We did a study of this a few years ago[1] and the code for the instrumentation is available on github[2], the data is dated but you can see a cross section of popular apps and how far behind they were lagging over a 3 year period on page 11 of the pdf. Re: child comment, our main concern in this research was patched vulnerabilities persisting in electron apps and how damaging that could be. Details in the paper :)

1. https://www.usenix.org/system/files/usenixsecurity24-ali.pdf 2. https://github.com/masood/inspectron

I've been working on this over the years. WIP is here: https://github.com/captn3m0/electron-survey, and it doesn't look good.

I keep getting distracted by side-quests. The last one was building an Electron Zoo, and the current one is doing accurate SBOMs for each electron version.

I imagine that looks pretty bad. On the other hand, Electron apps often aren't running untrusted code, which makes it quite a bit harder to exploit.

Isn’t the thread model for these desktop apps entirely different?

Just wanted to write the same comment!

Yes and also stable isn't the only maintained branch of Chromium, there's also extended stable (currently 146.x). LTS exists too (144.x), but I believe it's meant only for ChromeOS.

In a perfect world, there would be a stable version of chrome, that would get fixes, but would crucially not get the new features that introduce new vulnerabilities. Not a fun job, I know, but with today’s coding agents it wouldn’t even be an unreasonable ask.

More like 4 weeks than 2.

https://chromestatus.com/roadmap

On the topic of accessibility, the contrast of the text in the "up to date" bubbles is very low. I can barely see the yellow one, let alone read it without significant eye strain.

Firefox's dev tools have an Accessibility tab where you can see warnings about low contrast and simulate different forms of color blindness.

It has text supporting the color, so it's fine.

Red/green is the most common way to show bad/good, error/success, etc.

Using any other color scheme would just confuse everyone instead of only colorblind people... how would that be any better?

Thanks, fixed now.

and Ungoogled Chromium

Helium rocks!

qutebrowser would be nice too.

I second this motion.

It's not but given that Perplexity doesn't have an API and blocks automated downloads, I'm not sure what else to use. Explained in the docs: https://github.com/ShivanKaul/chromium-drift/blob/main/docs/...

    curl -sS -X POST -H 'Content-Type: application/json' -d '{"request":{"protocol":"4.0","updater":"CometUpdater","updaterversion":"0","os":{"platform":"win","version":"10","arch":"x64"},"apps":[{"appid":"{42e10078-e377-4166-965f-c14ad958a146}","version":"0.0.0.0","updatechecks":[{}]}]}}' https://www.perplexity.ai/rest/browser/update2 | sed "s/^)]}'//" | jq -r '.response.apps[0].updatecheck.nextversion'

Firefox has its own forks, by the way: GNU IceWeasel → IceCat, LibreWolf etc.

Which user?

A lot of people are stuck with safari on iOS where there's not even another browser since apple bans them.

People choose to download Chrome over firefox, to ditch their custom browser engine (microsoft & opera) in favor of chromium.

We've centralized development effort on a large open source project.

Why exactly is this really really bad?

I find the safari situation bad because I can't use various web standards, it's closed source, etc, but the chromium one doesn't bother me. I just install firefox.

What fingerprinting? What does this have to do with anything?

> lawmakers US/EU/Anywhere else, should force all browsers to actively block fingerprinting.

That won't happen.