* Measure onboarding success with opt-in for 1% of users (Clean Insights)
* Auto text wrap in display container for cleartext signed messages
* Fix duplicate key entries in the keyring after reload of GnuPG keyring
* Add better hint when GnuPG is installed but not detected
* Use crypto.randomUUID() for unique identifiers

* Fix click on links in decrypted message leading to page loading errors
* Update dependencies

* [Gmail] Fix detection of encrypted attachments

* Support signature verification independent of sender identity
* Display signature verification results in the file decryption UI
* Warn about signature inconsistency between message and attachments
* Improve detection of messages with detached signatures
* Fix key import not updating existing keys properly
* Fix undefined password in private key backup after prior usage of password cache

* Replace QR code library
* Fix showing only first email address of key in recipient selection of Mailvelope editor
* Fix unknown signature has fingerprint instead keyId (GnuPG backend)

* Revise Google sign in button design

* Fix key import of multiple keys in one armored block
* Fix decrypt of message with unknown signature (GnuPG backend)
* Revise Gmail API settings UI

* Build WKD URL with web crypto digest method instead node crypto shim
* Various bug fixes in Gmail API integration
* Fix options view of app when using createSettingsContainer client-API method
* Update to Bootstrap 4.4.1, optimize container layout

* Support for Gmail API (experimental)
* Websites can trigger request for inclusion in the authorized domain list

* Fix error messages on restore backup dialog
* Fix bug in the editor recipient input field when terminating email address with space key
* Hide bit length selector in in advanced key generation options where not appropriate
* Fix duplicate password popup for Mailvelope viewer in the app decrypt UI
* Optimize styling of embedded components for small dimensions
* Allow to switch keyrings in the keyring setup UI
* Fix encoding of file objects when decrypting armored message in app
* Add support for Experimental Web Platform features with DOMPurify returning TrustedHTML
* Add Mailvelope title to editor and password dialog
* Fix line wrapping of cleartext signed messages

* Further fixes of character duplication when pasting password from clipboard in password input fields
* The keyring.openSettings method supports now direct navigation to the default key

* Fix pasting password from clipboard in password and key generate dialogs
* Fix import keys with key attribute packets from keys.mailvelope.com and WKD
* Improve scaling of logo

* Refreshed Mailvelope branding: new design, new logo, new icons and fonts.
* Many revised UI components, integration of new UI concepts like toasts to replace alert messages.
* Revised mail provider integration: messages are automatically decrypted if private key password is cached, new animated Mailvelope editor button.
* New configurable security background with choice of 24 icons
* Remove jQuery dependency in content scripts
* Improve PGP message detection logic on host page
* New file encryption UI in app which supports signing

* Fix race condition when importing keys that can lead to key pairs being imported as separate public and private key

* [Security] New key import UI that displays all imported user IDs and requires additional confirmation step (CVE-2019-9150)
* [Security] Fix insufficient key equality checks when importing keys via the client-API
* [Security] Fix self signature check for armoredDraft option when using GnuPG keyring. Sign and encrypt operations should always require user interaction (CVE-2019-9149).
* [Security] Add missing message and key validity checks (CVE-2019-9148)
* [Security] Improve counter of private key operations to increase resistance against time-based side-channel attacks
* Improve GPG detection on startup
* [Security] Fix issue with the private key restore mechanism, that stores unlocked private keys inside the encrypted recovery message
* Support for Autocrypt headers in client-API

* Migrate to Bootstrap 4
* Add openpgp-email-read and openpgp-email-write web components
* Add query by email parameter to keyring.hasPrivateKey method
* Add basic Autocrypt integration
* Enable key lookup (Mailvelope key server, WKD, Autocrypt) for client-API calls
* Add freenet.de to default list of authorized domains
* Update OpenPGP.js to 4.5.1

* Redesign key details UI in app
* Key UI: upload or delete keys to/from the Mailvelope key server
* Key UI: change password of private keys
* Key UI: create key revokation certificates
* Key UI: change (add new, delete, revoke) user ID: name and email
* Key UI: set new expiration date for key
* Make links in decrypted messages clickable
* Add checkbox to security settings to allow to hide header in armored message
* [Security] Fix control mechanism to let components only be created in authorized domains
* [Security] Fix OK badge on browser action icon that signals user interaction
* Various fixes and refactoring
* Update OpenPGP.js to 4.4.9

* Update OpenPGP.js to 4.3.0

* Revise OpenPGP backend selection UI.
* Update OpenPGP.js to 4.2.2. Add patch to verify ECC keys.

* GnuPG integration: connect via native messaging with a GnuPG installation and use GnuPG as an alternative backend for all OpenPGP operations.
* New encrypted web forms feature: use Mailvelope to transmit HTML form data end-to-end encrypted with OpenPGP (https://github.com/mailvelope/mailvelope/wiki/Encrypted-Forms).
* Support the Web Key Directory (https://wiki.gnupg.org/WKD) for decentralized public key discovery.
* Update OpenPGP.js to 4.2 (http://github.com/openpgpjs/openpgpjs/releases/tag/v4.2.0): security fixes, support for ECC.
* Redesign of keyring selection component and keyring management view
* Block external HTML content in decrypted messages
* Revise unit testing framework and increase test coverage
* Major refactoring of keyring and model classes to support multiple OpenPGP backends
* Add keyring fallback mechanism to find required private key for an operation across multiple keyrings
* Public keys are synchronized across multiple keyrings
* Authorized domains for client-API are by default HTTPS-only
* Revise MIME parser/builder integration

* [Security] Enforce strict MDC checking for all non-AES symmetric encryption algorithms

* Fix issue with negative left-position of encrypt frame in some webmail clients
* Remove non-functional (and on Firefox broken) scanning for sub frames when adding active tab to the watchlist
* Fix corrupted file name on file download for Firefox <61

- Encrypt and decrypt texts in App UI
- Migrate decrypt-inline and editor component to React
- Decrypt available messages when transferring to Mailvelope editor
- Fix keyring backup key type filtering
- Fix initialization of watchlist
- Fix key server selection cancel button

- Encrypt and decrypt texts in App UI
- Migrate decrypt-inline and editor component to React
- Decrypt available messages when transferring to Mailvelope editor
- Fix keyring backup key type filtering
- Fix initialization of watchlist
- Fix key server selection cancel button