Support for Vivaldi snapshot releases

Up until today, Vivaldi snapshot releases worked flawlessly with 1Password. In order to separate the stable channel and the snapshot channel a bit better from each other, Vivaldi snapshot releases are now named "Vivaldi Snapshot.app" instead of "Vivaldi.app" and they use "~/Library/Application Support/Vivaldi Snapshot/" instead of "~/Library/Application Support/Vivaldi/" as their settings/profile folder.

As a consequence of this change, 1Password now throws a "1Password can't verify the identity of your web browser" error message when using a Vivaldi snapshot release. The snapshot releases are still signed and notarized, so I am hoping all that would need to be done is to be allow-list the app name "Vivaldi Snapshot.app" inside 1Password.

If you could make 1Password compatible again with Vivaldi snapshots, it would be greatly appreciated. Having to chose between waiting for great new Vivaldi features for up to 6 weeks after they are released and being able to auto-fill passwords with 1Password is not a great situation to be in. :smile:


1Password Version: 7.5
Extension Version: 4.7.5.90
OS Version: macOS 10.14.6
Sync Type: Dropbox

Comments

  • BenBen AWS Team

    Team Member

    Hi @NSPredicate

    I'm sorry to hear about the trouble resulting from the change to how Vivaldi snapshot releases are handled. As far as I'm aware we're not considering adding additional code signatures for browsers to 1Password for Mac at this time. I will see if I can get confirmation on that from our development team, though. For now the only way to use 1Password in such a release would be with our 1Password X extension (requires 1Password membership), which does not communicate with the 1Password for Mac app, and as such doesn't require code signatures to be added there.

    1Password X

    I'm sorry I don't have the answer you were probably hoping for, but I hope 1Password X helps.

    Ben

  • Thank you for the swift reply, @Ben, but I really hope that this will not be the final answer, since a 1Password membership is not an option for me.

  • I would also like to request that "Vivaldi Snapshot" is added to 1Password for macOS. If y'all are updating the application for macOS, it wouldn't seem like an unreasonable request to do this. 1Password membership is not an option for me neither. Thank you for considering.

  • I'm also having this issue. I really don't like the design of 1Password X, so I would rather be forced to use the stable channel of Vivaldi than resort to 1Password X. That said, I don't see what the issue is with adding Vivaldi Snapshot support. Is it really that hard to add a new browser? I'm not expecting an immediate release to fix this, but I would really appreciate it if you could include it in an upcoming release that you were already working on anyway. I'm going to be unable to use Vivaldi Snapshot until this gets fixed, and I much prefer the snapshot version over the stable one.

    Honestly, if you could just bring back the option to allow unsigned browsers again, even if it's only as a hidden option that you need a shell command or other special steps to activate, that would be good enough. Being limited to browsers that the 1Password team specifically adds support for is less than ideal, and the 1Password X extension isn't any better.

  • BenBen AWS Team

    Team Member

    Thanks for the feedback, folks. I'll hit on a couple of the points here:

    1Password membership is not an option for me

    This issue aside, membership is the way forward. I'd strongly urge you to reconsider if you want to stay up to date with 1Password. If you have questions about that I'd encourage you to reach out to us at [email protected].

    Is it really that hard to add a new browser?

    I don't believe that the act of adding the code signature is at all difficult or time consuming, but rather the vetting process that we have in place in order to consider doing so. This ties into my next point:

    Being limited to browsers that the 1Password team specifically adds support for is less than ideal

    I understand that, however, the whole purpose of checking code signatures against a known database is to make sure that we aren't turning 1Password data over to an untrusted or potentially malicious process, such as malware. By only allowing connections from signatures we've verified we're able to significantly increase the security of the process.

    I'd encourage everyone to make their decisions based on the current state, as it doesn't sound like this will be changing, at least not in the immediate future.

    Ben

  • @Ben You seem to have overlooked my comment about adding a hidden option to disable the code signature check. Note the term "hidden", as in you have to actually know what you're doing in order to find it. Either that or maybe add a hidden functionality that lets expert users add specific code signatures into their local database? As I said, I really don't like the design of 1Password X and would rather be forced to use the stable channel of Vivaldi than resort to using 1Password X. It's fortunate that I have the stable channel of Vivaldi as an option, but it's definitely less than ideal.

    I think adding some sort of functionality that can only be used by people who really know what they're doing would be the best way to handle cases like this if you don't want to go through the vetting process for obscure browsers. I really liked the old option for ignoring unknown code signatures, and would appreciate a way to bring that back in some form or another. I'm perfectly fine with using a command-line tool to make the change and having to confirm my intention 20 times before it accepts that I understand the risks and allows the change. I think most people who use browsers that you haven't vetted are probably not casual computer users, so it shouldn't be an issue to put the functionality for allowing un-vetted browsers behind some sort of super-hidden undocumented option/behavior, but it would be nice to have that functionality. Some people want to use uncommon Chromium browsers, and not everyone is able or willing to use 1Password X.

    Alternatively, you could make the ability to enable individual custom browsers be an add-on service that people have to pay for. I'd totally be willing to pay extra to be able to use 1Password with whatever browsers I want. If you put the add-on service behind a user agreement that absolves you of any responsibility for data getting sent to malicious browsers (and make that point very clear), then anyone who gets their data taken because they misused the functionality would only have themselves to blame and wouldn't be able to sue you. You could also collect data on what custom browsers people are enabling and use that to inform vetting decisions. If enough people are paying for custom browser support, then that would surely help offset costs for vetting browsers that a sufficient portion of those users are enabling.

  • On another note, @emb4c and @NSPredicate, what is it that prevents you from using a 1Password subscription? Maybe something could be done to enable you to use 1Password X in Vivaldi Snapshot. Is the recurring payment the issue, or is there some sort of functionality you rely on that you can't get with the subscription service?

    Personally, my main issue with 1Password X is that the UI (and keyboard shortcut) don't match the traditional 1Password experience I rely on, and adapting to the differences doesn't feel worth it to me. If I could get a version of 1Password X with the cmd-backslash keyboard shortcut I rely on heavily for filling in the passwords and an overall UI similar enough to 1Password, I wouldn't be opposed to switching. I use the subscription service, so my only reason for not using 1Password X is that I just don't like the way it currently is, but that's a pretty major factor for me.

  • When I wrote the OP, I was a bit tongue-in-cheek with the "please don't make me wait for 6 weeks for great new Vivaldi features", because I didn't expect the request to get denied. What I should have written instead is that 1PW is no longer compatible with Vivaldi snapshots, and that since it is important to detect potential issues between 1PW and Vivaldi before a stable release is pushed to everyone, it would be really good for Vivaldi snapshots to get whitelisted again in 1PW.

    In other words, the request was not to add support for a new browser in 1PW, but just to whitelist the app name "Vivaldi Snapshot", so that 1PW testing can continue unimpaired with Vivaldi. There have been a few issues between 1PW in Vivaldi in the past, and it was really helpful to become aware of them and be able to report them them 6 weeks before the issues would have been pushed to everyone in the regular stable releases.

    1PW generally supports pre-release channels for all the browsers it supports. For Opera, for instance, even three channels are supported: Opera, Opera Beta, and Opera Developer. So excluding Vivaldi pre-releases with a "Sorry, they changed the name of the snapshot version a bit too late" does not strike me as particularly reasonable.

  • BenBen AWS Team

    Team Member

    We do support Vivaldi Snapshot builds in 1Password X. From what I'm hearing from our development team, the situation beyond that is unlikely to change. I do apologize as I know that isn't the answer folks here would like to hear. We are not currently adding any new code signatures to 1Password for Mac. The same situation applies to Opera GX. We will also not be adding a preference, hidden or otherwise, to disable code signature checking.

    If you'd like to use browsers for which we do not already have a code signature in 1Password for Mac, 1Password X is the only alternative solution we're able to offer. I apologize for any inconvenience that causes.

    Ben

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file