Pale Moon v.29.2.0 will also introduce an incompatibility in third-party themes. Can any W. members, show this incompatibility? TH.
Pale Moon 29.2.0 does not support legacy Firefox extensions anymore that are not ported April 28, 2021 https://www.ghacks.net/2021/04/28/p...refox-extensions-anymore-that-are-not-ported/
@nicolaasjan If you have upgraded to Pale Moon 29.2.0 would you be so kind as to make a test: https://addons.thunderbird.net/en-us/thunderbird/addon/fox-grey/ and then check if the third-party theme is blocked? Th. P.S. I myself use this theme with NM28.
Pale Moon 29.3.0 Released (2021-07-19/20) Website Release Notes Download Spoiler: Changes 29.3.0 v29.3.0 (2021-07-19/20) This is a development, bugfix and security release. Changes/fixes: "Web Developer" is now called "Developer Tools" in the menus. Updated and aligned about:home, the QuickDial page and logopage styling. Re-organized the privacy category in the preferences window. Enabled brotli compression for http for sites that support it. See implementation notes. Implemented EventTarget as a constructor. Updated Windows 10 toolkit styling. Updated the port blacklist (removed 10080). See implementation notes. CSS: Implemented calc() and animation support for stroke-dashoffset. Added support for checking boolean preferences to chrome CSS style sheets, to support more advanced theming options. Added support for dynamic dark color capable themes in CSS. Updated ResizeObserver implementation to a more recent specification. See implementation notes. Removed a metric ton of Macintosh code. Removed obsolete system theme support from the layout engine. Fixed several crashes. Linux: blocked particularly old versions of Mesa/Nouveau drivers due to issues. Security issues addressed: CVE-2021-30547 and several other issues that don't have a CVE number. Unified XUL Platform Mozilla Security Patch Summary: 3 fixed, 3 DiD, 2 deferred (DiD), 12 not applicable. Implementation notes: Brotli compression (introduced a few years back) has originally been restricted to https only in web browsers because there was some concern about interaction with middleware boxes with poor design trying to transparently recompress data not recognizing the new compression stream type and causing failures. The kind of processing done in those boxes (SDCH) has long since been deprecated. Since then, the segregation for Brotli between http and https has been maintained by Chrome and Firefox as a vessel to further promote https over http by artificially keeping http less efficient (denying the use of the more dense Brotli compression). Since there is no technical reason not to enable Brotli over http, we will accept (by way of Accept-encoding) Brotli over plain http from this version on, offering up to 20% less bandwidth use when servers also support it. We maintain a blacklist of ports that should not be addressed from a browser (primarily to prevent scripted abuse). Not too long ago we updated these ports with a number of additional (higher range) ones, including port 10080 (Amanda). Unfortunately there is too much overlap with other common services/devices that also use this (arbitrarily chosen) port, so we've removed this particular port again from our blacklist. The ResizeObserver implementation was changed to now support the updated specification for this API, including the experimental properties contentBoxSize and borderBoxSize which allows finer control to respond to size changes of elements. The old spec sizing property of contentRect remains supported for web compatibility.
Pale Moon 29.4.0 Released (2021-08-17) Website Release Notes Download Spoiler: Changes 29.4.0 v29.4.0 (2021-08-17) This is a development, bugfix and security release. Our release schedule was adjusted here to provide web compatibility improvements and not just a security update this month. Changes/fixes: Implemented promise.allSettled(). Implemented global origin on windows and workers. Improved performance of memory allocations. Updated libcubeb to the current development version. This improves OSS compatibility and addresses potential crashes, performance issues and security issues. Updated SQLite to 3.36.0. Improved thread safety of the web content cache. DiD Added several fixes to avoid potential crashes and security issues. DiD Unified XUL Platform Mozilla Security Patch Summary: 5 DiD, 12 not applicable.
Pale Moon 29.4.2 Released (2021-11-09) Website Release Notes Download Spoiler: Changes v29.4.2 Changes/fixes: Fixed a spec compliance issue with IDN that could potentially cause confusion of domain names. Fixed several intermittent thread sanity issues. DiD Fixed a potential UAF risk in certain situations in networking. DiD Fixed a potential crash risk (not exposed). DiD Fixed a potential spoofing risk using form validation. (CVE-2021-38508) Fixed a script sandbox escape issue through XSLT. (CVE-2021-38503) Unified XUL Platform Mozilla Security Patch Summary: 3 fixed, 1 already applied, 4 DiD, 7 not applicable. Security notice: If you have enabled HTTP Alternative Services for Opportunistic Encryption, it is strongly recommended you disable this at this time through Preferences -> Security -> Opportunistic Encryption -> Enable HTTP Alternative Services for Opportunistic Encryption. This inherently weak transitional technology for http -> https has been compromised and can be abused (partial opt-in bypass). Note that our platform default for this setting (and any other OE) is disabled due to these kinds of inherent risks, as well as lack of transparency about the connection and server contacted. See CVE-2021-38507 for more details about this problem.
Pale Moon 30.0.0 Released (2022-03-17) Website Release Notes Download Spoiler: Changes v30.0.0 v30.0.0 (2022-03-17) This is a new milestone release! Following the change in direction as announced on the forum and directly driven by user feedback and community input, Pale Moon is abandoning its own GUID (globally-unique identifier) and adopting Firefox's GUID instead to provide maximum compatibility with old and unmaintained Firefox extensions alongside those that are maintained on our add-ons site. Please understand that this gives more freedom for people to use potentially incompatible and old/insecure browser extensions, but also means we will have a more "hands-off" approach to it from this point forward which as a consequence means you will have to resolve more issues yourself and take more care, especially when using external/old extensions. Please note that our current add-ons site will, for a while, serve both older versions of Pale Moon and newer ones in a side-by-side manner, and it is important that you do not spoof your user agent when visiting the add-ons site or you may be served the incorrect type of add-ons or add-on updates, or not receive them at all. [...] Most notable user-facing/implementation changes: Implemented Global Privacy Control, taking the place of the unenforceable "DNT" (Do Not Track) signal. If you previously enabled DNT, then this preference will be adopted for Global Privacy Control (GPC). Through GPC, you indicate to websites that you do not want them to share or sell your data. "Default browser" controls in preferences has been moved to "General". Updated emoji support to Twemoji 13.1. Implemented Selection.setBaseAndExtent() for web compatibility. Implemented queueMicroTask() for web compatibility. For add-on developers: Pale Moon now internally identifies with the Firefox GUID. This does not affect how it identifies to the web. Direct support for legacy Firefox extensions has been restored. Pale Moon-exclusive extensions will need to be updated to target the Firefox GUID in their install manifest and, where applicable, in their JavaScript components and overlays. The browser no longer lives in a "browser" distribution subdirectory. If you are hard-coding paths this may affect you. appinfo.platformVersion is frozen for backwards compatibility. If you need to detect the platform version, you should use appinfo.greVersion instead. Themes: scrollbar-width is now mapped to an attribute on scrollbar controls (bars, resizers and corner controls) for better theme support of thin scrollbars. Language packs: the entire internationalization structure has changed; because this required re-verification of translations, some language packs may have a few more untranslated strings in them at the moment until our volunteers over at Crowdin catch up on the new milestone. Bugfixes, stability and security: Updated various in-tree libraries: cubeb, sqlite, cairo, ... Fixed an issue with the Linux desktop shortcut file to solve potential DE integration problems on common distributions. Fixed an issue with page and iframe content margins not being applied properly when passed as attributes instead of CSS. Ensured JavaScript and JSON files are always recognized as known MIME types so they can be opened appropriately from local sources. Fixed an issue with rapid loading and unloading of js modules causing browser crashes. Fixed an issue with tooltips being cut off at the end if containing exceedingly long unwrappable series of characters. Fixed several application crash scenarios. DiD Fixed a large number of thread locking/mutex issues. DiD Fixed a leak of content types due to inconsistent error reporting. (CVE-2022-22760) Fixed an issue with iframe sandboxing not being properly applied. (CVE-2022-22759) Fixed a potential leak of bookmarks from the exported bookmarks file if it included a malicious bookmarklet. Fixed an issue with drag-and-drop. (CVE-2022-22756) Fixed a potential crash due to truncated WAV files. Fixed a memory safety issue with XSLT. (CVE-2022-26485)
I tried Pale Moon again, same deal, went to install LastPass from their page, says I need Firefox to install it and on Pale Moon's extensions site the extensions there are all useless. This was once my favorite browser but I ditched it as it became incompatible with Firefox extensions especially the popular ones that I need. so much for stating Firefox compatibility is back with this release for extensions!
Pale Moon top news: Pale Moon 30 rollout cancelled. Following severe issues with the unexpected exit of a core dev and considerable damage caused to our operations, the milestone 30 rollout has been cancelled. More info in the release notes and announcemens page under Outage post-mortem, and apologies.
Link for above information is here Outage post-mortem, and apologies https://forum.palemoon.org/viewtopic.php?f=1&t=28044
More news on Pale Moon forum announcements page: Add-ons site restored Pale Moon 29.4.5 released Current situation for Pale Moon https://forum.palemoon.org/viewforum.php?f=1&sid=b32afd23b86f6421af3b59b03fc16b98
Does anyone know where to find the "legacy" firefox extensions which apparently will work with pale moon now.
Not yet, PM v30 has been recalled, but here you can find legacy extensions: https://github.com/JustOff/ca-archive