Proton is a headless Chromium process remote-controlled by Puppeteer. Puppeteer is fairly sensitive about the Chromium version being used. The recommended method is via an npm install hook in Puppeteer, which downloads the Chromium version it likes. We probably don't want to do that as it would it invisible whether we use an outdated/insecure Chromium version. We probably don't want to use the OS-native Chromium version either as that would mean the service could break without warning on any OS upgrade. So presumably pin the Chromium package version (that might make it outdated but at least it's visible) and have some process of updating the pinning every time Puppeteer itself is updated? Sounds a bit painful.
Also we need to document the process of testing Proton with a new Chromium version on Beta. (Mainly thinking of the use case where Chromium has a security vulnerability / rendering issue / whatever that wants us to use a newer version than what Puppeteer is specifically documented to work with, and we need to make sure that doesn't break anything.)