diff --git a/commits.txt b/commits.txt new file mode 100644 index 000000000..eebb72715 --- /dev/null +++ b/commits.txt @@ -0,0 +1,5166 @@ +>>> 2025-10-01T06:39:36Z +-https://github.com/servo/servo/pull/39595 (@dependabot[bot], @dependabot[bot], #39595) build(deps): bump the napi-ohos-related group with 5 updates (#39595) + # Bumps the napi-ohos-related group with 5 updates: + # | Package | From | To | + # | --- | --- | --- | + # | [napi-derive-ohos](https://github.com/ohos-rs/ohos-rs) | `1.1.0` | `1.1.1` | + # | [napi-ohos](https://github.com/ohos-rs/ohos-rs) | `1.1.0` | `1.1.1` | + # | [napi-build-ohos](https://github.com/ohos-rs/ohos-rs) | `1.1.0` | `1.1.1` | + # | [napi-derive-backend-ohos](https://github.com/ohos-rs/ohos-rs) | `1.1.0` | `1.1.1` | + # | [napi-sys-ohos](https://github.com/ohos-rs/ohos-rs) | `1.1.0` | `1.1.1` | + # Updates `napi-derive-ohos` from 1.1.0 to 1.1.1 + # Commits + # c1a45ba Bump version (#152) + # 3a8e753 feat: allow use zigbuild to build target (#151) + # e9d0fce feat: allow check napi-ohos version (#150) + # 978c808 fix: support new type for generation (#149) + # 9c722e7 Merge pull request #148 from ohos-rs/feat-0929 + # 4e600a4 Merge branch 'main' into feat-0929 + # cdccff7 chore(cli): add support for x86_64-pc-windows-gnu (#2935) + # 445ee37 chore(deps): update dependency lerna to v9 (#2937) + # f6e023c chore(deps): update yarn to v4.10.3 (#2936) + # e5ba267 ci: reduce cache (#2933) + # Additional commits viewable in compare view + # Updates `napi-ohos` from 1.1.0 to 1.1.1 + # Commits + # c1a45ba Bump version (#152) + # 3a8e753 feat: allow use zigbuild to build target (#151) + # e9d0fce feat: allow check napi-ohos version (#150) + # 978c808 fix: support new type for generation (#149) + # 9c722e7 Merge pull request #148 from ohos-rs/feat-0929 + # 4e600a4 Merge branch 'main' into feat-0929 + # cdccff7 chore(cli): add support for x86_64-pc-windows-gnu (#2935) + # 445ee37 chore(deps): update dependency lerna to v9 (#2937) + # f6e023c chore(deps): update yarn to v4.10.3 (#2936) + # e5ba267 ci: reduce cache (#2933) + # Additional commits viewable in compare view + # Updates `napi-build-ohos` from 1.1.0 to 1.1.1 + # Release notes + # Sourced from napi-build-ohos's releases. + # ohrs@1.1.1 + # What's Changed + # fix: character mistake by @​niuhuan in ohos-rs/ohos-rs#142 + # Bump version by @​richerfu in ohos-rs/ohos-rs#143 + # fix(windows): use link-arg instead of link-args to support spaces in paths by @​FabianLars in ohos-rs/ohos-rs#144 + # Bump version by @​richerfu in ohos-rs/ohos-rs#145 + # Sync api by @​richerfu in ohos-rs/ohos-rs#148 + # fix: support new type for generation by @​richerfu in ohos-rs/ohos-rs#149 + # feat: allow check napi-ohos version by @​richerfu in ohos-rs/ohos-rs#150 + # feat: allow use zigbuild to build target by @​richerfu in ohos-rs/ohos-rs#151 + # Bump version by @​richerfu in ohos-rs/ohos-rs#152 + # New Contributors + # @​niuhuan made their first contribution in ohos-rs/ohos-rs#142 + # @​FabianLars made their first contribution in ohos-rs/ohos-rs#144 + # Full Changelog: https://github.com/ohos-rs/ohos-rs/compare/ohrs@1.1.0...ohrs@1.1.1 + # Commits + # c1a45ba Bump version (#152) + # 3a8e753 feat: allow use zigbuild to build target (#151) + # e9d0fce feat: allow check napi-ohos version (#150) + # 978c808 fix: support new type for generation (#149) + # 9c722e7 Merge pull request #148 from ohos-rs/feat-0929 + # 4e600a4 Merge branch 'main' into feat-0929 + # cdccff7 chore(cli): add support for x86_64-pc-windows-gnu (#2935) + # 445ee37 chore(deps): update dependency lerna to v9 (#2937) + # f6e023c chore(deps): update yarn to v4.10.3 (#2936) + # e5ba267 ci: reduce cache (#2933) + # Additional commits viewable in compare view + # Updates `napi-derive-backend-ohos` from 1.1.0 to 1.1.1 + # Commits + # c1a45ba Bump version (#152) + # 3a8e753 feat: allow use zigbuild to build target (#151) + # e9d0fce feat: allow check napi-ohos version (#150) + # 978c808 fix: support new type for generation (#149) + # 9c722e7 Merge pull request #148 from ohos-rs/feat-0929 + # 4e600a4 Merge branch 'main' into feat-0929 + # cdccff7 chore(cli): add support for x86_64-pc-windows-gnu (#2935) + # 445ee37 chore(deps): update dependency lerna to v9 (#2937) + # f6e023c chore(deps): update yarn to v4.10.3 (#2936) + # e5ba267 ci: reduce cache (#2933) + # Additional commits viewable in compare view + # Updates `napi-sys-ohos` from 1.1.0 to 1.1.1 + # Release notes + # Sourced from napi-sys-ohos's releases. + # ohrs@1.1.1 + # What's Changed + # fix: character mistake by @​niuhuan in ohos-rs/ohos-rs#142 + # Bump version by @​richerfu in ohos-rs/ohos-rs#143 + # fix(windows): use link-arg instead of link-args to support spaces in paths by @​FabianLars in ohos-rs/ohos-rs#144 + # Bump version by @​richerfu in ohos-rs/ohos-rs#145 + # Sync api by @​richerfu in ohos-rs/ohos-rs#148 + # fix: support new type for generation by @​richerfu in ohos-rs/ohos-rs#149 + # feat: allow check napi-ohos version by @​richerfu in ohos-rs/ohos-rs#150 + # feat: allow use zigbuild to build target by @​richerfu in ohos-rs/ohos-rs#151 + # Bump version by @​richerfu in ohos-rs/ohos-rs#152 + # New Contributors + # @​niuhuan made their first contribution in ohos-rs/ohos-rs#142 + # @​FabianLars made their first contribution in ohos-rs/ohos-rs#144 + # Full Changelog: https://github.com/ohos-rs/ohos-rs/compare/ohrs@1.1.0...ohrs@1.1.1 + # Commits + # c1a45ba Bump version (#152) + # 3a8e753 feat: allow use zigbuild to build target (#151) + # e9d0fce feat: allow check napi-ohos version (#150) + # 978c808 fix: support new type for generation (#149) + # 9c722e7 Merge pull request #148 from ohos-rs/feat-0929 + # 4e600a4 Merge branch 'main' into feat-0929 + # cdccff7 chore(cli): add support for x86_64-pc-windows-gnu (#2935) + # 445ee37 chore(deps): update dependency lerna to v9 (#2937) + # f6e023c chore(deps): update yarn to v4.10.3 (#2936) + # e5ba267 ci: reduce cache (#2933) + # Additional commits viewable in compare view + # Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger + # a rebase manually by commenting `@dependabot rebase`. + # [//]: # (dependabot-automerge-start) + # [//]: # (dependabot-automerge-end) +https://github.com/servo/servo/pull/39546 (@simonwuelker, #39546) Move XPath implementation into its own crate (#39546) + # XPath (and, in the future, XSLT) is only loosely coupled to `script`. As `script` is already very large, I'd like + # to move the xpath parser and evaluator into a seperate crate. Doing so allows us to iterate on it more easily, + # without having to recompile `script`. Abstracting over the concrete DOM implementation could also allow us to + # write some more comprehensive unit tests. + # Testing: Covered by existing web platform tests + # Part of https://github.com/servo/servo/issues/34527 + # Fixes https://github.com/servo/servo/issues/39551 +https://github.com/servo/servo/pull/39501 (@mrobinson, #39501) servoshell: Do not override HiDPI ratio when taking screenshots (#39501) + # This override is meant to force reftests to always run with a device + # pixel ratio of 1.0. Reftests are always run in headless mode which uses + # a device pixel ratio of 1.0 regardless (unless you override it). + # Removing this particular override allows taking screenshots in the + # system DPI when taking them in headed mode, which is actually a bit + # useful. + # Testing: A test verifying the old behavior is removed. This causes + # `/css/pixel_snapping_position_a.html` to start passing. +https://github.com/servo/servo/pull/39586 (@mrobinson, #39586) libservo: Re-export types that are used by servoshell (#39586) + # servoshell should not depend on internal Servo crates. Instead, + # `libervo` should re-export any types that are used by embedders. This + # change does that re-export for private types currently used by + # servoshell. + # Testing: This just changes the way types are imported, so curent tests should suffice. +https://github.com/servo/servo/pull/39506 (@tharkum, #39506) html: Allow legacy referrer policies only for referrer (#39506) + # Follow the HTML specification and allow to use legacy referrer policies + # (never/default/always/origin-when-crossorigin) only with 'meta' referrer. + # See https://html.spec.whatwg.org/multipage/#meta-referrer (step 5) + # While for another HTML elements with 'referrerpolicy' content attribute + # (https://html.spec.whatwg.org/multipage/#referrer-policy-attribute) + # and for 'Referrer-Policy' HTTP header + # (https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-header-dfn) + # the referrer policy should be determine from the standard policy tokens + # (https://w3c.github.io/webappsec-referrer-policy/#referrer-policy). + # So unknown policy values (legacy from meta-referrer) will be ignored + # and determine as 'ReferrerPolicy::EmptyString'. + # Testing: No changes + # Fixes: #36833 +https://github.com/servo/servo/pull/36322 (@Loirooriol, #36322) layout: Let min/max constraints avoid collapsing bottom margins (#36322) + # When `block-size` was intrinsic and there was no block-end padding or margin, we were allowing the block-end margin + # of the box to collapse with the block-end margin of its contents. + # However, due to `min-block-size` or `max-block-size`, the final size can be different than the intrinsic size of + # the contents. In that case it didn't make any sense to collapse end margins, only WebKit does it too. + # This patch takes the final size into account, like Gecko and Blink. This is under discussion in + # https://github.com/w3c/csswg-drafts/issues/12218, but for now we will match Blink. + # Testing: 2 tests are now passing. There is also 1 new failure, but that test only passes in WebKit and I don't + # agree with it. + # Fixes: #36321 +https://github.com/servo/servo/pull/39589 (@mrobinson, #39589) script: Use `conditional_malloc_size_of` for `Rc` types on `Window` (#39589) + # This allows measuring the size of these types conditionally rather than + # ignoring them. + # Testing: This modifies which things are measured by `MallocSizeOf` which + # isn't covered by tests. +https://github.com/servo/servo/pull/39588 (@simonwuelker, #39588) script: Remove unreachable assertions in xpath parser (#39588) + # `relative_path_expr` can only ever return `Expr::Path`. If we make it return a `PathExpr` then callers can rely + # on this invariant. + # Testing: There's only limited testing for this change due to https://github.com/servo/servo/issues/39551. But I + # think that's okay, since the change is fairly trivial. + # Part of https://github.com/servo/servo/issues/34527 +https://github.com/servo/servo/pull/39583 (@mrobinson, @delan, #39583) libservo: Add a `WebView::take_screenshot()` API and use it for reftests (#39583) + # This change adds a new API to the `WebView` for capturing screenshots. + # This makes it possible to: + # - use the reftest waiting infrastructure via the API + # easily. + # - take more than a single screenshot in one Servo run. + # - take screenshots, but still paint the `WebView` normally prior + # to the moment that the screenshot is ready, instead of preventing + # all non-screenshot-ready paints while taking a screenshot. + # In addition, the previous infrastructure, the `wait_for_stable_image` + # option is removed completely. + # Testing: This change is tested by the passing of the WPT tests, + # as they commonly use the screenshot feature. +https://github.com/servo/servo/pull/39502 (@shubhamg13, #39502) compositor: Add Paint Metric events to Perfetto Traces (#39502) + # > Some metrics like TimeToFirstPaint and TimeToFirstContentfulPaint are only in the HTML traces. [See + # this](https://github.com/servo/perf-analysis-tools?tab=readme-ov-file#how-to-analyse-a-single-servo-sample) + # In order to analyse the performance and refine [perf-analysis-tools](https://github.com/servo/perf-analysis-tools) + # we need these metrics to be added to Perfetto also. + # Testing: Verified by using Perfetto traces +https://github.com/servo/servo/pull/39571 (@Loirooriol, #39571) layout: Avoid negative corner radii values for border-radius (#39571) + # The `border-radius` property provides the radii for the border box. For the curvature of the padding and content + # boxes, we then subtract the border and padding sizes. However, we weren't flooring the result by zero, which could + # make the background completely disappear when using `background-clip: padding-box` or `background-clip: content-box`. + # Testing: Adding 4 new tests, but 2 of them fail in both Servo and Firefox. + # Fixes: #39540 +https://github.com/servo/servo/pull/39585 (@Gae24, #39585) script: move testbinding DOM interfaces to script/dom/test (#39585) + # Move testbinding interfaces to it's own module, to avoid cluttering dom folder. + # Testing: A successful build is enough + # Part of #38901 +https://github.com/servo/servo/pull/39568 (@mrobinson, #39568) layout: Ensure that the `Epoch` stored in layout is accurate (#39568) + # The first epoch is 0 as that is the one used in the initial transaction, + # but the code was setting the first `Epoch` to `Epoch(1)`. This means that + # when layout advanced the epoch, the `Epoch` of the first produced + # display list was `Epoch(2)`. + # This change makes the value reflected in `current_epoch` actually match + # the index of the display list produced. In addition, we always store + # this epoch in `PipelineDetails` in the renderer. This will be important + # when adding the `WebView::take_screenshot` API. + # Testing: This should not change behavior, so is covered by existing tests which + # rely on proper `Epoch` advancement. +https://github.com/servo/servo/pull/39544 (@RichardTjokroutomo, @jdm, @yezhizhen, #39544) script: Add line number argument to module script compilation functions (#39544) + # Script: added ```line_no``` as argument to both ```fetch_inline_module_script()``` & ```compile_module_script()``` + # to fix the inline script reporting wrong line issue ([#39415](https://github.com/servo/servo/issues/39415)). + # Originally, the function ```compile_module_script()``` hardwires the value 1 when invoking + # ```CompileOptionsWrapper::new()```. This is fine if the script is written in separate JS file, but for inline + # scripts, it will cause confusion if the `````` tag doesn't start from line #1. + # ```line_no``` is obtained from ```line_number```, a member variable from ```HTMLScriptElement```. + # Credits to @jdm for actually pointing out which functions to fix. + # Testing: Created a WPT test for this change, specifically: + # ```tests/wpt/tests/html/semantics/scripting-1/the-script-element/module/evaluation-error-5.html```. + # Fixes: issue [#39415](https://github.com/servo/servo/issues/39415) +-https://github.com/servo/servo/pull/39578 (@dependabot[bot], @dependabot[bot], #39578) build(deps): bump backtrace from 0.3.75 to 0.3.76 (#39578) + # Bumps [backtrace](https://github.com/rust-lang/backtrace-rs) from 0.3.75 to 0.3.76. + # Release notes + # Sourced from backtrace's releases. + # backtrace-v0.3.76 + # Behavior + # Fix inverted polarity of "full printing" logic in rust-lang/backtrace-rs#726: + # Previously we used to do the opposite of what you would expect. + # Platform Support + # Windows: Removed hypothetical soundness risk from padding bytes in rust-lang/backtrace-rs#737 + # Fuchsia: Added appropriate alignment checks during Elf_Nhdr parsing in rust-lang/backtrace-rs#725 + # Cygwin: Added support in rust-lang/backtrace-rs#704 + # Windows (32-bit Arm): Restore support in rust-lang/backtrace-rs#685 + # NuttX (32-bit Arm): Use builtin _Unwind_GetIP in rust-lang/backtrace-rs#692 + # RTEMS: Enable libunwind in rust-lang/backtrace-rs#682 + # Dependencies + # Update cpp_demangle to 0.5 in rust-lang/backtrace-rs#732 + # Update memchr to 2.7.6 in rust-lang/backtrace-rs#734 + # Switch from windows-targets to windows-link in rust-lang/backtrace-rs#727 + # Update ruzstd to 0.8.1 in rust-lang/backtrace-rs#718 + # Update object to 0.37 in rust-lang/backtrace-rs#718 + # Update addr2line to 0.25 in rust-lang/backtrace-rs#718 + # Changelog + # Sourced from backtrace's changelog. + # 0.3.76 - 2025-09-26 + # Behavior + # Fix inverted polarity of "full printing" logic in rust-lang/backtrace-rs#726: + # Previously we used to do the opposite of what you would expect. + # Platform Support + # Windows: Removed hypothetical soundness risk from padding bytes in rust-lang/backtrace-rs#737 + # Fuchsia: Added appropriate alignment checks during Elf_Nhdr parsing in rust-lang/backtrace-rs#725 + # Cygwin: Added support in rust-lang/backtrace-rs#704 + # Windows (32-bit Arm): Restore support in rust-lang/backtrace-rs#685 + # NuttX (32-bit Arm): Use builtin _Unwind_GetIP in rust-lang/backtrace-rs#692 + # RTEMS: Enable libunwind in rust-lang/backtrace-rs#682 + # Dependencies + # Update cpp_demangle to 0.5 in rust-lang/backtrace-rs#732 + # Update memchr to 2.7.6 in rust-lang/backtrace-rs#734 + # Switch from windows-targets to windows-link in rust-lang/backtrace-rs#727 + # Update ruzstd to 0.8.1 in rust-lang/backtrace-rs#718 + # Update object to 0.37 in rust-lang/backtrace-rs#718 + # Update addr2line to 0.25 in rust-lang/backtrace-rs#718 + # Commits + # 775f6a1 modify CHANGELOG.md to not be a git log dump + # bb0cdc3 chore: release v0.3.76 + # a8b55f0 Merge of rust-lang/backtrace-rs#725: Fix missing alignment check for ELF note... + # 0b83800 Expand take_nhdr doc-comment + # a405950 Merge pull request #737 from workingjubilee/address-dbghelp-soundness-risks + # 06dca9a Expand doc-comment on do_resolve + # 05ad047 Remove padding bytes risk in dbghelp with MaybeUninit + # dccdb4d Upgrade cpp_demanglerust-lang/backtrace-rs#732 + # 50fe434rust-lang/backtrace-rs#734 + # 79d3514 Switch from windows-targets to windows-linkrust-lang/backtrace-rs#727 + # Additional commits viewable in compare view + # [![Dependabot compatibility + # score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=backtrace&package-manager=carg + # o&previous-version=0.3.75&new-version=0.3.76)](https://docs.github.com/en/github/managing-security-vulnerabilities/about + # -dependabot-security-updates#about-compatibility-scores) + # Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger + # a rebase manually by commenting `@dependabot rebase`. + # [//]: # (dependabot-automerge-start) + # [//]: # (dependabot-automerge-end) +https://github.com/servo/servo/pull/39564 (@kkoyung, #39564) script: Return cached object from `CryptoKey.usages` getter (#39564) + # Create and store a cached object in `CryptoKey` for the `[[usages]]` internal slot when the key is created or + # when its `[[usages]]` internal slot is updated. The getter can then return the cached object as specified in + # https://w3c.github.io/webcrypto/#dom-cryptokey-usages, instead of creating a new object on each call. + # Testing: Pass WPT tests that were expected to fail. +-https://github.com/servo/servo/pull/39579 (@dependabot[bot], @dependabot[bot], #39579) build(deps): bump camino from 1.2.0 to 1.2.1 (#39579) + # Bumps [camino](https://github.com/camino-rs/camino) from 1.2.0 to 1.2.1. + # Release notes + # Sourced from camino's releases. + # camino 1.2.1 + # Fixed + # Replaced obsolete doc_auto_cfg with doc_cfg, to fix Rust nightly builds with the doc_cfg flag enabled. + # Changelog + # Sourced from camino's changelog. + # [1.2.1] - 2025-09-29 + # Fixed + # Replaced obsolete doc_auto_cfg with doc_cfg, to fix Rust nightly builds with the doc_cfg flag enabled. + # Commits + # 28e15db [camino] version 1.2.1 + # f32d994 prepare release + # ea187e4 remove doc_auto_cfg (#114) + # b0c8086 remove references to dead features from README + # See full diff in compare view + # [![Dependabot compatibility + # score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=camino&package-manager=cargo&p + # revious-version=1.2.0&new-version=1.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-depe + # ndabot-security-updates#about-compatibility-scores) + # Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger + # a rebase manually by commenting `@dependabot rebase`. + # [//]: # (dependabot-automerge-start) + # [//]: # (dependabot-automerge-end) +-https://github.com/servo/servo/pull/39580 (@dependabot[bot], @dependabot[bot], #39580) build(deps): bump cc from 1.2.38 to 1.2.39 (#39580) + # Bumps [cc](https://github.com/rust-lang/cc-rs) from 1.2.38 to 1.2.39. + # Changelog + # Sourced from cc's changelog. + # 1.2.39 - 2025-09-26 + # Other + # Fix cross compilation to xtensa-esp32s3-espidf (#1569) + # Fix autodetect_wasi_compiler: support non utf-8 path (#1568) + # Regenerate target info (#1567) + # Fix rustcflags mapping: require -Clinker-plugin-lto for -flto (#1564) + # Use $WASI_SDK_PATH on WASI targets by default (#1562) + # Fix atomicity violations in concurrent cache operations (#1559) + # Commits + # f53e817 chore(cc): release v1.2.39 (#1570) + # 6d3e241 Fix cross compilation to xtensa-esp32s3-espidf (#1569) + # b083806 Fix autodetect_wasi_compiler: support non utf-8 path (#1568) + # 53997ac Regenerate target info (#1567) + # 9347e45 Fix rustcflags mapping: require -Clinker-plugin-lto for -flto (#1564) + # 9a2e7ce Use $WASI_SDK_PATH on WASI targets by default (#1562) + # d740f9b Fix atomicity violations in concurrent cache operations (#1559) + # See full diff in compare view + # [![Dependabot compatibility + # score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cc&package-manager=cargo&previ + # ous-version=1.2.38&new-version=1.2.39)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-depend + # abot-security-updates#about-compatibility-scores) + # Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger + # a rebase manually by commenting `@dependabot rebase`. + # [//]: # (dependabot-automerge-start) + # [//]: # (dependabot-automerge-end) +>>> 2025-10-02T06:16:06Z +https://github.com/servo/servo/pull/39614 (@cpedraza@unal.edu.co, #39614) unit test: Remove unused import in fonts (#39614) + # Remove unused import (`use base::generic_channel;`) + # Testing: Clippy ran successfully, no tests added + # Fixes: #39609 +https://github.com/servo/servo/pull/39612 (@Loirooriol, #39612) Upgrade Stylo to 2025-10-01 (#39612) + # This continues #39150 + # Changelog: + # - Upstream: + # https://github.com/servo/stylo/compare/fd700321ccc0434b09bc641099e8761d67733913...b98470a5cbd3792db79366ec1559d72231ef2 + # c1f + # - Servo fixups: + # https://github.com/servo/stylo/compare/1040a20611a125ef120082158340bbafa2e2ff66...4ba7bdb4040a909bf3d6e326b229602c93014 + # 618 + # Stylo tracking issue: https://github.com/servo/stylo/issues/247 +-https://github.com/servo/servo/pull/39613 (@dependabot[bot], @dependabot[bot], #39613) build(deps): bump rustls-webpki from 0.103.6 to 0.103.7 (#39613) + # Bumps [rustls-webpki](https://github.com/rustls/webpki) from 0.103.6 to 0.103.7. + # Release notes + # Sourced from rustls-webpki's releases. + # 0.103.7 + # New feature: Add KeyPurposeId::to_decoded_oid() to help external ExtendedKeyUsageValidators fill + # RequiredEkuNotFoundContext::present. + # What's Changed + # Warn on unnameable types by @​djc in rustls/webpki#387 + # Expose KeyPurposeId::to_decoded_oid() by @​djc in rustls/webpki#385 + # Fix --cfg docsrs uses by @​ctz in rustls/webpki#390 + # Full Changelog: https://github.com/rustls/webpki/compare/v/0.103.6...v/0.103.7 + # Commits + # 94d957c Bump version to 0.103.7 + # 33ae0f4 Update semver-compatible dependencies + # d65302e Expose KeyPurposeId::to_decoded_oid() + # 79679a0 Remove use of doc_auto_cfg + # 785edcc Avoid use of docsrs cfg + # 4e836cf Warn on unnameable types + # See full diff in compare view + # [![Dependabot compatibility + # score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=rustls-webpki&package-manager= + # cargo&previous-version=0.103.6&new-version=0.103.7)](https://docs.github.com/en/github/managing-security-vulnerabilities + # /about-dependabot-security-updates#about-compatibility-scores) + # Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger + # a rebase manually by commenting `@dependabot rebase`. + # [//]: # (dependabot-automerge-start) + # [//]: # (dependabot-automerge-end) +https://github.com/servo/servo/pull/39519 (@minghuaw, #39519) fonts: Initial draft of synthetic bold face for FreeType (#39519) + # This is an initial attempt at implementing synthetic bold face for font families that lack actual bold faces. The + # overall approach borrowed implementations from Chromium and FireFox. WPT expectations will be updated after + # https://github.com/servo/stylo/pull/244 lands + # Testing: There are existing WPT testcases for font synthesis (`wpt/css/css-fonts/font-synthesis-*`) + # Depends on: https://github.com/servo/stylo/pull/244 +https://github.com/servo/servo/pull/39590 (@atbrakhi, #39590) script: Support `keyCode`, `charCode` in KeyboardEvent constructor (#39590) + # Support `keyCode` and `charCode` fields in KeyboardEventInit for Speedometer 3.0 + # Speedometer 3.0 fails because Servo's KeyboardEvent constructor ignores + # keyCode and charCode parameters, hardcoding them to 0. This breaks frameworks + # that check `event.keyCode === 13` for Enter key detection. This is how + # [Speedometer 3.0 dispatches key + # events](https://github.com/WebKit/Speedometer/blob/8d67f28d0281ac4330f283495b7f48286654ad7d/resources/benchmark-runner.m + # js#L166) + # vs [Speedometer 2.0 + # triggerEnter](https://github.com/WebKit/Speedometer/blob/491acc2d64307e655fbeded8c871ef0d07e21997/resources/tests.mjs#L6 + # 0). + # Speedometer 3.0 uses the modern KeyboardEvent constructor but passes + # [legacy fields like keyCode and charCode](https://w3c.github.io/uievents/#legacy-dictionary-KeyboardEventInit) + # in the init dictionary for backwards + # compatibility with older frameworks(for example: backbone.js) + # This change uncomments the legacy KeyboardEventInit fields and updates + # the constructor to read them from the init dictionary instead of + # hardcoding to 0. + # Testing: No new tests added. + # Fixes: part of https://github.com/servo/servo/issues/16719 + # Servo running Speedometer3.0 successfully +https://github.com/servo/servo/pull/39605 (@mrobinson, #39605) servodriver: Use the `wpt-prefs.json` file when running servoshell (#39605) + # These preferences are necessary in order for tests to run properly in + # servodriver. + # Testing: This causes more tests to pass when WPT is run with `--product servodriver` +https://github.com/servo/servo/pull/39587 (@delan, @mrobinson, #39587) webdriver: Use `take_screenshot()` API in Take (Element) Screenshot (#39587) + # WPT tests require us to reliably take screenshots when + # test pages are fully loaded and testing is complete, and the WPT runner uses + # [test-wait.js](https://github.com/servo/servo/blob/a2f551eb2dda6ca35262d1c4a3b3f8d27f9ffdb5/tests/wpt/tests/tools/wptrun + # ner/wptrunner/executors/test-wait.js) + # to do this in userland. when testing Servo with [--product + # servo](https://github.com/servo/servo/blob/a2f551eb2dda6ca35262d1c4a3b3f8d27f9ffdb5/tests/wpt/tests/tools/wptrunner/wptr + # unner/executors/executorservo.py), + # we use servoshell’s --output option, which backs that + # up with more reliable waiting in Servo. but when testing Servo with [--product + # servodriver](https://github.com/servo/servo/blob/a2f551eb2dda6ca35262d1c4a3b3f8d27f9ffdb5/tests/wpt/tests/tools/wptrunne + # r/wptrunner/executors/executorservodriver.py), + # we use the WebDriver Take Screenshot action, which currently takes the screenshot immediately. we think this might + # be a source of regressions. + # this patch makes the WebDriver actions Take Screenshot and Take Element Screenshot use the same new + # WebView::take_screenshot() API as servoshell’s --output option, such that those actions now wait for [a variety of + # conditions](https://github.com/servo/servo/blob/a2f551eb2dda6ca35262d1c4a3b3f8d27f9ffdb5/components/servo/webview.rs#L59 + # 6-L602) + # that may affect test output. it’s not clear if this is [conformant](https://w3c.github.io/webdriver/#screen-capture), + # so we may want to refine this to only wait when running tests at some point. other changes: + # - we remove the retry loop where we try to take a screenshot every second for up to 30 seconds + # - we send the result as a image::RgbaImage over crossbeam without shared memory (it’s not cross-process) + # - we now handle the zero-sized element case directly in the WebDriver server + # Testing: This should fix some flaky tests. + # Fixes: #36715. + # Fixes: (partially) #39180. + # Fixes: (partially) #34683. +https://github.com/servo/servo/pull/39603 (@delan, @mrobinson, #39603) Update expectations for `--product servodriver` (#39603) + # this patch updates the expectations for tests that use testdriver.js, which currently only work with `--product + # servodriver` (#34683), running the tests with #39587. + # expectations for all other tests, which don’t use testdriver.js, are unaffected. + # Testing: this patch updates test expectations, though the tests are not yet run in CI +https://github.com/servo/servo/pull/39511 (@Narfinger, #39511) OHOS CI: Abort early when speedometer crashes in test-speedometer-ohos (#39511) + # Check for the pid of servo for test-speedometer-ohos to see if it did not crash and abort early if it crashed. + # Testing: Ran test-speedometer-ohos with closing servo and without closing servo on the phone. + # Fixes: https://github.com/servo/servo/issues/37742 +https://github.com/servo/servo/pull/39594 (@simonwuelker, #39594) xpath: Remove XML QName validation (#39594) + # *Most* of the properties that were verified here were already verified by the xpath parser before. I have not found + # any evidence that other browsers do the remaining checks. There are web platform tests that expect contradicting + # behavior (which pass in other browsers). + # Additionally, this change switches `xpath` to use `markup5ever` instead of `html5ever` - this is a drop-in + # replacement. I thought I did this as part of https://github.com/servo/servo/pull/39546 but apparently the change + # got lost in the rebasing. + # Testing: A new web platform test starts to pass. + # Fixes https://github.com/servo/servo/issues/39442 + # Part of #34527 + # cc @minghuaw +https://github.com/servo/servo/pull/39591 (@mrobinson, @Loirooriol, #39591) layout: Clone static position rectangles when caching in `IndependentFormattingContext` (#39591) + # Hoisted absolutes that are cached in IndependentFormattingContexts may + # have their HoistedSharedFragment reused between layouts. This means + # that the original value of the adjusted static positioning rectangles + # need to be preserved in cache. This change makes it so that these values + # are cloned when being retrieved from the cache. Further adjustments up + # the tree will now no longer affected the version in teh cache. + # Testing: This should cause `/_mozilla/css/stacked_layers.html` to no longer + # be flaky. + # Fixes: #39548. + # Fixes: #39439. +-https://github.com/servo/servo/pull/39597 (@dependabot[bot], @dependabot[bot], #39597) build(deps): bump zeroize from 1.8.1 to 1.8.2 (#39597) + # Bumps [zeroize](https://github.com/RustCrypto/utils) from 1.8.1 to 1.8.2. + # Commits + # c100874 zeroize v1.8.2 (#1229) + # 3940ccb Switch from doc_auto_cfg to doc_cfg (#1228) + # c68a520 Fix Nightly warnings (#1080) + # b15cc6c cargo: point repository metadata to clonable URLs (#1079) + # 3db6690 zeroize: fix homepage/repository in Cargo.toml (#1076) + # See full diff in compare view + # [![Dependabot compatibility + # score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=zeroize&package-manager=cargo& + # previous-version=1.8.1&new-version=1.8.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dep + # endabot-security-updates#about-compatibility-scores) + # Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger + # a rebase manually by commenting `@dependabot rebase`. + # [//]: # (dependabot-automerge-start) + # [//]: # (dependabot-automerge-end) +-https://github.com/servo/servo/pull/39599 (@dependabot[bot], @dependabot[bot], @yezhizhen, #39599) build(deps): bump keyboard-types from 0.8.1 to 0.8.2 (#39599) + # Bumps [keyboard-types](https://github.com/rust-windowing/keyboard-types) from 0.8.1 to 0.8.2. + # Release notes + # Sourced from keyboard-types's releases. + # v0.8.2 + # Added + # Added convenience constructors KeyboardEvent::key_down and KeyboardEvent::key_up: #89 + # Fixed + # Fixed NumpadEqual and Pause code and Numpad location for WebDriver: #87 + # Full Changelog: https://github.com/rust-windowing/keyboard-types/compare/v0.8.1...v0.8.2 + # Commits + # 1581323 Release v0.8.2 + # 3c6c17e Add KeyboardEvent::key_down and KeyboardEvent::key_up constructors. + # 4ef7eb2 Split lib.rs into multiple files + # 417aaf8 Fix NumpadEqual and Pause code and location + # df9265a Update URLs + # See full diff in compare view + # [![Dependabot compatibility + # score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=keyboard-types&package-manager + # =cargo&previous-version=0.8.1&new-version=0.8.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/ab + # out-dependabot-security-updates#about-compatibility-scores) + # Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger + # a rebase manually by commenting `@dependabot rebase`. + # [//]: # (dependabot-automerge-start) + # [//]: # (dependabot-automerge-end) +-https://github.com/servo/servo/pull/39598 (@dependabot[bot], @dependabot[bot], #39598) build(deps): bump aws-lc-sys from 0.32.1 to 0.32.2 (#39598) + # Bumps [aws-lc-sys](https://github.com/aws/aws-lc-rs) from 0.32.1 to 0.32.2. + # Commits + # 4b35869 Prepare aws-lc-sys v0.32.2 (#901) + # e2c9bc3 Failure when CFLAGS provides -O3 (#900) + # cea4296 Adds AES CBC mode no padding (#895) + # See full diff in compare view + # [![Dependabot compatibility + # score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=aws-lc-sys&package-manager=car + # go&previous-version=0.32.1&new-version=0.32.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/abou + # t-dependabot-security-updates#about-compatibility-scores) + # Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger + # a rebase manually by commenting `@dependabot rebase`. + # [//]: # (dependabot-automerge-start) + # [//]: # (dependabot-automerge-end) +>>> 2025-10-03T06:10:51Z +https://github.com/servo/servo/pull/39549 (@TimvdLippe, #39549) Add style as potential preload destination (#39549) + # This was missed during the previous implementation and was the reason that the CSP tests weren't working. + # It also updates a test to ensure that audio and video are not preloaded. No browsers do that and with this fix, + # the test now passes in Chrome. In Firefox it still fails as it doesn't implement `.vtt` support. + # Part of #35035 +-https://github.com/servo/servo/pull/39640 (@dependabot[bot], @dependabot[bot], #39640) build(deps): bump keyboard-types from 0.8.2 to 0.8.3 (#39640) + # Bumps [keyboard-types](https://github.com/rust-windowing/keyboard-types) from 0.8.2 to 0.8.3. + # Release notes + # Sourced from keyboard-types's releases. + # v0.8.3 + # Fixed + # Fixed building documentation on docs.rs: rust-windowing/keyboard-types#93 + # Full Changelog: https://github.com/rust-windowing/keyboard-types/compare/v0.8.2...v0.8.3 + # Commits + # 24446d6 Release v0.8.3 + # a7ac3be Use doc_cfg instead of doc_auto_cfg + # 3e4024b Update Readme + # See full diff in compare view + # [![Dependabot compatibility + # score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=keyboard-types&package-manager + # =cargo&previous-version=0.8.2&new-version=0.8.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/ab + # out-dependabot-security-updates#about-compatibility-scores) + # Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger + # a rebase manually by commenting `@dependabot rebase`. + # [//]: # (dependabot-automerge-start) + # [//]: # (dependabot-automerge-end) +-https://github.com/servo/servo/pull/39639 (@dependabot[bot], @dependabot[bot], #39639) build(deps): bump anstream from 0.6.20 to 0.6.21 (#39639) + # Bumps [anstream](https://github.com/rust-cli/anstyle) from 0.6.20 to 0.6.21. + # Commits + # f7aff1c chore: Release + # 5a5a5f7 docs: Update changelog + # 6f6fe80 Merge pull request #275 from epage/inner + # df887e2 feat(anstream): Provide read-only access to inner stream + # 4735bcc Merge pull request #274 from epage/update + # 4ceec1c chore: Update dependencies + # 08712d9 Merge pull request #273 from rust-cli/renovate/actions-checkout-5.x + # 9988a6c style: Fix spelling + # 0d23a06 chore(deps): Update actions/checkout action to v5 + # 14dd743 chore: Release + # Additional commits viewable in compare view + # [![Dependabot compatibility + # score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=anstream&package-manager=cargo + # &previous-version=0.6.20&new-version=0.6.21)](https://docs.github.com/en/github/managing-security-vulnerabilities/about- + # dependabot-security-updates#about-compatibility-scores) + # Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger + # a rebase manually by commenting `@dependabot rebase`. + # [//]: # (dependabot-automerge-start) + # [//]: # (dependabot-automerge-end) +https://github.com/servo/servo/pull/39632 (@yezhizhen, #39632) webdriver: Clean-up `actions.rs` (#39632) + # Some clean-up before picking up #37046 again. + # - Remove some dead code clippy macro + # - Rename `dispatch_general_action` to `dispatch_pause_action` + # Testing: No behaviour change. +https://github.com/servo/servo/pull/39547 (@TimvdLippe, #39547) Implement `fetchLater` (#39547) + # Allows fetches to be deferred, only in a secure context. It does not yet implement quota computation, since we + # don't have a concept of document quota yet. + # Also update the `fetch/api/idlharness` test to run in a secure context, since this API is only available there. + # Positive Mozilla position: https://github.com/mozilla/standards-positions/issues/703 + # Positive WebKit position: https://github.com/WebKit/standards-positions/issues/85 + # Closes whatwg/fetch#1858 +https://github.com/servo/servo/pull/39477 (@kkoyung, #39477) script: Migrate `digest` operation to use new normalization (#39477) + # Refactoring of the algorithm normalization in #39431 introduces a new algorithm normalization procedure to replace + # the existing one. + # This patch migrates the `digest` operation from using existing `normalize_algorithm_for_digest` function to using + # the new `normalize_algorithm` function. + # Note that the custom type `DigestAlgorithm` has not yet completely removed since other operations like `get key + # length` (not migrated yet) depend on it. It will be removed when those operations are also migrated. + # A minor bug (missing a step) in `normalize_algorithm` is also fixed. + # Testing: Refactoring. Existing WPT tests are enough. + # Fixes: Part of #39368 +https://github.com/servo/servo/pull/39615 (@atouchet, #39615) cargo: Update various non-breaking dependencies (#39615) + # Update various non-breaking dependencies. + # Testing: No tests for dependency updates. +https://github.com/servo/servo/pull/39617 (@arihant2math, #39617) Remove `test_mapping.json` and `python/servo/mutation` (#39617) + # As per #39585. + # >It used to run on our old buildbot CI for a couple years. It was never migrated, and we should clean it up. + # _Originally posted by @jdm in https://github.com/servo/servo/issues/39585#issuecomment-3351054660_ +https://github.com/servo/servo/pull/39584 (@arihant2math, #39584) script: Stubs for geolocation interfaces (#39584) + # Needed for #39526; stubs out all the necessary interface from https://www.w3.org/TR/geolocation/. + # Testing: WPT +>>> 2025-10-04T06:08:15Z +https://github.com/servo/servo/pull/39651 (@atouchet, #39651) Update js-sys and associated dependencies (#39651) + # Update js-sys and associated dependencies. + # Testing: No tests for dependency updates. +https://github.com/servo/servo/pull/39644 (@yezhizhen, #39644) webdriver: Update expectation for `wheel.py` (#39644) + # This test TIMEOUT at a very low frequency: ~ once per three weeks. If not timeout, it passes all 14 sub-tests. It + # is better to update expectation and close the intermittent issue to avoid potential regression. + # Testing: No behaviour change + # Fixes: #39505 +https://github.com/servo/servo/pull/38991 (@mrobinson, @mukilan, #38991) script: Skip running layout when only updating images or canvas (#38991) + # Add a new super-lightweight layout mode that avoids any layout when + # canvas is updated or animated images progress to the next frame. In the + # future this can also be used for video elements. + # Testing: This is a performance optimization, so shouldn't change any + # WPT test results. +https://github.com/servo/servo/pull/39627 (@mrobinson, #39627) script: Share `Epoch` between canvas and layout and update the renderer separately (#39627) + # Before both canvas updates and layout had their own `Epoch`. This change + # makes it so the `Epoch` is shared. This means that display lists might + # have non-consecutive `Epoch`s, but will also allow for the `Epoch` in + # the renderer to update even when no new display list is produced. This + # is important for #38991. In that PR the display list step can be skipped + # for canvas-only updates, but the `Epoch` in the renderer must still + # advance. + # Testing: This shouldn't change the user-observable behavior and is thus covered + # by existing tests. It should prevent flakiness once #38991 lands. +>>> 2025-10-05T06:13:51Z +https://github.com/servo/servo/pull/39642 (@yezhizhen, #39642) webdriver: Implement Pointer ID (#39642) + # This is necessary first step to distinguish pointer sources: "mouse, pen, touch". + # Spec: https://w3c.github.io/webdriver/#dfn-get-a-pointer-id. + # Testing: No behaviour change yet as we still only dispatch pointer type: mouse. + # Fixes: Part of #39264. +https://github.com/servo/servo/pull/39629 (@jdm, #39629) net: Share SVG font database between all image caches in the same process (#39629) + # load_system_fonts is relatively slow, since it needs to scan every font in the system font directories. There's + # no need to repeat this work for every single SVG on a page; we can do it once when creating an image cache in a + # process and reuse that font information for all derived image caches in the same process. + # Testing: Manually verified that pages with SVGs still load. There should be no observable behaviour change in + # WPT tests. +https://github.com/servo/servo/pull/39607 (@mrobinson, #39607) script: Do not show simple dialogs for Windows that cannot show them and normalize newlines (#39607) + # The specification has a list of rules about when [simple dialogs cannot + # be shown][u1]. This change implements that part of the specification and + # also the bits that specify when to noramlize newlines in their messages. + # In addition, it fills in the remaining specification step comments for + # these methods. + # [u1]: https://html.spec.whatwg.org/multipage/#cannot-show-simple-dialogs + # Testing: This causes some CSP tests run via servodriver to start passing. + # Unexpected alert dialogs cause failures in servodriver. +https://github.com/servo/servo/pull/39654 (@webbeef, #39654) doc: update NDK version in build instructions (#39654) + # The build system now requires r28. + # Testing: Follow the steps for an Android build. +>>> 2025-10-06T06:27:38Z +-https://github.com/servo/servo/pull/39673 (@dependabot[bot], @dependabot[bot], #39673) build(deps): bump the objc2-related group with 7 updates (#39673) + # Bumps the objc2-related group with 7 updates: + # | Package | From | To | + # | --- | --- | --- | + # | [objc2-app-kit](https://github.com/madsmtm/objc2) | `0.3.1` | `0.3.2` | + # | [objc2-foundation](https://github.com/madsmtm/objc2) | `0.3.1` | `0.3.2` | + # | [objc2-core-foundation](https://github.com/madsmtm/objc2) | `0.3.1` | `0.3.2` | + # | [objc2-core-graphics](https://github.com/madsmtm/objc2) | `0.3.1` | `0.3.2` | + # | [objc2-core-video](https://github.com/madsmtm/objc2) | `0.3.1` | `0.3.2` | + # | [objc2-io-kit](https://github.com/madsmtm/objc2) | `0.3.1` | `0.3.2` | + # | [objc2-io-surface](https://github.com/madsmtm/objc2) | `0.3.1` | `0.3.2` | + # Updates `objc2-app-kit` from 0.3.1 to 0.3.2 + # Commits + # 8b04944 Merge pull request #536 from madsmtm/new-versions + # a7ca37c Remove production-readyness warning from README + # 611e5f1 Don't require AppKit in UI tests + # 8e3ff12 Fix unstable-c-unwind tests + # cfc226e Fix flaky UI test + # e2abb0d Show diff for UI tests + # 6fef80d Fix tests on aarch64 / with newer LLVM + # 3cfb7c8 Fix doc test on NSMutableDictionary + # 1eb0c10 Bump icrate version 0.0.4 -> 0.1.0 + # 6712bb1 Bump block2 version 0.3.0 -> 0.4.0 + # Additional commits viewable in compare view + # Updates `objc2-foundation` from 0.3.1 to 0.3.2 + # Commits + # 8b04944 Merge pull request #536 from madsmtm/new-versions + # a7ca37c Remove production-readyness warning from README + # 611e5f1 Don't require AppKit in UI tests + # 8e3ff12 Fix unstable-c-unwind tests + # cfc226e Fix flaky UI test + # e2abb0d Show diff for UI tests + # 6fef80d Fix tests on aarch64 / with newer LLVM + # 3cfb7c8 Fix doc test on NSMutableDictionary + # 1eb0c10 Bump icrate version 0.0.4 -> 0.1.0 + # 6712bb1 Bump block2 version 0.3.0 -> 0.4.0 + # Additional commits viewable in compare view + # Updates `objc2-core-foundation` from 0.3.1 to 0.3.2 + # Commits + # 8b04944 Merge pull request #536 from madsmtm/new-versions + # a7ca37c Remove production-readyness warning from README + # 611e5f1 Don't require AppKit in UI tests + # 8e3ff12 Fix unstable-c-unwind tests + # cfc226e Fix flaky UI test + # e2abb0d Show diff for UI tests + # 6fef80d Fix tests on aarch64 / with newer LLVM + # 3cfb7c8 Fix doc test on NSMutableDictionary + # 1eb0c10 Bump icrate version 0.0.4 -> 0.1.0 + # 6712bb1 Bump block2 version 0.3.0 -> 0.4.0 + # Additional commits viewable in compare view + # Updates `objc2-core-graphics` from 0.3.1 to 0.3.2 + # Commits + # 8b04944 Merge pull request #536 from madsmtm/new-versions + # a7ca37c Remove production-readyness warning from README + # 611e5f1 Don't require AppKit in UI tests + # 8e3ff12 Fix unstable-c-unwind tests + # cfc226e Fix flaky UI test + # e2abb0d Show diff for UI tests + # 6fef80d Fix tests on aarch64 / with newer LLVM + # 3cfb7c8 Fix doc test on NSMutableDictionary + # 1eb0c10 Bump icrate version 0.0.4 -> 0.1.0 + # 6712bb1 Bump block2 version 0.3.0 -> 0.4.0 + # Additional commits viewable in compare view + # Updates `objc2-core-video` from 0.3.1 to 0.3.2 + # Commits + # 8b04944 Merge pull request #536 from madsmtm/new-versions + # a7ca37c Remove production-readyness warning from README + # 611e5f1 Don't require AppKit in UI tests + # 8e3ff12 Fix unstable-c-unwind tests + # cfc226e Fix flaky UI test + # e2abb0d Show diff for UI tests + # 6fef80d Fix tests on aarch64 / with newer LLVM + # 3cfb7c8 Fix doc test on NSMutableDictionary + # 1eb0c10 Bump icrate version 0.0.4 -> 0.1.0 + # 6712bb1 Bump block2 version 0.3.0 -> 0.4.0 + # Additional commits viewable in compare view + # Updates `objc2-io-kit` from 0.3.1 to 0.3.2 + # Commits + # 8b04944 Merge pull request #536 from madsmtm/new-versions + # a7ca37c Remove production-readyness warning from README + # 611e5f1 Don't require AppKit in UI tests + # 8e3ff12 Fix unstable-c-unwind tests + # cfc226e Fix flaky UI test + # e2abb0d Show diff for UI tests + # 6fef80d Fix tests on aarch64 / with newer LLVM + # 3cfb7c8 Fix doc test on NSMutableDictionary + # 1eb0c10 Bump icrate version 0.0.4 -> 0.1.0 + # 6712bb1 Bump block2 version 0.3.0 -> 0.4.0 + # Additional commits viewable in compare view + # Updates `objc2-io-surface` from 0.3.1 to 0.3.2 + # Commits + # 8b04944 Merge pull request #536 from madsmtm/new-versions + # a7ca37c Remove production-readyness warning from README + # 611e5f1 Don't require AppKit in UI tests + # 8e3ff12 Fix unstable-c-unwind tests + # cfc226e Fix flaky UI test + # e2abb0d Show diff for UI tests + # 6fef80d Fix tests on aarch64 / with newer LLVM + # 3cfb7c8 Fix doc test on NSMutableDictionary + # 1eb0c10 Bump icrate version 0.0.4 -> 0.1.0 + # 6712bb1 Bump block2 version 0.3.0 -> 0.4.0 + # Additional commits viewable in compare view + # Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger + # a rebase manually by commenting `@dependabot rebase`. + # [//]: # (dependabot-automerge-start) + # [//]: # (dependabot-automerge-end) +-https://github.com/servo/servo/pull/39678 (@dependabot[bot], @dependabot[bot], #39678) build(deps): bump bytemuck from 1.23.2 to 1.24.0 (#39678) + # Bumps [bytemuck](https://github.com/Lokathor/bytemuck) from 1.23.2 to 1.24.0. + # Changelog + # Sourced from bytemuck's changelog. + # bytemuck changelog + # 1.24 + # use new stable avx512 types from rust 1.89 + # impl AnyBitPattern for [MaybeUninit<T: AnyBitPattern>; N] + # bump derive minimum version. + # Commits + # da74816 chore: Release bytemuck version 1.24.0 + # a223779 changelog + # f40b0e4 update dep version to latest. + # abbebe5 chore: Release bytemuck_derive version 1.10.2 + # 6bda8ef changelog. + # d31d92c Extend #[derive(TransparentWrapper)] (#147) + # 3e18072 chore: Release contiguous_bitset version 0.1.2 + # 13f5e70 Bitset debug (#324) + # 1295a37 chore: Release contiguous_bitset version 0.1.1 + # ca7d780 tell clippy to calm down. + # Additional commits viewable in compare view + # [![Dependabot compatibility + # score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bytemuck&package-manager=cargo + # &previous-version=1.23.2&new-version=1.24.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about- + # dependabot-security-updates#about-compatibility-scores) + # Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger + # a rebase manually by commenting `@dependabot rebase`. + # [//]: # (dependabot-automerge-start) + # [//]: # (dependabot-automerge-end) +-https://github.com/servo/servo/pull/39676 (@dependabot[bot], @dependabot[bot], #39676) build(deps): bump bytemuck_derive from 1.10.1 to 1.10.2 (#39676) + # Bumps [bytemuck_derive](https://github.com/Lokathor/bytemuck) from 1.10.1 to 1.10.2. + # Commits + # abbebe5 chore: Release bytemuck_derive version 1.10.2 + # 6bda8ef changelog. + # d31d92c Extend #[derive(TransparentWrapper)] (#147) + # 3e18072 chore: Release contiguous_bitset version 0.1.2 + # 13f5e70 Bitset debug (#324) + # 1295a37 chore: Release contiguous_bitset version 0.1.1 + # ca7d780 tell clippy to calm down. + # 63ab737 more spelling + # f0fbcbd impl AnyBitPattern for arrays of MaybeUninit\<T: AnyBitPattern> (#317) + # 1591096 spelling. + # Additional commits viewable in compare view + # [![Dependabot compatibility + # score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bytemuck_derive&package-manage + # r=cargo&previous-version=1.10.1&new-version=1.10.2)](https://docs.github.com/en/github/managing-security-vulnerabilities + # /about-dependabot-security-updates#about-compatibility-scores) + # Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger + # a rebase manually by commenting `@dependabot rebase`. + # [//]: # (dependabot-automerge-start) + # [//]: # (dependabot-automerge-end) +-https://github.com/servo/servo/pull/39677 (@dependabot[bot], @dependabot[bot], #39677) build(deps): bump lock_api from 0.4.13 to 0.4.14 (#39677) + # Bumps [lock_api](https://github.com/Amanieu/parking_lot) from 0.4.13 to 0.4.14. + # Changelog + # Sourced from lock_api's changelog. + # lock_api - 0.4.14 - 2025-09-30 + # Fixed use of doc_cfg when building on docs.rs. + # Bumped MSRV to 1.71 + # Added #[track_caller] where locking implementations could feasibly need to panic + # Added try_map_or_err to various mutex guards (#480) + # Removed unnecessary build script and autocfg dependency (#474) + # Added missing into_arc(_fair) methods (#472) + # parking_lot - 0.12.4 - 2025-05-29 + # Fix parked upgraders potentially not being woken up after a write lock + # Fix clearing PARKED_WRITER_BIT after a timeout + # parking_lot_core - 0.9.11 - 2025-05-29 + # Use Release/Acquire ordering in thread_parker::windows::Backend::create + # Remove warnings due to new lint on unknown cfgs + # Commits + # d7828ff chore: release + # 73365ad Merge pull request #495 from mbrobbel/doc_auto_cfg + # 0b5585a Replace doc_auto_cfg with doc_cfg + # c7b7dc7 Merge pull request #493 from a1phyr/windows_link + # 07c2d40 Update MSRV to 1.71 + # 345cf7a Switch from windows-targets to windows-link + # eeb186c Merge pull request #491 from AaronKutch/fix_assembly_on_miri + # a7d328e do not use elision on Miri even if feature is enabled + # 739d370 Merge pull request #487 from sola-contrib/replace-winapi + # ed4ae93 Replace winapi with windows-sys in benchmark crate + # Additional commits viewable in compare view + # [![Dependabot compatibility + # score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=lock_api&package-manager=cargo + # &previous-version=0.4.13&new-version=0.4.14)](https://docs.github.com/en/github/managing-security-vulnerabilities/about- + # dependabot-security-updates#about-compatibility-scores) + # Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger + # a rebase manually by commenting `@dependabot rebase`. + # [//]: # (dependabot-automerge-start) + # [//]: # (dependabot-automerge-end) +-https://github.com/servo/servo/pull/39672 (@dependabot[bot], @dependabot[bot], #39672) build(deps): bump the napi-ohos-related group with 5 updates (#39672) + # Bumps the napi-ohos-related group with 5 updates: + # | Package | From | To | + # | --- | --- | --- | + # | [napi-derive-ohos](https://github.com/ohos-rs/ohos-rs) | `1.1.1` | `1.1.3` | + # | [napi-ohos](https://github.com/ohos-rs/ohos-rs) | `1.1.1` | `1.1.3` | + # | [napi-build-ohos](https://github.com/ohos-rs/ohos-rs) | `1.1.1` | `1.1.3` | + # | [napi-derive-backend-ohos](https://github.com/ohos-rs/ohos-rs) | `1.1.1` | `1.1.3` | + # | [napi-sys-ohos](https://github.com/ohos-rs/ohos-rs) | `1.1.1` | `1.1.3` | + # Updates `napi-derive-ohos` from 1.1.1 to 1.1.3 + # Commits + # 05eb077 fix: napi_remove_wrap check the result (#154) + # 860b899 Merge pull request #153 from ohos-rs/feat-1003 + # 7e2aea1 feat: mark example publish false + # 9694170 Bump version + # 1c29ccb fix: example + # 5c3f971 Merge branch 'main' into feat-1003 + # 9df9f89 feat(napi): add on_abort for AbortSignal (#2942) + # 70b66ee fix(cli): bundle empathic (#2946) + # ac118df feat(cli): export more build apis (#2945) + # ab976cd chore(cli): add type imports (#2943) + # Additional commits viewable in compare view + # Updates `napi-ohos` from 1.1.1 to 1.1.3 + # Commits + # 05eb077 fix: napi_remove_wrap check the result (#154) + # 860b899 Merge pull request #153 from ohos-rs/feat-1003 + # 7e2aea1 feat: mark example publish false + # 9694170 Bump version + # 1c29ccb fix: example + # 5c3f971 Merge branch 'main' into feat-1003 + # 9df9f89 feat(napi): add on_abort for AbortSignal (#2942) + # 70b66ee fix(cli): bundle empathic (#2946) + # ac118df feat(cli): export more build apis (#2945) + # ab976cd chore(cli): add type imports (#2943) + # Additional commits viewable in compare view + # Updates `napi-build-ohos` from 1.1.1 to 1.1.3 + # Release notes + # Sourced from napi-build-ohos's releases. + # ohrs@1.1.3 + # What's Changed + # fix: napi_remove_wrap check the result by @​richerfu in ohos-rs/ohos-rs#154 + # Full Changelog: https://github.com/ohos-rs/ohos-rs/compare/ohrs@1.1.2...ohrs@1.1.3 + # ohrs@1.1.2 + # What's Changed + # Sync napi-rs by @​richerfu in ohos-rs/ohos-rs#153 + # Full Changelog: https://github.com/ohos-rs/ohos-rs/compare/ohrs@1.1.1...ohrs@1.1.2 + # Commits + # 05eb077 fix: napi_remove_wrap check the result (#154) + # 860b899 Merge pull request #153 from ohos-rs/feat-1003 + # 7e2aea1 feat: mark example publish false + # 9694170 Bump version + # 1c29ccb fix: example + # 5c3f971 Merge branch 'main' into feat-1003 + # 9df9f89 feat(napi): add on_abort for AbortSignal (#2942) + # 70b66ee fix(cli): bundle empathic (#2946) + # ac118df feat(cli): export more build apis (#2945) + # ab976cd chore(cli): add type imports (#2943) + # Additional commits viewable in compare view + # Updates `napi-derive-backend-ohos` from 1.1.1 to 1.1.3 + # Commits + # 05eb077 fix: napi_remove_wrap check the result (#154) + # 860b899 Merge pull request #153 from ohos-rs/feat-1003 + # 7e2aea1 feat: mark example publish false + # 9694170 Bump version + # 1c29ccb fix: example + # 5c3f971 Merge branch 'main' into feat-1003 + # 9df9f89 feat(napi): add on_abort for AbortSignal (#2942) + # 70b66ee fix(cli): bundle empathic (#2946) + # ac118df feat(cli): export more build apis (#2945) + # ab976cd chore(cli): add type imports (#2943) + # Additional commits viewable in compare view + # Updates `napi-sys-ohos` from 1.1.1 to 1.1.3 + # Release notes + # Sourced from napi-sys-ohos's releases. + # ohrs@1.1.3 + # What's Changed + # fix: napi_remove_wrap check the result by @​richerfu in ohos-rs/ohos-rs#154 + # Full Changelog: https://github.com/ohos-rs/ohos-rs/compare/ohrs@1.1.2...ohrs@1.1.3 + # ohrs@1.1.2 + # What's Changed + # Sync napi-rs by @​richerfu in ohos-rs/ohos-rs#153 + # Full Changelog: https://github.com/ohos-rs/ohos-rs/compare/ohrs@1.1.1...ohrs@1.1.2 + # Commits + # 05eb077 fix: napi_remove_wrap check the result (#154) + # 860b899 Merge pull request #153 from ohos-rs/feat-1003 + # 7e2aea1 feat: mark example publish false + # 9694170 Bump version + # 1c29ccb fix: example + # 5c3f971 Merge branch 'main' into feat-1003 + # 9df9f89 feat(napi): add on_abort for AbortSignal (#2942) + # 70b66ee fix(cli): bundle empathic (#2946) + # ac118df feat(cli): export more build apis (#2945) + # ab976cd chore(cli): add type imports (#2943) + # Additional commits viewable in compare view + # Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger + # a rebase manually by commenting `@dependabot rebase`. + # [//]: # (dependabot-automerge-start) + # [//]: # (dependabot-automerge-end) +https://github.com/servo/servo/pull/39660 (@TimvdLippe, #39660) Define conditional_malloc_size_of for all Rc (#39660) + # This updates all Rc that were ignored for malloc_size_of to use conditional_malloc_size_of, unless the type in + # the Rc itself doesn't support malloc_size. + # Regular expressions used to search for all occurrences: + # ``` + # ignore_malloc_size_of = "Rc.*" + # ignore_malloc_size_of = "Arc.*" + # ``` + # There are a couple left since they have nested Rc, which I don't know how to fix. + # To be able to define these, several new implementations were added to `malloc_size_of/lib.rs` as well as + # `HashMapTracedValues`. + # Testing: if it compiles, it's safe +https://github.com/servo/servo/pull/39656 (@mrobinson, #39656) wpt: Capture test output when running WPT in WebDriver mode (#39656) + # We were capturing test output (such as stack traces) by using the "test" + # key in the data provided to the `process_output` log handler. This + # doesn't work for WebDriver mode because the test runner runs in another + # process entirely and it may reuse Servo executable instances for tests. + # This change maps browser process output to tests using the "browser_pid" + # key that is often provided while in WebDriver mode. + # Testing: This modifies the test harness, so the tests are running tests. + # Fixes: #39176 +https://github.com/servo/servo/pull/39665 (@servo-wpt-sync, #39665) Sync WPT with upstream (05-10-2025) (#39665) + # Automated downstream sync of changes from upstream as of 05-10-2025 + # [no-wpt-sync] +>>> 2025-10-07T06:06:52Z +-https://github.com/servo/servo/pull/39700 (@dependabot[bot], @dependabot[bot], #39700) build(deps): bump diplomat-runtime from 0.8.2 to 0.8.3 (#39700) + # Bumps [diplomat-runtime](https://github.com/rust-diplomat/diplomat) from 0.8.2 to 0.8.3. + # Commits + # 727ce6f Bump to 0.8.3 + # fd59289 Only use wasm_glue on wasm32-unknown-unknown, not WASI (#977) + # See full diff in compare view + # [![Dependabot compatibility + # score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=diplomat-runtime&package-manag + # er=cargo&previous-version=0.8.2&new-version=0.8.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/ + # about-dependabot-security-updates#about-compatibility-scores) + # Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger + # a rebase manually by commenting `@dependabot rebase`. + # [//]: # (dependabot-automerge-start) + # [//]: # (dependabot-automerge-end) +-https://github.com/servo/servo/pull/39697 (@dependabot[bot], @dependabot[bot], #39697) build(deps): bump flate2 from 1.1.2 to 1.1.4 (#39697) + # Bumps [flate2](https://github.com/rust-lang/flate2-rs) from 1.1.2 to 1.1.4. + # Release notes + # Sourced from flate2's releases. + # 1.1.4 + # What's Changed + # use zlibVersion() instead of a const for the version by @​folkertdev in rust-lang/flate2-rs#491 + # Switch from adler2 to simd-adler32 crate when using miniz_oxide backend by @​Shnatsel in rust-lang/flate2-rs#492 + # Correct documentation typo by @​fintelia in rust-lang/flate2-rs#495 + # Use partial flushes with miniz_oxide backend by @​fintelia in rust-lang/flate2-rs#496 + # Undo introducing straight up incorrect documentation by @​Shnatsel in rust-lang/flate2-rs#497 + # Update cloudflare-zlib-sys crate by @​jongiddy in rust-lang/flate2-rs#503 + # Add (de)compress_uninit that accepts &[MaybeUninit<u8>] by @​NobodyXu in rust-lang/flate2-rs#502 + # bump the patch level for a new release by @​Byron in rust-lang/flate2-rs#504 + # New Contributors + # @​fintelia made their first contribution in rust-lang/flate2-rs#495 + # Full Changelog: https://github.com/rust-lang/flate2-rs/compare/1.1.2...1.1.4 + # 1.1.3 + # What's Changed + # use zlibVersion() instead of a const for the version by @​folkertdev in rust-lang/flate2-rs#491 + # Switch from adler2 to simd-adler32 crate when using miniz_oxide backend by @​Shnatsel in rust-lang/flate2-rs#492 + # Correct documentation typo by @​fintelia in rust-lang/flate2-rs#495 + # Use partial flushes with miniz_oxide backend by @​fintelia in rust-lang/flate2-rs#496 + # Undo introducing straight up incorrect documentation by @​Shnatsel in rust-lang/flate2-rs#497 + # Update cloudflare-zlib-sys crate by @​jongiddy in rust-lang/flate2-rs#503 + # Add (de)compress_uninit that accepts &[MaybeUninit<u8>] by @​NobodyXu in rust-lang/flate2-rs#502 + # bump the patch level for a new release by @​Byron in rust-lang/flate2-rs#504 + # New Contributors + # @​fintelia made their first contribution in rust-lang/flate2-rs#495 + # Full Changelog: https://github.com/rust-lang/flate2-rs/compare/1.1.2...1.1.3 + # Commits + # ac412e9 Merge pull request #506 from NobodyXu/patch-1 + # bf0315b Release flste2 1.1.4 + # 350de28 Merge pull request #505 from NobodyXu/patch-1 + # 29552c7 Fix docs.rs build + # 3be6590 Merge pull request #504 from Byron/release + # 7ad1bad bump the patch level for a new release + # 3cae7da Merge pull request #502 from NobodyXu/patch-1 + # ee3d877 Add (de)compress_uninit impl for uninit buffer + # b9afa93 Merge pull request #503 from jongiddy/update-cloudflare-zlib + # cfd60be Update cloudflare-zlib-sys crate + # Additional commits viewable in compare view + # [![Dependabot compatibility + # score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=flate2&package-manager=cargo&p + # revious-version=1.1.2&new-version=1.1.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-depe + # ndabot-security-updates#about-compatibility-scores) + # Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger + # a rebase manually by commenting `@dependabot rebase`. + # [//]: # (dependabot-automerge-start) + # [//]: # (dependabot-automerge-end) +-https://github.com/servo/servo/pull/39695 (@dependabot[bot], @dependabot[bot], #39695) build(deps): bump unicode-width from 0.2.1 to 0.2.2 (#39695) + # Bumps [unicode-width](https://github.com/unicode-rs/unicode-width) from 0.2.1 to 0.2.2. + # Commits + # 9d98411 Publish 0.2.2 (#79) + # 4bba1d1 Support Unicode 17 (#75) + # See full diff in compare view + # [![Dependabot compatibility + # score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=unicode-width&package-manager= + # cargo&previous-version=0.2.1&new-version=0.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/abo + # ut-dependabot-security-updates#about-compatibility-scores) + # Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger + # a rebase manually by commenting `@dependabot rebase`. + # [//]: # (dependabot-automerge-start) + # [//]: # (dependabot-automerge-end) +https://github.com/servo/servo/pull/39690 (@Loirooriol, #39690) layout: Remove some unneeded type annotations (#39690) + # Testing: unneeded, no behavior change +https://github.com/servo/servo/pull/39689 (@Loirooriol, #39689) Test that text with `font-size: 0` has an intrinsic contribution of 0 (#39689) + # The problem reported in #29675 was (accidentally?) fixed by #32278. + # Let's add a test. + # Testing: Adds a new WPT. + # Fixes: #29675 +https://github.com/servo/servo/pull/39688 (@Loirooriol, #39688) layout: Unify line height resolution (#39688) + # Both `flow/inline/line.rs` and `flow/inline/mod.rs` had a function to resolve the `line-height` value. They were + # pretty much the same, except that the former wasn't handling single-line text inputs. But I don't think it matters, + # since the text inside such input can't be styled with `vertical-align: top` or `bottom`. + # Thus this patch unifies the logic. And to simplify the callers, now this function accepts a + # `&InlineContainerStateFlags` instead of a bool for identifying single-line text inputs. + # Testing: There shouldn't be any behavior change. + # This is part of #39664 +https://github.com/servo/servo/pull/39610 (@mrobinson, @Loirooriol, #39610) script: Use CSP sandboxing flags for `