[qutebrowser] qutebrowser v1.14.1 released!

Florian Bruhin me at the-compiler.org
Fri Dec 4 22:36:02 CET 2020 

Hey,

A bit later than originally planned -- due to Qt 5.15.2 being late and
due to more and more bugs popping up -- I'm happy to announce that
qutebrowser v1.14.1 is released.

This release contains *a lot* of bug fixes, some of them rather
critical. Not sure if there ever was such a big bugfix release!
I can only recommend to upgrade, especially if you were on v1.14.0 :)

Here's the changelog:

Added
~~~~~

- With v1.14.0, qutebrowser configures the main window to be transparent, so
  that it's possible to configure a translucent tab- or statusbar. However, that
  change introduced various issues, such as performance degradation on some
  systems or breaking dmenu window embedding with its `-w` option. To avoid those
  issues for people who are not using transparency, the default behavior is
  reverted to versions before v1.14.0 in this release. A new `window.transparent`
  setting can be set to `true` to restore the behavior of v1.14.0.

Changed
~~~~~~~

- Windows and macOS releases now ship Qt 5.15.2, which is based on
  Chromium 83.0.4103.122 with security fixes up to 86.0.4240.183. This includes
  CVE-2020-15999 in the bundled freetype library, which is known to be exploited
  in the wild. It also includes various other bugfixes/features compared to
  Qt 5.15.0 included in qutebrowser v1.14.0, such as:
    * Correct handling of AltGr on Windows
    * Fix for `content.cookies.accept` not working properly
    * Fixes for screen sharing (some websites are still broken until an upcoming Qt
      5.15.3)
    * Support for FIDO U2F / WebAuth
    * Fix for the unwanted creation of directories such as `databases-incognito` in
      the home directory
    * Proper autocompletion in the devtools console
    * Proper signalisation of a tab's audible status (`[A]`)
    * Fix for a hang when opening the context menu on macOS Big Sur (11.0)
    * Hardware accelerated graphics on macOS

Fixed
~~~~~

- Setting the `content.headers.referer` setting to `same-domain` (the default)
  was supposed to truncate referers to only the host with QtWebEngine.
  Unfortunately, this functionality broke in Qt 5.14. It works properly again
  with this release, including a test so this won't happen again.
- With QtWebEngine 5.15, setting the `content.headers.referer` setting to
  `never` did still send referers. This is now fixed as well.
- In v1.14.0, a regression was introduced, causing a crash when qutebrowser was
  closed after opening a download with PDF.js. This is now fixed.
- With Qt 5.12, the `Object.fromEntries` JavaScript API is unavailable (it was
  introduced in Chromium 73, while Qt 5.12 is based on 69). This caused
  https://www.vr.fi/en and possibly other websites to break when accessed with Qt
  5.12. A suitable polyfill is now included with qutebrowser if
  `content.site_specific_quirks` is enabled (which is the default).
- While XDG startup notifications (e.g. launch feedback via the bouncy cursor
  in KDE Plasma) were supported ever since Qt 5.1, qutebrowser's desktop file
  accidentally declared that it wasn't supported. This is now fixed.
- The `dmenu_qutebrowser` and `qutedmenu` userscripts now correctly read the
  qutebrowser sqlite history which has been in use since v1.0.0.
- With Python 3.8+ and vertical tabs, a deprecation warning for an implicit int
  conversion was shown. This is now fixed.
- Ever since Qt 5.11, fetching more completion data when that data is loaded
  lazily (such as with history) and the last visible item is selected was broken.
  The exact reason is currently unknown, but this release adds a tenative fix.
- When PgUp/PgDown were used to go beyond the last visible item, the above issue
  caused a crash, which is now also fixed.
- As a workaround for an overzealous Microsoft Defender false-positive detecting
  a "trojan" in the (unprocessed) adblock list, `:adblock-update` now doesn't
  cache the HTTP response anymore.
- With the QtWebKit backend and `content.headers` set to `same-domain` (the
  default), origins with the same domain but different schemes or ports were
  treated as the same domain. They now are correctly treated as different domains.
- When a URL path uses percent escapes (such as
  `https://example.com/embedded%2Fpath`), using `:navigate up` would treat the
  `%2F` as a path separator and replace any remaining percent escapes by their
  unescaped equivalents. Those are now handled correctly.
- On macOS 11.0 (Big Sur), the default monospace font name caused a parsing error, thus
  resulting in broken styling for the completion, hints, and other UI components.
  They now look properly again.
- Due to a Qt bug, installing Qt/PyQt from prebuilt binaries on systems with a
  very old `libxcb-utils` version (notably, Debian Stable, but not Ubuntu since
  16.04 LTS) results in a setup which fails to start. This also affects the
  `mkvenv.py` script, which now includes a workaround for this case.
- The `open_url_instance.sh` userscript now complains when `socat` is not
  installed, rather than silencing the error.
- The example AppArmor profile in `misc/` was outdated and written for the
  older QtWebKit backend. It is now updated to serve as an useful starting
  point with QtWebEngine.
- When running `:devtools` on Fedora without the needed (optional) dependency
  installed, it was suggested to install `qt5-webengine-devtools`, which does
  not, in fact, exist. It's now correctly suggested to install
  `qt5-qtwebengine-devtools` instead.
- With Qt 5.15.2, lines/borders coming from the  `readability-js` userscript
  were invisible. This is now fixed by changing the border color to grey (with all
  Qt versions).
- Due to changes in the underlying Chromium, the
  `colors.webpage.prefers_color_scheme_dark` setting broke with Qt 5.15.2. It now
  works properly again.
- A bug in the `pkg_resources` module used by qutebrowser caused deprecation
  warnings to appear on start with Python 3.9 on some setups. Those are now
  hidden.
- Minor performance improvements.
- Fix for various functionality breaking in private windows with v1.14.0,
  after the last private window is closed. This includes:
    * Ad blocking
    * Downloads
    * Site-specific quirks (e.g. for Google login)
    * Certain settings such as `content.javascript.enabled`

Enjoy, and as usual, please let me know if you run into issues!

Florian

-- 
me at the-compiler.org (Mail/XMPP) | https://www.qutebrowser.org 
       https://bruhin.software/ | https://github.com/sponsors/The-Compiler/
       GPG: 916E B0C8 FD55 A072 | https://the-compiler.org/pubkey.asc
             I love long mails! | https://email.is-not-s.ms/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://listi.jpberlin.de/pipermail/qutebrowser/attachments/20201204/8576363d/attachment.asc>

More information about the qutebrowser mailing list