- bump to current upstream Release version.
- create README.update.source (since PaleMoon is no longer developed on Github).
- "%bcond_without modified" option to, allow building either "unmodified" PaleMoon or "modified" NewMoon.
- "%bcond_without pulseaudio" for those who want to keep their system lean.
- normalize "--with/--enable-system-xxx" options.
- remove no longer needed patches.
- refactor the remaining patches against current.

• Files Changed
• Browse Source

- Update to 28.8.3:
  * Fixed an issue in CSP blocking requests without a port for custom schemes.
  * Fixed a potentially hazardous crash in layers.
  * Fixed random crashes on some sites using IndexedDB.
  * Changed the way the application can be invoked from the command-line 
    to prevent a whole class of potential exploits involving modified omnijars.
  * If your special-needs environment requires that you launch the browser 
    with custom browser/gre omnijars from the command-line, you must set 
    the UXP_CUSTOM_OMNI environment variable before launch from this point forward.
  * Fixed an issue in the html parser after using HTML5 template tags, 
    allowing JavaScript parsing and execution when it should not be allowed, 
    risking XSS vulnerabilities on sites relying on correct operation of the browser.
  * Unified XUL Platform Mozilla Security Patch Summary: 2 fixed, 2 DiD, 10 
    not applicable.

• Files Changed
• Browse Source

- Update to 28.7.2:
  * This is a security and bugfix update.

• Files Changed
• Browse Source

- Update to 28.7.1:
  * Fix whitelisting of JavaScript-uris by CSP hash.
  * Properly implement various HSTS states.
  * Use the correct group for JIT constraints.
  * Ensure the right body element is used throughout the method
    call.
  * Add checks to respect CSP-wildcard + Ports.
  * Fix a crash in IndexedDB.
  * Kill newly-spawned threads if we're shutting down.
  * Remove HTML5 parser java docs and generation code.
  * Belatedly fix html5 parser attribution for files not covered
    by the MPL.
  * Fix an issue with the html5 tokenizer and tree builder.
  * Correctly return zero vertices if clipping plane 0 or 2 clip
    away the entire polygon.
  * Issue #1222: Don't load plugin instances when they have no
    `src` URI.
  * Issue #1179: fix indentation
  * New cycle version bump
  * Issue #1221: Pass the original element into
    nsXMLContentSerializer::CheckElementEnd so that we can properly
    determine whether it has children.

• Files Changed
• Browse Source

- Update to 28.7.0 :
  * This is a major development update involving a partial JavaScript
    engine overhaul and improvement, implementing several
    website-impacting changes.

• Files Changed
• Browse Source

- Del StartupWMClass from .desktop file

• Files Changed
• Browse Source

- Update to 28.6.1:
  * This is security and bugfix update.
- Add StartupWMClass to .desktop
- Disable LTO Optimization

• Files Changed
• Browse Source

- Update to 28.6.0.1:
  * This is an out-of-band update to fix some pressing issues with
    the latest release.
- Change in 28.6.0:
  * This is a major development update, focusing on under-the-hood
    improvements and bugfixes, code cleanup, and performance.

• Files Changed
• Browse Source

- Update to 28.5.2:
  * Fixed issues with image/texture allocation incorrectly being
    marked as insecure
- Change in 28.5.1:
  * This is a security and bugfix update
- Add -Wno-format-overflow flag to build with gcc9

• Files Changed
• Browse Source

• Files Changed
• Browse Source

- Update to 28.5.0:
  * This is a major development and security release.

• Files Changed
• Browse Source

- Update to 28.3.1:
  * [BASILISK] Disable WebEx support.
  * Check for contiguous buffer state.
  * Make Sourcebuffer::AppendFromInputStream handle canceled 
    image loads.
  * Make resuming of decoding work for anonymous decoders.
  * Update libwebp to version 1.0.2
  * Properly camelCase dom.intersectionObserver.enabled pref.
  * Revert "Disable IntersectionObserver API because of crashes."
  * Actually unlink targets from registered intersection 
    observers.
  * Disable IntersectionObserver API because of crashes.
  * Remove NS_IMPL_CYCLE_COLLECTION_TRAVERSE_SCRIPT_OBJECTS
  * Consolidate tracing and traversing.
  * Merge branch 'master' of 
    https://github.com/MoonchildProductions/UXP
  * Rewrite IntersectionObserver list handling to be more robust.
  * Merge pull request #931 from Ascrod/master
  * Fix check for HSTS when service is disabled.
  * Add isIntersecting property to IntersectionObserverEntry.
  * New cycle version bump
  * Improve toolbar icons for all DPIs
  * [PALEMOON] Fix the option to disable HSTS.
  * Add preference for fully disabling HSTS.
  * [PALEMOON] Add captive portal preference to the UI.
  * Add matching browser.newtab.choice pref to prevent error.
  * [PALEMOON] Move Advanced prefs l10n strings to their proper 
    place
  * [PALEMOON] Clean up advanced prefs XUL
  * [WebExAM] Use proper application name in WebExtension API 
    error message.

• Files Changed
• Browse Source

- Update to 28.2.2:
  * Merge pull request #897 from trav90/telemetry-cleanup
  * Merge pull request #896 from trav90/media-work
  * Merge pull request #895 from trav90/code-cleanup
  * Remove MediaTelemetryConstants
  * [PALEMOON] Complete making Sync optional at build time
  * Clear HAVE_LINUX_PERF_EVENT_H defines in ffvpx config before 
    setting them for lib use
  * Remove DirectShowReader
  * Limit the CSS string length for resolved variables to sane 
    values.
  * Merge pull request #892 from binaryoutcast/pmTreeCleanup
  * Clean up the Pale Moon tree
  * Issue #890 - Port cpp aboutRedirector to javascript
  * Update GMP AUS URL

• Files Changed
• Browse Source

- Fix build with system libraries

• Files Changed
• Browse Source

- Update to 28.2.1:
  * [Pale Moon] Sync notification widget's messageImage should 
    inherit the 'type' attribute
  * Issue #861 - The bookmark properties window should focus on 
    the Name Picker text box on init
  * Merge branch 'master' of 
    https://github.com/MoonchildProductions/UXP
  * [PALEMOON] Use generic application icon for external 
    applications in about:feeds
  * Revert "[PALEMOON] Use generic application icon for external 
    applications in about:feeds"
  * Don't build internal updater by default and set default 
    update channel to an inactive one.
  * Enable gamepad support by default in Basilisk.
  * Improve handling of MOZ_GAMEPAD and NECKO_WIFI
  * Revert "Move MOZ_GAMEPAD* and NECKO_WIFI up"
  * Move MOZ_GAMEPAD* and NECKO_WIFI up
  * Remove AccumulateCipherSuite()

• Files Changed
• Browse Source

- Update to 28.2.0:
  * Back out problematic patch causing issue #865.
  * #863 Part 3: Add Pale Moon GUI options for Opportunistic 
    Encryption.
  * #863 part 2: Make opportunistic encryption opt-in for UXP
  * #863 Part 1: Make sending of http upgrade-insecure-requests 
    optional
  * Backout opportunistic encryption changes.
  * Add GUI control to Pale Moon for opportunistic encryption.
  * Swap default platform state for opportunistic encryption.
  * Change captive portal detection URL to our own.
  * Make opportunistic encryption configurable.
  * Clear STDINT_H defines in libvpx config before setting them 
    for lib use.
  * Merge pull request #862 from 
    JustOff/PR_editBookmarkOverlay_focus
  * [PALEMOON] Focus and select the first non-collapsed text 
    element in the bookmark properties dialog
  * Backport some upstream Skia patches.
  * Add overflow checks for extending nsTArrays.
  * Ensure user input suppression works correctly even after 
    document.open.
  * Remove ancient workaround in client certificate code
  * Apply CheckedInt to infoLength for preventing it from 
    overflowing in the future.
  * Make sure we remove our RefreshDriver observers in 
    CompleteAsyncScroll.
  * Fix a longstanding IndexedDB correctness issue.
  * Don't allocate PendingAction twice.
  * WebRTC: Drop DataChannelListener on Destroy().
  * Make sure nsNSSCertList handling checks for valid certs.

• Files Changed
• Browse Source

- Update to 28.1.0:
  * Merge branch 'worker-fix'
  * Rewrite the Code of Conduct document.
  * Use SessionStore.promiseInitialized() to avoid race condition 
    in "about:home" (#774)
  * New cycle version bump.
  * Merge pull request #770 from JustOff/PR_bgtab_notify
  * [BASILISK] Skip notifications for background tabs when 
    restoring a session
  * [PALEMOON] Skip notifications for background tabs when 
  * Merge pull request #767 from trav90/class-memaccess-errors
  * Send worker-runnables destined for the main thread actually 
    to the main thread.
  * Stop using the worker MainThreadTaskQueue from dom/fetch.
  * Stop using the MainThreadTaskQueue from service workers.
  * Fix wrong SVG sizes with non-integer values for viewBox 
    width/height.
  * Don't memset-zero the BacktrackingAllocator::vregs array of 
    non-trivial VirtualRegister instances
  * Call memset on a void*, not a T*, in js_delete_poison to 
    avoid memset-on-nontrivial warnings with gcc that don't matter 
    for an object whose lifetime is about to end
  * Initialize some asm.js structures using in-class initializers 
    instead of PodZero
  * Stop using PodZero in several places to initialize values of 
    non-trivial type
  * Fix clang build bustage.
  * Flush some more buildlog output to screen when prudent.
  * Update HSTS preload list
- Switch to a default user profile

• Files Changed
• Browse Source

- Update to 28.0.1:
  * Backed out a Mozilla upstream patch causing issues with IPC 
    and texture allocation for the compositor.
  * Backed out a Mozilla upstream patch causing issues with 
    Javascript memory buffer allocation.

• Files Changed
• Browse Source

- Update to 28.0.0:
  * This is a new major relearse with transition to the Unified XUL 
    Platform.
- Drop palemoon-27.4.0-gcc7.patch (fixed)
- Drop palemoon-27.6.0-homepage.patch
- Update pathes: 
  * palemoon-26.3.0-ini.patch > palemoon-28.0.0-profile.patch
  * palemoon-27.5.0-prefs.patch > palemoon-28.0.0-vendor.patch
- Add palemoon-28.0.0-nongnome-proxies.patch
- Build with gcc on openSUSE >= 15
- Add required dependencies: mozilla-nspr mozilla-nss
- Add distribution.ini.in (openSUSE bookmarks, homepage and info)
- Change the default profile to ~/.Moonchild Productions
- Cleanup build options

• Files Changed
• Browse Source

- Update to 27.9.4:
  * Fix typo (RefPtr -> nsRefPtr)
  * Ensure the right anonymous element is focused when calling 
    input.focus()
  * Perform some sanity checks on nsMozIconURI.
  * Update dimensions early in ClearTarget.
  * Reject some invalid qcms transforms.
  * Confirm launch of executables other than .exe on Windows.
  * Check redirect status code before forwarding to NPAPI.
  * Prevent various location-based hazards.
  * Restrict web access to moz-icon:// scheme
  * Satisfy AMO's discrimination by UA.

• Files Changed
• Browse Source