feat: ensure mas builds of the same application can use safestorage
This change ensures that MAS builds of applications with an equivilant darwin build that share the same name do not fight over access to the same Safe Storage account.
Specifically this changes the account name for app "My App" from "My App" to "My App AppStore" if the app is using a MAS build of Electron.
We attempt to migrate the safe storage key from the old account, if that migration succeeds we delete the old key and move on.
Existing apps that aren't built for the app store should be unimpacted, there is one edge case where a user uses BOTH an AppStore and a darwin build of the same app only one will keep it's access to the safestorage key as during the migration we delete the old account. This is an acceptable edge case as no one should be actively using two versions of the same app.
* build: move from stale GH app to stale action
* Update .github/workflows/stale.yml
Co-authored-by: Jeremy Rose <jeremya@chromium.org>
* Update stale.yml
* Update .github/workflows/stale.yml
Co-authored-by: Jeremy Rose <jeremya@chromium.org>
* Update stale.yml
* Update .github/workflows/stale.yml
Co-authored-by: Jeremy Rose <jeremya@chromium.org>
* Update stale.yml
Co-authored-by: Jeremy Rose <jeremya@chromium.org>
Co-authored-by: Samuel Attard <sattard@salesforce.com>
Co-authored-by: VerteDinde <vertedinde@electronjs.org>
Co-authored-by: Keeley Hammond <khammond@slack-corp.com>
Co-authored-by: Jeremy Rose <jeremya@chromium.org>
Previously, display_id was an empty string, pending Chrome support for
sharing individual screens. Now that this has been added, it is
desirable to have this property set correctly.
Co-authored-by: John Kleinschmidt <jkleinsc@electronjs.org>
* fix: potential exception when calling webFrameMainBinding.fromIdOrNull()
* replace try/catch in getWebFrameForEvent
Co-authored-by: Milan Burda <miburda@microsoft.com>
* docs: changed event.data to data under the message.port in docs
* docs: corrected BrowserWindow wrong usage and change window.messagePort to window.electronMessagePort
* fix: WebAuthn Discoverable Credential (Resident Credential) #33353
Enables support for Webauthn discoverable credentials (aka resident
credentials). This allows users to authenticate without first having to
select or type a username.
To decide if discoverable credentials are supported, the class
'AuthenticatorCommon', in the chrome content code, indirectly calls the
method 'context::WebAuthenticationDelegate.SupportsResidentKeys(..)'.
The default implementation of this returns false, leaving it up to
specific implementations to override.
This change adds a new class 'ElectronWebAuthenticationDelegate' to
subclass 'WebAuthenticationDelegate' and override the behaviour of the
'SupportsResidentKeys' method to return true.
The implementation is copied from the Chrome browser equivalent
'ChromeWebAuthenticationDelegate', though the chrome class includes
other methods that don't seem to be required for this functionality.
The 'ElectronContentClient' class was also updated to store an instance
of 'ElectronWebAuthenticationDelegate', and to provide an accessor
method, GetWebAuthenticationDelegate().
* Remove redundant, commented-out code
* style: comment cleanup
* style: updated comments and formatting based on pull request review
* style: fix lint error on header guard clause
Update security.md
Under "4. Process Sandboxing", it said "For mor information on what `contextIsolation` is..." which was the previous section (copied from there). This updates it to say "For more information on what Process Sandboxing is..."
