{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":11973056,"defaultBranch":"33.0.1750.170-based","name":"qtwebengine-chromium","ownerLogin":"qt","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2013-08-08T09:43:23.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/159455?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1710413327.0","currentOid":""},"activityList":{"items":[{"before":"d9944bcb991c981574a229e5267e535b4eac8e1c","after":"65aaac35d040aef90c2e9f41a651b5a23470e457","ref":"refs/heads/122-based","pushedAt":"2024-07-11T10:10:11.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"qtprojectorg","name":"Qt Project Mirror Bot","path":"/qtprojectorg","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/10975639?s=80&v=4"},"commit":{"message":"[Backport] Remove usage of AVCodecContext::reordered_opaque\n\nFFmpeg has removed this field and usage of it in chromium must be\nremoved before the ffmpeg dependency is updated. The chromium media\nchange can be found here:\nhttps://chromium-review.googlesource.com/c/chromium/src/+/5384308\n\nThe usage of the field in webrtc seems only to be for sanity checking,\nso it should be just safe to remove entirely, since webrtc does not\nexpect re-ordering at all.\n\nBug: chromium:330573128\nReviewed-on: https://webrtc-review.googlesource.com/c/src/+/343840\n\nTask-number: QTBUG-125227\nChange-Id: I4fcddd688811d29f5122a0777e16ff05a5873c60\nReviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/571828\nReviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>","shortMessageHtmlLink":"[Backport] Remove usage of AVCodecContext::reordered_opaque"}},{"before":"ebdcdac77a371a74b40a037d20a901fa1508cb39","after":"d9944bcb991c981574a229e5267e535b4eac8e1c","ref":"refs/heads/122-based","pushedAt":"2024-07-11T10:09:57.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"qtprojectorg","name":"Qt Project Mirror Bot","path":"/qtprojectorg","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/10975639?s=80&v=4"},"commit":{"message":"[Backport] Roll FFmpeg dep\n\nSome changes in the size of packets for wav file demuxing\nhave required adjustments to numbers and hashes, as well as to\nsome of the way we used constants in a few unit tests.\n\nBug: 330573128\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5389551\n\nTask-number: QTBUG-125227\nChange-Id: I895ff048751aa307bf848eb5d09d9385f6f00289\nReviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/571827\nReviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>","shortMessageHtmlLink":"[Backport] Roll FFmpeg dep"}},{"before":"4f67363738aa4bc1e7e4e56fc53bc2cd90c097ea","after":"ebdcdac77a371a74b40a037d20a901fa1508cb39","ref":"refs/heads/122-based","pushedAt":"2024-07-09T10:13:43.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"qtprojectorg","name":"Qt Project Mirror Bot","path":"/qtprojectorg","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/10975639?s=80&v=4"},"commit":{"message":"[Backport] CVE-2024-4060: Use after free in Dawn\n\nCherry-pick of patch originally reviewed on\nhttps://chromium-review.googlesource.com/c/external/github.com/microsoft/DirectXShaderCompiler/+/5464347:\nReplace dynamic_cast with virtual call (#6515)\n\nMake TextDiagnosticPrinter::setPrefix a virtual function in base class\nDiagnosticConsumer. This allows us to avoid using dynamic_cast in\nBackendConsumer::DxilDiagHandler, required for codebases that do not\nenable RTTI. This is also the only place in the codebase that uses RTTI\n(AFAICT).\n\nBug: chromium:333420620\nChange-Id: Ida73077f24fdb4b705b5d868b04ac6cfecb30327\nReviewed-on: https://chromium-review.googlesource.com/c/external/github.com/microsoft/DirectXShaderCompiler/+/5464347\nReviewed-by: dan sinclair <dsinclair@chromium.org>\nReviewed-by: David Neto <dneto@google.com>\nReviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/561338\nReviewed-by: Michal Klocek <michal.klocek@qt.io>","shortMessageHtmlLink":"[Backport] <a title=\"CVE-2024-4060\" data-hovercard-type=\"advisory\" data-hovercard-url=\"/advisories/GHSA-4qw6-vwc8-mh38/hovercard\" href=\"https://github.com/advisories/GHSA-4qw6-vwc8-mh38\">CVE-2024-4060</a>: Use after free in Dawn"}},{"before":"aed1b2b32ea70957c8af9a8d9340ad3774bbcdf7","after":"4f67363738aa4bc1e7e4e56fc53bc2cd90c097ea","ref":"refs/heads/122-based","pushedAt":"2024-07-09T10:12:48.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"qtprojectorg","name":"Qt Project Mirror Bot","path":"/qtprojectorg","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/10975639?s=80&v=4"},"commit":{"message":"[Backport]  CVE-2024-6293: Use after free in Dawn\n\nCherry-pick of patch originally reviewed on\nhttps://chromium-review.googlesource.com/c/external/github.com/microsoft/DirectXShaderCompiler/+/5645925:\nindvars: don't replace a phi when that breaks LCSSA (#6695)\n\nInduction variable simplification (indvars) tries to rewrite exit\nvalues; these appear as phi nodes in loop exit blocks. If the\nreplacement for the phi is still in the loop, then that would break the\nLCSSA property. Don't do that.\n\nAdd a test for this.\n\nBug: chromium:345993680\nChange-Id: Ib2330afa3c6f47373cb4336cfd00e851044fea3a\nReviewed-on: https://chromium-review.googlesource.com/c/external/github.com/microsoft/DirectXShaderCompiler/+/5645925\nReviewed-by: dan sinclair <dsinclair@chromium.org>\nReviewed-by: James Price <jrprice@google.com>\nReviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/574268\nReviewed-by: Michal Klocek <michal.klocek@qt.io>","shortMessageHtmlLink":"[Backport] <a title=\"CVE-2024-6293\" data-hovercard-type=\"advisory\" data-hovercard-url=\"/advisories/GHSA-9f8f-453p-rg87/hovercard\" href=\"https://github.com/advisories/GHSA-9f8f-453p-rg87\">CVE-2024-6293</a>: Use after free in Dawn"}},{"before":"a9d27d4fa205772b4a5ce67b2cc153d4b15092b9","after":"aed1b2b32ea70957c8af9a8d9340ad3774bbcdf7","ref":"refs/heads/122-based","pushedAt":"2024-07-09T10:12:14.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"qtprojectorg","name":"Qt Project Mirror Bot","path":"/qtprojectorg","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/10975639?s=80&v=4"},"commit":{"message":"[Backport] CVE-2024-6291: Use after free in Swiftshader\n\nManual cherry-pick of patch originally reviewed on\nhttps://chromium-review.googlesource.com/c/angle/angle/+/5630161:\nVulkan: Disable VK_EXT_shader_stencil_export on SwiftShader\n\nBug: chromium:40942995\nChange-Id: I4c469108c420d3e68008a30f627989655a64c27c\nReviewed-on: https://chromium-review.googlesource.com/c/angle/angle/+/5630161\nCommit-Queue: Shahbaz Youssefi <syoussefi@chromium.org>\nReviewed-by: Amirali Abdolrashidi <abdolrashidi@google.com>\nReviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/574269\nReviewed-by: Michal Klocek <michal.klocek@qt.io>","shortMessageHtmlLink":"[Backport] <a title=\"CVE-2024-6291\" data-hovercard-type=\"advisory\" data-hovercard-url=\"/advisories/GHSA-rpvg-h6p6-42qj/hovercard\" href=\"https://github.com/advisories/GHSA-rpvg-h6p6-42qj\">CVE-2024-6291</a>: Use after free in Swiftshader"}},{"before":"73e291df61b83e2947ccf7896575c554ab238d19","after":"a9d27d4fa205772b4a5ce67b2cc153d4b15092b9","ref":"refs/heads/122-based","pushedAt":"2024-07-09T10:11:45.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"qtprojectorg","name":"Qt Project Mirror Bot","path":"/qtprojectorg","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/10975639?s=80&v=4"},"commit":{"message":"[Backport] CVE-2024-6290: Use after free in Dawn\n\nCherry-pick of patch originally reviewed on\nhttps://chromium-review.googlesource.com/c/external/github.com/microsoft/DirectXShaderCompiler/+/5645927:\nFix crash in scalarrepl-param-hlsl when dynamically indexing a GEP of a constant indexed GEP (#6670)\n\nWhen processing global values to determine when to flatten vectors, this\npass was only checking the immdiate users of the value for non-dynamic\nindexing of the vector. But this would fail in the case of a dynamic\nindexed GEP of a constant indexed GEP (e.g. h[0][a]) because the first\nlevel GEP was constant indexed, but not the second. We fix this by\nchecking the full User tree of the value in `hasDynamicVectorIndexing`.\n\nBug: chromium:342428008\nChange-Id: Ibf2ae3a6528cfc9b50634058385c5a45aa1d3b75\nReviewed-on: https://chromium-review.googlesource.com/c/external/github.com/microsoft/DirectXShaderCompiler/+/5645927\nReviewed-by: James Price <jrprice@google.com>\nReviewed-by: dan sinclair <dsinclair@chromium.org>\nReviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/574266\nReviewed-by: Michal Klocek <michal.klocek@qt.io>","shortMessageHtmlLink":"[Backport] <a title=\"CVE-2024-6290\" data-hovercard-type=\"advisory\" data-hovercard-url=\"/advisories/GHSA-r5mh-qgc2-26p2/hovercard\" href=\"https://github.com/advisories/GHSA-r5mh-qgc2-26p2\">CVE-2024-6290</a>: Use after free in Dawn"}},{"before":"cb6a6dbf53ef9bd3da777b3aa3e0241529a9bc12","after":"73e291df61b83e2947ccf7896575c554ab238d19","ref":"refs/heads/122-based","pushedAt":"2024-07-09T10:11:20.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"qtprojectorg","name":"Qt Project Mirror Bot","path":"/qtprojectorg","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/10975639?s=80&v=4"},"commit":{"message":"[Backport] Security bug 346197738\n\nManual cherry-pick of patch originally reviewed on\nhttps://chromium-review.googlesource.com/c/v8/v8/+/5613375:\nAdd missing type canonicalization for exceptions JS API\n\nM120 merge issues:\n  src/wasm/wasm-js.cc:\n    - EncodeExceptionValues(): conflicting indentation\n\n  src/wasm/wasm-objects.h/cc:\n    - New(): conflicting types for \"tag\"\n\n  src/wasm/wasm-objects.cc:\n    - instance is a parameter of ProcessExports() in 120, removed\n    the added code to instantiate it from the original fix, but kept\n    instance as a parameter of WasmTagObject::New()\n\nWhen we encode a JS value in a wasm exception, canonicalize the type\nstored in the tag's signature first. Canonicalize it using the tag's\noriginal module by storing the instance on the tag object.\n\nR=jkummerow@chromium.org\n\nBug: b/346197738\nChange-Id: I7575fd79c792d98e4a11c00b466700f0ab82d164\nReviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/5613375\nCommit-Queue: Thibaud Michaud <thibaudm@chromium.org>\nCr-Commit-Position: refs/heads/main@{#94335}\n(cherry picked from commit 89dc6eab605cde2ffaa92dd9acf461caa63478de)\nReviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/574265\nReviewed-by: Michal Klocek <michal.klocek@qt.io>","shortMessageHtmlLink":"[Backport] Security bug 346197738"}},{"before":"4a0cdae453d8ada33679f78fdb49eee4f9ec5c57","after":"cb6a6dbf53ef9bd3da777b3aa3e0241529a9bc12","ref":"refs/heads/122-based","pushedAt":"2024-07-09T10:11:02.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"qtprojectorg","name":"Qt Project Mirror Bot","path":"/qtprojectorg","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/10975639?s=80&v=4"},"commit":{"message":"[Backport] Security bug 336214779\n\nManual cherry-pick of patch originally reviewed on\nhttps://chromium-review.googlesource.com/c/v8/v8/+/5484026:\n[wasm] Fix Liftoff slot count for exception handling\n\nThe frame slot count reported by Liftoff is not always exact: it\nincludes the registers pushed on top of the stack in out-of-line code.\nSo if we are currently in a regular (not out-of-line) call, then the\nactual slot count is smaller.\n\nThis is good enough for the purposes of the GC, which will simply\nignore the upper slots that are not marked as references.\n\nHowever, the unwinder uses the same value to compute the stack pointer\nfrom the frame pointer, and this one should be exact. Otherwise the SP\nin the landing pad is not going to match the actual frame size.\n\nTherefore register the spill count for OOL code in the WasmCode and\nuse it to compute the exact frame size in the unwinder. This assumes\nthat we don't handle exceptions in out-of-line code.\n\nR=ahaas@chromium.org\n\nBug: 336214779\nChange-Id: Ib793c02c5958f9e0da547da48aeec2bf86296273\nReviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/5484026\nCommit-Queue: Thibaud Michaud <thibaudm@chromium.org>\nReviewed-by: Jakob Kummerow <jkummerow@chromium.org>\nReviewed-by: Andreas Haas <ahaas@chromium.org>\nCr-Commit-Position: refs/heads/main@{#93573}\nReviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/574264\nReviewed-by: Michal Klocek <michal.klocek@qt.io>","shortMessageHtmlLink":"[Backport] Security bug 336214779"}},{"before":"3b4c8527483553c219761b752f1256b9da1fca11","after":"4a0cdae453d8ada33679f78fdb49eee4f9ec5c57","ref":"refs/heads/122-based","pushedAt":"2024-07-09T10:10:04.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"qtprojectorg","name":"Qt Project Mirror Bot","path":"/qtprojectorg","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/10975639?s=80&v=4"},"commit":{"message":"[Backport] CVE-2024-5841: Use after free in V8\n\nCherry-pick of patch originally reviewed on\nhttps://chromium-review.googlesource.com/c/v8/v8/+/5467807:\nMake v8::Extension compilation uninterruptible\n\nBlink generally assumes that v8::Context::New cannot be interrupted.\nWorker creation is especially sensitive if we interrupt and nuke\na worker while we are still initializing said worker's context.\n\nFixed: 326765855\nChange-Id: I931d72851d04906c511bd6d674f75a0afc2c58b0\nReviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/5467807\nReviewed-by: Leszek Swirski <leszeks@chromium.org>\nCommit-Queue: Simon Zünd <szuend@chromium.org>\nCr-Commit-Position: refs/heads/main@{#93457}\nReviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/574262\nReviewed-by: Michal Klocek <michal.klocek@qt.io>","shortMessageHtmlLink":"[Backport] <a title=\"CVE-2024-5841\" data-hovercard-type=\"advisory\" data-hovercard-url=\"/advisories/GHSA-m52w-j3pc-g32g/hovercard\" href=\"https://github.com/advisories/GHSA-m52w-j3pc-g32g\">CVE-2024-5841</a>: Use after free in V8"}},{"before":"3938fdb88dd5f5d987aa72bce7e53e5680f45902","after":"3b4c8527483553c219761b752f1256b9da1fca11","ref":"refs/heads/122-based","pushedAt":"2024-07-09T10:09:33.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"qtprojectorg","name":"Qt Project Mirror Bot","path":"/qtprojectorg","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/10975639?s=80&v=4"},"commit":{"message":"[Backport] CVE-2024-5847: Use after free in PDFium\n\nManual cherry-pick of patch originally reviewed on\nhttps://pdfium-review.googlesource.com/c/pdfium/+/119350:\n[M126] Defensive programming around ObservedPtr<CPDFSDK_Annot>().\n\nSuch an argument is a strong hint to the caller that the object may\nbe destroyed somewhere in the called function, but be careful even\nwithin the called function to not extract a raw pointer from it.\n\n-- Change some x.Reset(y.Get()) usage to assignment to cut down on\n   number of (often dubious) Get() calls.\n\nBug: 341313077\nChange-Id: I572a2c5093f110ee04dbd2e82e3994a8266d5422\nReviewed-on: https://pdfium-review.googlesource.com/c/pdfium/+/119350\nReviewed-by: Lei Zhang <thestig@chromium.org>\nCommit-Queue: Tom Sepez <tsepez@chromium.org>\nReviewed-by: Thomas Sepez <tsepez@google.com>\n(cherry picked from commit a0d85587ff7212e24d1df8a6451c49f5eaa171d6)\nReviewed-on: https://pdfium-review.googlesource.com/c/pdfium/+/119678\nReviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/574260\nReviewed-by: Michal Klocek <michal.klocek@qt.io>","shortMessageHtmlLink":"[Backport] <a title=\"CVE-2024-5847\" data-hovercard-type=\"advisory\" data-hovercard-url=\"/advisories/GHSA-vjrj-8gj5-hpvr/hovercard\" href=\"https://github.com/advisories/GHSA-vjrj-8gj5-hpvr\">CVE-2024-5847</a>: Use after free in PDFium"}},{"before":"9f5407b6cfd2a47c8d237da20252a698761a3fec","after":"3938fdb88dd5f5d987aa72bce7e53e5680f45902","ref":"refs/heads/122-based","pushedAt":"2024-07-09T10:09:02.000Z","pushType":"push","commitsCount":3,"pusher":{"login":"qtprojectorg","name":"Qt Project Mirror Bot","path":"/qtprojectorg","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/10975639?s=80&v=4"},"commit":{"message":"[Backport] CVE-2024-5831: Use after free in Dawn (2/2)\n\nCherry-pick of patch originally reviewed on\nhttps://dawn-review.googlesource.com/c/dawn/+/184422:\ndawn/dxc: disable DXC pass 'structurize-loop-exits-for-unroll'\n\nMultiple security bugs have been reported related to this optimization pass, and after careful consideration, we have decided to disable it.\n\nBug: chromium:333508731\nBug: chromium:339171223\nBug: chromium:339169163\nBug: chromium:346595893\nChange-Id: I5c9d7180ed09e7417c120595937bcb1013b6ce66\nReviewed-on: https://dawn-review.googlesource.com/c/dawn/+/184422\nCommit-Queue: Antonio Maiorano <amaiorano@google.com>\nReviewed-by: Natalie Chouinard <chouinard@google.com>\nReviewed-by: Austin Eng <enga@chromium.org>\nReviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/574255\nReviewed-by: Michal Klocek <michal.klocek@qt.io>","shortMessageHtmlLink":"[Backport] <a title=\"CVE-2024-5831\" data-hovercard-type=\"advisory\" data-hovercard-url=\"/advisories/GHSA-9pmm-wf44-xjqc/hovercard\" href=\"https://github.com/advisories/GHSA-9pmm-wf44-xjqc\">CVE-2024-5831</a>: Use after free in Dawn (2/2)"}},{"before":"95fda5a0e06d39e23be741dbd52bd8d6597ff86e","after":"9f5407b6cfd2a47c8d237da20252a698761a3fec","ref":"refs/heads/122-based","pushedAt":"2024-07-03T08:55:58.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"qtprojectorg","name":"Qt Project Mirror Bot","path":"/qtprojectorg","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/10975639?s=80&v=4"},"commit":{"message":"[Backport] Remove 3PCD console messages issued from RFH\n\nCherry-pick of patch originally reviewed on\nhttps://chromium-review.googlesource.com/c/chromium/src/+/5444724:\nRemove 3PCD console messages issued from RFH\n\nThis CL also makes sure that the 3PCD cookie issues are associated with\nan `issue_id`.\n\nBug: 328691367\nChange-Id: Iaadf1cc2eac89ca5f4845a922ed964e926c10da2\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5444724\nReviewed-by: Danil Somsikov <dsv@chromium.org>\nReviewed-by: Avi Drissman <avi@chromium.org>\nCommit-Queue: Shuran Huang <shuuran@chromium.org>\nCr-Commit-Position: refs/heads/main@{#1288719}\nReviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/573830\nReviewed-by: Michael Brüning <michael.bruning@qt.io>","shortMessageHtmlLink":"[Backport] Remove 3PCD console messages issued from RFH"}},{"before":"49069ad63d0cb7a8d0215f458f4004d494aa59ef","after":"3aba63e62a86aeb157ad73df0fe0f44f01cf0e02","ref":"refs/heads/118-based","pushedAt":"2024-07-01T13:46:30.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"qtprojectorg","name":"Qt Project Mirror Bot","path":"/qtprojectorg","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/10975639?s=80&v=4"},"commit":{"message":"Work around MSVC 17.10 bug\n\nChange-Id: I75b57def6d19b6768b4fcab33a017f56841614c4\nReviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/573472\nReviewed-by: Michal Klocek <michal.klocek@qt.io>\n(cherry picked from commit 95fda5a0e06d39e23be741dbd52bd8d6597ff86e)\nReviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/573460","shortMessageHtmlLink":"Work around MSVC 17.10 bug"}},{"before":"f270523d1986021cc1ee7b2cff934c4571c77046","after":"95fda5a0e06d39e23be741dbd52bd8d6597ff86e","ref":"refs/heads/122-based","pushedAt":"2024-07-01T11:42:23.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"qtprojectorg","name":"Qt Project Mirror Bot","path":"/qtprojectorg","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/10975639?s=80&v=4"},"commit":{"message":"Work around MSVC 17.10 bug\n\nPick-to: 118-based\nChange-Id: I75b57def6d19b6768b4fcab33a017f56841614c4\nReviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/573472\nReviewed-by: Michal Klocek <michal.klocek@qt.io>","shortMessageHtmlLink":"Work around MSVC 17.10 bug"}},{"before":"7d28f93db7534943f84c5e6cab7778b83e1d2c3b","after":"49069ad63d0cb7a8d0215f458f4004d494aa59ef","ref":"refs/heads/118-based","pushedAt":"2024-06-28T12:21:32.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"qtprojectorg","name":"Qt Project Mirror Bot","path":"/qtprojectorg","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/10975639?s=80&v=4"},"commit":{"message":"Modify .gitattributes to stop PDF file line ending changes\n\nOn a Windows machine with core.autocrlf=true, one specific\nfile named readme.pdf is perpetually marked as changed, since the\nrule for files named readme.* overrides the rule for *.pdf files,\nand forces line ending changes on checkout. By moving the .*.pdf rule\nto the end, we ensure such cases are avoided.\n\nChange-Id: I3880f16ce65d997eb0a0af0438a74a565dcfb5d9\nReviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/572112\nReviewed-by: Michal Klocek <michal.klocek@qt.io>\n(cherry picked from commit f270523d1986021cc1ee7b2cff934c4571c77046)\nReviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/572096\nReviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>","shortMessageHtmlLink":"Modify .gitattributes to stop PDF file line ending changes"}},{"before":"74fe91f337c649bdfbb262cfa6fc05ea0343c348","after":"f270523d1986021cc1ee7b2cff934c4571c77046","ref":"refs/heads/122-based","pushedAt":"2024-06-28T12:20:53.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"qtprojectorg","name":"Qt Project Mirror Bot","path":"/qtprojectorg","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/10975639?s=80&v=4"},"commit":{"message":"Modify .gitattributes to stop PDF file line ending changes\n\nOn a Windows machine with core.autocrlf=true, one specific\nfile named readme.pdf is perpetually marked as changed, since the\nrule for files named readme.* overrides the rule for *.pdf files,\nand forces line ending changes on checkout. By moving the .*.pdf rule\nto the end, we ensure such cases are avoided.\n\nPick-to: 118-based\nChange-Id: I3880f16ce65d997eb0a0af0438a74a565dcfb5d9\nReviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/572112\nReviewed-by: Michal Klocek <michal.klocek@qt.io>","shortMessageHtmlLink":"Modify .gitattributes to stop PDF file line ending changes"}},{"before":"8cd58f20129084ea4ce882effc44d2c71d44adba","after":"74fe91f337c649bdfbb262cfa6fc05ea0343c348","ref":"refs/heads/122-based","pushedAt":"2024-06-27T11:27:51.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"qtprojectorg","name":"Qt Project Mirror Bot","path":"/qtprojectorg","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/10975639?s=80&v=4"},"commit":{"message":"FIXUP: Silence most warnings\n\nSilence MSVC bit shift warnings\n\nA couple of files inside the partition allocator produce a ton of\nthe following MSVC warning: \"warning C4334: '<<': result of 32-bit shift\nimplicitly converted to 64 bits (was 64-bit shift intended?)\". This\ncommit explicitly marks the value 1 which is being bit-shifted as\na size_t, which silences those warnings.\n\nChange-Id: I30476bef55a649dc0342ec09f29915ce0dd199aa\nReviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/571231\nReviewed-by: Michal Klocek <michal.klocek@qt.io>","shortMessageHtmlLink":"FIXUP: Silence most warnings"}},{"before":"28f666ec3880c791ac9e63d367df75bae556b495","after":"8cd58f20129084ea4ce882effc44d2c71d44adba","ref":"refs/heads/122-based","pushedAt":"2024-06-24T13:34:00.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"qtprojectorg","name":"Qt Project Mirror Bot","path":"/qtprojectorg","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/10975639?s=80&v=4"},"commit":{"message":"FIXUP: Fix vaapi support for QtWebEngine\n\nFixes crash with VA-API with Vulkan backend.\n\nChange-Id: I7e457612d72b186f77ae22bf2a08ed52659de95e\nReviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/570350\nReviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>","shortMessageHtmlLink":"FIXUP: Fix vaapi support for QtWebEngine"}},{"before":"64cfd4428e9631ba57a86061128ae29400f71b9a","after":"7d28f93db7534943f84c5e6cab7778b83e1d2c3b","ref":"refs/heads/118-based","pushedAt":"2024-06-24T09:28:44.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"qtprojectorg","name":"Qt Project Mirror Bot","path":"/qtprojectorg","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/10975639?s=80&v=4"},"commit":{"message":"Suppress DCHECK triggered by function RecordHadPreviousSyncAccount\n\nThe DCHECK is triggered when trying to access an unregistered preference\nprefs::kGoogleServicesLastGaiaId. The specified function was introduced\nas part of adding a metric to count users with previous sync account.\nrefer https://chromium-review.googlesource.com/c/chromium/src/+/4348462\nfor more details. Commented this one out as it not needed by webengine.\n\nChange-Id: I21a7078287d4b707cdc1e21638c1d44c77e258ee\nReviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/559669\nReviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>","shortMessageHtmlLink":"Suppress DCHECK triggered by function RecordHadPreviousSyncAccount"}},{"before":"663ea4f38c8359b366672edd028bf547a3255afe","after":"28f666ec3880c791ac9e63d367df75bae556b495","ref":"refs/heads/122-based","pushedAt":"2024-06-19T13:22:55.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"qtprojectorg","name":"Qt Project Mirror Bot","path":"/qtprojectorg","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/10975639?s=80&v=4"},"commit":{"message":"Revert \"Fix clang_cl builds of gn\"\n\nThis should be obsolate with:\nhttps://gn-review.googlesource.com/c/gn/+/16620\n\nThis reverts commit 0721d40ca55ed37287f096605ae8fdee37cd8ad2.\n\nChange-Id: I161501e263051b7f8fd95984ff2aad8fb85612f8\nReviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/569530\nReviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>","shortMessageHtmlLink":"Revert \"Fix clang_cl builds of gn\""}},{"before":"7bbe5ccf1d560c30671c30e0388366080cf88c56","after":"663ea4f38c8359b366672edd028bf547a3255afe","ref":"refs/heads/122-based","pushedAt":"2024-06-19T13:15:33.000Z","pushType":"push","commitsCount":4,"pusher":{"login":"qtprojectorg","name":"Qt Project Mirror Bot","path":"/qtprojectorg","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/10975639?s=80&v=4"},"commit":{"message":"FIXUP: Add rsp target writer\n\nUse data target resolver for target queries.\n\nChange-Id: I19be6280e06bd6f18ad10ff952099c9beb2e8b4e\nReviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/569447\nReviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>","shortMessageHtmlLink":"FIXUP: Add rsp target writer"}},{"before":"b3528cb4c6eab7596d4b5d74015c0f3b49ff2de3","after":"b35d447862fb699929fc246a94c30364a8cdc1f6","ref":"refs/heads/upstream-master","pushedAt":"2024-06-19T10:02:39.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"qtprojectorg","name":"Qt Project Mirror Bot","path":"/qtprojectorg","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/10975639?s=80&v=4"},"commit":{"message":"Remove ninja sources\n\nWith cmake port we do not build any longer ninja\nas qt requires ninja as build tool.\n\nChange-Id: Ic8eddf1b8b7e862f6daee6c3ac2f1d25ad721121\nReviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/541207\nReviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>","shortMessageHtmlLink":"Remove ninja sources"}},{"before":"50d81791bf17b7d055c817d870ce121992d3ce66","after":"7bbe5ccf1d560c30671c30e0388366080cf88c56","ref":"refs/heads/122-based","pushedAt":"2024-06-18T08:41:43.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"qtprojectorg","name":"Qt Project Mirror Bot","path":"/qtprojectorg","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/10975639?s=80&v=4"},"commit":{"message":"Add V8 version to chrome://qt\n\nInsert the version string into the HTML page.\n\nTask-number: QTBUG-123500\nChange-Id: I62a55b5e12ffaa0d3e373ff29badc6b0ce63cd78\nReviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/554340\nReviewed-by: Michal Klocek <michal.klocek@qt.io>","shortMessageHtmlLink":"Add V8 version to chrome://qt"}},{"before":"927a426c09762e30fd36e310d097436a6b9e6582","after":"b3528cb4c6eab7596d4b5d74015c0f3b49ff2de3","ref":"refs/heads/upstream-master","pushedAt":"2024-06-18T06:53:14.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"qtprojectorg","name":"Qt Project Mirror Bot","path":"/qtprojectorg","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/10975639?s=80&v=4"},"commit":{"message":"Update GN to 122.0.6261.171\n\nChange-Id: Id024c0dcb3cd65083f94ec977a28613087b618e2\nReviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/568241\nReviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>","shortMessageHtmlLink":"Update GN to 122.0.6261.171"}},{"before":"33de498d0a714b0ebe95c4af86689f1a035ed512","after":"50d81791bf17b7d055c817d870ce121992d3ce66","ref":"refs/heads/122-based","pushedAt":"2024-06-17T14:14:35.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"qtprojectorg","name":"Qt Project Mirror Bot","path":"/qtprojectorg","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/10975639?s=80&v=4"},"commit":{"message":"[Backport] Security bug 326498393\n\nManual cherry-pick of patch originally reviewed on\nhttps://chromium-review.googlesource.com/c/chromium/src/+/5320373:\nSQL: Make sql::Transaction hold WeakPtr<Database>\n\nNow, Transaction checks whether the Database has been destroyed before\nusing it.\n\nThis CL also adds stricter sequence checking to Database, which found a\nfew places that Database was passed between sequences:\n\n(1) storage::DatabaseTracker was using and destroying sql::Database on\n    different sequences. Now, it simply destroys the Database instance\n    in storage::DatabaseTracker::Shutdown(), which already runs on the\n    correct sequence.\n\n(1) history::InMemoryDatabase was \"slurping\" data from disk on one\n    sequence, then querying the data on a different sequence. To support\n    this use case, we added added sql:Database::DetachFromSequence().\n    Now, InMemoryDatabase effectively annotates the cut point where the\n    Database is handed off to another sequence.\n\nBug: 326498393\nChange-Id: I866061feaf08d48607d97731a512bc02ce497f71\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5320373\nReviewed-by: manuk hovanesian <manukh@chromium.org>\nCommit-Queue: Dan McArdle <dmcardle@chromium.org>\nReviewed-by: Evan Stade <estade@chromium.org>\nAuto-Submit: Dan McArdle <dmcardle@chromium.org>\nCr-Commit-Position: refs/heads/main@{#1267047}\nReviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/561334\nReviewed-by: Michal Klocek <michal.klocek@qt.io>","shortMessageHtmlLink":"[Backport] Security bug 326498393"}},{"before":"e3c1ae4236904d4dff1e10fd1d02cf078a11d446","after":"33de498d0a714b0ebe95c4af86689f1a035ed512","ref":"refs/heads/122-based","pushedAt":"2024-06-17T14:13:48.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"qtprojectorg","name":"Qt Project Mirror Bot","path":"/qtprojectorg","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/10975639?s=80&v=4"},"commit":{"message":"[Backport] Dependency for security bug 326498393 (3/3)\n\nCherry-pick of patch originally reviewed on\nhttps://chromium-review.googlesource.com/c/chromium/src/+/5321958:\nSQL: Handle case where DB is closed mid-transaction\n\nBug: 326498384\nChange-Id: Idaa770a24e3059aba5839dccce10d57f8863e00f\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5321958\nReviewed-by: Austin Sullivan <asully@chromium.org>\nCommit-Queue: Dan McArdle <dmcardle@chromium.org>\nAuto-Submit: Dan McArdle <dmcardle@chromium.org>\nCommit-Queue: Austin Sullivan <asully@chromium.org>\nCr-Commit-Position: refs/heads/main@{#1265421}\nReviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/561333\nReviewed-by: Michal Klocek <michal.klocek@qt.io>","shortMessageHtmlLink":"[Backport] Dependency for security bug 326498393 (3/3)"}},{"before":"d0435152b6f7f0a6678d5574cadec1fa575f8a48","after":"e3c1ae4236904d4dff1e10fd1d02cf078a11d446","ref":"refs/heads/122-based","pushedAt":"2024-06-17T14:13:23.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"qtprojectorg","name":"Qt Project Mirror Bot","path":"/qtprojectorg","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/10975639?s=80&v=4"},"commit":{"message":"[Backport] Dependency for security bug 326498393 (1/3)\n\nCherry-pick of patch originally reviewed on\nhttps://chromium-review.googlesource.com/c/chromium/src/+/5245970:\nPrevent dangling pointer by inlining ScopedBusyTimeout\n\nBug: 1522873\nChange-Id: Icd6262eb23404c273fa31021cddf36bea0bb56db\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5245970\nReviewed-by: Evan Stade <estade@chromium.org>\nReviewed-by: David Benjamin <davidben@chromium.org>\nCommit-Queue: Dan McArdle <dmcardle@chromium.org>\nCr-Commit-Position: refs/heads/main@{#1254220}\nReviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/561331\nReviewed-by: Michal Klocek <michal.klocek@qt.io>","shortMessageHtmlLink":"[Backport] Dependency for security bug 326498393 (1/3)"}},{"before":"ce226695cb158ee1f48677f170b623442e077a89","after":"d0435152b6f7f0a6678d5574cadec1fa575f8a48","ref":"refs/heads/122-based","pushedAt":"2024-06-14T14:17:16.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"qtprojectorg","name":"Qt Project Mirror Bot","path":"/qtprojectorg","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/10975639?s=80&v=4"},"commit":{"message":"[Backport] Security bug 339736513\n\nCherry-pick of patch originally reviewed on\nhttps://chromium-review.googlesource.com/c/v8/v8/+/5527898:\nUse slow stub element handler for non-JSObjects\n\nFixed: 339736513\nChange-Id: I134a046475b0b004c3de1bacc5b2f1a7fa503d96\nReviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/5527898\nReviewed-by: Igor Sheludko <ishell@chromium.org>\nCommit-Queue: Igor Sheludko <ishell@chromium.org>\nAuto-Submit: Shu-yu Guo <syg@chromium.org>\nCr-Commit-Position: refs/heads/main@{#93847}\nReviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/567757\nReviewed-by: Michal Klocek <michal.klocek@qt.io>","shortMessageHtmlLink":"[Backport] Security bug 339736513"}},{"before":"28d2795a9165dea7f0f642d72648d8673123452f","after":"ce226695cb158ee1f48677f170b623442e077a89","ref":"refs/heads/122-based","pushedAt":"2024-06-14T14:16:52.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"qtprojectorg","name":"Qt Project Mirror Bot","path":"/qtprojectorg","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/10975639?s=80&v=4"},"commit":{"message":"[Backport] CVE-2024-5499: Out of bounds write in Streams API\n\nCherry-pick of patch originally reviewed on\nhttps://chromium-review.googlesource.com/c/chromium/src/+/5553232:\nStreams: Check if buffer is detached when filling pull-into descriptor\n\nThe pull-into descriptor can become out-of-sync with the array buffer\nwhen the buffer is detached. This CL adds a check to see if the buffer\nis detached before trying to fill it.\n\nBug: 339877167\nChange-Id: I17d98416a746a5ade24308ef332cba829933d7de\nReviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5553232\nReviewed-by: Domenic Denicola <domenic@chromium.org>\nCommit-Queue: Nidhi Jaju <nidhijaju@chromium.org>\nCr-Commit-Position: refs/heads/main@{#1303628}\nReviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/567755\nReviewed-by: Michal Klocek <michal.klocek@qt.io>","shortMessageHtmlLink":"[Backport] <a title=\"CVE-2024-5499\" data-hovercard-type=\"advisory\" data-hovercard-url=\"/advisories/GHSA-hqfv-mf6j-g3j6/hovercard\" href=\"https://github.com/advisories/GHSA-hqfv-mf6j-g3j6\">CVE-2024-5499</a>: Out of bounds write in Streams API"}},{"before":"e2c589700c312d35a503a15c30ea6432d77cbca2","after":"28d2795a9165dea7f0f642d72648d8673123452f","ref":"refs/heads/122-based","pushedAt":"2024-06-14T14:16:15.000Z","pushType":"push","commitsCount":3,"pusher":{"login":"qtprojectorg","name":"Qt Project Mirror Bot","path":"/qtprojectorg","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/10975639?s=80&v=4"},"commit":{"message":"[Backport] CVE-2024-5495: Use after free in Dawn\n\nCherry-pick of patch originally reviewed on\nhttps://chromium-review.googlesource.com/c/external/github.com/microsoft/DirectXShaderCompiler/+/5570019:\nFix use-after-free in SimplifyCFG (#6628)\n\nWhen SimplifySwitchOnSelect calls SimplifyTerminatorOnSelect, it holds\nonto the select's condition value to use for the conditional branch it\nreplaces the switch with. When removing the switch's unused\npredecessors, it must make sure not to delete PHIs in case one of them\nis used by the condition value, otherwise the condition value itself may\nget deleted, resulting in an use-after-free.\n\nNote that this was fixed in LLVM as well:\n\nhttps://github.com/llvm/llvm-project/commit/dc3b67b4cad5c18a687edfabd50779c3c656c620\n\nBug: chromium:338103465\nChange-Id: I0f1870f1f84b2ce14a1bc883e3d2f6086ee14013\nReviewed-on: https://chromium-review.googlesource.com/c/external/github.com/microsoft/DirectXShaderCompiler/+/5570019\nReviewed-by: James Price <jrprice@google.com>\nReviewed-by: Natalie Chouinard <chouinard@chromium.org>\nReviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/567753\nReviewed-by: Michal Klocek <michal.klocek@qt.io>","shortMessageHtmlLink":"[Backport] <a title=\"CVE-2024-5495\" data-hovercard-type=\"advisory\" data-hovercard-url=\"/advisories/GHSA-wrxh-8wc3-33rm/hovercard\" href=\"https://github.com/advisories/GHSA-wrxh-8wc3-33rm\">CVE-2024-5495</a>: Use after free in Dawn"}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAAEfK2YegA","startCursor":null,"endCursor":null}},"title":"Activity · qt/qtwebengine-chromium"}