Blink! Google forks WebKit

Blink! Google forks WebKit

Summary: In a move that's long been expected in Web developer circles, Google finally forked the open-source Webkit Web browser engine.

Blink! Google is forking Webkit. (Credit: Stephen Shankland, CNET)

While some people may have been surprised that Google has finally made Blink, its own fork of the popular WebKit Web browser engine, in Web developer circles this move came as no surprise.

While Apple and Google had long worked together on the open-source WebKit project for years, developers both inside and outside of Google wanted Google to move away from Apple. In addition, the two tech giants had different visions for the Web browser engine.

As Adam Barth, a Google Software Engineer wrote:

Chromium uses a different multi-process architecture than other WebKit-based browsers, and supporting multiple architectures over the years has led to increasing complexity for both the WebKit and Chromium projects. This has slowed down the collective pace of innovation — so today, we are introducing Blink, a new open-source rendering engine based on WebKit.

This was not an easy decision. We know that the introduction of a new rendering engine can have significant implications for the web. Nevertheless, we believe that having multiple rendering engines — similar to having multiple browsers — will spur innovation and over time improve the health of the entire open web ecosystem. In the short term, Blink will bring little change for web developers. The bulk of the initial work will focus on internal architectural improvements and a simplification of the codebase. For example, we anticipate that we’ll be able to remove 7 build systems and delete more than 7,000 files — comprising more than 4.5 million lines — right off the bat. Over the long term, a healthier codebase leads to more stability and fewer bugs.

Throughout this transition, we'll collaborate closely with other browser vendors to move the Web forward and preserve the compatibility that made it a successful ecosystem. In that spirit, we've set strong guidelines for new features that emphasize standards, interoperability, conformance testing and transparency.

Justin Schuh, a Google Chrome security software engineer, added on Google+ that while he's not speaking for Google or the Chromium project, that:

I think it’s safe to say that the Chrome security team has taken a very active role in WebKit security over the last several years, and really led the pack in making Webkit more robust against exploits. We’ve fuzzed at previously unheard of scales, paid out hundreds of thousands of dollars in bug bounties, performed extensive code auditing, fixed many hundreds of security bugs, and introduced a slew of hardening measures. And while we're very proud of the work we've done on WebKit security, the fact is that it’s getting harder and harder for us to make a big impact anymore.

The big issue is a side effect of Chrome’s design. While our architecture has tremendous strengths (beyond just security), it’s also very different from other WebKit-based browsers, and grows even more so with the rest of the WebKit project's increasing focus on the WebKit2 layer. These differences have forced us to make increasingly difficult decisions, like sidelining major security enhancements that don’t fit well with WebKit. Meanwhile, we were regularly handling security regressions resulting from things like differing release schedules, and maintaining legacy behavior required by WebKit as an API [Application Programming Interface]. These growing pains are common enough when a project like WebKit evolves to encompass such a broad set of consumers, but eventually you can reach a point where the burden on some members is just too high.

So, with the Blink project we now have a chance to fix quite a bit of technical security debt that’s accumulated over the years. These changes are all things that fit well with Chrome’s architecture, but were not viable in WebKit given their impact on other platforms.

These security issues have often been mentioned as a reason for Google to leave Apple behind. In some Web developer circles it's been felt that Apple's programmers hadn't been carrying their fair share of the load of making WebKit (which Apple's Safari Web browser uses) secure.

Google isn't going alone in this new fork. Opera, which recently left its own Web-browser engine for WebKit, is joining them. Håvard Molland, a lead Opera software developer, tweeted, "So what about Opera? Opera is going with Blink as well."

The first fruits of this shift should be seen in the next few updates of Google's Chrome Web browser. As for Apple? We can only presume that they'll keep working with WebKit.

Related Stories:

Topics: Browser, Apple, Google, Open Source, Software, Software Development

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Blink! Google forks WebKit

    Kudos Google.
    • weren't you suggesting the other day

      that everybody (MS and Mozilla) should abandon their rendering engines and switch over to WebKit?

      perhaps it is time for Apple to start thinking about migrating over to Blink
    • Yes, I'm prepared to give Kudos to Google

      On 2 conditions:

      1. Blink ignores all of apple's proprietary -webkit CSS extensions. These are NOT standard and standards compliant browsers must NOT recognize them.

      2. Whatever touch API Blink implements must be submitted to the W3C for standards approval. Blink must NOT implement apple's proprietary, patent protected touch API unless Google submits it to the W3C and is prepared to fight apple in court to protect the standard from apple's patent trolling ways. Remember folks, the W3C tried to make apple's touch API a web standard but apple refused to commit to granting royalty free licenses to the patents apple claims to have on the touch API implementation. No standards = bad for consumers. The good news is that I believe Google supported MS's efforts in standardizing a touch API with NO patent enforcement so that it truly can become a standard. Then, as web developers start using the REAL standard (not apple's proprietary patent protected "standard") and it is ios devices that stop responding properly to touch enabled web sites, consumers will really benefit.
      • I don't know about 2, but

        "1. Blink ignores all of apple's proprietary -webkit CSS extensions. These are NOT standard and standards compliant browsers must NOT recognize them."

        "Historically, browsers have relied on vendor prefixes (e.g., -webkit-feature) to ship experimental features to web developers. This approach can be harmful to compatibility because web content comes to rely upon these vendor-prefixed names. Going forward, instead of enabling a feature by default with a vendor prefix, we will instead keep the (unprefixed) feature behind the “enable experimental web platform features” flag in about:flags until the feature is ready to be enabled by default. Mozilla has already embarked on a similar policy and the W3C CSS WG formed a rough consensus around a complementary policy."

        I think this is a good sign.
        Michael Alan Goff
  • Blink! Google forks WebKit

    Remember no one liked the blink HTML tag and this project will suffer the same fate. Also by forking they just stretched out whatever manpower they did have even thinner. Now the open source community has 2 projects they need to keep up with. This simplifies the ways Google can spy on you too.
    • What? blink HTML tag?

      Do you understand what this means at all? Chrome and Opera are both going to continue on this path for the foreseeable future. How would this stretch anyones manpower. It make a decision for the open source community, why would anyone bother with regular Webkit and Webkit 2(Apple) which is not something open source community is welcome on. Webkit 2 is completely closed source.

      This mean that Google, Opera, and the open source community will no longer contribute to Apple's Webkit2. That is about the only real change.
      • open source community

        Is not tied in any way to Google.

        In fact, Google are black hole for open source - everything goes in, nothing comes out. Lets just watch the show. Soon, Google will junk Blink.
        • Google has done job with Open Source better than Nokia...

          ... just because they give not just get.

          You' re totally wrong. Google has done great job for Linux and Open Source. Perhaps that's why some fanboyz of Redmond are so pissed off.
    • "This simplifies the ways Google can spy on you too."

      Ha - I knew that exact comment would come from you. Keep up the entertaining posts!
  • Its Google's evil agenda...

    No other explanation is required.
    • Meh!

      Owl5, Does not work well with others.

    • Thanks Google

      I’ve been using Google’s browser for ages. It is well integrated both with my environment and Google’s web applications. I adopted it for its speed at the time but I stay with it for its features. It works well with Linux being distributed as an APT package.
  • So, because Apple isn't

    carrying its fair share of the weight on security, Google is going to read them the riot act by forking the source so that Google can carry 100% of the security weight. Yeah, right.

    I'll wager the real reason for the fork is that Google and Apple disagree over how much data the browser should collect on you.
    • It would be odd that this code would be in the rendering engine

      Your 100% uneducated guess as to why Google is forking webkit could be true but it is extremely unlikely to be true.

      The more likely reason is far more boring:
      "supporting multiple architectures over the years has led to increasing complexity for both the WebKit and Chromium projects"

      But we know that according to you, apple is perfect and everyone else is evil. Yawn.
      • lets hope

        You do understand, that WebKit is used on a plenty of architectures and this requires additional code.

        What Google are saying is they will remove all code that does not run on Android an Chrome OS and thus "make it more secure".

        Security is a process, and more involved, means more bugs catches. But to each their own. WebKit is licensed under BSD.
  • Interesting and scary at the same time

    I understand Google motivation, they live from the web, they have all the reasons to push the web usage forward. Chrome was an example of something that has pushed browsers development forward undoubtedly.
    On the other side of the fence Google is becoming too big, they need competition, I'm afraid they become (maybe they are already) too dominant regarding Internet. Governments can intervene, but I would be happier if healthy competition avoided the need for that.
    • oh, please

      - nothing scary. This isn't microsoft here. No EEE to worry about. So google has 65% search share and you're nervous - type - problem solved. They'd love the business! Concerned the 30% browser share from chrome is too dominant? Grab a free copy of firefox. Nervous about windows 95% monopoly? Too bad - you need it. Fork over $100 and line their pockets some more. We can all benefit from a simpler and more secure browser.
      • Google is not

        a company that is above illegal practices.
        Do you truly trust them 100%?
        • Tell me what are they going to do with that I need to be trusting them 100% for. As long as they don't email my play store credit card # out to the world, I'm not too worried.
          What I am worried about is going to some web page and silently getting a trojan that uploads my financial info to a russian hacker. How about that.
          • This is a very smart move for Google

            Don't get me wrong, I was expecting this - Google is doing the right thing.
            Actually my main concern is the lack of competition, Google can become too big, and I think maybe that's not so good.