build(deps): bump electron from 28.3.3 to 38.0.0 in the npm_and_yarn group across 1 directory

[dependabot]

Bumps the npm_and_yarn group with 1 update in the / directory: electron.

Updates electron from 28.3.3 to 38.0.0

Release notes

Sourced from electron's releases.

electron v38.0.0

Release Notes for v38.0.0

Stack Upgrades

• Chromium 140.0.7339.41
  • New in 140
  • New in 139
• Node 22.18.0
  • Node 22.18.0 blog post
• V8 14.0

Breaking Changes

• For breaking changes inherited via Chromium, see blog post

Features

Additions

• Added before-mouse-event to allow intercepting and preventing mouse events in WebContents. #47280 (Also in 36, 37)
• Added fileBacked and purgeable fields to process.getSystemMemoryInfo() for macOS. #48146 (Also in 37)
• Added innerWidth and innerHeight options for window.open. #46749 (Also in 35, 36, 37)
• Added tray.{get|set}AutosaveName to enable macOS tray icons to maintain position across launches. #48077 (Also in 36, 37)
• Added webFrameMain.fromFrameToken(processId, frameToken) to get a WebFrameMain instance from its frame token. #47942
• Added sublabel functionality for menus on macOS >= 14.4. #46887 (Also in 35, 36, 37)
• Added support for app.getRecentDocuments() on Windows and macOS. #47924 (Also in 36, 37)
• Added support for --no-experimental-global-navigator flag. #47370 (Also in 35, 36, 37)
• Added support for HIDDevice.collections. #47391 (Also in 36, 37)
• Added support for screen.dipToScreenPoint(point) and screen.screenToDipPoint(point) on Linux X11. #46211 (Also in 35, 36, 37)
• Added support for customizing system accent color and highlighting of active window border. #47285 (Also in 35, 36, 37)
• Added support for menu item role palette and header on macOS. #45538 (Also in 37)
• Added support for node option --experimental-network-inspection. #46690 (Also in 35, 36, 37)
• Added the priority and priorityIncremental options to net.request(). #42628 (Also in 36, 37)
• Adds the ability to change window accent color on Windows after initial window initialization via {get|set}AccentColor. #47939 (Also in 36, 37)

Improvements

• Exposed win.isContentProtected() to allow developers to check window protection status. #47242 (Also in 36, 37)
• Internally switched to using DIR_ASSETS instead of DIR_MODULE/DIR_EXE to locate assets and resources, and added "assets" as a key that can be queried via app.getPath. #47950 (Also in 37)

Fixes

• Fixed an issue where dialog.showMessageDialog showed a window incorrectly centered to monitor instead of parent window when passed. #48215
• Fixed an issue where users on MacOS were unable to interact with a webpage loaded via loadURL. #47575
• Fixed broken chrome://accessibility page. #47497

Also in earlier versions...

• Fixed addChildView() crashes when adding a closed WebContentsView. #47099 (Also in 35, 36, 37)
• Fixed a bug where app extensions filters didn't allow for selecting app bundles in macOS file dialogs. #47841 (Also in 36, 37)
• Fixed a bug where the Referer header was not being set correctly when using webContents.downloadURL(). #47867 (Also in 36, 37)
• Fixed a child process crash on macOS when the running application is replaced with one that has a newer implementation triggering the sandbox. #47783 (Also in 37)

... (truncated)

Changelog

Sourced from electron's changelog.

Breaking Changes

Breaking changes will be documented here, and deprecation warnings added to JS code where possible, at least one major version before the change is made.

Types of Breaking Changes

This document uses the following convention to categorize breaking changes:

• API Changed: An API was changed in such a way that code that has not been updated is guaranteed to throw an exception.
• Behavior Changed: The behavior of Electron has changed, but not in such a way that an exception will necessarily be thrown.
• Default Changed: Code depending on the old default may break, not necessarily throwing an exception. The old behavior can be restored by explicitly specifying the value.
• Deprecated: An API was marked as deprecated. The API will continue to function, but will emit a deprecation warning, and will be removed in a future release.
• Removed: An API or feature was removed, and is no longer supported by Electron.

Planned Breaking API Changes (39.0)

Deprecated: --host-rules command line switch

Chromium is deprecating the --host-rules switch.

You should use --host-resolver-rules instead.

Behavior Changed: window.open popups are always resizable

Per current WHATWG spec, the window.open API will now always create a resizable popup window.

To restore previous behavior:

webContents.setWindowOpenHandler((details) => {
  return {
    action: 'allow',
    overrideBrowserWindowOptions: {
      resizable: details.features.includes('resizable=yes')
    }
  }
})

Behavior Changed: shared texture OSR paint event data structure

When using shared texture offscreen rendering feature, the paint event now emits a more structured object. It moves the sharedTextureHandle, planes, modifier into a unified handle property. See here for more details.

Planned Breaking API Changes (38.0)

Removed: ELECTRON_OZONE_PLATFORM_HINT environment variable

The default value of the --ozone-plaftform flag changed to auto.

... (truncated)

Commits

• 7943386 fix: BrowserWindow add the same BrowserView (#48201)
• a733514 fix: file-only picker incorrectly allowing some directories (#48231)
• d590787 fix: showMessageDialog should center dialog to parent (#48215)
• 0098160 fix: ensure dragging works again after emitting contextmenu event (#48224)
• 207f64f chore: bump chromium to 140.0.7339.41 (38-x-y) (#48190)
• 441cff7 feat: add fileBacked and purgeable fields to `process.getSystemMemoryInfo...
• 9eede35 build: refactor Linux binary stripping to align with upstream (#48197)
• 6812b13 docs: fix some module headings (#48195)
• a64175f ci: use free GH arm runners (#48187)
• b34e618 docs: add release timeline for Electron 39 (#48176)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

Description by Korbit AI

What change is being made?

Bump the Electron dependency from version 28.3.3 to 38.0.0 in the npm_and_yarn group.

Why are these changes being made?

This update ensures access to the latest features, performance improvements, and security patches included in Electron 38.0.0. Keeping dependencies updated is crucial for maintaining the overall health and security of the project.

Is this description stale? Ask me to generate a new description by commenting /korbit-generate-pr-description

---

Important

Bumps electron from 28.3.3 to 38.0.0, introducing breaking changes, new features, and stack upgrades.

• Dependency Update:
  • Bumps electron from 28.3.3 to 38.0.0 in package.json.
• Breaking Changes:
  • window.open popups are now always resizable.
  • Removed ELECTRON_OZONE_PLATFORM_HINT environment variable.
• Features:
  • Added before-mouse-event for intercepting mouse events.
  • Added fileBacked and purgeable fields to process.getSystemMemoryInfo() for macOS.
• Stack Upgrades:
  • Chromium upgraded to 140.0.7339.41.
  • Node upgraded to 22.18.0.
  • V8 upgraded to 14.0.

^{This description was created by for ff8ab07. You can customize this summary. It will automatically update as commits are pushed.}

[korbit-ai]

By default, I don't review pull requests opened by bots. If you would like me to review this pull request anyway, you can request a review via the /korbit-review command in a comment.

[greptile-apps]

Your free trial has ended. If you'd like to continue receiving code reviews, you can add a payment method here.

[ellipsis-dev]

Important

Looks good to me! 👍

Reviewed everything up to ff8ab07 in 39 seconds. Click for details.

• Reviewed 13 lines of code in 1 files
• Skipped 0 files when reviewing.
• Skipped posting 1 draft comments. View those below.
• Modify your settings and rules to customize what types of comments Ellipsis leaves. And don't forget to react with 👍 or 👎 to teach Ellipsis.

1. package.json:23

• Draft comment:
  Bumping Electron from v28 to v38 is a major update with potential breaking changes. Make sure to double-check all Electron API integrations and test for compatibility with v38 (see Electron changelog for breaking changes).
• Reason this comment was not posted:
  Comment did not seem useful. Confidence is useful = 0% <= threshold 50% The comment is asking the PR author to double-check and test for compatibility, which violates the rules. It also mentions checking the changelog for breaking changes, which is informative. Therefore, this comment should be removed.

Workflow ID: wflow_ytT9KgNaU9asxHTj

^{You can customize by changing your verbosity settings, reacting with 👍 or 👎, replying to comments, or adding code review rules.}