v0.7.3

New Features & Improvements

• Add Deno to about credits and engines list.
• Enhance speed and ETA display logic during pause and drop.
• Accumulate track sizes to present a unified overall progress bar.

Fixes

• Resolve unknown speed flickering and ultra-wide high-resolution detection.
• Emit distinct status messages for individual tracks during download.
• Pad overall progress total for first track to prevent 100% snapback.

v0.7.2

Fixed

• Prevented yt-dlp and JavaScript child processes from keeping metadata fetches or canceled downloads alive indefinitely.
• Replaced the repeatedly extracted one-file yt-dlp build with a stable prewarmed runtime cache.
• Bundled Deno so YouTube JavaScript challenges and formats above 720p do not depend on system-installed tools.
• Stopped masking empty-format extraction failures and removed brittle forced YouTube client selection.

Changed

• Pinned and checksum-verified yt-dlp, Deno, FFmpeg, aria2, and aria2's libraries for matching local and GitHub Actions builds.
• Removed aria2's runtime dependency on Homebrew and configured its bundled CA certificate for direct and yt-dlp-delegated HTTPS downloads.
• Added bounded network retries and optional aria2c acceleration for large direct media downloads.

v0.7.1

Security Fixes

• Addressed multiple vulnerabilities identified in the v0.7.0 security audit.
• Moved yt-dlp credential passing from CLI arguments to secure temporary configuration files to prevent process list leakage.
• Enforced strict 0o600 POSIX permissions on aria2c temporary configuration files to protect generated RPC secrets.
• Replaced the unauthenticated local connection protocol with a secure HMAC-SHA256 signature validation.
• Excluded sensitive properties like rpcSecret and rpcPort from DownloadItem serialization so they are never saved to disk in plaintext.
• Mitigated SSRF (Server-Side Request Forgery) by strictly validating metadata fetch requests against private IP addresses and loopback ranges.
• Prevented potential path traversal vulnerabilities by validating destination file URLs during duplicate resolution.
• Sanitized custom HTTP headers to prevent CR/LF injection vectors.
• Re-architected aria2c port-finding with POSIX sockets to eliminate a known race-condition window.
• Applied rate-limiting and text length bounds to the custom firelink:// scheme to mitigate DoS and injection attempts.

Fixes

• Fixed a metadata extraction timeout when downloading from YouTube by preventing child processes from holding process pipes open.
• Resolved an issue to correctly assign filenames for auto-captured downloads.
• Restored the UUID fallback for token generation to prevent silent failures if secure random byte generation fails.
• Hardened local API security by immediately rejecting requests if the expected pairing token is completely empty.
• Implemented a thread-safe cleanup mechanism for temporary directories to resolve a concurrency race condition during engine cancellation.
• Increased the yt-dlp metadata extraction timeout to 120 seconds to properly handle YouTube's new JavaScript Proof-of-Work bot protection challenges.
• Improved the AddDownloadsView UI to display the exact underlying error message during extraction failures rather than a generic masked string.

v0.7.0

New Features & Improvements

• Complete UI modernization for the context menu, toolbar, download list, and sidebar to adhere strictly to Apple's Human Interface Guidelines (HIG).
• Overhaul of the Settings panes including Site Logins, Engine, About, Locations, and Downloads for a unified, cleaner look.
• Introduce an "Ask where to save" global configuration option for manual location picking per download.
• Add "Stop Time" option to the Scheduler and unit picker for the global Speed Limiter.
• Enhance the Integration pane with a visible step counter and an up-to-date status icon.
• Optimize yt-dlp execution for noticeably faster media extraction speeds.
• Defer Keychain access prompts and track executable modification dates for a more secure "priming" mechanism.

Fixes

• Fix issues regarding proxy environment propagation into media download processes.
• Resolve multiple critical bugs related to configuration storage and download stability.
• Address multiple underlying issues identified during comprehensive code reviews to improve overall resilience.

v0.6.6

New Features

• Add cascading media format pickers with inline loading states during metadata extraction.
• Redesign the Integration settings pane for a more modern experience.
• Overhaul the built-in update checker UI to integrate seamlessly into the settings.

Improvements

• Implement keychain permission priming to defer secure access until explicitly granted, preventing unexpected macOS prompts.
• Optimize core UI components to significantly improve rendering performance and overall app stability.

Fixes

• Fix layout and dynamic sizing bugs in the Add Downloads window.
• Fix formatting inconsistencies in media options selection.
• Fix toast notification rendering glitches.

v0.6.5

Fixes

• Fix GitHub Actions build failure caused by an ambiguous bundle format when attempting to codesign yt-dlp's embedded PyInstaller Python.framework.

v0.6.3

Improvements

• Upgrade pairing token generation to use a 32-byte cryptographically secure random sequence.
• Migrate pairing token storage from UserDefaults to KeychainCredentialStore for enhanced security.
• Redesign the "Connect Browser Extension" settings pane to be browser-agnostic with links to both Firefox and Chrome extension stores.
• Add a "Regenerate" button to instantly invalidate and recreate the pairing token.

Fixes

• Fix CORS preflight failures for the new /ping extension connection check by allowing GET methods in the local server.

v0.6.2

Fixes

• Fix a bug where confirming a duplicate resolution failed to close the Add Downloads window, misleading users into thinking the download didn't start.
• Fix keyboard shortcut collision that caused the main window to intercept Enter/Escape keys when the duplicate resolution sheet was open.
• Fix UI freeze when checking release notes for an update by parsing HTML asynchronously on a background thread.
• Improve Sparkle changelog formatting by converting HTML tags to clean Markdown instead of stripping them into an unreadable block of text.
• Change the internal Process xxxxx status message to a cleaner Starting... message when queueing a new download.
• Fix EXC_BREAKPOINT crash on app launch in production builds by prioritizing Bundle.main over Bundle.module when accessing resources.

v0.6.1

New Features

• No new user-facing features in this patch release.

Improvements

• Package bundled yt-dlp and ffmpeg executables into the macOS app bundle so media extraction works in release builds.
• Resolve bundled media engines from both app resources and SwiftPM resources to support packaged apps and local development builds.

Changes

• Fetch release-time media engine binaries in GitHub Actions instead of storing large binaries in git.
• Use the changelog entry for GitHub release page descriptions so published release notes match the source tree.
• Remove stale media add-on update language now that media engines are bundled with the app.
• Update Firelink Companion to 1.0.8.

Fixes

• Replace the stale pinned FFmpeg download URL with Martin Riedl's latest macOS ARM64 release redirect.
• Fail release builds early when yt-dlp or ffmpeg cannot be fetched or made executable.
• Remove unused media inspector and media download entry-point code left behind by the removed engine update flow.
• Prevent Firelink Companion global capture from canceling browser downloads unless the native app confirms the local API handoff.

v0.6.0

New features

• Enhance mixed media support and add duplicate resolution.
• Redesign settings panes and enhance update flows.
• Improve yt-dlp fetching speed and redesign media detection UI.
• Enhance media engine settings with cookie extraction and update checks.
• Modernize Integration settings UI and add official install button.
• Integrate yt-dlp to DownloadController and add global queue support.
• Implement smart progressive disclosure UI and media extraction engine.
• Implement gatekeeper architecture for on-demand media engine binaries.
• Inline Sparkle update checks to avoid unnecessary modals.

Changes

• Add backward compatibility support for extension tokens.
• Update Firelink-Extension submodule to latest.
• Update app icons and icon generation scripts.
• Tone down icon gradient to 1.9x for modern subtle look.
• Increase gradient contrast for stronger lighting effect.
• Switch to lighter gradient (+1 to 0).
• Revert to plain mode without gradient.
• Apply premium gradient to the correct new icon and app icon.
• Remove redundant version string from up-to-date message.
• Update appcast.xml with valid signature for new framework-embedded dmg.

Fixes

• Cap max height of download links text editor.
• Harden media download flow.
• Pass extractor arguments to yt-dlp download process.
• Restore single click selection by removing simultaneousGesture.
• Restore Download Properties routing and gestures.
• Pass UUID as String for download properties WindowGroup to prevent routing failures.
• Size column fallback and table row interactions.
• Media download UX and table row selection.
• Media downloads connections, progress parsing, file size, and selection highlight.
• Stabilize yt-dlp metadata and add-on updates.
• Block automatic metadata fetch for private IP addresses (security).
• Actually update extension icons with the 1.9x gradient icon.
• Correctly remove black padding and mask corners.
• Harden Sparkle release metadata.
• Correct Sparkle SUNoUpdateError code to prevent false error messages.