Chromium Weekly Digest Logo

Chromium Weekly Digest

Week 47 of 2025 (2025-11-16 to 2025-11-22)

Chromium Weekly: 2025 Week 47

Overview

This week saw a massive volume of changes in Chromium, with 3305 commits landing on the main branch, of which over 1800 were analyzed as relevant. The development was dominated by a wave of breaking API changes and large-scale refactorings aimed at modernizing the codebase, most notably the complete removal of the legacy `blink::Supplementable` pattern. Key advancements were made in CSS features like Anchor Positioning, while several Privacy Sandbox APIs were marked for deprecation, and security was enhanced with new policies and remote debugging controls.

Major Breaking Changes & API Modernization

  • ⚠️ BREAKING BREAKING CHANGE: The foundational blink::Supplementable base class has been completely removed from the engine. This major, multi-day refactoring simplifies object lifetime management but requires significant updates to any downstream code that used this pattern to attach extra data to Blink objects. (de5182b) (801a173) (4c9ba80) (ee79c91)
  • ⚠️ BREAKING BREAKING CHANGE: The public classes content::ResourceContext and content::BrowserOrResourceContext have been removed from the Content API. This simplifies the threading model but breaks embedders who relied on these long-standing classes for IO thread operations. (4752211) (954d496)
  • ⚠️ BREAKING BREAKING CHANGE: The codebase is now standardized on C++20, with the use_cxx17 build variable removed. The PartitionAlloc memory allocator now explicitly requires C++20 for compilation. (e67ce2f) (28c854b)
  • ⚠️ BREAKING BREAKING CHANGE: Skia's public PNG APIs have been migrated from a libpng-based implementation to a new Rust-based one. Embedders must update from SkPngEncoder.h/Decoder.h to the new SkPngRustEncoder.h/Decoder.h APIs. (32b26f0)
  • ⚠️ BREAKING BREAKING CHANGE: Numerous public API signatures were changed, requiring embedder recompilation and code changes. Notable examples include adding a use_capture parameter to WebNode::AddEventListener, removing margin methods from views::BubbleDialogDelegate, and changing content::NavigationHandle::SetRequestHeader to use std::string_view. (35457fe) (3645cfd) (7d6e063)
  • ⚠️ BREAKING BREAKING CHANGE: The obsolete Plugin system's public API surface has been significantly reduced. Methods like PluginService::RefreshPlugins() and PluginService::GetPluginsAsync() have been removed or altered, requiring embedders to migrate to new synchronous methods. (ced68fd) (958d69c) (71852ae)
  • ⚠️ BREAKING BREAKING CHANGE: The Fingerprinting Protection Filter (FPF) feature has been removed entirely, including the public virtual method fingerprinting_protection_ruleset_service() from the core BrowserProcess interface. (d035d43)

Web Platform & Blink Engine

  • CSS Anchor Positioning has been significantly improved to correctly account for CSS transforms on anchor elements. Additionally, position-anchor: none is now supported and serves as the default value. (02c2db1) (f95ef29) (351afdf)
  • ⚠️ BREAKING BREAKING CHANGE: The experimental CSS feature display: masonry has been renamed to display: grid-lanes to align with evolving standards. All related properties have also been renamed, breaking content that used the old masonry-* keywords. (76cc361) (7d1e648) (9809f19)
  • Several Privacy Sandbox APIs have been marked for deprecation. Using the Attribution Reporting API's opt-in JS APIs and HTML attributes, or the document.browsingTopics() API, will now trigger console warnings ahead of their future removal. (d6ce47b) (7403da1)
  • The performance.interactionCount API, which allows websites to measure the total number of user interactions, is now enabled by default and considered a stable feature. (5937143)
  • The text-autospace CSS property, which provides typographic control over spacing between different scripts, is now enabled by default. (aa69938)
  • A new experimental API, streamAppendHTMLUnsafe(), has been added to Element and ShadowRoot. It returns a WritableStream for streaming HTML content into a container, controlled by the DocumentPatching runtime flag. (ac2a153)

Security & Privacy

  • Remote debugging security has been enhanced with a new 'approval-only' mode. When enabled, it disables all HTTP endpoints and requires each new WebSocket connection to be manually approved via a UI dialog. (7c12e9d) (0b9af34) (3d94716)
  • A new IncognitoModeBlocklist enterprise policy has been implemented. This allows administrators to set URL blocking rules that apply specifically to Incognito mode and take precedence over regular profile policies. (97821c4)
  • Work continues on Device-Bound Session Credentials (DBSC), with a new mojo proxy service to allow the sandboxed network process to access the Unexportable Key Service in the browser process. (18b3276) (690d4ed) (49778c4)
  • The loading of external XML entities is now more restricted by default to mitigate XXE vulnerabilities. The parser blocks external entities for general XML contexts while still allowing them for XSLT processing. (a4ebc5c)

Platform-Specific Updates

  • On Android, the android:extractNativeLibs flag has been removed from application manifests. This can improve installation time and reduce device storage usage as native libraries are no longer compressed within the APK. (658806c)
  • On Linux, the browser UI now respects the system-level GTK preference for whether middle-clicking in a text field pastes content from the selection clipboard. (6fa784e) (362c5e8)
  • On iOS, the Incognito SoftLock feature, which requires authentication to view Incognito tabs after leaving the app, has been enabled by default. This follows a major cleanup of legacy session storage code. (3b7b75f) (3903121) (0afdef0)
Daily Summaries (7)
← Back to all summaries