Bump electron from 4.0.7 to 4.1.2

[dependabot-preview[bot]]

Bumps electron from 4.0.7 to 4.1.2.

Release notes

*Sourced from [electron's releases](https://github.com/electron/electron/releases).* > ## electron v4.1.2 > # Release Notes for v4.1.2 > > ## Fixes > > * Added missing buffer size check in `nativeImage.createFromBuffer` / `nativeImage.addRepresentation`. Data URLs only parsed according to the MIME type as PNG or JPEG. [#17567](https://github-redirect.dependabot.com/electron/electron/issues/17567) > * Added support for testing the new Japanese Era with a placeholder era name. Set an environment variable named `ICU_ENABLE_TENTATIVE_ERA` to true to enable the placeholder era. [#17518](https://github-redirect.dependabot.com/electron/electron/issues/17518) > * Fixed an issue whereby foreground visibility of a window was not correctly taken into account for `win.isVisible()` on macOS. [#17492](https://github-redirect.dependabot.com/electron/electron/issues/17492) > * Fixed an issue with netLog module properties not being returned correctly. [#17544](https://github-redirect.dependabot.com/electron/electron/issues/17544) > * Fixed issue on KDE where tray icons would be displayed incorrectly as a 22x22 version of the provided tray image but cropped from the center. [#17497](https://github-redirect.dependabot.com/electron/electron/issues/17497) > * Fixed issue where preload scripts would sometimes run twice in the same process in different contexts resulting in broken native node module loading. [#17596](https://github-redirect.dependabot.com/electron/electron/issues/17596) > * Generated `.framework` files on macOS now have the correct permissions. This fixes an issue where a crash occurred if a user attempted to launch an Electron app that another user downloaded on macOS. [#17582](https://github-redirect.dependabot.com/electron/electron/issues/17582) > > ## Documentation > > * Documentation changes: [#17494](https://github-redirect.dependabot.com/electron/electron/issues/17494) > > ## electron v4.1.1 > # Release Notes for v4.1.1 > > ## Fixes > > * Added a check for invalid menu index to prevent out-of-range crashes on insertion. [#17461](https://github-redirect.dependabot.com/electron/electron/issues/17461) > * Fixed an issue where `Notification` objects constructed in the main process would randomly not be shown to the user. [#17483](https://github-redirect.dependabot.com/electron/electron/issues/17483) > * Fixed crash when `nativeImage.createFromBuffer()` is called with invalid `buffer`. [#17373](https://github-redirect.dependabot.com/electron/electron/issues/17373) > > ## electron v4.1.0 > # Release Notes for v4.1.0 > > Please note that there are no new features in this release. Electron 4.1.0 was released to work around issues users were experiencing with `node-pre-gyp` based native modules and our ABI number in Electron >= 4.0.4. > > ## Fixes > > * Fixed a crash when calling ECDH.setPrivateKey(). [#17297](https://github-redirect.dependabot.com/electron/electron/issues/17297) > * TouchBarSegmentedControl instances now correctly update when you update the `segments` array and remove `label` or `image` dynamically. [#17335](https://github-redirect.dependabot.com/electron/electron/issues/17335) > > ## Other Changes > > * Reset version to 4.1.0-beta.0 in preparation for 4.1.0 stable release. 84b01457 > > > ## electron v4.0.8 > # Release Notes for v4.0.8 > > ### Security > * Patched the FileReader vulnerability found in Google Chrome: https://electronjs.org/blog/filereader-fix

Commits

- [`28a9963`](https://github.com/electron/electron/commit/28a9963ca742855433f83c3bbb68929cbe2f3e9a) Bump v4.1.2 - [`b5f290d`](https://github.com/electron/electron/commit/b5f290d8d264804b355d66fefd87be98b113ed94) fix: add patch for framework file permissions ([#17582](https://github-redirect.dependabot.com/electron/electron/issues/17582)) - [`4574a21`](https://github.com/electron/electron/commit/4574a21ed30cb46a555b246cde0ebbffb15b5646) fix: handle a race condition between preload scripts executing and navigation... - [`7aaaa24`](https://github.com/electron/electron/commit/7aaaa24da7df36e6b1ef5cc2e9d1dc7a532215e2) Revert "Bump v4.1.2" - [`ded4a94`](https://github.com/electron/electron/commit/ded4a94a9257128b6736d987dbfed9233db2e125) Bump v4.1.2 - [`c6fd15e`](https://github.com/electron/electron/commit/c6fd15e641dda8c37df08747ff8d3762bf0a4bfa) fix: correctly return properties on the netLog module ([#17544](https://github-redirect.dependabot.com/electron/electron/issues/17544)) - [`36965a6`](https://github.com/electron/electron/commit/36965a6b4e5cf0da7f7cdd987f8c97120cf52dea) Revert "Bump v4.1.2" - [`53c3e01`](https://github.com/electron/electron/commit/53c3e01af63e96c4c66acfd4ca3a99d7bfc4c18c) Bump v4.1.2 - [`d2571f3`](https://github.com/electron/electron/commit/d2571f3a9e9ec600684c26ac674a8df3bbe23614) fix: backport ICU changes for Japanese Era placeholder name ([#17518](https://github-redirect.dependabot.com/electron/electron/issues/17518)) - [`e1a8050`](https://github.com/electron/electron/commit/e1a8050eab6e24ced01907307efc0cc77960cbc6) fix: add missing buffer size check in nativeImage ([#17567](https://github-redirect.dependabot.com/electron/electron/issues/17567)) - Additional commits viewable in [compare view](https://github.com/electron/electron/compare/v4.0.7...v4.1.2)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Automerge options (never/patch/minor, and dev/runtime dependencies) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired) Finally, you can contact us by mentioning @dependabot.

[dependabot-preview[bot]]

Superseded by #99.