Javascript dependency: Bump electron from 41.3.0 to 41.5.0 in /runtime

[dependabot]

Bumps electron from 41.3.0 to 41.5.0.

Release notes

Sourced from electron's releases.

electron v41.5.0

Release Notes for v41.5.0

Features

• Added app.configureWebAuthn() to enable the Touch ID platform authenticator for WebAuthn on macOS, and a select-webauthn-account session event for choosing between multiple discoverable credentials. #51412 (Also in 42)

Fixes

• Fixed a regression on Windows where frameless windows changed their size after calling setResizable. #51427 (Also in 42)
• Fixed an issue on Windows where a transient UnhookWindowsHookEx failure in setIgnoreMouseEvents(true, { forward: true }) teardown could cause duplicate low-level mouse hooks to be installed on the next activation. #51419 (Also in 42)
• Fixed remote debugging via --remote-debugging-port not working when inspecting from Chrome's chrome://inspect page. The DevTools page would appear empty due to the frontend URL pointing to a CDN that returned 404 for Electron's Chromium builds. #51413

electron v41.4.0

Release Notes for v41.4.0

Features

• Added support for heap profiling via contentTracing.enableHeapProfiling(). #51178 (Also in 42)

Fixes

• Ensured cross-origin fetch() and XHR are blocked for custom protocols registered with supportFetchAPI: true unless corsEnabled: true is also set; cross-origin mode: 'no-cors' requests now receive an opaque response. #51270 (Also in 39, 40, 42)
• Fixed a crash when providing invalid HTTP header names or values in the webRequest.onBeforeSendHeaders() callback. #51365 (Also in 40, 42)
• Fixed a bug that cause offscreen rendering doesn't have valid screen info and unable to get valid result of related media queries.
  • Added webPreference.offscreen.deviceScaleFactor to allow user specify a value, instead of using user's primary display's value. #50375 (Also in 40)
• Fixed a bug where errors would occur when using the Chrome DevTools Fetch API. #51371 (Also in 42)
• Fixed a crash that could occur when an autofill suggestion popup was shown while a window was closing. #51321 (Also in 42)
• Fixed a regression where frameless fullscreen windows had white borders on Windows. #51332 (Also in 42)
• Fixed a renderer crash when a page uses the <geolocation> HTML element. #51373 (Also in 42)
• Fixed an issue where calling contentTracing APIs before app.whenReady() would crash the application. #51352 (Also in 42)
• Fixed an issue where some toast notification properties didn't work as expected in WinRT. #51397 (Also in 42)
• Fixed buggy behavior where Backspace would accept macOS text replacements inside contenteditable elements. #51343 (Also in 40, 42)
• This PR fixes a regression in silent printing where custom DPI values from webContents.print were not honored, causing incorrect output scaling in real-world print flows. #51355 (Also in 42)

Other Changes

• Backported a fix for route_id validation in the GPU command buffer. #51319
• Backported fix in Skia for 495534710. #51264
• Backported security fixes for 492736100, 492668885, 493413432, 493319454, 494158331, 496281816. #51259
• Updated Chromium to 146.0.7680.216. #51382

Commits

• 7f51178 fix: ensure stable bounds on Windows when toggling setResizable for frameless...
• 6ec2b16 fix: use bundled devtools frontend URL for remote debugging (#51413)
• f6ec0df feat: support WebAuthn Touch ID platform authenticator on macOS (#51412)
• 6037d59 fix: preserve mouse hook handle when UnhookWindowsHookEx fails (#51419)
• f4d3708 docs: fix version of deprecation notice (#51422)
• ff343d4 build(deps): bump dorny/paths-filter from 3.0.2 to 4.0.1 (#51410)
• 5562011 chore: bump chromium to 146.0.7680.216 (41-x-y) (#51382)
• c9a1cff fix: dispatch toast action and reply events from WinRT activation path (#51397)
• 8d1475e ci: backport secondary siso patch (#51392)
• 7e0499d feat: support heap profiling in contentTracing (#51178)
• Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
electron	[>= 36.3.a, < 36.4]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)