Bump electron from 2.0.18 to 28.0.0

[dependabot]

Bumps electron from 2.0.18 to 28.0.0.

Release notes

Sourced from electron's releases.

electron v28.0.0

Release Notes for 28.0.0

Stack Upgrades

• Chromium 120.0.6099.56
  • New in 119
  • New in 120
• Node 18.18.2
  • Node 18.18.0 release notes
  • Node 18.18.1 release notes
  • Node 18.18.2 release notes
• V8 12.0

Breaking Changes

• The BrowserWindow.getTrafficLightPosition() and BrowserWindow.setTrafficLightPosition() methods have been removed. #39479
• The app.runningUnderRosettaTranslation() method has been removed. #39956
• The ipcRenderer.sendTo() method has been removed. #39087
• The scroll-touch-{begin,end,edge} events have been removed. #39814
• Setting backgroundThrottling to false will disable frames throttling in the BrowserWindow for all WebContents displayed by it. #38924

Features

Additions

• Enabled ESM support. #37535
  • For more details, see the ESM documentation.
• The UtilityProcess API now supports ESM entrypoints. #40047
• Added several properties to the display object including detected, maximumCursorSize, and nativeOrigin. #40554
• Added support for ELECTRON_OZONE_PLATFORM_HINT environment variable on Linux. #39792

In addition to enabling ESM support in Electron itself, Electron Forge also supports using ESM to package, build and develop Electron applications. You can find this support in Forge v7.0.0 or higher: https://github.com/electron/forge/releases/tag/v7.0.0

• Added API to help apps know when to avoid semitransparent backgrounds. #39631 (Also in 26, 27)
• Added getWebRTCUDPPortRange and setWebRTCUDPPortRange APIs to specify UDP port range for WebRTC. #39046
• Added keyboardLock to ses.setPermissionRequestHandler(handler). #40460 (Also in 26, 27)
• Added mouse-enter and mouse-leave Tray events for Windows. #40072
• Added a generateTaggedPDF option to webContents.printToPDF() to allow generating tagged (accessible) PDFs. #39563
• Added a tabbingIdentifier property to BrowserWindow. #39980 (Also in 26, 27)
• Added middle click mouse event to tray icon. #39926
• Added several properties to the display object including detected, maximumCursorSize, and nativeOrigin. #40554
• Added support for ELECTRON_OZONE_PLATFORM_HINT environment variable on Linux. #39792
• Added support for chrome.scripting extension APIs. #39395 (Also in 25, 26, 27)
• Added support for several more extensions manifest keys including host_permissions, author, and short_name. #39599 (Also in 26, 27)
• Added the ability to send HTTP headers with webContents.downloadURL(). #39455 (Also in 25, 26, 27)
• Changed systemPreferences.getColor(name) to return an RGBA hex value (#RRGGBBAA) instead of a plain RGB (#RRGGBB) value. #38960
• Honor XDG dark theme preferences on Linux. #38977 (Also in 25, 26, 27)
• Improved compatibility with CommonJS modules in sandboxed preload scripts by passing dummy module.exports. #39484

... (truncated)

Changelog

Sourced from electron's changelog.

Breaking Changes

Breaking changes will be documented here, and deprecation warnings added to JS code where possible, at least one major version before the change is made.

Types of Breaking Changes

This document uses the following convention to categorize breaking changes:

• API Changed: An API was changed in such a way that code that has not been updated is guaranteed to throw an exception.
• Behavior Changed: The behavior of Electron has changed, but not in such a way that an exception will necessarily be thrown.
• Default Changed: Code depending on the old default may break, not necessarily throwing an exception. The old behavior can be restored by explicitly specifying the value.
• Deprecated: An API was marked as deprecated. The API will continue to function, but will emit a deprecation warning, and will be removed in a future release.
• Removed: An API or feature was removed, and is no longer supported by Electron.

Planned Breaking API Changes (29.0)

Behavior Changed: ipcRenderer can no longer be sent over the contextBridge

Attempting to send ipcRenderer as an object over the contextBridge will now result in an empty object on the receiving side of the bridge. This change was made to remove / mitigate a security footgun, you should not directly expose ipcRenderer or it's methods over the bridge. Instead provide a safe wrapper like below:

contextBridge.exposeInMainWorld('app', {
  onEvent: (cb) => ipcRenderer.on('foo', (e, ...args) => cb(args))
})

Removed: renderer-process-crashed event on app

The renderer-process-crashed event on app has been removed. Use the new render-process-gone event instead.

// Removed
app.on('renderer-process-crashed', (event, webContents, killed) => { /* ... */ })
// Replace with
app.on('render-process-gone', (event, webContents, details) => { /* ... */ })

Removed: crashed event on WebContents and <webview>

The crashed events on WebContents and <webview> have been removed. Use the new render-process-gone event instead.

// Removed
win.webContents.on('crashed', (event, killed) => { /* ... */ })
</tr></table> 

... (truncated)

Commits

• 34d115a fix: cherry pick 9009d76968b1ec2ed825bc95e47d086ceea07520 from chromium (#40688)
• e809537 chore: bump chromium to 120.0.6099.56 (28-x-y) (#40653)
• 589c827 build: fix release notes script bug that omitted edited release-clerk comment...
• fe49f1c fix: clean up devtools frontend_host on webcontents destroy (#40679)
• 5bc8e76 fix: add missing set_wants_to_be_visible(true) to `NativeWindowMac::ShowIna...
• 0756fe6 docs: add dates for e29 (#40669)
• a0c85cf chore: cherry-pick 2 changes from Release-3-M119 (#40647)
• e45e20a chore: extend linting of code blocks in the docs (#40636)
• 1af2590 fix: add patch for simdutf base64 crash (#40542)
• 9ad4024 chore: allow passing more roots to lint.js (#40627)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)