mirror of
https://github.com/servo/servo
synced 2026-04-25 17:15:48 +02:00
c1e5ea362dc86860d4d1c8459de7c7494ef3a649
55920 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
dependabot[bot]
|
c1e5ea362d |
build: bump jiff from 0.2.23 to 0.2.24 (#44467)
Bumps [jiff](https://github.com/BurntSushi/jiff) from 0.2.23 to 0.2.24. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/BurntSushi/jiff/blob/master/CHANGELOG.md">jiff's changelog</a>.</em></p> <blockquote> <h1>0.2.24 (2026-04-23)</h1> <p>This release primarily adds a new <code>memory_usage</code> routine for reporting heap allocation sizes for the <code>TimeZone</code> and <code>Zoned</code> types. This release also acknowledges and updates the timeline expectations for a Jiff 1.0 release in <code>README.md</code>.</p> <p>Enhancements:</p> <ul> <li><a href="https://redirect.github.com/BurntSushi/jiff/issues/520">#520</a>: Add <code>memory_usage</code> to the <code>TimeZone</code> and <code>Zoned</code> types.</li> <li><a href="https://redirect.github.com/BurntSushi/jiff/pull/535">#535</a>: Improve comment in <code>Span::checked_add</code> example.</li> </ul> <p>Bug fixes:</p> <ul> <li><a href="https://redirect.github.com/BurntSushi/jiff/pull/541">#541</a>: Update Jiff 1.0 timeline.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
ffa2a72a55 |
build: bump libc from 0.2.185 to 0.2.186 (#44468)
Bumps [libc](https://github.com/rust-lang/libc) from 0.2.185 to 0.2.186. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/libc/releases">libc's releases</a>.</em></p> <blockquote> <h2>0.2.186</h2> <h3>Added</h3> <ul> <li>Apple: Add <code>KEVENT_FLAG_*</code> constants (<a href="https://redirect.github.com/rust-lang/libc/pull/5070">#5070</a>)</li> <li>Linux: Add <code>PR_SET_MEMORY_MERGE</code> and <code>PR_GET_MEMORY_MERGE</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/5060">#5060</a>)</li> </ul> <h3>Changed</h3> <ul> <li>CI: Migrate FreeBSD CI from Cirrus CI to GitHub Actions (<a href="https://redirect.github.com/rust-lang/libc/pull/5058">#5058</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/libc/blob/0.2.186/CHANGELOG.md">libc's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/rust-lang/libc/compare/0.2.185...0.2.186">0.2.186</a> - 2026-04-24</h2> <h3>Added</h3> <ul> <li>Apple: Add <code>KEVENT_FLAG_*</code> constants (<a href="https://redirect.github.com/rust-lang/libc/pull/5070">#5070</a>)</li> <li>Linux: Add <code>PR_SET_MEMORY_MERGE</code> and <code>PR_GET_MEMORY_MERGE</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/5060">#5060</a>)</li> </ul> <h3>Changed</h3> <ul> <li>CI: Migrate FreeBSD CI from Cirrus CI to GitHub Actions (<a href="https://redirect.github.com/rust-lang/libc/pull/5058">#5058</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Alice
|
6a84134a34 |
layout: Store AccessibilityTree's nodes in ArcRefCells. (#44438)
This will allow us not to need to repeatedly borrow `self` when reading/updating individual `AccessibilityNode`s. Testing: No behaviour change, covered by existing `accessibility` test. --------- Signed-off-by: Alice Boxhall <alice@igalia.com> Co-authored-by: delan azabani <dazabani@igalia.com> |
||
|
Martin Robinson
|
25ef3121a7 |
layout: Split hard line breaks into their own TextRunItem (#44436)
This change makes it so that hard line breaks are not shaped during inline formatting context creation. Instead they are a separate variant of a new `TextRunItem` enum. This will make it easier to start linebreaking later in the flow of inline layout. Testing: This fixes three WPT tests, likely because we are now properly using the BiDi level of BiDi control characters. One test starts failing, but it depends on tab rendering, which we do not currently support properly. Signed-off-by: Martin Robinson <mrobinson@igalia.com> |
||
|
Euclid Ye
|
464ae8204f |
layout: Use an accurately-sized clipping rectangle for box-shadow display list item properties instead of MaxRect (#44457)
Mobile phone runs OpenGL Embedded System. The precision is limited comparing to Desktop which runs full OpenGL. This caused a bug where box-shadow is not displayed on Android/OHOS. Instead of using an infinite clip rect, we compute a bounded one. This should save some GPU work as well. Reference: [How to gracefully handle highp/mediump switch for mobile Android browsers?](https://discourse.threejs.org/t/how-to-gracefully-handle-highp-mediump-switch-for-mobile-android-browsers/77335) Testing: Desktop WPT [unchanged](https://github.com/servo/servo/actions/runs/24825758325). Manually tested on Android/Ohos. Now look same as Firefox/Chrome. | Before | After | | -------- | -------- | |  |  | Fixes: #44431 Closes: https://github.com/servo/webrender/pull/4879 --------- Signed-off-by: Euclid Ye <yezhizhenjiakang@gmail.com> |
||
|
Tim van der Lippe
|
9189fe06a5 |
script: Add initial implementation of italic command (#44432)
While working on this, I realised that the `current_state` computation was wrong. Instead, the spec actually clearly defines what to do, but I hadn't found it yet. The code now correctly implements state computation and voila, it also fixes the previous underline issue that I didn't understand why it would fail. Part of #25005 Testing: WPT Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com> |
||
|
elomscansio
|
aa7eca43b7 |
script: propagate VirtualMethods::unbind_from_tree with &mut JSContext (#44422)
Propagate `&mut JSContext` in `VirtualMethods::unbind_from_tree` Testing: Successful build is enough Fixes: #42837 --------- Signed-off-by: Emmanuel Paul Elom <elomemmanuel007@gmail.com> |
||
|
Alice
|
ff0e9655a8 |
layout: Allow repeatedly adding the same node to AccessibilityUpdate (#44437)
This means keeping nodes in a temporary map until the accesskit TreeUpdate is accessed via `finalize()`. After `finalize()` is called, any further attempts to use the object will panic. Testing: Added a unit test. --------- Signed-off-by: Alice Boxhall <alice@igalia.com> Signed-off-by: delan azabani <dazabani@igalia.com> Co-authored-by: delan azabani <dazabani@igalia.com> |
||
|
dependabot[bot]
|
b0d512c435 |
build: bump hyper-rustls from 0.27.8 to 0.27.9 (#44449)
Bumps [hyper-rustls](https://github.com/rustls/hyper-rustls) from 0.27.8 to 0.27.9. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/rustls/hyper-rustls/releases">hyper-rustls's releases</a>.</em></p> <blockquote> <h2>0.27.9</h2> <p>This release fixes the accidental omission of the ISC license in the published crate.</p> <h2>What's Changed</h2> <ul> <li>Bump rustls from 0.23.37 to 0.23.38 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/rustls/hyper-rustls/pull/339">rustls/hyper-rustls#339</a></li> <li>Fix ISC license include, prepare 0.27.9 by <a href="https://github.com/cpu"><code>@cpu</code></a> in <a href="https://redirect.github.com/rustls/hyper-rustls/pull/340">rustls/hyper-rustls#340</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/rustls/hyper-rustls/compare/v/0.27.8...v/0.27.9">https://github.com/rustls/hyper-rustls/compare/v/0.27.8...v/0.27.9</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Gae24
|
e2f17e0d28 |
deps: Bump jni-rs to 0.22 (#44322)
Update jni-rs to 0.22, the main changes involve the introduction of `with_env` within native methods, and updating uses of `attach_current_thread`, which now requires a closure passed to it. Callback object is now stored inside a `OnceLock`, since it would crash when it was deleted, probably once a `WakeupCallback` was dropped: ``` JNI DETECTED ERROR IN APPLICATION: JNI ERROR (app bug): jobject is an invalid global reference: 0x2fc6 (deleted reference at index 382) ``` Also update android-activity and rustls-platform-verifier. Testing: We don't have android tests in CI, manual testing is required Fixes: Part of #40979 --------- Signed-off-by: Gae24 <96017547+Gae24@users.noreply.github.com> |
||
|
Jonathan Schwender
|
0ea42bc774 |
profile: Add instrumentation to startup related functions (#44456)
Follow-up to #44443. This helps investigating the cold-start timeline, and could be used by tooling to A/B compare branches affecting the cold-start time. Additionally also change the `handle_request::select` span, so that we can see the blocked time (which was probably what was intended), since the actual time spent on recv after select is insignificant. Testing: Tracing output is not covered by automatic tests. --------- Signed-off-by: Jonathan Schwender <schwenderjonathan@gmail.com> |
||
|
Jonathan Schwender
|
ab5deb4030 |
profile: Add initial trace event (#44443)
Adds a profiling event at the startup of servoshell, right after initializing the tracing subsystem. To support this, add macro abstractions for tracing events. The existing span (macros) have a start and an end, but for one-off events, we don't need a span and hence it make sense to also add the event macros. The new event at startup is useful when measuring / optimizing general startup time. Adding a timestamp as field, allows us to ground the measurement and compare it against time measured outside of servo, regardless of how the profiling backend (tracing-perfetto, tracing-hitrace, future backends) save timestamps. Testing: Build-testing: the HarmonyOS build enables the tracing feature. On other platforms this is not the case in CI. --------- Signed-off-by: Jonathan Schwender <schwenderjonathan@gmail.com> |
||
|
Kingsley Yung
|
daed36d4bf |
script: Implement Sanitizer.get() method (#44452)
Implement the `Sanitizer.get()` method. Same as the previous patches on Sanitizer API, the steps related to processing instructions are marked as TODO. Support for process instructions was recently added to the specification, and we will implement it later when tests are ready. Testing: Covered by WPT tests in `sanitizer-api/sanitizer-get.tentative.html` Fixes: Part of #43948 Signed-off-by: Kingsley Yung <kingsley@kkoyung.dev> |
||
|
Gae24
|
20e94989eb |
script: pass &mut JSContext inside worklet code (#44441)
Testing: It compiles Part of #40600 Signed-off-by: Gae24 <96017547+Gae24@users.noreply.github.com> |
||
|
Taym Haddadi
|
353e5248f1 |
SharedWorker : script unblock shared worker common plumbing for SharedWorker (#44440)
part of https://github.com/servo/servo/issues/7458 Signed-off-by: Taym Haddadi <haddadi.taym@gmail.com> |
||
|
Jonathan Schwender
|
d0b2337118 |
mozjs: Fix make 4.4 broken parallel compilation (#44346)
Companion PR to https://github.com/servo/mozjs/pull/735. This bumps mozjs to the latest version 0.15.9. The changes were reviewed in the linked PR. Testing: This changes behavior when using `make` 4.4 and compiling mozjs from source in CI. This path is not exercised in CI, since Ubuntu 24.04 still ships make 4.3. Signed-off-by: Jonathan Schwender <schwenderjonathan@gmail.com> |
||
|
dependabot[bot]
|
e611a186be |
build: bump typenum from 1.19.0 to 1.20.0 (#44451)
Bumps [typenum](https://github.com/paholg/typenum) from 1.19.0 to 1.20.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/paholg/typenum/releases">typenum's releases</a>.</em></p> <blockquote> <h2>v1.20.0</h2> <h2>Commits</h2> <ul> <li>77b877d: remove deprecated features, replace build script with pre-generated tests (<a href="https://redirect.github.com/paholg/typenum/issues/237">#237</a>) (Cathal) <a href="https://redirect.github.com/paholg/typenum/pull/237">#237</a></li> <li>4d5f26b: Add tuple operations (<a href="https://redirect.github.com/paholg/typenum/issues/242">#242</a>) (grenewode) <a href="https://redirect.github.com/paholg/typenum/pull/242">#242</a></li> <li>c755e2f: Version 1.20.0 (Paho Lurie-Gregg)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/paholg/typenum/blob/main/CHANGELOG.md">typenum's changelog</a>.</em></p> <blockquote> <h3>1.20.0 (2026-04-18)</h3> <ul> <li>[removed] Removed <code>no_std</code> feature flag (deprecated since 1.3.0)</li> <li>[removed] Removed <code>force_unix_path_separator</code> feature flag (deprecated since 1.17.0)</li> <li>[changed] Replaced <code>build.rs</code> script with pre-generated test files</li> <li>[added] Indexing into tuples</li> <li>[changed] MSRV now 1.41.0</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
82370a7cab |
build: bump clap from 4.6.0 to 4.6.1 (#44450)
Bumps [clap](https://github.com/clap-rs/clap) from 4.6.0 to 4.6.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/clap-rs/clap/releases">clap's releases</a>.</em></p> <blockquote> <h2>v4.6.1</h2> <h2>[4.6.1] - 2026-04-15</h2> <h3>Fixes</h3> <ul> <li><em>(derive)</em> Ensure rebuilds happen when an read env variable is changed</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/clap-rs/clap/blob/master/CHANGELOG.md">clap's changelog</a>.</em></p> <blockquote> <h2>[4.6.1] - 2026-04-15</h2> <h3>Fixes</h3> <ul> <li><em>(derive)</em> Ensure rebuilds happen when an read env variable is changed</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
1c4b0b57b8 |
build: bump rustls from 0.23.38 to 0.23.39 (#44448)
Bumps [rustls](https://github.com/rustls/rustls) from 0.23.38 to 0.23.39. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
609f50d680 |
build: bump pastey from 0.2.1 to 0.2.2 (#44447)
Bumps [pastey](https://github.com/as1100k/pastey) from 0.2.1 to 0.2.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/as1100k/pastey/releases">pastey's releases</a>.</em></p> <blockquote> <h2>v0.2.2</h2> <h2>What's Changed</h2> <ul> <li>Fix Rust 1.56 compatibility: Handle None-delimited groups in replace modifier in <a href="https://redirect.github.com/AS1100K/pastey/pull/25">AS1100K/pastey#25</a></li> <li>increase the code coverage by <a href="https://github.com/bharatGoswami8"><code>@bharatGoswami8</code></a> in <a href="https://redirect.github.com/AS1100K/pastey/pull/28">AS1100K/pastey#28</a></li> <li>add coverage on CI by <a href="https://github.com/bharatGoswami8"><code>@bharatGoswami8</code></a> in <a href="https://redirect.github.com/AS1100K/pastey/pull/30">AS1100K/pastey#30</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/bharatGoswami8"><code>@bharatGoswami8</code></a> made their first contribution in <a href="https://redirect.github.com/AS1100K/pastey/pull/28">AS1100K/pastey#28</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/AS1100K/pastey/blob/master/CHANGELOG.md#022---2026-04-23"><code>CHANGELOG.md</code></a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/AS1100K/pastey/blob/master/CHANGELOG.md">pastey's changelog</a>.</em></p> <blockquote> <h2>[0.2.2] - 2026-04-23</h2> <h3>Improved</h3> <ul> <li>Improved Code Coverage <a href="https://redirect.github.com/AS1100K/pastey/pull/28">#28</a>, <a href="https://redirect.github.com/AS1100K/pastey/pull/30">#30</a></li> </ul> <h3>Fixed</h3> <ul> <li>Rust 1.56 compatibility: Handling None-delimited groups in replace modifier <a href="https://redirect.github.com/AS1100K/pastey/pull/25">#25</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
412f98b9bb |
build: bump dbus from 0.9.10 to 0.9.11 (#44446)
Bumps [dbus](https://github.com/diwic/dbus-rs) from 0.9.10 to 0.9.11. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Simon Sapin
|
4535a7d7b5 |
script: Rewrite NodeList::ChildrenList with a cached Vec of nodes (#44435)
In DOM APIs, `Node.childNodes` is a `NodeList` that has an
`.item(index)` method that allows random access, but DOM nodes only
store pointers to their first/last child and next/previous sibling. The
previous implementation involved keeping a "last accessed" pointer, and
a significant amount of logic to find the requested index by walking
next/previous sibling pointers from whichever of last accessed, first
child, or last child is nearest. This logic sometimes incorrectly
assumed the (nullable) last accessed pointer to be present, causing a
panic in `Option::unwrap`.
Rather than try to fix that logic, this replaces entirely with the
approach suggested in #25206 and used [by
Firefox](https://searchfox.org/firefox-main/source/dom/base/nsChildContentList.h):
keep a cached `Vec` of pointers to all child nodes, created lazily when
needed, and invalidated whenever any part of it changes.
Testing: the first commit adds a failing WPT crashtest, the second
commit fixes it
Fixes: https://github.com/servo/servo/issues/25206
Fixes: https://github.com/servo/servo/issues/36764
---------
Signed-off-by: Simon Sapin <simon@igalia.com>
|
||
|
Martin Robinson
|
1528f31269 |
script: Add an initial implementation of the "focus update steps" (#44360)
This moves Servo closer to the focus parts of the HTML specification. The behavior should be the same as before, but now the code in `script` matches the structure of the specification. The main goal is to set us up for: - Firing focus events in the right order on nested documents - A proper implementation of the unfocusing steps. Testing: This should not change behavior so is covered by existing tests. Signed-off-by: Martin Robinson <mrobinson@fastmail.fm> Co-authored-by: Martin Robinson <mrobinson@fastmail.fm> |
||
|
Narfinger
|
c2b88ff7f5 |
media: Switch to workspace dependencies and minor cleanup (#44428)
This PR makes minor cleanup in the media crates: - Switch dependencies to workspace dependencies if they are already included in the main Cargo.toml - Switch from crate serde_derive to serde with feature flag derive. - Switch from the separate crate for OnceCell to the std provided LazyLock. - Update num_complex Testing: The only functional changes are either slight version bumps, the replacement to LazyLock which is conservative and the num_complex update which also shouldn't have any behavior changes. --------- Signed-off-by: Narfinger <Narfinger@users.noreply.github.com> |
||
|
Kingsley Yung
|
6934a65e5c |
script: Validate sanitizer configuration (#44421)
Implement sanitizer configuration validation algorithm, and complete the "set a configuration" algorithm. The steps related to processing instructions are marked as TODO. Support for process instructions was recently added to the specification, and we will implement it later when tests are ready. Specification: - https://wicg.github.io/sanitizer-api/#sanitizerconfig-valid - https://wicg.github.io/sanitizer-api/#sanitizer-set-a-configuration Testing: Covered by WPT tests in `sanitizer-api/sanitizer-config.tentative.html` Fixes: Part of #43948 --------- Signed-off-by: Kingsley Yung <kingsley@kkoyung.dev> |
||
|
Euclid Ye
|
d46b0a9826 |
dependabot: Add rustls-webpki related group (#44429)
This should make #44415, #44418, #44419 work in one PR without conflict in the future. Testing: Will be tested in CI in future rounds of update. Signed-off-by: Euclid Ye <yezhizhenjiakang@gmail.com> |
||
|
Tim van der Lippe
|
6de7311014 |
script: Add initial implementation of strikethrough command (#44410)
Part of #25005 Testing: WPT Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com> |
||
|
dependabot[bot]
|
7007dc4346 |
build: bump rustls-webpki from 0.103.12 to 0.103.13 (#44419)
Bumps [rustls-webpki](https://github.com/rustls/webpki) from 0.103.12 to 0.103.13. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/rustls/webpki/releases">rustls-webpki's releases</a>.</em></p> <blockquote> <h2>0.103.13</h2> <ul> <li><strong>Fix reachable panic in parsing a CRL</strong>. This was reported to us as <a href="https://github.com/rustls/webpki/security/advisories/GHSA-82j2-j2ch-gfr8">GHSA-82j2-j2ch-gfr8</a>. Users who don't use CRLs are not affected.</li> <li>For name constraints on URI names, we incorrectly processed excluded subtrees in a way which inverted the desired meaning. See <a href="https://redirect.github.com/rustls/webpki/pull/471">rustls/webpki#471</a>. This was a case missing in the fix for <a href="https://github.com/advisories/GHSA-965h-392x-2mh5">https://github.com/advisories/GHSA-965h-392x-2mh5</a>.</li> </ul> <h2>What's Changed</h2> <ul> <li>Actually fail closed for URI matching against excluded subtrees by <a href="https://github.com/djc"><code>@djc</code></a> in <a href="https://redirect.github.com/rustls/webpki/pull/473">rustls/webpki#473</a></li> <li>Prepare 0.103.13 by <a href="https://github.com/ctz"><code>@ctz</code></a> in <a href="https://redirect.github.com/rustls/webpki/pull/474">rustls/webpki#474</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/rustls/webpki/compare/v/0.103.12...v/0.103.13">https://github.com/rustls/webpki/compare/v/0.103.12...v/0.103.13</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Euclid Ye
|
6592e8512b |
layout: Replace SVG base fragment rect conditionally to support viewBox (#44420)
As titled. Testing: Manually tested with multiple real websites with viewbox in svg. It looked terrible before, but now looking good! New passing in WPT. Partially addresses: #38985 --------- Signed-off-by: Euclid Ye <yezhizhenjiakang@gmail.com> |
||
|
Jonathan Schwender
|
97c08a6f95 |
net: Optimize initial TLS connection (#44242)
By touching the crypto provider, we can force it to gather entropy. On my linux VM, that moved ~60ms off the critical path (using aws-lc-rs, but probably any other crypto provider would show similar behavior). On my Linux workstation it was around ~30ms. On Linux caching the rustls platform verifier cache optimizes another 50ms. On other platforms this will be cheaper, since only on some systems all certificates are read. It might make sense to explore caching the whole tlsconfig (for websockets), since it looks like we are just cloning the same components and then constructing a new tlsconfig, which would lead to the same effective component. But that needs more investigation. Testing: Doesn't change any visible behavior, covered by existing tests. --------- Signed-off-by: Jonathan Schwender <schwenderjonathan@gmail.com> |
||
|
Martin Robinson
|
09ef444d63 |
layout: Add placeholders for text carets after finishing a line (#44370)
Instead of readily adding a strut for text carets when processing a line break, wait until a line is finished. This allows placing a strut on the final line. In addition to fixing #41338 this will also make it possible to handle line breaks as a separate kind of text run item so that we can preserve shaping results between layouts. In addition, some changes are made in script to ensure that these placeholders are never placed for non-textual input elements. Testing: This change adds a Servo-specific WPT test. Caret rendering isn't specified. Fixes: #41338 Signed-off-by: Martin Robinson <mrobinson@igalia.com> |
||
|
Taym Haddadi
|
bdbbe641eb |
SharedWorker: Add SharedWorker and SharedWorkerGlobalScope WebIDL interfaces (#44375)
Testing: covered by WPT test. part of https://github.com/servo/servo/issues/7458 --------- Signed-off-by: Taym Haddadi <haddadi.taym@gmail.com> |
||
|
dependabot[bot]
|
d995e90976 |
build: bump webpki-roots from 1.0.6 to 1.0.7 (#44418)
Bumps [webpki-roots](https://github.com/rustls/webpki-roots) from 1.0.6 to 1.0.7. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/rustls/webpki-roots/releases">webpki-roots's releases</a>.</em></p> <blockquote> <h2>1.0.7</h2> <p>For their April 2026 root store changes, Mozilla has made more changes than usual:</p> <blockquote> <p>These changes are part of Mozilla’s ongoing root store maintenance under the Mozilla Root Store Policy (MRSP), including <a href="https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/#74-root-ca-lifecycles">§7.4</a> (Root CA Lifecycles) and <a href="https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/#753-transition-plan-for-existing-roots">§7.5.3</a> (Transition Plans). They reflect a combination of lifecycle-based transitions, CA operator requests, and alignment with intended certificate usage, including retiring older or less suitable root certificates, enforcing clear separation of trust purposes (e.g., TLS vs. S/MIME), and reducing unnecessary trust surface in the Web PKI ecosystem. Collectively, these actions help to ensure that root certificates are relied upon only for their intended and actively maintained use cases, or are retired in accordance with established distrust timelines.</p> </blockquote> <p>This removes:</p> <ul> <li>CN=Certigna O=Dhimyotis</li> <li>CN=COMODO Certification Authority O=COMODO CA Limited</li> <li>CN=DigiCert Assured ID Root CA O=DigiCert Inc OU=www.digicert.com</li> <li>CN=DigiCert Global Root CA O=DigiCert Inc OU=www.digicert.com</li> <li>CN=DigiCert High Assurance EV Root CA O=DigiCert Inc OU=www.digicert.com</li> <li>CN=FIRMAPROFESIONAL CA ROOT-A WEB O=Firmaprofesional SA</li> <li>CN=GTS Root R2 O=Google Trust Services LLC</li> <li>CN=QuoVadis Root CA 2 O=QuoVadis Limited</li> <li>CN=QuoVadis Root CA 3 O=QuoVadis Limited</li> <li>CN=Secure Global CA O=SecureTrust Corporation</li> <li>CN=SecureTrust CA O=SecureTrust Corporation</li> <li>CN=SwissSign Gold CA - G2 O=SwissSign AG</li> <li>CN=TeliaSonera Root CA v1 O=TeliaSonera</li> <li>CN=Trustwave Global Certification Authority O=Trustwave Holdings, Inc.</li> <li>CN=Trustwave Global ECC P256 Certification Authority O=Trustwave Holdings, Inc.</li> <li>CN=Trustwave Global ECC P384 Certification Authority O=Trustwave Holdings, Inc.</li> <li>O=certSIGN OU=certSIGN ROOT CA</li> </ul> <p>See <a href="https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/o1VliD70ctg/m/pY0JBzTlAQAJ?pli=1">their announcement</a> for more details.</p> <h2>What's Changed</h2> <ul> <li>Take semver-compatible dependency updates by <a href="https://github.com/djc"><code>@djc</code></a> in <a href="https://redirect.github.com/rustls/webpki-roots/pull/116">rustls/webpki-roots#116</a></li> <li>Take semver-compatible dependency updates by <a href="https://github.com/djc"><code>@djc</code></a> in <a href="https://redirect.github.com/rustls/webpki-roots/pull/117">rustls/webpki-roots#117</a></li> <li>Take semver-compatible updates by <a href="https://github.com/ctz"><code>@ctz</code></a> in <a href="https://redirect.github.com/rustls/webpki-roots/pull/118">rustls/webpki-roots#118</a></li> <li>Prepare 1.0.7 by <a href="https://github.com/djc"><code>@djc</code></a> in <a href="https://redirect.github.com/rustls/webpki-roots/pull/120">rustls/webpki-roots#120</a></li> <li>Update dependencies by <a href="https://github.com/djc"><code>@djc</code></a> in <a href="https://redirect.github.com/rustls/webpki-roots/pull/119">rustls/webpki-roots#119</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/rustls/webpki-roots/compare/v/1.0.6...v/1.0.7">https://github.com/rustls/webpki-roots/compare/v/1.0.6...v/1.0.7</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
4d56440d4e |
build: bump bpaf from 0.9.24 to 0.9.25 (#44416)
Bumps [bpaf](https://github.com/pacak/bpaf) from 0.9.24 to 0.9.25. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pacak/bpaf/blob/master/Changelog.md">bpaf's changelog</a>.</em></p> <blockquote> <h2>bpaf [0.9.25] - 2026-04-15</h2> <ul> <li>Change rendering of an adjacent block in Markdown - this is no longer a <code>###</code> but a regular line item instead. Header messes up with generated navigation on some pages</li> <li><code>app_name</code> - parser that extracts the executable name</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/pacak/bpaf/commits/v0.9.25">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
c75eea95c3 |
build: bump webpki-root-certs from 1.0.6 to 1.0.7 (#44415)
Bumps [webpki-root-certs](https://github.com/rustls/webpki-roots) from 1.0.6 to 1.0.7. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/rustls/webpki-roots/releases">webpki-root-certs's releases</a>.</em></p> <blockquote> <h2>1.0.7</h2> <p>For their April 2026 root store changes, Mozilla has made more changes than usual:</p> <blockquote> <p>These changes are part of Mozilla’s ongoing root store maintenance under the Mozilla Root Store Policy (MRSP), including <a href="https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/#74-root-ca-lifecycles">§7.4</a> (Root CA Lifecycles) and <a href="https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/#753-transition-plan-for-existing-roots">§7.5.3</a> (Transition Plans). They reflect a combination of lifecycle-based transitions, CA operator requests, and alignment with intended certificate usage, including retiring older or less suitable root certificates, enforcing clear separation of trust purposes (e.g., TLS vs. S/MIME), and reducing unnecessary trust surface in the Web PKI ecosystem. Collectively, these actions help to ensure that root certificates are relied upon only for their intended and actively maintained use cases, or are retired in accordance with established distrust timelines.</p> </blockquote> <p>This removes:</p> <ul> <li>CN=Certigna O=Dhimyotis</li> <li>CN=COMODO Certification Authority O=COMODO CA Limited</li> <li>CN=DigiCert Assured ID Root CA O=DigiCert Inc OU=www.digicert.com</li> <li>CN=DigiCert Global Root CA O=DigiCert Inc OU=www.digicert.com</li> <li>CN=DigiCert High Assurance EV Root CA O=DigiCert Inc OU=www.digicert.com</li> <li>CN=FIRMAPROFESIONAL CA ROOT-A WEB O=Firmaprofesional SA</li> <li>CN=GTS Root R2 O=Google Trust Services LLC</li> <li>CN=QuoVadis Root CA 2 O=QuoVadis Limited</li> <li>CN=QuoVadis Root CA 3 O=QuoVadis Limited</li> <li>CN=Secure Global CA O=SecureTrust Corporation</li> <li>CN=SecureTrust CA O=SecureTrust Corporation</li> <li>CN=SwissSign Gold CA - G2 O=SwissSign AG</li> <li>CN=TeliaSonera Root CA v1 O=TeliaSonera</li> <li>CN=Trustwave Global Certification Authority O=Trustwave Holdings, Inc.</li> <li>CN=Trustwave Global ECC P256 Certification Authority O=Trustwave Holdings, Inc.</li> <li>CN=Trustwave Global ECC P384 Certification Authority O=Trustwave Holdings, Inc.</li> <li>O=certSIGN OU=certSIGN ROOT CA</li> </ul> <p>See <a href="https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/o1VliD70ctg/m/pY0JBzTlAQAJ?pli=1">their announcement</a> for more details.</p> <h2>What's Changed</h2> <ul> <li>Take semver-compatible dependency updates by <a href="https://github.com/djc"><code>@djc</code></a> in <a href="https://redirect.github.com/rustls/webpki-roots/pull/116">rustls/webpki-roots#116</a></li> <li>Take semver-compatible dependency updates by <a href="https://github.com/djc"><code>@djc</code></a> in <a href="https://redirect.github.com/rustls/webpki-roots/pull/117">rustls/webpki-roots#117</a></li> <li>Take semver-compatible updates by <a href="https://github.com/ctz"><code>@ctz</code></a> in <a href="https://redirect.github.com/rustls/webpki-roots/pull/118">rustls/webpki-roots#118</a></li> <li>Prepare 1.0.7 by <a href="https://github.com/djc"><code>@djc</code></a> in <a href="https://redirect.github.com/rustls/webpki-roots/pull/120">rustls/webpki-roots#120</a></li> <li>Update dependencies by <a href="https://github.com/djc"><code>@djc</code></a> in <a href="https://redirect.github.com/rustls/webpki-roots/pull/119">rustls/webpki-roots#119</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/rustls/webpki-roots/compare/v/1.0.6...v/1.0.7">https://github.com/rustls/webpki-roots/compare/v/1.0.6...v/1.0.7</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
4322792c84 |
build: bump h2 from 0.4.12 to 0.4.13 (#44414)
Bumps [h2](https://github.com/hyperium/h2) from 0.4.12 to 0.4.13. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/hyperium/h2/releases">h2's releases</a>.</em></p> <blockquote> <h2>v0.4.13</h2> <h2>What's Changed</h2> <ul> <li>Implement HTTP/2 informational responses (1xx) support by <a href="https://github.com/apu031"><code>@apu031</code></a> in <a href="https://redirect.github.com/hyperium/h2/pull/865">hyperium/h2#865</a></li> <li>fix: Unparent connection span by <a href="https://github.com/Jesse-Bakker"><code>@Jesse-Bakker</code></a> in <a href="https://redirect.github.com/hyperium/h2/pull/868">hyperium/h2#868</a></li> <li>fix: auto-release padding from DATA frames by <a href="https://github.com/seanmonstar"><code>@seanmonstar</code></a> in <a href="https://redirect.github.com/hyperium/h2/pull/869">hyperium/h2#869</a></li> <li>fix: do not assign capacity for pending streams by <a href="https://github.com/benjaminp"><code>@benjaminp</code></a> in <a href="https://redirect.github.com/hyperium/h2/pull/860">hyperium/h2#860</a></li> <li>perf: reduce huffman decode table size by <a href="https://github.com/ariaandika"><code>@ariaandika</code></a> in <a href="https://redirect.github.com/hyperium/h2/pull/871">hyperium/h2#871</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/Jesse-Bakker"><code>@Jesse-Bakker</code></a> made their first contribution in <a href="https://redirect.github.com/hyperium/h2/pull/868">hyperium/h2#868</a></li> <li><a href="https://github.com/ariaandika"><code>@ariaandika</code></a> made their first contribution in <a href="https://redirect.github.com/hyperium/h2/pull/871">hyperium/h2#871</a></li> <li><a href="https://github.com/apu031"><code>@apu031</code></a> made their first contribution in <a href="https://redirect.github.com/hyperium/h2/pull/865">hyperium/h2#865</a></li> <li><a href="https://github.com/benjaminp"><code>@benjaminp</code></a> made their first contribution in <a href="https://redirect.github.com/hyperium/h2/pull/860">hyperium/h2#860</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/hyperium/h2/compare/v0.4.12...v0.4.13">https://github.com/hyperium/h2/compare/v0.4.12...v0.4.13</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/hyperium/h2/blob/master/CHANGELOG.md">h2's changelog</a>.</em></p> <blockquote> <h1>0.4.13 (January 5, 2026)</h1> <ul> <li>Add support for 1xx informational responses on client and server side.</li> <li>Fix auto-releasing of padding bytes of DATA frames for flow control windows.</li> <li>Fix to stop assigning capacity to pending streams which can't use it yet.</li> <li>Fix tracing to not grab the parent for the connection span.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
a65769ae98 |
build: bump glslopt from 0.1.12 to 0.1.13 (#44413)
Bumps [glslopt](https://github.com/jamienicol/glslopt-rs) from 0.1.12 to 0.1.13. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/jamienicol/glslopt-rs/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
Martin Robinson
|
bec5a6ce37 |
layout: Simplify the way characters are iterated when segmeting text (#44400)
This is a minor adjustment from #44276 that makes the way characters are iterated easier to read. Testing: This should not change behavior so should be covered by existing tests. Signed-off-by: Martin Robinson <mrobinson@igalia.com> |
||
|
Tim van der Lippe
|
138e7be47e |
script: Achieve failure parity with other browsers for underline command (#44390)
With these changes, we now fail the minimum set of tests. That is to say: we don't fail any test that no other browser fails. All test failures therefore match at least 1 other browser. The one exception is the updated test expectation. That's because all browsers fail this test in the exact same way, hence updating the expectation. We fail it, since I don't know how browsers reach to that point. I think it's related to traversal of the contained children and the order that they are traversed in. Unfortunately my attempts at fixing that have not been fruitful, so leaving that one for now. Part of #25005 Testing: WPT --------- Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com> Signed-off-by: Tim van der Lippe <TimvdLippe@users.noreply.github.com> Co-authored-by: Martin Robinson <martin@abandonedwig.info> |
||
|
Narfinger
|
617c9c0162 |
script: JSContextify dom/css partially (#44406)
This JSContextifies parts of dom/css directory. Testing: Compilation is the test. Signed-off-by: Narfinger <Narfinger@users.noreply.github.com> |
||
|
Narfinger
|
99899612cb |
net: Split ResourceTimings into separate file and create batch attribute setting (#44395)
ResourceFetchTimings are set throughout the methods in http_loader.rs. These methods are already very complicated, so having multiple times `context.timings.lock().set_attribute()` can be quite distracting to understanding. This introduces ResourceFetchTimingsContainer structure which has the lock inside and allows setting multiple attributes to clean up the code in http_loader. Testing: This is a refactor and does not change functionality. Signed-off-by: Narfinger <Narfinger@users.noreply.github.com> |
||
|
atbrakhi
|
f8c97cd609 |
devtools: Always pass ownPropertiesLength to devtools (#44369)
Always pass `ownPropertiesLength` to devtools Testing: All tests are passing Fixes: part of #39858 Signed-off-by: atbrakhi <atbrakhi@igalia.com> Co-authored-by: eri <eri@igalia.com> |
||
|
Manuel Rego
|
2cdbada97b |
Template for roadmap issues (#44398)
As discussed on [Zulip](https://servo.zulipchat.com/#narrow/channel/263398-general/topic/Roadmap/with/580266351), this is a new template for tracking roadmap issues. Testing: No needed, just a GitHub issue template. Signed-off-by: Manuel Rego Casasnovas <rego@igalia.com> |
||
|
Taym Haddadi
|
5ac8bf4db3 |
Implement StorageManager API (#43976)
Add the Storage Standard WebIDL for NavigatorStorage and StorageManager, wire navigator.storage on Window and Worker, and implement persisted(), persist(), and estimate(). Testing: covered by WP test. part of #39100 fixes #39101 --------- Signed-off-by: Taym Haddadi <haddadi.taym@gmail.com> |
||
|
Shubham Gupta
|
d1e3e8080c |
script: Correctly apply resource timing buffer limit (#44228)
Strictly follow the [specs](https://w3c.github.io/resource-timing/#performance-can-add-resource-timing-entry) Also fires the performance resource timing earlier to match WPT expectations. Testing: More WPT tests Passed. --------- Signed-off-by: Shubham Gupta <shubham.gupta@chromium.org> |
||
|
Kingsley Yung
|
4a5fe14788 |
script: Canonicalization of sanitizer configuration (#44335)
Implement the canonicalization of sanitizer configuration, along with the canonicalization of element with attributes, element, attribute and name. They are implemented for the `SanitizerConfig`, `SanitizerElementWithAttributes`, `SanitizerElement` and `SanitizerAttribute`, through the `SantiizerConfigAlgorithm`, `Canonicalization` and `NameCanonicalization` trait. Note that, in the canonicalization of sanitizer configuration, the steps related to processing instructions are marked as TODO. The feature of supporting process instructions has just been added to the specification recently, and the WPT tests are not yet in place. We will add this support once the tests are ready. `SanitizerElementWithAttributes`, `SanitizerElement` and `SanitizerAttribute` are unions of string and dictionary. This makes accessing its member fields cumbersome. So, the `NameMember` and `AttributeMember` trait are added to provide helper function for them to reduce boilerplate code. Specification: - https://wicg.github.io/sanitizer-api/#sanitizer-canonicalize-the-configuration - https://wicg.github.io/sanitizer-api/#canonicalize-a-sanitizer-element-with-attributes - https://wicg.github.io/sanitizer-api/#canonicalize-a-sanitizer-element - https://wicg.github.io/sanitizer-api/#canonicalize-a-sanitizer-attribute - https://wicg.github.io/sanitizer-api/#canonicalize-a-sanitizer-name Testing: Covered by WPT tests in `sanitizer-api/` subdirectory. Fixes: Part of #43948 --------- Signed-off-by: Kingsley Yung <kingsley@kkoyung.dev> |
||
|
dependabot[bot]
|
9ba9916bad |
build: bump aws-lc-rs from 1.16.2 to 1.16.3 (#44379)
Bumps [aws-lc-rs](https://github.com/aws/aws-lc-rs) from 1.16.2 to 1.16.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/aws/aws-lc-rs/releases">aws-lc-rs's releases</a>.</em></p> <blockquote> <h2>aws-lc-rs v1.16.3</h2> <h2>What's Changed</h2> <ul> <li>Key length validation in <code>UnboundCipherKey::new()</code> now enforced at runtime by <a href="https://github.com/justsmth"><code>@justsmth</code></a> in <a href="https://redirect.github.com/aws/aws-lc-rs/pull/1092">aws/aws-lc-rs#1092</a> <ul> <li>The documented error on key length mismatch was never actually checked. Streaming cipher constructors also relied on <code>debug_assert_eq!</code> which gets stripped in release builds — these are now runtime checks.</li> </ul> </li> <li>Support MSAN and TSAN sanitizer builds via <code>AWS_LC_SYS_SANITIZER</code> environment variable by <a href="https://github.com/justsmth"><code>@justsmth</code></a> in <a href="https://redirect.github.com/aws/aws-lc-rs/pull/1100">aws/aws-lc-rs#1100</a> <ul> <li>Accepts <code>asan</code>, <code>msan</code>, or <code>tsan</code>. The existing <code>asan</code> feature flag continues to work.</li> </ul> </li> </ul> <h3>Build Improvements</h3> <ul> <li>Follow symlinks when classifying include directory entries by <a href="https://github.com/cmtm"><code>@cmtm</code></a> in <a href="https://redirect.github.com/aws/aws-lc-rs/pull/1071">aws/aws-lc-rs#1071</a> <ul> <li>Fixes builds under Bazel (and other build systems) where source files in <code>CARGO_MANIFEST_DIR</code> are symlinks into a content-addressable store.</li> </ul> </li> <li>Improve clang-cl discovery for Windows ARM64 builds by <a href="https://github.com/justsmth"><code>@justsmth</code></a> in <a href="https://redirect.github.com/aws/aws-lc-rs/pull/1060">aws/aws-lc-rs#1060</a> <ul> <li>The build script now discovers <code>clang-cl</code> inside Visual Studio installations rather than requiring it on <code>PATH</code>.</li> </ul> </li> <li>Fix Windows ARM64 FIPS build: pass correct architecture to <code>vcvarsall.bat</code> by <a href="https://github.com/justsmth"><code>@justsmth</code></a> in <a href="https://redirect.github.com/aws/aws-lc-rs/pull/1075">aws/aws-lc-rs#1075</a></li> <li>Strip LTO flags from CFLAGS for FIPS builds by <a href="https://github.com/skmcgrail"><code>@skmcgrail</code></a> in <a href="https://redirect.github.com/aws/aws-lc-rs/pull/1087">aws/aws-lc-rs#1087</a> <ul> <li>Build environments like RPM mock chroots (e.g. AL2023) that export <code>-flto=auto</code> in CFLAGS would break the FIPS delocator pipeline.</li> </ul> </li> <li>MSVC: Fix builtin swap intrinsic check to avoid link-time failures by <a href="https://github.com/walter-zeromatter"><code>@walter-zeromatter</code></a> in <a href="https://redirect.github.com/aws/aws-lc-rs/pull/1086">aws/aws-lc-rs#1086</a></li> <li>MSVC: Add jitterentropy <code>src</code> subdirectory to include search path by <a href="https://github.com/walter-zeromatter"><code>@walter-zeromatter</code></a> in <a href="https://redirect.github.com/aws/aws-lc-rs/pull/1085">aws/aws-lc-rs#1085</a></li> <li>MSVC: Use 8.3 short paths on Windows to avoid MAX_PATH limits by <a href="https://github.com/walter-zeromatter"><code>@walter-zeromatter</code></a> in <a href="https://redirect.github.com/aws/aws-lc-rs/pull/1081">aws/aws-lc-rs#1081</a></li> </ul> <h3>Issues Being Closed</h3> <ul> <li>Clarify that build needs to run from VS Developer shell for Windows builds -- <a href="https://redirect.github.com/aws/aws-lc-rs/issues/1056">aws/aws-lc-rs#1056</a></li> <li>Add MSAN (MemorySanitizer) support, matching existing ASAN support -- <a href="https://redirect.github.com/aws/aws-lc-rs/issues/1077">aws/aws-lc-rs#1077</a></li> <li>aws-lc-sys fails to compile on iOS arm64 with Clang 15.0.7: undeclared ioctl in urandom.c -- <a href="https://redirect.github.com/aws/aws-lc-rs/issues/1068">aws/aws-lc-rs#1068</a></li> </ul> <h2>Other Merged PRs</h2> <ul> <li>Prepare aws-lc-sys v0.39.1 by <a href="https://github.com/justsmth"><code>@justsmth</code></a> in <a href="https://redirect.github.com/aws/aws-lc-rs/pull/1080">aws/aws-lc-rs#1080</a></li> <li>Bump aws-lc-fips-sys to v0.13.14 by <a href="https://github.com/skmcgrail"><code>@skmcgrail</code></a> in <a href="https://redirect.github.com/aws/aws-lc-rs/pull/1088">aws/aws-lc-rs#1088</a></li> <li>CI: Harden artifact workflows and update action versions by <a href="https://github.com/justsmth"><code>@justsmth</code></a> in <a href="https://redirect.github.com/aws/aws-lc-rs/pull/1091">aws/aws-lc-rs#1091</a></li> <li>Bump actions/checkout from 4 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/aws/aws-lc-rs/pull/1096">aws/aws-lc-rs#1096</a></li> <li>Bump actions/setup-go from 4 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/aws/aws-lc-rs/pull/1095">aws/aws-lc-rs#1095</a></li> <li>Bump codecov/codecov-action from 4 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/aws/aws-lc-rs/pull/1094">aws/aws-lc-rs#1094</a></li> <li>Prepare aws-lc-rs v1.16.3 by <a href="https://github.com/justsmth"><code>@justsmth</code></a> in <a href="https://redirect.github.com/aws/aws-lc-rs/pull/1098">aws/aws-lc-rs#1098</a></li> <li>Prepare aws-lc-sys v0.40.0 by <a href="https://github.com/justsmth"><code>@justsmth</code></a> in <a href="https://redirect.github.com/aws/aws-lc-rs/pull/1099">aws/aws-lc-rs#1099</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/cmtm"><code>@cmtm</code></a> made their first contribution in <a href="https://redirect.github.com/aws/aws-lc-rs/pull/1071">aws/aws-lc-rs#1071</a></li> <li><a href="https://github.com/walter-zeromatter"><code>@walter-zeromatter</code></a> made their first contribution in <a href="https://redirect.github.com/aws/aws-lc-rs/pull/1086">aws/aws-lc-rs#1086</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/aws/aws-lc-rs/compare/v1.16.2...v1.16.3">https://github.com/aws/aws-lc-rs/compare/v1.16.2...v1.16.3</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
93e413093f |
build: bump tokio from 1.52.0 to 1.52.1 in the tokio-rs-related group (#44377)
Bumps the tokio-rs-related group with 1 update: [tokio](https://github.com/tokio-rs/tokio). Updates `tokio` from 1.52.0 to 1.52.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/tokio/releases">tokio's releases</a>.</em></p> <blockquote> <h2>Tokio v1.52.1</h2> <h1>1.52.1 (April 16th, 2026)</h1> <h2>Fixed</h2> <ul> <li>runtime: revert <a href="https://redirect.github.com/tokio-rs/tokio/issues/7757">#7757</a> to fix [a regression]<a href="https://redirect.github.com/tokio-rs/tokio/issues/8056">#8056</a> that causes <code>spawn_blocking</code> to hang (<a href="https://redirect.github.com/tokio-rs/tokio/issues/8057">#8057</a>)</li> </ul> <p><a href="https://redirect.github.com/tokio-rs/tokio/issues/7757">#7757</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7757">tokio-rs/tokio#7757</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/8056">#8056</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/8056">tokio-rs/tokio#8056</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/8057">#8057</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/8057">tokio-rs/tokio#8057</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
c04dc7e77b |
build: bump uuid from 1.23.0 to 1.23.1 (#44380)
Bumps [uuid](https://github.com/uuid-rs/uuid) from 1.23.0 to 1.23.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/uuid-rs/uuid/releases">uuid's releases</a>.</em></p> <blockquote> <h2>v1.23.1</h2> <h2>What's Changed</h2> <ul> <li>Remove deprecated <code>msrv</code> feature from wasm-bindgen dependency by <a href="https://github.com/guybedford"><code>@guybedford</code></a> in <a href="https://redirect.github.com/uuid-rs/uuid/pull/877">uuid-rs/uuid#877</a></li> <li>fix: Timestamp::from_gregorian deprecation note by <a href="https://github.com/aznashwan"><code>@aznashwan</code></a> in <a href="https://redirect.github.com/uuid-rs/uuid/pull/878">uuid-rs/uuid#878</a></li> <li>Prepare for 1.23.1 release by <a href="https://github.com/KodrAus"><code>@KodrAus</code></a> in <a href="https://redirect.github.com/uuid-rs/uuid/pull/879">uuid-rs/uuid#879</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/guybedford"><code>@guybedford</code></a> made their first contribution in <a href="https://redirect.github.com/uuid-rs/uuid/pull/877">uuid-rs/uuid#877</a></li> <li><a href="https://github.com/aznashwan"><code>@aznashwan</code></a> made their first contribution in <a href="https://redirect.github.com/uuid-rs/uuid/pull/878">uuid-rs/uuid#878</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/uuid-rs/uuid/compare/v1.23.0...v1.23.1">https://github.com/uuid-rs/uuid/compare/v1.23.0...v1.23.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
e33b20e445 |
build: bump orbclient from 0.3.51 to 0.3.53 (#44382)
Bumps orbclient from 0.3.51 to 0.3.53. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |