CHANGELOG

High-level overview of changes to Perspectives

Format:
+ new feature
* bug or behavior fix
X Loss of functionality

We attempt to use meaningful version numbers, following semver.org:
	Given a version number MAJOR.MINOR.PATCH, increment the:
	MAJOR version when you make large architectural changes,
	MINOR version when you add functionality in a backwards-compatible manner
	PATCH version when you make backwards-compatible bug fixes.


NEXT
----
* Begin extracting browser-specific functionality to its own object/interface,
to group everything together. (GH #75)
	* Preference gets/sets (GH #171)
	* String bundle retrieval (GH #172)
* Delete old code for update prompt and old preference 'prompt_update_all_https_setting'
* Remove init_data() initialization function
* Fix global variables left in Pers_report object (convert to local scope)
* Combine all localized property strings into a single file
(makes string-loading interface much easier)


4.6.4
-----
* Fix preference storage location: migrate all prefs from 'perspectives.X' to 'extensions.perspectives.X'. This is a requirement of hosting addons on addons.mozilla.org - https://developer.mozilla.org/en-US/Add-ons/AMO/Policy/Reviews#Full_Review
	All credit and thanks to Alexey Vesnin for the move and code to gracefully migrate existing user prefs. Thanks Alexey!
* Mark some tests as known failures, to identify for long-term fixing
* Add error checking for security level preference to correct invalid values
* Remove unused preference 'show_label'
* Internal code cleanup (fix === checks; remove dead code; fix addProgressListener usage)
* Add wrapper functions to retrieve preferences, overrideService, and stringbundle strings
	Fixes one bug where 'root_prefs' object was not initialized;
	but overall removes the need to initialize the Perspectives object at all.
	It can and should handle its own internal state.
	This starts to isolate the usage of direct browser internals,
	which would be required to port to other browsers.
	Also makes the code much more stable and testable.
* Clean up the init code to use the new wrapped preference and stringbundle functions


4.6.3
-----
* Update checkloc library to import behaviour fix, so Perspectives will build again with all tests intact. Fix for behaviour change in lxml 3.5.0 (GH #166)


4.6.2
-----
* Fix several bugs that violate the AMO review policy so we can continue to deploy client updates through addons.mozilla.org:
	* Move initialization script to separate file rather than holding the code inline (GH #162)
	* Fix initial setup to add Perspectives button to the correct place (GH #161)
	* Fix addProgressListener usage (GH #103 )
	* Remove synchronous call to nsIDNSService.resolve() (GH #160)
	Fixes mainly based on patches submitted by Alexey V., with slight modifications.
	Thanks Alexey!


4.6.1
-----
* Add (ru) Russian translation! Many thanks to Alexey V!
* Fill in CHANGELOG history from versions before 4.3
+ Update checkloc library to v2.1. Many new tests including checking string substitutions inside .properties files
* Fix incorrect string substitution in zh-CN localization (caught by the new checkloc test)
* Move all external libraries to a clear 'extlib' folder; denote licenses
* Remove unused preference 'perspectives.svg'
+ Add Perspectives logo image to help page
* Convert translation file to markdown format
+ Unlock the 'About' dialog
* Fix some test data, fix tests, add new tests for client policy code
* Add a way to distinguish test setup from the tests themselves
* Add sanity check for inconsistency function so max_timespan cannot be larger than check length
+ Add link to translation instructions from About dialog
* Add Preferences GUI input validation to 'min' and 'max' quorum threshold


4.6
---
+ Add option to contact notaries when in private browsing (off by default)
+ Expose timeout duration and number of query retries as a user preference
+ Expose maximum caching duration as a user preference
+ Improve whitelist interface:
	* Convert whitelist textfield into a table with columns
	+ Domain column is sortable
	+ Regexes can be clicked and edited
	+ Whitelist entries can be clicked to activate or deactivate
	+ Table supports multi row selection and removal
	+ Added localizations (en, de) for columns and remove button
* Highly visible notifications when certificates fail (multiple certificates, one not recently seen; multiple certificates)
* Extract remaining hardcoded strings for localization
* Some German (de) localization fixes
* Convert some alerts to Perspectives wrapped alerts
* Prevent the addition of duplicate notaries
* Correctly detected and set status for "quorum not reached" in non-english languages.
X Temporarily remove all 'Report Attack' functionality, until the feature is fixed
* Check if result signature and timestamps are correct when processing notary results, and visually mark as red if either is incorrect
* Warn on mismatching notary public keys
+ Remove red from color result keys, as it's now used for "invalid signature"
+ Display required quorum duration in notary results
* Rescue the svg/image test page
+ Convert README to markdown file
+ Add more info in README on how to debug and test
+ Draw stale-limit line across notary results
* Remove use of base64.js; entirely replaced by internal browser functions
+ Visually indicate cached results in the results dialog
+ Visually indicate whitelisted entries with a different icon
* Clean up unit tests so many tests are more clear, better organized, and/or easier to maintain
* Refactor test file so more tests can be run without installing the extension (i.e. separate chrome-dependent functionality from non-chrome-dependent functionality)
* Many areas of code cleanup (add hasOwnProperty checks; fix === checks)
* Remove dead statusbar elements


4.5.2
-----
* Add SparkMD5 library as external library to provide MD5 hashing functionality (has been removed in Firefox 32)
* Strip away copyrighted ICC profile from images (thanks David P!)


4.5.1
-----
* Add (pl) Polish translation! Many thanks to Jakub and Sonia!
* Fix typos and whitespace in localization files


4.5
---
+ Enable https queries to notaries! For now, turn this on by adding 'https://' in front of the notary URL
* Fix unit tests to use === instead of ==
* Fix return value for get_quorum_duration(). Fixing the tests in the previous item exposed this bug.
* Fix use of quorum_size for key_weakly_seen_by_quorum(). It's actually used now. (GH 89)
* Fix the tooltip used by Perspectives icon during location changes (GH 112)
* Fix icon status for location change events - only set the icon spinning for https sites (GH  113)


4.4.2
-----
* Update German translation


4.4.1
-----
* Rescue localization tests! Tests now run as a python script at build-time (GH 74)
* Fix call to XMLHttpRequest constructor to use 'new' - compatability fix for the upcoming Firefox 30 (GH 108)
* Update German translations (thanks Patrick!)
* Unlock Dutch and Finnish translations (thanks Alf and Ville!). These translations are not fully complete, but enabling them at least lets people see *some* text in their desired language.
* Remove perspectives1.networknotary.org from the set of default notaries. This notary needs to be upgraded before it can be used full-time.


4.4
---
+ Add new preference to show/hide the notification box when "Ask before contacting notaries" is enabled (GH 101)
* Fix the 'Learn More' button (thanks to Jens for the bug report!) (GH 100)
* Fix text display in results window for pages with insecure content
* Grey-out the default notary textbox to indicate it cannot be edited


4.3.8
-----
* Fix bug with incorrect public/private address resolution (GH 94)


4.3.7
-----
* Fix text display for weakly seen results (tooltip was not getting set, causing the UI to show 'null' in the results window)
* Add sanity checks for invalid time ranges when calculating weakly seen property
* Add unit tests for weakly seen keys, keys with short durations, keys with gaps, and calculation of key duration
* Fix minor debug function calls
* Improve documentation on how to release updates (update_howto.txt)


4.3.6
-----
* Security Fix: incorrect quorum duration with low number of notaries or quorum percentage (GH 87)
* Refactor unit tests: unit test js file is now optionally installed with the rest of the extension (this makes it run properly under newer versions of Firefox) (GH 74)
* Remove several global variables; convert to local with 'var'
* Add new whitelist icon (image file added, but code not hooked up yet)
* Minor improvements to the makefile formatting and output
X Localization tests temporarily removed so we can ship to patch the security bug. They still need to be transcribed/relocated to a non-javascript language to run at build time. (fixed in 4.4.1)


4.3.5
-----
* Fix code for retrieving private browsing data (used for untrusted certs in Firefox v22 and up)
* Two minor fixes to remove validation warnings on AMO


4.3.4
-----
* Update code for retrieving invalid certificate info for Firefox v20 (GH 77)
* When sending requeries, only send to notaries that haven't yet replied.
* Remove unused localization string
* UI improvements:
	* Make the Preferences and Report Attack windows resizable
	* In the Preferences window, set proper default height and width for Notary Server textboxes
	* In the Results window, expand the results textbox vertically to fill available space (This makes more text visible and keeps the radio buttons in a consistent place)


4.3.3
-----
+ Add heimdal and nine-eyes notaries to the default notary list, to improve response rate


4.3.2
-----
* extract hardcoded strings and move to localization files
+ add (de), (es), and (fr) localizations! Many thanks to our translators.
+ fill in the missing strings from (zh-CN) localization. Many more thanks to our translators.


4.3.1
-----
* clean up build process and tests
* fix SeaMonkey initialization; extension did not load


4.3
---
* remove the forced statusbar icon (GH 38)
+ add Perspectives icons to alt-tab window
+ display key age in the notary results dialog
* UI improvements:
    * dialogs now center themselves in the screen
    + 'esc' cancels and closes dialogs
    * add cancel button to Preferences dialog
    * OK and Cancel buttons have a consistent placement
    * increase size of notary key textboxes to improve readability
    + alert popups now mention that they are from Perspectives
* don't throw exceptions when trying to add invalid URIs to the whitelist
* don't automatically close the 'report attack' window after an error (part of GH 49)
* add min and max boundary checking for quorum duration and quorum percentage (GH 52)
* fix parameter order for find_oldest_most_recent() (GH 48)
+ ignore blank lines when parsing notaries (GH 42)
* merge duplicate help pages, copyedit content, and update links
* add .css stylesheet for help pages; add some basic format/coloring


4.2
---
+ Add toolbar button that can be placed anywhere


4.1.1
-----
* Fix spelling/grammar issues (thanks David L!)
* Add license and copyright info to each JS file
* Update COPYING license file to GPL3, to match source code headers
+ Split preferences into two tabs
+ Add ability to specify additional notaries
+ Add ability to enable/disable default notaries


4.1
---
+ Add Perspectives sub-menu to Firefox tools menu and browser context menu
* Prevent firefox from showing the spinning icon when accessing pages like about:blank (GH 22)
+ Change timeout behavior so that the individual query timeout is shorter, but we requery the notary multiple times
* Don't show more than one decimal place for quorum duration
* Fix bug: Do not mark replies as inconsistent if a notary has only seen one key for a site
* Fix some bugs with whitelisting
* Improve whitelist functionality for IP addresses
* Prevent showing the same banner multiple times in a row
* Correctly show the progress icon when a check is explicitly requested
* Fix typos in comments and help file (thanks David L!)
* Fix exception thrown when URL bar accesses a 'file' URL (GH 8)
* Do not query on mixed content pages when the certificate is already trusted
* Correctly declare STATE_QUERY


4.0
---
+ Now published on addons.mozilla.org!
+ Add SeaMonkey support (thanks Igor!)
+ Add whitelist functionality
* Update default settings to query notary servers for all https websites
* Fix undefined reference to STATE_STOP


3.3
-----
* Fix Perspectives to work on Firefox 4.0
+ Add basic functionality for reporting attacks
* Fix results dialog formatting that was truncating messages
* Override Firefox security error even if insecure embedded content is included


3.2
---
+ Expire cached notary data after a user-configurable period (default 10,000 seconds)
+ Implement 'weak consistency' to validate keys for sites that consistently use many different certificates
+ Add GPL 2 license file


3.1
---
+ Add menu option to force a query; useful if you only periodically want to contact notaries, or to refresh results (thanks Ryan!)
+ Show spinner icon when Perspectives is querying notaries
+ Always show the browser key in the notary results graph
* Make sure we cannot count multiple replies from the same notary
* Remove old, hardcoded whitelist functionality
* Stop using Mozilla DNS interface to query each DNS address (this leaked DNS info)
* Fix bug where Perspectives gets stuck in the 'Connecting...' status
* Don't show the green checkmark if HTTPS page includes insecure content
* Fix bug that grabbed certificate information too early, sometimes showing the cert of the previous site
* Fix tooltip typo


Earlier
-------
Unknown