[META] Bumps to v78.2

> closes #19

.github/FUNDING.yml

@@ -0,0 +1,4 @@
+# repo:     HorlogeSkynet/thunderbird-user.js
+# filename: FUNDING.YML
+
+liberapay: HorlogeSkynet

.github/ISSUE_TEMPLATE/bug.md

@@ -0,0 +1,38 @@
+---
+name: Bug report
+about: Create a report to help us improve Thunderbird User.JS
+title: "[BUG] "
+labels: 'bug'
+assignees: ''
+
+---
+
+**Describe the bug**
+<!-- A clear and concise description of what the bug is. -->
+
+
+**Expected behavior**
+<!-- A clear and concise description of what you expected to happen. -->
+
+
+**Screenshots**
+<!-- If applicable (i.e. graphical glitch), add screenshots to help explain your problem. -->
+
+
+**Environment**
+<!-- Please complete the following information: -->
+- Thunderbird version used (X.Y.Z) : 
+- `thunderbird user.js` template version used (X.Y or commit SHA) : 
+- Operating system and version : 
+- \[IF RELEVANT\] Graphical environment name and version : 
+
+
+**Additional context**
+<!-- If applicable, add any other context about the problem here. -->
+
+
+**Checklist**
+<!--- Put an `X` in all the boxes that apply : -->
+- [ ] I can confirm the bug is due to `thunderbird user.js` **template** and not an overridden preference nor an add-on ;
+- [ ] I have searched for `[SETUP-*]` tags and read them up ;
+- [ ] I have searched the GitHub project (issues and Wiki) for my issue.

.github/ISSUE_TEMPLATE/change_request.md

@@ -0,0 +1,30 @@
+---
+name: Change request
+about: Suggest a change for Thunderbird User.JS
+title: "[RFC] "
+labels: 'enhancement'
+assignees: ''
+
+---
+
+**Is your feature request related to a problem? Please describe.**
+<!-- A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] -->
+
+
+**List the concerned preferences**
+<!-- A clear and concise list of the preferences you want to add/remove/change. -->
+
+
+**Describe alternatives you've considered**
+<!-- A clear and concise description of any alternative solutions or features you've considered. -->
+
+
+**Additional context**
+<!-- Add any other context (Thunderbird version, OS, etc.) or screenshots about the feature request here. -->
+
+
+**Checklist**
+<!--- Put an `X` in all the boxes that apply : -->
+- [ ] I know `thunderbird user.js` is a **template** and personal preferences should be stored elsewhere ;
+- [ ] The change I want to propose should globally improve the `usability / ( privacy + security + anti-fingerprinting )` ratio ;
+- [ ] I agree that subsequent modifications to my change scope may occur in the future.

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,28 @@
+<!--- Provide a general summary of your changes in the title above -->
+
+
+## Description
+<!--- Describe your changes in detail -->
+
+
+## Reason and / or context
+<!--- Why is this change required ? What problem does it solve ? -->
+<!--- If it fixes an open issue, please link to the issue here -->
+
+
+## How has this been tested ?
+<!--- Include details of your testing environment here -->
+
+
+## Types of changes :
+<!--- What types of changes does your code introduce ? Put an `X` in all the boxes that apply : -->
+- [ ] Bug fix (non-breaking change which fixes an issue)
+- [ ] Typo / style fix (non-breaking change which improves readability)
+- [ ] New feature (non-breaking change which adds functionality)
+- [ ] Breaking change (fix or feature that would cause existing functionality to change)
+
+## Checklist :
+<!--- Put an `X` in all the boxes that apply : -->
+- [ ] My changes looks good ;
+- [ ] I agree that my code may be modified in the future ;
+- [ ] My code follows the code style of this project (see `.eslintrc.yml`).

.github/workflows/linting.yml

@@ -11,7 +11,7 @@ jobs:
     steps:
       - uses: actions/checkout@v2
 
-      - uses: actions/setup-node@v1
+      - uses: actions/setup-node@v2
 
       - run: npm install -g eslint
       - run: eslint user.js

LICENSE

@@ -1,8 +1,8 @@
 MIT License
 
-Copyright (c) 2019-2020 HorlogeSkynet
+Copyright (c) 2019-2022 HorlogeSkynet
 Copyright (c) 2019      dngray
-Copyright (c) 2019      ghacksuserjs
+Copyright (c) 2019      arkenfox [prev. ghacksuserjs]
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

README.md

@@ -37,4 +37,5 @@ Also be aware that this `user.js` is made specifically for Thunderbird and has o
 
 * [Privacy Handbuch](https://www.privacy-handbuch.de/handbuch_31p.htm)
 * [Privacy Haters](http://r-36.net/scm/privacy-haters/file/README.md.html)
+* [12bytes.org's user-overrides.js](https://codeberg.org/12bytes.org/thunderbird-user.js-supplement)
 * ~~CHEF-KOCH/TBCK~~

user.js

@@ -1,8 +1,7 @@
 /******
 * name: thunderbird user.js
-* date: 1 November 2020
-* version: v78-beta4
-* authors: v52+ github | v51- www.ghacks.net
+* date: 23 May 2022
+* version: v78.2
 * url: https://github.com/HorlogeSkynet/thunderbird-user.js
 * license: MIT (https://github.com/HorlogeSkynet/thunderbird-user.js/blob/master/LICENSE)
 * releases: https://github.com/HorlogeSkynet/thunderbird-user.js/releases
@@ -207,6 +206,16 @@ user_pref("browser.crashReports.unsubmittedCheck.autoSubmit2", false); // [FF58+
 user_pref("mail.instrumentation.postUrl", "");
 user_pref("mail.instrumentation.askUser", false);
 user_pref("mail.instrumentation.userOptedIn", false);
+/* 0371: disable about:rights notification on fresh profiles
+ * When a profile is loaded for the first time, a bottom notification appears with a button
+ * showing "Know your rights...". If clicked, the _special_ page about:rights appears.
+ * When `mail.rights.override` is unset (default), Thunderbird falls-back on `mail.rights.version`
+ * value. If it's unset (default too) or lower than the current version, notification is displayed.
+ * false=always show the notification
+ * true=never show the notification
+ * [1] https://searchfox.org/comm-esr78/rev/384830b0570096c48770398060f87fbe556f6f01/mail/base/content/specialTabs.js#1218 ***/
+user_pref("mail.rights.override", true);  // [DEFAULT: unset]
+   // user_pref("mail.rights.version", 1)  // [DEFAULT: unset]
 /* 0390: disable Captive Portal detection
  * [1] https://www.eff.org/deeplinks/2017/08/how-captive-portals-interfere-wireless-security-and-privacy
  * [2] https://wiki.mozilla.org/Necko/CaptivePortal ***/
@@ -275,7 +284,7 @@ user_pref("browser.safebrowsing.downloads.remote.url", "");
      * Linux: "/usr/lib/firefox/browser/features" (or similar)
 
      [1] https://firefox-source-docs.mozilla.org/toolkit/mozapps/extensions/addon-manager/SystemAddons.html
-     [2] https://dxr.mozilla.org/mozilla-central/source/browser/extensions
+     [2] https://searchfox.org/mozilla-central/source/browser/extensions
 ***/
 user_pref("_user.js.parrot", "0500 syntax error: the parrot's cashed in 'is chips!");
 /* 0503: disable Normandy/Shield [FF60+]
@@ -894,12 +903,12 @@ user_pref("javascript.options.baselinejit", false);
  * [NOTE] In FF71+ this no longer affects extensions (1576254)
  * [1] https://developer.mozilla.org/docs/WebAssembly ***/
 user_pref("javascript.options.wasm", false);
-/* 2426: disable Intersection Observer API [FF55+]
- * [NOTE] Unlike arkenfox/user.js, we explicitly disable it
+/* 2426: disable Intersection Observer API [FF55+] [RESTART]
+ * [NOTE] Disabling it may break the error console (CTRL+SHIFT+J)
  * [1] https://developer.mozilla.org/docs/Web/API/Intersection_Observer_API
  * [2] https://w3c.github.io/IntersectionObserver/
  * [3] https://bugzilla.mozilla.org/1243846 ***/
-user_pref("dom.IntersectionObserver.enabled", false);
+   // user_pref("dom.IntersectionObserver.enabled", false);
 /* 2429: enable (limited but sufficient) window.opener protection [FF65+]
  * Makes rel=noopener implicit for target=_blank in anchor and area elements when no rel attribute is set ***/
 user_pref("dom.targetBlankNoOpener.enabled", true); // [DEFAULT: true FF78+]
@@ -1080,8 +1089,9 @@ user_pref("dom.storage.enabled", false);
 user_pref("browser.cache.offline.enable", false);
 /* 2740: disable service worker cache and cache storage
  * [NOTE] We clear service worker cache on exiting Firefox (see 2803)
+ * [NOTE] Unlike arkenfox/user.js, we explicitly disable it
  * [1] https://w3c.github.io/ServiceWorker/#privacy ***/
-    // user_pref("dom.caches.enabled", false);
+user_pref("dom.caches.enabled", false);
 /* 2750: disable Storage API [FF51+]
  * The API gives sites the ability to find out how much space they can use, how much
  * they are already using, and even control whether or not they need to be alerted
@@ -1102,7 +1112,7 @@ user_pref("dom.storageManager.enabled", false);
        Firefox interface as "Browsing & Download History" and their values will be synced
 ***/
 user_pref("_user.js.parrot", "2800 syntax error: the parrot's bleedin' demised!");
-/* 2802: enable Thunderbird to clear items on shutdown (see 2803)
+/* 2802: enable Thunderbird to clear items on shutdown (see 2803) ***/
 user_pref("privacy.sanitize.sanitizeOnShutdown", true);
 /* 2803: set what items to clear on shutdown (if 2802 is true) [SETUP-CHROME]
  * [NOTE] If 'history' is true, downloads will also be cleared regardless of the value
@@ -1160,14 +1170,15 @@ user_pref("_user.js.parrot", "4000 syntax error: the parrot's pegged out");
 user_pref("privacy.firstparty.isolate", true);
 /* 4002: enforce FPI restriction for window.opener [FF54+]
  * [NOTE] Setting this to false may reduce the breakage in 4001
+ * [NOTE] Unlike arkenfox/user.js, we explicitly set them
  * FF65+ blocks postMessage with targetOrigin "*" if originAttributes don't match. But
  * to reduce breakage it ignores the 1st-party domain (FPD) originAttribute. (see [2],[3])
  * The 2nd pref removes that limitation and will only allow communication if FPDs also match.
  * [1] https://bugzilla.mozilla.org/1319773#c22
  * [2] https://bugzilla.mozilla.org/1492607
  * [3] https://developer.mozilla.org/en-US/docs/Web/API/Window/postMessage ***/
-   // user_pref("privacy.firstparty.isolate.restrict_opener_access", true); // [DEFAULT: true]
-   // user_pref("privacy.firstparty.isolate.block_post_message", true); // [HIDDEN PREF ESR]
+user_pref("privacy.firstparty.isolate.restrict_opener_access", true); // [DEFAULT: true]
+user_pref("privacy.firstparty.isolate.block_post_message", true); // [HIDDEN PREF ESR]
 
 /*** [SECTION 4500]: RFP (RESIST FINGERPRINTING)
    This master switch will be used for a wide range of items, many of which will
@@ -1423,7 +1434,7 @@ user_pref("mail.identity.id1.header.InReplyTo", "");
 /*** [SECTION 6000]: THUNDERBIRD (AUTO CONFIG / UI / HEADERS / ADDRESS BOOK)
    Options general to Thunderbird's mail configuration and user interface
 
-   [1] https://dxr.mozilla.org/comm-release/
+   [1] https://searchfox.org/comm-esr78/source/
    [2] http://kb.mozillazine.org/Mail_and_news_settings
 ***/
 user_pref("_user.js.parrot", "6000 syntax error: this parrot is blind!");
@@ -1512,7 +1523,7 @@ user_pref("mailnews.display.date_senders_timezone", false);
  * Consider using CardBook extension instead (https://addons.thunderbird.net/addon/cardbook/)
  * [SETTING] Preferences>Composition>Addressing>Automatically add outgoing e-mail addresses...
  * [SETTING][CARDBOOK] CardBook>Preferences>Email>Collect Outgoing Email ***/
-user_pref("mail.collect_addressbook", "");  // [DEFAULT: "jsaddrbook://history.sqlite"]
+   // user_pref("mail.collect_addressbook", "jsaddrbook://history.sqlite");
 user_pref("mail.collect_email_address_outgoing", false);
 /* 6031: Only use email addresses, without their Display Names [CARDBOOK] [SETUP-FEATURE]
  * By default, CardBook extension incorporates contacts display names in addresses fields.
@@ -1551,6 +1562,12 @@ user_pref("mailnews.reply_header_type", 1);
 user_pref("mailnews.reply_header_authorwrotesingle", "#1 wrote:");
    // user_pref("mailnews.reply_header_ondateauthorwrote", "On #2 #3, #1 wrote:");
    // user_pref("mailnews.reply_header_authorwroteondate", "#1 wrote on #2 #3:");
+/* 6106: Prevent spellchecking dictionary leakage through Content-Language header
+ * [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1370217 ***/
+user_pref("mail.suppress_content_language", true);
+/* 6107: Sanitize Date header to convert date to UTC and round to closest minute
+ * [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1603359 ***/
+user_pref("mail.sanitize_date_header", true);
 
 /** COMPOSITION ***/
 /* 6110: Check spelling before sending [SETUP-FEATURE]
@@ -1632,7 +1649,7 @@ user_pref("permissions.default.image", 2);
 user_pref("_user.js.parrot", "6200 syntax error: this parrot is not tweeting!");
 
 /** CHAT ***/
-/* 6201: Disable chat functionality ***/
+/* 6201: Disable chat functionality [SETUP-FEATURE] ***/
 user_pref("mail.chat.enabled", false);
 /* 6202: Disable logging of group chats ***/
 user_pref("purple.logging.log_chats", false);
@@ -1646,6 +1663,8 @@ user_pref("purple.conversations.im.send_typing", false);
  * 0=Do not connect / show the account manager,
  * 1=Connect automatically. (Default) ***/
    // user_pref("messenger.startup.action", 0);
+/* 6207: When chat is enabled, do not report idle status ***/
+   // user_pref("messenger.status.reportIdle", false);
 
 /** CALENDAR ***/
 /* 6210: Disable calendar integration
@@ -1666,13 +1685,13 @@ user_pref("calendar.useragent.extra", "");
 user_pref("calendar.timezone.local", "UTC");  // [DEFAULT: ""]
 
 /** RSS ***/
-/* These features used not to do anything as they weren't implemented.
- * [1] https://dxr.mozilla.org/comm-release/source/mail/base/content/mailWindowOverlay.js#649
- * [2] https://bugzilla.mozilla.org/show_bug.cgi?id=458606#c9 ***/
+/** These features don't actually do anything as they aren't implemented
+ * [1] https://searchfox.org/comm-esr78/rev/384830b0570096c48770398060f87fbe556f6f01/mail/base/content/mailWindowOverlay.js#925
+ * [2] https://bugzilla.mozilla.org/show_bug.cgi?id=458606#c9
 /* 6220: What classes can process incoming data.
  * (0=All classes (default), 1=Don't display HTML, 2=Don't display HTML and inline images,
  * 3=Don't display HTML, inline images and some other uncommon types, 100=Use a hard coded list)
- * [1] https://www.privacy-handbuch.de/handbuch_31j.htm ***/
+ * [1] https://www.privacy-handbuch.de/handbuch_31j.htm
 user_pref("rss.display.disallow_mime_handlers", 3);
 /* 6221: How to display HTML parts of a message body
  * (0=Display the HTML normally (default), 1=Convert it to text and then back again
@@ -1680,14 +1699,15 @@ user_pref("rss.display.disallow_mime_handlers", 3);
  * (in trunk builds later than 2011-07-23)
  * [1] https://bugzilla.mozilla.org/show_bug.cgi?id=602718
  * [2] https://hg.mozilla.org/comm-central/rev/c1ef44a22eb2
- * [3] https://www.bucksch.org/1/projects/mozilla/108153/ ***/
+ * [3] https://www.bucksch.org/1/projects/mozilla/108153/
 user_pref("rss.display.html_as", 1);
 /* 6222: Prefer to view as plaintext or html
  * true=Display a message as plain text when there is both a HTML and a plain
  * text version of a message body
  * false=Display a message as HTML when there is both a HTML and a plain text
- * version of a message body. (default) ***/
+ * version of a message body. (default)
 user_pref("rss.display.prefer_plaintext", true);
+**/
 /* 6223: Feed message display (summary or web page), on open.
  * Action on double click or enter in threadpane for a feed message.
  * 0=open content-base url in new window, 1=open summary in new window,