2025.01.05.1

Phoenix now has an official icon :D

Credit to @Modaresisofthard for designing it - huge thanks to them for their great work as always :)

---

• Phoenix on desktop no longer clears cookies & site data on exit by default (Except for our specialized YouTube config). Not an easy choice to make - but it's best we leave this to users to decide. Firefox's current approach to site exceptions also has its own drawbacks, and Mozilla needs to make it more user-friendly to set. We still clear cache, history, & sessions on exit by default.

• Set extensions.update.autoUpdateDefault to true to ensure users are always notified of extension updates.

• We now disable unsafe negotiations (via setting security.ssl.require_safe_negotiation to true) for all configs. This was previously only set on Extended Hardening & the specialized configs, though appears to cause little to 0 breakage, so now it's set everywhere :).

• New browser.phoenix.version pref to allow easily checking & confirming your version of Phoenix from within the browser...

• Added more preferences from Firefox's ETP Strict tracking protection to Phoenix's Android configs, to ensure that they are always enabled.

• Other minor tweaks & fixes.

---

Codeberg: See here for more details.

GitHub: See here for more details.

---

:)

20250103.1

Phoenix is now officially supported on Debian/Ubuntu & Android! 🎉 Huge thank you to @Modaresisofthard for their incredible work, time, and assistance in making this Debian release possible. 💜

Debian/Ubuntu users can now install Phoenix simply by using the unified installation script. Android users should see here for installation steps & more details.

I'd also like to officially announce a brand new community Matrix Space (Recommended) and Discord Server! Feel free to join if you'd like to discuss Phoenix, need support, have any questions or concerns, would like to help with development... or simply want to chat. :)

---

• Fixed IPv6 connectivity issues when DNS over HTTPS is enabled by setting network.dns.preferIPv6 to true. - https://codeberg.org/divested/brace/pulls/5

• Enabled Geoclue for GNU/Linux users, so that that they can rely on the Geolocation service their distribution is using, which may be preferable over BeaconDB (our current provider). BeaconDB is still used as a fallback in such cases. Geoclue can be disabled by setting geo.provider.use_geoclue in your about:config to false.

• Disabled middle mouse clicks from pasting clipboard content by default, as it's far too easy to accidentally press & unintentionally paste content (Which can potentially be sensitive...), by setting middlemouse.paste to false. You can re-enable middle mouse clicks pasting clipboard content by setting middlemouse.paste in your about:config to true, though this is not recommended.

• Fixed issues opening HTML files by removing the network.buffer.cache.count & network.buffer.cache.size prefs - yokoffing/Betterfox#279.

• Set apz.overscroll.enabled to true by default to enhance smooth scrolling. You can revert this change by setting apz.overscroll.enabled to false in your about:config.

• Spellcheck is now enabled for both single-line and multi-line text boxes by default. To revert to Firefox's default behavior of only checking single-line text boxes, change layout.spellcheckDefault to 1 in your about:config. https://codeberg.org/celenity/Phoenix/issues/33

• Introduced a new specialized config for Element.

• Disabled Network Error Logging by setting network.http.network_error_logging.enabled to false.

• Various other minor tweaks, fixes, & enhancements.

---

Codeberg: See here for more details.

GitHub: See here for more details.

---

:)

20241229-1

---

• We no longer set Firefox's locale to en-US by default, as this caused lots of weird issues & breakage - and in general is out of scope for the project - https://codeberg.org/celenity/Phoenix/issues/10 (intl.accept_languages & intl.locale.requested).

• Disabled XFA in pdf.js, due to security reasons - https://codeberg.org/celenity/Phoenix/commit/186d4eed51d43da257a050aca396704e6863fb3f (pdfjs.enableXfa).

• If a website asks for a user's personal certificate, Phoenix will always ask the user first, rather than automatically choose one. This was already the default behavior - but now we've enforced it (security.default_personal_cert).

• Enforced that Firefox can never access the Windows Shell... This was already the default behavior - but now we've enforced it (network.protocol-handler.external.shell).

• Ensured that the user is always warned before Firefox launches an external program. This was already the default behavior for all protocols except mailto:, but now we enforce it, as well as for mailto: (network.protocol-handler.warn-external-default, network.protocol-handler.warn-external.mailto, & security.external_protocol_requires_permission).

• BadBlock+ is now enabled by default in uBlock Origin.

• Updated our uBlock Origin configuration (assets.json) to match latest upstream changes - https://codeberg.org/celenity/Phoenix/commit/ab1ee070d6b1b32b23ccef5e5b2eccc360c703bd.

• Improved documentation & the README.

• Various other minor tweaks, fixes, & enhancements.

---

Codeberg: See here for more details.

GitHub: See here for more details.

---

:)

20241225-1

🎄 Merry Christmas to those who celebrate! 🎅

---

Since the last release:

• Fixed sanitizing cookies & site data by default. This was already Phoenix's intended behavior, but it appears to have been working improperly - so this fixes it. Preferences related to sanitizing are also now unlocked - so you may easily override this behavior via about:preferences#privacy or the about:config if desired (though this is not recommended).

• Added support for installing Phoenix on macOS if Firefox is installed in ~/Applications (Previously, only /Applications was supported).

• Hardened Firefox's sandboxing - 6927a98.

• Removed useless Firefox View preferences - ae60e05.

• Set 'browser.search.separatePrivateDefault' to false by default to ensure Google isn't set as the default search engine for private browsing windows...

• WebXR/Virtual Reality is now only disabled by default, instead of being locked. This preference isn't fingerprintable - still useful to disable by default for reducing attack surface, but now users can override & enable this functionality if they really want to for whatever reason.

• Unlocked preferences so that users may now disable automatic updates of add-ons and system extensions via the about:config - though this is NOT RECOMMENDED.

• We no longer enable Web Task Scheduling (`'dom.enable_web_task_scheduling') by default - as it appears to be causing issues (yokoffing/Betterfox#355) & is still experimental.

• Extensions can now only be installed from profile & application directories - This prevents extensions being installed from the system itself/via other programs...

• Revamped & heavily improved Phoenix's README & Wiki/Documentation.

• General clean-up & improvements to project organization.

• Various tweaks & fixes.

---

Codeberg: See here for more details.

GitHub: See here for more details.

---

:)

20241216-1

Welcome to the new Phoenix! 🎉

---

This is a major update, with fundamental changes to Phoenix's design & how it operates.

The most notable difference is that Phoenix is now entirely local. You can see details here as to why this decision was made & the major benefits it will provide in terms of privacy, security, performance, usability, etc.

This is currently available for users of Arch Linux, Fedora Linux, & macOS. Debian installations are currently broken anyways at the moment :/ and are being re-worked in the near future, as a top priority.

Simply run the upgrade script for your platform, and it'll handle everything for you:

sudo bash -c "$(curl -fsSL https://phoenix.celenity.dev/upgrade.sh)"

Once it's complete, you should be good to go!

Can't wait to see what you think :) - looking forward to any and all feedback!

---

Codeberg: See here for more details.

GitHub: See here for more details.

---

:)

20241211-1

---

Notes

• There is now a single, unified installer script for installing Phoenix on GNU/Linux distributions & macOS (as well as an uninstaller script to compliment it). Huge thanks to @Modaresisofthard for their work and contribution. 💜
• Heavily improved macOS install & uninstall scripts.
• Updated our uBlock Origin config to match latest upstream changes.
• Our uBlock Origin config now includes BadBlock - Ethical Whitelist as an optional whitelist, not enabled by default. See the introduction here for more details.
• Enabled the use of our custom uBlock Origin config on LibreWolf & forks. We currently don't support LibreWolf, but this is useful for if we decide to in the future.
• Amazon, Bing, & Google built-in search engines will now be fully removed for users on Firefox ESR releases.
• Our macOS Homebrew Tap has changed from celenity/Phoenix-Policies-macOS to simply celenity/tap. No action is required for existing macOS installations, due to Codeberg's automatic redirects.
• If the user configures a proxy, we prevent the browser from bypassing it by default.
• Changed certain proxy preferences we set from locked to default, so that the user may change them if they choose to do so.
• Prompts for users to 'refresh' their Firefox profile have been disabled, as it could cause severe issues with Phoenix users (especially those using one of our user.js files.
• Post Quantum Encryption is further enforced where possible.
• Several important preferences have been added to our policies (in addition to our .cfg files) for defense in depth. (See specifics here)
• Users may now install the FMHY SafeGuard extension directly from GitHub at their own discretion.
• Added policies for defense in depth against dangerous 'Data Loss Prevention'/'ContentAnalysis' functionality. (See specifics here)
• Disabled Mozilla feedback prompts & Mozilla's Web Compatibility Reporter - We don't want users bothering Mozilla due to our customizations; feedback & issues should be filed with us directly. Additionally, in the case of the Web Compatibility Reporter, disabling it also decreases attack surface & potentially improves performance.
• Other minor tweaks & enhancements

Codeberg: See here for more details.

GitHub: See here for more details.

---

:)

20241204-1

Release

---

Lots of updates here:

• Hardened Phoenix's local and remote config files to prevent us or an attacker (if we ever compromised) from having the ability to override the user's homepage. Downside is that users will no longer be able to easily set a different browser homepage via about:preferences, however they can still set an override via editing their local 'phoenix.cfg', which will persist as we don't remotely update it. See here: https://codeberg.org/celenity/Phoenix/issues/18#issuecomment-2490737 for more details on Phoenix's approach to security and protecting users, even in the worst case scenarios, and even from ourselves. Due to these updates, you are HIGHLY recommend to re-install Phoenix (specifically, the local 'phoenix.cfg' file and 'phoenix.js' files should be updated).

• Placed further restrictions on the installation of extensions, to ensure that we're only granting this capability to websites (with user permission) where it's absolutely necessary.

• Fixed a strange bug that prevented users from installing extensions from the GitHub repos we allow in certain instances (primarily if the .xpi was file was on a past page of releases)

• Heavy consolidated policies. There are no longer separate policies for Windows/macOS & Linux. 'Personal-Dev-Nightly-Policies' have also been fully deprecated. Users can now choose from either our Standard Policies, or 'No-Sync' (or my Personal policies at their own discretion....).

• Added policies to ensure that the user can always access about:addons, about:config, about:profiles, & about:support.

• Added a policy to always display the bookmark toolbar by default. Can be overriden by users depending on their preference.

• Added a policy to ensure that users are always notified if there is an attempt to activate dangerous, invasive 'Content Analysis' functionality.

• Firefox will no longer offer to save passwords for users by default. Can be overriden, though users are highly recommended to use secure password managers instead, such as Bitwarden or Proton Pass.

• Fully disabled Password Manager on my Personal Policies & set to install Bitwarden by default

• Disabled the annoying 'Profile Import' functionality on my Personal Policies

• Added a 'Phoenix Policies Initialized' policy, as well as 'Phoenix Initialized' & 'Phoenix Applied' prefs, to make Phoenix easier to debug & confirm whether it is working as expected.

• Various other minor tweaks & enhancements

---

See https://github.com/celenityy/Phoenix/commits/pages for more details

:)

20241203-1

Release

• Various tweaks, changes, and enhancements, as well as hardening. Users are recommended to re-install Phoenix if possible for their platform of choice.

• See https://github.com/celenityy/Phoenix/commits/pages/ for more details - future releases will have full notes and more information.

:)

20241103-1

Release

• Updates search engines

See https://github.com/celenityy/Phoenix/commits/pages/

:)

20240924-1

Release

See https://github.com/celenityy/Phoenix/commits/pages/

:)