ChaoticSi1ence/SlimBrave-Neo

✨ New

• Light/dark theming. The Windows app now follows your Windows apps light/dark setting, including a matching dark title bar.
• Hover tooltips on every option. Each checkbox shows a plain-English description of what it does, plus the exact policy key and value it writes, so you can cross-check `brave://policy`. The DNS modes are documented inline too.
• Readable checkmarks. Checkboxes are custom-painted (accent-filled box with a white check) so they're clearly visible on both light and dark backgrounds, instead of the near-invisible stock flat glyph.
• Low-resolution mode. On a display whose usable height is shorter than the window (e.g. 720p / 768p laptops), the layout automatically reflows from two columns into three shorter ones, so the lower options and the Apply/Reset buttons no longer run off the bottom of the screen. Taller displays keep the original two-column layout unchanged.

📦 Notes

• The column count is chosen automatically from the primary display's working-area height. You can force it for testing with `$env:SLIMBRAVE_COLUMNS = "2"` or `"3"` from an elevated PowerShell before launching.
• A small scroll fallback remains for displays so short that even three columns don't fit, so the buttons are always reachable.
• After applying, verify at `brave://policy` — every row should report OK.

✨ New

• "Allow Permissive Referrers (unsafe-url)" toggle in Shields & Content Protection on all platforms (`DefaultBraveReferrersSetting: 1`, Brave 142+). Sites that specify a permissive referrer policy (`unsafe-url`) receive the full referring URL cross-origin for sites that malfunction under Brave's capped referrers. Requested in #9.
• It is mutually exclusive with the existing "Cap Referrers (Strict Origin)" toggle checking one unchecks the other. Leaving both unchecked writes no referrer policy at all: Brave keeps its default capping, and you can still loosen it per-site by lowering Shields on that site.

📦 Notes

• Allowing permissive referrers is a global privacy loosening, so it is not part of any preset it can only be enabled manually. The Maximum Privacy preset continues to enforce capped referrers.
• Exports/imports round-trip the new value; configs from older versions import unchanged.
• The Windows GUI grew slightly (980px tall) to fit the new row.
• After applying, verify at `brave://policy` - every row should report OK.

✨ New

• `unmanaged` DNS mode - the new default on all platforms. Apply writes no DNS policy at all until you explicitly pick a managed mode (`automatic`, `off`, `secure`, `custom`), so Brave's own DNS settings stay user-controlled. Previously every Apply force-wrote a DNS policy - on Windows the default was `off`, which actively force-disabled DoH and locked the DNS section in `brave://settings` as "managed by your organization". Selecting `unmanaged` and applying also removes any DNS policy a previous version wrote.
• Exports omit `DnsMode` when DNS is unmanaged; configs with an explicit `DnsMode` (including all bundled presets) import and apply exactly as before.

🐛 Fixed

• Shields prefs-leak repair now scrubs every browser profile (`Default`, `Profile 1`, `Profile 2`, ...) on all platforms. Previously only `Default` was repaired, so multi-profile users could be left with Shields stuck off in secondary profiles after unchecking the Shields toggles. User-set per-site exceptions are preserved; `System Profile` and `Guest Profile` are left alone.
• Windows: the self-elevation relaunch now passes `-NoProfile -ExecutionPolicy Bypass`, so starting the script from a shell that used `-ExecutionPolicy Bypass` no longer fails silently under a restrictive machine policy.
• The Brave Dev channel is now recognized on Linux by both Python scripts for prefs repair and running-process detection (previously only `slimbrave-linux.py` knew about it).

📋 Changed

• Maximum Privacy preset no longer forces incognito-only browsing (`IncognitoModeAvailability: 2` removed). Forced incognito silently disabled history, persistent logins, and most extensions - more surprise than protection. The preset's forget-first-party-storage-on-close enforcement remains and covers the intent; the Force Incognito toggle is still available manually. See the preset notes in the README.
• After applying, verify at `brave://policy` - every row should report OK.

✨ New

• Shields & Content Protection category - pin Brave's own protection defaults as managed policy so they can't be weakened per-site or in settings (Brave 1.83+):
• Enforce Ad Blocking
• Enforce Fingerprinting Protection
• Force HTTPS Upgrades (Strict)
• Cap Referrers (Strict Origin)
• Forget First-Party Storage on Close
• Force Shields On (All Sites) - counterpart to Disable Brave Shields, mutually exclusive in all three UIs
• Disable Email Aliases - new Brave policy (Brave ~1.89+)
• + 1 more

🐛 Fixed

• Removed `EnableDoNotTrack` from all scripts and presets - it is not a real Chromium policy (absent from the policy index) and was silently ignored on every platform. Global Privacy Control, which Brave actually honors, was already exposed and covers the intent.
• macOS no longer writes `BackgroundModeEnabled` - the policy only exists on Windows/Linux and surfaced as an unrecognized-policy error in `brave://policy` on Macs.

📋 Changed

• Maximum Privacy preset now also enforces the five new Shields & Content Protection policies and disables Email Aliases. Note: strict HTTPS shows an interstitial on HTTP-only sites, and forget-on-close clears site logins when tabs close - both in keeping with this preset's "as private as possible" intent.
• Windows GUI is slightly taller (955 px) to fit the new section.
• All new toggles default to off. Existing applied policies are untouched until you re-run the tool and Apply.
• After applying, verify at `brave://policy` - every row should report OK.

📦 Multi-channel support (PR [#5](https://github.com/ChaoticSi1ence/SlimBrave-Neo/pull/5))

• New `--channels` CLI flag (default `auto` = all detected):
• ```bash
• sudo python3 slimbrave-mac.py --import preset.json --channels stable,beta
• ```

🐛 Configuration Profile persistence (PR [#7](https://github.com/ChaoticSi1ence/SlimBrave-Neo/pull/7), fixes [#6](https://github.com/ChaoticSi1ence/SlimBrave-Neo/issues/6))

• ```bash
• sudo python3 slimbrave-mac.py --import preset.json --persist on
• sudo python3 slimbrave-mac.py --reset # cleans up profile + plist + leaked prefs in one pass
• ```
• End-to-end verified on Apple Silicon by [@zhaoJianNet](https://github.com/zhaoJianNet) and confirmed working by [@ethanynahte](https://github.com/ethanynahte).

📦 Linux

• Behavior preserved for single-channel users (the dominant case):
• | Check | Result |
• |---|---|
• | Preset round-trip (all 5) | unchanged |
• | Legacy array import (Parental Controls fix) | unchanged |
• | Group exclusivity (Incognito Disable/Force) | unchanged |
• | DNS custom-without-template validation | unchanged |
• | `apply_policy` with default args | auto-detects + writes same JSON shape to `/etc/brave/policies/managed/slimbrave.json` |
• + 1 more

📦 Windows

• `SlimBrave.ps1` is byte-identical to v1.4.2 — these PRs only touched the Python scripts.
• Full diff: https://github.com/ChaoticSi1ence/SlimBrave-Neo/compare/v1.4.2...v1.5.0

📦 1. CLI `--reset` skipped the v1.4.1 repair

• `cli_reset()` only deleted `/etc/brave/policies/managed/slimbrave.json` and exited — it never invoked `repair_brave_prefs()`. Users running:
• ```bash
• sudo python3 slimbrave-linux.py --reset
• ```

🐛 Fix

• `cli_reset()` now calls `repair_brave_prefs()` after deleting the policy file and reports `Cleaned N leaked profile prefs from Brave's user profile.` when it scrubs anything. It also warns if Brave is still running (in-memory pref state can clobber the repair on next save).
• `repair_brave_prefs()` captures the original mode via `os.stat(pref_path).st_mode & 0o777` before the atomic write and passes it through, preserving `0o600` (or whatever the user's Preferences was originally set to).

📦 Validation

• End-to-end on openSUSE Tumbleweed + Brave 1.89.143, three independent paths:
• | Path | Outcome |
• |---|---|
• | TUI Reset (`reset_policy()`) | "removed 2 leaks", wildcards scrubbed, content intact, mode preserved |
• | Direct `repair_brave_prefs()` call | `(2, False)`, same clean scrub, mode preserved |
• | TUI Reset with live policy file | Policy file deleted and wildcards scrubbed in one pass |
• | CLI `--reset` (regression test for fix 1) | "Cleaned 2 leaked profile prefs", wildcards scrubbed, mode preserved at `0600` |
• Zero key-level diff vs the pre-test backup in every run — repair only touches the two SlimBrave-written wildcard patterns.

📦 Windows

• The Windows side (`SlimBrave.ps1`) was patched separately by the Windows session and is not part of this release's diff.

📦 File paths the repair touches

• Linux: `~/.config/BraveSoftware/Brave-Browser/Default/Preferences`
• macOS: `~/Library/Application Support/BraveSoftware/Brave-Browser/Default/Preferences`

📦 What was happening

• When SlimBrave applied "Disable Brave Shields", Brave received the `BraveShieldsDisabledForUrls` policy and wrote the URL patterns through to the user's profile `Preferences` file:
• ```json
• "profile": {
• "content_settings": { "exceptions": { "braveShields": {
• "http://*,*": { "setting": 2 },
• "https://*,*": { "setting": 2 }
• }}}
• }
• + 1 more

🐛 Fix

• Anyone who unchecks Disable Brave Shields and Applies has the leaked entries cleaned in the same step.
• Anyone with a previously-polluted profile gets fixed the next time they hit Apply or Reset.
• User-set per-site overrides (e.g. you manually disabling shields on a specific site) are preserved — only the two SlimBrave-written wildcard patterns are removed.
• Idempotent: safe to run repeatedly, no-op when nothing to clean.
• Safe against malformed or missing Preferences files.
• Apply/Reset success messages now report how many leaked entries were cleaned and warn if Brave is still running (Brave's in-memory pref state can clobber the repair when it next saves to disk).

📦 File paths the repair touches

• | OS | Profile Preferences |
• |---|---|
• | Linux | `~/.config/BraveSoftware/Brave-Browser/Default/Preferences` |
• | macOS | `~/Library/Application Support/BraveSoftware/Brave-Browser/Default/Preferences` |
• | Windows | `%LOCALAPPDATA%\BraveSoftware\Brave-Browser\User Data\Default\Preferences` |

🧪 Testing

• Polluted-fixture repair (Python + PowerShell): leaked patterns removed, user-set overrides preserved
• Idempotence verified
• Malformed JSON / missing file handled cleanly
• Full apply/reset pipeline integrated and tested
• Full diff: https://github.com/ChaoticSi1ence/SlimBrave-Neo/compare/v1.4.0...v1.4.1

🐛 What actually broke (and is now fixed)

• Three features did nothing. `FeedbackSurveysEnabled`, `MediaRecommendationsEnabled`, and `PromotionsEnabled` are not real Brave policies — Brave ignored them. Removed from the UI, presets, and README.
• Strict Parental Controls preset forced incognito instead of disabling it. Preset format only listed key names; when a key had multiple possible values (1=Disable, 2=Force), both rows got checked and the later one silently won. Now fixed — and the preset actually ships a working DoH template (`https://family.cloudflare-dns.com/dns-query`) instead of enabling custom DNS with no server.
• Custom DNS with no template silently broke DNS on Linux/macOS CLI. TUI validated; CLI didn't. Now both reject it.
• Windows Apply could half-apply features if DNS failed. DNS is now validated before anything gets written.

✨ New

• Five new hardening toggles exposed in all three UIs: Enable De-AMP, Enable Debouncing, Strip Tracking URL Parameters, Reduce Language Fingerprinting, Disable IPFS.
• Disable/Force Incognito are now mutually exclusive — checking one auto-unchecks the other across all three platforms.
• Preset format upgraded to a key→value map so multi-value policies round-trip correctly. Pre-v1.4 array-format exports still import fine (first matching row per key wins, which also fixes the latent force-incognito bug in older imports).

📦 Preset updates

• All five presets refreshed. Balanced/Maximum/Performance now enable the tracking-param / AMP / debouncing hardening where it fits the preset's intent.

📦 Verified

• Python 3.12 syntax check: OK on both scripts
• PowerShell parse check: OK
• All five preset JSONs parse
• Import/export round-trip, legacy array compat, group exclusivity, DNS validation, and parental controls behavior all pass integration tests
• No breaking changes for existing users — old exported configs still import cleanly.
• Full diff: https://github.com/ChaoticSi1ence/SlimBrave-Neo/compare/v1.3.0...v1.4.0

🐛 Security fixes

• Linux and macOS (`slimbrave-linux.py`, `slimbrave-mac.py`)
• Atomic, symlink-safe policy writes. `apply_policy` and `export_settings` now write via `tempfile.mkstemp` + `os.replace` instead of plain `open(path, "w")`. Closes a root-privilege footgun where an unprivileged user could pre-create the policy path as a symlink (e.g. to `/etc/shadow`) and have root truncate the target. Also makes the write atomic — Brave no longer has a window where it could load a half-written JSON/plist.
• `--policy-file` now validates its argument. The flag used to accept any absolute path with no checks. Combined with `--reset` under a permissive `sudoers` rule this was effectively "delete any file." It now requires the resolved path to live under a Chromium-documented policy directory (`/etc/brave/policies/managed`, `/etc/chromium/policies/managed` on Linux; `/Library/Managed Preferences`, `/Library/Preferences` on macOS).
• Explicit `0o644` mode on the policy file — no more umask roulette.
• Windows (`SlimBrave.ps1`)
• "Disable Brave Shields" now actually works. `BraveShieldsDisabledForUrls` is a Chromium *list* policy and must be stored as a subkey with numbered `REG_SZ` values (`...\BraveShieldsDisabledForUrls\1 = "https://*"`). Previous versions stored it as a single `REG_SZ` holding a JSON-encoded array, which Chromium does not parse, so the checkbox was silently a no-op. Existing broken values are cleaned up automatically on the next apply.
• New `Set-ListPolicy` / `Remove-ListPolicy` / `Test-ListPolicyMatches` helpers so any future list-type policies are wired correctly.

📦 Authenticity

• Added [`SECURITY.md`](SECURITY.md) declaring the official source, the official file inventory (three scripts, no binaries), and how to report vulnerabilities via GitHub Private Vulnerability Reporting.
• Added an alert to the top of the README so users who land there via search see the authenticity notice before the install instructions.

📦 Migration notes

• Windows users on v1.2.0 or earlier with "Disable Brave Shields" checked: re-open SlimBrave and click Apply once. The old broken `REG_SZ` value is removed and the correct list subkey is written.
• `--policy-file` users with a non-standard path: the flag now rejects paths outside the whitelist. If you had a legitimate use case for this, open an issue with details.

📦 Verifying this release

• ```
• git clone https://github.com/ChaoticSi1ence/SlimBrave-Neo.git
• cd SlimBrave-Neo
• git checkout v1.3.0
• ```

🗑️ Removed Deprecated Policy

• IPFSEnabled — IPFS support was removed from Brave in v1.69.153 (August 2024). This policy no longer has any effect and has been removed from all scripts and presets.

✨ New Brave-Specific Policies (9 added)

• Telemetry & Reporting
• Disable P3A Analytics (`BraveP3AEnabled`)
• Disable Stats Ping (`BraveStatsPingEnabled`)
• Privacy & Security
• Enable Global Privacy Control (`BraveGlobalPrivacyControlEnabled`) — the modern, legally-binding successor to Do Not Track
• Brave Features
• Disable Brave News (`BraveNewsDisabled`)
• Disable Brave Talk (`BraveTalkDisabled`)
• + 5 more

📦 Preset Updates

• All 5 presets updated with the new policy keys, tailored to each profile's purpose.

📦 Other

• Windows PS1 form layout adjusted for additional entries
• All policy keys verified against current `brave-core` source

✨ What's New

• macOS support — Full TUI implementation for macOS using managed preferences (`/Library/Managed Preferences/com.brave.Browser.plist`), contributed by @alsyundawy (#1)
• Renamed Linux script — `slimbrave.py` → `slimbrave-linux.py` for clarity across platforms

📦 Downloads

• | File | Platform | How to run |
• |------|----------|------------|
• | `slimbrave-linux.py` | Linux | `sudo python3 slimbrave-linux.py` |
• | `slimbrave-mac.py` | macOS | `sudo python3 slimbrave-mac.py` |
• | `SlimBrave.ps1` | Windows | Right-click > Run with PowerShell (as Admin) |

✨ New Policy Toggles

• Three Chromium enterprise policy controls added to both Windows and Linux:
• Disable Metrics Reporting (`MetricsReportingEnabled`) — blocks crash and usage telemetry
• Enable Do Not Track (`EnableDoNotTrack`) — forces the DNT header on all requests
• Disable IPFS (`IPFSEnabled`) — disables Brave's built-in IPFS gateway
• All three are now fully wired into the UI, import/export, and all five bundled presets.

🐛 Bug Fixes

• DoH text box clipping (Windows): The custom DNS template input no longer overlaps with the right panel border
• HKCU user-scope policy handling (Windows): Apply, Reset, and startup now read and clean policies from both `HKLM` and `HKCU` registry scopes, preventing stale user-scope values from overriding machine-level policies
• Preset key mismatch: `DeveloperToolsDisabled` in Maximum Privacy and Strict Parental Controls presets corrected to `DeveloperToolsAvailability` to match the actual Chromium policy key used by the UI

📦 Downloads

• | File | Platform | How to run |
• |------|----------|------------|
• | `slimbrave.py` | Linux | `sudo python3 slimbrave.py` |
• | `SlimBrave.ps1` | Windows | Right-click > Run with PowerShell (as Admin) |

📦 SlimBrave Neo 1.0.0 — Full Linux + Windows Release

• Debloat and harden Brave Browser with managed Chromium enterprise policies. Zero dependencies on either platform.

📦 Downloads

• | File | Platform | How to run |
• |------|----------|------------|
• | `slimbrave.py` | Linux | `sudo python3 slimbrave.py` |
• | `SlimBrave.ps1` | Windows | Right-click > Run with PowerShell (as Admin) |

📦 Linux — Python 3 Curses TUI

• Interactive TUI with scrollable feature list, color categories, and keyboard navigation
• CLI mode: `--import`, `--export`, `--reset`, `--policy-file`, `--doh-templates`
• Import/export PS1-compatible JSON configs (handles UTF-16 BOM from Windows exports)
• Auto-detects Brave installations (Arch, deb/rpm, Flatpak, Snap, PATH)
• Reads existing policies on startup and pre-checks matching features
• DNS-over-HTTPS: automatic, off, secure, custom + editable DoH template URL
• Pure Python 3 stdlib — no external dependencies

📦 Windows — PowerShell GUI

• WinForms GUI with categorized checkboxes and dark theme
• Apply properly removes unchecked policies from the registry
• Reads existing registry policies on startup (Initialize-CurrentSettings)
• DNS-over-HTTPS: off, automatic, secure, custom + DnsOverHttpsTemplates text box
• Import/export JSON configs with DnsTemplates support
• Correct `DeveloperToolsAvailability` policy key
• Removed deprecated/no-op policies: `MetricsReportingEnabled`, `EnableDoNotTrack`, `IPFSEnabled`

📦 Presets included

• Maximum Privacy
• Balanced Privacy
• Performance Focused
• Developer
• Strict Parental Controls