Chromium Weekly Digest Logo

Chromium Weekly Digest

Week 2 of 2026 (2026-01-05 to 2026-01-10)

Chromium Weekly: 2026 Week 2

Overview

This week in Chromium saw an exceptional volume of API-breaking changes across nearly every major component, requiring significant action from embedders. Major architectural shifts include a complete refactor of memory pressure handling and the removal of the Android Monochrome build. Despite the churn, key features like Device Bound Session Credentials and Vertical Tabs saw significant progress, while new web platform APIs like Sanitizer and customizable comboboxes were advanced. This summary covers 2379 relevant commits out of 3211 total across 6 days.

Core Internals & API Modernization

  • ⚠️ BREAKING BREAKING CHANGE: Memory pressure handling was overhauled. The static base::MemoryPressureListener::SetNotificationsSuppressed is replaced by a new RAII-style base::MemoryPressureSuppressionToken. Consequently, numerous classes like FrameEvictionManager, cc::ResourcePool, and HttpNetworkSession no longer inherit from base::MemoryPressureListener, removing their public OnMemoryPressure methods. (63f5b8d) (e45c8ae) (4470afa) (6cbcf51)
  • ⚠️ BREAKING BREAKING CHANGE: Public Mojo Java bindings were refactored, removing SideEffectFreeCloseable, making Interface.Stub a top-level class, and renaming Router.setIncomingMessageReceiver. (d635aa9)
  • ⚠️ BREAKING BREAKING CHANGE: As part of a C++23 migration, the public function base::ByteSwap has been removed from base/numerics/byte_conversions.h. Code must be updated to use the standard std::byteswap. (5869e71)
  • Code modernization efforts continued with a large-scale replacement of base::Contains() with the C++20 std::ranges::contains() across the codebase. (e13cb6a) (f301383) (d696b12)
  • Experimental Rust bindings for Mojo (rustmojo) saw significant progress, with code generation for interfaces and skeleton implementations for Remote and Receiver types. (1faffa0) (f4012f3) (bd47705)

Android

  • ⚠️ BREAKING BREAKING CHANGE: The "Monochrome" build configuration (is_monochrome) has been completely removed from the build system, breaking any downstream projects that relied on it. (763e0f3) (10cf1c5) (5e90c29)
  • ⚠️ BREAKING BREAKING CHANGE: For Cronet embedders, libssl.so and libpki.so are now statically linked into libhttpengine.so, and the BoringSSL library name has been stabilized, breaking builds that linked against the old libraries. (f559d5d) (e5cc378)
  • ⚠️ BREAKING BREAKING CHANGE: A new <meta name="text-scale"> tag was introduced in WebView, which disables global text scaling and text autosizing, potentially altering the rendering of existing content. The WebMessageListener API was also made world-aware, breaking method signatures. (b29d632) (27e7c6f)
  • ⚠️ BREAKING BREAKING CHANGE: Numerous public Java APIs were broken, including changes to TabModel::CreateTab to use std::unique_ptr, the removal of MoveTabUtils, and a major refactor of the Payments API delegate hierarchy. (a69f7fe) (d477c2d) (ac47931) (5774306)
  • ⚠️ BREAKING BREAKING CHANGE: The horizontal mouse scroll direction has been inverted to align with Android's standard "natural scrolling" behavior, a significant user-facing change. (5d4f3a6)
  • Work progressed on zero-copy video capture, with support added for creating shared images from multiplanar AHardwareBuffers and passing metadata to avoid readbacks. (004ddc1) (28ac267) (2922709)

UI & Browser Features

  • ⚠️ BREAKING BREAKING CHANGE: A series of refactors related to "Project Bedrock" and tab strip modernization removed numerous public methods from BrowserView, TabStripController, and BrowserList, such as BrowserView::tabstrip(), TabStripController::GetProfile(), and BrowserList::GetGuestBrowserCount(). (f55ce20) (c30ea98) (83633e5) (2caf7a2)
  • ⚠️ BREAKING BREAKING CHANGE: The TabListInterface gained a new pure virtual method GetTabGroupTabIndices, and the InstanceSwitcherActionsDelegate on Android changed its closeInstance method signature, breaking embedder implementations. (cbf7c2c) (0e94cc8)
  • Development on Vertical Tabs continued, adding drag-and-drop support for tabs within groups and ensuring custom browser themes are correctly applied. (3c34712) (954cc48)
  • Reading Mode received numerous enhancements, including a consolidated appearance menu, improved resilience to renderer crashes, and fixes for UI behavior like hover menus and scrolling. (85a76f0) (9307ef5) (4b0b5f8) (089981c)
  • The chrome.tabGroups API was enabled for desktop Android, and the side panel extension API behavior was changed to no longer fall back to the global panel on sidePanel.close(). (515db69) (cf0517b)

Web Platform & Rendering

  • ⚠️ BREAKING BREAKING CHANGE: The public Blink canvas API was refactored, removing methods like ProduceCanvasResource() and SupportsDirectCompositing() from CanvasResourceProvider and changing the return type of WebGLRenderingContextBase::PaintRenderingResultsToResourceProvider(). (bbf5880) (f68a61a) (fe10434) (2344244)
  • The Sanitizer API and Trusted Types for HTML were enabled by default, making these security features generally available to web developers. (a2adf79) (1b461ee)
  • Support was added for a <datalist> element to act as a popover for a customizable combobox, allowing web authors to fully style the options dropdown. (4da887d)
  • New CSS capabilities were introduced behind flags, including name-only @container queries (e.g., @container (my-container)) and the page-margin-safety descriptor for print contexts. (e8204da) (3cc4f62)
  • A new JPEG XL image decoder was added to the codebase but was quickly reverted due to an ASAN issue. (f9f7212) (abc19ec)
  • Several features were enabled by default to improve performance and provide better attribution, including LongAnimationFrameSourceCharPosition, ReportLayoutShiftRectsInCssPixels, and SeparateDeferModuleScriptTasks. (d514972) (0813098) (e7e02f3)

Networking & Security

  • ⚠️ BREAKING BREAKING CHANGE: The enterprise policy DeveloperToolsAvailabilityAllowlist now implicitly blocks all URLs not on the allowlist when set, a reversal of its previous default-allow behavior. (6b0b832)
  • ⚠️ BREAKING BREAKING CHANGE: The net::BidirectionalStream::Delegate::OnHeadersReceived signature has changed to include a const net::ProxyInfo& parameter, requiring all implementations to be updated. (4b432f4)
  • Significant infrastructure was added to support Device Bound Session Credentials (DBSC), including exposing lifecycle events to DevTools for easier debugging. The underlying Mojo event structure was also refactored. (62e7e23) (d11af9c) (a6fc0d9)
  • To enforce the hardened runtime on macOS, third-party in-process plugins are now blocked by default, with an emergency override switch added. (c54ef9c)
  • The CrashReportStorage API was refactored to use shared memory instead of synchronous IPCs, significantly reducing overhead for sites using the API. (8750c09)
Daily Summaries (6)
← Back to all summaries