v148.0 (2026-01-12)
Logins
- Add breach alert support, including a database migration to version 3,
newLoginfields (time_of_last_breach,time_last_breach_alert_dismissed),
and newLoginStoreAPIs (record_breach,reset_all_breaches,is_potentially_breached,record_breach_alert_dismissal_time,record_breach_alert_dismissal,is_breach_alert_dismissed). (#7127)
⚠️ Breaking Changes ⚠️
Fxa Client
- Removed the optional
ttlparamater toget_access_token. In practice, no consumers were using this.
✨ What's New ✨
Ads Client
- Add agnostic telemetry support (compatible with Glean)
Fxa Client
- Added optional
use_cacheparamater toget_access_token. Set this tofalseto force
requesting a new token.
v147.0 (2025-12-07)
Relay
- Added
fetch_profile()method to check premium subscription status viahas_premiumfield (#7113)
Nimbus
⚠️ Breaking Changes ⚠️
- Removed unused
home_directoryfield from AppContext. Both Kotlin and Swift sides were passing null values and it wasn't used anywhere. (#7085) (#30782)
rc_crypto
- Thread-safety improvements for PKCS-token-dependent methods by introducing a
global mutex. Refactored key unpacking logic and removed redundant code;
includes some breaking API changes, but since the keydb feature is not yet in
use, these do not affect existing consumers.get_aes256_keynow returns aResult<Option<Key>>to distinguish missing
keys from errorsget_or_create_aes256_keyonly creates a key when none exists.- When the keydb feature is enabled,
ensure_nss_initializedis disabled in
favor ofensure_nss_initialized_with_profile_dir.
Logins
create_login_store_with_nss_keymanagerreturns anApiResultnow, instead
of just panicking.- fix
count_by_originandcount_by_form_action_originwith punicode origins