Bump electron from 7.3.0 to 8.3.0

[dependabot-preview[bot]]

Bumps electron from 7.3.0 to 8.3.0.

Release notes

Sourced from electron's releases.

electron v8.3.0

Release Notes for v8.3.0

Features

• Added a new force parameter to app.focus() on macOS to allow apps to forcefully take focus. #23574
• EnableWebSQL is a new webpreference option to enable/disable websql api. #23581

Fixes

• Ensured that exit callbacks are run for Node.js in the renderer process. #23564
• Fixed a crash which could occur during page navigations. #23396
• Fixed an issue whereby macOS would fail to allow file extensions containing periods. #23449
• Fixed behaviour of navigator.language/s and app.getLocale to use OS locale. #23407
• Fixed crash with webview during some window management events like resize, scroll etc. #23397

Other Changes

• Fixed v8_context_snapshot_generator included in arm/arm64 mksnapshot zip files. #23542
• None. #23402, #23591
• Security: Backport Chromium fix for https://crbug.com/1062861. #23528
• Security: backported fix for CVE-2020-6458: Out of bounds read and write in PDFium. #23465
• Security: backported fix for CVE-2020-6459: Use after free in payments. #23456
• Security: backported fix for CVE-2020-6460: Insufficient data validation in URL formatting. #23462
• Security: backported fix for CVE-2020-6461: use-after-free in storage. #23504
• Security: backported fix for CVE-2020-6462: Use after free in task scheduling. #23517
• Security: backported fix for CVE-2020-6463: use-after-free in Angle. #23561
• Security: backported fix for CVE-2020-6464: Type confusion in blink. #23532
• Security: backported fix for CVE-2020-6831: Stack buffer overflow in SCTP. #23514

Documentation

• Documentation changes: #23355

electron v8.2.5

Release Notes for v8.2.5

Fixes

• Backported blink fix for zero-size pixels on high-dpi screens. #23336
• Fixed memory leaks in sandbox mode when using contextBridge with promises or ipcRenderer.invoke. #23339

electron v8.2.4

Release Notes for v8.2.4

Fixes

• Fixed Promise timeout issue when running Electron as Node. #23234
• Fixed a use-after-free error that could happen if a Tray was destroyed while showing a custom context menu. #23181
• Fixed an issue where windows without nativeWindowOpen: true could invoke the non-native-open path. #23225

... (truncated)

Commits

• 426d45c Bump v8.3.0
• 79298d3 build: remove unused header from a patch (#23591)
• 2a44b1a feat: add enableWebSQL webpreference (#23311) (#23581)
• 6f331e4 feat: add force option to app.focus() (#23574)
• dc71541 chore: cherry-pick 7101418f85a0 from chromium (#23532)
• a4de479 chore: cherry-pick 1288aa12369e from angle (#23561)
• f7509d5 fix: leave behind the unmodified XDG_CURRENT_DESKTOP variable (#23552)
• 42ab97f fix: run Node.js at-exit callbacks in renderer proc (#23564)
• faf2871 chore: cherry-pick 86c02c5dcd37 from chromium (#23528)
• ea4e92f fix: do not destroy thread in UI thread (#23550)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Automerge options (never/patch/minor, and dev/runtime dependencies) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)

[dependabot-preview[bot]]

Superseded by #65.