Skip to content

Releases: qutebrowser/qutebrowser

v3.1.0

08 Dec 15:39
v3.1.0
Compare
Choose a tag to compare

Check the changelog for changes in this release.

v3.0.2

19 Oct 18:52
v3.0.2
Compare
Choose a tag to compare

Check the changelog for changes in this release.

v3.0.1

19 Oct 18:25
v3.0.1
Compare
Choose a tag to compare

Check the changelog for changes in this release.

v3.0.0

18 Aug 14:26
v3.0.0
Compare
Choose a tag to compare

Check the changelog for changes in this release.

v2.5.4

13 Mar 21:15
v2.5.4
Compare
Choose a tag to compare

NOTE: This release is a source-only release, to fix a recent issue with changed sqlite options on FreeBSD. For Windows/macOS binary releases (and any environment where sqlite accepts double-quoted string literals), this release is equivalent to v2.5.3, thus no new binaries were uploaded here.

Fixed

  • Support SQLite with DQS (double quoted string) compile time option turned
    off.

v2.5.3

17 Feb 10:15
v2.5.3
Compare
Choose a tag to compare

Added

  • New array_at quirk, polyfilling the Array.at method, which is needed by various websites, but only natively available with Qt 6.2.

Fixed

  • Crash when the adblock filter file can't be read.
  • Inconsistent behavior when using :config-{dict,list}-* commands with an
    invalid value. Before the fix, using the same command again would complain that
    the value was already present, despite the error and the value not being
    actually changed.
  • Incomplete error handling when mutating a dict/list in config.py and setting
    an invalid value. Before the fix, this would result in either a message in the
    terminal rather than GUI (startup), or in a crash (:config-source).
  • Wrong type handling when using :config-{dict,list}-* commands with a config
    option with non-string values. The only affected option is bindings.commands,
    which is probably rarely used with those commands.
  • The readability userscript now correctly passes the source URL to
    Breadability, to make relative links work.
  • Update dictcli.py to use the main branch, fixing a 404 error.
  • Crash with some notification servers when the server did quit.
  • Minor documentation fixes

v2.5.2

22 Jun 13:32
v2.5.2
Compare
Choose a tag to compare

Fixed

  • Packaging-related fixes:
    • The install and stacktrace help pages are now included in the docs
      shipped with qutebrowser when using the recommended packaging workflow.
    • The Windows installer now more consistently uses the configured Windows
      colors.
    • The Windows installer now bases the desktop/start menu icon choices on
      the existing install, if upgrading.
    • The macOS release hopefully doesn't cause macOS to (falsely) claim that it
      "is damaged and can't be opened" anymore.
  • The notification fixes in v2.5.1 caused new notification crashes (probably
    more common than the ones being fixed...). Those are now fixed, along with a
    (rather involved) test case to prevent similar issues in the future.
  • When a text was not found on a page, the associated message would be shown as
    rich text (e.g. after /<h1>). With this release, this is fixed for search
    messages, while the 3.0.0 release will change the default for all messages to be
    plain-text. Note this is NOT a security issue, as only a small subset of HTML
    is interpreted as rich text by Qt, independently from the website.
  • When a Greasemonkey script couldn't be loaded (e.g. due to an unreadable file),
    qutebrowser would crash. It now shows an error instead.
  • Ever since the v1.2.0 release in 2018, the content.default_encoding setting
    was not applied on start properly (only when it was changed afterwards). This
    is now fixed.

v2.5.1

26 May 12:07
v2.5.1
Compare
Choose a tag to compare

Fixed

  • The qute-pass userscript is marked as executable again.
  • PDF.js now works properly again with the macOS and Windows releases.
  • The MathML workaround for darkmode (e.g. black on black Wikipedia formula)
    now also works for display (rather than inline) math.
  • The content.proxy setting can now correctly be set to arbitrary values via
    the qute://settings page again.
  • Fixed issues with Chromium version detection on Archlinux with
    qt5-webengine 5.15.9-3.
  • Fixed a rare possible crash with invalid Content-Disposition headers.
  • Fixes for various notification-related crashes:
    • With the tiramisu notification server (due to invalid behavior of the server, now a non-fatal error)
    • With the budgie notification server when closing a notification (due to invalid behavior of the server, now worked around)
    • When a server exits with an unsuccessful exit status (now a non-fatal error)
    • When a server couldn't be started successfully (now a non-fatal error)
    • With the herbe notification presenter, when the website tries to close
      the notification after the user accepting (right-clicking) it.
  • Fixes in userscripts:
    • The qute-bitwarden userscript now correctly searches for entries for
      sites on a subdomain of an unrecognized TLD. subdomain names. Previously
      my.site.local would have searched in bitwarden for my.sitelocal,
      losing the rightmost dot.

v2.5.0

01 Apr 16:29
v2.5.0
Compare
Choose a tag to compare

Deprecated

  • v2.5.x will be the last release of qutebrowser 2.
    For the upcoming 3.0.0 release, it's planned to drop support for various
    legacy platforms and libraries which are unsupported upstream, such as:
    • Qt before 5.15 LTS (plus adding support for Qt 6.2+)
    • Python 3.6
    • The QtWebKit backend
    • macOS 10.14 (via Homebrew)
    • 32-bit Windows (via Qt)
    • Windows 8 (via Qt)
    • Windows 10 before 1809 (via Qt)
    • Possibly other more minor dependency changes
  • The :rl-unix-word-rubout command (<Ctrl-W> in command/prompt modes) has
    been deprecated. Use :rl-rubout " " instead.
  • The :rl-unix-filename-rubout command has been deprecated. Use either
    :rl-rubout "/ " (classic readline behavior) or :rl-filename-rubout (using
    OS path separator and ignoring spaces) instead.

Changed

  • Improved message if a spawned process wasn't found and a Flatpak container is
    in use.
  • The :tab-move command now takes start and end as index to move a tab
    to the first/last position.
  • Tests now automatically pick the backend (QtWebKit/QtWebEngine) based on
    what's available. The QUTE_BDD_WEBENGINE environment variable and
    --qute-bdd-webengine argument got replaced by QUTE_TESTS_BACKEND and
    --qute-backend respectively, which can be set to either webengine or
    webkit.
  • Using :tab-give or :tab-take on the last tab in a window now always
    closes that window, no matter what tabs.last_close is set to.
  • Redesigned qute://settings (:set) page with buttons for options with
    fixed values.
  • The default hint.selectors now match more ARIA roles (tab, checkbox,
    menuitem, menuitemcheckbox and menuitemradio).
  • Using e.g. :bind --mode=passthrough now scrolls to the passthrough section
    on the qute://bindings page.
  • Clicking on a notification now tries to focus the tab where the notification
    is coming from. Note this might not work properly if there is more than one
    tab from the same host open.
  • Improvements to userscripts:
    • qute-bitwarden understands a new --password-prompt-invocation, which can
      be used to specify a tool other than rofi to ask for a password.
    • cast now uses yt-dlp if available (falling back to youtube-dl if not).
      It also lets users override the tool to use via a QUTE_CAST_YTDL_PROGRAM
      environment variable.
    • qute-pass now understands a new --prefix argument if used in gopass
      mode, which gets passed as subfolder prefix to gopass.
    • open_download now supports Flatpak by using its XDG Desktop Portal.
    • open_download now waits for the exit status of xdg-open, causing
      qutebrowser to report any issues with it.
  • The content.headers.custom setting now accepts empty strings as values,
    resulting in an empty header being sent.
  • Renamed settings:
    • qt.low_end_device_mode -> qt.chromium.low_end_device_mode
    • qt.process_model -> qt.chromium.process_model
  • System-wide userscripts are now discovered from the correct location when
    running via Flatpak (/app/share rather than /usr/share).
  • Filename prompts now don't display a .. entry in the list of files anymore.
    To get back to the parent directory, either type ../ manually, or use the new
    :rl-filename-rubout command, bound to <Ctrl-Shift-W> by default.

Added

  • New input.match_counts option which allows to turn off count matching for
    more emacs-like bindings.
  • New {relative_index} field for tabs.title.format (and .pinned_format)
    which shows relative tab numbers.
  • New input.mode_override option which allows overriding the current mode
    based on the new URL when navigating or switching tabs.
  • New qt.chromium.sandboxing setting which allows to disable Chromium's
    sandboxing (mainly intended for development and testing).
  • New QUTE_TAB_INDEX variable for userscripts, containing the index of the
    current tab.
  • New editor.remove_file setting which can be set to False to keep all
    temporary editor files after closing the external editor.
  • New :rl-rubout command replacing :rl-unix-word-rubout (and optionally
    :rl-unix-filename-rubout), taking a delimiter as argument.
  • New :rl-filename-rubout command, using the OS path separator and ignoring
    spaces. The command also gets shown in the suggested commands for a download
    filename prompt now.

Fixed

  • When search.incremental is disabled, searching using /text followed by a
    backwards search via ?text (or vice-versa) now correctly changes the search
    direction.
  • Elements getting a hint due to a tabindex now are skipped if it's set to
    -1, reducing some false-positives.
  • The audible indicator ([A]) now uses a 2s cooldown when the audio goes
    silent, equivalent with the behavior of older QtWebEngine versions.
  • With confirm_quit set to downloads, the confirmation dialog is now only
    shown when closing the last window (rather than closing any window, which
    would continue running that window's downloads). Unfortunately, more issues
    with confirm_quit and multiple windows remain.
  • Crash when a previous crash-log file contains non-ASCII characters (which
    should never happen unless it was edited manually)
  • Due to changes in Debian, an old workaround (for broken QtWebEngine patching
    on Debian) caused the inferior qutebrowser error page to be displayed, when
    Chromium's would have worked fine. The workaround was now dropped.
  • Crash when using <Ctrl-D> (:completion-item-del) in the :tab-focus
    list, rather than :tab-select.
  • Work around a Qt issue causing :spawn to run executables from the current
    directory if no system-wide executable was found. The underlying Qt bug is
    tracked as CVE-2022-25255,
    though the impact with typical qutebrowser usage is low: Normally,
    qutebrowser is run from a fixed location (usually the users home directory),
    and :spawn is not typically used with executables that don't exist. The main
    security impact of this bug is in tools like text editors, which are often
    executed in untrusted directories and might attempt to run auxiliary tools
    automatically.
  • When :rl-rubout or :rl-filename-rubout (formerly :rl-unix-word-rubout
    and :rl-unix-filename-rubout) were used on a string not starting with the
    given delimiter, they failed to delete the first character, which is now fixed.
  • Fixes in userscripts:
    • ripbang now works again (it got blocked due to a missing user agent and
      used outdated qutebrowser commands before)
    • keepassxc now has a properly working --insecure flag
  • Speculative fix for an immediate crash at start with the macOS/Windows
    binaries (in certain rare environments).
  • Speculative fix for a qutebrowser crash when the notification daemon crashes
    while showing the notification.
  • Fix crash when using :screenshot with an invalid --rect argument.
  • Added a site-specific quirk to make cookie dialogs on StackExchange pages
    (such as Stack Overflow) work on Qt 5.12.

v2.4.0

21 Oct 17:04
v2.4.0
Compare
Choose a tag to compare

Security

Added

  • New content.blocking.hosts.block_subdomains setting which can be used to disable the subdomain blocking for the hosts-based adblocker introduced in v2.3.0.
  • New downloads.prevent_mixed_content setting to prevent insecure mixed-content downloads (true by default).
  • New --private flag for :tab-clone, which clones a tab into a new private window, mirroring the same flags for :open and :tab-give.

Fixed

  • Switching tabs via mouse wheel scrolling now works properly on macOS. Set tabs.mousewheel_switching to false if you prefer the previous behavior.
  • Speculative fix for a crash when closing qutebrowser while a systray notification is shown.