To prevent any potential crash/OOM issues with "canvas" element
from "rogue" applications let's apply large size limitations for context
canvas2d's draw target to Servo (similar approach in Firefox/Chromium -
they limits width and height to 32767/65535 pixels).
Fixes: #36155, #34117, #30164, #24710
--
- [x] ./mach build -d does not report any errors
- [x] ./mach test-tidy does not report any errors
- [x] There are tests for these changes
tests/wpt/tests/html/canvas/element/canvas-host/2d.canvas.host.size.large.html
tests/wpt/tests/html/canvas/offscreen/canvas-host/2d.canvas.host.size.large.html
tests/wpt/tests/html/canvas/offscreen/canvas-host/2d.canvas.host.size.large.worker.js
Signed-off-by: Andrei Volykhin <andrei.volykhin@gmail.com>
In the scrollable overflow calcutation, apply CSS transforms to boxes
and scrollable overflow of the descendant. Clip unreachable scrollable
overflow according to it's block start and inline start scrolling
direction. And, renamed `Fragment::scrolling_overflow` to
`Fragment::scrolling_overflow_for_parent` as it was calculating the
scrolling overflow contribution from a child.
Add several WPT tests, testing the transform interaction `rotate`,
`scale`, and `skew` with scrollable overflow. There are several WPT test
that are testing the interaction that not expected from current browsers
implementation according to the spec.
Testing: Existing and new WPT.
Fixes: #36031
---------
Signed-off-by: stevennovaryo <steven.novaryo@gmail.com>
This patch adds support for listing `worker scripts` in `debugger >
source` panel
For example:
```
<!-- test.html -->
<!doctype html><meta charset=utf-8>
<script>
setTimeout(() => {
console.log("inline classic");
new Worker("worker.js");
const blob = new Blob([`console.log("blob worker");`], { type: "text/javascript" });
const blobURL = URL.createObjectURL(blob);
new Worker(blobURL);
}, 2000);
</script>
```
```
// worker.js
console.log("external classic worker");
```
```
./mach run --devtools=6080 http://127.0.0.1:3000/test.html
```
Another example:
```
./mach run --devtools=6080 https://charming.daz.cat/
```
- [x] `./mach build -d` does not report any errors
- [x] `./mach test-tidy` does not report any errors
- [x] These changes partially implement #36027
- [x] These changes require tests, but they are blocked on
https://github.com/servo/servo/issues/36325
---------
Signed-off-by: atbrakhi <atbrakhi@igalia.com>
Bumps [toml_datetime](https://github.com/toml-rs/toml) from 0.6.8 to
0.6.9.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="40210818d7"><code>4021081</code></a>
chore: Release</li>
<li><a
href="33126988a3"><code>3312698</code></a>
chore: Release</li>
<li><a
href="b25da32148"><code>b25da32</code></a>
docs: Update changelog</li>
<li><a
href="884494977f"><code>8844949</code></a>
docs(write): Update base commit</li>
<li><a
href="5406815967"><code>5406815</code></a>
Merge pull request <a
href="https://redirect.github.com/toml-rs/toml/issues/875">#875</a> from
epage/w</li>
<li><a
href="c6479a246c"><code>c6479a2</code></a>
refactor(toml): Pull out ValueSerializer for easier comparison</li>
<li><a
href="8c43cf8903"><code>8c43cf8</code></a>
refactor(toml): Remove redundant non_exhaustive</li>
<li><a
href="268a1f82aa"><code>268a1f8</code></a>
Merge pull request <a
href="https://redirect.github.com/toml-rs/toml/issues/874">#874</a> from
epage/w</li>
<li><a
href="e406f94893"><code>e406f94</code></a>
refactor(toml): Split ser module</li>
<li><a
href="4d782f8cdf"><code>4d782f8</code></a>
refactor(edit): Rely on type alias in ser</li>
<li>Additional commits viewable in <a
href="https://github.com/toml-rs/toml/compare/toml_datetime-v0.6.8...toml_datetime-v0.6.9">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [toml_edit](https://github.com/toml-rs/toml) from 0.22.24 to
0.22.25.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="40210818d7"><code>4021081</code></a>
chore: Release</li>
<li><a
href="33126988a3"><code>3312698</code></a>
chore: Release</li>
<li><a
href="b25da32148"><code>b25da32</code></a>
docs: Update changelog</li>
<li><a
href="884494977f"><code>8844949</code></a>
docs(write): Update base commit</li>
<li><a
href="5406815967"><code>5406815</code></a>
Merge pull request <a
href="https://redirect.github.com/toml-rs/toml/issues/875">#875</a> from
epage/w</li>
<li><a
href="c6479a246c"><code>c6479a2</code></a>
refactor(toml): Pull out ValueSerializer for easier comparison</li>
<li><a
href="8c43cf8903"><code>8c43cf8</code></a>
refactor(toml): Remove redundant non_exhaustive</li>
<li><a
href="268a1f82aa"><code>268a1f8</code></a>
Merge pull request <a
href="https://redirect.github.com/toml-rs/toml/issues/874">#874</a> from
epage/w</li>
<li><a
href="e406f94893"><code>e406f94</code></a>
refactor(toml): Split ser module</li>
<li><a
href="4d782f8cdf"><code>4d782f8</code></a>
refactor(edit): Rely on type alias in ser</li>
<li>Additional commits viewable in <a
href="https://github.com/toml-rs/toml/compare/v0.22.24...v0.22.25">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [web_atoms](https://github.com/servo/html5ever) from 0.1.0 to
0.1.1.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="15d10bf716"><code>15d10bf</code></a>
v0.1.1</li>
<li><a
href="b57243cb76"><code>b57243c</code></a>
Auto merge of <a
href="https://redirect.github.com/servo/html5ever/issues/146">#146</a> -
servo:rustup, r=SimonSapin</li>
<li><a
href="4630ad8a95"><code>4630ad8</code></a>
Upgrade to rustc 1.2.0-nightly (2f5683913 2015-06-18)</li>
<li><a
href="395e39ce7b"><code>395e39c</code></a>
Merge pull request <a
href="https://redirect.github.com/servo/html5ever/issues/145">#145</a>
from kstep/patch-1</li>
<li><a
href="5f8d1e128e"><code>5f8d1e1</code></a>
add documentation link to cargo.toml</li>
<li><a
href="73d3f78e82"><code>73d3f78</code></a>
Auto merge of <a
href="https://redirect.github.com/servo/html5ever/issues/144">#144</a> -
servo:crates.io, r=metajack</li>
<li>See full diff in <a
href="https://github.com/servo/html5ever/compare/v0.1.0...v0.1.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [syn](https://github.com/dtolnay/syn) from 2.0.100 to 2.0.101.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dtolnay/syn/releases">syn's
releases</a>.</em></p>
<blockquote>
<h2>2.0.101</h2>
<ul>
<li>Improve TypeGenerics::as_turbofish to return longer-lived return
value (<a
href="https://redirect.github.com/dtolnay/syn/issues/1861">#1861</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="58336a3fb4"><code>58336a3</code></a>
Release 2.0.101</li>
<li><a
href="f1612cc7cc"><code>f1612cc</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/syn/issues/1861">#1861</a>
from JakobDegen/turbofish</li>
<li><a
href="d04eea1637"><code>d04eea1</code></a>
Fix lifetime on <code>as_turbofish</code></li>
<li><a
href="432b303bd4"><code>432b303</code></a>
Resolve renamed_and_removed_lints warning about match_on_vec_items</li>
<li><a
href="1353d60a3a"><code>1353d60</code></a>
Update test suite to nightly-2025-04-08</li>
<li><a
href="3980ff22bb"><code>3980ff2</code></a>
Improve wording of comment in advance_to implementation</li>
<li><a
href="8328b52319"><code>8328b52</code></a>
Update test suite to nightly-2025-04-05</li>
<li><a
href="1d2e2be40e"><code>1d2e2be</code></a>
Update test suite to nightly-2025-04-03</li>
<li><a
href="2400946a73"><code>2400946</code></a>
Update test suite to nightly-2025-04-02</li>
<li><a
href="114a629a7a"><code>114a629</code></a>
Update test suite to nightly-2025-03-27</li>
<li>Additional commits viewable in <a
href="https://github.com/dtolnay/syn/compare/2.0.100...2.0.101">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This commit modifies layout context to propagate any issues that occur
during image
resolution.
At the moment, when errors occur during image resolution we propagate
None upwards. This
hides any potential issues that may be actionable, for example, we may
want to avoid
trying to load an image that failed to load for whatever reason or has
an invalid url.
This commit instead propagates these errors upwards to consumers where
they may become
actionable. This is part of an investigation into #36679.
Signed-off-by: Astraea Quinn Skoutelli
<astraea.quinn.skoutelli@huawei.com>
Signed-off-by: Astraea Quinn Skoutelli <astraea.quinn.skoutelli@huawei.com>
Per [spec](https://dom.spec.whatwg.org/#concept-node-insert), adoption
of new node should be done while inserting the node. This patch moves
the call site of `adopt` to inside `insert` to match it.
It also rewrites some existing code to better match the spec without any
behavioral changes.
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by
`[X]` when the step is complete, and replace `___` with appropriate
data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix #___ (GitHub issue number if applicable)
<!-- Either: -->
- [X] There are tests for these changes OR
- [ ] These changes do not require tests because ___
<!-- Also, please make sure that "Allow edits from maintainers" checkbox
is checked, so that we can help you if you get stuck somewhere along the
way.-->
<!-- Pull requests that do not address these steps are welcome, but they
will require additional verification as part of the review process. -->
---------
Signed-off-by: Xiaocheng Hu <xiaochengh.work@gmail.com>
Instead of grouping all the `will-change` conditions together, move each
one of them next to the condition for the relevant property.
This avoids the need to call `is_transformable()` multiple times, and
will also be needed for #35391.
Testing: unneeded (no change in behavior)
Signed-off-by: Oriol Brufau <obrufau@igalia.com>
This PR updates the validity state revalidation behavior for radio input
elements, ensuring consistent logic regardless of tree connectivity.
---
**What’s changed:**
- we now always update the validity state.
- Handled more edge cases for disconnected trees, shadow roots, and
cross-tree movement.
- Ensured that radio group updates still trigger when a parent is moved
into a different root.
- Updated test expectations in
`radio-disconnected-group-owner.html.ini`.
---
**Why this matters:**
The updated logic aligns better with the [HTML
specification](https://html.spec.whatwg.org/multipage/input.html#radio-button-group),
especially regarding radio group behavior in disconnected trees or
shadow DOM.
These changes improve validity propagation in scenarios like:
- Appending inputs into a disconnected form
- Shadow roots acting as radio group containers
- Cross-tree movement of radio buttons
---
**Tests:**
- Modified `radio-disconnected-group-owner.html.ini`
- Removed a test that now passes
- Added a failing test expectation caused by a spec bug: the fragment
parsing algorithm uses the connected tree for HTML set via `innerHTML`,
affecting radio group computation
---
**Spec reference:**
https://html.spec.whatwg.org/multipage/input.html#radio-button-group
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by
`[X]` when the step is complete, and replace `___` with appropriate
data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report an errors
- [ ] These changes fix #
<!-- Either: -->
- [X] There are tests for these changes
Signed-off-by: Emmanuel Paul Elom <elomemmanuel007@gmail.com>
This message is logged when we don't actually act on it and is confusing
as a result. By moving it inside the conditional, we only log the
message when we actually notify webdriver that the load is complete.
Testing: Manual testing.
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
This patch ensures that the Servo HTML parser uses the appropriate
`TreeBuilderOpts` settings
as specified by the HTML specification.
Changes:
- **iframe_srcdoc:** Detect if the parsed document's URL scheme is
`about:srcdoc`, and set the parser’s iframe_srcdoc option accordingly.
- **quirks_mode:** Use the associated Document's quirks mode to set the
parser’s quirks mode flag, improving fragment parsing behavior.
- **scripting_enabled:** Add a `scripting_enabled` method to Document,
based on whether it has a browsing context, and set this flag for the
parser.
These updates align Servo's parsing behavior more closely with the
specification:
https://html.spec.whatwg.org/multipage/parsing.html#the-initial-insertion-mode
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by
`[X]` when the step is complete, and replace `___` with appropriate
data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix#35478
<!-- Either: -->
- [ ] There are tests for these changes
Signed-off-by: Emmanuel Elom <elomemmanuel007@gmail.com>
Spec says to check If target is not an auxiliary browsing context before
performing ResizeTo.
Fixes: #36701
Signed-off-by: Taym Haddadi <haddadi.taym@gmail.com>
The blob data is encoded asynchronously, therefore the canvas size may
have changed since it's data was saved to a snapshot. Using the canvas
size confuses the encoder, because the provided data does not match the
expected size anymore.
Testing: This change includes a new web platform test
Fixes https://github.com/servo/servo/issues/36702
---------
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
The legacy layout system used these pseudo-elements, but modern layout
no longer does, so they are unused. They can simply be removed.
Testing: No new tests as this is effectively dead code.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
This change switches `offsetParent`, `offsetLeft`, etc queries to use
the BoxTree fragments instead of walking the entire fragment tree. In
addition, fragments are stored for columns and colgroups. In general,
this greatly simplifies the flow of the query and prevents having to do
expensive tree walks.
Testing: This change is covered by newly passing WPT tests and three new
failures:
- /css/filter-effects/backdrop-filter-edge-clipping-2.html
- /css/filter-effects/backdrop-filter-edge-mirror.html
- /css/filter-effects/backdrop-filter-edge-pixels-2.html
These failures are actually progressions, because now the references
start
to render properly whereas before they did not.
Fixes: This is part of #36525 and #36665.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Oriol Brufau <obrufau@igalia.com>
This turned out to be a full rabbit hole. The new header
is parsed in the new `parse_csp_list_from_metadata` which
sets `disposition` to `report.
I was testing this with
`script-src-report-only-policy-works-with-external-hash-policy.html`
which was blocking the script incorrectly. Turns out that there
were multiple bugs in the CSP library, as well as a missing
check in `fetch` to report violations.
Additionally, in several locations we were manually reporting csp
violations, instead of the new `global.report_csp_violations`. As
a result of that, they would double report, since the report-only
header would be appended as a policy and now would report twice.
Now, all callsides use `global.report_csp_violations`. As a nice
side-effect, I added the code to set source file information,
since that was already present for the `eval` check, but nowhere
else.
Part of #36437
Requires servo/rust-content-security-policy#5
---------
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Signed-off-by: Tim van der Lippe <TimvdLippe@users.noreply.github.com>
This is a followup to #36629, continuing to implement script-based
layout queries using the `Fragment`s attached to the `BoxTree`. In this
change, geometry queris (apart from parent offset) are calculated using
`Fragment`s hanging of the `BoxTree`.
In order to make this work, all `Fragment`s for inlines split by blocks,
need to be accessible in the `BoxTree`. This required some changes to
the way that box tree items were stored in DOM `BoxSlot`s. Now every
inline level item can have more than a single `BoxTree` item. These are
carefully collected by the `InlineFormattingContextBuilder` -- currently
a bit fragile, but with more documentation.
Testing: There are tests for these changes.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Oriol Brufau <obrufau@igalia.com>
The command `./mach test-tidy` did not check the TOML files in the
subdirectories of components/shared/, since the argument for taglo
command was written as `components/shared/*.toml`.
This patch fixes it to include those TOML files in test-tidy.
Testing: It only involves python script for test-tidy. No test is
needed.
Fixes: #36659
Signed-off-by: Kingsley Yung <kingsley@kkoyung.dev>
https://drafts.csswg.org/css-align/#justify-block
Testing: Improves various WPT tests. `justify-self-auto-margins-2.html`
fails but I think the test is wrong.
Signed-off-by: Oriol Brufau <obrufau@igalia.com>
Instead of returning true / false it's better to return a Result (even
if we continue ignoring possible error).
Testing: Doesn't change any behavior
Signed-off-by: Jonathan Schwender <schwenderjonathan@gmail.com>
Implements https://fetch.spec.whatwg.org/#dom-response-json
Restructured the constructor to follow the spec more closely with a
separate "initialize the response" algorithm.
Testing: There are existing WPT tests for this.
---------
Signed-off-by: Sebastian C <sebsebmc@gmail.com>
Previously, when processing animations, the compositor would sent a tick
message to each pipeline. This is an issue because now the
`ScriptThread` always processes rendering updates for all `Document`s in
order to ensure properly ordering. This change makes it so that tick
messages are sent for an entire WebView. This means that each
`ScriptThread` will always receive a single tick for every time that
animations are processed, no matter how many frames are animating. This
is the first step toward a refresh driver.
In addition, we discard the idea of ticking animation only for
animations and or only for request animation frame callbacks. The
`ScriptThread` can no longer make this distinction due to the
specification and the compositor shouldn't either.
This should not really change observable behavior, but should make Servo
more efficient when more than a single frame in a `ScriptThread` is
animting at once.
Testing: This is covered by existing WPT tests as it mainly just improve
animation efficiency in a particular case.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Bumps [winnow](https://github.com/winnow-rs/winnow) from 0.7.6 to 0.7.7.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/winnow-rs/winnow/blob/main/CHANGELOG.md">winnow's
changelog</a>.</em></p>
<blockquote>
<h2>[0.7.7] - 2025-04-24</h2>
<h3>Fixes</h3>
<ul>
<li>Ensure <code>LocatedSlice</code> and <code>Stateful</code>s
<code>Stream::raw</code> gets the inner input</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="bb0cea3a79"><code>bb0cea3</code></a>
chore: Release</li>
<li><a
href="c887eee41b"><code>c887eee</code></a>
docs: Update changelog</li>
<li><a
href="296323d58c"><code>296323d</code></a>
Merge pull request <a
href="https://redirect.github.com/winnow-rs/winnow/issues/774">#774</a>
from tianyuanhao/inner-most</li>
<li><a
href="491ebfced9"><code>491ebfc</code></a>
fix(stream): Make raw() inner-most</li>
<li><a
href="3752dafb4b"><code>3752daf</code></a>
Merge pull request <a
href="https://redirect.github.com/winnow-rs/winnow/issues/767">#767</a>
from dqkqd/fix-ndjson-link</li>
<li><a
href="358080d29b"><code>358080d</code></a>
docs(topic): Fixed link ndjson</li>
<li><a
href="2566343d8d"><code>2566343</code></a>
Merge pull request <a
href="https://redirect.github.com/winnow-rs/winnow/issues/766">#766</a>
from epage/clippy</li>
<li><a
href="886a29dce1"><code>886a29d</code></a>
style: Help catch 'alloc' mistakes</li>
<li><a
href="03e4fc3e51"><code>03e4fc3</code></a>
style: Make clippy happy</li>
<li>See full diff in <a
href="https://github.com/winnow-rs/winnow/compare/v0.7.6...v0.7.7">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [derive_more](https://github.com/JelteF/derive_more) from 0.99.19
to 0.99.20.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/JelteF/derive_more/blob/v0.99.20/CHANGELOG.md">derive_more's
changelog</a>.</em></p>
<blockquote>
<h2>0.99.20 - 2025-04-23</h2>
<ul>
<li>Revert adding of Rust Playground metadata</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="adbf92c341"><code>adbf92c</code></a>
chore: Release derive_more version 0.99.20</li>
<li><a
href="f4ed4a1edc"><code>f4ed4a1</code></a>
Update changelog for 0.99.20</li>
<li><a
href="530db58e60"><code>530db58</code></a>
Revert "Add Rust Playground metadata"</li>
<li>See full diff in <a
href="https://github.com/JelteF/derive_more/compare/v0.99.19...v0.99.20">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This PR updates the `fetch_image_for_layout` function to include missing
security-related request settings:
- `insecure_requests_policy`
- `has_trustworthy_ancestor_origin`
- `policy_container`
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by
`[X]` when the step is complete, and replace `___` with appropriate
data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix#36591
<!-- Either: -->
- [X] There are tests for these changes
Signed-off-by: Emmanuel Elom <elomemmanuel007@gmail.com>
We previously ignored the opaque layout data field inside each node when
measuring a DOM node's memory usage. While some of the reachable memory
was accounted for by measuring the layout's box tree, measuring it via
the node ensures that we don't miss anything. Since there are often Arc
values involved, this means that the layout-thread box tree measurements
now look quite small, while reported JS heap usage has increased.
Testing: Manually compared about:memory for servo.org.
---------
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
This ensures that the select element is usable when there are a lot of
options.
Testing: We don't have tests for servoshell.
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
https://github.com/servo/servo/pull/36335 enabled all experimental
features for all wpt tests, but `dom_serviceworker_enabled` makes all
CTS tests fail, because servo reports working service worker impl, but
CTS pre-setup of worker fails due too incomplete impl. The solution is
that we disable service workers in CTS `__dir__.ini` (thus avoiding any
CTS worker code) until impl is stable enough.
Testing: This makes tests works again
Fixes: #36657
---------
Signed-off-by: sagudev <16504129+sagudev@users.noreply.github.com>
Currently Source related code exists in watcher.rs and thread.rs. This
change moves source-related code to a dedicated source.rs file. This is
in preparation for adding support for showing source code in the
Debugger > Source panel.
- [x] Testing: These changes should not affect current functionality as
it only moves the existing code
- [x] Fixes: part of https://github.com/servo/servo/issues/36027
---------
Signed-off-by: atbrakhi <atbrakhi@igalia.com>
Bumps [tokio-util](https://github.com/tokio-rs/tokio) from 0.7.14 to
0.7.15.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4d4d12613b"><code>4d4d126</code></a>
chore: prepare tokio-util v0.7.15 (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7283">#7283</a>)</li>
<li><a
href="5490267a79"><code>5490267</code></a>
fs: update the mockall dev dependency to 0.13.0 (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7234">#7234</a>)</li>
<li><a
href="1434b32b5a"><code>1434b32</code></a>
examples: improve echo example consistency (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7256">#7256</a>)</li>
<li><a
href="159a3b2c85"><code>159a3b2</code></a>
rt(unstable): remove alt multi-threaded runtime (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7275">#7275</a>)</li>
<li><a
href="ce87dcfbf0"><code>ce87dcf</code></a>
runtime: document the queue behavior of <code>spawn_blocking</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7269">#7269</a>)</li>
<li><a
href="d41d49d202"><code>d41d49d</code></a>
metrics: fix panic comment in <code>max_error</code> docs (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7273">#7273</a>)</li>
<li><a
href="7a6c424f6e"><code>7a6c424</code></a>
process: add <code>Command::spawn_with</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7249">#7249</a>)</li>
<li><a
href="c3037adac9"><code>c3037ad</code></a>
task: properly handle removed entries in <code>JoinMap</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7264">#7264</a>)</li>
<li><a
href="964fd06e0f"><code>964fd06</code></a>
benches: add helper functions for building runtimes (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7260">#7260</a>)</li>
<li><a
href="817fa605ee"><code>817fa60</code></a>
fs: avoid some copies in <code>tokio::fs::write</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7199">#7199</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tokio-rs/tokio/compare/tokio-util-0.7.14...tokio-util-0.7.15">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This reduces the boilerplate necessary for adding new
serializable/transferable interfaces to the structured cloning code. We
always need to root the deserialized objects when performing a read
operation, but we don't actually need the concrete object types in the
majority of cases. By storing a list of rooted JS object values, we can
push generic reflector objects into it, and extract the types we need
(MessagePort) at the very end.
Testing: Existing WPT structured cloning tests will provide coverage.
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
These PR adds `resource_available` as a common shared util
- [x] ./mach build -d does not report any errors
- [x] ./mach test-tidy does not report any errors
- [x] These changes partially implement
https://github.com/servo/servo/issues/36027
---------
Signed-off-by: atbrakhi <atbrakhi@igalia.com>
When doing any kind of query, up until now, containing block rectangles
were calculated by walking the `FragmentTree` until the node being
queried was found. In order to make possible answering queries without
walking the `FragmentTree`, `Fragment`s need to cache their cumulative
containing block rectangles.
This change adds a new `FragmentTree` pass (during construction) that
takes care of calculating and caching these values. The new cached value
is used during resolved style queries and also scrolling area queries
(with the idea that all queries will eventually use them).
In addition, extra `FragmentTree` walks used for cancelling animations
for elements no longer in the `FragmentTree` are integrated into this
new traversal.
Testing: Covered by existing WPT tests.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Oriol Brufau <obrufau@igalia.com>
This reworks the structure of reflow in `layout_thread_2020` in order to
make it more modular. The goal here is to allow possibly adding a new
fragment tree traversal and to, in general, make the code a bit more
organized.
Testing: This should not change any behavior so is covered by existing
WPT tests.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Oriol Brufau <obrufau@igalia.com>
Each canvas context returns snapshot instead of just raw bytes. This
allows as to hold off conversions (BGRA <-> RGBA, (un)premultiply) to
when/if they are actually needed. For example when loading snapshot into
webgl we can load both RGBA and BGRA so no conversion is really needed.
Currently whole thing is designed to be able to be extend on
https://github.com/servo/ipc-channel/pull/356, to make less copies.
Hence some commented out code.
Fixes#35759
There are tests for these changes in WPT
---------
Signed-off-by: sagudev <16504129+sagudev@users.noreply.github.com>
Adds a convenience macro that adds sane defaults to the tracing macro.
Closes: #36534
Testing:
- Pass in sample test cases and compare against expected behaviour.
---------
Signed-off-by: Astraea Quinn Skoutelli <astraea.quinn.skoutelli@huawei.com>
Bumps
[async-compression](https://github.com/Nullus157/async-compression) from
0.4.22 to 0.4.23.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/Nullus157/async-compression/blob/main/CHANGELOG.md">async-compression's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/Nullus157/async-compression/compare/v0.4.22...v0.4.23">0.4.23</a>
- 2025-04-21</h2>
<h3>Other</h3>
<ul>
<li><em>(deps)</em> update brotli requirement from 7.0 to 8.0</li>
<li><em>(deps)</em> update liblzma requirement from 0.3.6 to 0.4.0</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="aaac1a62ca"><code>aaac1a6</code></a>
chore: release v0.4.23</li>
<li><a
href="79c3dcced6"><code>79c3dcc</code></a>
Merge pull request <a
href="https://redirect.github.com/Nullus157/async-compression/issues/343">#343</a>
from Nullus157/dependabot/cargo/brotli-8.0</li>
<li><a
href="efba501fed"><code>efba501</code></a>
chore(deps): update brotli requirement from 7.0 to 8.0</li>
<li><a
href="a642a55a35"><code>a642a55</code></a>
Merge pull request <a
href="https://redirect.github.com/Nullus157/async-compression/issues/339">#339</a>
from Nullus157/dependabot/cargo/liblzma-0.4.0</li>
<li><a
href="2abd8e70af"><code>2abd8e7</code></a>
chore(deps): update liblzma requirement from 0.3.6 to 0.4.0</li>
<li><a
href="55af2a44ff"><code>55af2a4</code></a>
Merge pull request <a
href="https://redirect.github.com/Nullus157/async-compression/issues/338">#338</a>
from Nullus157/release-plz-2025-03-25T10-06-59Z</li>
<li>See full diff in <a
href="https://github.com/Nullus157/async-compression/compare/v0.4.22...v0.4.23">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [libm](https://github.com/rust-lang/compiler-builtins) from 0.2.12
to 0.2.13.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/rust-lang/compiler-builtins/releases">libm's
releases</a>.</em></p>
<blockquote>
<h2>libm-v0.2.13</h2>
<h3>Fixed</h3>
<ul>
<li>Switch back to workspace resolver v2 to unbreak builds without the
2024 edition</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0bdef053a0"><code>0bdef05</code></a>
chore: Release libm v0.2.13</li>
<li><a
href="dfd553af25"><code>dfd553a</code></a>
fix: Switch to resolver v2</li>
<li>See full diff in <a
href="https://github.com/rust-lang/compiler-builtins/compare/libm-v0.2.12...libm-v0.2.13">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
remove `webrender_document` in script and constellation's pipeline
Testing: `webrender_document` in script crate is not being referenced
anywhere in the Servo, should be safe to remove.
Fixes: https://github.com/servo/servo/issues/36647
Signed-off-by: Jason Tsai <git@pews.dev>
