mullvad/mullvadvpn-app 2022.1-beta1 on GitHub

Add information about the always on kill switch in the desktop app.
Add WireGuard multihop setting and entry location selection to desktop app.
Add malware blocking to the desktop app. Implemented via DNS on the relays.
Add changes dialog which will include the most notable changes in each new version.

Keep unspecified constraints unchanged in the CLI when providing specific tunnel constraints
instead of setting them to default values.
Obscure account number in account view and add button for copying instead of copying when text is
pressed.
Disable logging of translation errors in production. This will among other things prevent error
messages from translating the country in the disconnected state.
Update Electron from 15.0.0 to 16.0.4.
Gradually increase the WireGuard connectivity check timeout, lowering the timeout for the first
few attempts.
Stop preferring OpenVPN when bridge mode is enabled.
CLI command for setting a specific server by hostname is no longer case sensitive.
Example: mullvad relay set hostname SE9-WIREGUARD should now work.
Update the default Shadowsocks password to mullvad and cipher to aes-256-gcm in the CLI
when using it to configure a custom Shadowsocks bridge. The Mullvad bridges recently changed
these parameters on port 443 (which is the default port).

Update wireguard-nt to 0.10.1.
Make wireguard-nt the default driver for WireGuard. This is used instead of wireguard-go and
Wintun.
Increase firewall transaction timeout from 2 to 5 seconds to lower the chance of errors when
setting the firewall policy.
Update split tunnel driver to 1.2.0.0. Notably, this driver release allows firewall filters
added by other software to block excluded apps.

Always kill sslocal if the tunnel monitor fails to start when using bridges.
Show relay location constraint correctly in the CLI when it is set to any.
Prevent gRPC from trying to run the app-daemon IPC communication through a HTTP proxy when the
environment variable http_proxy is set. This caused the app to fail to connect to the daemon.
Disable built-in DNS resolver in Electron. Prevents Electron from establishing connections to
DNS servers set in system network preferences.
Fix tray context menu showing or executing wrong actions, using wrong language or in other
ways not update properly.

Resolve issues with the app blocking internet connectivity after sleep or when connecting to new
wireless networks.
Fix issue where the app would get stuck in offline state after a reboot or a reinstall by using
route monitor instead of relying on SCNetworkReachability API to infer whether the host is
offline.

Fix app size after changing display scale.
Fix daemon not starting if all excluded app paths reside on non-existent/unmounted volumes.
Remove tray icon of current running app version when upgrading.
Allow Mullvad wireguard-nt tunnels to work simultaneously with other wg-nt tunnels.
Fix notifications on Windows not showing if window is unpinned and hidden.
Wait for IP interfaces to arrive before trying to configure them when using wireguard-nt.
Fix panic that occurs in the split tunnel monitor when a path consisting only of a prefix,
such as "C:", is excluded using the CLI.

Remove auto-launch file, GUI settings and other files created by the app in user directories, when
uninstalling/purging.

Restrict which applications are allowed to communicate with the API while in a blocking state.
This prevents malicious scripts on websites from trying to do so. On Windows, only
mullvad-problem-report.exe and mullvad-daemon.exe executables are allowed to reach the API,
whereas on Linux and macOS only root processes are able to reach the API.