test: add tests for electron fuses (#42148)

test: add tests for electron fuses (#42129)

* spec: add tests for electron fuses

* spec: fix tests for windows

* spec: handle weird crash codes on win32

* spec: disable fuse tests on arm64 windows

.circleci/config/base.yml

@@ -75,10 +75,6 @@ executors:
     resource_class: << parameters.size >>
 
   # Electron Runners
-  apple-silicon:
-    resource_class: electronjs/macos-arm64
-    machine: true
-
   linux-arm:
     resource_class: electronjs/aks-linux-arm-test
     docker:
@@ -353,10 +349,10 @@ step-setup-rbe-for-build: &step-setup-rbe-for-build
       mkdir third_party
       # Pull down credential helper and print status
       node -e "require('./src/utils/reclient.js').downloadAndPrepare({})"
-      HELPER=$(node -p "require('./src/utils/reclient.js').helperPath")
+      HELPER=$(node -p "require('./src/utils/reclient.js').helperPath({})")
       $HELPER login
       echo 'export RBE_service='`node -e "console.log(require('./src/utils/reclient.js').serviceAddress)"` >> $BASH_ENV
-      echo 'export RBE_experimental_credentials_helper='`node -e "console.log(require('./src/utils/reclient.js').helperPath)"` >> $BASH_ENV
+      echo 'export RBE_experimental_credentials_helper='`node -e "console.log(require('./src/utils/reclient.js').helperPath({}))"` >> $BASH_ENV
       echo 'export RBE_experimental_credentials_helper_args="print"' >> $BASH_ENV
 
 step-restore-brew-cache: &step-restore-brew-cache
@@ -1642,6 +1638,8 @@ commands:
             fi
       - store_test_results:
           path: src/junit
+      - store_artifacts:
+          path: src/electron/spec/artifacts
 
       - *step-verify-mksnapshot
       - *step-verify-chromedriver
@@ -2296,8 +2294,10 @@ jobs:
       - electron-tests:
           artifact-key: darwin-x64
 
-  darwin-testing-arm64-tests:
-    executor: apple-silicon
+  darwin-testing-arm64-tests:    
+    executor:
+      name: macos
+      size: macos.m1.medium.gen1
     environment:
       <<: *env-mac-large
       <<: *env-stack-dumping
@@ -2321,7 +2321,9 @@ jobs:
           artifact-key: mas-x64
 
   mas-testing-arm64-tests:
-    executor: apple-silicon
+    executor:
+      name: macos
+      size: macos.m1.medium.gen1
     environment:
       <<: *env-mac-large
       <<: *env-stack-dumping

.devcontainer/devcontainer.json

@@ -31,7 +31,8 @@
 			]
 		},
 		"vscode": {
-			"extensions": ["joeleinbinder.mojom-language",
+			"extensions": [
+				"joeleinbinder.mojom-language",
 				"rafaelmaiolla.diff",
 				"surajbarkale.ninja",
 				"ms-vscode.cpptools",

.devcontainer/docker-compose.yml

@@ -2,7 +2,7 @@ version: '3'
 
 services:
   buildtools:
-    image: ghcr.io/electron/devcontainer:3d8d44d0f15b05bef6149e448f9cc522111847e9
+    image: ghcr.io/electron/devcontainer:9a43c14f5c19be0359843299f79e736521373adc
 
     volumes:
       - ..:/workspaces/gclient/src/electron:cached

.devcontainer/on-create-command.sh

@@ -39,7 +39,6 @@ if [ ! -f $buildtools/configs/evm.testing.json ]; then
   write_config() {
     echo "
         {
-            \"goma\": \"$1\",
             \"root\": \"/workspaces/gclient\",
             \"remotes\": {
                 \"electron\": {
@@ -49,7 +48,7 @@ if [ ! -f $buildtools/configs/evm.testing.json ]; then
             \"gen\": {
                 \"args\": [
                     \"import(\\\"//electron/build/args/testing.gn\\\")\",
-                    \"import(\\\"/home/builduser/.electron_build_tools/third_party/goma.gn\\\")\"
+                    \"use_remoteexec = true\"
                 ],
                 \"out\": \"Testing\"
             },
@@ -57,26 +56,18 @@ if [ ! -f $buildtools/configs/evm.testing.json ]; then
                 \"CHROMIUM_BUILDTOOLS_PATH\": \"/workspaces/gclient/src/buildtools\",
                 \"GIT_CACHE_PATH\": \"/workspaces/gclient/.git-cache\"
             },
-            \"\$schema\": \"file:///home/builduser/.electron_build_tools/evm-config.schema.json\"
+            \"\$schema\": \"file:///home/builduser/.electron_build_tools/evm-config.schema.json\",
+            \"configValidationLevel\": \"strict\",
+            \"reclient\": \"$1\",
+            \"goma\": \"none\",
+            \"preserveXcode\": 5
         }
     " >$buildtools/configs/evm.testing.json
   }
 
-  # Start out as cache only
-  write_config cache-only
+  write_config remote_exec
 
-  e use testing
-
-  # Attempt to auth to the goma service via codespaces tokens
-  # if it works we can use the goma cluster
-  export NOTGOMA_CODESPACES_TOKEN=$GITHUB_TOKEN
-  if e d goma_auth login; then
-    echo "$GITHUB_USER has GOMA access - switching to cluster mode"
-    write_config cluster
-  fi
+  e use testing 
 else
   echo "build-tools testing config already exists"
-
-  # Re-auth with the goma cluster regardless.
-  NOTGOMA_CODESPACES_TOKEN=$GITHUB_TOKEN e d goma_auth login || true
 fi

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,7 @@
+contact_links:
+  - name: Discord Chat
+    url: https://discord.gg/APGC3k5yaH
+    about: Have questions? Try asking on our Discord - this issue tracker is for reporting bugs or feature requests only
+  - name: Open Collective
+    url: https://opencollective.com/electron
+    about: Help support Electron by contributing to our Open Collective

.github/workflows/branch-created.yml

@@ -1,6 +1,12 @@
 name: Branch Created
 
 on:
+  workflow_dispatch:
+    inputs:
+      branch-name:
+        description: Branch name (e.g. `29-x-y`)
+        required: true
+        type: string
   create:
 
 permissions: {}
@@ -8,7 +14,7 @@ permissions: {}
 jobs:
   release-branch-created:
     name: Release Branch Created
-    if: ${{ github.event.ref_type == 'branch' && endsWith(github.event.ref, '-x-y') && !startsWith(github.event.ref, 'roller') }}
+    if: ${{ github.event_name == 'workflow_dispatch' || (github.event.ref_type == 'branch' && endsWith(github.event.ref, '-x-y') && !startsWith(github.event.ref, 'roller')) }}
     permissions:
       contents: read
       pull-requests: write
@@ -18,10 +24,10 @@ jobs:
       - name: Determine Major Version
         id: check-major-version
         run: |
-          if [[ ${{ github.event.ref }} =~ ^([0-9]+)-x-y$ ]]; then
+          if [[ ${{ github.event.inputs.branch-name || github.event.ref }} =~ ^([0-9]+)-x-y$ ]]; then
             echo "MAJOR=${BASH_REMATCH[1]}" >> "$GITHUB_OUTPUT"
           else
-            echo "Not a release branch: ${{ github.event.ref }}"
+            echo "Not a release branch: ${{ github.event.inputs.branch-name || github.event.ref }}"
           fi
       - name: New Release Branch Tasks
         if: ${{ steps.check-major-version.outputs.MAJOR }}
@@ -67,7 +73,7 @@ jobs:
           org: electron
       - name: Generate Release Project Board Metadata
         if: ${{ steps.check-major-version.outputs.MAJOR }}
-        uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6.4.1
+        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
         id: generate-project-metadata
         with:
           script: |
@@ -86,14 +92,16 @@ jobs:
             }))
       - name: Create Release Project Board
         if: ${{ steps.check-major-version.outputs.MAJOR }}
-        uses: dsanders11/project-actions/copy-project@3a81985616963f32fae17d1d1b406c631f3201a1 # v1.1.0
+        uses: dsanders11/project-actions/copy-project@82e99438bd44a14ad18d92d036dbc25cbfb9a8c4 # v1.2.0
         id: create-release-board
         with:
           drafts: true
           project-number: 64
           # TODO - Set to public once GitHub fixes their GraphQL bug
           # public: true
-          link-to-repository: electron/electron
+          # TODO - Enable once GitHub doesn't require overly broad, read
+          #        and write permission for repo "Contents" to link
+          # link-to-repository: electron/electron
           template-view: ${{ steps.generate-project-metadata.outputs.template-view }}
           title: ${{ steps.generate-project-metadata.outputs.major }}-x-y
           token: ${{ steps.generate-token.outputs.token }}
@@ -104,12 +112,14 @@ jobs:
           GITHUB_TOKEN: ${{ steps.generate-token.outputs.token }}
       - name: Find Previous Release Project Board
         if: ${{ steps.check-major-version.outputs.MAJOR }}
-        uses: dsanders11/project-actions/find-project@3a81985616963f32fae17d1d1b406c631f3201a1 # v1.1.0
+        uses: dsanders11/project-actions/find-project@82e99438bd44a14ad18d92d036dbc25cbfb9a8c4 # v1.2.0
         id: find-prev-release-board
         with:
           title: ${{ steps.generate-project-metadata.outputs.prev-prev-major }}-x-y
+          token: ${{ steps.generate-token.outputs.token }}
       - name: Close Previous Release Project Board
         if: ${{ steps.check-major-version.outputs.MAJOR }}
-        uses: dsanders11/project-actions/close-project@3a81985616963f32fae17d1d1b406c631f3201a1 # v1.1.0
+        uses: dsanders11/project-actions/close-project@82e99438bd44a14ad18d92d036dbc25cbfb9a8c4 # v1.2.0
         with:
           project-number: ${{ steps.find-prev-release-board.outputs.number }}
+          token: ${{ steps.generate-token.outputs.token }}

.github/workflows/issue-commented.yml

@@ -14,7 +14,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Generate GitHub App token
-        uses: electron/github-app-auth-action@cc6751b3b5e4edc5b9a4ad0a021ac455653b6dc8 # v1.0.0
+        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
         id: generate-token
         with:
           creds: ${{ secrets.ISSUE_TRIAGE_GH_APP_CREDS }}

.github/workflows/issue-labeled.yml

@@ -14,13 +14,13 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Generate GitHub App token
-        uses: electron/github-app-auth-action@cc6751b3b5e4edc5b9a4ad0a021ac455653b6dc8 # v1.0.0
+        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
         id: generate-token
         with:
           creds: ${{ secrets.ISSUE_TRIAGE_GH_APP_CREDS }}
           org: electron
       - name: Set status
-        uses: dsanders11/project-actions/edit-item@a24415515fa60a22f71f9d9d00e36ca82660cde9 # v1.0.1
+        uses: dsanders11/project-actions/edit-item@82e99438bd44a14ad18d92d036dbc25cbfb9a8c4 # v1.2.0
         with:
           token: ${{ steps.generate-token.outputs.token }}
           project-number: 90
@@ -46,7 +46,7 @@ jobs:
           fi
       - name: Generate GitHub App token
         if: ${{ steps.check-for-comment.outputs.SHOULD_COMMENT }}
-        uses: electron/github-app-auth-action@cc6751b3b5e4edc5b9a4ad0a021ac455653b6dc8 # v1.0.0
+        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
         id: generate-token
         with:
           creds: ${{ secrets.ISSUE_TRIAGE_GH_APP_CREDS }}

.github/workflows/issue-opened.yml

@@ -19,7 +19,7 @@ jobs:
           creds: ${{ secrets.ISSUE_TRIAGE_GH_APP_CREDS }}
           org: electron
       - name: Add to Issue Triage
-        uses: dsanders11/project-actions/add-item@a24415515fa60a22f71f9d9d00e36ca82660cde9 # v1.0.1
+        uses: dsanders11/project-actions/add-item@82e99438bd44a14ad18d92d036dbc25cbfb9a8c4 # v1.2.0
         with:
           field: Reporter
           field-value: ${{ github.event.issue.user.login }}

.github/workflows/issue-unlabeled.yml

@@ -23,14 +23,14 @@ jobs:
           fi
       - name: Generate GitHub App token
         if: ${{ steps.check-for-blocked-labels.outputs.NOT_BLOCKED }}
-        uses: electron/github-app-auth-action@cc6751b3b5e4edc5b9a4ad0a021ac455653b6dc8 # v1.0.0
+        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
         id: generate-token
         with:
           creds: ${{ secrets.ISSUE_TRIAGE_GH_APP_CREDS }}
           org: electron
       - name: Set status
         if: ${{ steps.check-for-blocked-labels.outputs.NOT_BLOCKED }}
-        uses: dsanders11/project-actions/edit-item@a24415515fa60a22f71f9d9d00e36ca82660cde9 # v1.0.1
+        uses: dsanders11/project-actions/edit-item@82e99438bd44a14ad18d92d036dbc25cbfb9a8c4 # v1.2.0
         with:
           token: ${{ steps.generate-token.outputs.token }}
           project-number: 90

.github/workflows/pull-request-labeled.yml

@@ -13,7 +13,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Trigger Slack workflow
-        uses: slackapi/slack-github-action@e28cf165c92ffef168d23c5c9000cffc8a25e117 # v1.24.0
+        uses: slackapi/slack-github-action@6c661ce58804a1a20f6dc5fbee7f0381b469e001 # v1.25.0
         with:
           payload: |
             {
@@ -27,13 +27,13 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Generate GitHub App token
-        uses: electron/github-app-auth-action@cc6751b3b5e4edc5b9a4ad0a021ac455653b6dc8 # v1.0.0
+        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
         id: generate-token
         with:
           creds: ${{ secrets.RELEASE_BOARD_GH_APP_CREDS }}
           org: electron
       - name: Set status
-        uses: dsanders11/project-actions/edit-item@a24415515fa60a22f71f9d9d00e36ca82660cde9 # v1.0.1
+        uses: dsanders11/project-actions/edit-item@82e99438bd44a14ad18d92d036dbc25cbfb9a8c4 # v1.2.0
         with:
           token: ${{ steps.generate-token.outputs.token }}
           project-number: 94

.github/workflows/scorecards.yml

@@ -22,12 +22,13 @@ jobs:
 
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # tag=v3.1.0
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
         with:
           persist-credentials: false
 
+      # This is a pre-submit / pre-release.
       - name: "Run analysis"
-        uses: ossf/scorecard-action@e38b1902ae4f44df626f11ba0734b14fb91f8f86 # tag=v2.1.2
+        uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1
         with:
           results_file: results.sarif
           results_format: sarif
@@ -41,7 +42,7 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # tag=v3.1.2
+        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
         with:
           name: SARIF file
           path: results.sarif
@@ -49,6 +50,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@959cbb7472c4d4ad70cdfe6f4976053fe48ab394 # tag=v2.1.27
+        uses: github/codeql-action/upload-sarif@e8893c57a1f3a2b659b6b55564fdfdbbd2982911 # v3.24.0
         with:
           sarif_file: results.sarif

.github/workflows/semantic.yml

@@ -19,7 +19,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: semantic-pull-request
-        uses: amannn/action-semantic-pull-request@01d5fd8a8ebb9aafe902c40c53f0f4744f7381eb # tag: v5
+        uses: amannn/action-semantic-pull-request@e9fabac35e210fea40ca5b14c0da95a099eff26f # v5.4.0
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:

.github/workflows/stable-prep-items.yml

@@ -27,7 +27,7 @@ jobs:
           PROJECT_NUMBER=$(gh project list --owner electron --format json | jq -r '.projects | map(select(.title | test("^[0-9]+-x-y$"))) | max_by(.number) | .number')
           echo "PROJECT_NUMBER=$PROJECT_NUMBER" >> "$GITHUB_OUTPUT"
       - name: Update Completed Stable Prep Items
-        uses: dsanders11/project-actions/completed-by@a24415515fa60a22f71f9d9d00e36ca82660cde9 # v1.0.1
+        uses: dsanders11/project-actions/completed-by@82e99438bd44a14ad18d92d036dbc25cbfb9a8c4 # v1.2.0
         with:
           field: Prep Status
           field-value: ✅ Complete

.github/workflows/stale.yml

@@ -12,11 +12,11 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Generate GitHub App token
-        uses: electron/github-app-auth-action@cc6751b3b5e4edc5b9a4ad0a021ac455653b6dc8 # v1.0.0
+        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
         id: generate-token
         with:
           creds: ${{ secrets.ISSUE_TRIAGE_GH_APP_CREDS }}
-      - uses: actions/stale@5ebf00ea0e4c1561e9b43a292ed34424fb1d4578 # tag: v6.0.1
+      - uses: actions/stale@28ca1036281a5e5922ead5184a1bbf96e5fc984e # tag: v9.0.0
         with:
           repo-token: ${{ steps.generate-token.outputs.token }}
           days-before-stale: 90
@@ -27,7 +27,7 @@ jobs:
             This issue has been automatically marked as stale. **If this issue is still affecting you, please leave any comment** (for example, "bump"), and we'll keep it open. If you have any new additional information—in particular, if this is still reproducible in the [latest version of Electron](https://www.electronjs.org/releases/stable) or in the [beta](https://www.electronjs.org/releases/beta)—please include it with your comment!
           close-issue-message: >
             This issue has been closed due to inactivity, and will not be monitored.  If this is a bug and you can reproduce this issue on a [supported version of Electron](https://www.electronjs.org/docs/latest/tutorial/electron-timelines#timeline) please open a new issue and include instructions for reproducing the issue.
-          exempt-issue-labels: "discussion,security \U0001F512,enhancement :sparkles:,status/confirmed"
+          exempt-issue-labels: "discussion,security \U0001F512,enhancement :sparkles:,status/confirmed,stale-exempt"
           only-pr-labels: not-a-real-label
   pending-repro:
     runs-on: ubuntu-latest
@@ -35,11 +35,11 @@ jobs:
     needs: stale
     steps:
       - name: Generate GitHub App token
-        uses: electron/github-app-auth-action@cc6751b3b5e4edc5b9a4ad0a021ac455653b6dc8 # v1.0.0
+        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
         id: generate-token
         with:
           creds: ${{ secrets.ISSUE_TRIAGE_GH_APP_CREDS }}
-      - uses: actions/stale@5ebf00ea0e4c1561e9b43a292ed34424fb1d4578 # tag: v6.0.1
+      - uses: actions/stale@28ca1036281a5e5922ead5184a1bbf96e5fc984e # tag: v9.0.0
         with:
           repo-token: ${{ steps.generate-token.outputs.token }}
           days-before-stale: -1

.github/workflows/update_appveyor_image.yml

@@ -19,7 +19,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: Checkout
-      uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
+      uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
       with:
         fetch-depth: 0
     - name: Yarn install
@@ -38,7 +38,7 @@ jobs:
         fi
     - name: (Optionally) Update Appveyor Image
       if: ${{ env.APPVEYOR_IMAGE_VERSION }}
-      uses: mikefarah/yq@1c7dc0e88aad311c89889bc5ce5d8f96931a1bd0 # v4.27.2
+      uses: mikefarah/yq@bb66c9c872a7a4cf3d6846c2ff6d182c66ec3f77 # v4.40.7
       with:
         cmd: |
           yq '.image = "${{ env.APPVEYOR_IMAGE_VERSION }}"' "appveyor.yml" > "appveyor2.yml"
@@ -57,7 +57,7 @@ jobs:
         rm appveyor-woa2.yml appveyor-woa.diff
     - name: (Optionally) Commit and Pull Request
       if: ${{ env.APPVEYOR_IMAGE_VERSION }}
-      uses: peter-evans/create-pull-request@2b011faafdcbc9ceb11414d64d0573f37c774b04 # v4.2.3
+      uses: peter-evans/create-pull-request@b1ddad2c994a25fbc81a28b3ec0e368bb2021c50 # v6.0.0
       with:
         token: ${{ secrets.GITHUB_TOKEN }}
         commit-message: 'build: update appveyor image to latest version'

.markdownlint.json

@@ -1,3 +1,17 @@
 {
-  "extends": "@electron/lint-roller/configs/markdownlint.json"
+  "extends": "@electron/lint-roller/configs/markdownlint.json",
+  "no-angle-brackets": true,
+  "no-inline-html": {
+    "allowed_elements": [
+      "br",
+      "details",
+      "img",
+      "li",
+      "summary",
+      "ul",
+      "unknown",
+      "Tabs",
+      "TabItem",
+    ]
+  }
 }

BUILD.gn

@@ -9,7 +9,7 @@ import("//pdf/features.gni")
 import("//ppapi/buildflags/buildflags.gni")
 import("//printing/buildflags/buildflags.gni")
 import("//testing/test.gni")
-import("//third_party/electron_node/node.gni")
+import("//third_party/electron_node/electron_node.gni")
 import("//third_party/ffmpeg/ffmpeg_options.gni")
 import("//tools/generate_library_loader/generate_library_loader.gni")
 import("//tools/grit/grit_rule.gni")
@@ -81,18 +81,11 @@ if (is_linux) {
     ]
   }
 
-  # Generates electron_gtk_stubs.h header which contains
-  # stubs for extracting function ptrs from the gtk library.
-  # Function signatures for which stubs are required should be
-  # declared in electron_gtk.sigs, currently this file contains
-  # signatures for the functions used with native file chooser
-  # implementation. In future, this file can be extended to contain
-  # gtk4 stubs to switch gtk version in runtime.
+  # Generates headers which contain stubs for extracting function ptrs
+  # from the gtk library. Function signatures for which stubs are
+  # required should be declared in the sig files.
   generate_stubs("electron_gtk_stubs") {
-    sigs = [
-      "shell/browser/ui/electron_gdk_pixbuf.sigs",
-      "shell/browser/ui/electron_gtk.sigs",
-    ]
+    sigs = [ "shell/browser/ui/electron_gdk_pixbuf.sigs" ]
     extra_header = "shell/browser/ui/electron_gtk.fragment"
     output_name = "electron_gtk_stubs"
     public_deps = [ "//ui/gtk:gtk_config" ]
@@ -166,15 +159,6 @@ npm_action("build_electron_definitions") {
   outputs = [ "$target_gen_dir/tsc/typings/electron.d.ts" ]
 }
 
-webpack_build("electron_asar_bundle") {
-  deps = [ ":build_electron_definitions" ]
-
-  inputs = auto_filenames.asar_bundle_deps
-
-  config_file = "//electron/build/webpack/webpack.config.asar.js"
-  out_file = "$target_gen_dir/js2c/asar_bundle.js"
-}
-
 webpack_build("electron_browser_bundle") {
   deps = [ ":build_electron_definitions" ]
 
@@ -220,6 +204,15 @@ webpack_build("electron_isolated_renderer_bundle") {
   out_file = "$target_gen_dir/js2c/isolated_bundle.js"
 }
 
+webpack_build("electron_node_bundle") {
+  deps = [ ":build_electron_definitions" ]
+
+  inputs = auto_filenames.node_bundle_deps
+
+  config_file = "//electron/build/webpack/webpack.config.node.js"
+  out_file = "$target_gen_dir/js2c/node_init.js"
+}
+
 webpack_build("electron_utility_bundle") {
   deps = [ ":build_electron_definitions" ]
 
@@ -231,9 +224,9 @@ webpack_build("electron_utility_bundle") {
 
 action("electron_js2c") {
   deps = [
-    ":electron_asar_bundle",
     ":electron_browser_bundle",
     ":electron_isolated_renderer_bundle",
+    ":electron_node_bundle",
     ":electron_renderer_bundle",
     ":electron_sandboxed_renderer_bundle",
     ":electron_utility_bundle",
@@ -242,9 +235,9 @@ action("electron_js2c") {
   ]
 
   sources = [
-    "$target_gen_dir/js2c/asar_bundle.js",
     "$target_gen_dir/js2c/browser_init.js",
     "$target_gen_dir/js2c/isolated_bundle.js",
+    "$target_gen_dir/js2c/node_init.js",
     "$target_gen_dir/js2c/renderer_init.js",
     "$target_gen_dir/js2c/sandbox_bundle.js",
     "$target_gen_dir/js2c/utility_init.js",
@@ -414,8 +407,10 @@ action("electron_generate_node_defines") {
 }
 
 source_set("electron_lib") {
-  configs += [ "//v8:external_startup_data" ]
-  configs += [ "//third_party/electron_node:node_internals" ]
+  configs += [
+    "//v8:external_startup_data",
+    "//third_party/electron_node:node_internals",
+  ]
 
   public_configs = [
     ":branding",
@@ -473,6 +468,7 @@ source_set("electron_lib") {
     "//net:extras",
     "//net:net_resources",
     "//printing/buildflags",
+    "//services/device/public/cpp/bluetooth:bluetooth",
     "//services/device/public/cpp/geolocation",
     "//services/device/public/cpp/hid",
     "//services/device/public/mojom",
@@ -660,6 +656,7 @@ source_set("electron_lib") {
   }
   if (is_win) {
     libs += [ "dwmapi.lib" ]
+    sources += [ "shell/common/asar/archive_win.cc" ]
     deps += [
       "//components/crash/core/app:crash_export_thunks",
       "//ui/native_theme:native_theme_browser",
@@ -697,6 +694,8 @@ source_set("electron_lib") {
     sources += [
       "shell/browser/printing/print_view_manager_electron.cc",
       "shell/browser/printing/print_view_manager_electron.h",
+      "shell/browser/printing/printing_utils.cc",
+      "shell/browser/printing/printing_utils.h",
       "shell/renderer/printing/print_render_frame_helper_delegate.cc",
       "shell/renderer/printing/print_render_frame_helper_delegate.h",
     ]
@@ -741,7 +740,7 @@ source_set("electron_lib") {
       "//chrome/browser/resources/pdf:resources",
       "//components/pdf/browser",
       "//components/pdf/browser:interceptors",
-      "//components/pdf/common",
+      "//components/pdf/common:constants",
       "//components/pdf/renderer",
       "//pdf",
     ]
@@ -1461,8 +1460,10 @@ dist_zip("hunspell_dictionaries_zip") {
 }
 
 copy("libcxx_headers") {
-  sources = libcxx_headers + libcxx_licenses +
-            [ "//buildtools/third_party/libc++/__config_site" ]
+  sources = libcxx_headers + libcxx_licenses + [
+              "//buildtools/third_party/libc++/__assertion_handler",
+              "//buildtools/third_party/libc++/__config_site",
+            ]
   outputs = [ "$target_gen_dir/electron_libcxx_include/{{source_root_relative_dir}}/{{source_file_part}}" ]
 }
 

DEPS

@@ -2,9 +2,9 @@ gclient_gn_args_from = 'src'
 
 vars = {
   'chromium_version':
-    '122.0.6236.2',
+    '124.0.6367.201',
   'node_version':
-    'v20.9.0',
+    'v20.11.1',
   'nan_version':
     'e14bdcd1f72d62bca1d541b66da43130384ec213',
   'squirrel.mac_version':

README.md

@@ -112,4 +112,4 @@ and more can be found on the [Community page](https://www.electronjs.org/communi
 
 [MIT](https://github.com/electron/electron/blob/main/LICENSE)
 
-When using Electron logos, make sure to follow [OpenJS Foundation Trademark Policy](https://openjsf.org/wp-content/uploads/sites/84/2021/01/OpenJS-Foundation-Trademark-Policy-2021-01-12.docx.pdf).
+When using Electron logos, make sure to follow [OpenJS Foundation Trademark Policy](https://trademark-policy.openjsf.org/).

appveyor-woa.yml

@@ -29,7 +29,7 @@
 
 version: 1.0.{build}
 build_cloud: electronhq-16-core
-image: e-121.0.6116.0
+image: e-123.0.6312.5
 environment:
   GIT_CACHE_PATH: C:\Users\appveyor\libcc_cache
   ELECTRON_OUT_DIR: Default
@@ -39,7 +39,7 @@ environment:
   MOCHA_MULTI_REPORTERS: "@marshallofsound/mocha-appveyor-reporter, tap"
   DEPOT_TOOLS_WIN_TOOLCHAIN: 1
   DEPOT_TOOLS_WIN_TOOLCHAIN_BASE_URL: "https://dev-cdn.electronjs.org/windows-toolchains/_"
-  GYP_MSVS_HASH_27370823e7: 28622d16b1
+  GYP_MSVS_HASH_7393122652: 3ba76c5c20
   PYTHONIOENCODING: UTF-8
 
   matrix:
@@ -106,7 +106,7 @@ for:
       - mkdir third_party
       - ps: >-
           node -e "require('./src/utils/reclient.js').downloadAndPrepare({})"
-      - ps: $env:RECLIENT_HELPER = node -p "require('./src/utils/reclient.js').helperPath"
+      - ps: $env:RECLIENT_HELPER = node -p "require('./src/utils/reclient.js').helperPath({})"
       - ps: >-
           & $env:RECLIENT_HELPER login
       - ps: >-
@@ -177,7 +177,12 @@ for:
             # built on CI.
             7z a pdb.zip out\Default\*.pdb
           }
-      - python3 electron/script/zip_manifests/check-zip-manifest.py out/Default/dist.zip electron/script/zip_manifests/dist_zip.win.%TARGET_ARCH%.manifest
+      - ps: |
+          $manifest_file = "electron/script/zip_manifests/dist_zip.win.$env:TARGET_ARCH.manifest"
+          python3 electron/script/zip_manifests/check-zip-manifest.py out/Default/dist.zip $manifest_file
+          if ($LASTEXITCODE -ne 0) {
+            throw "Zip contains files not listed in the manifest $manifest_file"
+          }
       - ps: |
           cd C:\projects\src
           $missing_artifacts = $false

appveyor.yml

@@ -29,7 +29,7 @@
 
 version: 1.0.{build}
 build_cloud: electronhq-16-core
-image: e-121.0.6116.0
+image: e-123.0.6312.5
 environment:
   GIT_CACHE_PATH: C:\Users\appveyor\libcc_cache
   ELECTRON_OUT_DIR: Default
@@ -39,7 +39,7 @@ environment:
   MOCHA_MULTI_REPORTERS: "@marshallofsound/mocha-appveyor-reporter, tap"
   DEPOT_TOOLS_WIN_TOOLCHAIN: 1
   DEPOT_TOOLS_WIN_TOOLCHAIN_BASE_URL: "https://dev-cdn.electronjs.org/windows-toolchains/_"
-  GYP_MSVS_HASH_27370823e7: 28622d16b1
+  GYP_MSVS_HASH_7393122652: 3ba76c5c20
   PYTHONIOENCODING: UTF-8
 
   matrix:
@@ -104,7 +104,7 @@ for:
       - mkdir third_party
       - ps: >-
           node -e "require('./src/utils/reclient.js').downloadAndPrepare({})"
-      - ps: $env:RECLIENT_HELPER = node -p "require('./src/utils/reclient.js').helperPath"
+      - ps: $env:RECLIENT_HELPER = node -p "require('./src/utils/reclient.js').helperPath({})"
       - ps: >-
           & $env:RECLIENT_HELPER login
       - ps: >-
@@ -174,7 +174,12 @@ for:
             # built on CI.
             7z a pdb.zip out\Default\*.pdb
           }
-      - python3 electron/script/zip_manifests/check-zip-manifest.py out/Default/dist.zip electron/script/zip_manifests/dist_zip.win.%TARGET_ARCH%.manifest
+      - ps: |
+          $manifest_file = "electron/script/zip_manifests/dist_zip.win.$env:TARGET_ARCH.manifest"
+          python3 electron/script/zip_manifests/check-zip-manifest.py out/Default/dist.zip $manifest_file
+          if ($LASTEXITCODE -ne 0) {
+            throw "Zip contains files not listed in the manifest $manifest_file"
+          }
       - ps: |
           cd C:\projects\src
           $missing_artifacts = $false

build/args/all.gn

@@ -2,7 +2,7 @@ is_electron_build = true
 root_extra_deps = [ "//electron" ]
 
 # Registry of NMVs --> https://github.com/nodejs/node/blob/main/doc/abi_version_registry.json
-node_module_version = 121
+node_module_version = 123
 
 v8_promise_internal_field_count = 1
 v8_embedder_string = "-electron.0"
@@ -24,6 +24,10 @@ enable_printing = true
 angle_enable_vulkan_validation_layers = false
 dawn_enable_vulkan_validation_layers = false
 
+# Removes dxc dll's that are only used experimentally.
+# See https://bugs.chromium.org/p/chromium/issues/detail?id=1474897
+dawn_use_built_dxc = false
+
 # These are disabled because they cause the zip manifest to differ between
 # testing and release builds.
 # See https://chromium-review.googlesource.com/c/chromium/src/+/2774898.

build/webpack/webpack.config.asar.js

@@ -1,5 +0,0 @@
-module.exports = require('./webpack.config.base')({
-  target: 'asar',
-  alwaysHasNode: true,
-  targetDeletesNodeGlobals: true
-});

build/webpack/webpack.config.node.js

@@ -0,0 +1,4 @@
+module.exports = require('./webpack.config.base')({
+  target: 'node',
+  alwaysHasNode: true
+});

buildflags/BUILD.gn

@@ -14,4 +14,15 @@ buildflag_header("buildflags") {
     "ENABLE_BUILTIN_SPELLCHECKER=$enable_builtin_spellchecker",
     "OVERRIDE_LOCATION_PROVIDER=$enable_fake_location_provider",
   ]
+
+  if (electron_vendor_version != "") {
+    result = string_split(electron_vendor_version, ":")
+    flags += [
+      "HAS_VENDOR_VERSION=true",
+      "VENDOR_VERSION_NAME=\"${result[0]}\"",
+      "VENDOR_VERSION_VALUE=\"${result[1]}\"",
+    ]
+  } else {
+    flags += [ "HAS_VENDOR_VERSION=false" ]
+  }
 }

buildflags/buildflags.gni

@@ -21,4 +21,10 @@ declare_args() {
   # Packagers and vendor builders should set this in gn args to avoid running
   # the script that reads git tag.
   override_electron_version = ""
+
+  # Define an extra item that will show in process.versions, the value must
+  # be in the format of "key:value".
+  # Packagers and vendor builders can set this in gn args to attach extra info
+  # about the build in the binary.
+  electron_vendor_version = ""
 }

chromium_src/BUILD.gn

@@ -14,8 +14,6 @@ import("//third_party/widevine/cdm/widevine.gni")
 static_library("chrome") {
   visibility = [ "//electron:electron_lib" ]
   sources = [
-    "//chrome/browser/accessibility/accessibility_ui.cc",
-    "//chrome/browser/accessibility/accessibility_ui.h",
     "//chrome/browser/app_mode/app_mode_utils.cc",
     "//chrome/browser/app_mode/app_mode_utils.h",
     "//chrome/browser/browser_features.cc",
@@ -35,6 +33,8 @@ static_library("chrome") {
     "//chrome/browser/devtools/visual_logging.h",
     "//chrome/browser/extensions/global_shortcut_listener.cc",
     "//chrome/browser/extensions/global_shortcut_listener.h",
+    "//chrome/browser/file_system_access/file_system_access_features.cc",
+    "//chrome/browser/file_system_access/file_system_access_features.h",
     "//chrome/browser/icon_loader.cc",
     "//chrome/browser/icon_loader.h",
     "//chrome/browser/icon_manager.cc",
@@ -100,8 +100,8 @@ static_library("chrome") {
     "//chrome/browser/ui/exclusive_access/fullscreen_within_tab_helper.h",
     "//chrome/browser/ui/exclusive_access/keyboard_lock_controller.cc",
     "//chrome/browser/ui/exclusive_access/keyboard_lock_controller.h",
-    "//chrome/browser/ui/exclusive_access/mouse_lock_controller.cc",
-    "//chrome/browser/ui/exclusive_access/mouse_lock_controller.h",
+    "//chrome/browser/ui/exclusive_access/pointer_lock_controller.cc",
+    "//chrome/browser/ui/exclusive_access/pointer_lock_controller.h",
     "//chrome/browser/ui/frame/window_frame_util.cc",
     "//chrome/browser/ui/frame/window_frame_util.h",
     "//chrome/browser/ui/ui_features.cc",
@@ -130,6 +130,8 @@ static_library("chrome") {
     "//chrome/browser/ui/views/overlay/toggle_microphone_button.h",
     "//chrome/browser/ui/views/overlay/video_overlay_window_views.cc",
     "//chrome/browser/ui/views/overlay/video_overlay_window_views.h",
+    "//chrome/browser/ui/webui/accessibility/accessibility_ui.cc",
+    "//chrome/browser/ui/webui/accessibility/accessibility_ui.h",
     "//extensions/browser/app_window/size_constraints.cc",
     "//extensions/browser/app_window/size_constraints.h",
     "//ui/views/native_window_tracker.h",
@@ -242,6 +244,8 @@ static_library("chrome") {
       "//chrome/browser/media/webrtc/system_media_capture_permissions_mac.mm",
       "//chrome/browser/media/webrtc/system_media_capture_permissions_stats_mac.h",
       "//chrome/browser/media/webrtc/system_media_capture_permissions_stats_mac.mm",
+      "//chrome/browser/media/webrtc/thumbnail_capturer_mac.h",
+      "//chrome/browser/media/webrtc/thumbnail_capturer_mac.mm",
       "//chrome/browser/media/webrtc/window_icon_util_mac.mm",
       "//chrome/browser/platform_util_mac.mm",
       "//chrome/browser/process_singleton_mac.mm",

docs/api/accelerator.md

@@ -4,7 +4,7 @@
 
 Accelerators are strings that can contain multiple modifiers and a single key code,
 combined by the `+` character, and are used to define keyboard shortcuts
-throughout your application.
+throughout your application. Accelerators are case insensitive.
 
 Examples:
 

docs/api/app.md

@@ -32,7 +32,7 @@ In most cases, you should do everything in the `ready` event handler.
 Returns:
 
 * `event` Event
-* `launchInfo` Record<string, any> | [NotificationResponse](structures/notification-response.md) _macOS_
+* `launchInfo` Record\<string, any\> | [NotificationResponse](structures/notification-response.md) _macOS_
 
 Emitted once, when Electron has finished initializing. On macOS, `launchInfo`
 holds the `userInfo` of the [`NSUserNotification`](https://developer.apple.com/documentation/foundation/nsusernotification)
@@ -41,6 +41,10 @@ that was used to open the application, if it was launched from Notification Cent
 You can also call `app.isReady()` to check if this event has already fired and `app.whenReady()`
 to get a Promise that is fulfilled when Electron is initialized.
 
+**Note**: The `ready` event is only fired after the main process has finished running the first
+tick of the event loop. If an Electron API needs to be called before the `ready` event, ensure
+that it is called synchronously in the top-level context of the main process.
+
 ### Event: 'window-all-closed'
 
 Emitted when all windows have been closed.
@@ -970,7 +974,7 @@ app.setJumpList([
 
 ### `app.requestSingleInstanceLock([additionalData])`
 
-* `additionalData` Record<any, any> (optional) - A JSON object containing additional data to send to the first instance.
+* `additionalData` Record\<any, any\> (optional) - A JSON object containing additional data to send to the first instance.
 
 Returns `boolean`
 
@@ -1468,6 +1472,24 @@ details.
 
 **Note:** Enable `Secure Keyboard Entry` only when it is needed and disable it when it is no longer needed.
 
+### `app.setProxy(config)`
+
+* `config` [ProxyConfig](structures/proxy-config.md)
+
+Returns `Promise<void>` - Resolves when the proxy setting process is complete.
+
+Sets the proxy settings for networks requests made without an associated [Session](session.md).
+Currently this will affect requests made with [Net](net.md) in the [utility process](../glossary.md#utility-process)
+and internal requests made by the runtime (ex: geolocation queries).
+
+This method can only be called after app is ready.
+
+#### `app.resolveProxy(url)`
+
+* `url` URL
+
+Returns `Promise<string>` - Resolves with the proxy information for `url` that will be used when attempting to make requests using [Net](net.md) in the [utility process](../glossary.md#utility-process).
+
 ## Properties
 
 ### `app.accessibilitySupportEnabled` _macOS_ _Windows_

docs/api/auto-updater.md

@@ -103,7 +103,7 @@ The `autoUpdater` object has the following methods:
 
 * `options` Object
   * `url` string
-  * `headers` Record<string, string> (optional) _macOS_ - HTTP request headers.
+  * `headers` Record\<string, string\> (optional) _macOS_ - HTTP request headers.
   * `serverType` string (optional) _macOS_ - Can be `json` or `default`, see the [Squirrel.Mac][squirrel-mac]
     README for more information.
 

docs/api/base-window.md

@@ -345,6 +345,10 @@ A `Integer` property representing the unique ID of the window. Each ID is unique
 
 A `View` property for the content view of the window.
 
+#### `win.tabbingIdentifier` _macOS_ _Readonly_
+
+A `string` (optional) property that is equal to the `tabbingIdentifier` passed to the `BrowserWindow` constructor or `undefined` if none was set.
+
 #### `win.autoHideMenuBar`
 
 A `boolean` property that determines whether the window menu bar should hide itself automatically. Once set, the menu bar will only show when users press the single `Alt` key.
@@ -519,7 +523,7 @@ Hides the window.
 
 #### `win.isVisible()`
 
-Returns `boolean` - Whether the window is visible to the user.
+Returns `boolean` - Whether the window is visible to the user in the foreground of the app.
 
 #### `win.isModal()`
 
@@ -557,6 +561,8 @@ Returns `boolean` - Whether the window is minimized.
 
 Sets whether the window should be in fullscreen mode.
 
+**Note:** On macOS, fullscreen transitions take place asynchronously. If further actions depend on the fullscreen state, use the ['enter-full-screen'](base-window.md#event-enter-full-screen) or ['leave-full-screen'](base-window.md#event-leave-full-screen) events.
+
 #### `win.isFullScreen()`
 
 Returns `boolean` - Whether the window is in fullscreen mode.
@@ -594,7 +600,7 @@ Perhaps there are 15 pixels of controls on the left edge, 25 pixels of controls
 on the right edge and 50 pixels of controls below the player. In order to
 maintain a 16:9 aspect ratio (standard aspect ratio for HD @1920x1080) within
 the player itself we would call this function with arguments of 16/9 and
-{ width: 40, height: 50 }. The second argument doesn't care where the extra width and height
+\{ width: 40, height: 50 \}. The second argument doesn't care where the extra width and height
 are within the content view--only that they exist. Sum any extra width and
 height areas you have within the overall content view.
 
@@ -650,7 +656,7 @@ Closes the currently open [Quick Look][quick-look] panel.
 
 #### `win.setBounds(bounds[, animate])`
 
-* `bounds` Partial<[Rectangle](structures/rectangle.md)>
+* `bounds` Partial\<[Rectangle](structures/rectangle.md)\>
 * `animate` boolean (optional) _macOS_
 
 Resizes and moves the window to the supplied bounds. Any properties that are not supplied will default to their current values.
@@ -669,10 +675,14 @@ win.setBounds({ width: 100 })
 console.log(win.getBounds())
 ```
 
+**Note:** On macOS, the y-coordinate value cannot be smaller than the [Tray](tray.md) height. The tray height has changed over time and depends on the operating system, but is between 20-40px. Passing a value lower than the tray height will result in a window that is flush to the tray.
+
 #### `win.getBounds()`
 
 Returns [`Rectangle`](structures/rectangle.md) - The `bounds` of the window as `Object`.
 
+**Note:** On macOS, the y-coordinate value returned will be at minimum the [Tray](tray.md) height. For example, calling `win.setBounds({ x: 25, y: 20, width: 800, height: 600 })` with a tray height of 38 means that `win.getBounds()` will return `{ x: 25, y: 38, width: 800, height: 600 }`.
+
 #### `win.getBackgroundColor()`
 
 Returns `string` - Gets the background color of the window in Hex (`#RRGGBB`) format.
@@ -903,8 +913,8 @@ window.
 * `offsetX` Float (optional)
 
 Changes the attachment point for sheets on macOS. By default, sheets are
-attached just below the window frame, but you may want to offset them. For
-example:
+attached just below the window frame, but you may want to display them beneath
+a HTML-rendered toolbar. For example:
 
 ```js
 const { BaseWindow } = require('electron')
@@ -1289,6 +1299,10 @@ tabs in the window.
 Selects the next tab when native tabs are enabled and there are other
 tabs in the window.
 
+#### `win.showAllTabs()` _macOS_
+
+Shows or hides the tab overview when native tabs are enabled.
+
 #### `win.mergeAllWindows()` _macOS_
 
 Merges all windows into one window with multiple tabs when native tabs
@@ -1312,15 +1326,26 @@ Adds a window as a tab on this window, after the tab for the window instance.
 
 #### `win.setVibrancy(type)` _macOS_
 
-* `type` string | null - Can be `appearance-based`, `light`, `dark`, `titlebar`,
-  `selection`, `menu`, `popover`, `sidebar`, `medium-light`, `ultra-dark`, `header`, `sheet`, `window`, `hud`, `fullscreen-ui`, `tooltip`, `content`, `under-window`, or `under-page`. See
+* `type` string | null - Can be `titlebar`, `selection`, `menu`, `popover`, `sidebar`, `header`, `sheet`, `window`, `hud`, `fullscreen-ui`, `tooltip`, `content`, `under-window`, or `under-page`. See
   the [macOS documentation][vibrancy-docs] for more details.
 
 Adds a vibrancy effect to the window. Passing `null` or an empty string
 will remove the vibrancy effect on the window.
 
-Note that `appearance-based`, `light`, `dark`, `medium-light`, and `ultra-dark` have been
-deprecated and will be removed in an upcoming version of macOS.
+#### `win.setBackgroundMaterial(material)` _Windows_
+
+* `material` string
+  * `auto` - Let the Desktop Window Manager (DWM) automatically decide the system-drawn backdrop material for this window. This is the default.
+  * `none` - Don't draw any system backdrop.
+  * `mica` - Draw the backdrop material effect corresponding to a long-lived window.
+  * `acrylic` - Draw the backdrop material effect corresponding to a transient window.
+  * `tabbed` - Draw the backdrop material effect corresponding to a window with a tabbed title bar.
+
+This method sets the browser window's system-drawn background material, including behind the non-client area.
+
+See the [Windows documentation](https://learn.microsoft.com/en-us/windows/win32/api/dwmapi/ne-dwmapi-dwm_systembackdrop_type) for more details.
+
+**Note:** This method is only supported on Windows 11 22H2 and up.
 
 #### `win.setWindowButtonPosition(position)` _macOS_
 
@@ -1334,25 +1359,6 @@ Passing `null` will reset the position to default.
 Returns `Point | null` - The custom position for the traffic light buttons in
 frameless window, `null` will be returned when there is no custom position.
 
-#### `win.setTrafficLightPosition(position)` _macOS_ _Deprecated_
-
-* `position` [Point](structures/point.md)
-
-Set a custom position for the traffic light buttons in frameless window.
-Passing `{ x: 0, y: 0 }` will reset the position to default.
-
-> **Note**
-> This function is deprecated. Use [setWindowButtonPosition](#winsetwindowbuttonpositionposition-macos) instead.
-
-#### `win.getTrafficLightPosition()` _macOS_ _Deprecated_
-
-Returns `Point` - The custom position for the traffic light buttons in
-frameless window, `{ x: 0, y: 0 }` will be returned when there is no custom
-position.
-
-> **Note**
-> This function is deprecated. Use [getWindowButtonPosition](#wingetwindowbuttonposition-macos) instead.
-
 #### `win.setTouchBar(touchBar)` _macOS_
 
 * `touchBar` TouchBar | null

docs/api/browser-window.md

@@ -723,7 +723,7 @@ Perhaps there are 15 pixels of controls on the left edge, 25 pixels of controls
 on the right edge and 50 pixels of controls below the player. In order to
 maintain a 16:9 aspect ratio (standard aspect ratio for HD @1920x1080) within
 the player itself we would call this function with arguments of 16/9 and
-{ width: 40, height: 50 }. The second argument doesn't care where the extra width and height
+\{ width: 40, height: 50 \}. The second argument doesn't care where the extra width and height
 are within the content view--only that they exist. Sum any extra width and
 height areas you have within the overall content view.
 
@@ -744,16 +744,16 @@ Examples of valid `backgroundColor` values:
   * #ffffff (RGB)
   * #ffffffff (ARGB)
 * RGB
-  * rgb\((\[\d]+),\s*(\[\d]+),\s*(\[\d]+)\)
+  * `rgb\(([\d]+),\s*([\d]+),\s*([\d]+)\)`
     * e.g. rgb(255, 255, 255)
 * RGBA
-  * rgba\((\[\d]+),\s*(\[\d]+),\s*(\[\d]+),\s*(\[\d.]+)\)
+  * `rgba\(([\d]+),\s*([\d]+),\s*([\d]+),\s*([\d.]+)\)`
     * e.g. rgba(255, 255, 255, 1.0)
 * HSL
-  * hsl\((-?\[\d.]+),\s*(\[\d.]+)%,\s*(\[\d.]+)%\)
+  * `hsl\((-?[\d.]+),\s*([\d.]+)%,\s*([\d.]+)%\)`
     * e.g. hsl(200, 20%, 50%)
 * HSLA
-  * hsla\((-?\[\d.]+),\s*(\[\d.]+)%,\s*(\[\d.]+)%,\s*(\[\d.]+)\)
+  * `hsla\((-?[\d.]+),\s*([\d.]+)%,\s*([\d.]+)%,\s*([\d.]+)\)`
     * e.g. hsla(200, 20%, 50%, 0.5)
 * Color name
   * Options are listed in [SkParseColor.cpp](https://source.chromium.org/chromium/chromium/src/+/main:third_party/skia/src/utils/SkParseColor.cpp;l=11-152;drc=eea4bf52cb0d55e2a39c828b017c80a5ee054148)
@@ -779,7 +779,7 @@ Closes the currently open [Quick Look][quick-look] panel.
 
 #### `win.setBounds(bounds[, animate])`
 
-* `bounds` Partial<[Rectangle](structures/rectangle.md)>
+* `bounds` Partial\<[Rectangle](structures/rectangle.md)\>
 * `animate` boolean (optional) _macOS_
 
 Resizes and moves the window to the supplied bounds. Any properties that are not supplied will default to their current values.
@@ -1215,7 +1215,7 @@ win.loadURL('http://localhost:8000/post', {
 
 * `filePath` string
 * `options` Object (optional)
-  * `query` Record<string, string> (optional) - Passed to `url.format()`.
+  * `query` Record\<string, string\> (optional) - Passed to `url.format()`.
   * `search` string (optional) - Passed to `url.format()`.
   * `hash` string (optional) - Passed to `url.format()`.
 

docs/api/client-request.md

@@ -17,6 +17,8 @@ following properties:
     method.
   * `url` string (optional) - The request URL. Must be provided in the absolute
     form with the protocol scheme specified as http or https.
+  * `headers` Record\<string, string | string[]\> (optional) - Headers to be sent
+    with the request.
   * `session` Session (optional) - The [`Session`](session.md) instance with
     which the request is associated.
   * `partition` string (optional) - The name of the [`partition`](session.md)
@@ -158,7 +160,7 @@ Returns:
 * `statusCode` Integer
 * `method` string
 * `redirectUrl` string
-* `responseHeaders` Record<string, string[]>
+* `responseHeaders` Record\<string, string[]\>
 
 Emitted when the server returns a redirect response (e.g. 301 Moved
 Permanently). Calling [`request.followRedirect`](#requestfollowredirect) will

docs/api/crash-reporter.md

@@ -59,14 +59,14 @@ The `crashReporter` module has the following methods:
     number of crashes uploaded to 1/hour. Default is `false`.
   * `compress` boolean (optional) - If true, crash reports will be compressed
     and uploaded with `Content-Encoding: gzip`. Default is `true`.
-  * `extra` Record<string, string> (optional) - Extra string key/value
+  * `extra` Record\<string, string\> (optional) - Extra string key/value
     annotations that will be sent along with crash reports that are generated
     in the main process. Only string values are supported. Crashes generated in
     child processes will not contain these extra
     parameters to crash reports generated from child processes, call
     [`addExtraParameter`](#crashreporteraddextraparameterkey-value) from the
     child process.
-  * `globalExtra` Record<string, string> (optional) - Extra string key/value
+  * `globalExtra` Record\<string, string\> (optional) - Extra string key/value
     annotations that will be sent along with any crash reports generated in any
     process. These annotations cannot be changed once the crash reporter has
     been started. If a key is present in both the global extra parameters and

docs/api/dialog.md

@@ -174,7 +174,7 @@ dialog.showOpenDialog(mainWindow, {
     * `dontAddToRecent` _Windows_ - Do not add the item being saved to the recent documents list.
   * `securityScopedBookmarks` boolean (optional) _macOS_ _mas_ - Create a [security scoped bookmark](https://developer.apple.com/library/content/documentation/Security/Conceptual/AppSandboxDesignGuide/AppSandboxInDepth/AppSandboxInDepth.html#//apple_ref/doc/uid/TP40011183-CH3-SW16) when packaged for the Mac App Store. If this option is enabled and the file doesn't already exist a blank file will be created at the chosen path.
 
-Returns `string | undefined`, the path of the file chosen by the user; if the dialog is cancelled it returns `undefined`.
+Returns `string`, the path of the file chosen by the user; if the dialog is cancelled it returns an empty string.
 
 The `browserWindow` argument allows the dialog to attach itself to a parent window, making it modal.
 
@@ -207,7 +207,7 @@ The `filters` specifies an array of file types that can be displayed, see
 Returns `Promise<Object>` - Resolve with an object containing the following:
 
 * `canceled` boolean - whether or not the dialog was canceled.
-* `filePath` string (optional) - If the dialog is canceled, this will be `undefined`.
+* `filePath` string - If the dialog is canceled, this will be an empty string.
 * `bookmark` string (optional) _macOS_ _mas_ - Base64 encoded string which contains the security scoped bookmark data for the saved file. `securityScopedBookmarks` must be enabled for this to be present. (For return values, see [table here](#bookmarks-array).)
 
 The `browserWindow` argument allows the dialog to attach itself to a parent window, making it modal.

docs/api/environment-variables.md

@@ -51,6 +51,18 @@ Unsupported options are:
 --http-parser
 ```
 
+If the [`nodeOptions` fuse](../tutorial/fuses.md#L27) is disabled, `NODE_OPTIONS` will be ignored.
+
+### `NODE_EXTRA_CA_CERTS`
+
+See [Node.js cli documentation](https://github.com/nodejs/node/blob/main/doc/api/cli.md#node_extra_ca_certsfile) for details.
+
+```sh
+export NODE_EXTRA_CA_CERTS=/path/to/cert.pem 
+```
+
+If the [`nodeOptions` fuse](../tutorial/fuses.md#L27) is disabled, `NODE_EXTRA_CA_CERTS` will be ignored.
+
 ### `GOOGLE_API_KEY`
 
 Geolocation support in Electron requires the use of Google Cloud Platform's
@@ -92,6 +104,8 @@ you would when running the normal Node.js executable, with the exception of the
 These flags are disabled owing to the fact that Electron uses BoringSSL instead of OpenSSL when building Node.js'
 `crypto` module, and so will not work as designed.
 
+If the [`runAsNode` fuse](../tutorial/fuses.md#L13) is disabled, `ELECTRON_RUN_AS_NODE` will be ignored.
+
 ### `ELECTRON_NO_ATTACH_CONSOLE` _Windows_
 
 Don't attach to the current console session.

docs/api/ipc-main.md

@@ -72,7 +72,7 @@ Removes listeners of the specified `channel`.
 ### `ipcMain.handle(channel, listener)`
 
 * `channel` string
-* `listener` Function<Promise\<any&#62; | any&#62;
+* `listener` Function\<Promise\<any\> | any\>
   * `event` [IpcMainInvokeEvent][ipc-main-invoke-event]
   * `...args` any[]
 
@@ -109,7 +109,7 @@ provided to the renderer process. Please refer to
 ### `ipcMain.handleOnce(channel, listener)`
 
 * `channel` string
-* `listener` Function<Promise\<any&#62; | any&#62;
+* `listener` Function\<Promise\<any\> | any\>
   * `event` [IpcMainInvokeEvent][ipc-main-invoke-event]
   * `...args` any[]
 

docs/api/menu-item.md

@@ -38,18 +38,18 @@ See [`Menu`](menu.md) for examples.
     `Menu.buildFromTemplate`.
   * `id` string (optional) - Unique within a single menu. If defined then it can be used
     as a reference to this item by the position attribute.
-  * `before` string[] (optional) - Inserts this item before the item with the specified label. If
+  * `before` string[] (optional) - Inserts this item before the item with the specified id. If
     the referenced item doesn't exist the item will be inserted at the end of  the menu. Also implies
     that the menu item in question should be placed in the same “group” as the item.
-  * `after` string[] (optional) - Inserts this item after the item with the specified label. If the
+  * `after` string[] (optional) - Inserts this item after the item with the specified id. If the
     referenced item doesn't exist the item will be inserted at the end of
     the menu.
   * `beforeGroupContaining` string[] (optional) - Provides a means for a single context menu to declare
     the placement of their containing group before the containing group of the item
-    with the specified label.
+    with the specified id.
   * `afterGroupContaining` string[] (optional) - Provides a means for a single context menu to declare
     the placement of their containing group after the containing group of the item
-    with the specified label.
+    with the specified id.
 
 **Note:** `acceleratorWorksWhenHidden` is specified as being macOS-only because accelerators always work when items are hidden on Windows and Linux. The option is exposed to users to give them the option to turn it off, as this is possible in native macOS development.
 

docs/api/menu.md

@@ -336,16 +336,16 @@ browser windows.
 
 You can make use of `before`, `after`, `beforeGroupContaining`, `afterGroupContaining` and `id` to control how the item will be placed when building a menu with `Menu.buildFromTemplate`.
 
-* `before` - Inserts this item before the item with the specified label. If the
+* `before` - Inserts this item before the item with the specified id. If the
   referenced item doesn't exist the item will be inserted at the end of
   the menu. Also implies that the menu item in question should be placed in the same “group” as the item.
-* `after` - Inserts this item after the item with the specified label. If the
+* `after` - Inserts this item after the item with the specified id. If the
   referenced item doesn't exist the item will be inserted at the end of
   the menu. Also implies that the menu item in question should be placed in the same “group” as the item.
 * `beforeGroupContaining` - Provides a means for a single context menu to declare
-  the placement of their containing group before the containing group of the item with the specified label.
+  the placement of their containing group before the containing group of the item with the specified id.
 * `afterGroupContaining` - Provides a means for a single context menu to declare
-  the placement of their containing group after the containing group of the item with the specified label.
+  the placement of their containing group after the containing group of the item with the specified id.
 
 By default, items will be inserted in the order they exist in the template unless one of the specified positioning keywords is used.
 

docs/api/native-image.md

@@ -4,36 +4,41 @@
 
 Process: [Main](../glossary.md#main-process), [Renderer](../glossary.md#renderer-process)
 
-In Electron, for the APIs that take images, you can pass either file paths or
-`NativeImage` instances. An empty image will be used when `null` is passed.
+The `nativeImage` module provides a unified interface for manipulating
+system images. These can be handy if you want to provide multiple scaled
+versions of the same icon or take advantage of macOS [template images][template-image].
 
-For example, when creating a tray or setting a window's icon, you can pass an
-image file path as a `string`:
+Electron APIs that take image files accept either file paths or
+`NativeImage` instances. An empty and transparent image will be used when `null` is passed.
 
-```js
+For example, when creating a [Tray](../api/tray.md) or setting a [BrowserWindow](../api/browser-window.md)'s
+icon, you can either pass an image file path as a string:
+
+```js title='Main Process'
 const { BrowserWindow, Tray } = require('electron')
 
-const appIcon = new Tray('/Users/somebody/images/icon.png')
+const tray = new Tray('/Users/somebody/images/icon.png')
 const win = new BrowserWindow({ icon: '/Users/somebody/images/window.png' })
-console.log(appIcon, win)
 ```
 
-Or read the image from the clipboard, which returns a `NativeImage`:
+or generate a `NativeImage` instance from the same file:
 
-```js
-const { clipboard, Tray } = require('electron')
-const image = clipboard.readImage()
-const appIcon = new Tray(image)
-console.log(appIcon)
+```js title='Main Process'
+const { BrowserWindow, nativeImage, Tray } = require('electron')
+
+const trayIcon = nativeImage.createFromPath('/Users/somebody/images/icon.png')
+const appIcon = nativeImage.createFromPath('/Users/somebody/images/window.png')
+const tray = new Tray(trayIcon)
+const win = new BrowserWindow({ icon: appIcon })
 ```
 
 ## Supported Formats
 
-Currently `PNG` and `JPEG` image formats are supported. `PNG` is recommended
-because of its support for transparency and lossless compression.
+Currently, `PNG` and `JPEG` image formats are supported across all platforms.
+`PNG` is recommended because of its support for transparency and lossless compression.
 
 On Windows, you can also load `ICO` icons from file paths. For best visual
-quality, it is recommended to include at least the following sizes in the:
+quality, we recommend including at least the following sizes:
 
 * Small icon
   * 16x16 (100% DPI scale)
@@ -47,22 +52,30 @@ quality, it is recommended to include at least the following sizes in the:
   * 64x64 (200% DPI scale)
   * 256x256
 
-Check the _Size requirements_ section in [this article][icons].
+Check the _Icon Scaling_ section in the Windows [App Icon Construction][icons] reference.
 
-[icons]: https://learn.microsoft.com/en-us/windows/win32/uxguide/vis-icons
+[icons]: https://learn.microsoft.com/en-us/windows/apps/design/style/iconography/app-icon-construction#icon-scaling
+
+:::note
+
+EXIF metadata is currently not supported and will not be taken into account during
+image encoding and decoding.
+
+:::
 
 ## High Resolution Image
 
-On platforms that have high-DPI support such as Apple Retina displays, you can
-append `@2x` after image's base filename to mark it as a high resolution image.
+On platforms that support high pixel density displays (such as Apple Retina),
+you can append `@2x` after image's base filename to mark it as a 2x scale
+high resolution image.
 
 For example, if `icon.png` is a normal image that has standard resolution, then
-`icon@2x.png` will be treated as a high resolution image that has double DPI
-density.
+`icon@2x.png` will be treated as a high resolution image that has double
+Dots per Inch (DPI) density.
 
 If you want to support displays with different DPI densities at the same time,
 you can put images with different sizes in the same folder and use the filename
-without DPI suffixes. For example:
+without DPI suffixes within Electron. For example:
 
 ```plaintext
 images/
@@ -71,10 +84,9 @@ images/
 └── icon@3x.png
 ```
 
-```js
+```js title='Main Process'
 const { Tray } = require('electron')
-const appIcon = new Tray('/Users/somebody/images/icon.png')
-console.log(appIcon)
+const appTray = new Tray('/Users/somebody/images/icon.png')
 ```
 
 The following suffixes for DPI are also supported:
@@ -91,27 +103,23 @@ The following suffixes for DPI are also supported:
 * `@4x`
 * `@5x`
 
-## Template Image
+## Template Image _macOS_
 
-Template images consist of black and an alpha channel.
+On macOS, [template images][template-image] consist of black and an alpha channel.
 Template images are not intended to be used as standalone images and are usually
 mixed with other content to create the desired final appearance.
 
-The most common case is to use template images for a menu bar icon, so it can
+The most common case is to use template images for a menu bar (Tray) icon, so it can
 adapt to both light and dark menu bars.
 
-**Note:** Template image is only supported on macOS.
-
-To mark an image as a template image, its filename should end with the word
-`Template`. For example:
-
-* `xxxTemplate.png`
-* `xxxTemplate@2x.png`
+To mark an image as a template image, its base filename should end with the word
+`Template` (e.g. `xxxTemplate.png`). You can also specify template images at
+different DPI densities (e.g. `xxxTemplate@2x.png`).
 
 ## Methods
 
 The `nativeImage` module has the following methods, all of which return
-an instance of the `NativeImage` class:
+an instance of the [`NativeImage`](#class-nativeimage) class:
 
 ### `nativeImage.createEmpty()`
 
@@ -130,7 +138,7 @@ Note: The Windows implementation will ignore `size.height` and scale the height
 
 ### `nativeImage.createFromPath(path)`
 
-* `path` string
+* `path` string - path to a file that we intend to construct an image out of.
 
 Returns `NativeImage`
 
@@ -139,7 +147,7 @@ returns an empty image if the `path` does not exist, cannot be read, or is not
 a valid image.
 
 ```js
-const nativeImage = require('electron').nativeImage
+const { nativeImage } = require('electron')
 
 const image = nativeImage.createFromPath('/Users/somebody/images/icon.png')
 console.log(image)
@@ -176,7 +184,7 @@ Creates a new `NativeImage` instance from `buffer`. Tries to decode as PNG or JP
 
 Returns `NativeImage`
 
-Creates a new `NativeImage` instance from `dataURL`.
+Creates a new `NativeImage` instance from `dataUrl`, a base 64 encoded [Data URL][data-url] string.
 
 ### `nativeImage.createFromNamedImage(imageName[, hslShift])` _macOS_
 
@@ -185,14 +193,14 @@ Creates a new `NativeImage` instance from `dataURL`.
 
 Returns `NativeImage`
 
-Creates a new `NativeImage` instance from the NSImage that maps to the
-given image name. See [`System Icons`](https://developer.apple.com/design/human-interface-guidelines/macos/icons-and-images/system-icons/)
-for a list of possible values.
+Creates a new `NativeImage` instance from the `NSImage` that maps to the
+given image name. See Apple's [`NSImageName`](https://developer.apple.com/documentation/appkit/nsimagename#2901388)
+documentation for a list of possible values.
 
 The `hslShift` is applied to the image with the following rules:
 
 * `hsl_shift[0]` (hue): The absolute hue value for the image - 0 and 1 map
-     to 0 and 360 on the hue color wheel (red).
+    to 0 and 360 on the hue color wheel (red).
 * `hsl_shift[1]` (saturation): A saturation shift for the image, with the
     following key values:
     0 = remove all color.
@@ -209,7 +217,9 @@ This means that `[-1, 0, 1]` will make the image completely white and
 
 In some cases, the `NSImageName` doesn't match its string representation; one example of this is `NSFolderImageName`, whose string representation would actually be `NSFolder`. Therefore, you'll need to determine the correct string representation for your image before passing it in. This can be done with the following:
 
-`echo -e '#import <Cocoa/Cocoa.h>\nint main() { NSLog(@"%@", SYSTEM_IMAGE_NAME); }' | clang -otest -x objective-c -framework Cocoa - && ./test`
+```sh
+echo -e '#import <Cocoa/Cocoa.h>\nint main() { NSLog(@"%@", SYSTEM_IMAGE_NAME); }' | clang -otest -x objective-c -framework Cocoa - && ./test
+```
 
 where `SYSTEM_IMAGE_NAME` should be replaced with any value from [this list](https://developer.apple.com/documentation/appkit/nsimagename?language=objc).
 
@@ -250,7 +260,7 @@ data.
 * `options` Object (optional)
   * `scaleFactor` Number (optional) - Defaults to 1.0.
 
-Returns `string` - The data URL of the image.
+Returns `string` - The [Data URL][data-url] of the image.
 
 #### `image.getBitmap([options])`
 
@@ -266,7 +276,7 @@ current event loop tick; otherwise the data might be changed or destroyed.
 #### `image.getNativeHandle()` _macOS_
 
 Returns `Buffer` - A [Buffer][buffer] that stores C pointer to underlying native handle of
-the image. On macOS, a pointer to `NSImage` instance would be returned.
+the image. On macOS, a pointer to `NSImage` instance is returned.
 
 Notice that the returned pointer is a weak pointer to the underlying native
 image instead of a copy, so you _must_ ensure that the associated
@@ -288,11 +298,11 @@ If `scaleFactor` is passed, this will return the size corresponding to the image
 
 * `option` boolean
 
-Marks the image as a template image.
+Marks the image as a macOS [template image][template-image].
 
 #### `image.isTemplateImage()`
 
-Returns `boolean` - Whether the image is a template image.
+Returns `boolean` - Whether the image is a macOS [template image][template-image].
 
 #### `image.crop(rect)`
 
@@ -321,13 +331,13 @@ will be preserved in the resized image.
 
 * `scaleFactor` Number (optional) - Defaults to 1.0.
 
-Returns `Number` - The image's aspect ratio.
+Returns `Number` - The image's aspect ratio (width divided by height).
 
 If `scaleFactor` is passed, this will return the aspect ratio corresponding to the image representation most closely matching the passed value.
 
 #### `image.getScaleFactors()`
 
-Returns `Number[]` - An array of all scale factors corresponding to representations for a given nativeImage.
+Returns `Number[]` - An array of all scale factors corresponding to representations for a given `NativeImage`.
 
 #### `image.addRepresentation(options)`
 
@@ -342,15 +352,17 @@ Returns `Number[]` - An array of all scale factors corresponding to representati
     encoded PNG or JPEG image.
 
 Add an image representation for a specific scale factor. This can be used
-to explicitly add different scale factor representations to an image. This
+to programmatically add different scale factor representations to an image. This
 can be called on empty images.
 
-[buffer]: https://nodejs.org/api/buffer.html#buffer_class_buffer
-
 ### Instance Properties
 
 #### `nativeImage.isMacTemplateImage` _macOS_
 
-A `boolean` property that determines whether the image is considered a [template image](https://developer.apple.com/documentation/appkit/nsimage/1520017-template).
+A `boolean` property that determines whether the image is considered a [template image][template-image].
 
 Please note that this property only has an effect on macOS.
+
+[buffer]: https://nodejs.org/api/buffer.html#buffer_class_buffer
+[data-url]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/Data_URLs
+[template-image]: https://developer.apple.com/documentation/appkit/nsimage/1520017-template

docs/api/navigation-history.md

@@ -0,0 +1,29 @@
+## Class: NavigationHistory
+
+> Manage a list of navigation entries, representing the user's browsing history within the application.
+
+Process: [Main](../glossary.md#main-process)<br />
+_This class is not exported from the `'electron'` module. It is only available as a return value of other methods in the Electron API._
+
+Each navigation entry corresponds to a specific page. The indexing system follows a sequential order, where the first available navigation entry is at index 0, representing the earliest visited page, and the latest navigation entry is at index N, representing the most recent page. Maintaining this ordered list of navigation entries enables seamless navigation both backward and forward through the user's browsing history.
+
+### Instance Methods
+
+#### `navigationHistory.getActiveIndex()`
+
+Returns `Integer` - The index of the current page, from which we would go back/forward or reload.
+
+#### `navigationHistory.getEntryAtIndex(index)`
+
+* `index` Integer
+
+Returns `Object`:
+
+* `url` string - The URL of the navigation entry at the given index.
+* `title` string - The page title of the navigation entry at the given index.
+
+If index is out of bounds (greater than history length or less than 0), null will be returned.
+
+#### `navigationHistory.length()`
+
+Returns `Integer` - History length.

docs/api/net.md

@@ -66,7 +66,7 @@ requests according to the specified protocol scheme in the `options` object.
 ### `net.fetch(input[, init])`
 
 * `input` string | [GlobalRequest](https://nodejs.org/api/globals.html#request)
-* `init` [RequestInit](https://developer.mozilla.org/en-US/docs/Web/API/fetch#options) & { bypassCustomProtocolHandlers?: boolean } (optional)
+* `init` [RequestInit](https://developer.mozilla.org/en-US/docs/Web/API/fetch#options) & \{ bypassCustomProtocolHandlers?: boolean \} (optional)
 
 Returns `Promise<GlobalResponse>` - see [Response](https://developer.mozilla.org/en-US/docs/Web/API/Response).
 

docs/api/process.md

@@ -21,7 +21,6 @@ In sandboxed renderers the `process` object contains only a subset of the APIs:
 * `getSystemMemoryInfo()`
 * `getSystemVersion()`
 * `getCPUUsage()`
-* `getIOCounters()`
 * `uptime()`
 * `argv`
 * `execPath`
@@ -162,10 +161,6 @@ The time is represented as number of milliseconds since epoch. It returns null i
 
 Returns [`CPUUsage`](structures/cpu-usage.md)
 
-### `process.getIOCounters()` _Windows_ _Linux_
-
-Returns [`IOCounters`](structures/io-counters.md)
-
 ### `process.getHeapStatistics()`
 
 Returns `Object`:

docs/api/protocol.md

@@ -9,10 +9,14 @@ An example of implementing a protocol that has the same effect as the
 
 ```js
 const { app, protocol, net } = require('electron')
+const path = require('node:path')
+const url = require('node:url')
 
 app.whenReady().then(() => {
-  protocol.handle('atom', (request) =>
-    net.fetch('file://' + request.url.slice('atom://'.length)))
+  protocol.handle('atom', (request) => {
+    const filePath = request.url.slice('atom://'.length)
+    return net.fetch(url.pathToFileURL(path.join(__dirname, filePath)).toString())
+  })
 })
 ```
 
@@ -42,7 +46,7 @@ app.whenReady().then(() => {
 
   ses.protocol.handle('atom', (request) => {
     const filePath = request.url.slice('atom://'.length)
-    return net.fetch(url.pathToFileURL(path.join(__dirname, filePath)).toString())
+    return net.fetch(url.pathToFileURL(path.resolve(__dirname, filePath)).toString())
   })
 
   const mainWindow = new BrowserWindow({ webPreferences: { partition } })
@@ -111,7 +115,7 @@ expect streaming responses.
 
 * `scheme` string - scheme to handle, for example `https` or `my-app`. This is
   the bit before the `:` in a URL.
-* `handler` Function<[GlobalResponse](https://nodejs.org/api/globals.html#response) | Promise<GlobalResponse>>
+* `handler` Function\<[GlobalResponse](https://nodejs.org/api/globals.html#response) | Promise\<GlobalResponse\>\>
   * `request` [GlobalRequest](https://nodejs.org/api/globals.html#request)
 
 Register a protocol handler for `scheme`. Requests made to URLs with this

docs/api/push-notifications.md

@@ -27,7 +27,7 @@ The `pushNotification` module emits the following events:
 Returns:
 
 * `event` Event
-* `userInfo` Record<String, any>
+* `userInfo` Record\<String, any\>
 
 Emitted when the app receives a remote notification while running.
 See: https://developer.apple.com/documentation/appkit/nsapplicationdelegate/1428430-application?language=objc

docs/api/session.md

@@ -589,105 +589,15 @@ Writes any unwritten DOMStorage data to disk.
 
 #### `ses.setProxy(config)`
 
-* `config` Object
-  * `mode` string (optional) - The proxy mode. Should be one of `direct`,
-    `auto_detect`, `pac_script`, `fixed_servers` or `system`. If it's
-    unspecified, it will be automatically determined based on other specified
-    options.
-    * `direct`
-      In direct mode all connections are created directly, without any proxy involved.
-    * `auto_detect`
-      In auto_detect mode the proxy configuration is determined by a PAC script that can
-      be downloaded at http://wpad/wpad.dat.
-    * `pac_script`
-      In pac_script mode the proxy configuration is determined by a PAC script that is
-      retrieved from the URL specified in the `pacScript`. This is the default mode
-      if `pacScript` is specified.
-    * `fixed_servers`
-      In fixed_servers mode the proxy configuration is specified in `proxyRules`.
-      This is the default mode if `proxyRules` is specified.
-    * `system`
-      In system mode the proxy configuration is taken from the operating system.
-      Note that the system mode is different from setting no proxy configuration.
-      In the latter case, Electron falls back to the system settings
-      only if no command-line options influence the proxy configuration.
-  * `pacScript` string (optional) - The URL associated with the PAC file.
-  * `proxyRules` string (optional) - Rules indicating which proxies to use.
-  * `proxyBypassRules` string (optional) - Rules indicating which URLs should
-    bypass the proxy settings.
+* `config` [ProxyConfig](structures/proxy-config.md)
 
 Returns `Promise<void>` - Resolves when the proxy setting process is complete.
 
 Sets the proxy settings.
 
-When `mode` is unspecified, `pacScript` and `proxyRules` are provided together, the `proxyRules`
-option is ignored and `pacScript` configuration is applied.
-
 You may need `ses.closeAllConnections` to close currently in flight connections to prevent
 pooled sockets using previous proxy from being reused by future requests.
 
-The `proxyRules` has to follow the rules below:
-
-```sh
-proxyRules = schemeProxies[";"<schemeProxies>]
-schemeProxies = [<urlScheme>"="]<proxyURIList>
-urlScheme = "http" | "https" | "ftp" | "socks"
-proxyURIList = <proxyURL>[","<proxyURIList>]
-proxyURL = [<proxyScheme>"://"]<proxyHost>[":"<proxyPort>]
-```
-
-For example:
-
-* `http=foopy:80;ftp=foopy2` - Use HTTP proxy `foopy:80` for `http://` URLs, and
-  HTTP proxy `foopy2:80` for `ftp://` URLs.
-* `foopy:80` - Use HTTP proxy `foopy:80` for all URLs.
-* `foopy:80,bar,direct://` - Use HTTP proxy `foopy:80` for all URLs, failing
-  over to `bar` if `foopy:80` is unavailable, and after that using no proxy.
-* `socks4://foopy` - Use SOCKS v4 proxy `foopy:1080` for all URLs.
-* `http=foopy,socks5://bar.com` - Use HTTP proxy `foopy` for http URLs, and fail
-  over to the SOCKS5 proxy `bar.com` if `foopy` is unavailable.
-* `http=foopy,direct://` - Use HTTP proxy `foopy` for http URLs, and use no
-  proxy if `foopy` is unavailable.
-* `http=foopy;socks=foopy2` - Use HTTP proxy `foopy` for http URLs, and use
-  `socks4://foopy2` for all other URLs.
-
-The `proxyBypassRules` is a comma separated list of rules described below:
-
-* `[ URL_SCHEME "://" ] HOSTNAME_PATTERN [ ":" <port> ]`
-
-   Match all hostnames that match the pattern HOSTNAME_PATTERN.
-
-   Examples:
-     "foobar.com", "\*foobar.com", "\*.foobar.com", "\*foobar.com:99",
-     "https://x.\*.y.com:99"
-
-* `"." HOSTNAME_SUFFIX_PATTERN [ ":" PORT ]`
-
-   Match a particular domain suffix.
-
-   Examples:
-     ".google.com", ".com", "http://.google.com"
-
-* `[ SCHEME "://" ] IP_LITERAL [ ":" PORT ]`
-
-   Match URLs which are IP address literals.
-
-   Examples:
-     "127.0.1", "\[0:0::1]", "\[::1]", "http://\[::1]:99"
-
-* `IP_LITERAL "/" PREFIX_LENGTH_IN_BITS`
-
-   Match any URL that is to an IP literal that falls between the
-   given range. IP range is specified using CIDR notation.
-
-   Examples:
-     "192.168.1.1/16", "fefe:13::abc/33".
-
-* `<local>`
-
-   Match local addresses. The meaning of `<local>` is whether the
-   host matches one of: "127.0.0.1", "::1", "localhost".
-
 #### `ses.resolveHost(host, [options])`
 
 * `host` string - Hostname to resolve.
@@ -785,7 +695,7 @@ Returns `Promise<void>` - Resolves when all connections are closed.
 #### `ses.fetch(input[, init])`
 
 * `input` string | [GlobalRequest](https://nodejs.org/api/globals.html#request)
-* `init` [RequestInit](https://developer.mozilla.org/en-US/docs/Web/API/fetch#options) & { bypassCustomProtocolHandlers?: boolean } (optional)
+* `init` [RequestInit](https://developer.mozilla.org/en-US/docs/Web/API/fetch#options) & \{ bypassCustomProtocolHandlers?: boolean \} (optional)
 
 Returns `Promise<GlobalResponse>` - see [Response](https://developer.mozilla.org/en-US/docs/Web/API/Response).
 
@@ -903,17 +813,15 @@ win.webContents.session.setCertificateVerifyProc((request, callback) => {
     * `pointerLock` - Request to directly interpret mouse movements as an input method via the [Pointer Lock API](https://developer.mozilla.org/en-US/docs/Web/API/Pointer_Lock_API). These requests always appear to originate from the main frame.
     * `keyboardLock` - Request capture of keypresses for any or all of the keys on the physical keyboard via the [Keyboard Lock API](https://developer.mozilla.org/en-US/docs/Web/API/Keyboard/lock). These requests always appear to originate from the main frame.
     * `openExternal` - Request to open links in external applications.
+    * `speaker-selection` - Request to enumerate and select audio output devices via the [speaker-selection permissions policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permissions-Policy/speaker-selection).
+    * `storage-access` - Allows content loaded in a third-party context to request access to third-party cookies using the [Storage Access API](https://developer.mozilla.org/en-US/docs/Web/API/Storage_Access_API).
+    * `top-level-storage-access` -  Allow top-level sites to request third-party cookie access on behalf of embedded content originating from another site in the same related website set using the [Storage Access API](https://developer.mozilla.org/en-US/docs/Web/API/Storage_Access_API).
     * `window-management` - Request access to enumerate screens using the [`getScreenDetails`](https://developer.chrome.com/en/articles/multi-screen-window-placement/) API.
     * `unknown` - An unrecognized permission request.
+    * `fileSystem` - Request access to read, write, and file management capabilities using the [File System API](https://developer.mozilla.org/en-US/docs/Web/API/File_System_API).
   * `callback` Function
     * `permissionGranted` boolean - Allow or deny the permission.
-  * `details` Object - Some properties are only available on certain permission types.
-    * `externalURL` string (optional) - The url of the `openExternal` request.
-    * `securityOrigin` string (optional) - The security origin of the `media` request.
-    * `mediaTypes` string[] (optional) - The types of media access being requested, elements can be `video`
-      or `audio`
-    * `requestingUrl` string - The last URL the requesting frame loaded
-    * `isMainFrame` boolean - Whether the frame making the request is the main frame
+  * `details` [PermissionRequest](structures/permission-request.md)  | [FilesystemPermissionRequest](structures/filesystem-permission-request.md) | [MediaAccessPermissionRequest](structures/media-access-permission-request.md) | [OpenExternalPermissionRequest](structures/open-external-permission-request.md) - Additional information about the permission being requested.
 
 Sets the handler which can be used to respond to permission requests for the `session`.
 Calling `callback(true)` will allow the permission and `callback(false)` will reject it.
@@ -951,6 +859,8 @@ session.fromPartition('some-partition').setPermissionRequestHandler((webContents
     * `openExternal` - Open links in external applications.
     * `pointerLock` - Directly interpret mouse movements as an input method via the [Pointer Lock API](https://developer.mozilla.org/en-US/docs/Web/API/Pointer_Lock_API). These requests always appear to originate from the main frame.
     * `serial` - Read from and write to serial devices with the [Web Serial API](https://developer.mozilla.org/en-US/docs/Web/API/Web_Serial_API).
+    * `storage-access` - Allows content loaded in a third-party context to request access to third-party cookies using the [Storage Access API](https://developer.mozilla.org/en-US/docs/Web/API/Storage_Access_API).
+    * `top-level-storage-access` -  Allow top-level sites to request third-party cookie access on behalf of embedded content originating from another site in the same related website set using the [Storage Access API](https://developer.mozilla.org/en-US/docs/Web/API/Storage_Access_API).
     * `usb` - Expose non-standard Universal Serial Bus (USB) compatible devices services to the web with the [WebUSB API](https://developer.mozilla.org/en-US/docs/Web/API/WebUSB_API).
   * `requestingOrigin` string - The origin URL of the permission check
   * `details` Object - Some properties are only available on certain permission types.
@@ -1305,7 +1215,7 @@ Returns `Promise<Buffer>` - resolves with blob data.
 
 * `url` string
 * `options` Object (optional)
-  * `headers` Record<string, string> (optional) - HTTP request headers.
+  * `headers` Record\<string, string\> (optional) - HTTP request headers.
 
 Initiates a download of the resource at `url`.
 The API will generate a [DownloadItem](download-item.md) that can be accessed

docs/api/structures/file-path-with-headers.md

@@ -1,4 +1,4 @@
 # FilePathWithHeaders Object
 
 * `path` string - The path to the file to send.
-* `headers` Record<string, string> (optional) - Additional headers to be sent.
+* `headers` Record\<string, string\> (optional) - Additional headers to be sent.

docs/api/structures/filesystem-permission-request.md

@@ -0,0 +1,5 @@
+# FilesystemPermissionRequest Object extends `PermissionRequest`
+
+* `filePath` string (optional) - The path of the `fileSystem` request.
+* `isDirectory` boolean (optional) - Whether the `fileSystem` request is a directory.
+* `fileAccessType` string (optional) - The access type of the `fileSystem` request. Can be `writable` or `readable`.

docs/api/structures/io-counters.md

@@ -1,8 +0,0 @@
-# IOCounters Object
-
-* `readOperationCount` number - The number of I/O read operations.
-* `writeOperationCount` number - The number of I/O write operations.
-* `otherOperationCount` number - Then number of I/O other operations.
-* `readTransferCount` number - The number of I/O read transfers.
-* `writeTransferCount` number - The number of I/O write transfers.
-* `otherTransferCount` number - Then number of I/O other transfers.

docs/api/structures/media-access-permission-request.md

@@ -0,0 +1,5 @@
+# MediaAccessPermissionRequest Object extends `PermissionRequest`
+
+* `securityOrigin` string (optional) - The security origin of the request.
+* `mediaTypes` string[] (optional) - The types of media access being requested - elements can be `video`
+  or `audio`.

docs/api/structures/notification-response.md

@@ -3,5 +3,5 @@
 * `actionIdentifier` string - The identifier string of the action that the user selected.
 * `date` number - The delivery date of the notification.
 * `identifier` string - The unique identifier for this notification request.
-* `userInfo` Record<string, any> - A dictionary of custom information associated with the notification.
+* `userInfo` Record\<string, any\> - A dictionary of custom information associated with the notification.
 * `userText` string (optional) - The text entered or chosen by the user.

docs/api/structures/open-external-permission-request.md

@@ -0,0 +1,3 @@
+# OpenExternalPermissionRequest Object extends `PermissionRequest`
+
+* `externalURL` string (optional) - The url of the `openExternal` request.

docs/api/structures/permission-request.md

@@ -0,0 +1,4 @@
+# PermissionRequest Object
+
+* `requestingUrl` string - The last URL the requesting frame loaded.
+* `isMainFrame` boolean - Whether the frame making the request is the main frame.

docs/api/structures/protocol-request.md

@@ -4,4 +4,4 @@
 * `referrer` string
 * `method` string
 * `uploadData` [UploadData[]](upload-data.md) (optional)
-* `headers` Record<string, string>
+* `headers` Record\<string, string\>

docs/api/structures/protocol-response.md

@@ -10,7 +10,7 @@
   `"text/html"`. Setting `mimeType` would implicitly set the `content-type`
   header in response, but if `content-type` is already set in `headers`, the
   `mimeType` would be ignored.
-* `headers` Record<string, string | string[]> (optional) - An object containing the response headers. The
+* `headers` Record\<string, string | string[]\> (optional) - An object containing the response headers. The
   keys must be string, and values must be either string or Array of string.
 * `data` (Buffer | string | ReadableStream) (optional) - The response body. When
   returning stream as response, this is a Node.js readable stream representing

docs/api/structures/proxy-config.md

@@ -0,0 +1,86 @@
+# ProxyConfig Object
+
+* `mode` string (optional) - The proxy mode. Should be one of `direct`,
+`auto_detect`, `pac_script`, `fixed_servers` or `system`.
+Defaults to `pac_script` proxy mode if `pacScript` option is specified
+otherwise defaults to `fixed_servers`.
+  * `direct` - In direct mode all connections are created directly, without any proxy involved.
+  * `auto_detect` - In auto_detect mode the proxy configuration is determined by a PAC script that can
+    be downloaded at http://wpad/wpad.dat.
+  * `pac_script` - In pac_script mode the proxy configuration is determined by a PAC script that is
+    retrieved from the URL specified in the `pacScript`. This is the default mode if `pacScript` is specified.
+  * `fixed_servers` - In fixed_servers mode the proxy configuration is specified in `proxyRules`.
+    This is the default mode if `proxyRules` is specified.
+  * `system` - In system mode the proxy configuration is taken from the operating system.
+    Note that the system mode is different from setting no proxy configuration.
+    In the latter case, Electron falls back to the system settings only if no
+    command-line options influence the proxy configuration.
+* `pacScript` string (optional) - The URL associated with the PAC file.
+* `proxyRules` string (optional) - Rules indicating which proxies to use.
+* `proxyBypassRules` string (optional) - Rules indicating which URLs should
+bypass the proxy settings.
+
+When `mode` is unspecified, `pacScript` and `proxyRules` are provided together, the `proxyRules`
+option is ignored and `pacScript` configuration is applied.
+
+The `proxyRules` has to follow the rules below:
+
+```sh
+proxyRules = schemeProxies[";"<schemeProxies>]
+schemeProxies = [<urlScheme>"="]<proxyURIList>
+urlScheme = "http" | "https" | "ftp" | "socks"
+proxyURIList = <proxyURL>[","<proxyURIList>]
+proxyURL = [<proxyScheme>"://"]<proxyHost>[":"<proxyPort>]
+```
+
+For example:
+
+* `http=foopy:80;ftp=foopy2` - Use HTTP proxy `foopy:80` for `http://` URLs, and
+  HTTP proxy `foopy2:80` for `ftp://` URLs.
+* `foopy:80` - Use HTTP proxy `foopy:80` for all URLs.
+* `foopy:80,bar,direct://` - Use HTTP proxy `foopy:80` for all URLs, failing
+  over to `bar` if `foopy:80` is unavailable, and after that using no proxy.
+* `socks4://foopy` - Use SOCKS v4 proxy `foopy:1080` for all URLs.
+* `http=foopy,socks5://bar.com` - Use HTTP proxy `foopy` for http URLs, and fail
+  over to the SOCKS5 proxy `bar.com` if `foopy` is unavailable.
+* `http=foopy,direct://` - Use HTTP proxy `foopy` for http URLs, and use no
+  proxy if `foopy` is unavailable.
+* `http=foopy;socks=foopy2` - Use HTTP proxy `foopy` for http URLs, and use
+  `socks4://foopy2` for all other URLs.
+
+The `proxyBypassRules` is a comma separated list of rules described below:
+
+* `[ URL_SCHEME "://" ] HOSTNAME_PATTERN [ ":" <port> ]`
+
+   Match all hostnames that match the pattern HOSTNAME_PATTERN.
+
+   Examples:
+     "foobar.com", "\*foobar.com", "\*.foobar.com", "\*foobar.com:99",
+     "https://x.\*.y.com:99"
+
+* `"." HOSTNAME_SUFFIX_PATTERN [ ":" PORT ]`
+
+   Match a particular domain suffix.
+
+   Examples:
+     ".google.com", ".com", "http://.google.com"
+
+* `[ SCHEME "://" ] IP_LITERAL [ ":" PORT ]`
+
+   Match URLs which are IP address literals.
+
+   Examples:
+     "127.0.1", "\[0:0::1]", "\[::1]", "http://\[::1]:99"
+
+* `IP_LITERAL "/" PREFIX_LENGTH_IN_BITS`
+
+   Match any URL that is to an IP literal that falls between the
+   given range. IP range is specified using CIDR notation.
+
+   Examples:
+     "192.168.1.1/16", "fefe:13::abc/33".
+
+* `<local>`
+
+   Match local addresses. The meaning of `<local>` is whether the
+   host matches one of: "127.0.0.1", "::1", "localhost".

docs/api/structures/trace-config.md

@@ -19,7 +19,7 @@
   include in the trace. If not specified, trace all processes.
 * `histogram_names` string[] (optional) - a list of [histogram][] names to report
   with the trace.
-* `memory_dump_config` Record<string, any> (optional) - if the
+* `memory_dump_config` Record\<string, any\> (optional) - if the
   `disabled-by-default-memory-infra` category is enabled, this contains
   optional additional configuration for data collection. See the [Chromium
   memory-infra docs][memory-infra docs] for more information.

docs/api/system-preferences.md

@@ -36,7 +36,7 @@ Returns `boolean` - Whether the Swipe between pages setting is on.
 ### `systemPreferences.postNotification(event, userInfo[, deliverImmediately])` _macOS_
 
 * `event` string
-* `userInfo` Record<string, any>
+* `userInfo` Record\<string, any\>
 * `deliverImmediately` boolean (optional) - `true` to post notifications immediately even when the subscribing app is inactive.
 
 Posts `event` as native notifications of macOS. The `userInfo` is an Object
@@ -45,7 +45,7 @@ that contains the user information dictionary sent along with the notification.
 ### `systemPreferences.postLocalNotification(event, userInfo)` _macOS_
 
 * `event` string
-* `userInfo` Record<string, any>
+* `userInfo` Record\<string, any\>
 
 Posts `event` as native notifications of macOS. The `userInfo` is an Object
 that contains the user information dictionary sent along with the notification.
@@ -53,7 +53,7 @@ that contains the user information dictionary sent along with the notification.
 ### `systemPreferences.postWorkspaceNotification(event, userInfo)` _macOS_
 
 * `event` string
-* `userInfo` Record<string, any>
+* `userInfo` Record\<string, any\>
 
 Posts `event` as native notifications of macOS. The `userInfo` is an Object
 that contains the user information dictionary sent along with the notification.
@@ -63,7 +63,7 @@ that contains the user information dictionary sent along with the notification.
 * `event` string | null
 * `callback` Function
   * `event` string
-  * `userInfo` Record<string, unknown>
+  * `userInfo` Record\<string, unknown\>
   * `object` string
 
 Returns `number` - The ID of this subscription
@@ -92,7 +92,7 @@ If `event` is null, the `NSDistributedNotificationCenter` doesn’t use it as cr
 * `event` string | null
 * `callback` Function
   * `event` string
-  * `userInfo` Record<string, unknown>
+  * `userInfo` Record\<string, unknown\>
   * `object` string
 
 Returns `number` - The ID of this subscription
@@ -107,7 +107,7 @@ If `event` is null, the `NSNotificationCenter` doesn’t use it as criteria for
 * `event` string | null
 * `callback` Function
   * `event` string
-  * `userInfo` Record<string, unknown>
+  * `userInfo` Record\<string, unknown\>
   * `object` string
 
 Returns `number` - The ID of this subscription
@@ -137,7 +137,7 @@ Same as `unsubscribeNotification`, but removes the subscriber from `NSWorkspace.
 
 ### `systemPreferences.registerDefaults(defaults)` _macOS_
 
-* `defaults` Record<string, string | boolean | number> - a dictionary of (`key: value`) user defaults
+* `defaults` Record\<string, string | boolean | number\> - a dictionary of (`key: value`) user defaults
 
 Add the specified defaults to your application's `NSUserDefaults`.
 

docs/api/tray.md

@@ -60,7 +60,7 @@ app.whenReady().then(() => {
 
 **MacOS**
 
-* Icons passed to the Tray constructor should be [Template Images](native-image.md#template-image).
+* Icons passed to the Tray constructor should be [Template Images](native-image.md#template-image-macos).
 * To make sure your icon isn't grainy on retina monitors, be sure your `@2x` image is 144dpi.
 * If you are bundling your application (e.g., with webpack for development), be sure that the file names are not being mangled or hashed. The filename needs to end in Template, and the `@2x` image needs to have the same filename as the standard image, or MacOS will not magically invert your image's colors or use the high density image.
 * 16x16 (72dpi) and 32x32@2x (144dpi) work well for most icons.

docs/api/utility-process.md

@@ -21,12 +21,11 @@ Process: [Main](../glossary.md#main-process)<br />
     of the child process. Default is `inherit`.
     String value can be one of `pipe`, `ignore`, `inherit`, for more details on these values you can refer to
     [stdio][] documentation from Node.js. Currently this option only supports configuring `stdout` and
-    `stderr` to either `pipe`, `inherit` or `ignore`. Configuring `stdin` is not supported; `stdin` will
-    always be ignored.
+    `stderr` to either `pipe`, `inherit` or `ignore`. Configuring `stdin` to any property other than `ignore` is not supported and will result in an error.
     For example, the supported values will be processed as following:
-    * `pipe`: equivalent to \['ignore', 'pipe', 'pipe'] (the default)
+    * `pipe`: equivalent to \['ignore', 'pipe', 'pipe']
     * `ignore`: equivalent to \['ignore', 'ignore', 'ignore']
-    * `inherit`: equivalent to \['ignore', 'inherit', 'inherit']
+    * `inherit`: equivalent to \['ignore', 'inherit', 'inherit'] (the default)
   * `serviceName` string (optional) - Name of the process that will appear in `name` property of
     [`ProcessMetric`](structures/process-metric.md) returned by [`app.getAppMetrics`](app.md#appgetappmetrics)
     and [`child-process-gone` event of `app`](app.md#event-child-process-gone).

docs/api/view.md

@@ -48,6 +48,9 @@ Objects created with `new View` have the following instance methods:
 * `index` Integer (optional) - Index at which to insert the child view.
   Defaults to adding the child at the end of the child list.
 
+If the same View is added to a parent which already contains it, it will be reordered such that
+it becomes the topmost view.
+
 #### `view.removeChildView(view)`
 
 * `view` View - Child view to remove.

docs/api/web-contents.md

@@ -237,7 +237,7 @@ See [`window.open()`](window-open.md) for more details and how to use this in co
 
 Returns:
 
-* `details` Event<>
+* `details` Event\<\>
   * `url` string - The URL the frame is navigating to.
   * `isSameDocument` boolean - This event does not fire for same document navigations using window.history api and reference fragment navigations.
     This property is always set to `false` for this event.
@@ -270,7 +270,7 @@ Calling `event.preventDefault()` will prevent the navigation.
 
 Returns:
 
-* `details` Event<>
+* `details` Event\<\>
   * `url` string - The URL the frame is navigating to.
   * `isSameDocument` boolean - This event does not fire for same document navigations using window.history api and reference fragment navigations.
     This property is always set to `false` for this event.
@@ -300,7 +300,7 @@ Calling `event.preventDefault()` will prevent the navigation.
 
 Returns:
 
-* `details` Event<>
+* `details` Event\<\>
   * `url` string - The URL the frame is navigating to.
   * `isSameDocument` boolean - Whether the navigation happened without changing
     document. Examples of same document navigations are reference fragment
@@ -324,7 +324,7 @@ Emitted when any frame (including main) starts navigating.
 
 Returns:
 
-* `details` Event<>
+* `details` Event\<\>
   * `url` string - The URL the frame is navigating to.
   * `isSameDocument` boolean - Whether the navigation happened without changing
     document. Examples of same document navigations are reference fragment
@@ -355,7 +355,7 @@ redirect).
 
 Returns:
 
-* `details` Event<>
+* `details` Event\<\>
   * `url` string - The URL the frame is navigating to.
   * `isSameDocument` boolean - Whether the navigation happened without changing
     document. Examples of same document navigations are reference fragment
@@ -582,6 +582,15 @@ Returns:
 
 Emitted when a link is clicked in DevTools or 'Open in new tab' is selected for a link in its context menu.
 
+#### Event: 'devtools-search-query'
+
+Returns:
+
+* `event` Event
+* `query` string - text to query for.
+
+Emitted when 'Search' is selected for text in its context menu.
+
 #### Event: 'devtools-opened'
 
 Emitted when DevTools is opened.
@@ -674,7 +683,7 @@ Emitted when media is paused or done playing.
 
 Returns:
 
-* `event` Event<>
+* `event` Event\<\>
   * `audible` boolean - True if one or more frames or child `webContents` are emitting audio.
 
 Emitted when media becomes audible or inaudible.
@@ -778,9 +787,6 @@ Returns:
     `input-text`, `input-time`, `input-url`, `input-week`, `output`, `reset-button`,
     `select-list`, `select-list`, `select-multiple`, `select-one`, `submit-button`,
     and `text-area`,
-  * `inputFieldType` string _Deprecated_ - If the context menu was invoked on an
-    input field, the type of that field. Possible values include `none`,
-    `plainText`, `password`, `other`.
   * `spellcheckEnabled` boolean - If the context is editable, whether or not spellchecking is enabled.
   * `menuSourceType` string - Input source that invoked the context menu.
     Can be `none`, `mouse`, `keyboard`, `touch`, `touchMenu`, `longPress`, `longTap`, `touchHandle`, `stylus`, `adjustSelection`, or `adjustSelectionReset`.
@@ -894,7 +900,7 @@ Returns:
 * `webPreferences` [WebPreferences](structures/web-preferences.md) - The web preferences that will be used by the guest
   page. This object can be modified to adjust the preferences for the guest
   page.
-* `params` Record<string, string> - The other `<webview>` parameters such as the `src` URL.
+* `params` Record\<string, string\> - The other `<webview>` parameters such as the `src` URL.
   This object can be modified to adjust the parameters of the guest page.
 
 Emitted when a `<webview>`'s web contents is being attached to this web
@@ -1014,7 +1020,7 @@ win.webContents.loadURL('https://github.com', options)
 
 * `filePath` string
 * `options` Object (optional)
-  * `query` Record<string, string> (optional) - Passed to `url.format()`.
+  * `query` Record\<string, string\> (optional) - Passed to `url.format()`.
   * `search` string (optional) - Passed to `url.format()`.
   * `hash` string (optional) - Passed to `url.format()`.
 
@@ -1045,7 +1051,7 @@ win.loadFile('src/index.html')
 
 * `url` string
 * `options` Object (optional)
-  * `headers` Record<string, string> (optional) - HTTP request headers.
+  * `headers` Record\<string, string\> (optional) - HTTP request headers.
 
 Initiates a download of the resource at `url` without navigating. The
 `will-download` event of `session` will be triggered.
@@ -1282,7 +1288,7 @@ Ignore application menu shortcuts while this web contents is focused.
 
 #### `contents.setWindowOpenHandler(handler)`
 
-* `handler` Function<{action: 'deny'} | {action: 'allow', outlivesOpener?: boolean, overrideBrowserWindowOptions?: BrowserWindowConstructorOptions}>
+* `handler` Function\<\{action: 'deny'\} | \{action: 'allow', outlivesOpener?: boolean, overrideBrowserWindowOptions?: BrowserWindowConstructorOptions\}\>
   * `details` Object
     * `url` string - The _resolved_ version of the URL passed to `window.open()`. e.g. opening a window with `window.open('foo')` will yield something like `https://the-origin/the/current/path/foo`.
     * `frameName` string - Name of the window provided in `window.open()`
@@ -1560,7 +1566,7 @@ Returns `Promise<PrinterInfo[]>` - Resolves with a [`PrinterInfo[]`](structures/
     * `from` number - Index of the first page to print (0-based).
     * `to` number - Index of the last page to print (inclusive) (0-based).
   * `duplexMode` string (optional) - Set the duplex mode of the printed web page. Can be `simplex`, `shortEdge`, or `longEdge`.
-  * `dpi` Record<string, number> (optional)
+  * `dpi` Record\<string, number\> (optional)
     * `horizontal` number (optional) - The horizontal dpi.
     * `vertical` number (optional) - The vertical dpi.
   * `header` string (optional) - string to be printed as page header.
@@ -1614,6 +1620,7 @@ win.webContents.print(options, (success, errorType) => {
   * `footerTemplate` string (optional) - HTML template for the print footer. Should use the same format as the `headerTemplate`.
   * `preferCSSPageSize` boolean (optional) - Whether or not to prefer page size as defined by css. Defaults to false, in which case the content will be scaled to fit the paper size.
   * `generateTaggedPDF` boolean (optional) _Experimental_ - Whether or not to generate a tagged (accessible) PDF. Defaults to false. As this property is experimental, the generated PDF may not adhere fully to PDF/UA and WCAG standards.
+  * `generateDocumentOutline` boolean (optional) _Experimental_ - Whether or not to generate a PDF document outline from content headers. Defaults to false.
 
 Returns `Promise<Buffer>` - Resolves with the generated PDF data.
 
@@ -1624,24 +1631,26 @@ The `landscape` will be ignored if `@page` CSS at-rule is used in the web page.
 An example of `webContents.printToPDF`:
 
 ```js
-const { BrowserWindow } = require('electron')
+const { app, BrowserWindow } = require('electron')
 const fs = require('node:fs')
 const path = require('node:path')
 const os = require('node:os')
 
-const win = new BrowserWindow()
-win.loadURL('https://github.com')
+app.whenReady().then(() => {
+  const win = new BrowserWindow()
+  win.loadURL('https://github.com')
 
-win.webContents.on('did-finish-load', () => {
-  // Use default printing options
-  const pdfPath = path.join(os.homedir(), 'Desktop', 'temp.pdf')
-  win.webContents.printToPDF({}).then(data => {
-    fs.writeFile(pdfPath, data, (error) => {
-      if (error) throw error
-      console.log(`Wrote PDF successfully to ${pdfPath}`)
+  win.webContents.on('did-finish-load', () => {
+    // Use default printing options
+    const pdfPath = path.join(os.homedir(), 'Desktop', 'temp.pdf')
+    win.webContents.printToPDF({}).then(data => {
+      fs.writeFile(pdfPath, data, (error) => {
+        if (error) throw error
+        console.log(`Wrote PDF successfully to ${pdfPath}`)
+      })
+    }).catch(error => {
+      console.log(`Failed to write PDF to ${pdfPath}: `, error)
     })
-  }).catch(error => {
-    console.log(`Failed to write PDF to ${pdfPath}: `, error)
   })
 })
 ```
@@ -2197,6 +2206,10 @@ A `Integer` representing the unique ID of this WebContents. Each ID is unique am
 
 A [`Session`](session.md) used by this webContents.
 
+#### `contents.navigationHistory` _Readonly_
+
+A [`NavigationHistory`](navigation-history.md) used by this webContents.
+
 #### `contents.hostWebContents` _Readonly_
 
 A [`WebContents`](web-contents.md) instance that might own this `WebContents`.

docs/api/web-request.md

@@ -99,11 +99,11 @@ Some examples of valid `urls`:
     * `referrer` string
     * `timestamp` Double
     * `uploadData` [UploadData[]](structures/upload-data.md) (optional)
-    * `requestHeaders` Record<string, string>
+    * `requestHeaders` Record\<string, string\>
   * `callback` Function
     * `beforeSendResponse` Object
       * `cancel` boolean (optional)
-      * `requestHeaders` Record<string, string | string[]> (optional) - When provided, request will be made
+      * `requestHeaders` Record\<string, string | string[]\> (optional) - When provided, request will be made
   with these headers.
 
 The `listener` will be called with `listener(details, callback)` before sending
@@ -126,7 +126,7 @@ The `callback` has to be called with a `response` object.
     * `resourceType` string - Can be `mainFrame`, `subFrame`, `stylesheet`, `script`, `image`, `font`, `object`, `xhr`, `ping`, `cspReport`, `media`, `webSocket` or `other`.
     * `referrer` string
     * `timestamp` Double
-    * `requestHeaders` Record<string, string>
+    * `requestHeaders` Record\<string, string\>
 
 The `listener` will be called with `listener(details)` just before a request is
 going to be sent to the server, modifications of previous `onBeforeSendHeaders`
@@ -148,11 +148,11 @@ response are visible by the time this listener is fired.
     * `timestamp` Double
     * `statusLine` string
     * `statusCode` Integer
-    * `responseHeaders` Record<string, string[]> (optional)
+    * `responseHeaders` Record\<string, string[]\> (optional)
   * `callback` Function
     * `headersReceivedResponse` Object
       * `cancel` boolean (optional)
-      * `responseHeaders` Record<string, string | string[]> (optional) - When provided, the server is assumed
+      * `responseHeaders` Record\<string, string | string[]\> (optional) - When provided, the server is assumed
         to have responded with these headers.
       * `statusLine` string (optional) - Should be provided when overriding
         `responseHeaders` to change header status otherwise original response
@@ -177,7 +177,7 @@ The `callback` has to be called with a `response` object.
     * `resourceType` string - Can be `mainFrame`, `subFrame`, `stylesheet`, `script`, `image`, `font`, `object`, `xhr`, `ping`, `cspReport`, `media`, `webSocket` or `other`.
     * `referrer` string
     * `timestamp` Double
-    * `responseHeaders` Record<string, string[]> (optional)
+    * `responseHeaders` Record\<string, string[]\> (optional)
     * `fromCache` boolean - Indicates whether the response was fetched from disk
       cache.
     * `statusCode` Integer
@@ -207,7 +207,7 @@ and response headers are available.
     * `ip` string (optional) - The server IP address that the request was
       actually sent to.
     * `fromCache` boolean
-    * `responseHeaders` Record<string, string[]> (optional)
+    * `responseHeaders` Record\<string, string[]\> (optional)
 
 The `listener` will be called with `listener(details)` when a server initiated
 redirect is about to occur.
@@ -226,7 +226,7 @@ redirect is about to occur.
     * `resourceType` string - Can be `mainFrame`, `subFrame`, `stylesheet`, `script`, `image`, `font`, `object`, `xhr`, `ping`, `cspReport`, `media`, `webSocket` or `other`.
     * `referrer` string
     * `timestamp` Double
-    * `responseHeaders` Record<string, string[]> (optional)
+    * `responseHeaders` Record\<string, string[]\> (optional)
     * `fromCache` boolean
     * `statusCode` Integer
     * `statusLine` string

docs/api/webview-tag.md

@@ -221,7 +221,9 @@ windows. Popups are disabled by default.
 ```
 
 A `string` which is a comma separated list of strings which specifies the web preferences to be set on the webview.
-The full list of supported preference strings can be found in [BrowserWindow](browser-window.md#new-browserwindowoptions).
+The full list of supported preference strings can be found in [BrowserWindow](browser-window.md#new-browserwindowoptions). In addition, webview supports the following preferences:
+
+* `transparent` boolean (optional) - Whether to enable background transparency for the guest page. Default is `true`. **Note:** The guest page's text and background colors are derived from the [color scheme](https://developer.mozilla.org/en-US/docs/Web/CSS/color-scheme) of its root element. When transparency is enabled, the text color will still change accordingly but the background will remain transparent.
 
 The string follows the same format as the features string in `window.open`.
 A name by itself is given a `true` boolean value.
@@ -285,7 +287,7 @@ e.g. the `http://` or `file://`.
 
 * `url` string
 * `options` Object (optional)
-  * `headers` Record<string, string> (optional) - HTTP request headers.
+  * `headers` Record\<string, string\> (optional) - HTTP request headers.
 
 Initiates a download of the resource at `url` without navigating.
 
@@ -578,7 +580,7 @@ Stops any `findInPage` request for the `webview` with the provided `action`.
     * `from` number - Index of the first page to print (0-based).
     * `to` number - Index of the last page to print (inclusive) (0-based).
   * `duplexMode` string (optional) - Set the duplex mode of the printed web page. Can be `simplex`, `shortEdge`, or `longEdge`.
-  * `dpi` Record<string, number> (optional)
+  * `dpi` Record\<string, number\> (optional)
     * `horizontal` number (optional) - The horizontal dpi.
     * `vertical` number (optional) - The vertical dpi.
   * `header` string (optional) - string to be printed as page header.
@@ -609,6 +611,7 @@ Prints `webview`'s web page. Same as `webContents.print([options])`.
   * `footerTemplate` string (optional) - HTML template for the print footer. Should use the same format as the `headerTemplate`.
   * `preferCSSPageSize` boolean (optional) - Whether or not to prefer page size as defined by css. Defaults to false, in which case the content will be scaled to fit the paper size.
   * `generateTaggedPDF` boolean (optional) _Experimental_ - Whether or not to generate a tagged (accessible) PDF. Defaults to false. As this property is experimental, the generated PDF may not adhere fully to PDF/UA and WCAG standards.
+  * `generateDocumentOutline` boolean (optional) _Experimental_ - Whether or not to generate a PDF document outline from content headers. Defaults to false.
 
 Returns `Promise<Uint8Array>` - Resolves with the generated PDF data.
 
@@ -1045,6 +1048,15 @@ Returns:
 
 Emitted when a link is clicked in DevTools or 'Open in new tab' is selected for a link in its context menu.
 
+#### Event: 'devtools-search-query'
+
+Returns:
+
+* `event` Event
+* `query` string - text to query for.
+
+Emitted when 'Search' is selected for text in its context menu.
+
 ### Event: 'devtools-opened'
 
 Emitted when DevTools is opened.
@@ -1108,9 +1120,6 @@ Returns:
     `input-text`, `input-time`, `input-url`, `input-week`, `output`, `reset-button`,
     `select-list`, `select-list`, `select-multiple`, `select-one`, `submit-button`,
     and `text-area`,
-  * `inputFieldType` string _Deprecated_ - If the context menu was invoked on an
-    input field, the type of that field. Possible values include `none`,
-    `plainText`, `password`, `other`.
   * `spellcheckEnabled` boolean - If the context is editable, whether or not spellchecking is enabled.
   * `menuSourceType` string - Input source that invoked the context menu.
     Can be `none`, `mouse`, `keyboard`, `touch`, `touchMenu`, `longPress`, `longTap`, `touchHandle`, `stylus`, `adjustSelection`, or `adjustSelectionReset`.

docs/breaking-changes.md

@@ -26,14 +26,36 @@ more information.
 
 This switch was never formally documented but it's removal is being noted here regardless. Chromium itself now has better support for color spaces so this flag should not be needed.
 
+### Behavior Changed: `BrowserView.setAutoResize` behavior on macOS
+
+In Electron 30, BrowserView is now a wrapper around the new [WebContentsView](api/web-contents-view.md) API.
+
+Previously, the `setAutoResize` function of the `BrowserView` API was backed by [autoresizing](https://developer.apple.com/documentation/appkit/nsview/1483281-autoresizingmask?language=objc) on macOS, and by a custom algorithm on Windows and Linux.
+For simple use cases such as making a BrowserView fill the entire window, the behavior of these two approaches was identical.
+However, in more advanced cases, BrowserViews would be autoresized differently on macOS than they would be on other platforms, as the custom resizing algorithm for Windows and Linux did not perfectly match the behavior of macOS's autoresizing API.
+The autoresizing behavior is now standardized across all platforms.
+
+If your app uses `BrowserView.setAutoResize` to do anything more complex than making a BrowserView fill the entire window, it's likely you already had custom logic in place to handle this difference in behavior on macOS.
+If so, that logic will no longer be needed in Electron 30 as autoresizing behavior is consistent.
+
+### Removed: `params.inputFormType` property on `context-menu` on `WebContents`
+
+The `inputFormType` property of the params object in the `context-menu`
+event from `WebContents` has been removed. Use the new `formControlType`
+property instead.
+
+### Removed: `process.getIOCounters()`
+
+Chromium has removed access to this information.
+
 ## Planned Breaking API Changes (29.0)
 
 ### Behavior Changed: `ipcRenderer` can no longer be sent over the `contextBridge`
 
-Attempting to send `ipcRenderer` as an object over the `contextBridge` will now result in
+Attempting to send the entire `ipcRenderer` module as an object over the `contextBridge` will now result in
 an empty object on the receiving side of the bridge. This change was made to remove / mitigate
-a security footgun, you should not directly expose ipcRenderer or it's methods over the bridge.
-Instead provide a safe wrapper like below:
+a security footgun. You should not directly expose ipcRenderer or its methods over the bridge.
+Instead, provide a safe wrapper like below:
 
 ```js
 contextBridge.exposeInMainWorld('app', {
@@ -82,18 +104,6 @@ app.on('gpu-process-crashed', (event, killed) => { /* ... */ })
 app.on('child-process-gone', (event, details) => { /* ... */ })
 ```
 
-### Behavior Changed: `BrowserView.setAutoResize` behavior on macOS
-
-In Electron 29, BrowserView is now a wrapper around the new [WebContentsView](api/web-contents-view.md) API.
-
-Previously, the `setAutoResize` function of the `BrowserView` API was backed by [autoresizing](https://developer.apple.com/documentation/appkit/nsview/1483281-autoresizingmask?language=objc) on macOS, and by a custom algorithm on Windows and Linux.
-For simple use cases such as making a BrowserView fill the entire window, the behavior of these two approaches was identical.
-However, in more advanced cases, BrowserViews would be autoresized differently on macOS than they would be on other platforms, as the custom resizing algorithm for Windows and Linux did not perfectly match the behavior of macOS's autoresizing API.
-The autoresizing behavior is now standardized across all platforms.
-
-If your app uses `BrowserView.setAutoResize` to do anything more complex than making a BrowserView fill the entire window, it's likely you already had custom logic in place to handle this difference in behavior on macOS.
-If so, that logic will no longer be needed in Electron 29 as autoresizing behavior is consistent.
-
 ## Planned Breaking API Changes (28.0)
 
 ### Behavior Changed: `WebContents.backgroundThrottling` set to false affects all `WebContents` in the host `BrowserWindow`
@@ -1676,7 +1686,7 @@ folder
 └── file3
 ```
 
-In Electron <=6, this would return a `FileList` with a `File` object for:
+In Electron &lt;=6, this would return a `FileList` with a `File` object for:
 
 ```console
 path/to/folder

docs/development/build-instructions-gn.md

@@ -110,22 +110,51 @@ $ export CHROMIUM_BUILDTOOLS_PATH=`pwd`/buildtools
 On Windows:
 
 ```sh
+# cmd
 $ cd src
 $ set CHROMIUM_BUILDTOOLS_PATH=%cd%\buildtools
+
+# PowerShell
+$ cd src
+$ $env:CHROMIUM_BUILDTOOLS_PATH = "$(Get-Location)\buildtools"
 ```
 
 **To generate Testing build config of Electron:**
 
+On Linux & MacOS
+
 ```sh
 $ gn gen out/Testing --args="import(\"//electron/build/args/testing.gn\")"
 ```
 
+On Windows:
+
+```sh
+# cmd
+$ gn gen out/Testing --args="import(\"//electron/build/args/testing.gn\")"
+
+# PowerShell
+gn gen out/Testing --args="import(\`"//electron/build/args/testing.gn\`")"
+```
+
 **To generate Release build config of Electron:**
 
+On Linux & MacOS
+
 ```sh
 $ gn gen out/Release --args="import(\"//electron/build/args/release.gn\")"
 ```
 
+On Windows:
+
+```sh
+# cmd
+$ gn gen out/Release --args="import(\"//electron/build/args/release.gn\")"
+
+# PowerShell
+$ gn gen out/Release --args="import(\`"//electron/build/args/release.gn\`")"
+```
+
 **Note:** This will generate a `out/Testing` or `out/Release` build directory under `src/` with the testing or release build depending upon the configuration passed above. You can replace `Testing|Release` with another names, but it should be a subdirectory of `out`.
 
 Also you shouldn't have to run `gn gen` again—if you want to change the build arguments, you can run `gn args out/Testing` to bring up an editor. To see the list of available build configuration options, run `gn args out/Testing --list`.

docs/development/debugging-with-symbol-server.md

@@ -15,7 +15,7 @@ calls, and other compiler optimizations. The only workaround is to build an
 unoptimized local build.
 
 The official symbol server URL for Electron is
-<https://symbols.electronjs.org>.
+[https://symbols.electronjs.org](https://symbols.electronjs.org).
 You cannot visit this URL directly, you must add it to the symbol path of your
 debugging tool. In the examples below, a local cache directory is used to avoid
 repeatedly fetching the PDB from the server. Replace `c:\code\symbols` with an

docs/development/goma.md

@@ -3,54 +3,4 @@
 > Goma is a distributed compiler service for open-source projects such as
 > Chromium and Android.
 
-Electron has a deployment of a custom Goma Backend that we make available to
-all Electron Maintainers.  See the [Access](#access) section below for details
-on authentication.  There is also a `cache-only` Goma endpoint that will be
-used by default if you do not have credentials.  Requests to the cache-only
-Goma will not hit our cluster, but will read from our cache and should result
-in significantly faster build times.
-
-## Enabling Goma
-
-Currently the only supported way to use Goma is to use our [Build Tools](https://github.com/electron/build-tools).
-Goma configuration is automatically included when you set up `build-tools`.
-
-If you are a maintainer and have access to our cluster, please ensure that you run
-`e init` with `--goma=cluster` in order to configure `build-tools` to use
-the Goma cluster.  If you have an existing config, you can just set `"goma": "cluster"`
-in your config file.
-
-## Building with Goma
-
-When you are using Goma you can run `ninja` with a substantially higher `j`
-value than would normally be supported by your machine.
-
-Please do not set a value higher than **200**. We monitor Goma system usage, and users
-found to be abusing it with unreasonable concurrency will be de-activated.
-
-```bash
-ninja -C out/Testing electron -j 200
-```
-
-If you're using `build-tools`, appropriate `-j` values will automatically be used for you.
-
-## Monitoring Goma
-
-If you access [http://localhost:8088](http://localhost:8088) on your local
-machine you can monitor compile jobs as they flow through the goma system.
-
-## Access
-
-For security and cost reasons, access to Electron's Goma cluster is currently restricted
-to Electron Maintainers.  If you want access please head to `#access-requests` in
-Slack and ping `@goma-squad` to ask for access.  Please be aware that being a
-maintainer does not _automatically_ grant access and access is determined on a
-case by case basis.
-
-## Uptime / Support
-
-We have automated monitoring of our Goma cluster and cache at https://status.notgoma.com
-
-We do not provide support for usage of Goma and any issues raised asking for help / having
-issues will _probably_ be closed without much reason, we do not have the capacity to handle
-that kind of support.
+Electron's deployment of Goma is deprecated and we are gradually shifting all usage to the [reclient](reclient.md) system. At some point in 2024 the Goma backend will be shutdown.

docs/development/reclient.md

@@ -0,0 +1,46 @@
+# Reclient
+
+> Reclient integrates with an existing build system to enable remote execution and caching of build actions.
+
+Electron has a deployment of a [reclient](https://github.com/bazelbuild/reclient)
+compatible RBE Backend that is available to all Electron Maintainers.
+See the [Access](#access) section below for details on authentication. Non-maintainers
+will not have access to the cluster, but can sign in to receive a `Cache Only` token
+that gives access to the cache-only CAS backend. Using this should result in
+significantly faster build times .
+
+## Enabling Reclient
+
+Currently the only supported way to use Reclient is to use our [Build Tools](https://github.com/electron/build-tools).
+Reclient configuration is automatically included when you set up `build-tools`.
+
+If you have an existing config, you can just set `"reclient": "remote_exec"`
+in your config file.
+
+## Building with Reclient
+
+When you are using Reclient, you can run `autoninja` with a substantially higher `j`
+value than would normally be supported by your machine.
+
+Please do not set a value higher than **200**. The RBE system is monitored.
+Users found to be abusing it with unreasonable concurrency will be deactivated.
+
+```bash
+autoninja -C out/Testing electron -j 200
+```
+
+If you're using `build-tools`, appropriate `-j` values will automatically be used for you.
+
+## Access
+
+For security and cost reasons, access to Electron's RBE backend is currently restricted
+to Electron Maintainers.  If you want access, please head to `#access-requests` in
+Slack and ping `@infra-wg` to ask for it.  Please be aware that being a
+maintainer does not _automatically_ grant access. Access is determined on a
+case-by-case basis.
+
+## Support
+
+We do not provide support for usage of Reclient. Issues raised asking for help / having
+issues will _probably_ be closed without much reason. We do not have the capacity to handle
+that kind of support.

docs/fiddles/menus/customize-menus/main.js

@@ -102,7 +102,7 @@ const template = [
         })(),
         click: (item, focusedWindow) => {
           if (focusedWindow) {
-            focusedWindow.toggleDevTools()
+            focusedWindow.webContents.toggleDevTools()
           }
         }
       },

docs/tutorial/asar-integrity.md

@@ -5,40 +5,50 @@ slug: asar-integrity
 hide_title: false
 ---
 
-## Platform Support
+ASAR integrity is an experimental feature that validates the contents of your app's
+[ASAR archives](./asar-archives.md) at runtime.
 
-Currently ASAR integrity checking is only supported on macOS.
+## Version support
 
-## Requirements
+Currently, ASAR integrity checking is supported on:
 
-### Electron Forge / Electron Packager
+* macOS as of `electron>=16.0.0`
+* Windows as of `electron>=30.0.0`
 
-If you are using `>= @electron/packager`, `>= electron-packager@15.4.0` or `>= @electron-forge/core@6.0.0-beta.61` then all these requirements are met for you automatically and you can skip to [Toggling the Fuse](#toggling-the-fuse).
+In order to enable ASAR integrity checking, you also need to ensure that your `app.asar` file
+was generated by a version of the `@electron/asar` npm package that supports ASAR integrity.
 
-### Other build systems
+Support was introduced in `asar@3.1.0`. Note that this package has since migrated over to `@electron/asar`.
+All versions of `@electron/asar` support ASAR integrity.
 
-In order to enable ASAR integrity checking you need to ensure that your `app.asar` file was generated by a version of the `asar` npm package that supports asar integrity.  Support was introduced in version `3.1.0`.
+## How it works
 
-Your must then populate a valid `ElectronAsarIntegrity` dictionary block in your packaged apps `Info.plist`.  An example is included below.
+Each ASAR archive contains a JSON string header. The header format includes an `integrity` object
+that contain a hex encoded hash of the entire archive as well as an array of hex encoded hashes for each
+block of `blockSize` bytes.
 
-```plist
-<key>ElectronAsarIntegrity</key>
-<dict>
-  <key>Resources/app.asar</key>
-  <dict>
-    <key>algorithm</key>
-    <string>SHA256</string>
-    <key>hash</key>
-    <string>9d1f61ea03c4bb62b4416387a521101b81151da0cfbe18c9f8c8b818c5cebfac</string>
-  </dict>
-</dict>
+```json
+{
+  "algorithm": "SHA256",
+  "hash": "...",
+  "blockSize": 1024,
+  "blocks": ["...", "..."]
+}
 ```
 
-Valid `algorithm` values are currently `SHA256` only.  The `hash` is a hash of the ASAR header using the given algorithm.  The `asar` package exposes a `getRawHeader` method whose result can then be hashed to generate this value.
+Separately, you need to define a hex encoded hash of the entire ASAR header when packaging your Electron app.
 
-## Toggling the Fuse
+When ASAR integrity is enabled, your Electron app will verify the header hash of the ASAR archive on runtime.
+If no hash is present or if there is a mismatch in the hashes, the app will forcefully terminate.
 
-ASAR integrity checking is currently disabled by default and can be enabled by toggling a fuse. See [Electron Fuses](fuses.md) for more information on what Electron Fuses are and how they work.  When enabling this fuse you typically also want to enable the `onlyLoadAppFromAsar` fuse otherwise the validity checking can be bypassed via the Electron app code search path.
+## Enabling ASAR integrity in the binary
+
+ASAR integrity checking is currently disabled by default in Electron and can
+be enabled on build time by toggling the `EnableEmbeddedAsarIntegrityValidation`
+[Electron fuse](fuses.md).
+
+When enabling this fuse, you typically also want to enable the `onlyLoadAppFromAsar` fuse.
+Otherwise, the validity checking can be bypassed via the Electron app code search path.
 
 ```js @ts-nocheck
 const { flipFuses, FuseVersion, FuseV1Options } = require('@electron/fuses')
@@ -53,3 +63,71 @@ flipFuses(
   }
 )
 ```
+
+:::tip Fuses in Electron Forge
+
+With Electron Forge, you can configure your app's fuses with
+[@electron-forge/plugin-fuses](https://www.electronforge.io/config/plugins/fuses)
+in your Forge configuration file.
+
+:::
+
+## Providing the header hash
+
+ASAR integrity validates the contents of the ASAR archive against the header hash that you provide
+on package time. The process of providing this packaged hash is different for macOS and Windows.
+
+### Using Electron tooling
+
+Electron Forge and Electron Packager do this setup automatically for you with no additional
+configuration. The minimum required versions for ASAR integrity are:
+
+* `@electron/packager@18.3.1`
+* `@electron/forge@7.4.0`
+
+### Using other build systems
+
+#### macOS
+
+When packaging for macOS, you must populate a valid `ElectronAsarIntegrity` dictionary block
+in your packaged app's `Info.plist`. An example is included below.
+
+```xml title='Info.plist'
+<key>ElectronAsarIntegrity</key>
+<dict>
+  <key>Resources/app.asar</key>
+  <dict>
+    <key>algorithm</key>
+    <string>SHA256</string>
+    <key>hash</key>
+    <string>9d1f61ea03c4bb62b4416387a521101b81151da0cfbe18c9f8c8b818c5cebfac</string>
+  </dict>
+</dict>
+```
+
+Valid `algorithm` values are currently `SHA256` only. The `hash` is a hash of the ASAR header using the given algorithm.
+The `@electron/asar` package exposes a `getRawHeader` method whose result can then be hashed to generate this value
+(e.g. using the [`node:crypto`](https://nodejs.org/api/crypto.html) module).
+
+### Windows
+
+When packaging for Windows, you must populate a valid [resource](https://learn.microsoft.com/en-us/windows/win32/menurc/resources)
+entry of type `Integrity` and name `ElectronAsar`. The value of this resource should be a JSON encoded dictionary
+in the form included below:
+
+```json
+[
+  {
+    "file": "resources\\app.asar",
+    "alg": "sha256",
+    "value": "9d1f61ea03c4bb62b4416387a521101b81151da0cfbe18c9f8c8b818c5cebfac"
+  }
+]
+```
+
+::: info
+
+For an implementation example, see [`src/resedit.ts`](https://github.com/electron/packager/blob/main/src/resedit.ts)
+in the Electron Packager code.
+
+:::

docs/tutorial/automated-testing.md

@@ -196,32 +196,19 @@ support via Electron's support for the [Chrome DevTools Protocol][] (CDP).
 
 ### Install dependencies
 
-You can install Playwright through your preferred Node.js package manager. The Playwright team
-recommends using the `PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD` environment variable to avoid
-unnecessary browser downloads when testing an Electron app.
-
-```sh npm2yarn
-PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD=1 npm install --save-dev playwright
-```
-
-Playwright also comes with its own test runner, Playwright Test, which is built for end-to-end
-testing. You can also install it as a dev dependency in your project:
+You can install Playwright through your preferred Node.js package manager. It comes with its
+own [test runner][playwright-intro], which is built for end-to-end testing:
 
 ```sh npm2yarn
 npm install --save-dev @playwright/test
 ```
 
 :::caution Dependencies
-This tutorial was written `playwright@1.16.3` and `@playwright/test@1.16.3`. Check out
+This tutorial was written with `@playwright/test@1.41.1`. Check out
 [Playwright's releases][playwright-releases] page to learn about
 changes that might affect the code below.
 :::
 
-:::info Using third-party test runners
-If you're interested in using an alternative test runner (e.g. Jest or Mocha), check out
-Playwright's [Third-Party Test Runner][playwright-test-runners] guide.
-:::
-
 ### Write your tests
 
 Playwright launches your app in development mode through the `_electron.launch` API.
@@ -229,8 +216,7 @@ To point this API to your Electron app, you can pass the path to your main proce
 entry point (here, it is `main.js`).
 
 ```js {5} @ts-nocheck
-const { _electron: electron } = require('playwright')
-const { test } = require('@playwright/test')
+const { test, _electron: electron } = require('@playwright/test')
 
 test('launch app', async () => {
   const electronApp = await electron.launch({ args: ['main.js'] })
@@ -242,9 +228,8 @@ test('launch app', async () => {
 After that, you will access to an instance of Playwright's `ElectronApp` class. This
 is a powerful class that has access to main process modules for example:
 
-```js {6-11} @ts-nocheck
-const { _electron: electron } = require('playwright')
-const { test } = require('@playwright/test')
+```js {5-10} @ts-nocheck
+const { test, _electron: electron } = require('@playwright/test')
 
 test('get isPackaged', async () => {
   const electronApp = await electron.launch({ args: ['main.js'] })
@@ -263,8 +248,7 @@ It can also create individual [Page][playwright-page] objects from Electron Brow
 For example, to grab the first BrowserWindow and save a screenshot:
 
 ```js {6-7} @ts-nocheck
-const { _electron: electron } = require('playwright')
-const { test } = require('@playwright/test')
+const { test, _electron: electron } = require('@playwright/test')
 
 test('save screenshot', async () => {
   const electronApp = await electron.launch({ args: ['main.js'] })
@@ -275,12 +259,11 @@ test('save screenshot', async () => {
 })
 ```
 
-Putting all this together using the PlayWright Test runner, let's create a `example.spec.js`
+Putting all this together using the Playwright test-runner, let's create a `example.spec.js`
 test file with a single test and assertion:
 
 ```js title='example.spec.js' @ts-nocheck
-const { _electron: electron } = require('playwright')
-const { test, expect } = require('@playwright/test')
+const { test, expect, _electron: electron } = require('@playwright/test')
 
 test('example test', async () => {
   const electronApp = await electron.launch({ args: ['.'] })
@@ -316,6 +299,7 @@ Running 1 test using 1 worker
 :::info
 Playwright Test will automatically run any files matching the `.*(test|spec)\.(js|ts|mjs)` regex.
 You can customize this match in the [Playwright Test configuration options][playwright-test-config].
+It also works with TypeScript out of the box.
 :::
 
 :::tip Further reading
@@ -473,10 +457,10 @@ test.after.always('cleanup', async t => {
 
 [chrome-driver]: https://sites.google.com/chromium.org/driver/
 [Puppeteer]: https://github.com/puppeteer/puppeteer
+[playwright-intro]: https://playwright.dev/docs/intro
 [playwright-electron]: https://playwright.dev/docs/api/class-electron/
 [playwright-electronapplication]: https://playwright.dev/docs/api/class-electronapplication
 [playwright-page]: https://playwright.dev/docs/api/class-page
-[playwright-releases]: https://github.com/microsoft/playwright/releases
+[playwright-releases]: https://playwright.dev/docs/release-notes
 [playwright-test-config]: https://playwright.dev/docs/api/class-testconfig#test-config-test-match
-[playwright-test-runners]: https://playwright.dev/docs/test-runners/
 [Chrome DevTools Protocol]: https://chromedevtools.github.io/devtools-protocol/

docs/tutorial/code-signing.md

@@ -5,34 +5,25 @@ slug: code-signing
 hide_title: false
 ---
 
-Code signing is a security technology that you use to certify that an app was
-created by you. You should sign your application so it does not trigger any
-operating system security checks.
+Code signing is a security technology to certify that an app was created by you.
+You should sign your application so it does not trigger any operating system
+security warnings.
 
-On macOS, the system can detect any change to the app, whether the change is
-introduced accidentally or by malicious code.
+![macOS Sonoma Gatekeeper warning: The app is damaged](../images/gatekeeper.png)
 
-On Windows, the system assigns a trust level to your code signing certificate
-which if you don't have, or if your trust level is low, will cause security
-dialogs to appear when users start using your application. Trust level builds
-over time so it's better to start code signing as early as possible.
-
-While it is possible to distribute unsigned apps, it is not recommended. Both
-Windows and macOS will, by default, prevent either the download or the execution
-of unsigned applications. Starting with macOS Catalina (version 10.15), users
-have to go through multiple manual steps to open unsigned applications.
-
-![macOS Catalina Gatekeeper warning: The app cannot be opened because the developer cannot be verified](../images/gatekeeper.png)
-
-As you can see, users get two options: Move the app straight to the trash or
-cancel running it. You don't want your users to see that dialog.
+Both Windows and macOS prevent users from running unsigned applications. It is
+possible to distribute applications without codesigning them - but in order to
+run them, users need to go through multiple advanced and manual steps to run
+them.
 
 If you are building an Electron app that you intend to package and distribute,
-it should be code signed.
+it should be code signed. The Electron ecosystem tooling makes codesigning your
+apps straightforward - this documentation explains how sign your apps on both
+Windows and macOS.
 
 ## Signing & notarizing macOS builds
 
-Properly preparing macOS applications for release requires two steps. First, the
+Preparing macOS applications for release requires two steps: First, the
 app needs to be code signed. Then, the app needs to be uploaded to Apple for a
 process called **notarization**, where automated systems will further verify that
 your app isn't doing anything to endanger its users.
@@ -65,7 +56,9 @@ are likely using [`@electron/packager`][], which includes [`@electron/osx-sign`]
 [`@electron/notarize`][].
 
 If you're using Packager's API, you can pass [in configuration that both signs
-and notarizes your application](https://electron.github.io/packager/main/interfaces/electronpackager.options.html).
+and notarizes your application](https://electron.github.io/packager/main/modules.html).
+If the example below does not meet your needs, please see [`@electron/osx-sign`][] and
+[`@electron/notarize`][] for the many possible configuration options.
 
 ```js @ts-nocheck
 const packager = require('@electron/packager')
@@ -86,35 +79,81 @@ See the [Mac App Store Guide][].
 
 ## Signing Windows builds
 
-Before signing Windows builds, you must do the following:
+Before you can code sign your application, you need to acquire a code signing
+certificate. Unlike Apple, Microsoft allows developers to purchase those
+certificates on the open market. They are usually sold by the same companies
+also offering HTTPS certificates. Prices vary, so it may be worth your time to
+shop around. Popular resellers include:
 
-1. Get a Windows Authenticode code signing certificate (requires an annual fee)
-2. Install Visual Studio to get the signing utility (the free [Community
-   Edition](https://visualstudio.microsoft.com/vs/community/) is enough)
+- [Certum EV code signing certificate](https://shop.certum.eu/data-safety/code-signing-certificates/certum-ev-code-sigining.html)
+- [DigiCert EV code signing certificate](https://www.digicert.com/signing/code-signing-certificates)
+- [Entrust EV code signing certificate](https://www.entrustdatacard.com/products/digital-signing-certificates/code-signing-certificates)
+- [GlobalSign EV code signing certificate](https://www.globalsign.com/en/code-signing-certificate/ev-code-signing-certificates)
+- [IdenTrust EV code signing certificate](https://www.identrust.com/digital-certificates/trustid-ev-code-signing)
+- [Sectigo (formerly Comodo) EV code signing certificate](https://sectigo.com/ssl-certificates-tls/code-signing)
+- [SSL.com EV code signing certificate](https://www.ssl.com/certificates/ev-code-signing/)
 
-You can get a code signing certificate from a lot of resellers. Prices vary, so
-it may be worth your time to shop around. Popular resellers include:
+It is important to call out that since June 2023, Microsoft requires software to
+be signed with an "extended validation" certificate, also called an "EV code signing
+certificate". In the past, developers could sign software with a simpler and cheaper
+certificate called "authenticode code signing certificate" or "software-based OV certificate".
+These simpler certificates no longer provide benefits: Windows will treat your app as
+completely unsigned and display the equivalent warning dialogs.
 
-- [digicert](https://www.digicert.com/dc/code-signing/microsoft-authenticode.htm)
-- [Sectigo](https://sectigo.com/ssl-certificates-tls/code-signing)
-- Amongst others, please shop around to find one that suits your needs! 😄
+The new EV certificates are required to be stored on a hardware storage module
+compliant with FIPS 140 Level 2, Common Criteria EAL 4+ or equivalent. In other words,
+the certificate cannot be simply downloaded onto a CI infrastructure. In practice,
+those storage modules look like fancy USB thumb drives.
 
-:::caution Keep your certificate password private
-Your certificate password should be a **secret**. Do not share it publicly or
-commit it to your source code.
-:::
+Many certificate providers now offer "cloud-based signing" - the entire signing hardware
+is in their data center and you can use it to remotely sign code. This approach is
+popular with Electron maintainers since it makes signing your applications in CI (like
+GitHub Actions, CircleCI, etc) relatively easy.
+
+At the time of writing, Electron's own apps use [DigiCert KeyLocker](https://docs.digicert.com/en/digicert-keylocker.html), but any provider that provides a command line tool for
+signing files will be compatible with Electron's tooling.
+
+All tools in the Electron ecosystem use [`@electron/windows-sign`][] and typically
+expose configuration options through a `windowsSign` property. You can either use it
+to sign files directly - or use the same `windowsSign` configuration across Electron
+Forge, [`@electron/packager`][], [`electron-winstaller`][], and [`electron-wix-msi`][].
 
 ### Using Electron Forge
 
-Electron Forge is the recommended way to sign your `Squirrel.Windows` and `WiX MSI` installers. Detailed instructions on how to configure your application can be found in the [Electron Forge Code Signing Tutorial](https://www.electronforge.io/guides/code-signing/code-signing-macos).
+Electron Forge is the recommended way to sign your app as well as your `Squirrel.Windows`
+and `WiX MSI` installers. Detailed instructions on how to configure your application can
+be found in the [Electron Forge Code Signing Tutorial](https://www.electronforge.io/guides/code-signing/code-signing-windows).
+
+### Using Electron Packager
+
+If you're not using an integrated build pipeline like Forge, you
+are likely using [`@electron/packager`][], which includes [`@electron/windows-sign`][].
+
+If you're using Packager's API, you can pass [in configuration that signs
+your application](https://electron.github.io/packager/main/modules.html). If the
+example below does not meet your needs, please see [`@electron/windows-sign`][]
+for the many possible configuration options.
+
+```js @ts-nocheck
+const packager = require('@electron/packager')
+
+packager({
+  dir: '/path/to/my/app',
+  windowsSign: {
+    signWithParams: '--my=custom --parameters',
+    // If signtool.exe does not work for you, customize!
+    signToolPath: 'C:\\Path\\To\\my-custom-tool.exe'
+  }
+})
+```
 
 ### Using electron-winstaller (Squirrel.Windows)
 
 [`electron-winstaller`][] is a package that can generate Squirrel.Windows installers for your
 Electron app. This is the tool used under the hood by Electron Forge's
-[Squirrel.Windows Maker][maker-squirrel]. If you're not using Electron Forge and want to use
-`electron-winstaller` directly, use the `certificateFile` and `certificatePassword` configuration
-options when creating your installer.
+[Squirrel.Windows Maker][maker-squirrel]. Just like `@electron/packager`, it uses
+[`@electron/windows-sign`][] under the hood and supports the same `windowsSign`
+options.
 
 ```js {10-11} @ts-nocheck
 const electronInstaller = require('electron-winstaller')
@@ -126,8 +165,11 @@ try {
     outputDirectory: '/tmp/build/installer64',
     authors: 'My App Inc.',
     exe: 'myapp.exe',
-    certificateFile: './cert.pfx',
-    certificatePassword: 'this-is-a-secret'
+    windowsSign: {
+      signWithParams: '--my=custom --parameters',
+      // If signtool.exe does not work for you, customize!
+      signToolPath: 'C:\\Path\\To\\my-custom-tool.exe'
+    }
   })
   console.log('It worked!')
 } catch (e) {
@@ -141,10 +183,8 @@ For full configuration options, check out the [`electron-winstaller`][] reposito
 
 [`electron-wix-msi`][] is a package that can generate MSI installers for your
 Electron app. This is the tool used under the hood by Electron Forge's [MSI Maker][maker-msi].
-
-If you're not using Electron Forge and want to use `electron-wix-msi` directly, use the
-`certificateFile` and `certificatePassword` configuration options
-or pass in parameters directly to [SignTool.exe][] with the `signWithParams` option.
+Just like `@electron/packager`, it uses [`@electron/windows-sign`][] under the hood
+and supports the same `windowsSign` options.
 
 ```js {12-13} @ts-nocheck
 import { MSICreator } from 'electron-wix-msi'
@@ -158,8 +198,11 @@ const msiCreator = new MSICreator({
   manufacturer: 'Kitten Technologies',
   version: '1.1.2',
   outputDirectory: '/path/to/output/folder',
-  certificateFile: './cert.pfx',
-  certificatePassword: 'this-is-a-secret'
+  windowsSign: {
+    signWithParams: '--my=custom --parameters',
+    // If signtool.exe does not work for you, customize!
+    signToolPath: 'C:\\Path\\To\\my-custom-tool.exe'
+  }
 })
 
 // Step 2: Create a .wxs template file
@@ -192,6 +235,7 @@ See the [Windows Store Guide][].
 [`@electron/osx-sign`]: https://github.com/electron/osx-sign
 [`@electron/packager`]: https://github.com/electron/packager
 [`@electron/notarize`]: https://github.com/electron/notarize
+[`@electron/windows-sign`]: https://github.com/electron/windows-sign
 [`electron-winstaller`]: https://github.com/electron/windows-installer
 [`electron-wix-msi`]: https://github.com/electron-userland/electron-wix-msi
 [xcode]: https://developer.apple.com/xcode
@@ -200,4 +244,3 @@ See the [Windows Store Guide][].
 [windows store guide]: ./windows-store-guide.md
 [maker-squirrel]: https://www.electronforge.io/config/makers/squirrel.windows
 [maker-msi]: https://www.electronforge.io/config/makers/wix-msi
-[signtool.exe]: https://learn.microsoft.com/en-us/dotnet/framework/tools/signtool-exe

docs/tutorial/debugging-main-process.md

@@ -14,10 +14,10 @@ process:
 
 Electron will listen for V8 inspector protocol messages on the specified `port`,
 an external debugger will need to connect on this port. The default `port` is
-`5858`.
+`9229`.
 
 ```shell
-electron --inspect=5858 your/app
+electron --inspect=9229 your/app
 ```
 
 ### `--inspect-brk=[port]`

docs/tutorial/devices.md

@@ -33,7 +33,7 @@ clicked.
 ## WebHID API
 
 The [WebHID API](https://web.dev/hid/) can be used to access HID devices such
-as keyboards and gamepads.  Electron provides several APIs for working with
+as keyboards and gamepads. Electron provides several APIs for working with
 the WebHID API:
 
 * The [`select-hid-device` event on the Session](../api/session.md#event-select-hid-device)

docs/tutorial/electron-timelines.md

@@ -9,10 +9,12 @@ check out our [Electron Versioning](./electron-versioning.md) doc.
 
 | Electron | Alpha | Beta | Stable | EOL | Chrome | Node | Supported |
 | ------- | ----- | ------- | ------ | ------ | ---- | ---- | ---- |
-| 29.0.0 |  2023-Dec-07 | 2024-Jan-24 | 2024-Feb-20 | 2024-Aug-20 | M122 | v18.19 | ✅ |
+| 31.0.0 |  2024-Apr-18 | 2024-May-15 | 2024-Jun-11 | 2025-Jan-07 | M126 | TBD | ✅ |
+| 30.0.0 |  2024-Feb-22 | 2024-Mar-20 | 2024-Apr-16 | 2024-Oct-15 | M124 | v20.11 | ✅ |
+| 29.0.0 |  2023-Dec-07 | 2024-Jan-24 | 2024-Feb-20 | 2024-Aug-20 | M122 | v20.9 | ✅ |
 | 28.0.0 |  2023-Oct-11 | 2023-Nov-06 | 2023-Dec-05 | 2024-Jun-11 | M120 | v18.18 | ✅ |
-| 27.0.0 |  2023-Aug-17 | 2023-Sep-13 | 2023-Oct-10 | 2024-Apr-16 | M118 | v18.17 | ✅ |
-| 26.0.0 | 2023-Jun-01 | 2023-Jun-27 | 2023-Aug-15 | 2024-Feb-20 | M116 | v18.16 | ✅ |
+| 27.0.0 |  2023-Aug-17 | 2023-Sep-13 | 2023-Oct-10 | 2024-Apr-16 | M118 | v18.17 | 🚫 |
+| 26.0.0 | 2023-Jun-01 | 2023-Jun-27 | 2023-Aug-15 | 2024-Feb-20 | M116 | v18.16 | 🚫 |
 | 25.0.0 | 2023-Apr-10 | 2023-May-02 | 2023-May-30 | 2023-Dec-05 | M114 | v18.15 | 🚫 |
 | 24.0.0 | 2023-Feb-09 | 2023-Mar-07 | 2023-Apr-04 | 2023-Oct-10 | M112 | v18.14 | 🚫 |
 | 23.0.0 | 2022-Dec-01 | 2023-Jan-10 | 2023-Feb-07 | 2023-Aug-15 | M110 | v18.12 | 🚫 |

docs/tutorial/esm.md

@@ -78,7 +78,8 @@ JavaScript transpilers (e.g. Babel, TypeScript) have historically supported ES M
 syntax before Node.js supported ESM imports by turning these calls to CommonJS
 `require` calls.
 
-<details><summary>Example: @babel/plugin-transform-modules-commonjs</summary>
+<details>
+<summary>Example: @babel/plugin-transform-modules-commonjs</summary>
 
 The `@babel/plugin-transform-modules-commonjs` plugin will transform
 ESM imports down to `require` calls. The exact syntax will depend on the

docs/tutorial/fuses.md

@@ -15,7 +15,7 @@ Fuses are the solution to this problem, at a high level they are "magic bits" in
 **Default:** Enabled
 **@electron/fuses:** `FuseV1Options.RunAsNode`
 
-The runAsNode fuse toggles whether the `ELECTRON_RUN_AS_NODE` environment variable is respected or not.  Please note that if this fuse is disabled then `process.fork` in the main process will not function as expected as it depends on this environment variable to function.
+The runAsNode fuse toggles whether the `ELECTRON_RUN_AS_NODE` environment variable is respected or not.  Please note that if this fuse is disabled then `process.fork` in the main process will not function as expected as it depends on this environment variable to function. Instead, we recommend that you use [Utility Processes](../api/utility-process.md), which work for many use cases where you need a standalone Node.js process (like a Sqlite server process or similar scenarios).
 
 ### `cookieEncryption`
 
@@ -29,7 +29,7 @@ The cookieEncryption fuse toggles whether the cookie store on disk is encrypted
 **Default:** Enabled
 **@electron/fuses:** `FuseV1Options.EnableNodeOptionsEnvironmentVariable`
 
-The nodeOptions fuse toggles whether the [`NODE_OPTIONS`](https://nodejs.org/api/cli.html#node_optionsoptions) environment variable is respected or not.  This environment variable can be used to pass all kinds of custom options to the Node.js runtime and isn't typically used by apps in production.  Most apps can safely disable this fuse.
+The nodeOptions fuse toggles whether the [`NODE_OPTIONS`](https://nodejs.org/api/cli.html#node_optionsoptions)  and [`NODE_EXTRA_CA_CERTS`](https://github.com/nodejs/node/blob/main/doc/api/cli.md#node_extra_ca_certsfile) environment variables are respected.  The `NODE_OPTIONS` environment variable can be used to pass all kinds of custom options to the Node.js runtime and isn't typically used by apps in production.  Most apps can safely disable this fuse.
 
 ### `nodeCliInspect`
 

docs/tutorial/in-app-purchases.md

@@ -107,7 +107,7 @@ if (!inAppPurchase.canMakePayments()) {
 inAppPurchase.getProducts(PRODUCT_IDS).then(products => {
   // Check the parameters.
   if (!Array.isArray(products) || products.length <= 0) {
-    console.log('Unable to retrieve the product informations.')
+    console.log('Unable to retrieve the product information.')
     return
   }
 

docs/tutorial/performance.md

@@ -24,7 +24,7 @@ careful to understand that the term "performance" means different things for
 a Node.js backend than it does for an application running on a client.
 
 This list is provided for your convenience – and is, much like our
-[security checklist][security] – not meant to exhaustive. It is probably possible
+[security checklist][security] – not meant to be exhaustive. It is probably possible
 to build a slow Electron app that follows all the steps outlined below. Electron
 is a powerful development platform that enables you, the developer, to do more
 or less whatever you want. All that freedom means that performance is largely
@@ -83,7 +83,7 @@ is not in fact the leanest or smallest one available.
 
 The reasoning behind this recommendation is best illustrated with a real-world
 example. During the early days of Electron, reliable detection of network
-connectivity was a problem, resulting many apps to use a module that exposed a
+connectivity was a problem, resulting in many apps using a module that exposed a
 simple `isOnline()` method.
 
 That module detected your network connectivity by attempting to reach out to a

docs/tutorial/process-model.md

@@ -83,7 +83,7 @@ terminated as well.
 
 The main process also controls your application's lifecycle through Electron's
 [`app`][app] module. This module provides a large set of events and methods
-that you can use to add custom application behaviour (for instance, programmatically
+that you can use to add custom application behavior (for instance, programmatically
 quitting your application, modifying the application dock, or showing an About panel).
 
 As a practical example, the app shown in the [quick start guide][quick-start-lifecycle]

docs/tutorial/quick-start.md

@@ -126,7 +126,7 @@ folder of your project:
 
 ```html
 <!DOCTYPE html>
-<html>
+<html lang="en">
   <head>
     <meta charset="UTF-8">
     <!-- https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP -->
@@ -420,9 +420,8 @@ window.addEventListener('DOMContentLoaded', () => {
 
 ```html
 <!--index.html-->
-
 <!DOCTYPE html>
-<html>
+<html lang="en">
   <head>
     <meta charset="UTF-8">
     <!-- https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP -->

docs/tutorial/sandbox.md

@@ -17,7 +17,7 @@ further configuration. If you want to disable the sandbox for a process, see the
 [Disabling the sandbox for a single process](#disabling-the-sandbox-for-a-single-process)
 section.
 
-## Sandbox behaviour in Electron
+## Sandbox behavior in Electron
 
 Sandboxed processes in Electron behave _mostly_ in the same way as Chromium's do, but
 Electron has a few additional concepts to consider because it interfaces with Node.js.

docs/tutorial/security.md

@@ -114,6 +114,8 @@ You should at least follow these steps to improve the security of your applicati
 15. [Do not use `shell.openExternal` with untrusted content](#15-do-not-use-shellopenexternal-with-untrusted-content)
 16. [Use a current version of Electron](#16-use-a-current-version-of-electron)
 17. [Validate the `sender` of all IPC messages](#17-validate-the-sender-of-all-ipc-messages)
+18. [Avoid usage of the `file://` protocol and prefer usage of custom protocols](#18-avoid-usage-of-the-file-protocol-and-prefer-usage-of-custom-protocols)
+19. [Check which fuses you can change](#19-check-which-fuses-you-can-change)
 
 To automate the detection of misconfigurations and insecure patterns, it is
 possible to use
@@ -780,6 +782,28 @@ set of files.
 Follow the [`protocol.handle`](../api/protocol.md#protocolhandlescheme-handler) examples to
 learn how to serve files / content from a custom protocol.
 
+### 19. Check which fuses you can change
+
+Electron ships with a number of options that can be useful but a large portion of
+applications probably don't need. In order to avoid having to build your own version of
+Electron, these can be turned off or on using [Fuses](./fuses.md).
+
+#### Why?
+
+Some fuses, like `runAsNode` and `nodeCliInspect`, allow the application to behave differently
+when run from the command line using specific environment variables or CLI arguments. These
+can be used to execute commands on the device through your application.
+
+This can let external scripts run commands that they potentially would not be allowed to, but
+that your application might have the rights for.
+
+#### How?
+
+We've made a module, [`@electron/fuses`](https://npmjs.com/package/@electron/fuses), to make
+flipping these fuses easy. Check out the README of that module for more details on usage and
+potential error cases, and refer to
+[How do I flip the fuses?](./fuses.md#how-do-i-flip-the-fuses) in our documentation.
+
 [breaking-changes]: ../breaking-changes.md
 [browser-window]: ../api/browser-window.md
 [webview-tag]: ../api/webview-tag.md

docs/tutorial/tutorial-1-prerequisites.md

@@ -121,7 +121,7 @@ need to install Node.js themselves as a prerequisite to running your app.
 
 To check which version of Node.js is running in your app, you can access the global
 [`process.versions`][] variable in the main process or preload script. You can also reference
-<https://releases.electronjs.org/releases.json>.
+[https://releases.electronjs.org/releases.json](https://releases.electronjs.org/releases.json).
 
 :::
 

docs/tutorial/tutorial-2-first-app.md

@@ -222,7 +222,8 @@ with CommonJS module syntax:
 - [app][app], which controls your application's event lifecycle.
 - [BrowserWindow][browser-window], which creates and manages app windows.
 
-<details><summary>Module capitalization conventions</summary>
+<details>
+<summary>Module capitalization conventions</summary>
 
 You might have noticed the capitalization difference between the **a**pp
 and **B**rowser**W**indow modules. Electron follows typical JavaScript conventions here,
@@ -231,10 +232,11 @@ Notification) whereas camelCase modules are not instantiable (e.g. app, ipcRende
 
 </details>
 
-<details><summary>Typed import aliases</summary>
+<details>
+<summary>Typed import aliases</summary>
 
 For better type checking when writing TypeScript code, you can choose to import
-main process modules from <code>electron/main</code>.
+main process modules from `electron/main`.
 
 ```js
 const { app, BrowserWindow } = require('electron/main')

docs/tutorial/tutorial-6-publishing-updating.md

@@ -152,7 +152,7 @@ command that can handle the version bumping and tagging for you.
 #### Bonus: Publishing in GitHub Actions
 
 Publishing locally can be painful, especially because you can only create distributables
-for your host operating system (i.e. you can't publish a Window `.exe` file from macOS).
+for your host operating system (i.e. you can't publish a Windows `.exe` file from macOS).
 
 A solution for this would be to publish your app via automation workflows
 such as [GitHub Actions][], which can run tasks in the

docs/tutorial/web-embeds.md

@@ -4,7 +4,7 @@
 
 If you want to embed (third-party) web content in an Electron `BrowserWindow`,
 there are three options available to you: `<iframe>` tags, `<webview>` tags,
-and `BrowserViews`. Each one offers slightly different functionality and is
+and `WebContentsView`. Each one offers slightly different functionality and is
 useful in different situations. To help you choose between these, this guide
 explains the differences and capabilities of each option.
 

electron_paks.gni

@@ -77,6 +77,7 @@ template("electron_extra_paks") {
       "//content:content_resources",
       "//content/browser/resources/gpu:resources",
       "//content/browser/resources/media:resources",
+      "//content/browser/resources/process:resources",
       "//content/browser/tracing:resources",
       "//content/browser/webrtc/resources",
       "//electron:resources",
@@ -96,6 +97,7 @@ template("electron_extra_paks") {
     # New paks should be added here by default.
     sources += [
       "$root_gen_dir/content/browser/devtools/devtools_resources.pak",
+      "$root_gen_dir/content/process_resources.pak",
       "$root_gen_dir/ui/resources/webui_resources.pak",
     ]
     deps += [ "//content/browser/devtools:devtools_resources" ]

filenames.auto.gni

@@ -34,6 +34,7 @@ auto_filenames = {
     "docs/api/message-port-main.md",
     "docs/api/native-image.md",
     "docs/api/native-theme.md",
+    "docs/api/navigation-history.md",
     "docs/api/net-log.md",
     "docs/api/net.md",
     "docs/api/notification.md",
@@ -88,10 +89,10 @@ auto_filenames = {
     "docs/api/structures/extension.md",
     "docs/api/structures/file-filter.md",
     "docs/api/structures/file-path-with-headers.md",
+    "docs/api/structures/filesystem-permission-request.md",
     "docs/api/structures/gpu-feature-status.md",
     "docs/api/structures/hid-device.md",
     "docs/api/structures/input-event.md",
-    "docs/api/structures/io-counters.md",
     "docs/api/structures/ipc-main-event.md",
     "docs/api/structures/ipc-main-invoke-event.md",
     "docs/api/structures/ipc-renderer-event.md",
@@ -99,6 +100,7 @@ auto_filenames = {
     "docs/api/structures/jump-list-item.md",
     "docs/api/structures/keyboard-event.md",
     "docs/api/structures/keyboard-input-event.md",
+    "docs/api/structures/media-access-permission-request.md",
     "docs/api/structures/memory-info.md",
     "docs/api/structures/memory-usage-details.md",
     "docs/api/structures/mime-typed-buffer.md",
@@ -106,7 +108,9 @@ auto_filenames = {
     "docs/api/structures/mouse-wheel-input-event.md",
     "docs/api/structures/notification-action.md",
     "docs/api/structures/notification-response.md",
+    "docs/api/structures/open-external-permission-request.md",
     "docs/api/structures/payment-discount.md",
+    "docs/api/structures/permission-request.md",
     "docs/api/structures/point.md",
     "docs/api/structures/post-body.md",
     "docs/api/structures/printer-info.md",
@@ -118,6 +122,7 @@ auto_filenames = {
     "docs/api/structures/protocol-request.md",
     "docs/api/structures/protocol-response-upload-data.md",
     "docs/api/structures/protocol-response.md",
+    "docs/api/structures/proxy-config.md",
     "docs/api/structures/rectangle.md",
     "docs/api/structures/referrer.md",
     "docs/api/structures/render-process-gone-details.md",
@@ -260,7 +265,6 @@ auto_filenames = {
     "lib/common/deprecate.ts",
     "lib/common/init.ts",
     "lib/common/ipc-messages.ts",
-    "lib/common/reset-search-paths.ts",
     "lib/common/web-view-methods.ts",
     "lib/common/webpack-globals-provider.ts",
     "package.json",
@@ -277,7 +281,6 @@ auto_filenames = {
     "lib/common/define-properties.ts",
     "lib/common/init.ts",
     "lib/common/ipc-messages.ts",
-    "lib/common/reset-search-paths.ts",
     "lib/common/web-view-methods.ts",
     "lib/common/webpack-provider.ts",
     "lib/renderer/api/clipboard.ts",
@@ -316,7 +319,6 @@ auto_filenames = {
     "lib/common/define-properties.ts",
     "lib/common/init.ts",
     "lib/common/ipc-messages.ts",
-    "lib/common/reset-search-paths.ts",
     "lib/common/webpack-provider.ts",
     "lib/renderer/api/clipboard.ts",
     "lib/renderer/api/context-bridge.ts",
@@ -336,10 +338,9 @@ auto_filenames = {
     "typings/internal-electron.d.ts",
   ]
 
-  asar_bundle_deps = [
-    "lib/asar/fs-wrapper.ts",
-    "lib/asar/init.ts",
-    "lib/common/webpack-provider.ts",
+  node_bundle_deps = [
+    "lib/node/asar-fs-wrapper.ts",
+    "lib/node/init.ts",
     "package.json",
     "tsconfig.electron.json",
     "tsconfig.json",
@@ -353,7 +354,6 @@ auto_filenames = {
     "lib/common/api/net-client-request.ts",
     "lib/common/define-properties.ts",
     "lib/common/init.ts",
-    "lib/common/reset-search-paths.ts",
     "lib/common/webpack-globals-provider.ts",
     "lib/utility/api/exports/electron.ts",
     "lib/utility/api/module-list.ts",

filenames.gni

@@ -34,7 +34,7 @@ filenames = {
     "shell/browser/notifications/linux/notification_presenter_linux.h",
     "shell/browser/relauncher_linux.cc",
     "shell/browser/ui/electron_desktop_window_tree_host_linux.cc",
-    "shell/browser/ui/file_dialog_gtk.cc",
+    "shell/browser/ui/file_dialog_linux.cc",
     "shell/browser/ui/gtk/menu_gtk.cc",
     "shell/browser/ui/gtk/menu_gtk.h",
     "shell/browser/ui/gtk/menu_util.cc",
@@ -383,9 +383,14 @@ filenames = {
     "shell/browser/extended_web_contents_observer.h",
     "shell/browser/feature_list.cc",
     "shell/browser/feature_list.h",
+    "shell/browser/feature_list_mac.mm",
     "shell/browser/file_select_helper.cc",
     "shell/browser/file_select_helper.h",
     "shell/browser/file_select_helper_mac.mm",
+    "shell/browser/file_system_access/file_system_access_permission_context.cc",
+    "shell/browser/file_system_access/file_system_access_permission_context.h",
+    "shell/browser/file_system_access/file_system_access_permission_context_factory.cc",
+    "shell/browser/file_system_access/file_system_access_permission_context_factory.h",
     "shell/browser/font_defaults.cc",
     "shell/browser/font_defaults.h",
     "shell/browser/hid/electron_hid_delegate.cc",
@@ -589,6 +594,8 @@ filenames = {
     "shell/common/gin_converters/hid_device_info_converter.h",
     "shell/common/gin_converters/image_converter.cc",
     "shell/common/gin_converters/image_converter.h",
+    "shell/common/gin_converters/login_item_settings_converter.cc",
+    "shell/common/gin_converters/login_item_settings_converter.h",
     "shell/common/gin_converters/media_converter.cc",
     "shell/common/gin_converters/media_converter.h",
     "shell/common/gin_converters/message_box_converter.cc",
@@ -656,7 +663,6 @@ filenames = {
     "shell/common/node_includes.h",
     "shell/common/node_util.cc",
     "shell/common/node_util.h",
-    "shell/common/node_util_mac.mm",
     "shell/common/options_switches.cc",
     "shell/common/options_switches.h",
     "shell/common/platform_util.cc",
@@ -760,6 +766,8 @@ filenames = {
     "shell/common/gin_converters/extension_converter.h",
     "shell/renderer/extensions/electron_extensions_dispatcher_delegate.cc",
     "shell/renderer/extensions/electron_extensions_dispatcher_delegate.h",
+    "shell/renderer/extensions/electron_extensions_renderer_api_provider.cc",
+    "shell/renderer/extensions/electron_extensions_renderer_api_provider.h",
     "shell/renderer/extensions/electron_extensions_renderer_client.cc",
     "shell/renderer/extensions/electron_extensions_renderer_client.h",
   ]

filenames.libcxx.gni

@@ -111,6 +111,7 @@ libcxx_headers = [
   "//third_party/libc++/src/include/__algorithm/ranges_binary_search.h",
   "//third_party/libc++/src/include/__algorithm/ranges_clamp.h",
   "//third_party/libc++/src/include/__algorithm/ranges_contains.h",
+  "//third_party/libc++/src/include/__algorithm/ranges_contains_subrange.h",
   "//third_party/libc++/src/include/__algorithm/ranges_copy.h",
   "//third_party/libc++/src/include/__algorithm/ranges_copy_backward.h",
   "//third_party/libc++/src/include/__algorithm/ranges_copy_if.h",
@@ -291,6 +292,8 @@ libcxx_headers = [
   "//third_party/libc++/src/include/__chrono/steady_clock.h",
   "//third_party/libc++/src/include/__chrono/system_clock.h",
   "//third_party/libc++/src/include/__chrono/time_point.h",
+  "//third_party/libc++/src/include/__chrono/time_zone.h",
+  "//third_party/libc++/src/include/__chrono/time_zone_link.h",
   "//third_party/libc++/src/include/__chrono/tzdb.h",
   "//third_party/libc++/src/include/__chrono/tzdb_list.h",
   "//third_party/libc++/src/include/__chrono/weekday.h",
@@ -428,9 +431,9 @@ libcxx_headers = [
   "//third_party/libc++/src/include/__functional/weak_result_type.h",
   "//third_party/libc++/src/include/__fwd/array.h",
   "//third_party/libc++/src/include/__fwd/bit_reference.h",
+  "//third_party/libc++/src/include/__fwd/complex.h",
   "//third_party/libc++/src/include/__fwd/fstream.h",
-  "//third_party/libc++/src/include/__fwd/get.h",
-  "//third_party/libc++/src/include/__fwd/hash.h",
+  "//third_party/libc++/src/include/__fwd/functional.h",
   "//third_party/libc++/src/include/__fwd/ios.h",
   "//third_party/libc++/src/include/__fwd/istream.h",
   "//third_party/libc++/src/include/__fwd/mdspan.h",
@@ -489,9 +492,17 @@ libcxx_headers = [
   "//third_party/libc++/src/include/__iterator/unreachable_sentinel.h",
   "//third_party/libc++/src/include/__iterator/wrap_iter.h",
   "//third_party/libc++/src/include/__locale",
+  "//third_party/libc++/src/include/__locale_dir/locale_base_api/android.h",
   "//third_party/libc++/src/include/__locale_dir/locale_base_api/bsd_locale_defaults.h",
   "//third_party/libc++/src/include/__locale_dir/locale_base_api/bsd_locale_fallbacks.h",
+  "//third_party/libc++/src/include/__locale_dir/locale_base_api/fuchsia.h",
+  "//third_party/libc++/src/include/__locale_dir/locale_base_api/ibm.h",
   "//third_party/libc++/src/include/__locale_dir/locale_base_api/locale_guard.h",
+  "//third_party/libc++/src/include/__locale_dir/locale_base_api/musl.h",
+  "//third_party/libc++/src/include/__locale_dir/locale_base_api/newlib.h",
+  "//third_party/libc++/src/include/__locale_dir/locale_base_api/openbsd.h",
+  "//third_party/libc++/src/include/__locale_dir/locale_base_api/win32.h",
+  "//third_party/libc++/src/include/__locale_dir/locale_base_api.h",
   "//third_party/libc++/src/include/__math/abs.h",
   "//third_party/libc++/src/include/__math/copysign.h",
   "//third_party/libc++/src/include/__math/error_functions.h",
@@ -571,6 +582,7 @@ libcxx_headers = [
   "//third_party/libc++/src/include/__numeric/pstl_reduce.h",
   "//third_party/libc++/src/include/__numeric/pstl_transform_reduce.h",
   "//third_party/libc++/src/include/__numeric/reduce.h",
+  "//third_party/libc++/src/include/__numeric/saturation_arithmetic.h",
   "//third_party/libc++/src/include/__numeric/transform_exclusive_scan.h",
   "//third_party/libc++/src/include/__numeric/transform_inclusive_scan.h",
   "//third_party/libc++/src/include/__numeric/transform_reduce.h",
@@ -667,16 +679,9 @@ libcxx_headers = [
   "//third_party/libc++/src/include/__string/char_traits.h",
   "//third_party/libc++/src/include/__string/constexpr_c_functions.h",
   "//third_party/libc++/src/include/__string/extern_template_lists.h",
-  "//third_party/libc++/src/include/__support/android/locale_bionic.h",
-  "//third_party/libc++/src/include/__support/fuchsia/xlocale.h",
   "//third_party/libc++/src/include/__support/ibm/gettod_zos.h",
   "//third_party/libc++/src/include/__support/ibm/locale_mgmt_zos.h",
   "//third_party/libc++/src/include/__support/ibm/nanosleep.h",
-  "//third_party/libc++/src/include/__support/ibm/xlocale.h",
-  "//third_party/libc++/src/include/__support/musl/xlocale.h",
-  "//third_party/libc++/src/include/__support/newlib/xlocale.h",
-  "//third_party/libc++/src/include/__support/openbsd/xlocale.h",
-  "//third_party/libc++/src/include/__support/win32/locale_win32.h",
   "//third_party/libc++/src/include/__support/xlocale/__nop_locale_mgmt.h",
   "//third_party/libc++/src/include/__support/xlocale/__posix_l_fallback.h",
   "//third_party/libc++/src/include/__support/xlocale/__strtonum_fallback.h",
@@ -689,10 +694,14 @@ libcxx_headers = [
   "//third_party/libc++/src/include/__thread/id.h",
   "//third_party/libc++/src/include/__thread/jthread.h",
   "//third_party/libc++/src/include/__thread/poll_with_backoff.h",
+  "//third_party/libc++/src/include/__thread/support/c11.h",
+  "//third_party/libc++/src/include/__thread/support/external.h",
+  "//third_party/libc++/src/include/__thread/support/pthread.h",
+  "//third_party/libc++/src/include/__thread/support/windows.h",
+  "//third_party/libc++/src/include/__thread/support.h",
   "//third_party/libc++/src/include/__thread/this_thread.h",
   "//third_party/libc++/src/include/__thread/thread.h",
   "//third_party/libc++/src/include/__thread/timed_backoff_policy.h",
-  "//third_party/libc++/src/include/__threading_support",
   "//third_party/libc++/src/include/__tree",
   "//third_party/libc++/src/include/__tuple/make_tuple_types.h",
   "//third_party/libc++/src/include/__tuple/pair_like.h",
@@ -805,6 +814,7 @@ libcxx_headers = [
   "//third_party/libc++/src/include/__type_traits/is_trivially_lexicographically_comparable.h",
   "//third_party/libc++/src/include/__type_traits/is_trivially_move_assignable.h",
   "//third_party/libc++/src/include/__type_traits/is_trivially_move_constructible.h",
+  "//third_party/libc++/src/include/__type_traits/is_trivially_relocatable.h",
   "//third_party/libc++/src/include/__type_traits/is_unbounded_array.h",
   "//third_party/libc++/src/include/__type_traits/is_union.h",
   "//third_party/libc++/src/include/__type_traits/is_unsigned.h",
@@ -915,7 +925,6 @@ libcxx_headers = [
   "//third_party/libc++/src/include/execution",
   "//third_party/libc++/src/include/expected",
   "//third_party/libc++/src/include/experimental/__config",
-  "//third_party/libc++/src/include/experimental/__memory",
   "//third_party/libc++/src/include/experimental/__simd/aligned_tag.h",
   "//third_party/libc++/src/include/experimental/__simd/declaration.h",
   "//third_party/libc++/src/include/experimental/__simd/reference.h",

lib/asar/init.ts

@@ -1,3 +0,0 @@
-import { wrapFsWithAsar } from './fs-wrapper';
-
-wrapFsWithAsar(require('fs'));

lib/browser/api/auto-updater/squirrel-update-win.ts

@@ -38,6 +38,8 @@ const spawnUpdate = async function (args: string[], options: { detached: boolean
     spawnedProcess.stderr.on('data', (data) => { stderr += data; });
 
     spawnedProcess.on('error', (error) => {
+      spawnedProcess = undefined;
+      spawnedArgs = [];
       reject(error);
     });
 

lib/browser/api/browser-view.ts

@@ -34,13 +34,17 @@ export default class BrowserView {
   }
 
   setAutoResize (options: AutoResizeOptions) {
-    if (options == null || typeof options !== 'object') { throw new Error('Invalid auto resize options'); }
+    if (options == null || typeof options !== 'object') {
+      throw new Error('Invalid auto resize options');
+    }
+
     this.#autoResizeFlags = {
       width: !!options.width,
       height: !!options.height,
       horizontal: !!options.horizontal,
       vertical: !!options.vertical
     };
+
     this.#autoHorizontalProportion = null;
     this.#autoVerticalProportion = null;
   }
@@ -71,7 +75,10 @@ export default class BrowserView {
   #autoHorizontalProportion: {width: number, left: number} | null = null;
   #autoVerticalProportion: {height: number, top: number} | null = null;
   #autoResize () {
-    if (!this.ownerWindow) throw new Error('Electron bug: #autoResize called without owner window');
+    if (!this.ownerWindow) {
+      throw new Error('Electron bug: #autoResize called without owner window');
+    };
+
     if (this.#autoResizeFlags.horizontal && this.#autoHorizontalProportion == null) {
       const viewBounds = this.#webContentsView.getBounds();
       this.#autoHorizontalProportion = {
@@ -79,6 +86,7 @@ export default class BrowserView {
         left: this.#lastWindowSize.width / viewBounds.x
       };
     }
+
     if (this.#autoResizeFlags.vertical && this.#autoVerticalProportion == null) {
       const viewBounds = this.#webContentsView.getBounds();
       this.#autoVerticalProportion = {
@@ -86,6 +94,7 @@ export default class BrowserView {
         top: this.#lastWindowSize.height / viewBounds.y
       };
     }
+
     const newBounds = this.ownerWindow.getBounds();
     let widthDelta = newBounds.width - this.#lastWindowSize.width;
     let heightDelta = newBounds.height - this.#lastWindowSize.height;
@@ -105,10 +114,12 @@ export default class BrowserView {
       newViewBounds.width = newBounds.width / this.#autoHorizontalProportion.width;
       newViewBounds.x = newBounds.width / this.#autoHorizontalProportion.left;
     }
+
     if (this.#autoVerticalProportion) {
       newViewBounds.height = newBounds.height / this.#autoVerticalProportion.height;
       newViewBounds.y = newBounds.y / this.#autoVerticalProportion.top;
     }
+
     if (this.#autoHorizontalProportion || this.#autoVerticalProportion) {
       this.#webContentsView.setBounds(newViewBounds);
     }

lib/browser/api/protocol.ts

@@ -18,7 +18,7 @@ function makeStreamFromPipe (pipe: any): ReadableStream {
       try {
         const rv = await pipe.read(buf);
         if (rv > 0) {
-          controller.enqueue(buf.subarray(0, rv));
+          controller.enqueue(buf.slice(0, rv));
         } else {
           controller.close();
         }
@@ -29,6 +29,21 @@ function makeStreamFromPipe (pipe: any): ReadableStream {
   });
 }
 
+function makeStreamFromFileInfo ({
+  filePath,
+  offset = 0,
+  length = -1
+}: {
+  filePath: string;
+  offset?: number;
+  length?: number;
+}): ReadableStream {
+  return Readable.toWeb(createReadStream(filePath, {
+    start: offset,
+    end: length >= 0 ? offset + length : undefined
+  }));
+}
+
 function convertToRequestBody (uploadData: ProtocolRequest['uploadData']): RequestInit['body'] {
   if (!uploadData) return null;
   // Optimization: skip creating a stream if the request is just a single buffer.
@@ -37,30 +52,42 @@ function convertToRequestBody (uploadData: ProtocolRequest['uploadData']): Reque
   const chunks = [...uploadData] as any[]; // TODO: types are wrong
   let current: ReadableStreamDefaultReader | null = null;
   return new ReadableStream({
-    pull (controller) {
+    async pull (controller) {
       if (current) {
-        current.read().then(({ done, value }) => {
+        const { done, value } = await current.read();
+        // (done => value === undefined) as per WHATWG spec
+        if (done) {
+          current = null;
+          return this.pull!(controller);
+        } else {
           controller.enqueue(value);
-          if (done) current = null;
-        }, (err) => {
-          controller.error(err);
-        });
+        }
       } else {
         if (!chunks.length) { return controller.close(); }
         const chunk = chunks.shift()!;
-        if (chunk.type === 'rawData') { controller.enqueue(chunk.bytes); } else if (chunk.type === 'file') {
-          current = Readable.toWeb(createReadStream(chunk.filePath, { start: chunk.offset ?? 0, end: chunk.length >= 0 ? chunk.offset + chunk.length : undefined })).getReader();
-          this.pull!(controller);
+        if (chunk.type === 'rawData') {
+          controller.enqueue(chunk.bytes);
+        } else if (chunk.type === 'file') {
+          current = makeStreamFromFileInfo(chunk).getReader();
+          return this.pull!(controller);
         } else if (chunk.type === 'stream') {
           current = makeStreamFromPipe(chunk.body).getReader();
-          this.pull!(controller);
+          return this.pull!(controller);
+        } else if (chunk.type === 'blob') {
+          // Note that even though `getBlobData()` is a `Session` API, it doesn't
+          // actually use the `Session` context. Its implementation solely relies
+          // on global variables which allows us to implement this feature without
+          // knowledge of the `Session` associated with the current request by
+          // always pulling `Blob` data out of the default `Session`.
+          controller.enqueue(await session.defaultSession.getBlobData(chunk.blobUUID));
+        } else {
+          throw new Error(`Unknown upload data chunk type: ${chunk.type}`);
         }
       }
     }
   }) as RequestInit['body'];
 }
 
-// TODO(codebytere): Use Object.hasOwn() once we update to ECMAScript 2022.
 function validateResponse (res: Response) {
   if (!res || typeof res !== 'object') return false;
 
@@ -85,8 +112,12 @@ Protocol.prototype.handle = function (this: Electron.Protocol, scheme: string, h
   const success = register.call(this, scheme, async (preq: ProtocolRequest, cb: any) => {
     try {
       const body = convertToRequestBody(preq.uploadData);
+      const headers = new Headers(preq.headers);
+      if (headers.get('origin') === 'null') {
+        headers.delete('origin');
+      }
       const req = new Request(preq.url, {
-        headers: preq.headers,
+        headers,
         method: preq.method,
         referrer: preq.referrer,
         body,

lib/browser/api/web-contents.ts

@@ -220,6 +220,16 @@ function parsePageSize (pageSize: string | ElectronInternal.PageSize) {
 let pendingPromise: Promise<any> | undefined;
 WebContents.prototype.printToPDF = async function (options) {
   const margins = checkType(options.margins ?? {}, 'object', 'margins');
+  const pageSize = parsePageSize(options.pageSize ?? 'letter');
+
+  const { top, bottom, left, right } = margins;
+  const validHeight = [top, bottom].every(u => u === undefined || u <= pageSize.paperHeight);
+  const validWidth = [left, right].every(u => u === undefined || u <= pageSize.paperWidth);
+
+  if (!validHeight || !validWidth) {
+    throw new Error('margins must be less than or equal to pageSize');
+  }
+
   const printSettings = {
     requestID: getNextId(),
     landscape: checkType(options.landscape ?? false, 'boolean', 'landscape'),
@@ -235,7 +245,8 @@ WebContents.prototype.printToPDF = async function (options) {
     pageRanges: checkType(options.pageRanges ?? '', 'string', 'pageRanges'),
     preferCSSPageSize: checkType(options.preferCSSPageSize ?? false, 'boolean', 'preferCSSPageSize'),
     generateTaggedPDF: checkType(options.generateTaggedPDF ?? false, 'boolean', 'generateTaggedPDF'),
-    ...parsePageSize(options.pageSize ?? 'letter')
+    generateDocumentOutline: checkType(options.generateDocumentOutline ?? false, 'boolean', 'generateDocumentOutline'),
+    ...pageSize
   };
 
   if (this._printToPDF) {
@@ -252,13 +263,11 @@ WebContents.prototype.printToPDF = async function (options) {
 
 // TODO(codebytere): deduplicate argument sanitization by moving rest of
 // print param logic into new file shared between printToPDF and print
-WebContents.prototype.print = function (options: ElectronInternal.WebContentsPrintOptions, callback) {
-  if (typeof options !== 'object') {
+WebContents.prototype.print = function (options: ElectronInternal.WebContentsPrintOptions = {}, callback) {
+  if (typeof options !== 'object' || options == null) {
     throw new TypeError('webContents.print(): Invalid print settings specified.');
   }
 
-  const printSettings: Record<string, any> = { ...options };
-
   const pageSize = options.pageSize ?? 'A4';
   if (typeof pageSize === 'object') {
     if (!pageSize.height || !pageSize.width) {
@@ -272,7 +281,7 @@ WebContents.prototype.print = function (options: ElectronInternal.WebContentsPri
       throw new RangeError('height and width properties must be minimum 352 microns.');
     }
 
-    printSettings.mediaSize = {
+    options.mediaSize = {
       name: 'CUSTOM',
       custom_display_name: 'Custom',
       height_microns: height,
@@ -284,7 +293,7 @@ WebContents.prototype.print = function (options: ElectronInternal.WebContentsPri
     };
   } else if (typeof pageSize === 'string' && PDFPageSizes[pageSize]) {
     const mediaSize = PDFPageSizes[pageSize];
-    printSettings.mediaSize = {
+    options.mediaSize = {
       ...mediaSize,
       imageable_area_left_microns: 0,
       imageable_area_bottom_microns: 0,
@@ -297,9 +306,9 @@ WebContents.prototype.print = function (options: ElectronInternal.WebContentsPri
 
   if (this._print) {
     if (callback) {
-      this._print(printSettings, callback);
+      this._print(options, callback);
     } else {
-      this._print(printSettings);
+      this._print(options);
     }
   } else {
     console.error('Error: Printing feature is disabled.');
@@ -333,24 +342,26 @@ WebContents.prototype.loadFile = function (filePath, options = {}) {
   }));
 };
 
+type LoadError = { errorCode: number, errorDescription: string, url: string };
+
 WebContents.prototype.loadURL = function (url, options) {
   const p = new Promise<void>((resolve, reject) => {
     const resolveAndCleanup = () => {
       removeListeners();
       resolve();
     };
-    const rejectAndCleanup = (errorCode: number, errorDescription: string, url: string) => {
+    let error: LoadError | undefined;
+    const rejectAndCleanup = ({ errorCode, errorDescription, url }: LoadError) => {
       const err = new Error(`${errorDescription} (${errorCode}) loading '${typeof url === 'string' ? url.substr(0, 2048) : url}'`);
       Object.assign(err, { errno: errorCode, code: errorDescription, url });
       removeListeners();
       reject(err);
     };
     const finishListener = () => {
-      resolveAndCleanup();
-    };
-    const failListener = (event: Electron.Event, errorCode: number, errorDescription: string, validatedURL: string, isMainFrame: boolean) => {
-      if (isMainFrame) {
-        rejectAndCleanup(errorCode, errorDescription, validatedURL);
+      if (error) {
+        rejectAndCleanup(error);
+      } else {
+        resolveAndCleanup();
       }
     };
 
@@ -368,12 +379,20 @@ WebContents.prototype.loadURL = function (url, options) {
           // considered navigation events but are triggered with isSameDocument.
           // We can ignore these to allow virtual routing on page load as long
           // as the routing does not leave the document
-          return rejectAndCleanup(-3, 'ERR_ABORTED', url);
+          return rejectAndCleanup({ errorCode: -3, errorDescription: 'ERR_ABORTED', url });
         }
         browserInitiatedInPageNavigation = navigationStarted && isSameDocument;
         navigationStarted = true;
       }
     };
+    const failListener = (event: Electron.Event, errorCode: number, errorDescription: string, validatedURL: string, isMainFrame: boolean) => {
+      if (!error && isMainFrame) {
+        error = { errorCode, errorDescription, url: validatedURL };
+      }
+      if (!navigationStarted && isMainFrame) {
+        finishListener();
+      }
+    };
     const stopLoadingListener = () => {
       // By the time we get here, either 'finish' or 'fail' should have fired
       // if the navigation occurred. However, in some situations (e.g. when
@@ -383,7 +402,10 @@ WebContents.prototype.loadURL = function (url, options) {
       // TODO(jeremy): enumerate all the cases in which this can happen. If
       // the only one is with a bad scheme, perhaps ERR_INVALID_ARGUMENT
       // would be more appropriate.
-      rejectAndCleanup(-2, 'ERR_FAILED', url);
+      if (!error) {
+        error = { errorCode: -2, errorDescription: 'ERR_FAILED', url: url };
+      }
+      finishListener();
     };
     const finishListenerWhenUserInitiatedNavigation = () => {
       if (!browserInitiatedInPageNavigation) {
@@ -509,6 +531,17 @@ WebContents.prototype._init = function () {
     enumerable: true
   });
 
+  // Add navigationHistory property which handles session history,
+  // maintaining a list of navigation entries for backward and forward navigation.
+  Object.defineProperty(this, 'navigationHistory', {
+    value: {
+      getActiveIndex: this._getActiveIndex.bind(this),
+      length: this._historyLength.bind(this),
+      getEntryAtIndex: this._getNavigationEntryAtIndex.bind(this)
+    },
+    writable: false
+  });
+
   // Dispatch IPC messages to the ipc module.
   this.on('-ipc-message' as any, function (this: Electron.WebContents, event: Electron.IpcMainEvent, internal: boolean, channel: string, args: any[]) {
     addSenderToEvent(event, this);

lib/browser/init.ts

@@ -3,6 +3,8 @@ import * as fs from 'fs';
 import * as path from 'path';
 
 import type * as defaultMenuModule from '@electron/internal/browser/default-menu';
+import type * as url from 'url';
+import type * as v8 from 'v8';
 
 const Module = require('module') as NodeJS.ModuleInternal;
 
@@ -10,9 +12,6 @@ const Module = require('module') as NodeJS.ModuleInternal;
 // we need to restore it here.
 process.argv.splice(1, 1);
 
-// Clear search paths.
-require('../common/reset-search-paths');
-
 // Import common settings.
 require('@electron/internal/common/init');
 
@@ -135,7 +134,7 @@ if (packageJson.desktopName != null) {
 // Set v8 flags, deliberately lazy load so that apps that do not use this
 // feature do not pay the price
 if (packageJson.v8Flags != null) {
-  require('v8').setFlagsFromString(packageJson.v8Flags);
+  (require('v8') as typeof v8).setFlagsFromString(packageJson.v8Flags);
 }
 
 app.setAppPath(packagePath);
@@ -202,7 +201,7 @@ if (packagePath) {
   // Finally load app's main.js and transfer control to C++.
   if ((packageJson.type === 'module' && !mainStartupScript.endsWith('.cjs')) || mainStartupScript.endsWith('.mjs')) {
     const { loadESM } = __non_webpack_require__('internal/process/esm_loader');
-    const main = require('url').pathToFileURL(path.join(packagePath, mainStartupScript));
+    const main = (require('url') as typeof url).pathToFileURL(path.join(packagePath, mainStartupScript));
     loadESM(async (esmLoader: any) => {
       try {
         await esmLoader.import(main.toString(), undefined, Object.create(null));