Skip to content

imjcramer/trivalent

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

609 Commits
.github/workflows
.github/workflows
 
 
build
build
 
 
docs
docs
 
 
fedora_patches
fedora_patches
 
 
patches
patches
 
 
scripts
scripts
 
 
translation_patches
translation_patches
 
 
vanadium_patches
vanadium_patches
 
 
.codacy.yml
.codacy.yml
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
.gitlab-ci.yml
.gitlab-ci.yml
 
 
AGENTS.md
AGENTS.md
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
LICENSE.Apache-2.0-note
LICENSE.Apache-2.0-note
 
 
LICENSE.FTL-note
LICENSE.FTL-note
 
 
LICENSE.GPL-2.0
LICENSE.GPL-2.0
 
 
LICENSE.Webview-note
LICENSE.Webview-note
 
 
Makefile
Makefile
 
 
VERSION
VERSION
 
 
copr_script.sh
copr_script.sh
 
 
debian_build.sh
debian_build.sh
 
 
docker-compose.yml
docker-compose.yml
 
 
trivalent.png
trivalent.png
 
 
trivalent.svg
trivalent.svg
 
 
update-remote-patches.sh
update-remote-patches.sh
 
 

Repository files navigation

Trivalent logo

Trivalent

build-debian Runners by - runs-on.com Egress auditing by - stepsecurity.io OpenSSF Scorecard

A security-focused, Chromium-based browser for desktop Linux inspired by Vanadium. This fork targets Debian x86_64.

Scope

In scope

  • Desktop-relevant patches from Vanadium (located in vanadium_patches)
  • Changes that increase hardening against known and unknown vulnerabilities
  • Changes that make secondary browser features opt-in instead of opt-out (for example, making the password manager and search suggestions opt-in)
  • Changes that disable opt-in metrics and data collection, so long as they have no security implications

Out of scope

  • Any changes that sacrifice security for "privacy" (for example, enabling MV2) why?
  • Any novel functionality that is unrelated to security

Installation

Upstream support is provided via secureblue. This fork is Debian‑only and is intended for local builds on modern Debian x86_64. Fedora/secureblue packaging is not supported here.

For Debian (x86_64) local builds based on ungoogled-chromium, see docs/BUILDING_DEBIAN.md.

Post-install

Some additional preferences are added to chrome://settings/security, these provide additional security and privacy controls should they be needed. An example of one toggle is the Network Service Sandbox (disabled by default), which is known to occasionally clear cookies on exit.
There is also a Website Dark Mode preference added to chrome://settings/appearance.

Additionally, the following flags are available that provide extra hardening but may cause breakage or usability issues:

  • chrome://flags/#show-punycode-domains
  • chrome://flags/#clear-cross-origin-referrers

Other flags are also provided for compatibility should you experience an issue related to some of the hardening enabled by default. For example, the default pop-up blocker is very strict, it may optionally be disabled chrome://flags/#strict-popup-blocking to improve usability.

Content Blocking

Trivalent comes by default with content filtering enabled using chromium's internal subresource filter. The lists used for content filtering can be found in the trivalent-subresource-filter repository.
If you want to contribute to the subresource filter, example suggesting a new list, visit here.

Contributing

Follow the contributing documentation, and make sure to respect the CoC.

About

No description, website, or topics provided.

Resources

Readme

License

Unknown and 4 other licenses found

Licenses found

Unknown
LICENSE
Unknown
LICENSE.Apache-2.0-note
Unknown
LICENSE.FTL-note
GPL-2.0
LICENSE.GPL-2.0
Unknown
LICENSE.Webview-note

Code of conduct

Code of conduct

Contributing

Contributing

Security policy

Security policy
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

10 tags

Packages

 
 
 

Contributors

Languages