Flagged Out Of Date AUR Packages: brave-bin

I am using yay to update my system & since yesterday I am getting this new warning about the Brave browser. I am using LibreWolf as my primary browser Brave as a fallback option. Since this is about a web browser I don’t want to use an old version which may lack security patches. Since I started using EndeavourOS this the first time I saw this “flagged out of date” warning. Should I just wait & avoid using Brave until this issues is resolved by the maintainer of Brave ?
By maintainer I mean the person who is maintaining Brave in AUR.

$ yay
[sudo] password for home: 
:: Synchronizing package databases...
 core is up to date
 extra                          1568.1 KiB   328 KiB/s 00:05 [--------------------------------] 100%
 community                         5.6 MiB   486 KiB/s 00:12 [--------------------------------] 100%
 multilib                        149.8 KiB   286 KiB/s 00:01 [--------------------------------] 100%
 endeavouros                      18.6 KiB  11.5 KiB/s 00:02 [--------------------------------] 100%
:: Starting full system upgrade...
resolving dependencies...
looking for conflicting packages...

Packages (2) mesa-21.1.6-1  reflector-simple-1.17.3-1

Total Download Size:   17.49 MiB
Total Installed Size:  98.32 MiB
Net Upgrade Size:       0.00 MiB

:: Proceed with installation? [Y/n] 
:: Retrieving packages...
 mesa-21.1.6-1-x86_64             17.5 MiB   820 KiB/s 00:22 [--------------------------------] 100%
 reflector-simple-1.17.3-1-any    21.3 KiB  32.8 KiB/s 00:01 [--------------------------------] 100%
 Total (2/2)                      17.5 MiB   773 KiB/s 00:23 [--------------------------------] 100%
(2/2) checking keys in keyring                               [--------------------------------] 100%
(2/2) checking package integrity                             [--------------------------------] 100%
(2/2) loading package files                                  [--------------------------------] 100%
(2/2) checking for file conflicts                            [--------------------------------] 100%
:: Processing package changes...
(1/2) upgrading mesa                                         [--------------------------------] 100%
(2/2) upgrading reflector-simple                             [--------------------------------] 100%
:: Running post-transaction hooks...
(1/3) Arming ConditionNeedsUpdate...
(2/3) Check if user should be informed about rebooting after certain system package upgrades.
Reboot is recommended because of recent core system package upgrades.
(3/3) Updating the desktop file MIME type cache...
:: Searching databases for updates...
:: Searching AUR for updates...
 -> Flagged Out Of Date AUR Packages:  brave-bin
 there is nothing to do

By the way I pray that this same thing never happens with LibreWolf coz in that case it will be a disaster for me coz I am not aware of any other browser which offers the same level of privacy that LibreWolf provides. I strongly feel that LibreWolf should be in the main repos instead of AUR but there is nothing that I can do about that.

Yes wait for the maintainer to fix it. If you are concerned about privacy brave is the last browser I would choose. Firefox can do the same thing libre wolf does if you configure it to.

6 Likes

You might want to have a look at how to use a user.js like

in order to tweaking Firefox for better privacy.

:warning: Perhaps it would be a good idea to create a test profile in Firefox to try it out first before implementing it on your regular profile:

@pebcak
In your opinion taking which approach will result in maximum privacy ?
Method 1) Using LibreWolf with no modifications.
Method 2) Using Firefox with a custom user.js.
I am asking this coz one hand there’s already a FF based browser which is tweaked by experts & on the other hand a novice like me is trying something which I have never done before.

Honestly, I haven’t used Librewolf myself but from what I’ve gathered from the posts around the forum it comes with good privacy features out of the box. If I am not wrong it does make use of arkenfox user.js. Perhaps other forum members who use it are better suited to answer this question.

I thought perhaps if you would like to have a fallback browser in the event that there are some delays with updates to Librewolf, a hardened Firefox could be a good candidate.

As my daily, I use Firefox with the above mentioned user.js and some privacy extensions.

Now that’s a clever idea. Sorry I didn’t understand. I will definitely give it a try and write back.

1 Like

I seem to be wrong about Librefox using arkenfox’ user.js outright. However:

Arkenfox

  • This is not Arkenfox
  • Arkenfox is a template user.js, fully documented, and the gold-standard on relevant Firefox preferences
  • We rely heavily on Arkenfox’s expertise, research, and knowledge: but we choose out own default preferences configuration
  • We endeavor to keep up to date with Arkenfox
    :arrow_right: https://librewolf-community.gitlab.io/docs/
1 Like

Not to point out the obvious, but it depends on what is in the custom user.js :slight_smile:

To answer a slightly different question, I think there is very little difference in privacy between using the arkenfox js and Librewolf. If anything, Arkenfox is probably more private by default(at the cost of usability). In either case, you probably want to tweak them to match your own preferences.

However, Firefox gets security patches faster.

Remember you told me about this website ? I am desperate to pass the test. I don’t want that depressing line saying “your browser has an unique fingerprint”

If I can achieve this by using Arkenfox I will at least try.

@pebcak @dalto
How do I download this particular user.js ? I see no download link. I am not familiar with github.

1 Like

I have downloaded and extracted the zip. How do I actually implement this user.js ? I found this website but its suggesting a different method which involves using “git clone”.

userjs

First, you read this:

Next you place those files in the root directory of your profile. The documentation explains how to find that:

A user.js, which resides in the root directory of a profile, is used to set preferences for that profile [1] when Firefox starts. Preferences are settings that control Firefox’s behavior. Some can be set from the Options interface and all can be found in about:config, except for what are called hidden preferences which will only show when they are set by the user.

[1] To find your profile, open about:support and look for Profile Folder under Application Basics

I am going to warn you that using that is not “hit this button” type of operation. You need to do some reading first if you want the best experience.

1 Like

Okay this is the path of my profile folder

/home/home/.mozilla/firefox/abe19gup.default-release/

and these are its contents. Should I just delete everything that is in it and paste what came in that zip ? The instructions are not as good as the Arch Wiki.

Success. Just pasted that user.js in the profile folder. This website helped

Nothing to worry about. If a lot of sites starts breaking I will learn how to tweak the settings.

1 Like

Make sure you don’t edit the user.js directly. Use the override file as described in the documentation.

Understood. One last question, since this particular user.js is manually installed & not using the traditional way that is from a repo what about updates ? I mean do new version of arkenfox gets released ? Should I just keep visiting that download page & in case I find a new version just copy paste the new one by accepting “replace” of Thunar ?

The download should have included a file named updater.sh. You should have copied that along with user.js into your profile. When you run that script it updates itself then downloads the latest user.js and integrates your overrides.

I will just copy everything from that folder to my profiles folder. So basicallly to check for updates I launch a terminal then cd into the profiles directory & run this (without sudo)?

./updater.sh

Yes, exactly.