v0.2.8 ​

Latest

This release fixes a frustrating regression on macOS where users were being logged out of cookie-auth sites (Gmail, LinkedIn, etc.) after every quit, plus a favicon fallback bug, a Linux packaging failure, and rough edges in the dev workflow.

Bug Fixes ​

• macOS: stop losing logins after quit — Without a Developer ID signature, macOS Keychain can't reliably persist the "Nav0 Safe Storage" entry that Chromium's OSCrypt needs to decrypt cookies. As a result, each launch generated a fresh random key, cookies became unreadable, and users were logged out of Gmail, LinkedIn, and other cookie-based sites. The cookie-encryption fuse is now off on macOS, matching the posture of other unsigned Electron browsers like Min. Cookies persist across launches again. (IndexedDB-based sessions like WhatsApp were never affected.) The fuse will be re-enabled once builds are signed and notarized.
• Cookie encryption preserved on Windows and Linux — Windows DPAPI and Linux libsecret don't require code signing, so on-disk cookie encryption stays enabled on those platforms. The fix above is scoped to macOS only.
• Favicons no longer go blank when the sharpest icon 404s — The "pick the sharpest favicon" heuristic added in v0.2.6 was selecting whatever URL Chromium advertised as largest, usually /apple-touch-icon.png. Plenty of sites boilerplate that <link> tag without actually serving the file, so a single 404 left the tab favicon blank. The handler now ranks all candidates by size and walks the list, falling back to the next-best icon (and finally to favicon.ico) if the top choice is missing. Sharp favicons stay sharp; sites that only serve favicon.ico display it again.
• Linux .deb and .rpm builds succeed again — Electron Packager was naming the Linux binary Nav0 (taken from package.json name), while the deb/rpm makers expected nav0. The make step failed looking for the wrong path. The Linux executableName is now explicitly lowercased.

Developer Experience ​

• Dev sessions stop wiping cookies on every relaunch — The dev Electron binary used to share userData with the installed Nav0 app but write to a different OSCrypt keychain entry ("Electron Safe Storage" vs "Nav0 Safe Storage"). The unsigned dev binary also frequently couldn't create its keychain entry at all, so cookies vanished between launches. Dev now uses its own isolated userData directory and bypasses the macOS keychain via --use-mock-keychain. Production paths are unchanged.

Nav0 is a minimal, privacy-focused browser that collects zero data. It's open source, free, and built on the belief that your browser should do one thing well: let you browse the web. Get started.