Added

• Popup now surfaces when MUGA preserved a third-party creator's affiliate tag on the current URL. New "Creator referral preserved" badge inside the preview section, with a tooltip explaining the policy. Fires regardless of whether the URL was otherwise modified — including on URLs MUGA leaves untouched. Wedge of "fair to creators" made tangible. New cleaner result field preservedAffiliate exposing { param, value, store, group }. Independent of the existing notifyForeignAffiliate toast preference: this is a passive UI signal, not a notification. New i18n keys preview_preserved_creator and preview_preserved_creator_hint in en/es/pt/de. (#327)
• New collaborative report link in the popup: "Still see tracking? Help us improve" (i18n key report_unclean_url). Visible only when MUGA modified the URL and showReportButton is on, alongside the existing "Report a problem with this URL" link. Opens a pre-filled GitHub issue tagged unclean-url with hostname, version, browser and the params MUGA already removed — never the full URL or query string. Same zero-network, no-new-permissions model as the broken-site report. Feeds the remote-rules catalog with real-world misses. (#271)

Changed

• Options page: the "Remote rule updates" section now appears before the "Advanced" block, so Advanced remains the last section on the page.
• Remote-rules copy softened to reflect the on-wake refresh model introduced in 1.10.1: "Enable rule updates" (toggle) and "Periodically checks for signed updates… about once a week, while you browse" (description). No behavioral change — the max cadence is still ~7 days.

Added

• Popup now reacts live to settings changes. Toggling MUGA on/off, or adding the current domain to the per-domain-disable list (blacklist entries of the form domain::disabled), updates the preview without reopening the popup. The trigger is both an optimistic in-popup re-render on the enabled-toggle click AND a chrome.storage.onChanged listener that catches changes made from the Options page in another tab.
• Distinct popup status when MUGA is globally active but the current site is on the per-domain-disable list. Previously only "MUGA is disabled" (global) was shown; now "MUGA is disabled on this site" surfaces the per-domain state. New i18n key muga_disabled_for_domain in all four locales.

Changed

• Remote rule updates no longer require the alarms permission. The weekly refresh now piggybacks on natural service-worker wake events (browser startup, page visits, popup messages) and is throttled by a stored fetchedAt timestamp — at most one fetch per 7 days, short-circuited immediately when the feature is off. This drops one permission from the manifest without changing the opt-in default or the privacy posture.

Removed

• alarms permission from manifest.json and manifest.v2.json.

Added

• Optional weekly updates for the tracking parameter list, off by default. Ed25519-signed payloads fetched from a public GitHub Pages endpoint (https://yocreoquesi.github.io/muga/rules/v1/params.json). Enable in Settings → Remote rule updates. Zero outbound requests on a default install. See docs/transparency.html. (#270)

Fixed

• Firefox TDZ: _contentPrefs declarations hoisted to top of the content script IIFE so early-firing event handlers (copy, click, runtime.onMessage) can no longer reference them before initialization (#298)
• Security: navigate() now enforces the 2000-char URL length cap before parsing
• Security: hostname extraction in the affiliate toast wrapped in safeHostname() — malformed URLs no longer throw inside event handlers

Added

• Static-analysis regression tests asserting _contentPrefs / _contentPrefsPending declarations stay above any reader and within the first 120 lines of cleaner.js

Fixed

• Security: add URL payload length limit, reject non-HTTP schemes, harden sanitizeHTML
• Robustness: cache version counter prevents stale prefs, time-based rewrite loop eviction
• Firefox MV2: shim chrome.runtime.sendMessage, deduplicate browser-polyfill loading
• MutationObserver ping blocking debounced via requestAnimationFrame
• Document silent .catch() handlers in content scripts
• Safe manifest swap script with trap-based restoration

Added

• Automated Firefox AMO submission on tag push
• Automated Chrome Web Store submission on tag push
• README: Chrome Web Store install badge (no longer "Coming soon")

Version 1.9.6

Fixes:
- Click handler no longer intercepts all link clicks. Only intercepts clicks to affiliate store domains. Non-affiliate clicks pass through unmodified, preserving SPA navigation on YouTube, forums, and all other sites.
- Click, copy, and self-clean handlers now check if the extension is enabled before any interception. Extension is fully inert when disabled.
- Prefs loaded eagerly at content script init for synchronous access.

852 passing tests. No permission changes.

Version 1.9.4

Changes in this version:
- Consent gate: extension is now fully disabled (no URL processing, popup blocked, options redirected) until the user accepts the Terms of Use in onboarding. Enforcement points: service-worker.js (handleProcessUrl), popup.js (consent-gate overlay), options.js (redirect), content/cleaner.js (ping blocking).
- 120+ new domain-specific tracking parameters (Amazon, Facebook, TikTok, Google, LinkedIn, Reddit, eBay, YouTube, Spotify, Netflix, NYTimes, BBC, AliExpress, Bing, Yahoo, Twitter/X, Etsy). Sourced from ClearURLs, AdGuard Filter 17, Neat-URL, and Mozilla's built-in strip list.
- 5 new Shopify recommendation tracking params (pr_prod_strat, pr_rec_id, pr_ref_pid, pr_rec_pid, pr_seq) added to global tracking list.
- Fixed: double onboarding tab caused by both onInstalled and fallback IIFE opening tabs. Now uses a dedup flag (openOnboardingOnce).
- Fixed: Promise shim (shimChromePromises in storage.js) was probing each API call by invoking it without a callback. For side-effectful methods like chrome.tabs.create, this executed the action twice. Now detects environment once at startup.

Version 1.9.2

Changes in this version:
- Redesigned onboarding (privacy-first messaging, 3 features)
- Affiliate redirect unwrapping (Awin, Admitad, ShareASale, VigLink, Tradedoubler)
- Strip awc/wt_mc from redirect-based affiliate networks
- Fix collapsible store groups in Settings
- Rename "Report broken site" to "Report a bug or suggest an improvement"
- 730 passing tests

No permission changes from previous version