Skip to content

Javascript dependency: Bump electron from 41.5.0 to 42.0.0 in /runtime#9910

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/runtime/electron-41.5.0
Open

Javascript dependency: Bump electron from 41.5.0 to 42.0.0 in /runtime#9910
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/runtime/electron-41.5.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 4, 2026
edited
Loading

Bumps electron from 41.5.0 to 42.0.0.

Release notes

Sourced from electron's releases.

electron v42.0.0

Release Notes for v42.0.0

Features

  • Added JS stack trace to crash reports on renderer OOM. #50911
  • Added Notification.handleActivation(callback) API on Windows to handle notification clicks, replies, and action buttons - including when the app is launched from a notification (cold start). #49919
  • Added ELECTRON_INSTALL_PLATFORM and ELECTRON_INSTALL_ARCH variables to install binaries from other platforms and architectures. #49981
  • Added Notification.getHistory() for macOS, allowing developers to restore all delivered notifications still present in Notification Center. #51123
  • Added allowExtensions privilege to protocol.registerSchemesAsPrivileged() to enable Chrome extensions on custom protocols. #50530 (Also in 40, 41)
  • Added app.configureWebAuthn() to enable the Touch ID platform authenticator for WebAuthn on macOS, and a select-webauthn-account session event for choosing between multiple discoverable credentials. #51411 (Also in 41)
  • Added app.isActive() to check if the app is the active/foreground application (macOS only). #49622
  • Added globalShortcut.setSuspended() and globalShortcut.isSuspended() methods to temporarily suspend and resume global shortcut handling. #50777
  • Added id and groupId options to the Notification constructor on macOS. id allows custom identifiers for notifications, and groupId visually groups notifications together in Notification Center. #50304
  • Added webContents.getOrCreateDevToolsTargetId(). #49733 (Also in 41)
  • Added a disclaim option to the UtilityProcess API to allow for TCC disclaiming on macOS. #49128 (Also in 39, 40, 41)
  • Added a reason property to the Notification 'closed' event on Windows to allow developers to know the reason the Notification was dismissed. #49913 (Also in 40, 41)
  • Added an usePrinterDefaultPageSize option to webContents.print() to allow using the printer's default page size. #49523 (Also in 41)
  • Added animation functionality to view.setBounds and add view.setBackgroundBlur. #48812
  • Added id, groupId, and groupTitle support for Windows notifications. #50895
  • Added nativeTheme.shouldDifferentiateWithoutColor on macOS. #50409 (Also in 41)
  • Added support for MSIX auto-updating. #49230 (Also in 39, 40, 41)
  • Added support for --experimental-transform-types. #49711 (Also in 39, 40, 41)
  • Added support for long-animation-frame script attribution (via --enable-features=AlwaysLogLOAFURL). #49706 (Also in 39, 40, 41)
  • Added support for heap profiling via contentTracing.enableHeapProfiling(). #51162 (Also in 41)
  • Added support for importing shared textures using the nv16 pixel format. #51187
  • Added support for importing shared textures using the p010le 10-bit YUV pixel format. #49272
  • Added support for several more safeStorage backends via new asynchronous functionality in safeStorage. #49054
  • Added the ability to disable auto-focusing of WebContents on navigation using webPreferences.focusOnNavigation. #49425 (Also in 40, 41)
  • Changed offscreen scale factor use 1.0f as default. #49683
  • Electron now downloads its binary into node_modules dynamically on first launch instead of running a postinstall script. Added the install-electron script to manually trigger the download as well. #49328
  • Enable wasm trap handlers behind WasmTrapHandlers fuse. #48983 (Also in 41)
  • Extended actions support for Windows notifications to include buttons, select dropdowns, and replies. #48132 (Also in 40, 41)
  • Notes: Added support for the urgency option in Notifications on Windows. #50383 (Also in 41)
  • On Wayland (Linux), frameless windows now have GTK drop shadows and extended resize boundaries. To create fully frameless windows with no decorations, set hasShadow: false in the window constructor. #49295 (Also in 41)
  • Replaced deprecated NSUserNotification with User Notifications. #47817

Fixes

  • Added additional ASAR support to additional fs copy methods. #50285 (Also in 39, 40, 41)
  • Added crash keys to diagnose power monitor shutdown crash on arm64 windows. #51205
  • Added missing metadata fields to contentTracing traces. #51007 (Also in 41)
  • Added validation to protocol client methods to reject protocol names that do not conform to the RFC 3986 URI scheme grammar. #50141 (Also in 38, 39, 40, 41)
  • Addressed upstream Chromium shift to enable CoreAudio Tap API for audio capture used in electron's desktopCapturer (🍏 macOS). #49717 (Also in 39, 40, 41)
  • Allow dynamically updating menu item labels, sublabels, and icons. #49678 (Also in 40, 41)
  • BrowserWindow now enforces min/max size constraints on window creation, even if they conflict with the requested width and height. #50754 (Also in 41)
  • Changed the kResizeThreshold to trigger the resize on corners. #51001 (Also in 41)
  • Ensured cross-origin fetch() and XHR are blocked for custom protocols registered with supportFetchAPI: true unless corsEnabled: true is also set; cross-origin mode: 'no-cors' requests now receive an opaque response. #51269 (Also in 39, 40, 41)
  • Fixed Electron child process titles on Linux so they show their types (render, gpu, etc.) and complete command-line arguments and flags in ps aux. #50533
  • Fixed fs.stat on files inside asar archives returning undefined for blksize and blocks instead of numeric values. #50877 (Also in 40, 41)
  • Fixed globalShortcut not working on Wayland with GlobalShortcutsPortal feature enabled. #49842 (Also in 40, 41)

... (truncated)

Commits
  • 51db52e fix: set XDG app ID and WM_CLASS based on normalized app name (#51479)
  • 3998b93 fix: handle createWindow() rejection in import-meta test fixture (#51468)
  • 5ce31c3 fix: don't let tests hang for an hour (#51466)
  • 49f7d16 chore: bump chromium to 148.0.7778.96 (42-x-y) (#51402)
  • 673351b chore: use oxfmt and oxlint in 42-x-y (#51435)
  • 7369f7d fix: constrain AllowUniversalAccessFromFileURLs to file: origins in agent clu...
  • dc58761 fix: prevent borders and smearing in transparent frameless/client fra… (#51430)
  • 84ea8a1 build(deps): bump dorny/paths-filter from 3.0.2 to 4.0.1 (#51408)
  • 6e01ddb refactor: gin_helper::Promise managed by cppgc (#51405)
  • 2d943ef feat: support WebAuthn Touch ID platform authenticator on macOS (#51411)
  • Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request
Dependency Name Ignore Conditions
electron [>= 36.3.a, < 36.4]

@dependabot dependabot Bot added the Dependencies Pull requests that update a dependency file label May 4, 2026
asheshv added a commit that referenced this pull request May 6, 2026
@asheshv
chore: Apply non-breaking dependency updates from open dependabot PRs
4330a68 
Python (requirements.txt):
- boto3 1.42.* -> 1.43.* (#9908)
- psycopg 3.3.3 -> 3.3.4 (#9911) for python_version >= '3.10'

JavaScript (web/package.json, web/yarn.lock):
- axios 1.15.2 -> 1.16.0 (matches dependabot's #9907 in /runtime,
  applied to /web for cross-package consistency)

Electron runtime (runtime/package.json, runtime/yarn.lock):
- axios 1.15.2 -> 1.16.0 (#9907)
- electron 41.3.0 -> 41.5.0 (#9910)
- eslint 10.2.1 -> 10.3.0 (#9912)
- globals 17.5.0 -> 17.6.0 (#9909)
  follow-redirects 1.15.11 -> 1.16.0 transitively

Skipped (genuine breaking changes, deferred to a future minor):
- @mui/material 7 -> 9 (#9843)
- @mui/x-date-pickers 8 -> 9 (#9888)

Verified in an isolated worktree:

  - jest:                140/0/0 suites, 824/0/0 tests
  - eslint:              clean (silent)
  - pycodestyle:         0 violations project-wide
  - python regression:   1879/0/308 (PG18, --exclude feature_tests)

The axios 1.16.0 release notes call out three observable changes; only
the first is potentially relevant to pgAdmin and is a bugfix:

  - Fetch adapter now enforces maxBodyLength / maxContentLength (these
    were silently ignored on the fetch adapter before 1.16.0). pgAdmin
    does not set these limits, so behaviour is unchanged.
  - Proxy requests preserve user-supplied Host headers — pgAdmin does
    not proxy through axios.
  - Basic-auth credentials embedded in URLs are URL-decoded — pgAdmin
    does not construct credential-embedded URLs.

psycopg 3.3.4 brings three bugfixes: spurious connection-timeout in C
extension on long-uptime systems, client-side adaptation of enums whose
names need quoting, and consistent Cursor.statusmessage after
executemany().

electron 41.5.0 is a patch within the 41.x line carrying Chromium
security backports plus a Windows frameless-window resize regression
fix and a low-level mouse-hook teardown fix.
@dependabot
Javascript dependency: Bump electron from 41.5.0 to 42.0.0 in /runtime
78e45dd 
Bumps [electron](https://github.com/electron/electron) from 41.5.0 to 42.0.0.
- [Release notes](https://github.com/electron/electron/releases)
- [Commits](electron/electron@v41.5.0...v42.0.0)

---
updated-dependencies:
- dependency-name: electron
  dependency-version: 41.5.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title Javascript dependency: Bump electron from 41.3.0 to 41.5.0 in /runtime Javascript dependency: Bump electron from 41.5.0 to 42.0.0 in /runtime May 6, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/runtime/electron-41.5.0 branch from 0937586 to 78e45dd Compare May 6, 2026 06:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

Dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants