Chromium Weekly Summary

Chromium Weekly: 2025 Week 48

Overview

This week saw a massive volume of changes, with 2140 relevant commits out of 2680 total. Development was marked by an exceptionally high number of breaking changes to core C++, Java, and public web APIs, requiring significant attention from embedders. Major themes include the enabling of the network service sandbox on Windows, continued refactoring of identity and sign-in components, and advancements in CSS features like Masonry (renamed to grid-lanes).

Major Breaking Changes

⚠️ BREAKING BREAKING CHANGE: The network service sandbox is now enabled by default on Windows. This major security enhancement significantly restricts the privileges of the network process and may break embedders who rely on the previous unsandboxed behavior for custom network integrations. (c6bd7f0)
⚠️ BREAKING BREAKING CHANGE: The chrome.browsingData extension API can no longer be used to delete passwords. Calls to removePasswords or remove with the "passwords" datatype will now be a no-op, representing a significant behavioral change for a stable extension API. (9fb257e)
⚠️ BREAKING BREAKING CHANGE: Core identity management APIs have been refactored. The public AccountInfo::hosted_domain field has been removed across C++ and Mojo, requiring the use of accessor methods. Additionally, the SigninClient interface has a new pure virtual method, GetOAuthConsumerFromId. (da1dfa4) (a77b9c6) (3428bfe) (5657390)
⚠️ BREAKING BREAKING CHANGE: The native Cronet API has been fully removed. All exported Cronet_* entry points are no longer available from the shared library, breaking any projects that link against it. (89965a4)
⚠️ BREAKING BREAKING CHANGE: On Android, the public Java method TabModelOrchestrator.getTabModelSelector() now correctly returns @Nullable. Consumers must now handle a potential null return value to prevent runtime exceptions. (b933824)
⚠️ BREAKING BREAKING CHANGE: The Chrome DevTools Protocol (CDP) moved the StyleSheetId type from the CSS domain to the DOM domain. CDP clients that interact with stylesheets must update their domain references. (23a0a9f)
⚠️ BREAKING BREAKING CHANGE: Numerous C++ and Java APIs saw breaking signature changes, including the removal of CanvasResourceProvider::GLContext(), the removal of base::win::GenericScopedHandle::IsValid(), and changes to net::CacheEncryptionDelegate::Init and gpu::ValueValidator to use modern types like base::OnceCallback and base::span. (5a28a27) (a6bff80) (1d7e43b) (94185a3)

Web Platform & APIs

The experimental CSS Masonry feature has been renamed to grid-lanes to align with specification changes. Concurrently, initial support for the random() CSS function has been implemented. (54e0c23) (67fef76) (4de93da) (87aa6cc)
The WindowControlsOverlay API has been enabled by default on Android, allowing PWAs to draw content into the title bar area for a more integrated app-like experience. (450df2e)
The WebNN API on Windows will now use the ONNX Runtime (ORT) backend by default, replacing the previous DirectML implementation. (3c0defa)
Speculation rules have been updated to support prerendering on form submissions via a new form_submission field, enabling faster navigations after a user submits a form. (b392716)
The CSS pseudo-element ::search-text for styling find-in-page results has been enabled by default. (cc8be7c)

Security & Privacy

Code related to the "privacy budget" identifiability study has been removed. Additionally, the Shared Storage API has been formally deprecated, and enterprise policies for the Topics API were deprecated ahead of its removal. (0e49a82) (7f86b6c) (d400432) (d9ee6f7)
Passkey support continues to mature, with significant progress on iOS credential validation and assertion handling. A generic CredentialSorter was also introduced to unify the sorting of passkeys and passwords on desktop and Android. (b25cb50) (2d29cc9) (3186314) (979c489)
The internal HTTP cache has been upgraded to use SHA-256 instead of SHA-1 for tracking no-store keys. This change is currently behind the kHttpCacheUseSha256 feature flag. (76846c5)
A new DNS-over-HTTPS (DoH) provider, "DNS4EU", was added for users in the European Union. (84aec82)

Android & iOS

A significant behavioral change was made on Android to delete Incognito windows upon closure, reverting a previous change that made them restorable. (6793084)
On iOS, the legacy share extension receiver, service, and factory have been removed as part of a major refactor of content sharing. (3e900c5) (bc8e30c) (600ff42)
On Android, tab restoration logic is being refactored out of TabStateStore into a new TabRestorer class to improve modularity. (4ca1217) (27d1638) (ec7da97)

Developer Tools & Infrastructure

A new UI has been added to chrome://inspect that allows developers to toggle a remote debugging "approval mode", providing more explicit control over inspection. (2748580) (2e576ad) (6a4ce7b)
A large-scale, automated refactoring replaced coarse-grained #pragma allow_unsafe_buffers with more granular UNSAFE_TODO() markers throughout the gpu/ directory to improve memory safety analysis. (319e918) (b8be193) (224caf1)
The Linux installer scripts (build.sh) for Debian and RPM packages have been ported to Python for better maintainability and robustness. (f963b7c)

Daily Summaries (7)

2025-11-23: Chromium Digest: 2025-11-23 (0 commits)
2025-11-24: Chromium Digest: 2025-11-24 (0 commits)
2025-11-25: Chromium Digest: 2025-11-25 (0 commits)
2025-11-26: Chromium Digest: 2025-11-26 (0 commits)
2025-11-27: Chromium Digest: 2025-11-27 (333 commits)
2025-11-28: Chromium Digest: 2025-11-28 (0 commits)
2025-11-29: Chromium Digest: 2025-11-29 (0 commits)