mirror of
https://github.com/zen-browser/desktop
synced 2026-04-25 17:15:00 +02:00
270db6d671
* security: enable MAR signature verification for updates Remove `--enable-unverified-updates` from the common mozconfig. This flag was disabling all MAR (Mozilla ARchive) signature verification in the updater binary, meaning update packages were applied without any cryptographic authenticity check. With this flag removed, the Mozilla build system will: - Link NSS and signmar into the updater binary - Enable SecVerifyTransformCreate-based signature verification on macOS - Require MAR files to contain valid signatures before applying REQUIRED FOLLOW-UP (maintainer action): 1. Generate a Zen-specific MAR signing keypair (RSA-PKCS1-SHA384) See: https://firefox-source-docs.mozilla.org/build/buildsystem/mar.html 2. Place the public key DER file(s) in the source tree at toolkit/mozapps/update/updater/release_primary.der 3. Sign MAR files during the release build with the private key 4. Set ACCEPTED_MAR_CHANNEL_IDS in update-settings.ini to restrict which update channels the updater will accept Ref: GHSA-qpj9-m8jc-mw6q * no-bug: Added signature steps * no-bug: Export browser/installer/package-manifest.in --------- Co-authored-by: Maliq Barnard <maliqbarnard@Maliqs-MacBook-Air.local> Co-authored-by: Mr. M <mr.m@tuta.com>
Zen Browser
Zen is a firefox-based browser with the aim of pushing your productivity to a new level!
Firefox Versions
Release- Is currently built using Firefox version149.0.2! 🚀Twilight- Is currently built using Firefox versionRC 149.0.2!
Contributing
If you'd like to report a bug, please do so on our GitHub Issues page and for feature requests, you can use Github Discussions.
Zen is an open-source project, and we welcome contributions from the community! Please take a look at the contribution guidelines before getting started!
Partners
Thanks to all the partners of Zen for their support and contributions:
