--- slug: whats-new summary: "A reverse-chronological record of recent additions, edits, and redrafts to Chromium Patterns, with per-checkpoint coverage metrics." --- # What's New Recent changes to *Chromium Patterns*. ## 2026-05-22 ### What's New - **Improved:** [Tribal Knowledge](tribal-knowledge.md) — Redrafted with a shorter opening, tighter Chromium-specific examples, repaired Technical Drill-Down links, and a four-part Notes for Agent Context block that tells AI coding agents how to handle unwritten Chromium constraints. - **Improved:** [Design Document Staleness](design-doc-staleness.md) — Edited with a shorter opening, cleaner Symptoms and Way Out sections, and a four-part Notes for Agent Context block that treats Chromium `docs/` pages as dated evidence rather than current truth. - **Improved:** [Formal-Informal Channel Split](formal-informal-split.md) — Redrafted with cleaner channel-classification guidance, two official Chromium references for public-vs-Slack authority, and a tighter Notes for Agent Context block for distinguishing citable formal records from informal operational knowledge. - **Improved:** [Main Thread Starvation](main-thread-starvation.md) — Redrafted with a shorter opening, tighter Chromium-specific symptoms and remediation guidance, verified external links, and concrete main-thread budget rules for AI coding agents. - **Improved:** [Memory Pressure Response](memory-pressure-response.md) — Edited with current Android Site Isolation thresholds, repaired source links, pinned Technical Drill-Down references, and tighter guidance on renderer consolidation and post-pressure frame budgets. - **Improved:** [Web Platform Backward Compatibility](web-backward-compatibility.md) — Edited with a tighter explanation of Chromium's compatibility commitment, current deprecation and removal lifecycle details, a pinned UseCounter source link, and a sharper Notes for Agent Context block. - **Improved:** [High-Value Bug Bounty](vrp-bug-bounty.md) — Redrafted with a shorter opening, tighter Chromium VRP tier explanation, verified V8CTF coverage, and a sharper distinction between Chrome VRP reports and V8 sandbox exploit-bounty submissions. - **Improved:** [Four-Channel Pipeline](four-channel-pipeline.md) — Edited with current Chrome release-channel framing, Chrome Enterprise Extended Stable and Beta-pilot guidance, a pinned `chrome/VERSION` source link, and sharper launch-state guidance for supply-chain automation. ### Metrics - Total articles: 40 - Coverage: 40 of 45 proposed concepts written (89%) - Articles changed since last checkpoint: 4 edits, 4 redrafts ## 2026-05-16 ### What's New - **New article:** [V8 Bytecode Verifier](bytecode-verifier.md) — Concept entry naming the static check V8 runs over every bytecode array before its instructions are permitted to execute, refusing any sequence whose execution could let in-cage corruption reach the trusted-side state the interpreter relies on; completes the V8 sandbox cluster's layered-defense story alongside V8 Heap Sandbox, V8 Trusted Space, and mseal-Based Forward-Edge CFI. - **New article:** [WICG Explainer](wicg-explainer.md) — The plain-language proposal document a Chromium contributor publishes in a Web Incubator Community Group repository before any Blink web-platform feature can post an Intent to Prototype; names the artifact's required template, locates it against the W3C Community Group framework and the TAG's Web Platform Design Principles, and walks three operational scenarios. - **Improved:** [Experiment That Became Permanent](permanent-experiment.md) — Redrafted with a 25% word-count reduction, a shorter and more accessible opening, and tighter prose throughout; median sentence length dropped from 26 to 17.5 words, the longest sentence shrank from 95 to 82 words, and the dense narrative paragraphs reorganize the same named cases (Privacy Sandbox's April 2024 third-party-cookie decision, the inherited stalled trial extended five times over four years) into a shape that's easier to scan and easier to apply. - **Improved:** [API Owner](api-owner.md) — Tighter sentences and clearer structure; median sentence length dropped from 27 to 18.5 words, the longest sentence shrank from 77 to 46 words, and the cross-cutting-concerns enumeration reads as a six-item list rather than one breath-stopping clause. - **Improved:** [Downstream Advance Access](downstream-advance-access.md) — Split ten long sentences (40–53 words) into shorter parallel assertions at their natural rhetorical pivots, and restructured the *Notes for Agent Context* block from a single dense paragraph into three scannable per-directive paragraphs; median sentence length dropped from 22 to 20 words, longest sentence dropped from 53 to 41, and sentences over 40 words went from six to one. - **Improved:** [Feature Flag Guarding](feature-flag-guarding.md) — Shorter sentences, cleaner rhythm, and no em-dash overuse, without changing what the entry says about Chromium's `base::Feature` discipline. - **Improved:** [Supply-Chain Vulnerability Lag](supply-chain-lag.md) — Split twelve long sentences (39–65 words) into shorter parallel assertions at their natural rhetorical pivots, opened up the dense *Why It Happens* causal-enumeration paragraphs, and restructured the *Notes for Agent Context* block into four scannable per-directive paragraphs; median sentence length dropped from 20 to 18 words and the longest sentence dropped from 65 to 39. - **Improved:** [Process Consolidation Under Memory Pressure](process-consolidation-memory.md) — Split twelve long sentences (40–81 words) into shorter parallel assertions, rewrote the four Solution-Scope bullet headers to use colons instead of em-dashes (dropping the prose em-dash count from ten to one), and restructured the *Notes for Agent Context* block into five short scannable per-directive paragraphs; median sentence length dropped from 28.5 to 18 words and the longest sentence dropped from 81 to 65. ### Metrics - Total articles: 40 - Coverage: 40 of 45 proposed concepts written (89%) - Articles changed since last checkpoint: 2 new, 5 edits, 1 redraft ## 2026-05-16 ### What's New - **New article:** [mseal-Based Forward-Edge CFI](mseal-forward-cfi.md) — Concept entry naming the layered defense (Linux `mseal(2)`-sealed executable memory plus Memory Protection Keys on indirect-call sites) that defeats the control-hijack step a V8 heap-sandbox bypass would otherwise convert into attacker-chosen code execution. - **Improved:** [Exploit Chain Anatomy](exploit-chain.md) — broke eleven long sentences (40-96 words) into shorter assertions for rhythm, split the *Notes for Agent Context* block into five scannable per-directive paragraphs, and split the Sources block into three topic-organized paragraphs. Median sentence length dropped from 23 to 20 words; longest sentence dropped from 96 to 48. - **Improved:** [Three-LGTM API Owner Gate](three-lgtm-gate.md) — tightened the intent line into a colon-led structure, repaired three rotted Technical Drill-Down URLs by replacing them with canonical Blink API owners governance pages on chromium.org plus a commit-pinned permalink to the `third_party/blink/API_OWNERS` roster file, and updated the Sources block and *Notes for Agent Context* directive to name the current locations of the procedural documentation. - **Improved:** [OWNERS File Governance](owners-file-governance.md) — tightened the intent line into active voice with the commit queue named as the gate's actor, dropped catalog-self-reference framing from three cross-reference sites, condensed the agent-context block from five imperatives to four, and refreshed link-verification dates after re-checking all six source-tree references. - **Improved:** [Sandbox Escape Chain](escape-chain.md) — broke the parallel "becomes" and "In X, ..." cadences in the Consequences and How to Recognize It sections, and compressed several long sentences without dropping any named entity, citation, or technical detail. - **Improved:** [Conway's Law in Multi-Org Chromium](conways-law.md) — tightened the entry for clarity and rhythm with shorter sentences, varied paragraph shapes, and cleaner reference framing while preserving every named organization, date, and citation. - **Improved:** [RAIL Performance Model](rail-performance-model.md) — a tighter lede, a cleaner four-way diagnostic for localizing perceived-slow pages, and varied sentence cadence in the Consequences section. - **Structural:** Section-overview pages for [Security Response](security-response.md), [Governance and Web Standards](governance-standards.md), and [the Process Trust Model](process-trust-model.md) now name every shipping article in their section by title, so readers scanning the section openers can see the full inventory without paging into the table of contents. ### Metrics - Total articles: 38 - Coverage: 38 of 44 proposed concepts written (86%) - Articles changed since last checkpoint: 1 new, 6 edits, 1 structural cleanup ## 2026-05-16 ### What's New - **New article:** [V8 Trusted Space](v8-trusted-space.md) — the companion region of V8's address space that holds bytecode arrays, JIT-emitted code, and the authoritative parts of WebAssembly instance objects; sandboxed code can reach trusted space only through a tagged pointer table by handle, never by raw address. - **Improved:** [Embargoed Disclosure](embargoed-disclosure.md) — tightened the first body paragraph by cutting trailing fluff, split two dense seven-sentence How-It-Plays-Out scenarios into shorter four-paragraph narratives that follow the bug-confirmation and embargo-break arcs, and qualified the bare "sandbox escapes" enumeration to "renderer sandbox escapes" so the catalog's distinction from the V8 heap sandbox stays sharp. - **Improved:** [IPC Integer Type Discipline](ipc-integer-discipline.md) — sharper sentence rhythm and tighter language; split a few long run-ons in the Problem and worked-example scenarios for easier skimming, and removed a stray reference to the article's place in the book. - **Improved:** [Rendering Pipeline](rendering-pipeline.md) — cut em-dash density to zero prose em-dashes, split a dense *Notes for Agent Context* paragraph for scannability, and broke a long foundational-fact sentence at its rhetorical pivot for rhythm. - **Sources:** [Origin Trial](origin-trial.md) — expanded the Sources section to credit Jason Chase as the framework's named designer at Google, cite Alex Russell's essay *Doing Science on the Web* as the conceptual origin, and name the vendor-prefix critiques the framework was built in response to. ### Metrics - Total articles: 37 - Coverage: 37 of 42 proposed concepts written (88%) - Articles changed since last checkpoint: 1 new, 3 edits, 1 sources ## 2026-05-16 ### What's New - **New article:** [Deprecation Trial](deprecation-trial.md) — the reverse origin trial Chromium uses to give dependent sites a calibrated migration window before a web-platform feature's removal reaches every user. - **Improved:** [Stateless IPC Interface](stateless-ipc-interface.md) — tightened the two-sentence intent, split the longest sentences for clearer rhythm, replaced one structural em-dash with parentheticals, and added natural contractions. - **Improved:** [Stateful IPC Initialization](stateful-ipc-init.md) — tightened the italic intent, retired four em-dash-bracketed parentheticals to clear the prose em-dash budget, split the longest sentences into shorter rhythmic units, and rewrote the four-step refactor enumeration as four imperative sentences for skimmers. - **Improved:** [V8 Heap Sandbox](v8-heap-sandbox.md) — retired one prose em-dash to clear the budget, split the longest sentences across Context, Rationale, Ongoing Consequences, and Reversal Conditions into shorter rhythmic units with named scenarios in place of stacked parentheticals, and expanded the "RCE" acronym inline on first use. - **Improved:** [Skia Graphite Transition](skia-graphite.md) — corrected the load-bearing factual claims against the canonical July 2025 launch announcement (the pre-edit entry dated the Apple Silicon launch to Chrome 120 in December 2023), added Dawn as the WebGPU abstraction layer Graphite consumes, replaced two broken Skia documentation URLs with working source-tree references, added a "Where the names come from" accessibility gate explaining Skia / Ganesh / Graphite for non-specialists, and split the buried-lede italic intent into two sentences. ### Metrics - Total articles: 36 - Coverage: 36 of 42 proposed concepts written (86%) - Articles changed since last checkpoint: 1 new, 4 edits ## 2026-05-15 ### What's New - **New article:** [Formal-Informal Channel Split](formal-informal-split.md) — the structural split between Chromium's archived formal channels (blink-dev, Gerrit, issues.chromium.org, `docs/`, chromestatus.com) and ephemeral informal channels, plus the gap between where decisions are supposed to live and where current operational knowledge often lives. - **New article:** [OWNERS File Governance](owners-file-governance.md) — the recursive directory-scoped review authority regime, including inheritance, `set noparent`, `per-file` rules, `file://` inheritance, and the common confusion between OWNERS LGTMs and API-owner LGTMs. - **New article:** [Finch Variations](finch-variations.md) — how Chromium's server-side variations system changes feature defaults across the installed base without shipping a new binary, enabling graduated rollouts, A/B measurement, and emergency kill-switches outside the four-week Stable cadence. - **New article:** [Experiment That Became Permanent](permanent-experiment.md) — the origin-trial failure mode where an announced sunset is never invoked because dependent-population growth makes removal politically expensive while the original gate makes shipping procedurally hard. - **New article:** [Web Platform Backward Compatibility](web-backward-compatibility.md) — Chromium's commitment that code working in a prior Chrome version should keep working in subsequent versions, enforced through UseCounter measurement and the Intent-to-Deprecate / Intent-to-Remove pipeline. - **Improved:** [Untrusted Renderer Axiom](untrusted-renderer-axiom.md) — tightened prose, compressed the *Notes for Agent Context* block, broke up the long Gerrit-comments sentence, and reduced the prose em-dash count to zero. ### Metrics - Total articles: 35 - Coverage: 35 of 42 proposed concepts written (83%) - Articles changed since last checkpoint: 5 new, 1 edit ## 2026-05-13 ### What's New - **New article:** [API Owner](api-owner.md) — the dozen-person Blink roster whose LGTMs the Intent to Ship gate counts, three common misreadings (senior-engineer-equals-API-owner, authority-routes-through-management, API-owner-evaluates-code-quality), and an agent-context rule that web-platform contributions need their Intent artifacts surfaced alongside the code. - **New article:** [Four-Channel Pipeline](four-channel-pipeline.md) — the four release channels (Canary, Dev, Beta, Stable) and the population, cadence, and operational claim each one warrants; the release-discipline section's load-bearing vocabulary anchor. - **New article:** [Conway's Law in Multi-Org Chromium](conways-law.md) — Melvin Conway's 1968 observation that organizations produce designs mirroring their communication structure, specialized to the Chromium project's contribution distribution (Google ~90%, Microsoft Edge, Igalia, Intel, Samsung, Opera in the second decile) and the architectural negotiation it encodes. - **New article:** [Feature Flag Guarding](feature-flag-guarding.md) — the discipline that gates every Chromium feature behind a `base::Feature` flag from the moment its code lands, the runtime `IsEnabled()` check at every call site, and the cleanup obligation once the feature reaches Stable; includes the canonical declaration shape, three exhibits, and an agent-context block binding five specific behaviors for AI coding agents producing Chromium contributions. - **New article:** [Origin Trial](origin-trial.md) — the time-boxed, per-origin, signed-token mechanism that gives a new web-platform feature opted-in production traffic before it ships to Stable, with the five-step registration-and-deployment mechanism and the tradeoffs every site operator and downstream Chromium vendor has to read. - **New article:** [Stable as Trust Boundary](stable-trust-boundary.md) — the concept entry naming what reaching Chrome's Stable channel warrants, what it does not, and why the asymmetry between landing on Canary and reaching Stable is the foundational vocabulary the release-discipline antipatterns hang off. - **Improved:** [Site Isolation](site-isolation.md) — tightened sentences, expanded contractions, split overlong clauses in Context, Rationale, and Reversal Conditions, replaced a hedge stack and a banned filler word, eliminated a tricolon-reflex repetition in the cross-process-navigation passage, and recast a parenthetical weakener into its own paired sentence; the article advances from initial draft to edited with no structural, citation, link, or factual changes. - **Improved:** [Browser-Renderer Privilege Split](browser-renderer-split.md) — rewrote three em-dash parentheticals as plain parentheses to pull the prose under the style-guide cap, broke the cross-platform sandbox-mechanism listing into shorter parallel sentences, varied the repeated noun "asymmetry" with semantically precise alternates in eight positions, and replaced an imprecise synonym ("another tab's data") with the precise "another renderer's data" per the per-book style guide. ### Metrics - Total articles: 30 - Coverage: 30 of 42 proposed concepts written (71%) - Articles changed since last checkpoint: 6 new, 2 edits ## 2026-05-13 ### What's New - **New article:** [Supply-Chain Vulnerability Lag](supply-chain-lag.md) — the antipattern that names the failure mode where a Chromium-based product (enterprise browser, Electron application, WebView2 consumer, AI coding editor) lets the upstream patch cadence outrun its own release pipeline, with the May 2025 CVE-2025-4609 case (Cursor, Windsurf) as the canonical instance and four operational moves for downstream vendors to close the lag. - **New article:** [RAIL Performance Model](rail-performance-model.md) — the four-part user-centric framework (Response 50 ms, Animation 16 ms per frame, Idle 50 ms chunks, Load 5 s to interactive) that anchors every Chromium performance discussion, with the page-side / perception-window distinction and the four-budget diagnostic rubric. - **New article:** [Rendering Pipeline](rendering-pipeline.md) — the seven-stage vocabulary (Parse, Style, Layout, Paint, Compositing, Raster, Display) that makes Chromium performance discussions legible, with the main-thread / compositor-thread / GPU-process split as the foundational performance fact and the diagnosis-from-stage logic that turns "the page is slow" into a specific engineering question. - **New article:** [Main Thread Starvation](main-thread-starvation.md) — the antipattern that explains why blocking the renderer's main JavaScript thread for more than 50 ms produces the unresponsive controls every reader has experienced as a user, and how to recognize, instrument, and escape it. - **New article:** [Sandbox Escape Chain](escape-chain.md) — the canonical three-link structure of a modern full-host-compromise Chromium exploit (V8 type confusion, V8-heap-sandbox bypass, renderer-to-browser Mojo escalation) and the trust-model framing that explains severity-rating discipline, Vulnerability Rewards Program bounty calibration, embargo-window planning, and the structural argument for the project's most expensive defenses. - **New article:** [Exploit Chain Anatomy](exploit-chain.md) — the security-response framing of the canonical three-link Chromium exploit that determines CVE severity, VRP bounty payout, embargo window, and downstream patch urgency, with the 2025 CVE-2025-4609 case and the 2022 CVE-2022-1364 misreading as exhibits and a deliberate sibling pairing with Sandbox Escape Chain. - **New article:** [Memory Pressure Response](memory-pressure-response.md) — the four-level ordered sequence Chromium executes when the operating system reports memory pressure (background pre-discard bookkeeping, tab discarding at MODERATE, renderer-process consolidation that conditionally relaxes Site Isolation, GPU cache eviction and renderer trim at CRITICAL), anchored on the Android 1.4 GB threshold and the password-sites-only fallback. - **New article:** [Process Consolidation Under Memory Pressure](process-consolidation-memory.md) — the trust-model framing of the renderer-merging move that Chromium executes when available memory falls below the Android 1.4 GB threshold (or its desktop equivalent), naming three concentric scopes (Scope A: password-handling sites keep their own renderer; Scope B: COOP/COEP `crossOriginIsolated` opt-in keeps a site held out of consolidation; Scope C: other cross-site origins may share a renderer below the threshold), with three exhibits and a deliberate sibling pairing with Memory Pressure Response. - **New article:** [Three-LGTM API Owner Gate](three-lgtm-gate.md) — the Concept entry naming the hard rule that an Intent to Ship clears only after three Blink API owners each post LGTM in the public thread, with named exhibits for the three regimes contributors most often conflate (Gerrit LGTM, OWNERS LGTM, API-owner LGTM) and an agent-actionable Notes block for AI coding agents working on Blink web-platform contributions. - **New article:** [High-Value Bug Bounty](vrp-bug-bounty.md) — the Pattern entry naming the Chromium Vulnerability Rewards Program as a structural population-level lever on where high-severity browser bugs end up, with the named tier structure ($250,000 / $85,000 / long tail), the calibration to the chain anatomy, the gap to the offensive market the program cannot close on price alone, and an agent-actionable Notes block for downstream-product security review. - **New article:** [Skia Graphite Transition](skia-graphite.md) — the Decision entry that documents the 2022–2024 replacement of Chromium's long-standing Skia Ganesh GPU rasterization backend with Skia Graphite (authored against Metal, Vulkan, and Direct3D 12), with the Chrome 120 Apple Silicon Stable launch and its ~15% MotionMark 1.3 improvement as the empirical case, four rejected alternatives, six load-bearing ongoing consequences (including the pipeline cache as a Level 4 memory-pressure target whose eviction converts Graphite's in-frame compile guarantee into a conditional one), and three reversal conditions; Ganesh ships as fallback for hardware lacking a working modern-API path. ### Metrics - Total articles: 24 - Coverage: 24 of 42 proposed concepts written (57%) - Articles edited since last checkpoint: 11 ## 2026-05-13 ### What's New - **New article:** [Embargoed Disclosure](embargoed-disclosure.md) — how Chromium holds high- and critical-severity vulnerabilities private after a fix lands so downstream consumers (Edge, Brave, Electron, enterprise browsers) can integrate the patch before attackers can reverse-engineer it. - **New article:** [Downstream Advance Access](downstream-advance-access.md) — how Microsoft Edge, Brave, Electron applications, and other Chromium-based products register for the advance-notification list that turns the embargo window from a Google-internal privilege into a downstream-vendor capability, what the notifications carry, and what obligations registration imposes. - **New article:** [Tribal Knowledge](tribal-knowledge.md) — the body of architectural constraints, historical rationale, and unwritten conventions that lives in senior Chromium contributors' heads rather than in `docs/`, with Chromium-specific recognition signs, three Plays-Out scenarios spanning conversion success, conversion failure, and an AI-coding-agent failure, and a Polanyi/Nonaka-Takeuchi lineage that grounds the concept in the established organizational-learning literature. - **New article:** [IPC Integer Type Discipline](ipc-integer-discipline.md) — the operational arithmetic rule at the Mojo IPC trust boundary, naming the explicit-unsigned-width requirement and the `base/numerics/safe_conversions.h` discipline that close the integer-overflow family of bugs at the renderer-to-browser boundary. - **New article:** [V8 Heap Sandbox](v8-heap-sandbox.md) — the Decision entry naming the 2024 choice to isolate V8's JavaScript heap inside a one-terabyte virtual address region with 40-bit offsets, and the consequences that govern every V8-touching contribution (and every AI coding agent that generates V8 code) since. - **New article:** [Design Document Staleness](design-doc-staleness.md) — the foundational epistemological antipattern, naming the trap where a Chromium design document accurately described the architecture when written but has stopped tracking the code, and the reader-level discipline (Git-history-dated reading, commit-SHA citation, source-tree cross-checks, agent grounding-context qualification) that survives the absence of a project-level fix. - **Improved:** [Intent to Ship Pipeline](intent-ship-pipeline.md) — refactored the six-stage Solution paragraph into a bulleted list, expanded the LGTM, WICG, and TAG acronyms on first use, and corrected a Liabilities-paragraph claim about `blink-dev` correspondence conventions. - **Improved:** [Multi-Process Architecture](multi-process-architecture.md) — split the run-on italic lede into two sentences, broke up the longest sentences in the Rationale, Ongoing Consequences, Notes for Agent Context, and Sources sections, and reordered the Sources founding-citation sentence subject-first so the reader meets the title before the seven-name author list. ### Metrics - Total articles: 13 - Coverage: 13 of 42 proposed concepts written (31%) - Articles edited since last checkpoint: 8 ## 2026-05-13 ### What's New - **Improved:** [Introduction](introduction.md) — the landing page now walks readers through the seven-domain scope, the pattern-language method, and reader paths for both Chromium practitioners and executives entering the domain. - **New article:** [Intent to Ship Pipeline](intent-ship-pipeline.md) — the six-stage public pipeline that moves a Blink web-platform feature from Explainer through Origin Trial to three API-owner LGTMs and Stable, with named approver populations at every gate and an agent-context binding for what shipping means in Chromium. - **New article:** [Multi-Process Architecture](multi-process-architecture.md) — Chromium's founding 2006-2008 choice to run browser components as separate OS processes, with an Alternatives Considered table that names what was rejected and why, a three-property Rationale, and a Reversal Conditions section that treats the architecture as effectively permanent. - **New article:** [Site Isolation](site-isolation.md) — the 2017-2018 Spectre-forced extension of the per-tab process boundary to a per-site boundary, with an Alternatives Considered table that names the partial mitigations the project also shipped and a treatment of the ~10-13% desktop memory cost and Android conditional relaxation. - **New article:** [Browser-Renderer Privilege Split](browser-renderer-split.md) — the trust asymmetry between Chromium's privileged browser process and its deliberately unprivileged renderer processes, with "sandboxed" defined precisely (OS-level capability denial at process creation, not container isolation) and three operational scenarios. - **New article:** [Untrusted Renderer Axiom](untrusted-renderer-axiom.md) — the operational rule that converts the browser-renderer privilege split into an enforceable invariant: every byte from a renderer is treated as attacker-controlled, every browser-side handler validates as if no upstream validation existed, and the rule holds even when the renderer's own checks are provably correct. - **New article:** [Stateless IPC Interface](stateless-ipc-interface.md) — why every Mojo method between renderer and browser must validate its message on its own merits, with no prior call's state load-bearing on the security check. - **New article:** [Stateful IPC Initialization](stateful-ipc-init.md) — the trap of designing a Mojo interface that requires sequential method calls (an `Init()` before any operational call) and the three exploitation shapes a compromised renderer uses against it, with the concrete refactoring moves that convert a stateful interface to a stateless one. ### Metrics - Total articles: 7 - Coverage: 7 of 42 proposed concepts written (17%) - Articles edited since last checkpoint: 7 --- - [Next: Pattern Map](pattern-map.md) - [Previous: Introduction](introduction.md)