diff --git a/.gitignore b/.gitignore
index 06de94ba..e0cf9392 100644
--- a/.gitignore
+++ b/.gitignore
@@ -20,3 +20,4 @@
 /Tinos-Regular.ttf
 /Ahem.ttf
 /node-v8.9.1-linux-x64.tar.gz
+/node-v10.15.3-linux-x64.tar.gz
diff --git a/chromium-76.0.3809.100-gcc-no-alignas-and-export.patch b/chromium-76.0.3809.100-gcc-no-alignas-and-export.patch
new file mode 100644
index 00000000..cc91d1ef
--- /dev/null
+++ b/chromium-76.0.3809.100-gcc-no-alignas-and-export.patch
@@ -0,0 +1,14 @@
+diff -up chromium-76.0.3809.100/third_party/blink/renderer/core/css/css_property_value_set.h.gcc-no-alignas chromium-76.0.3809.100/third_party/blink/renderer/core/css/css_property_value_set.h
+--- chromium-76.0.3809.100/third_party/blink/renderer/core/css/css_property_value_set.h.gcc-no-alignas	2019-08-09 16:48:13.000000000 +0200
++++ chromium-76.0.3809.100/third_party/blink/renderer/core/css/css_property_value_set.h	2019-08-15 21:04:30.231532746 +0200
+@@ -176,8 +176,8 @@ class CSSLazyPropertyParser
+   DISALLOW_COPY_AND_ASSIGN(CSSLazyPropertyParser);
+ };
+ 
+-class CORE_EXPORT alignas(Member<const CSSValue>) alignas(
+-    CSSPropertyValueMetadata) ImmutableCSSPropertyValueSet
++class CORE_EXPORT ALIGNAS(alignof(Member<const CSSValue>))
++    ALIGNAS(alignof(CSSPropertyValueMetadata)) ImmutableCSSPropertyValueSet
+     : public CSSPropertyValueSet {
+  public:
+   ImmutableCSSPropertyValueSet(const CSSPropertyValue*,
diff --git a/chromium-76.0.3809.100-vtable-symbol-undefined.patch b/chromium-76.0.3809.100-vtable-symbol-undefined.patch
new file mode 100644
index 00000000..64532df9
--- /dev/null
+++ b/chromium-76.0.3809.100-vtable-symbol-undefined.patch
@@ -0,0 +1,11 @@
+diff -up chromium-76.0.3809.100/net/quic/platform/impl/quic_default_proof_providers_impl.cc.vtable-symbol-undefined chromium-76.0.3809.100/net/quic/platform/impl/quic_default_proof_providers_impl.cc
+--- chromium-76.0.3809.100/net/quic/platform/impl/quic_default_proof_providers_impl.cc.vtable-symbol-undefined	2019-08-20 21:21:24.901899270 +0200
++++ chromium-76.0.3809.100/net/quic/platform/impl/quic_default_proof_providers_impl.cc	2019-08-20 21:19:30.361746211 +0200
+@@ -18,6 +18,7 @@
+ #include "net/quic/crypto/proof_verifier_chromium.h"
+ #include "net/third_party/quiche/src/quic/platform/api/quic_flags.h"
+ #include "net/third_party/quiche/src/quic/platform/api/quic_ptr_util.h"
++#include "net/quic/platform/impl/quic_flags_impl.cc"
+ 
+ DEFINE_QUIC_COMMAND_LINE_FLAG(std::string,
+                               certificate_file,
diff --git a/chromium-77.0.3865.75-certificate-transparency.patch b/chromium-77.0.3865.75-certificate-transparency.patch
new file mode 100644
index 00000000..82e2958e
--- /dev/null
+++ b/chromium-77.0.3865.75-certificate-transparency.patch
@@ -0,0 +1,539 @@
+diff -up chromium-77.0.3865.75/chrome/browser/net/system_network_context_manager_browsertest.cc.certificate-transparency chromium-77.0.3865.75/chrome/browser/net/system_network_context_manager_browsertest.cc
+--- chromium-77.0.3865.75/chrome/browser/net/system_network_context_manager_browsertest.cc.certificate-transparency	2019-09-12 16:09:52.818635106 +0200
++++ chromium-77.0.3865.75/chrome/browser/net/system_network_context_manager_browsertest.cc	2019-09-12 16:11:07.662562005 +0200
+@@ -21,6 +21,7 @@
+ #include "components/version_info/version_info.h"
+ #include "content/public/common/content_switches.h"
+ #include "content/public/common/user_agent.h"
++#include "services/network/public/cpp/network_service_buildflags.h"
+ #include "services/network/public/mojom/network_context.mojom.h"
+ #include "services/network/public/mojom/network_service.mojom.h"
+ #include "testing/gmock/include/gmock/gmock.h"
+@@ -356,3 +357,55 @@ IN_PROC_BROWSER_TEST_P(SystemNetworkCont
+ INSTANTIATE_TEST_SUITE_P(,
+                          SystemNetworkContextManagerFreezeQUICUaBrowsertest,
+                          ::testing::Values(true, false));
++
++class SystemNetworkContextManagerCertificateTransparencyBrowsertest
++    : public SystemNetworkContextManagerBrowsertest,
++      public testing::WithParamInterface<base::Optional<bool>> {
++ public:
++  SystemNetworkContextManagerCertificateTransparencyBrowsertest() {
++    SystemNetworkContextManager::SetEnableCertificateTransparencyForTesting(
++        GetParam());
++  }
++  ~SystemNetworkContextManagerCertificateTransparencyBrowsertest() override {
++    SystemNetworkContextManager::SetEnableCertificateTransparencyForTesting(
++        base::nullopt);
++  }
++};
++
++#if BUILDFLAG(IS_CT_SUPPORTED)
++IN_PROC_BROWSER_TEST_P(
++    SystemNetworkContextManagerCertificateTransparencyBrowsertest,
++    CertificateTransparencyConfig) {
++  network::mojom::NetworkContextParamsPtr context_params =
++      g_browser_process->system_network_context_manager()
++          ->CreateDefaultNetworkContextParams();
++
++  const bool kDefault =
++#if defined(GOOGLE_CHROME_BUILD) && defined(OFFICIAL_BUILD) && \
++    !defined(OS_ANDROID)
++      true;
++#else
++      false;
++#endif
++
++  EXPECT_EQ(GetParam().value_or(kDefault),
++            context_params->enforce_chrome_ct_policy);
++  EXPECT_NE(GetParam().value_or(kDefault), context_params->ct_logs.empty());
++
++  if (GetParam().value_or(kDefault)) {
++    bool has_google_log = false;
++    bool has_disqualified_log = false;
++    for (const auto& ct_log : context_params->ct_logs) {
++      has_google_log |= ct_log->operated_by_google;
++      has_disqualified_log |= ct_log->disqualified_at.has_value();
++    }
++    EXPECT_TRUE(has_google_log);
++    EXPECT_TRUE(has_disqualified_log);
++  }
++}
++#endif
++
++INSTANTIATE_TEST_SUITE_P(
++    ,
++    SystemNetworkContextManagerCertificateTransparencyBrowsertest,
++    ::testing::Values(base::nullopt, true, false));
+diff -up chromium-77.0.3865.75/chrome/browser/net/system_network_context_manager.cc.certificate-transparency chromium-77.0.3865.75/chrome/browser/net/system_network_context_manager.cc
+--- chromium-77.0.3865.75/chrome/browser/net/system_network_context_manager.cc.certificate-transparency	2019-09-09 23:55:09.000000000 +0200
++++ chromium-77.0.3865.75/chrome/browser/net/system_network_context_manager.cc	2019-09-12 16:09:52.819635118 +0200
+@@ -4,11 +4,13 @@
+ 
+ #include "chrome/browser/net/system_network_context_manager.h"
+ 
++#include <algorithm>
+ #include <set>
+ #include <unordered_map>
+ #include <utility>
+ 
+ #include "base/bind.h"
++#include "base/build_time.h"
+ #include "base/command_line.h"
+ #include "base/feature_list.h"
+ #include "base/logging.h"
+@@ -50,6 +52,7 @@
+ #include "content/public/common/mime_handler_view_mode.h"
+ #include "content/public/common/service_names.mojom.h"
+ #include "content/public/common/user_agent.h"
++#include "crypto/sha2.h"
+ #include "mojo/public/cpp/bindings/associated_interface_ptr.h"
+ #include "net/dns/public/util.h"
+ #include "net/net_buildflags.h"
+@@ -79,6 +82,20 @@
+ 
+ namespace {
+ 
++constexpr bool kCertificateTransparencyEnabled =
++#if defined(GOOGLE_CHROME_BUILD) && defined(OFFICIAL_BUILD) && \
++    !defined(OS_ANDROID)
++    // Certificate Transparency is only enabled if:
++    //   - Desktop (!OS_ANDROID); OS_IOS does not use this file
++    //   - base::GetBuildTime() is deterministic to the source (OFFICIAL_BUILD)
++    //   - The build in reliably updatable (GOOGLE_CHROME_BUILD)
++    true;
++#else
++    false;
++#endif
++
++bool g_enable_certificate_transparency = kCertificateTransparencyEnabled;
++
+ // The global instance of the SystemNetworkContextmanager.
+ SystemNetworkContextManager* g_system_network_context_manager = nullptr;
+ 
+@@ -658,14 +675,35 @@ SystemNetworkContextManager::CreateDefau
+ 
+   bool http_09_on_non_default_ports_enabled = false;
+ #if !defined(OS_ANDROID)
+-  // CT is only enabled on Desktop platforms for now.
+-  network_context_params->enforce_chrome_ct_policy = true;
+-  for (const auto& ct_log : certificate_transparency::GetKnownLogs()) {
+-    // TODO(rsleevi): https://crbug.com/702062 - Remove this duplication.
+-    network::mojom::CTLogInfoPtr log_info = network::mojom::CTLogInfo::New();
+-    log_info->public_key = std::string(ct_log.log_key, ct_log.log_key_length);
+-    log_info->name = ct_log.log_name;
+-    network_context_params->ct_logs.push_back(std::move(log_info));
++
++  if (g_enable_certificate_transparency) {
++    network_context_params->enforce_chrome_ct_policy = true;
++    network_context_params->ct_log_update_time = base::GetBuildTime();
++
++    std::vector<std::string> operated_by_google_logs =
++        certificate_transparency::GetLogsOperatedByGoogle();
++    std::vector<std::pair<std::string, base::TimeDelta>> disqualified_logs =
++        certificate_transparency::GetDisqualifiedLogs();
++    for (const auto& ct_log : certificate_transparency::GetKnownLogs()) {
++      // TODO(rsleevi): https://crbug.com/702062 - Remove this duplication.
++      network::mojom::CTLogInfoPtr log_info = network::mojom::CTLogInfo::New();
++      log_info->public_key = std::string(ct_log.log_key, ct_log.log_key_length);
++      log_info->name = ct_log.log_name;
++
++      std::string log_id = crypto::SHA256HashString(log_info->public_key);
++      log_info->operated_by_google =
++          std::binary_search(std::begin(operated_by_google_logs),
++                             std::end(operated_by_google_logs), log_id);
++      auto it = std::lower_bound(
++          std::begin(disqualified_logs), std::end(disqualified_logs), log_id,
++          [](const auto& disqualified_log, const std::string& log_id) {
++            return disqualified_log.first < log_id;
++          });
++      if (it != std::end(disqualified_logs) && it->first == log_id) {
++        log_info->disqualified_at = it->second;
++      }
++      network_context_params->ct_logs.push_back(std::move(log_info));
++    }
+   }
+ 
+   const base::Value* value =
+@@ -723,6 +761,12 @@ SystemNetworkContextManager::GetHttpAuth
+   return CreateHttpAuthDynamicParams(g_browser_process->local_state());
+ }
+ 
++void SystemNetworkContextManager::SetEnableCertificateTransparencyForTesting(
++    base::Optional<bool> enabled) {
++  g_enable_certificate_transparency =
++      enabled.value_or(kCertificateTransparencyEnabled);
++}
++
+ network::mojom::NetworkContextParamsPtr
+ SystemNetworkContextManager::CreateNetworkContextParams() {
+   // TODO(mmenke): Set up parameters here (in memory cookie store, etc).
+diff -up chromium-77.0.3865.75/chrome/browser/net/system_network_context_manager.h.certificate-transparency chromium-77.0.3865.75/chrome/browser/net/system_network_context_manager.h
+--- chromium-77.0.3865.75/chrome/browser/net/system_network_context_manager.h.certificate-transparency	2019-09-09 23:55:09.000000000 +0200
++++ chromium-77.0.3865.75/chrome/browser/net/system_network_context_manager.h	2019-09-12 16:09:52.819635118 +0200
+@@ -139,6 +139,12 @@ class SystemNetworkContextManager {
+   static network::mojom::HttpAuthDynamicParamsPtr
+   GetHttpAuthDynamicParamsForTesting();
+ 
++  // Enables Certificate Transparency and enforcing the Chrome Certificate
++  // Transparency Policy. For test use only. Use base::nullopt_t to reset to
++  // the default state.
++  static void SetEnableCertificateTransparencyForTesting(
++      base::Optional<bool> enabled);
++
+  private:
+   class URLLoaderFactoryForSystem;
+ 
+diff -up chromium-77.0.3865.75/chrome/browser/policy/policy_browsertest.cc.certificate-transparency chromium-77.0.3865.75/chrome/browser/policy/policy_browsertest.cc
+--- chromium-77.0.3865.75/chrome/browser/policy/policy_browsertest.cc.certificate-transparency	2019-09-09 23:55:10.000000000 +0200
++++ chromium-77.0.3865.75/chrome/browser/policy/policy_browsertest.cc	2019-09-12 16:09:52.820635131 +0200
+@@ -4836,7 +4836,7 @@ IN_PROC_BROWSER_TEST_F(PolicyTest,
+             browser()->tab_strip_model()->GetActiveWebContents()->GetTitle());
+ }
+ 
+-IN_PROC_BROWSER_TEST_F(PolicyTest,
++IN_PROC_BROWSER_TEST_F(CertificateTransparencyPolicyTest,
+                        CertificateTransparencyEnforcementDisabledForCas) {
+   net::EmbeddedTestServer https_server_ok(net::EmbeddedTestServer::TYPE_HTTPS);
+   https_server_ok.SetSSLConfig(net::EmbeddedTestServer::CERT_OK);
+diff -up chromium-77.0.3865.75/chrome/browser/ssl/chrome_expect_ct_reporter_browsertest.cc.certificate-transparency chromium-77.0.3865.75/chrome/browser/ssl/chrome_expect_ct_reporter_browsertest.cc
+--- chromium-77.0.3865.75/chrome/browser/ssl/chrome_expect_ct_reporter_browsertest.cc.certificate-transparency	2019-09-09 23:55:10.000000000 +0200
++++ chromium-77.0.3865.75/chrome/browser/ssl/chrome_expect_ct_reporter_browsertest.cc	2019-09-12 16:09:52.821635143 +0200
+@@ -8,6 +8,7 @@
+ #include "base/callback.h"
+ #include "base/run_loop.h"
+ #include "base/test/scoped_feature_list.h"
++#include "chrome/browser/net/system_network_context_manager.h"
+ #include "chrome/browser/profiles/profile.h"
+ #include "chrome/browser/ssl/cert_verifier_browser_test.h"
+ #include "chrome/browser/ui/browser.h"
+@@ -27,7 +28,17 @@ namespace {
+ // received by a server.
+ class ExpectCTBrowserTest : public CertVerifierBrowserTest {
+  public:
+-  ExpectCTBrowserTest() : CertVerifierBrowserTest() {}
++  ExpectCTBrowserTest() : CertVerifierBrowserTest() {
++    // Expect-CT reporting depends on actually enforcing Certificate
++    // Transparency.
++    SystemNetworkContextManager::SetEnableCertificateTransparencyForTesting(
++        true);
++  }
++
++  ~ExpectCTBrowserTest() override {
++    SystemNetworkContextManager::SetEnableCertificateTransparencyForTesting(
++        base::nullopt);
++  }
+ 
+   void SetUpOnMainThread() override {
+     run_loop_ = std::make_unique<base::RunLoop>();
+diff -up chromium-77.0.3865.75/chrome/browser/ssl/security_state_tab_helper_browsertest.cc.certificate-transparency chromium-77.0.3865.75/chrome/browser/ssl/security_state_tab_helper_browsertest.cc
+--- chromium-77.0.3865.75/chrome/browser/ssl/security_state_tab_helper_browsertest.cc.certificate-transparency	2019-09-09 23:55:10.000000000 +0200
++++ chromium-77.0.3865.75/chrome/browser/ssl/security_state_tab_helper_browsertest.cc	2019-09-12 16:09:52.821635143 +0200
+@@ -433,6 +433,13 @@ class SecurityStateTabHelperTest : publi
+   SecurityStateTabHelperTest()
+       : https_server_(net::EmbeddedTestServer::TYPE_HTTPS) {
+     https_server_.ServeFilesFromSourceDirectory(GetChromeTestDataDir());
++    SystemNetworkContextManager::SetEnableCertificateTransparencyForTesting(
++        true);
++  }
++
++  ~SecurityStateTabHelperTest() override {
++    SystemNetworkContextManager::SetEnableCertificateTransparencyForTesting(
++        base::nullopt);
+   }
+ 
+   void SetUpOnMainThread() override {
+diff -up chromium-77.0.3865.75/chrome/browser/ssl/ssl_browsertest.cc.certificate-transparency chromium-77.0.3865.75/chrome/browser/ssl/ssl_browsertest.cc
+--- chromium-77.0.3865.75/chrome/browser/ssl/ssl_browsertest.cc.certificate-transparency	2019-09-09 23:55:10.000000000 +0200
++++ chromium-77.0.3865.75/chrome/browser/ssl/ssl_browsertest.cc	2019-09-12 16:09:52.822635155 +0200
+@@ -1853,8 +1853,14 @@ class CertificateTransparencySSLUITest :
+  public:
+   CertificateTransparencySSLUITest()
+       : CertVerifierBrowserTest(),
+-        https_server_(net::EmbeddedTestServer::TYPE_HTTPS) {}
+-  ~CertificateTransparencySSLUITest() override {}
++        https_server_(net::EmbeddedTestServer::TYPE_HTTPS) {
++    SystemNetworkContextManager::SetEnableCertificateTransparencyForTesting(
++        true);
++  }
++  ~CertificateTransparencySSLUITest() override {
++    SystemNetworkContextManager::SetEnableCertificateTransparencyForTesting(
++        base::nullopt);
++  }
+ 
+   void SetUpOnMainThread() override {
+     CertVerifierBrowserTest::SetUpOnMainThread();
+diff -up chromium-77.0.3865.75/components/certificate_transparency/chrome_ct_policy_enforcer.h.certificate-transparency chromium-77.0.3865.75/components/certificate_transparency/chrome_ct_policy_enforcer.h
+--- chromium-77.0.3865.75/components/certificate_transparency/chrome_ct_policy_enforcer.h.certificate-transparency	2019-09-09 23:55:14.000000000 +0200
++++ chromium-77.0.3865.75/components/certificate_transparency/chrome_ct_policy_enforcer.h	2019-09-12 16:09:52.823635168 +0200
+@@ -45,6 +45,19 @@ class ChromeCTPolicyEnforcer : public ne
+ 
+   void SetClockForTesting(const base::Clock* clock) { clock_ = clock; }
+ 
++  // TODO(https://crbug.com/999240): These are exposed to allow end-to-end
++  // testing by higher layers (i.e. that the ChromeCTPolicyEnforcer is
++  // correctly constructed). When either this issue or https://crbug.com/848277
++  // are fixed, the configuration can be tested independently, and these can
++  // be removed.
++  const std::vector<std::string>& operated_by_google_logs_for_testing() {
++    return operated_by_google_logs_;
++  }
++  const std::vector<std::pair<std::string, base::TimeDelta>>&
++  disqualified_logs_for_testing() {
++    return disqualified_logs_;
++  }
++
+  private:
+   // Returns true if the log identified by |log_id| (the SHA-256 hash of the
+   // log's DER-encoded SPKI) has been disqualified, and sets
+diff -up chromium-77.0.3865.75/services/network/network_context.cc.certificate-transparency chromium-77.0.3865.75/services/network/network_context.cc
+--- chromium-77.0.3865.75/services/network/network_context.cc.certificate-transparency	2019-09-09 23:55:22.000000000 +0200
++++ chromium-77.0.3865.75/services/network/network_context.cc	2019-09-12 16:09:52.823635168 +0200
+@@ -36,6 +36,7 @@
+ #include "components/prefs/pref_registry_simple.h"
+ #include "components/prefs/pref_service.h"
+ #include "components/prefs/pref_service_factory.h"
++#include "crypto/sha2.h"
+ #include "mojo/public/cpp/bindings/strong_binding.h"
+ #include "net/base/layered_network_delegate.h"
+ #include "net/base/load_flags.h"
+@@ -1877,16 +1878,6 @@ URLRequestContextOwner NetworkContext::A
+       base::FeatureList::IsEnabled(features::kNetworkErrorLogging));
+ #endif  // BUILDFLAG(ENABLE_REPORTING)
+ 
+-#if BUILDFLAG(IS_CT_SUPPORTED)
+-  if (params_->enforce_chrome_ct_policy) {
+-    builder->set_ct_policy_enforcer(
+-        std::make_unique<certificate_transparency::ChromeCTPolicyEnforcer>(
+-            base::GetBuildTime(),
+-            certificate_transparency::GetDisqualifiedLogs(),
+-            certificate_transparency::GetLogsOperatedByGoogle()));
+-  }
+-#endif  // BUILDFLAG(IS_CT_SUPPORTED)
+-
+   net::HttpNetworkSession::Params session_params;
+   bool is_quic_force_disabled = false;
+   if (network_service_ && network_service_->quic_disabled())
+@@ -1936,8 +1927,20 @@ URLRequestContextOwner NetworkContext::A
+ 
+ #if BUILDFLAG(IS_CT_SUPPORTED)
+   std::vector<scoped_refptr<const net::CTLogVerifier>> ct_logs;
++  std::vector<std::pair<std::string, base::TimeDelta>> disqualified_logs;
++  std::vector<std::string> operated_by_google_logs;
++
+   if (!params_->ct_logs.empty()) {
+     for (const auto& log : params_->ct_logs) {
++      if (log->operated_by_google || log->disqualified_at) {
++        std::string log_id = crypto::SHA256HashString(log->public_key);
++        if (log->operated_by_google)
++          operated_by_google_logs.push_back(log_id);
++        if (log->disqualified_at) {
++          disqualified_logs.push_back(
++              std::make_pair(log_id, log->disqualified_at.value()));
++        }
++      }
+       scoped_refptr<const net::CTLogVerifier> log_verifier =
+           net::CTLogVerifier::Create(log->public_key, log->name);
+       if (!log_verifier) {
+@@ -1950,6 +1953,17 @@ URLRequestContextOwner NetworkContext::A
+     ct_verifier->AddLogs(ct_logs);
+     builder->set_ct_verifier(std::move(ct_verifier));
+   }
++
++  if (params_->enforce_chrome_ct_policy) {
++    std::sort(std::begin(operated_by_google_logs),
++              std::end(operated_by_google_logs));
++    std::sort(std::begin(disqualified_logs), std::end(disqualified_logs));
++
++    builder->set_ct_policy_enforcer(
++        std::make_unique<certificate_transparency::ChromeCTPolicyEnforcer>(
++            params_->ct_log_update_time, disqualified_logs,
++            operated_by_google_logs));
++  }
+ #endif  // BUILDFLAG(IS_CT_SUPPORTED)
+ 
+   const base::CommandLine* command_line =
+diff -up chromium-77.0.3865.75/services/network/network_context_unittest.cc.certificate-transparency chromium-77.0.3865.75/services/network/network_context_unittest.cc
+--- chromium-77.0.3865.75/services/network/network_context_unittest.cc.certificate-transparency	2019-09-09 23:55:22.000000000 +0200
++++ chromium-77.0.3865.75/services/network/network_context_unittest.cc	2019-09-12 16:13:10.479056669 +0200
+@@ -2,6 +2,7 @@
+ // Use of this source code is governed by a BSD-style license that can be
+ // found in the LICENSE file.
+ 
++#include <algorithm>
+ #include <map>
+ #include <memory>
+ #include <string>
+@@ -38,10 +39,12 @@
+ #include "base/threading/thread_task_runner_handle.h"
+ #include "base/time/default_clock.h"
+ #include "base/time/default_tick_clock.h"
++#include "base/time/time.h"
+ #include "build/build_config.h"
+ #include "components/network_session_configurator/browser/network_session_configurator.h"
+ #include "components/network_session_configurator/common/network_switches.h"
+ #include "components/prefs/testing_pref_service.h"
++#include "crypto/sha2.h"
+ #include "mojo/public/cpp/bindings/remote.h"
+ #include "mojo/public/cpp/bindings/self_owned_receiver.h"
+ #include "mojo/public/cpp/system/data_pipe_utils.h"
+@@ -115,6 +118,11 @@
+ #include "url/scheme_host_port.h"
+ #include "url/url_constants.h"
+ 
++#if BUILDFLAG(IS_CT_SUPPORTED)
++#include "components/certificate_transparency/chrome_ct_policy_enforcer.h"
++#include "services/network/public/mojom/ct_log_info.mojom.h"
++#endif
++
+ #if !BUILDFLAG(DISABLE_FTP_SUPPORT)
+ #include "net/ftp/ftp_auth_cache.h"
+ #endif  // !BUILDFLAG(DISABLE_FTP_SUPPORT)
+@@ -5958,6 +5966,72 @@ TEST_F(NetworkContextSplitCacheTest,
+       true /* was_cached */, true /* is_navigation */);
+ }
+ 
++#if BUILDFLAG(IS_CT_SUPPORTED)
++TEST_F(NetworkContextTest, CertificateTransparencyConfig) {
++  mojom::NetworkContextParamsPtr params = CreateContextParams();
++  params->enforce_chrome_ct_policy = true;
++  params->ct_log_update_time = base::Time::Now();
++
++  // The log public keys do not matter for the test, so invalid keys are used.
++  // However, because the log IDs are derived from the SHA-256 hash of the log
++  // key, the log keys are generated such that qualified logs are in the form
++  // of four digits (e.g. "0000", "1111"), while disqualified logs are in the
++  // form of four letters (e.g. "AAAA", "BBBB").
++
++  for (int i = 0; i < 6; ++i) {
++    network::mojom::CTLogInfoPtr log_info = network::mojom::CTLogInfo::New();
++    // Shift to ASCII '0' (0x30)
++    log_info->public_key = std::string(4, 0x30 + static_cast<char>(i));
++    log_info->name = std::string(4, 0x30 + static_cast<char>(i));
++    log_info->operated_by_google = i % 2;
++
++    params->ct_logs.push_back(std::move(log_info));
++  }
++  for (int i = 0; i < 3; ++i) {
++    network::mojom::CTLogInfoPtr log_info = network::mojom::CTLogInfo::New();
++    // Shift to ASCII 'A' (0x41)
++    log_info->public_key = std::string(4, 0x41 + static_cast<char>(i));
++    log_info->name = std::string(4, 0x41 + static_cast<char>(i));
++    log_info->operated_by_google = false;
++    log_info->disqualified_at = base::TimeDelta::FromSeconds(i);
++
++    params->ct_logs.push_back(std::move(log_info));
++  }
++  std::unique_ptr<NetworkContext> network_context =
++      CreateContextWithParams(std::move(params));
++
++  net::CTPolicyEnforcer* request_enforcer =
++      network_context->url_request_context()->ct_policy_enforcer();
++  ASSERT_TRUE(request_enforcer);
++
++  // Completely unsafe if |enforce_chrome_ct_policy| is false.
++  certificate_transparency::ChromeCTPolicyEnforcer* policy_enforcer =
++      reinterpret_cast<certificate_transparency::ChromeCTPolicyEnforcer*>(
++          request_enforcer);
++
++  EXPECT_TRUE(std::is_sorted(
++      policy_enforcer->operated_by_google_logs_for_testing().begin(),
++      policy_enforcer->operated_by_google_logs_for_testing().end()));
++  EXPECT_TRUE(
++      std::is_sorted(policy_enforcer->disqualified_logs_for_testing().begin(),
++                     policy_enforcer->disqualified_logs_for_testing().end()));
++
++  EXPECT_THAT(
++      policy_enforcer->operated_by_google_logs_for_testing(),
++      ::testing::UnorderedElementsAreArray({crypto::SHA256HashString("1111"),
++                                            crypto::SHA256HashString("3333"),
++                                            crypto::SHA256HashString("5555")}));
++  EXPECT_THAT(policy_enforcer->disqualified_logs_for_testing(),
++              ::testing::UnorderedElementsAre(
++                  ::testing::Pair(crypto::SHA256HashString("AAAA"),
++                                  base::TimeDelta::FromSeconds(0)),
++                  ::testing::Pair(crypto::SHA256HashString("BBBB"),
++                                  base::TimeDelta::FromSeconds(1)),
++                  ::testing::Pair(crypto::SHA256HashString("CCCC"),
++                                  base::TimeDelta::FromSeconds(2))));
++}
++#endif
++
+ }  // namespace
+ 
+ }  // namespace network
+diff -up chromium-77.0.3865.75/services/network/public/mojom/ct_log_info.mojom.certificate-transparency chromium-77.0.3865.75/services/network/public/mojom/ct_log_info.mojom
+--- chromium-77.0.3865.75/services/network/public/mojom/ct_log_info.mojom.certificate-transparency	2019-09-09 23:55:22.000000000 +0200
++++ chromium-77.0.3865.75/services/network/public/mojom/ct_log_info.mojom	2019-09-12 16:09:52.824635180 +0200
+@@ -4,6 +4,8 @@
+ 
+ module network.mojom;
+ 
++import "mojo/public/mojom/base/time.mojom";
++
+ // A single Certificate Transparency Log configuration.
+ struct CTLogInfo {
+   // The DER-encoded SubjectPublicKeyInfo of the log.
+@@ -14,4 +16,13 @@ struct CTLogInfo {
+   // The human-readable, log-supplied log name. Note that this will not be
+   // translated.
+   string name;
++
++  // Whether or not the log should should be considered a Google Log for the
++  // purposes of enforcing the "Certificate Transparency in Chrome" policy.
++  bool operated_by_google = false;
++
++  // If set, the time since the Unix Epoch when the log was disqualified. This
++  // is used to determine the "once or currently qualified" status of the log.
++  // If the log is currently qualified, this will not be set.
++  mojo_base.mojom.TimeDelta? disqualified_at;
+ };
+diff -up chromium-77.0.3865.75/services/network/public/mojom/network_context.mojom.certificate-transparency chromium-77.0.3865.75/services/network/public/mojom/network_context.mojom
+--- chromium-77.0.3865.75/services/network/public/mojom/network_context.mojom.certificate-transparency	2019-09-09 23:55:22.000000000 +0200
++++ chromium-77.0.3865.75/services/network/public/mojom/network_context.mojom	2019-09-12 16:09:52.825635192 +0200
+@@ -239,15 +239,6 @@ struct NetworkContextParams {
+   [EnableIf=is_android]
+   bool check_clear_text_permitted = false;
+ 
+-  // True if the "Certificate Transparency in Chrome" policy (see
+-  // https://github.com/chromium/ct-policy/blob/master/ct_policy.md) should
+-  // be enforced for certificates and connections.
+-  //
+-  // See //net/docs/certificate-transparency.md before setting this flag to
+-  // true.
+-  [EnableIf=is_ct_supported]
+-  bool enforce_chrome_ct_policy = false;
+-
+   // Enables HTTP/0.9 on ports other than 80 for HTTP and 443 for HTTPS.
+   bool http_09_on_non_default_ports_enabled = false;
+ 
+@@ -300,6 +291,15 @@ struct NetworkContextParams {
+   // servers, so they can discover misconfigurations.
+   bool enable_certificate_reporting = false;
+ 
++  // True if the "Certificate Transparency in Chrome" policy (see
++  // https://github.com/chromium/ct-policy/blob/master/ct_policy.md) should
++  // be enforced for certificates and connections.
++  //
++  // See //net/docs/certificate-transparency.md before setting this flag to
++  // true.
++  [EnableIf=is_ct_supported]
++  bool enforce_chrome_ct_policy = false;
++
+   // Enables Expect CT reporting, which sends reports for opted-in sites that
+   // don't serve sufficient Certificate Transparency information.
+   [EnableIf=is_ct_supported]
+@@ -311,6 +311,13 @@ struct NetworkContextParams {
+   [EnableIf=is_ct_supported]
+   array<CTLogInfo> ct_logs;
+ 
++  // When the Certificate Transparency logs in |ct_logs| were last updated. If
++  // |enforce_chrome_ct_policy| is set, and |ct_log_update_time| is not
++  // sufficiently recent, enforcement of the "Certificate Transparency in
++  // Chrome" policy will be disabled.
++  [EnableIf=is_ct_supported]
++  mojo_base.mojom.Time ct_log_update_time;
++
+   // Specifies the path to the directory where NSS will store its database.
+   [EnableIf=is_chromeos]
+   mojo_base.mojom.FilePath? nss_path;
diff --git a/chromium-77.0.3865.75-gcc-abstract-class.patch b/chromium-77.0.3865.75-gcc-abstract-class.patch
new file mode 100644
index 00000000..6d77299e
--- /dev/null
+++ b/chromium-77.0.3865.75-gcc-abstract-class.patch
@@ -0,0 +1,61 @@
+From f08cb0022527081c078e8b96062e6c9b4fbda151 Mon Sep 17 00:00:00 2001
+From: Jose Dapena Paz <jose.dapena@lge.com>
+Date: Fri, 26 Jul 2019 16:48:06 +0000
+Subject: [PATCH] BinaryUploadService: change parameter passing that cannot afford abstract class
+
+The method UploadForDeepScanning gets a Request as parameter. But Request is an
+abstract class, so GCC will not allow that declaration (polimorphycs should be
+passed by reference). Use std::unique_ptr so BinaryUploadService can assume
+ownership.
+
+Bug: 819294
+Change-Id: I9e8c75cc92b01abd704d9049b0421555377da5ba
+Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1713550
+Reviewed-by: Daniel Rubery <drubery@chromium.org>
+Commit-Queue: José Dapena Paz <jose.dapena@lge.com>
+Cr-Commit-Position: refs/heads/master@{#681333}
+---
+
+diff --git a/chrome/browser/safe_browsing/download_protection/binary_upload_service.cc b/chrome/browser/safe_browsing/download_protection/binary_upload_service.cc
+index 6430c89..4e90487 100644
+--- a/chrome/browser/safe_browsing/download_protection/binary_upload_service.cc
++++ b/chrome/browser/safe_browsing/download_protection/binary_upload_service.cc
+@@ -10,7 +10,7 @@
+ namespace safe_browsing {
+ 
+ void BinaryUploadService::UploadForDeepScanning(
+-    BinaryUploadService::Request request) {
++    std::unique_ptr<BinaryUploadService::Request> request) {
+   DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
+   NOTREACHED();
+ }
+diff --git a/chrome/browser/safe_browsing/download_protection/binary_upload_service.h b/chrome/browser/safe_browsing/download_protection/binary_upload_service.h
+index d2dfd83..9b6f395 100644
+--- a/chrome/browser/safe_browsing/download_protection/binary_upload_service.h
++++ b/chrome/browser/safe_browsing/download_protection/binary_upload_service.h
+@@ -5,6 +5,8 @@
+ #ifndef CHROME_BROWSER_SAFE_BROWSING_DOWNLOAD_PROTECTION_BINARY_UPLOAD_SERVICE_H_
+ #define CHROME_BROWSER_SAFE_BROWSING_DOWNLOAD_PROTECTION_BINARY_UPLOAD_SERVICE_H_
+ 
++#include <memory>
++
+ #include "base/callback.h"
+ #include "components/safe_browsing/proto/webprotect.pb.h"
+ 
+@@ -40,6 +42,7 @@
+    public:
+     // |callback| will run on the UI thread.
+     explicit Request(Callback callback);
++    virtual ~Request() = default;
+     Request(const Request&) = delete;
+     Request& operator=(const Request&) = delete;
+ 
+@@ -67,7 +70,7 @@
+   // Upload the given file contents for deep scanning. The results will be
+   // returned asynchronously by calling |request|'s |callback|. This must be
+   // called on the UI thread.
+-  void UploadForDeepScanning(Request request);
++  void UploadForDeepScanning(std::unique_ptr<Request> request);
+ };
+ 
+ }  // namespace safe_browsing
diff --git a/chromium-77.0.3865.75-harfbuzz-subset.patch b/chromium-77.0.3865.75-harfbuzz-subset.patch
new file mode 100644
index 00000000..55d78d19
--- /dev/null
+++ b/chromium-77.0.3865.75-harfbuzz-subset.patch
@@ -0,0 +1,49 @@
+From 27e25336b8316ff3ec4e464058682ed85801fd06 Mon Sep 17 00:00:00 2001
+From: Raphael Kubo da Costa <raphael.kubo.da.costa@intel.com>
+Date: Mon, 29 Jul 2019 10:54:28 +0000
+Subject: [PATCH] Also link against libharfbuzz-subset when use_system_harfbuzz is true
+
+When building HarfBuzz as part of Chromium, there is a single source set
+with all the files we need in the build.
+
+Upstream HarfBuzz, on the other hand, produces a few different libraries:
+harfbuzz, harfbuzz-icu and harfbuzz-subset.  When |use_system_harfbuzz| is
+true, we were only looking for (and using) harfbuzz.pc with pkg-config even
+though we also use symbols from libharfbuzz-subset.so. This resulted in
+errors when linking:
+
+    ld: obj/skia/skia/SkPDFSubsetFont.o: in function `SkPDFSubsetFont(sk_sp<SkData>, SkPDFGlyphUse const&, SkPDF::Metadata::Subsetter, char const*, int)':
+    SkPDFSubsetFont.cpp:(.text._Z15SkPDFSubsetFont5sk_spI6SkDataERK13SkPDFGlyphUseN5SkPDF8Metadata9SubsetterEPKci+0x48a): undefined reference to `hb_subset_input_create_or_fail'
+    ld: SkPDFSubsetFont.cpp:(.text._Z15SkPDFSubsetFont5sk_spI6SkDataERK13SkPDFGlyphUseN5SkPDF8Metadata9SubsetterEPKci+0x4af): undefined reference to `hb_subset_input_glyph_set'
+    ld: SkPDFSubsetFont.cpp:(.text._Z15SkPDFSubsetFont5sk_spI6SkDataERK13SkPDFGlyphUseN5SkPDF8Metadata9SubsetterEPKci+0x5d7): undefined reference to `hb_subset_input_set_retain_gids'
+    ld: SkPDFSubsetFont.cpp:(.text._Z15SkPDFSubsetFont5sk_spI6SkDataERK13SkPDFGlyphUseN5SkPDF8Metadata9SubsetterEPKci+0x5e4): undefined reference to `hb_subset_input_set_drop_hints'
+    ld: SkPDFSubsetFont.cpp:(.text._Z15SkPDFSubsetFont5sk_spI6SkDataERK13SkPDFGlyphUseN5SkPDF8Metadata9SubsetterEPKci+0x5f3): undefined reference to `hb_subset'
+    ld: SkPDFSubsetFont.cpp:(.text._Z15SkPDFSubsetFont5sk_spI6SkDataERK13SkPDFGlyphUseN5SkPDF8Metadata9SubsetterEPKci+0x66f): undefined reference to `hb_subset_input_destroy'
+
+as reported in
+https://groups.google.com/a/chromium.org/d/msg/chromium-packagers/UyJsVJ5QqWo/jSv5z7-rEQAJ
+
+Change-Id: I997af075c7b7263cd7cc71a63db5b0f93bd1ab59
+Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1715288
+Auto-Submit: Raphael Kubo da Costa <raphael.kubo.da.costa@intel.com>
+Commit-Queue: Dominik Röttsches <drott@chromium.org>
+Reviewed-by: Dominik Röttsches <drott@chromium.org>
+Cr-Commit-Position: refs/heads/master@{#681760}
+---
+
+diff --git a/third_party/harfbuzz-ng/BUILD.gn b/third_party/harfbuzz-ng/BUILD.gn
+index 37d8e33..72013eb1d 100644
+--- a/third_party/harfbuzz-ng/BUILD.gn
++++ b/third_party/harfbuzz-ng/BUILD.gn
+@@ -16,7 +16,10 @@
+       "//third_party:freetype_harfbuzz",
+       "//third_party/freetype:freetype_source",
+     ]
+-    packages = [ "harfbuzz" ]
++    packages = [
++      "harfbuzz",
++      "harfbuzz-subset",
++    ]
+   }
+ } else {
+   config("harfbuzz_config") {
diff --git a/chromium-77.0.3865.75-missing-limits.patch b/chromium-77.0.3865.75-missing-limits.patch
new file mode 100644
index 00000000..3ac1770f
--- /dev/null
+++ b/chromium-77.0.3865.75-missing-limits.patch
@@ -0,0 +1,28 @@
+From 5baf7df7f4c5971dab552897eeef94b194650ce5 Mon Sep 17 00:00:00 2001
+From: Dave Tapuska <dtapuska@chromium.org>
+Date: Mon, 12 Aug 2019 22:30:13 +0000
+Subject: [PATCH] Fix build failure due to missing include for std::numeric_limits usage.
+
+Some configurations fail to build, limits should have been included.
+
+BUG=992832
+
+Change-Id: I894ba0543bfcef101c93259e39a31d12ae6d035c
+Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1747981
+Commit-Queue: Dave Tapuska <dtapuska@chromium.org>
+Reviewed-by: Mostyn Bramley-Moore <mostynb@vewd.com>
+Cr-Commit-Position: refs/heads/master@{#686214}
+---
+
+diff --git a/third_party/blink/renderer/platform/exported/web_time_range.cc b/third_party/blink/renderer/platform/exported/web_time_range.cc
+index 384566a..68d83e1 100644
+--- a/third_party/blink/renderer/platform/exported/web_time_range.cc
++++ b/third_party/blink/renderer/platform/exported/web_time_range.cc
+@@ -31,6 +31,7 @@
+ #include "third_party/blink/public/platform/web_time_range.h"
+ 
+ #include <cmath>
++#include <limits>
+ 
+ namespace blink {
+ 
diff --git a/chromium-77.0.3865.75-unbundle-zlib.patch b/chromium-77.0.3865.75-unbundle-zlib.patch
new file mode 100644
index 00000000..d6c45ad8
--- /dev/null
+++ b/chromium-77.0.3865.75-unbundle-zlib.patch
@@ -0,0 +1,25 @@
+From e1bbdec720a333937bd1b990ae0f7ee97db0d3b0 Mon Sep 17 00:00:00 2001
+From: Your Name <you@example.com>
+Date: Fri, 28 Jun 2019 15:56:23 +0000
+Subject: [PATCH] update zlib
+
+---
+ third_party/perfetto/gn/BUILD.gn | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/third_party/perfetto/gn/BUILD.gn b/third_party/perfetto/gn/BUILD.gn
+index c951f5f..297eee3 100644
+--- a/third_party/perfetto/gn/BUILD.gn
++++ b/third_party/perfetto/gn/BUILD.gn
+@@ -200,7 +200,7 @@ group("zlib") {
+       "//buildtools:zlib",
+     ]
+   } else if (build_with_chromium) {
+-    public_configs = [ "//third_party/zlib:zlib_config" ]
++    public_configs = [ "//third_party/zlib:system_zlib" ]
+     public_deps = [
+       "//third_party/zlib",
+     ]
+-- 
+2.21.0
+
diff --git a/chromium-77.0.3865.90-linked-hash-set.patch b/chromium-77.0.3865.90-linked-hash-set.patch
new file mode 100644
index 00000000..f921f1aa
--- /dev/null
+++ b/chromium-77.0.3865.90-linked-hash-set.patch
@@ -0,0 +1,130 @@
+From 74138b9febd37eac0fc26b8efb110014a83a52c6 Mon Sep 17 00:00:00 2001
+From: Jeremy Roman <jbroman@chromium.org>
+Date: Wed, 07 Aug 2019 13:26:48 +0000
+Subject: [PATCH] WTF: Make LinkedHashSet understand values for which memset initialization would be bad.
+
+Includes a unit test which fails before, and uses this to fix FontCacheKeyTraits.
+
+Bug: 980025
+Change-Id: If41f97444c7fd37b9b95d6dadaf3da5689079e9e
+Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1739948
+Reviewed-by: Kentaro Hara <haraken@chromium.org>
+Reviewed-by: Yutaka Hirano <yhirano@chromium.org>
+Commit-Queue: Jeremy Roman <jbroman@chromium.org>
+Cr-Commit-Position: refs/heads/master@{#684731}
+---
+
+diff --git a/third_party/blink/renderer/platform/fonts/font_cache_key.h b/third_party/blink/renderer/platform/fonts/font_cache_key.h
+index 0efc8fb..90063cb 100644
+--- a/third_party/blink/renderer/platform/fonts/font_cache_key.h
++++ b/third_party/blink/renderer/platform/fonts/font_cache_key.h
+@@ -133,6 +133,10 @@
+ 
+ struct FontCacheKeyTraits : WTF::SimpleClassHashTraits<FontCacheKey> {
+   STATIC_ONLY(FontCacheKeyTraits);
++
++  // std::string's empty state need not be zero in all implementations,
++  // and it is held within FontFaceCreationParams.
++  static const bool kEmptyValueIsZero = false;
+ };
+ 
+ }  // namespace blink
+diff --git a/third_party/blink/renderer/platform/wtf/linked_hash_set.h b/third_party/blink/renderer/platform/wtf/linked_hash_set.h
+index b35b6e9..77e524c 100644
+--- a/third_party/blink/renderer/platform/wtf/linked_hash_set.h
++++ b/third_party/blink/renderer/platform/wtf/linked_hash_set.h
+@@ -146,6 +146,11 @@
+                     LinkedHashSetNodeBase* next)
+       : LinkedHashSetNodeBase(prev, next), value_(value) {}
+ 
++  LinkedHashSetNode(ValueArg&& value,
++                    LinkedHashSetNodeBase* prev,
++                    LinkedHashSetNodeBase* next)
++      : LinkedHashSetNodeBase(prev, next), value_(std::move(value)) {}
++
+   LinkedHashSetNode(LinkedHashSetNode&& other)
+       : LinkedHashSetNodeBase(std::move(other)),
+         value_(std::move(other.value_)) {}
+@@ -445,10 +450,13 @@
+ 
+   // The slot is empty when the next_ field is zero so it's safe to zero
+   // the backing.
+-  static const bool kEmptyValueIsZero = true;
++  static const bool kEmptyValueIsZero = ValueTraits::kEmptyValueIsZero;
+ 
+   static const bool kHasIsEmptyValueFunction = true;
+   static bool IsEmptyValue(const Node& node) { return !node.next_; }
++  static Node EmptyValue() {
++    return Node(ValueTraits::EmptyValue(), nullptr, nullptr);
++  }
+ 
+   static const int kDeletedValue = -1;
+ 
+diff --git a/third_party/blink/renderer/platform/wtf/list_hash_set_test.cc b/third_party/blink/renderer/platform/wtf/list_hash_set_test.cc
+index 4c3f899..cd1be00 100644
+--- a/third_party/blink/renderer/platform/wtf/list_hash_set_test.cc
++++ b/third_party/blink/renderer/platform/wtf/list_hash_set_test.cc
+@@ -487,6 +487,7 @@
+ };
+ 
+ struct Complicated {
++  Complicated() : Complicated(0) {}
+   Complicated(int value) : simple_(value) { objects_constructed_++; }
+ 
+   Complicated(const Complicated& other) : simple_(other.simple_) {
+@@ -495,9 +496,6 @@
+ 
+   Simple simple_;
+   static int objects_constructed_;
+-
+- private:
+-  Complicated() = delete;
+ };
+ 
+ int Complicated::objects_constructed_ = 0;
+@@ -731,4 +729,45 @@
+ 
+ }  // anonymous namespace
+ 
++// A unit type which objects to its state being initialized wrong.
++struct InvalidZeroValue {
++  InvalidZeroValue() = default;
++  InvalidZeroValue(WTF::HashTableDeletedValueType) : deleted_(true) {}
++  ~InvalidZeroValue() { CHECK(ok_); }
++  bool IsHashTableDeletedValue() const { return deleted_; }
++
++  bool ok_ = true;
++  bool deleted_ = false;
++};
++
++template <>
++struct HashTraits<InvalidZeroValue> : SimpleClassHashTraits<InvalidZeroValue> {
++  static const bool kEmptyValueIsZero = false;
++};
++
++template <>
++struct DefaultHash<InvalidZeroValue> {
++  struct Hash {
++    static unsigned GetHash(const InvalidZeroValue&) { return 0; }
++    static bool Equal(const InvalidZeroValue&, const InvalidZeroValue&) {
++      return true;
++    }
++  };
++};
++
++template <typename Set>
++class ListOrLinkedHashSetInvalidZeroTest : public testing::Test {};
++
++using InvalidZeroValueSetTypes =
++    testing::Types<ListHashSet<InvalidZeroValue>,
++                   ListHashSet<InvalidZeroValue, 1>,
++                   LinkedHashSet<InvalidZeroValue>>;
++TYPED_TEST_SUITE(ListOrLinkedHashSetInvalidZeroTest, InvalidZeroValueSetTypes);
++
++TYPED_TEST(ListOrLinkedHashSetInvalidZeroTest, InvalidZeroValue) {
++  using Set = TypeParam;
++  Set set;
++  set.insert(InvalidZeroValue());
++}
++
+ }  // namespace WTF
diff --git a/chromium-79.0.3945.56-el7-noexcept.patch b/chromium-80.0.3987.132-el7-noexcept.patch
similarity index 54%
rename from chromium-79.0.3945.56-el7-noexcept.patch
rename to chromium-80.0.3987.132-el7-noexcept.patch
index 22c4ac53..cad8a6b3 100644
--- a/chromium-79.0.3945.56-el7-noexcept.patch
+++ b/chromium-80.0.3987.132-el7-noexcept.patch
@@ -1,6 +1,6 @@
-diff -up chromium-79.0.3945.56/chrome/common/media_router/media_sink.cc.el7-noexcept chromium-79.0.3945.56/chrome/common/media_router/media_sink.cc
---- chromium-79.0.3945.56/chrome/common/media_router/media_sink.cc.el7-noexcept	2019-11-26 16:50:43.000000000 -0500
-+++ chromium-79.0.3945.56/chrome/common/media_router/media_sink.cc	2019-12-03 12:55:19.129613273 -0500
+diff -up chromium-80.0.3987.132/chrome/common/media_router/media_sink.cc.el7-noexcept chromium-80.0.3987.132/chrome/common/media_router/media_sink.cc
+--- chromium-80.0.3987.132/chrome/common/media_router/media_sink.cc.el7-noexcept	2020-03-03 13:53:03.000000000 -0500
++++ chromium-80.0.3987.132/chrome/common/media_router/media_sink.cc	2020-03-11 10:47:13.352162096 -0400
 @@ -19,12 +19,12 @@ MediaSink::MediaSink(const MediaSink::Id
        provider_id_(provider_id) {}
  
@@ -16,9 +16,9 @@ diff -up chromium-79.0.3945.56/chrome/common/media_router/media_sink.cc.el7-noex
  
  bool MediaSink::IsMaybeCloudSink() const {
    switch (icon_type_) {
-diff -up chromium-79.0.3945.56/components/history/core/browser/history_types.cc.el7-noexcept chromium-79.0.3945.56/components/history/core/browser/history_types.cc
---- chromium-79.0.3945.56/components/history/core/browser/history_types.cc.el7-noexcept	2019-11-26 16:50:45.000000000 -0500
-+++ chromium-79.0.3945.56/components/history/core/browser/history_types.cc	2019-12-03 12:55:19.178612170 -0500
+diff -up chromium-80.0.3987.132/components/history/core/browser/history_types.cc.el7-noexcept chromium-80.0.3987.132/components/history/core/browser/history_types.cc
+--- chromium-80.0.3987.132/components/history/core/browser/history_types.cc.el7-noexcept	2020-03-03 13:53:53.000000000 -0500
++++ chromium-80.0.3987.132/components/history/core/browser/history_types.cc	2020-03-11 10:47:13.352162096 -0400
 @@ -42,7 +42,7 @@ QueryResults::QueryResults(QueryResults&
    Swap(&other);
  }
@@ -37,9 +37,9 @@ diff -up chromium-79.0.3945.56/components/history/core/browser/history_types.cc.
  
  // MostVisitedURL --------------------------------------------------------------
  
-diff -up chromium-79.0.3945.56/components/history/core/browser/history_types.h.el7-noexcept chromium-79.0.3945.56/components/history/core/browser/history_types.h
---- chromium-79.0.3945.56/components/history/core/browser/history_types.h.el7-noexcept	2019-11-26 16:52:30.000000000 -0500
-+++ chromium-79.0.3945.56/components/history/core/browser/history_types.h	2019-12-03 12:55:19.184612035 -0500
+diff -up chromium-80.0.3987.132/components/history/core/browser/history_types.h.el7-noexcept chromium-80.0.3987.132/components/history/core/browser/history_types.h
+--- chromium-80.0.3987.132/components/history/core/browser/history_types.h.el7-noexcept	2020-03-03 13:53:53.000000000 -0500
++++ chromium-80.0.3987.132/components/history/core/browser/history_types.h	2020-03-11 10:47:13.352162096 -0400
 @@ -141,7 +141,7 @@ class QueryResults {
    ~QueryResults();
  
@@ -58,9 +58,9 @@ diff -up chromium-79.0.3945.56/components/history/core/browser/history_types.h.e
    ~QueryURLResult();
  
    // Indicates whether the call to HistoryBackend::QueryURL was successfull
-diff -up chromium-79.0.3945.56/components/history/core/browser/url_row.cc.el7-noexcept chromium-79.0.3945.56/components/history/core/browser/url_row.cc
---- chromium-79.0.3945.56/components/history/core/browser/url_row.cc.el7-noexcept	2019-11-26 16:50:45.000000000 -0500
-+++ chromium-79.0.3945.56/components/history/core/browser/url_row.cc	2019-12-03 12:55:19.211611428 -0500
+diff -up chromium-80.0.3987.132/components/history/core/browser/url_row.cc.el7-noexcept chromium-80.0.3987.132/components/history/core/browser/url_row.cc
+--- chromium-80.0.3987.132/components/history/core/browser/url_row.cc.el7-noexcept	2020-03-03 13:53:05.000000000 -0500
++++ chromium-80.0.3987.132/components/history/core/browser/url_row.cc	2020-03-11 10:47:13.352162096 -0400
 @@ -26,7 +26,7 @@ URLRow::~URLRow() {
  }
  
@@ -70,9 +70,9 @@ diff -up chromium-79.0.3945.56/components/history/core/browser/url_row.cc.el7-no
  
  void URLRow::Swap(URLRow* other) {
    std::swap(id_, other->id_);
-diff -up chromium-79.0.3945.56/components/omnibox/browser/suggestion_answer.cc.el7-noexcept chromium-79.0.3945.56/components/omnibox/browser/suggestion_answer.cc
---- chromium-79.0.3945.56/components/omnibox/browser/suggestion_answer.cc.el7-noexcept	2019-11-26 16:50:45.000000000 -0500
-+++ chromium-79.0.3945.56/components/omnibox/browser/suggestion_answer.cc	2019-12-03 12:55:19.240610775 -0500
+diff -up chromium-80.0.3987.132/components/omnibox/browser/suggestion_answer.cc.el7-noexcept chromium-80.0.3987.132/components/omnibox/browser/suggestion_answer.cc
+--- chromium-80.0.3987.132/components/omnibox/browser/suggestion_answer.cc.el7-noexcept	2020-03-03 13:53:06.000000000 -0500
++++ chromium-80.0.3987.132/components/omnibox/browser/suggestion_answer.cc	2020-03-11 10:47:13.352162096 -0400
 @@ -60,7 +60,7 @@ SuggestionAnswer::TextField::TextField(T
  SuggestionAnswer::TextField& SuggestionAnswer::TextField::operator=(
      const TextField&) = default;
@@ -82,9 +82,9 @@ diff -up chromium-79.0.3945.56/components/omnibox/browser/suggestion_answer.cc.e
  
  // static
  bool SuggestionAnswer::TextField::ParseTextField(const base::Value& field_json,
-diff -up chromium-79.0.3945.56/components/policy/core/common/policy_map.cc.el7-noexcept chromium-79.0.3945.56/components/policy/core/common/policy_map.cc
---- chromium-79.0.3945.56/components/policy/core/common/policy_map.cc.el7-noexcept	2019-12-03 12:55:19.241610753 -0500
-+++ chromium-79.0.3945.56/components/policy/core/common/policy_map.cc	2019-12-03 13:45:18.433948708 -0500
+diff -up chromium-80.0.3987.132/components/policy/core/common/policy_map.cc.el7-noexcept chromium-80.0.3987.132/components/policy/core/common/policy_map.cc
+--- chromium-80.0.3987.132/components/policy/core/common/policy_map.cc.el7-noexcept	2020-03-03 13:53:53.000000000 -0500
++++ chromium-80.0.3987.132/components/policy/core/common/policy_map.cc	2020-03-11 10:47:13.353162076 -0400
 @@ -52,7 +52,7 @@ PolicyMap::Entry::Entry(
  PolicyMap::Entry::~Entry() = default;
  
@@ -94,9 +94,9 @@ diff -up chromium-79.0.3945.56/components/policy/core/common/policy_map.cc.el7-n
  
  PolicyMap::Entry PolicyMap::Entry::DeepCopy() const {
    Entry copy(level, scope, source, value ? value->CreateDeepCopy() : nullptr,
-diff -up chromium-79.0.3945.56/components/search_provider_logos/logo_common.cc.el7-noexcept chromium-79.0.3945.56/components/search_provider_logos/logo_common.cc
---- chromium-79.0.3945.56/components/search_provider_logos/logo_common.cc.el7-noexcept	2019-11-26 16:50:45.000000000 -0500
-+++ chromium-79.0.3945.56/components/search_provider_logos/logo_common.cc	2019-12-03 12:55:19.242610730 -0500
+diff -up chromium-80.0.3987.132/components/search_provider_logos/logo_common.cc.el7-noexcept chromium-80.0.3987.132/components/search_provider_logos/logo_common.cc
+--- chromium-80.0.3987.132/components/search_provider_logos/logo_common.cc.el7-noexcept	2020-03-03 13:53:06.000000000 -0500
++++ chromium-80.0.3987.132/components/search_provider_logos/logo_common.cc	2020-03-11 10:47:13.353162076 -0400
 @@ -14,14 +14,14 @@ LogoMetadata::LogoMetadata() = default;
  LogoMetadata::LogoMetadata(const LogoMetadata&) = default;
  LogoMetadata::LogoMetadata(LogoMetadata&&) noexcept = default;
@@ -123,9 +123,9 @@ diff -up chromium-79.0.3945.56/components/search_provider_logos/logo_common.cc.e
  LogoCallbacks::~LogoCallbacks() = default;
  
  }  // namespace search_provider_logos
-diff -up chromium-79.0.3945.56/components/signin/public/identity_manager/account_info.cc.el7-noexcept chromium-79.0.3945.56/components/signin/public/identity_manager/account_info.cc
---- chromium-79.0.3945.56/components/signin/public/identity_manager/account_info.cc.el7-noexcept	2019-11-26 16:50:45.000000000 -0500
-+++ chromium-79.0.3945.56/components/signin/public/identity_manager/account_info.cc	2019-12-03 12:55:19.242610730 -0500
+diff -up chromium-80.0.3987.132/components/signin/public/identity_manager/account_info.cc.el7-noexcept chromium-80.0.3987.132/components/signin/public/identity_manager/account_info.cc
+--- chromium-80.0.3987.132/components/signin/public/identity_manager/account_info.cc.el7-noexcept	2020-03-03 13:53:54.000000000 -0500
++++ chromium-80.0.3987.132/components/signin/public/identity_manager/account_info.cc	2020-03-11 10:47:13.353162076 -0400
 @@ -58,7 +58,7 @@ CoreAccountInfo::CoreAccountInfo(CoreAcc
  CoreAccountInfo& CoreAccountInfo::operator=(const CoreAccountInfo& other) =
      default;
@@ -144,33 +144,40 @@ diff -up chromium-79.0.3945.56/components/signin/public/identity_manager/account
  
  bool AccountInfo::IsEmpty() const {
    return CoreAccountInfo::IsEmpty() && hosted_domain.empty() &&
-diff -up chromium-79.0.3945.56/google_apis/gaia/core_account_id.cc.el7-noexcept chromium-79.0.3945.56/google_apis/gaia/core_account_id.cc
---- chromium-79.0.3945.56/google_apis/gaia/core_account_id.cc.el7-noexcept	2019-11-26 16:52:31.000000000 -0500
-+++ chromium-79.0.3945.56/google_apis/gaia/core_account_id.cc	2019-12-03 12:55:19.243610708 -0500
-@@ -14,7 +14,7 @@ CoreAccountId::~CoreAccountId() = defaul
+diff -up chromium-80.0.3987.132/google_apis/gaia/core_account_id.cc.el7-noexcept chromium-80.0.3987.132/google_apis/gaia/core_account_id.cc
+--- chromium-80.0.3987.132/google_apis/gaia/core_account_id.cc.el7-noexcept	2020-03-11 10:47:13.684155381 -0400
++++ chromium-80.0.3987.132/google_apis/gaia/core_account_id.cc	2020-03-11 10:48:18.241848293 -0400
+@@ -24,7 +24,7 @@ CoreAccountId::~CoreAccountId() = defaul
  
  CoreAccountId& CoreAccountId::operator=(const CoreAccountId&) = default;
  
 -CoreAccountId& CoreAccountId::operator=(CoreAccountId&&) noexcept = default;
 +CoreAccountId& CoreAccountId::operator=(CoreAccountId&&) = default;
  
- CoreAccountId::CoreAccountId(const char* id) : id(id) {}
- 
-diff -up chromium-79.0.3945.56/google_apis/gaia/core_account_id.h.el7-noexcept chromium-79.0.3945.56/google_apis/gaia/core_account_id.h
---- chromium-79.0.3945.56/google_apis/gaia/core_account_id.h.el7-noexcept	2019-11-26 16:52:31.000000000 -0500
-+++ chromium-79.0.3945.56/google_apis/gaia/core_account_id.h	2019-12-03 12:55:19.243610708 -0500
-@@ -20,7 +20,7 @@ struct CoreAccountId {
+ // static
+ CoreAccountId CoreAccountId::FromGaiaId(const std::string& gaia_id) {
+@@ -82,4 +82,4 @@ std::vector<std::string> ToStringList(
+   for (const auto& account_id : account_ids)
+     account_ids_string.push_back(account_id.ToString());
+   return account_ids_string;
+-}
+\ No newline at end of file
++}
+diff -up chromium-80.0.3987.132/google_apis/gaia/core_account_id.h.el7-noexcept chromium-80.0.3987.132/google_apis/gaia/core_account_id.h
+--- chromium-80.0.3987.132/google_apis/gaia/core_account_id.h.el7-noexcept	2020-03-11 10:47:13.686155340 -0400
++++ chromium-80.0.3987.132/google_apis/gaia/core_account_id.h	2020-03-11 10:48:47.857248531 -0400
+@@ -30,7 +30,7 @@ struct CoreAccountId {
    ~CoreAccountId();
  
    CoreAccountId& operator=(const CoreAccountId&);
 -  CoreAccountId& operator=(CoreAccountId&&) noexcept;
 +  CoreAccountId& operator=(CoreAccountId&&);
  
-   // Those implicit constructor and conversion operator allow to
-   // progressively migrate the code to use this struct. Removing
-diff -up chromium-79.0.3945.56/gpu/config/gpu_info.cc.el7-noexcept chromium-79.0.3945.56/gpu/config/gpu_info.cc
---- chromium-79.0.3945.56/gpu/config/gpu_info.cc.el7-noexcept	2019-11-26 16:52:31.000000000 -0500
-+++ chromium-79.0.3945.56/gpu/config/gpu_info.cc	2019-12-03 12:55:19.244610685 -0500
+   // Checks if the account is valid or not.
+   bool empty() const;
+diff -up chromium-80.0.3987.132/gpu/config/gpu_info.cc.el7-noexcept chromium-80.0.3987.132/gpu/config/gpu_info.cc
+--- chromium-80.0.3987.132/gpu/config/gpu_info.cc.el7-noexcept	2020-03-03 13:53:55.000000000 -0500
++++ chromium-80.0.3987.132/gpu/config/gpu_info.cc	2020-03-11 10:47:13.689155280 -0400
 @@ -173,7 +173,7 @@ GPUInfo::GPUDevice& GPUInfo::GPUDevice::
      const GPUInfo::GPUDevice& other) = default;
  
@@ -180,10 +187,10 @@ diff -up chromium-79.0.3945.56/gpu/config/gpu_info.cc.el7-noexcept chromium-79.0
  
  GPUInfo::GPUInfo()
      : optimus(false),
-diff -up chromium-79.0.3945.56/third_party/openscreen/src/osp/public/service_info.h.el7-noexcept chromium-79.0.3945.56/third_party/openscreen/src/osp/public/service_info.h
---- chromium-79.0.3945.56/third_party/openscreen/src/osp/public/service_info.h.el7-noexcept	2019-11-26 16:53:39.000000000 -0500
-+++ chromium-79.0.3945.56/third_party/openscreen/src/osp/public/service_info.h	2019-12-03 12:55:19.244610685 -0500
-@@ -21,7 +21,7 @@ struct ServiceInfo {
+diff -up chromium-80.0.3987.132/third_party/openscreen/src/osp/public/service_info.h.el7-noexcept chromium-80.0.3987.132/third_party/openscreen/src/osp/public/service_info.h
+--- chromium-80.0.3987.132/third_party/openscreen/src/osp/public/service_info.h.el7-noexcept	2020-03-03 13:55:28.000000000 -0500
++++ chromium-80.0.3987.132/third_party/openscreen/src/osp/public/service_info.h	2020-03-11 10:47:13.690155259 -0400
+@@ -22,7 +22,7 @@ struct ServiceInfo {
    ServiceInfo(ServiceInfo&&) MAYBE_NOEXCEPT = default;
    ServiceInfo(const ServiceInfo&) MAYBE_NOEXCEPT = default;
  
diff --git a/chromium.spec b/chromium.spec
index bb7e698d..008c57df 100644
--- a/chromium.spec
+++ b/chromium.spec
@@ -158,7 +158,7 @@ Name:		chromium%{chromium_channel}%{nsuffix}
 %else
 Name:		chromium%{chromium_channel}
 %endif
-Version:	%{majorversion}.0.3987.132
+Version:	%{majorversion}.0.3987.149
 Release:	1%{?dist}
 %if %{?freeworld}
 %if %{?shared}
@@ -249,7 +249,7 @@ Patch75:	chromium-80.0.3987.106-missing-cstring-header.patch
 # Use lstdc++ on EPEL7 only
 Patch101:	chromium-75.0.3770.100-epel7-stdc++.patch
 # el7 only patch
-Patch102:	chromium-79.0.3945.56-el7-noexcept.patch
+Patch102:	chromium-80.0.3987.132-el7-noexcept.patch
 
 # Enable VAAPI support on Linux
 # NOTE: This patch will never land upstream
@@ -294,7 +294,7 @@ Source17:	GardinerModBug.ttf
 Source18:	GardinerModCat.ttf
 # RHEL 7 needs newer nodejs
 %if 0%{?rhel} == 7
-Source19:	node-v8.9.1-linux-x64.tar.gz
+Source19:	https://nodejs.org/dist/v10.15.3/node-v10.15.3-linux-x64.tar.gz
 %endif
 
 # We can assume gcc and binutils.
@@ -863,10 +863,16 @@ cp %{SOURCE109} .
 cp %{SOURCE110} .
 cp %{SOURCE111} .
 %else
+%if 0%{?fedora} >= 33
+cp -a /usr/share/fonts/google-arimo-fonts/Arimo-*.ttf .
+cp -a /usr/share/fonts/google-cousine-fonts/Cousine-*.ttf .
+cp -a /usr/share/fonts/google-tinos-fonts/Tinos-*.ttf .
+%else
 cp -a /usr/share/fonts/google-croscore/Arimo-*.ttf .
 cp -a /usr/share/fonts/google-croscore/Cousine-*.ttf .
 cp -a /usr/share/fonts/google-croscore/Tinos-*.ttf .
 %endif
+%endif
 %if 0%{?rhel} == 7
 tar xf %{SOURCE112}
 mv lohit-gurmukhi-ttf-2.91.2/Lohit-Gurmukhi.ttf .
@@ -945,7 +951,7 @@ export CHROMIUM_HEADLESS_GN_DEFINES
 %if 0%{?rhel} == 7
 pushd third_party/node/linux
 tar xf %{SOURCE19}
-mv node-v8.9.1-linux-x64 node-linux-x64
+mv node-v10.15.3-linux-x64 node-linux-x64
 popd
 %else
 mkdir -p third_party/node/linux/node-linux-x64/bin
@@ -1714,6 +1720,9 @@ getent group chrome-remote-desktop >/dev/null || groupadd -r chrome-remote-deskt
 
 
 %changelog
+* Wed Mar 18 2020 Tom Callaway <spot@fedoraproject.org> - 80.0.3987.149-1
+- update to 80.0.3987.149
+
 * Thu Feb 27 2020 Tom Callaway <spot@fedoraproject.org> - 80.0.3987.132-1
 - update to 80.0.3987.132
 - disable C++17 changes (this means f32+ will no longer build, but it segfaulted immediately)
diff --git a/sources b/sources
index e00e8af6..0c54d2d7 100644
--- a/sources
+++ b/sources
@@ -16,5 +16,5 @@ SHA512 (Tinos-Bold.ttf) = 54aeca804c06a4d5c57ade596e73df91a6a1c4401c4aadba55d987
 SHA512 (Tinos-Italic.ttf) = d4f4f096110ef98a781a2a0e0d319317e5f84e650fe6f4d4f6b0e22a16414278217f37497b904a18540273c0e2d79d4f1faabde3b0eb5446283b318c73bafb38
 SHA512 (Tinos-Regular.ttf) = 58085c5dac6d067d60ba2ab3220c4a0cc1efcf279cadfcfb8746a5e5fa1a6f6daa62750dc2051b3b2d8a51b4d2e9bb0f66594caf2253c0870ed9c7286fa45e8f
 SHA512 (Ahem.ttf) = aeb64b10ab9c87860714cb60b4900254b13dc52c51319256a1a3722c882026ab7c616bf628fbc2fe14e38a6003f3a481af60b52a7ed62071d28ddaf428e4e3fd
-SHA512 (node-v8.9.1-linux-x64.tar.gz) = a707fd4567041c56e7f9d415e505e3fa650627f31def7fefdd7ec50f9e7066bb33332b67f479e1159d85e1105a7e6d034aad7429f4f3d034c9161170d7e0b844
-SHA512 (chromium-80.0.3987.132-clean.tar.xz) = a94a4501a9ef1a88d2855cd578d0e23e2c462c23b5942e31e5591985786a314d7841b64fac66d38c07df2b6c1c93a2d3b61f95eb9c4632e954dbe446e5a004d6
+SHA512 (node-v10.15.3-linux-x64.tar.gz) = 5eb544ef706562981340a82acc79e2162c6a3e4049b4a95f69ce353ee5b0f929c60b1fc457e8249b3fb0696f82fc28c5f543f5947db19fae4e9d5c21b906bb20
+SHA512 (chromium-80.0.3987.149-clean.tar.xz) = f31bed52567d3ba11b19416bb81ed3ec1e7ecd9211256ff7f3cfd33408c1238fdfdca953db6def24897e6a0f31b16b723656544e3506fef078efb5a041352ed6