Bump electron from 40.8.4 to 40.8.5 in /packages/template-electron

[dependabot]

Bumps electron from 40.8.4 to 40.8.5.

Release notes

Sourced from electron's releases.

electron v40.8.5

Release Notes for v40.8.5

Fixes

• Fixed a bug where Windows notification icons could fail to save because their temporary filenames contained invalid characters. #50484 (Also in 41)
• Fixed a crash in clipboard.readImage() when the clipboard contains malformed image data. #50491 (Also in 39, 41, 42)
• Fixed a crash when calling an offscreen shared texture's release() after the texture object was garbage collected. #50500 (Also in 39, 41, 42)
• Fixed an accessibility issue where the AXMenuOpened event was not fired on menu creation. #50505 (Also in 41, 42)
• Fixed an issue where an app shortcut may lose its icon after auto-updating on Windows. #50518

Other Changes

• Backported fix for chromium:475877320. #50438

Commits

• c09e2aa fix: outdated execution path for COM activation (#50518)
• 44f02f6 fix: hex-encode Windows notification icon temp filenames (#50484)
• 904fbbd fix: fall back to default DPI when GTK returns 0 on Linux (#50488)
• 36c88a4 fix: [a11y] fire AXMenuOpened event when ARIA menu is added to DOM (#50505)
• 9bf9c36 refactor: remove dead named-window lookup from guest-window-manager (#50495)
• d284168 fix: crash calling OSR shared texture release() after texture GC'd (#50500)
• 4aa3610 fix: crash in clipboard.readImage() on malformed image data (#50491)
• e1c17fd chore: cherry-pick fbfb27470bf6 from chromium (#50438)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
bugs	Ready	Preview, Comment	Apr 4, 2026 7:37am
remotion	Ready	Preview, Comment	Apr 4, 2026 7:37am

[JonnyBurger]

@pullfrog run bun i

[pullfrog]

Ran bun install on the PR branch, which updated bun.lock (2 insertions, 2 deletions). Committed and pushed the updated lockfile to the dependabot/npm_and_yarn/packages/template-electron/electron-40.8.5 branch.

  ^{｜ View workflow run ｜ Triggered by Pullfrog ｜ Using Big Pickle (free) ｜ 𝕏}