Blink is the rendering engine used by Chromium.
To improve the open web through
technical innovation and good citizenship
Blink is an inclusive open-source community that values fostering a supportive culture. We welcome participation from anyone who shares our mission
Transparency is one of the core values of Blink. Our goal is for anyone to be able to participate, regardless of organizational affiliation. There are a number of areas where discussions take place:
- Chromium Bug Tracker: We use bugs to track and discuss desired features. We use Chromium's bug tracker, and mark our bugs with the "Cr-Blink" label. Click the star next to a bug’s name to receive email updates, and file new bugs here.
- Code Reviews: We use Rietveld, Chromium's code review tool, to comment on implementation strategies for changes we've decided to implement.
- #blink: We hang out on the #blink IRC channel on Freenode to have quick, informal discussions and answer questions. For more substantive discussion, a format with a permanent record is preferred.
- email@example.com is a general list for discussions relevant to the design and implementation of the project. The mailing list is analogous to chromium-dev and is the most high-traffic of the communication channels. There are also several more targeted sub-lists for discussion of specific areas of the codebase, which you can find here. None of these lists are appropriate for web development inquiries.
Watching for new features
For web developers interested in tracking new features, the signal-to-noise ratio of discussion forums might be too low to be useful. There are several dedicated channels for staying up-to-date on new features:
Committing and reviewing code
The process for becoming a committer
or an OWNER is the same as for the larger Chromium project, and code changes are approved by OWNERS
. Experience with the codebase
from working on WebKit will be taken into account to accelerate the process of becoming an OWNER.
Blink is implemented on top of an abstract platform and thus cannot be run by itself. The Chromium Content module
provides the implementation of this abstract platform required for running Blink. Developing for the Content module is covered in the Chromium developer docs.
Testing your changes can be done with a build of Content Shell or a full Chromium build. For some tips and suggestions on debugging Blink, see the page on Getting Started with Blink Debugging
Note that Blink code must conform to Blink Coding Style Guidelines
NOT Chromium Coding Style
How do I port Blink to my platform?
Blink runs on an abstract platform inside a sandbox and therefore has few operating-system-specific dependencies. This design has two consequences: (1) Blink cannot run alone, and (2) porting to other platforms happens at a different layer. Instead of adding platform-specific code to Blink, you should use Chromium’s content layer, which provides an implementation of this virtual platform on a wide variety of operating systems including Windows, Linux, Mac OS X, and Android. A separate project called the Chromium Embedded Framework
is probably the easiest way to use Chromium (and thus Blink) on your platform.
Web Platform Changes: Guidelines
In addition to making the web platform faster and more secure, improving the web platform also means adding new functionality and removing cruft. To fulfill our good citizenship mission, we need to be careful to change the web-facing API in a transparent, responsible, and compatible manner. We measure success as moving the open web platform forward as a whole, not just moving one implementation forward.
In practice, we strive to ensure that the features we ship by default have open standards. As we work on features, we track their progress in the web standards community with the Chromium Features Dashboard, which lets us be transparent about the status of each feature and about how we make decisions about which features to enable by default for the open web.
These guidelines cover non-trivial changes that are exposed to the open web or in some other way have implications for web developers, including changes that add or remove functionality or APIs. Changes that are not exposed to the open web (e.g., user interface features, extension APIs, or testing infrastructure) are outside the scope of this policy.
Policy for shipping and removing web platform API features
As browser implementers, we find that there’s often tension between (a) moving the web forward and (b) preserving compatibility. On one hand, the web platform API surface must evolve to stay relevant. On the other hand, the web’s primary strength is its reach, which is largely a function of interoperability. By definition, when any vendor ships a new feature (or is the first to remove an obsolete feature), the API change is not yet interoperable, so cross-browser compatibility is sacrificed, even if briefly. This section outlines our approach to resolving this tension.
Evaluating “compatibility risk”
Compatibility risk is the likelihood that a change will break (a) cross-browser interoperability and/or (b) existing web content loaded in Chromium.
Cross-browser compatibility risk is the risk that browsers will not eventually converge on an interoperable implementation of the API. Interoperability at a given time point is not a well-formed concept, because unless every browser shipped new features at exactly the same time then there is a period of non-interoperability. In practice, we forecast “compatibility risk” (a) by observing the public behavior of others in the web ecosystem. Heuristics that decrease risk a priori for an unshipped feature include, in rough order of importance:
- Other vendors already shipping compatible implementations
- A mature specification in the relevant standards body
- Positive signals from other browser vendors
- Lack of negative signals from other browser vendors
- A small API footprint
Compatibility with existing web content is important too. We use the usage data from http://chromestatus.com/metrics and feedback from web developers to guage the exent of this type of compatibility risk. Content risk is especially common with API removal, but is also a factor when adding new features (e.g. Unprefixed CSS Animations
Evaluating “moving the web forward”
A change to Blink’s API surface is said to “move the web forward” if it either (a) enables developers to build compelling applications for a large number of users, both now and in the future, and/or (b) reduces code complexity in Blink or Chromium.
Bucket (a) is subjective and changes over time. In 2014, we believe the most important changes for developers---and, by extension, users---are those that make the web more performant and easier to use on mobile devices. For more information, see the 2014 Blink goals brainstorming thread
Bucket (b) is important to make sure that the web’s progress is not overly constrained by its legacy. Simplifying the codebase allows us to make performance improvements, more quickly add more important features, and reduce binary size. In most cases, we believe these benefits will extend to other browsers as well.
Balancing “moving the web forward” and “compatibility risk”
To manage the project-wide tension between moving the web forward and preserving compatibility, we ask of each proposed API change: does this individual change strike the right balance between making the web better and minimizing compatibility risk?
In an ideal world, all changes would both drastically move the web forward and involve zero compatibility risk. In practice, this is rarely the case; features fit somewhere else on this chart:
Blink’s willingness to accept a change is largely determined by the change’s location on the chart above:
- If a change has low compatibility risk and significantly moves the web forward, Blink usually welcomes it (e.g., shipping unprefixed CSS Transforms).
- If a change has low compatibility risk but isn’t expected to significantly move the web forward, Blink usually still welcomes it. Occasionally, Blink will reject changes in this bucket to avoid technical complexity (e.g., not shipping our old implementation of CSS Variables).
- If a change has high compatibility risk and isn’t expected to significantly move the web forward, Blink will usually not welcome it (e.g., not shipping canvas supportsContext).
- If a change has high compatibility risk but is expected to significantly move the web forward, Blink will sometimes welcome it after careful, publicly-explained consideration (e.g. shipping Shadow DOM). In such cases, the implementer is expected to:
- Propose an editor’s draft (or equivalent) to the relevant standards group.
- Discuss the feature publicly with implementers of other browser engines.
- Take on an active commitment to shepherd the feature through the standards process, accepting the burden of possible API changes.
Of course, equal minds can disagree about the fuzzier aspects of these policies. For example, if a change increases runtime performance but consumes more battery, does it “move the web forward”? Or: what combination of the heuristics above precisely constitutes “high” compatibility risk?
To equitably resolve these kinds of questions on a per-change basis, Blink has a well-defined process
for discussing and approving web-facing API changes. It consists of code reviews, announcements to blink-dev, and formal API review meetings. The most formal requirement of the process is that API changes must receive an LGTM from at least three different API owners
before enabled by default on trunk. The API owners are responsible for making sure the policy described above is applied appropriately on a per-change basis.
Trivial platform changes do not need to meet the requirements above. For example, changes to existing APIs to improve compliance with web standards or to fix bugs are welcome. Trivial changes should be labeled as such in their code review. They should be small fixes that have low risk of disrupting web developers.
If we’re unsure about the extent to which a change will impact web developers, we may ask the contributor proposing the change to provide data quantifying the impact. If a project member questions whether a change is trivial, we will err on the side of caution and ask the contributor to meet the requirements above.
Historically, browsers have relied on vendor prefixes (e.g.,
) to ship experimental features to web developers. This approach can be harmful to compatibility because web content comes to rely upon these vendor-prefixed names. Going forward, instead of enabling a feature by default with a vendor prefix, we will instead keep the (unprefixed) feature behind the “enable experimental web platform features” flag in
until the feature is ready to be enabled by default. Mozilla has already embarked on a similar policy
and the W3C CSS WG formed a rough consensus around a complementary policy
Web Platform Changes: Process
Launch Process: New Features
1. Decide if your change needs to go through this process.
- If your change does not affect functionality exposed to the open web, you may skip the rest of this process. (The "open web" is accessible by entering a URL in the omnibox on a fresh Chrome install.)
- If you consider your change to be trivial, assert so in your patch. If your reviewer does not object, you may skip the rest of this process.
- If your change cannot be implemented in Blink but still exposes functionality to the open web:
- Add an entry on chromestatus.com.
- Send a "Web-Facing Change PSA" email to chromium-dev (CC blink-dev).
- Skip the rest of this process.
- Else, continue!
- If appropriate, create an entry on chromestatus.com and/or file an OWP launch tracking bug.
- In general, all non-trivial API changes need a bug and an entry. Small tweaks do not.
- You should file an OWP launch tracking bug if you expect Blink leads and/or web developers will be interested in starring to follow along with the feature's development (e.g. the Chrome for Android Web Audio OWP launch tracking bug was starred by 70+ people). OWP Launch tracking bugs kick off any necessary reviews like privacy and security and so are generally required.
- You should create an entry on chromestatus.com if you think web developers or other browser implementors will be interested in seeing this in the Chrome release notes. If you have a chromestatus.com entry you can replace the body template with just a link to your chromestatus.com entry (since the information is mostly redundant).
- Most changes should kick off a TAG review.
- You'll need to use an @chromium.org account for chromestatus.com. If you don't have one, please fill out this form.
- If you have trouble with chromestatus.com, please open an issue on GitHub.
- No formal approval is needed to proceed with implementation, but it's in your interest to build consensus: code cannot be checked into trunk without an LGTM in code review, and opposition on the "Implement" thread will likely resurface when you try to ship.
- Typically API OWNERS or other interested folks will reply with feedback within a week. If you don't get any feedback, that's fine. Feel free to move forward with implementation.
- You can collapse steps 2, 3, 4 and skip to step 5 by sending an "Intent to Implement and Ship" email. Follow the instructions in the “Intent to Implement” template.
- An in-person meeting will be scheduled if either a) 7 days pass without 3 LGTMs or b) an OWNER requests one.
- We clear the "unresolved intents" queue on Tuesdays, so usually you can expect a reply on or before the Tuesday after you send your intent.
Launch Process: Deprecation
Decide if your feature needs to go through this process.
- You can skip 2-5 if you’re removing a trivial feature (e.g. a quirk that is exclusive to WebKit, like RangeException).
- (In general, you don't need to be overly cautious removing features because Canary, Dev, and Beta users will complain if you break the web. That will give you a chance to revert your change before it reaches Stable. But if your reviewer suggests going through the rest of this process, do it.)
Carefully consider whether you can jump straight to deprecation without first measuring the feature's usage in the wild.
- If you're sure you're not going to cause compatibility problems, then you don't need to measure. If you're unsure, then measuring is probably a good idea.
- To measure:
- Add your feature to the UseCounter::Feature enum.
- Add MeasureAs=[your enum value here] to the feature's IDL definition.*
Email blink-dev using the "Intent to Deprecate" template.
- No formal approval is needed to proceed with deprecation, but it's in your interest to build consensus: code cannot be checked into trunk without an LGTM in code review, and opposition on the "Deprecate" thread will likely resurface when you try to remove.
- Typically API OWNERS or other interested folks will reply with feedback within a week. If you don't get any feedback, that's fine. Feel free to move forward with deprecation.
Deprecate: notify developers and measure usage.
- If you haven't, add your feature to the UseCounter::Feature enum.
- Instrument your code by either:
- Adding DeprecateAs=[your enum value here] to the feature's IDL definition.*^ See window.performance.webkitGetEntries, for example.
- Adding a call to UseCounter::countDeprecation somewhere relevant (as we did for the prefixed Content Security Policy headers).
- Notify developers by adding a clever deprecation message to the big switch in UseCounter::deprecationMessage. This will print a deprecation warning in the DevTools console.
Email blink-dev using the "Intent to Remove" template. Wait for LGTMs from ≥3 API OWNERS.
^ DeprecateAs is intended to replace MeasureAs in the IDL file. Specifying both is redundant.
* It takes 12-18 weeks to hit Stable once you enable instrumentation. See this thread for a discussion of which usage percentages are safe to remove.
Lessons from the first year of deprecations and removals
- We should weigh the benefits of removing an API more against the cost it has. %pageviews by itself is not the only metric we care about.
- The cost of removing an API is not accurately reflected by the UseCounter for older, widely implemented APIs. It's more likely that there's a longer-tail of legacy content that we're breaking.
- We shouldn't remove APIs that have small value on the path towards a removal that has significant value. Getting rid of attribute nodes *is* valuable and would benefit the platform. Getting rid of half the attribute node methods is not. So we should evaluate the usage of all the APIs we need to remove together in order to get there. Also, if we remove them, we should remove them all in the same release. Breaking people once is better than breaking them repeatedly in small ways.
- We should be more hesitant to remove older, widely implemented APIs.
- For cases where we're particularly concerned about the compatibility hit, we should do the removal behind a flag so that we can easily reenable the API on stable as we don't know the compat hit until the release has been on stable for a couple weeks.
Here's the current list of API OWNERS.
All members of the project are responsible for enforcing that new features follow the project’s policies. Project members who feel that a feature is violating the policy should raise the issue first with the contributor and, if that doesn’t resolve the issue, with the project’s public mailing list.
To complement this project-wide responsibility, we have a set of API owners who are listed in the OWNERS file of the API directory, a directory that contains the files that control the API we expose to the web (e.g., the WebIDL files, CSSNames.in). When reviewing changes to these files, the API owners should ensure that the changes meet the project’s guidelines for new features.
API Review meetings will be scheduled when API discussion over email is insufficient (per the Launch Process). API owners and contributors of features under discussion are welcome to attend. The purpose of the API Review meeting is to provide a high-bandwidth forum for discussion between API owners and feature implementors. The group makes decisions by consensus; at least three project OWNERS must be present for quorum. After the meeting the organizer will send notes, including any decisions, to blink-dev.
To improve transparency, we track development of new features on our Feature Dashboard. For each feature, the dashboard tracks our implementation status, the feature's progress through the standards process, our understanding of the opinion of other browser vendors and other key metrics.
We associate each value with a shade of red or green, corresponding to how the value reflects our web citizenship. For example, “opposition from another browser vendor” is red and “a similar implementation in another browser” is green. Viewed in aggregate, these colors provide a quick snapshot of the project’s overall web citizenship.
The dashboard data itself is also a useful high-level record of when features were implemented and a peek at what’s coming next. If you’d like to monitor lower-level changes as they happen, check out our Gitiles and SVN logs.
Guiding Principles for Process
- Minimize compatibility risk for released features.
- Minimize process burden once a change has been LGTMed by API owners.
- Minimize ambiguity.
- Block bad engineering investments upfront.
- Block incomplete features from being runtime-enabled.
- Create an audit trail, not necessarily a single approval funnel for all changes.
- Prefer email over meetings.
Openness and interoperability are core to the web platform’s philosophy and success. We are committed to delivering features that are interoperable. In addition to the checks and balances in our release process, we prioritize testing as a way to promote compatibility across browsers. It is our intention to increase our investment in testing over time.
In 2012, we submitted a comprehensive Shadow DOM conformance test suite to the W3C. We’ll continue to create conformance test suites like these, so that implementations for new features are interoperable from the beginning. To incentivize this, the feature dashboard has a column for conformance tests. If a feature has a test suite, its cell in that column is green. Otherwise, it’s red.
Going forward, we’ll be working with the W3C and the broader web community to share more tests and testing infrastructure as a way to encourage interoperability.
We’ve also been collaborating with Adobe to host Test the Web Forward events, where web developers and spec authors work together to write conformance tests that all browsers are evaluated against. So far (April 2013) there have been four such events, the most recent hosted by Google in Sydney. We're committed to this effort and are currently organizing the next event in Tokyo.
If you encounter a bug in Blink or a browser interoperability issue, please file a bug here.
With Blink we’re excited about the freedom to dream big for the Web. When Chromium started, our goal was to change as little of WebKit as possible, easing integration with the WebKit codebase. With Blink we are excited to make large-scale architectural changes to the code, without having to worry about breaking other consumers of WebKit.
One change we’re planning is adding “out-of-process iframes”. These allow Chromium to separate individual parts of a page into separate sandboxed processes. Implementing this will require large restructuring of how iframes are handled in WebKit. Some of this restructuring is incompatible with other WebKit ports and has thus been delayed until now.
As another example, we’d like to fix our networking code to be faster and simpler. Our current networking code in WebKit is limited by old Mac WebKit API obligations which cannot be changed. Chromium has worked around some of these limitations over the years, but these work-arounds have proven fragile and have long been a source of bugs. With Blink, we’re excited to refresh this networking code without forcing other WebKit consumers to break their WebKit API obligations.
Some of the other changes we're considering:
- Teach WebCore about multi-process history (currently it assumes same-process synchronous History access)
- Delete the Widget tree (a Mac WebKit1 constraint)
- Split WebCore into modules
- Experiment with moving the DOM into the JS heap
- Remove obscure parts of the DOM and make backwards-incompatible changes to obscure parts of the DOM that benefit performance or remove complexity.
- Use a modern, faster tcmalloc throughout all of Mac chrome
- Experiment with incremental or parallel layout
- Bring WebCore up to speed with DOM3 Events / [DOM] UI Events.
Changes previously considered and now done:
- Move code to use the sandbox Platform API directly instead of WebCore/platform where possible
- Establish a simpler, stricter tree-gardening system that does not require 2 full time engineers per day
- Replace WebKitIDL with WebIDL
The larger Blink team is divided in to a set of sub-teams each specializing in a particular part of the problem space and code base.
You can find answers to some of the most common web developer-facing questions in the Blink Developer FAQ.