Does SeaMonkey still have a "Show image" option in the right-click context menu?

I think it's "view", let me check

Oh, that could be. I'm usually using the German language version of Firefox.

And Firefoy trashed that option recently.

yeah, "view image". It might not appear or show instead as "View Background Image" depending on how images are used in webpages

... really? why?

Well, what I've heard is: Telemtry suggested it's rarely used… But I cannot confirm that in any way.

But then, this is just the latest incident of Firefox getting ever more user-hostile.

Okay, but SeaMonkey having that option is great. :)

By the way, the Downloads & Releases page always says, "MD5 sums and SHA1 sums are available for official packages and source tarballs."

But then, there are actually also SHA512 sums.

And then this makes me wonder, a) why the project "hides" those, and b) why the project provides 3 kinds of checksums.

I mean, creating those checksum also takes time, so maybe narrowing it down to one might not be a bad idea.

Also, it would really be nice if releases were signed.

That's pretty much standard practice now. And it would make SeaMonkey more appealing to the reasonably paranoid.

msiism there are not eough people around unfortunately so it is robin round and fix one thing at a time. There are bugs open for signing. Next platform will probably macOS. There it is already partially enforced.

But you are right the SHA512 checksums should be added to the builds page. Need to check if this is a general template.

Okay, nice. If it's on the list, that already makes me happy.

Yeah, mantioning those SHA512 sums would also be nice.

s/man/men/

msiism signning bugs are open for a long time now unfortunately :)

Meta bug is bugzilla.mozilla.org/1438083

msiism: you mean signing with certificate or with PGP/GPG? or just in general?

I mean having a package signing key and using that to sign release packages. So, yeah, GPG would be a good way to do this.

frg_Away: Thanks, I've bookmakred that.

I mean, GPG should also work for macOS.

msiism macOS signing is a bunch of sh*t. It is called notarizing there. You need an apple approved developer key and I think also do it under macOS and online. This one is probably on me so need to figure it out if it can be automated.

Why don't you simply give it a GPG signature, though?

People on macOS will be able to verify that.

Or is this about being in some official package repository that uses some weird signing mechanism?

If so, maybe not supporting that would not be the worst idea.

msiim They could use the sha now. Outcome would not really be much different if you want to check if the file has been tampered with. I would rather do it in a way the OS supports instead of spenging time adding more complexity in the build process.

Okay, I can't judge that. I have never used macOS for more than a few minutes.

I was just wondering whether signing everything with a GPG key might be the easiest solution. Even Windows users should be able to verify such a signature.

And, by the way, for "Unix", I'd just sign the checksum files with GPG. That should be way more efificent than signing the actual release packages.

But I'd keep the signature separate so people who really can't deal with the signture still have a corrcetly formatted checksum file to work with.

at least the windows specific method is sometimes needed/useful

I see.

no idea about macOS (last time I touched such a system, I think it was still called MacOS?)

:)

Well Windows is done with the official signing now in effect. If you use the zip the exe and dlls are signed. Together with the checksum for the zip should all be what is needed. The installers are snow igned too and are verified when starting them by the OS.

^now signed

Okay, nice.

With 2.53.11 beta 1 I dropped the SHA-1 signing and didn't dual sign them but unless you are running an unpatched Windows 7 you will not notice. SHA-2 is available for all 7 and 2008 R2 releases even without ESU.

Okay, those SHA variant names always confuse me a bit…

frg_Away: What do you mean by not dual-signing, by the way?

That there will only be one kind of checksum?

msiism yes sha1 for old systems and sha256 ibb.co/9Gf9kVX

Okay, great.

msiism This is how it is now with the beta: ibb.co/nr3W1n0

Only sha256. Mozilla does this too now. Only compatible with 7 and up so sha1 is unneeded anyway.

I see.

I'll give SeaMonkey an actual try on my testing laptop, I guess.

msiism It has some problems with later sites. Bigger too. We are working on it but you probably need another browser too for these.

Depends on you browsing habits. If you use google "services", facebook and the other ilk most of the time you will not be a happy camper probably.

They are masters in inventing new language constructs and pushing them to users.

Yeah, but I usually don't do that. ;)

I just used w3m to find something on the Web today…

the backwards-incompatible standard/specification changes aren't fun

I'd think those would be a big no-no, but that doesn't seem to be the case, or at least it didn't stop them.

Could you give an example?

I think there have been changes in javascript regex support that result in syntax errors

Oh… Fun.

I mean, there is a POSIX standard for regex. Why don't they just use that?

ERE is pretty powerful.

Maybe too powerful…

and the default parameters for fetch() have changed in a way that can break sites which don't do more than relying on what the standard says is the default

I thought hard about it but can't remember one site which got better on the desktop in the last two years after a make-over using latest web "standard". Most are a pile of too much empty space, bad design, too big fonts, cramped in the miggle of the screen slow loading sh*t right now. Might be different on mobile but I don't care about browsing on mobile.

Yeah, I think most people don't understand the original concept of what a web page is.

It took me some time to get there as well.

my general feeling with these redesigns is that often not only there's too much empty space, but also that the redesigns tend to get rid of the content.

but the "often" is probably YMMV and I didn't actually sample websites to reach a number

A well-structured classic website should also work pretty well on mobile, I guess.

But then smartphones are a crippled user interface, so, maybe not…

^cramped in the middle I mean :)

Oh, I didn't even notice the typo.

One insane thing about smartphones is that most of them don't really seem to have an equivalent of Home, End, PageUp, and PageDown.

Would need to be optimized differently for both I think. Hamburger button makes sense on mobile but anybody pushing it on desktop is imho clueless. Which includes a lot of people but I have a firm opinion here. I am a hater when it comes to this stuff :) Same for black and white or 1 color icons in toolbars.

Yeah, I agree to that.

black on white, did you mean gray on gray?

light gray text on white and the gray on gray variants included in my hate :)

fortunately no website has pissed me off lately THAT much

except for Simple Flying's latest hipster redesign, which amazingly works fine on SM

tons of stupid whitespace, and the 3rd-party comment provider will never work without Google WebComponents®, but at least they stopped punishing me for adblocking

...oh, and Colnect and it's gratuitous breakage because of nullish coalescing operator, but there are plenty of other banknote catalogs I can use

JavaScript-free, even!

not using Meth properties or Twatter not only keeps me away from more web breakage, it also keeps my sanity (mostly) intact~