From f9669f4eed619d95156c72c6199e3b14ab7a652d9d18820c0b7036fdc345b69c Mon Sep 17 00:00:00 2001 From: Mia Herkt Date: Wed, 25 Dec 2024 05:17:47 +0000 Subject: [PATCH] =?UTF-8?q?-=20Update=20to=20version=203.4.0:=20=20=20Remo?= =?UTF-8?q?ved=20=20=20*=20Support=20for=20Python=203.8=20is=20dropped,=20?= =?UTF-8?q?and=20Python=203.9=20is=20now=20=20=20=20=20required.=20=20=20C?= =?UTF-8?q?hanged=20=20=20*=20Based=20on=20Chromium=20122.0.6261.171=20wit?= =?UTF-8?q?h=20security=20patches=20up=20to=20=20=20=20=20131.0.6778.70=20?= =?UTF-8?q?=20=20*=20The=20.desktop=20file=20now=20also=20declares=20quteb?= =?UTF-8?q?rowser=20as=20a=20valid=20=20=20=20=20viewer=20for=20image/webp?= =?UTF-8?q?.=20=20=20*=20Updated=20mimetype=20information=20for=20getting?= =?UTF-8?q?=20a=20suitable=20extension=20=20=20=20=20when=20downloading=20?= =?UTF-8?q?a=20data:=20URL.=20=20=20*=20The=20content.javascript.clipboard?= =?UTF-8?q?=20setting=20now=20defaults=20to=20"ask",=20=20=20=20=20which?= =?UTF-8?q?=20on=20Qt=206.8+=20will=20prompt=20the=20user=20to=20grant=20c?= =?UTF-8?q?lipboard=20=20=20=20=20access.=20On=20older=20Qt=20versions,=20?= =?UTF-8?q?this=20is=20still=20equivalent=20to=20=20=20=20=20"none"=20and?= =?UTF-8?q?=20needs=20to=20be=20set=20manually.=20=20=20*=20If=20a=20XHR?= =?UTF-8?q?=20request=20made=20via=20JS=20sets=20a=20custom=20Accept-Langu?= =?UTF-8?q?age=20=20=20=20=20header,=20it=20now=20correctly=20has=20preced?= =?UTF-8?q?ence=20over=20the=20global=20=20=20=20=20content.headers.accept?= =?UTF-8?q?=5Flanguage=20setting=20(but=20not=20per-domain=20=20=20=20=20o?= =?UTF-8?q?verrides).=20This=20fixes=20subtle=20JS=20issues=20on=20website?= =?UTF-8?q?s=20that=20rely=20=20=20=20=20on=20the=20custom=20header=20bein?= =?UTF-8?q?g=20sent=20for=20those=20requests,=20and=20e.g.=20=20=20=20=20b?= =?UTF-8?q?lock=20the=20requests=20server-side=20otherwise.=20=20=20*=20Ou?= =?UTF-8?q?r=20packaging=20scripts=20now=20prefer=20the=20"legacy"/"for=20?= =?UTF-8?q?older=20=20=20=20=20browsers"=20PDF.js=20build=20as=20their=20n?= =?UTF-8?q?ormal=20release=20only=20supports=20=20=20=20=20the=20latest=20?= =?UTF-8?q?Chromium=20version=20and=20might=20break=20in=20qutebrowser=20o?= =?UTF-8?q?n=20=20=20=20=20updates.=20Note=20to=20packagers:=20If=20there?= =?UTF-8?q?=E2=80=99s=20a=20PDF.js=20package=20in=20your=20=20=20=20=20dis?= =?UTF-8?q?tribution=20as=20an=20(optional)=20qutebrowser=20dependency,=20?= =?UTF-8?q?consider=20=20=20=20=20also=20switching=20to=20this=20variant?= =?UTF-8?q?=20(same=20code,=20built=20differently).=20=20=20Fixed=20=20=20?= =?UTF-8?q?*=20Crash=20with=20recent=20Jinja/Markupsafe=20versions=20when?= =?UTF-8?q?=20viewing=20a=20=20=20=20=20finished=20userscript=20(or=20pote?= =?UTF-8?q?ntially=20editor)=20process=20via=20=20=20=20=20:process.=20=20?= =?UTF-8?q?=20*=20scripts/open=5Furl=5Fin=5Finstance.sh=20now=20avoids=20e?= =?UTF-8?q?cho=20-n,=20thus=20=20=20=20=20running=20correctly=20on=20POSIX?= =?UTF-8?q?=20sh.=20=20=20*=20Added=20a=20workaround=20for=20a=20bogus=20Q?= =?UTF-8?q?tWebEngine=20warning=20about=20=20=20=20=20missing=20spell=20ch?= =?UTF-8?q?ecking=20dictionaries.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit OBS-URL: https://build.opensuse.org/package/show/network/qutebrowser?expand=0&rev=140 --- .gitattributes | 23 + .gitignore | 1 + qutebrowser-3.2.1.tar.gz | 3 + qutebrowser-3.2.1.tar.gz.asc | 14 + qutebrowser-3.3.1.tar.gz | 3 + qutebrowser-3.3.1.tar.gz.asc | 14 + qutebrowser-3.4.0.tar.gz | 3 + qutebrowser-3.4.0.tar.gz.asc | 14 + qutebrowser.changes | 3963 ++++++++++++++++++++++++++++++++++ qutebrowser.keyring | 41 + qutebrowser.spec | 113 + 11 files changed, 4192 insertions(+) create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 qutebrowser-3.2.1.tar.gz create mode 100644 qutebrowser-3.2.1.tar.gz.asc create mode 100644 qutebrowser-3.3.1.tar.gz create mode 100644 qutebrowser-3.3.1.tar.gz.asc create mode 100644 qutebrowser-3.4.0.tar.gz create mode 100644 qutebrowser-3.4.0.tar.gz.asc create mode 100644 qutebrowser.changes create mode 100644 qutebrowser.keyring create mode 100644 qutebrowser.spec diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/qutebrowser-3.2.1.tar.gz b/qutebrowser-3.2.1.tar.gz new file mode 100644 index 0000000..aa3df8b --- /dev/null +++ b/qutebrowser-3.2.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:02a7af2a6c5db38d87b225b0b8412c80d9838335f32d0e8a38f6d7fbcd38897d +size 6054942 diff --git a/qutebrowser-3.2.1.tar.gz.asc b/qutebrowser-3.2.1.tar.gz.asc new file mode 100644 index 0000000..a53cc02 --- /dev/null +++ b/qutebrowser-3.2.1.tar.gz.asc @@ -0,0 +1,14 @@ +-----BEGIN PGP SIGNATURE----- + +iQGzBAABCgAdFiEEJ/O7T8IX7suFhXiu737k0DlpC3sFAmZ6iTEACgkQ737k0Dlp +C3sXvAwAvjfpq5NMjhIZwpAe7dhzCaysGVg2i9mJVuy/pPmiJGXGhcMgzIYD+snd +j9mTHqZDGdMy0caVlnuf8pjF3bxF9JFo0uxPgNEGgaIpvJRx2h2AVj5/B0bq2cwd +u/QtwBkSiZLH16X8ZS/9l0piVnXF+2v6j2f+krrlF9h+Ev3lDPlHIYFlDb3iNNHm +qy9cwJFhceKae+W5/bbE7+LFsdSxoJVSdeFejIpeQDSdUwExnuLdvqrNvIhV+FPu +arfTieR29zg/a9vLpSlNT49Fb1minTx7LtPXvmOiGb2DodTAQCJKdw/Th7WvwvWo +PXBEIN7qor9KIUt6m58SLQOt+cJFCAp8lU3f0tQu+NfKj2uZ/tdQov8eQHJRrwid +LkzzEjjNBFIcsKUs2w06l0hrY/3ZXQSykRg/8KlmYPLxjb6NITDpxnmF7aNfsfDD +v6vpUIb0WQLXIqg8M7GMJIm3ra2oe75SfH2+9UyYUOu21gZi8QNyVJU1zSGClXAA +Jm92e0zY +=N2Xz +-----END PGP SIGNATURE----- diff --git a/qutebrowser-3.3.1.tar.gz b/qutebrowser-3.3.1.tar.gz new file mode 100644 index 0000000..6c72030 --- /dev/null +++ b/qutebrowser-3.3.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:aadb64accc730bc9a15ce341c9a0580b1f36383ed4874f54d31ce1dabe94e17a +size 6059431 diff --git a/qutebrowser-3.3.1.tar.gz.asc b/qutebrowser-3.3.1.tar.gz.asc new file mode 100644 index 0000000..b132225 --- /dev/null +++ b/qutebrowser-3.3.1.tar.gz.asc @@ -0,0 +1,14 @@ +-----BEGIN PGP SIGNATURE----- + +iQGzBAABCgAdFiEEJ/O7T8IX7suFhXiu737k0DlpC3sFAmcK0RIACgkQ737k0Dlp +C3t7zQwA48nWO9ocbUGxBUoJO6FWdOLldxOi+DxX2NMufDFZ9Ggb/T7hn5PztSY6 +TnlvTVCe2rB7CXzXTSenmQ9FZBfpIIke5QTk4OCbMFiFgrV3ls0wymwiw7HfCjsr +EJ5GTyvkmLKrkfoytxEPFPJu/XRRF0sBviNn+kY9SZUEwOF7WmxqUX6wUACXw9oW +1qM73PR1u8yMLife8H1kUjGuT9HF8gSSDM0GiMn5tiB55K9z2NGAm1JHnGddQzzJ +SJBpsVZDyJCOCgI0ibFxcZjOiZyBwY5+pANTLYW94CzgCqrqTlfAPAgqcbwxxNO5 ++kjFBSeS21rWm5Nh+mp4h+T3c8m9mzzze24J7CAgMAie8xLbqv/RMgvS6fXvV+Hq +LbyQavOQ1BRm18Ah6gpuNZ3rcsTfiFAkMeGFqDJYT8k74+8dCCBnUp1bZeaQU5Fs +5WHPg0eJWt7EhH1j43Z3aw1/rBSxTprR32D/eeiXM8L5AfJbY31Kn6vr7tx2yDVu +EaCanLKf +=Av8n +-----END PGP SIGNATURE----- diff --git a/qutebrowser-3.4.0.tar.gz b/qutebrowser-3.4.0.tar.gz new file mode 100644 index 0000000..9374c94 --- /dev/null +++ b/qutebrowser-3.4.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:814124c0ed337430e613a1da366d5e38904cb2049afb1505971456ca5ca6223e +size 6065180 diff --git a/qutebrowser-3.4.0.tar.gz.asc b/qutebrowser-3.4.0.tar.gz.asc new file mode 100644 index 0000000..66f7390 --- /dev/null +++ b/qutebrowser-3.4.0.tar.gz.asc @@ -0,0 +1,14 @@ +-----BEGIN PGP SIGNATURE----- + +iQGzBAABCgAdFiEEJ/O7T8IX7suFhXiu737k0DlpC3sFAmdd8E8ACgkQ737k0Dlp +C3vSXQv/Tzt0gizhjL95D/FOTXvOOyPHgmPrePAY4Kan3lFApDibiPd/TXCjG13V +F53p6aWYbJ+dpxlSFzmS1Zj67nas4ObE3ATRuS6o6AIIUZy8GbcghQYAwzvAb5TL +Ym9GNMyCZ0DXiCQt2qus3ksUDNoN5guuzMp/PRH6tITYxc1Ykw+QrWZPLQaesWlr +0S9XsmMIJET52q40Gt0ehaxvMZ3yg0QZilotWUMmcKekT6pME3v98l1rISW9kjZ+ +kRcmFES9ejqYeD6jQ1hYWIKwWeXaA6W2LQ6pteTVBBlDsmvybFS/oDI2Bjj6Igbs +Qxi/GgafXwYrhl/4GZHLiu9v3QWJ6SVfBz7N3XXqzwyh0Cd2Mt85NgFB9/EeLGWm ++E1pppwNN0UObtXYF8yradamOTYTz1nYPe2OO4Lo8CfFryhsUOXq/oJ+kEhe1Yga +kEKHrUCAisIz8Z1Or9+b6BAaNbzHuSskYqWNK+MFjhCaq2wWnvRVom7f4jni30Vd +oDq5/qT1 +=5KM9 +-----END PGP SIGNATURE----- diff --git a/qutebrowser.changes b/qutebrowser.changes new file mode 100644 index 0000000..d81e91d --- /dev/null +++ b/qutebrowser.changes @@ -0,0 +1,3963 @@ +------------------------------------------------------------------- +Sat Dec 14 22:31:06 UTC 2024 - Joshua Smith + +- Update to version 3.4.0: + Removed + * Support for Python 3.8 is dropped, and Python 3.9 is now + required. + Changed + * Based on Chromium 122.0.6261.171 with security patches up to + 131.0.6778.70 + * The .desktop file now also declares qutebrowser as a valid + viewer for image/webp. + * Updated mimetype information for getting a suitable extension + when downloading a data: URL. + * The content.javascript.clipboard setting now defaults to "ask", + which on Qt 6.8+ will prompt the user to grant clipboard + access. On older Qt versions, this is still equivalent to + "none" and needs to be set manually. + * If a XHR request made via JS sets a custom Accept-Language + header, it now correctly has precedence over the global + content.headers.accept_language setting (but not per-domain + overrides). This fixes subtle JS issues on websites that rely + on the custom header being sent for those requests, and e.g. + block the requests server-side otherwise. + * Our packaging scripts now prefer the "legacy"/"for older + browsers" PDF.js build as their normal release only supports + the latest Chromium version and might break in qutebrowser on + updates. Note to packagers: If there’s a PDF.js package in your + distribution as an (optional) qutebrowser dependency, consider + also switching to this variant (same code, built differently). + Fixed + * Crash with recent Jinja/Markupsafe versions when viewing a + finished userscript (or potentially editor) process via + :process. + * scripts/open_url_in_instance.sh now avoids echo -n, thus + running correctly on POSIX sh. + * Added a workaround for a bogus QtWebEngine warning about + missing spell checking dictionaries. + +------------------------------------------------------------------- +Wed Oct 16 07:25:24 UTC 2024 - Joshua Smith + +- Update to version 3.3.1: + * Fixed: Updated the workaround for Google sign-in issues. +- Updates from version 3.3.0: + Added + * Added the qt.workarounds.disable_hangouts_extension setting, + for disabling the Google Hangouts extension built into + Chromium/QtWebEngine. + Removed + * Failed end2end tests will now save screenshots of the browser + window when run under xvfb (the default on linux). Screenshots + will be under $TEMP/pytest-current/pytest-screenshots/ or + attached to the GitHub actions run as an artifact. + Changed + * The qute-pass userscript now has better support for + internationalized domain names when using the pass backend - + both domain names and secret paths are normalized before + comparing + * Ignored URL query parameters (via url.yank_ignored_parameters) + are now respected when yanking any URL (for example, through + hints with hint links yank). The {url:yank} substitution has + also been added as a version of {url} that respects ignored URL + query parameters. + Fixed + * A minor memory leak of QItemSelectionModels triggered by + closing the completion dialog has been resolved. + * The link to the chrome URL match pattern documentation in our + settings docs now loads a live page again. + * A rare crash when on Qt 6, a renderer process terminates with + an unknown termination reason. + +------------------------------------------------------------------- +Wed Jun 26 01:25:34 UTC 2024 - Joshua Smith + +- Update to version 3.2.1: + Fixed + * When the selected Qt wrapper is unavailable, qutebrowser now + again shows a GUI error message instead of only an exception in + the terminal. + +------------------------------------------------------------------- +Tue Jun 4 00:31:01 UTC 2024 - Mia Herkt + +- Update to version 3.2.0: +Added: + * When qutebrowser receives a SIGHUP it will now reload any + config.py file in use (same as the :config-source command does) + gh#qutebrowser/qutebrowser#8108 + * The Chromium security patch version is now shown in the backend + string in --version and :version. This reflects the latest + Chromium version that security fixes have been backported to + the base QtWebEngine version from. + gh#qutebrowser/qutebrowser#7187 +Changed: + * With QtWebEngine 6.7+, the colors.webpage.darkmode.enabled + setting can now be changed at runtime and supports URL patterns + gh#qutebrowser/qutebrowser#8182 + * A few more completions will now match search terms in any + order: :quickmark-*, :bookmark-*, :tab-take and :tab-select + (for the quick and bookmark categories). + gh#qutebrowser/qutebrowser#7955 + * Elements with an ARIA role="switch" now get hints (toggle + switches like e.g. on cookie banners). + * The tor_identity userscript now validates that the + -c|--control-port argument value is an int. + gh#qutebrowser/qutebrowser#8162 +Fixed: + * input.insert_mode.auto_load sometimes not triggering due to + a race condition. + gh#qutebrowser/qutebrowser#8145 + * Worked around qutebrowser quitting when closing a KDE file + dialog due to a Qt bug. + gh#qutebrowser/qutebrowser#8143 + * Trying to use qutebrowser after it’s been deleted/moved on disk + (e.g. after a Python upgrade) should now not crash anymore. + * When the QtWebEngine resources dir couldn’t be found, + qutebrowser now doesn’t crash anymore (but QtWebEngine still + might). + * Fixed a rare crash in the completion widget when there was no + selection model when we went to clear that, probably when + leaving a mode. + gh#qutebrowser/qutebrowser#7901 + * The latest PDF.js release (v4.2.67) is now supported when + backed by QtWebEngine 6.6+ + gh#qutebrowser/qutebrowser#8170 + +------------------------------------------------------------------- +Mon Dec 11 13:29:26 UTC 2023 - Mia Herkt + +- Update to version 3.1.0: +Removed: + * The darkmode settings grayscale.all, grayscale.images and + increase_text_contrast got removed, following removals in + Chromium. +Added: + * New smart-simple value for + colors.webpage.darkmode.policy.images, which on QtWebEngine + 6.6+ uses a simpler classification algorithm to decide whether + to invert images. + * New content.javascript.legacy_touch_events setting, with those + now being disabled by default, following a Chromium change. +Changed: + * The colors.webpage.darkmode.threshold.text setting got renamed + to colors.webpage.darkmode.threshold.foreground, following a + rename in Chromium. + * With Qt 6.6, the content.canvas_reading setting now works + without a restart and supports URL patterns. +Fixed: + * Some web pages jumping to the top when the statusbar is hidden + or (with v3.0.x) when a prompt is hidden. + * Compatibility with PDF.js v4 + * Added an elaborate workaround for a bug in QtWebEngine 6.6.0 + causing crashes on Google Mail/Meet/Chat, and a bug in + QtWebEngine 6.5.0/.1/.2 causing crashes there with dark mode. + * Made a rare crash in QtWebEngine when starting/retrying a + download less likely to happen. + * Graphical glitches in Google sheets and PDF.js, again. Removed + the version restriction for the default application of + qt.workarounds.disable_accelerated_2d_canvas as the issue was + still evident on Qt 6.6.0. + gh#qutebrowser/qutebrowser#7489 + * The colors.webpage.darkmode.threshold.foreground setting + (.text in older versions) now works correctly with Qt 6.4+. + +------------------------------------------------------------------- +Thu Oct 19 20:41:39 UTC 2023 - Michael Vetter + +- Update to version 3.0.2: + * Fix for crashes on Google Meet / GMail with dark mode enabled + * Fix for right-click in devtools not working properly + * Fix for drag & drop not working on Wayland + * Fix for some XKB key remappings not working + * Security fixes up to Chromium 116.0.5845.187, including + CVE-2023-4863, a critical heap buffer overflow in WebP, for + which "Google is aware that an exploit exists in the wild." + +------------------------------------------------------------------- +Thu Oct 19 20:40:58 UTC 2023 - Michael Vetter + +- Update to version 3.0.1: + * The "restore video" functionality of the view_in_mpv script + works again on webengine. + * Setting url.auto_search to dns works correctly now with Qt 6. + * Counts passed via keypresses now have a digit limit (4300) to + avoid exceptions due to cats sleeping on numpads. (#7834) + * Navigating via hints to a remote URL from a file:// one works + again. (#7847) + * The timers related to the tab audible indicator and the auto follow + timeout no longer accumulate connections over time. (#7888) + * The workaround for crashes when using drag & drop on Wayland + with Qt 6.5.2 now also works correctly when using wayland-egl + rather than wayland as Qt platform. + * Worked around a weird TypeError with QProxyStyle / TabBarStyle + on certain platforms with Python 3.12. + * Removed 1px border for the downloads view, mostly noticeable + when it’s transparent. + * Due to a Qt bug, cloning/undoing a tab which was not fully loaded + caused qutebrowser to crash. This is now fixed via a workaround. + * Graphical glitches in Google sheets and PDF.js via a new setting + qt.workarounds.disable_accelerated_2d_canvas to disable the + accelerated 2D canvas feature which defaults to enabled on + affected Qt versions. (#7489) + * The download dialog should no longer freeze when browsing to + directories with many files. (#7925) + * The app.slack.com User-Agent quirk now targets chromium 112 on + Qt versions lower than 6.6.0 (previously it always targets + chromium 99) (#7951) + * Workaround a Qt issue causing jpeg files to not show up in the + upload file picker when it was filtering for image filetypes (#7866) + +------------------------------------------------------------------- +Sun Aug 20 19:07:25 UTC 2023 - Mia Herkt + +- Update to version 3.0.0 +Major Changes: + * qutebrowser now supports Qt 6 and uses it by default. + Qt 5.15 is used as a fallback if Qt 6 is unavailable. + This behavior can be customized in three ways (in order of + precedence): + + Via `--qt-wrapper PyQt5` or `--qt-wrapper PyQt6` + command-line arguments. + + Via the `QUTE_QT_WRAPPER` environment variable, set to + `PyQt6` or `PyQt5`. + + For packagers wanting to provide packages specific to a Qt + version, patch `qutebrowser/qt/machinery.py` and set + `_WRAPPER_OVERRIDE`. + * Various commands were renamed to better group related commands: + + `set-cmd-text` -> `cmd-set-text` + + `repeat` -> `cmd-repeat` + + `repeat*command` -> `cmd-repeat-last` + + `later` -> `cmd-later` + + `edit-command` -> `cmd-edit` + + `run-with-count` -> `cmd-run-with-count` + The old names continue to work for the time being, but are + deprecated and show a warning. + +Added: + * On invalid commands/settings with a similarly spelled match, + qutebrowser now suggests the correct name in its error + messages. + * New `:prompt-fileselect-external` command which can be used to + spawn an external file selector (`fileselect.folder.command`) + from download filename prompts (bound to `` by default). + * New `qute://start` built-in start page (not set as the default + start page yet). + * New `content.javascript.log_message.levels` setting, allowing + to surface JS log messages as qutebrowser messages (rather than + only logging them). By default, errors in internal `qute:` + pages and userscripts are shown to the user. + * New `content.javascript.log_message.excludes` setting, which + allows to exclude certain messages from the + `content.javascript.log_message.levels` setting described + above. + * New `tabs.title.elide` setting to configure where text should + be elided (replaced by `…`) in tab titles when space runs out. + * New `**quiet` switch for `:back` and `:forward`, to suppress + the error message about already being at beginning/end of + history. + * New `qute-1pass` userscript using the 1password commandline to + fill passwords. + * New features in userscripts: + + `qutedmenu` gained new `window` and `private` options. + + `qute-keepassxc` now supports unlock-on-demand, multiple + account selection via rofi, and inserting TOTP-codes + (experimental). + + `qute-pass` will now try looking up candidate pass entries + based on the calling tab's verbatim netloc (hostname + including port and username) if it can't find a match with + an earlier candidate (FQDN, IPv4 etc). + * New `qt.chromium.experimental_web_platform_features` setting, + which is enabled on Qt 5 by default, to maximize compatibility + with websites despite an aging Chromium backend. + * New `colors.webpage.darkmode.increase_text_contrast` setting + for Qt 6.3+ + * New `fonts.tooltip`, `colors.tooltip.bg` and + `colors.tooltip.fg` settings. + * New `log-qt-events` debug flag for `-D` + * New `--all` flags for `:bookmark-del` and `:quickmark-del` to + delete all quickmarks/bookmarks. + +Removed: + * Python 3.8.0 or newer is now required. + * Support for Qt/PyQt before 5.15.0 and QtWebEngine before 5.15.2 + are now dropped, as older Qt versions are end-of-life upstream + since mid/late 2020 (5.13/5.14) and late 2021 (5.12 LTS). + * The `--enable-webengine-inspector` flag is now dropped. It used + to be ignored but still accepted, to allow doing a `:restart` + from versions older than v2.0.0. Thus, switching from v1.x.x + directly to v3.0.0 via `:restart` will not be possible. + +Changed: + * The `content.javascript.can_access_clipboard` setting got + renamed to `content.javascript.clipboard` and now understands + three different values rather than being a boolean: `none` + (formerly `false`), `access` (formerly `true`) and + `access-paste` (additionally allows pasting content, needed for + websites like Photopea or GitHub Codespaces). + * The default `hints.selectors` now also match the `treeitem` + ARIA roles. + * The `:click-element` command now can also click elements based + on its ID (`id`), a CSS selector (`css`), a position + (`position`), or click the currently focused element + (`focused`). + * The `:click-element` command now can select the first found + element via `--select-first`. + * New `search.wrap_messages` setting, making it possible to + disable search wrapping messages. + * The `:session-save` command now has a new `--no-history` flag, + to exclude tab history. + * New widgets for `statusbar.widgets`: + + `clock`, showing the current time + + `search_match`, showing the current match and total count + when finding text on a page + * Messages shown by qutebrowser now don't automatically get + interpreted as rich text anymore. Thus, e.g. + `:message-info

test` now shows the given text. To show rich + text with `:message-*` commands, use their new `--rich` flag. + Note this is NOT a security issue, as only a small subset of + HTML is interpreted as rich text by Qt, independently from the + website. + * Improved output when loading Greasemonkey scripts. + * The "... called unimplemented GM_..." messages are now logged + as info JS messages instead of errors. + * For QtNetwork downloads (e.g. `:adblock-update`), various + changes were done for how redirects work: + * Insecure redirects (HTTPS -> HTTP) now fail the download. + * 20 redirects are now allowed before the download fails rather + than only 10. + * A redirect to the same URL will now fail the download with + too many redirects instead of being ignored. + * When a download fails in a way it'd leave an empty file around, + the empty file is now deleted. + * With Qt 6, setting `content.headers.referer` to `always` will + act as if it was set to `same*domain`. The documentation is now + updated to point that out. + * With QtWebEngine 5.15.5+, the load finished workaround was + dropped, which should make certain operations happen when the + page has started loading rather when it fully finished. + * When `QUTE_QTWEBENGINE_VERSION_OVERRIDE` is set, it now always + wins, no matter how the version would otherwise have been + determined. Note setting this value can break things (if set to + a wrong value), and usually isn't needed. + * When qutebrowser is run with an older QtWebEngine version as on + the previous launch, it now prints an error before starting + (which causes the underlying Chromium to remove all browsing + data such as cookies). + * The keys "" and "" are now named + "" and "", respectively. + * `:config*diff` now has an `--include-hidden` flag, which also + shows internally-set settings. + * Improved error messages when `:spawn` can't find an executable. + * When a process fails, the error message now suggests using + `:process PID` with the correct PID (rather than always showing + the latest process, which might not be the failing one) + * When a process got killed with `SIGTERM`, no error message is + now displayed anymore (unless started with `:spawn --verbose`). + * When a process got killed by a signal, the signal name is now + displayed in the message. + * The `js-string-replaceall` quirk is now removed from the + default `content.site_specific_quirks.skip`, so that + `String.replaceAll` is now polyfilled on QtWebEngine < 5.15.3, + hopefully improving website compaitibility. + * Hints are now displayed for elements setting an `aria-haspopup` + attribute. + * qutebrowser now uses SPDX license identiiers in its files. + Full support for the REUSE specification (license provided in a + machine-readable way for every single file) is not done yet, + but planned for a future release. + +Fixed: + * When the devtools are clicked but + `input.insert_mode.auto_enter` is set to `false`, insert mode + now isn't entered anymore. + * The search wrapping messages are now correctly displayed in + (hopefully) all cases with QtWebEngine. + * When a message with the same text as a currently already + displayed one gets shown, qutebrowser used to only show one + message. This is now only done when the two messages are + completely equivalent (text, level, etc.) instead of doing so + when only the text matches. + * The `progress` and `backforward` statusbar widgets now stay + removed if you choose to remove them. Previously they would + appear again on navigation. + * Rare crash when running userscripts with crashed renderer + processes. + * Multiple rare crashes when quitting qutebrowser. + * ResourceWarning when using `:restart`. + * Crash when shutting down before fully initialized. + * Crash with some notification servers when the server is + quitting. + * Crash when using QtWebKit with PAC and the file has an invalid + encoding. + * Crash with the "tiramisu" notification server. + * Crash when the "herbe" notification presenter doesn't start + correctly. + * Crash when no notification server is installed/available. + * Warning with recent versions of the "deadd" + (aka "linux notification center") notification server. + * Crash when using `:print --pdf` with a directory where its + parent directory did not exist. + * The `PyQt{5,6}.sip` version is now shown correctly in the + `:version`/`--version` output. Previously that showed the + version from the standalone `sip` module which was only set + for PyQt5. + * When a `config.py` calls `.redirect()` via a request + interceptor (which is unsupported) and supplies an invalid + redirect target URL, an exception is now raised for the + `.redirect()` call instead of later inside qutebrowser. + * Crash when loading invalid history items from a session file. + +------------------------------------------------------------------- +Sun May 14 09:09:07 UTC 2023 - Dirk Müller + +- update to 2.5.4: + * Support SQLite with DQS (double quoted string) compile time + option turned off. + +------------------------------------------------------------------- +Tue Feb 21 09:55:22 UTC 2023 - Mia Herkt + +- Update to version 2.5.3 +Added + * New array_at quirk, polyfilling the Array.at method, which is + needed by various websites, but only natively available with + Qt 6.2. +Fixed + * Crash when the adblock filter file can't be read. + * Inconsistent behavior when using :config-{dict,list}-* commands + with an invalid value. Before the fix, using the same command + again would complain that the value was already present, + despite the error and the value not being actually changed. + * Incomplete error handling when mutating a dict/list in + config.py and setting an invalid value. Before the fix, this + would result in either a message in the terminal rather than + GUI (startup), or in a crash (:config-source). + * Wrong type handling when using :config-{dict,list}-* commands + with a config option with non-string values. The only affected + option is bindings.commands, which is probably rarely used with + those commands. + * The readability userscript now correctly passes the source URL + to Breadability, to make relative links work. + * Update dictcli.py to use the main branch, fixing a 404 error. + * Crash with some notification servers when the server did quit. + * Minor documentation fixes + +------------------------------------------------------------------- +Thu Jul 7 15:25:44 UTC 2022 - Mia Herkt + +- Update to version 2.5.2 +Fixed + * The notification fixes in v2.5.1 caused new notification + crashes (probably more common than the ones being fixed...). + Those are now fixed, along with a (rather involved) test case + to prevent similar issues in the future. + * When a text was not found on a page, the associated message + would be shown as rich text (e.g. after /

). With this + release, this is fixed for search messages, while the 3.0.0 + release will change the default for all messages to be + plain-text. Note this is NOT a security issue, as only a small + subset of HTML is interpreted as rich text by Qt, independently + from the website. + * When a Greasemonkey script couldn't be loaded (e.g. due to an + unreadable file), qutebrowser would crash. It now shows an + error instead. + * Ever since the v1.2.0 release in 2018, the + content.default_encoding setting was not applied on start + properly (only when it was changed afterwards). + This is now fixed. + +------------------------------------------------------------------- +Wed Jun 15 13:47:47 UTC 2022 - Mia Herkt + +- Update to version 2.5.1 +Fixed + * The qute-pass userscript is marked as executable again. + * The MathML workaround for darkmode (e.g. black on black + Wikipedia formula) now also works for display (rather than + inline) math. + * The content.proxy setting can now correctly be set to arbitrary + values via the qute://settings page again. + * Fixed a rare possible crash with invalid Content-Disposition + headers. + * Fixes for various notification-related crashes: + + With the tiramisu notification server (due to invalid + behavior of the server, now a non-fatal error) + + With the budgie notification server when closing a + notification (due to invalid behavior of the server, + now worked around) + + When a server exits with an unsuccessful exit status + (now a non-fatal error) + + When a server couldn't be started successfully + (now a non-fatal error) + + With the herbe notification presenter, when the website tries + to close the notification after the user accepting + (right-clicking) it. + * Fixes in userscripts: + + The qute-bitwarden userscript now correctly searches for + entries for sites on a subdomain of an unrecognized TLD. + subdomain names. Previously my.site.local would have searched + in bitwarden for my.sitelocal, losing the rightmost dot. + +------------------------------------------------------------------- +Tue Apr 5 23:54:02 UTC 2022 - Mia Herkt + +- Update to version 2.5.0 +Deprecated + * v2.5.x will be the last release of qutebrowser 2. For the + upcoming 3.0.0 release, it's planned to drop support for + various legacy platforms and libraries which are unsupported + upstream, such as: + + Qt before 5.15 LTS (plus adding support for Qt 6.2+) + + Python 3.6 + + The QtWebKit backend + + macOS 10.14 (via Homebrew) + + 32-bit Windows (via Qt) + + Windows 8 (via Qt) + + Windows 10 before 1809 (via Qt) + + Possibly other more minor dependency changes + * The :rl-unix-word-rubout command ( in command/prompt + modes) has been deprecated. Use :rl-rubout " " instead. + * The :rl-unix-filename-rubout command has been deprecated. + Use either :rl-rubout "/ " (classic readline behavior) or + :rl-filename-rubout (using OS path separator and ignoring + spaces) instead. +Changed + * Improved message if a spawned process wasn't found and a + Flatpak container is in use. + * The :tab-move command now takes start and end as index to move + a tab to the first/last position. + * Tests now automatically pick the backend (QtWebKit/QtWebEngine) + based on what's available. The QUTE_BDD_WEBENGINE environment + variable and --qute-bdd-webengine argument got replaced by + QUTE_TESTS_BACKEND and --qute-backend respectively, which can + be set to either webengine or webkit. + * Using :tab-give or :tab-take on the last tab in a window now + always closes that window, no matter what tabs.last_close is + set to. + * Redesigned qute://settings (:set) page with buttons for options + with fixed values. + * The default hint.selectors now match more ARIA roles (tab, + checkbox, menuitem, menuitemcheckbox and menuitemradio). + * Using e.g. :bind --mode=passthrough now scrolls to the + passthrough section on the qute://bindings page. + * Clicking on a notification now tries to focus the tab where the + notification is coming from. Note this might not work properly + if there is more than one tab from the same host open. + * Improvements to userscripts: + + qute-bitwarden understands a new + --password-prompt-invocation, which can be used to specify a + tool other than rofi to ask for a password. + + cast now uses yt-dlp if available (falling back to youtube-dl + if not). It also lets users override the tool to use via a + QUTE_CAST_YTDL_PROGRAM environment variable. + + qute-pass now understands a new --prefix argument if used in + gopass mode, which gets passed as subfolder prefix to gopass. + + open_download now supports Flatpak by using its XDG Desktop + Portal. + + open_download now waits for the exit status of xdg-open, + causing qutebrowser to report any issues with it. + + The content.headers.custom setting now accepts empty strings + as values, resulting in an empty header being sent. + * Renamed settings: + + qt.low_end_device_mode -> qt.chromium.low_end_device_mode + + qt.process_model -> qt.chromium.process_model + * System-wide userscripts are now discovered from the correct + location when running via Flatpak (/app/share rather than + /usr/share). + * Filename prompts now don't display a .. entry in the list of + files anymore. To get back to the parent directory, either type + ../ manually, or use the new :rl-filename-rubout command, + bound to by default. +Added + * New input.match_counts option which allows to turn off count + matching for more emacs-like bindings. + * New {relative_index} field for tabs.title.format + (and .pinned_format) which shows relative tab numbers. + * New input.mode_override option which allows overriding the + current mode based on the new URL when navigating or switching + tabs. + * New qt.chromium.sandboxing setting which allows to disable + Chromium's sandboxing (mainly intended for development and + testing). + * New QUTE_TAB_INDEX variable for userscripts, containing the + index of the current tab. + * New editor.remove_file setting which can be set to False to + keep all temporary editor files after closing the external + editor. + * New :rl-rubout command replacing :rl-unix-word-rubout + (and optionally :rl-unix-filename-rubout), taking a delimiter + as argument. + * New :rl-filename-rubout command, using the OS path separator + and ignoring spaces. The command also gets shown in the + suggested commands for a download filename prompt now. +Fixed + * When search.incremental is disabled, searching using /text + followed by a backwards search via ?text (or vice-versa) now + correctly changes the search direction. + * Elements getting a hint due to a tabindex now are skipped if + it's set to -1, reducing some false-positives. + * The audible indicator ([A]) now uses a 2s cooldown when the + audio goes silent, equivalent with the behavior of older + QtWebEngine versions. + * With confirm_quit set to downloads, the confirmation dialog is + now only shown when closing the last window (rather than + closing any window, which would continue running that window's + downloads). Unfortunately, more issues with confirm_quit and + multiple windows remain. + * Crash when a previous crash-log file contains non-ASCII + characters (which should never happen unless it was edited + manually) + * Due to changes in Debian, an old workaround (for broken + QtWebEngine patching on Debian) caused the inferior qutebrowser + error page to be displayed, when Chromium's would have worked + fine. The workaround was now dropped. + * Crash when using (:completion-item-del) in the + :tab-focus list, rather than :tab-select. + * Work around a Qt issue causing :spawn to run executables from + the current directory if no system-wide executable was found. + The underlying Qt bug is tracked as CVE-2022-25255, though the + impact with typical qutebrowser usage is low: Normally, + qutebrowser is run from a fixed location (usually the users + home directory), and :spawn is not typically used with + executables that don't exist. The main security impact of this + bug is in tools like text editors, which are often executed in + untrusted directories and might attempt to run auxiliary tools + automatically. + * When :rl-rubout or :rl-filename-rubout + (formerly :rl-unix-word-rubout and :rl-unix-filename-rubout) + were used on a string not starting with the given delimiter, + they failed to delete the first character, which is now fixed. + * Fixes in userscripts: + + ripbang now works again (it got blocked due to a missing user + agent and used outdated qutebrowser commands before) + + keepassxc now has a properly working --insecure flag + * Speculative fix for a qutebrowser crash when the notification + daemon crashes while showing the notification. + * Fix crash when using :screenshot with an invalid --rect + argument. + * Added a site-specific quirk to make cookie dialogs on + StackExchange pages (such as Stack Overflow) work on Qt 5.12. + +------------------------------------------------------------------- +Thu Oct 21 19:58:09 UTC 2021 - Mia Herkt + +- Update to version 2.4.0 +Added + * New content.blocking.hosts.block_subdomains setting which can + be used to disable the subdomain blocking for the hosts-based + adblocker introduced in v2.3.0. + * New downloads.prevent_mixed_content setting to prevent insecure + mixed-content downloads (true by default). + * New --private flag for :tab-clone, which clones a tab into a + new private window, mirroring the same flags for :open and + :tab-give. +Fixed + * Speculative fix for a crash when closing qutebrowser while a + systray notification is shown. + +------------------------------------------------------------------- +Thu Sep 23 06:05:30 UTC 2021 - Mia Herkt + +- Disable test suite. This is too non-deterministic and random + BDD tests will fail most of the time even though the program + behaves correctly in practice. + +------------------------------------------------------------------- +Tue Aug 3 00:07:38 UTC 2021 - Mia Herkt + +- Update to version 2.3.1 +Fixed + * Updated the workaround for Google Account log in claiming that + this browser isn't secure. For an equivalent workaround on + older versions, run: :set -u https://accounts.google.com/* + content.headers.user_agent "Mozilla/5.0 ({os_info}; rv:90.0) + Gecko/20100101 Firefox/90.0" + * Corrupt cache file exceptions with adblock 0.5.0+ are now + handled properly. + * Crash when entering unicode surrogates into the filename + prompt. + * UnboundLocalError in qute-keepass when the database couldn't be + opened. + +------------------------------------------------------------------- +Mon Jun 28 15:54:56 UTC 2021 - Mia Herkt + +- Update to version 2.3.0 +Added + * New content.prefers_reduced_motion setting to request websites + to reduce non-essential motion/animations. + * New colors.prompts.selected.fg setting to customize the text + color for selected items in filename prompts. +Changed + * The hosts-based adblocker (using content.blocking.hosts.lists) + now also blocks all requests to any subdomains of blocked + hosts. + * The fonts.web.* settings now support URL patterns. + * The :greasemonkey-reload command now shows a list of loaded + scripts and has a new --quiet switch to suppress that message. + * When launching a userscript via hints, a new QUTE_CURRENT_URL + environment variable now points to the current page (rather + than the URL of the selected element, where QUTE_URL points + to). +Fixed + * Crash when two Greasemonkey scripts have the same name + (usually happening because the same file is in both the data + and the config directory). + +------------------------------------------------------------------- +Thu Jun 3 12:37:54 UTC 2021 - Guillaume GARDET + +- Update to version 2.2.3 +Fixed + * Logging into Google accounts or sharing the camera on macOS 10.14+ crashed, + which is now fixed. + *The Windows installer now correctly aborts the installation on Windows 7 + (rather than attempting an install which won't work, since Windows 7 is + unsupported since the v2.0.0 release). + * Using --json-logging without --debug caused qutebrowser to crash since the + v1.13.0 release. It now works correctly again. + * Mixing Qt 5.14+ with QtWebEngine 5.12 caused a crash related to qutebrowser's + notification support, which is now fixed. + * The documentation now points to the new IRC channels on irc.libera.chat + instead of the defunct Freenode channels (due to a hostile takeover by + Freenode staff). + * Setting content.headers.user_agent or .accept_language to a value + containing non-ascii characters was permitted by qutebrowser, but resulted in +a crash when loading a page. Such values are now rejected properly. + * When quitting qutebrowser on the qute://settings page, a crash could happen, which is now fixed. + * When :edit-text is used, but the existing text in the input isn't + representable in the configured encoding (editor.encoding), qutebrowser would + crash. It now shows a proper error instead. + * The testsuite should now work properly on aarch64. + * When QtWebEngine is in a "stuck" state while :selection-follow was used, + this could cause a crash in qutebrowser. This is now fixed (speculatively, due + to lack of a reproducer). + * When the brave adblock data (adblock-cache.dat) got corrupted, qutebrowser + would crash when trying to load it. It now displays an error instead. + Combining /S (silent) and /allusers when uninstalling via the Windows + installer now works properly. + +------------------------------------------------------------------- +Thu May 20 18:58:16 UTC 2021 - Mia Herkt + +- Update to version 2.2.2 +Fixed + * When awesomewm's "naughty" notification daemon was used with a + development version of AwesomeWM and an unknown version number, + qutebrowser would crash when trying to parse the version + string. This is now fixed. + * Due to a bug with QtWebEngine 5.15.4, old Service Worker data + could cause renderer process crashes. This is now worked around + by qutebrowser. + * When an (broken) binding to set-cmd-text without any argument + existed, using : would crash, which is now fixed. + * New site-specific quirk (again) working around not being able + to type accented/composed characters on Google Docs. + * When running with python -OO (which is not recommended), a + notification being shown would result in a crash, which is now + fixed. + +------------------------------------------------------------------- +Sat May 8 15:49:14 UTC 2021 - Ferdinand Thiessen + +- Update to version 2.2.1 + * When an error occurs in a notification presenter, qutebrowser + now shows that error in the statusbar instead of just logging it + * New site-specific-quirk for Discord logging users out when using + vertical tabs + * Certain errors from notification daemons are now displayed + as non-fatal errors instead of qutebrowser crashing: + * With the legacy GNOME Flashback notification daemon, when + more than 20 notifications are currently shown. + * With the KDE Plasma notification daemon, when the same + notification is shown twice. + * Running :spawn -u -o broke in v2.2.0 and now works properly + again + * Fixes in userscripts: + * The qute-bitwarden userscript now still consumes returned + data if the Bitwarden CLI showed a warning but exited with + a successful exit code. + * The qute-pass userscript now doesn't try to match a username + with --password-only, and error messages with invalid + patterns are improved. + * The qute-pass userscript now avoids running pass twice + when --otp-only is used. +- SPEC file: Drop parts related to outdated openSUSE versions + +------------------------------------------------------------------- +Mon Apr 19 22:31:55 UTC 2021 - Mia Herkt + +- Enable test suite +- Update to version 2.2.0 +Deprecated + * Running qutebrowser with Qt 5.12.0 is now unsupported and logs + a warning. It should still work - however, a workaround for + issues with the Nvidia graphic driver was dropped. + Newer Qt 5.12.x versions are still fully supported. + * The --force argument for :tab-only is deprecated, use --pinned + close instead. + * Using :tab-focus without an argument or count is now + deprecated, use :tab-next instead. + +Added + * New dependency on the QtDBus module. If this requirement is an + issue for you or your distribution, please open an issue! + Note that a DBus connection at runtime is still optional. + * New input.media_keys setting which can be used to disable + Chromium's handling of media keys. + * New :process command (and associated qute://process pages) + which can be used to view and terminate/kill external processes + spawned by qutebrowser. + * New content.site_specific_quirks.skip setting which can be used + to disable individual site-specific quirks. + * New --pinned argument for :tab-only, which replaces --force + (with --pinned close), but also can take --pinned keep to keep + pinned tabs without prompting. + * New fileselect.folder.command which can be used with + fileselect.handler = external to customize the command to use + to upload directories ( + elements, which are non-standard but in wide use). + * New content.notifications.presenter setting with various new + ways to show web notifications: + + auto (default): Automatically detect the best available + option + + qt: Use Qt's built-in mechanism (like before this release) + + libnotify: Use a libnotify-compatible notification server + (i.e. native notifications on Linux) + + systray: Use a systray icon (very similar to qt but without + some of its drawbacks) + + messages: Use qutebrowser messages + + herbe: Use herbe + * New content.notifications.show_origin setting, which can be + used to decide for which notifications to show the origin + (the URL the notification was sent from). + +Changed + * The content.ssl_strict setting got renamed to + content.tls.certificate_errors, with new values: + + ask: Prompt on overridable certificate errors + (ssl_strict = 'ask') + + ask-block-thirdparty: See below + + block: Block the page load (ssl_strict = True) + + load-insecurely: Load the page despite the error + (ssl_strict = False) + * The new content.tls.certificate_errors setting now also + understands the value ask-block-thirdparty, which asks for page + loads but automatically blocks resource loads on TLS errors. + This behavior is consistent with what other browsers do. + * The prompt text shown on certificate errors has been improved + to make it clearer what kind of error occurred exactly. + * The content.site_specific_quirks setting got renamed to + content.site_specific_quirks.enabled. + * The content.notifications option got renamed to + content.notifications.enabled. + * The completion now also shows bindings starting with + set-cmd-text in its third column, such as o for :open. + * When :spawn is used with the -m / --output-messages flag, + the output now appears live, while the process is running. + * When a shown message replaces an existing related one (e.g. for + zoom levels), the replacing now also works even if a different + message was shown in between. + * The .redirect(...) method on interceptors now supports an + ignore_unsupported=True argument which supresses exceptions if + a request could not be redirected. Note, however, that it is + still not public API. + * When the --config-py argument is used, no warning about a + missing config.load_autoconfig is shown anymore, as the + argument is typically used for temporarily testing a config. + * The internal _autosave session used for crash recovery is now + only saved once per minute, since saving it for every page load + is a noticable performance issue. + * The readability-js userscript now displays a small header with + page information. + * When an external file selector is used, some additional + validation is done on the picked files now, so that errors are + shown if e.g. a directory is selected when a file was expected. + * The default binding for T (:tab-focus) got changed so that it + fills the command line with :tab-focus if used without a count + (instead of being equivalent to :tab-next in that case). + * The :config-unset command now understands the --pattern (-u) + flag to unset options customized for a given URL pattern + (such as after answering a prompt with "always"/"never"). + * The :config-unset command now shows an error when used on an + option which is valid, but was never customized. + * The statusbar.widgets setting now understands text:... entries + which allows adding a hard-coded text to the statusbar. + * The polyfill for String.replaceAll (required for Nextcloud + Calendar < 2.2.0 with QtWebEngine < 5.15.3) is now disabled by + default, as it's not fully compliant to the ECMAScript spec and + might cause issues on other websites. If you still need it + (e.g. if you're still on an old Nextcloud Calendar version), + remove js-string-replaceall from + content.site_specific_quirks.skip. + +Fixed + * When an editor exits with a != 0 exit status, the temporary + editor file is now persisted. This already was the case when + the editor crashed. + * When a nonexistent file gets passed to --config-py, qutebrowser + now complains instead of silently not loading it. + * With some (rare) setups, opening the report dialog or using a + PAC proxy with QtWebKit could result in qutebrowser hanging due + to a PyQt bug. There's now a workaround which prevents the hang + * Certain version number formats in /etc/os-release caused + qutebrowser to crash. Those are now handled correctly. + +Removed + * The qute://spawn-output page used by :spawn -o is now removed, + as it's replaced by the new qute://process pages. + +- Changes in 2.1.1 +Added + * Site-specific quirk for krunker.io, which shows a + "Socket Error" with qutebrowser's default Accept-Language + header. The workaround is equivalent to doing + :set -u matchmaker.krunker.io content.headers.accept_language "". + +Changed + * Clicking the 'x' in the devtools window to hide it now also + leaves insert mode. + +Fixed + * The workaround for black on (almost) black formula images in + dark mode now also works with Qt 5.12 and 5.13. + * When the metainfo in the completion database doesn't have the + expected structure, qutebrowser now tries to gracefully recover + from the situation instead of crashing. + * When qutebrowser displays an error during initialization, + opening a second instance would lead to a crash. Instead, + qutebrowser now ignores the attempt to open a new page as long + as it's not fully initialized yet. + * When the Brave adblock cache folder was unreadable, + qutebrowser crashed. It now displays an error instead. + * Fixes in the qute-pass userscript for gopass: + + Generating OTP tokens now works correctly. + + Storing the username as part of the secret broke in v2.0.0 + and now works again. + * When using bindings.key_mappings to map a key to multiple other + keys, qutebrowser would crash. This is now handled correctly - + however, note that it's usually better to map keys to commands + instead. + * When a minimized window is selected via :tab-select, it's now + un-minimized properly. + * When a format string in the config (e.g. tabs.title_format) + used a value like {current_url.host} (instead of + {current_url:host}), qutebrowser would crash. It now correctly + reports an invalid config value instead. + * In rare circumstances, sending URLs/commands to existing + instances would result in a crash, which is now fixed. + * Running the testsuite should now fully work without internet + access again. The --asciidoc script for mkvenv.py broke with + v1.14.0. It now works correctly again. + +------------------------------------------------------------------- +Fri Mar 12 11:12:54 UTC 2021 - Mia Herkt + +- Update to version 2.1.0 +Removed + * The following command aliases were deprecated in v2.0.0 and are + now removed: + + run-macro -> macro-run + + record-macro -> macro-record + + buffer -> tab-select + + open-editor -> edit-text + + toggle-selection -> selection-toggle + + drop-selection -> selection-drop + + reverse-selection -> selection-reverse + + follow-selected -> selection-follow + + follow-hint -> hint-follow + + enter-mode -> mode-enter + + leave-mode -> mode-leave + +Added + * New :screenshot command which can be used to screenshot the + visible part of the page. + * New qute-keepassxc userscript integrating with the KeePassXC + browser API. + +Changed + * Initial support for QtWebEngine 5.15.3 and PyQt 5.15.3/.4 + * The colors.webpage.prefers_color_scheme_dark setting got + renamed to colors.webpage.preferred_color_scheme and now takes + the values auto, light and dark (instead of being True for dark + and False for auto). Note that the light value is only + supported with Qt 5.15.2+, falling back to the same behavior as + auto on older versions. + * On Linux, qutebrowser now tries harder to find details about + the installed QtWebEngine version by inspecting the QtWebEngine + binary. This should reduce issues with dark mode (and some + workarounds) not working when using differing versions of + QtWebEngine/PyQtWebEngine/Qt. This change also prepares + qutebrowser for QtWebEngine 5.15.3, which will get released + without an updated Qt. + * When doing :hint links yank --rapid, the messages shown now + replace each other, thus being less noisy. + * Newlines in JavaScript messages (confirm, prompt and alert) are + now preserved. + * Messages in prompts are now word-wrapped rather than displaying + them in one long line. + * If a command starts with space (e.g. : open ..., it's now not + saved to command history anymore (similar to how some shells + work). + * When a tab is pinned, running :open will now open a new tab + instead of displaying an error. + * The fileselect.*.command settings now support file selectors + writing the selected paths to stdout, which is used if no {} + placeholder is contained in the configured command. + * The --debug-flag argument now understands a new + log-sensitive-keys value which logs all keypresses (including + those in insert/passthrough/prompt/... mode) for debugging. + * The readability and readability-js userscripts now add a + qute-readability CSS class to the page, so that it can be + styled easily via a user stylesheet. + +Fixed + * With QtWebEngine 5.15.3 and some locales, Chromium can't start + its subprocesses. As a result, qutebrowser only shows a blank + page and logs "Network service crashed, restarting service.". + This release adds a qt.workarounds.locale setting working + around the issue. It is disabled by default since distributions + shipping 5.15.3 will probably have a proper patch for it + backported very soon. + * The colors.webpage.preferred_color_scheme and + colors.webpage.darkmode.* settings now work correctly with + QtWebEngine 5.15.3. + * When dark mode settings were set, existing blink-features + arguments in qt.args (or --qt-flag) were overridden. They are + now combined properly. On QtWebEngine 5.15.2, auto detection + for the prefers-color-scheme media query is broken and always + returns no-preference, which was removed from the CSS WG + Specification. This release contains a workaround to always + return light instead (as per the spec). + * When an external file selector deletes the temporary file + (like nnn does when quitting the terminal), qutebrowser would + crash. It now displays an error instead. The same applies if + the temporary file is unreadable for any other reason. + * The quirk added for a missing String.replaceAll did not handle + special regexp characters correctly, thus breaking some sites. + It now handles them properly. + * The "try again" button on error pages now works correctly with + JavaScript disabled. + * If a GreaseMonkey script doesn't have a "@run-at" comment, + qutebrowser accidentally treated that as + "@run-at document-idle". However, other GreaseMonkey + implementations default to "@run-at document-end" instead, + which is what qutebrowser now does, too. + * The hist_importer.py script didn't work correctly after + qutebrowser v2.0.0 and resulted in a history database + qutebrowser couldn't read properly. It now works properly + again. + * With certain QtWebEngine versions (5.15.0 based on Chromium 80 + and 5.15.3 based on Chromium 87), Chromium's dark mode doesn't + invert certain SVG images, even with + colors.wegpage.darkmode.policy.images set to smart. + Most notably, this causes formulae on Wikipedia to display + black on (almost) black. If content.site_specific_quirks is + enabled, qutebrowser now injects some CSS as a workaround, + which inverts all math formula images on Wikipedia + (and potentially other sites, if they use the same CSS class). + * When a hint label text started with an apostrophe, it would + show an escaped text until the hints first character has been + pressed. It now shows up correctly. + +------------------------------------------------------------------- +Thu Feb 4 18:07:42 UTC 2021 - Mia Herkt + +- Update to version 2.0.2 +Fixed + * When right-clicking an empty part of the downloads bar, + qutebrowser v2.0.x would crash. This is now fixed. + * Setting content.cookies.store to false only worked properly + when this was done after qutebrowser was already started due to + a regression in v2.0.0. It now works as expected again. + * The changelog for v2.0.0 claimed that hints.leave_on_load was + set to true by default. However, the + input.insert_mode.leave_on_load setting was instead set to + true accidentally. This is now fixed by actually setting + hints.leave_on_load to true, and reversing the change to + input.insert_mode.leave_on_load so it is set to false by + default again. + * Site-specific quirk JavaScript files were loaded lazily rather + than preloaded at the start of qutebrowser, causing a crash + when e.g. switching between versions while qutebrowser is open. + Now they are preloaded at the start of qutebrowser again. + * The link to the keybinding cheatsheet on the internal :help + page wasn't displayed correctly. This is now fixed. + * When the completion rebuilding process was interrupted, + qutebrowser did not detect this condition on the next start, + thus resulting in a completion with inconsistent data. This is + now fixed, with another rebuild being forced with this update, + to ensure the data is consistent for all users. + * In certain scenarios, qutebrowser v2.0.x warned about + config.load_autoconfig(...) being missing when loading a + secondary config (e.g. via config.source(...)). It now only + shows those warnings for the main config.py file. + * The --enable-webengine-inspector flag is now accepted again, + however it's unused and undocumented. It purely exists to make + it possible to use :restart between pre-v2.0.x and v2.0.2+ + versions. + * When hints.dictionary pointed to a file not encoded as UTF-8, + this resulted in a crash (also in versions before v2.0.0). + It now properly displays an error instead. + * When running qutebrowser with a single empty commandline + argument, such as done by open_url_in_instance.sh, this would + result in a partially initialized window. Interacting with that + window results in a crash (also in versions before v2.0.0). + Instead, the startpage is now shown properly. + +------------------------------------------------------------------- +Sun Jan 31 23:14:05 UTC 2021 - Mia Herkt + +- Update to version 2.0.1 +Fixed +* When the adblocking method was switched using :set, and the + adblock dependency was unavailable when qutebrowser started + (but was installed while qutebrowser was open), this resulted + in a crash. Now a warning prompting for a restart of qutebrowser + is shown instead. + +Changed +* The format_json userscript now uses sh instead of bash again. +* The add-nextcloud-bookmarks, add-nextcloud-cookbook, readability + and ripbang userscripts now use a python3 rather than plain + python shebang. +* When QTWEBENGINE_CHROMIUM_FLAGS is set in the environment, this + causes flag handling (including workarounds for QtWebEngine + crashes) inside qutebrowser to break. This will be handled + properly in a future version, but this release now shows a + warning on standard output if this is the case. +* The config completion for fileselect.*.command now also includes + the "nnn" terminal file manager. + +------------------------------------------------------------------- +Thu Jan 28 09:01:57 UTC 2021 - Mia Herkt + +- Update to version 2.0.0 +If the Python adblock library is available, it is now used to +integrate Brave's Rust adblocker library for improved adblocking +based on ABP-like filter lists (such as EasyList). +If it is unavailable, qutebrowser falls back to host-blocking, +i.e. the same blocking technique it used before this release. +As part of this, various settings got renamed, see "Changed" +below. +Note: If the adblock dependency is available, qutebrowser will +ignore custom host blocking via the blocked-hosts config file or +file:/// URLs supplied as host blocking lists. You will need to +either migrate those to ABP-like lists, or set +content.blocking.method to "both". +Note for openSUSE users: The adblock library has not been packaged +yet due to the difficulty of packaging its Rust dependencies. + +Removed +* The --enable-webengine-inspector flag (which was only needed for + Qt 5.10 and below) is now dropped. With Qt 5.11 and newer, the + inspector/devtools are enabled unconditionally. +* Support for moving qutebrowser data from versions before v1.0.0 + has been removed. +* The --old flag for :config-diff has been removed. It used to show + customized options for the old pre-v1.0 config files (in order to + aid migration to v1.0). +* The :inspector command which was deprecated in v1.13.0 (in favor + of :devtools) is now removed. + +Deprecated +* Several commands have been renamed for consistency and/or easier + grouping of related commands. Their old names are still + available, but deprecated and will be removed in qutebrowser + v2.1.0. + + run-macro -> macro-run + + record-macro -> macro-record + + buffer -> tab-select + + open-editor -> edit-text + + toggle-selection -> selection-toggle + + drop-selection -> selection-drop + + reverse-selection -> selection-reverse + + follow-selected -> selection-follow + + follow-hint -> hint-follow + + enter-mode -> mode-enter + + leave-mode -> mode-leave + +Added +* New settings for the ABP-based adblocker: + + content.blocking.method to decide which blocker(s) should be + used. + + content.blocking.adblock.lists to configure ABP-like lists to + use. +* New qt.environ setting which makes it easier to set/unset + environment variables for qutebrowser. +* New settings to use an external file picker (such as ranger or + vifm): + + fileselect.handler (default or external) + + fileselect.multiple_files.command + + fileselect.single_file.command +* When QtWebEngine has been updated but PyQtWebEngine hasn't yet, + the dark mode settings might stop working. As a (currently + undocumented) escape hatch, this version adds a + QUTE_DARKMODE_VARIANT=qt_515_2 environment variable which can be + set to get the correct behavior in (transitive) situations like + this. +* New --desktop-file-name commandline argument, which can be used + to customize the desktop filename passed to Qt (which is used to + set the app_id on Wayland). +* The :open completion now also completes local file paths and + file:// URLs, via a new filesystem entry in + completion.open_categories. Also, a new completion.favorite_paths + setting was added which can be used to add paths to show when + :open is used without any input. +* New QUTE_VERSION variable for userscripts, which can be used to + read qutebrowser's version. +* New "Copy URL" entry in the context menu for downloads. +* New :bookmark-list command which lists all bookmarks/quickmarks. + The corresponding qute://bookmarks URL already existed since + v0.8.0, but it was never exposed as a command. +* New qt.workarounds.remove_service_workers setting which can be + used to remove the "Service Workers" directory on every start. + Usage of this option is generally discouraged, except in + situations where the underlying QtWebEngine bug is a known cause + for crashes. +* Changelogs are now shown after qutebrowser was upgraded. + By default, the changelog is only shown after minor upgrades + (feature releases) but not patch releases. This can be adjusted + (or disabled entirely) via a new changelog_after_upgrade setting. +* New userscripts: + + kodi to play videos in Kodi + + qr to generate a QR code of the current URL + + add-nextcloud-bookmarks to create bookmarks in Nextcloud's + Bookmarks app + + add-nextcloud-cookbook to add recipes to Nextcloud's Cookbook + app + +Changed +* config.py files now are required to have either + config.load_autoconfig(False) (don't load autoconfig.yml) or + config.load_autoconfig() (do load autoconfig.yml) in them. +* Various host-blocking settings have been renamed to accomodate + the new ABP-like adblocker: + + content.host_blocking.enabled -> content.blocking.enabled + (controlling both blockers) + + content.host_blocking.whitelist -> content.blocking.whitelist + (controlling both blockers) + + content.host_blocking.lists -> content.blocking.hosts.lists +* Changes to default settings: + + tabs.background is now true by default, so that new tabs get + opened in the background. + + input.partial_timeout is now set to 0 by default, so that + partially typed key strings are never cleared. + + hints.leave_on_load is now false by default, so that hint mode + doesn't get left when a page finishes loading. This can lead to + stale hints persisting in rare circumstances, but is better + than leaving hint mode when the user entered it before loading + was completed. + + The default for tabs.width (tab bar width if vertical) is now + 15% of the window width rather than 20%. + + The default bindings for moving tabs + (tab-move - and tab-move +) were changed from gl and gr to gK + and gJ, to be consistent with the tab switching bindings. + + The text color for warning messages is now black instead of + white, for increased contrast and thus readability. + + The default timeout for messages is now raised from 2s to 3s. +* On the first start, the history completion database is + regenerated to remove a few problematic entries (such as long + qute://pdfjs URLs). This might take a couple of minutes, but is + a one-time operation. This should result in a performance + improvement for the completion for affected users. +* qutebrowser now shows an error if its history database version is + newer than expected. This currently should never happen, but + allows for potentially backwards-incompatible changes in future + versions. +* At least Python 3.6.1 is now required to run qutebrowser, support + for Python 3.5 (and 3.6.0) is dropped. Note that Python 3.5 is + no longer supported upstream since September 2020. +* At least Qt/PyQt 5.12 is now required to run qutebrowser, support + for 5.7 to 5.11 (inclusive) is dropped. +* New optional dependency on the Python adblock library (see above + for details). +* The (formerly optional) cssutils dependency is now removed. + It was only needed for improved behavior in corner cases when + using :download --mhtml with the (non-default) QtWebKit backend, + and as such it's unlikely anyone is still relying on it. + The cssutils project is also dead upstream, with its repository + being gone after Bitbucket removed Mercurial support. +* The (formerly required) pygments dependency is now optional. + It is only used when using :view-source with QtWebKit, or when + forcing it via :view-source --pygments on QtWebEngine. If it is + unavailable, an unhighlighted fallback version of the page's + source is shown. +* The former runtime dependency on the pkg_resources module (part + of the setuptools project) got dropped. Note that setuptools is + still required to run setup.py. +* A new dependency on the importlib_resources module got introduced + for Python versions up to and including 3.8. Note that the stdlib + importlib.resources module for Python 3.7 and 3.8 is missing the + needed APIs, thus requiring the backports for those versions as + well. +* The former dependency on the attrs/attr package is now dropped in + favour of dataclasses in the Python standard library. On Python + 3.6, a new dependency on the dataclasses backport is now + required. +* The former dependency on the pypeg2 package is now dropped. This + might cause some changes for certain corner-cases for suggested + filenames when downloading files with the QtWebKit backend. +* The colors.webpage.darkmode.* settings are now also supported + with older Qt versions (Qt 5.12 and 5.13) rather than just with + Qt 5.14 and above. +* For regexes in the config (hints.{prev,next}_regexes), certain + patterns which will change meanings in future Python versions are + now disallowed. This is the case for character sets starting with + a literal [ or containing literal character sequences --, &&, ~~, + or ||. To avoid a warning, remove the duplicate characters or + escape them with a backslash. +* If prompt(..., "default") is used via JS, the default text is now + pre-selected in the prompt shown by qutebrowser. +* URLs such as ::1/foo are now handled as a search term or local + file rather than IPv6. Use [::1]/foo to force parsing as IPv6 + instead. +* The mkvenv.py script now runs a "smoke test" after setting up the + virtual environment to ensure it's working as expected. If + necessary, the test can be skipped via a new --skip-smoke-test + flag. +* Both qutebrowser userscripts and Greasemonkey scripts are now + additionally picked up from qutebrowser's config directory + (the userscripts and greasemonkey subdirectories of e.g. + ~/.config/qutebrowser/) rather than only the data directory + (the same subdirectories of e.g. ~/.local/share/qutebrowser/). +* The :later command now understands a time specification like 5m + or 1h5m2s, rather than just taking milliseconds. +* The importer.py script doesn't use a browser argument anymore; + instead its --input-format switch can be used to configure the + input format. The help also was expanded to explain how to use + it properly. +* If tabs.tabs_are_windows is set, the tabs.last_close setting is + now ignored and the window is always closed when using + :close (d). +* With the (default) QtWebEngine backend, if a custom accept header + is set via content.headers.custom, the custom value is now + ignored for XHR (XMLHttpRequest) requests. Instead, the sent + value is now */* or the header set from JavaScript, as it would + be if content.headers.custom wasn't set. +* The :tab-select completion now shows the underlying renderer + process PID if doing so is supported (on QtWebEngine 5.15). +* If tabs.favicons.show is set to never, favicons aren't + unnecessarily downloaded anymore. Thus, disabling favicons can + help with a possible fingerprinting vector. +* "Super" is now understood as a modifier (i.e. as alias to + "Meta"). +* Initial support for Python 3.10 (currently in Alpha stage). +* Various performance improvements, including for the startup time. + +Fixed +* With interpolated color settings (colors.tabs.indicator.* and + colors.downloads.*), the alpha channel is now handled correctly. +* Fixes to userscripts: + + format_json now uses env in its shebang, making it work + correctly on systems where bash isn't located in /bin. + + qute-pass now handles the MIME output format introduced in + gopass 1.10.0. + + qute-lastpass now types multiple < or > characters correctly. +* The :undo completion now sorts its entries correctly (by the + numerical index rather than lexicographically). +* The completion.web_history.ignore setting now works properly when + set in config.py (rather than via :set). Additionally, a + :config-source will not result in a history rebuild if the value + wasn't actually changed. +* When downloading a data: URL, the suggested filename is now + improved and contains a proper extension. Before this fix, + qutebrowser would use the URL's data contents as filename with + QtWebEngine; or "binary blob" with the Qt network stack. +* When :tab-only is run before a tab is available, an error is now + shown instead of crashing. +* A couple of long URLs (such as qute://pdfjs URLs) are now not + added to the history database anymore. +* A bug in QtWebEngine 5.15.2 causes "renderer process killed" + errors on websites like LinkedIn and TradingView. There is now a + workaround in qutebrowser to prevent this from happening. +* Nextcloud Calendars started using String.replaceAll which was + only added to Chromium recently (Chrome 85), so won't work with + current QtWebEngine versions. This release includes a workaround + (a polyfill as a site-specific-quirk). + +------------------------------------------------------------------- +Sun Dec 6 08:23:53 UTC 2020 - Mia Herkt + +- Update to version 1.14.1 +Added +With v1.14.0, qutebrowser configures the main window to be +transparent, so that it's possible to configure a translucent tab- +or statusbar. However, that change introduced various issues, such +as performance degradation on some systems or breaking dmenu window +embedding with its -w option. To avoid those issues for people who +are not using transparency, the default behavior is reverted to +versions before v1.14.0 in this release. A new window.transparent +setting can be set to true to restore the behavior of v1.14.0. + +Fixed +* Setting the content.headers.referer setting to same-domain (the + default) was supposed to truncate referers to only the host with + QtWebEngine. Unfortunately, this functionality broke in Qt 5.14. + It works properly again. +* with this release, including a test so this won't happen again. +* With QtWebEngine 5.15, setting the content.headers.referer + setting to never did still send referers. This is now fixed as + well. +* In v1.14.0, a regression was introduced, causing a crash when + qutebrowser was closed after opening a download with PDF.js. + This is now fixed. +* With Qt 5.12, the Object.fromEntries JavaScript API is + unavailable (it was introduced in Chromium 73, while Qt 5.12 is + based on 69). This caused https://www.vr.fi/en and possibly other + websites to break when accessed with Qt 5.12. A suitable polyfill + is now included with qutebrowser if content.site_specific_quirks + is enabled (which is the default). +* While XDG startup notifications (e.g. launch feedback via the + bouncy cursor in KDE Plasma) were supported ever since Qt 5.1, + qutebrowser's desktop file accidentally declared that it wasn't + supported. This is now fixed. +* The dmenu_qutebrowser and qutedmenu userscripts now correctly + read the qutebrowser sqlite history which has been in use since + v1.0.0. +* With Python 3.8+ and vertical tabs, a deprecation warning for an + implicit int conversion was shown. This is now fixed. +* Ever since Qt 5.11, fetching more completion data when that data + is loaded lazily (such as with history) and the last visible item + is selected was broken. The exact reason is currently unknown, + but this release adds a tenative fix. +* When PgUp/PgDown were used to go beyond the last visible item, + the above issue caused a crash, which is now also fixed. +* As a workaround for an overzealous Microsoft Defender + false-positive detecting a "trojan" in the (unprocessed) adblock + list, :adblock-update now doesn't cache the HTTP response anymore +* With the QtWebKit backend and content.headers set to same-domain + (the default), origins with the same domain but different schemes + or ports were treated as the same domain. They now are correctly + treated as different domains. +* When a URL path uses percent escapes + (such as https://example.com/embedded%2Fpath), using :navigate up + would treat the %2F as a path separator and replace any remaining + percent escapes by their unescaped equivalents. Those are now + handled correctly. +* The open_url_instance.sh userscript now complains when socat is + not installed, rather than silencing the error. +* The example AppArmor profile in misc/ was outdated and written + for the older QtWebKit backend. It is now updated to serve as a + useful starting point with QtWebEngine. +* With Qt 5.15.2, lines/borders coming from the readability-js + userscript were invisible. This is now fixed by changing the + border color to grey (with all Qt versions). +* Due to changes in the underlying Chromium, the + colors.webpage.prefers_color_scheme_dark setting broke with + Qt 5.15.2. It now works properly again. +* A bug in the pkg_resources module used by qutebrowser caused + deprecation warnings to appear on start with Python 3.9 on some + setups. Those are now hidden. +* Minor performance improvements. +* Fix for various functionality breaking in private windows with + v1.14.0, after the last private window is closed. This includes: + + Ad blocking + + Downloads + + Site-specific quirks (e.g. for Google login) + + Certain settings such as content.javascript.enabled + +------------------------------------------------------------------- +Sun Nov 15 17:22:38 UTC 2020 - Benjamin Greiner + +- Change sip requirement to the PyQt5.sip package instead of + deprecated python-sip + +------------------------------------------------------------------- +Thu Oct 15 21:57:47 UTC 2020 - Mia Herkt + +- Update to version 1.14.0 +This release still only contains partial session support for +QtWebEngine 5.15. It's still recommended to run against Qt 5.15 +due to the security patches contained in it -- for most users, +the added workarounds seem to work out fine. A rewritten session +support will be part of qutebrowser v2.0.0, tentatively planned +for the end of the year or early 2021. + +Changed + * The content.media_capture setting got split up into three more + fine-grained settings, content.media.audio_capture, + .video_capture and .audio_video_capture. Before this change, + answering "always" to a prompt about e.g. audio capturing would + set the content.media_capture setting, which would also allow + the same website to capture video on a future visit. Now every + prompt will set the appropriate setting, though existing + content.media_capture settings in autoconfig.yml will be + migrated to set all three settings. To review/change previously + granted permissions, use :config-diff and e.g. + :config-unset -u example.org content.media.video_capture. + * The main window's (invisible) background color is now set to + transparent. This allows using the alpha channel in + statusbar/tabbar colors to get a partially transparent + qutebrowser window on a setup which supports doing so. + * If QtWebEngine is compiled with PipeWire support and + libpipewire is installed, qutebrowser will now support screen + sharing on Wayland. Note that QtWebEngine 5.15.1 is needed. + * When :undo is used with a count, it now reopens the count-th + to last tab instead of the last one. The depth can instead be + passed as an argument, which is also completed. + * The default completion.timestamp_format now also shows the + time. + * :back and :forward now take an optional index which is + completed using the current tab's history. + * The time a website in a tab was visited is now saved/restored + in sessions. + * When attempting to download a file to a location for which + there's already a still-running download, a confirmation prompt + is now displayed. + * :completion-item-focus now understands next-page and prev-page + with corresponding / default bindings. + * When the last private window is closed, all private browsing + data is now cleared. + * When config.source(...) is used with a --config-py argument + given, qutebrowser used to search relative files in the config + basedir, leading to them not being found when using a shared + config.py for different basedirs. Instead, they are now + searched relative to the given config.py file. + * navigate prev ([[) and navigate next (]]) now recognize links + with nav-prev and nav-next classes, such as those used by the + Hugo static site generator. + * When tabs.favicons is disabled but tabs.tabs_are_windows is + set, the window icon is still set to the page's favicon now. + * Dark mode (colors.webpage.darkmode.*) is now supported with + Qt 5.15.2 (which is not released yet). + * The default for the darkmode policy.images setting is now set + to smart which fixes issues with e.g. formulas on Wikipedia. + * The readability-js userscript now adds some CSS to improve the + reader mode styling in various scenarios: + + Images are now shrinked to the page width, similarly to what + Firefox' reader mode does. + + Some images ore now displayed as block (rather than inline) + which is what Firefox' reader mode does as well. + + Blockquotes are now styled more distinctively, again based + on the Firefox reader mode. + + Code blocks are now easier to distinguish from text and + tables have visible cell margins. + * The readability-js userscript now supports hint userscript + mode. + +Added + * New argument strip for :navigate which removes queries and + fragments from the current URL. + * :undo now has a new -w / --window argument, which can be used + to restore closed windows (rather than tabs). This is bound to + U by default. + * :jseval can now take javascript:... URLs via a new --url flag. + * New replacement {aligned_index} for tabs.title.format and + format_pinned which behaves like {index}, but space-pads the + index based on the total numbers of tabs. This can be used to + get aligned tab texts with vertical tabs. + * New command :devtools-focus (bound to wIf) to toggle keyboard + focus between the devtools and web page. + * The --target argument to qutebrowser now understands a new + private-window value, which can be used to open a private + window in an existing instance from the commandline. + * The :download-open command now has a new --dir flag, which can + be used to open the directory containing the downloaded file. + An entry to do the same was also added to the context menu. + * Messages are now wrapped when they are too long to be displayed + on a single line. + * New possible --debug-flag values: + + wait-renderer-process waits for a SIGUSR1 in the renderer + process so a debugger can be attached. + + avoid-chromium-init allows using --version without needing + a working QtWebEngine/Chromium. + +Fixed + * A URL pattern with a *. host was considered valid and matched + all hosts. Due to keybindings like tsH toggling scripts for + *://*.{url:host}/*, invoking them on pages without a host + (e.g. about:blank) could result in accidentally + allowing/blocking JavaScript for all pages. Such patterns are + now considered invalid, with existing patterns being + automatically removed from autoconfig.yml. + * When scrolling.bar was set to overlay (the default), + qutebrowser would internally override any enable-features=... + flags passed via qt.args or --qt-flag. It now correctly + combines existing enable-feature flags with internal ones. + * Elements with an inherited contenteditable attribute now + trigger insert mode and get hints assigned correctly. + * When checkmarks, radio buttons and some other elements are + styled via the Bootstrap CSS framework, they now get hints + correctly. + * When the session file isn't writable when qutebrowser exits, + an error is now logged instead of crashing. + * When using -m with the qute-lastpass userscript, it + accidentally matched URLs containing the match as substring. + This is now fixed. + * When a filename is derived from a page's title, it's now + shortened to the maximum filename length permitted by the + filesystem. + * :enter-mode register crashed since v1.13.0, it now displays + an error instead. + * With the QtWebKit backend, webpage resources loading certain + invalid URLs could cause a crash, which is now fixed. + * When :config-edit is used but no config.py exists yet, the file + is now created (and watched for changes properly) before + spawning the external editor. + * When hint mode was entered from outside normal mode, the status + bar was empty instead of displaying the proper text. + This is now fixed. + * When entering different modes too quickly (e.g. pressing fV), + the statusbar could end up in a confusing state. This is now + fixed. + * When qutebrowser quits, running downloads are now cancelled + properly. + * The site-specific quirk for web.whatsapp.com has been updated + to work after recent changes in WhatsApp. + * Highlighting in the completion now works properly when UTF-16 + surrogate pairs (such as emoji) are involved. + * When a windowed inspector is clicked, insert mode now isn't + entered anymore. + * When :undo is used to re-open a tab, but tabs.tabs_are_windows + was set between closing and undoing the close, qutebrowser + crashed. This is now fixed. + * With QtWebEngine 5.15.0, setting the darkmode image policy to + smart leads to renderer process crashes. The offending setting + value is now ignored with a warning. + * Fixes for the qute-pass userscript: + + With newer gopass versions, a deprecation notice was copied + as password due to qute-pass using it in a deprecated way. + + The --password-store argument didn't actually set + + PASSWORD_STORE_DIR for pass, resulting in qute-pass finding + matches but the underlying pass not finding matching + passwords. + +------------------------------------------------------------------- +Fri Jul 17 19:42:28 UTC 2020 - Mia Herkt + +- Update to version 1.13.1 +Fixed + * With Qt 5.14, shared workers are now disabled. This works + around a crash in QtWebEngine on certain sites (like the Epic + Games Store or the Unreal Engine page). + * When a window is closed, the tab it contains are now correctly + shut down (closing e.g. any dialogs which are still open for + those tabs). + * The Qt 5.15 session workaround now loads the correct (rather + than the last) page when :back was used before saving a + session. + * Certain autoconfig.yml with an invalid structure could lead to + crashes, which are now fixed. + * Ever since Qt 5.9, when input.mouse.rocker_gestures was + enabled, the context menu still was shown when clicking the + right mouse button, thus preventing the rocker gestures. + This is now fixed. + * Clicking the inspector switched from existing modes (such as + passthrough) to normal mode since v1.13.0. Now insert mode is + only entered when the inspector is clicked in normal mode. + * Pulseaudio now shows qutebrowser's audio streams as qutebrowser + correctly, rather than showing them as Chromium with some Qt + versions. + * If :help was called with a deprecated command (e.g. :help + :inspector), the help page would show despite deprecated + commands not being documented. This now shows an error instead. + * The qute-lastpass userscript now filters out duplicate entries + with --merge-candidates. + +------------------------------------------------------------------- +Mon Jul 6 23:40:08 UTC 2020 - Mia Herkt + +- Update to version 1.13.0 +Deprecated + * The :inspector command is deprecated and has been replaced by + a new :devtools command (see below). + +Removed + * The :debug-log-level command was removed as it's replaced by + the new logging.level.console setting. + * The qute://plainlog special page got replaced by + qute://log?plain - the names of those pages is considered an + implementation detail, and :messages --plain should be used + instead. + +Changed + * Changes to commands: + + :config-write-py now adds a note about config.py files being + targeted at advanced users. + + :report now takes two optional arguments for bug/contact + information, so that it can be used without the report window + popping up. + + :message now takes a --logfilter / -f argument, which is a + list of logging categories to show. + + :debug-log-filter now understands the full logfilter syntax. + * Changes to settings: + + fonts.tabs has been split into + fonts.tabs.{selected,unselected} (see below). + + statusbar.hide has been renamed to statusbar.show with the + possible values being always (hide = False), + never (hide = True) or in-mode (new, only show statusbar + outside of normal mode). + + The QtFont config type formerly used for fonts.tabs and + fonts.debug_console is now removed and entirely replaced + by Font. The former distinction was mainly an implementation + detail, and the accepted values shouldn't have changed. + + input.rocker_gestures has been renamed to + input.mouse.rocker_gestures. + + content.dns_prefetch is now enabled by default again, + since the crashes it caused are now fixed (Qt 5.15) + or worked around. + + scrolling.bar supports a new overlay value to show an overlay + scrollbar, which is now the default. On unsupported + configurations (on Qt < 5.11, with QtWebKit or on macOS), + the value falls back to when-searching or never (QtWebKit). + + url.auto_search supports a new schemeless value which always + opens a search unless the given URL includes an explicit + scheme. + * New handling of bindings in hint mode which fixes various bugs + and allows for single-letter keybindings in hint mode. + * The statusbar now shows partial keychains in all modes + (e.g. while hinting). + * New t[Cc][Hh] default bindings which work similarly to the + t[Ss][Hh] bindings for JavaScript but toggle cookie permissions + * The tor_identity userscript now takes the password via a -p + flag and has a new -c flag to customize the Tor control port. + * Small performance improvements. + +Added + * New settings: + + logging.level.ram and logging.level.console to configure the + default logging levels via the config. + + fonts.tabs.selected and fonts.tabs.unselected to set the font + of the selected tab independently from unselected tabs + (e.g. to make it bold). + + input.mouse.back_forward_buttons which can be set to false + to disable back/forward mouse buttons. + * New :devtools command (replacing :inspector) with various + improved functionality: + + The devtools can now be docked to the main window, by running + :devtools left (wIh), bottom (wIj), top (wIk) or right (wIl). + To show them in a new window, use :devtools window (wIw). + Using :devtools (wi) will open them at the last used position + + The devtool window now has a "qutebrowser developer tools" + window title. + + When a resource is opened from the devtools, it now opens in + a proper qutebrowser tab. + + If opened as a window, the devtools are now closed properly + when the associated tab is closed. + + When the devtools are clicked, insert mode is entered + automatically. + +Fixed + * Crash when tabs.focus_stack_size is set to -1. + * Crash when a pdf.js file for PDF.js exists, but viewer.html + does not. + * Crash when there's a feature permission request from Qt with an + invalid URL (which happens due to a Qt bug with Qt 5.15 in + private browsing mode). + * Crash in rare cases where QtWebKit/QtWebEngine imports fail in + unexpected ways. + * Crash when something removed qutebrowser's IPC socket file and + it's been running for 6 hours. + * :config-write-py now works with paths starting with ~/... again + * New site-specific quirk for a missing globalThis in Qt <= 5.12 + on Reddit and Spotify. + * When ; is added to hints.chars, using hint labels containing ;; + now works properly. + * Hint letters outside of ASCII should now work. + * When bindings.key_mappings is used with hints, it now works + properly with letters outside of ASCII as well. + * With Qt 5.15, the audible/muted indicators are not updated + properly due to a Qt bug. This release adds a workaround + so that at least the muted indicator is shown properly. + * As a workaround for crashes with QtWebEngine versions between + 5.12 and 5.14 (inclusive), changing the user agent + (content.headers.user_agent) exposed to JS now requires + a restart. The corresponding HTTP header is not affected. + +------------------------------------------------------------------- +Tue Jun 2 13:01:22 UTC 2020 - Mia Herkt + +- Update to version 1.12.0 +Removed + * Support for using config.bind(key, None) in config.py to unbind + a key was deprecated in v1.8.2 and is now removed. + Use config.unbind(key) instead. + * :yank markdown was deprecated in v1.7.0 and is now removed. + Use :yank inline [{title}]({url}) instead. + +Added + * New :debug-keytester command, which shows a "key tester" + widget. Previously, that was only available as a separate + application via python3 -m scripts.keytester. + * New :config-diff command which opens the qute://configdiff + page. + * New --debug-flag log-cookies to log cookies to the debug log. + * New colors.contextmenu.disabled.{fg,bg} settings to customize + colors for disabled items in the context menu. + * New line selection mode (:toggle-selection --line), bound to + Shift-V in caret mode. + * New colors.webpage.darkmode.* settings to control Chromium's + dark mode. Note that those settings only work with QtWebEngine + on Qt >= 5.14 and require a restart of qutebrowser. + +Changed + * The content.cookies.accept setting now accepts URL patterns. + * The :tab-focus command now has completion for tabs in the + current window. + * The bindings.key_mappings setting now maps to the tab + key by default. + * :tab-give --private now detaches a tab into a new private + window. + +Fixed + * Using :open -s now only rewrites http:// in URLs to https://, + not other schemes like qute://. + * When an unhandled exception happens in certain parts of the + code (outside of the main thread), qutebrowser did crash or + freeze when trying to show its exception handler. + This is now fixed. + * :inspector now works correctly when cookies are disabled + globally. + * When entering caret selection mode (v, v) very early before a + page is loaded, an error is now shown instead of a crash + happening. + * The workaround for session loading with Qt 5.15 now handles + sessions.lazy_restore so that the saved page is loaded instead + of the "stub" page with no possibility to get to the web page. + * A site specific quirk to allow typing accented characters on + Google Docs was active for docs.google.com, but not + drive.google.com. It is now applied for both subdomains. + * With older graphics hardware (OpenGL < 4.3) with Qt 5.14 on + Wayland, WebGL causes segfaults. Now qutebrowser detects that + combination and suggests to disable WebGL or use XWayland. + +------------------------------------------------------------------- +Fri May 8 08:32:56 UTC 2020 - Mia Herkt + +- Update to version 1.11.1 + * CVE-2020-11054: After a certificate error was overridden by + the user, qutebrowser displays the URL as yellow + (colors.statusbar.url.warn.fg). However, when the affected + website was subsequently loaded again, the URL was mistakenly + displayed as green (colors.statusbar.url.success_https). + While the user already has seen a certificate error prompt + at this point (or set content.ssl_strict to false which is not + recommended), this could still provide a false sense of security. + This is now fixed. + +------------------------------------------------------------------- +Wed May 6 05:00:29 UTC 2020 - Mia Herkt + +- Update to version 1.11.0 +Added + * New settings: + + search.wrap which can be set to false to prevent wrapping + around the page when searching. With QtWebEngine, Qt 5.14 + or newer is required. + + content.unknown_url_scheme_policy which allows controlling + when an external application is opened for external links + (never, from user interaction, always). + + content.fullscreen.overlay_timeout to configure how long the + fullscreen overlay should be displayed. If set to 0, + no overlay is displayed. + + hints.padding to add additional padding for hints. + + hints.radius to set a border radius for hints + (set to 3 by default). + * New placeholders for url.searchengines values: + + {unquoted} inserts the search term without any quoting. + + {semiquoted} (same as {}) quotes most special characters, + but slashes remain unquoted. + + {quoted} (same as {} in earlier releases) also quotes slashes + +Changed + * First adaptions to Qt 5.15, including a stop-gap measure for + session loading not working properly with it. + * Searching now wraps around the page by default with QtWebKit + (where it didn't before). Set search.wrap to false to restore + the old behavior. + * The {} placeholder for search engines + (the url.searchengines setting) now does not quote slashes + anymore, but other characters typically encoded in URLs still + get encoded. This matches the behavior of search engines in + Chromium. To revert to the old behavior, use {quoted} instead. + * The content.windowed_fullscreen setting got renamed to + content.fullscreen.window. + * Mouse-wheel scrolling is now prevented while hints are active. + * Changes to userscripts: + + qute-bitwarden now has an optional --totp flag which can be + used to copy TOTP codes to clipboard + (requires the pyperclip module). + + readability-js now opens readability tabs next to the + original tab (using the :open --related flag). + + readability-js now displays a favicon for readability tabs. + + password_fill now triggers a change JavaScript event after + filling the data. + * The dictcli.py script now shows better error messages. + * Minor performance improvements. + +Deprecated + * A warning about old Qt versions is now also shown with Qt 5.9 + and 5.10, as support for Qt < 5.11 will be dropped in + qutebrowser v2.0. + +Fixed + * unsafeWindow is now defined for Greasemonkey scripts with + QtWebKit. + * The proxied window global is now shared between different + Greasemonkey scripts (but still separate from the page's + window), to match the original Greasemonkey implementation. + * The --output-messages (-m) flag added in v1.9.0 now also works + correctly when using :spawn --userscript. + * :version and --version now don't crash if there's an (invalid) + /etc/os-release file which has non-comment lines without + a = character. + * Scripts in scripts/ now report errors to stderr correctly, + instead of using stdout. + +------------------------------------------------------------------- +Sun Apr 19 16:08:25 UTC 2020 - Mia Herkt + +- Update to version 1.10.2 +Fixed + * The WhatsApp workaround now also works when using WhatsApp in + languages other than English. + +------------------------------------------------------------------- +Sun Feb 16 12:38:59 UTC 2020 - Martin Herkt <9+suse@cirno.systems> + +- Update to version 1.10.1 +Fixed + * Crash when saving data fails during shutdown (which was a + regression introduced in v1.9.0). + * Error while reading config.py when fonts.tabs or + fonts.debug_console is set to a value including default_size. + * When a state file contains invalid UTF-8 data, a proper error + is now displayed. + +Changed + * When the Qt version changes (and also on the first start of + v1.10.1 on Qt 5.14), service workers registered by websites are + now deleted. This is done as a workaround for QtWebEngine + issues causing crashes when visiting pages using service + workers (such as Google Mail/Drive). No persistent data should + be affected as websites can re-register their service workers, + but a (single) backup is kept at webengine/Service Worker-bak + in qutebrowser's data directory. + * Better output on stdout when config errors occur. + * The default for colors.statusbar.command.private.bg has been + changed to a slightly different gray, as a workaround for a Qt + issue where the cursor was invisible in that case. + +------------------------------------------------------------------- +Thu Feb 13 16:14:30 UTC 2020 - Tom Warnke + +- replace shebangs pointing to /usr/bin/bash with /bin/bash. This + removes the requirement /usr/bin/bash from the RPM. + Fixes boo#1163276. + +------------------------------------------------------------------- +Wed Feb 5 07:18:39 UTC 2020 - Martin Rey + +- Update to version 1.10.0 +Added + * New colors.webpage.prefers_color_scheme_dark setting which + allows forcing prefers-color-scheme: dark colors for websites + (QtWebEngine with Qt 5.14 or newer). + * New fonts.default_size setting which can be used to set a + bigger font size for all UI fonts. + +Changed + * The fonts.monospace setting has been removed and replaced by + fonts.default_family. The new default_family setting is + improved in various ways: + + It accepts a list of font families (or a single font family) + rather than a comma-separated string. As an example, instead + of fonts.monospace = "Courier, Monaco", use + fonts.default_family = ["Courier", "Monaco"]. + + Since a list is now accepted as value, no quoting of font + names with spaces is required anymore. As an example, + instead of fonts.monospace = '"xos4 Terminus"', use + fonts.default_family = 'xos4 Terminus'. + + It is now empty by default rather than having a long list of + font names in the default config. When the value is empty, + the system's default monospaced font is used. + * If monospace is now used in a font value, it's used literally + and not replaced anymore. Instead, default_family is replaced + as explained above. + * The default content.headers.accept_language value now adds a + ;q=0.9 classifier which should make the value sent more + in-line with what other browsers do. + * The qute-pass userscript now has a new --mode gopass switch + which uses gopass rather than pass. + * The tox -e mkvenv (or mkvenv-pypi) way of installing + qutebrowser is now replaced by a mkvenv.py script. See the + updated link:install{outfilesuffix}#tox[install instructions] + for details. + +Fixed + * When quitting qutebrowser, components are now cleaned up + differently. This should fix certain (rare) segmentation + faults and exceptions when quitting, especially with the new + exit scheme introduced in in PyQt5 5.13.1. + * Added a workaround for per-domain settings (e.g. a JavaScript + whitelist) not being applied in some scenarios with Qt 5.13 + and above. + * Added additional site-specific quirk for WhatsApp Web. + * The qute-pass userscript now works correctly when a + PASSWORD_STORE_DIR ending with a trailing slash is given. + +------------------------------------------------------------------- +Thu Jan 9 22:24:07 UTC 2020 - Martin Herkt <9+suse@cirno.systems> + +- Update to version 1.9.0 +Added + * Initial support for Qt 5.14. + * New content.site_specific_quirks setting which enables + workarounds for websites with broken user agent parsing + (enabled by default, see the "Fixed" section for fixed + websites). + * New qt.force_platformtheme setting to force Qt to use a given + platform theme. + * New tabs.tooltips setting which can be used to disable hover + tooltips for tabs. + * New settings to configure the appearance of context menus: + + fonts.contextmenu + + colors.contextmenu.menu.bg + + colors.contextmenu.menu.fg + + colors.contextmenu.selected.bg + + colors.contextmenu.selected.fg + +Changed + * The content.headers.user_agent setting now is a format string + with the default value resembling the behavior of it being set + to null before. This slightly changes the sent user agent for + QtWebKit: Instead of mentioning qutebrowser and its version + it now mentions the Qt version. + * The qute-pass userscript now has a new --extra-url-suffixes + (-s) argument which passes extra URL suffixes to the tldextract + library. + * A stack is now used for :tab-focus last rather than just saving + one tab. Additionally, :tab-focus now understands stack-prev + and stack-next arguments to traverse that stack. + * :hint now has a new right-click target which allows + right-clicking elements via hints. + * The Terminus font has been removed from the default monospace + fonts since it caused trouble with HighDPI setups. To get it + back, add either "xos4 Terminus" or Terminus (depending on + fontconfig version) to the beginning of the fonts.monospace + setting. + * As a workaround for a Qt bug causing a segfault, desktop + sharing is now automatically rejected on Qt versions before + 5.13.2. Note that screen sharing still won't work on Linux + before Qt 5.14. + * Comment lines in quickmarks/bookmarks files are now ignored. + However, note that qutebrowser will overwrite those files if + bookmark/quickmark commands are used. + * Reopening PDF.js pages from e.g. a session file will now + re-download and display those PDFs. + * Improved behavior when using :open-download in a sandboxed + environment (KDE Flatpak). + * qutebrowser now enables the new PyQt exit scheme, which should + result in things being cleaned up more properly (e.g. cookies + being saved even without a timeout) on PyQt 5.13.1 and newer. + * The :spawn command has a new -m / --output-messages argument + which shows qutebrowser messages based on a command's standard + output/error. + * Improved insert mode detection for some CodeMirror usages + (e.g. in JupyterLab and Jupyter Notebook). + * If JavaScript is disabled globally, file://* now doesn't + automatically have it enabled anymore. Run :set -u file://* + content.javascript.enabled true to restore the previous + behavior. + * Settings with URL patterns can now be used to affect the + behavior of the QtWebEngine inspector. Note that the underlying + URL is chrome-devtools://* from Qt 5.11 to Qt 5.13, but + devtools://* with Qt 5.14. + * Improvements when tabs.tabs_are_windows is set: + + Using :tab-take and :tab-give now shows an error, as the + effect of doing so would be equal to :tab-clone. + + The :buffer completion doesn't show any window sections + anymore, only a flat list of tabs. + * Improved parsing in some corner cases for the QtFont type + (used for fonts.tabs and fonts.debug_console). + * Performance improvements for the following areas: + + Adding settings with URL patterns + + Matching of settings using URL patterns + +Fixed + * Downloads (e.g. via :download) now see the same user agent + header as webpages, which fixes cases where overly restrictive + servers/WAFs closed the connection before. + * The logic for :restart has been revisited, which should fix + issues with relative basedirs. + * Remaining issues related to Python 3.8 are now fixed + (mostly warnings, especially on QtWebKit). + * Workaround for a Qt bug where a page never finishes loading + with a non-overridable TLS error (e.g. due to HSTS). + * The qute://configdiff page now doesn't show built-in settings + (e.g. javascript being enabled for qute:// and chrome:// pages) + anymore. + * The qute-lastpass userscript now stops prompting for passwords + when cancelling the password input. + * The tab hover text now shows ampersands (&) correctly. + * With QtWebEngine and Qt >= 5.11, the inspector now shows its + icons correctly even if loading of images is disabled via the + content.images setting. + * Entering a very long string (over 50k characters) in the + completion used to crash, now it shows an error message instead + * Various improvements for URL/searchengine detection: + + Strings with a dot but with characters not allowed in a URL + (e.g. an underscore) are now not treated as URL anymore. + + Strings like "5/8" are now not treated as IP anymore. + + URLs with an explicit scheme and a space (%20) are correctly + treated as URLs. + + Mail addresses are now treated as search terms. + + With url.open_base_url set, searching for a search engine + name now works. + + url.open_base_url = True together with + url.auto_search = 'never' is now handled correctly. + + Fixed crash when a search engine URL turns out to be invalid. + * New "site specific quirks", which work around some broken + websites: + + WhatsApp Web + + Google Accounts + + Slack (with older QtWebEngine versions) + + Dell.com support pages (with Qt 5.7) + + Google Docs (fixes broken IME/compose key) + +------------------------------------------------------------------- +Thu Dec 5 23:17:55 UTC 2019 - Martin Herkt <9+suse@cirno.systems> + +- Update to version 1.8.3 +Fixed + * Segmentation fault introduced in v1.8.2 when a tab gets closed + immediately after it has finished loading (e.g. with certain + login flows). + +------------------------------------------------------------------- +Tue Nov 26 04:39:55 UTC 2019 - Martin Herkt <9+suse@cirno.systems> + +- Update to version 1.8.2 +Fixed + * Unbinding keys via config.bind(key, None) accidentally worked + in v1.7.0 but raises an exception in v1.8.0. It now works + again, but is deprecated and shows an error. Note that + :config-py-write did write such invalid lines before v1.8.0, + so existing config files might need adjustments. + * The readability-js userscript now handles encodings correctly + (which it didn't before for some websites). + * can now be used to paste text starting with a hyphen. + * Following hints via the number keypad now works properly again. + * Errors while reading the state file are now displayed instead + of causing a crash. + * Crash when using :debug-log-level without a console attached. + * Downloads are now hidden properly when the browser is in + fullscreen mode. + * Crash when setting colors.webpage.bg to an empty value with + QtWebKit. + * Crash when the history database file is not a proper sqlite + database. + +------------------------------------------------------------------- +Thu Oct 17 22:57:12 UTC 2019 - Martin Herkt <9+suse@cirno.systems> + +- Update to version 1.8.1 +Added + * New userscripts: + + readability-js which uses Mozilla's node.js readability + library. + + qute-bitwarden which integrates the Bitwarden CLI. + +Changed + * The statusbar text for passthrough mode now shows all + configured bindings to leave the mode, not only one. + * When :config-source is used with a relative filename, the file + is now searched in the config directory instead of the current + working directory. + * HTML5 inputs with date/time types now enter insert mode when + selected. + * dictcli.py now shows where dictionaries are installed to and + complains when running it as root if doing so would result in + a wrong installation path. + * Changes to userscripts: + + qute-pass: Don't run pass if only a username is requested. + + qute-pass: Support private domains like myrouter.local. + + readability: Improved CSS styling. + * Performance improvements in various areas: + + Loading config files + + Typing without any completion matches + + General keyboard handling + + Scrolling + * :version now shows details about the loaded + autoconfig.yml/config.py. + * Hosts are now additionally looked up including their ports in + netrc files. + * With Qt 5.10 or newer, qutebrowser now doesn't force software + rendering with Nouveau drivers anymore. However, + QtWebEngine/Chromium still do so. + * The XSS Auditor is now disabled by default + (content.xss_auditing = false). This reflects a similar change + in Chromium, see their XSS Auditor Design Document for details. + +Fixed + * :config-write-py now correctly writes config.unbind(...) lines + (instead of config.bind(..., None)) when unbinding a default + keybinding. + * Prevent repeat keyup events for JavaScript when a key is held + down. + * ~/.config/qutebrowser/blocked-hosts can now also contain + /etc/hosts-like lines, not just simple hostnames. + * Restored compatibility with Jinja2 2.8 + * Fixed implicit type conversion warning with Python 3.8. + * The desktop file now sets StartupWMClass correctly, so the + qutebrowser icon is no longer shown twice in the Gnome dock + when pinned. + * Bindings involving keys which need the AltGr key now work + properly. + * Fixed crash (caused by a Qt bug) when typing characters above + the Unicode BMP (such as certain emoji or CJK characters). + * dictcli.py now works properly again. + * Shift can now be used while typing hint keystrings, which e.g. + allows typing number hints on French keyboards. + * With rapid hinting in number mode, backspace now edits the + filter text after following a hint. + * A certain type of error ("locking protocol") while initializing + sqlite now isn't handled as crash anymore. + * Crash when showing a permission request in certain scenarios. + +Removed + * At least Python 3.5.2 is now required to run qutebrowser, + support for 3.5.0 and 3.5.1 was dropped. + +------------------------------------------------------------------- +Thu Jul 18 15:27:22 UTC 2019 - Martin Herkt <9+suse@cirno.systems> + +- Update to version 1.7.0 +Added + * New settings: + + colors.tabs.pinned.* to control colors of pinned tabs. + + hints.leave_on_load which allows disabling leaving of hint + mode when a new page is loaded. + + colors.completion.item.selected.match.fg which allows + configuring the text color for the matching text in the + currently selected completion item. + + tabs.undo_stack_size to limit how many undo entries are kept + for closed tabs. + * New commands: + + :reverse-selection (o in caret mode) to swap the + stationary/moving ends of a selection. + * New commandline replacements: + + {url:domain}, {url:auth}, {url:scheme}, {url:username}, + {url:password}, {url:host}, {url:port}, {url:path}, + {url:query} for the respective parts of the current URL. + + {title} for the current page title. + * The {title} field in tabs.title.format, + tabs.title.format_pinned and window.title_format got renamed to + {current_title} (mirroring {current_url}) in order to not + conflict with the new {title} commandline replacement. + * New delete target for :hint which removes the hinted element + from the DOM. + * New --config-py commandline argument to use a custom config.py + file. + * Qt 5.13: Support for notifications (shown via system tray). + +Changed + * The desktop file qutebrowser.desktop is now renamed to + org.qutebrowser.qutebrowser.desktop. + * Pinned tabs now always show a favicon (even if the site doesn't + provide one) when shrinking. + * Setting downloads.location.directory now changes the directory + displayed in the download prompt even if + downloads.location.remember is set. + * The yank command gained a new inline argument, which allows to + e.g. use :yank inline [{title}]({url}). + * Duplicate consecutive history entries with the same URL are now + ignored. + * More detailed error messages when spawning a process failed. + * The content.pdfjs setting now supports domain patterns. + * Improved process status output with :spawn -o. + * The colors.tabs.bar.bg setting is now of type QssColor and thus + supports gradients. + * The :fullscreen command now understands a new --enter flag + which causes it to always enter fullscreen instead of toggling + the current state. + * --debug-flag stack is now needed to show stack traces on + renderer process crashes. + * --debug-flag chromium can be used to easily turn on verbose + Chromium logging. + * Permission prompts can now be answered with + Y (:prompt-accept --save yes) and N (:prompt-accept --save no) + to save the answer as a per-domain setting. + * content.dns_prefetch is now turned off by default, as it causes + crashes inside QtWebEngine. + * The (still unofficial) interceptor plugin API now contains + resource_type for a request and allows redirecting requests. + * :bookmark-remove now shows a message for consistency with + :bookmark-add. + * Very early segfaults are now also caught by the crash handler. + * The appdata XML now contains proper release information and an + (empty) OARS content rating. + * Improved Linux distribution detection. + * Qt 5.13: Request filtering now happens in the UI rather than + IO thread. + * Qt 5.13: Support for PDFium (Chromium's PDF viewer) is disabled + for now so that PDFs can still be downloaded + (or shown with PDF.js) properly. + * Various performance improvements (e.g. for showing hints or + the :open completion). + +Deprecated + * :yank markdown got deprecated, as :yank inline [{title}]({url}) + can now be used instead. + +Fixed + * Various QtWebEngine load signals are now handled differently, + which should fix issues with insert mode being left while + typing on sites like Google Translate. + * Race condition causing a colored statusbar in normal mode when + entering/exiting caret mode quickly. + * Using 100% for a hue in a hsv(...) config value now corresponds + to 359 (rather than 255), matching the fixed behavior in + Qt 5.13. + * Chaining commands with ;; used to abort with some failing + commands. It now runs the second command no matter whether the + first one succeeded or not. + * Handling of profiles and private windows (and resulting crashes + with Qt 5.12.2). + * Fixes for corner-cases when using :navigate increment/decrement + * The type for the colors.hints.match.fg setting was changed to + QtColor. + * Gradients were never supported for this setting, and with this + change, values like rgb(0, 0, 0) now work as well. + * Permission prompts now show a properly normalized URL with + QtWebKit. + * Crash on start when PyQt was built without SSL support with + Qt >= 5.12. + * Minor memory leaks. + +------------------------------------------------------------------- +Tue Jun 18 12:13:45 UTC 2019 - Martin Herkt <9+suse@cirno.systems> + +- Update to version 1.6.3 +Fixed + + * Crash when hinting and changing/closing the tab before hints + are displayed. + * Crash on redirects with Qt 5.13. + * Hide bogus AA_ShareOpenGLContexts warning with Qt 5.12.4. + * Workaround for renderer process crashes with Qt 5.12.4. + If you're unable to update, you can remove ~/.cache/qutebrowser + for the same result. + +------------------------------------------------------------------- +Mon May 6 21:15:52 UTC 2019 - Martin Herkt <9+suse@cirno.systems> + +- Update to version 1.6.2 +Fixed + + * Crash when SQL errors occur while using the completion. + * Crash when cancelling a download prompt started in an already + closed window. + * Crash when many prompts are opened at the same time. + * Running without Qt installed now displays a proper error again. + * High CPU usage when using the keyhint widget with a low delay. + +------------------------------------------------------------------- +Mon Apr 1 19:40:27 UTC 2019 - Martin Herkt <9+suse@cirno.systems> + +- Force sqlite backend to be installed, otherwise qtbrowser segfaults + bsc#1126269 + +------------------------------------------------------------------- +Wed Mar 20 06:05:39 UTC 2019 - Martin Herkt <9+suse@cirno.systems> + +- Update to version 1.6.1 +Fixed + + * Crash when using :config-{dict,list}-{add,remove} with an invalid setting. + * Functionality like hinting on pages with an element with ID _qutebrowser + (such as qutebrowser.org) on Qt 5.12. + * The .desktop file in v1.6.0 was missing the "Actions" key. + * The SVG icon now has a size of 256x256px set to comply with freedesktop + standards. + * Setting colors.statusbar.*.bg to a gradient now has the expected effect of + the gradient spanning the entire statusbar. + +------------------------------------------------------------------- +Tue Feb 26 01:48:56 UTC 2019 - Martin Herkt <9+suse@cirno.systems> + +- Update to version 1.6.0 +Added + + * New settings: + + tabs.new_position.stacking which controls whether new tabs + opened from a page should stack on each other or not. + + completion.open_categories which allows to configure which + categories are shown in the :open completion, and how they + are ordered. + + tabs.pinned.frozen to allow/deny navigating in pinned tabs. + + hints.selectors which allows to configure what CSS selectors + are used for hints, and also allows adding custom hint groups + + input.insert_mode.leave_on_load to turn off leaving insert + mode when a new page is loaded. + + * New config manipulation commands: + + :config-dict-add and :config-list-add to a new element to a + dict/list setting. + + :config-dict-remove and :config-list-remove to remove an + element from a dict/list setting. + + New :yank markdown feature which yanks the current URL and + title in markdown format. + + Support for new QtWebEngine features in Qt 5.12: + ~ Basic support for client certificates. Selecting the + certificate to use when there are multiple matching + certificates isn't implemented yet. + ~ Support for DNS prefetching (plus new content.dns_prefetch + setting). + +Changed + * :q now closes the current window instead of quitting + qutebrowser completely (:close), while :qa quits (:quit). + The behavior of :wq remains unchanged (:quit --save), as + closing a window while saving the session doesn't make sense. + * Completion highlighting is now done differently (using + QSyntaxHighlighter), which should fix some highlighting + corner-cases. + * The QtColor config type now also understands colors like + rgb(...). + * :yank now has a --quiet option which causes it to not display + a message. + * The :open completion now also shows search engines by default. + * The content.host_blocking.enabled setting now supports URL + patterns, so the adblocker can be disabled on a given page. + * Elements with a tabindex attribute now also get hints by + default. + * Various small performance improvements for hints and the + completion. + * The Wayland check for QtWebEngine is now disabled on + Qt >= 5.11.2, as those versions should work without any issues. + * The JavaScript console object is now available in PAC files. + * PAC proxies currently don't work properly on QtWebEngine (and + never did), so an error is now shown when trying to configure + a PAC proxy. + * The metainfo file qutebrowser.appdata.xml is now renamed to + org.qutebrowser.qutebrowser.appdata.xml. + * The qute-pass userscript now understands domains in gpg + filenames in addition to directory names. + * The autocompletion for content.headers.user_agent got updated + to only include the default and Chrome, as setting the UA to + Firefox has various bad side-effects. + * Combining Qt 5.12 with an older PyQt can lead to issues, so a + warning is now shown when starting qutebrowser with that + combination. + +Fixed + * Invalid world IDs now get rejected for :jseval and GreaseMonkey + scripts. + * When websites suggest download filenames with invalid + characters, those are now correctly replaced. + * Invalid hint length calculation in certain rare cases. + * Dragging tabs in the tab bar (which was broken in v1.5.0) + * Using Shift-Home in command mode now works properly. + * Workaround for a Qt bug which prevented + content.cookies.accept = no-3rdparty from working properly on + some pages like GMail. However, the default for + content.cookies.accept is still all to be in line with what + other browsers do. + * :navigate not incrementing in anchors or queries. + * Crash when trying to use a proxy requiring authentication with + QtWebKit. + * Slashes in search terms are now percent-escaped. + * When scrolling.bar = True was set in versions before v1.5.0, + this now correctly gets migrated to always instead of + when-searching. + * Completion highlighting now works again on Qt 5.11.3 and 5.12.1 + * The non-standard header X-Do-Not-Track is no longer sent. + * PAC proxies were never correctly supported with QtWebEngine, + but are now explicitly disallowed. + * Issues with fullscreen handling when exiting a video player. + * Various fixes for Qt 5.12 issues: + + A javascript error on page load was fixed. + + window.print() works with Qt 5.12 now. + + Fixed handling of duplicate download filenames. + + Fixed broken qute://history page. + + Fixed PDF.js not working properly. + + The download button in PDF.js now works (it's not possible + to make it work with earlier Qt versions). + + Since Greasemonkey scripts modifying the DOM fail when being + run at document-start, some known-broken scripts (Iridium, + userstyles.org) are now forced to run at document-end. + +------------------------------------------------------------------- +Sat Feb 23 19:28:37 UTC 2019 - Martin Herkt <9+suse@cirno.systems> + +- Require python3-qtwebengine-qt5 on TW + (package split since PyQt5 5.12) + +------------------------------------------------------------------- +Mon Oct 29 22:23:40 UTC 2018 - Martin Herkt <9+suse@cirno.systems> + +- Update to version 1.5.2: + * The content.cookies.accept setting is now set to all instead + of no-3rdparty by default, as no-3rdparty breaks various pages + such as GMail. + +------------------------------------------------------------------- +Wed Oct 10 17:50:18 UTC 2018 - Martin Herkt <9+suse@cirno.systems> + +- Update to version 1.5.1: + Fixed: + * Flickering when opening/closing tabs (as soon as more than + 10 are open) on some pages. + * Improved logging for PDF.js resources which fail to load. + * Crash when closing a tab after doing a search. + * Tabs appearing when hidden after e.g. closing tabs. + +------------------------------------------------------------------- +Wed Oct 3 18:23:48 UTC 2018 - Martin Herkt <9+suse@cirno.systems> + +- Update to version 1.5.0: + Added: + * Rewritten PDF.js support: + + PDF.js support and the content.pdfjs setting are now + available with QtWebEngine. + + Opening a PDF file now doesn't start a second request + anymore. + + Opening PDFs on https:// sites now works properly. + + New --pdfjs flag for prompt-open-download, so PDFs can be + opened in PDF.js with in the download prompt. + * New settings: + + content.mouse_lock to handle HTML5 pointer locking. + + completion.web_history.exclude which hides a list of URL + patterns from the completion. + + qt.process_model which can be used to change Chromium's + process model. + + qt.low_end_device_mode which turns on Chromium's low-end + device mode. This mode uses less RAM, but the expense of + performance. + + content.webrtc_ip_handling_policy, which allows more + fine-grained/restrictive control about which IPs are + exposed via WebRTC. + + tabs.max_width which allows to have a more "normal" look + for tabs. + + content.mute which allows to mute pages (or all tabs) by + default. + * Running qutebrowser with QtWebKit or Qt < 5.9 now shows a + warning (only once), as support for those is going to be + removed in a future release. + * New t[iI][hHu] default bindings (similar to tsh etc.) to + toggle images. + * The qute-pass userscript now has optional OTP support. + * When :spawn --userscript is called with a count, that count + is now passed to userscripts as $QUTE_COUNT. + Changed: + * Various performance improvements when many tabs are opened. + * The content.headers.referer setting now works on QtWebEngine. + * The :repeat command now takes a count which is multiplied + with the given "times" argument. + * The default keybinding to leave passthrough mode was changed + from to , which makes pasting from the + clipboard easier in passthrough mode and is also unlikely to + conflict with webpage bindings. + * The app_id is now set to qutebrowser for Wayland. + * Using :set option now shows the value of the setting + (like :set option? already did). + * The completion.web_history_max_items setting got renamed to + completion.web_history.max_items. + * Regenerating completion history now shows a progress dialog. + * The content.autoplay setting now supports URL patterns on + Qt >= 5.11. + * The content.host_blocking.whitelist setting now takes a list + of URL patterns instead of globs. + * In passthrough mode, Ctrl + Mousewheel now also gets passed + through to the page instead of zooming. + * Editing text in an external editor now simulates a JS "input" + event, which improves compatibility with websites reacting + via JS to input. + * The qute://settings page is now properly sorted on Python 3.5 + * :zoom, :zoom-in and :zoom-out now have a --quiet switch which + causes them to not display a message. + * The scrolling.bar setting now takes three values instead of + being a boolean: always, never, and when-searching (which + only displays it while a search is active). + * '@@' now repeats the last run macro. + * The content.host_blocking.lists setting now accepts a file:// + URL to a directory, and reads all files in that directory. + * The :tab-give and :tab-take command now have a new flag + --keep which causes them to keep the old tab around. + * :navigate now clears the URL query. + Fixed: + * qute:// pages now work properly on Qt 5.11.2 + * Error when passing a substring with spaces to :tab-take. + * Greasemonkey scripts which start with an UTF-8 BOM are now + handled correctly. + * When no documentation has been generated, the plaintext + documentation now can be shown for more files such as + qute://help/userscripts.html. + * Crash when doing initial run on Wayland without XWayland. + * Crash when trying to load an empty session file. + * :hint with an invalid --mode= value now shows a proper error. + * Rare crash on Qt 5.11.2 when clicking on