github ChaoticSi1ence/SlimBrave-Neo v1.8.0
v1.8.0 - Audit pass: parity fixes, preset tuning & test suite

5 hours ago

Full-repo audit pass following feature completion (#14). The code came out clean overall; this release closes the cross-platform parity gaps the audit found, tunes three presets, and adds an automated test suite + CI.

Fixed

  • Windows: profile-prefs leak repair now scrubs Beta / Nightly / Dev channels, not just Stable — the registry policy applies to every channel, so the leaked Shields exceptions land in all of them.
  • Windows: importing a cross-platform config with DnsMode: secure + DnsTemplates no longer drops the resolver template; the template field also enables for secure.
  • Linux / macOS: Flatpak Brave's profile (~/.var/app/com.brave.Browser/config) is now covered by detection and prefs repair. (Verified: the Flathub manifest grants host-etc access specifically to read /etc/brave/policies, so managed policies already worked under Flatpak.)
  • CLI: exit codes accumulate across --reset / --import / --export, so an earlier failure is never masked by a later success.
  • macOS: --reset and persistence-mode switches also remove the staged /tmp/slimbrave-neo-policy.mobileconfig.
  • Exports written under sudo are handed back to the invoking user instead of being left root-owned.
  • Windows: launching the app no longer creates the HKLM policy key — it's created at Apply time; DNS dropdown order now matches the Linux/macOS TUIs.
  • Dead-code cleanup in the Linux TUI (ROW_CHANNEL) and a dead except around expanduser in both Python scripts.

Changed — presets

  • Balanced Privacy / Maximum Privacy: ForceGoogleSafeSearch removed — it's a content filter, not a privacy measure. It remains in Strict Parental Controls.
  • Maximum Privacy: DNS is now left unmanaged instead of force-disabling DoH. Plain DNS exposes every query to the ISP in cleartext; the README now explains the DoH-provider vs ISP trade-off so you can choose deliberately. Re-import the preset (or adjust the DNS row) if you relied on the old behavior.
  • Performance Focused: now also disables P3A analytics and the daily stats ping (zero performance cost).

Added

  • Test suite: 56 pytest cases exercising the pure policy logic of both Python scripts — policy building, import/export round-trips (including multi-value keys and the legacy array format), BOM-aware JSON reading, --policy-file path validation incl. symlink escapes, prefs-leak repair, and a preset ↔ feature-definition consistency check.
  • CI: GitHub Actions running pytest + ruff (Linux) and PSScriptAnalyzer (SlimBrave.ps1) on every push and PR.
  • The user-facing scripts remain stdlib-only; test/lint tooling exists only in CI.

As always: source-only release — no binaries, no installers. Verify you're downloading from github.com/ChaoticSi1ence/SlimBrave-Neo (see SECURITY.md).

🤖 Generated with Claude Code

Don't miss a new SlimBrave-Neo release

NewReleases is sending notifications on new releases.