Tags

05January2025v1

**Phoenix now has an official icon :D**

Credit to @Gnu1 for designing it - huge thanks to them for their great work as always :)
____

* New version formatting! This should make it cleaner, simpler, and easier to keep up with new releases...

* Phoenix on desktop no longer clears cookies & site data on exit by default *(Except for our specialized `YouTube` config)*. Not an easy choice to make - but it's best we leave this to users to decide. Firefox's current approach to site exceptions also [has its own drawbacks](https://bugzilla.mozilla.org/show_bug.cgi?id=1767271), and Mozilla needs to make it more user-friendly to set. **We still clear cache, history, & sessions on exit by default.**

* Set `extensions.update.autoUpdateDefault` to `true` to ensure users are always notified of extension updates.

* We now disable unsafe negotiations (via  setting `security.ssl.require_safe_negotiation` to `true`) for all configs. This was previously only set on Extended Hardening & the specialized configs, though appears to cause little to 0 breakage, so now it's set everywhere :).

* New `browser.phoenix.version` pref to allow easily checking & confirming your version of Phoenix from within the browser...

* Added more preferences from Firefox's ETP Strict tracking protection to Phoenix's Android configs, to ensure that they are always enabled.

* Other minor tweaks & fixes.
___

Codeberg: See [here](https://codeberg.org/celenity/Phoenix/compare/20250103.2...05January2025v1) for more details.

GitHub: See [here](https://github.com/celenityy/Phoenix/compare/20250103.2...05January2025v1) for more details.
___

:)

20240103.2

____

* Ensured that we're properly always enabling Fission (Per-site process isolation) by default on Android (& elsewhere) by setting `fission.autostart.session` to `true`. *(We currently already set `fission.autostart` to `true`...)*

* We now **always** enforce Spectre mitigations, even for isolated content - by setting `javascript.options.spectre.disable_for_isolated_content` to `false`.

* Firefox on desktop will no longer automatically guess which container to open external links in, as this can cause unintended leaks & cross-contamination. You can restore Firefox's default behavior by setting `browser.link.force_default_user_context_id_for_external_opens` in your `about:config` to  `false`.

* Websites are no longer able to automatically download as many files as they want to a user's device without prompting. You can still set exemptions for specific downloads. (`browser.download.enable_spam_prevention`).

* Improved organization & fix numbering of categories. We've also now added various `phoenix` preferences that allow for easy debugging & testing, so that you can easily see if Phoenix is properly applied to Firefox - and if not, where it went wrong
___

Codeberg: See [here](https://codeberg.org/celenity/Phoenix/compare/20250103.1...20250103.2) for more details.

GitHub: See [here](https://github.com/celenityy/Phoenix/compare/20250103.1...20250103.2) for more details.
___

Credit to the [Tor Project](https://www.torproject.org/) & [Rusty-Snake](https://codeberg.org/rusty-snake/firefox-config) for some of the security preferences above.

:)

20250103.1

**Phoenix is now officially supported on Debian/Ubuntu & Android!** 🎉 Huge thank you to @Gnu1 for their incredible work, time, and assistance in making this Debian release possible. 💜

**Debian/Ubuntu** users can now install Phoenix simply by using the [unified installation script](https://codeberg.org/celenity/Phoenix#install). **Android** users should see [here](https://phoenix.celenity.dev/android) for installation steps & more details.

**I'd also like to officially announce a brand new community [Matrix Space](https://matrix.to/#/#phoenix:unredacted.org) *(Recommended)* and [Discord Server](https://discord.gg/AMZ2GRxxjr)**! Feel free to join if you'd like to discuss Phoenix, need support, have any questions or concerns, would like to help with development... or simply want to chat. :)

____

* Fixed IPv6 connectivity issues when DNS over HTTPS is enabled by setting `network.dns.preferIPv6` to `true`. - https://codeberg.org/divested/brace/pulls/5

* Enabled Geoclue for GNU/Linux users, so that that they can rely on the Geolocation service their distribution is using, which may be preferable over BeaconDB (our current provider). **BeaconDB is still used as a fallback in such cases**. Geoclue can be disabled by setting `geo.provider.use_geoclue` in your `about:config` to `false`.

* Disabled middle mouse clicks from pasting clipboard content by default, as it's far too easy to accidentally press & unintentionally paste content *(Which can potentially be sensitive...)*, by setting `middlemouse.paste` to `false`. You can re-enable middle mouse clicks pasting clipboard content by setting `middlemouse.paste` in your `about:config` to `true`, **though this is not recommended**.

* Fixed issues opening HTML files by removing the `network.buffer.cache.count` & `network.buffer.cache.size` prefs - https://github.com/yokoffing/Betterfox/issues/279.

* Set `apz.overscroll.enabled` to `true` by default to enhance smooth scrolling. You can revert this change by setting `apz.overscroll.enabled` to `false` in your `about:config`.

* Spellcheck is now enabled for both single-line **and** multi-line text boxes by default. To revert to Firefox's default behavior of only checking single-line text boxes, change `layout.spellcheckDefault` to `1` in your `about:config`. https://codeberg.org/celenity/Phoenix/issues/33

* Introduced a new [specialized config](https://codeberg.org/celenity/Phoenix#specialized-configs) for Element.

* Disabled [Network Error Logging](https://w3c.github.io/network-error-logging/) by setting `network.http.network_error_logging.enabled` to `false`.

* Various other minor tweaks, fixes, & enhancements.
___

Codeberg: See [here](https://codeberg.org/celenity/Phoenix/compare/20241229-1...20250103.1) for more details.

GitHub: See [here](https://github.com/celenityy/Phoenix/compare/20241229-1...20250103.1) for more details.
___

:)

20241229-1

____

* We no longer set Firefox's locale to `en-US` by default, as this caused lots of weird issues & breakage - and in general is out of scope for the project - https://codeberg.org/celenity/Phoenix/issues/10 (`intl.accept_languages` & `intl.locale.requested`).

* Disabled [XFA](https://wikipedia.org/wiki/XFA) in pdf.js, due to security reasons - https://codeberg.org/celenity/Phoenix/commit/186d4eed51d43da257a050aca396704e6863fb3f (`pdfjs.enableXfa`).

* If a website asks for a user's personal certificate, Phoenix will **always** ask the user first, rather than automatically choose one. This was already the default behavior - but now we've enforced it (`security.default_personal_cert`).

* Enforced that Firefox can never access the Windows Shell... This was already the default behavior - but now we've enforced it (`network.protocol-handler.external.shell`).

* Ensured that the user is **always** warned before Firefox launches an external program. This was already the default behavior for all protocols **except** `mailto:`, **but now we enforce it, as well as for `mailto:`** (`network.protocol-handler.warn-external-default`, `network.protocol-handler.warn-external.mailto`, & `security.external_protocol_requires_permission`).

* **BadBlock+** is now enabled by **default** in uBlock Origin.

* Updated our uBlock Origin configuration (`assets.json`) to match latest upstream changes - https://codeberg.org/celenity/Phoenix/commit/ab1ee070d6b1b32b23ccef5e5b2eccc360c703bd.

* Improved documentation & the README.

* Various other minor tweaks, fixes, & enhancements.
___

Codeberg: See [here](https://codeberg.org/celenity/Phoenix/compare/20241225-1...20241229-1) for more details.

GitHub: See [here](https://github.com/celenityy/Phoenix/compare/20241225-1...20241229-1) for more details.
___

:)

20241225-1

**🎄 Merry Christmas to those who celebrate! 🎅**

____

Since the last release:

* Fixed sanitizing cookies & site data by default. This was already Phoenix's intended behavior, but it appears to have been working improperly - so this fixes it. Preferences related to sanitizing are also now unlocked - so you may easily override this behavior via `about:preferences#privacy` or the `about:config` if desired *(though this is not recommended)*.

* Added support for installing Phoenix on macOS if Firefox is installed in ~/Applications (Previously, only /Applications was supported).

* Hardened Firefox's sandboxing - https://codeberg.org/celenity/Phoenix/commit/6927a985d6ab197462493037fc2151a3620841d3.

* Removed useless Firefox View preferences - https://codeberg.org/celenity/Phoenix/commit/ae60e05fea752db6dce237a4f6cfab4364b1ae9e.

* Set 'browser.search.separatePrivateDefault' to false by default to ensure Google isn't set as the default search engine for private browsing windows...

* WebXR/Virtual Reality is now only disabled by **default**, instead of being **locked**. This preference isn't fingerprintable - still useful to disable by default for reducing attack surface, but now users can override & enable this functionality if they really want to for whatever reason.

* Unlocked preferences so that users may now disable automatic updates of add-ons and system extensions via the `about:config` - though this is **NOT RECOMMENDED**.

* We no longer enable [Web Task Scheduling](https://blog.mozilla.org/performance/2022/06/02/prioritized-task-scheduling-api-is-prototyped-in-nightly/) (`'dom.enable_web_task_scheduling') by default - as it appears to be causing issues (https://github.com/yokoffing/Betterfox/issues/355) & is still experimental.

* Extensions can now **only** be installed from profile & application directories  - This prevents extensions being installed from the system itself/via other programs...

* Revamped & heavily improved Phoenix's `README` & Wiki/Documentation.

* General clean-up & improvements to project organization.

* Various tweaks & fixes.

___

Codeberg: See [here](https://codeberg.org/celenity/Phoenix/compare/20241216-1...20241225-1) for more details.

GitHub: See [here](https://github.com/celenityy/Phoenix/compare/20241216-1...20241225-1) for more details.
___

:)

20241216-1

**Welcome to the new Phoenix!** 🎉

____

This is a **major** update, with fundamental changes to Phoenix's design & how it operates.

The most notable difference is that **Phoenix is now entirely local**. You can see details [here](https://codeberg.org/celenity/Phoenix/issues/29) as to why this decision was made & the major benefits it will provide in terms of privacy, security, performance, usability, etc.

This is currently available for users of Arch Linux, Fedora Linux, & macOS. Debian installations are currently broken anyways at the moment :/ and are being re-worked in the near future, as a top priority.

Simply run the upgrade script for your platform, and it'll handle everything for you:

```sh
sudo bash -c "$(curl -fsSL https://phoenix.celenity.dev/upgrade.sh)"
```

Once it's complete, you should be good to go!

Can't wait to see what you think :) - looking forward to any and all feedback!

___

Codeberg: See [here](https://codeberg.org/celenity/Phoenix/compare/20241211-1...20241216-1) for more details.

GitHub: See [here](https://github.com/celenityy/Phoenix/compare/20241211-1...20241216-1) for more details.
___

:)

20241211-1

___

* There is now a single, unified installer script for installing Phoenix on GNU/Linux distributions & macOS (as well as an uninstaller script to compliment it). **Huge thanks to @Gnu1 for their work and contribution. 💜**
* Heavily improved macOS install & uninstall scripts.
* Updated our uBlock Origin config to match latest upstream changes.
* Our uBlock Origin config now includes BadBlock - Ethical Whitelist as an **optional** whitelist, **not** enabled by default. See the introduction [here](https://badblock.celenity.dev/base/whitelists/ethical.txt) for more details.
* Enabled the use of our custom uBlock Origin config on LibreWolf & forks. We currently don't support LibreWolf, but this is useful for if we decide to in the future.
* `Amazon`, `Bing`, & `Google` built-in search engines will now be fully removed for users on Firefox ESR releases.
* Our macOS Homebrew Tap has changed from `celenity/Phoenix-Policies-macOS` to simply `celenity/tap`. No action is required for existing macOS installations, due to Codeberg's automatic redirects.
* If the user configures a proxy, we prevent the browser from bypassing it by default.
* Changed certain proxy preferences we set from `locked` to `default`, so that the user may change them if they choose to do so.
* Prompts for users to 'refresh' their Firefox profile have been disabled, as it could cause severe issues with Phoenix users (especially those using one of our `user.js` files.
* Post Quantum Encryption is further enforced where possible.
* Several important preferences have been added to our policies (in addition to our `.cfg` files) for defense in depth. *(See specifics [here](https://codeberg.org/celenity/Phoenix/commit/1bcaee4f87e53c64e041427e81e688a961f6b204))*
* Users may now install the [FMHY SafeGuard](https://github.com/fmhy/FMHY-SafeGuard) extension directly from GitHub at their own discretion.
* Added policies for defense in depth against dangerous 'Data Loss Prevention'/'ContentAnalysis' functionality. *(See specifics [here](https://codeberg.org/celenity/Phoenix/commit/2bf4558ed5d9ea7044b826720b006bbff5581744))*
* Disabled Mozilla feedback prompts & Mozilla's `Web Compatibility Reporter` - We don't want users bothering Mozilla due to our customizations; feedback & issues should be filed with us directly. Additionally, in the case of the `Web Compatibility Reporter`, disabling it also decreases attack surface & potentially improves performance.
* Other minor tweaks & enhancements

Codeberg: See [here](https://codeberg.org/celenity/Phoenix/compare/20241204-1...20241211-1) for more details.

GitHub: See [here](https://github.com/celenityy/Phoenix/compare/20241204-1...20241211-1) for more details.

___

:)

20241204-1

Release

____

Lots of updates here:

* Hardened Phoenix's local and remote config files to prevent us or an attacker (if we ever compromised) from having the ability to override the user's homepage. Downside is that users will no longer be able to easily set a different browser homepage via `about:preferences`, however they can still set an override via editing their local 'phoenix.cfg', which will persist as we don't remotely update it. See here: https://codeberg.org/celenity/Phoenix/issues/18#issuecomment-2490737 for more details on Phoenix's approach to security and protecting users, even in the worst case scenarios, and even from ourselves. **Due to these updates, you are HIGHLY recommend to re-install Phoenix (specifically, the local 'phoenix.cfg' file and 'phoenix.js' files should be updated).**

* Placed further restrictions on the installation of extensions, to ensure that we're only granting this capability to websites (with user permission) where it's absolutely necessary.

* Fixed a strange bug that prevented users from installing extensions from the GitHub repos we allow in certain instances (primarily if the .xpi was file was on a past page of releases)

* Heavy consolidated policies. There are no longer separate policies for Windows/macOS & Linux. 'Personal-Dev-Nightly-Policies' have also been fully deprecated. Users can now choose from either our Standard Policies, or 'No-Sync' (or my Personal policies at their own discretion....).

* Added policies to ensure that the user can always access about:addons, about:config, about:profiles, & about:support.

* Added a policy to always display the bookmark toolbar by default. Can be overriden by users depending on their preference.

* Added a policy to ensure that users are always notified if there is an attempt to activate dangerous, invasive 'Content Analysis' functionality.

* Firefox will no longer offer to save passwords for users by default. Can be overriden, though users are highly recommended to use secure password managers instead, such as Bitwarden or Proton Pass.

* Fully disabled Password Manager on my Personal Policies & set to install Bitwarden by default

* Disabled the annoying 'Profile Import' functionality on my Personal Policies

* Added a 'Phoenix Policies Initialized' policy, as well as 'Phoenix Initialized' & 'Phoenix Applied' prefs, to make Phoenix easier to debug & confirm whether it is working as expected.

* Various other minor tweaks & enhancements

___

See https://codeberg.org/celenity/Phoenix/commits/branch/pages for more details

:)

20241203-1

Release

* Various tweaks, changes, and enhancements, as well as hardening. **Users are recommended to re-install Phoenix if possible for their platform of choice.**

* See https://codeberg.org/celenity/Phoenix/commits/branch/pages for more details - future releases will have full notes and more information.

:)

31November2024v1

20241103-1

Release

* Updates search engines

See https://codeberg.org/celenity/Phoenix/commits/branch/pages

:)

20240924-1

Release

See https://codeberg.org/celenity/Phoenix/commits/branch/pages

:)

20240914-1

Release

See https://codeberg.org/celenity/Phoenix/commits/branch/main

:)

⚠️ 20240907-1

⚠️ **IMPORTANT UPDATE** - SEE [HERE](https://codeberg.org/celenity/Phoenix/issues/2)

20240902-1

Release

See https://codeberg.org/Magnesium1062/Phoenix/commits/branch/main

:)

20240831-1

Release

See https://codeberg.org/Magnesium1062/Phoenix/commits/branch/main

:)

20240825-1

Release

See https://codeberg.org/Magnesium1062/Phoenix/commits/branch/main & https://codeberg.org/Magnesium1062/Phoenix/commits/branch/main

:)