionaries from.
+
+```js
+myWindow.session.setSpellCheckerDictionaryDownloadURL('https://example.com/dictionaries/')
+```
+
+Check out the docs for [`session.setSpellCheckerDictionaryDownloadURL`](https://www.electronjs.org/docs/api/session#sessetspellcheckerdictionarydownloadurlurl) for more information on where to get the dictionary files from and how you need to host them.

docs/tutorial/support.md

@@ -58,9 +58,9 @@ threshold, we will attempt to support backwards compatibility beyond two version
 until the maintainers feel the maintenance burden is too high to continue doing so.
 
 ### Currently supported versions
-- 8.1.x
-- 7.1.x
-- 6.1.x
+- 9.x.y
+- 8.x.y
+- 7.x.y
 
 ### End-of-life
 

docs/tutorial/updates.md

@@ -7,7 +7,7 @@ Electron's [autoUpdater](../api/auto-updater.md) module.
 
 ## Using `update.electronjs.org`
 
-GitHub's Electron team maintains [update.electronjs.org], a free and open-source
+The Electron team maintains [update.electronjs.org], a free and open-source
 webservice that Electron apps can use to self-update. The service is designed
 for Electron apps that meet the following criteria:
 
@@ -80,9 +80,9 @@ Next, construct the URL of the update server and tell
 
 ```javascript
 const server = 'https://your-deployment-url.com'
-const feed = `${server}/update/${process.platform}/${app.getVersion()}`
+const url = `${server}/update/${process.platform}/${app.getVersion()}`
 
-autoUpdater.setFeedURL(feed)
+autoUpdater.setFeedURL({ url })
 ```
 
 As the final step, check for updates. The example below will check every minute:
@@ -132,6 +132,10 @@ autoUpdater.on('error', message => {
 })
 ```
 
+## Handing Updates Manually
+
+Because the requests made by Auto Update aren't under your direct control, you may find situations that are difficult to handle (such as if the update server is behind authentication). The `url` field does support files, which means that with some effort, you can sidestep the server-communication aspect of the process. [Here's an example of how this could work](https://github.com/electron/electron/issues/5020#issuecomment-477636990).
+
 [now]: https://zeit.co/now
 [hazel]: https://github.com/zeit/hazel
 [nuts]: https://github.com/GitbookIO/nuts

docs/tutorial/windows-store-guide.md

@@ -64,8 +64,7 @@ The output should look roughly like this:
 │   ├── [...]
 ├── node.dll
 ├── resources
-│   ├── app
-│   └── atom.asar
+│   └── app.asar
 ├── v8_context_snapshot.bin
 ├── squirrel.exe
 └── ui_resources_200_percent.pak

electron_paks.gni

@@ -55,7 +55,9 @@ template("electron_extra_paks") {
     output = "${invoker.output_dir}/resources.pak"
     sources = [
       "$root_gen_dir/components/components_resources.pak",
+      "$root_gen_dir/content/browser/resources/media/media_internals_resources.pak",
       "$root_gen_dir/content/browser/tracing/tracing_resources.pak",
+      "$root_gen_dir/content/browser/webrtc/resources/webrtc_internals_resources.pak",
       "$root_gen_dir/content/content_resources.pak",
       "$root_gen_dir/content/dev_ui_content_resources.pak",
       "$root_gen_dir/mojo/public/js/mojo_bindings_resources.pak",
@@ -68,7 +70,9 @@ template("electron_extra_paks") {
       "//components/resources",
       "//content:content_resources",
       "//content:dev_ui_content_resources",
+      "//content/browser/resources/media:media_internals_resources",
       "//content/browser/tracing:resources",
+      "//content/browser/webrtc/resources",
       "//electron:resources",
       "//mojo/public/js:resources",
       "//net:net_resources",

electron_strings.grdp

@@ -75,4 +75,9 @@
   <message name="IDS_ACCEPT_LANGUAGES" use_name_for_id="true">
     en-US,en
   </message>
+  <if expr="is_win">
+    <message name="IDS_UTILITY_PROCESS_UTILITY_WIN_NAME" desc="The name of the utility process used to handle Windows utility operations.">
+      Windows Utilities
+    </message>
+  </if>
 </grit-part>

filenames.auto.gni

@@ -43,7 +43,6 @@ auto_filenames = {
     "docs/api/power-monitor.md",
     "docs/api/power-save-blocker.md",
     "docs/api/process.md",
-    "docs/api/protocol-ns.md",
     "docs/api/protocol.md",
     "docs/api/remote.md",
     "docs/api/sandbox-option.md",
@@ -100,6 +99,7 @@ auto_filenames = {
     "docs/api/structures/mime-typed-buffer.md",
     "docs/api/structures/mouse-input-event.md",
     "docs/api/structures/mouse-wheel-input-event.md",
+    "docs/api/structures/new-window-web-contents-event.md",
     "docs/api/structures/notification-action.md",
     "docs/api/structures/point.md",
     "docs/api/structures/post-body.md",
@@ -134,30 +134,23 @@ auto_filenames = {
   ]
 
   sandbox_bundle_deps = [
-    "lib/browser/api/module-keys.js",
+    "lib/browser/api/module-names.ts",
     "lib/common/api/clipboard.js",
     "lib/common/api/deprecate.ts",
     "lib/common/api/module-list.ts",
     "lib/common/api/native-image.js",
     "lib/common/api/shell.js",
-    "lib/common/crash-reporter.js",
     "lib/common/define-properties.ts",
     "lib/common/electron-binding-setup.ts",
     "lib/common/type-utils.ts",
     "lib/common/web-view-methods.ts",
     "lib/common/webpack-globals-provider.ts",
     "lib/renderer/api/context-bridge.ts",
-    "lib/renderer/api/crash-reporter.js",
+    "lib/renderer/api/crash-reporter.ts",
     "lib/renderer/api/desktop-capturer.ts",
     "lib/renderer/api/ipc-renderer.ts",
     "lib/renderer/api/remote.js",
     "lib/renderer/api/web-frame.ts",
-    "lib/renderer/chrome-api.ts",
-    "lib/renderer/content-scripts-injector.ts",
-    "lib/renderer/extensions/event.ts",
-    "lib/renderer/extensions/i18n.ts",
-    "lib/renderer/extensions/storage.ts",
-    "lib/renderer/extensions/web-navigation.ts",
     "lib/renderer/inspector.ts",
     "lib/renderer/ipc-renderer-internal-utils.ts",
     "lib/renderer/ipc-renderer-internal.ts",
@@ -182,28 +175,8 @@ auto_filenames = {
   isolated_bundle_deps = [
     "lib/common/electron-binding-setup.ts",
     "lib/isolated_renderer/init.js",
-    "lib/renderer/ipc-renderer-internal-utils.ts",
-    "lib/renderer/ipc-renderer-internal.ts",
     "lib/renderer/web-view/web-view-constants.ts",
     "lib/renderer/web-view/web-view-element.ts",
-    "lib/renderer/window-setup.ts",
-    "package.json",
-    "tsconfig.electron.json",
-    "tsconfig.json",
-  ]
-
-  content_script_bundle_deps = [
-    "lib/common/electron-binding-setup.ts",
-    "lib/common/webpack-globals-provider.ts",
-    "lib/content_script/init.js",
-    "lib/renderer/chrome-api.ts",
-    "lib/renderer/extensions/event.ts",
-    "lib/renderer/extensions/i18n.ts",
-    "lib/renderer/extensions/storage.ts",
-    "lib/renderer/extensions/web-navigation.ts",
-    "lib/renderer/ipc-renderer-internal-utils.ts",
-    "lib/renderer/ipc-renderer-internal.ts",
-    "lib/renderer/window-setup.ts",
     "package.json",
     "tsconfig.electron.json",
     "tsconfig.json",
@@ -218,7 +191,8 @@ auto_filenames = {
     "lib/browser/api/browser-view.js",
     "lib/browser/api/browser-window.js",
     "lib/browser/api/content-tracing.js",
-    "lib/browser/api/crash-reporter.js",
+    "lib/browser/api/crash-reporter.ts",
+    "lib/browser/api/desktop-capturer.ts",
     "lib/browser/api/dialog.js",
     "lib/browser/api/exports/electron.ts",
     "lib/browser/api/global-shortcut.js",
@@ -232,7 +206,7 @@ auto_filenames = {
     "lib/browser/api/module-list.ts",
     "lib/browser/api/native-theme.ts",
     "lib/browser/api/net-log.js",
-    "lib/browser/api/net.js",
+    "lib/browser/api/net.ts",
     "lib/browser/api/notification.js",
     "lib/browser/api/power-monitor.ts",
     "lib/browser/api/power-save-blocker.js",
@@ -248,8 +222,6 @@ auto_filenames = {
     "lib/browser/api/web-contents-view.js",
     "lib/browser/api/web-contents.js",
     "lib/browser/chrome-extension-shim.js",
-    "lib/browser/chrome-extension.js",
-    "lib/browser/crash-reporter-init.js",
     "lib/browser/default-menu.ts",
     "lib/browser/desktop-capturer.ts",
     "lib/browser/devtools.ts",
@@ -270,11 +242,10 @@ auto_filenames = {
     "lib/common/api/module-list.ts",
     "lib/common/api/native-image.js",
     "lib/common/api/shell.js",
-    "lib/common/crash-reporter.js",
     "lib/common/define-properties.ts",
     "lib/common/electron-binding-setup.ts",
     "lib/common/init.ts",
-    "lib/common/parse-features-string.js",
+    "lib/common/parse-features-string.ts",
     "lib/common/reset-search-paths.ts",
     "lib/common/type-utils.ts",
     "lib/common/web-view-methods.ts",
@@ -287,13 +258,12 @@ auto_filenames = {
   ]
 
   renderer_bundle_deps = [
-    "lib/browser/api/module-keys.js",
+    "lib/browser/api/module-names.ts",
     "lib/common/api/clipboard.js",
     "lib/common/api/deprecate.ts",
     "lib/common/api/module-list.ts",
     "lib/common/api/native-image.js",
     "lib/common/api/shell.js",
-    "lib/common/crash-reporter.js",
     "lib/common/define-properties.ts",
     "lib/common/electron-binding-setup.ts",
     "lib/common/init.ts",
@@ -302,19 +272,13 @@ auto_filenames = {
     "lib/common/web-view-methods.ts",
     "lib/common/webpack-globals-provider.ts",
     "lib/renderer/api/context-bridge.ts",
-    "lib/renderer/api/crash-reporter.js",
+    "lib/renderer/api/crash-reporter.ts",
     "lib/renderer/api/desktop-capturer.ts",
     "lib/renderer/api/exports/electron.ts",
     "lib/renderer/api/ipc-renderer.ts",
     "lib/renderer/api/module-list.ts",
     "lib/renderer/api/remote.js",
     "lib/renderer/api/web-frame.ts",
-    "lib/renderer/chrome-api.ts",
-    "lib/renderer/content-scripts-injector.ts",
-    "lib/renderer/extensions/event.ts",
-    "lib/renderer/extensions/i18n.ts",
-    "lib/renderer/extensions/storage.ts",
-    "lib/renderer/extensions/web-navigation.ts",
     "lib/renderer/init.ts",
     "lib/renderer/inspector.ts",
     "lib/renderer/ipc-renderer-internal-utils.ts",
@@ -336,13 +300,12 @@ auto_filenames = {
   ]
 
   worker_bundle_deps = [
-    "lib/browser/api/module-keys.js",
+    "lib/browser/api/module-names.ts",
     "lib/common/api/clipboard.js",
     "lib/common/api/deprecate.ts",
     "lib/common/api/module-list.ts",
     "lib/common/api/native-image.js",
     "lib/common/api/shell.js",
-    "lib/common/crash-reporter.js",
     "lib/common/define-properties.ts",
     "lib/common/electron-binding-setup.ts",
     "lib/common/init.ts",
@@ -350,7 +313,7 @@ auto_filenames = {
     "lib/common/type-utils.ts",
     "lib/common/webpack-globals-provider.ts",
     "lib/renderer/api/context-bridge.ts",
-    "lib/renderer/api/crash-reporter.js",
+    "lib/renderer/api/crash-reporter.ts",
     "lib/renderer/api/desktop-capturer.ts",
     "lib/renderer/api/exports/electron.ts",
     "lib/renderer/api/ipc-renderer.ts",

filenames.gni

@@ -31,6 +31,8 @@ filenames = {
     "shell/app/command_line_args.h",
     "shell/app/electron_content_client.cc",
     "shell/app/electron_content_client.h",
+    "shell/app/electron_crash_reporter_client.cc",
+    "shell/app/electron_crash_reporter_client.h",
     "shell/app/electron_main_delegate.cc",
     "shell/app/electron_main_delegate.h",
     "shell/app/electron_main_delegate_mac.h",
@@ -51,6 +53,8 @@ filenames = {
     "shell/browser/api/electron_api_content_tracing.cc",
     "shell/browser/api/electron_api_cookies.cc",
     "shell/browser/api/electron_api_cookies.h",
+    "shell/browser/api/electron_api_crash_reporter.cc",
+    "shell/browser/api/electron_api_crash_reporter.h",
     "shell/browser/api/electron_api_data_pipe_holder.cc",
     "shell/browser/api/electron_api_data_pipe_holder.h",
     "shell/browser/api/electron_api_debugger.cc",
@@ -170,7 +174,6 @@ filenames = {
     "shell/browser/electron_javascript_dialog_manager.h",
     "shell/browser/electron_navigation_throttle.cc",
     "shell/browser/electron_navigation_throttle.h",
-    "shell/browser/electron_paths.h",
     "shell/browser/electron_permission_manager.cc",
     "shell/browser/electron_permission_manager.h",
     "shell/browser/electron_quota_permission_context.cc",
@@ -398,6 +401,8 @@ filenames = {
     "shell/browser/ui/views/submenu_button.h",
     "shell/browser/ui/views/win_frame_view.cc",
     "shell/browser/ui/views/win_frame_view.h",
+    "shell/browser/ui/win/dialog_thread.cc",
+    "shell/browser/ui/win/dialog_thread.h",
     "shell/browser/ui/win/electron_desktop_native_widget_aura.cc",
     "shell/browser/ui/win/electron_desktop_native_widget_aura.h",
     "shell/browser/ui/win/electron_desktop_window_tree_host_win.cc",
@@ -442,7 +447,6 @@ filenames = {
     "shell/common/api/electron_api_clipboard.h",
     "shell/common/api/electron_api_clipboard_mac.mm",
     "shell/common/api/electron_api_command_line.cc",
-    "shell/common/api/electron_api_crash_reporter.cc",
     "shell/common/api/electron_api_key_weak_map.h",
     "shell/common/api/electron_api_native_image.cc",
     "shell/common/api/electron_api_native_image.h",
@@ -452,6 +456,8 @@ filenames = {
     "shell/common/api/electron_bindings.cc",
     "shell/common/api/electron_bindings.h",
     "shell/common/api/features.cc",
+    "shell/common/api/object_life_monitor.cc",
+    "shell/common/api/object_life_monitor.h",
     "shell/common/application_info.cc",
     "shell/common/application_info.h",
     "shell/common/application_info_linux.cc",
@@ -465,22 +471,13 @@ filenames = {
     "shell/common/asar/scoped_temporary_file.h",
     "shell/common/color_util.cc",
     "shell/common/color_util.h",
-    "shell/common/crash_reporter/crash_reporter.cc",
-    "shell/common/crash_reporter/crash_reporter.h",
-    "shell/common/crash_reporter/crash_reporter_linux.cc",
-    "shell/common/crash_reporter/crash_reporter_linux.h",
-    "shell/common/crash_reporter/crash_reporter_mac.h",
-    "shell/common/crash_reporter/crash_reporter_mac.mm",
-    "shell/common/crash_reporter/crash_reporter_win.cc",
-    "shell/common/crash_reporter/crash_reporter_win.h",
-    "shell/common/crash_reporter/linux/crash_dump_handler.cc",
-    "shell/common/crash_reporter/linux/crash_dump_handler.h",
-    "shell/common/crash_reporter/win/crash_service_main.cc",
-    "shell/common/crash_reporter/win/crash_service_main.h",
+    "shell/common/crash_keys.cc",
+    "shell/common/crash_keys.h",
     "shell/common/electron_command_line.cc",
     "shell/common/electron_command_line.h",
     "shell/common/electron_constants.cc",
     "shell/common/electron_constants.h",
+    "shell/common/electron_paths.h",
     "shell/common/gin_converters/accelerator_converter.cc",
     "shell/common/gin_converters/accelerator_converter.h",
     "shell/common/gin_converters/blink_converter.cc",
@@ -488,8 +485,6 @@ filenames = {
     "shell/common/gin_converters/callback_converter.h",
     "shell/common/gin_converters/content_converter.cc",
     "shell/common/gin_converters/content_converter.h",
-    "shell/common/gin_converters/extension_converter.cc",
-    "shell/common/gin_converters/extension_converter.h",
     "shell/common/gin_converters/file_dialog_converter.cc",
     "shell/common/gin_converters/file_dialog_converter.h",
     "shell/common/gin_converters/file_path_converter.h",
@@ -504,6 +499,8 @@ filenames = {
     "shell/common/gin_converters/net_converter.cc",
     "shell/common/gin_converters/net_converter.h",
     "shell/common/gin_converters/std_converter.h",
+    "shell/common/gin_converters/time_converter.cc",
+    "shell/common/gin_converters/time_converter.h",
     "shell/common/gin_converters/value_converter.cc",
     "shell/common/gin_converters/value_converter.h",
     "shell/common/gin_helper/arguments.cc",
@@ -528,6 +525,8 @@ filenames = {
     "shell/common/gin_helper/function_template_extensions.h",
     "shell/common/gin_helper/locker.cc",
     "shell/common/gin_helper/locker.h",
+    "shell/common/gin_helper/microtasks_scope.cc",
+    "shell/common/gin_helper/microtasks_scope.h",
     "shell/common/gin_helper/object_template_builder.cc",
     "shell/common/gin_helper/object_template_builder.h",
     "shell/common/gin_helper/persistent_dictionary.cc",
@@ -545,6 +544,10 @@ filenames = {
     "shell/common/key_weak_map.h",
     "shell/common/keyboard_util.cc",
     "shell/common/keyboard_util.h",
+    "shell/common/language_util.h",
+    "shell/common/language_util_linux.cc",
+    "shell/common/language_util_mac.mm",
+    "shell/common/language_util_win.cc",
     "shell/common/mac/main_application_bundle.h",
     "shell/common/mac/main_application_bundle.mm",
     "shell/common/mouse_util.cc",
@@ -577,11 +580,10 @@ filenames = {
     "shell/common/world_ids.h",
     "shell/renderer/api/context_bridge/object_cache.cc",
     "shell/renderer/api/context_bridge/object_cache.h",
-    "shell/renderer/api/context_bridge/render_frame_function_store.cc",
-    "shell/renderer/api/context_bridge/render_frame_function_store.h",
     "shell/renderer/api/electron_api_context_bridge.cc",
     "shell/renderer/api/electron_api_context_bridge.h",
-    "shell/renderer/api/electron_api_renderer_ipc.cc",
+    "shell/renderer/api/electron_api_crash_reporter_renderer.cc",
+    "shell/renderer/api/electron_api_ipc_renderer.cc",
     "shell/renderer/api/electron_api_spell_check_client.cc",
     "shell/renderer/api/electron_api_spell_check_client.h",
     "shell/renderer/api/electron_api_web_frame.cc",
@@ -651,6 +653,8 @@ filenames = {
     "shell/browser/extensions/electron_extensions_browser_api_provider.h",
     "shell/browser/extensions/electron_extensions_browser_client.cc",
     "shell/browser/extensions/electron_extensions_browser_client.h",
+    "shell/browser/extensions/electron_kiosk_delegate.cc",
+    "shell/browser/extensions/electron_kiosk_delegate.h",
     "shell/browser/extensions/electron_messaging_delegate.cc",
     "shell/browser/extensions/electron_messaging_delegate.h",
     "shell/browser/extensions/electron_navigation_ui_data.cc",
@@ -661,6 +665,8 @@ filenames = {
     "shell/common/extensions/electron_extensions_api_provider.h",
     "shell/common/extensions/electron_extensions_client.cc",
     "shell/common/extensions/electron_extensions_client.h",
+    "shell/common/gin_converters/extension_converter.cc",
+    "shell/common/gin_converters/extension_converter.h",
     "shell/renderer/extensions/electron_extensions_dispatcher_delegate.cc",
     "shell/renderer/extensions/electron_extensions_dispatcher_delegate.h",
     "shell/renderer/extensions/electron_extensions_renderer_client.cc",

filenames.hunspell.gni

@@ -44,7 +44,7 @@ hunspell_dictionaries = [
   "//third_party/hunspell_dictionaries/ta-IN-3-0.bdic",
   "//third_party/hunspell_dictionaries/tg-TG-5-0.bdic",
   "//third_party/hunspell_dictionaries/tr-TR-4-0.bdic",
-  "//third_party/hunspell_dictionaries/uk-UA-3-0.bdic",
+  "//third_party/hunspell_dictionaries/uk-UA-4-0.bdic",
   "//third_party/hunspell_dictionaries/vi-VN-3-0.bdic",
   "//third_party/hunspell_dictionaries/xx-XX-3-0.bdic",
 ]

lib/browser/api/browser-window.js

@@ -1,7 +1,7 @@
 'use strict';
 
 const electron = require('electron');
-const { WebContentsView, TopLevelWindow, deprecate } = electron;
+const { TopLevelWindow, deprecate } = electron;
 const { BrowserWindow } = process.electronBinding('window');
 
 Object.setPrototypeOf(BrowserWindow.prototype, TopLevelWindow.prototype);
@@ -13,9 +13,6 @@ BrowserWindow.prototype._init = function () {
   // Avoid recursive require.
   const { app } = electron;
 
-  // Create WebContentsView.
-  this.setContentView(new WebContentsView(this.webContents));
-
   const nativeSetBounds = this.setBounds;
   this.setBounds = (bounds, ...opts) => {
     bounds = {
@@ -160,6 +157,9 @@ Object.assign(BrowserWindow.prototype, {
   setTouchBar (touchBar) {
     electron.TouchBar._setOnWindow(touchBar, this);
   },
+  getBackgroundThrottling () {
+    return this.webContents.getBackgroundThrottling();
+  },
   setBackgroundThrottling (allowed) {
     this.webContents.setBackgroundThrottling(allowed);
   }

lib/browser/api/crash-reporter.js

@@ -1,12 +0,0 @@
-'use strict';
-
-const CrashReporter = require('@electron/internal/common/crash-reporter');
-const { crashReporterInit } = require('@electron/internal/browser/crash-reporter-init');
-
-class CrashReporterMain extends CrashReporter {
-  init (options) {
-    return crashReporterInit(options);
-  }
-}
-
-module.exports = new CrashReporterMain();

lib/browser/api/crash-reporter.ts

@@ -0,0 +1,87 @@
+import { app, deprecate } from 'electron';
+
+const binding = process.electronBinding('crash_reporter');
+
+class CrashReporter {
+  start (options: Electron.CrashReporterStartOptions) {
+    const {
+      productName = app.name,
+      companyName,
+      extra = {},
+      globalExtra = {},
+      ignoreSystemCrashHandler = false,
+      submitURL,
+      uploadToServer = true,
+      rateLimit = false,
+      compress = false
+    } = options || {};
+
+    if (submitURL == null) throw new Error('submitURL is a required option to crashReporter.start');
+
+    if (!compress) {
+      deprecate.log('Sending uncompressed crash reports is deprecated and will be removed in a future version of Electron. Set { compress: true } to opt-in to the new behavior. Crash reports will be uploaded gzipped, which most crash reporting servers support.');
+    }
+
+    const appVersion = app.getVersion();
+
+    if (companyName && globalExtra._companyName == null) globalExtra._companyName = companyName;
+
+    const globalExtraAmended = {
+      _productName: productName,
+      _version: appVersion,
+      ...globalExtra
+    };
+
+    binding.start(submitURL, uploadToServer,
+      ignoreSystemCrashHandler, rateLimit, compress, globalExtraAmended, extra, false);
+  }
+
+  getLastCrashReport () {
+    const reports = this.getUploadedReports()
+      .sort((a, b) => {
+        const ats = (a && a.date) ? new Date(a.date).getTime() : 0;
+        const bts = (b && b.date) ? new Date(b.date).getTime() : 0;
+        return bts - ats;
+      });
+
+    return (reports.length > 0) ? reports[0] : null;
+  }
+
+  getUploadedReports (): Electron.CrashReport[] {
+    return binding.getUploadedReports();
+  }
+
+  getCrashesDirectory () {
+    return app.getPath('crashDumps');
+  }
+
+  getUploadToServer () {
+    if (process.type === 'browser') {
+      return binding.getUploadToServer();
+    } else {
+      throw new Error('getUploadToServer can only be called from the main process');
+    }
+  }
+
+  setUploadToServer (uploadToServer: boolean) {
+    if (process.type === 'browser') {
+      return binding.setUploadToServer(uploadToServer);
+    } else {
+      throw new Error('setUploadToServer can only be called from the main process');
+    }
+  }
+
+  addExtraParameter (key: string, value: string) {
+    binding.addExtraParameter(key, value);
+  }
+
+  removeExtraParameter (key: string) {
+    binding.removeExtraParameter(key);
+  }
+
+  getParameters () {
+    return binding.getParameters();
+  }
+}
+
+export default new CrashReporter();

lib/browser/api/desktop-capturer.ts

@@ -0,0 +1,5 @@
+import { getSourcesImpl } from '@electron/internal/browser/desktop-capturer';
+
+export async function getSources (options: Electron.SourcesOptions) {
+  return getSourcesImpl(null, options);
+}

lib/browser/api/dialog.js

@@ -249,7 +249,11 @@ module.exports = {
   },
 
   showCertificateTrustDialog: function (window, options) {
-    if (window && window.constructor !== BrowserWindow) options = window;
+    if (window && window.constructor !== BrowserWindow) {
+      options = window;
+      window = null;
+    }
+
     if (options == null || typeof options !== 'object') {
       throw new TypeError('options must be an object');
     }

lib/browser/api/menu-item-roles.js

@@ -10,7 +10,8 @@ const roles = {
   about: {
     get label () {
       return isLinux ? 'About' : `About ${app.name}`;
-    }
+    },
+    ...(isWindows && { appMethod: 'showAboutPanel' })
   },
   close: {
     label: isMac ? 'Close Window' : 'Close',
@@ -70,7 +71,7 @@ const roles = {
   },
   pasteandmatchstyle: {
     label: 'Paste and Match Style',
-    accelerator: 'Shift+CommandOrControl+V',
+    accelerator: isMac ? 'Cmd+Option+Shift+V' : 'Shift+CommandOrControl+V',
     webContentsMethod: 'pasteAndMatchStyle',
     registerAccelerator: false
   },

lib/browser/api/menu.js

@@ -177,9 +177,11 @@ Menu.buildFromTemplate = function (template) {
   if (!Array.isArray(template)) {
     throw new TypeError('Invalid template for Menu: Menu template must be an array');
   }
+
   if (!areValidTemplateItems(template)) {
     throw new TypeError('Invalid template for MenuItem: must have at least one of label, role or type');
   }
+
   const filtered = removeExtraSeparators(template);
   const sorted = sortTemplate(filtered);
 

lib/browser/api/module-keys.js

@@ -1,47 +0,0 @@
-'use strict';
-
-// TODO: Figure out a way to not duplicate this information between here and module-list
-// It is currently duplicated as module-list "require"s all the browser API file and the
-// remote module in the renderer process depends on that file.  As a result webpack
-// includes all the browser API files in the renderer process as well and we want to avoid that
-
-const features = process.electronBinding('features');
-
-// Browser side modules, please sort alphabetically.
-module.exports = [
-  { name: 'app' },
-  { name: 'autoUpdater' },
-  { name: 'BrowserView' },
-  { name: 'BrowserWindow' },
-  { name: 'contentTracing' },
-  { name: 'crashReporter' },
-  { name: 'dialog' },
-  { name: 'globalShortcut' },
-  { name: 'ipcMain' },
-  { name: 'inAppPurchase' },
-  { name: 'Menu' },
-  { name: 'MenuItem' },
-  { name: 'nativeTheme' },
-  { name: 'net' },
-  { name: 'netLog' },
-  { name: 'MessageChannelMain' },
-  { name: 'Notification' },
-  { name: 'powerMonitor' },
-  { name: 'powerSaveBlocker' },
-  { name: 'protocol' },
-  { name: 'screen' },
-  { name: 'session' },
-  { name: 'systemPreferences' },
-  { name: 'TopLevelWindow' },
-  { name: 'TouchBar' },
-  { name: 'Tray' },
-  { name: 'View' },
-  { name: 'webContents' },
-  { name: 'WebContentsView' }
-];
-
-if (features.isViewApiEnabled()) {
-  module.exports.push(
-    { name: 'ImageView' }
-  );
-}

lib/browser/api/module-list.ts

@@ -1,7 +1,5 @@
 // TODO: Updating this file also required updating the module-keys file
 
-const features = process.electronBinding('features');
-
 // Browser side modules, please sort alphabetically.
 export const browserModuleList: ElectronInternal.ModuleEntry[] = [
   { name: 'app', loader: () => require('./app') },
@@ -35,7 +33,13 @@ export const browserModuleList: ElectronInternal.ModuleEntry[] = [
   { name: 'WebContentsView', loader: () => require('./web-contents-view') }
 ];
 
-if (features.isViewApiEnabled()) {
+if (BUILDFLAG(ENABLE_DESKTOP_CAPTURER)) {
+  browserModuleList.push(
+    { name: 'desktopCapturer', loader: () => require('./desktop-capturer') }
+  );
+}
+
+if (BUILDFLAG(ENABLE_VIEWS_API)) {
   browserModuleList.push(
     { name: 'ImageView', loader: () => require('./views/image-view') }
   );

lib/browser/api/module-names.ts

@@ -0,0 +1,47 @@
+// TODO: Figure out a way to not duplicate this information between here and module-list
+// It is currently duplicated as module-list "require"s all the browser API file and the
+// remote module in the renderer process depends on that file.  As a result webpack
+// includes all the browser API files in the renderer process as well and we want to avoid that
+
+// Browser side modules, please sort alphabetically.
+export const browserModuleNames = [
+  'app',
+  'autoUpdater',
+  'BrowserView',
+  'BrowserWindow',
+  'contentTracing',
+  'crashReporter',
+  'dialog',
+  'globalShortcut',
+  'ipcMain',
+  'inAppPurchase',
+  'Menu',
+  'MenuItem',
+  'nativeTheme',
+  'net',
+  'netLog',
+  'MessageChannelMain',
+  'Notification',
+  'powerMonitor',
+  'powerSaveBlocker',
+  'protocol',
+  'screen',
+  'session',
+  'systemPreferences',
+  'TopLevelWindow',
+  'TouchBar',
+  'Tray',
+  'View',
+  'webContents',
+  'WebContentsView'
+];
+
+if (BUILDFLAG(ENABLE_DESKTOP_CAPTURER)) {
+  browserModuleNames.push('desktopCapturer');
+}
+
+if (BUILDFLAG(ENABLE_VIEWS_API)) {
+  browserModuleNames.push(
+    'ImageView'
+  );
+}

lib/browser/api/net.ts

@@ -1,10 +1,7 @@
-'use strict';
-
-const url = require('url');
-const { EventEmitter } = require('events');
-const { Readable, Writable } = require('stream');
-const { app } = require('electron');
-const { Session } = process.electronBinding('session');
+import * as url from 'url';
+import { Readable, Writable } from 'stream';
+import { app } from 'electron';
+import { ClientRequestConstructorOptions, UploadProgress } from 'electron/main';
 const { net, Net, isValidHeaderName, isValidHeaderValue, createURLLoader } = process.electronBinding('net');
 
 const kSupportedProtocols = new Set(['http:', 'https:']);
@@ -33,7 +30,11 @@ const discardableDuplicateHeaders = new Set([
 ]);
 
 class IncomingMessage extends Readable {
-  constructor (responseHead) {
+  _shouldPush: boolean;
+  _data: (Buffer | null)[];
+  _responseHead: NodeJS.ResponseHead;
+
+  constructor (responseHead: NodeJS.ResponseHead) {
     super();
     this._shouldPush = false;
     this._data = [];
@@ -49,7 +50,7 @@ class IncomingMessage extends Readable {
   }
 
   get headers () {
-    const filteredHeaders = {};
+    const filteredHeaders: Record<string, string | string[]> = {};
     const { rawHeaders } = this._responseHead;
     rawHeaders.forEach(header => {
       if (Object.prototype.hasOwnProperty.call(filteredHeaders, header.key) &&
@@ -60,7 +61,7 @@ class IncomingMessage extends Readable {
           // keep set-cookie as an array per Node.js rules
           // see https://nodejs.org/api/http.html#http_message_headers
           if (Object.prototype.hasOwnProperty.call(filteredHeaders, header.key)) {
-            filteredHeaders[header.key].push(header.value);
+            (filteredHeaders[header.key] as string[]).push(header.value);
           } else {
             filteredHeaders[header.key] = [header.value];
           }
@@ -97,7 +98,7 @@ class IncomingMessage extends Readable {
     throw new Error('HTTP trailers are not supported');
   }
 
-  _storeInternalData (chunk) {
+  _storeInternalData (chunk: Buffer | null) {
     this._data.push(chunk);
     this._pushInternalData();
   }
@@ -117,12 +118,13 @@ class IncomingMessage extends Readable {
 
 /** Writable stream that buffers up everything written to it. */
 class SlurpStream extends Writable {
+  _data: Buffer;
   constructor () {
     super();
     this._data = Buffer.alloc(0);
   }
 
-  _write (chunk, encoding, callback) {
+  _write (chunk: Buffer, encoding: string, callback: () => void) {
     this._data = Buffer.concat([this._data, chunk]);
     callback();
   }
@@ -130,12 +132,17 @@ class SlurpStream extends Writable {
 }
 
 class ChunkedBodyStream extends Writable {
-  constructor (clientRequest) {
+  _pendingChunk: Buffer | undefined;
+  _downstream?: NodeJS.DataPipe;
+  _pendingCallback?: (error?: Error) => void;
+  _clientRequest: ClientRequest;
+
+  constructor (clientRequest: ClientRequest) {
     super();
     this._clientRequest = clientRequest;
   }
 
-  _write (chunk, encoding, callback) {
+  _write (chunk: Buffer, encoding: string, callback: () => void) {
     if (this._downstream) {
       this._downstream.write(chunk).then(callback, callback);
     } else {
@@ -149,40 +156,37 @@ class ChunkedBodyStream extends Writable {
     }
   }
 
-  _final (callback) {
-    this._downstream.done();
+  _final (callback: () => void) {
+    this._downstream!.done();
     callback();
   }
 
-  startReading (pipe) {
+  startReading (pipe: NodeJS.DataPipe) {
     if (this._downstream) {
       throw new Error('two startReading calls???');
     }
     this._downstream = pipe;
     if (this._pendingChunk) {
-      const doneWriting = (maybeError) => {
-        const cb = this._pendingCallback;
+      const doneWriting = (maybeError: Error | void) => {
+        const cb = this._pendingCallback!;
         delete this._pendingCallback;
         delete this._pendingChunk;
-        cb(maybeError);
+        cb(maybeError || undefined);
       };
       this._downstream.write(this._pendingChunk).then(doneWriting, doneWriting);
     }
   }
 }
 
-function parseOptions (options) {
-  if (typeof options === 'string') {
-    options = url.parse(options);
-  } else {
-    options = { ...options };
-  }
+type RedirectPolicy = 'manual' | 'follow' | 'error';
 
-  const method = (options.method || 'GET').toUpperCase();
-  let urlStr = options.url;
+function parseOptions (optionsIn: ClientRequestConstructorOptions | string): NodeJS.CreateURLLoaderOptions & { redirectPolicy: RedirectPolicy, extraHeaders: Record<string, string> } {
+  const options: any = typeof optionsIn === 'string' ? url.parse(optionsIn) : { ...optionsIn };
+
+  let urlStr: string = options.url;
 
   if (!urlStr) {
-    const urlObj = {};
+    const urlObj: url.UrlObject = {};
     const protocol = options.protocol || 'http:';
     if (!kSupportedProtocols.has(protocol)) {
       throw new Error('Protocol "' + protocol + '" not supported');
@@ -228,14 +232,15 @@ function parseOptions (options) {
     throw new TypeError('headers must be an object');
   }
 
-  const urlLoaderOptions = {
-    method: method,
+  const urlLoaderOptions: NodeJS.CreateURLLoaderOptions & { redirectPolicy: RedirectPolicy, extraHeaders: Record<string, string | string[]> } = {
+    method: (options.method || 'GET').toUpperCase(),
     url: urlStr,
     redirectPolicy,
     extraHeaders: options.headers || {},
+    body: null as any,
     useSessionCookies: options.useSessionCookies || false
   };
-  for (const [name, value] of Object.entries(urlLoaderOptions.extraHeaders)) {
+  for (const [name, value] of Object.entries(urlLoaderOptions.extraHeaders!)) {
     if (!isValidHeaderName(name)) {
       throw new Error(`Invalid header name: '${name}'`);
     }
@@ -244,7 +249,8 @@ function parseOptions (options) {
     }
   }
   if (options.session) {
-    if (options.session instanceof Session) {
+    // Weak check, but it should be enough to catch 99% of accidental misuses.
+    if (options.session.constructor && options.session.constructor.name === 'Session') {
       urlLoaderOptions.session = options.session;
     } else {
       throw new TypeError('`session` should be an instance of the Session class');
@@ -259,8 +265,20 @@ function parseOptions (options) {
   return urlLoaderOptions;
 }
 
-class ClientRequest extends Writable {
-  constructor (options, callback) {
+class ClientRequest extends Writable implements Electron.ClientRequest {
+  _started: boolean = false;
+  _firstWrite: boolean = false;
+  _aborted: boolean = false;
+  _chunkedEncoding: boolean | undefined;
+  _body: Writable | undefined;
+  _urlLoaderOptions: NodeJS.CreateURLLoaderOptions & { extraHeaders: Record<string, string> };
+  _redirectPolicy: RedirectPolicy;
+  _followRedirectCb?: () => void;
+  _uploadProgress?: { active: boolean, started: boolean, current: number, total: number };
+  _urlLoader?: NodeJS.URLLoader;
+  _response?: IncomingMessage;
+
+  constructor (options: ClientRequestConstructorOptions | string, callback?: (message: IncomingMessage) => void) {
     super({ autoDestroy: true });
 
     if (!app.isReady()) {
@@ -274,10 +292,9 @@ class ClientRequest extends Writable {
     const { redirectPolicy, ...urlLoaderOptions } = parseOptions(options);
     this._urlLoaderOptions = urlLoaderOptions;
     this._redirectPolicy = redirectPolicy;
-    this._started = false;
   }
 
-  set chunkedEncoding (value) {
+  set chunkedEncoding (value: boolean) {
     if (this._started) {
       throw new Error('chunkedEncoding can only be set before the request is started');
     }
@@ -287,13 +304,13 @@ class ClientRequest extends Writable {
     this._chunkedEncoding = !!value;
     if (this._chunkedEncoding) {
       this._body = new ChunkedBodyStream(this);
-      this._urlLoaderOptions.body = (pipe) => {
-        this._body.startReading(pipe);
+      this._urlLoaderOptions.body = (pipe: NodeJS.DataPipe) => {
+        (this._body! as ChunkedBodyStream).startReading(pipe);
       };
     }
   }
 
-  setHeader (name, value) {
+  setHeader (name: string, value: string) {
     if (typeof name !== 'string') {
       throw new TypeError('`name` should be a string in setHeader(name, value)');
     }
@@ -314,7 +331,7 @@ class ClientRequest extends Writable {
     this._urlLoaderOptions.extraHeaders[key] = value;
   }
 
-  getHeader (name) {
+  getHeader (name: string) {
     if (name == null) {
       throw new Error('`name` is required for getHeader(name)');
     }
@@ -323,7 +340,7 @@ class ClientRequest extends Writable {
     return this._urlLoaderOptions.extraHeaders[key];
   }
 
-  removeHeader (name) {
+  removeHeader (name: string) {
     if (name == null) {
       throw new Error('`name` is required for removeHeader(name)');
     }
@@ -336,12 +353,12 @@ class ClientRequest extends Writable {
     delete this._urlLoaderOptions.extraHeaders[key];
   }
 
-  _write (chunk, encoding, callback) {
+  _write (chunk: Buffer, encoding: string, callback: () => void) {
     this._firstWrite = true;
     if (!this._body) {
       this._body = new SlurpStream();
       this._body.on('finish', () => {
-        this._urlLoaderOptions.body = this._body.data();
+        this._urlLoaderOptions.body = (this._body as SlurpStream).data();
         this._startRequest();
       });
     }
@@ -349,7 +366,7 @@ class ClientRequest extends Writable {
     this._body.write(chunk, encoding, callback);
   }
 
-  _final (callback) {
+  _final (callback: () => void) {
     if (this._body) {
       // TODO: is this the right way to forward to another stream?
       this._body.end(callback);
@@ -362,13 +379,14 @@ class ClientRequest extends Writable {
 
   _startRequest () {
     this._started = true;
-    const stringifyValues = (obj) => {
-      const ret = {};
+    const stringifyValues = (obj: Record<string, any>) => {
+      const ret: Record<string, string> = {};
       for (const k of Object.keys(obj)) {
         ret[k] = obj[k].toString();
       }
       return ret;
     };
+    this._urlLoaderOptions.referrer = this._urlLoaderOptions.extraHeaders.referer || '';
     const opts = { ...this._urlLoaderOptions, extraHeaders: stringifyValues(this._urlLoaderOptions.extraHeaders) };
     this._urlLoader = createURLLoader(opts);
     this._urlLoader.on('response-started', (event, finalUrl, responseHead) => {
@@ -376,7 +394,7 @@ class ClientRequest extends Writable {
       this.emit('response', response);
     });
     this._urlLoader.on('data', (event, data) => {
-      this._response._storeInternalData(Buffer.from(data));
+      this._response!._storeInternalData(Buffer.from(data));
     });
     this._urlLoader.on('complete', () => {
       if (this._response) { this._response._storeInternalData(null); }
@@ -405,7 +423,7 @@ class ClientRequest extends Writable {
         try {
           this.emit('redirect', statusCode, newMethod, newUrl, headers);
         } finally {
-          this._followRedirectCb = null;
+          this._followRedirectCb = undefined;
           if (!_followRedirect && !this._aborted) {
             this._die(new Error('Redirect was cancelled'));
           }
@@ -418,7 +436,7 @@ class ClientRequest extends Writable {
           this._followRedirectCb = () => {};
           this.emit('redirect', statusCode, newMethod, newUrl, headers);
         } finally {
-          this._followRedirectCb = null;
+          this._followRedirectCb = undefined;
         }
       } else {
         this._die(new Error(`Unexpected redirect policy '${this._redirectPolicy}'`));
@@ -453,7 +471,7 @@ class ClientRequest extends Writable {
     this._die();
   }
 
-  _die (err) {
+  _die (err?: Error) {
     this.destroy(err);
     if (this._urlLoader) {
       this._urlLoader.cancel();
@@ -461,12 +479,12 @@ class ClientRequest extends Writable {
     }
   }
 
-  getUploadProgress () {
-    return this._uploadProgress ? { ...this._uploadProgress } : { active: false };
+  getUploadProgress (): UploadProgress {
+    return this._uploadProgress ? { ...this._uploadProgress } : { active: false, started: false, current: 0, total: 0 };
   }
 }
 
-Net.prototype.request = function (options, callback) {
+Net.prototype.request = function (options: ClientRequestConstructorOptions | string, callback?: (message: IncomingMessage) => void) {
   return new ClientRequest(options, callback);
 };
 

lib/browser/api/session.js

@@ -2,7 +2,7 @@
 
 const { EventEmitter } = require('events');
 const { app, deprecate } = require('electron');
-const { fromPartition, Session } = process.electronBinding('session');
+const { fromPartition } = process.electronBinding('session');
 
 // Public API.
 Object.defineProperties(exports, {
@@ -15,9 +15,3 @@ Object.defineProperties(exports, {
     value: fromPartition
   }
 });
-
-Object.setPrototypeOf(Session.prototype, EventEmitter.prototype);
-
-Session.prototype._init = function () {
-  app.emit('session-created', this);
-};

lib/browser/api/top-level-window.js

@@ -29,6 +29,11 @@ Object.defineProperty(TopLevelWindow.prototype, 'visibleOnAllWorkspaces', {
   set: function (visible) { this.setVisibleOnAllWorkspaces(visible); }
 });
 
+Object.defineProperty(TopLevelWindow.prototype, 'fullScreen', {
+  get: function () { return this.isFullScreen(); },
+  set: function (full) { this.setFullScreen(full); }
+});
+
 Object.defineProperty(TopLevelWindow.prototype, 'simpleFullScreen', {
   get: function () { return this.isSimpleFullScreen(); },
   set: function (simple) { this.setSimpleFullScreen(simple); }

lib/browser/api/web-contents.js

@@ -1,6 +1,5 @@
 'use strict';
 
-const features = process.electronBinding('features');
 const { EventEmitter } = require('events');
 const electron = require('electron');
 const path = require('path');
@@ -11,7 +10,7 @@ const { internalWindowOpen } = require('@electron/internal/browser/guest-window-
 const NavigationController = require('@electron/internal/browser/navigation-controller');
 const { ipcMainInternal } = require('@electron/internal/browser/ipc-main-internal');
 const ipcMainUtils = require('@electron/internal/browser/ipc-main-internal-utils');
-const { convertFeaturesString } = require('@electron/internal/common/parse-features-string');
+const { parseFeatures } = require('@electron/internal/common/parse-features-string');
 const { MessagePortMain } = require('@electron/internal/browser/message-port-main');
 
 // session is not used here, the purpose is to make sure session is initalized
@@ -65,6 +64,19 @@ const PDFPageSizes = {
   }
 };
 
+// The minimum micron size Chromium accepts is that where:
+// Per printing/units.h:
+//  * kMicronsPerInch - Length of an inch in 0.001mm unit.
+//  * kPointsPerInch - Length of an inch in CSS's 1pt unit.
+//
+// Formula: (kPointsPerInch / kMicronsPerInch) * size >= 1
+//
+// Practically, this means microns need to be > 352 microns.
+// We therefore need to verify this or it will silently fail.
+const isValidCustomPageSize = (width, height) => {
+  return [width, height].every(x => x > 352);
+};
+
 // Default printing setting
 const defaultPrintingSetting = {
   // Customizable.
@@ -216,7 +228,9 @@ WebContents.prototype.executeJavaScriptInIsolatedWorld = async function (code, h
 };
 
 // Translate the options of printToPDF.
-WebContents.prototype.printToPDF = function (options) {
+
+let pendingPromise;
+WebContents.prototype.printToPDF = async function (options) {
   const printSettings = {
     ...defaultPrintingSetting,
     requestID: getNextId()
@@ -319,13 +333,20 @@ WebContents.prototype.printToPDF = function (options) {
         const error = new Error('height and width properties are required for pageSize');
         return Promise.reject(error);
       }
-      // Dimensions in Microns
-      // 1 meter = 10^6 microns
+
+      // Dimensions in Microns - 1 meter = 10^6 microns
+      const height = Math.ceil(pageSize.height);
+      const width = Math.ceil(pageSize.width);
+      if (!isValidCustomPageSize(width, height)) {
+        const error = new Error('height and width properties must be minimum 352 microns.');
+        return Promise.reject(error);
+      }
+
       printSettings.mediaSize = {
         name: 'CUSTOM',
         custom_display_name: 'Custom',
-        height_microns: Math.ceil(pageSize.height),
-        width_microns: Math.ceil(pageSize.width)
+        height_microns: height,
+        width_microns: width
       };
     } else if (PDFPageSizes[pageSize]) {
       printSettings.mediaSize = PDFPageSizes[pageSize];
@@ -341,8 +362,13 @@ WebContents.prototype.printToPDF = function (options) {
   printSettings.scaleFactor = Math.ceil(printSettings.scaleFactor) % 100;
   // PrinterType enum from //printing/print_job_constants.h
   printSettings.printerType = 2;
-  if (features.isPrintingEnabled()) {
-    return this._printToPDF(printSettings);
+  if (this._printToPDF) {
+    if (pendingPromise) {
+      pendingPromise = pendingPromise.then(() => this._printToPDF(printSettings));
+    } else {
+      pendingPromise = this._printToPDF(printSettings);
+    }
+    return pendingPromise;
   } else {
     const error = new Error('Printing feature is disabled');
     return Promise.reject(error);
@@ -360,12 +386,19 @@ WebContents.prototype.print = function (options = {}, callback) {
         if (!pageSize.height || !pageSize.width) {
           throw new Error('height and width properties are required for pageSize');
         }
+
         // Dimensions in Microns - 1 meter = 10^6 microns
+        const height = Math.ceil(pageSize.height);
+        const width = Math.ceil(pageSize.width);
+        if (!isValidCustomPageSize(width, height)) {
+          throw new Error('height and width properties must be minimum 352 microns.');
+        }
+
         options.mediaSize = {
           name: 'CUSTOM',
           custom_display_name: 'Custom',
-          height_microns: Math.ceil(pageSize.height),
-          width_microns: Math.ceil(pageSize.width)
+          height_microns: height,
+          width_microns: width
         };
       } else if (PDFPageSizes[pageSize]) {
         options.mediaSize = PDFPageSizes[pageSize];
@@ -375,7 +408,7 @@ WebContents.prototype.print = function (options = {}, callback) {
     }
   }
 
-  if (features.isPrintingEnabled()) {
+  if (this._print) {
     if (callback) {
       this._print(options, callback);
     } else {
@@ -387,7 +420,7 @@ WebContents.prototype.print = function (options = {}, callback) {
 };
 
 WebContents.prototype.getPrinters = function () {
-  if (features.isPrintingEnabled()) {
+  if (this._getPrinters) {
     return this._getPrinters();
   } else {
     console.error('Error: Printing feature is disabled.');
@@ -502,6 +535,10 @@ WebContents.prototype._init = function () {
     app.emit('renderer-process-crashed', event, this, ...args);
   });
 
+  this.on('render-process-gone', (event, ...args) => {
+    app.emit('render-process-gone', event, this, ...args);
+  });
+
   // The devtools requests the webContents to reload.
   this.on('devtools-reload-page', function () {
     this.reload();
@@ -511,11 +548,13 @@ WebContents.prototype._init = function () {
     // Make new windows requested by links behave like "window.open".
     this.on('-new-window', (event, url, frameName, disposition,
       rawFeatures, referrer, postData) => {
-      const { options, additionalFeatures } = convertFeaturesString(rawFeatures, frameName);
+      const { options, webPreferences, additionalFeatures } = parseFeatures(rawFeatures);
       const mergedOptions = {
         show: true,
         width: 800,
         height: 600,
+        title: frameName,
+        webPreferences,
         ...options
       };
 
@@ -533,17 +572,24 @@ WebContents.prototype._init = function () {
         return;
       }
 
-      const { options, additionalFeatures } = convertFeaturesString(rawFeatures, frameName);
+      const { options, webPreferences, additionalFeatures } = parseFeatures(rawFeatures);
       const mergedOptions = {
         show: true,
         width: 800,
         height: 600,
         webContents,
+        title: frameName,
+        webPreferences,
         ...options
       };
 
       internalWindowOpen(event, url, referrer, frameName, disposition, mergedOptions, additionalFeatures, postData);
     });
+
+    const prefs = this.getWebPreferences() || {};
+    if (prefs.webviewTag && prefs.contextIsolation) {
+      electron.deprecate.log('Security Warning: A WebContents was just created with both webviewTag and contextIsolation enabled.  This combination is fundamentally less secure and effectively bypasses the protections of contextIsolation.  We strongly recommend you move away from webviews to OOPIF or BrowserView in order for your app to be more secure');
+    }
   }
 
   this.on('login', (event, ...args) => {
@@ -579,6 +625,11 @@ WebContents.prototype._init = function () {
     get: () => this.getFrameRate(),
     set: (rate) => this.setFrameRate(rate)
   });
+
+  Object.defineProperty(this, 'backgroundThrottling', {
+    get: () => this.getBackgroundThrottling(),
+    set: (allowed) => this.setBackgroundThrottling(allowed)
+  });
 };
 
 // Public APIs.

lib/browser/chrome-extension-shim.js

@@ -4,10 +4,6 @@
 // BrowserWindow-based extensions stuff to the new native-backed extensions
 // API.
 
-if (!process.electronBinding('features').isExtensionsEnabled()) {
-  throw new Error('Attempted to load JS chrome-extension shim without //extensions support enabled');
-}
-
 const { app, session, BrowserWindow, deprecate } = require('electron');
 
 app.whenReady().then(function () {

lib/browser/chrome-extension.js

@@ -1,542 +0,0 @@
-'use strict';
-
-if (process.electronBinding('features').isExtensionsEnabled()) {
-  throw new Error('Attempted to load JS chrome-extension polyfill with //extensions support enabled');
-}
-
-const { app, webContents, BrowserWindow } = require('electron');
-const { getAllWebContents } = process.electronBinding('web_contents');
-const { ipcMainInternal } = require('@electron/internal/browser/ipc-main-internal');
-const ipcMainUtils = require('@electron/internal/browser/ipc-main-internal-utils');
-
-const { Buffer } = require('buffer');
-const fs = require('fs');
-const path = require('path');
-const url = require('url');
-const util = require('util');
-
-// Mapping between extensionId(hostname) and manifest.
-const manifestMap = {}; // extensionId => manifest
-const manifestNameMap = {}; // name => manifest
-const devToolsExtensionNames = new Set();
-
-const generateExtensionIdFromName = function (name) {
-  return name.replace(/[\W_]+/g, '-').toLowerCase();
-};
-
-const isWindowOrWebView = function (webContents) {
-  const type = webContents.getType();
-  return type === 'window' || type === 'webview';
-};
-
-const isBackgroundPage = function (webContents) {
-  return webContents.getType() === 'backgroundPage';
-};
-
-// Create or get manifest object from |srcDirectory|.
-const getManifestFromPath = function (srcDirectory) {
-  let manifest;
-  let manifestContent;
-
-  try {
-    manifestContent = fs.readFileSync(path.join(srcDirectory, 'manifest.json'));
-  } catch (readError) {
-    console.warn(`Reading ${path.join(srcDirectory, 'manifest.json')} failed.`);
-    console.warn(readError.stack || readError);
-    throw readError;
-  }
-
-  try {
-    manifest = JSON.parse(manifestContent);
-  } catch (parseError) {
-    console.warn(`Parsing ${path.join(srcDirectory, 'manifest.json')} failed.`);
-    console.warn(parseError.stack || parseError);
-    throw parseError;
-  }
-
-  if (!manifestNameMap[manifest.name]) {
-    const extensionId = generateExtensionIdFromName(manifest.name);
-    manifestMap[extensionId] = manifestNameMap[manifest.name] = manifest;
-
-    let extensionURL = url.format({
-      protocol: 'chrome-extension',
-      slashes: true,
-      hostname: extensionId,
-      pathname: manifest.devtools_page
-    });
-
-    // Chromium requires that startPage matches '([^:]+:\/\/[^/]*)\/'
-    // We also can't use the file:// protocol here since that would make Chromium
-    // treat all extension resources as being relative to root which we don't want.
-    if (!manifest.devtools_page) extensionURL += '/';
-
-    Object.assign(manifest, {
-      srcDirectory: srcDirectory,
-      extensionId: extensionId,
-      startPage: extensionURL
-    });
-
-    return manifest;
-  } else if (manifest && manifest.name) {
-    console.warn(`Attempted to load extension "${manifest.name}" that has already been loaded.`);
-    return manifest;
-  }
-};
-
-// Manage the background pages.
-const backgroundPages = {};
-
-const startBackgroundPages = function (manifest) {
-  if (backgroundPages[manifest.extensionId] || !manifest.background) return;
-
-  let html;
-  let name;
-  if (manifest.background.page) {
-    name = manifest.background.page;
-    html = fs.readFileSync(path.join(manifest.srcDirectory, manifest.background.page));
-  } else {
-    name = '_generated_background_page.html';
-    const scripts = manifest.background.scripts.map((name) => {
-      return `<script src="${name}"></script>`;
-    }).join('');
-    html = Buffer.from(`<html><body>${scripts}</body></html>`);
-  }
-
-  const contents = webContents.create({
-    partition: 'persist:__chrome_extension',
-    type: 'backgroundPage',
-    sandbox: true,
-    enableRemoteModule: false
-  });
-  backgroundPages[manifest.extensionId] = { html: html, webContents: contents, name: name };
-  contents.loadURL(url.format({
-    protocol: 'chrome-extension',
-    slashes: true,
-    hostname: manifest.extensionId,
-    pathname: name
-  }));
-};
-
-const removeBackgroundPages = function (manifest) {
-  if (!backgroundPages[manifest.extensionId]) return;
-
-  backgroundPages[manifest.extensionId].webContents.destroy();
-  delete backgroundPages[manifest.extensionId];
-};
-
-const sendToBackgroundPages = function (...args) {
-  for (const page of Object.values(backgroundPages)) {
-    if (!page.webContents.isDestroyed()) {
-      page.webContents._sendInternalToAll(...args);
-    }
-  }
-};
-
-// Dispatch web contents events to Chrome APIs
-const hookWebContentsEvents = function (webContents) {
-  const tabId = webContents.id;
-
-  sendToBackgroundPages('CHROME_TABS_ONCREATED');
-
-  webContents.on('will-navigate', (event, url) => {
-    sendToBackgroundPages('CHROME_WEBNAVIGATION_ONBEFORENAVIGATE', {
-      frameId: 0,
-      parentFrameId: -1,
-      processId: webContents.getProcessId(),
-      tabId: tabId,
-      timeStamp: Date.now(),
-      url: url
-    });
-  });
-
-  webContents.on('did-navigate', (event, url) => {
-    sendToBackgroundPages('CHROME_WEBNAVIGATION_ONCOMPLETED', {
-      frameId: 0,
-      parentFrameId: -1,
-      processId: webContents.getProcessId(),
-      tabId: tabId,
-      timeStamp: Date.now(),
-      url: url
-    });
-  });
-
-  webContents.once('destroyed', () => {
-    sendToBackgroundPages('CHROME_TABS_ONREMOVED', tabId);
-  });
-};
-
-// Handle the chrome.* API messages.
-let nextId = 0;
-
-ipcMainUtils.handleSync('CHROME_RUNTIME_CONNECT', function (event, extensionId, connectInfo) {
-  if (isBackgroundPage(event.sender)) {
-    throw new Error('chrome.runtime.connect is not supported in background page');
-  }
-
-  const page = backgroundPages[extensionId];
-  if (!page || page.webContents.isDestroyed()) {
-    throw new Error(`Connect to unknown extension ${extensionId}`);
-  }
-
-  const tabId = page.webContents.id;
-  const portId = ++nextId;
-
-  event.sender.once('render-view-deleted', () => {
-    if (page.webContents.isDestroyed()) return;
-    page.webContents._sendInternalToAll(`CHROME_PORT_DISCONNECT_${portId}`);
-  });
-  page.webContents._sendInternalToAll(`CHROME_RUNTIME_ONCONNECT_${extensionId}`, event.sender.id, portId, connectInfo);
-
-  return { tabId, portId };
-});
-
-ipcMainUtils.handleSync('CHROME_EXTENSION_MANIFEST', function (event, extensionId) {
-  const manifest = manifestMap[extensionId];
-  if (!manifest) {
-    throw new Error(`Invalid extensionId: ${extensionId}`);
-  }
-  return manifest;
-});
-
-ipcMainInternal.handle('CHROME_RUNTIME_SEND_MESSAGE', async function (event, extensionId, message) {
-  if (isBackgroundPage(event.sender)) {
-    throw new Error('chrome.runtime.sendMessage is not supported in background page');
-  }
-
-  const page = backgroundPages[extensionId];
-  if (!page || page.webContents.isDestroyed()) {
-    throw new Error(`Connect to unknown extension ${extensionId}`);
-  }
-
-  return ipcMainUtils.invokeInWebContents(page.webContents, true, `CHROME_RUNTIME_ONMESSAGE_${extensionId}`, event.sender.id, message);
-});
-
-ipcMainInternal.handle('CHROME_TABS_SEND_MESSAGE', async function (event, tabId, extensionId, message) {
-  const contents = webContents.fromId(tabId);
-  if (!contents) {
-    throw new Error(`Sending message to unknown tab ${tabId}`);
-  }
-
-  const senderTabId = isBackgroundPage(event.sender) ? null : event.sender.id;
-
-  return ipcMainUtils.invokeInWebContents(contents, true, `CHROME_RUNTIME_ONMESSAGE_${extensionId}`, senderTabId, message);
-});
-
-const getLanguage = () => {
-  return app.getLocale().replace(/-.*$/, '').toLowerCase();
-};
-
-const getMessagesPath = (extensionId) => {
-  const metadata = manifestMap[extensionId];
-  if (!metadata) {
-    throw new Error(`Invalid extensionId: ${extensionId}`);
-  }
-
-  const localesDirectory = path.join(metadata.srcDirectory, '_locales');
-  const language = getLanguage();
-
-  try {
-    const filename = path.join(localesDirectory, language, 'messages.json');
-    fs.accessSync(filename, fs.constants.R_OK);
-    return filename;
-  } catch {
-    const defaultLocale = metadata.default_locale || 'en';
-    return path.join(localesDirectory, defaultLocale, 'messages.json');
-  }
-};
-
-ipcMainUtils.handleSync('CHROME_GET_MESSAGES', async function (event, extensionId) {
-  const messagesPath = getMessagesPath(extensionId);
-  return fs.promises.readFile(messagesPath, 'utf8');
-});
-
-const validStorageTypes = new Set(['sync', 'local']);
-
-const getChromeStoragePath = (storageType, extensionId) => {
-  if (!validStorageTypes.has(storageType)) {
-    throw new Error(`Invalid storageType: ${storageType}`);
-  }
-
-  if (!manifestMap[extensionId]) {
-    throw new Error(`Invalid extensionId: ${extensionId}`);
-  }
-
-  return path.join(app.getPath('userData'), `/Chrome Storage/${extensionId}-${storageType}.json`);
-};
-
-ipcMainInternal.handle('CHROME_STORAGE_READ', async function (event, storageType, extensionId) {
-  const filePath = getChromeStoragePath(storageType, extensionId);
-
-  try {
-    return await fs.promises.readFile(filePath, 'utf8');
-  } catch (error) {
-    if (error.code === 'ENOENT') {
-      return null;
-    } else {
-      throw error;
-    }
-  }
-});
-
-ipcMainInternal.handle('CHROME_STORAGE_WRITE', async function (event, storageType, extensionId, data) {
-  const filePath = getChromeStoragePath(storageType, extensionId);
-
-  try {
-    await fs.promises.mkdir(path.dirname(filePath), { recursive: true });
-  } catch {
-    // we just ignore the errors of mkdir
-  }
-
-  return fs.promises.writeFile(filePath, data, 'utf8');
-});
-
-const isChromeExtension = function (pageURL) {
-  const { protocol } = url.parse(pageURL);
-  return protocol === 'chrome-extension:';
-};
-
-const assertChromeExtension = function (contents, api) {
-  const pageURL = contents._getURL();
-  if (!isChromeExtension(pageURL)) {
-    console.error(`Blocked ${pageURL} from calling ${api}`);
-    throw new Error(`Blocked ${api}`);
-  }
-};
-
-ipcMainInternal.handle('CHROME_TABS_EXECUTE_SCRIPT', async function (event, tabId, extensionId, details) {
-  assertChromeExtension(event.sender, 'chrome.tabs.executeScript()');
-
-  const contents = webContents.fromId(tabId);
-  if (!contents) {
-    throw new Error(`Sending message to unknown tab ${tabId}`);
-  }
-
-  let code, url;
-  if (details.file) {
-    const manifest = manifestMap[extensionId];
-    code = String(fs.readFileSync(path.join(manifest.srcDirectory, details.file)));
-    url = `chrome-extension://${extensionId}${details.file}`;
-  } else {
-    code = details.code;
-    url = `chrome-extension://${extensionId}/${String(Math.random()).substr(2, 8)}.js`;
-  }
-
-  return ipcMainUtils.invokeInWebContents(contents, false, 'CHROME_TABS_EXECUTE_SCRIPT', extensionId, url, code);
-});
-
-exports.getContentScripts = () => {
-  return Object.values(contentScripts);
-};
-
-// Transfer the content scripts to renderer.
-const contentScripts = {};
-
-const injectContentScripts = function (manifest) {
-  if (contentScripts[manifest.name] || !manifest.content_scripts) return;
-
-  const readArrayOfFiles = function (relativePath) {
-    return {
-      url: `chrome-extension://${manifest.extensionId}/${relativePath}`,
-      code: String(fs.readFileSync(path.join(manifest.srcDirectory, relativePath)))
-    };
-  };
-
-  const contentScriptToEntry = function (script) {
-    return {
-      matches: script.matches,
-      js: script.js ? script.js.map(readArrayOfFiles) : [],
-      css: script.css ? script.css.map(readArrayOfFiles) : [],
-      runAt: script.run_at || 'document_idle',
-      allFrames: script.all_frames || false
-    };
-  };
-
-  try {
-    const entry = {
-      extensionId: manifest.extensionId,
-      contentScripts: manifest.content_scripts.map(contentScriptToEntry)
-    };
-    contentScripts[manifest.name] = entry;
-  } catch (e) {
-    console.error('Failed to read content scripts', e);
-  }
-};
-
-const removeContentScripts = function (manifest) {
-  if (!contentScripts[manifest.name]) return;
-
-  delete contentScripts[manifest.name];
-};
-
-// Transfer the |manifest| to a format that can be recognized by the
-// |DevToolsAPI.addExtensions|.
-const manifestToExtensionInfo = function (manifest) {
-  return {
-    startPage: manifest.startPage,
-    srcDirectory: manifest.srcDirectory,
-    name: manifest.name,
-    exposeExperimentalAPIs: true
-  };
-};
-
-// Load the extensions for the window.
-const loadExtension = function (manifest) {
-  startBackgroundPages(manifest);
-  injectContentScripts(manifest);
-};
-
-const loadDevToolsExtensions = function (win, manifests) {
-  if (!win.devToolsWebContents) return;
-
-  manifests.forEach(loadExtension);
-
-  const extensionInfoArray = manifests.map(manifestToExtensionInfo);
-  extensionInfoArray.forEach((extension) => {
-    win.devToolsWebContents._grantOriginAccess(extension.startPage);
-  });
-
-  extensionInfoArray.forEach((extensionInfo) => {
-    const info = JSON.stringify(extensionInfo);
-    win.devToolsWebContents.executeJavaScript(`Extensions.extensionServer._addExtension(${info})`);
-  });
-};
-
-app.on('web-contents-created', function (event, webContents) {
-  if (!isWindowOrWebView(webContents)) return;
-
-  hookWebContentsEvents(webContents);
-  webContents.on('devtools-opened', function () {
-    loadDevToolsExtensions(webContents, Object.values(manifestMap));
-  });
-});
-
-// The chrome-extension: can map a extension URL request to real file path.
-const chromeExtensionHandler = function (request, callback) {
-  const parsed = url.parse(request.url);
-  if (!parsed.hostname || !parsed.path) return callback();
-
-  const manifest = manifestMap[parsed.hostname];
-  if (!manifest) return callback();
-
-  const page = backgroundPages[parsed.hostname];
-  if (page && parsed.path === `/${page.name}`) {
-    // Disabled due to false positive in StandardJS
-    // eslint-disable-next-line standard/no-callback-literal
-    return callback({
-      mimeType: 'text/html',
-      data: page.html
-    });
-  }
-
-  fs.readFile(path.join(manifest.srcDirectory, parsed.path), function (err, content) {
-    if (err) {
-      // Disabled due to false positive in StandardJS
-      // eslint-disable-next-line standard/no-callback-literal
-      return callback(-6); // FILE_NOT_FOUND
-    } else {
-      return callback(content);
-    }
-  });
-};
-
-app.on('session-created', function (ses) {
-  ses.protocol.registerBufferProtocol('chrome-extension', chromeExtensionHandler);
-});
-
-// The persistent path of "DevTools Extensions" preference file.
-let loadedDevToolsExtensionsPath = null;
-
-app.on('will-quit', function () {
-  try {
-    const loadedDevToolsExtensions = Array.from(devToolsExtensionNames)
-      .map(name => manifestNameMap[name].srcDirectory);
-    if (loadedDevToolsExtensions.length > 0) {
-      try {
-        fs.mkdirSync(path.dirname(loadedDevToolsExtensionsPath));
-      } catch {
-        // Ignore error
-      }
-      fs.writeFileSync(loadedDevToolsExtensionsPath, JSON.stringify(loadedDevToolsExtensions));
-    } else {
-      fs.unlinkSync(loadedDevToolsExtensionsPath);
-    }
-  } catch {
-    // Ignore error
-  }
-});
-
-// We can not use protocol or BrowserWindow until app is ready.
-app.whenReady().then(function () {
-  // The public API to add/remove extensions.
-  BrowserWindow.addExtension = function (srcDirectory) {
-    const manifest = getManifestFromPath(srcDirectory);
-    if (manifest) {
-      loadExtension(manifest);
-      for (const webContents of getAllWebContents()) {
-        if (isWindowOrWebView(webContents)) {
-          loadDevToolsExtensions(webContents, [manifest]);
-        }
-      }
-      return manifest.name;
-    }
-  };
-
-  BrowserWindow.removeExtension = function (name) {
-    const manifest = manifestNameMap[name];
-    if (!manifest) return;
-
-    removeBackgroundPages(manifest);
-    removeContentScripts(manifest);
-    delete manifestMap[manifest.extensionId];
-    delete manifestNameMap[name];
-  };
-
-  BrowserWindow.getExtensions = function () {
-    const extensions = {};
-    Object.keys(manifestNameMap).forEach(function (name) {
-      const manifest = manifestNameMap[name];
-      extensions[name] = { name: manifest.name, version: manifest.version };
-    });
-    return extensions;
-  };
-
-  BrowserWindow.addDevToolsExtension = function (srcDirectory) {
-    const manifestName = BrowserWindow.addExtension(srcDirectory);
-    if (manifestName) {
-      devToolsExtensionNames.add(manifestName);
-    }
-    return manifestName;
-  };
-
-  BrowserWindow.removeDevToolsExtension = function (name) {
-    BrowserWindow.removeExtension(name);
-    devToolsExtensionNames.delete(name);
-  };
-
-  BrowserWindow.getDevToolsExtensions = function () {
-    const extensions = BrowserWindow.getExtensions();
-    const devExtensions = {};
-    Array.from(devToolsExtensionNames).forEach(function (name) {
-      if (!extensions[name]) return;
-      devExtensions[name] = extensions[name];
-    });
-    return devExtensions;
-  };
-
-  // Load persisted extensions.
-  loadedDevToolsExtensionsPath = path.join(app.getPath('userData'), 'DevTools Extensions');
-  try {
-    const loadedDevToolsExtensions = JSON.parse(fs.readFileSync(loadedDevToolsExtensionsPath));
-    if (Array.isArray(loadedDevToolsExtensions)) {
-      for (const srcDirectory of loadedDevToolsExtensions) {
-        // Start background pages and set content scripts.
-        BrowserWindow.addDevToolsExtension(srcDirectory);
-      }
-    }
-  } catch (error) {
-    if (process.env.ELECTRON_ENABLE_LOGGING && error.code !== 'ENOENT') {
-      console.error('Failed to load browser extensions from directory:', loadedDevToolsExtensionsPath);
-      console.error(error);
-    }
-  }
-});

lib/browser/crash-reporter-init.js

@@ -1,25 +0,0 @@
-'use strict';
-
-const { app } = require('electron');
-const path = require('path');
-
-const getTempDirectory = function () {
-  try {
-    return app.getPath('temp');
-  } catch {
-    // Delibrately laze-load the os module, this file is on the hot
-    // path when booting Electron and os takes between 5 - 8ms to load and we do not need it yet
-    return require('os').tmpdir();
-  }
-};
-
-exports.crashReporterInit = function (options) {
-  const productName = options.productName || app.name;
-  const crashesDirectory = path.join(getTempDirectory(), `${productName} Crashes`);
-
-  return {
-    productName,
-    crashesDirectory,
-    appVersion: app.getVersion()
-  };
-};

lib/browser/desktop-capturer.ts

@@ -7,7 +7,28 @@ let currentlyRunning: {
   getSources: Promise<ElectronInternal.GetSourcesResult[]>;
 }[] = [];
 
-export const getSources = (event: Electron.IpcMainEvent, options: ElectronInternal.GetSourcesOptions) => {
+// |options.types| can't be empty and must be an array
+function isValid (options: Electron.SourcesOptions) {
+  const types = options ? options.types : undefined;
+  return Array.isArray(types);
+}
+
+export const getSourcesImpl = (event: Electron.IpcMainEvent | null, args: Electron.SourcesOptions) => {
+  if (!isValid(args)) throw new Error('Invalid options');
+
+  const captureWindow = args.types.includes('window');
+  const captureScreen = args.types.includes('screen');
+
+  const { thumbnailSize = { width: 150, height: 150 } } = args;
+  const { fetchWindowIcons = false } = args;
+
+  const options = {
+    captureWindow,
+    captureScreen,
+    thumbnailSize,
+    fetchWindowIcons
+  };
+
   for (const running of currentlyRunning) {
     if (deepEqual(running.options, options)) {
       // If a request is currently running for the same options
@@ -34,23 +55,19 @@ export const getSources = (event: Electron.IpcMainEvent, options: ElectronIntern
       reject(error);
     };
 
-    capturer._onfinished = (sources: Electron.DesktopCapturerSource[], fetchWindowIcons: boolean) => {
+    capturer._onfinished = (sources: Electron.DesktopCapturerSource[]) => {
       stopRunning();
-      resolve(sources.map(source => ({
-        id: source.id,
-        name: source.name,
-        thumbnail: source.thumbnail.toDataURL(),
-        display_id: source.display_id,
-        appIcon: (fetchWindowIcons && source.appIcon) ? source.appIcon.toDataURL() : null
-      })));
+      resolve(sources);
     };
 
-    capturer.startHandling(options.captureWindow, options.captureScreen, options.thumbnailSize, options.fetchWindowIcons);
+    capturer.startHandling(captureWindow, captureScreen, thumbnailSize, fetchWindowIcons);
 
     // If the WebContents is destroyed before receiving result, just remove the
     // reference to emit and the capturer itself so that it never dispatches
     // back to the renderer
-    event.sender.once('destroyed', () => stopRunning());
+    if (event) {
+      event.sender.once('destroyed', () => stopRunning());
+    }
   });
 
   currentlyRunning.push({

lib/browser/guest-view-manager.js

@@ -3,7 +3,7 @@
 const { webContents } = require('electron');
 const { ipcMainInternal } = require('@electron/internal/browser/ipc-main-internal');
 const ipcMainUtils = require('@electron/internal/browser/ipc-main-internal-utils');
-const { parseFeaturesString } = require('@electron/internal/common/parse-features-string');
+const { parseWebViewWebPreferences } = require('@electron/internal/common/parse-features-string');
 const { syncMethods, asyncMethods, properties } = require('@electron/internal/common/web-view-methods');
 const { serialize } = require('@electron/internal/common/type-utils');
 
@@ -32,6 +32,7 @@ const supportedWebViewEvents = [
   'focus-change',
   'close',
   'crashed',
+  'render-process-gone',
   'plugin-crashed',
   'destroyed',
   'page-title-updated',
@@ -184,6 +185,13 @@ const attachGuest = function (event, embedderFrameId, elementInstanceId, guestIn
     }
   }
 
+  // parse the 'webpreferences' attribute string, if set
+  // this uses the same parsing rules as window.open uses for its features
+  const parsedWebPreferences =
+    typeof params.webpreferences === 'string'
+      ? parseWebViewWebPreferences(params.webpreferences)
+      : null;
+
   const webPreferences = {
     guestInstanceId: guestInstanceId,
     nodeIntegration: params.nodeintegration != null ? params.nodeintegration : false,
@@ -194,21 +202,10 @@ const attachGuest = function (event, embedderFrameId, elementInstanceId, guestIn
     disablePopups: !params.allowpopups,
     webSecurity: !params.disablewebsecurity,
     enableBlinkFeatures: params.blinkfeatures,
-    disableBlinkFeatures: params.disableblinkfeatures
+    disableBlinkFeatures: params.disableblinkfeatures,
+    ...parsedWebPreferences
   };
 
-  // parse the 'webpreferences' attribute string, if set
-  // this uses the same parsing rules as window.open uses for its features
-  if (typeof params.webpreferences === 'string') {
-    parseFeaturesString(params.webpreferences, function (key, value) {
-      if (value === undefined) {
-        // no value was specified, default it to true
-        value = true;
-      }
-      webPreferences[key] = value;
-    });
-  }
-
   if (params.preload) {
     webPreferences.preloadURL = params.preload;
   }
@@ -221,7 +218,8 @@ const attachGuest = function (event, embedderFrameId, elementInstanceId, guestIn
     ['nodeIntegration', false],
     ['enableRemoteModule', false],
     ['sandbox', true],
-    ['nodeIntegrationInSubFrames', false]
+    ['nodeIntegrationInSubFrames', false],
+    ['enableWebSQL', false]
   ]);
 
   // Inherit certain option values from embedder
@@ -255,6 +253,9 @@ const attachGuest = function (event, embedderFrameId, elementInstanceId, guestIn
 // Remove an guest-embedder relationship.
 const detachGuest = function (embedder, guestInstanceId) {
   const guestInstance = guestInstances[guestInstanceId];
+
+  if (!guestInstance) return;
+
   if (embedder !== guestInstance.embedder) {
     return;
   }
@@ -345,6 +346,10 @@ handleMessage('ELECTRON_GUEST_VIEW_MANAGER_ATTACH_GUEST', function (event, embed
   }
 });
 
+handleMessageSync('ELECTRON_GUEST_VIEW_MANAGER_DETACH_GUEST', function (event, guestInstanceId) {
+  return detachGuest(event.sender, guestInstanceId);
+});
+
 // this message is sent by the actual <webview>
 ipcMainInternal.on('ELECTRON_GUEST_VIEW_MANAGER_FOCUS_CHANGE', function (event, focus, guestInstanceId) {
   const guest = getGuest(guestInstanceId);

lib/browser/guest-window-manager.js

@@ -5,7 +5,7 @@ const { BrowserWindow } = electron;
 const { isSameOrigin } = process.electronBinding('v8_util');
 const { ipcMainInternal } = require('@electron/internal/browser/ipc-main-internal');
 const ipcMainUtils = require('@electron/internal/browser/ipc-main-internal-utils');
-const { convertFeaturesString } = require('@electron/internal/common/parse-features-string');
+const { parseFeatures } = require('@electron/internal/common/parse-features-string');
 
 const hasProp = {}.hasOwnProperty;
 const frameToGuest = new Map();
@@ -19,7 +19,8 @@ const inheritedWebPreferences = new Map([
   ['enableRemoteModule', false],
   ['sandbox', true],
   ['webviewTag', false],
-  ['nodeIntegrationInSubFrames', false]
+  ['nodeIntegrationInSubFrames', false],
+  ['enableWebSQL', false]
 ]);
 
 // Copy attribute of |parent| to |child| if it is not defined in |child|.
@@ -219,12 +220,21 @@ const canAccessWindow = function (sender, target) {
 
 // Routed window.open messages with raw options
 ipcMainInternal.on('ELECTRON_GUEST_WINDOW_MANAGER_WINDOW_OPEN', (event, url, frameName, features) => {
+  // This should only be allowed for senders that have nativeWindowOpen: false
+  const lastWebPreferences = event.sender.getLastWebPreferences();
+  if (lastWebPreferences.nativeWindowOpen || lastWebPreferences.sandbox) {
+    event.returnValue = null;
+    throw new Error('GUEST_WINDOW_MANAGER_WINDOW_OPEN denied: expected native window.open');
+  }
   if (url == null || url === '') url = 'about:blank';
   if (frameName == null) frameName = '';
   if (features == null) features = '';
 
   const disposition = 'new-window';
-  const { options, additionalFeatures } = convertFeaturesString(features, frameName);
+  const { options, webPreferences, additionalFeatures } = parseFeatures(features);
+  if (!options.title) options.title = frameName;
+  options.webPreferences = webPreferences;
+
   const referrer = { url: '', policy: 'default' };
   internalWindowOpen(event, url, referrer, frameName, disposition, options, additionalFeatures, null);
 });

lib/browser/init.ts

@@ -157,16 +157,10 @@ app._setDefaultAppPaths(packagePath);
 // Load the chrome devtools support.
 require('@electron/internal/browser/devtools');
 
-const features = process.electronBinding('features');
-
 // Load the chrome extension support.
-if (features.isExtensionsEnabled()) {
-  require('@electron/internal/browser/chrome-extension-shim');
-} else {
-  require('@electron/internal/browser/chrome-extension');
-}
+require('@electron/internal/browser/chrome-extension-shim');
 
-if (features.isRemoteModuleEnabled()) {
+if (BUILDFLAG(ENABLE_REMOTE_MODULE)) {
   require('@electron/internal/browser/remote/server');
 }
 
@@ -192,6 +186,7 @@ function currentPlatformSupportsAppIndicator () {
 }
 
 // Workaround for electron/electron#5050 and electron/electron#9046
+process.env.ORIGINAL_XDG_CURRENT_DESKTOP = process.env.XDG_CURRENT_DESKTOP;
 if (currentPlatformSupportsAppIndicator()) {
   process.env.XDG_CURRENT_DESKTOP = 'Unity';
 }
@@ -207,10 +202,9 @@ const { setDefaultApplicationMenu } = require('@electron/internal/browser/defaul
 
 // Create default menu.
 //
-// Note that the task must be added before loading any app, so we can make sure
-// the call is maded before any user window is created, otherwise the default
-// menu may show even when user explicitly hides the menu.
-app.whenReady().then(setDefaultApplicationMenu);
+// The |will-finish-launching| event is emitted before |ready| event, so default
+// menu is set before any user window is created.
+app.once('will-finish-launching', setDefaultApplicationMenu);
 
 if (packagePath) {
   // Finally load app's main.js and transfer control to C++.

lib/browser/remote/objects-registry.ts

@@ -91,14 +91,14 @@ class ObjectsRegistry {
 
   // Private: Saves the object into storage and assigns an ID for it.
   saveToStorage (object: any) {
-    let id: number = v8Util.getHiddenValue(object, 'atomId');
+    let id: number = v8Util.getHiddenValue(object, 'electronId');
     if (!id) {
       id = ++this.nextId;
       this.storage[id] = {
         count: 0,
         object: object
       };
-      v8Util.setHiddenValue(object, 'atomId', id);
+      v8Util.setHiddenValue(object, 'electronId', id);
     }
     return id;
   }
@@ -111,7 +111,7 @@ class ObjectsRegistry {
     }
     pointer.count -= 1;
     if (pointer.count === 0) {
-      v8Util.deleteHiddenValue(pointer.object, 'atomId');
+      v8Util.deleteHiddenValue(pointer.object, 'electronId');
       delete this.storage[id];
     }
   }

lib/browser/remote/server.ts

@@ -4,11 +4,13 @@ import * as electron from 'electron';
 import { EventEmitter } from 'events';
 import objectsRegistry from './objects-registry';
 import { ipcMainInternal } from '../ipc-main-internal';
-import { isPromise, isSerializableObject } from '@electron/internal/common/type-utils';
+import { isPromise, isSerializableObject, deserialize, serialize } from '@electron/internal/common/type-utils';
+import { Size } from 'electron/main';
 
 const v8Util = process.electronBinding('v8_util');
 const eventBinding = process.electronBinding('event');
 const features = process.electronBinding('features');
+const { NativeImage } = process.electronBinding('native_image');
 
 if (!features.isRemoteModuleEnabled()) {
   throw new Error('remote module is disabled');
@@ -113,6 +115,9 @@ type MetaType = {
 } | {
   type: 'promise',
   then: MetaType
+} | {
+  type: 'nativeimage'
+  value: electron.NativeImage
 }
 
 // Convert a real value into meta data.
@@ -123,6 +128,8 @@ const valueToMeta = function (sender: electron.WebContents, contextId: string, v
     // Recognize certain types of objects.
     if (value instanceof Buffer) {
       type = 'buffer';
+    } else if (value instanceof NativeImage) {
+      type = 'nativeimage';
     } else if (Array.isArray(value)) {
       type = 'array';
     } else if (value instanceof Error) {
@@ -146,6 +153,8 @@ const valueToMeta = function (sender: electron.WebContents, contextId: string, v
       type,
       members: value.map((el: any) => valueToMeta(sender, contextId, el, optimizeSimpleObject))
     };
+  } else if (type === 'nativeimage') {
+    return { type, value: serialize(value) };
   } else if (type === 'object' || type === 'function') {
     return {
       type,
@@ -233,7 +242,10 @@ type MetaTypeFromRenderer = {
 } | {
   type: 'object',
   name: string,
-  members: { name: string, value: MetaTypeFromRenderer }[]
+  members: {
+    name: string,
+    value: MetaTypeFromRenderer
+  }[]
 } | {
   type: 'function-with-return-value',
   value: MetaTypeFromRenderer
@@ -242,6 +254,14 @@ type MetaTypeFromRenderer = {
   id: number,
   location: string,
   length: number
+} | {
+  type: 'nativeimage',
+  value: {
+    size: Size,
+    buffer: Buffer,
+    scaleFactor: number,
+    dataURL: string
+  }[]
 }
 
 const fakeConstructor = (constructor: Function, name: string) =>
@@ -259,6 +279,8 @@ const fakeConstructor = (constructor: Function, name: string) =>
 const unwrapArgs = function (sender: electron.WebContents, frameId: number, contextId: string, args: any[]) {
   const metaToValue = function (meta: MetaTypeFromRenderer): any {
     switch (meta.type) {
+      case 'nativeimage':
+        return deserialize(meta.value);
       case 'value':
         return meta.value;
       case 'remote-object':

lib/browser/rpc-server.js

@@ -5,9 +5,7 @@ const fs = require('fs');
 
 const eventBinding = process.electronBinding('event');
 const clipboard = process.electronBinding('clipboard');
-const features = process.electronBinding('features');
 
-const { crashReporterInit } = require('@electron/internal/browser/crash-reporter-init');
 const { ipcMainInternal } = require('@electron/internal/browser/ipc-main-internal');
 const ipcMainUtils = require('@electron/internal/browser/ipc-main-internal-utils');
 const guestViewManager = require('@electron/internal/browser/guest-view-manager');
@@ -37,10 +35,6 @@ ipcMainInternal.on('ELECTRON_BROWSER_WINDOW_CLOSE', function (event) {
   event.returnValue = null;
 });
 
-ipcMainUtils.handleSync('ELECTRON_CRASH_REPORTER_INIT', function (event, options) {
-  return crashReporterInit(options);
-});
-
 ipcMainInternal.handle('ELECTRON_BROWSER_GET_LAST_WEB_PREFERENCES', function (event) {
   return event.sender.getLastWebPreferences();
 });
@@ -57,7 +51,7 @@ const allowedClipboardMethods = (() => {
   }
 })();
 
-ipcMainUtils.handleSync('ELECTRON_BROWSER_CLIPBOARD', function (event, method, ...args) {
+ipcMainUtils.handleSync('ELECTRON_BROWSER_CLIPBOARD_SYNC', function (event, method, ...args) {
   if (!allowedClipboardMethods.has(method)) {
     throw new Error(`Invalid method: ${method}`);
   }
@@ -65,10 +59,10 @@ ipcMainUtils.handleSync('ELECTRON_BROWSER_CLIPBOARD', function (event, method, .
   return typeUtils.serialize(electron.clipboard[method](...typeUtils.deserialize(args)));
 });
 
-if (features.isDesktopCapturerEnabled()) {
+if (BUILDFLAG(ENABLE_DESKTOP_CAPTURER)) {
   const desktopCapturer = require('@electron/internal/browser/desktop-capturer');
 
-  ipcMainInternal.handle('ELECTRON_BROWSER_DESKTOP_CAPTURER_GET_SOURCES', function (event, options, stack) {
+  ipcMainInternal.handle('ELECTRON_BROWSER_DESKTOP_CAPTURER_GET_SOURCES', async function (event, options, stack) {
     logStack(event.sender, 'desktopCapturer.getSources()', stack);
     const customEvent = emitCustomEvent(event.sender, 'desktop-capturer-get-sources');
 
@@ -77,11 +71,11 @@ if (features.isDesktopCapturerEnabled()) {
       return [];
     }
 
-    return desktopCapturer.getSources(event, options);
+    return typeUtils.serialize(await desktopCapturer.getSourcesImpl(event, options));
   });
 }
 
-const isRemoteModuleEnabled = features.isRemoteModuleEnabled()
+const isRemoteModuleEnabled = BUILDFLAG(ENABLE_REMOTE_MODULE)
   ? require('@electron/internal/browser/remote/server').isRemoteModuleEnabled
   : () => false;
 
@@ -96,26 +90,11 @@ const getPreloadScript = async function (preloadPath) {
   return { preloadPath, preloadSrc, preloadError };
 };
 
-if (features.isExtensionsEnabled()) {
-  ipcMainUtils.handleSync('ELECTRON_GET_CONTENT_SCRIPTS', () => []);
-} else {
-  const { getContentScripts } = require('@electron/internal/browser/chrome-extension');
-  ipcMainUtils.handleSync('ELECTRON_GET_CONTENT_SCRIPTS', () => getContentScripts());
-}
-
 ipcMainUtils.handleSync('ELECTRON_BROWSER_SANDBOX_LOAD', async function (event) {
   const preloadPaths = event.sender._getPreloadPaths();
-
-  let contentScripts = [];
-  if (!features.isExtensionsEnabled()) {
-    const { getContentScripts } = require('@electron/internal/browser/chrome-extension');
-    contentScripts = getContentScripts();
-  }
-
   const webPreferences = event.sender.getLastWebPreferences() || {};
 
   return {
-    contentScripts,
     preloadScripts: await Promise.all(preloadPaths.map(path => getPreloadScript(path))),
     isRemoteModuleEnabled: isRemoteModuleEnabled(event.sender),
     isWebViewTagEnabled: guestViewManager.isWebViewTagEnabled(event.sender),
@@ -135,3 +114,23 @@ ipcMainUtils.handleSync('ELECTRON_BROWSER_SANDBOX_LOAD', async function (event)
 ipcMainInternal.on('ELECTRON_BROWSER_PRELOAD_ERROR', function (event, preloadPath, error) {
   event.sender.emit('preload-error', event, preloadPath, error);
 });
+
+ipcMainUtils.handleSync('ELECTRON_CRASH_REPORTER_GET_LAST_CRASH_REPORT', () => {
+  return electron.crashReporter.getLastCrashReport();
+});
+
+ipcMainUtils.handleSync('ELECTRON_CRASH_REPORTER_GET_UPLOADED_REPORTS', () => {
+  return electron.crashReporter.getUploadedReports();
+});
+
+ipcMainUtils.handleSync('ELECTRON_CRASH_REPORTER_GET_UPLOAD_TO_SERVER', () => {
+  return electron.crashReporter.getUploadToServer();
+});
+
+ipcMainUtils.handleSync('ELECTRON_CRASH_REPORTER_SET_UPLOAD_TO_SERVER', (event, uploadToServer) => {
+  return electron.crashReporter.setUploadToServer(uploadToServer);
+});
+
+ipcMainUtils.handleSync('ELECTRON_CRASH_REPORTER_GET_CRASHES_DIRECTORY', () => {
+  return electron.crashReporter.getCrashesDirectory();
+});

lib/common/api/clipboard.js

@@ -9,7 +9,7 @@ if (process.type === 'renderer') {
   const makeRemoteMethod = function (method) {
     return (...args) => {
       args = typeUtils.serialize(args);
-      const result = ipcRendererUtils.invokeSync('ELECTRON_BROWSER_CLIPBOARD', method, ...args);
+      const result = ipcRendererUtils.invokeSync('ELECTRON_BROWSER_CLIPBOARD_SYNC', method, ...args);
       return typeUtils.deserialize(result);
     };
   };

lib/common/asar.js

@@ -572,7 +572,7 @@
     };
 
     const { readdir } = fs;
-    fs.readdir = function (pathArgument, options, callback) {
+    fs.readdir = function (pathArgument, options = {}, callback) {
       const { isAsar, asarPath, filePath } = splitPath(pathArgument);
       if (typeof options === 'function') {
         callback = options;
@@ -594,13 +594,29 @@
         return;
       }
 
+      if (options.withFileTypes) {
+        const dirents = [];
+        for (const file of files) {
+          const stats = archive.stat(file);
+          if (stats.isFile) {
+            dirents.push(new fs.Dirent(file, fs.constants.UV_DIRENT_FILE));
+          } else if (stats.isDirectory) {
+            dirents.push(new fs.Dirent(file, fs.constants.UV_DIRENT_DIR));
+          } else if (stats.isLink) {
+            dirents.push(new fs.Dirent(file, fs.constants.UV_DIRENT_LINK));
+          }
+        }
+        nextTick(callback, [null, dirents]);
+        return;
+      }
+
       nextTick(callback, [null, files]);
     };
 
     fs.promises.readdir = util.promisify(fs.readdir);
 
     const { readdirSync } = fs;
-    fs.readdirSync = function (pathArgument, options) {
+    fs.readdirSync = function (pathArgument, options = {}) {
       const { isAsar, asarPath, filePath } = splitPath(pathArgument);
       if (!isAsar) return readdirSync.apply(this, arguments);
 
@@ -614,6 +630,21 @@
         throw createError(AsarError.NOT_FOUND, { asarPath, filePath });
       }
 
+      if (options.withFileTypes) {
+        const dirents = [];
+        for (const file of files) {
+          const stats = archive.stat(file);
+          if (stats.isFile) {
+            dirents.push(new fs.Dirent(file, fs.constants.UV_DIRENT_FILE));
+          } else if (stats.isDirectory) {
+            dirents.push(new fs.Dirent(file, fs.constants.UV_DIRENT_DIR));
+          } else if (stats.isLink) {
+            dirents.push(new fs.Dirent(file, fs.constants.UV_DIRENT_LINK));
+          }
+        }
+        return dirents;
+      }
+
       return files;
     };
 

lib/common/crash-reporter.js

@@ -1,98 +0,0 @@
-'use strict';
-
-const binding = process.electronBinding('crash_reporter');
-
-class CrashReporter {
-  constructor () {
-    this.productName = null;
-    this.crashesDirectory = null;
-  }
-
-  init (options) {
-    throw new Error('Not implemented');
-  }
-
-  start (options) {
-    if (options == null) options = {};
-
-    const {
-      productName,
-      companyName,
-      extra = {},
-      ignoreSystemCrashHandler = false,
-      submitURL,
-      uploadToServer = true
-    } = options;
-
-    if (companyName == null) throw new Error('companyName is a required option to crashReporter.start');
-    if (submitURL == null) throw new Error('submitURL is a required option to crashReporter.start');
-
-    const ret = this.init({
-      submitURL,
-      productName
-    });
-
-    this.productName = ret.productName;
-    this.crashesDirectory = ret.crashesDirectory;
-
-    if (extra._productName == null) extra._productName = ret.productName;
-    if (extra._companyName == null) extra._companyName = companyName;
-    if (extra._version == null) extra._version = ret.appVersion;
-
-    binding.start(ret.productName, companyName, submitURL, ret.crashesDirectory, uploadToServer, ignoreSystemCrashHandler, extra);
-  }
-
-  getLastCrashReport () {
-    const reports = this.getUploadedReports()
-      .sort((a, b) => {
-        const ats = (a && a.date) ? new Date(a.date).getTime() : 0;
-        const bts = (b && b.date) ? new Date(b.date).getTime() : 0;
-        return bts - ats;
-      });
-
-    return (reports.length > 0) ? reports[0] : null;
-  }
-
-  getUploadedReports () {
-    const crashDir = this.getCrashesDirectory();
-    if (!crashDir) {
-      throw new Error('crashReporter has not been started');
-    }
-
-    return binding.getUploadedReports(crashDir);
-  }
-
-  getCrashesDirectory () {
-    return this.crashesDirectory;
-  }
-
-  getUploadToServer () {
-    if (process.type === 'browser') {
-      return binding.getUploadToServer();
-    } else {
-      throw new Error('getUploadToServer can only be called from the main process');
-    }
-  }
-
-  setUploadToServer (uploadToServer) {
-    if (process.type === 'browser') {
-      return binding.setUploadToServer(uploadToServer);
-    } else {
-      throw new Error('setUploadToServer can only be called from the main process');
-    }
-  }
-
-  addExtraParameter (key, value) {
-    binding.addExtraParameter(key, value);
-  }
-
-  removeExtraParameter (key) {
-    binding.removeExtraParameter(key);
-  }
-
-  getParameters () {
-    return binding.getParameters();
-  }
-}
-
-module.exports = CrashReporter;

lib/common/parse-features-string.js

@@ -1,85 +0,0 @@
-'use strict';
-
-// parses a feature string that has the format used in window.open()
-// - `features` input string
-// - `emit` function(key, value) - called for each parsed KV
-function parseFeaturesString (features, emit) {
-  features = `${features}`.trim();
-  // split the string by ','
-  features.split(/\s*,\s*/).forEach((feature) => {
-    // expected form is either a key by itself or a key/value pair in the form of
-    // 'key=value'
-    let [key, value] = feature.split(/\s*=\s*/);
-    if (!key) return;
-
-    // interpret the value as a boolean, if possible
-    value = (value === 'yes' || value === '1') ? true : (value === 'no' || value === '0') ? false : value;
-
-    // emit the parsed pair
-    emit(key, value);
-  });
-}
-
-function convertFeaturesString (features, frameName) {
-  const options = {};
-
-  const ints = ['x', 'y', 'width', 'height', 'minWidth', 'maxWidth', 'minHeight', 'maxHeight', 'zoomFactor'];
-  const webPreferences = ['zoomFactor', 'nodeIntegration', 'enableRemoteModule', 'preload', 'javascript', 'contextIsolation', 'webviewTag'];
-
-  // Used to store additional features
-  const additionalFeatures = [];
-
-  // Parse the features
-  parseFeaturesString(features, function (key, value) {
-    if (value === undefined) {
-      additionalFeatures.push(key);
-    } else {
-      // Don't allow webPreferences to be set since it must be an object
-      // that cannot be directly overridden
-      if (key === 'webPreferences') return;
-
-      if (webPreferences.includes(key)) {
-        if (options.webPreferences == null) {
-          options.webPreferences = {};
-        }
-        options.webPreferences[key] = value;
-      } else {
-        options[key] = value;
-      }
-    }
-  });
-
-  if (options.left) {
-    if (options.x == null) {
-      options.x = options.left;
-    }
-  }
-  if (options.top) {
-    if (options.y == null) {
-      options.y = options.top;
-    }
-  }
-  if (options.title == null) {
-    options.title = frameName;
-  }
-  if (options.width == null) {
-    options.width = 800;
-  }
-  if (options.height == null) {
-    options.height = 600;
-  }
-
-  for (const name of ints) {
-    if (options[name] != null) {
-      options[name] = parseInt(options[name], 10);
-    }
-  }
-
-  return {
-    options, additionalFeatures
-  };
-}
-
-module.exports = {
-  parseFeaturesString, convertFeaturesString
-};

lib/common/parse-features-string.ts

@@ -0,0 +1,110 @@
+/**
+ * Utilities to parse comma-separated key value pairs used in browser APIs.
+ * For example: "x=100,y=200,width=500,height=500"
+ */
+import { BrowserWindowConstructorOptions } from 'electron';
+
+type RequiredBrowserWindowConstructorOptions = Required<BrowserWindowConstructorOptions>;
+type IntegerBrowserWindowOptionKeys = {
+  [K in keyof RequiredBrowserWindowConstructorOptions]:
+    RequiredBrowserWindowConstructorOptions[K] extends number ? K : never
+}[keyof RequiredBrowserWindowConstructorOptions];
+
+// This could be an array of keys, but an object allows us to add a compile-time
+// check validating that we haven't added an integer property to
+// BrowserWindowConstructorOptions that this module doesn't know about.
+const keysOfTypeNumberCompileTimeCheck: { [K in IntegerBrowserWindowOptionKeys] : true } = {
+  x: true,
+  y: true,
+  width: true,
+  height: true,
+  minWidth: true,
+  maxWidth: true,
+  minHeight: true,
+  maxHeight: true,
+  opacity: true
+};
+// Note `top` / `left` are special cases from the browser which we later convert
+// to y / x.
+const keysOfTypeNumber = ['top', 'left', ...Object.keys(keysOfTypeNumberCompileTimeCheck)];
+
+/**
+ * Note that we only allow "0" and "1" boolean conversion when the type is known
+ * not to be an integer.
+ *
+ * The coercion of yes/no/1/0 represents best effort accordance with the spec:
+ * https://html.spec.whatwg.org/multipage/window-object.html#concept-window-open-features-parse-boolean
+ */
+type CoercedValue = string | number | boolean;
+function coerce (key: string, value: string): CoercedValue {
+  if (keysOfTypeNumber.includes(key)) {
+    return Number(value);
+  }
+
+  switch (value) {
+    case 'true':
+    case '1':
+    case 'yes':
+    case undefined:
+      return true;
+    case 'false':
+    case '0':
+    case 'no':
+      return false;
+    default:
+      return value;
+  }
+}
+
+export function parseCommaSeparatedKeyValue (source: string, useSoonToBeDeprecatedBehaviorForBareKeys: boolean) {
+  const bareKeys = [] as string[];
+  const parsed = {} as { [key: string]: any };
+  for (const keyValuePair of source.split(',')) {
+    const [key, value] = keyValuePair.split('=').map(str => str.trim());
+    if (useSoonToBeDeprecatedBehaviorForBareKeys && value === undefined) {
+      bareKeys.push(key);
+      continue;
+    }
+    parsed[key] = coerce(key, value);
+  }
+
+  return { parsed, bareKeys };
+}
+
+export function parseWebViewWebPreferences (preferences: string) {
+  return parseCommaSeparatedKeyValue(preferences, false).parsed;
+}
+
+const allowedWebPreferences = ['zoomFactor', 'nodeIntegration', 'enableRemoteModule', 'javascript', 'contextIsolation', 'webviewTag'] as const;
+type AllowedWebPreference = (typeof allowedWebPreferences)[number];
+
+/**
+ * Parses a feature string that has the format used in window.open().
+ *
+ * `useSoonToBeDeprecatedBehaviorForBareKeys` — In the html spec, windowFeatures keys
+ * without values are interpreted as `true`. Previous versions of Electron did
+ * not respect this. In order to not break any applications, this will be
+ * flipped in the next major version.
+ */
+export function parseFeatures (
+  features: string,
+  useSoonToBeDeprecatedBehaviorForBareKeys: boolean = true
+) {
+  const { parsed, bareKeys } = parseCommaSeparatedKeyValue(features, useSoonToBeDeprecatedBehaviorForBareKeys);
+
+  const webPreferences: { [K in AllowedWebPreference]?: any } = {};
+  allowedWebPreferences.forEach((key) => {
+    if (parsed[key] === undefined) return;
+    webPreferences[key] = parsed[key];
+    delete parsed[key];
+  });
+
+  if (parsed.left !== undefined) parsed.x = parsed.left;
+  if (parsed.top !== undefined) parsed.y = parsed.top;
+
+  return {
+    options: parsed as Omit<BrowserWindowConstructorOptions, 'webPreferences'> & { [key: string]: CoercedValue },
+    webPreferences,
+    additionalFeatures: bareKeys
+  };
+}

lib/common/type-utils.ts

@@ -23,6 +23,7 @@ const serializableTypes = [
   ArrayBuffer
 ];
 
+// https://developer.mozilla.org/en-US/docs/Web/API/Web_Workers_API/Structured_clone_algorithm#Supported_types
 export function isSerializableObject (value: any) {
   return value === null || ArrayBuffer.isView(value) || serializableTypes.some(type => value instanceof type);
 }
@@ -33,14 +34,55 @@ const objectMap = function (source: Object, mapper: (value: any) => any) {
   return Object.fromEntries(targetEntries);
 };
 
+function serializeNativeImage (image: any) {
+  const representations = [];
+  const scaleFactors = image.getScaleFactors();
+
+  // Use Buffer when there's only one representation for better perf.
+  // This avoids compressing to/from PNG where it's not necessary to
+  // ensure uniqueness of dataURLs (since there's only one).
+  if (scaleFactors.length === 1) {
+    const scaleFactor = scaleFactors[0];
+    const size = image.getSize(scaleFactor);
+    const buffer = image.toBitmap({ scaleFactor });
+    representations.push({ scaleFactor, size, buffer });
+  } else {
+    // Construct from dataURLs to ensure that they are not lost in creation.
+    for (const scaleFactor of scaleFactors) {
+      const size = image.getSize(scaleFactor);
+      const dataURL = image.toDataURL({ scaleFactor });
+      representations.push({ scaleFactor, size, dataURL });
+    }
+  }
+  return { __ELECTRON_SERIALIZED_NativeImage__: true, representations };
+}
+
+function deserializeNativeImage (value: any) {
+  const image = nativeImage.createEmpty();
+
+  // Use Buffer when there's only one representation for better perf.
+  // This avoids compressing to/from PNG where it's not necessary to
+  // ensure uniqueness of dataURLs (since there's only one).
+  if (value.representations.length === 1) {
+    const { buffer, size, scaleFactor } = value.representations[0];
+    const { width, height } = size;
+    image.addRepresentation({ buffer, scaleFactor, width, height });
+  } else {
+    // Construct from dataURLs to ensure that they are not lost in creation.
+    for (const rep of value.representations) {
+      const { dataURL, size, scaleFactor } = rep;
+      const { width, height } = size;
+      image.addRepresentation({ dataURL, scaleFactor, width, height });
+    }
+  }
+
+  return image;
+}
+
 export function serialize (value: any): any {
   if (value instanceof NativeImage) {
-    return {
-      buffer: value.toBitmap(),
-      size: value.getSize(),
-      __ELECTRON_SERIALIZED_NativeImage__: true
-    };
-  } else if (Array.isArray(value)) {
+    return serializeNativeImage(value);
+  } if (Array.isArray(value)) {
     return value.map(serialize);
   } else if (isSerializableObject(value)) {
     return value;
@@ -53,7 +95,7 @@ export function serialize (value: any): any {
 
 export function deserialize (value: any): any {
   if (value && value.__ELECTRON_SERIALIZED_NativeImage__) {
-    return nativeImage.createFromBitmap(value.buffer, value.size);
+    return deserializeNativeImage(value);
   } else if (Array.isArray(value)) {
     return value.map(deserialize);
   } else if (isSerializableObject(value)) {