## [0.5.0] - 2020-09-28

### Added
- minor: The extension automatically uninstalls itself when run. This will
address the few users left whose installation had trouble with storage and the extension did not uninstall
itself on schedule.

## [0.4.2] - 2020-08-25

### Changed

- patch: Removes an unnecessary remote debug logging call. Researchers are never
sent your usernames or passwords.

## [0.4.1] - 2020-08-25

### Changed

- patch: Improve debug logging to help address bugs. Researchers are never sent
your usernames or passwords.

## [0.4.0] - 2020-08-14

### Changed

- minor: Updated several collected events to include more metadata to help
researchers analyze events. None of the event metadata reveals any
personally identifiable information.
- patch: Allow extension to make requests to the staging breach API.

### Fixed

- patch: Improves the generation of user IDs to ensure that they are unique.

## [0.3.4] - 2020-08-12

### Fixed

- patch: Prevent extension from crashing if it fails to load remote configuration.

## [0.3.3] - 2020-08-11

### Changed

- patch: Publishes events to the live, production database.

## [0.3.2] - 2020-08-11

### Fixed

- patch: Fix bug that prevented the extension from correctly logging error
messages.

## [0.3.1] - 2020-08-11

### Fixed

- patch: The extension now checks for credential issues in parallel, which
provides significantly better performance.
- patch: Fixed bug that occasionally made notification buttons unclickable.

## [0.3.0] - 2020-08-11

### Added

- minor: Emit new events: ApparentlySuccessfulPasswordChange,
FailedPasswordChange, and FailedLogin.
- minor: The extension automatically uninstalls itself when the study ends.
- minor: Notifications remain displayed until the user clicks a button.
- minor: All events now include the field: browserName.

### Changed

- minor: Renamed Login event to ApparentlySuccessfulLogin and added new fields:
domainId, numUserAccountsOnDomain, collectionMethod, and tabId.
- minor: Moved computationally expensive cryptography to worker threads, which
allows the extension to remain responsive to notification button clicks
and form submissions while calculations are taking place.
- patch: Improve the reliability of detecting successful login attempts.

## Fixed

- patch: Fixed a bug that was preventing the extension from working in chromium
based browsers. Previously, the extension only checked for a Firefox
specific field (.originUrl), but now also checks for a semantically
identical field supported in chromium based browsers (.initiator).
- patch: Fixed a bug that caused notifications to be incorrectly identified as
password change pages.

## [0.2.0] - 2020-07-23
### Changed
- minor: Changed the extension to run persistently in the browser, which means
it will use slightly more memory than it did previously.

### Added
- minor: Extension updated to support chromium based browsers. Tested on Chrome
and Edge.
- minor: Updated several events to include a field called `userAccountId`,
which uniquely identifies one of the user's accounts. This information
is required to allow the researchers to correctly analyze the user's
interaction with the extension. The value of this field is calculated
in a privacy preserving way and does not reveal the account username
nor the domain to the researchers.
- minor: The extension now attempts to determine whether a form submission was
completed successfully or rejected by the server, which allows it to
limit notifications to successful logins and avoid notifications for
password typos.

### Fixed
- patch: Fixed the "Ignore" button in the notification. When the user clicks
"Ignore", notifications will no longer be shown for the current
username on the current domain.

1) Updated the text of the notification.

1) Updated the participation consent language on the welcome page to clarify that the names of the websites you visit ARE NOT collected.

2) Improves the notification text to highlight which site triggered the security notification.

- Removed domain information from all remotely logged events.
- Updated notification language to make security advice more clear.
- Clarified language outlining compensation for recruited research participants.