New Alpha Release: Tor Browser 14.5a3

Tor Browser 14.5a3 is now available from the Tor Browser download page and also from our distribution directory.

This version includes important security updates to Firefox.

Call for Testing

It is getting close to our soft-code freeze in early April and our scheduled release date of April 29th. Now would be an excellent time for the community to take the latest Alpha releases for a spin!

If you are interested in becoming a tester, please go and download the latest Tor Browser Alpha release for your preferred platform, give it a go, and report any problems you run into either on the forum or on our gitlab instance.

QA-Checklists

Beyond just ‘kicking the tires’ (so to speak) we also have a test check-list/itinerary the devs will be going through for all of our supported platforms:

• Desktop (Windows, macOS, Linux): Test Tor Browser Desktop 14.5 Release Candidates (tor-browser#43510)
• Android: Test Tor Browser Android 14.5 Release Candidates (tor-browser#43511)

If you are feeling adventurous, we would also appreciate it if community members sampled from these checklists and ensure the scenarios you care about work as you would expect in Tor Browser 14.5 Alpha before it stabilizes.

NoScript

We would ask the quite adventerous users familiar with Tor Browser's Security Level feature to try out the latest NoScript Release Candidate. NoScript 12.x, which has been rolled out to Tor Browser users at the beginning of 2025, has undergone massive "behind the scenes" changes to make it compatible with the newest Manifest V3 browser extensions API.

A lot of effort has been put in the transition to preserve 1-to-1 feature parity, but given the size of these changes some bugs have been introduced and promptly fixed. Other less obvious ones may still be lingering around!

It would be very helptul if alpha testers could:

1. Switch to NoScript's Release Candidate channel to get the most up-to-date fixes and enhancements
2. Exercise the Tor Browser at different security levels and paying attention if anything seems odd either in the transition between levels or in the websites behavior compared to what is expected at that level
3. Report issues either on the Tor Browser issue tracker with the label ~NoScript or on NoScript's own issue tracker, specifying NoScript's version as can be read in Tor Browser by ≡ > Addons and themes > Extensions.

Send us your feedback

If you find a bug or have a suggestion for how we could improve this release, please let us know.

Full changelog

The full changelog since Tor Browser 14.5a2 is:

• All Platforms
  • Bug tor-browser#41065: navigator.storage "best effort" + "persistent" leak partitionSize/totalSpace entropy
  • Bug tor-browser#41921: Clean up initialisation and bridges conflict between TorSettings and TorConnect
  • Bug tor-browser#43308: Only allow "about:" pages to have access to contentaccessible branding assets
  • Bug tor-browser#43323: Expose a stable asset from chrome:// to identify Tor, Base, and Mullvad Browser
  • Bug tor-browser#43449: Rebase Tor Browser alpha onto 128.7.0esr
  • Bug tor-browser#43451: Backport security fixes from Firefox 135
  • Bug tor-browser-build#41362: Remove meek azure from the builtin bridges
• Windows + macOS + Linux
  • Updated Firefox to 128.7.0esr
  • Bug tor-browser#41831: Some .tor.onion sites are not displaying the underlying V3 onion address in alpha
  • Bug tor-browser#43254: Cancel Moat requests when no longer needed
  • Bug tor-browser#43386: Extension requests expose Firefox's minor version and custom app name
  • Bug tor-browser#43398: tor-urlbar-button-plain hover styling is overwritten by tor-button rule
  • Bug tor-browser#43406: 2 buttons displayed onion-available and connect when Tor daemon killed
  • Bug tor-browser#43461: Drop our wordmark padding
  • Bug tor-browser#43462: Use NetworkLinkService instead of Moat for the internet test
  • Bug tor-browser#43466: Drop unnecessary CSS rules in branding aboutDialog.css
• Windows
  • Bug tor-browser#43402: set browser.startup.blankWindow false
• macOS
  • Bug tor-browser#43468: ScreenCaptureKit framework should be a weak link
• Linux
  • Bug tor-browser-build#41297: Add video codecs dependencies (recommends) on the Debian package
• Android
  • Updated GeckoView to 128.7.0esr
  • Bug tor-browser#43198: Remove "Learn more" link from Android's no-internet error
  • Bug tor-browser#43199: Bootstrapping bar needs a little TLC on Android (Part 1)
  • Bug tor-browser#43222: All tor logs timestamps reset to current time when opening screen
  • Bug tor-browser#43351: Don't force ALL CAPS for the fenix snackbar action button text
  • Bug tor-browser#43359: Improper handling of TorBootstrapChangeListener with respect to system onDestroy() calls for HomeActivity
  • Bug tor-browser#43360: Replace custom variable isBeingRecreated with built-in isFinishing function
  • Bug tor-browser#43368: Add @Suppress for incorrect linting error "Overriding method should call super. onNewIntent"
• Build System
  • All Platforms
    • Updated Go to 1.22.12
    • Bug tor-browser-build#41281: Better dev defaults for fetch variable
    • Bug tor-browser-build#41324: Improve build signing ergonomics
    • Bug tor-browser-build#41345: Go autoupdates in 1.23 so add env var to prevent it in any step that has network access
    • Bug tor-browser-build#41357: keyring/anti-censorship.gpg is in GPG keybox database version 1 format
    • Bug tor-browser-build#41358: Update sign-tag script to handle rapid-release nightly branches
    • Bug rbm#40079: Make fetch: if_needed fetch existing branches
  • Windows + macOS + Linux
    • Bug tor-browser-build#41356: Add redirects to make 14.0a4 a watershed
  • macOS
    • Bug tor-browser-build#41350: Increase timeout in rcodesign-notary-submit