Renderers are now sandboxed by default unless nodeIntegration: true or sandbox: false is specified. #35125
Added safeguards when building native modules with nan. Use node-gyp >=8.4.0 and electron-rebuild >=3.2.9 for when rebuilding native modules. #35160
Features
Additions
Added a warning for building native modules with node-gyp and electron-rebuild, asking users to upgrade to >=8.4.0 for node-gyp and >=3.2.8 for electron-rebuild if using Electron 20 or higher. #35160
Added app.isHidden() to check if the app is hidden (e.g. with Command-H) on macOS. #32155
Fixed an issue where invalid print job settings would correctly call back Invalid print settings as the failure reason, but would then not terminate the print job, leading to an eventual crash on exit. #35141
Fixed an issue with fullscreen transitions when HTML fullscreen is requested. #34468
Fixed child about:blank windows from inheriting their parents' preload scripts when sandbox: false and nodeIntegrationInSubFrames: true. #34585
Fixed initialization race when registering partition allocator on macOS. #33832
Fixed native module compilation issues on arm. #35137
Fixed spontaneous crashing in native modules that depended on nan. #34851
Updated Windows Control Overlay buttons to look and feel more native on Windows 11. #34888
Also in earlier versions....
Added support for --ozone-platform-hint flag on Linux. #35014 (Also in 19)
Apply senderFrame details to ipcMain port event. #33756 (Also in 16, 17, 18, 19)
Ensures that requestMediaKeySystemAccess eventually resolves / rejects. #34891 (Also in 19)
Fixed webContents.getUserAgent() incorrectly returning an empty string unless previously set. #35131 (Also in 18, 19)
Fixed a Windows Control Overlay issue where a window taken directly from minimized to maximized state could have incorrect hover state. #35074 (Also in 19)
Fixed a crash in safeStorage on Linux. #33913 (Also in 15, 16, 17, 18, 19)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps electron from 16.2.8 to 20.0.0.
Release notes
Sourced from electron's releases.
... (truncated)
Commits
f20a51a
Bump v20.0.06c29ab1
fix: ensure native modules use the correct config (#35160)b61692d
fix: remove skip-taskbar feature on Linux. (#35156)0e6f172
fix: clean up callback handling inwebContents.print()
(#35141)aa99d73
chore: add electron deps to //src gitignore (#35146)f1c7562
docs: new main -> renderers messageChannel example (#35134)08aa578
feat: sandbox preloads by default (#35125)76450af
fix: ensure that v8 sandbox isnt enabled for arm (#35137)8ac0e2b
docs: update E21 release date (#35126)c61a14c
fix: empty result ofwebContents.getUserAgent()
(#35131)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)