Skip to content

Build(deps-dev): Bump electron from 38.7.2 to 40.0.0 #2501

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Build(deps-dev): Bump electron from 38.7.2 to 40.0.0 #2501

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 16, 2026
edited
Loading

Bumps electron from 38.7.2 to 40.0.0.

Release notes

Sourced from electron's releases.

electron v40.0.0

Release Notes for v40.0.0

Stack Upgrades

Breaking Changes

  • Deprecated clipboard API access from renderer processes #48923
  • Fixed an error on debug symbol upload by moving dsym.zip to use tar.xz compression. #48952

Features

Additions

  • Added "memory-eviction" as a possible reason for a child process to exit. #48362
  • Added RGBAF16 output format with scRGB HDR color space support to Offscreen Rendering. #48265 (Also in 39)
  • Added app.isHardwareAccelerationEnabled(). #47614 (Also in 37, 38, 39)
  • Added bypassCustomProtocolHandlers option to net.request. #48883 (Also in 38, 39)
  • Added methods to enable more granular accessibility support management. #48042 (Also in 37, 38, 39)
  • Added support for WebSocket authentication through the login event on webContents. #49064 (Also in 39)
  • Added support to import external shared texture as VideoFrame. #48831
  • Added the ability to retrieve the system accent color on Linux using systemPreferences.getAccentColor. #48027 (Also in 39)
  • Allowed for persisting File System API grant status within a given session. #48170 (Also in 37, 38, 39)
  • Automatically focus DevTools when element is inspected or breakpoint is triggered. #46386 (Also in 37, 38, 39)

Improvements

  • Enables resetting accent color to follow system accent settings if a previous color has been set via window.setAccentColor(null). #48274 (Also in 38, 39)
  • Support dynamic ESM imports in non-context isolated preloads. #48375 (Also in 37, 38, 39)
  • Updated nativeImage.createFromNamedImage to support SF Symbol names. #48772 (Also in 39)

Fixes

  • Added support for --no-stdio-init to be used when nul device is disabled on windows. #47870
  • Fixed an issue on Windows and Linux where no cookie encryption key provider was passed into the network service when cookie encryption was enabled. #49375
  • Fixed an issue where no cookie encryption provider was passed into the network service when cookie encryption was enabled. #49350
  • Fixed crash when attempting to resolve modules during process exit. #49104
  • Fixed drag regions in child windows. #49312
  • Fixed draw smoothing round corner issue. #48782
  • Fixed the cookie encryption logic to use the old os_crypt sync implementation present in M142. #49384
  • Fixed visual artifacts while resizing a window on Windows. #49191

Also in earlier versions...

  • AccentColor set distinguishes the frame. #48405 (Also in 37, 38, 39)
  • Corrected the appearance of tiled windows on GNOME (when frame: true), and removed resize handles from tiled edges. #48835 (Also in 38, 39)
  • Fix: ESM-from-CJS import when CJK characters are in path. #48862 (Also in 39)

... (truncated)

Commits
  • 35b8855 chore: empty commit to release stable 40.0.0 (#49404)
  • 7872c33 fix: revert os_crypt async cookie provider implementation (#49384)
  • 9c753c3 docs: remove stale example and standardize DevTools capitalization (#49387)
  • 8b2a991 docs: improve build-tools instructions (#49385)
  • c897602 refactor: add static ReplyChannel::SendError() helper (#49372)
  • 8cc201e chore: bump chromium to 144.0.7559.60 (40-x-y) (#49380)
  • ba26a5d chore: bump chromium to 144.0.7559.59 (40-x-y) (#49330)
  • df4d0be fix: fix cookie encryption provider loading on Windows and Linux (#49375)
  • 9c4e03f build: roll build-tools SHA to 4430e4a (#49366)
  • 05b4b57 feat: support WebSocket authentication handling (#49064)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jan 16, 2026
@dependabot dependabot bot mentioned this pull request Jan 16, 2026
Closed
@coderabbitai
Copy link
Contributor

coderabbitai bot commented Jan 16, 2026

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Comment @coderabbitai help to get the list of available commands and usage tips.

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/electron-40.0.0 branch 2 times, most recently from 046cda7 to 5ff4857 Compare January 17, 2026 13:06
@dependabot
Build(deps-dev): Bump electron from 38.7.2 to 40.0.0
38d5bf2 
Bumps [electron](https://github.com/electron/electron) from 38.7.2 to 40.0.0.
- [Release notes](https://github.com/electron/electron/releases)
- [Commits](electron/electron@v38.7.2...v40.0.0)

---
updated-dependencies:
- dependency-name: electron
  dependency-version: 40.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/electron-40.0.0 branch from 5ff4857 to 38d5bf2 Compare January 17, 2026 13:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant