Tech News - Web Development

On Monday, Google announced that it has partnered with Automattic Inc., the parent company of WordPress.com, to develop an advanced open-source publishing and revenue-generating platform for news organizations named Newspack. Under the Google News Initiative, they have invested $1.2 million towards their efforts in building this platform. The purpose of this platform is to help journalists put their full energy in covering stories instead of worrying about designing websites, configuring CMSes, or building commerce systems. Google mentioned in the post, “It is trying to help small publishers succeed by building best practices into the product while removing distractions that may divert scarce resources. We like to call it "an opinionated CMS:” it knows the right thing to do, even when you don’t.” It will also provide publishers full access to all the plugins created by the WordPress developer community. Automattic, in an announcement, called for small and medium-sized digital news organizations to become charter participants in the development of Newspack. If you want to become one of the partners, you can fill in the form issued by Automattic, which is due by 11:59 p.m. Eastern Time (UTC -5:00) on February 1. The platform’s beta version is estimated to be released near the end of July and will be made available to publishers globally later this year. To get a better idea of the features and capabilities needed by publishers and their business impact, Automattic will be working with Spirited Media and News Revenue Hub. Spirited Media operates local digital news sites in Denver, Philadelphia, and Pittsburgh, and News Revenue Hub provides revenue solutions for digital publishers. In addition to Google, other funding organizations for this platform include The Lenfest Institute for Journalism, ConsenSys, the organization backing Civil Media, and The John S. and James L. Knight Foundation. WordPress 5.0 (Bebo) released with improvements in design, theme and more Introduction to WordPress Plugin Google and Waze share their best practices for canary deployment using Spinnaker

Yesterday, the team behind Django released Django 2.2 alpha 1.0. Django 2.2 is designated as LTS, which means it will receive security updates for at least three years after its expected release in April 2019. This version will come with two new constraints classes, some minor features, and deprecates Meta.ordering. It is compatible with Python 3.5, 3.6, and 3.7. Here are some of the updates that Django 2.2 will come with: Constraints: Two new constraint classes are defined in django.db.models.constraints for adding custom database constraints, namely, CheckConstraint and UniqueConstraint. These classes are also imported into django.db.models for convenience. django.contrib.auth: A request argument is added to the RemoteUserBackend.configure_user() method as the first positional argument, if it accepts it. django.contrib.gis: Oracle support is added for the Envelope function and SpatiaLite support for the coveredby and covers lookups. django.contrib.postgres: A new ordering argument is added to the ArrayAgg and StringAgg classes for determining the ordering of aggregated elements. With new BTreeIndex, HashIndex, and SpGistIndex classes, you can now create B-Tree, hash, and SP-GiST indexes in the database. Internationalization: Support and translations are added for the Armenian language. Backward incompatible updates Database backend API: These are some of the changes that will be needed in third-party database backends: They must support table check constraints or set DatabaseFeatures.supports_table_check_constraints to False. Support for ignoring constraints or uniqueness errors while inserting is needed or you can set DatabaseFeatures.supports_ignore_conflicts to False. Support for partial indexes is needed or you can set DatabaseFeatures.supports_partial_indexes to False. DatabaseIntrospection.table_name_converter() and column_name_converter() are now removed. Third-party database backends will may have to implement DatabaseIntrospection.identifier_converter() instead. Other changes Admin actions: In this version, admin actions now follow standard Python inheritance and are no longer collected from the base ModelAdmin classes. TransactionTestCase serialized data loading: At the end of the test, initial data migrations are now loaded in TransactionTestCase after the flush. Earlier, this data was loaded at the beginning of the test, which prevented the test --keepdb option from working properly. sqlparse: The sqlparse module will be automatically installed with Django as it is now a required dependency. This change is done to simplify a few parts of Django’s database handling. Permissions for proxy models: You can now create permissions for proxy models using the content type of the proxy model rather than the content type of the concrete model. Django 2.1.2 fixes major security flaw that reveals password hash to “view only” admin users Django 2.1 released with new model view permission and more Python web development: Django vs Flask in 2018

Yesterday, the team behind Brave, a privacy-focused browser, announced that they are previewing their upcoming digital advertising model, Brave Ads, in Brave’s Developer channel. Brave Ads will feature in the upcoming Brave 1.0 release through which users will receive 70% of the gross ad revenue. This advertising model is opt-in and does not replace ads on websites. Users can decide how many ads they would like to see. Currently, the Brave Beta version does not include advertiser confirmation or user payment for ad views. In the coming weeks, the team will be rolling out updates to allow users to earn BAT (Basic Attention Tokens) for viewing ads. How Brave Ads work? Those users who choose to see Brave Ads are notified about the offers as they browse the web. Once they agree to engage with these notifications, they are presented with a full-page ad in a private ad tab. The Brave team mentions that this feature will ensure that user privacy is not compromised and does not leak user’s personal data from their device, “Unlike conventional digital ads, ad matching happens directly on the user’s device, so a user’s data is never sent to anyone, including Brave. Accessing user attention no longer entails large scale user data collection.” Users will get the reward in the form of BAT via the integrated Brave Rewards in their browser. They can donate their earned BAT on a monthly basis to their favorite sites or use it as a tip for content creators. This model will be extended to allow BAT’s usage for premium content, services, or withdraw it from their wallets. Once the confirmations become available, users will be paid at the end of each calendar month. Chromium-based Brave browser shows 22% faster page load time than its Muon-based counterpart Chrome 72 Beta releases with public class fields, user activation, and more Google’s V8 7.2 and Chrome 72 gets public class fields syntax; private class fields to come soon

Yesterday, the Firefox team disabled the Adobe Flash plugin by default in Firefox Nightly 69, which will be eventually deprecated as per Mozilla’s Plugin Roadmap for Firefox. Users can still activate Flash on certain sites if they want to, through the browser settings. Flash support will be completely removed from the consumer versions of Firefox by early 2020. The Firefox Extended Support Release (ESR) will continue to support Flash till its end-of-life in 2020. Why Mozilla has decided to disable Adobe Flash? In recent years, we have seen a huge growth in web open standards like HTML5, WebGL, and WebAssembly. These technologies now come with various capabilities and functionalities for which we used to have plugins. Now, browser vendors prefer to integrate these capabilities directly into browsers and deprecate plugins. Hence, back in 2017, Adobe announced that along with their technology partners, Google, Mozilla, Apple, Microsoft, and Facebook, it is planning to end-of-life Flash. It also added that by the end of 2020, it will stop updating and distributing the Flash Player and encouraged content creators to migrate any of their content which is in Flash format into new open formats. Following this all the five partners announced their plan of action. Apple already did not supported Flash on iPhone, iPad, and iPod. For Mac users, Flash did not come pre-installed since 2010 and it was by default off if users decided to install it. Facebook announced that they are supporting game developers to migrate their Flash games to HTML5. Google will disable Flash by default in Chrome and remove it completely by the end of 2020. Microsoft also announced that they will phase out Flash from Microsoft Edge and Internet Explorer, eventually leading to the removal of Flash from Windows entirely by the end of 2020. Mozilla releases Firefox 64 and Firefox 65 beta Mozilla shares why Firefox 63 supports Web Components Introducing Firefox Sync centered around user privacy

After releasing Ember 3.6 last month, the team behind the Ember project released version 3.7 of Ember.js, Ember Data, and Ember CLI, last week. As always, Ember 3.7 embarks the start of 3.8 beta cycle for all the subprojects. This version drops support for Babel 6 and Node 4, along with a few bug fixes and performance improvements. There are no changes in the Ember Data subproject. Updates in Ember.js 3.7 In Ember.js 3.7, the support for Node 4 has been dropped explicitly and if you want to upgrade to this version you need to first upgrade your Node version. Also, Node 6 support is planned to end in the next few months. Updates in Ember CLI The last usage of Babel 6 removed: The last usage of Babel 6 is removed in Ember CLI 3.7. Babel 6 was used for supporting compiling templates in addon/. It was also used for supporting addon-test-support/ in the addons that do not have any .js processors. Since the module compilation between Babel 6 and Babel 7 is compatible, this update is not a breaking change. Compatibility section in addon README: Another update is a Compatibility section in addon README. Whenever a new addon is generated using Ember CLI, a README file is also generated for the addon. This README will now come with a compatibility section, which enables you to easily communicate to users about what are the requirements to use the addon. You can upgrade to Ember CLI using the following commands: npm install -g ember-cli-update ember-cli-update The Ember project releases version 3.5 of Ember.js, Ember Data, and Ember CLI The Ember project announces version 3.4 of Ember.js, Ember Data, and Ember CLI Ember project releases v3.2.0 of Ember.js, Ember Data, and Ember CLI

Today, Minko Gechev, an engineer in the Angular team at Google announced the release of Angular CLI 7.2.1. This release fixes a webpack-dev-server vulnerability and also comes with support for multiselect list prompt, TypeScript 3.2, and Angular 7.2.0-rc.0. https://twitter.com/mgechev/status/1083133079579897856 Understanding the webpack-dev-server vulnerability The npm install command was showing the Missing Origin Validation vulnerability because webpack-dev-server versions before 3.1.10 are missing origin validation on the websocket server. A remote attacker can take advantage of this vulnerability to steal a developer’s code as the origin of requests to the websocket server, which is used for Hot Module Replacement (HMR) are not validated. Other updates in Angular 7.2.1 CLI Several updates and bug fixes were listed in the release notes of Angular CLI’s GitHub repository. Some of them are: Support is added for multiselect list prompt Support is added for TypeScript 3.2 and Angular 7.2.0-rc.0 Optimization options are updated Warnings are added for overriding flags in arguments lintFix is added to several other schematics `resourcesOutputPath` is added to the schema to define where style resources will be placed, relative to outputPath. The architect command project parsing is improved Prompt support is added using Inquirer Jobs API is added Directly loading component templates is supported Angular 7 is now stable Unit testing Angular components and classes [Tutorial] Setting up Jasmine for Unit Testing in Angular [Tutorial]

Otter Browser released its first stable version, 1.0.01, last week. It is a free and open-source browser with a GPLv3 license that aims to recreate the experience of the classic Opera (12.x) UI using Qt5. Fun Fact: 1.0.xx releases are codenamed Mordecai, after a character from Regular Show As the browser’s tagline states, “Controlled by the user, not vice versa”, users are free to contribute to making the browser better. Users can write code, create resources, report bugs, or suggest features. The browser uses JavaScript for interacting with rendering engines (when native APIs are not available). It is written primarily in C++ and leverages powerful features offered by the Qt5 framework. Enhancements in Otter browser 1.0.01 This stable version does not include all planned features. However, some features might be included in the 1.1 version later this year. The most important changes since the RC 12 include: There are some enhancements in the experimental backend for QtWebEngine (Blink), which include, the download dialog is now shown for the tab that initiated it. Also, there is an added support for handling requests to print page. This release also includes many other fixes. One issue that has not been solved is, the new browsing history backend does not store favicons yet. Read more about this release on Otter Browser’s official website. Chromium-based Brave browser shows 22% faster page load time than its Muon-based counterpart Introducing Basilisk, an open source XUL based browser and “close twin” to pre-Servo Firefox An SQLite “Magellan” RCE vulnerability exposes billions of apps, including all Chromium-based browsers

Last week, Ilia Mirkin, a former software engineer of Google, shared on the nouveau mailing list that nouveau is now blacklisted in Chromium 71 and Chrome. Many users have been facing rendering issues with nouveau such as tabs and address bar getting partially or totally covered by multiple black rectangles. Users also experienced memory and CPU leak. Because of these kinds of bug reports, the Chromium team considers the driver unstable. The team has disabled the GPU-acceleration by default, but users can still bypass the block if they want to by using these two options: installing proprietary NVidia drivers or running Chrome with --ignore-gpu-blacklist. Why did the Chromium team decide to blacklist Nouveau? Looking at the performance issues, the Chromium team wanted to blacklist the nouveau driver a long time ago. Also, now that Ubuntu ships with nouveau support by default they think that it's time to blacklist it in Chrome and Chromium. Since Ubuntu LTS supports nouveau, it was quite confusing for users to understand why it is being considered unstable for Chromium. The team commented on a bug report that they do not have enough resources to investigate and fix bugs and their main priority is keeping the browser secure and stable. One of the team members said, “We want a stable & secure browser first, a GPU-accelerated one second, only if possible. The default driver on Ubuntu LTS has severe issues, asking non-technical users to update their driver is just not acceptable as a prerequisite to using Chrome. If someone is interested in well-scoping the brokenness (version range and/or devices affected), we're happy to take a patch to the blacklist.” In addition to rendering issues, it does not come with support for many features. Users also feel that the root cause is Nvidia, which does not provide open source drivers to the kernel, unlike Intel or AMD. Hence, nouveau (an open source device driver) does not show the same degree of stability or performance. Some felt that to avoid this confusion the Chromium team could have provided some kind of warning message and recommendation about how to update/remove the driver to one that is supported. NVIDIA launches GeForce Now’s (GFN) ‘recommended router’ program to enhance the overall performance and experience of GFN NVIDIA demos a style-based generative adversarial network that can generate extremely realistic images; has ML community enthralled NVIDIA makes its new “brain for autonomous AI machines”, Jetson AGX Xavier Module, available for purchase

The year 2018 proved to be interesting for the team at Thunderbird, a free email application, as they released the latest ESR, Thunderbird 60, which had improved security, stability, and the app’s interface. However, 2019 has some upgrades to Thunderbird’s calendar. With the new year, Thunderbird has come up with some interesting plans and is working towards bringing improvements to UI, Gmail support, notifications and much more. Let’s dive deeper into the plans and goals marked by the team at Thunderbird for this year. The roadmap towards making Thunderbird better Making Thunderbird faster than ever The team is working towards addressing technical debt, UI-slowness, and general performance issues across the application (Thunderbird). They will be focusing on methods for testing and measuring slowness and working on solutions to address the pain points. They will also be working on faster technologies in rewriting parts of Thunderbird and simultaneously will be working towards a multi-process Thunderbird. Better UI and Gmail support 2019 will mark improvements in Thunderbird’s UX/UI. The team plans to focus on integration improvements in various areas. They currently have plans for better Gmail support in mind, considering that it is one of the biggest Email providers, it would definitely make sense to work on this area. While addressing Gmail label support, Thunderbird is also ensuring that other features specific to the Gmail experience translate properly into Thunderbird. This will help Thunderbird become more native on each desktop and will make managing notifications from the app easier. The team also plans to work on encrypting email and ensuring secure communication in upcoming releases. They have plans for bringing architectural changes to support smoother operations. Better notifications (system integrated) The team is improving notifications in Thunderbird by integrating with each operating system’s built-in notification system. Earlier they worked towards unifying the implementation across platforms, but this was not completely finished and might get accomplished this year. The team might drop a lot of platform dependent implementations and unify the content production logic. Improvements to rewrite and mail filters Currently the filtering is synchronously done in C++ and might be changed to async JavaScript implementation this year. Filtering will be made contextual, which means the team will be adding the ability for pre-filter MIME processing so that filtering can work on a message representation instead of on the raw MIME. Thunderbird will be addressing the problem of not having filters on mobile and ensuring that the filter can sync up to the server. Calendar improvements In 2019, Thunderbird will remove the use of all calendar XPCOM components and will replace them with simple JavaScript classes. The calendar and tasks tabs will be self-contained and will be only using HTML. The Thunderbird UI integration will be changed so that most calendar features get visible once triggered. Improved .ics handling Thunderbird will now handle inline event display better. This year will bring improvements to invites in order to see the new event details before taking action. Users are excited about the upcoming development and have their share of suggestions. One of the users commented on HackerNews saying that he would want improved native CardDAV and CalDAV support, Native PGP and much more in the coming releases. Another user commented, “Full-text indexing for PGP mail would be nice too once it's native (Mailpile and CanaryMail helped pave the way on this I believe).” Read more about the updates expected in Thunderbird’s mailing list. Microsoft’s move towards ads on the Mail App in Windows 10 sparks privacy concerns Email and names of Amazon customers exposed due to ‘technical error’; number of affected users unknown LinkedIn used email addresses of 18M non-members to buy targeted ads on Facebook, reveals a report by DPC, Ireland

Mozilla relaunched Mozilla Labs in a new avatar last week. This website contains Mozilla’s latest innovations and creations. They launched the Mozilla labs website in a new domain after the old one was no longer updated. Mozilla calls it a digital research laboratory. They examine new technologies and test what works and what doesn’t. Some projects from Mozilla labs become new Mozilla products that will be launched while others will be explored further. Their foundation is the Mozilla Manifesto and a commitment to a healthy internet. Some of the items on Mozilla labs right now are: A WebXR Viewer for iOS with which users get a preview of experiencing augmented reality (AR) from inside a web browser. Ability to create new virtual environments with Spoke. Users can then share the experience with friends by using Mozilla Hubs. Make contributions to Common Voice, where Mozilla helps voice systems understand voices of people from diverse backgrounds. It also puts expensive voice data at the hands of independent creators. Start with Project Things, where a decentralized ‘Internet of Things’ is being built with a focus on security, privacy, and interoperability. Install and try Firefox Reality to browse the immersive web completely in virtual reality. These were some of the technologies Mozilla has worked on in 2018. As they prepare for 2019, they will continue to innovate across platforms such as Virtual Reality, Augmented Reality, Internet of Things, Artificial Intelligence, and many more. To know more, check out the Mozilla Labs website. You can also contribute to their projects on GitHub. Mozilla releases Firefox 64 and Firefox 65 beta The State of Mozilla 2017 report focuses on internet health and user privacy Mozilla shares plans to bring desktop applications, games to WebAssembly and make deeper inroads for the future web

DPAGE is a web page builder which developers can use to get simple web pages up and running on Blockstack's decentralized internet. DPAGE is built on top of Blockstack, an infrastructure in which you can build decentralized blockchain applications. You need a Blockstack account to log into and start using DPAGE. The Blockstack ID used to log in is stored on the blockchain. All user data is stored on a Gaia node which you can choose. This decentralized setup gives users several advantages over a conventional centralized app: Your data is yours: After using DPAGE, if you don't like it then you can create your own app. Alternatively, you can use any other web page builder and all your data will be with you and not owned by any web page/app. Users are not restricted by any vendor lock-ins. A Blockstack ID is virtually impossible to block unlike centralized identities. Google or Facebook IDs can be blocked by companies. All private user data is encrypted end-to-end. Which means that no one else can read it including the DPAGE creators. The data stored is not stored with DPAGE The profile details and user data are stored on a Blockstack’s Gaia storage hub by default. DPAGE itself doesn't store any user data on its servers. You can also run your own storage hub on a server of choice. They store data with Blockstack and they store it on ‘personal data lockers built on Google, AWS, and Azure’. It is safer than some centralized web pages As all private data is encrypted, it's more difficult for hackers to steal user data from the decentralized app. There is no central database that contains all the data, so hackers also have less incentive to hack into DPAGE. However, DDOS attacks are a possibility if the hackers target a specific Gaia hub. There is no user-specific tracking DPAGE only collects non-identifiable analytics of the users for improving the service. The service itself doesn't store or read private pages. There are some positive reactions on Hacker news: “This indeed a seriously cool product, hope more people realize it.” Another comment says: “Nice, I think this is what the web needs, a Unix approach so tools can be built on top and hosts are interchangeable.” To check out DPAGE, visit their website. The decentralized web – Trick or Treat? Origin DApp: A decentralized marketplace on Ethereum mainnet aims to disrupt gig economy platforms like Airbnb and Uber Microsoft announces ‘Decentralized Identity’ in partnership with DIF and W3C Credentials Community Group

Google yesterday released Chrome 72 Beta for Android, Chrome OS, Linux, macOS, and Windows. This version comes with support for public class fields, a user activation query API, and more. Public class fields You can now declare public class fields in scripts, which can be either initialized or uninitialized. To implement public class fields, you need to declare them inside a class declaration but outside of any member functions. Support for private class fields will be added in the future releases. User activation query API Chrome 72 Beta comes with user activation query API, using which you can check whether there has been a user activation. This is introduced to avoid annoying web page behaviors such as autoplay. Additionally, it enables embedded iframes to examine postMessage() calls to determine whether they occurred within the context of a user activation. Well-formed JSON.stringify Previously, JSON.stringify used to return ill-formed Unicode strings if the input had any lone surrogates. To solve this, well-formed JSON.stringify outputs escape sequences for lone surrogates, making its output valid Unicode and representable in UTF-8. What are the modules removed? Popups during page unload is not allowed: Pages will not use window.open() to open a new page during unloading anymore. HTTP-Based Public Key Pinning (HPKP) is removed: HPKP was introduced to allow websites to send an HTTP header that pins one or more of the public keys present in the site's certificate chain. But it has seen very low adoption and can also create risks of denial of service and hostile pinning. Rendering FTP resources deprecated: Rendering resources from FTP servers is now not allowed. Directory listings will still be generated, but any non-directory listing will be downloaded rather than rendered in the browser. Along with these updates, TLS 1.0 and TLS 1.1 are deprecated and removal is expected in Chrome 81. Read the detailed list of updates on Chromium’s blog. Google’s V8 7.2 and Chrome 72 gets public class fields syntax; private class fields to come soon Google Chrome announces an update on its Autoplay policy and its existing YouTube video annotations “ChromeOS is ready for web development” – A talk by Dan Dascalescu at the Chrome Web Summit 2018

Google’s JavaScript and WebAssembly engine, V8 has hit V8 7.2 yesterday and is currently in beta. The stable version of this release will be out in coordination with Chrome 72 Stable. V8 7.2 comes with support for embedded builtins, public class fields, well-formed JSON.stringify, and more. Following are some of the updates introduced in this version: Support for embedded builtins Embedded builtins are now supported and enabled by default on the ia32 architecture. The main aim of embedded builtins is to eliminate the per-Isolate builtin overhead by making builtins truly isolate-independent. JavaScript parsing As compared to V8 7.0 the parsing speed has improved by roughly 30% in this version. While loading the web pages 9.5% of the V8 time is spent at startup on parsing JavaScript. This parsing is drastically reduced from 9.5% to 7.5% resulting in faster load times and more responsive pages. WebAssembly improvements Code generation is improved in the top execution tier. This version comes enabled node splitting in the optimizing compiler’s scheduler and loop rotation in the backend. Also, this version introduces custom wrappers that reduce overhead in calling imported JavaScript math functions and comes with improved wrapper caching. Async stack traces A new feature called zero-cost async stack traces is introduced, which improves the error.stack property with asynchronous call frames. This feature aims to solve the problem developers were facing that the error.stack property in V8 only provides a truncated stack trace up to the most recent await. It is currently available behind the --async-stack-traces command-line flag. Public class fields This version supports public class fields and support for private class fields is planned for a future V8 release. Well-formed JSON.stringify The well-formed JSON.stringify proposal is implemented in V8 7.2. Previously, JSON.stringify used to return ill-formed Unicode strings if the input had any lone surrogates. To solve this, well-formed JSON.stringify outputs escape sequences for lone surrogates, making its output valid Unicode and representable in UTF-8. You can read the full list of updates on V8’s official website. Google’s V8 7.2 and Chrome 72 gets public class fields syntax; private class fields to come soon Chrome V8 7.0 is in beta, to release with Chrome 70 V8 JavaScript Engine releases version 6.9!

Back in March this year, the Brave team shared their plans of replacing their desktop Muon runtime, with a more comprehensive Chromium stack for the desktop browser. Yesterday, the team shared a report on performance improvements in Brave Core, which refers to the newly redesigned browser for desktop operating systems. It uses Chromium’s native interface and supports nearly all Chrome features and extension APIs. Brave is a free and open source web browser, founded by the inventor of Javascript and co-founder of Mozilla, with the main focus on privacy and performance. By switching to the Chromium code base, the browser has become the latest addition to the Chromium bandwagon, which now includes Google Chrome, Vivaldi, Opera, and most recently, Edge. This evaluation of Brave Core’s performance was done based on two critical metrics: how quickly it loads pages and how much resources it consumes. Brave 0.24.0 was compared against Brave Core 0.55.12 Beta release. For this comparison, they considered Alexa News Top 10, as they are frequently visited by a lot of people and are run by reputable companies that pay attention to their readers. Results of the performance comparison between Brave Core and Muon-based Brave The team arrived at the following results after comparing the upcoming Brave Core browser with the current version of Muon-based Brave on a desktop computer: Load time savings on common desktops: Brave Core showed a load time savings of 10%-34% on the tested popular media websites with the same page content and blocking. Also, it showed a 22% average and 18% median load time savings. Performance on slower processors: On slower environments, similar to today’s average Android device on a fast 3G connection, the browser showed savings ranging up to 44%. Better CPU utilization: Brave Core showed better CPU utilization with all computationally intensive tasks running faster across all tested websites and configurations. These time savings were a result of several improvements across HTML parsing, JavaScript execution, page rendering, etc. To read more in detail about the performance analysis of Brave, check out their original post. Introducing Basilisk, an open source XUL based browser and “close twin” to pre-Servo Firefox Google’s V8 7.2 and Chrome 72 gets public class fields syntax; private class fields to come soon Google Chrome announces an update on its Autoplay policy and its existing YouTube video annotations

Yesterday, the team behind Pale Moon, an open-source web browser introduced Basilisk, which is supposedly a “close twin to Mozilla's Firefox”. Basilisk is an open source web browser which is based on Mozilla’s XML User Interface Language (XUL). It is being introduced as primarily a reference application for development of the XUL platform it builds upon. It features Firefox-style interface and operation. What are the features of Basilisk? It uses Goanna as layout and rendering engine, which is forked off of the Firefox’s browser engine called Gecko. Builds on UXP, a XUL platform in development. As it does not uses Rust or Photon user interface, users can expect the user interface to be similar to Firefox between v29 and v56. It does not use Electrolysis or e10s, which aims to bring multi-process architecture to Firefox. It splits the Firefox browser into a single process for the UI, and several processes for web content, media playback, plugins, etc. It does not require walled-garden extension signing. To provide users a modern web browsing experience it supports the ECMAScript 6 standard of JavaScript. Supports all NPAPI plugins such as Unity, Silverlight, Flash, Java, authentication plugins, etc. Supports XUL/Overlay Mozilla-style extensions. Comes with experimental support for WebExtension. Supports ALSA on Linux Supports WebAssembly Supports advanced Graphite font shaping features Supports modern web cryptography such TLS 1.3, modern ciphers, HSTS, etc. Basilisk is still in its development phase or in beta, which means that it may have some bugs and is provided as-is, with potential defects. Many developers are confused about how Basilisk differs from the Pale Moon browser the team offers and also why anyone would want to use pre-Servo Firefox. While some users say, “My interpretation is that this is mostly a project for the die-hard users who lost support for niche extensions they really liked when XUL left mainstream Firefox... it reads mostly like they intend to maintain it as a time capsule. "No different from last time" is exactly the main selling feature.” To read more in detail, visit Basilisk’s official website. Anti-paywall add-on is no longer available on the Mozilla website The State of Mozilla 2017 report focuses on internet health and user privacy Mozilla introduces new Firefox Test Pilot experiments: Price Wise and Email tabs