Bump electron from 38.2.1 to 39.2.2

[dependabot]

Bumps electron from 38.2.1 to 39.0.0.

Release notes

Sourced from electron's releases.

electron v39.0.0

Release Notes for v39.0.0

Stack Upgrades

• Chromium 142.0.7444.52
  • New in 142
  • New in 141
• Node 22.20.0
  • Node 22.20.0 blog post
• V8 14.2

Breaking Changes

• Added colorSpace to offscreen shared texture info of webContents.on('paint') event.
  • Breaking Changed the signature of OffscreenSharedTexture to provide a unified handle that holds the native handle. #47315
• Fixed a spec compliance issue with window.open where it should always create a resizable popup window but did not. #47540

For breaking changes inherited via Chromium, see blog post

Features

Additions

• Added RGBAF16 output format with scRGB HDR color space support to Offscreen Rendering. #48504
• Added fileBacked and purgeable fields to process.getSystemMemoryInfo() for macOS. #47628 (Also in 37, 38)
• Added support for guid Tray constructor option on macOS to allow tray icons to maintain position across launches. #47838 (Also in 36, 37, 38)
• Added webFrameMain.fromFrameToken(processId, frameToken) to get a WebFrameMain instance from its frame token. #47850 (Also in 38)
• Added methods to enable more granular accessibility support management. #48625
• Added support for app.getRecentDocuments() on Windows and macOS. #45839 (Also in 36, 37, 38)
• Added support for USBDevice.configurations. #47459
• Added the ability to retrieve the system accent color on Linux using systemPreferences.getAccentColor. #48628
• Adds the ability to change window accent color on Windows after initial window initialization via {get|set}AccentColor. #47741 (Also in 36, 37, 38)
• Allowed for persisting File System API grant status within a given session. #48326 (Also in 37, 38)
• Internally switched to using DIR_ASSETS instead of DIR_MODULE/DIR_EXE to locate assets and resources, and added "assets" as a key that can be queried via app.getPath. #47439 (Also in 37, 38)
• Support dynamic ESM imports in non-context isolated preloads. #48488 (Also in 37, 38)

Fixes

• Fixed an issue where systemPreferences.getAccentColor inverted the color. #48624
• Fixed an issue where calling webContents.openDevTools({ mode: 'detach' }) would cause a crash on Wayland. #48623
• Fixed crash when accessing webContents.session. #48344
• Fixed crash when inspector agent attempts to evaluate on provisional frames. #48515
• Fixed crash when passing feature param from commandline --enable-features=Feature:ParamA/Value. #48442

Also in earlier versions...

• AccentColor set distinguishes the frame. #48450 (Also in 37, 38)
• Fix: runtime JS error that crashes GetPackageJSON. #48425 (Also in 37, 38)
• Fixed Wayland configuration through the XDG_SESSION_TYPE environment variable. #48310 (Also in 38)
• Fixed Windows dialog.showMessageBox default button handling. #48521 (Also in 36, 37, 38)
• Fixed a bug where app extensions filters didn't allow for selecting app bundles in macOS file dialogs. #47825 (Also in 36, 37, 38)
• Fixed a bug where the Referer header was not being set correctly when using webContents.downloadURL(). #47625 (Also in 36, 37, 38)
• Fixed a child process crash on macOS when the running application is replaced with one that has a newer implementation triggering the sandbox. #47765 (Also in 37, 38)
• Fixed a crash possible when calling webContents.loadURL() from a failed webContents.loadURL() call's catch handler. #48004 (Also in 36, 37, 38)

... (truncated)

Commits

• 0abda74 docs: modify the thickFrame doc (#48677)
• 4e8a552 fix: logical bug in install.js env var handling (#48673)
• d83383b docs: fix Ubuntu version used to build Electron (#48643)
• 496db94 chore: bump chromium to 142.0.7444.52 (39-x-y) (#48641)
• 00627c6 fix: crash on empty dialog extensions array on Windows (#48658)
• 7319e5c docs: security.md mark 'Enable process sandboxing' as active by defau… (#48647)
• 1056280 feat: enable more granular a11y feature management (#48625)
• 4fda94b feat: Add getAccentColor on Linux (#48628)
• e3715b0 fix: systemPreferences.getAccentColor inverted color (#48624)
• 90674e0 fix: icon in Windows toast notification (#48629)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	npm/​electron@​38.2.1 ⏵ 39.2.2	+1		+1	+1

View full report

[ravicious]

39.1.0 came out today, probably worth bumping to it instead of shipping 39.0.0.

[gzdunek]

I will try to test the update sometime this or next week.

[ravicious]

We can also try upgrading node-pty here, as Dependabot closed the PR that updated that package lol.

[gzdunek]

I've tested electron 39.2.2 and node-pty 1.0.0-beta.39.
It works fine on macOS, Windows, and Ubuntu. Unfortunately, in Fedora VM (v43) the window doesn't show up electron/electron#48321, electron/electron#48859. It appears that the last working version was 37.9.0.

@ravicious did you test the v38 upgrade in a VM? I'm wondering if the 38.2.1 version that we have one master is broken too.

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

[ravicious]

@ravicious did you test the v38 upgrade in a VM? I'm wondering if the 38.2.1 version that we have one master is broken too.

Yeah I did test it in a VM, see here: #59812 (comment). Too bad that the other issue you linked to seems to show up even outside of a VM. electron/electron#48859 (comment)

We could wait for v40 I guess and in the meantime update v37 on Teleport v18 and v17.

[gzdunek]

Oh I saw the comment, but I don't know how I missed that you ran into the same bug in the VM.

We could wait for v40 I guess and in the meantime update v37 on Teleport v18 and v17.

I think we could merge this PR, as it won't introduce an new bug and I already went through the test plan on all platforms :p

I will work on updating the Electron version on v18/v17.

[ravicious]

Cool, so I guess you just need to push commits from your computer to make this branch update Electron to 39.2.2 right?

[ravicious]

I cannot start a local terminal. The UI shows "Cannot execute /opt/homebrew/bin/zsh : posix_spawnp failed.". In the logs I see this:

SHARED [PtyHostService] info: created PTY process for id ET2_gzLSWIx297BwZUf9Q
SHARED [PtyProcess (id: ET2_gzLSWIx297BwZUf9Q /opt/homebrew/bin/zsh )] error: Error: posix_spawnp failed.
SHARED     at new UnixTerminal (/Users/rav/src/teleport/node_modules/.pnpm/node-pty@1.1.0-beta39/node_modules/node-pty/lib/unixTerminal.js:86:24)
SHARED     at Module.spawn (/Users/rav/src/teleport/node_modules/.pnpm/node-pty@1.1.0-beta39/node_modules/node-pty/lib/index.js:30:12)
SHARED     at PtyProcess.start (/Users/rav/src/teleport/web/packages/teleterm/build/app/main/sharedProcess.js:1269:42)
SHARED [PtyEventsStreamHandler (id: ET2_gzLSWIx297BwZUf9Q)] info: stream has started

Additionally, our PTY process handling appears to not handle it super well, because when I then close this tab, I see the following errors in the logs. Maybe it's the result of my gRPC changes from #59832.

SHARED [PtyEventsStreamHandler (id: ET2_gzLSWIx297BwZUf9Q)] info: stream has ended
SHARED [uncaught exception] error: unhandledRejection TypeError: Cannot read properties of undefined (reading 'onExit')
SHARED     at /Users/rav/src/teleport/web/packages/teleterm/build/app/main/sharedProcess.js:1430:48
SHARED     at new Promise (<anonymous>)
SHARED     at promisifyProcessExit (/Users/rav/src/teleport/web/packages/teleterm/build/app/main/sharedProcess.js:1430:10)
SHARED     at PtyProcess.dispose (/Users/rav/src/teleport/web/packages/teleterm/build/app/main/sharedProcess.js:1331:25)
SHARED     at PtyEventsStreamHandler.cleanResources (/Users/rav/src/teleport/web/packages/teleterm/build/app/main/sharedProcess.js:1227:27)
SHARED     at PtyEventsStreamHandler.handleStreamEnd (/Users/rav/src/teleport/web/packages/teleterm/build/app/main/sharedProcess.js:1224:15)
SHARED     at ServerDuplexStreamImpl.<anonymous> (/Users/rav/src/teleport/web/packages/teleterm/build/app/main/sharedProcess.js:1159:42)
SHARED     at ServerDuplexStreamImpl.emit (node:events:519:28)
SHARED     at endReadableNT (node:internal/streams/readable:1698:12)
SHARED     at process.processTicksAndRejections (node:internal/process/task_queues:90:21)
SHARED [uncaught exception] error: unhandledRejection TypeError: Cannot read properties of undefined (reading 'kill')
SHARED     at PtyProcess.dispose (/Users/rav/src/teleport/web/packages/teleterm/build/app/main/sharedProcess.js:1333:19)
SHARED     at PtyEventsStreamHandler.cleanResources (/Users/rav/src/teleport/web/packages/teleterm/build/app/main/sharedProcess.js:1227:27)
SHARED     at PtyEventsStreamHandler.handleStreamEnd (/Users/rav/src/teleport/web/packages/teleterm/build/app/main/sharedProcess.js:1224:15)
SHARED     at ServerDuplexStreamImpl.<anonymous> (/Users/rav/src/teleport/web/packages/teleterm/build/app/main/sharedProcess.js:1159:42)
SHARED     at ServerDuplexStreamImpl.emit (node:events:519:28)
SHARED     at endReadableNT (node:internal/streams/readable:1698:12)
SHARED     at process.processTicksAndRejections (node:internal/process/task_queues:90:21)

[ravicious]

I think the error from the second code block happens because the PtyProcess failed to start but we still call dispose which tries to wait for its exit. In the catch block where we call this._process = nodePTY.spawn, we should probably set this._disposed to true.

[gzdunek]

Interesting, I didn't see it while performing the checklist, it seems that it doesn't happen in a packaged app.

I see there are some issue about it microsoft/node-pty#789, microsoft/node-pty#670, but without any resolution.
I will revert the update.

In the catch block where we call this._process = nodePTY.spawn, we should probably set this._disposed to true.

Yeah, I think so.