Deprecate chromium installer, add arm64 Linux support for chrome-headless-shell#14334
Open
Deprecate chromium installer, add arm64 Linux support for chrome-headless-shell#14334
Conversation
CfT API has no linux-arm64 builds. Add functions to fetch Playwright's browsers.json and construct download URLs from their CDN, which hosts arm64 chromium-headless-shell builds. Also update detectCftPlatform() to return a valid PlatformInfo for arm64 instead of throwing.
- Route latestRelease() through Playwright CDN on arm64 Linux - Use "headless_shell" binary name for Playwright CDN builds - Check both binary names in chromeHeadlessShellExecutablePath() and isInstalled() - Add Playwright CDN integration test (skipped on CI)
Print deprecation warning and transparently redirect to chrome-headless-shell. No new prompts — CI/automation that uses 'quarto install chromium' continues to work without changes. 'quarto update chromium' also uninstalls legacy chromium if present before installing chrome-headless-shell.
Binder environments now install chrome-headless-shell instead of the legacy chromium tool for mermaid/graphviz rendering support.
Updates bundled Chromium used in Playwright integration tests.
The file now handles both CfT API and Playwright CDN downloads.
detectCftPlatform → detectChromePlatform, findCftExecutable → findChromeExecutable, downloadAndExtractCft → downloadAndExtractChrome, CftPlatform → ChromePlatform. These functions now handle both CfT API and Playwright CDN platforms. CfT-specific types (CftDownload, CftStableRelease, fetchLatestCftRelease) keep their names since they are genuinely CfT-only. Also refactor detectChromePlatform() to include linux-arm64 in the platform map instead of special-casing it, and restore proactive legacy chromium uninstall on the update redirect path.
- isPlaywrightCdnPlatform: check platform === "linux-arm64" instead of re-checking raw os/arch values (single source of truth) - detectChromePlatform error message: say "chrome-headless-shell" not "Chrome for Testing" since the function covers both CfT and Playwright - Fix misleading comment in tools-console.ts deprecation redirect
Call detectChromePlatform() once and pass the result to both isPlaywrightCdnPlatform() and the CfT platform destructure, instead of computing it twice.
Single source of truth for the platform-dependent binary name (chrome-headless-shell on CfT platforms, headless_shell on Playwright arm64). Used by chromeHeadlessShellExecutablePath, isInstalled, and preparePackage instead of duplicating the check or trying both names.
On unsupported platforms, detectChromePlatform() throws. The previous code was tolerant because findChromeExecutable caught this internally and fell back to a directory walk. Now that chromeHeadlessShellBinaryName calls isPlaywrightCdnPlatform directly, catch the exception and default to the CfT binary name to preserve non-throwing probe behavior.
External HTTP tests (CfT API and Playwright CDN) are skipped on CI to avoid flaky failures from network issues. They run locally to catch API contract changes. Removed misleading "arm64 only" from comment — these tests validate platform-independent code.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
quarto install chromiumuses Puppeteer 9.0.2 (2021), which pins a Chromium revision far older than the CVE-2026-5281 fix. On arm64 Linux,quarto install chrome-headless-shelldoesn't work because Google's Chrome for Testing (CfT) API has no arm64 builds — forcing arm64 users to fall back to the vulnerable legacy installer or install a system Chrome manually.Deprecation
quarto install chromiumandquarto update chromiumnow print a deprecation warning and transparently redirect tochrome-headless-shell. No new interactive prompts are added, so CI pipelines usingquarto install chromium --no-promptcontinue to work without changes.quarto uninstall chromiumis unchanged, allowing users to clean up legacy installs.On the
updatepath, legacy chromium is uninstalled before the chrome-headless-shell install begins.installTool()callsDeno.exit()on completion, so cleanup after install is not possible — the uninstall happens upfront.arm64 Linux via Playwright CDN
On arm64 Linux,
chrome-headless-shellinstall now uses Microsoft's Playwright CDN as the download source (same approach as Remotion). Version metadata comes from Playwright'sbrowsers.json, which tracks Chrome stable closely. The arm64 binary is namedheadless_shellin achrome-linux/directory layout, compared to CfT'schrome-headless-shellinchrome-headless-shell-{platform}/.chromeHeadlessShellBinaryName()abstracts this difference for all call sites.detectChromePlatform()(renamed fromdetectCftPlatform) now includeslinux-arm64in the platform map rather than throwing.isPlaywrightCdnPlatform()routes to the Playwright code path based on the mapped platform value.Binder
Generated post-build scripts now use
quarto install chrome-headless-shellinstead ofquarto install chromium. The internalQuartoTooltype keeps"chromium"as a generic "needs a headless browser" signal — only the generated shell command changed.Test Plan
quarto install chromium --no-promptshows deprecation warning, installs chrome-headless-shellquarto uninstall chromiumstill works for legacy cleanupCloses #11877