Bump v18.3.4

* chore: cherry-pick 6661eb4900da from angle

* chore: update patches

Co-authored-by: PatchUp <73610968+patchup[bot]@users.noreply.github.com>

.circleci/.gitignore

@@ -0,0 +1 @@
+config-staging

.circleci/config.yml

@@ -6,6 +6,7 @@ setup: true
 # Orbs
 orbs:
   path-filtering: circleci/path-filtering@0.1.0
+  continuation: circleci/continuation@0.2.0
 
 # All input parameters to pass to build config
 parameters:
@@ -13,7 +14,7 @@ parameters:
     type: boolean
     default: false
   
-  upload-to-s3:
+  upload-to-storage:
     type: string
     default: '1'
 
@@ -43,103 +44,33 @@ parameters:
     default: all
     enum: ["all", "osx-x64", "osx-arm64", "mas-x64", "mas-arm64"]
 
-# Envs
-env-global: &env-global
-  ELECTRON_OUT_DIR: Default
-
-env-linux-medium: &env-linux-medium
-  <<: *env-global
-  NUMBER_OF_NINJA_PROCESSES: 3
-
-# Executors
-executors:
-  linux-docker:
-    parameters:
-      size:
-        description: "Docker executor size"
-        default: 2xlarge+
-        type: enum
-        enum: ["medium", "xlarge", "2xlarge+"]
-    docker:
-      - image: ghcr.io/electron/build:27db4a3e3512bfd2e47f58cea69922da0835f1d9
-    resource_class: << parameters.size >>
-
-# List of always run steps
-step-checkout-electron: &step-checkout-electron
-  checkout:
-    path: src/electron
-
-steps-lint: &steps-lint
-  steps:
-    - *step-checkout-electron
-    - run:
-        name: Setup third_party Depot Tools
-        command: |
-          # "depot_tools" has to be checkout into "//third_party/depot_tools" so pylint.py can a "pylintrc" file.
-          git clone https://chromium.googlesource.com/chromium/tools/depot_tools.git src/third_party/depot_tools
-          echo 'export PATH="$PATH:'"$PWD"'/src/third_party/depot_tools"' >> $BASH_ENV
-    - run:
-        name: Download GN Binary
-        command: |
-          chromium_revision="$(grep -A1 chromium_version src/electron/DEPS | tr -d '\n' | cut -d\' -f4)"
-          gn_version="$(curl -sL "https://chromium.googlesource.com/chromium/src/+/${chromium_revision}/DEPS?format=TEXT" | base64 -d | grep gn_version | head -n1 | cut -d\' -f4)"
-
-          cipd ensure -ensure-file - -root . \<<-CIPD
-          \$ServiceURL https://chrome-infra-packages.appspot.com/
-          @Subdir src/buildtools/linux64
-          gn/gn/linux-amd64 $gn_version
-          CIPD
-
-          echo 'export CHROMIUM_BUILDTOOLS_PATH="'"$PWD"'/src/buildtools"' >> $BASH_ENV
-    - run:
-        name: Download clang-format Binary
-        command: |
-          chromium_revision="$(grep -A1 chromium_version src/electron/DEPS | tr -d '\n' | cut -d\' -f4)"
-
-          sha1_path='buildtools/linux64/clang-format.sha1'
-          curl -sL "https://chromium.googlesource.com/chromium/src/+/${chromium_revision}/${sha1_path}?format=TEXT" | base64 -d > "src/${sha1_path}"
-
-          download_from_google_storage.py --no_resume --no_auth --bucket chromium-clang-format -s "src/${sha1_path}"
-    - run:
-        name: Run Lint
-        command: |
-          # gn.py tries to find a gclient root folder starting from the current dir.
-          # When it fails and returns "None" path, the whole script fails. Let's "fix" it.
-          touch .gclient
-          # Another option would be to checkout "buildtools" inside the Electron checkout,
-          # but then we would lint its contents (at least gn format), and it doesn't pass it.
-
-          cd src/electron
-          node script/yarn install --frozen-lockfile
-          node script/yarn lint
-    - run:
-        name: Run Script Typechecker
-        command: |
-          cd src/electron
-          node script/yarn tsc -p tsconfig.script.json
-
-# List of always run jobs.
 jobs:
-  lint:
-    executor:
-      name: linux-docker
-      size: medium
-    environment:
-      <<: *env-linux-medium
-    <<: *steps-lint
-
-# Initial setup workflow
-workflows:
-  lint:
-    jobs:
-      # Job inherited from path-filtering orb
-      - path-filtering/filter:
+  generate-config:
+    docker:
+      - image: cimg/node:16.14
+    steps:
+      - checkout
+      - path-filtering/set-parameters:
           base-revision: main
-          # Params for mapping; `path-to-test parameter-to-set value-for-parameter` for each row
           mapping: |
             ^((?!docs/).)*$ run-build-mac true
             ^((?!docs/).)*$ run-build-linux true
             docs/.* run-docs-only true
             ^((?!docs/).)*$ run-docs-only false
-          config-path: .circleci/build_config.yml
-      - lint
+      - run:
+          command: |
+            cd .circleci/config
+            yarn
+            export CIRCLECI_BINARY="$HOME/circleci"
+            curl -fLSs https://raw.githubusercontent.com/CircleCI-Public/circleci-cli/master/install.sh | DESTDIR=$CIRCLECI_BINARY bash
+            node build.js
+          name: Pack config.yml
+      - continuation/continue:
+          configuration_path: .circleci/config-staging/built.yml
+          parameters: /tmp/pipeline-parameters.json
+
+# Initial setup workflow
+workflows:
+  setup:
+    jobs:
+      - generate-config

.circleci/config/build.js

@@ -0,0 +1,34 @@
+const cp = require('child_process');
+const fs = require('fs-extra');
+const path = require('path');
+const yaml = require('js-yaml');
+
+const STAGING_DIR = path.resolve(__dirname, '..', 'config-staging');
+
+function copyAndExpand(dir = './') {
+    const absDir = path.resolve(__dirname, dir);
+    const targetDir = path.resolve(STAGING_DIR, dir);
+
+    if (!fs.existsSync(targetDir)) {
+        fs.mkdirSync(targetDir);
+    }
+
+    for (const file of fs.readdirSync(absDir)) {
+        if (!file.endsWith('.yml')) {
+            if (fs.statSync(path.resolve(absDir, file)).isDirectory()) {
+                copyAndExpand(path.join(dir, file));
+            }
+            continue;
+        }
+
+        fs.writeFileSync(path.resolve(targetDir, file), yaml.dump(yaml.load(fs.readFileSync(path.resolve(absDir, file), 'utf8')), {
+            noRefs: true,
+        }));
+    }
+}
+
+if (fs.pathExists(STAGING_DIR)) fs.removeSync(STAGING_DIR);
+copyAndExpand();
+
+const output = cp.spawnSync(process.env.CIRCLECI_BINARY || 'circleci', ['config', 'pack', STAGING_DIR]);
+fs.writeFileSync(path.resolve(STAGING_DIR, 'built.yml'), output.stdout.toString());

.circleci/config/jobs/lint.yml

@@ -0,0 +1,51 @@
+executor:
+  name: linux-docker
+  size: medium
+steps:
+  - checkout:
+      path: src/electron
+  - run:
+      name: Setup third_party Depot Tools
+      command: |
+        # "depot_tools" has to be checkout into "//third_party/depot_tools" so pylint.py can a "pylintrc" file.
+        git clone https://chromium.googlesource.com/chromium/tools/depot_tools.git src/third_party/depot_tools
+        echo 'export PATH="$PATH:'"$PWD"'/src/third_party/depot_tools"' >> $BASH_ENV
+  - run:
+      name: Download GN Binary
+      command: |
+        chromium_revision="$(grep -A1 chromium_version src/electron/DEPS | tr -d '\n' | cut -d\' -f4)"
+        gn_version="$(curl -sL "https://chromium.googlesource.com/chromium/src/+/${chromium_revision}/DEPS?format=TEXT" | base64 -d | grep gn_version | head -n1 | cut -d\' -f4)"
+
+        cipd ensure -ensure-file - -root . \<<-CIPD
+        \$ServiceURL https://chrome-infra-packages.appspot.com/
+        @Subdir src/buildtools/linux64
+        gn/gn/linux-amd64 $gn_version
+        CIPD
+
+        echo 'export CHROMIUM_BUILDTOOLS_PATH="'"$PWD"'/src/buildtools"' >> $BASH_ENV
+  - run:
+      name: Download clang-format Binary
+      command: |
+        chromium_revision="$(grep -A1 chromium_version src/electron/DEPS | tr -d '\n' | cut -d\' -f4)"
+
+        sha1_path='buildtools/linux64/clang-format.sha1'
+        curl -sL "https://chromium.googlesource.com/chromium/src/+/${chromium_revision}/${sha1_path}?format=TEXT" | base64 -d > "src/${sha1_path}"
+
+        download_from_google_storage.py --no_resume --no_auth --bucket chromium-clang-format -s "src/${sha1_path}"
+  - run:
+      name: Run Lint
+      command: |
+        # gn.py tries to find a gclient root folder starting from the current dir.
+        # When it fails and returns "None" path, the whole script fails. Let's "fix" it.
+        touch .gclient
+        # Another option would be to checkout "buildtools" inside the Electron checkout,
+        # but then we would lint its contents (at least gn format), and it doesn't pass it.
+
+        cd src/electron
+        node script/yarn install --frozen-lockfile
+        node script/yarn lint
+  - run:
+      name: Run Script Typechecker
+      command: |
+        cd src/electron
+        node script/yarn tsc -p tsconfig.script.json

.circleci/config/package.json

@@ -0,0 +1,10 @@
+{
+  "name": "@electron/circleci-config",
+  "version": "0.0.0",
+  "private": true,
+  "license": "MIT",
+  "dependencies": {
+    "fs-extra": "^10.1.0",
+    "js-yaml": "^4.1.0"
+  }
+}

.circleci/config/yarn.lock

@@ -0,0 +1,43 @@
+# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
+# yarn lockfile v1
+
+
+argparse@^2.0.1:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/argparse/-/argparse-2.0.1.tgz#246f50f3ca78a3240f6c997e8a9bd1eac49e4b38"
+  integrity sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==
+
+fs-extra@^10.1.0:
+  version "10.1.0"
+  resolved "https://registry.yarnpkg.com/fs-extra/-/fs-extra-10.1.0.tgz#02873cfbc4084dde127eaa5f9905eef2325d1abf"
+  integrity sha512-oRXApq54ETRj4eMiFzGnHWGy+zo5raudjuxN0b8H7s/RU2oW0Wvsx9O0ACRN/kRq9E8Vu/ReskGB5o3ji+FzHQ==
+  dependencies:
+    graceful-fs "^4.2.0"
+    jsonfile "^6.0.1"
+    universalify "^2.0.0"
+
+graceful-fs@^4.1.6, graceful-fs@^4.2.0:
+  version "4.2.10"
+  resolved "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.2.10.tgz#147d3a006da4ca3ce14728c7aefc287c367d7a6c"
+  integrity sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA==
+
+js-yaml@^4.1.0:
+  version "4.1.0"
+  resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-4.1.0.tgz#c1fb65f8f5017901cdd2c951864ba18458a10602"
+  integrity sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==
+  dependencies:
+    argparse "^2.0.1"
+
+jsonfile@^6.0.1:
+  version "6.1.0"
+  resolved "https://registry.yarnpkg.com/jsonfile/-/jsonfile-6.1.0.tgz#bc55b2634793c679ec6403094eb13698a6ec0aae"
+  integrity sha512-5dgndWOriYSm5cnYaJNhalLNDKOqFwyDB/rr1E9ZsGciGvKPs8R2xYGCacuf3z6K1YKDz182fd+fY3cn3pMqXQ==
+  dependencies:
+    universalify "^2.0.0"
+  optionalDependencies:
+    graceful-fs "^4.1.6"
+
+universalify@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/universalify/-/universalify-2.0.0.tgz#75a4984efedc4b08975c5aeb73f530d02df25717"
+  integrity sha512-hAZsKq7Yy11Zu1DE0OzWjw7nnLZmJZYTDZZyEFHZdUhV8FkH5MCfoU1XMaxXovpyW5nq5scPqq0ZDP9Zyl04oQ==

.github/workflows/semantic.yml

@@ -0,0 +1,20 @@
+name: "Check Semantic Commit"
+
+on:
+  pull_request_target:
+    types:
+      - opened
+      - edited
+      - synchronize
+
+jobs:
+  main:
+    name: Validate PR Title
+    runs-on: ubuntu-latest
+    steps:
+      - name: semantic-pull-request
+        uses: amannn/action-semantic-pull-request@v4
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          validateSingleCommit: false

BUILD.gn

@@ -43,6 +43,7 @@ if (is_mac) {
 
 if (is_linux) {
   import("//build/config/linux/pkg_config.gni")
+  import("//tools/generate_stubs/rules.gni")
 
   pkg_config("gio_unix") {
     packages = [ "gio-unix-2.0" ]
@@ -54,6 +55,38 @@ if (is_linux) {
       "gdk-pixbuf-2.0",
     ]
   }
+
+  generate_library_loader("libnotify_loader") {
+    name = "LibNotifyLoader"
+    output_h = "libnotify_loader.h"
+    output_cc = "libnotify_loader.cc"
+    header = "<libnotify/notify.h>"
+    config = ":libnotify_config"
+
+    functions = [
+      "notify_is_initted",
+      "notify_init",
+      "notify_get_server_caps",
+      "notify_get_server_info",
+      "notify_notification_new",
+      "notify_notification_add_action",
+      "notify_notification_set_image_from_pixbuf",
+      "notify_notification_set_timeout",
+      "notify_notification_set_urgency",
+      "notify_notification_set_hint_string",
+      "notify_notification_show",
+      "notify_notification_close",
+    ]
+  }
+
+  generate_stubs("electron_gtk_stubs") {
+    sigs = [ "shell/browser/ui/electron_gtk.sigs" ]
+    extra_header = "shell/browser/ui/electron_gtk.fragment"
+    output_name = "electron_gtk_stubs"
+    public_deps = [ "//ui/gtk:gtk_config" ]
+    logging_function = "LogNoop()"
+    logging_include = "ui/gtk/log_noop.h"
+  }
 }
 
 declare_args() {
@@ -253,31 +286,6 @@ copy("copy_shell_devtools_discovery_page") {
   outputs = [ "$target_gen_dir/shell_devtools_discovery_page.html" ]
 }
 
-if (is_linux) {
-  generate_library_loader("libnotify_loader") {
-    name = "LibNotifyLoader"
-    output_h = "libnotify_loader.h"
-    output_cc = "libnotify_loader.cc"
-    header = "<libnotify/notify.h>"
-    config = ":libnotify_config"
-
-    functions = [
-      "notify_is_initted",
-      "notify_init",
-      "notify_get_server_caps",
-      "notify_get_server_info",
-      "notify_notification_new",
-      "notify_notification_add_action",
-      "notify_notification_set_image_from_pixbuf",
-      "notify_notification_set_timeout",
-      "notify_notification_set_urgency",
-      "notify_notification_set_hint_string",
-      "notify_notification_show",
-      "notify_notification_close",
-    ]
-  }
-}
-
 npm_action("electron_version_args") {
   script = "generate-version-json"
 
@@ -535,6 +543,7 @@ source_set("electron_lib") {
   if (is_linux) {
     libs = [ "xshmfence" ]
     deps += [
+      ":electron_gtk_stubs",
       ":libnotify_loader",
       "//build/config/linux/gtk",
       "//dbus",
@@ -557,7 +566,6 @@ source_set("electron_lib") {
     defines += [
       # Disable warnings for g_settings_list_schemas.
       "GLIB_DISABLE_DEPRECATION_WARNINGS",
-      "USE_X11=1",
     ]
 
     sources += [
@@ -695,6 +703,8 @@ source_set("electron_lib") {
     deps += [
       "//chrome/browser/resources/pdf:resources",
       "//components/pdf/browser",
+      "//components/pdf/browser:interceptors",
+      "//components/pdf/common",
       "//components/pdf/renderer",
       "//pdf:pdf_ppapi",
     ]
@@ -1049,7 +1059,6 @@ if (is_mac) {
       "shell/app/electron_main_mac.cc",
       "shell/app/uv_stdio_fix.cc",
       "shell/app/uv_stdio_fix.h",
-      "shell/common/electron_constants.cc",
     ]
     include_dirs = [ "." ]
     deps = [
@@ -1266,6 +1275,10 @@ if (is_mac) {
       if (!is_component_build && is_component_ffmpeg) {
         configs += [ "//build/config/gcc:rpath_for_built_shared_libraries" ]
       }
+
+      if (is_linux) {
+        deps += [ "//sandbox/linux:chrome_sandbox" ]
+      }
     }
   }
 

DEPS

@@ -15,7 +15,7 @@ gclient_gn_args = [
 
 vars = {
   'chromium_version':
-    '100.0.4896.56',
+    '100.0.4896.160',
   'node_version':
     'v16.13.2',
   'nan_version':

ELECTRON_VERSION

@@ -1 +1 @@
-18.0.0
+18.3.4

appveyor.yml

@@ -11,7 +11,7 @@
 #  - "TARGET_ARCH" Choose from {'ia32', 'x64', 'arm', 'arm64', 'mips64el'}.
 #      Is used in some publishing scripts, but does NOT affect the Electron binary.
 #      Must match 'target_cpu' passed to "GN_EXTRA_ARGS" and "NPM_CONFIG_ARCH" value.
-#  - "UPLOAD_TO_S3" Set it to '1' upload a release to the S3 bucket.
+#  - "UPLOAD_TO_STORAGE" Set it to '1' upload a release to the Azure bucket.
 #      Otherwise the release will be uploaded to the Github Releases.
 #      (The value is only checked if "ELECTRON_RELEASE" is defined.)
 #
@@ -235,9 +235,9 @@ deploy_script:
   - cd electron
   - ps: >-
       if (Test-Path Env:\ELECTRON_RELEASE) {
-        if (Test-Path Env:\UPLOAD_TO_S3) {
-          Write-Output "Uploading Electron release distribution to s3"
-          & python script\release\uploaders\upload.py --verbose --upload_to_s3
+        if (Test-Path Env:\UPLOAD_TO_STORAGE) {
+          Write-Output "Uploading Electron release distribution to azure"
+          & python script\release\uploaders\upload.py --verbose --upload_to_storage
         } else {
           Write-Output "Uploading Electron release distribution to github releases"
           & python script\release\uploaders\upload.py --verbose

build/args/all.gn

@@ -5,7 +5,6 @@ root_extra_deps = [ "//electron" ]
 node_module_version = 103
 
 v8_promise_internal_field_count = 1
-v8_typed_array_max_size_in_heap = 0
 v8_embedder_string = "-electron.0"
 
 # TODO: this breaks mksnapshot
@@ -22,6 +21,9 @@ proprietary_codecs = true
 ffmpeg_branding = "Chrome"
 
 enable_basic_printing = true
+
+# Removes DLLs from the build, which are only meant to be used for Chromium development.
+# See https://github.com/electron/electron/pull/17985
 angle_enable_vulkan_validation_layers = false
 dawn_enable_vulkan_validation_layers = false
 

build/js2c.py

@@ -1,4 +1,4 @@
-#!/usr/bin/env python
+#!/usr/bin/env python3
 
 import os
 import subprocess

build/npm-run.py

@@ -1,4 +1,4 @@
-#!/usr/bin/env python
+#!/usr/bin/env python3
 from __future__ import print_function
 import os
 import subprocess

build/strip_framework.py

@@ -1,4 +1,4 @@
-#!/usr/bin/env python
+#!/usr/bin/env python3
 import os
 import subprocess
 import sys

build/zip.py

@@ -1,4 +1,4 @@
-#!/usr/bin/env python
+#!/usr/bin/env python3
 from __future__ import print_function
 import os
 import subprocess

build/zip_libcxx.py

@@ -1,4 +1,4 @@
-#!/usr/bin/env python
+#!/usr/bin/env python3
 from __future__ import print_function
 import os
 import subprocess

chromium_src/BUILD.gn

@@ -298,13 +298,21 @@ static_library("chrome") {
 
     if (enable_pdf_viewer) {
       sources += [
+        "//chrome/browser/pdf/chrome_pdf_stream_delegate.cc",
+        "//chrome/browser/pdf/chrome_pdf_stream_delegate.h",
         "//chrome/browser/pdf/pdf_extension_util.cc",
         "//chrome/browser/pdf/pdf_extension_util.h",
         "//chrome/browser/pdf/pdf_frame_util.cc",
         "//chrome/browser/pdf/pdf_frame_util.h",
+        "//chrome/browser/plugins/pdf_iframe_navigation_throttle.cc",
+        "//chrome/browser/plugins/pdf_iframe_navigation_throttle.h",
         "//chrome/renderer/pepper/chrome_pdf_print_client.cc",
         "//chrome/renderer/pepper/chrome_pdf_print_client.h",
       ]
+      deps += [
+        "//components/pdf/browser",
+        "//components/pdf/renderer",
+      ]
     }
   }
 
@@ -332,15 +340,6 @@ source_set("plugins") {
     "//chrome/browser/renderer_host/pepper/pepper_isolated_file_system_message_filter.cc",
     "//chrome/browser/renderer_host/pepper/pepper_isolated_file_system_message_filter.h",
   ]
-  deps += [
-    "//media:media_buildflags",
-    "//ppapi/buildflags",
-    "//ppapi/proxy:ipc",
-    "//services/device/public/mojom",
-  ]
-  if (enable_pdf_viewer) {
-    deps += [ "//components/pdf/browser" ]
-  }
 
   # renderer side
   sources += [
@@ -351,17 +350,18 @@ source_set("plugins") {
     "//chrome/renderer/pepper/pepper_shared_memory_message_filter.cc",
     "//chrome/renderer/pepper/pepper_shared_memory_message_filter.h",
   ]
-  if (enable_pdf_viewer) {
-    deps += [ "//components/pdf/renderer" ]
-  }
+
   deps += [
     "//components/strings",
     "//media:media_buildflags",
+    "//ppapi/buildflags",
     "//ppapi/host",
     "//ppapi/proxy",
     "//ppapi/proxy:ipc",
     "//ppapi/shared_impl",
+    "//services/device/public/mojom",
     "//skia",
+    "//storage/browser",
   ]
 }
 

docs/api/app.md

@@ -484,7 +484,6 @@ Returns:
 * `argv` string[] - An array of the second instance's command line arguments
 * `workingDirectory` string - The second instance's working directory
 * `additionalData` unknown - A JSON object of additional data passed from the second instance
-* `ackCallback` unknown - A function that can be used to send data back to the second instance
 
 This event will be emitted inside the primary instance of your application
 when a second instance has been executed and calls `app.requestSingleInstanceLock()`.
@@ -496,35 +495,12 @@ non-minimized.
 
 **Note:** If the second instance is started by a different user than the first, the `argv` array will not include the arguments.
 
-**Note:** `ackCallback` allows the user to send data back to the
-second instance during the `app.requestSingleInstanceLock()` flow.
-This callback can be used for cases where the second instance
-needs to obtain additional information from the first instance
-before quitting.
-
-Currently, the limit on the message size is kMaxMessageLength,
-or around 32kB. To be safe, keep the amount of data passed to 31kB at most.
-
-In order to call the callback, `event.preventDefault()` must be called, first.
-If the callback is not called in either case, `null` will be sent back.
-If `event.preventDefault()` is not called, but `ackCallback` is called
-by the user in the event, then the behaviour is undefined.
-
 This event is guaranteed to be emitted after the `ready` event of `app`
 gets emitted.
 
 **Note:** Extra command line arguments might be added by Chromium,
 such as `--original-process-start-time`.
 
-### Event: 'first-instance-ack'
-
-Returns:
-
-* `event` Event
-* `additionalData` unknown - A JSON object of additional data passed from the first instance, in response to the first instance's `second-instance` event.
-
-This event will be emitted within the second instance during the call to `app.requestSingleInstanceLock()`, when the first instance calls the `ackCallback` provided by the `second-instance` event handler.
-
 ## Methods
 
 The `app` object has the following methods:
@@ -861,6 +837,8 @@ Returns `Object`:
 
 * `categories` [JumpListCategory[]](structures/jump-list-category.md) | `null` - Array of `JumpListCategory` objects.
 
+Returns `string`
+
 Sets or removes a custom Jump List for the application, and returns one of the
 following strings:
 
@@ -983,13 +961,6 @@ starts:
 const { app } = require('electron')
 let myWindow = null
 
-app.on('first-instance-ack', (event, additionalData) => {
-  // Print out the ack received from the first instance.
-  // Note this event handler must come before the requestSingleInstanceLock call.
-  // Expected output: '{"myAckKey":"myAckValue"}'
-  console.log(JSON.stringify(additionalData))
-})
-
 const additionalData = { myKey: 'myValue' }
 const gotTheLock = app.requestSingleInstanceLock(additionalData)
 
@@ -997,19 +968,14 @@ if (!gotTheLock) {
   app.quit()
 } else {
   app.on('second-instance', (event, commandLine, workingDirectory, additionalData) => {
-    // We must call preventDefault if we're sending back data.
-    event.preventDefault()
     // Print out data received from the second instance.
-    // Expected output: '{"myKey":"myValue"}'
-    console.log(JSON.stringify(additionalData))
+    console.log(additionalData)
 
     // Someone tried to run a second instance, we should focus our window.
     if (myWindow) {
       if (myWindow.isMinimized()) myWindow.restore()
       myWindow.focus()
     }
-    const ackData = { myAckKey: 'myAckValue' }
-    ackCallback(ackData)
   })
 
   // Create myWindow, load the rest of the app, etc...

docs/api/browser-window.md

@@ -464,7 +464,7 @@ window.onbeforeunload = (e) => {
   // a non-void value will silently cancel the close.
   // It is recommended to use the dialog API to let the user confirm closing the
   // application.
-  e.returnValue = false // equivalent to `return false` but not recommended
+  e.returnValue = false
 }
 ```
 

docs/api/extensions.md

@@ -99,6 +99,7 @@ Only `chrome.storage.local` is supported; `chrome.storage.sync` and
 The following methods of `chrome.tabs` are supported:
 
 - `chrome.tabs.sendMessage`
+- `chrome.tabs.reload`
 - `chrome.tabs.executeScript`
 - `chrome.tabs.update` (partial support)
   - supported properties: `url`, `muted`.

docs/api/safe-storage.md

@@ -18,9 +18,9 @@ The `safeStorage` module has the following methods:
 
 Returns `boolean` - Whether encryption is available.
 
-On Linux, returns true if the secret key is
-available. On MacOS, returns true if Keychain is available.
-On Windows, returns true with no other preconditions.
+On Linux, returns true if the app has emitted the `ready` event and the secret key is available.
+On MacOS, returns true if Keychain is available.
+On Windows, returns true once the app has emitted the `ready` event.
 
 ### `safeStorage.encryptString(plainText)`
 

docs/api/system-preferences.md

@@ -84,7 +84,7 @@ that contains the user information dictionary sent along with the notification.
 
 ### `systemPreferences.subscribeNotification(event, callback)` _macOS_
 
-* `event` string
+* `event` string | null
 * `callback` Function
   * `event` string
   * `userInfo` Record<string, unknown>
@@ -109,9 +109,11 @@ example values of `event` are:
 * `AppleColorPreferencesChangedNotification`
 * `AppleShowScrollBarsSettingChanged`
 
+If `event` is null, the `NSDistributedNotificationCenter` doesn’t use it as criteria for delivery to the observer. See [docs](https://developer.apple.com/documentation/foundation/nsnotificationcenter/1411723-addobserverforname?language=objc)  for more information.
+
 ### `systemPreferences.subscribeLocalNotification(event, callback)` _macOS_
 
-* `event` string
+* `event` string | null
 * `callback` Function
   * `event` string
   * `userInfo` Record<string, unknown>
@@ -122,9 +124,11 @@ Returns `number` - The ID of this subscription
 Same as `subscribeNotification`, but uses `NSNotificationCenter` for local defaults.
 This is necessary for events such as `NSUserDefaultsDidChangeNotification`.
 
+If `event` is null, the `NSNotificationCenter` doesn’t use it as criteria for delivery to the observer. See [docs](https://developer.apple.com/documentation/foundation/nsnotificationcenter/1411723-addobserverforname?language=objc) for more information.
+
 ### `systemPreferences.subscribeWorkspaceNotification(event, callback)` _macOS_
 
-* `event` string
+* `event` string | null
 * `callback` Function
   * `event` string
   * `userInfo` Record<string, unknown>
@@ -135,6 +139,8 @@ Returns `number` - The ID of this subscription
 Same as `subscribeNotification`, but uses `NSWorkspace.sharedWorkspace.notificationCenter`.
 This is necessary for events such as `NSWorkspaceDidActivateApplicationNotification`.
 
+If `event` is null, the `NSWorkspaceNotificationCenter` doesn’t use it as criteria for delivery to the observer. See [docs](https://developer.apple.com/documentation/foundation/nsnotificationcenter/1411723-addobserverforname?language=objc) for more information.
+
 ### `systemPreferences.unsubscribeNotification(id)` _macOS_
 
 * `id` Integer

docs/api/web-frame-main.md

@@ -16,7 +16,7 @@ win.loadURL('https://twitter.com')
 
 win.webContents.on(
   'did-frame-navigate',
-  (event, url, isMainFrame, frameProcessId, frameRoutingId) => {
+  (event, url, httpResponseCode, httpStatusText, isMainFrame, frameProcessId, frameRoutingId) => {
     const frame = webFrameMain.fromId(frameProcessId, frameRoutingId)
     if (frame) {
       const code = 'document.body.innerHTML = document.body.innerHTML.replaceAll("heck", "h*ck")'

docs/development/build-instructions-linux.md

@@ -7,21 +7,7 @@ Follow the guidelines below for building **Electron itself** on Linux, for the p
 ## Prerequisites
 
 * At least 25GB disk space and 8GB RAM.
-* Python 2.7.x. Some distributions like CentOS 6.x still use Python 2.6.x
-  so you may need to check your Python version with `python -V`.
-
-  Please also ensure that your system and Python version support at least TLS 1.2.
-  For a quick test, run the following script:
-
-  ```sh
-  $ npx @electron/check-python-tls
-  ```
-
-  If the script returns that your configuration is using an outdated security
-  protocol, use your system's package manager to update Python to the latest
-  version in the 2.7.x branch. Alternatively, visit https://www.python.org/downloads/
-  for detailed instructions.
-
+* Python >= 3.7.
 * Node.js. There are various ways to install Node. You can download
   source code from [nodejs.org](https://nodejs.org) and compile it.
   Doing so permits installing Node on your own home directory as a standard user.

docs/development/build-instructions-macos.md

@@ -6,45 +6,12 @@ Follow the guidelines below for building **Electron itself** on macOS, for the p
 
 ## Prerequisites
 
-* macOS >= 10.11.6
-* [Xcode](https://developer.apple.com/technologies/tools/) >= 9.0.0
+* macOS >= 11.6.0
+* [Xcode](https://developer.apple.com/technologies/tools/). The exact version
+  needed depends on what branch you are building, but the latest version of
+  Xcode is generally a good bet for building `main`.
 * [node.js](https://nodejs.org) (external)
-* Python 2.7 with support for TLS 1.2
-
-## Python
-
-Please also ensure that your system and Python version support at least TLS 1.2.
-This depends on both your version of macOS and Python. For a quick test, run:
-
-```sh
-$ npx @electron/check-python-tls
-```
-
-If the script returns that your configuration is using an outdated security
-protocol, you can either update macOS to High Sierra or install a new version
-of Python 2.7.x. To upgrade Python, use [Homebrew](https://brew.sh/):
-
-```sh
-$ brew install python@2 && brew link python@2 --force
-```
-
-If you are using Python as provided by Homebrew, you also need to install
-the following Python modules:
-
-* [pyobjc](https://pypi.org/project/pyobjc/#description)
-
-You can use `pip` to install it:
-
-```sh
-$ pip install pyobjc
-```
-
-## macOS SDK
-
-If you're developing Electron and don't plan to redistribute your
-custom Electron build, you may skip this section.
-
-Official Electron builds are built with [Xcode 12.2](https://download.developer.apple.com/Developer_Tools/Xcode_12.2/Xcode_12.2.xip), and the macOS 11.0 SDK. Building with a newer SDK works too, but the releases currently use the 11.0 SDK.
+* Python >= 3.7
 
 ## Building Electron
 

docs/development/coding-style.md

@@ -28,7 +28,7 @@ For C++ and Python, we follow Chromium's [Coding
 Style](https://chromium.googlesource.com/chromium/src/+/refs/heads/main/styleguide/styleguide.md).
 There is also a script `script/cpplint.py` to check whether all files conform.
 
-The Python version we are using now is Python 2.7.
+The Python version we are using now is Python 3.9.
 
 The C++ code uses a lot of Chromium's abstractions and types, so it's
 recommended to get acquainted with them. A good place to start is

docs/fiddles/ipc/pattern-1/index.html

@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset="UTF-8">
+    <!-- https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP -->
+    <meta http-equiv="Content-Security-Policy" content="default-src 'self'; script-src 'self'">
+    <title>Hello World!</title>
+  </head>
+  <body>
+    Title: <input id="title"/>
+    <button id="btn" type="button">Set</button>
+    <script src="./renderer.js"></script>
+  </body>
+</html>

docs/fiddles/ipc/pattern-1/main.js

@@ -0,0 +1,30 @@
+const {app, BrowserWindow, ipcMain} = require('electron')
+const path = require('path')
+
+function createWindow () {
+  const mainWindow = new BrowserWindow({
+    webPreferences: {
+      preload: path.join(__dirname, 'preload.js')
+    }
+  })
+
+  ipcMain.on('set-title', (event, title) => {
+    const webContents = event.sender
+    const win = BrowserWindow.fromWebContents(webContents)
+    win.setTitle(title)
+  })
+
+  mainWindow.loadFile('index.html')
+}
+
+app.whenReady().then(() => {
+  createWindow()
+  
+  app.on('activate', function () {
+    if (BrowserWindow.getAllWindows().length === 0) createWindow()
+  })
+})
+
+app.on('window-all-closed', function () {
+  if (process.platform !== 'darwin') app.quit()
+})

docs/fiddles/ipc/pattern-1/preload.js

@@ -0,0 +1,5 @@
+const { contextBridge, ipcRenderer } = require('electron')
+
+contextBridge.exposeInMainWorld('electronAPI', {
+    setTitle: (title) => ipcRenderer.send('set-title', title)
+})

docs/fiddles/ipc/pattern-1/renderer.js

@@ -0,0 +1,6 @@
+const setButton = document.getElementById('btn')
+const titleInput = document.getElementById('title')
+setButton.addEventListener('click', () => {
+    const title = titleInput.value
+    window.electronAPI.setTitle(title)
+});

docs/fiddles/ipc/pattern-2/index.html

@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset="UTF-8">
+    <!-- https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP -->
+    <meta http-equiv="Content-Security-Policy" content="default-src 'self'; script-src 'self'">
+    <title>Dialog</title>
+  </head>
+  <body>
+    <button type="button" id="btn">Open a File</button>
+    File path: <strong id="filePath"></strong>
+    <script src='./renderer.js'></script>
+  </body>
+</html>

docs/fiddles/ipc/pattern-2/main.js

@@ -0,0 +1,32 @@
+const {app, BrowserWindow, ipcMain, dialog} = require('electron')
+const path = require('path')
+
+async function handleFileOpen() {
+  const { canceled, filePaths } = await dialog.showOpenDialog()
+  if (canceled) {
+    return
+  } else {
+    return filePaths[0]
+  }
+}
+
+function createWindow () {
+  const mainWindow = new BrowserWindow({
+    webPreferences: {
+      preload: path.join(__dirname, 'preload.js')
+    }
+  })
+  mainWindow.loadFile('index.html')
+}
+
+app.whenReady().then(() => {
+  ipcMain.handle('dialog:openFile', handleFileOpen)
+  createWindow()
+  app.on('activate', function () {
+    if (BrowserWindow.getAllWindows().length === 0) createWindow()
+  })
+})
+
+app.on('window-all-closed', function () {
+  if (process.platform !== 'darwin') app.quit()
+})

docs/fiddles/ipc/pattern-2/preload.js

@@ -0,0 +1,5 @@
+const { contextBridge, ipcRenderer } = require('electron')
+
+contextBridge.exposeInMainWorld('electronAPI',{
+  openFile: () => ipcRenderer.invoke('dialog:openFile')
+})

docs/fiddles/ipc/pattern-2/renderer.js

@@ -0,0 +1,7 @@
+const btn = document.getElementById('btn')
+const filePathElement = document.getElementById('filePath')
+
+btn.addEventListener('click', async () => {
+  const filePath = await window.electronAPI.openFile()
+  filePathElement.innerText = filePath
+})

docs/fiddles/ipc/pattern-3/index.html

@@ -0,0 +1,13 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset="UTF-8">
+    <!-- https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP -->
+    <meta http-equiv="Content-Security-Policy" content="default-src 'self'; script-src 'self'">
+    <title>Menu Counter</title>
+  </head>
+  <body>
+    Current value: <strong id="counter">0</strong>
+    <script src="./renderer.js"></script>
+  </body>
+</html>

docs/fiddles/ipc/pattern-3/main.js

@@ -0,0 +1,48 @@
+const {app, BrowserWindow, Menu, ipcMain} = require('electron')
+const path = require('path')
+
+function createWindow () {
+  const mainWindow = new BrowserWindow({
+    webPreferences: {
+      preload: path.join(__dirname, 'preload.js')
+    }
+  })
+
+  const menu = Menu.buildFromTemplate([
+    {
+      label: app.name,
+      submenu: [
+      {
+        click: () => mainWindow.webContents.send('update-counter', 1),
+        label: 'Increment',
+      },
+      {
+        click: () => mainWindow.webContents.send('update-counter', -1),
+        label: 'Decrement',
+      }
+      ]
+    }
+
+  ])
+
+  Menu.setApplicationMenu(menu)
+  mainWindow.loadFile('index.html')
+
+  // Open the DevTools.
+  mainWindow.webContents.openDevTools()
+}
+
+app.whenReady().then(() => {
+  ipcMain.on('counter-value', (_event, value) => {
+    console.log(value) // will print value to Node console
+  })
+  createWindow()
+  
+  app.on('activate', function () {
+    if (BrowserWindow.getAllWindows().length === 0) createWindow()
+  })
+})
+
+app.on('window-all-closed', function () {
+  if (process.platform !== 'darwin') app.quit()
+})

docs/fiddles/ipc/pattern-3/preload.js

@@ -0,0 +1,5 @@
+const { contextBridge, ipcRenderer } = require('electron')
+
+contextBridge.exposeInMainWorld('electronAPI', {
+  handleCounter: (callback) => ipcRenderer.on('update-counter', callback)
+})

docs/fiddles/ipc/pattern-3/renderer.js

@@ -0,0 +1,8 @@
+const counter = document.getElementById('counter')
+
+window.electronAPI.handleCounter((event, value) => {
+    const oldValue = Number(counter.innerText)
+    const newValue = oldValue + value
+    counter.innerText = newValue
+    event.sender.send('counter-value', newValue)
+})

docs/tutorial/ipc.md

@@ -0,0 +1,571 @@
+---
+title: Inter-Process Communication
+description: Use the ipcMain and ipcRenderer modules to communicate between Electron processes
+slug: ipc
+hide_title: false
+---
+
+# Inter-Process Communication
+
+Inter-process communication (IPC) is a key part of building feature-rich desktop applications
+in Electron. Because the main and renderer processes have different responsibilities in
+Electron's process model, IPC is the only way to perform many common tasks, such as calling a
+native API from your UI or triggering changes in your web contents from native menus.
+
+## IPC channels
+
+In Electron, processes communicate by passing messages through developer-defined "channels"
+with the [`ipcMain`] and [`ipcRenderer`] modules. These channels are
+**arbitrary** (you can name them anything you want) and **bidirectional** (you can use the
+same channel name for both modules).
+
+In this guide, we'll be going over some fundamental IPC patterns with concrete examples that
+you can use as a reference for your app code.
+
+## Understanding context-isolated processes
+
+Before proceeding to implementation details, you should be familiar with the idea of using a
+[preload script] to import Node.js and Electron modules in a context-isolated renderer process.
+
+* For a full overview of Electron's process model, you can read the [process model docs].
+* For a primer into exposing APIs from your preload script using the `contextBridge` module, check
+out the [context isolation tutorial].
+
+## Pattern 1: Renderer to main (one-way)
+
+To fire a one-way IPC message from a renderer process to the main process, you can use the
+[`ipcRenderer.send`] API to send a message that is then received by the [`ipcMain.on`] API.
+
+You usually use this pattern to call a main process API from your web contents. We'll demonstrate
+this pattern by creating a simple app that can programmatically change its window title.
+
+For this demo, you'll need to add code to your main process, your renderer process, and a preload
+script. The full code is below, but we'll be explaining each file individually in the following
+sections.
+
+```fiddle docs/fiddles/ipc/pattern-1
+```
+
+### 1. Listen for events with `ipcMain.on`
+
+In the main process, set an IPC listener on the `set-title` channel with the `ipcMain.on` API:
+
+```javascript {6-10,22} title='main.js (Main Process)'
+const {app, BrowserWindow, ipcMain} = require('electron')
+const path = require('path')
+
+//...
+
+function handleSetTitle (event, title) {
+  const webContents = event.sender
+  const win = BrowserWindow.fromWebContents(webContents)
+  win.setTitle(title)
+}
+
+function createWindow () {
+  const mainWindow = new BrowserWindow({
+    webPreferences: {
+      preload: path.join(__dirname, 'preload.js')
+    }
+  })
+  mainWindow.loadFile('index.html')
+}
+
+app.whenReady().then(() => {
+  ipcMain.on('set-title', handleSetTitle)
+  createWindow()
+}
+//...
+```
+
+The above `handleSetTitle` callback has two parameters: an [IpcMainEvent] structure and a
+`title` string. Whenever a message comes through the `set-title` channel, this function will
+find the BrowserWindow instance attached to the message sender and use the `win.setTitle`
+API on it.
+
+:::info
+Make sure you're loading the `index.html` and `preload.js` entry points for the following steps!
+:::
+
+### 2. Expose `ipcRenderer.send` via preload
+
+To send messages to the listener created above, you can use the `ipcRenderer.send` API.
+By default, the renderer process has no Node.js or Electron module access. As an app developer,
+you need to choose which APIs to expose from your preload script using the `contextBridge` API.
+
+In your preload script, add the following code, which will expose a global `window.electronAPI`
+variable to your renderer process.
+
+```javascript title='preload.js (Preload Script)'
+const { contextBridge, ipcRenderer } = require('electron')
+
+contextBridge.exposeInMainWorld('electronAPI', {
+    setTitle: (title) => ipcRenderer.send('set-title', title)
+})
+```
+
+At this point, you'll be able to use the `window.electronAPI.setTitle()` function in the renderer
+process.
+
+:::caution Security warning
+We don't directly expose the whole `ipcRenderer.send` API for [security reasons]. Make sure to
+limit the renderer's access to Electron APIs as much as possible.
+:::
+
+### 3. Build the renderer process UI
+
+In our BrowserWindow's loaded HTML file, add a basic user interface consisting of a text input
+and a button:
+
+```html {11-12} title='index.html'
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset="UTF-8">
+    <!-- https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP -->
+    <meta http-equiv="Content-Security-Policy" content="default-src 'self'; script-src 'self'">
+    <title>Hello World!</title>
+  </head>
+  <body>
+    Title: <input id="title"/>
+    <button id="btn" type="button">Set</button>
+    <script src="./renderer.js"></script>
+  </body>
+</html>
+```
+
+To make these elements interactive, we'll be adding a few lines of code in the imported
+`renderer.js` file that leverages the `window.electronAPI` functionality exposed from the preload
+script:
+
+```javascript title='renderer.js (Renderer Process)'
+const setButton = document.getElementById('btn')
+const titleInput = document.getElementById('title')
+setButton.addEventListener('click', () => {
+    const title = titleInput.value
+    window.electronAPI.setTitle(title)
+});
+```
+
+At this point, your demo should be fully functional. Try using the input field and see what happens
+to your BrowserWindow title!
+
+## Pattern 2: Renderer to main (two-way)
+
+A common application for two-way IPC is calling a main process module from your renderer process
+code and waiting for a result. This can be done by using [`ipcRenderer.invoke`] paired with
+[`ipcMain.handle`].
+
+In the following example, we'll be opening a native file dialog from the renderer process and
+returning the selected file's path.
+
+For this demo, you'll need to add code to your main process, your renderer process, and a preload
+script. The full code is below, but we'll be explaining each file individually in the following
+sections.
+
+```fiddle docs/fiddles/ipc/pattern-2
+```
+
+### 1. Listen for events with `ipcMain.handle`
+
+In the main process, we'll be creating a `handleFileOpen()` function that calls
+`dialog.showOpenDialog` and returns the value of the file path selected by the user. This function
+is used as a callback whenever an `ipcRender.invoke` message is sent through the `dialog:openFile`
+channel from the renderer process. The return value is then returned as a Promise to the original
+`invoke` call.
+
+:::caution A word on error handling
+Errors thrown through `handle` in the main process are not transparent as they
+are serialized and only the `message` property from the original error is
+provided to the renderer process. Please refer to
+[#24427](https://github.com/electron/electron/issues/24427) for details.
+:::
+
+```javascript {6-13,25} title='main.js (Main Process)'
+const { BrowserWindow, dialog, ipcMain } = require('electron')
+const path = require('path')
+
+//...
+
+async function handleFileOpen() {
+  const { canceled, filePaths } = await dialog.showOpenDialog()
+  if (canceled) {
+    return
+  } else {
+    return filePaths[0]
+  }
+}
+
+function createWindow () {
+  const mainWindow = new BrowserWindow({
+    webPreferences: {
+      preload: path.join(__dirname, 'preload.js')
+    }
+  })
+  mainWindow.loadFile('index.html')
+}
+
+app.whenReady(() => {
+  ipcMain.handle('dialog:openFile', handleFileOpen)
+  createWindow()
+})
+//...
+```
+
+:::tip on channel names
+The `dialog:` prefix on the IPC channel name has no effect on the code. It only serves
+as a namespace that helps with code readability.
+:::
+
+:::info
+Make sure you're loading the `index.html` and `preload.js` entry points for the following steps!
+:::
+
+### 2. Expose `ipcRenderer.invoke` via preload
+
+In the preload script, we expose a one-line `openFile` function that calls and returns the value of
+`ipcRenderer.invoke('dialog:openFile')`. We'll be using this API in the next step to call the
+native dialog from our renderer's user interface.
+
+```javascript title='preload.js (Preload Script)'
+const { contextBridge, ipcRenderer } = require('electron')
+
+contextBridge.exposeInMainWorld('electronAPI', {
+  openFile: () => ipcRenderer.invoke('dialog:openFile')
+})
+```
+
+:::caution Security warning
+We don't directly expose the whole `ipcRenderer.invoke` API for [security reasons]. Make sure to
+limit the renderer's access to Electron APIs as much as possible.
+:::
+
+### 3. Build the renderer process UI
+
+Finally, let's build the HTML file that we load into our BrowserWindow.
+
+```html {10-11} title='index.html'
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset="UTF-8">
+    <!-- https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP -->
+    <meta http-equiv="Content-Security-Policy" content="default-src 'self'; script-src 'self'">
+    <title>Dialog</title>
+  </head>
+  <body>
+    <button type="button" id="btn">Open a File</button>
+    File path: <strong id="filePath"></strong>
+    <script src='./renderer.js'></script>
+  </body>
+</html>
+```
+
+The UI consists of a single `#btn` button element that will be used to trigger our preload API, and
+a `#filePath` element that will be used to display the path of the selected file. Making these
+pieces work will take a few lines of code in the renderer process script:
+
+```javascript title='renderer.js (Renderer Process)'
+const btn = document.getElementById('btn')
+const filePathElement = document.getElementById('filePath')
+
+btn.addEventListener('click', async () => {
+  const filePath = await window.electronAPI.openFile()
+  filePathElement.innerText = filePath
+})
+```
+
+In the above snippet, we listen for clicks on the `#btn` button, and call our
+`window.electronAPI.openFile()` API to activate the native Open File dialog. We then display the
+selected file path in the `#filePath` element.
+
+### Note: legacy approaches
+
+The `ipcRenderer.invoke` API was added in Electron 7 as a developer-friendly way to tackle two-way
+IPC from the renderer process. However, there exist a couple alternative approaches to this IPC
+pattern.
+
+:::warning Avoid legacy approaches if possible
+We recommend using `ipcRenderer.invoke` whenever possible. The following two-way renderer-to-main
+patterns are documented for historical purposes.
+:::
+
+:::info
+For the following examples, we're calling `ipcRenderer` directly from the preload script to keep
+the code samples small.
+:::
+
+#### Using `ipcRenderer.send`
+
+The `ipcRenderer.send` API that we used for single-way communication can also be leveraged to
+perform two-way communication. This was the recommended way for asynchronous two-way communication
+via IPC prior to Electron 7.
+
+```javascript title='preload.js (Preload Script)'
+// You can also put expose this code to the renderer
+// process with the `contextBridge` API
+const { ipcRenderer } = require('electron')
+
+ipcRenderer.on('asynchronous-reply', (_event, arg) => {
+  console.log(arg) // prints "pong" in the DevTools console
+})
+ipcRenderer.send('asynchronous-message', 'ping')
+```
+
+```javascript title='main.js (Main Process)'
+ipcMain.on('asynchronous-message', (event, arg) => {
+  console.log(arg) // prints "ping" in the Node console
+  // works like `send`, but returning a message back
+  // to the renderer that sent the original message
+  event.reply('asynchronous-reply', 'pong')
+})
+```
+
+There are a couple downsides to this approach:
+
+* You need to set up a second `ipcRenderer.on` listener to handle the response in the renderer
+process. With `invoke`, you get the response value returned as a Promise to the original API call.
+* There's no obvious way to pair the `asynchronous-reply` message to the original
+`asynchronous-message` one. If you have very frequent messages going back and forth through these
+channels, you would need to add additional app code to track each call and response individually.
+
+#### Using `ipcRenderer.sendSync`
+
+The `ipcRenderer.sendSync` API sends a message to the main process and waits _synchronously_ for a
+response.
+
+```javascript title='main.js (Main Process)'
+const { ipcMain } = require('electron')
+ipcMain.on('synchronous-message', (event, arg) => {
+  console.log(arg) // prints "ping" in the Node console
+  event.returnValue = 'pong'
+})
+```
+
+```javascript title='preload.js (Preload Script)'
+// You can also put expose this code to the renderer
+// process with the `contextBridge` API
+const { ipcRenderer } = require('electron')
+
+const result = ipcRenderer.sendSync('synchronous-message', 'ping')
+console.log(result) // prints "pong" in the DevTools console
+```
+
+The structure of this code is very similar to the `invoke` model, but we recommend
+**avoiding this API** for performance reasons. Its synchronous nature means that it'll block the
+renderer process until a reply is received.
+
+## Pattern 3: Main to renderer
+
+When sending a message from the main process to a renderer process, you need to specify which
+renderer is receiving the message. Messages need to be sent to a renderer process
+via its [`WebContents`] instance. This WebContents instance contains a [`send`][webcontents-send] method
+that can be used in the same way as `ipcRenderer.send`.
+
+To demonstrate this pattern, we'll be building a number counter controlled by the native operating
+system menu.
+
+For this demo, you'll need to add code to your main process, your renderer process, and a preload
+script. The full code is below, but we'll be explaining each file individually in the following
+sections.
+
+```fiddle docs/fiddles/ipc/pattern-3
+```
+
+### 1. Send messages with the `webContents` module
+
+For this demo, we'll need to first build a custom menu in the main process using Electron's `Menu`
+module that uses the `webContents.send` API to send an IPC message from the main process to the
+target renderer.
+
+```javascript {11-26} title='main.js (Main Process)'
+const {app, BrowserWindow, Menu, ipcMain} = require('electron')
+const path = require('path')
+
+function createWindow () {
+  const mainWindow = new BrowserWindow({
+    webPreferences: {
+      preload: path.join(__dirname, 'preload.js')
+    }
+  })
+
+  const menu = Menu.buildFromTemplate([
+    {
+      label: app.name,
+      submenu: [
+        {
+          click: () => mainWindow.webContents.send('update-counter', 1),
+          label: 'Increment',
+        },
+        {
+          click: () => mainWindow.webContents.send('update-counter', -1),
+          label: 'Decrement',
+        }
+      ]
+    }
+  ])
+  Menu.setApplicationMenu(menu)
+
+  mainWindow.loadFile('index.html')
+}
+//...
+
+```
+
+For the purposes of the tutorial, it's important to note that the `click` handler
+sends a message (either `1` or `-1`) to the renderer process through the `update-counter` channel.
+
+```javascript
+click: () => mainWindow.webContents.send('update-counter', -1)
+```
+
+:::info
+Make sure you're loading the `index.html` and `preload.js` entry points for the following steps!
+:::
+
+### 2. Expose `ipcRenderer.on` via preload
+
+Like in the previous renderer-to-main example, we use the `contextBridge` and `ipcRenderer`
+modules in the preload script to expose IPC functionality to the renderer process:
+
+```javascript title='preload.js (Preload Script)'
+const { contextBridge, ipcRenderer } = require('electron')
+
+contextBridge.exposeInMainWorld('electronAPI', {
+    onUpdateCounter: (callback) => ipcRenderer.on('update-counter', callback)
+})
+```
+
+After loading the preload script, your renderer process should have access to the
+`window.electronAPI.onUpdateCounter()` listener function.
+
+:::caution Security warning
+We don't directly expose the whole `ipcRenderer.on` API for [security reasons]. Make sure to
+limit the renderer's access to Electron APIs as much as possible.
+:::
+
+:::info
+In the case of this minimal example, you can call `ipcRenderer.on` directly in the preload script
+rather than exposing it over the context bridge.
+
+```javascript title='preload.js (Preload Script)'
+const { ipcRenderer } = require('electron')
+
+window.addEventListener('DOMContentLoaded', () => {
+    const counter = document.getElementById('counter')
+    ipcRenderer.on('update-counter', (_event, value) => {
+        const oldValue = Number(counter.innerText)
+        const newValue = oldValue + value
+        counter.innerText = newValue
+    })
+})
+```
+
+However, this approach has limited flexibility compared to exposing your preload APIs
+over the context bridge, since your listener can't directly interact with your renderer code.
+:::
+
+### 3. Build the renderer process UI
+
+To tie it all together, we'll create an interface in the loaded HTML file that contains a
+`#counter` element that we'll use to display the values:
+
+```html {10} title='index.html'
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset="UTF-8">
+    <!-- https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP -->
+    <meta http-equiv="Content-Security-Policy" content="default-src 'self'; script-src 'self'">
+    <title>Menu Counter</title>
+  </head>
+  <body>
+    Current value: <strong id="counter">0</strong>
+    <script src="./renderer.js"></script>
+  </body>
+</html>
+```
+
+Finally, to make the values update in the HTML document, we'll add a few lines of DOM manipulation
+so that the value of the `#counter` element is updated whenever we fire an `update-counter` event.
+
+```javascript title='renderer.js (Renderer Process)'
+const counter = document.getElementById('counter')
+
+window.electronAPI.onUpdateCounter((_event, value) => {
+    const oldValue = Number(counter.innerText)
+    const newValue = oldValue + value
+    counter.innerText = newValue
+})
+```
+
+In the above code, we're passing in a callback to the `window.electronAPI.onUpdateCounter` function
+exposed from our preload script. The second `value` parameter corresponds to the `1` or `-1` we
+were passing in from the `webContents.send` call from the native menu.
+
+### Optional: returning a reply
+
+There's no equivalent for `ipcRenderer.invoke` for main-to-renderer IPC. Instead, you can
+send a reply back to the main process from within the `ipcRenderer.on` callback.
+
+We can demonstrate this with slight modifications to the code from the previous example. In the
+renderer process, use the `event` parameter to send a reply back to the main process through the
+`counter-value` channel.
+
+```javascript title='renderer.js (Renderer Process)'
+const counter = document.getElementById('counter')
+
+window.electronAPI.onUpdateCounter((event, value) => {
+  const oldValue = Number(counter.innerText)
+  const newValue = oldValue + value
+  counter.innerText = newValue
+  event.sender.send('counter-value', newValue)
+})
+```
+
+In the main process, listen for `counter-value` events and handle them appropriately.
+
+```javascript title='main.js (Main Process)'
+//...
+ipcMain.on('counter-value', (_event, value) => {
+  console.log(value) // will print value to Node console
+})
+//...
+```
+
+## Pattern 4: Renderer to renderer
+
+There's no direct way to send messages between renderer processes in Electron using the `ipcMain`
+and `ipcRenderer` modules. To achieve this, you have two options:
+
+* Use the main process as a message broker between renderers. This would involve sending a message
+from one renderer to the main process, which would forward the message to the other renderer.
+* Pass a [MessagePort] from the main process to both renderers. This will allow direct communication
+between renderers after the initial setup.
+
+## Object serialization
+
+Electron's IPC implementation uses the HTML standard
+[Structured Clone Algorithm][sca] to serialize objects passed between processes, meaning that
+only certain types of objects can be passed through IPC channels.
+
+In particular, DOM objects (e.g. `Element`, `Location` and `DOMMatrix`), Node.js objects
+backed by C++ classes (e.g. `process.env`, some members of `Stream`), and Electron objects
+backed by C++ classes (e.g. `WebContents`, `BrowserWindow` and `WebFrame`) are not serializable
+with Structured Clone.
+
+[context isolation tutorial]: context-isolation.md
+[security reasons]: ./context-isolation.md#security-considerations
+[`ipcMain`]: ../api/ipc-main.md
+[`ipcMain.handle`]: ../api/ipc-main.md#ipcmainhandlechannel-listener
+[`ipcMain.on`]: ../api/ipc-main.md
+[IpcMainEvent]: ../api/structures/ipc-main-event.md
+[`ipcRenderer`]: ../api/ipc-renderer.md
+[`ipcRenderer.invoke`]: ../api/ipc-renderer.md#ipcrendererinvokechannel-args
+[`ipcRenderer.send`]: ../api/ipc-renderer.md
+[MessagePort]: ./message-ports.md
+[preload script]: process-model.md#preload-scripts
+[process model docs]: process-model.md
+[sca]: https://developer.mozilla.org/en-US/docs/Web/API/Web_Workers_API/Structured_clone_algorithm
+[`WebContents`]: ../api/web-contents.md
+[webcontents-send]: ../api/web-contents.md#contentssendchannel-args

docs/tutorial/quick-start.md

@@ -131,7 +131,6 @@ folder of your project:
     <meta charset="UTF-8">
     <!-- https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP -->
     <meta http-equiv="Content-Security-Policy" content="default-src 'self'; script-src 'self'">
-    <meta http-equiv="X-Content-Security-Policy" content="default-src 'self'; script-src 'self'">
     <title>Hello World!</title>
   </head>
   <body>
@@ -427,7 +426,6 @@ window.addEventListener('DOMContentLoaded', () => {
     <meta charset="UTF-8">
     <!-- https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP -->
     <meta http-equiv="Content-Security-Policy" content="default-src 'self'; script-src 'self'">
-    <meta http-equiv="X-Content-Security-Policy" content="default-src 'self'; script-src 'self'">
     <title>Hello World!</title>
   </head>
   <body>

electron_paks.gni

@@ -175,8 +175,10 @@ template("electron_paks") {
     source_patterns = [
       "${root_gen_dir}/chrome/platform_locale_settings_",
       "${root_gen_dir}/components/strings/components_strings_",
+      "${root_gen_dir}/third_party/blink/public/strings/blink_accessibility_strings_",
       "${root_gen_dir}/third_party/blink/public/strings/blink_strings_",
       "${root_gen_dir}/device/bluetooth/strings/bluetooth_strings_",
+      "${root_gen_dir}/extensions/strings/extensions_strings_",
       "${root_gen_dir}/services/strings/services_strings_",
       "${root_gen_dir}/ui/strings/app_locale_settings_",
       "${root_gen_dir}/ui/strings/ax_strings_",
@@ -186,8 +188,10 @@ template("electron_paks") {
       "//chrome/app/resources:platform_locale_settings",
       "//components/strings:components_strings",
       "//device/bluetooth/strings",
+      "//extensions/strings",
       "//services/strings",
       "//third_party/blink/public/strings",
+      "//third_party/blink/public/strings:accessibility_strings",
       "//ui/strings:app_locale_settings",
       "//ui/strings:ax_strings",
       "//ui/strings:ui_strings",

electron_strings.grdp

@@ -145,4 +145,16 @@
   </message>
   <message name="IDS_HID_CHOOSER_ITEM_WITHOUT_NAME" desc="User option displaying the device IDs for a Human Interface Device (HID) without a device name.">
         Unknown Device (<ph name="DEVICE_ID">$1<ex>1234:abcd</ex></ph>) </message>
+  <if expr="is_win">
+    <then>
+      <message name="IDS_AX_UNLABELED_IMAGE_ROLE_DESCRIPTION" desc="Accessibility role description for a graphic (image) on a web page or PDF that does not have a description for blind users." is_accessibility_with_no_ui="true">
+        Unlabeled graphic
+      </message>
+    </then>
+    <else>
+      <message name="IDS_AX_UNLABELED_IMAGE_ROLE_DESCRIPTION" desc="Accessibility role description for an image on a web page or PDF that does not have a description for blind users." is_accessibility_with_no_ui="true">
+        Unlabeled image
+      </message>
+    </else>
+  </if>
 </grit-part>

filenames.gni

@@ -53,8 +53,6 @@ filenames = {
     "shell/browser/ui/views/global_menu_bar_x11.h",
     "shell/browser/ui/x/event_disabler.cc",
     "shell/browser/ui/x/event_disabler.h",
-    "shell/browser/ui/x/window_state_watcher.cc",
-    "shell/browser/ui/x/window_state_watcher.h",
     "shell/browser/ui/x/x_window_utils.cc",
     "shell/browser/ui/x/x_window_utils.h",
   ]

lib/browser/api/browser-window.ts

@@ -72,7 +72,10 @@ BrowserWindow.getAllWindows = () => {
 
 BrowserWindow.getFocusedWindow = () => {
   for (const window of BrowserWindow.getAllWindows()) {
-    if (window.isFocused() || window.isDevToolsFocused()) return window;
+    const hasWC = window.webContents && !window.webContents.isDestroyed();
+    if (!window.isDestroyed() && hasWC) {
+      if (window.isFocused() || window.isDevToolsFocused()) return window;
+    }
   }
   return null;
 };

lib/browser/api/web-contents.ts

@@ -617,6 +617,7 @@ WebContents.prototype._init = function () {
   });
 
   this.on('-ipc-ports' as any, function (event: Electron.IpcMainEvent, internal: boolean, channel: string, message: any, ports: any[]) {
+    addSenderFrameToEvent(event);
     event.ports = ports.map(p => new MessagePortMain(p));
     ipcMain.emit(channel, event, message);
   });

package.json

@@ -1,9 +1,10 @@
 {
   "name": "electron",
-  "version": "18.0.0",
+  "version": "18.3.4",
   "repository": "https://github.com/electron/electron",
   "description": "Build cross platform desktop apps with JavaScript, HTML, and CSS",
   "devDependencies": {
+    "@azure/storage-blob": "^12.9.0",
     "@electron/docs-parser": "^0.12.3",
     "@electron/typescript-definitions": "^8.9.5",
     "@octokit/auth-app": "^2.10.0",
@@ -78,14 +79,14 @@
     "generate-version-json": "node script/generate-version-json.js",
     "lint": "node ./script/lint.js && npm run lint:clang-format && npm run lint:docs",
     "lint:js": "node ./script/lint.js --js",
-    "lint:clang-format": "python script/run-clang-format.py -r -c shell/ || (echo \"\\nCode not formatted correctly.\" && exit 1)",
+    "lint:clang-format": "python3 script/run-clang-format.py -r -c shell/ || (echo \"\\nCode not formatted correctly.\" && exit 1)",
     "lint:clang-tidy": "ts-node ./script/run-clang-tidy.ts",
     "lint:cpp": "node ./script/lint.js --cc",
     "lint:objc": "node ./script/lint.js --objc",
     "lint:py": "node ./script/lint.js --py",
     "lint:gn": "node ./script/lint.js --gn",
     "lint:docs": "remark docs -qf && npm run lint:js-in-markdown && npm run create-typescript-definitions && npm run lint:docs-relative-links && npm run lint:markdownlint",
-    "lint:docs-relative-links": "python ./script/check-relative-doc-links.py",
+    "lint:docs-relative-links": "python3 ./script/check-relative-doc-links.py",
     "lint:markdownlint": "markdownlint \"*.md\" \"docs/**/*.md\"",
     "lint:js-in-markdown": "standard-markdown docs",
     "create-api-json": "electron-docs-parser --dir=./",
@@ -116,14 +117,14 @@
       "ts-node script/gen-filenames.ts"
     ],
     "*.{cc,mm,c,h}": [
-      "python script/run-clang-format.py -r -c --fix"
+      "python3 script/run-clang-format.py -r -c --fix"
     ],
     "*.md": [
       "npm run lint:docs"
     ],
     "*.{gn,gni}": [
       "npm run gn-check",
-      "python script/run-gn-format.py"
+      "python3 script/run-gn-format.py"
     ],
     "*.py": [
       "node script/lint.js --py --fix --only --"

patches/angle/.patches

@@ -0,0 +1,2 @@
+cherry-pick-9768648fffc9.patch
+cherry-pick-6661eb4900da.patch

patches/angle/cherry-pick-6661eb4900da.patch

@@ -0,0 +1,27 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Jamie Madill <jmadill@chromium.org>
+Date: Mon, 2 May 2022 15:42:23 -0400
+Subject: Fix validation cache when deleting a Transform Feedback.
+
+Bug: chromium:1320024
+Change-Id: I76ef85a3c65c663c138d8caebd4ef2c0da53cd4f
+Reviewed-on: https://chromium-review.googlesource.com/c/angle/angle/+/3621780
+Commit-Queue: Jamie Madill <jmadill@chromium.org>
+Reviewed-by: Shahbaz Youssefi <syoussefi@chromium.org>
+Commit-Queue: Shahbaz Youssefi <syoussefi@chromium.org>
+(cherry picked from commit 84e42c3b04da9e2c9d93d35bb6f2b1830fef22f4)
+Reviewed-on: https://chromium-review.googlesource.com/c/angle/angle/+/3650697
+Reviewed-by: Geoff Lang <geofflang@chromium.org>
+
+diff --git a/src/libANGLE/Context.cpp b/src/libANGLE/Context.cpp
+index 390f7bc6790abe5d84b05f97160966eca46fee05..86da3fd82fff38c911e8678a1f6c415583b38381 100755
+--- a/src/libANGLE/Context.cpp
++++ b/src/libANGLE/Context.cpp
+@@ -3075,6 +3075,7 @@ void Context::detachTransformFeedback(TransformFeedbackID transformFeedback)
+     if (mState.removeTransformFeedbackBinding(this, transformFeedback))
+     {
+         bindTransformFeedback(GL_TRANSFORM_FEEDBACK, {0});
++        mStateCache.onActiveTransformFeedbackChange(this);
+     }
+ }
+ 

patches/angle/cherry-pick-9768648fffc9.patch

@@ -0,0 +1,26 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: SeongHwan Park <ggabu423@gmail.com>
+Date: Tue, 31 May 2022 02:41:32 +0900
+Subject: Fix to invalidate cache when binding Transform Feedback.
+
+Bug: chromium:1330379
+Change-Id: I091116286ac511c50f9abcffa4d3cf350be920b4
+Reviewed-on: https://chromium-review.googlesource.com/c/angle/angle/+/3677115
+Commit-Queue: Jamie Madill <jmadill@chromium.org>
+Reviewed-by: Jamie Madill <jmadill@chromium.org>
+(cherry picked from commit d96cee6685099f6bcc392a4d20d28c8ec484673a)
+Reviewed-on: https://chromium-review.googlesource.com/c/angle/angle/+/3691799
+Reviewed-by: Shahbaz Youssefi <syoussefi@chromium.org>
+
+diff --git a/src/libANGLE/Context.cpp b/src/libANGLE/Context.cpp
+index 685b235cc5962c4f55f539e387dda8c7edb023bc..390f7bc6790abe5d84b05f97160966eca46fee05 100755
+--- a/src/libANGLE/Context.cpp
++++ b/src/libANGLE/Context.cpp
+@@ -1323,6 +1323,7 @@ void Context::bindTransformFeedback(GLenum target, TransformFeedbackID transform
+     TransformFeedback *transformFeedback =
+         checkTransformFeedbackAllocation(transformFeedbackHandle);
+     mState.setTransformFeedbackBinding(this, transformFeedback);
++    mStateCache.onActiveTransformFeedbackChange(this);
+ }
+ 
+ void Context::bindProgramPipeline(ProgramPipelineID pipelineHandle)

patches/chromium/.patches

@@ -66,7 +66,6 @@ feat_enable_offscreen_rendering_with_viz_compositor.patch
 gpu_notify_when_dxdiag_request_fails.patch
 feat_allow_embedders_to_add_observers_on_created_hunspell.patch
 feat_add_onclose_to_messageport.patch
-ui_gtk_public_header.patch
 allow_in-process_windows_to_have_different_web_prefs.patch
 refactor_expose_cursor_changes_to_the_webcontentsobserver.patch
 crash_allow_setting_more_options.patch
@@ -103,14 +102,24 @@ chore_do_not_use_chrome_windows_in_cryptotoken_webrequestsender.patch
 process_singleton.patch
 fix_expose_decrementcapturercount_in_web_contents_impl.patch
 add_ui_scopedcliboardwriter_writeunsaferawdata.patch
+feat_add_data_parameter_to_processsingleton.patch
 mas_gate_private_enterprise_APIs.patch
 load_v8_snapshot_in_browser_process.patch
-fix_patch_out_permissions_checks_in_exclusive_access.patch
+fix_adapt_exclusive_access_for_electron_needs.patch
 fix_aspect_ratio_with_max_size.patch
 fix_dont_delete_SerialPortManager_on_main_thread.patch
-feat_add_data_transfer_to_requestsingleinstancelock.patch
 fix_crash_when_saving_edited_pdf_files.patch
 port_autofill_colors_to_the_color_pipeline.patch
 build_disable_partition_alloc_on_mac.patch
 fix_non-client_mouse_tracking_and_message_bubbling_on_windows.patch
 remove_incorrect_width_height_adjustments.patch
+introduce_ozoneplatform_electron_can_call_x11_property.patch
+make_gtk_getlibgtk_public.patch
+cherry-pick-cf64617c1cc5.patch
+cherry-pick-e2b8856012e0.patch
+cherry-pick-6b66a45021a0.patch
+fix_xkb_keysym_reverse_look_up_for_lacros.patch
+custom_protocols_plzserviceworker.patch
+pa_support_16kb_pagesize_on_linux_arm64.patch
+cherry-pick-21139756239b.patch
+cherry-pick-f1dd785e021e.patch

patches/chromium/build_disable_partition_alloc_on_mac.patch

@@ -9,7 +9,7 @@ and can be removed when the crash in fork is resolved.
 Related issue: https://github.com/electron/electron/issues/32718
 
 diff --git a/base/allocator/allocator.gni b/base/allocator/allocator.gni
-index e0540a65e5fa3d46b3a260fbddb4689f2c929bd4..11ac00ac5b6eddbe41fd9e003818e98ae62a3df1 100644
+index 8fa0c36007a0ae0e4553709d27a8231efb08459b..3c4f93fc98b5002572adc78cb9a21b3e78c9f3e0 100644
 --- a/base/allocator/allocator.gni
 +++ b/base/allocator/allocator.gni
 @@ -20,7 +20,7 @@ _disable_partition_alloc = is_component_build || (is_win && is_debug)

patches/chromium/build_do_not_depend_on_packed_resource_integrity.patch

@@ -11,7 +11,7 @@ if we ever align our .pak file generation with Chrome we can remove this
 patch.
 
 diff --git a/chrome/BUILD.gn b/chrome/BUILD.gn
-index 0cf38ad237727254c77472f73d82d6f65fe14bde..83d9746bd6f5b4b9a87d2e9ee185e0e8a8300490 100644
+index f2c4feac76e96575de3627b7e8f2373b4fb30411..f5fa6b21594c97a08d1aefd790a4846d9b3e1a45 100644
 --- a/chrome/BUILD.gn
 +++ b/chrome/BUILD.gn
 @@ -171,11 +171,16 @@ if (!is_android && !is_mac) {
@@ -46,10 +46,10 @@ index 492cd8e11e28e0b427aca227665295a3052af765..760d2171c5083820fbbf66ce5d7d3c80
        sources += [ "certificate_viewer_stub.cc" ]
      }
 diff --git a/chrome/test/BUILD.gn b/chrome/test/BUILD.gn
-index 768da31eb760ed382465f65bf34589f7e8dd794d..be82ce60faebd0846d65334110e7a92fe239b6d6 100644
+index 028d269850e66db444591cda7005a0f8434193e9..cc0d14cd9798c6bbee80581c95eb8281ce7fb6ba 100644
 --- a/chrome/test/BUILD.gn
 +++ b/chrome/test/BUILD.gn
-@@ -5721,7 +5721,6 @@ test("unit_tests") {
+@@ -5722,7 +5722,6 @@ test("unit_tests") {
  
      deps += [
        "//chrome:other_version",
@@ -57,7 +57,7 @@ index 768da31eb760ed382465f65bf34589f7e8dd794d..be82ce60faebd0846d65334110e7a92f
        "//chrome//services/util_win:unit_tests",
        "//chrome/app:chrome_dll_resources",
        "//chrome/browser:chrome_process_finder",
-@@ -5744,6 +5743,10 @@ test("unit_tests") {
+@@ -5745,6 +5744,10 @@ test("unit_tests") {
        "//ui/resources",
      ]
  
@@ -68,7 +68,7 @@ index 768da31eb760ed382465f65bf34589f7e8dd794d..be82ce60faebd0846d65334110e7a92f
      ldflags = [
        "/DELAYLOAD:api-ms-win-core-winrt-error-l1-1-0.dll",
        "/DELAYLOAD:api-ms-win-core-winrt-l1-1-0.dll",
-@@ -6437,7 +6440,6 @@ test("unit_tests") {
+@@ -6438,7 +6441,6 @@ test("unit_tests") {
      }
  
      deps += [
@@ -76,7 +76,7 @@ index 768da31eb760ed382465f65bf34589f7e8dd794d..be82ce60faebd0846d65334110e7a92f
        "//chrome/browser:cart_db_content_proto",
        "//chrome/browser:coupon_db_content_proto",
        "//chrome/browser/media/router:test_support",
-@@ -6482,6 +6484,11 @@ test("unit_tests") {
+@@ -6483,6 +6485,11 @@ test("unit_tests") {
        "//ui/native_theme:test_support",
        "//ui/webui/resources/js/browser_command:mojo_bindings",
      ]

patches/chromium/can_create_window.patch

@@ -21,10 +21,10 @@ index 36a8fa8d3e981707e6688379813560ba94209ab3..e36a19c847912b007a94464321bb83b1
            &no_javascript_access);
  
 diff --git a/content/browser/web_contents/web_contents_impl.cc b/content/browser/web_contents/web_contents_impl.cc
-index f28855f738e3b98196813a6d306ba30f7f294cb2..5afb01c9de253053243a1add87269a9d848b5297 100644
+index 2b2d267bcaac7eaaf63055d2108e03835f94ea3d..b406cd71133062618258a7d56e69b5e258687e12 100644
 --- a/content/browser/web_contents/web_contents_impl.cc
 +++ b/content/browser/web_contents/web_contents_impl.cc
-@@ -3925,6 +3925,14 @@ FrameTree* WebContentsImpl::CreateNewWindow(
+@@ -3934,6 +3934,14 @@ FrameTree* WebContentsImpl::CreateNewWindow(
    }
    auto* new_contents_impl = new_contents.get();
  
@@ -39,7 +39,7 @@ index f28855f738e3b98196813a6d306ba30f7f294cb2..5afb01c9de253053243a1add87269a9d
    new_contents_impl->GetController().SetSessionStorageNamespace(
        partition_config, session_storage_namespace);
  
-@@ -3967,12 +3975,6 @@ FrameTree* WebContentsImpl::CreateNewWindow(
+@@ -3976,12 +3984,6 @@ FrameTree* WebContentsImpl::CreateNewWindow(
      AddWebContentsDestructionObserver(new_contents_impl);
    }
  
@@ -220,10 +220,10 @@ index 84d32491a56528a84b4395fba1d54cdbb38d522b..09998a83c449ef8cd9f360fbcdcf7edc
  
  }  // namespace blink
 diff --git a/third_party/blink/renderer/core/frame/local_dom_window.cc b/third_party/blink/renderer/core/frame/local_dom_window.cc
-index 12658b5c9ca6bc10cffd2c9e8ddf45bac697e75c..284f3ed1513009092ecdf2be6ff87641cc404cd9 100644
+index 030cc373443766b6485a888f5627885f535e06fc..7bc60b17a0f1aeb208f6d7d85cd6fa537c44c54a 100644
 --- a/third_party/blink/renderer/core/frame/local_dom_window.cc
 +++ b/third_party/blink/renderer/core/frame/local_dom_window.cc
-@@ -2051,6 +2051,7 @@ DOMWindow* LocalDOMWindow::open(v8::Isolate* isolate,
+@@ -2050,6 +2050,7 @@ DOMWindow* LocalDOMWindow::open(v8::Isolate* isolate,
  
    WebWindowFeatures window_features =
        GetWindowFeaturesFromString(features, incumbent_window);

patches/chromium/cherry-pick-21139756239b.patch

@@ -0,0 +1,114 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Ari Chivukula <arichiv@chromium.org>
+Date: Tue, 17 May 2022 18:17:07 +0000
+Subject: {M102 PICK} [IndexedDB] Use-After-Free Fix
+
+We can't guarantee order in the task the constructor dispatches the same
+way we could before due to all the async changes. Let's be sure all the
+objects exist before using them now. Long term, we need to address
+ownership of the idb context.
+
+Bug: 1324864, 1218100
+Change-Id: Id5753297a4c966432028a1e7e063c5f1bed6f619
+Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3646994
+Reviewed-by: Ayu Ishii <ayui@chromium.org>
+Commit-Queue: Srinivas Sista <srinivassista@chromium.org>
+Cr-Commit-Position: refs/branch-heads/5005@{#812}
+Cr-Branched-From: 5b4d9450fee01f821b6400e947b3839727643a71-refs/heads/main@{#992738}
+
+diff --git a/content/browser/indexed_db/indexed_db_context_impl.cc b/content/browser/indexed_db/indexed_db_context_impl.cc
+index 9472e762729312bf68073c95056ce09e324148da..219904d80798f71f0be23ee9ffeb5c58d030fb55 100644
+--- a/content/browser/indexed_db/indexed_db_context_impl.cc
++++ b/content/browser/indexed_db/indexed_db_context_impl.cc
+@@ -167,38 +167,32 @@ IndexedDBContextImpl::IndexedDBContextImpl(
+       std::move(quota_client_remote),
+       storage::QuotaClientType::kIndexedDatabase,
+       {blink::mojom::StorageType::kTemporary});
++  IDBTaskRunner()->PostTask(
++      FROM_HERE, base::BindOnce(&IndexedDBContextImpl::BindPipesOnIDBSequence,
++                                weak_factory_.GetWeakPtr(),
++                                std::move(quota_client_receiver),
++                                std::move(blob_storage_context),
++                                std::move(file_system_access_context)));
++}
+ 
+-  // This is safe because the IndexedDBContextImpl must be destructed on the
+-  // IDBTaskRunner, and this task will always happen before that.
+-  idb_task_runner_->PostTask(
+-      FROM_HERE,
+-      base::BindOnce(
+-          [](mojo::Remote<storage::mojom::BlobStorageContext>*
+-                 blob_storage_context,
+-             mojo::Remote<storage::mojom::FileSystemAccessContext>*
+-                 file_system_access_context,
+-             mojo::Receiver<storage::mojom::QuotaClient>* quota_client_receiver,
+-             mojo::PendingRemote<storage::mojom::BlobStorageContext>
+-                 pending_blob_storage_context,
+-             mojo::PendingRemote<storage::mojom::FileSystemAccessContext>
+-                 pending_file_system_access_context,
+-             mojo::PendingReceiver<storage::mojom::QuotaClient>
+-                 quota_client_pending_receiver) {
+-            quota_client_receiver->Bind(
+-                std::move(quota_client_pending_receiver));
+-            if (pending_blob_storage_context) {
+-              blob_storage_context->Bind(
+-                  std::move(pending_blob_storage_context));
+-            }
+-            if (pending_file_system_access_context) {
+-              file_system_access_context->Bind(
+-                  std::move(pending_file_system_access_context));
+-            }
+-          },
+-          &blob_storage_context_, &file_system_access_context_,
+-          &quota_client_receiver_, std::move(blob_storage_context),
+-          std::move(file_system_access_context),
+-          std::move(quota_client_receiver)));
++void IndexedDBContextImpl::BindPipesOnIDBSequence(
++    mojo::PendingReceiver<storage::mojom::QuotaClient>
++        pending_quota_client_receiver,
++    mojo::PendingRemote<storage::mojom::BlobStorageContext>
++        pending_blob_storage_context,
++    mojo::PendingRemote<storage::mojom::FileSystemAccessContext>
++        pending_file_system_access_context) {
++  DCHECK(IDBTaskRunner()->RunsTasksInCurrentSequence());
++  if (pending_quota_client_receiver) {
++    quota_client_receiver_.Bind(std::move(pending_quota_client_receiver));
++  }
++  if (pending_blob_storage_context) {
++    blob_storage_context_.Bind(std::move(pending_blob_storage_context));
++  }
++  if (pending_file_system_access_context) {
++    file_system_access_context_.Bind(
++        std::move(pending_file_system_access_context));
++  }
+ }
+ 
+ void IndexedDBContextImpl::Bind(
+diff --git a/content/browser/indexed_db/indexed_db_context_impl.h b/content/browser/indexed_db/indexed_db_context_impl.h
+index 4b874b244778d831e0fa8ca3bbfd7e751897923e..ad2f984e130ece867c0f0dc7ca9ae52b8ec12ae9 100644
+--- a/content/browser/indexed_db/indexed_db_context_impl.h
++++ b/content/browser/indexed_db/indexed_db_context_impl.h
+@@ -224,6 +224,14 @@ class CONTENT_EXPORT IndexedDBContextImpl
+ 
+   ~IndexedDBContextImpl() override;
+ 
++  void BindPipesOnIDBSequence(
++      mojo::PendingReceiver<storage::mojom::QuotaClient>
++          pending_quota_client_receiver,
++      mojo::PendingRemote<storage::mojom::BlobStorageContext>
++          pending_blob_storage_context,
++      mojo::PendingRemote<storage::mojom::FileSystemAccessContext>
++          pending_file_system_access_context);
++
+   // Binds receiver on bucket retrieval to ensure that a bucket always exists
+   // for a storage key.
+   void BindIndexedDBWithBucket(
+@@ -282,6 +290,8 @@ class CONTENT_EXPORT IndexedDBContextImpl
+   mojo::Receiver<storage::mojom::QuotaClient> quota_client_receiver_;
+   const std::unique_ptr<storage::FilesystemProxy> filesystem_proxy_;
+ 
++  // weak_factory_->GetWeakPtr() may be used on any thread, but the resulting
++  // pointer must only be checked/used on idb_task_runner_.
+   base::WeakPtrFactory<IndexedDBContextImpl> weak_factory_{this};
+ };
+ 

patches/chromium/cherry-pick-6b66a45021a0.patch

@@ -0,0 +1,259 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Garrett Tanzer <gtanzer@chromium.org>
+Date: Wed, 2 Mar 2022 18:33:42 +0000
+Subject: Reland "Fix noopener case for user activation consumption"
+
+This is a reland of e9828a82b5c182dc9a7fb0ae7226c35ba1726e7d
+
+The MSAN error is from checking status before err in
+content/renderer/render_view_impl.cc .
+https://ci.chromium.org/ui/p/chromium/builders/ci/Linux%20ChromiumOS%20MSan%20Tests/b8821495655905086193/overview
+
+The fix is to split the check for err and kIgnore into two checks,
+and put the err check before kBlocked.
+
+It is probably possible for the browser to consume user activation
+but then eventually mojo returns an error and the renderer doesn't
+consume activation, but that seems pretty marginal.
+
+Original change's description:
+> Fix noopener case for user activation consumption
+>
+>
+> The flow for user activation consumption in window.open was as follows:
+>
+> Renderer: ask the browser to create a new window
+> Browser: consume transient user activation (in the browser, and via RPC
+> to remote frames only)
+> Browser: return success for opener, return ignore for noopener
+> Renderer: consume transient user activation upon success
+>
+> So in the noopener case, the renderer with the local frame where the
+> window.open originated didn't have its transient user activation
+> consumed.
+>
+>
+> The new behavior is to consume user activation in the calling renderer
+> whenever it is consumed in the browser. We accomplish this by returning
+> a distinct value kBlocked to represent failure before the browser
+> consumes user activation.
+>
+> Bug: 1264543, 1291210
+> Change-Id: Iffb6e3fd772bef625d3d28e600e6fb73d70ab29f
+> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3468171
+> Reviewed-by: Dominic Farolino <dom@chromium.org>
+> Reviewed-by: Ken Buchanan <kenrb@chromium.org>
+> Reviewed-by: Mustaq Ahmed <mustaq@chromium.org>
+> Reviewed-by: Charles Reis <creis@chromium.org>
+> Reviewed-by: Jonathan Ross <jonross@chromium.org>
+> Reviewed-by: Daniel Cheng <dcheng@chromium.org>
+> Commit-Queue: Garrett Tanzer <gtanzer@chromium.org>
+> Cr-Commit-Position: refs/heads/main@{#973876}
+
+Bug: 1264543, 1291210
+Change-Id: Ie27c4d68db34dfd98adee7cc5c743953dad59834
+Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3481666
+Reviewed-by: Jonathan Ross <jonross@chromium.org>
+Reviewed-by: Daniel Cheng <dcheng@chromium.org>
+Reviewed-by: Mustaq Ahmed <mustaq@chromium.org>
+Reviewed-by: Ken Buchanan <kenrb@chromium.org>
+Reviewed-by: Charles Reis <creis@chromium.org>
+Commit-Queue: Garrett Tanzer <gtanzer@chromium.org>
+Cr-Commit-Position: refs/heads/main@{#976745}
+
+diff --git a/chrome/browser/site_isolation/chrome_site_per_process_browsertest.cc b/chrome/browser/site_isolation/chrome_site_per_process_browsertest.cc
+index 4c7d9a3fc2d90b751b8b6dd109f223132eb27fe6..2c6ec16e1700882a0ea30c022e1bb0b5eb3a88f8 100644
+--- a/chrome/browser/site_isolation/chrome_site_per_process_browsertest.cc
++++ b/chrome/browser/site_isolation/chrome_site_per_process_browsertest.cc
+@@ -1187,6 +1187,52 @@ IN_PROC_BROWSER_TEST_F(ChromeSitePerProcessTest,
+   EXPECT_FALSE(frame_c_popup_opened);
+ }
+ 
++// Test that opening a window with `noopener` consumes user activation.
++// crbug.com/1264543, crbug.com/1291210
++IN_PROC_BROWSER_TEST_F(ChromeSitePerProcessTest,
++                       UserActivationConsumptionNoopener) {
++  // Start on a page a.com.
++  GURL main_url(embedded_test_server()->GetURL(
++      "a.com", "/cross_site_iframe_factory.html?a"));
++  ASSERT_TRUE(ui_test_utils::NavigateToURL(browser(), main_url));
++  content::WebContents* web_contents =
++      browser()->tab_strip_model()->GetActiveWebContents();
++
++  // Activate the frame by executing a dummy script.
++  const std::string no_op_script = "// No-op script";
++  EXPECT_TRUE(ExecuteScript(web_contents, no_op_script));
++
++  // Add a popup observer.
++  content::TestNavigationObserver popup_observer(nullptr);
++  popup_observer.StartWatchingNewWebContents();
++
++  // Open a popup from the frame, with `noopener`. This should consume
++  // transient user activation.
++  GURL popup_url(embedded_test_server()->GetURL("popup.com", "/"));
++  EXPECT_TRUE(ExecuteScriptWithoutUserGesture(
++      web_contents,
++      base::StringPrintf(
++          "window.w = window.open('%s'+'title1.html', '_blank', 'noopener');",
++          popup_url.spec().c_str())));
++
++  // Try to open another popup.
++  EXPECT_TRUE(ExecuteScriptWithoutUserGesture(
++      web_contents,
++      base::StringPrintf(
++          "window.w = window.open('%s'+'title2.html', '_blank', 'noopener');",
++          popup_url.spec().c_str())));
++
++  // Wait and check that only one popup was opened.
++  popup_observer.Wait();
++  EXPECT_EQ(2, browser()->tab_strip_model()->count());
++
++  content::WebContents* popup =
++      browser()->tab_strip_model()->GetActiveWebContents();
++  EXPECT_EQ(embedded_test_server()->GetURL("popup.com", "/title1.html"),
++            popup->GetLastCommittedURL());
++  EXPECT_NE(popup, web_contents);
++}
++
+ // TODO(crbug.com/1021895): Flaky.
+ // Tests that a cross-site iframe runs its beforeunload handler when closing a
+ // tab.  See https://crbug.com/853021.
+diff --git a/content/browser/renderer_host/render_frame_host_impl.cc b/content/browser/renderer_host/render_frame_host_impl.cc
+index afd175d35096b0a50ccee3f2b14c632adbfec58a..b346e9adcb73d80c260e4095b140acd319f69e89 100644
+--- a/content/browser/renderer_host/render_frame_host_impl.cc
++++ b/content/browser/renderer_host/render_frame_host_impl.cc
+@@ -6719,17 +6719,22 @@ void RenderFrameHostImpl::CreateNewWindow(
+           effective_transient_activation_state, params->opener_suppressed,
+           &no_javascript_access);
+ 
+-  bool was_consumed = false;
+-  if (can_create_window) {
+-    // Consume activation even w/o User Activation v2, to sync other renderers
+-    // with calling renderer.
+-    was_consumed = frame_tree_node_->UpdateUserActivationState(
+-        blink::mojom::UserActivationUpdateType::kConsumeTransientActivation,
+-        blink::mojom::UserActivationNotificationType::kNone);
+-  } else {
+-    std::move(callback).Run(mojom::CreateNewWindowStatus::kIgnore, nullptr);
+-    return;
+-  }
++  // If this frame isn't allowed to create a window, return early (before we
++  // consume transient user activation).
++  if (!can_create_window) {
++    std::move(callback).Run(mojom::CreateNewWindowStatus::kBlocked, nullptr);
++    return;
++  }
++
++  // Otherwise, consume user activation before we proceed. In particular, it is
++  // important to do this before we return from the |opener_suppressed| case
++  // below.
++  // NB: This call will consume activations in the browser and the remote frame
++  // proxies for this frame. The initiating renderer will consume its view of
++  // the activations after we return.
++  bool was_consumed = frame_tree_node_->UpdateUserActivationState(
++      blink::mojom::UserActivationUpdateType::kConsumeTransientActivation,
++      blink::mojom::UserActivationNotificationType::kNone);
+ 
+   // For Android WebView, we support a pop-up like behavior for window.open()
+   // even if the embedding app doesn't support multiple windows. In this case,
+diff --git a/content/common/frame.mojom b/content/common/frame.mojom
+index 80f7dd56fdaa94a9880995b2b5393af0414eef29..f3d13fc719324e064f70077deb5d95cb9e467820 100644
+--- a/content/common/frame.mojom
++++ b/content/common/frame.mojom
+@@ -558,8 +558,10 @@ struct CreateNewWindowParams {
+ 
+ // Operation result when the renderer asks the browser to create a new window.
+ enum CreateNewWindowStatus {
+-  // Ignore creation of the new window. This can happen because creation is
+-  // blocked or because the new window should have no opener relationship.
++  // Creation of the new window was blocked, e.g. because the source frame
++  // doesn't have user activation.
++  kBlocked,
++  // Ignore creation of the new window, e.g. because noopener is in effect.
+   kIgnore,
+   // Reuse the current window rather than creating a new window.
+   kReuse,
+diff --git a/content/renderer/render_view_impl.cc b/content/renderer/render_view_impl.cc
+index aa65517a568aa0b324b2c8cca8f60bb532ba085a..11815bca2741002dd8595af026ef402bc2af999e 100644
+--- a/content/renderer/render_view_impl.cc
++++ b/content/renderer/render_view_impl.cc
+@@ -311,8 +311,27 @@ WebView* RenderViewImpl::CreateView(
+   mojom::CreateNewWindowStatus status;
+   mojom::CreateNewWindowReplyPtr reply;
+   auto* frame_host = creator_frame->GetFrameHost();
+-  bool err = !frame_host->CreateNewWindow(std::move(params), &status, &reply);
+-  if (err || status == mojom::CreateNewWindowStatus::kIgnore)
++  if (!frame_host->CreateNewWindow(std::move(params), &status, &reply)) {
++    // The sync IPC failed, e.g. maybe the render process is in the middle of
++    // shutting down. Can't create a new window without the browser process,
++    // so just bail out.
++    return nullptr;
++  }
++
++  // If creation of the window was blocked (e.g. because this frame doesn't
++  // have user activation), return before consuming user activation. A frame
++  // that isn't allowed to open a window  shouldn't be able to consume the
++  // activation for the rest of the frame tree.
++  if (status == mojom::CreateNewWindowStatus::kBlocked)
++    return nullptr;
++
++  // Consume the transient user activation in the current renderer.
++  consumed_user_gesture = creator->ConsumeTransientUserActivation(
++      blink::UserActivationUpdateSource::kBrowser);
++
++  // If we should ignore the new window (e.g. because of `noopener`), return
++  // now that user activation was consumed.
++  if (status == mojom::CreateNewWindowStatus::kIgnore)
+     return nullptr;
+ 
+   // For Android WebView, we support a pop-up like behavior for window.open()
+@@ -332,11 +351,6 @@ WebView* RenderViewImpl::CreateView(
+   DCHECK_NE(MSG_ROUTING_NONE, reply->main_frame_route_id);
+   DCHECK_NE(MSG_ROUTING_NONE, reply->widget_params->routing_id);
+ 
+-  // The browser allowed creation of a new window and consumed the user
+-  // activation.
+-  consumed_user_gesture = creator->ConsumeTransientUserActivation(
+-      blink::UserActivationUpdateSource::kBrowser);
+-
+   // While this view may be a background extension page, it can spawn a visible
+   // render view. So we just assume that the new one is not another background
+   // page instead of passing on our own value.
+diff --git a/third_party/blink/web_tests/wpt_internal/fenced_frame/consume-user-activation.https.html b/third_party/blink/web_tests/wpt_internal/fenced_frame/consume-user-activation.https.html
+index d78d08e18a803f66d5136b193abfa26fd7ab087a..e4ad20d17b7fdcec69f25e652dab967f9b52cf65 100644
+--- a/third_party/blink/web_tests/wpt_internal/fenced_frame/consume-user-activation.https.html
++++ b/third_party/blink/web_tests/wpt_internal/fenced_frame/consume-user-activation.https.html
+@@ -88,11 +88,7 @@ promise_test(async () => {
+ 
+   // Check that B's transient user activation was consumed.
+   assert_activations(true, true, "A");
+-  // TODO(crbug.com/1291210): B should be inactive after consuming the
+-  // transient user activation, but due to a preexisting bug it isn't.
+-  // Replace with this once fixed:
+-  // await B.execute(assert_activations, [true, false, "B"]);
+-  await B.execute(assert_activations, [true, true, "B"]);
++  await B.execute(assert_activations, [true, false, "B"]);
+ 
+ }, 'user-activation');
+ </script>
+diff --git a/third_party/blink/web_tests/wpt_internal/fenced_frame/restrict-size.https.html b/third_party/blink/web_tests/wpt_internal/fenced_frame/restrict-size.https.html
+new file mode 100644
+index 0000000000000000000000000000000000000000..5668407d7e1e6ac7840fc47b76869787cb3f3d63
+--- /dev/null
++++ b/third_party/blink/web_tests/wpt_internal/fenced_frame/restrict-size.https.html
+@@ -0,0 +1,15 @@
++<!DOCTYPE html>
++<title>Test fencedframe size restrictions in opaque ads mode.</title>
++<script src="/resources/testharness.js"></script>
++<script src="/resources/testharnessreport.js"></script>
++<script src="/common/utils.js"></script>
++<script src="/common/dispatcher/dispatcher.js"></script>
++<script src="resources/utils.js"></script>
++
++<body>
++<script>
++promise_test(async () => {
++  const frame = attachFencedFrameContext();
++}, 'restrict fencedframe size');
++</script>
++</body>

patches/chromium/cherry-pick-cf64617c1cc5.patch

@@ -0,0 +1,404 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Austin Sullivan <asully@chromium.org>
+Date: Fri, 11 Mar 2022 10:08:55 +0000
+Subject: FSA: Pass File ownership to worker for async FSARFD file operations
+
+We cannot access the backing file as a member of the
+FileSystemAccessRegularFileDelegate since WrapCrossThreadPersistent
+does NOT cancel the task posted to the worker pool if delegate is
+destroyed. Passing ownership to the worker task ensures the file must
+be alive when used. After the operation, ownership of the file is
+passed back to the delegate.
+
+This pattern was already used for the SetLength operation on old Macs.
+
+Bug: 1299743
+Change-Id: Ie00c09e8f77dc353f280af726a68ed6c572b750b
+Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3498864
+Reviewed-by: Marijn Kruisselbrink <mek@chromium.org>
+Commit-Queue: Austin Sullivan <asully@chromium.org>
+Cr-Commit-Position: refs/heads/main@{#980167}
+
+diff --git a/third_party/blink/renderer/modules/file_system_access/file_system_access_regular_file_delegate.cc b/third_party/blink/renderer/modules/file_system_access/file_system_access_regular_file_delegate.cc
+index 19516a1c3cca7b521c68a266389aa0544cf721d8..b25747a92f21e334e49846e59f03a3312605f2dc 100644
+--- a/third_party/blink/renderer/modules/file_system_access/file_system_access_regular_file_delegate.cc
++++ b/third_party/blink/renderer/modules/file_system_access/file_system_access_regular_file_delegate.cc
+@@ -19,6 +19,7 @@
+ #include "third_party/blink/renderer/platform/scheduler/public/worker_pool.h"
+ #include "third_party/blink/renderer/platform/wtf/cross_thread_functional.h"
+ #include "third_party/blink/renderer/platform/wtf/functional.h"
++#include "third_party/blink/renderer/platform/wtf/wtf.h"
+ 
+ #if BUILDFLAG(IS_MAC)
+ #include "base/mac/mac_util.h"
+@@ -65,6 +66,8 @@ FileSystemAccessRegularFileDelegate::FileSystemAccessRegularFileDelegate(
+ base::FileErrorOr<int> FileSystemAccessRegularFileDelegate::Read(
+     int64_t offset,
+     base::span<uint8_t> data) {
++  DCHECK_GE(offset, 0);
++
+   int size = base::checked_cast<int>(data.size());
+   int result =
+       backing_file_.Read(offset, reinterpret_cast<char*>(data.data()), size);
+@@ -75,13 +78,14 @@ base::FileErrorOr<int> FileSystemAccessRegularFileDelegate::Read(
+ }
+ 
+ base::FileErrorOr<int> FileSystemAccessRegularFileDelegate::Write(
+-    int64_t write_offset,
++    int64_t offset,
+     const base::span<uint8_t> data) {
++  DCHECK_GE(offset, 0);
++
+   int write_size = base::checked_cast<int>(data.size());
+ 
+   int64_t write_end_offset;
+-  if (!base::CheckAdd(write_offset, write_size)
+-           .AssignIfValid(&write_end_offset)) {
++  if (!base::CheckAdd(offset, write_size).AssignIfValid(&write_end_offset)) {
+     return base::File::FILE_ERROR_NO_SPACE;
+   }
+ 
+@@ -89,8 +93,8 @@ base::FileErrorOr<int> FileSystemAccessRegularFileDelegate::Write(
+     return base::File::FILE_ERROR_NO_SPACE;
+   }
+ 
+-  int result = backing_file_.Write(
+-      write_offset, reinterpret_cast<char*>(data.data()), write_size);
++  int result = backing_file_.Write(offset, reinterpret_cast<char*>(data.data()),
++                                   write_size);
+   if (write_size == result) {
+     capacity_tracker_->CommitFileSizeChange(write_end_offset);
+     return result;
+@@ -113,16 +117,19 @@ void FileSystemAccessRegularFileDelegate::GetLength(
+       FROM_HERE, {base::MayBlock()},
+       CrossThreadBindOnce(&FileSystemAccessRegularFileDelegate::DoGetLength,
+                           WrapCrossThreadPersistent(this),
+-                          std::move(wrapped_callback), task_runner_));
++                          std::move(wrapped_callback), std::move(backing_file_),
++                          task_runner_));
+ }
+ 
+ // static
+ void FileSystemAccessRegularFileDelegate::DoGetLength(
+     CrossThreadPersistent<FileSystemAccessRegularFileDelegate> delegate,
+-    WTF::CrossThreadOnceFunction<void(base::FileErrorOr<int64_t>)>
+-        wrapped_callback,
++    CrossThreadOnceFunction<void(base::FileErrorOr<int64_t>)> callback,
++    base::File file,
+     scoped_refptr<base::SequencedTaskRunner> task_runner) {
+-  int64_t length = delegate->backing_file_.GetLength();
++  DCHECK(!IsMainThread());
++
++  int64_t length = file.GetLength();
+ 
+   // If the length is negative, the file operation failed. Get the last error
+   // now before another file operation might run.
+@@ -131,7 +138,19 @@ void FileSystemAccessRegularFileDelegate::DoGetLength(
+ 
+   PostCrossThreadTask(
+       *task_runner, FROM_HERE,
+-      CrossThreadBindOnce(std::move(wrapped_callback), std::move(result)));
++      CrossThreadBindOnce(&FileSystemAccessRegularFileDelegate::DidGetLength,
++                          std::move(delegate), std::move(callback),
++                          std::move(file), std::move(result)));
++}
++
++void FileSystemAccessRegularFileDelegate::DidGetLength(
++    CrossThreadOnceFunction<void(base::FileErrorOr<int64_t>)> callback,
++    base::File file,
++    base::FileErrorOr<int64_t> error_or_length) {
++  DCHECK(task_runner_->RunsTasksInCurrentSequence());
++  backing_file_ = std::move(file);
++
++  std::move(callback).Run(std::move(error_or_length));
+ }
+ 
+ void FileSystemAccessRegularFileDelegate::SetLength(
+@@ -162,6 +181,9 @@ void FileSystemAccessRegularFileDelegate::DidCheckSetLengthCapacity(
+     return;
+   }
+ 
++  auto wrapped_callback =
++      CrossThreadOnceFunction<void(bool)>(std::move(callback));
++
+ #if BUILDFLAG(IS_MAC)
+   // On macOS < 10.15, a sandboxing limitation causes failures in ftruncate()
+   // syscalls issued from renderers. For this reason, base::File::SetLength()
+@@ -174,81 +196,57 @@ void FileSystemAccessRegularFileDelegate::DidCheckSetLengthCapacity(
+     }
+     file_utilities_host_->SetLength(
+         std::move(backing_file_), new_length,
+-        WTF::Bind(&FileSystemAccessRegularFileDelegate::DidSetLengthIPC,
+-                  WrapPersistent(this), std::move(callback), new_length));
++        WTF::Bind(&FileSystemAccessRegularFileDelegate::DidSetLength,
++                  WrapPersistent(this), std::move(wrapped_callback),
++                  new_length));
+     return;
+   }
+ #endif  // BUILDFLAG(IS_MAC)
+ 
+-  auto wrapped_callback =
+-      CrossThreadOnceFunction<void(bool)>(std::move(callback));
+-
+   // Truncate file on a worker thread and reply back to this sequence.
+   worker_pool::PostTask(
+       FROM_HERE, {base::MayBlock()},
+       CrossThreadBindOnce(&FileSystemAccessRegularFileDelegate::DoSetLength,
+                           WrapCrossThreadPersistent(this),
+-                          std::move(wrapped_callback), task_runner_,
+-                          new_length));
++                          std::move(wrapped_callback), std::move(backing_file_),
++                          task_runner_, new_length));
+ }
+ 
+ // static
+ void FileSystemAccessRegularFileDelegate::DoSetLength(
+     CrossThreadPersistent<FileSystemAccessRegularFileDelegate> delegate,
+-    CrossThreadOnceFunction<void(bool)> wrapped_callback,
++    CrossThreadOnceFunction<void(bool)> callback,
++    base::File file,
+     scoped_refptr<base::SequencedTaskRunner> task_runner,
+     int64_t length) {
+-  bool result = delegate->backing_file_.SetLength(length);
+-
+-  if (!result) {
+-    // If the operation failed, the previously requested capacity is not
+-    // returned and no change in file size is recorded. This assumes that
+-    // setLength operations either succeed or do not change the file's length,
+-    // which is consistent with the way other file operations are implemented in
+-    // File System Access.
+-    PostCrossThreadTask(
+-        *task_runner, FROM_HERE,
+-        CrossThreadBindOnce(std::move(wrapped_callback), std::move(result)));
+-    return;
+-  }
++  DCHECK(!IsMainThread());
++
++  bool success = file.SetLength(length);
++
+   PostCrossThreadTask(
+       *task_runner, FROM_HERE,
+-      CrossThreadBindOnce(
+-          &FileSystemAccessRegularFileDelegate::DidSuccessfulSetLength,
+-          std::move(delegate), length, std::move(wrapped_callback)));
+-}
+-
+-void FileSystemAccessRegularFileDelegate::DidSuccessfulSetLength(
+-    int64_t new_length,
+-    CrossThreadOnceFunction<void(bool)> callback) {
+-  DCHECK(task_runner_->RunsTasksInCurrentSequence());
+-  capacity_tracker_->CommitFileSizeChange(new_length);
+-  std::move(callback).Run(true);
++      CrossThreadBindOnce(&FileSystemAccessRegularFileDelegate::DidSetLength,
++                          std::move(delegate), std::move(callback), length,
++                          std::move(file), success));
+ }
+ 
+-#if BUILDFLAG(IS_MAC)
+-void FileSystemAccessRegularFileDelegate::DidSetLengthIPC(
+-    base::OnceCallback<void(bool)> callback,
++void FileSystemAccessRegularFileDelegate::DidSetLength(
++    CrossThreadOnceFunction<void(bool)> callback,
+     int64_t new_length,
+     base::File file,
+     bool success) {
+   DCHECK(task_runner_->RunsTasksInCurrentSequence());
+   backing_file_ = std::move(file);
+ 
+-  if (!success) {
+-    // If the operation failed, the previously requested capacity is not
+-    // returned and no change in file size is recorded. This assumes that
+-    // setLength operations either succeed or do not change the file's length,
+-    // which is consistent with the way other file operations are implemented in
+-    // File System Access.
+-    std::move(callback).Run(success);
+-    return;
+-  }
+-  auto wrapped_callback =
+-      CrossThreadOnceFunction<void(bool)>(std::move(callback));
+-  DidSuccessfulSetLength(new_length, std::move(wrapped_callback));
++  // If the operation failed, no change in file size is recorded. This assumes
++  // that setLength operations either succeed or do not change the file's
++  // length, which is consistent with the way other file operations are
++  // implemented in File System Access.
++  if (success)
++    capacity_tracker_->CommitFileSizeChange(new_length);
++
++  std::move(callback).Run(success);
+ }
+-#endif  // BUILDFLAG(IS_MAC)
+ 
+ void FileSystemAccessRegularFileDelegate::Flush(
+     base::OnceCallback<void(bool)> callback) {
+@@ -260,17 +258,34 @@ void FileSystemAccessRegularFileDelegate::Flush(
+       FROM_HERE, {base::MayBlock()},
+       CrossThreadBindOnce(&FileSystemAccessRegularFileDelegate::DoFlush,
+                           WrapCrossThreadPersistent(this),
+-                          std::move(wrapped_callback), task_runner_));
++                          std::move(wrapped_callback), std::move(backing_file_),
++                          task_runner_));
+ }
+ 
+ // static
+ void FileSystemAccessRegularFileDelegate::DoFlush(
+     CrossThreadPersistent<FileSystemAccessRegularFileDelegate> delegate,
+-    CrossThreadOnceFunction<void(bool)> wrapped_callback,
++    CrossThreadOnceFunction<void(bool)> callback,
++    base::File file,
+     scoped_refptr<base::SequencedTaskRunner> task_runner) {
+-  bool result = delegate->backing_file_.Flush();
+-  PostCrossThreadTask(*task_runner, FROM_HERE,
+-                      CrossThreadBindOnce(std::move(wrapped_callback), result));
++  DCHECK(!IsMainThread());
++
++  bool success = file.Flush();
++  PostCrossThreadTask(
++      *task_runner, FROM_HERE,
++      CrossThreadBindOnce(&FileSystemAccessRegularFileDelegate::DidFlush,
++                          std::move(delegate), std::move(callback),
++                          std::move(file), success));
++}
++
++void FileSystemAccessRegularFileDelegate::DidFlush(
++    CrossThreadOnceFunction<void(bool)> callback,
++    base::File file,
++    bool success) {
++  DCHECK(task_runner_->RunsTasksInCurrentSequence());
++  backing_file_ = std::move(file);
++
++  std::move(callback).Run(success);
+ }
+ 
+ void FileSystemAccessRegularFileDelegate::Close(base::OnceClosure callback) {
+@@ -281,16 +296,33 @@ void FileSystemAccessRegularFileDelegate::Close(base::OnceClosure callback) {
+       FROM_HERE, {base::MayBlock()},
+       CrossThreadBindOnce(&FileSystemAccessRegularFileDelegate::DoClose,
+                           WrapCrossThreadPersistent(this),
+-                          std::move(wrapped_callback), task_runner_));
++                          std::move(wrapped_callback), std::move(backing_file_),
++                          task_runner_));
+ }
+ 
+ // static
+ void FileSystemAccessRegularFileDelegate::DoClose(
+     CrossThreadPersistent<FileSystemAccessRegularFileDelegate> delegate,
+-    CrossThreadOnceClosure wrapped_callback,
++    CrossThreadOnceClosure callback,
++    base::File file,
+     scoped_refptr<base::SequencedTaskRunner> task_runner) {
+-  delegate->backing_file_.Close();
+-  PostCrossThreadTask(*task_runner, FROM_HERE, std::move(wrapped_callback));
++  DCHECK(!IsMainThread());
++
++  file.Close();
++  PostCrossThreadTask(
++      *task_runner, FROM_HERE,
++      CrossThreadBindOnce(&FileSystemAccessRegularFileDelegate::DidClose,
++                          std::move(delegate), std::move(callback),
++                          std::move(file)));
++}
++
++void FileSystemAccessRegularFileDelegate::DidClose(
++    CrossThreadOnceClosure callback,
++    base::File file) {
++  DCHECK(task_runner_->RunsTasksInCurrentSequence());
++  backing_file_ = std::move(file);
++
++  std::move(callback).Run();
+ }
+ 
+ }  // namespace blink
+diff --git a/third_party/blink/renderer/modules/file_system_access/file_system_access_regular_file_delegate.h b/third_party/blink/renderer/modules/file_system_access/file_system_access_regular_file_delegate.h
+index dc894059a12f4bcb8a36a1b6f443265dee42789a..880d6880f855d98f8d4102270c06923e9b3dc738 100644
+--- a/third_party/blink/renderer/modules/file_system_access/file_system_access_regular_file_delegate.h
++++ b/third_party/blink/renderer/modules/file_system_access/file_system_access_regular_file_delegate.h
+@@ -28,6 +28,11 @@ namespace blink {
+ 
+ // Non-incognito implementation of the FileSystemAccessFileDelegate. This class
+ // is a thin wrapper around an OS-level file descriptor.
++//
++// For async file operations, ownership of the file descriptor is passed to
++// `task_runner_` to ensure it stays alive while being used. Ownership is passed
++// back to the delegate once the operation completes. The delegate must not be
++// used while there is an in-progress operation.
+ class FileSystemAccessRegularFileDelegate final
+     : public FileSystemAccessFileDelegate {
+  public:
+@@ -71,24 +76,55 @@ class FileSystemAccessRegularFileDelegate final
+   bool IsValid() const override { return backing_file_.IsValid(); }
+ 
+  private:
++  // All async file operations perform I/O via a worker pool, off the main
++  // thread. To keep `backing_file_` from being garbage-collected, ownership is
++  // passed to the worker thread during the file operation. Concurrent file
++  // operations is NOT supported.
++
++  // Performs the file I/O part of getSize(), off the main thread.
+   static void DoGetLength(
+       CrossThreadPersistent<FileSystemAccessRegularFileDelegate> delegate,
+-      CrossThreadOnceFunction<void(base::FileErrorOr<int64_t>)>
+-          wrapped_callback,
++      CrossThreadOnceFunction<void(base::FileErrorOr<int64_t>)> callback,
++      base::File file,
+       scoped_refptr<base::SequencedTaskRunner> file_task_runner);
++  // Performs the post file I/O part of getSize(), on the main thread.
++  void DidGetLength(
++      CrossThreadOnceFunction<void(base::FileErrorOr<int64_t>)> callback,
++      base::File file,
++      base::FileErrorOr<int64_t> error_or_length);
++
++  // Performs the file I/O part of truncate(), off the main thread.
+   static void DoSetLength(
+       CrossThreadPersistent<FileSystemAccessRegularFileDelegate> delegate,
+-      CrossThreadOnceFunction<void(bool)> wrapped_callback,
++      CrossThreadOnceFunction<void(bool)> callback,
++      base::File file,
+       scoped_refptr<base::SequencedTaskRunner> task_runner,
+       int64_t length);
++  // Performs the post file I/O part of truncate(), on the main thread.
++  void DidSetLength(CrossThreadOnceFunction<void(bool)> callback,
++                    int64_t new_length,
++                    base::File file,
++                    bool success);
++
++  // Performs the file I/O part of flush(), off the main thread.
+   static void DoFlush(
+       CrossThreadPersistent<FileSystemAccessRegularFileDelegate> delegate,
+-      CrossThreadOnceFunction<void(bool)> wrapped_callback,
++      CrossThreadOnceFunction<void(bool)> callback,
++      base::File file,
+       scoped_refptr<base::SequencedTaskRunner> task_runner);
++  // Performs the post file I/O part of flush(), on the main thread.
++  void DidFlush(CrossThreadOnceFunction<void(bool)> callback,
++                base::File file,
++                bool success);
++
++  // Performs the file I/O part of close(), off the main thread.
+   static void DoClose(
+       CrossThreadPersistent<FileSystemAccessRegularFileDelegate> delegate,
+-      CrossThreadOnceClosure wrapped_callback,
++      CrossThreadOnceClosure callback,
++      base::File file,
+       scoped_refptr<base::SequencedTaskRunner> task_runner);
++  // Performs the post file I/O part of close(), on the main thread.
++  void DidClose(CrossThreadOnceClosure callback, base::File file);
+ 
+   // Called after preconditions for SetLength, including the requesting
+   // additional capacity (if needed), have been performed.
+@@ -98,16 +134,7 @@ class FileSystemAccessRegularFileDelegate final
+                                  int64_t new_length,
+                                  bool request_capacity_result);
+ 
+-  // Called after SetLength was successfully performed.
+-  void DidSuccessfulSetLength(int64_t new_length,
+-                              CrossThreadOnceFunction<void(bool)> callback);
+-
+ #if BUILDFLAG(IS_MAC)
+-  void DidSetLengthIPC(base::OnceCallback<void(bool)> callback,
+-                       int64_t new_length,
+-                       base::File file,
+-                       bool result);
+-
+   // We need the FileUtilitiesHost only on Mac, where we have to execute
+   // base::File::SetLength on the browser process, see crbug.com/1084565.
+   // We need the context_ to create the instance of FileUtilitiesHost lazily.

patches/chromium/cherry-pick-e2b8856012e0.patch

@@ -0,0 +1,88 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Xiaocheng Hu <xiaochengh@chromium.org>
+Date: Mon, 18 Apr 2022 01:14:45 +0000
+Subject: Sanitize DragData markup before inserting it into document
+
+(cherry picked from commit 5164a0fe3391283663e1196cf4576ec233985e89)
+
+Fixed: 1315040
+Change-Id: I8a0ddfb983d12c185f7e943d3d5277788199b011
+Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3579670
+Quick-Run: Xiaocheng Hu <xiaochengh@chromium.org>
+Auto-Submit: Xiaocheng Hu <xiaochengh@chromium.org>
+Reviewed-by: Kent Tamura <tkent@chromium.org>
+Commit-Queue: Kent Tamura <tkent@chromium.org>
+Cr-Original-Commit-Position: refs/heads/main@{#991324}
+Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3588887
+Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
+Cr-Commit-Position: refs/branch-heads/4951@{#831}
+Cr-Branched-From: 27de6227ca357da0d57ae2c7b18da170c4651438-refs/heads/main@{#982481}
+
+diff --git a/third_party/blink/renderer/core/page/drag_data.cc b/third_party/blink/renderer/core/page/drag_data.cc
+index 2ce56b1fefe016ac34a1a3011a595fab342abfa5..4fb86bc645386ee806544ee3647b0a333cd8afc4 100644
+--- a/third_party/blink/renderer/core/page/drag_data.cc
++++ b/third_party/blink/renderer/core/page/drag_data.cc
+@@ -131,8 +131,8 @@ DocumentFragment* DragData::AsFragment(LocalFrame* frame) const {
+     platform_drag_data_->HtmlAndBaseURL(html, base_url);
+     DCHECK(frame->GetDocument());
+     if (DocumentFragment* fragment =
+-            CreateFragmentFromMarkup(*frame->GetDocument(), html, base_url,
+-                                     kDisallowScriptingAndPluginContent))
++            CreateSanitizedFragmentFromMarkupWithContext(
++                *frame->GetDocument(), html, 0, html.length(), base_url))
+       return fragment;
+   }
+ 
+diff --git a/third_party/blink/web_tests/editing/pasteboard/drag-and-drop-svg-use-sanitize.html b/third_party/blink/web_tests/editing/pasteboard/drag-and-drop-svg-use-sanitize.html
+new file mode 100644
+index 0000000000000000000000000000000000000000..58551d28341d851dbd99322e2a5d3af68b3b0c72
+--- /dev/null
++++ b/third_party/blink/web_tests/editing/pasteboard/drag-and-drop-svg-use-sanitize.html
+@@ -0,0 +1,47 @@
++<!doctype html>
++<script src="../../resources/testharness.js"></script>
++<script src="../../resources/testharnessreport.js"></script>
++
++<div id="drag-from" draggable=true>Drag from</div>
++<div id="drag-to" contenteditable>Drag to</div>
++
++<script>
++function computePoint(element) {
++  return {
++     x: element.offsetLeft + element.offsetWidth / 2,
++     y: element.offsetTop + element.offsetHeight / 2
++  };
++}
++
++let dragged = false;
++let executed = false;
++const payload = `
++  <svg><use href="data:image/svg+xml,&lt;svg id='x' xmlns='http://www.w3.org/2000/svg'&gt;&lt;image href='fake' onerror='executed=true' /&gt;&lt;/svg&gt;#x" />
++`;
++
++const dragFrom = document.getElementById('drag-from');
++dragFrom.ondragstart = event => {
++  dragged = true;
++  event.dataTransfer.setData('text/html', payload);
++}
++
++const dragTo = document.getElementById('drag-to');
++
++promise_test(async test => {
++  assert_own_property(window, 'eventSender', 'This test requires eventSender to simulate drag and drop');
++
++  const fromPoint = computePoint(dragFrom);
++  eventSender.mouseMoveTo(fromPoint.x, fromPoint.y);
++  eventSender.mouseDown();
++
++  const toPoint = computePoint(dragTo);
++  eventSender.mouseMoveTo(toPoint.x, toPoint.y);
++  eventSender.mouseUp();
++
++  assert_true(dragged, 'Element should be dragged');
++
++  // The 'error' event is dispatched asynchronously.
++  await new Promise(resolve => test.step_timeout(resolve, 100));
++  assert_false(executed, 'Script should be blocked');
++}, 'Script in SVG use href should be sanitized');
++</script>

patches/chromium/cherry-pick-f1dd785e021e.patch

@@ -0,0 +1,230 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Austin Sullivan <asully@chromium.org>
+Date: Mon, 16 May 2022 18:20:27 +0000
+Subject: M102: FSA: Sanitize .scf files
+
+.scf files can be used to execute code without opening the file.
+Sanitize these files the same way we sanitize .lnk files.
+
+Also updates filename sanitization logic to be consistent in blocking
+.lnk and .local extensions on all OSes.
+
+(cherry picked from commit 988164c6c4a563c3d4c0dedba295d09472dfc15f)
+
+Bug: 1227995
+Change-Id: I4b018f1ba524c783547e18630db9addc9fb126e6
+Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3089422
+Reviewed-by: Marijn Kruisselbrink <mek@chromium.org>
+Commit-Queue: Marijn Kruisselbrink <mek@chromium.org>
+Cr-Original-Commit-Position: refs/heads/main@{#1002147}
+Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3648322
+Auto-Submit: Austin Sullivan <asully@chromium.org>
+Commit-Queue: Austin Sullivan <asully@chromium.org>
+Cr-Commit-Position: refs/branch-heads/5005@{#759}
+Cr-Branched-From: 5b4d9450fee01f821b6400e947b3839727643a71-refs/heads/main@{#992738}
+
+diff --git a/content/browser/file_system_access/file_system_access_directory_handle_impl.cc b/content/browser/file_system_access/file_system_access_directory_handle_impl.cc
+index 56863d50d543470de597e8df62e2f5b43b7b0fbe..df922b5a6cb917457570bb0f11a48d7a1710c627 100644
+--- a/content/browser/file_system_access/file_system_access_directory_handle_impl.cc
++++ b/content/browser/file_system_access/file_system_access_directory_handle_impl.cc
+@@ -438,10 +438,13 @@ namespace {
+ bool IsShellIntegratedExtension(const base::FilePath::StringType& extension) {
+   base::FilePath::StringType extension_lower = base::ToLowerASCII(extension);
+ 
+-  // .lnk files may be used to execute arbitrary code (see
+-  // https://nvd.nist.gov/vuln/detail/CVE-2010-2568).
+-  if (extension_lower == FILE_PATH_LITERAL("lnk"))
++  // .lnk and .scf files may be used to execute arbitrary code (see
++  // https://nvd.nist.gov/vuln/detail/CVE-2010-2568 and
++  // https://crbug.com/1227995, respectively).
++  if (extension_lower == FILE_PATH_LITERAL("lnk") ||
++      extension_lower == FILE_PATH_LITERAL("scf")) {
+     return true;
++  }
+ 
+   // Setting a file's extension to a CLSID may conceal its actual file type on
+   // some Windows versions (see https://nvd.nist.gov/vuln/detail/CVE-2004-0420).
+diff --git a/content/browser/file_system_access/file_system_access_manager_impl.cc b/content/browser/file_system_access/file_system_access_manager_impl.cc
+index b265ba0f405cecc03cbcc1c0b217204d3e7b25f6..689f7fc7093b5483fa36af5fd7832a25adf9c23b 100644
+--- a/content/browser/file_system_access/file_system_access_manager_impl.cc
++++ b/content/browser/file_system_access/file_system_access_manager_impl.cc
+@@ -530,6 +530,16 @@ void FileSystemAccessManagerImpl::SetDefaultPathAndShowPicker(
+     suggested_name_path =
+         net::GenerateFileName(GURL(), std::string(), std::string(),
+                               suggested_name, std::string(), std::string());
++
++    auto suggested_extension = suggested_name_path.Extension();
++    // Our version of `IsShellIntegratedExtension()` is more stringent than
++    // the version used in `net::GenerateFileName()`. See
++    // `FileSystemChooser::IsShellIntegratedExtension()` for details.
++    if (FileSystemChooser::IsShellIntegratedExtension(suggested_extension)) {
++      suggested_extension = FILE_PATH_LITERAL("download");
++      suggested_name_path =
++          suggested_name_path.ReplaceExtension(suggested_extension);
++    }
+   }
+ 
+   FileSystemChooser::Options file_system_chooser_options(
+diff --git a/content/browser/file_system_access/file_system_chooser.cc b/content/browser/file_system_access/file_system_chooser.cc
+index 6f0acccd3458ed758dbe14c8a3008a52569d8055..86b9af148a86e64f9f4aedb6e39998bf83668745 100644
+--- a/content/browser/file_system_access/file_system_chooser.cc
++++ b/content/browser/file_system_access/file_system_chooser.cc
+@@ -71,33 +71,6 @@ base::FilePath::StringType GetLastExtension(
+              : extension;
+ }
+ 
+-// Returns whether the specified extension receives special handling by the
+-// Windows shell.
+-bool IsShellIntegratedExtension(const base::FilePath::StringType& extension) {
+-  // TODO(https://crbug.com/1154757): Figure out some way to unify this with
+-  // net::IsSafePortablePathComponent, with the result probably ending up in
+-  // base/i18n/file_util_icu.h.
+-  base::FilePath::StringType extension_lower = base::ToLowerASCII(extension);
+-
+-  // .lnk files may be used to execute arbitrary code (see
+-  // https://nvd.nist.gov/vuln/detail/CVE-2010-2568). .local files are used by
+-  // Windows to determine which DLLs to load for an application.
+-  if ((extension_lower == FILE_PATH_LITERAL("local")) ||
+-      (extension_lower == FILE_PATH_LITERAL("lnk"))) {
+-    return true;
+-  }
+-
+-  // Setting a file's extension to a CLSID may conceal its actual file type on
+-  // some Windows versions (see https://nvd.nist.gov/vuln/detail/CVE-2004-0420).
+-  if (!extension_lower.empty() &&
+-      (extension_lower.front() == FILE_PATH_LITERAL('{')) &&
+-      (extension_lower.back() == FILE_PATH_LITERAL('}'))) {
+-    return true;
+-  }
+-
+-  return false;
+-}
+-
+ // Extension validation primarily takes place in the renderer. This checks for a
+ // subset of invalid extensions in the event the renderer is compromised.
+ bool IsInvalidExtension(base::FilePath::StringType& extension) {
+@@ -105,7 +78,7 @@ bool IsInvalidExtension(base::FilePath::StringType& extension) {
+   auto extension16 = base::UTF8ToUTF16(component8);
+ 
+   return !base::i18n::IsFilenameLegal(extension16) ||
+-         IsShellIntegratedExtension(GetLastExtension(extension));
++         FileSystemChooser::IsShellIntegratedExtension(extension);
+ }
+ 
+ // Converts the accepted mime types and extensions from `option` into a list
+@@ -290,6 +263,40 @@ void FileSystemChooser::CreateAndShow(
+       /*params=*/nullptr);
+ }
+ 
++// static
++bool FileSystemChooser::IsShellIntegratedExtension(
++    const base::FilePath::StringType& extension) {
++  // TODO(https://crbug.com/1154757): Figure out some way to unify this with
++  // net::IsSafePortablePathComponent, with the result probably ending up in
++  // base/i18n/file_util_icu.h.
++  // - For the sake of consistency across platforms, we sanitize '.lnk' and
++  //   '.local' files on all platforms (not just Windows)
++  // - There are some extensions (i.e. '.scf') we would like to sanitize which
++  //   `net::GenerateFileName()` does not
++  base::FilePath::StringType extension_lower =
++      base::ToLowerASCII(GetLastExtension(extension));
++
++  // .lnk and .scf files may be used to execute arbitrary code (see
++  // https://nvd.nist.gov/vuln/detail/CVE-2010-2568 and
++  // https://crbug.com/1227995, respectively). .local files are used by Windows
++  // to determine which DLLs to load for an application.
++  if ((extension_lower == FILE_PATH_LITERAL("lnk")) ||
++      (extension_lower == FILE_PATH_LITERAL("local")) ||
++      (extension_lower == FILE_PATH_LITERAL("scf"))) {
++    return true;
++  }
++
++  // Setting a file's extension to a CLSID may conceal its actual file type on
++  // some Windows versions (see https://nvd.nist.gov/vuln/detail/CVE-2004-0420).
++  if (!extension_lower.empty() &&
++      (extension_lower.front() == FILE_PATH_LITERAL('{')) &&
++      (extension_lower.back() == FILE_PATH_LITERAL('}'))) {
++    return true;
++  }
++
++  return false;
++}
++
+ FileSystemChooser::FileSystemChooser(ui::SelectFileDialog::Type type,
+                                      ResultCallback callback,
+                                      base::ScopedClosureRunner fullscreen_block)
+diff --git a/content/browser/file_system_access/file_system_chooser.h b/content/browser/file_system_access/file_system_chooser.h
+index 07c8e7fda7d96496f58ed9a9e6cba6558c8c37df..925df7f5ef1d1bb94926afbe29beda248ae5aabc 100644
+--- a/content/browser/file_system_access/file_system_chooser.h
++++ b/content/browser/file_system_access/file_system_chooser.h
+@@ -68,6 +68,12 @@ class CONTENT_EXPORT FileSystemChooser : public ui::SelectFileDialog::Listener {
+                             ResultCallback callback,
+                             base::ScopedClosureRunner fullscreen_block);
+ 
++  // Returns whether the specified extension receives special handling by the
++  // Windows shell. These extensions should be sanitized before being shown in
++  // the "save as" file picker.
++  static bool IsShellIntegratedExtension(
++      const base::FilePath::StringType& extension);
++
+   FileSystemChooser(ui::SelectFileDialog::Type type,
+                     ResultCallback callback,
+                     base::ScopedClosureRunner fullscreen_block);
+diff --git a/content/browser/file_system_access/file_system_chooser_browsertest.cc b/content/browser/file_system_access/file_system_chooser_browsertest.cc
+index dc310d04fb29ed4fa9c9cdac7ab726d4ca9f9f37..9ea4db7807f6bbac799452fd138848b2a650d6fd 100644
+--- a/content/browser/file_system_access/file_system_chooser_browsertest.cc
++++ b/content/browser/file_system_access/file_system_chooser_browsertest.cc
+@@ -1556,22 +1556,28 @@ IN_PROC_BROWSER_TEST_F(FileSystemChooserBrowserTest, SuggestedName) {
+   name_infos.push_back({"not_matching.jpg", ListValueOf(".txt"), false,
+                         "not_matching.jpg", false});
+ 
+-#if BUILDFLAG(IS_WIN)
+-  // ".local" and ".lnk" extensions should be sanitized on Windows.
++  // ".lnk", ".local", and ".scf" extensions should be sanitized.
+   name_infos.push_back({"dangerous_extension.local", ListValueOf(".local"),
+                         true, "dangerous_extension.download", false});
+   name_infos.push_back({"dangerous_extension.lnk", ListValueOf(".lnk"), true,
+                         "dangerous_extension.download", false});
+-#else
+-  // ".local" and ".lnk" extensions should be allowed on other OSes.
+-  // TODO(https://crbug.com/1154757): `expected_exclude_accept_all_option` is
+-  // false here because ".local" and ".lnk" extensions are not allowed in
+-  // `accepts`, but are only sanitized by net::GenerateSafeFileName on Windows.
+-  name_infos.push_back({"dangerous_extension.local", ListValueOf(".local"),
+-                        true, "dangerous_extension.local", false});
+-  name_infos.push_back({"dangerous_extension.lnk", ListValueOf(".lnk"), true,
+-                        "dangerous_extension.lnk", false});
+-#endif
++  name_infos.push_back({"dangerous_extension.scf", ListValueOf(".scf"), true,
++                        "dangerous_extension.download", false});
++  // Compound extensions ending in a dangerous extension should be sanitized.
++  name_infos.push_back({"dangerous_extension.png.local", ListValueOf(".local"),
++                        true, "dangerous_extension.png.download", false});
++  name_infos.push_back({"dangerous_extension.png.lnk", ListValueOf(".lnk"),
++                        true, "dangerous_extension.png.download", false});
++  name_infos.push_back({"dangerous_extension.png.scf", ListValueOf(".scf"),
++                        true, "dangerous_extension.png.download", false});
++  // Compound extensions not ending in a dangerous extension should not be
++  // sanitized.
++  name_infos.push_back({"dangerous_extension.local.png", ListValueOf(".png"),
++                        true, "dangerous_extension.local.png", true});
++  name_infos.push_back({"dangerous_extension.lnk.png", ListValueOf(".png"),
++                        true, "dangerous_extension.lnk.png", true});
++  name_infos.push_back({"dangerous_extension.scf.png", ListValueOf(".png"),
++                        true, "dangerous_extension.scf.png", true});
+   // Invalid characters should be sanitized.
+   name_infos.push_back({R"(inv*l:d\\ch%rבאמת!a<ters🤓.txt)",
+                         ListValueOf(".txt"), true,
+diff --git a/content/browser/file_system_access/file_system_chooser_unittest.cc b/content/browser/file_system_access/file_system_chooser_unittest.cc
+index 373de41cf5ddead27b5e036c1cc14448a731250a..9b27d6305bd00a19d94b5ec49f21a7ecff7ddc48 100644
+--- a/content/browser/file_system_access/file_system_chooser_unittest.cc
++++ b/content/browser/file_system_access/file_system_chooser_unittest.cc
+@@ -189,7 +189,7 @@ TEST_F(FileSystemChooserTest, IgnoreShellIntegratedExtensions) {
+   accepts.emplace_back(blink::mojom::ChooseFileSystemEntryAcceptsOption::New(
+       u"", std::vector<std::string>({}),
+       std::vector<std::string>(
+-          {"lnk", "foo.lnk", "foo.bar.local", "text", "local"})));
++          {"lnk", "foo.lnk", "foo.bar.local", "text", "local", "scf"})));
+   SyncShowDialog(std::move(accepts), /*include_accepts_all=*/false);
+ 
+   ASSERT_TRUE(dialog_params.file_types);

patches/chromium/chore_provide_iswebcontentscreationoverridden_with_full_params.patch

@@ -246,10 +246,10 @@ index c6bd5c19f8a7ceec17c9e32af5296a9617f3a619..02199b439fba7fdc617b7f7980d958b7
    void AddNewContents(content::WebContents* source,
                        std::unique_ptr<content::WebContents> new_contents,
 diff --git a/content/browser/web_contents/web_contents_impl.cc b/content/browser/web_contents/web_contents_impl.cc
-index 1734f93f7d06faf2c28d65d23bbc6c17f72e0b59..b19517ceafabde2ad88e83af97b9768b8a03fb60 100644
+index 4e78c10d21e08fef2b25ef5a13987c13bc8c204a..d157b82514bc8eec76b9a06f67bb581c5bf24d56 100644
 --- a/content/browser/web_contents/web_contents_impl.cc
 +++ b/content/browser/web_contents/web_contents_impl.cc
-@@ -3873,8 +3873,7 @@ FrameTree* WebContentsImpl::CreateNewWindow(
+@@ -3882,8 +3882,7 @@ FrameTree* WebContentsImpl::CreateNewWindow(
  
    if (delegate_ && delegate_->IsWebContentsCreationOverridden(
                         source_site_instance, params.window_container_type,

patches/chromium/custom_protocols_plzserviceworker.patch

@@ -0,0 +1,43 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: deepak1556 <hop2deep@gmail.com>
+Date: Fri, 20 May 2022 00:29:34 +0900
+Subject: custom_protocols_plzserviceworker.patch
+
+Allow registering custom protocols to handle service worker main script fetching with PlzServiceWorker.
+
+Refs https://bugs.chromium.org/p/chromium/issues/detail?id=996511
+
+diff --git a/content/browser/service_worker/service_worker_context_wrapper.cc b/content/browser/service_worker/service_worker_context_wrapper.cc
+index 4ce769314c6dddae41d915c7f05916f77f26a86e..d8f6882f2dee93fc127e7617abbcc7b71a65775d 100644
+--- a/content/browser/service_worker/service_worker_context_wrapper.cc
++++ b/content/browser/service_worker/service_worker_context_wrapper.cc
+@@ -1600,6 +1600,29 @@ ServiceWorkerContextWrapper::GetLoaderFactoryForBrowserInitiatedRequest(
+   std::unique_ptr<network::PendingSharedURLLoaderFactory>
+       loader_factory_bundle_info =
+           context()->loader_factory_bundle_for_update_check()->Clone();
++
++  // Give the embedder a chance to register custom schemes that can
++  // handle loading the service worker main script.
++  // Previous registration triggered by
++  // ServiceWorkerContextWrapper::CreateNonNetworkPendingURLLoaderFactoryBundleForUpdateCheck
++  // happens early on browser startup before the JS in the main process
++  // is run by the embedder.
++  auto* factory_bundle = static_cast<blink::PendingURLLoaderFactoryBundle*>(
++          loader_factory_bundle_info.get());
++  ContentBrowserClient::NonNetworkURLLoaderFactoryMap non_network_factories;
++  GetContentClient()
++      ->browser()
++      ->RegisterNonNetworkServiceWorkerUpdateURLLoaderFactories(
++          storage_partition_->browser_context(), &non_network_factories);
++  for (auto& pair : non_network_factories) {
++    const std::string& scheme = pair.first;
++    mojo::PendingRemote<network::mojom::URLLoaderFactory>& factory_remote =
++        pair.second;
++
++    factory_bundle->pending_scheme_specific_factories().emplace(
++        scheme, std::move(factory_remote));
++  }
++
+   static_cast<blink::PendingURLLoaderFactoryBundle*>(
+       loader_factory_bundle_info.get())
+       ->pending_default_factory() = std::move(remote);

patches/chromium/feat_add_data_parameter_to_processsingleton.patch

@@ -1,25 +1,19 @@
 From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
 From: Raymond Zhao <raymondzhao@microsoft.com>
 Date: Tue, 7 Sep 2021 14:54:25 -0700
-Subject: feat: Add data transfer mechanism to requestSingleInstanceLock flow
+Subject: feat: Add data parameter to ProcessSingleton
 
-This patch adds code that allows for the second instance to send
-additional data to the first instance, and for the first instance
-to send additional data back to the second instance, during the
-app.requestSingleInstanceLock call.
+This patch adds an additional_data parameter to the constructor of
+ProcessSingleton, so that the second instance can send additional
+data over to the first instance while requesting the ProcessSingleton
+lock.
 
-Firstly, this patch adds an additional_data parameter
-to the constructor of ProcessSingleton, so that the second instance
-can send additional data over to the first instance
-while requesting the ProcessSingleton lock.
-
-Then, we add additional processing to the second-instance event, both
-so the first instance can receive additional data from the second
-instance, but also so the second instance can send back additional
-data to the first instance if needed.
+On the Electron side, we then expose an extra parameter to the
+app.requestSingleInstanceLock API so that users can pass in a JSON
+object for the second instance to send to the first instance.
 
 diff --git a/chrome/browser/process_singleton.h b/chrome/browser/process_singleton.h
-index 5a64220aaf1309832dc0ad543e353de67fe0a779..a568dd10d1ef8679d66f4cdc6a471c251cbcd4eb 100644
+index 5a64220aaf1309832dc0ad543e353de67fe0a779..e75c4f0d7cf1cac2e5862eb858800359e2001eb6 100644
 --- a/chrome/browser/process_singleton.h
 +++ b/chrome/browser/process_singleton.h
 @@ -18,6 +18,7 @@
@@ -30,39 +24,26 @@ index 5a64220aaf1309832dc0ad543e353de67fe0a779..a568dd10d1ef8679d66f4cdc6a471c25
  #include "ui/gfx/native_widget_types.h"
  
  #if BUILDFLAG(IS_POSIX) && !BUILDFLAG(IS_ANDROID)
-@@ -93,6 +94,9 @@ class ProcessSingleton {
- 
-   static constexpr int kNumNotifyResults = LAST_VALUE + 1;
- 
-+  using NotificationAckCallback =
-+      base::RepeatingCallback<void(const base::span<const uint8_t>* ack_data)>;
-+
-   // Implement this callback to handle notifications from other processes. The
-   // callback will receive the command line and directory with which the other
-   // Chrome process was launched. Return true if the command line will be
-@@ -100,21 +104,27 @@ class ProcessSingleton {
+@@ -99,22 +100,25 @@ class ProcessSingleton {
+   // handled within the current browser instance or false if the remote process
    // should handle it (i.e., because the current process is shutting down).
    using NotificationCallback =
-       base::RepeatingCallback<bool(const base::CommandLine& command_line,
+-      base::RepeatingCallback<bool(const base::CommandLine& command_line,
 -                                   const base::FilePath& current_directory)>;
++       base::RepeatingCallback<bool(const base::CommandLine& command_line,
 +                                   const base::FilePath& current_directory,
-+                                   const std::vector<const uint8_t> additional_data,
-+                                   const NotificationAckCallback& ack_callback)>;
++                                   const std::vector<const uint8_t> additional_data)>;
  
  #if BUILDFLAG(IS_WIN)
    ProcessSingleton(const std::string& program_name,
                     const base::FilePath& user_data_dir,
 +                   const base::span<const uint8_t> additional_data,
                     bool is_sandboxed,
--                   const NotificationCallback& notification_callback);
-+                   const NotificationCallback& notification_callback,
-+                   const NotificationAckCallback& ack_notification_callback);
+                    const NotificationCallback& notification_callback);
  #else
    ProcessSingleton(const base::FilePath& user_data_dir,
--                   const NotificationCallback& notification_callback);
 +                   const base::span<const uint8_t> additional_data,
-+                   const NotificationCallback& notification_callback,
-+                   const NotificationAckCallback& ack_notification_callback);
+                    const NotificationCallback& notification_callback);
 +#endif
  
    ProcessSingleton(const ProcessSingleton&) = delete;
@@ -72,42 +53,22 @@ index 5a64220aaf1309832dc0ad543e353de67fe0a779..a568dd10d1ef8679d66f4cdc6a471c25
    ~ProcessSingleton();
  
    // Notify another process, if available. Otherwise sets ourselves as the
-@@ -177,7 +187,13 @@ class ProcessSingleton {
+@@ -177,7 +181,10 @@ class ProcessSingleton {
  #endif
  
   private:
 -  NotificationCallback notification_callback_;  // Handler for notifications.
 +  // A callback to run when the first instance receives data from the second.
 +  NotificationCallback notification_callback_;
-+  // A callback to run when the second instance
-+  // receives an acknowledgement from the first.
-+  NotificationAckCallback notification_ack_callback_;
 +  // Custom data to pass to the other instance during notify.
 +  base::span<const uint8_t> additional_data_;
  
  #if BUILDFLAG(IS_WIN)
    bool EscapeVirtualization(const base::FilePath& user_data_dir);
-@@ -190,6 +206,7 @@ class ProcessSingleton {
-   HANDLE lock_file_;
-   base::FilePath user_data_dir_;
-   ShouldKillRemoteProcessCallback should_kill_remote_process_callback_;
-+  HANDLE ack_pipe_;
- #elif BUILDFLAG(IS_POSIX) && !BUILDFLAG(IS_ANDROID)
-   // Return true if the given pid is one of our child processes.
-   // Assumes that the current pid is the root of all pids of the current
 diff --git a/chrome/browser/process_singleton_posix.cc b/chrome/browser/process_singleton_posix.cc
-index 7d3a441bdb64268ed5fbfa7bf589fb35a2fd1b75..b23c16fde275fdba559abb1f30e42f65ddbfc332 100644
+index 7d3a441bdb64268ed5fbfa7bf589fb35a2fd1b75..a3e45e9baa09bfc87be5b7ff589ac76841c686d4 100644
 --- a/chrome/browser/process_singleton_posix.cc
 +++ b/chrome/browser/process_singleton_posix.cc
-@@ -148,7 +148,7 @@ const char kACKToken[] = "ACK";
- const char kShutdownToken[] = "SHUTDOWN";
- const char kTokenDelimiter = '\0';
- const int kMaxMessageLength = 32 * 1024;
--const int kMaxACKMessageLength = base::size(kShutdownToken) - 1;
-+const int kMaxACKMessageLength = kMaxMessageLength;
- 
- bool g_disable_prompt = false;
- bool g_skip_is_chrome_process_check = false;
 @@ -614,6 +614,7 @@ class ProcessSingleton::LinuxWatcher
    // |reader| is for sending back ACK message.
    void HandleMessage(const std::string& current_dir,
@@ -116,17 +77,7 @@ index 7d3a441bdb64268ed5fbfa7bf589fb35a2fd1b75..b23c16fde275fdba559abb1f30e42f65
                       SocketReader* reader);
  
   private:
-@@ -638,6 +639,9 @@ class ProcessSingleton::LinuxWatcher
-   // The ProcessSingleton that owns us.
-   ProcessSingleton* const parent_;
- 
-+  bool ack_callback_called_ = false;
-+  void AckCallback(SocketReader* reader, const base::span<const uint8_t>* response);
-+
-   std::set<std::unique_ptr<SocketReader>, base::UniquePtrComparator> readers_;
- };
- 
-@@ -668,16 +672,21 @@ void ProcessSingleton::LinuxWatcher::StartListening(int socket) {
+@@ -668,13 +669,16 @@ void ProcessSingleton::LinuxWatcher::StartListening(int socket) {
  }
  
  void ProcessSingleton::LinuxWatcher::HandleMessage(
@@ -138,46 +89,14 @@ index 7d3a441bdb64268ed5fbfa7bf589fb35a2fd1b75..b23c16fde275fdba559abb1f30e42f65
    DCHECK(ui_task_runner_->BelongsToCurrentThread());
    DCHECK(reader);
  
--  if (parent_->notification_callback_.Run(base::CommandLine(argv),
+   if (parent_->notification_callback_.Run(base::CommandLine(argv),
 -                                          base::FilePath(current_dir))) {
--    // Send back "ACK" message to prevent the client process from starting up.
--    reader->FinishWithACK(kACKToken, base::size(kACKToken) - 1);
--  } else {
-+  auto wrapped_ack_callback =
-+      base::BindRepeating(&ProcessSingleton::LinuxWatcher::AckCallback,
-+                          base::Unretained(this), reader);
-+  ack_callback_called_ = false;
-+  if (!parent_->notification_callback_.Run(base::CommandLine(argv),
 +                                          base::FilePath(current_dir),
-+                                          std::move(additional_data),
-+                                          wrapped_ack_callback)) {
-     LOG(WARNING) << "Not handling interprocess notification as browser"
-                     " is shutting down";
-     // Send back "SHUTDOWN" message, so that the client process can start up
-@@ -687,6 +696,22 @@ void ProcessSingleton::LinuxWatcher::HandleMessage(
-   }
- }
- 
-+void ProcessSingleton::LinuxWatcher::AckCallback(
-+    SocketReader* reader,
-+    const base::span<const uint8_t>* response) {
-+  // Send back "ACK" message to prevent the client process from starting up.
-+  if (!ack_callback_called_) {
-+    ack_callback_called_ = true;
-+    std::string ack_message;
-+    ack_message.append(kACKToken, base::size(kACKToken) - 1);
-+    if (response && response->size_bytes()) {
-+      ack_message.append(reinterpret_cast<const char*>(response->data()),
-+                         response->size_bytes());
-+    }
-+    reader->FinishWithACK(ack_message.c_str(), ack_message.size());
-+  }
-+}
-+
- void ProcessSingleton::LinuxWatcher::RemoveSocketReader(SocketReader* reader) {
-   DCHECK_CURRENTLY_ON(BrowserThread::IO);
-   DCHECK(reader);
-@@ -722,7 +747,8 @@ void ProcessSingleton::LinuxWatcher::SocketReader::
++                                          std::move(additional_data))) {
+     // Send back "ACK" message to prevent the client process from starting up.
+     reader->FinishWithACK(kACKToken, base::size(kACKToken) - 1);
+   } else {
+@@ -722,7 +726,8 @@ void ProcessSingleton::LinuxWatcher::SocketReader::
      }
    }
  
@@ -187,7 +106,7 @@ index 7d3a441bdb64268ed5fbfa7bf589fb35a2fd1b75..b23c16fde275fdba559abb1f30e42f65
    const size_t kMinMessageLength = base::size(kStartToken) + 4;
    if (bytes_read_ < kMinMessageLength) {
      buf_[bytes_read_] = 0;
-@@ -752,10 +778,28 @@ void ProcessSingleton::LinuxWatcher::SocketReader::
+@@ -752,10 +757,28 @@ void ProcessSingleton::LinuxWatcher::SocketReader::
    tokens.erase(tokens.begin());
    tokens.erase(tokens.begin());
  
@@ -204,8 +123,8 @@ index 7d3a441bdb64268ed5fbfa7bf589fb35a2fd1b75..b23c16fde275fdba559abb1f30e42f65
 +        std::string(1, kTokenDelimiter));
 +    const uint8_t* additional_data_bits =
 +        reinterpret_cast<const uint8_t*>(remaining_args.c_str());
-+    additional_data = std::vector<const uint8_t>(additional_data_bits,
-+        additional_data_bits + additional_data_size);
++    additional_data = std::vector<const uint8_t>(
++        additional_data_bits, additional_data_bits + additional_data_size);
 +  }
 +
    // Return to the UI thread to handle opening a new browser tab.
@@ -217,21 +136,18 @@ index 7d3a441bdb64268ed5fbfa7bf589fb35a2fd1b75..b23c16fde275fdba559abb1f30e42f65
    fd_watch_controller_.reset();
  
    // LinuxWatcher::HandleMessage() is in charge of destroying this SocketReader
-@@ -784,8 +828,12 @@ void ProcessSingleton::LinuxWatcher::SocketReader::FinishWithACK(
+@@ -784,8 +807,10 @@ void ProcessSingleton::LinuxWatcher::SocketReader::FinishWithACK(
  //
  ProcessSingleton::ProcessSingleton(
      const base::FilePath& user_data_dir,
--    const NotificationCallback& notification_callback)
 +    const base::span<const uint8_t> additional_data,
-+    const NotificationCallback& notification_callback,
-+    const NotificationAckCallback& notification_ack_callback)
+     const NotificationCallback& notification_callback)
      : notification_callback_(notification_callback),
-+      notification_ack_callback_(notification_ack_callback),
 +      additional_data_(additional_data),
        current_pid_(base::GetCurrentProcId()),
        watcher_(new LinuxWatcher(this)) {
    socket_path_ = user_data_dir.Append(chrome::kSingletonSocketFilename);
-@@ -904,7 +952,8 @@ ProcessSingleton::NotifyResult ProcessSingleton::NotifyOtherProcessWithTimeout(
+@@ -904,7 +929,8 @@ ProcessSingleton::NotifyResult ProcessSingleton::NotifyOtherProcessWithTimeout(
               sizeof(socket_timeout));
  
    // Found another process, prepare our command line
@@ -241,7 +157,7 @@ index 7d3a441bdb64268ed5fbfa7bf589fb35a2fd1b75..b23c16fde275fdba559abb1f30e42f65
    std::string to_send(kStartToken);
    to_send.push_back(kTokenDelimiter);
  
-@@ -914,11 +963,21 @@ ProcessSingleton::NotifyResult ProcessSingleton::NotifyOtherProcessWithTimeout(
+@@ -914,11 +940,21 @@ ProcessSingleton::NotifyResult ProcessSingleton::NotifyOtherProcessWithTimeout(
    to_send.append(current_dir.value());
  
    const std::vector<std::string>& argv = cmd_line.argv();
@@ -263,52 +179,11 @@ index 7d3a441bdb64268ed5fbfa7bf589fb35a2fd1b75..b23c16fde275fdba559abb1f30e42f65
    // Send the message
    if (!WriteToSocket(socket.fd(), to_send.data(), to_send.length())) {
      // Try to kill the other process, because it might have been dead.
-@@ -960,6 +1019,17 @@ ProcessSingleton::NotifyResult ProcessSingleton::NotifyOtherProcessWithTimeout(
-       linux_ui->NotifyWindowManagerStartupComplete();
- #endif
- 
-+    size_t ack_data_len = len - (base::size(kACKToken) - 1);
-+    if (ack_data_len) {
-+      const uint8_t* raw_ack_data =
-+          reinterpret_cast<const uint8_t*>(buf + base::size(kACKToken) - 1);
-+      base::span<const uint8_t> ack_data =
-+          base::make_span(raw_ack_data, raw_ack_data + ack_data_len);
-+      notification_ack_callback_.Run(&ack_data);
-+    } else {
-+      notification_ack_callback_.Run(nullptr);
-+    }
-+
-     // Assume the other process is handling the request.
-     return PROCESS_NOTIFIED;
-   }
 diff --git a/chrome/browser/process_singleton_win.cc b/chrome/browser/process_singleton_win.cc
-index 0ea5eb3e3cf055d981ab73486115bac53287f2d7..268be8c0334a4bc051ff08792ea0dc3d0c912034 100644
+index 0ea5eb3e3cf055d981ab73486115bac53287f2d7..fe68beb4b2522d27e07dbbb3341f100f14494680 100644
 --- a/chrome/browser/process_singleton_win.cc
 +++ b/chrome/browser/process_singleton_win.cc
-@@ -21,6 +21,7 @@
- #include "base/strings/string_number_conversions.h"
- #include "base/strings/utf_string_conversions.h"
- #include "base/time/time.h"
-+#include "base/timer/timer.h"
- #include "base/trace_event/base_tracing.h"
- #include "base/win/registry.h"
- #include "base/win/scoped_handle.h"
-@@ -45,6 +46,14 @@
- namespace {
- 
- const char kLockfile[] = "lockfile";
-+const LPCWSTR kPipeName = L"\\\\.\\pipe\\electronAckPipe";
-+const DWORD kPipeTimeout = 10000;
-+const DWORD kMaxMessageLength = 32 * 1024;
-+
-+std::unique_ptr<std::vector<const uint8_t>> g_ack_data;
-+base::OneShotTimer g_ack_timer;
-+HANDLE g_write_ack_pipe;
-+bool g_write_ack_callback_called = false;
- 
- // A helper class that acquires the given |mutex| while the AutoLockMutex is in
- // scope.
-@@ -80,10 +89,12 @@ BOOL CALLBACK BrowserWindowEnumeration(HWND window, LPARAM param) {
+@@ -80,10 +80,12 @@ BOOL CALLBACK BrowserWindowEnumeration(HWND window, LPARAM param) {
  
  bool ParseCommandLine(const COPYDATASTRUCT* cds,
                        base::CommandLine* parsed_command_line,
@@ -323,7 +198,7 @@ index 0ea5eb3e3cf055d981ab73486115bac53287f2d7..268be8c0334a4bc051ff08792ea0dc3d
    static const int min_message_size = 7;
    if (cds->cbData < min_message_size * sizeof(wchar_t) ||
        cds->cbData % sizeof(wchar_t) != 0) {
-@@ -133,11 +144,82 @@ bool ParseCommandLine(const COPYDATASTRUCT* cds,
+@@ -133,6 +135,37 @@ bool ParseCommandLine(const COPYDATASTRUCT* cds,
      const std::wstring cmd_line =
          msg.substr(second_null + 1, third_null - second_null);
      *parsed_command_line = base::CommandLine::FromString(cmd_line);
@@ -361,175 +236,50 @@ index 0ea5eb3e3cf055d981ab73486115bac53287f2d7..268be8c0334a4bc051ff08792ea0dc3d
      return true;
    }
    return false;
- }
+@@ -154,13 +187,14 @@ bool ProcessLaunchNotification(
  
-+void StoreAck(const base::span<const uint8_t>* ack_data) {
-+  if (ack_data) {
-+    g_ack_data = std::make_unique<std::vector<const uint8_t>>(ack_data->begin(),
-+                                                              ack_data->end());
-+  } else {
-+    g_ack_data = nullptr;
-+  }
-+}
-+
-+void SendBackAck() {
-+  // This is the first instance sending the ack back to the second instance.
-+  if (!g_write_ack_callback_called) {
-+    g_write_ack_callback_called = true;
-+    const uint8_t* data_buffer = nullptr;
-+    DWORD data_to_send_size = 0;
-+    if (g_ack_data) {
-+      data_buffer = g_ack_data->data();
-+      DWORD ack_data_size = g_ack_data->size() * sizeof(uint8_t);
-+      data_to_send_size = (ack_data_size < kMaxMessageLength) ? ack_data_size : kMaxMessageLength;
-+    }
-+
-+    ::ConnectNamedPipe(g_write_ack_pipe, NULL);
-+
-+    DWORD bytes_written = 0;
-+    ::WriteFile(g_write_ack_pipe,
-+      (LPCVOID)data_buffer,
-+      data_to_send_size,
-+      &bytes_written,
-+      NULL);
-+    DCHECK(bytes_written == data_to_send_size);
-+
-+    ::FlushFileBuffers(g_write_ack_pipe);
-+    ::DisconnectNamedPipe(g_write_ack_pipe);
-+
-+    if (g_ack_data) {
-+      g_ack_data.reset();
-+    }
-+  }
-+}
-+
- bool ProcessLaunchNotification(
-     const ProcessSingleton::NotificationCallback& notification_callback,
-     UINT message,
-@@ -151,16 +233,23 @@ bool ProcessLaunchNotification(
- 
-   // Handle the WM_COPYDATA message from another process.
-   const COPYDATASTRUCT* cds = reinterpret_cast<COPYDATASTRUCT*>(lparam);
--
    base::CommandLine parsed_command_line(base::CommandLine::NO_PROGRAM);
    base::FilePath current_directory;
 -  if (!ParseCommandLine(cds, &parsed_command_line, &current_directory)) {
 +  std::vector<const uint8_t> additional_data;
-+  if (!ParseCommandLine(cds, &parsed_command_line, &current_directory,
-+                        &additional_data)) {
++  if (!ParseCommandLine(cds, &parsed_command_line, &current_directory, &additional_data)) {
      *result = TRUE;
      return true;
    }
  
 -  *result = notification_callback.Run(parsed_command_line, current_directory) ?
 -      TRUE : FALSE;
-+  g_write_ack_callback_called = false;
-+  *result = notification_callback.Run(parsed_command_line, current_directory,
-+                                      std::move(additional_data),
-+                                      base::BindRepeating(&StoreAck))
-+                ? TRUE
-+                : FALSE;
-+  g_ack_timer.Start(FROM_HERE, base::Seconds(0),
-+                    base::BindOnce(&SendBackAck));
++  *result = notification_callback.Run(parsed_command_line,
++      current_directory, std::move(additional_data)) ? TRUE : FALSE;
    return true;
  }
  
-@@ -254,9 +343,13 @@ bool ProcessSingleton::EscapeVirtualization(
+@@ -254,9 +288,11 @@ bool ProcessSingleton::EscapeVirtualization(
  ProcessSingleton::ProcessSingleton(
      const std::string& program_name,
      const base::FilePath& user_data_dir,
 +    const base::span<const uint8_t> additional_data,
      bool is_app_sandboxed,
--    const NotificationCallback& notification_callback)
-+    const NotificationCallback& notification_callback,
-+    const NotificationAckCallback& notification_ack_callback)
+     const NotificationCallback& notification_callback)
      : notification_callback_(notification_callback),
-+      notification_ack_callback_(notification_ack_callback),
 +      additional_data_(additional_data),
        program_name_(program_name),
        is_app_sandboxed_(is_app_sandboxed),
        is_virtualized_(false),
-@@ -271,6 +364,37 @@ ProcessSingleton::~ProcessSingleton() {
-     ::CloseHandle(lock_file_);
- }
- 
-+void ReadAck(const ProcessSingleton::NotificationAckCallback& ack_callback) {
-+  // We are reading the ack from the first instance.
-+  // First, wait for the pipe.
-+  ::WaitNamedPipe(kPipeName, NMPWAIT_USE_DEFAULT_WAIT);
-+
-+  HANDLE read_ack_pipe = ::CreateFile(kPipeName,
-+    GENERIC_READ,
-+    FILE_SHARE_READ,
-+    NULL,
-+    OPEN_EXISTING,
-+    FILE_ATTRIBUTE_NORMAL,
-+    NULL);
-+  CHECK(read_ack_pipe != INVALID_HANDLE_VALUE);
-+
-+  DWORD bytes_read;
-+  uint8_t read_ack_buffer[kMaxMessageLength];
-+  ::ReadFile(read_ack_pipe,
-+    (LPVOID)read_ack_buffer,
-+    kMaxMessageLength,
-+    &bytes_read,
-+    NULL);
-+
-+  if (!bytes_read) {
-+    ack_callback.Run(nullptr);
-+  } else {
-+    base::span<const uint8_t> out_span(read_ack_buffer, read_ack_buffer + bytes_read);
-+    ack_callback.Run(&out_span);
-+  }
-+  ::CloseHandle(read_ack_pipe);
-+}
-+
- // Code roughly based on Mozilla.
- ProcessSingleton::NotifyResult ProcessSingleton::NotifyOtherProcess() {
-   TRACE_EVENT0("startup", "ProcessSingleton::NotifyOtherProcess");
-@@ -283,8 +407,9 @@ ProcessSingleton::NotifyResult ProcessSingleton::NotifyOtherProcess() {
+@@ -283,7 +319,7 @@ ProcessSingleton::NotifyResult ProcessSingleton::NotifyOtherProcess() {
      return PROCESS_NONE;
    }
  
 -  switch (chrome::AttemptToNotifyRunningChrome(remote_window_)) {
 +  switch (chrome::AttemptToNotifyRunningChrome(remote_window_, additional_data_)) {
      case chrome::NOTIFY_SUCCESS:
-+      ReadAck(notification_ack_callback_);
        return PROCESS_NOTIFIED;
      case chrome::NOTIFY_FAILED:
-       remote_window_ = NULL;
-@@ -422,6 +547,18 @@ bool ProcessSingleton::Create() {
-           << "Lock file can not be created! Error code: " << error;
- 
-       if (lock_file_ != INVALID_HANDLE_VALUE) {
-+        // We are the first instance. Create a pipe to send out ack data.
-+        ack_pipe_ = ::CreateNamedPipe(kPipeName,
-+          PIPE_ACCESS_OUTBOUND,
-+          PIPE_TYPE_BYTE | PIPE_REJECT_REMOTE_CLIENTS,
-+          PIPE_UNLIMITED_INSTANCES,
-+          kMaxMessageLength,
-+          0,
-+          kPipeTimeout,
-+          NULL);
-+        CHECK(ack_pipe_ != INVALID_HANDLE_VALUE);
-+        g_write_ack_pipe = ack_pipe_;
-+
-         // Set the window's title to the path of our user data directory so
-         // other Chrome instances can decide if they should forward to us.
-         TRACE_EVENT0("startup", "ProcessSingleton::Create:CreateWindow");
-@@ -449,6 +586,7 @@ bool ProcessSingleton::Create() {
- }
- 
- void ProcessSingleton::Cleanup() {
-+  ::CloseHandle(ack_pipe_);
- }
- 
- void ProcessSingleton::OverrideShouldKillRemoteProcessCallbackForTesting(
 diff --git a/chrome/browser/win/chrome_process_finder.cc b/chrome/browser/win/chrome_process_finder.cc
-index b64ed1d155a30582e48c9cdffcee9d0f25a53a6a..ce851d09d501ebcc6d6c4065e746e869d5275b2b 100644
+index b64ed1d155a30582e48c9cdffcee9d0f25a53a6a..cfdb2d75532d270e3dd548eb7475a6cdbddf1016 100644
 --- a/chrome/browser/win/chrome_process_finder.cc
 +++ b/chrome/browser/win/chrome_process_finder.cc
-@@ -36,9 +36,10 @@ HWND FindRunningChromeWindow(const base::FilePath& user_data_dir) {
+@@ -36,7 +36,9 @@ HWND FindRunningChromeWindow(const base::FilePath& user_data_dir) {
    return base::win::MessageWindow::FindWindow(user_data_dir.value());
  }
  
@@ -538,11 +288,9 @@ index b64ed1d155a30582e48c9cdffcee9d0f25a53a6a..ce851d09d501ebcc6d6c4065e746e869
 +    HWND remote_window,
 +    const base::span<const uint8_t> additional_data) {
    TRACE_EVENT0("startup", "AttemptToNotifyRunningChrome");
--
+ 
    DCHECK(remote_window);
-   DWORD process_id = 0;
-   DWORD thread_id = GetWindowThreadProcessId(remote_window, &process_id);
-@@ -50,7 +51,8 @@ NotifyChromeResult AttemptToNotifyRunningChrome(HWND remote_window) {
+@@ -50,7 +52,8 @@ NotifyChromeResult AttemptToNotifyRunningChrome(HWND remote_window) {
    }
  
    // Send the command line to the remote chrome window.
@@ -552,7 +300,7 @@ index b64ed1d155a30582e48c9cdffcee9d0f25a53a6a..ce851d09d501ebcc6d6c4065e746e869
    std::wstring to_send(L"START\0", 6);  // want the NULL in the string.
    base::FilePath cur_dir;
    if (!base::GetCurrentDirectory(&cur_dir)) {
-@@ -64,6 +66,22 @@ NotifyChromeResult AttemptToNotifyRunningChrome(HWND remote_window) {
+@@ -64,6 +67,22 @@ NotifyChromeResult AttemptToNotifyRunningChrome(HWND remote_window) {
        base::CommandLine::ForCurrentProcess()->GetCommandLineString());
    to_send.append(L"\0", 1);  // Null separator.
  

patches/chromium/fix_adapt_exclusive_access_for_electron_needs.patch

@@ -1,20 +1,22 @@
 From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
 From: Shelley Vohr <shelley.vohr@gmail.com>
 Date: Mon, 25 Oct 2021 21:45:57 +0200
-Subject: fix: patch out permissions checks in exclusive_access
+Subject: fix: adapt exclusive_access for electron needs
 
 This patch is necessary in order to properly enable
 navigator.keyboard.{(un)?lock}() functionality. We don't have a concept
 of PermissionManager nor of a Profile, so this would not affect usage of
 the API.
 
-We might consider potentially using our own permissions handler,
-but it's not strictly necessary for this API to work to spec.
-
-Profile check has been upstreamed at https://chromium-review.googlesource.com/c/chromium/src/+/3247196
+We also need to ensure that NotifyExclusiveTabAccessLost is called
+on all platforms in FullscreenController::ExitFullscreenModeInternal()
+and not just macOS, since Electron's native window impls report state
+change fairly instantly as well, and so pressing escape won't work on
+Linux or Windows to un-fullscreen in some circumstances without this
+change.
 
 diff --git a/chrome/browser/ui/exclusive_access/fullscreen_controller.cc b/chrome/browser/ui/exclusive_access/fullscreen_controller.cc
-index 9b2c91d39324b61afa49ccea6be2eda8308473ff..1652b52c5c752809348b3ab44d3703ac343c829d 100644
+index 9b2c91d39324b61afa49ccea6be2eda8308473ff..6817a9cd22ebb8adba2118a1bd8a32cfc065e8ea 100644
 --- a/chrome/browser/ui/exclusive_access/fullscreen_controller.cc
 +++ b/chrome/browser/ui/exclusive_access/fullscreen_controller.cc
 @@ -382,13 +382,9 @@ void FullscreenController::EnterFullscreenModeInternal(
@@ -49,3 +51,19 @@ index 9b2c91d39324b61afa49ccea6be2eda8308473ff..1652b52c5c752809348b3ab44d3703ac
  
    if (option == BROWSER)
      base::RecordAction(base::UserMetricsAction("ToggleFullscreen"));
+@@ -439,12 +437,12 @@ void FullscreenController::ExitFullscreenModeInternal() {
+ 
+   RecordExitingUMA();
+   toggled_into_fullscreen_ = false;
+-#if BUILDFLAG(IS_MAC)
+-  // Mac windows report a state change instantly, and so we must also clear
++
++  // Electron native windows report a state change instantly, and so we must also clear
+   // state_prior_to_tab_fullscreen_ to match them else other logic using
+   // state_prior_to_tab_fullscreen_ will be incorrect.
+   NotifyTabExclusiveAccessLost();
+-#endif
++
+   exclusive_access_manager()->context()->ExitFullscreen();
+   extension_caused_fullscreen_ = GURL();
+ 

patches/chromium/fix_expose_decrementcapturercount_in_web_contents_impl.patch

@@ -21,7 +21,7 @@ index e1ac23f3adf38591ae220ea84c5c0717a28e64bb..fad1663512cf30b270289ecfa9c336b0
    // Calculates the PageVisibilityState for |visibility|, taking the capturing
    // state into account.
 diff --git a/content/public/browser/web_contents.h b/content/public/browser/web_contents.h
-index cd1b44d4ff5ce8924749ba9e41b3f599108bb8fd..72bc509b0506fafd026aa858864623886142b5f0 100644
+index be92a83de1a5ccdc106277d67b706e9b109298a9..7a8c2efda1b2c85341d518cc96279a80ab7e91c7 100644
 --- a/content/public/browser/web_contents.h
 +++ b/content/public/browser/web_contents.h
 @@ -673,6 +673,10 @@ class WebContents : public PageNavigator,

patches/chromium/fix_xkb_keysym_reverse_look_up_for_lacros.patch

@@ -0,0 +1,265 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Hidehiko Abe <hidehiko@chromium.org>
+Date: Wed, 2 Mar 2022 16:17:43 +0000
+Subject: Fix xkb_keysym reverse look up for Lacros.
+
+In crrev.com/c/3422444, we introduced
+xkb_keymap_key_get_mods_for_level in order to construct a reverse map.
+However, unlike its name, and unlike its document, it returns a "mask"
+of modifiers, rather than the modifiers to trigger the level.
+As a result, the CL introduced a regression on some key events,
+such as SHIFT+SPACE.
+
+This CL fixes the issue by giving up creating a simple reverse map.
+Instead, on keymap setting, it creates a reverse map from keysym
+to a list of (keycode/layout) pairs. And, on look up, we iterate
+all the candidates, and find the first one (min keycode entry).
+In order to runtime look up, we assume the current key layout,
+as the wayland keysym event does not provide any layout info.
+
+diff --git a/ui/events/ozone/layout/xkb/xkb_keyboard_layout_engine.cc b/ui/events/ozone/layout/xkb/xkb_keyboard_layout_engine.cc
+index d8b0594442b2708a03532312b62c4c3481da3b23..d30045bce1af98f68d19e3b01a7a06f67682af16 100644
+--- a/ui/events/ozone/layout/xkb/xkb_keyboard_layout_engine.cc
++++ b/ui/events/ozone/layout/xkb/xkb_keyboard_layout_engine.cc
+@@ -31,14 +31,6 @@
+ #include "ui/events/keycodes/keyboard_code_conversion.h"
+ #include "ui/events/keycodes/keyboard_code_conversion_xkb.h"
+ 
+-// xkb_keymap_key_get_mods_for_level is relatively new (introduced in ver 1.0,
+-// Sep 6, 2020), thus it is not available on some platform, such as Ubuntu
+-// 18.04, which we still supports.
+-// Thus declare the function as weak here, so we can check the availability on
+-// runtime.
+-extern "C" __attribute__((weak)) decltype(
+-    xkb_keymap_key_get_mods_for_level) xkb_keymap_key_get_mods_for_level;
+-
+ namespace ui {
+ 
+ namespace {
+@@ -901,17 +893,7 @@ void XkbKeyboardLayoutEngine::SetKeymap(xkb_keymap* keymap) {
+   }
+ 
+   // Reconstruct keysym map.
+-  std::vector<std::pair<XkbKeysymMapKey, uint32_t>> keysym_map;
+-  auto AddEntries = [&keysym_map](base::span<const xkb_keysym_t> keysyms,
+-                                  base::span<const xkb_mod_mask_t> masks,
+-                                  xkb_keycode_t keycode) {
+-    if (keysyms.empty() || masks.empty())
+-      return;
+-    for (xkb_keysym_t keysym : keysyms) {
+-      for (xkb_mod_mask_t mask : masks)
+-        keysym_map.emplace_back(XkbKeysymMapKey(keysym, mask), keycode);
+-    }
+-  };
++  std::vector<XkbKeysymMapEntry> keysym_map;
+ 
+   const xkb_keycode_t min_key = xkb_keymap_min_keycode(keymap);
+   const xkb_keycode_t max_key = xkb_keymap_max_keycode(keymap);
+@@ -925,34 +907,33 @@ void XkbKeyboardLayoutEngine::SetKeymap(xkb_keymap* keymap) {
+         const xkb_keysym_t* keysyms;
+         int num_syms = xkb_keymap_key_get_syms_by_level(keymap, keycode, layout,
+                                                         level, &keysyms);
+-        if (xkb_keymap_key_get_mods_for_level) {
+-          xkb_mod_mask_t masks[100];  // Large enough buffer.
+-          int num_mods = xkb_keymap_key_get_mods_for_level(
+-              keymap, keycode, layout, level, masks, std::size(masks));
+-          AddEntries(base::make_span(keysyms, num_syms),
+-                     base::make_span(masks, num_mods), keycode);
+-        } else {
+-          // If not, unfortunately, there's no convenient/efficient way
+-          // to take the possible masks. Thus, use mask 0 always.
+-          constexpr xkb_mod_mask_t kMask[] = {0};
+-          AddEntries(base::make_span(keysyms, num_syms), kMask, keycode);
+-        }
++        for (int i = 0; i < num_syms; ++i)
++          keysym_map.emplace_back(
++              XkbKeysymMapEntry{keysyms[i], keycode, layout});
+       }
+     }
+   }
+ 
+-  // Sort here. If there are multiple entries for a (keysym, mask) pair,
+-  // min keycode wins.
+-  std::sort(keysym_map.begin(), keysym_map.end());
++  // Then sort and unique here. On tie break, smaller keycode comes first.
++  std::sort(
++      keysym_map.begin(), keysym_map.end(),
++      [](const XkbKeysymMapEntry& entry1, const XkbKeysymMapEntry& entry2) {
++        return std::tie(entry1.xkb_keysym, entry1.xkb_keycode,
++                        entry1.xkb_layout) < std::tie(entry2.xkb_keysym,
++                                                      entry2.xkb_keycode,
++                                                      entry2.xkb_layout);
++      });
+   keysym_map.erase(
+-      std::unique(keysym_map.begin(), keysym_map.end(),
+-                  [](const std::pair<XkbKeysymMapKey, uint32_t>& entry1,
+-                     const std::pair<XkbKeysymMapKey, uint32_t>& entry2) {
+-                    return entry1.first == entry2.first;
+-                  }),
++      std::unique(
++          keysym_map.begin(), keysym_map.end(),
++          [](const XkbKeysymMapEntry& entry1, const XkbKeysymMapEntry& entry2) {
++            return std::tie(entry1.xkb_keysym, entry1.xkb_keycode,
++                            entry1.xkb_layout) == std::tie(entry2.xkb_keysym,
++                                                           entry2.xkb_keycode,
++                                                           entry2.xkb_layout);
++          }),
+       keysym_map.end());
+-  xkb_keysym_map_ = base::flat_map<XkbKeysymMapKey, uint32_t>(
+-      base::sorted_unique, std::move(keysym_map));
++  xkb_keysym_map_ = std::move(keysym_map);
+ 
+   layout_index_ = 0;
+ #if BUILDFLAG(IS_CHROMEOS_ASH)
+@@ -1000,18 +981,38 @@ int XkbKeyboardLayoutEngine::UpdateModifiers(uint32_t depressed,
+ 
+ DomCode XkbKeyboardLayoutEngine::GetDomCodeByKeysym(uint32_t keysym,
+                                                     uint32_t modifiers) const {
+-  // If xkb_keymap_key_get_mods_for_level is not available, all entries are
+-  // stored with modifiers mask is 0.
+-  if (!xkb_keymap_key_get_mods_for_level)
+-    modifiers = 0;
+-
+-  auto iter = xkb_keysym_map_.find(XkbKeysymMapKey(keysym, modifiers));
+-  if (iter == xkb_keysym_map_.end()) {
+-    VLOG(1) << "No Keycode found for the keysym: " << keysym
+-            << ", modifiers: " << modifiers;
+-    return DomCode::NONE;
++  // Look up all candidates.
++  auto range = std::equal_range(
++      xkb_keysym_map_.begin(), xkb_keysym_map_.end(), XkbKeysymMapEntry{keysym},
++      [](const XkbKeysymMapEntry& entry1, const XkbKeysymMapEntry& entry2) {
++        return entry1.xkb_keysym < entry2.xkb_keysym;
++      });
++  if (range.first != range.second) {
++    // Note: value is already in the lexicographical order, so smaller keycode
++    // comes first.
++    for (std::unique_ptr<xkb_state, XkbStateDeleter> xkb_state(
++             xkb_state_new(xkb_state_get_keymap(xkb_state_.get())));
++         range.first != range.second; ++range.first) {
++      xkb_keycode_t xkb_keycode = range.first->xkb_keycode;
++      xkb_layout_index_t xkb_layout = range.first->xkb_layout;
++      // The argument does not have any info about the layout, so we assume the
++      // current layout here.
++      if (xkb_layout != layout_index_)
++        continue;
++      xkb_state_update_mask(xkb_state.get(), modifiers, 0, 0, 0, 0, xkb_layout);
++      const xkb_keysym_t* out_keysyms;
++      int num_syms =
++          xkb_state_key_get_syms(xkb_state.get(), xkb_keycode, &out_keysyms);
++      for (int i = 0; i < num_syms; ++i) {
++        if (out_keysyms[i] == keysym)
++          return KeycodeConverter::NativeKeycodeToDomCode(xkb_keycode);
++      }
++    }
+   }
+-  return KeycodeConverter::NativeKeycodeToDomCode(iter->second);
++
++  VLOG(1) << "No Keycode found for the keysym: " << keysym
++          << ", modifiers: " << modifiers;
++  return DomCode::NONE;
+ }
+ 
+ bool XkbKeyboardLayoutEngine::XkbLookup(xkb_keycode_t xkb_keycode,
+diff --git a/ui/events/ozone/layout/xkb/xkb_keyboard_layout_engine.h b/ui/events/ozone/layout/xkb/xkb_keyboard_layout_engine.h
+index 4fcbce540e4f4dc419f13be9a45fd97c52f8d2b5..3ed6a030d393a927663e1486efef09cf6add589c 100644
+--- a/ui/events/ozone/layout/xkb/xkb_keyboard_layout_engine.h
++++ b/ui/events/ozone/layout/xkb/xkb_keyboard_layout_engine.h
+@@ -74,14 +74,19 @@ class COMPONENT_EXPORT(EVENTS_OZONE_LAYOUT) XkbKeyboardLayoutEngine
+   };
+   std::vector<XkbFlagMapEntry> xkb_flag_map_;
+ 
+-  // Table from (xkb_keysym, xkb_modifier) to xkb_keycode for the current
+-  // keymap. Note that there could be multiple keycodes mapped to the same
+-  // keysym. In the case, the first one (smallest keycode) will be
+-  // kept.
+-  // The first element is keysym value. The second element is a bit-mask of
+-  // modifiers.
+-  using XkbKeysymMapKey = std::pair<uint32_t, uint32_t>;
+-  base::flat_map<XkbKeysymMapKey, uint32_t> xkb_keysym_map_;
++  // The data to reverse look up xkb_keycode/xkb_layout from xkb_keysym.
++  // The data is sorted in the (xkb_keysym, xkb_keycode, xkb_layout) dictionary
++  // order. Note that there can be multiple keycode/layout for a keysym, so
++  // this is a multi map.
++  // We can binary search on this vector by keysym as the key, and iterate from
++  // the begin to the end of the range linearly. Then, on tie break, smaller
++  // keycode wins.
++  struct XkbKeysymMapEntry {
++    xkb_keysym_t xkb_keysym;
++    xkb_keycode_t xkb_keycode;
++    xkb_layout_index_t xkb_layout;
++  };
++  std::vector<XkbKeysymMapEntry> xkb_keysym_map_;
+ 
+ #if BUILDFLAG(IS_CHROMEOS_ASH)
+   // Flag mask for num lock, which is always considered enabled in ChromeOS.
+diff --git a/ui/events/ozone/layout/xkb/xkb_keyboard_layout_engine_unittest.cc b/ui/events/ozone/layout/xkb/xkb_keyboard_layout_engine_unittest.cc
+index 3f9223e6c2aad19309d8d3a9367b58a310023d21..18ea942e5b785e037e3fbbd10d1ff4393cf068d0 100644
+--- a/ui/events/ozone/layout/xkb/xkb_keyboard_layout_engine_unittest.cc
++++ b/ui/events/ozone/layout/xkb/xkb_keyboard_layout_engine_unittest.cc
+@@ -18,9 +18,6 @@
+ #include "ui/events/keycodes/keyboard_code_conversion.h"
+ #include "ui/events/ozone/layout/scoped_keyboard_layout_engine.h"
+ 
+-extern "C" __attribute__((weak)) decltype(
+-    xkb_keymap_key_get_mods_for_level) xkb_keymap_key_get_mods_for_level;
+-
+ namespace ui {
+ 
+ namespace {
+@@ -946,35 +943,31 @@ TEST_F(XkbLayoutEngineVkTest, GetDomCodeByKeysym) {
+   constexpr struct {
+     uint32_t keysym;
+     uint32_t modifiers;
+-    DomCode dom_code;
++    DomCode expected_dom_code;
+   } kTestCases[] = {
+-      {65307, 0, ui::DomCode::ESCAPE},       {65288, 0, ui::DomCode::BACKSPACE},
+-      {65293, 0, ui::DomCode::ENTER},        {65289, 0, ui::DomCode::TAB},
++      {65307, 0, ui::DomCode::ESCAPE},
++      {65288, 0, ui::DomCode::BACKSPACE},
++      {65293, 0, ui::DomCode::ENTER},
++      {65289, 0, ui::DomCode::TAB},
+       {65056, kShiftMask, ui::DomCode::TAB},
++
++      // Test conflict keysym case. We use '<' as a testing example.
++      // On pc101 layout, intl_backslash is expected without SHIFT modifier.
++      {60, 0, ui::DomCode::INTL_BACKSLASH},
++      // And, if SHIFT is pressed, comma key is expected.
++      {60, kShiftMask, ui::DomCode::COMMA},
++
++      // Test for space key. The keysym mapping has only one keycode entry.
++      // It expects all modifiers are ignored. Used SHIFT as testing example.
++      {32, 0, ui::DomCode::SPACE},
++      {32, kShiftMask, ui::DomCode::SPACE},
+   };
+ 
+   for (const auto& test_case : kTestCases) {
+-    SCOPED_TRACE(test_case.keysym);
+-    EXPECT_EQ(test_case.dom_code, layout_engine_->GetDomCodeByKeysym(
+-                                      test_case.keysym, test_case.modifiers));
+-  }
+-
+-  // Test conflict keysym case. We use '<' as a testing sample.
+-  constexpr uint32_t kLessThanCode = 60;
+-  if (xkb_keymap_key_get_mods_for_level) {
+-    // If there's no modifier, on pc101 us layout, intl_backslash is expected.
+-    EXPECT_EQ(ui::DomCode::INTL_BACKSLASH,
+-              layout_engine_->GetDomCodeByKeysym(kLessThanCode, 0));
+-    // If there's shift modifier, comma key is expected.
+-    EXPECT_EQ(ui::DomCode::COMMA,
+-              layout_engine_->GetDomCodeByKeysym(kLessThanCode, kShiftMask));
+-  } else {
+-    // If xkb_keymap_key_get_mods_for_level is unavailable, fallback to older
+-    // implementation, which ignores modifiers.
+-    EXPECT_EQ(ui::DomCode::COMMA,
+-              layout_engine_->GetDomCodeByKeysym(kLessThanCode, 0));
+-    EXPECT_EQ(ui::DomCode::COMMA,
+-              layout_engine_->GetDomCodeByKeysym(kLessThanCode, kShiftMask));
++    EXPECT_EQ(test_case.expected_dom_code,
++              layout_engine_->GetDomCodeByKeysym(test_case.keysym,
++                                                 test_case.modifiers))
++        << "input: " << test_case.keysym << ", " << test_case.modifiers;
+   }
+ }
+ 

patches/chromium/introduce_ozoneplatform_electron_can_call_x11_property.patch

@@ -0,0 +1,37 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Marek Rusinowski <marekrusinowski@gmail.com>
+Date: Wed, 23 Mar 2022 21:09:37 +0100
+Subject: introduce OzonePlatform::electron_can_call_x11 property
+
+We expose this additonal property in the OzonePlatform to be able to easily
+determine whatever we can call X11 functions without crashing the application
+at rutime. It would be best if eventually all usages of this property were
+replaced with clean ozone native implementations.
+
+diff --git a/ui/ozone/platform/x11/ozone_platform_x11.cc b/ui/ozone/platform/x11/ozone_platform_x11.cc
+index 9008af973427d7dab8170449bc5767cebc9d2e9e..e312287e4aca61b51a69c8413088f56f9f704b5e 100644
+--- a/ui/ozone/platform/x11/ozone_platform_x11.cc
++++ b/ui/ozone/platform/x11/ozone_platform_x11.cc
+@@ -200,6 +200,7 @@ class OzonePlatformX11 : public OzonePlatform,
+       properties->supports_vulkan_swap_chain = true;
+       properties->uses_external_vulkan_image_factory = true;
+       properties->skia_can_fall_back_to_x11 = true;
++      properties->electron_can_call_x11 = true;
+       properties->platform_shows_drag_image = false;
+       properties->supports_global_application_menus = true;
+       properties->app_modal_dialogs_use_event_blocker = true;
+diff --git a/ui/ozone/public/ozone_platform.h b/ui/ozone/public/ozone_platform.h
+index 22ba32317a74df24249d1528dcaaa28ff18bd0f4..fa57f97520a0327be2c7f5179591ca61b801c8b0 100644
+--- a/ui/ozone/public/ozone_platform.h
++++ b/ui/ozone/public/ozone_platform.h
+@@ -132,6 +132,10 @@ class COMPONENT_EXPORT(OZONE) OzonePlatform {
+     // Linux only: determines if Skia can fall back to the X11 output device.
+     bool skia_can_fall_back_to_x11 = false;
+ 
++    // Linux only: determines is Electron can call selected X11 functions while
++    // it migrates to pure ozone abstractions.
++    bool electron_can_call_x11 = false;
++
+     // Wayland only: determines whether windows which are not top level ones
+     // should be given parents explicitly.
+     bool set_parent_for_non_top_level_windows = false;

patches/chromium/make_gtk_getlibgtk_public.patch

@@ -0,0 +1,52 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: deepak1556 <hop2deep@gmail.com>
+Date: Thu, 7 Apr 2022 20:30:16 +0900
+Subject: Make gtk::GetLibGtk public
+
+Allows embedders to get a handle to the gtk library
+already loaded in the process.
+
+diff --git a/ui/gtk/gtk_compat.cc b/ui/gtk/gtk_compat.cc
+index 7104a0d5f4489c687f3cb9e63bc7cbef59d2fa62..f0b9ed834a3f7310da09377f0b2105cf635ffeb7 100644
+--- a/ui/gtk/gtk_compat.cc
++++ b/ui/gtk/gtk_compat.cc
+@@ -86,12 +86,6 @@ void* GetLibGtk4(bool check = true) {
+   return libgtk4;
+ }
+ 
+-void* GetLibGtk() {
+-  if (GtkCheckVersion(4))
+-    return GetLibGtk4();
+-  return GetLibGtk3();
+-}
+-
+ bool LoadGtk3() {
+   if (!GetLibGtk3(false))
+     return false;
+@@ -133,6 +127,12 @@ gfx::Insets InsetsFromGtkBorder(const GtkBorder& border) {
+ 
+ }  // namespace
+ 
++void* GetLibGtk() {
++  if (GtkCheckVersion(4))
++    return GetLibGtk4();
++  return GetLibGtk3();
++}
++
+ bool LoadGtk() {
+   static bool loaded = LoadGtkImpl();
+   return loaded;
+diff --git a/ui/gtk/gtk_compat.h b/ui/gtk/gtk_compat.h
+index 72981270fe26579211afcaf3c596a412f69f5fac..b5dbfde5b011d57d26960d245e0dc61cac9341e4 100644
+--- a/ui/gtk/gtk_compat.h
++++ b/ui/gtk/gtk_compat.h
+@@ -37,6 +37,9 @@ using SkColor = uint32_t;
+ 
+ namespace gtk {
+ 
++// Get handle to the currently loaded gtk library in the process.
++void* GetLibGtk();
++
+ // Loads libgtk and related libraries and returns true on success.
+ bool LoadGtk();
+ 

patches/chromium/mas_no_private_api.patch

@@ -6,6 +6,33 @@ Subject: mas: avoid some private APIs
 Guard usages in blink of private Mac APIs by MAS_BUILD, so they can be
 excluded for people who want to submit their apps to the Mac App store.
 
+diff --git a/base/process/process_info_mac.cc b/base/process/process_info_mac.cc
+index 368405f29313d51a6eee16517b634c6d0ea95281..2553a7fbf1e8b4dea796dec3b3e906d265d3ad76 100644
+--- a/base/process/process_info_mac.cc
++++ b/base/process/process_info_mac.cc
+@@ -5,18 +5,22 @@
+ #include <stdlib.h>
+ #include <unistd.h>
+ 
++#ifndef MAS_BUILD
+ extern "C" {
+ pid_t responsibility_get_pid_responsible_for_pid(pid_t)
+     API_AVAILABLE(macosx(10.12));
+ }
++#endif
+ 
+ namespace base {
+ 
+ bool IsProcessSelfResponsible() {
++#ifndef MAS_BUILD
+   if (__builtin_available(macOS 10.14, *)) {
+     const pid_t pid = getpid();
+     return responsibility_get_pid_responsible_for_pid(pid) == pid;
+   }
++#endif
+   return true;
+ }
+ 
 diff --git a/content/common/pseudonymization_salt.cc b/content/common/pseudonymization_salt.cc
 index 28e003bef910abff022def659fe18d4cd0549f8a..530bcbdb5d350f6486dc1e8536f7b279be69e241 100644
 --- a/content/common/pseudonymization_salt.cc

patches/chromium/pa_support_16kb_pagesize_on_linux_arm64.patch

@@ -0,0 +1,250 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Jorrit Jongma <jorrit@jongma.org>
+Date: Tue, 12 Apr 2022 17:09:34 +0000
+Subject: Support 16kb pagesize on Linux+ARM64
+
+This makes the system pagesize a run-time property.
+
+ARM64 supports 4kb, 16kb, and 64kb page sizes. Previously, only 4kb
+was supported by Chromium. This patch adds 16kb support, as is used
+for example by Asahi Linux on M1 Macs. The rare 64kb case is still
+not supported due to further changes needed to SlotSpanMetadata.
+
+The implementation follows the changes made to support run-time page
+size on macOS. On macOS, the required constants are conveniently
+injected before any code runs, while on Linux a function call is
+needed, complicating initialization.
+
+The new PageCharacteristics structure holds the page size and shift
+as std::atomic<int> which are initialized on first use.
+
+Bug: 1301788
+Change-Id: I8ceead40de53ba7a2ec248bd6ef46f2a521dd29c
+Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3545665
+Reviewed-by: Benoit Lize <lizeb@chromium.org>
+Reviewed-by: Mark Mentovai <mark@chromium.org>
+Commit-Queue: Mark Mentovai <mark@chromium.org>
+Cr-Commit-Position: refs/heads/main@{#991588}
+
+diff --git a/AUTHORS b/AUTHORS
+index 364df55a2888c221523023facd8873fa010d40d6..f2b8d8c0d2a4474ded579212327f00489da00623 100644
+--- a/AUTHORS
++++ b/AUTHORS
+@@ -572,6 +572,7 @@ Jongsoo Lee <leejongsoo@gmail.com>
+ Joone Hur <joone.hur@intel.com>
+ Joonghun Park <pjh0718@gmail.com>
+ Jorge Villatoro <jorge@tomatocannon.com>
++Jorrit Jongma <jorrit@jongma.org>
+ Joseph Gentle <josephg@gmail.com>
+ Joseph Lolak <joseph.lolak@samsung.com>
+ Josh Triplett <josh.triplett@intel.com>
+diff --git a/base/allocator/partition_allocator/address_space_randomization.h b/base/allocator/partition_allocator/address_space_randomization.h
+index 43033d728050a8d8b03f5e4a69fa1593190d30f1..e77757c3ad512f03cd21127ebd780e7a19f12672 100644
+--- a/base/allocator/partition_allocator/address_space_randomization.h
++++ b/base/allocator/partition_allocator/address_space_randomization.h
+@@ -121,6 +121,21 @@ AslrMask(uintptr_t bits) {
+         return AslrAddress(0x20000000ULL);
+       }
+ 
++      #elif BUILDFLAG(IS_LINUX)
++
++      // Linux on arm64 can use 39, 42, 48, or 52-bit user space, depending on
++      // page size and number of levels of translation pages used. We use
++      // 39-bit as base as all setups should support this, lowered to 38-bit
++      // as ASLROffset() could cause a carry.
++      PAGE_ALLOCATOR_CONSTANTS_DECLARE_CONSTEXPR ALWAYS_INLINE uintptr_t
++      ASLRMask() {
++        return AslrMask(38);
++      }
++      PAGE_ALLOCATOR_CONSTANTS_DECLARE_CONSTEXPR ALWAYS_INLINE uintptr_t
++      ASLROffset() {
++        return AslrAddress(0x1000000000ULL);
++      }
++
+       #else
+ 
+       // ARM64 on Linux has 39-bit user space. Use 38 bits since ASLROffset()
+diff --git a/base/allocator/partition_allocator/page_allocator_constants.h b/base/allocator/partition_allocator/page_allocator_constants.h
+index 12515b9a02865eb8a4b2a7c15b0fcce06a8ec7f9..0a996cfdcc4a42005ffad8922f3cc55547c47d20 100644
+--- a/base/allocator/partition_allocator/page_allocator_constants.h
++++ b/base/allocator/partition_allocator/page_allocator_constants.h
+@@ -24,6 +24,31 @@
+ // elimination.
+ #define PAGE_ALLOCATOR_CONSTANTS_DECLARE_CONSTEXPR __attribute__((const))
+ 
++#elif BUILDFLAG(IS_LINUX) && defined(ARCH_CPU_ARM64)
++// This should work for all POSIX (if needed), but currently all other
++// supported OS/architecture combinations use either hard-coded values
++// (such as x86) or have means to determine these values without needing
++// atomics (such as macOS on arm64).
++
++// Page allocator constants are run-time constant
++#define PAGE_ALLOCATOR_CONSTANTS_DECLARE_CONSTEXPR __attribute__((const))
++
++#include <unistd.h>
++#include <atomic>
++
++namespace partition_alloc::internal {
++
++// Holds the current page size and shift, where size = 1 << shift
++// Use PageAllocationGranularity(), PageAllocationGranularityShift()
++// to initialize and retrieve these values safely.
++struct PageCharacteristics {
++  std::atomic<int> size;
++  std::atomic<int> shift;
++};
++extern PageCharacteristics page_characteristics;
++
++}  // namespace partition_alloc::internal
++
+ #else
+ 
+ // When defined, page size constants are fixed at compile time. When not
+@@ -38,6 +63,10 @@
+ 
+ namespace partition_alloc::internal {
+ 
++// Forward declaration, implementation below
++PAGE_ALLOCATOR_CONSTANTS_DECLARE_CONSTEXPR ALWAYS_INLINE size_t
++PageAllocationGranularity();
++
+ PAGE_ALLOCATOR_CONSTANTS_DECLARE_CONSTEXPR ALWAYS_INLINE size_t
+ PageAllocationGranularityShift() {
+ #if BUILDFLAG(IS_WIN) || defined(ARCH_CPU_PPC64)
+@@ -50,6 +79,15 @@ PageAllocationGranularityShift() {
+   return 14;  // 16kB
+ #elif BUILDFLAG(IS_APPLE) && defined(ARCH_CPU_64_BITS)
+   return vm_page_shift;
++#elif BUILDFLAG(IS_LINUX) && defined(ARCH_CPU_ARM64)
++  // arm64 supports 4kb (shift = 12), 16kb (shift = 14), and 64kb (shift = 16)
++  // page sizes. Retrieve from or initialize cache.
++  int shift = page_characteristics.shift.load(std::memory_order_relaxed);
++  if (UNLIKELY(shift == 0)) {
++    shift = __builtin_ctz((int)PageAllocationGranularity());
++    page_characteristics.shift.store(shift, std::memory_order_relaxed);
++  }
++  return shift;
+ #else
+   return 12;  // 4kB
+ #endif
+@@ -59,8 +97,17 @@ PAGE_ALLOCATOR_CONSTANTS_DECLARE_CONSTEXPR ALWAYS_INLINE size_t
+ PageAllocationGranularity() {
+ #if BUILDFLAG(IS_APPLE) && defined(ARCH_CPU_64_BITS)
+   // This is literally equivalent to |1 << PageAllocationGranularityShift()|
+-  // below, but was separated out for OS_APPLE to avoid << on a non-constexpr.
++  // below, but was separated out for IS_APPLE to avoid << on a non-constexpr.
+   return vm_page_size;
++#elif BUILDFLAG(IS_LINUX) && defined(ARCH_CPU_ARM64)
++  // arm64 supports 4kb, 16kb, and 64kb page sizes. Retrieve from or
++  // initialize cache.
++  int size = page_characteristics.size.load(std::memory_order_relaxed);
++  if (UNLIKELY(size == 0)) {
++    size = getpagesize();
++    page_characteristics.size.store(size, std::memory_order_relaxed);
++  }
++  return size;
+ #else
+   return 1 << PageAllocationGranularityShift();
+ #endif
+@@ -90,9 +137,11 @@ SystemPageShift() {
+ 
+ PAGE_ALLOCATOR_CONSTANTS_DECLARE_CONSTEXPR ALWAYS_INLINE size_t
+ SystemPageSize() {
+-#if BUILDFLAG(IS_APPLE) && defined(ARCH_CPU_64_BITS)
++#if (BUILDFLAG(IS_APPLE) && defined(ARCH_CPU_64_BITS)) || \
++    (BUILDFLAG(IS_LINUX) && defined(ARCH_CPU_ARM64))
+   // This is literally equivalent to |1 << SystemPageShift()| below, but was
+-  // separated out for 64-bit OS_APPLE to avoid << on a non-constexpr.
++  // separated out for 64-bit IS_APPLE and arm64 on Linux to avoid << on a
++  // non-constexpr.
+   return PageAllocationGranularity();
+ #else
+   return 1 << SystemPageShift();
+diff --git a/base/allocator/partition_allocator/partition_address_space.cc b/base/allocator/partition_allocator/partition_address_space.cc
+index 71075090cc64bfac2d443a3ee4e210d7aca8a3e5..1e9dc5d312e154ef7a1c66aaef4de3c45a69c912 100644
+--- a/base/allocator/partition_allocator/partition_address_space.cc
++++ b/base/allocator/partition_allocator/partition_address_space.cc
+@@ -167,6 +167,12 @@ void PartitionAddressSpace::UninitConfigurablePoolForTesting() {
+   setup_.configurable_pool_ = 0;
+ }
+ 
++#if BUILDFLAG(IS_LINUX) && defined(ARCH_CPU_ARM64)
++
++PageCharacteristics page_characteristics;
++
++#endif  // BUILDFLAG(IS_LINUX) && defined(ARCH_CPU_ARM64)
++
+ #endif  // defined(PA_HAS_64_BITS_POINTERS)
+ 
+ }  // namespace partition_alloc::internal
+diff --git a/base/allocator/partition_allocator/partition_alloc_constants.h b/base/allocator/partition_allocator/partition_alloc_constants.h
+index e54a9a4a3bfafc1a174ed3f3b3cfa98e9d0794f3..1a1c110dc7b49f59e1b9cb7fa0297b90f70880ec 100644
+--- a/base/allocator/partition_allocator/partition_alloc_constants.h
++++ b/base/allocator/partition_allocator/partition_alloc_constants.h
+@@ -59,10 +59,11 @@ PAGE_ALLOCATOR_CONSTANTS_DECLARE_CONSTEXPR ALWAYS_INLINE size_t
+ PartitionPageShift() {
+   return 18;  // 256 KiB
+ }
+-#elif BUILDFLAG(IS_APPLE) && defined(ARCH_CPU_64_BITS)
++#elif (BUILDFLAG(IS_APPLE) && defined(ARCH_CPU_64_BITS)) || \
++    (BUILDFLAG(IS_LINUX) && defined(ARCH_CPU_ARM64))
+ PAGE_ALLOCATOR_CONSTANTS_DECLARE_CONSTEXPR ALWAYS_INLINE size_t
+ PartitionPageShift() {
+-  return vm_page_shift + 2;
++  return PageAllocationGranularityShift() + 2;
+ }
+ #else
+ PAGE_ALLOCATOR_CONSTANTS_DECLARE_CONSTEXPR ALWAYS_INLINE size_t
+diff --git a/base/allocator/partition_allocator/partition_page.h b/base/allocator/partition_allocator/partition_page.h
+index 5ee5e2c3843a6fa7d8717a619b5d8ccec2edd8f3..efaf910f2b4e9db812402db6566bb7b6aeb354f2 100644
+--- a/base/allocator/partition_allocator/partition_page.h
++++ b/base/allocator/partition_allocator/partition_page.h
+@@ -134,6 +134,12 @@ struct __attribute__((packed)) SlotSpanMetadata {
+   // PartitionPageSize() is 4 times the OS page size.
+   static constexpr size_t kMaxSlotsPerSlotSpan =
+       4 * (1 << 14) / kSmallestBucket;
++#elif BUILDFLAG(IS_LINUX) && defined(ARCH_CPU_ARM64)
++  // System page size can be 4, 16, or 64 kiB on Linux on arm64. 64 kiB is
++  // currently (kMaxSlotsPerSlotSpanBits == 13) not supported by the code,
++  // so we use the 16 kiB maximum (64 kiB will crash).
++  static constexpr size_t kMaxSlotsPerSlotSpan =
++      4 * (1 << 14) / kSmallestBucket;
+ #else
+   // A slot span can "span" multiple PartitionPages, but then its slot size is
+   // larger, so it doesn't have as many slots.
+diff --git a/base/allocator/partition_allocator/partition_root.cc b/base/allocator/partition_allocator/partition_root.cc
+index 98e3940c44cb7460b91305aab0fcc24ef739b979..31f6519227c0c6c5d6235cff8567e46ebe010d24 100644
+--- a/base/allocator/partition_allocator/partition_root.cc
++++ b/base/allocator/partition_allocator/partition_root.cc
+@@ -309,11 +309,12 @@ static size_t PartitionPurgeSlotSpan(
+   constexpr size_t kMaxSlotCount =
+       (PartitionPageSize() * kMaxPartitionPagesPerRegularSlotSpan) /
+       SystemPageSize();
+-#elif BUILDFLAG(IS_APPLE)
++#elif BUILDFLAG(IS_APPLE) || (BUILDFLAG(IS_LINUX) && defined(ARCH_CPU_ARM64))
+   // It's better for slot_usage to be stack-allocated and fixed-size, which
+-  // demands that its size be constexpr. On OS_APPLE, PartitionPageSize() is
+-  // always SystemPageSize() << 2, so regardless of what the run time page size
+-  // is, kMaxSlotCount can always be simplified to this expression.
++  // demands that its size be constexpr. On OS_APPLE and Linux on arm64,
++  // PartitionPageSize() is always SystemPageSize() << 2, so regardless of
++  // what the run time page size is, kMaxSlotCount can always be simplified
++  // to this expression.
+   constexpr size_t kMaxSlotCount = 4 * kMaxPartitionPagesPerRegularSlotSpan;
+   PA_CHECK(kMaxSlotCount ==
+            (PartitionPageSize() * kMaxPartitionPagesPerRegularSlotSpan) /
+@@ -633,6 +634,14 @@ void PartitionRoot<thread_safe>::Init(PartitionOptions opts) {
+     // apple OSes.
+     PA_CHECK((SystemPageSize() == (size_t{1} << 12)) ||
+              (SystemPageSize() == (size_t{1} << 14)));
++#elif BUILDFLAG(IS_LINUX) && defined(ARCH_CPU_ARM64)
++    // Check runtime pagesize. Though the code is currently the same, it is
++    // not merged with the IS_APPLE case above as a 1 << 16 case needs to be
++    // added here in the future, to allow 64 kiB pagesize. That is only
++    // supported on Linux on arm64, not on IS_APPLE, but not yet present here
++    // as the rest of the partition allocator does not currently support it.
++    PA_CHECK((SystemPageSize() == (size_t{1} << 12)) ||
++             (SystemPageSize() == (size_t{1} << 14)));
+ #endif
+ 
+     ::partition_alloc::internal::ScopedGuard guard{lock_};

patches/chromium/refactor_expose_cursor_changes_to_the_webcontentsobserver.patch

@@ -43,10 +43,10 @@ index 59dda38e5781132472991979d90317dfaa96028f..7d51b1d678b9b11c0dfc48a0a890a43d
  
  void RenderWidgetHostImpl::ShowContextMenuAtPoint(
 diff --git a/content/browser/web_contents/web_contents_impl.cc b/content/browser/web_contents/web_contents_impl.cc
-index 5afb01c9de253053243a1add87269a9d848b5297..1734f93f7d06faf2c28d65d23bbc6c17f72e0b59 100644
+index b406cd71133062618258a7d56e69b5e258687e12..4e78c10d21e08fef2b25ef5a13987c13bc8c204a 100644
 --- a/content/browser/web_contents/web_contents_impl.cc
 +++ b/content/browser/web_contents/web_contents_impl.cc
-@@ -4486,6 +4486,11 @@ TextInputManager* WebContentsImpl::GetTextInputManager() {
+@@ -4495,6 +4495,11 @@ TextInputManager* WebContentsImpl::GetTextInputManager() {
    return text_input_manager_.get();
  }
  

patches/chromium/resource_file_conflict.patch

@@ -52,10 +52,10 @@ Some alternatives to this patch:
 None of these options seems like a substantial maintainability win over this patch to me (@nornagon).
 
 diff --git a/chrome/BUILD.gn b/chrome/BUILD.gn
-index 0cfd59aa05b0d8e837c8057f00c593b4878539b2..0cf38ad237727254c77472f73d82d6f65fe14bde 100644
+index 51555df59f2bf9d0f396b9ffea0524a2533274ec..f2c4feac76e96575de3627b7e8f2373b4fb30411 100644
 --- a/chrome/BUILD.gn
 +++ b/chrome/BUILD.gn
-@@ -1593,7 +1593,7 @@ if (is_chrome_branded && !is_android) {
+@@ -1596,7 +1596,7 @@ if (is_chrome_branded && !is_android) {
    }
  }
  
@@ -64,7 +64,7 @@ index 0cfd59aa05b0d8e837c8057f00c593b4878539b2..0cf38ad237727254c77472f73d82d6f6
    chrome_paks("packed_resources") {
      if (is_mac) {
        output_dir = "$root_gen_dir/repack"
-@@ -1621,6 +1621,12 @@ if (!is_android) {
+@@ -1624,6 +1624,12 @@ if (!is_android) {
    }
  }
  

patches/chromium/sysroot.patch

@@ -7,7 +7,7 @@ Make chrome's install-sysroot scripts point to our custom sysroot builds,
 which include extra deps that Electron needs (e.g. libnotify)
 
 diff --git a/build/linux/sysroot_scripts/install-sysroot.py b/build/linux/sysroot_scripts/install-sysroot.py
-index ada6208644cb22c9f51c571f9509e335c0836163..86b55223fc21adf0e01cb276ebc613f6ea24f8b2 100755
+index ada6208644cb22c9f51c571f9509e335c0836163..8f7169a0837a80c05faebce85ab4feac9e02bde2 100755
 --- a/build/linux/sysroot_scripts/install-sysroot.py
 +++ b/build/linux/sysroot_scripts/install-sysroot.py
 @@ -41,9 +41,11 @@ except ImportError:
@@ -19,8 +19,8 @@ index ada6208644cb22c9f51c571f9509e335c0836163..86b55223fc21adf0e01cb276ebc613f6
  
 -URL_PREFIX = 'https://commondatastorage.googleapis.com'
 -URL_PATH = 'chrome-linux-sysroot/toolchain'
-+URL_PREFIX = 'https://s3.amazonaws.com'
-+URL_PATH = 'electronjs-sysroots/toolchain'
++URL_PREFIX = 'https://dev-cdn.electronjs.org'
++URL_PATH = 'linux-sysroots'
  
  VALID_ARCHS = ('arm', 'arm64', 'i386', 'amd64', 'mips', 'mips64el')
  

patches/chromium/ui_gtk_public_header.patch

@@ -1,28 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: deepak1556 <hop2deep@gmail.com>
-Date: Fri, 10 Apr 2020 17:47:18 -0700
-Subject: ui_gtk_public_header.patch
-
-Allow electron to depend on //ui/gtk/gtk_util.h
-
-diff --git a/ui/gtk/BUILD.gn b/ui/gtk/BUILD.gn
-index 4093df78da0bbb1d8df743942f364cf728ad3414..2f31d99b207ffc3531b5334b5a01239cc1fefb35 100644
---- a/ui/gtk/BUILD.gn
-+++ b/ui/gtk/BUILD.gn
-@@ -69,7 +69,7 @@ generate_stubs("gtk_stubs") {
- }
- 
- component("gtk") {
--  public = [ "gtk_ui_factory.h" ]
-+  public = [ "gtk_ui_factory.h", "gtk_util.h" ]
- 
-   sources = [
-     "gtk_color_mixers.cc",
-@@ -85,7 +85,6 @@ component("gtk") {
-     "gtk_ui_platform_stub.cc",
-     "gtk_ui_platform_stub.h",
-     "gtk_util.cc",
--    "gtk_util.h",
-     "input_method_context_impl_gtk.cc",
-     "input_method_context_impl_gtk.h",
-     "native_theme_gtk.cc",

patches/chromium/web_contents.patch

@@ -9,12 +9,12 @@ is needed for OSR.
 Originally landed in https://github.com/electron/libchromiumcontent/pull/226.
 
 diff --git a/content/browser/web_contents/web_contents_impl.cc b/content/browser/web_contents/web_contents_impl.cc
-index b19517ceafabde2ad88e83af97b9768b8a03fb60..4a553eee8f5d06cb645f2b52fe3baee347b1fa94 100644
+index d157b82514bc8eec76b9a06f67bb581c5bf24d56..cbcad21d8e320c6019cc7fbf31bd1c2aac5d03d8 100644
 --- a/content/browser/web_contents/web_contents_impl.cc
 +++ b/content/browser/web_contents/web_contents_impl.cc
-@@ -3040,6 +3040,13 @@ void WebContentsImpl::Init(const WebContents::CreateParams& params,
+@@ -3049,6 +3049,13 @@ void WebContentsImpl::Init(const WebContents::CreateParams& params,
        site_instance.get(), params.renderer_initiated_creation,
-       params.main_frame_name, GetOriginalOpener(), primary_main_frame_policy);
+       params.main_frame_name, GetOpener(), primary_main_frame_policy);
  
 +  if (params.view && params.delegate_view) {
 +    view_.reset(params.view);
@@ -26,7 +26,7 @@ index b19517ceafabde2ad88e83af97b9768b8a03fb60..4a553eee8f5d06cb645f2b52fe3baee3
    WebContentsViewDelegate* delegate =
        GetContentClient()->browser()->GetWebContentsViewDelegate(this);
  
-@@ -3050,6 +3057,7 @@ void WebContentsImpl::Init(const WebContents::CreateParams& params,
+@@ -3059,6 +3066,7 @@ void WebContentsImpl::Init(const WebContents::CreateParams& params,
      view_.reset(CreateWebContentsView(this, delegate,
                                        &render_view_host_delegate_view_));
    }
@@ -35,7 +35,7 @@ index b19517ceafabde2ad88e83af97b9768b8a03fb60..4a553eee8f5d06cb645f2b52fe3baee3
    CHECK(view_.get());
  
 diff --git a/content/public/browser/web_contents.h b/content/public/browser/web_contents.h
-index ad5c13965f1ccc078de5f25b08d51ed43e37f259..cd1b44d4ff5ce8924749ba9e41b3f599108bb8fd 100644
+index da69df2b3b6c97b5b7f3200f6ba355a02804ccf3..be92a83de1a5ccdc106277d67b706e9b109298a9 100644
 --- a/content/public/browser/web_contents.h
 +++ b/content/public/browser/web_contents.h
 @@ -93,10 +93,13 @@ class BrowserContext;

patches/config.json

@@ -19,5 +19,7 @@
 
   "src/electron/patches/Mantle": "src/third_party/squirrel.mac/vendor/Mantle",
 
-  "src/electron/patches/ReactiveObjC": "src/third_party/squirrel.mac/vendor/ReactiveObjC"
+  "src/electron/patches/ReactiveObjC": "src/third_party/squirrel.mac/vendor/ReactiveObjC",
+
+  "src/electron/patches/angle": "src/third_party/angle"
 }

patches/node/.patches

@@ -45,3 +45,5 @@ process_simplify_uv_write_int_calls_3519.patch
 macos_don_t_use_thread-unsafe_strtok_3524.patch
 process_fix_hang_after_note_exit_3521.patch
 worker_thread_add_asar_support.patch
+macos_avoid_posix_spawnp_cwd_bug_3597.patch
+feat_add_knostartdebugsignalhandler_to_environment_to_prevent.patch

patches/node/build_add_gn_build_files.patch

@@ -1794,11 +1794,11 @@ index 31e75367f8263f575f37243475acb58bb5c40d04..8f102792fe66847dad0ba7176299cf09
  // which the Node binary being built supports.
 diff --git a/tools/generate_gn_filenames_json.py b/tools/generate_gn_filenames_json.py
 new file mode 100755
-index 0000000000000000000000000000000000000000..8f884a41f57630ac432eb85ebfc9b8bc82cddaca
+index 0000000000000000000000000000000000000000..87621ba1d7f1c80aadb81461824b0c2edab1de22
 --- /dev/null
 +++ b/tools/generate_gn_filenames_json.py
 @@ -0,0 +1,75 @@
-+#!/usr/bin/env python
++#!/usr/bin/env python3
 +import json
 +import os
 +import sys
@@ -1875,11 +1875,11 @@ index 0000000000000000000000000000000000000000..8f884a41f57630ac432eb85ebfc9b8bc
 +    f.write('\n')
 diff --git a/tools/generate_node_version_header.py b/tools/generate_node_version_header.py
 new file mode 100755
-index 0000000000000000000000000000000000000000..3088ae4bdf814ae255c9805ebd393b2eee17e941
+index 0000000000000000000000000000000000000000..2a92eccfa582df361f2a889c0d9b32c1059baa7d
 --- /dev/null
 +++ b/tools/generate_node_version_header.py
 @@ -0,0 +1,25 @@
-+#!/usr/bin/env python
++#!/usr/bin/env python3
 +import re
 +import sys
 +

patches/node/feat_add_knostartdebugsignalhandler_to_environment_to_prevent.patch

@@ -0,0 +1,69 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Samuel Attard <samuel.r.attard@gmail.com>
+Date: Mon, 7 Mar 2022 16:36:28 -0800
+Subject: feat: add kNoStartDebugSignalHandler to Environment to prevent
+ SIGUSR1 handling
+
+This patch should be upstreamed, it allows embedders to prevent the call to StartDebugSignalHandler which handles SIGUSR1 and starts the inspector agent.  Apps that have --inspect disabled also don't want SIGUSR1 to have this affect.
+
+diff --git a/src/env-inl.h b/src/env-inl.h
+index 845e00208af4b12960ed8b3f3926323af7685185..1ebc33324907654d16e9c0e19b2955efbac7cac7 100644
+--- a/src/env-inl.h
++++ b/src/env-inl.h
+@@ -896,6 +896,10 @@ inline bool Environment::should_initialize_inspector() const {
+   return (flags_ & EnvironmentFlags::kNoInitializeInspector) == 0;
+ }
+ 
++inline bool Environment::should_start_debug_signal_handler() const {
++  return (flags_ & EnvironmentFlags::kNoStartDebugSignalHandler) == 0;
++}
++
+ bool Environment::filehandle_close_warning() const {
+   return emit_filehandle_warning_;
+ }
+diff --git a/src/env.h b/src/env.h
+index ab8334bf0e3405fee4d21a4b541bd1164d92ca89..b2537ebd44bc5b37dd97752735f84e87de1f24bf 100644
+--- a/src/env.h
++++ b/src/env.h
+@@ -1207,6 +1207,7 @@ class Environment : public MemoryRetainer {
+   inline bool hide_console_windows() const;
+   inline bool no_global_search_paths() const;
+   inline bool should_initialize_inspector() const;
++  inline bool should_start_debug_signal_handler() const;
+   inline uint64_t thread_id() const;
+   inline worker::Worker* worker_context() const;
+   Environment* worker_parent_env() const;
+diff --git a/src/inspector_agent.cc b/src/inspector_agent.cc
+index c4a3322c6d972fc2052af75b79389c522924d9c5..39ff8df415be1908ba404fba34d9cedda04a88af 100644
+--- a/src/inspector_agent.cc
++++ b/src/inspector_agent.cc
+@@ -680,8 +680,10 @@ bool Agent::Start(const std::string& path,
+                               StartIoThreadAsyncCallback));
+     uv_unref(reinterpret_cast<uv_handle_t*>(&start_io_thread_async));
+     start_io_thread_async.data = this;
+-    // Ignore failure, SIGUSR1 won't work, but that should not block node start.
+-    StartDebugSignalHandler();
++    if (parent_env_->should_start_debug_signal_handler()) {
++      // Ignore failure, SIGUSR1 won't work, but that should not block node start.
++      StartDebugSignalHandler();
++    }
+ 
+     parent_env_->AddCleanupHook([](void* data) {
+       Environment* env = static_cast<Environment*>(data);
+diff --git a/src/node.h b/src/node.h
+index 4201c0d0460b032721ef42a26d79c38a9ee20c24..6873fc89406b046823db9e45234eb7f6b767099d 100644
+--- a/src/node.h
++++ b/src/node.h
+@@ -425,7 +425,11 @@ enum Flags : uint64_t {
+   // Controls whether or not the Environment should call InitializeInspector.
+   // This control is needed by embedders who may not want to initialize the V8
+   // inspector in situations where it already exists.
+-  kNoInitializeInspector = 1 << 8
++  kNoInitializeInspector = 1 << 8,
++  // Controls where or not the InspectorAgent for this Environment should
++  // call StartDebugSignalHandler.  This control is needed by embedders who may
++  // not want to allow other processes to start the V8 inspector.
++  kNoStartDebugSignalHandler = 1 << 9
+ };
+ }  // namespace EnvironmentFlags
+ 

patches/node/macos_avoid_posix_spawnp_cwd_bug_3597.patch

@@ -0,0 +1,111 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Jameson Nash <vtjnash@gmail.com>
+Date: Fri, 15 Apr 2022 14:10:27 -0400
+Subject: macos: avoid posix_spawnp() cwd bug (#3597)
+
+macOS 10.15 has a bug where configuring the working directory with
+posix_spawn_file_actions_addchdir_np() makes posix_spawnp() fail with
+ENOENT even though the executable is spawned successfully.
+
+diff --git a/deps/uv/src/unix/process.c b/deps/uv/src/unix/process.c
+index c8816b85b7e531648064e739fb89257565ad64bb..de51bac3d0e8daf519d35c6a3994f1479590607a 100644
+--- a/deps/uv/src/unix/process.c
++++ b/deps/uv/src/unix/process.c
+@@ -671,27 +671,25 @@ static int uv__spawn_resolve_and_spawn(const uv_process_options_t* options,
+   if (options->env != NULL)
+     env = options->env;
+ 
+-  /* If options->file contains a slash, posix_spawn/posix_spawnp behave
+-   * the same, and don't involve PATH resolution at all. Otherwise, if
+-   * options->file does not include a slash, but no custom environment is
+-   * to be used, the environment used for path resolution as well for the
+-   * child process is that of the parent process, so posix_spawnp is the
+-   * way to go. */
+-  if (strchr(options->file, '/') != NULL || options->env == NULL) {
++  /* If options->file contains a slash, posix_spawn/posix_spawnp should behave
++   * the same, and do not involve PATH resolution at all. The libc
++   * `posix_spawnp` provided by Apple is buggy (since 10.15), so we now emulate it
++   * here, per https://github.com/libuv/libuv/pull/3583. */
++  if (strchr(options->file, '/') != NULL) {
+     do
+-      err = posix_spawnp(pid, options->file, actions, attrs, options->args, env);
++      err = posix_spawn(pid, options->file, actions, attrs, options->args, env);
+     while (err == EINTR);
+     return err;
+   }
+ 
+   /* Look for the definition of PATH in the provided env */
+-  path = uv__spawn_find_path_in_env(options->env);
++  path = uv__spawn_find_path_in_env(env);
+ 
+   /* The following resolution logic (execvpe emulation) is copied from
+    * https://git.musl-libc.org/cgit/musl/tree/src/process/execvp.c
+    * and adapted to work for our specific usage */
+ 
+-  /* If no path was provided in options->env, use the default value
++  /* If no path was provided in env, use the default value
+    * to look for the executable */
+   if (path == NULL)
+     path = _PATH_DEFPATH;
+diff --git a/deps/uv/test/test-list.h b/deps/uv/test/test-list.h
+index 58489c4be7b3a7b36d5b01a1f07d411ef3d99ae3..b4c039706417ab679c4f24a863118e736635371c 100644
+--- a/deps/uv/test/test-list.h
++++ b/deps/uv/test/test-list.h
+@@ -319,6 +319,7 @@ TEST_DECLARE   (spawn_inherit_streams)
+ TEST_DECLARE   (spawn_quoted_path)
+ TEST_DECLARE   (spawn_tcp_server)
+ TEST_DECLARE   (spawn_exercise_sigchld_issue)
++TEST_DECLARE   (spawn_relative_path)
+ TEST_DECLARE   (fs_poll)
+ TEST_DECLARE   (fs_poll_getpath)
+ TEST_DECLARE   (fs_poll_close_request)
+@@ -946,6 +947,7 @@ TASK_LIST_START
+   TEST_ENTRY  (spawn_quoted_path)
+   TEST_ENTRY  (spawn_tcp_server)
+   TEST_ENTRY  (spawn_exercise_sigchld_issue)
++  TEST_ENTRY  (spawn_relative_path)
+   TEST_ENTRY  (fs_poll)
+   TEST_ENTRY  (fs_poll_getpath)
+   TEST_ENTRY  (fs_poll_close_request)
+diff --git a/deps/uv/test/test-spawn.c b/deps/uv/test/test-spawn.c
+index dfd5458ef37c664af9a55a8383bdb3121885db3b..de9c710020ef7da66e45f5617a8a697e698fa202 100644
+--- a/deps/uv/test/test-spawn.c
++++ b/deps/uv/test/test-spawn.c
+@@ -1981,3 +1981,37 @@ void spawn_stdin_stdout(void) {
+   }
+ }
+ #endif /* !_WIN32 */
++
++TEST_IMPL(spawn_relative_path) {
++  char* sep;
++
++  init_process_options("spawn_helper1", exit_cb);
++
++  exepath_size = sizeof(exepath) - 2;
++  ASSERT_EQ(0, uv_exepath(exepath, &exepath_size));
++  exepath[exepath_size] = '\0';
++
++  /* Poor man's basename(3). */
++  sep = strrchr(exepath, '/');
++  if (sep == NULL)
++    sep = strrchr(exepath, '\\');
++  ASSERT_NOT_NULL(sep);
++
++  /* Split into dirname and basename and make basename relative. */
++  memmove(sep + 2, sep, 1 + strlen(sep));
++  sep[0] = '\0';
++  sep[1] = '.';
++  sep[2] = '/';
++
++  options.cwd = exepath;
++  options.file = options.args[0] = sep + 1;
++
++  ASSERT_EQ(0, uv_spawn(uv_default_loop(), &process, &options));
++  ASSERT_EQ(0, uv_run(uv_default_loop(), UV_RUN_DEFAULT));
++
++  ASSERT_EQ(1, exit_cb_called);
++  ASSERT_EQ(1, close_cb_called);
++
++  MAKE_VALGRIND_HAPPY();
++  return 0;
++}

patches/squirrel.mac/.patches

@@ -1,3 +1,4 @@
 build_add_gn_config.patch
 fix_ensure_that_self_is_retained_until_the_racsignal_is_complete.patch
 fix_use_kseccschecknestedcode_kseccsstrictvalidate_in_the_sec.patch
+refactor_use_posix_spawn_instead_of_nstask_so_we_can_disclaim_the.patch

patches/squirrel.mac/build_add_gn_config.patch

@@ -511,11 +511,11 @@ index 0000000000000000000000000000000000000000..bdfaf95f3eca65b3e0831db1b66f651d
 +}
 diff --git a/build/xcrun.py b/build/xcrun.py
 new file mode 100644
-index 0000000000000000000000000000000000000000..18ac587f80441106405d00fafd9ee1f25b147772
+index 0000000000000000000000000000000000000000..a7aeeb7d3e187bd91ef12ed860d1e37eaea31fc1
 --- /dev/null
 +++ b/build/xcrun.py
 @@ -0,0 +1,14 @@
-+#!/usr/bin/env python
++#!/usr/bin/env python3
 +from __future__ import print_function
 +import os
 +import subprocess

patches/squirrel.mac/refactor_use_posix_spawn_instead_of_nstask_so_we_can_disclaim_the.patch

@@ -0,0 +1,101 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Samuel Attard <samuel.r.attard@gmail.com>
+Date: Mon, 28 Mar 2022 02:36:39 -0700
+Subject: refactor: use posix_spawn instead of NSTask so we can disclaim the
+ spawned ShipIt executable
+
+This ensures that if the ShipIt executable is hotswapped it doesn't inherit TCC permissions
+
+diff --git a/Squirrel/ShipIt-main.m b/Squirrel/ShipIt-main.m
+index db246534e176f9c3ea2dd8b1c8659378fdc2435d..2c515ffdd67052a08ee8155c0e46b57e9721a0e5 100644
+--- a/Squirrel/ShipIt-main.m
++++ b/Squirrel/ShipIt-main.m
+@@ -13,6 +13,9 @@
+ #import <ReactiveObjC/RACSignal+Operations.h>
+ #import <ReactiveObjC/RACScheduler.h>
+ 
++#include <spawn.h>
++#include <sys/wait.h>
++
+ #import "NSError+SQRLVerbosityExtensions.h"
+ #import "RACSignal+SQRLTransactionExtensions.h"
+ #import "SQRLInstaller.h"
+@@ -20,6 +23,20 @@
+ #import "SQRLTerminationListener.h"
+ #import "SQRLShipItRequest.h"
+ 
++extern char **environ;
++
++int responsibility_spawnattrs_setdisclaim(posix_spawnattr_t attrs, int disclaim)
++__attribute__((availability(macos,introduced=10.14),weak_import));
++
++#define CHECK_ERR(expr) \
++	{ \
++		int err = (expr); \
++    if (err) { \
++        fprintf(stderr, "%s: %s", #expr, strerror(err)); \
++        exit(err); \
++    } \
++	}
++
+ // The maximum number of times ShipIt should run the same installation state, in
+ // an attempt to update.
+ //
+@@ -136,11 +153,37 @@ static void installRequest(RACSignal *readRequestSignal, NSString *applicationId
+ 							NSString *exe = NSProcessInfo.processInfo.arguments[0];
+ 							NSLog(@"Launching new ShipIt at %@ with instructions to launch %@", exe, bundleURL);
+ 
+-							NSTask *task = [[NSTask alloc] init];
+-							[task setLaunchPath: exe];
+-							[task setArguments: @[launchSignal, bundleURL.path]];
+-							[task launch];
+-							[task waitUntilExit];
++							posix_spawnattr_t attr;
++							CHECK_ERR(posix_spawnattr_init(&attr));
++
++							if (@available(macOS 10.14, *)) {
++									// Disclaim TCC responsibilities
++									if (responsibility_spawnattrs_setdisclaim)
++											CHECK_ERR(responsibility_spawnattrs_setdisclaim(&attr, 1));
++							}
++
++							pid_t pid = 0;
++
++							const char* launchPath = [exe fileSystemRepresentation];
++							const char* signal = [launchSignal fileSystemRepresentation];
++							const char* path = [bundleURL.path fileSystemRepresentation];
++							const char* args[] = { launchPath, signal, path, 0 };
++							int status = posix_spawn(&pid, [exe UTF8String], NULL, &attr, (char *const*)args, environ);
++							if (status == 0) {
++								NSLog(@"New ShipIt pid: %i", pid);
++								do {
++									if (waitpid(pid, &status, 0) != -1) {
++										NSLog(@"ShipIt status %d", WEXITSTATUS(status));
++									} else {
++										perror("waitpid");
++										exit(1);
++									}
++								} while (!WIFEXITED(status) && !WIFSIGNALED(status));
++							} else {
++								NSLog(@"posix_spawn: %s", strerror(status));
++							}
++
++							posix_spawnattr_destroy(&attr);
+ 
+ 							NSLog(@"New ShipIt exited");
+ 						} else {
+@@ -172,7 +215,13 @@ int main(int argc, const char * argv[]) {
+ 		});
+ 
+ 		if (argc < 3) {
+-			NSLog(@"Missing launchd job label or state path for ShipIt");
++			NSLog(@"Missing launchd job label or state path for ShipIt (%d)", argc);
++			if (argc >= 1) {
++				NSLog(@"Arg 1: {%s}", argv[0]);
++			}
++			if (argc >= 2) {
++				NSLog(@"Arg 2: {%s}", argv[1]);
++			}
+ 			return EXIT_FAILURE;
+ 		}
+ 

patches/v8/.patches

@@ -4,6 +4,7 @@ dcheck.patch
 export_symbols_needed_for_windows_build.patch
 workaround_an_undefined_symbol_error.patch
 do_not_export_private_v8_symbols_on_windows.patch
-fix_build_deprecated_attirbute_for_older_msvc_versions.patch
+fix_build_deprecated_attribute_for_older_msvc_versions.patch
 fix_disable_implies_dcheck_for_node_stream_array_buffers.patch
 revert_fix_cppgc_removed_deleted_cstors_in_cppheapcreateparams.patch
+cherry-pick-723ed8a9cfff.patch

patches/v8/cherry-pick-723ed8a9cfff.patch

@@ -0,0 +1,195 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Jakob Kummerow <jkummerow@chromium.org>
+Date: Mon, 2 May 2022 19:52:11 +0200
+Subject: Merged: [wasm] Fix Int64Lowering for tagged stack-passed parameters
+
+When lowering signatures, we must preserve the separation of parameters
+into tagged and untagged sections.
+
+Fixed: chromium:1320614
+(cherry picked from commit 8062598f26127d833c237acb3da154c91c1ec7e7)
+
+Change-Id: I2f84535f785ce5c96e9c892994416986965eaa40
+Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3632515
+Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
+Reviewed-by: Shu-yu Guo <syg@chromium.org>
+Cr-Commit-Position: refs/branch-heads/10.1@{#28}
+Cr-Branched-From: b003970395b7efcc309eb30b4ca06dd8385acd55-refs/heads/10.1.124@{#1}
+Cr-Branched-From: e62f556862624103ea1da5b9dcef9b216832033b-refs/heads/main@{#79503}
+
+diff --git a/src/compiler/wasm-compiler.cc b/src/compiler/wasm-compiler.cc
+index 8f54d1b045550ea848bda59f0b65b1493afe46e3..d1cbdfa674e9118e2316b44b5f9cffe6fe9dae98 100644
+--- a/src/compiler/wasm-compiler.cc
++++ b/src/compiler/wasm-compiler.cc
+@@ -8530,16 +8530,10 @@ class LinkageLocationAllocator {
+   // must be offset to just before the param slots, using this |slot_offset_|.
+   int slot_offset_;
+ };
+-}  // namespace
+ 
+-// General code uses the above configuration data.
+-CallDescriptor* GetWasmCallDescriptor(Zone* zone, const wasm::FunctionSig* fsig,
+-                                      WasmCallKind call_kind,
+-                                      bool need_frame_state) {
+-  // The extra here is to accomodate the instance object as first parameter
+-  // and, when specified, the additional callable.
+-  bool extra_callable_param =
+-      call_kind == kWasmImportWrapper || call_kind == kWasmCapiFunction;
++LocationSignature* BuildLocations(Zone* zone, const wasm::FunctionSig* fsig,
++                                  bool extra_callable_param,
++                                  int* parameter_slots, int* return_slots) {
+   int extra_params = extra_callable_param ? 2 : 1;
+   LocationSignature::Builder locations(zone, fsig->return_count(),
+                                        fsig->parameter_count() + extra_params);
+@@ -8582,19 +8576,37 @@ CallDescriptor* GetWasmCallDescriptor(Zone* zone, const wasm::FunctionSig* fsig,
+         kJSFunctionRegister.code(), MachineType::TaggedPointer()));
+   }
+ 
+-  int parameter_slots = AddArgumentPaddingSlots(params.NumStackSlots());
++  *parameter_slots = AddArgumentPaddingSlots(params.NumStackSlots());
+ 
+   // Add return location(s).
+   LinkageLocationAllocator rets(wasm::kGpReturnRegisters,
+-                                wasm::kFpReturnRegisters, parameter_slots);
++                                wasm::kFpReturnRegisters, *parameter_slots);
+ 
+-  const int return_count = static_cast<int>(locations.return_count_);
+-  for (int i = 0; i < return_count; i++) {
++  const size_t return_count = locations.return_count_;
++  for (size_t i = 0; i < return_count; i++) {
+     MachineRepresentation ret = fsig->GetReturn(i).machine_representation();
+     locations.AddReturn(rets.Next(ret));
+   }
+ 
+-  int return_slots = rets.NumStackSlots();
++  *return_slots = rets.NumStackSlots();
++
++  return locations.Build();
++}
++}  // namespace
++
++// General code uses the above configuration data.
++CallDescriptor* GetWasmCallDescriptor(Zone* zone, const wasm::FunctionSig* fsig,
++                                      WasmCallKind call_kind,
++                                      bool need_frame_state) {
++  // The extra here is to accomodate the instance object as first parameter
++  // and, when specified, the additional callable.
++  bool extra_callable_param =
++      call_kind == kWasmImportWrapper || call_kind == kWasmCapiFunction;
++
++  int parameter_slots;
++  int return_slots;
++  LocationSignature* location_sig = BuildLocations(
++      zone, fsig, extra_callable_param, &parameter_slots, &return_slots);
+ 
+   const RegList kCalleeSaveRegisters = 0;
+   const RegList kCalleeSaveFPRegisters = 0;
+@@ -8620,7 +8632,7 @@ CallDescriptor* GetWasmCallDescriptor(Zone* zone, const wasm::FunctionSig* fsig,
+       descriptor_kind,                    // kind
+       target_type,                        // target MachineType
+       target_loc,                         // target location
+-      locations.Build(),                  // location_sig
++      location_sig,                       // location_sig
+       parameter_slots,                    // parameter slot count
+       compiler::Operator::kNoProperties,  // properties
+       kCalleeSaveRegisters,               // callee-saved registers
+@@ -8671,78 +8683,45 @@ const wasm::FunctionSig* ReplaceTypeInSig(Zone* zone,
+ CallDescriptor* ReplaceTypeInCallDescriptorWith(
+     Zone* zone, const CallDescriptor* call_descriptor, size_t num_replacements,
+     wasm::ValueType input_type, wasm::ValueType output_type) {
+-  size_t parameter_count = call_descriptor->ParameterCount();
+-  size_t return_count = call_descriptor->ReturnCount();
+-  for (size_t i = 0; i < call_descriptor->ParameterCount(); i++) {
+-    if (call_descriptor->GetParameterType(i) == input_type.machine_type()) {
+-      parameter_count += num_replacements - 1;
++  if (call_descriptor->wasm_sig() == nullptr) {
++    // This happens for builtins calls. They need no replacements anyway.
++#if DEBUG
++    for (size_t i = 0; i < call_descriptor->ParameterCount(); i++) {
++      DCHECK_NE(call_descriptor->GetParameterType(i),
++                input_type.machine_type());
+     }
+-  }
+-  for (size_t i = 0; i < call_descriptor->ReturnCount(); i++) {
+-    if (call_descriptor->GetReturnType(i) == input_type.machine_type()) {
+-      return_count += num_replacements - 1;
++    for (size_t i = 0; i < call_descriptor->ReturnCount(); i++) {
++      DCHECK_NE(call_descriptor->GetReturnType(i), input_type.machine_type());
+     }
++#endif
++    return const_cast<CallDescriptor*>(call_descriptor);
+   }
+-  if (parameter_count == call_descriptor->ParameterCount() &&
+-      return_count == call_descriptor->ReturnCount()) {
++  const wasm::FunctionSig* sig =
++      ReplaceTypeInSig(zone, call_descriptor->wasm_sig(), input_type,
++                       output_type, num_replacements);
++  // If {ReplaceTypeInSig} took the early fast path, there's nothing to do.
++  if (sig == call_descriptor->wasm_sig()) {
+     return const_cast<CallDescriptor*>(call_descriptor);
+   }
+ 
+-  LocationSignature::Builder locations(zone, return_count, parameter_count);
+-
+   // The last parameter may be the special callable parameter. In that case we
+   // have to preserve it as the last parameter, i.e. we allocate it in the new
+   // location signature again in the same register.
+-  bool has_callable_param =
++  bool extra_callable_param =
+       (call_descriptor->GetInputLocation(call_descriptor->InputCount() - 1) ==
+        LinkageLocation::ForRegister(kJSFunctionRegister.code(),
+                                     MachineType::TaggedPointer()));
+-  LinkageLocationAllocator params(
+-      wasm::kGpParamRegisters, wasm::kFpParamRegisters, 0 /* no slot offset */);
+-
+-  for (size_t i = 0;
+-       i < call_descriptor->ParameterCount() - (has_callable_param ? 1 : 0);
+-       i++) {
+-    if (call_descriptor->GetParameterType(i) == input_type.machine_type()) {
+-      for (size_t j = 0; j < num_replacements; j++) {
+-        locations.AddParam(params.Next(output_type.machine_representation()));
+-      }
+-    } else {
+-      locations.AddParam(
+-          params.Next(call_descriptor->GetParameterType(i).representation()));
+-    }
+-  }
+-  if (has_callable_param) {
+-    locations.AddParam(LinkageLocation::ForRegister(
+-        kJSFunctionRegister.code(), MachineType::TaggedPointer()));
+-  }
+-
+-  int parameter_slots = AddArgumentPaddingSlots(params.NumStackSlots());
+-
+-  LinkageLocationAllocator rets(wasm::kGpReturnRegisters,
+-                                wasm::kFpReturnRegisters, parameter_slots);
+-
+-  for (size_t i = 0; i < call_descriptor->ReturnCount(); i++) {
+-    if (call_descriptor->GetReturnType(i) == input_type.machine_type()) {
+-      for (size_t j = 0; j < num_replacements; j++) {
+-        locations.AddReturn(rets.Next(output_type.machine_representation()));
+-      }
+-    } else {
+-      locations.AddReturn(
+-          rets.Next(call_descriptor->GetReturnType(i).representation()));
+-    }
+-  }
+-
+-  int return_slots = rets.NumStackSlots();
+ 
+-  auto sig = ReplaceTypeInSig(zone, call_descriptor->wasm_sig(), input_type,
+-                              output_type, num_replacements);
++  int parameter_slots;
++  int return_slots;
++  LocationSignature* location_sig = BuildLocations(
++      zone, sig, extra_callable_param, &parameter_slots, &return_slots);
+ 
+   return zone->New<CallDescriptor>(               // --
+       call_descriptor->kind(),                    // kind
+       call_descriptor->GetInputType(0),           // target MachineType
+       call_descriptor->GetInputLocation(0),       // target location
+-      locations.Build(),                          // location_sig
++      location_sig,                               // location_sig
+       parameter_slots,                            // parameter slot count
+       call_descriptor->properties(),              // properties
+       call_descriptor->CalleeSavedRegisters(),    // callee-saved registers

patches/v8/fix_build_deprecated_attribute_for_older_msvc_versions.patch

@@ -1,15 +1,12 @@
 From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
 From: Deepak Mohan <hop2deep@gmail.com>
 Date: Tue, 28 Jan 2020 15:48:03 -0800
-Subject: fix: usage of c++ [[deprecated]] attirbute for older msvc versions
+Subject: fix: usage of c++ [[deprecated]] attribute for older msvc versions
 
-VS 2015 update 3 has a bug where [[deprecated]] attribute cannot
-be applied to constructor declarations, this is fixed in 2017 and
-higher versions, but native module compiling with this version
-will have an issue.
+This attribute can only be used in all contexts in Visual Studio 2019
 
 diff --git a/include/v8config.h b/include/v8config.h
-index b16ab3ff88d1054d12af4de3ad0018c97c0b7fcc..c9963b43c121964c0c37c858adb228cd090d5c2a 100644
+index b16ab3ff88d1054d12af4de3ad0018c97c0b7fcc..09f1a1b9a6aa8c7d08121725c8447e95209ec7b6 100644
 --- a/include/v8config.h
 +++ b/include/v8config.h
 @@ -452,10 +452,13 @@ path. Add it with -I<path> to the command line
@@ -20,7 +17,7 @@ index b16ab3ff88d1054d12af4de3ad0018c97c0b7fcc..c9963b43c121964c0c37c858adb228cd
  // A macro (V8_DEPRECATED) to mark classes or functions as deprecated.
  #if defined(V8_DEPRECATION_WARNINGS)
 -# define V8_DEPRECATED(message) [[deprecated(message)]]
-+# if defined(_MSC_VER) && _MSC_VER <= 1900
++# if !defined(__clang__) && defined(_MSC_VER) && _MSC_VER < 1920
 +#   define V8_DEPRECATED(message) __declspec(deprecated(message))
 +# else
 +#   define V8_DEPRECATED(message) [[deprecated(message)]]
@@ -33,7 +30,7 @@ index b16ab3ff88d1054d12af4de3ad0018c97c0b7fcc..c9963b43c121964c0c37c858adb228cd
  // A macro (V8_DEPRECATE_SOON) to make it easier to see what will be deprecated.
  #if defined(V8_IMMINENT_DEPRECATION_WARNINGS)
 -# define V8_DEPRECATE_SOON(message) [[deprecated(message)]]
-+# if defined(_MSC_VER) && _MSC_VER <= 1900
++# if !defined(__clang__) && defined(_MSC_VER) && _MSC_VER < 1920
 +#   define V8_DEPRECATE_SOON(message) __declspec(deprecated(message))
 +# else
 +#   define V8_DEPRECATE_SOON(message) [[deprecated(message)]]

patches/webrtc/.patches

@@ -1 +1,2 @@
 add_thread_local_to_x_error_trap_cc.patch
+cherry-pick-a18fddcb53e6.patch

patches/webrtc/cherry-pick-a18fddcb53e6.patch

@@ -0,0 +1,48 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Tony Herre <herre@google.com>
+Date: Fri, 25 Mar 2022 09:33:14 +0100
+Subject: Filter out Mac StatusIndicator window from desktop capture list
+
+Since 12.2, the orange/red indicator at the top right of the screen shows up as a window in the Chrome getDisplayMedia() picker, as it's not filtered out by the existing filters. Screenshots in the bug.
+
+Bug: chromium:1297731, b/218211225
+Change-Id: I0f87e8d2af42a5a2e3d84f69fe73596e9cf35622
+Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/251841
+Reviewed-by: Alexander Cooper <alcooper@chromium.org>
+Commit-Queue: Tony Herre <herre@google.com>
+Cr-Commit-Position: refs/heads/main@{#36350}
+
+diff --git a/modules/desktop_capture/mac/window_list_utils.cc b/modules/desktop_capture/mac/window_list_utils.cc
+index d2fb20ed4ca0689fd6f51ee994308e876680ab1e..5d881662ea2f2d86d2c33bf20f79d31ef4e7a481 100644
+--- a/modules/desktop_capture/mac/window_list_utils.cc
++++ b/modules/desktop_capture/mac/window_list_utils.cc
+@@ -31,6 +31,11 @@ namespace webrtc {
+ 
+ namespace {
+ 
++// WindowName of the status indicator dot shown since Monterey in the taskbar.
++// Testing on 12.2.1 shows this is independent of system language setting.
++const CFStringRef kStatusIndicator = CFSTR("StatusIndicator");
++const CFStringRef kStatusIndicatorOwnerName = CFSTR("Window Server");
++
+ bool ToUtf8(const CFStringRef str16, std::string* str8) {
+   size_t maxlen = CFStringGetMaximumSizeForEncoding(CFStringGetLength(str16),
+                                                     kCFStringEncodingUTF8) +
+@@ -145,6 +150,17 @@ bool GetWindowList(rtc::FunctionView<bool(CFDictionaryRef)> on_window,
+       continue;
+     }
+ 
++    CFStringRef window_owner_name = reinterpret_cast<CFStringRef>(
++        CFDictionaryGetValue(window, kCGWindowOwnerName));
++    // Ignore the red dot status indicator shown in the stats bar. Unlike the
++    // rest of the system UI it has a window_layer of 0, so was otherwise
++    // included. See crbug.com/1297731.
++    if (window_title && CFEqual(window_title, kStatusIndicator) &&
++        window_owner_name &&
++        CFEqual(window_owner_name, kStatusIndicatorOwnerName)) {
++      continue;
++    }
++
+     if (!on_window(window)) {
+       break;
+     }

script/add-debug-link.py

@@ -1,4 +1,4 @@
-#!/usr/bin/env python
+#!/usr/bin/env python3
 from __future__ import print_function
 import argparse
 import os

script/apply_all_patches.py

@@ -1,4 +1,4 @@
-#!/usr/bin/env python
+#!/usr/bin/env python3
 
 import argparse
 import json

script/check-relative-doc-links.py

@@ -1,4 +1,4 @@
-#!/usr/bin/env python
+#!/usr/bin/env python3
 
 from __future__ import print_function
 import os
@@ -41,7 +41,7 @@ def getBrokenLinks(filepath):
   brokenLinks = []
 
   try:
-    f = open(filepath, 'r')
+    f = open(filepath, 'r', encoding="utf-8")
     lines = f.readlines()
   except KeyboardInterrupt:
     print('Keyboard interruption while parsing. Please try again.')
@@ -77,7 +77,7 @@ def getBrokenLinks(filepath):
       tempFile = os.path.join(currentDir, sections[0])
       if os.path.isfile(tempFile):
         try:
-          newFile = open(tempFile, 'r')
+          newFile = open(tempFile, 'r', encoding="utf-8")
           newLines = newFile.readlines()
         except KeyboardInterrupt:
           print('Keyboard interruption while parsing. Please try again.')

script/copy-debug-symbols.py

@@ -1,4 +1,4 @@
-#!/usr/bin/env python
+#!/usr/bin/env python3
 from __future__ import print_function
 import argparse
 import os

script/dbus_mock.py

@@ -1,4 +1,4 @@
-#!/usr/bin/env python
+#!/usr/bin/env python3
 
 import os
 import subprocess

script/export_all_patches.py

@@ -1,4 +1,4 @@
-#!/usr/bin/env python
+#!/usr/bin/env python3
 
 import argparse
 import json

script/generate-config-gypi.py

@@ -1,4 +1,4 @@
-#!/usr/bin/env python
+#!/usr/bin/env python3
 
 from __future__ import print_function
 import ast

script/generate-zip-manifest.py

@@ -1,4 +1,4 @@
-#!/usr/bin/env python
+#!/usr/bin/env python3
 
 import zipfile
 import sys

script/git-export-patches

@@ -1,4 +1,4 @@
-#!/usr/bin/env python
+#!/usr/bin/env python3
 
 import argparse
 import sys

script/git-import-patches

@@ -1,4 +1,4 @@
-#!/usr/bin/env python
+#!/usr/bin/env python3
 
 import argparse
 import sys

script/lib/azput.js

@@ -0,0 +1,43 @@
+/* eslint-disable camelcase */
+const { BlobServiceClient } = require('@azure/storage-blob');
+const fs = require('fs');
+const path = require('path');
+
+const blobServiceClient = BlobServiceClient.fromConnectionString(process.env.ELECTRON_ARTIFACTS_BLOB_STORAGE);
+
+const args = require('minimist')(process.argv.slice(2));
+
+let { prefix = '/', key_prefix = '', _: files } = args;
+if (prefix && !prefix.endsWith(path.sep)) prefix = path.resolve(prefix) + path.sep;
+
+function filenameToKey (file) {
+  file = path.resolve(file);
+  if (file.startsWith(prefix)) file = file.substr(prefix.length - 1);
+  return key_prefix + (path.sep === '\\' ? file.replace(/\\/g, '/') : file);
+}
+
+let anErrorOccurred = false;
+function next (done) {
+  const file = files.shift();
+  if (!file) return done();
+  const key = filenameToKey(file);
+
+  const [containerName, ...keyPath] = key.split('/');
+  const blobKey = keyPath.join('/');
+  console.log(`Uploading '${file}' to container '${containerName}' with key '${blobKey}'...`);
+
+  const containerClient = blobServiceClient.getContainerClient(containerName);
+  const blockBlobClient = containerClient.getBlockBlobClient(blobKey);
+  blockBlobClient.uploadFile(file)
+    .then((uploadBlobResponse) => {
+      console.log(`Upload block blob ${blobKey} successfully: https://artifacts.electronjs.org/${key}`, uploadBlobResponse.requestId);
+    })
+    .catch((err) => {
+      console.error(err);
+      anErrorOccurred = true;
+    })
+    .then(() => next(done));
+}
+next(() => {
+  process.exit(anErrorOccurred ? 1 : 0);
+});

script/lib/config.py

@@ -1,4 +1,4 @@
-#!/usr/bin/env python
+#!/usr/bin/env python3
 
 from __future__ import print_function
 import os
@@ -53,17 +53,6 @@ def get_env_var(name):
   return value
 
 
-def s3_config():
-  config = (get_env_var('S3_BUCKET'),
-            get_env_var('S3_ACCESS_KEY'),
-            get_env_var('S3_SECRET_KEY'))
-  message = ('Error: Please set the $ELECTRON_S3_BUCKET, '
-             '$ELECTRON_S3_ACCESS_KEY, and '
-             '$ELECTRON_S3_SECRET_KEY environment variables')
-  assert all(len(c) for c in config), message
-  return config
-
-
 def enable_verbose_mode():
   print('Running in verbose mode')
   global verbose_mode