Back to all videos

Open Source Friday with Ladybird

By GitHub

Web Browser DevelopmentOpen Source SoftwareSoftware EngineeringNonprofit Organizations
Share:

Key Concepts

  • GitHub Copilot Spaces: A feature that provides context management for development workflows, allowing AI to understand and interact with a project's codebase, documentation, and issues.
  • Ladybird Browser: A new, independent web browser built from scratch, without relying on existing browser engines like Chromium or Gecko.
  • Web Engine: The core component of a web browser responsible for parsing HTML, CSS, and executing JavaScript to render web pages.
  • JavaScript Engine: The component responsible for executing JavaScript code.
  • Nonprofit Model: Ladybird operates as a nonprofit, accepting funding without compromising its development direction or vision.
  • Serenity OS: The operating system from which Ladybird originated, characterized by its "not invented here syndrome" approach of writing everything from scratch.
  • Tab Isolation/Sandboxing: Security features that isolate different processes (e.g., for image decoding or network requests) to prevent issues in one process from affecting others, especially those handling user data.
  • IPC (Inter-Process Communication): A mechanism for different processes to communicate and exchange data.
  • Web Platform Tests: A suite of tests used to evaluate web standards compliance of web engines.
  • Trusted Types: A security feature that helps prevent DOM-based cross-site scripting (XSS) by designating user input strings as trusted or untrusted.
  • Accessibility Specs: Standards related to making web content accessible to people with disabilities.
  • Alpha Release: An early, pre-release version of software, typically for testing by a wider audience.

GitHub Copilot Spaces: Enhanced Development Context

GitHub Copilot Spaces introduces advanced context management to development workflows. Users can create a "space" by naming it and assigning it to themselves or an organization. Crucially, these spaces can be populated with specific instructions for Copilot, including precise line-of-code updates for new features.

The power of Copilot Spaces lies in its ability to ingest extensive project context. This includes:

  • Entire repositories or selected files: Providing the codebase as a knowledge base.
  • External documents: Such as Architecture Decision Records (ADRs), design specifications, and performance reports.
  • Linked issues and pull requests: Offering insight into how features are implemented and the project's development history.

Once a space is configured, users can query it using their preferred AI model. For example, a query to "add a new pattern detection category for accessibility issues" can yield context-aware responses. Copilot, leveraging the space's knowledge, can understand specific JSON formats, severity levels, and testing patterns relevant to the project, providing tailored guidance rather than generic advice.

This context is accessible directly within VS Code via the GitHub NCP servers Copilot Spaces toolset with the remote MCP install. Copilot can pull context from any configured space, enabling it to generate implementation plans that align with existing architecture, avoiding random boilerplate. Real-time synchronization ensures that any updates to documents or requirements within the space are immediately reflected in Copilot's understanding.

Key Takeaway: Copilot Spaces transforms a project's codebase, documentation, and issue tracking into an AI expert accessible to the entire team.

Ladybird Browser: A New Independent Web Engine

The discussion shifts to the Ladybird browser, presented live from GitHub Universe 2025. Yelli, a maintainer, introduces Ladybird as a "brand new independent browser." This independence is defined by several key aspects:

  • From Scratch Development: Ladybird has developed its own web engine and JavaScript engine, meaning it does not utilize code from existing browsers like Chromium or Gecko. Every component related to web specifications has been written in-house.
  • Independence: Ladybird does not use any code from other browsers, ensuring a clean slate and unique architecture.
  • Nonprofit Status: Operating as a nonprofit, Ladybird accepts funding (grants, sponsorships) but maintains complete autonomy over its direction and vision, free from external influence tied to funding.

Origins and Motivation

Ladybird originated from the Serenity OS project, an operating system built with a "not invented here syndrome" philosophy, meaning all components were developed from scratch. This ethos fostered a culture of writing code in C++ and enjoying the process. As the browser component within Serenity OS matured and gained interest for sponsorship, Andreas, the project lead, decided to spin it out as a separate project named Ladybird.

Technical Benefits of Building from Scratch

The decision to build from scratch, rather than forking Chromium, offers significant technical advantages:

  • Simplicity and Accessibility: The codebase is relatively simple, making it easier for new contributors to understand and modify. Developers can jump into specific parts of the code to fix bugs or implement features without needing to navigate millions of lines of code or grasp the entire project structure. This lowers the barrier to entry for contributions and fosters a welcoming community.
  • Introduction to Open Source: Ladybird serves as an excellent entry point for individuals new to open-source contributions, with many users making their first PRs with the project.
  • Disruption and Choice: For users, Ladybird offers a new, capable web engine, providing an alternative to browsers dominated by Google's technology and funding. This resonates with users seeking more choice and independence. The feeling is often compared to the early days of Firefox's emergence.

Architectural Decisions and Security

Ladybird employs a clear architectural separation for enhanced security and stability:

  • Process Isolation: Critical operations like image decoding and network request handling are performed in separate, dedicated processes.
  • Sandboxing: Untrusted data and operations are funneled into these separate processes. For instance, image decoding takes raw bytes, decodes them into a bitmap, and then sends the result back to the main rendering process via IPC.
  • Security Feature: If a vulnerability or memory corruption occurs within an image decoding library (e.g., for JPEGs), it is contained within that separate process, protecting the main process where user data resides.
  • Network Request Handling: All network requests are processed in a separate process. Only the results, after parsing headers, are returned to the main process for HTML parsing and tree construction.
  • Core Tenet: Processing untrusted data in separate, isolated processes is a fundamental principle of Ladybird's architecture.

Web Standards Compliance and Challenges

Ladybird is actively working towards web standards compliance, currently ranking fourth in Web Platform Tests among engines. However, the transcript notes that Web Platform Tests can be skewed by a large number of tests in specific areas, such as character encoding tests (Chinese and Japanese encodings making up a third of the tests). While achieving their current test score is a significant accomplishment, there is still a long way to go for full browser functionality.

Team and Prioritization

Despite a smaller team (seven to eight full-time engineers) compared to giants like Google (Chrome) and Apple (Safari), Ladybird thrives due to:

  • Lack of Legacy Code: Not being built on decades of legacy code allows for easier implementation of new features without extensive refactoring.
  • Passion-Driven Development: Prioritization is largely driven by what individual contributors, including paid engineers, are passionate about. This "joyful" approach leads to the team working on what they love to see functioning.
  • User-Centric Fixes: The team often addresses issues by visiting websites they use daily or those reported as broken by users. They fix what they enjoy fixing or what aligns with implementing specifications.
  • Real-World Testing: A booth at GitHub Universe allowed visitors to suggest websites they wanted to see work in Ladybird. Approximately 90% of these websites worked out of the box, with the remaining 10% (layout issues, bugs, crashes) being fixed on the spot, demonstrating the team's responsiveness and prioritization strategy.

Nonprofit Model and Sustainability

The nonprofit model is central to Ladybird's sustainability and development philosophy:

  • Unrestricted Funding: Donations, grants, and sponsorships are "no strings attached," meaning funders have no say in Ladybird's development direction.
  • Trust and Vision: The model relies on the trust of individuals and companies who want to see Ladybird succeed. This allows the team to build the browser according to their vision.
  • Preventing Deterioration: The speaker emphasizes that when open-source projects start compromising their direction due to money or influence, they tend to deteriorate. Ladybird aims to avoid this by staying true to its core mission.

Community Contributions

Ladybird actively seeks and values community contributions:

  • Reproduction Cases: A highly valuable contribution is providing minimal, reproducible cases for bugs. Users identify bugs on websites, then reduce the page's CSS and JavaScript to a few lines that demonstrate the issue. This allows the team to easily create regression tests and begin fixing the bug.
  • Pull Requests (PRs): The team welcomes PRs for bug fixes, including those for older, legacy APIs on websites.
  • New API Implementations: Contributions for implementing new APIs are also highly valued. An example given is the implementation of "Trusted Types," a security feature that designates user input strings as trusted or untrusted, preventing potential XSS vulnerabilities.
  • Spec Implementation: A significant contribution involved a W3C member implementing accessibility specs from beginning to end within Ladybird, resulting in a fully compliant accessibility area implementation.

Future Roadmap

The next year for Ladybird is focused on preparing for its alpha release in Q2 or Q3 of 2026 for Linux and macOS. This involves:

  • Binary Releases: Producing functional binaries for Linux and macOS.
  • Windows Support: The community is actively working on Windows support, though it has been challenging for maintainers to review due to a lack of Windows systems.
  • First Impression: Ensuring a good initial experience for alpha users is paramount, requiring strong performance and compatibility with commonly used websites, particularly those frequented by IT professionals.

Getting Involved

Interested individuals can get involved with Ladybird through:

  • Website: ladybird.org
  • GitHub Repository: For issues, PRs, and cloning the repository to build it locally (a simple two-line shell command).
  • Discord: For discussions and community engagement.

Conclusion: Ladybird represents a significant effort in building a new, independent web browser with a strong focus on privacy, performance, and community-driven development. Its unique approach, from its "from scratch" engine to its nonprofit model, positions it as a potentially impactful player in the future of web browsing.

Chat with this Video

AI-Powered

Hi! I can answer questions about this video "Open Source Friday with Ladybird". What would you like to know?

Chat is based on the transcript of this video and may not be 100% accurate.

Related Videos

Ready to summarize another video?

Summarize YouTube Video