chore: version bump

fix: launch chromium proxy directly instead of pac file
refactor: only use is_browser_version_nightly for release checks
2026-05-03 09:05:14 +02:00 · 2025-06-17 19:24:17 +04:00 · 2025-06-17 19:22:18 +04:00 · 2025-06-17 17:52:28 +04:00 · 2025-06-17 16:29:42 +04:00 · 2025-06-17 16:13:17 +04:00
71 changed files with 5864 additions and 2920 deletions
@@ -0,0 +1,6 @@
+---
+description: 
+globs: 
+alwaysApply: true
+---
+Before finishing the task and showing summary, always run "pnpm format && pnpm lint && pnpm test" at the root of the project to ensure that you don't finish with broken application.
@@ -3,4 +3,4 @@ description:
 globs: 
 alwaysApply: true
 ---
-After your changes, instead of running specific tests or linting specific files, run "pnpm format && pnpm lint && pnpm test"
+After your changes, instead of running specific tests or linting specific files, run "pnpm format && pnpm lint && pnpm test". It means that you first format the code, then lint it, then test it, so that no part is broken after your changes.
@@ -20,23 +20,6 @@ updates:
      prefix: "deps"
      include: "scope"

-  # Nodecar dependencies
-  - package-ecosystem: "npm"
-    directory: "/nodecar"
-    schedule:
-      interval: "weekly"
-      day: "saturday"
-      time: "09:00"
-    allow:
-      - dependency-type: "all"
-    groups:
-      nodecar-dependencies:
-        patterns:
-          - "*"
-    commit-message:
-      prefix: "deps(nodecar)"
-      include: "scope"
-
  # Rust dependencies
  - package-ecosystem: "cargo"
    directory: "/src-tauri"
@@ -0,0 +1,61 @@
+name: "CodeQL"
+
+on:
+  workflow_call:
+  push:
+    branches: ["main"]
+  pull_request:
+    branches: ["main"]
+  schedule:
+    - cron: "16 13 * * 5"
+
+jobs:
+  analyze:
+    name: Analyze (${{ matrix.language }})
+    runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
+    permissions:
+      security-events: write
+      packages: read
+      actions: read
+      contents: read
+
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - language: actions
+            build-mode: none
+          - language: javascript-typescript
+            build-mode: none
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up pnpm package manager
+        uses: pnpm/action-setup@v4
+
+      - name: Set up Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version-file: .node-version
+          cache: "pnpm"
+
+      - name: Install dependencies from lockfile
+        run: pnpm install --frozen-lockfile
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v3
+        with:
+          queries: security-extended
+          languages: ${{ matrix.language }}
+          build-mode: ${{ matrix.build-mode }}
+
+      - if: matrix.build-mode == 'manual'
+        shell: bash
+        run: |
+          pnpm run build
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v3
+        with:
+          category: "/language:${{matrix.language}}"
@@ -1,60 +0,0 @@
-name: Dependabot Automerge
-
-on:
-  pull_request_target:
-    types: [opened, synchronize, reopened]
-
-permissions:
-  pull-requests: write
-  contents: write
-  checks: read
-
-jobs:
-  security-scan:
-    name: Security Vulnerability Scan
-    if: ${{ github.actor == 'dependabot[bot]' }}
-    uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml@e69cc6c86b31f1e7e23935bbe7031b50e51082de" # v2.0.2
-    with:
-      scan-args: |-
-        -r
-        --skip-git
-        --lockfile=pnpm-lock.yaml
-        --lockfile=src-tauri/Cargo.lock
-        --lockfile=nodecar/pnpm-lock.yaml
-        ./
-    permissions:
-      security-events: write
-      contents: read
-      actions: read
-
-  lint-js:
-    name: Lint JavaScript/TypeScript
-    if: ${{ github.actor == 'dependabot[bot]' }}
-    uses: ./.github/workflows/lint-js.yml
-    secrets: inherit
-
-  lint-rust:
-    name: Lint Rust
-    if: ${{ github.actor == 'dependabot[bot]' }}
-    uses: ./.github/workflows/lint-rs.yml
-    secrets: inherit
-
-  dependabot-automerge:
-    name: Dependabot Automerge
-    if: ${{ github.actor == 'dependabot[bot]' }}
-    needs: [security-scan, lint-js, lint-rust]
-    runs-on: ubuntu-latest
-    steps:
-      - name: Dependabot metadata
-        id: metadata
-        uses: dependabot/fetch-metadata@v2
-        with:
-          github-token: "${{ secrets.GITHUB_TOKEN }}"
-
-      - name: Auto-merge minor and patch updates
-        uses: ridedott/merge-me-action@v2
-        with:
-          GITHUB_TOKEN: ${{ secrets.SECRET_DEPENDABOT_GITHUB_TOKEN }}
-          PRESET: DEPENDABOT_MINOR
-          MERGE_METHOD: SQUASH
-    timeout-minutes: 10
@@ -36,7 +36,7 @@ jobs:
      - name: Set up pnpm package manager
        uses: pnpm/action-setup@v4

-      - name: Set up Node.js v22
+      - name: Set up Node.js
        uses: actions/setup-node@v4
        with:
          node-version-file: .node-version
@@ -37,8 +37,23 @@ jobs:
    uses: ./.github/workflows/lint-rs.yml
    secrets: inherit

+  codeql:
+    name: CodeQL
+    uses: ./.github/workflows/codeql.yml
+    secrets: inherit
+    permissions:
+      security-events: write
+      contents: read
+      packages: read
+      actions: read
+
+  spellcheck:
+    name: Spell Check
+    uses: ./.github/workflows/spellcheck.yml
+    secrets: inherit
+
  release:
-    needs: [security-scan, lint-js, lint-rust]
+    needs: [security-scan, lint-js, lint-rust, codeql, spellcheck]
    permissions:
      contents: write
    strategy:
@@ -69,14 +84,13 @@ jobs:
            target: "aarch64-unknown-linux-gnu"
            pkg_target: "latest-linux-arm64"
            nodecar_script: "build:linux-arm64"
-          # Future platforms can be added here:
          # - platform: "windows-latest"
          #   args: "--target x86_64-pc-windows-msvc"
          #   arch: "x86_64"
          #   target: "x86_64-pc-windows-msvc"
          #   pkg_target: "latest-win-x64"
          #   nodecar_script: "build:win-x64"
-          # - platform: "windows-latest"
+          # - platform: "windows-11-arm"
          #   args: "--target aarch64-pc-windows-msvc"
          #   arch: "aarch64"
          #   target: "aarch64-pc-windows-msvc"
@@ -150,3 +164,10 @@ jobs:
          releaseDraft: false
          prerelease: false
          args: ${{ matrix.args }}
+
+      - name: Commit CHANGELOG.md
+        uses: stefanzweifel/git-auto-commit-action@v6
+        with:
+          branch: main
+          commit_message: "docs: update CHANGELOG.md for ${{ github.ref_name }} [skip ci]"
+          file_pattern: CHANGELOG.md
@@ -36,8 +36,23 @@ jobs:
    uses: ./.github/workflows/lint-rs.yml
    secrets: inherit

+  codeql:
+    name: CodeQL
+    uses: ./.github/workflows/codeql.yml
+    secrets: inherit
+    permissions:
+      security-events: write
+      contents: read
+      packages: read
+      actions: read
+
+  spellcheck:
+    name: Spell Check
+    uses: ./.github/workflows/spellcheck.yml
+    secrets: inherit
+
  rolling-release:
-    needs: [security-scan, lint-js, lint-rust]
+    needs: [security-scan, lint-js, lint-rust, codeql, spellcheck]
    permissions:
      contents: write
    strategy:
@@ -68,6 +83,18 @@ jobs:
            target: "aarch64-unknown-linux-gnu"
            pkg_target: "latest-linux-arm64"
            nodecar_script: "build:linux-arm64"
+          - platform: "windows-latest"
+            args: "--target x86_64-pc-windows-msvc"
+            arch: "x86_64"
+            target: "x86_64-pc-windows-msvc"
+            pkg_target: "latest-win-x64"
+            nodecar_script: "build:win-x64"
+          - platform: "windows-11-arm"
+            args: "--target aarch64-pc-windows-msvc"
+            arch: "aarch64"
+            target: "aarch64-pc-windows-msvc"
+            pkg_target: "latest-win-arm64"
+            nodecar_script: "build:win-arm64"

    runs-on: ${{ matrix.platform }}
    steps:
@@ -124,21 +151,26 @@ jobs:
      - name: Build frontend
        run: pnpm build

-      - name: Get commit hash
-        id: commit
-        run: echo "hash=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
+      - name: Generate nightly timestamp
+        id: timestamp
+        shell: bash
+        run: |
+          TIMESTAMP=$(date -u +"%Y-%m-%d")
+          COMMIT_HASH=$(echo "${GITHUB_SHA}" | cut -c1-7)
+          echo "timestamp=${TIMESTAMP}-${COMMIT_HASH}" >> $GITHUB_OUTPUT
+          echo "Generated timestamp: ${TIMESTAMP}-${COMMIT_HASH}"

      - name: Build Tauri app
        uses: tauri-apps/tauri-action@v0
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          BUILD_TAG: "nightly-${{ steps.commit.outputs.hash }}"
-          GITHUB_REF_NAME: "nightly-${{ steps.commit.outputs.hash }}"
+          BUILD_TAG: "nightly-${{ steps.timestamp.outputs.timestamp }}"
+          GITHUB_REF_NAME: "nightly-${{ steps.timestamp.outputs.timestamp }}"
          GITHUB_SHA: ${{ github.sha }}
        with:
-          tagName: "nightly-${{ steps.commit.outputs.hash }}"
-          releaseName: "Donut Browser Nightly (Build ${{ steps.commit.outputs.hash }})"
-          releaseBody: "⚠️ **Nightly Release** - This is an automatically generated pre-release build from the latest main branch. Use with caution.\n\nCommit: ${{ github.sha }}\nBuild: ${{ steps.commit.outputs.hash }}"
+          tagName: "nightly-${{ steps.timestamp.outputs.timestamp }}"
+          releaseName: "Donut Browser Nightly (Build ${{ steps.timestamp.outputs.timestamp }})"
+          releaseBody: "⚠️ **Nightly Release** - This is an automatically generated pre-release build from the latest main branch. Use with caution.\n\nCommit: ${{ github.sha }}\nBuild: ${{ steps.timestamp.outputs.timestamp }}"
          releaseDraft: false
          prerelease: true
          args: ${{ matrix.args }}
@@ -0,0 +1,26 @@
+name: Spell Check
+
+permissions:
+  contents: read
+
+on:
+  workflow_call:
+  push:
+    branches: ["main"]
+  pull_request:
+    branches: ["main"]
+
+env:
+  RUST_BACKTRACE: 1
+  CARGO_TERM_COLOR: always
+  CLICOLOR: 1
+
+jobs:
+  spelling:
+    name: Spell Check with Typos
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Actions Repository
+        uses: actions/checkout@v4
+      - name: Spell Check Repo
+        uses: crate-ci/typos@v1.33.1
@@ -1,5 +1,6 @@
 {
  "cSpell.words": [
+    "ahooks",
    "appimage",
    "appindicator",
    "applescript",
@@ -9,12 +10,16 @@
    "cdylib",
    "CFURL",
    "checkin",
+    "CLICOLOR",
    "clippy",
+    "cmdk",
    "codegen",
    "devedition",
+    "doesn",
    "donutbrowser",
    "dpkg",
    "dtolnay",
+    "dyld",
    "elif",
    "esbuild",
    "eslintcache",
@@ -37,9 +42,11 @@
    "msvc",
    "msys",
    "Mullvad",
+    "mullvadbrowser",
    "nodecar",
    "ntlm",
    "objc",
+    "orhun",
    "osascript",
    "pixbuf",
    "plasmohq",
@@ -55,17 +62,22 @@
    "sonner",
    "sspi",
    "staticlib",
+    "stefanzweifel",
    "subdirs",
    "swatinem",
    "sysinfo",
    "systempreferences",
+    "taskkill",
    "tauri",
    "titlebar",
    "Torbrowser",
    "turbopack",
    "unlisten",
+    "unminimize",
    "unrs",
+    "urlencoding",
    "vercel",
+    "winreg",
    "wiremock",
    "xattr",
    "zhom"
@@ -1,5 +1,6 @@
 # Instructions for AI Agents

- If you want to run tests, only ever run them as "pnpm format && pnpm lint && pnpm test".
+- After your changes, instead of running specific tests or linting specific files, run "pnpm format && pnpm lint && pnpm test". It means that you first format the code, then lint it, then test it, so that no part is broken after your changes.
 - Don't leave comments that don't add value
 - Do not duplicate code unless you have a very good reason to do so. It is important that the same logic is not duplicated multiple times
+- Before finishing the task and showing summary, always run "pnpm format && pnpm lint && pnpm test" at the root of the project to ensure that you don't finish with broken application.
@@ -23,6 +23,6 @@ Examples of unacceptable behavior by participants include:

 ## Enforcement

-Violations of the Code of Conduct may be reported by pinging @zhom on Github. All reports will be reviewed and investigated and will result in a response that is deemed necessary and appropriate to the circumstances. Further details of specific enforcement policies may be posted separately.
+Violations of the Code of Conduct may be reported to contact at donutbrowser dot com. All reports will be reviewed and investigated and will result in a response that is deemed necessary and appropriate to the circumstances. Further details of specific enforcement policies may be posted separately.

 We hold the right and responsibility to remove comments or other contributions that are not aligned to this Code of Conduct, or to ban temporarily or permanently any members for other behaviors that they deem inappropriate, threatening, offensive, or harmful.
@@ -14,6 +14,12 @@
  <a style="text-decoration: none;" href="https://github.com/zhom/donutbrowser/blob/main/LICENSE" target="_blank">
    <img src="https://img.shields.io/badge/license-AGPL--3.0-blue.svg" alt="License">
  </a>
+  <a href="https://app.codacy.com/gh/zhom/donutbrowser/dashboard?utm_source=gh&utm_medium=referral&utm_content=&utm_campaign=Badge_grade">
+    <img src="https://app.codacy.com/project/badge/Grade/b9c9beafc92d4bc8bc7c5b42c6c4ba81"/>
+  </a>
+  <a href="https://app.fossa.com/projects/git%2Bgithub.com%2Fzhom%2Fdonutbrowser?ref=badge_shield&issueType=security" alt="FOSSA Status">
+    <img src="https://app.fossa.com/api/projects/git%2Bgithub.com%2Fzhom%2Fdonutbrowser.svg?type=shield&issueType=security"/>
+  </a>
  <a style="text-decoration: none;" href="https://github.com/zhom/donutbrowser/stargazers" target="_blank">
    <img src="https://img.shields.io/github/stars/zhom/donutbrowser?style=social" alt="GitHub stars">
  </a>
@@ -23,7 +29,11 @@

 > A free and open source browser orchestrator built with [Tauri](https://v2.tauri.app/).

-![Donut Browser Preview](assets/preview.png)
+<picture>
+ <source media="(prefers-color-scheme: dark)" srcset="assets/preview-dark.png" />
+ <source media="(prefers-color-scheme: light)" srcset="assets/preview.png" />
+ <img alt="Preview" src="assets/preview.png" />
+</picture>

 ## Features

@@ -68,48 +68,7 @@ const eslintConfig = tseslint.config(
      "react-hooks/exhaustive-deps": "off",
      "react-hooks/rules-of-hooks": "off",
      // typescript-eslint rules - some handled by TypeScript compiler or disabled for project needs
-      "@typescript-eslint/adjacent-overload-signatures": "off",
-      "@typescript-eslint/array-type": "off",
-      "@typescript-eslint/ban-types": "off",
-      "@typescript-eslint/consistent-type-exports": "off",
-      "@typescript-eslint/consistent-type-imports": "off",
-      "@typescript-eslint/default-param-last": "off",
-      "@typescript-eslint/dot-notation": "off",
-      "@typescript-eslint/explicit-function-return-type": "off",
-      "@typescript-eslint/explicit-member-accessibility": "off",
-      "@typescript-eslint/naming-convention": "off",
-      "@typescript-eslint/no-dupe-class-members": "off",
-      "@typescript-eslint/no-empty-function": "off",
-      "@typescript-eslint/no-empty-interface": "off",
      "@typescript-eslint/no-explicit-any": "off",
-      "@typescript-eslint/no-extra-non-null-assertion": "off",
-      "@typescript-eslint/no-extraneous-class": "off",
-      "@typescript-eslint/no-inferrable-types": "off",
-      "@typescript-eslint/no-invalid-void-type": "off",
-      "@typescript-eslint/no-loss-of-precision": "off",
-      "@typescript-eslint/no-misused-new": "off",
-      "@typescript-eslint/no-namespace": "off",
-      "@typescript-eslint/no-non-null-assertion": "off",
-      "@typescript-eslint/no-redeclare": "off",
-      "@typescript-eslint/no-require-imports": "off",
-      "@typescript-eslint/no-restricted-imports": "off",
-      "@typescript-eslint/no-restricted-types": "off",
-      "@typescript-eslint/no-this-alias": "off",
-      "@typescript-eslint/no-unnecessary-type-constraint": "off",
-      "@typescript-eslint/no-unsafe-declaration-merging": "off",
-      "@typescript-eslint/no-unused-vars": "off",
-      "@typescript-eslint/no-use-before-define": "off",
-      "@typescript-eslint/no-useless-constructor": "off",
-      "@typescript-eslint/no-useless-empty-export": "off",
-      "@typescript-eslint/only-throw-error": "off",
-      "@typescript-eslint/parameter-properties": "off",
-      "@typescript-eslint/prefer-as-const": "off",
-      "@typescript-eslint/prefer-enum-initializers": "off",
-      "@typescript-eslint/prefer-for-of": "off",
-      "@typescript-eslint/prefer-function-type": "off",
-      "@typescript-eslint/prefer-literal-enum-member": "off",
-      "@typescript-eslint/prefer-namespace-keyword": "off",
-      "@typescript-eslint/prefer-optional-chain": "off",
      "@typescript-eslint/require-await": "off",
      // Custom rules
      "@typescript-eslint/restrict-template-expressions": [
@@ -127,7 +86,7 @@ const eslintConfig = tseslint.config(
        tsconfigRootDir: import.meta.dirname,
      },
    },
-  },
+  }
 );

 export default eslintConfig;
@@ -21,5 +21,8 @@ if [ -z "$TARGET_TRIPLE" ]; then
    exit 1
 fi

-# Copy the file
-cp "dist/nodecar${EXT}" "../src-tauri/binaries/nodecar-${TARGET_TRIPLE}${EXT}"
+# Copy the file with target triple suffix
+cp "dist/nodecar${EXT}" "../src-tauri/binaries/nodecar-${TARGET_TRIPLE}${EXT}"
+
+# Also copy a generic version for Tauri to find
+cp "dist/nodecar${EXT}" "../src-tauri/binaries/nodecar${EXT}"
@@ -66,48 +66,7 @@ const eslintConfig = tseslint.config(
      "react-hooks/exhaustive-deps": "off",
      "react-hooks/rules-of-hooks": "off",
      // typescript-eslint rules - some handled by TypeScript compiler or disabled for project needs
-      "@typescript-eslint/adjacent-overload-signatures": "off",
-      "@typescript-eslint/array-type": "off",
-      "@typescript-eslint/ban-types": "off",
-      "@typescript-eslint/consistent-type-exports": "off",
-      "@typescript-eslint/consistent-type-imports": "off",
-      "@typescript-eslint/default-param-last": "off",
-      "@typescript-eslint/dot-notation": "off",
-      "@typescript-eslint/explicit-function-return-type": "off",
-      "@typescript-eslint/explicit-member-accessibility": "off",
-      "@typescript-eslint/naming-convention": "off",
-      "@typescript-eslint/no-dupe-class-members": "off",
-      "@typescript-eslint/no-empty-function": "off",
-      "@typescript-eslint/no-empty-interface": "off",
      "@typescript-eslint/no-explicit-any": "off",
-      "@typescript-eslint/no-extra-non-null-assertion": "off",
-      "@typescript-eslint/no-extraneous-class": "off",
-      "@typescript-eslint/no-inferrable-types": "off",
-      "@typescript-eslint/no-invalid-void-type": "off",
-      "@typescript-eslint/no-loss-of-precision": "off",
-      "@typescript-eslint/no-misused-new": "off",
-      "@typescript-eslint/no-namespace": "off",
-      "@typescript-eslint/no-non-null-assertion": "off",
-      "@typescript-eslint/no-redeclare": "off",
-      "@typescript-eslint/no-require-imports": "off",
-      "@typescript-eslint/no-restricted-imports": "off",
-      "@typescript-eslint/no-restricted-types": "off",
-      "@typescript-eslint/no-this-alias": "off",
-      "@typescript-eslint/no-unnecessary-type-constraint": "off",
-      "@typescript-eslint/no-unsafe-declaration-merging": "off",
-      "@typescript-eslint/no-unused-vars": "off",
-      "@typescript-eslint/no-use-before-define": "off",
-      "@typescript-eslint/no-useless-constructor": "off",
-      "@typescript-eslint/no-useless-empty-export": "off",
-      "@typescript-eslint/only-throw-error": "off",
-      "@typescript-eslint/parameter-properties": "off",
-      "@typescript-eslint/prefer-as-const": "off",
-      "@typescript-eslint/prefer-enum-initializers": "off",
-      "@typescript-eslint/prefer-for-of": "off",
-      "@typescript-eslint/prefer-function-type": "off",
-      "@typescript-eslint/prefer-literal-enum-member": "off",
-      "@typescript-eslint/prefer-namespace-keyword": "off",
-      "@typescript-eslint/prefer-optional-chain": "off",
      "@typescript-eslint/require-await": "off",
      // Custom rules
      "@typescript-eslint/restrict-template-expressions": [
@@ -2,11 +2,12 @@
  "name": "nodecar",
  "version": "1.0.0",
  "description": "",
-  "main": "src/index.ts",
+  "main": "dist/index.js",
  "scripts": {
    "watch": "nodemon --exec ts-node --esm ./src/index.ts --watch src",
    "dev": "node --loader ts-node/esm ./src/index.ts",
-    "start": "node --loader ts-node/esm ./src/index.ts",
+    "start": "tsc && node ./dist/index.js",
+    "test": "tsc && node ./dist/test-proxy.js",
    "rename-binary": "sh ./copy-binary.sh",
    "build": "tsc && pkg ./dist/index.js --targets latest-macos-arm64 --output dist/nodecar && pnpm rename-binary",
    "build:mac-aarch64": "tsc && pkg ./dist/index.js --targets latest-macos-arm64 --output dist/nodecar && pnpm rename-binary",
@@ -20,7 +21,7 @@
  "author": "",
  "license": "AGPL-3.0",
  "dependencies": {
-    "@types/node": "^22.15.30",
+    "@types/node": "^24.0.1",
    "@yao-pkg/pkg": "^6.5.1",
    "commander": "^14.0.0",
    "dotenv": "^16.5.0",
@@ -28,6 +29,7 @@
    "nodemon": "^3.1.10",
    "proxy-chain": "^2.5.9",
    "ts-node": "^10.9.2",
-    "typescript": "^5.8.3"
+    "typescript": "^5.8.3",
+    "typescript-eslint": "^8.34.0"
  }
 }
@@ -1,8 +1,8 @@
 import { program } from "commander";
 import {
  startProxyProcess,
-  stopProxyProcess,
  stopAllProxyProcesses,
+  stopProxyProcess,
 } from "./proxy-runner";
 import { listProxyConfigs } from "./proxy-storage";
 import { runProxyWorker } from "./proxy-worker";
@@ -11,79 +11,127 @@ import { runProxyWorker } from "./proxy-worker";
 program
  .command("proxy")
  .argument("<action>", "start, stop, or list proxies")
-  .option(
-    "-u, --upstream <url>",
-    "upstream proxy URL (protocol://[username:password@]host:port)"
-  )
+  .option("--host <host>", "upstream proxy host")
+  .option("--proxy-port <port>", "upstream proxy port", Number.parseInt)
+  .option("--type <type>", "proxy type (http, https, socks4, socks5)")
+  .option("--username <username>", "proxy username")
+  .option("--password <password>", "proxy password")
  .option(
    "-p, --port <number>",
    "local port to use (random if not specified)",
-    Number.parseInt
+    Number.parseInt,
  )
  .option("--ignore-certificate", "ignore certificate errors for HTTPS proxies")
  .option("--id <id>", "proxy ID for stop command")
+  .option(
+    "-u, --upstream <url>",
+    "upstream proxy URL (protocol://[username:password@]host:port)",
+  )
  .description("manage proxy servers")
  .action(
    async (
      action: string,
      options: {
-        upstream?: string;
+        host?: string;
+        proxyPort?: number;
+        type?: string;
+        username?: string;
+        password?: string;
        port?: number;
        ignoreCertificate?: boolean;
        id?: string;
-      }
+        upstream?: string;
+      },
    ) => {
      if (action === "start") {
-        if (!options.upstream) {
-          console.error("Error: Upstream proxy URL is required");
-          console.log(
-            "Example: proxy start -u http://username:password@proxy.example.com:8080"
+        let upstreamUrl: string;
+
+        // Build upstream URL from individual components if provided
+        if (options.host && options.proxyPort && options.type) {
+          const protocol =
+            options.type === "socks4" || options.type === "socks5"
+              ? options.type
+              : "http";
+          const auth =
+            options.username && options.password
+              ? `${encodeURIComponent(options.username)}:${encodeURIComponent(
+                  options.password,
+                )}@`
+              : "";
+          upstreamUrl = `${protocol}://${auth}${options.host}:${options.proxyPort}`;
+        } else if (options.upstream) {
+          upstreamUrl = options.upstream;
+        } else {
+          console.error(
+            "Error: Either --upstream URL or --host, --proxy-port, and --type are required",
          );
+          console.log(
+            "Example: proxy start --host datacenter.proxyempire.io --proxy-port 9000 --type http --username user --password pass",
+          );
+          process.exit(1);
          return;
        }

        try {
-          const config = await startProxyProcess(options.upstream, {
+          const config = await startProxyProcess(upstreamUrl, {
            port: options.port,
            ignoreProxyCertificate: options.ignoreCertificate,
          });
-          console.log(JSON.stringify(config));
+
+          // Output the configuration as JSON for the Rust side to parse
+          console.log(
+            JSON.stringify({
+              id: config.id,
+              localPort: config.localPort,
+              localUrl: config.localUrl,
+              upstreamUrl: config.upstreamUrl,
+            }),
+          );
+
+          // Exit successfully to allow the process to detach
+          process.exit(0);
        } catch (error: unknown) {
-          console.error(`Failed to start proxy: ${JSON.stringify(error)}`);
+          console.error(
+            `Failed to start proxy: ${
+              error instanceof Error ? error.message : JSON.stringify(error)
+            }`,
+          );
+          process.exit(1);
        }
      } else if (action === "stop") {
        if (options.id) {
          const stopped = await stopProxyProcess(options.id);
-          console.log(`{
-            "success": ${stopped}}`);
+          console.log(JSON.stringify({ success: stopped }));
        } else if (options.upstream) {
          // Find proxies with this upstream URL
          const configs = listProxyConfigs().filter(
-            (config) => config.upstreamUrl === options.upstream
+            (config) => config.upstreamUrl === options.upstream,
          );

          if (configs.length === 0) {
            console.error(`No proxies found for ${options.upstream}`);
+            process.exit(1);
            return;
          }

          for (const config of configs) {
            const stopped = await stopProxyProcess(config.id);
-            console.log(`{
-            "success": ${stopped}}`);
+            console.log(JSON.stringify({ success: stopped }));
          }
        } else {
          await stopAllProxyProcesses();
-          console.log(`{
-            "success": true}`);
+          console.log(JSON.stringify({ success: true }));
        }
+        process.exit(0);
      } else if (action === "list") {
        const configs = listProxyConfigs();
        console.log(JSON.stringify(configs));
+        process.exit(0);
      } else {
        console.error("Invalid action. Use 'start', 'stop', or 'list'");
+        process.exit(1);
      }
-    }
+    },
  );

 // Command for proxy worker (internal use)
@@ -3,12 +3,12 @@ import path from "node:path";
 import getPort from "get-port";
 import {
  type ProxyConfig,
-  saveProxyConfig,
-  getProxyConfig,
  deleteProxyConfig,
-  isProcessRunning,
  generateProxyId,
+  getProxyConfig,
+  isProcessRunning,
  listProxyConfigs,
+  saveProxyConfig,
 } from "./proxy-storage";

 /**
@@ -19,50 +19,53 @@ import {
 */
 export async function startProxyProcess(
  upstreamUrl: string,
-  options: { port?: number; ignoreProxyCertificate?: boolean } = {}
+  options: { port?: number; ignoreProxyCertificate?: boolean } = {},
 ): Promise<ProxyConfig> {
  // Generate a unique ID for this proxy
  const id = generateProxyId();

  // Get a random available port if not specified
-  const port = options.port || (await getPort());
+  const port = options.port ?? (await getPort());

  // Create the proxy configuration
  const config: ProxyConfig = {
    id,
    upstreamUrl,
    localPort: port,
-    ignoreProxyCertificate: options.ignoreProxyCertificate || false,
+    ignoreProxyCertificate: options.ignoreProxyCertificate ?? false,
  };

  // Save the configuration before starting the process
  saveProxyConfig(config);

  // Build the command arguments
-  const args = ["proxy-worker", "start", "--id", id];
+  const args = [
+    path.join(__dirname, "index.js"),
+    "proxy-worker",
+    "start",
+    "--id",
+    id,
+  ];

-  // Spawn the process
-  const child = spawn(
-    process.execPath,
-    [path.join(__dirname, "index.js"), ...args],
-    {
-      detached: true,
-      stdio: "ignore",
-    }
-  );
+  // Spawn the process with proper detachment
+  const child = spawn(process.execPath, args, {
+    detached: true,
+    stdio: ["ignore", "ignore", "ignore"], // Completely ignore all stdio
+    cwd: process.cwd(),
+  });

  // Unref the child to allow the parent to exit independently
  child.unref();

-  // Store the process ID
+  // Store the process ID and local URL
  config.pid = child.pid;
-  config.localUrl = `http://localhost:${port}`;
+  config.localUrl = `http://127.0.0.1:${port}`;

  // Update the configuration with the process ID
  saveProxyConfig(config);

-  // Wait a bit to ensure the proxy has started
-  await new Promise((resolve) => setTimeout(resolve, 500));
+  // Give the worker a moment to start before returning
+  await new Promise((resolve) => setTimeout(resolve, 100));

  return config;
 }
@@ -75,7 +78,9 @@ export async function startProxyProcess(
 export async function stopProxyProcess(id: string): Promise<boolean> {
  const config = getProxyConfig(id);

-  if (!config || !config.pid) {
+  if (!config?.pid) {
+    // Try to delete the config anyway in case it exists without a PID
+    deleteProxyConfig(id);
    return false;
  }

@@ -83,10 +88,16 @@ export async function stopProxyProcess(id: string): Promise<boolean> {
    // Check if the process is running
    if (isProcessRunning(config.pid)) {
      // Send SIGTERM to the process
-      process.kill(config.pid);
+      process.kill(config.pid, "SIGTERM");

      // Wait a bit to ensure the process has terminated
-      await new Promise((resolve) => setTimeout(resolve, 300));
+      await new Promise((resolve) => setTimeout(resolve, 500));
+
+      // If still running, send SIGKILL
+      if (isProcessRunning(config.pid)) {
+        process.kill(config.pid, "SIGKILL");
+        await new Promise((resolve) => setTimeout(resolve, 200));
+      }
    }

    // Delete the configuration
@@ -95,6 +106,8 @@ export async function stopProxyProcess(id: string): Promise<boolean> {
    return true;
  } catch (error) {
    console.error(`Error stopping proxy ${id}:`, error);
+    // Delete the configuration even if stopping failed
+    deleteProxyConfig(id);
    return false;
  }
 }
@@ -106,7 +119,6 @@ export async function stopProxyProcess(id: string): Promise<boolean> {
 export async function stopAllProxyProcesses(): Promise<void> {
  const configs = listProxyConfigs();

-  for (const config of configs) {
-    await stopProxyProcess(config.id);
-  }
+  const stopPromises = configs.map((config) => stopProxyProcess(config.id));
+  await Promise.all(stopPromises);
 }
@@ -1,5 +1,5 @@
 import { Server } from "proxy-chain";
-import { getProxyConfig } from "./proxy-storage";
+import { getProxyConfig, updateProxyConfig } from "./proxy-storage";

 /**
 * Run a proxy server as a worker process
@@ -8,44 +8,68 @@ import { getProxyConfig } from "./proxy-storage";
 export async function runProxyWorker(id: string): Promise<void> {
  // Get the proxy configuration
  const config = getProxyConfig(id);
-  
+
  if (!config) {
    console.error(`Proxy configuration ${id} not found`);
    process.exit(1);
  }
-  
+
  // Create a new proxy server
  const server = new Server({
    port: config.localPort,
-    host: "localhost",
+    host: "127.0.0.1",
    prepareRequestFunction: () => {
      return {
        upstreamProxyUrl: config.upstreamUrl,
-        ignoreUpstreamProxyCertificate: config.ignoreProxyCertificate || false,
+        ignoreUpstreamProxyCertificate: config.ignoreProxyCertificate ?? false,
      };
    },
  });
-  
-  // Handle process termination
-  process.on("SIGTERM", async () => {
-    console.log(`Proxy worker ${id} received SIGTERM, shutting down...`);
-    await server.close(true);
+
+  // Handle process termination gracefully
+  const gracefulShutdown = async (signal: string) => {
+    console.log(`Proxy worker ${id} received ${signal}, shutting down...`);
+    try {
+      await server.close(true);
+      console.log(`Proxy worker ${id} shut down successfully`);
+    } catch (error) {
+      console.error(`Error during shutdown for proxy ${id}:`, error);
+    }
    process.exit(0);
+  };
+
+  process.on("SIGTERM", () => void gracefulShutdown("SIGTERM"));
+  process.on("SIGINT", () => void gracefulShutdown("SIGINT"));
+
+  // Handle uncaught exceptions
+  process.on("uncaughtException", (error) => {
+    console.error(`Uncaught exception in proxy worker ${id}:`, error);
+    process.exit(1);
  });
-  
-  process.on("SIGINT", async () => {
-    console.log(`Proxy worker ${id} received SIGINT, shutting down...`);
-    await server.close(true);
-    process.exit(0);
+
+  process.on("unhandledRejection", (reason) => {
+    console.error(`Unhandled rejection in proxy worker ${id}:`, reason);
+    process.exit(1);
  });
-  
+
  // Start the server
  try {
    await server.listen();
+
+    // Update the config with the actual port (in case it was auto-assigned)
+    config.localPort = server.port;
+    config.localUrl = `http://127.0.0.1:${server.port}`;
+    updateProxyConfig(config);
+
    console.log(`Proxy worker ${id} started on port ${server.port}`);
    console.log(`Forwarding to upstream proxy: ${config.upstreamUrl}`);
+
+    // Keep the process alive
+    setInterval(() => {
+      // Do nothing, just keep the process alive
+    }, 60000);
  } catch (error) {
    console.error(`Failed to start proxy worker ${id}:`, error);
    process.exit(1);
  }
-}
+}
@@ -1,73 +0,0 @@
-import { 
-  startProxyProcess, 
-  stopProxyProcess, 
-  stopAllProxyProcesses 
-} from "./proxy-runner";
-import { listProxyConfigs } from "./proxy-storage";
-
-// Type definitions
-interface ProxyOptions {
-  port?: number;
-  ignoreProxyCertificate?: boolean;
-}
-
-/**
- * Start a local proxy server that forwards to an upstream proxy
- * @param upstreamProxyUrl The upstream proxy URL (protocol://[username:password@]host:port)
- * @param options Optional configuration
- * @returns Promise resolving to the local proxy URL
- */
-export async function startProxy(
-  upstreamProxyUrl: string,
-  options: ProxyOptions = {}
-): Promise<string> {
-  const config = await startProxyProcess(upstreamProxyUrl, {
-    port: options.port,
-    ignoreProxyCertificate: options.ignoreProxyCertificate,
-  });
-  
-  return config.localUrl || `http://localhost:${config.localPort}`;
-}
-
-/**
- * Stop a specific proxy by its upstream URL
- * @param upstreamProxyUrl The upstream proxy URL to stop
- * @returns Promise resolving to true if proxy was found and stopped, false otherwise
- */
-export async function stopProxy(upstreamProxyUrl: string): Promise<boolean> {
-  // Find all proxies with this upstream URL
-  const configs = listProxyConfigs().filter(
-    config => config.upstreamUrl === upstreamProxyUrl
-  );
-  
-  if (configs.length === 0) {
-    return false;
-  }
-  
-  // Stop all matching proxies
-  let success = true;
-  for (const config of configs) {
-    const stopped = await stopProxyProcess(config.id);
-    if (!stopped) {
-      success = false;
-    }
-  }
-  
-  return success;
-}
-
-/**
- * Get a list of all active proxy upstream URLs
- * @returns Array of upstream proxy URLs
- */
-export function getActiveProxies(): string[] {
-  return listProxyConfigs().map(config => config.upstreamUrl);
-}
-
-/**
- * Stop all active proxies
- * @returns Promise that resolves when all proxies are stopped
- */
-export async function stopAllProxies(): Promise<void> {
-  await stopAllProxyProcesses();
-}
@@ -2,7 +2,7 @@
  "name": "donutbrowser",
  "private": true,
  "license": "AGPL-3.0",
-  "version": "0.3.2",
+  "version": "0.5.2",
  "type": "module",
  "scripts": {
    "dev": "next dev --turbopack",
@@ -20,6 +20,7 @@
    "format:js": "biome check src/ --fix",
    "format": "pnpm format:js && pnpm format:rust",
    "cargo": "cd src-tauri && cargo",
+    "unused-exports:js": "ts-unused-exports tsconfig.json",
    "check-unused-commands": "cd src-tauri && cargo run --bin check_unused_commands"
  },
  "dependencies": {
@@ -35,9 +36,11 @@
    "@radix-ui/react-tooltip": "^1.2.7",
    "@tanstack/react-table": "^8.21.3",
    "@tauri-apps/api": "^2.5.0",
+    "@tauri-apps/plugin-deep-link": "^2.3.0",
    "@tauri-apps/plugin-dialog": "^2.2.2",
    "@tauri-apps/plugin-fs": "~2.3.0",
    "@tauri-apps/plugin-opener": "^2.2.7",
+    "ahooks": "^3.8.5",
    "class-variance-authority": "^0.7.1",
    "clsx": "^2.1.1",
    "cmdk": "^1.1.1",
@@ -47,34 +50,36 @@
    "react-dom": "^19.1.0",
    "react-icons": "^5.5.0",
    "sonner": "^2.0.5",
-    "tailwind-merge": "^3.3.0"
+    "tailwind-merge": "^3.3.1",
+    "tauri-plugin-macos-permissions-api": "^2.3.0"
  },
  "devDependencies": {
    "@biomejs/biome": "1.9.4",
    "@eslint/eslintrc": "^3.3.1",
-    "@eslint/js": "^9.28.0",
+    "@eslint/js": "^9.29.0",
    "@next/eslint-plugin-next": "^15.3.3",
-    "@tailwindcss/postcss": "^4.1.8",
+    "@tailwindcss/postcss": "^4.1.10",
    "@tauri-apps/cli": "^2.5.0",
-    "@types/node": "^22.15.30",
-    "@types/react": "^19.1.6",
+    "@types/node": "^24.0.1",
+    "@types/react": "^19.1.8",
    "@types/react-dom": "^19.1.6",
-    "@typescript-eslint/eslint-plugin": "^8.33.1",
-    "@typescript-eslint/parser": "^8.33.1",
-    "@vitejs/plugin-react": "^4.5.1",
-    "eslint": "^9.28.0",
+    "@typescript-eslint/eslint-plugin": "^8.34.0",
+    "@typescript-eslint/parser": "^8.34.0",
+    "@vitejs/plugin-react": "^4.5.2",
+    "eslint": "^9.29.0",
    "eslint-config-next": "^15.3.3",
    "eslint-plugin-react-hooks": "^5.2.0",
    "husky": "^9.1.7",
-    "lint-staged": "^16.1.0",
-    "tailwindcss": "^4.1.8",
+    "lint-staged": "^16.1.1",
+    "tailwindcss": "^4.1.10",
+    "ts-unused-exports": "^11.0.1",
    "tw-animate-css": "^1.3.4",
    "typescript": "~5.8.3",
-    "typescript-eslint": "^8.33.1"
+    "typescript-eslint": "^8.34.0"
  },
  "packageManager": "pnpm@10.11.1",
  "lint-staged": {
-    "src/**/*.{js,jsx,ts,tsx,json,css,md}": [
+    "**/*.{js,jsx,ts,tsx,json,css,md}": [
      "biome check --fix",
      "eslint --cache --fix"
    ],
@@ -13,9 +13,9 @@ dependencies = [

 [[package]]
 name = "adler2"
-version = "2.0.0"
+version = "2.0.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "512761e0bb2578dd7380c6baaa0f4ce03e84f95e960231d1dec8bf4d7d6e2627"
+checksum = "320119579fcad9c21884f5c4861d16174d0e06250625266f50fe6898340abefa"

 [[package]]
 name = "aes"
@@ -405,15 +405,15 @@ dependencies = [

 [[package]]
 name = "bumpalo"
-version = "3.18.0"
+version = "3.18.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c1b094a32014c3d1f3944e4808e0e7c70e97dae0660886a8eb6dbc52d745badc"
+checksum = "793db76d6187cd04dff33004d8e6c9cc4e05cd330500379d2394209271b4aeee"

 [[package]]
 name = "bytemuck"
-version = "1.23.0"
+version = "1.23.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9134a6ef01ce4b366b50689c94f82c14bc72bc5d0386829828a2e2752ef7958c"
+checksum = "5c76a5792e44e4abe34d3abf15636779261d45a7450612059293d1d2cfc63422"

 [[package]]
 name = "byteorder"
@@ -518,9 +518,9 @@ dependencies = [

 [[package]]
 name = "cc"
-version = "1.2.25"
+version = "1.2.27"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d0fc897dc1e865cc67c0e05a836d9d3f1df3cbe442aa4a9473b18e12624a4951"
+checksum = "d487aa071b5f64da6f19a3e848e3578944b726ee5a4854b82172f02aa876bfdc"
 dependencies = [
 "jobserver",
 "libc",
@@ -556,9 +556,9 @@ dependencies = [

 [[package]]
 name = "cfg-if"
-version = "1.0.0"
+version = "1.0.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd"
+checksum = "9555578bc9e57714c812a1f84e4fc5b4d21fcb063490c624de019f7464c91268"

 [[package]]
 name = "cfg_aliases"
@@ -993,13 +993,16 @@ dependencies = [

 [[package]]
 name = "donutbrowser"
-version = "0.3.2"
+version = "0.5.2"
 dependencies = [
 "async-trait",
 "base64 0.22.1",
 "core-foundation 0.10.1",
 "directories",
 "futures-util",
+ "http-body-util",
+ "hyper",
+ "hyper-util",
 "lazy_static",
 "objc2 0.6.1",
 "objc2-app-kit",
@@ -1012,11 +1015,18 @@ dependencies = [
 "tauri-plugin-deep-link",
 "tauri-plugin-dialog",
 "tauri-plugin-fs",
+ "tauri-plugin-macos-permissions",
 "tauri-plugin-opener",
 "tauri-plugin-shell",
+ "tauri-plugin-single-instance",
 "tempfile",
 "tokio",
 "tokio-test",
+ "tower",
+ "tower-http",
+ "urlencoding",
+ "windows",
+ "winreg",
 "wiremock",
 "zip",
 ]
@@ -1094,9 +1104,9 @@ checksum = "a3d8a32ae18130a3c84dd492d4215c3d913c3b07c6b63c2eb3eb7ff1101ab7bf"

 [[package]]
 name = "enumflags2"
-version = "0.7.11"
+version = "0.7.12"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ba2f4b465f5318854c6f8dd686ede6c0a9dc67d4b1ac241cf0eb51521a309147"
+checksum = "1027f7680c853e056ebcec683615fb6fbbc07dbaa13b4d5d9442b146ded4ecef"
 dependencies = [
 "enumflags2_derive",
 "serde",
@@ -1104,9 +1114,9 @@ dependencies = [

 [[package]]
 name = "enumflags2_derive"
-version = "0.7.11"
+version = "0.7.12"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "fc4caf64a58d7a6d65ab00639b046ff54399a39f5f2554728895ace4b297cd79"
+checksum = "67c78a4d8fdf9953a5c9d458f9efe940fd97a0cab0941c075a813ac594733827"
 dependencies = [
 "proc-macro2",
 "quote",
@@ -1187,9 +1197,9 @@ dependencies = [

 [[package]]
 name = "flate2"
-version = "1.1.1"
+version = "1.1.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7ced92e76e966ca2fd84c8f7aa01a4aea65b0eb6648d72f7c8f3e2764a67fece"
+checksum = "4a3d7db9596fecd151c5f638c0ee5d5bd487b6e0ea232e5dc96d5250f6f94b1d"
 dependencies = [
 "crc32fast",
 "libz-rs-sys",
@@ -1724,9 +1734,9 @@ checksum = "2304e00983f87ffb38b55b444b5e3b60a884b5d30c0fca7d82fe33449bbe55ea"

 [[package]]
 name = "hermit-abi"
-version = "0.5.1"
+version = "0.5.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f154ce46856750ed433c8649605bf7ed2de3bc35fd9d2a9f30cddd873c80cb08"
+checksum = "fc0fef456e4baa96da950455cd02c081ca953b141298e41db3fc7e36b1da849c"

 [[package]]
 name = "hex"
@@ -1791,6 +1801,12 @@ dependencies = [
 "pin-project-lite",
 ]

+[[package]]
+name = "http-range-header"
+version = "0.4.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9171a2ea8a68358193d15dd5d70c1c10a2afc3e7e4c5bc92bc9f025cebd7359c"
+
 [[package]]
 name = "httparse"
 version = "1.10.1"
@@ -1826,9 +1842,9 @@ dependencies = [

 [[package]]
 name = "hyper-rustls"
-version = "0.27.6"
+version = "0.27.7"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "03a01595e11bdcec50946522c32dde3fc6914743000a68b93000965f2f02406d"
+checksum = "e3c93eb611681b207e1fe55d5a71ecf91572ec8a6705cdb6857f7d8d5242cf58"
 dependencies = [
 "http",
 "hyper",
@@ -2259,9 +2275,9 @@ dependencies = [

 [[package]]
 name = "libc"
-version = "0.2.172"
+version = "0.2.173"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d750af042f7ef4f724306de029d18836c26c1765a54a6a3f094cbd23a7267ffa"
+checksum = "d8cfeafaffdbc32176b64fb251369d52ea9f0a8fbc6f8759edffef7b525d64bb"

 [[package]]
 name = "libloading"
@@ -2284,9 +2300,9 @@ dependencies = [

 [[package]]
 name = "liblzma-sys"
-version = "0.4.3"
+version = "0.4.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5839bad90c3cc2e0b8c4ed8296b80e86040240f81d46b9c0e9bc8dd51ddd3af1"
+checksum = "01b9596486f6d60c3bbe644c0e1be1aa6ccc472ad630fe8927b456973d7cb736"
 dependencies = [
 "cc",
 "libc",
@@ -2305,9 +2321,9 @@ dependencies = [

 [[package]]
 name = "libz-rs-sys"
-version = "0.5.0"
+version = "0.5.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6489ca9bd760fe9642d7644e827b0c9add07df89857b0416ee15c1cc1a3b8c5a"
+checksum = "172a788537a2221661b480fee8dc5f96c580eb34fa88764d3205dc356c7e4221"
 dependencies = [
 "zlib-rs",
 ]
@@ -2346,6 +2362,16 @@ version = "0.1.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "c41e0c4fef86961ac6d6f8a82609f55f31b05e4fce149ac5710e439df7619ba4"

+[[package]]
+name = "macos-accessibility-client"
+version = "0.0.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "edf7710fbff50c24124331760978fb9086d6de6288dcdb38b25a97f8b1bdebbb"
+dependencies = [
+ "core-foundation 0.9.4",
+ "core-foundation-sys",
+]
+
 [[package]]
 name = "markup5ever"
 version = "0.11.0"
@@ -2368,9 +2394,9 @@ checksum = "2532096657941c2fea9c289d370a250971c689d4f143798ff67113ec042024a5"

 [[package]]
 name = "memchr"
-version = "2.7.4"
+version = "2.7.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "78ca9ab1a0babb1e7d5695e3530886289c18cf2f87ec19a575a0abdce112e3a3"
+checksum = "32a282da65faaf38286cf3be983213fcf1d2e2a58700e808f83f4ea9a4804bc0"

 [[package]]
 name = "memoffset"
@@ -2388,10 +2414,20 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "6877bb514081ee2a7ff5ef9de3281f14a4dd4bceac4c09388074a6b5df8a139a"

 [[package]]
-name = "miniz_oxide"
-version = "0.8.8"
+name = "mime_guess"
+version = "2.0.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3be647b768db090acb35d5ec5db2b0e1f1de11133ca123b9eacf5137868f892a"
+checksum = "f7c44f8e672c00fe5308fa235f821cb4198414e1c77935c1ab6948d3fd78550e"
+dependencies = [
+ "mime",
+ "unicase",
+]
+
+[[package]]
+name = "miniz_oxide"
+version = "0.8.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1fa76a2c86f704bdb222d66965fb3d63269ce38518b83cb0575fca855ebb6316"
 dependencies = [
 "adler2",
 "simd-adler32",
@@ -3128,9 +3164,9 @@ checksum = "7edddbd0b52d732b21ad9a5fab5c704c14cd949e5e9a1ec5929a24fded1b904c"

 [[package]]
 name = "plist"
-version = "1.7.1"
+version = "1.7.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "eac26e981c03a6e53e0aee43c113e3202f5581d5360dae7bd2c70e800dd0451d"
+checksum = "3d77244ce2d584cd84f6a15f86195b8c9b2a0dfbfd817c09e0464244091a58ed"
 dependencies = [
 "base64 0.22.1",
 "indexmap 2.9.0",
@@ -3266,9 +3302,9 @@ dependencies = [

 [[package]]
 name = "quick-xml"
-version = "0.32.0"
+version = "0.37.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1d3a6e5838b60e0e8fa7a43f22ade549a37d61f8bdbe636d0d7816191de969c2"
+checksum = "331e97a1af0bf59823e6eadffe373d7b27f485be8748f71471c662c1f269b7fb"
 dependencies = [
 "memchr",
 ]
@@ -3406,9 +3442,9 @@ checksum = "20675572f6f24e9e76ef639bc5552774ed45f1c30e2951e1e99c59888861c539"

 [[package]]
 name = "redox_syscall"
-version = "0.5.12"
+version = "0.5.13"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "928fca9cf2aa042393a8325b9ead81d2f0df4cb12e1e24cef072922ccd99c5af"
+checksum = "0d04b7d0ee6b4a0207a0a7adb104d23ecb0b47d6beae7152d0fa34b692b29fd6"
 dependencies = [
 "bitflags 2.9.1",
 ]
@@ -3424,6 +3460,26 @@ dependencies = [
 "thiserror 2.0.12",
 ]

+[[package]]
+name = "ref-cast"
+version = "1.0.24"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4a0ae411dbe946a674d89546582cea4ba2bb8defac896622d6496f14c23ba5cf"
+dependencies = [
+ "ref-cast-impl",
+]
+
+[[package]]
+name = "ref-cast-impl"
+version = "1.0.24"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1165225c21bff1f3bbce98f5a1f889949bc902d3575308cc7b0de30b4f6d27c7"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.101",
+]
+
 [[package]]
 name = "regex"
 version = "1.11.1"
@@ -3455,9 +3511,9 @@ checksum = "2b15c43186be67a4fd63bee50d0303afffcef381492ebe2c5d87f324e1b8815c"

 [[package]]
 name = "reqwest"
-version = "0.12.19"
+version = "0.12.20"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a2f8e5513d63f2e5b386eb5106dc67eaf3f84e95258e210489136b8b92ad6119"
+checksum = "eabf4c97d9130e2bf606614eb937e86edac8292eaa6f422f995d7e8de1eb1813"
 dependencies = [
 "base64 0.22.1",
 "bytes",
@@ -3472,12 +3528,10 @@ dependencies = [
 "hyper-rustls",
 "hyper-tls",
 "hyper-util",
- "ipnet",
 "js-sys",
 "log",
 "mime",
 "native-tls",
- "once_cell",
 "percent-encoding",
 "pin-project-lite",
 "rustls-pki-types",
@@ -3550,9 +3604,9 @@ dependencies = [

 [[package]]
 name = "rustc-demangle"
-version = "0.1.24"
+version = "0.1.25"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "719b953e2095829ee67db738b3bfa9fa368c94900df327b3f07fe6e794d2fe1f"
+checksum = "989e6739f80c4ad5b13e0fd7fe89531180375b18520cc8c82080e4dc4035b84f"

 [[package]]
 name = "rustc_version"
@@ -3654,6 +3708,18 @@ dependencies = [
 "uuid",
 ]

+[[package]]
+name = "schemars"
+version = "0.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4cd191f9397d57d581cddd31014772520aa448f65ef991055d7f61582c65165f"
+dependencies = [
+ "dyn-clone",
+ "ref-cast",
+ "serde",
+ "serde_json",
+]
+
 [[package]]
 name = "schemars_derive"
 version = "0.8.22"
@@ -3791,9 +3857,9 @@ dependencies = [

 [[package]]
 name = "serde_spanned"
-version = "0.6.8"
+version = "0.6.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "87607cb1398ed59d48732e575a4c28a7a8ebf2454b964fe3f224f2afc07909e1"
+checksum = "bf41e0cfaf7226dca15e8197172c295a782857fcb97fad1808a166870dee75a3"
 dependencies = [
 "serde",
 ]
@@ -3812,15 +3878,16 @@ dependencies = [

 [[package]]
 name = "serde_with"
-version = "3.12.0"
+version = "3.13.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d6b6f7f2fcb69f747921f79f3926bd1e203fce4fef62c268dd3abfb6d86029aa"
+checksum = "bf65a400f8f66fb7b0552869ad70157166676db75ed8181f8104ea91cf9d0b42"
 dependencies = [
 "base64 0.22.1",
 "chrono",
 "hex",
 "indexmap 1.9.3",
 "indexmap 2.9.0",
+ "schemars 0.9.0",
 "serde",
 "serde_derive",
 "serde_json",
@@ -3830,9 +3897,9 @@ dependencies = [

 [[package]]
 name = "serde_with_macros"
-version = "3.12.0"
+version = "3.13.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8d00caa5193a3c8362ac2b73be6b9e768aa5a4b2f721d8f4b339600c3cb51f8e"
+checksum = "81679d9ed988d5e9a5e6531dc3f2c28efbd639cbd1dfb628df08edea6004da77"
 dependencies = [
 "darling",
 "proc-macro2",
@@ -3948,9 +4015,9 @@ dependencies = [

 [[package]]
 name = "smallvec"
-version = "1.15.0"
+version = "1.15.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8917285742e9f3e1683f0a9c4e6b57960b7314d0b08d30d1ecd426713ee2eee9"
+checksum = "67b1b7a3b5fe4f1376887184045fcf45c69e92af734b7aaddc05fb777b6fbd03"

 [[package]]
 name = "socket2"
@@ -4279,7 +4346,7 @@ dependencies = [
 "glob",
 "heck 0.5.0",
 "json-patch",
- "schemars",
+ "schemars 0.8.22",
 "semver",
 "serde",
 "serde_json",
@@ -4339,7 +4406,7 @@ dependencies = [
 "anyhow",
 "glob",
 "plist",
- "schemars",
+ "schemars 0.8.22",
 "serde",
 "serde_json",
 "tauri-utils",
@@ -4395,7 +4462,7 @@ dependencies = [
 "dunce",
 "glob",
 "percent-encoding",
- "schemars",
+ "schemars 0.8.22",
 "serde",
 "serde_json",
 "serde_repr",
@@ -4407,6 +4474,21 @@ dependencies = [
 "url",
 ]

+[[package]]
+name = "tauri-plugin-macos-permissions"
+version = "2.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5607e0707d37d7b20e287cf0ce396d1efebe7b833b8e9cbd2ea4257091d9c604"
+dependencies = [
+ "macos-accessibility-client",
+ "objc2 0.6.1",
+ "objc2-foundation 0.3.1",
+ "serde",
+ "tauri",
+ "tauri-plugin",
+ "thiserror 2.0.12",
+]
+
 [[package]]
 name = "tauri-plugin-opener"
 version = "2.2.7"
@@ -4418,7 +4500,7 @@ dependencies = [
 "objc2-app-kit",
 "objc2-foundation 0.3.1",
 "open",
- "schemars",
+ "schemars 0.8.22",
 "serde",
 "serde_json",
 "tauri",
@@ -4440,7 +4522,7 @@ dependencies = [
 "open",
 "os_pipe",
 "regex",
- "schemars",
+ "schemars 0.8.22",
 "serde",
 "serde_json",
 "shared_child",
@@ -4450,6 +4532,22 @@ dependencies = [
 "tokio",
 ]

+[[package]]
+name = "tauri-plugin-single-instance"
+version = "2.2.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "97d0e07b40fb2eb13778e30778f5979347a2bf30e1b9d47f78ff7fe92d2e4b3d"
+dependencies = [
+ "serde",
+ "serde_json",
+ "tauri",
+ "tauri-plugin-deep-link",
+ "thiserror 2.0.12",
+ "tracing",
+ "windows-sys 0.59.0",
+ "zbus",
+]
+
 [[package]]
 name = "tauri-runtime"
 version = "2.6.0"
@@ -4522,7 +4620,7 @@ dependencies = [
 "proc-macro2",
 "quote",
 "regex",
- "schemars",
+ "schemars 0.8.22",
 "semver",
 "serde",
 "serde-untagged",
@@ -4769,9 +4867,9 @@ dependencies = [

 [[package]]
 name = "toml_datetime"
-version = "0.6.9"
+version = "0.6.11"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3da5db5a963e24bc68be8b17b6fa82814bb22ee8660f192bb182771d498f09a3"
+checksum = "22cddaf88f4fbc13c51aebbf5f8eceb5c7c5a9da2ac40a13519eb5b0a0e8f11c"
 dependencies = [
 "serde",
 ]
@@ -4814,9 +4912,9 @@ dependencies = [

 [[package]]
 name = "toml_write"
-version = "0.1.1"
+version = "0.1.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "bfb942dfe1d8e29a7ee7fcbde5bd2b9a25fb89aa70caea2eba3bee836ff41076"
+checksum = "5d99f8c9a7727884afe522e9bd5edbfc91a3312b36a77b5fb8926e4c31a41801"

 [[package]]
 name = "tower"
@@ -4841,14 +4939,24 @@ checksum = "adc82fd73de2a9722ac5da747f12383d2bfdb93591ee6c58486e0097890f05f2"
 dependencies = [
 "bitflags 2.9.1",
 "bytes",
+ "futures-core",
 "futures-util",
 "http",
 "http-body",
+ "http-body-util",
+ "http-range-header",
+ "httpdate",
 "iri-string",
+ "mime",
+ "mime_guess",
+ "percent-encoding",
 "pin-project-lite",
+ "tokio",
+ "tokio-util",
 "tower",
 "tower-layer",
 "tower-service",
+ "tracing",
 ]

 [[package]]
@@ -4876,9 +4984,9 @@ dependencies = [

 [[package]]
 name = "tracing-attributes"
-version = "0.1.28"
+version = "0.1.29"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "395ae124c09f9e6918a2310af6038fba074bcf474ac352496d5910dd59a2226d"
+checksum = "1b1ffbcf9c6f6b99d386e7444eb608ba646ae452a36b39737deb9663b610f662"
 dependencies = [
 "proc-macro2",
 "quote",
@@ -4887,9 +4995,9 @@ dependencies = [

 [[package]]
 name = "tracing-core"
-version = "0.1.33"
+version = "0.1.34"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e672c95779cf947c5311f83787af4fa8fffd12fb27e4993211a84bdfd9610f9c"
+checksum = "b9d12581f227e93f094d3af2ae690a574abb8a2b9b7a96e7cfe9647b2b617678"
 dependencies = [
 "once_cell",
 ]
@@ -4992,6 +5100,12 @@ dependencies = [
 "unic-common",
 ]

+[[package]]
+name = "unicase"
+version = "2.8.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "75b844d17643ee918803943289730bec8aac480150456169e647ed0b576ba539"
+
 [[package]]
 name = "unicode-ident"
 version = "1.0.18"
@@ -5022,6 +5136,12 @@ dependencies = [
 "serde",
 ]

+[[package]]
+name = "urlencoding"
+version = "2.1.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "daf8dba3b7eb870caf1ddeed7bc9d2a049f3cfdfae7cb521b087cc33ae4c49da"
+
 [[package]]
 name = "urlpattern"
 version = "0.3.0"
@@ -5358,9 +5478,9 @@ dependencies = [

 [[package]]
 name = "windows"
-version = "0.61.1"
+version = "0.61.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c5ee8f3d025738cb02bad7868bbb5f8a6327501e870bf51f1b455b0a2454a419"
+checksum = "9babd3a767a4c1aef6900409f85f5d53ce2544ccdfaa86dad48c91782c6d6893"
 dependencies = [
 "windows-collections",
 "windows-core",
@@ -5426,9 +5546,9 @@ dependencies = [

 [[package]]
 name = "windows-link"
-version = "0.1.1"
+version = "0.1.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "76840935b766e1b0a05c0066835fb9ec80071d4c09a16f6bd5f7e655e3c14c38"
+checksum = "5e6ad25900d524eaabdbbb96d20b4311e1e7ae1699af4fb28c17ae66c80d798a"

 [[package]]
 name = "windows-numerics"
@@ -5974,9 +6094,9 @@ dependencies = [

 [[package]]
 name = "zlib-rs"
-version = "0.5.0"
+version = "0.5.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "868b928d7949e09af2f6086dfc1e01936064cc7a819253bce650d4e2a2d63ba8"
+checksum = "626bd9fa9734751fc50d6060752170984d7053f5a39061f524cda68023d4db8a"

 [[package]]
 name = "zopfli"
@@ -1,6 +1,6 @@
 [package]
 name = "donutbrowser"
-version = "0.3.2"
+version = "0.5.2"
 description = "Simple Yet Powerful Browser Orchestrator"
 authors = ["zhom@github"]
 edition = "2021"
@@ -27,6 +27,7 @@ tauri-plugin-fs = "2"
 tauri-plugin-shell = "2"
 tauri-plugin-deep-link = "2"
 tauri-plugin-dialog = "2"
+tauri-plugin-macos-permissions = "2"
 directories = "6"
 reqwest = { version = "0.12", features = ["json", "stream"] }
 tokio = { version = "1", features = ["full"] }
@@ -36,16 +37,39 @@ base64 = "0.22"
 zip = "4"
 async-trait = "0.1"
 futures-util = "0.3"
+urlencoding = "2.1"
+
+[target."cfg(any(target_os = \"macos\", windows, target_os = \"linux\"))".dependencies]
+tauri-plugin-single-instance = { version = "2", features = ["deep-link"] }

 [target.'cfg(target_os = "macos")'.dependencies]
 core-foundation="0.10"
 objc2 = "0.6.1"
 objc2-app-kit = { version = "0.3.1", features = ["NSWindow"] }

+[target.'cfg(target_os = "windows")'.dependencies]
+winreg = "0.55"
+windows = { version = "0.61", features = [
+  "Win32_Foundation",
+  "Win32_System_ProcessStatus",
+  "Win32_System_Threading",
+  "Win32_System_Diagnostics_Debug",
+  "Win32_System_SystemInformation",
+  "Win32_Security",
+  "Win32_Storage_FileSystem",
+  "Win32_System_Registry",
+  "Win32_UI_Shell",
+] }
+
 [dev-dependencies]
 tempfile = "3.13.0"
 tokio-test = "0.4.4"
 wiremock = "0.6"
+hyper = { version = "1.0", features = ["full"] }
+hyper-util = { version = "0.1", features = ["full"] }
+http-body-util = "0.1"
+tower = "0.5"
+tower-http = { version = "0.6", features = ["fs", "trace"] }

 [features]
 # by default Tauri runs in production mode
@@ -2,47 +2,57 @@
 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
 <plist version="1.0">
 <dict>
+	<key>NSCameraUsageDescription</key>
+	<string>Donut Browser needs camera access to enable camera functionality in web browsers. Each website will still ask for your permission individually.</string>
+	<key>NSMicrophoneUsageDescription</key>
+	<string>Donut Browser needs microphone access to enable microphone functionality in web browsers. Each website will still ask for your permission individually.</string>
+	<key>NSLocalNetworkUsageDescription</key>
+	<string>Donut Browser has proxy functionality that requires local network access. You can deny this functionality if you don't plan on setting proxies for browser profiles.</string>
 	<key>CFBundleDisplayName</key>
 	<string>Donut Browser</string>
 	<key>CFBundleName</key>
 	<string>Donut Browser</string>
 	<key>CFBundleIdentifier</key>
 	<string>com.donutbrowser</string>
+    <key>CFBundleURLName</key>
+    <string>com.donutbrowser</string>
 	<key>CFBundleExecutable</key>
 	<string>donutbrowser</string>
 	<key>CFBundleVersion</key>
 	<string>1</string>
-	<key>CFBundleShortVersionString</key>
-	<string>0.3.2</string>
-	<key>CFBundlePackageType</key>
-	<string>APPL</string>
-	<key>CFBundleIconFile</key>
-	<string>icon.icns</string>
-	<key>CFBundleSignature</key>
-	<string>????</string>
 	<key>CFBundleIconFile</key>
 	<string>icon.icns</string>
+	<key>LSApplicationCategoryType</key>
+	<string>public.app-category.productivity</string>
+	<key>NSHumanReadableCopyright</key>
+	<string>Copyright © 2025 Donut Browser</string>
+	<key>CFBundleDocumentTypes</key>
+	<array>
+		<dict>
+			<key>CFBundleTypeName</key>
+			<string>HTML document</string>
+			<key>CFBundleTypeRole</key>
+			<string>Viewer</string>
+			<key>LSHandlerRank</key>
+			<string>Default</string>
+			<key>LSItemContentTypes</key>
+			<array>
+				<string>public.html</string>
+				<string>public.xhtml</string>
+			</array>
+		</dict>
+	</array>
 	<key>CFBundleURLTypes</key>
 	<array>
 		<dict>
 			<key>CFBundleURLName</key>
-			<string>Web Browser</string>
+			<string>Web site URL</string>
 			<key>CFBundleURLSchemes</key>
 			<array>
 				<string>http</string>
 				<string>https</string>
 			</array>
-			<key>CFBundleURLIconFile</key>
-			<string>icon.icns</string>
-			<key>LSHandlerRank</key>
-			<string>Owner</string>
 		</dict>
 	</array>
-	<key>LSApplicationCategoryType</key>
-	<string>public.app-category.productivity</string>
-	<key>NSHumanReadableCopyright</key>
-	<string>Copyright © 2025 Donut Browser</string>
-	<key>LSMinimumSystemVersion</key>
-	<string>10.13</string>
 </dict>
 </plist> 
@@ -1,14 +1,3 @@
 function FindProxyForURL(url, host) {
-  const proxyString = "{{proxy_url}}";
-
-  // Split the proxy string to get the credentials part
-  const parts = proxyString.split(" ")[1].split("@");
-  if (parts.length > 1) {
-    const credentials = parts[0];
-    const encodedCredentials = encodeURIComponent(credentials);
-    // Replace the original credentials with encoded ones
-    return proxyString.replace(credentials, encodedCredentials);
-  }
-
-  return proxyString;
+  return "{{proxy_url}}";
 }
@@ -17,7 +17,7 @@ fn main() {
    let version = std::env::var("CARGO_PKG_VERSION").unwrap_or_else(|_| "0.1.0".to_string());
    println!("cargo:rustc-env=BUILD_VERSION=v{version}");
  } else if let Ok(commit_hash) = std::env::var("GITHUB_SHA") {
-    // For nightly builds, use commit hash
+    // For nightly builds, use timestamp format or fallback to commit hash
    let short_hash = &commit_hash[0..7.min(commit_hash.len())];
    println!("cargo:rustc-env=BUILD_VERSION=nightly-{short_hash}");
  } else {
@@ -19,7 +19,16 @@
    "shell:allow-spawn",
    "shell:allow-stdin-write",
    "deep-link:default",
+    "deep-link:allow-register",
+    "deep-link:allow-unregister",
+    "deep-link:allow-is-registered",
+    "deep-link:allow-get-current",
    "dialog:default",
-    "dialog:allow-open"
+    "dialog:allow-open",
+    "macos-permissions:default",
+    "macos-permissions:allow-request-microphone-permission",
+    "macos-permissions:allow-request-camera-permission",
+    "macos-permissions:allow-check-microphone-permission",
+    "macos-permissions:allow-check-camera-permission"
  ]
 }
@@ -12,5 +12,21 @@
    <true/>
    <key>com.apple.security.files.downloads.read-write</key>
    <true/>
+    <key>com.apple.security.device.camera</key>
+    <true/>
+    <key>com.apple.security.device.audio-output</key>
+    <true/>
+    <key>com.apple.security.device.microphone</key>
+    <true/>
+    <key>com.apple.security.device.audio-input</key>
+    <true/>
+    <key>com.apple.security.cs.allow-jit</key>
+    <true/>
+    <key>com.apple.security.cs.allow-unsigned-executable-memory</key>
+    <true/>
+    <key>com.apple.security.cs.allow-dyld-environment-variables</key>
+    <true/>
+    <key>com.apple.security.cs.disable-library-validation</key>
+    <true/>
 </dict>
 </plist> 
@@ -1443,7 +1443,7 @@ mod tests {
    let mock_response = r#"[
      {
        "tag_name": "v1.81.9",
-        "name": "Brave Release 1.81.9",
+        "name": "Release v1.81.9 (Chromium 137.0.7151.104)",
        "prerelease": false,
        "published_at": "2024-01-15T10:00:00Z",
        "assets": [
@@ -1476,7 +1476,7 @@ mod tests {
    let releases = result.unwrap();
    assert!(!releases.is_empty());
    assert_eq!(releases[0].tag_name, "v1.81.9");
-    assert!(releases[0].is_nightly);
+    assert!(!releases[0].is_nightly); // "Release v1.81.9 (Chromium 137.0.7151.104)" starts with "Release" so it should be stable
  }

  #[tokio::test]
@@ -152,7 +152,7 @@ impl AppAutoUpdater {
  async fn fetch_app_releases(
    &self,
  ) -> Result<Vec<AppRelease>, Box<dyn std::error::Error + Send + Sync>> {
-    let url = "https://api.github.com/repos/zhom/donutbrowser/releases";
+    let url = "https://api.github.com/repos/zhom/donutbrowser/releases?per_page=100";
    let response = self
      .client
      .get(url)
@@ -398,6 +398,30 @@ impl AppAutoUpdater {
          Err("DMG extraction is only supported on macOS".into())
        }
      }
+      "msi" => {
+        #[cfg(target_os = "windows")]
+        {
+          // For MSI files on Windows, we need to run the installer
+          // MSI files can't be extracted like archives, they need to be executed
+          // Return the path to the MSI file itself for installation
+          Ok(archive_path.to_path_buf())
+        }
+        #[cfg(not(target_os = "windows"))]
+        {
+          Err("MSI installation is only supported on Windows".into())
+        }
+      }
+      "exe" => {
+        #[cfg(target_os = "windows")]
+        {
+          // For exe installers on Windows, return the path for execution
+          Ok(archive_path.to_path_buf())
+        }
+        #[cfg(not(target_os = "windows"))]
+        {
+          Err("EXE installation is only supported on Windows".into())
+        }
+      }
      "zip" => extractor.extract_zip(archive_path, dest_dir).await,
      _ => Err(format!("Unsupported archive format: {extension}").into()),
    }
@@ -406,71 +430,282 @@ impl AppAutoUpdater {
  /// Install the update by replacing the current app
  async fn install_update(
    &self,
-    new_app_path: &Path,
+    installer_path: &Path,
  ) -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
-    // Get the current application bundle path
-    let current_app_path = self.get_current_app_path()?;
+    #[cfg(target_os = "macos")]
+    {
+      // Get the current application bundle path
+      let current_app_path = self.get_current_app_path()?;

-    // Create a backup of the current app
-    let backup_path = current_app_path.with_extension("app.backup");
-    if backup_path.exists() {
-      fs::remove_dir_all(&backup_path)?;
+      // Create a backup of the current app
+      let backup_path = current_app_path.with_extension("app.backup");
+      if backup_path.exists() {
+        fs::remove_dir_all(&backup_path)?;
+      }
+
+      // Move current app to backup
+      fs::rename(&current_app_path, &backup_path)?;
+
+      // Move new app to current location
+      fs::rename(installer_path, &current_app_path)?;
+
+      // Remove quarantine attributes from the new app
+      let _ = Command::new("xattr")
+        .args([
+          "-dr",
+          "com.apple.quarantine",
+          current_app_path.to_str().unwrap(),
+        ])
+        .output();
+
+      let _ = Command::new("xattr")
+        .args(["-cr", current_app_path.to_str().unwrap()])
+        .output();
+
+      // Clean up backup after successful installation
+      let _ = fs::remove_dir_all(&backup_path);
+
+      Ok(())
    }

-    // Move current app to backup
-    fs::rename(&current_app_path, &backup_path)?;
+    #[cfg(target_os = "windows")]
+    {
+      let extension = installer_path
+        .extension()
+        .and_then(|ext| ext.to_str())
+        .unwrap_or("");

-    // Move new app to current location
-    fs::rename(new_app_path, &current_app_path)?;
+      println!("Installing Windows update with extension: {extension}");

-    // Remove quarantine attributes from the new app
-    let _ = Command::new("xattr")
-      .args([
-        "-dr",
-        "com.apple.quarantine",
-        current_app_path.to_str().unwrap(),
-      ])
-      .output();
+      match extension {
+        "msi" => {
+          // Install MSI silently with enhanced error handling
+          println!("Running MSI installer: {}", installer_path.display());

-    let _ = Command::new("xattr")
-      .args(["-cr", current_app_path.to_str().unwrap()])
-      .output();
+          let mut cmd = Command::new("msiexec");
+          cmd.args([
+            "/i",
+            installer_path.to_str().unwrap(),
+            "/quiet",
+            "/norestart",
+            "REBOOT=ReallySuppress",
+            "/l*v", // Enable verbose logging
+            &format!("{}.log", installer_path.to_str().unwrap()),
+          ]);

-    // Clean up backup after successful installation
-    let _ = fs::remove_dir_all(&backup_path);
+          let output = cmd.output()?;

-    Ok(())
+          if !output.status.success() {
+            let error_msg = String::from_utf8_lossy(&output.stderr);
+            let exit_code = output.status.code().unwrap_or(-1);
+
+            // Try to read the log file for more details
+            let log_path = format!("{}.log", installer_path.to_str().unwrap());
+            let log_content = fs::read_to_string(&log_path).unwrap_or_default();
+
+            println!("MSI installation failed with exit code: {exit_code}");
+            println!("Error output: {error_msg}");
+            if !log_content.is_empty() {
+              println!(
+                "Log file content (last 500 chars): {}",
+                &log_content
+                  .chars()
+                  .rev()
+                  .take(500)
+                  .collect::<String>()
+                  .chars()
+                  .rev()
+                  .collect::<String>()
+              );
+            }
+
+            return Err(
+              format!("MSI installation failed (exit code {exit_code}): {error_msg}").into(),
+            );
+          }
+
+          println!("MSI installation completed successfully");
+        }
+        "exe" => {
+          // Run exe installer silently with multiple fallback options
+          println!("Running EXE installer: {}", installer_path.display());
+
+          // Try NSIS silent flag first (most common for Tauri)
+          let mut success = false;
+          let mut last_error = String::new();
+
+          // NSIS installer flags (used by Tauri)
+          let nsis_args = vec![
+            vec!["/S"],                                             // Standard NSIS silent flag
+            vec!["/VERYSILENT", "/SUPPRESSMSGBOXES", "/NORESTART"], // Inno Setup flags
+            vec!["/quiet"],                                         // Generic quiet flag
+            vec!["/silent"],                                        // Alternative silent flag
+          ];
+
+          for args in nsis_args {
+            println!("Trying installer with args: {:?}", args);
+            let output = Command::new(installer_path).args(&args).output();
+
+            match output {
+              Ok(output) if output.status.success() => {
+                println!(
+                  "EXE installation completed successfully with args: {:?}",
+                  args
+                );
+                success = true;
+                break;
+              }
+              Ok(output) => {
+                let error_msg = String::from_utf8_lossy(&output.stderr);
+                last_error = format!(
+                  "Exit code {}: {}",
+                  output.status.code().unwrap_or(-1),
+                  error_msg
+                );
+                println!("Installer failed with args {:?}: {}", args, last_error);
+              }
+              Err(e) => {
+                last_error = format!("Failed to execute installer: {e}");
+                println!(
+                  "Failed to execute installer with args {:?}: {}",
+                  args, last_error
+                );
+              }
+            }
+          }
+
+          if !success {
+            return Err(
+              format!(
+                "EXE installation failed after trying multiple methods. Last error: {last_error}"
+              )
+              .into(),
+            );
+          }
+        }
+        "zip" => {
+          // Handle ZIP files by extracting and replacing the current executable
+          println!("Handling ZIP update: {}", installer_path.display());
+
+          let temp_extract_dir = installer_path.parent().unwrap().join("extracted");
+          fs::create_dir_all(&temp_extract_dir)?;
+
+          // Extract ZIP file
+          let extractor = crate::extraction::Extractor::new();
+          let extracted_path = extractor
+            .extract_zip(installer_path, &temp_extract_dir)
+            .await?;
+
+          // Find the executable in the extracted files
+          let current_exe = self.get_current_app_path()?;
+          let current_exe_name = current_exe.file_name().unwrap();
+
+          // Look for the new executable
+          let new_exe_path =
+            if extracted_path.is_file() && extracted_path.file_name() == Some(current_exe_name) {
+              extracted_path
+            } else {
+              // Search in extracted directory
+              let mut found_exe = None;
+              if let Ok(entries) = fs::read_dir(&extracted_path) {
+                for entry in entries.flatten() {
+                  let path = entry.path();
+                  if path.file_name() == Some(current_exe_name) {
+                    found_exe = Some(path);
+                    break;
+                  }
+                }
+              }
+              found_exe.ok_or("Could not find executable in ZIP file")?
+            };
+
+          // Create backup of current executable
+          let backup_path = current_exe.with_extension("exe.backup");
+          if backup_path.exists() {
+            fs::remove_file(&backup_path)?;
+          }
+          fs::copy(&current_exe, &backup_path)?;
+
+          // Replace current executable
+          fs::copy(&new_exe_path, &current_exe)?;
+
+          // Clean up
+          let _ = fs::remove_dir_all(&temp_extract_dir);
+
+          println!("ZIP update completed successfully");
+        }
+        _ => {
+          return Err(format!("Unsupported installer format: {extension}").into());
+        }
+      }
+
+      Ok(())
+    }
+
+    #[cfg(target_os = "linux")]
+    {
+      // For Linux, we would handle different package formats here
+      // This implementation would depend on the specific package type
+      Err("Linux auto-update installation not yet implemented".into())
+    }
+
+    #[cfg(not(any(target_os = "macos", target_os = "windows", target_os = "linux")))]
+    {
+      Err("Auto-update installation not supported on this platform".into())
+    }
  }

  /// Get the current application bundle path
  fn get_current_app_path(&self) -> Result<PathBuf, Box<dyn std::error::Error + Send + Sync>> {
-    // Get the current executable path
-    let exe_path = std::env::current_exe()?;
+    #[cfg(target_os = "macos")]
+    {
+      // Get the current executable path
+      let exe_path = std::env::current_exe()?;

-    // Navigate up to find the .app bundle
-    let mut current = exe_path.as_path();
-    while let Some(parent) = current.parent() {
-      if parent.extension().is_some_and(|ext| ext == "app") {
-        return Ok(parent.to_path_buf());
+      // Navigate up to find the .app bundle
+      let mut current = exe_path.as_path();
+      while let Some(parent) = current.parent() {
+        if parent.extension().is_some_and(|ext| ext == "app") {
+          return Ok(parent.to_path_buf());
+        }
+        current = parent;
      }
-      current = parent;
+
+      Err("Could not find application bundle".into())
    }

-    Err("Could not find application bundle".into())
+    #[cfg(target_os = "windows")]
+    {
+      // On Windows, just return the current executable path
+      std::env::current_exe().map_err(|e| e.into())
+    }
+
+    #[cfg(target_os = "linux")]
+    {
+      // On Linux, return the current executable path
+      std::env::current_exe().map_err(|e| e.into())
+    }
+
+    #[cfg(not(any(target_os = "macos", target_os = "windows", target_os = "linux")))]
+    {
+      Err("Platform not supported".into())
+    }
  }

  /// Restart the application
  async fn restart_application(&self) -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
-    let app_path = self.get_current_app_path()?;
-    let current_pid = std::process::id();
+    #[cfg(target_os = "macos")]
+    {
+      let app_path = self.get_current_app_path()?;
+      let current_pid = std::process::id();

-    // Create a temporary restart script
-    let temp_dir = std::env::temp_dir();
-    let script_path = temp_dir.join("donut_restart.sh");
+      // Create a temporary restart script
+      let temp_dir = std::env::temp_dir();
+      let script_path = temp_dir.join("donut_restart.sh");

-    // Create the restart script content
-    let script_content = format!(
-      r#"#!/bin/bash
+      // Create the restart script content
+      let script_content = format!(
+        r#"#!/bin/bash
 # Wait for the current process to exit
 while kill -0 {} 2>/dev/null; do
  sleep 0.5
@@ -485,37 +720,146 @@ open "{}"
 # Clean up this script
 rm "{}"
 "#,
-      current_pid,
-      app_path.to_str().unwrap(),
-      script_path.to_str().unwrap()
-    );
+        current_pid,
+        app_path.to_str().unwrap(),
+        script_path.to_str().unwrap()
+      );

-    // Write the script to file
-    fs::write(&script_path, script_content)?;
+      // Write the script to file
+      fs::write(&script_path, script_content)?;

-    // Make the script executable
-    let _ = Command::new("chmod")
-      .args(["+x", script_path.to_str().unwrap()])
-      .output();
+      // Make the script executable
+      let _ = Command::new("chmod")
+        .args(["+x", script_path.to_str().unwrap()])
+        .output();

-    // Execute the restart script in the background
-    let mut cmd = Command::new("bash");
-    cmd.arg(script_path.to_str().unwrap());
+      // Execute the restart script in the background
+      let mut cmd = Command::new("bash");
+      cmd.arg(script_path.to_str().unwrap());

-    // Detach the process completely
-    #[cfg(unix)]
-    {
+      // Detach the process completely
      use std::os::unix::process::CommandExt;
      cmd.process_group(0);
+
+      let _child = cmd.spawn()?;
+
+      // Give the script a moment to start
+      tokio::time::sleep(tokio::time::Duration::from_millis(500)).await;
+
+      // Exit the current process
+      std::process::exit(0);
    }

-    let _child = cmd.spawn()?;
+    #[cfg(target_os = "windows")]
+    {
+      let app_path = self.get_current_app_path()?;
+      let current_pid = std::process::id();

-    // Give the script a moment to start
-    tokio::time::sleep(tokio::time::Duration::from_millis(500)).await;
+      // Create a temporary restart batch script
+      let temp_dir = std::env::temp_dir();
+      let script_path = temp_dir.join("donut_restart.bat");

-    // Exit the current process
-    std::process::exit(0);
+      // Create the restart script content
+      let script_content = format!(
+        r#"@echo off
+rem Wait for the current process to exit
+:wait_loop
+tasklist /fi "PID eq {}" >nul 2>&1
+if %errorlevel% equ 0 (
+    timeout /t 1 /nobreak >nul
+    goto wait_loop
+)
+
+rem Wait a bit more to ensure clean exit
+timeout /t 2 /nobreak >nul
+
+rem Start the new application
+start "" "{}"
+
+rem Clean up this script
+del "%~f0"
+"#,
+        current_pid,
+        app_path.to_str().unwrap()
+      );
+
+      // Write the script to file
+      fs::write(&script_path, script_content)?;
+
+      // Execute the restart script in the background
+      let mut cmd = Command::new("cmd");
+      cmd.args(["/C", script_path.to_str().unwrap()]);
+
+      // Start the process detached
+      let _child = cmd.spawn()?;
+
+      // Give the script a moment to start
+      tokio::time::sleep(tokio::time::Duration::from_millis(500)).await;
+
+      // Exit the current process
+      std::process::exit(0);
+    }
+
+    #[cfg(target_os = "linux")]
+    {
+      let app_path = self.get_current_app_path()?;
+      let current_pid = std::process::id();
+
+      // Create a temporary restart script
+      let temp_dir = std::env::temp_dir();
+      let script_path = temp_dir.join("donut_restart.sh");
+
+      // Create the restart script content
+      let script_content = format!(
+        r#"#!/bin/bash
+# Wait for the current process to exit
+while kill -0 {} 2>/dev/null; do
+  sleep 0.5
+done
+
+# Wait a bit more to ensure clean exit
+sleep 1
+
+# Start the new application
+"{}" &
+
+# Clean up this script
+rm "{}"
+"#,
+        current_pid,
+        app_path.to_str().unwrap(),
+        script_path.to_str().unwrap()
+      );
+
+      // Write the script to file
+      fs::write(&script_path, script_content)?;
+
+      // Make the script executable
+      let _ = Command::new("chmod")
+        .args(["+x", script_path.to_str().unwrap()])
+        .output();
+
+      // Execute the restart script in the background
+      let mut cmd = Command::new("bash");
+      cmd.arg(script_path.to_str().unwrap());
+
+      // Detach the process completely
+      use std::os::unix::process::CommandExt;
+      cmd.process_group(0);
+
+      let _child = cmd.spawn()?;
+
+      // Give the script a moment to start
+      tokio::time::sleep(tokio::time::Duration::from_millis(500)).await;
+
+      // Exit the current process
+      std::process::exit(0);
+    }
+
+    #[cfg(not(any(target_os = "macos", target_os = "windows", target_os = "linux")))]
+    {
+      Err("Application restart not supported on this platform".into())
+    }
  }
 }

@@ -1,3 +1,4 @@
+use crate::api_client::is_browser_version_nightly;
 use crate::browser_runner::{BrowserProfile, BrowserRunner};
 use crate::browser_version_service::{BrowserVersionInfo, BrowserVersionService};
 use crate::settings_manager::SettingsManager;
@@ -5,6 +6,7 @@ use serde::{Deserialize, Serialize};
 use std::collections::{HashMap, HashSet};
 use std::fs;
 use std::path::PathBuf;
+use tauri::Emitter;

 #[derive(Debug, Serialize, Deserialize, Clone)]
 pub struct UpdateNotification {
@@ -45,32 +47,32 @@ impl AutoUpdater {
  pub async fn check_for_updates(
    &self,
  ) -> Result<Vec<UpdateNotification>, Box<dyn std::error::Error + Send + Sync>> {
-    // Check if auto-updates are enabled
-    let settings = self
-      .settings_manager
-      .load_settings()
-      .map_err(|e| format!("Failed to load settings: {e}"))?;
-    if !settings.auto_updates_enabled {
-      return Ok(Vec::new());
-    }
+    let mut notifications = Vec::new();
+    let mut browser_versions: HashMap<String, Vec<BrowserVersionInfo>> = HashMap::new();

+    // Group profiles by browser
    let profiles = self
      .browser_runner
      .list_profiles()
      .map_err(|e| format!("Failed to list profiles: {e}"))?;
-    let mut notifications = Vec::new();
-    let mut browser_versions: HashMap<String, Vec<BrowserVersionInfo>> = HashMap::new();
-
-    // Group profiles by browser type
    let mut browser_profiles: HashMap<String, Vec<BrowserProfile>> = HashMap::new();
+
    for profile in profiles {
+      // Only check supported browsers
+      if !self
+        .version_service
+        .is_browser_supported(&profile.browser)
+        .unwrap_or(false)
+      {
+        continue;
+      }
+
      browser_profiles
        .entry(profile.browser.clone())
        .or_default()
        .push(profile);
    }

-    // Check each browser type
    for (browser, profiles) in browser_profiles {
      // Get cached versions first, then try to fetch if needed
      let versions = if let Some(cached) = self
@@ -97,7 +99,26 @@ impl AutoUpdater {
      // Check each profile for updates
      for profile in profiles {
        if let Some(update) = self.check_profile_update(&profile, &versions)? {
-          notifications.push(update);
+          // Apply chromium threshold logic
+          if browser == "chromium" {
+            // For chromium, only show notifications if there are 50+ new versions
+            let current_version = &profile.version.parse::<u32>().unwrap();
+            let new_version = &update.new_version.parse::<u32>().unwrap();
+
+            let result = new_version - current_version;
+            println!(
+              "Current version: {current_version}, New version: {new_version}, Result: {result}"
+            );
+            if result > 50 {
+              notifications.push(update);
+            } else {
+              println!(
+                "Skipping chromium update notification: only {result} new versions (need 50+)"
+              );
+            }
+          } else {
+            notifications.push(update);
+          }
        }
      }
    }
@@ -105,6 +126,93 @@ impl AutoUpdater {
    Ok(notifications)
  }

+  pub async fn check_for_updates_with_progress(&self, app_handle: &tauri::AppHandle) {
+    println!("Starting auto-update check with progress...");
+
+    // Check for browser updates and trigger auto-downloads
+    match self.check_for_updates().await {
+      Ok(update_notifications) => {
+        if !update_notifications.is_empty() {
+          println!(
+            "Found {} browser updates to auto-download",
+            update_notifications.len()
+          );
+
+          // Trigger automatic downloads for each update
+          for notification in update_notifications {
+            println!(
+              "Auto-downloading {} version {}",
+              notification.browser, notification.new_version
+            );
+
+            // Clone app_handle for the async task
+            let app_handle_clone = app_handle.clone();
+            let browser = notification.browser.clone();
+            let new_version = notification.new_version.clone();
+            let notification_id = notification.id.clone();
+            let affected_profiles = notification.affected_profiles.clone();
+
+            // Spawn async task to handle the download and auto-update
+            tokio::spawn(async move {
+              // First, check if browser already exists
+              match crate::browser_runner::is_browser_downloaded(
+                browser.clone(),
+                new_version.clone(),
+              ) {
+                true => {
+                  println!("Browser {browser} {new_version} already downloaded, proceeding to auto-update profiles");
+
+                  // Browser already exists, go straight to profile update
+                  match crate::auto_updater::complete_browser_update_with_auto_update(
+                    browser.clone(),
+                    new_version.clone(),
+                  )
+                  .await
+                  {
+                    Ok(updated_profiles) => {
+                      println!(
+                        "Auto-update completed for {} profiles: {:?}",
+                        updated_profiles.len(),
+                        updated_profiles
+                      );
+                    }
+                    Err(e) => {
+                      eprintln!("Failed to complete auto-update for {browser}: {e}");
+                    }
+                  }
+                }
+                false => {
+                  println!("Downloading browser {browser} version {new_version}...");
+
+                  // Emit the auto-update event to trigger frontend handling
+                  let auto_update_event = serde_json::json!({
+                    "browser": browser,
+                    "new_version": new_version,
+                    "notification_id": notification_id,
+                    "affected_profiles": affected_profiles
+                  });
+
+                  if let Err(e) =
+                    app_handle_clone.emit("browser-auto-update-available", &auto_update_event)
+                  {
+                    eprintln!("Failed to emit auto-update event for {browser}: {e}");
+                  } else {
+                    println!("Emitted auto-update event for {browser}");
+                  }
+                }
+              }
+            });
+          }
+        } else {
+          println!("No browser updates needed");
+        }
+      }
+      Err(e) => {
+        eprintln!("Failed to check for browser updates: {e}");
+      }
+    }
+  }
+
  /// Check if a specific profile has an available update
  fn check_profile_update(
    &self,
@@ -112,16 +220,15 @@ impl AutoUpdater {
    available_versions: &[BrowserVersionInfo],
  ) -> Result<Option<UpdateNotification>, Box<dyn std::error::Error + Send + Sync>> {
    let current_version = &profile.version;
-    let is_current_stable = !self.is_nightly_version(current_version);
+    let is_current_nightly = is_browser_version_nightly(&profile.browser, current_version, None);

    // Find the best available update
    let best_update = available_versions
      .iter()
      .filter(|v| {
        // Only consider versions newer than current
-        self.is_version_newer(&v.version, current_version) &&
-                // Respect version type preference
-                is_current_stable != v.is_prerelease
+        self.is_version_newer(&v.version, current_version)
+          && is_browser_version_nightly(&profile.browser, &v.version, None) == is_current_nightly
      })
      .max_by(|a, b| self.compare_versions(&a.version, &b.version));

@@ -181,43 +288,6 @@ impl AutoUpdater {
    result
  }

-  /// Mark download as auto-update
-  pub fn mark_auto_update_download(
-    &self,
-    browser: &str,
-    version: &str,
-  ) -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
-    let mut state = self.load_auto_update_state()?;
-    let download_key = format!("{browser}-{version}");
-    state.auto_update_downloads.insert(download_key);
-    self.save_auto_update_state(&state)?;
-    Ok(())
-  }
-
-  /// Remove auto-update download tracking
-  pub fn remove_auto_update_download(
-    &self,
-    browser: &str,
-    version: &str,
-  ) -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
-    let mut state = self.load_auto_update_state()?;
-    let download_key = format!("{browser}-{version}");
-    state.auto_update_downloads.remove(&download_key);
-    self.save_auto_update_state(&state)?;
-    Ok(())
-  }
-
-  /// Check if download is marked as auto-update
-  pub fn is_auto_update_download(
-    &self,
-    browser: &str,
-    version: &str,
-  ) -> Result<bool, Box<dyn std::error::Error + Send + Sync>> {
-    let state = self.load_auto_update_state()?;
-    let download_key = format!("{browser}-{version}");
-    Ok(state.auto_update_downloads.contains(&download_key))
-  }
-
  /// Automatically update all affected profile versions after browser download
  pub async fn auto_update_profile_versions(
    &self,
@@ -343,14 +413,6 @@ impl AutoUpdater {
    Ok(())
  }

-  // Helper methods
-
-  fn is_nightly_version(&self, version: &str) -> bool {
-    // Use the centralized nightly detection function
-    // Since we don't have browser context here, use the general fallback
-    crate::api_client::is_nightly_version(version)
-  }
-
  fn is_version_newer(&self, version1: &str, version2: &str) -> bool {
    self.compare_versions(version1, version2) == std::cmp::Ordering::Greater
  }
@@ -448,27 +510,9 @@ pub async fn complete_browser_update_with_auto_update(
 }

 #[tauri::command]
-pub async fn mark_auto_update_download(browser: String, version: String) -> Result<(), String> {
+pub async fn check_for_updates_with_progress(app_handle: tauri::AppHandle) {
  let updater = AutoUpdater::new();
-  updater
-    .mark_auto_update_download(&browser, &version)
-    .map_err(|e| format!("Failed to mark auto-update download: {e}"))
-}
-
-#[tauri::command]
-pub async fn remove_auto_update_download(browser: String, version: String) -> Result<(), String> {
-  let updater = AutoUpdater::new();
-  updater
-    .remove_auto_update_download(&browser, &version)
-    .map_err(|e| format!("Failed to remove auto-update download: {e}"))
-}
-
-#[tauri::command]
-pub async fn is_auto_update_download(browser: String, version: String) -> Result<bool, String> {
-  let updater = AutoUpdater::new();
-  updater
-    .is_auto_update_download(&browser, &version)
-    .map_err(|e| format!("Failed to check auto-update download: {e}"))
+  updater.check_for_updates_with_progress(&app_handle).await;
 }

 #[cfg(test)]
@@ -484,6 +528,7 @@ mod tests {
      process_id: None,
      proxy: None,
      last_launch: None,
+      release_type: "stable".to_string(),
    }
  }

@@ -495,21 +540,6 @@ mod tests {
    }
  }

-  #[test]
-  fn test_is_nightly_version() {
-    let updater = AutoUpdater::new();
-
-    assert!(updater.is_nightly_version("1.0.0-alpha"));
-    assert!(updater.is_nightly_version("1.0.0-beta"));
-    assert!(updater.is_nightly_version("1.0.0-rc"));
-    assert!(updater.is_nightly_version("1.0.0a1"));
-    assert!(updater.is_nightly_version("1.0.0b1"));
-    assert!(updater.is_nightly_version("1.0.0-dev"));
-
-    assert!(!updater.is_nightly_version("1.0.0"));
-    assert!(!updater.is_nightly_version("1.2.3"));
-  }
-
  #[test]
  fn test_compare_versions() {
    let updater = AutoUpdater::new();
@@ -1,6 +1,4 @@
-use base64::{engine::general_purpose, Engine as _};
 use serde::{Deserialize, Serialize};
-use std::fs;
 use std::path::{Path, PathBuf};

 #[derive(Debug, Serialize, Deserialize, Clone)]
@@ -9,6 +7,8 @@ pub struct ProxySettings {
  pub proxy_type: String, // "http", "https", "socks4", or "socks5"
  pub host: String,
  pub port: u16,
+  pub username: Option<String>,
+  pub password: Option<String>,
 }

 #[derive(Debug, Clone, Serialize, Deserialize, PartialEq)]
@@ -54,7 +54,7 @@ pub trait Browser: Send + Sync {
  fn create_launch_args(
    &self,
    profile_path: &str,
-    _proxy_settings: Option<&ProxySettings>,
+    proxy_settings: Option<&ProxySettings>,
    url: Option<String>,
  ) -> Result<Vec<String>, Box<dyn std::error::Error>>;
  fn is_version_downloaded(&self, version: &str, binaries_dir: &Path) -> bool;
@@ -216,17 +216,13 @@ mod linux {
    install_dir: &Path,
    browser_type: &BrowserType,
  ) -> Result<PathBuf, Box<dyn std::error::Error>> {
-    // Expected structure: install_dir/<browser>/<binary>
-    let browser_subdir = install_dir.join(browser_type.as_str());
-
    let possible_executables = match browser_type {
-      BrowserType::Chromium => vec![
-        browser_subdir.join("chromium"),
-        browser_subdir.join("chrome"),
-      ],
+      BrowserType::Chromium => vec![install_dir.join("chromium"), install_dir.join("chrome")],
      BrowserType::Brave => vec![
-        browser_subdir.join("brave"),
-        browser_subdir.join("brave-browser"),
+        install_dir.join("brave"),
+        install_dir.join("brave-browser"),
+        install_dir.join("brave-browser-nightly"),
+        install_dir.join("brave-browser-beta"),
      ],
      _ => vec![],
    };
@@ -292,23 +288,13 @@ mod linux {
  }

  pub fn is_chromium_version_downloaded(install_dir: &Path, browser_type: &BrowserType) -> bool {
-    // Expected structure: install_dir/<browser>/<binary>
-    let browser_subdir = install_dir.join(browser_type.as_str());
-
-    if !browser_subdir.exists() || !browser_subdir.is_dir() {
-      return false;
-    }
-
    let possible_executables = match browser_type {
-      BrowserType::Chromium => vec![
-        browser_subdir.join("chromium"),
-        browser_subdir.join("chrome"),
-      ],
+      BrowserType::Chromium => vec![install_dir.join("chromium"), install_dir.join("chrome")],
      BrowserType::Brave => vec![
-        browser_subdir.join("brave"),
-        browser_subdir.join("brave-browser"),
-        browser_subdir.join("brave-browser-nightly"),
-        browser_subdir.join("brave-browser-beta"),
+        install_dir.join("brave"),
+        install_dir.join("brave-browser"),
+        install_dir.join("brave-browser-nightly"),
+        install_dir.join("brave-browser-beta"),
      ],
      _ => vec![],
    };
@@ -645,19 +631,16 @@ impl Browser for ChromiumBrowser {
      "--disable-component-update".to_string(),
      "--disable-background-timer-throttling".to_string(),
      "--crash-server-url=".to_string(),
+      "--disable-updater".to_string(),
    ];

    // Add proxy configuration if provided
    if let Some(proxy) = proxy_settings {
      if proxy.enabled {
-        let pac_path = Path::new(profile_path).join("proxy.pac");
-        if pac_path.exists() {
-          let pac_content = fs::read(&pac_path)?;
-          let pac_base64 = general_purpose::STANDARD.encode(&pac_content);
-          args.push(format!(
-            "--proxy-pac-url=data:application/x-javascript-config;base64,{pac_base64}"
-          ));
-        }
+        args.push(format!(
+          "--proxy-server=http://{}:{}",
+          proxy.host, proxy.port
+        ));
      }
    }

@@ -874,6 +857,8 @@ mod tests {
      proxy_type: "http".to_string(),
      host: "127.0.0.1".to_string(),
      port: 8080,
+      username: None,
+      password: None,
    };

    assert!(proxy.enabled);
@@ -887,6 +872,8 @@ mod tests {
      proxy_type: "socks5".to_string(),
      host: "proxy.example.com".to_string(),
      port: 1080,
+      username: None,
+      password: None,
    };

    assert_eq!(socks_proxy.proxy_type, "socks5");
@@ -963,6 +950,8 @@ mod tests {
      proxy_type: "http".to_string(),
      host: "127.0.0.1".to_string(),
      port: 8080,
+      username: None,
+      password: None,
    };

    // Test that it can be serialized (implements Serialize)
@@ -17,6 +17,12 @@ pub struct BrowserVersionsResult {
  pub total_versions_count: usize,
 }

+#[derive(Debug, Serialize, Deserialize, Clone)]
+pub struct BrowserReleaseTypes {
+  pub stable: Option<String>,
+  pub nightly: Option<String>,
+}
+
 #[derive(Debug, Serialize, Deserialize, Clone)]
 pub struct DownloadInfo {
  pub url: String,
@@ -136,6 +142,67 @@ impl BrowserVersionService {
    self.api_client.is_cache_expired(browser)
  }

+  /// Get latest stable and nightly versions for a browser (cached first)
+  pub async fn get_browser_release_types(
+    &self,
+    browser: &str,
+  ) -> Result<BrowserReleaseTypes, Box<dyn std::error::Error + Send + Sync>> {
+    // Try to get from cache first
+    if let Some(cached_versions) = self.get_cached_browser_versions_detailed(browser) {
+      // For Chromium, only return stable since all releases are stable
+      if browser == "chromium" {
+        let latest_stable = cached_versions.first().map(|v| v.version.clone());
+        return Ok(BrowserReleaseTypes {
+          stable: latest_stable,
+          nightly: None,
+        });
+      }
+
+      let latest_stable = cached_versions
+        .iter()
+        .find(|v| !v.is_prerelease)
+        .map(|v| v.version.clone());
+
+      let latest_nightly = cached_versions
+        .iter()
+        .find(|v| v.is_prerelease)
+        .map(|v| v.version.clone());
+
+      return Ok(BrowserReleaseTypes {
+        stable: latest_stable,
+        nightly: latest_nightly,
+      });
+    }
+
+    // Fallback to fetching if not cached
+    // For Chromium, only return stable since all releases are stable
+    if browser == "chromium" {
+      let detailed_versions = self.fetch_browser_versions_detailed(browser, false).await?;
+      let latest_stable = detailed_versions.first().map(|v| v.version.clone());
+      return Ok(BrowserReleaseTypes {
+        stable: latest_stable,
+        nightly: None,
+      });
+    }
+
+    let detailed_versions = self.fetch_browser_versions_detailed(browser, false).await?;
+
+    let latest_stable = detailed_versions
+      .iter()
+      .find(|v| !v.is_prerelease)
+      .map(|v| v.version.clone());
+
+    let latest_nightly = detailed_versions
+      .iter()
+      .find(|v| v.is_prerelease)
+      .map(|v| v.version.clone());
+
+    Ok(BrowserReleaseTypes {
+      stable: latest_stable,
+      nightly: latest_nightly,
+    })
+  }
+
  /// Fetch browser versions with optional caching
  pub async fn fetch_browser_versions(
    &self,
@@ -299,6 +366,8 @@ impl BrowserVersionService {
        let releases = self.fetch_zen_releases_detailed(true).await?;
        merged_versions
          .into_iter()
+          // Filter out twilight releases at the detailed level too
+          .filter(|version| version.to_lowercase() != "twilight")
          .map(|version| {
            if let Some(release) = releases.iter().find(|r| r.tag_name == version) {
              BrowserVersionInfo {
@@ -385,7 +454,9 @@ impl BrowserVersionService {
          })
          .collect()
      }
-      _ => return Err(format!("Unsupported browser: {browser}").into()),
+      _ => {
+        return Err(format!("Unsupported browser: {browser}").into());
+      }
    };

    Ok(detailed_info)
@@ -746,7 +817,13 @@ impl BrowserVersionService {
    no_caching: bool,
  ) -> Result<Vec<String>, Box<dyn std::error::Error + Send + Sync>> {
    let releases = self.fetch_zen_releases_detailed(no_caching).await?;
-    Ok(releases.into_iter().map(|r| r.tag_name).collect())
+    Ok(
+      releases
+        .into_iter()
+        .filter(|r| r.tag_name.to_lowercase() != "twilight")
+        .map(|r| r.tag_name)
+        .collect(),
+    )
  }

  async fn fetch_zen_releases_detailed(
@@ -65,13 +65,282 @@ mod macos {

 #[cfg(target_os = "windows")]
 mod windows {
+  use std::path::Path;
+  use winreg::enums::*;
+  use winreg::RegKey;
+
+  const APP_NAME: &str = "DonutBrowser";
+  const PROG_ID: &str = "DonutBrowser.HTML";
+
  pub fn is_default_browser() -> Result<bool, String> {
-    // Windows implementation would go here
-    Err("Windows support not implemented yet".to_string())
+    let schemes = ["http", "https"];
+
+    for scheme in schemes {
+      // Check if our browser is set as the default handler for this scheme
+      if !is_default_for_scheme(scheme)? {
+        return Ok(false);
+      }
+    }
+
+    Ok(true)
  }

  pub fn set_as_default_browser() -> Result<(), String> {
-    Err("Windows support not implemented yet".to_string())
+    // Get the current executable path
+    let exe_path = std::env::current_exe()
+      .map_err(|e| format!("Failed to get current executable path: {}", e))?;
+
+    let exe_path_str = exe_path
+      .to_str()
+      .ok_or("Failed to convert executable path to string")?;
+
+    // Verify the executable exists
+    if !Path::new(exe_path_str).exists() {
+      return Err(format!("Executable not found at: {}", exe_path_str));
+    }
+
+    // Register the application
+    register_application(exe_path_str)?;
+
+    // Set as default for HTTP and HTTPS
+    set_default_for_scheme("http")?;
+    set_default_for_scheme("https")?;
+
+    // Register file associations for HTML files
+    register_html_file_association(exe_path_str)?;
+
+    // Notify the system of changes
+    notify_system_of_changes();
+
+    Ok(())
+  }
+
+  fn is_default_for_scheme(scheme: &str) -> Result<bool, String> {
+    let hkcu = RegKey::predef(HKEY_CURRENT_USER);
+
+    // Check Software\Microsoft\Windows\Shell\Associations\UrlAssociations\{scheme}\UserChoice
+    let path = format!(
+      "Software\\Microsoft\\Windows\\Shell\\Associations\\UrlAssociations\\{}\\UserChoice",
+      scheme
+    );
+
+    match hkcu.open_subkey(&path) {
+      Ok(key) => match key.get_value::<String, _>("ProgId") {
+        Ok(prog_id) => Ok(prog_id == PROG_ID),
+        Err(_) => Ok(false),
+      },
+      Err(_) => Ok(false),
+    }
+  }
+
+  fn register_application(exe_path: &str) -> Result<(), String> {
+    let hkcu = RegKey::predef(HKEY_CURRENT_USER);
+
+    // Register in Software\RegisteredApplications
+    let (registered_apps, _) = hkcu
+      .create_subkey("Software\\RegisteredApplications")
+      .map_err(|e| format!("Failed to create RegisteredApplications key: {}", e))?;
+
+    registered_apps
+      .set_value(APP_NAME, &format!("Software\\{}", APP_NAME))
+      .map_err(|e| format!("Failed to set registered application: {}", e))?;
+
+    // Create application key
+    let (app_key, _) = hkcu
+      .create_subkey(&format!("Software\\{}", APP_NAME))
+      .map_err(|e| format!("Failed to create application key: {}", e))?;
+
+    // Set application properties
+    app_key
+      .set_value("ApplicationName", &APP_NAME)
+      .map_err(|e| format!("Failed to set ApplicationName: {}", e))?;
+
+    app_key
+      .set_value(
+        "ApplicationDescription",
+        &"Donut Browser - Simple Yet Powerful Browser Orchestrator",
+      )
+      .map_err(|e| format!("Failed to set ApplicationDescription: {}", e))?;
+
+    app_key
+      .set_value("ApplicationIcon", &format!("{},0", exe_path))
+      .map_err(|e| format!("Failed to set ApplicationIcon: {}", e))?;
+
+    // Create Capabilities key
+    let (capabilities, _) = app_key
+      .create_subkey("Capabilities")
+      .map_err(|e| format!("Failed to create Capabilities key: {}", e))?;
+
+    capabilities
+      .set_value(
+        "ApplicationDescription",
+        &"Donut Browser - Simple Yet Powerful Browser Orchestrator",
+      )
+      .map_err(|e| format!("Failed to set Capabilities description: {}", e))?;
+
+    // Set URL associations
+    let (url_assoc, _) = capabilities
+      .create_subkey("URLAssociations")
+      .map_err(|e| format!("Failed to create URLAssociations key: {}", e))?;
+
+    url_assoc
+      .set_value("http", &PROG_ID)
+      .map_err(|e| format!("Failed to set http association: {}", e))?;
+
+    url_assoc
+      .set_value("https", &PROG_ID)
+      .map_err(|e| format!("Failed to set https association: {}", e))?;
+
+    // Set file associations
+    let (file_assoc, _) = capabilities
+      .create_subkey("FileAssociations")
+      .map_err(|e| format!("Failed to create FileAssociations key: {}", e))?;
+
+    file_assoc
+      .set_value(".html", &PROG_ID)
+      .map_err(|e| format!("Failed to set .html association: {}", e))?;
+
+    file_assoc
+      .set_value(".htm", &PROG_ID)
+      .map_err(|e| format!("Failed to set .htm association: {}", e))?;
+
+    // Register the ProgID
+    register_prog_id(exe_path)?;
+
+    Ok(())
+  }
+
+  fn register_prog_id(exe_path: &str) -> Result<(), String> {
+    let hkcu = RegKey::predef(HKEY_CURRENT_USER);
+
+    // Create ProgID key
+    let (prog_id_key, _) = hkcu
+      .create_subkey(&format!("Software\\Classes\\{}", PROG_ID))
+      .map_err(|e| format!("Failed to create ProgID key: {}", e))?;
+
+    prog_id_key
+      .set_value("", &"Donut Browser Document")
+      .map_err(|e| format!("Failed to set ProgID default value: {}", e))?;
+
+    prog_id_key
+      .set_value("FriendlyTypeName", &"Donut Browser Document")
+      .map_err(|e| format!("Failed to set FriendlyTypeName: {}", e))?;
+
+    // Create DefaultIcon key
+    let (icon_key, _) = prog_id_key
+      .create_subkey("DefaultIcon")
+      .map_err(|e| format!("Failed to create DefaultIcon key: {}", e))?;
+
+    icon_key
+      .set_value("", &format!("{},0", exe_path))
+      .map_err(|e| format!("Failed to set default icon: {}", e))?;
+
+    // Create shell\open\command key
+    let (command_key, _) = prog_id_key
+      .create_subkey("shell\\open\\command")
+      .map_err(|e| format!("Failed to create command key: {}", e))?;
+
+    command_key
+      .set_value("", &format!("\"{}\" \"%1\"", exe_path))
+      .map_err(|e| format!("Failed to set command: {}", e))?;
+
+    Ok(())
+  }
+
+  fn set_default_for_scheme(scheme: &str) -> Result<(), String> {
+    let hkcu = RegKey::predef(HKEY_CURRENT_USER);
+
+    // Set in Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice
+    // Note: On Windows 10+, this might require elevated permissions or user interaction
+    // through the Settings app due to security restrictions
+
+    // Try to set the association in the user's choice
+    let user_choice_path = format!(
+      "Software\\Microsoft\\Windows\\Shell\\Associations\\UrlAssociations\\{}\\UserChoice",
+      scheme
+    );
+
+    // Note: Setting UserChoice directly may not work on Windows 10+ due to hash verification
+    // The user may need to manually set the default browser through Windows Settings
+    match hkcu.create_subkey(&user_choice_path) {
+      Ok((user_choice, _)) => {
+        // Attempt to set the ProgId
+        if let Err(_) = user_choice.set_value("ProgId", &PROG_ID) {
+          // If we can't set UserChoice, that's expected on newer Windows versions
+          // The registration is still valuable for the "Open with" menu
+        }
+      }
+      Err(_) => {
+        // Expected on newer Windows versions - user must set manually
+      }
+    }
+
+    Ok(())
+  }
+
+  fn register_html_file_association(_exe_path: &str) -> Result<(), String> {
+    let hkcu = RegKey::predef(HKEY_CURRENT_USER);
+
+    // Register .html and .htm file associations
+    for ext in &[".html", ".htm"] {
+      let ext_path = format!("Software\\Classes\\{}", ext);
+
+      match hkcu.create_subkey(&ext_path) {
+        Ok((ext_key, _)) => {
+          // Set the default value to our ProgID
+          let _ = ext_key.set_value("", &PROG_ID);
+        }
+        Err(_) => {
+          // Continue if we can't set the file association
+        }
+      }
+    }
+
+    Ok(())
+  }
+
+  fn notify_system_of_changes() {
+    // Use Windows API to notify the system of association changes
+    // This helps refresh the system's understanding of the changes
+    unsafe {
+      use std::ffi::c_void;
+
+      // Declare the Windows API functions
+      type UINT = u32;
+      type DWORD = u32;
+      type LPARAM = isize;
+      type WPARAM = usize;
+
+      const HWND_BROADCAST: *mut c_void = 0xffff as *mut c_void;
+      const WM_SETTINGCHANGE: UINT = 0x001A;
+      const SMTO_ABORTIFHUNG: UINT = 0x0002;
+
+      // Link to user32.dll functions
+      extern "system" {
+        fn SendMessageTimeoutA(
+          hWnd: *mut c_void,
+          Msg: UINT,
+          wParam: WPARAM,
+          lParam: LPARAM,
+          fuFlags: UINT,
+          uTimeout: UINT,
+          lpdwResult: *mut DWORD,
+        ) -> isize;
+      }
+
+      let mut result: DWORD = 0;
+
+      // Notify about file associations change
+      SendMessageTimeoutA(
+        HWND_BROADCAST,
+        WM_SETTINGCHANGE,
+        0,
+        "Software\\Classes\0".as_ptr() as LPARAM,
+        SMTO_ABORTIFHUNG,
+        1000,
+        &mut result,
+      );
+    }
  }
 }

@@ -266,7 +535,7 @@ pub async fn open_url_with_profile(

  // Use launch_or_open_url which handles both launching new instances and opening in existing ones
  runner
-    .launch_or_open_url(app_handle, &profile, Some(url.clone()))
+    .launch_or_open_url(app_handle, &profile, Some(url.clone()), None)
    .await
    .map_err(|e| {
      println!("Failed to open URL with profile '{profile_name}': {e}");
@@ -343,7 +612,7 @@ pub async fn smart_open_url(

      // Try to open the URL with this running profile
      match runner
-        .launch_or_open_url(app_handle.clone(), profile, Some(url.clone()))
+        .launch_or_open_url(app_handle.clone(), profile, Some(url.clone()), None)
        .await
      {
        Ok(_) => {
@@ -27,7 +27,7 @@ impl DownloadedBrowsersRegistry {
    Self::default()
  }

-  pub fn load() -> Result<Self, Box<dyn std::error::Error>> {
+  pub fn load() -> Result<Self, Box<dyn std::error::Error + Send + Sync>> {
    let registry_path = Self::get_registry_path()?;

    if !registry_path.exists() {
@@ -39,7 +39,7 @@ impl DownloadedBrowsersRegistry {
    Ok(registry)
  }

-  pub fn save(&self) -> Result<(), Box<dyn std::error::Error>> {
+  pub fn save(&self) -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
    let registry_path = Self::get_registry_path()?;

    // Ensure parent directory exists
@@ -52,7 +52,7 @@ impl DownloadedBrowsersRegistry {
    Ok(())
  }

-  fn get_registry_path() -> Result<PathBuf, Box<dyn std::error::Error>> {
+  fn get_registry_path() -> Result<PathBuf, Box<dyn std::error::Error + Send + Sync>> {
    let base_dirs = BaseDirs::new().ok_or("Failed to get base directories")?;
    let mut path = base_dirs.data_local_dir().to_path_buf();
    path.push(if cfg!(debug_assertions) {
@@ -146,7 +146,7 @@ impl DownloadedBrowsersRegistry {
    &mut self,
    browser: &str,
    version: &str,
-  ) -> Result<(), Box<dyn std::error::Error>> {
+  ) -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
    if let Some(info) = self.remove_browser(browser, version) {
      // Clean up any files that might have been left behind
      if info.file_path.exists() {
@@ -180,7 +180,7 @@ impl DownloadedBrowsersRegistry {
  pub fn cleanup_unused_binaries(
    &mut self,
    active_profiles: &[(String, String)], // (browser, version) pairs
-  ) -> Result<Vec<String>, Box<dyn std::error::Error>> {
+  ) -> Result<Vec<String>, Box<dyn std::error::Error + Send + Sync>> {
    let active_set: std::collections::HashSet<(String, String)> =
      active_profiles.iter().cloned().collect();
    let mut cleaned_up = Vec::new();
@@ -453,8 +453,13 @@ impl Extractor {
    zip_path: &Path,
    dest_dir: &Path,
  ) -> Result<PathBuf, Box<dyn std::error::Error + Send + Sync>> {
-    // Use PowerShell's Expand-Archive on Windows
-    let output = Command::new("powershell")
+    println!("Extracting ZIP archive on Windows: {}", zip_path.display());
+
+    // Create destination directory if it doesn't exist
+    fs::create_dir_all(dest_dir)?;
+
+    // First try PowerShell's Expand-Archive (Windows 10+)
+    let powershell_result = Command::new("powershell")
      .args([
        "-Command",
        &format!(
@@ -463,21 +468,81 @@ impl Extractor {
          dest_dir.display()
        ),
      ])
-      .output()?;
+      .output();

-    if !output.status.success() {
-      return Err(
-        format!(
-          "Failed to extract zip with PowerShell: {}",
+    match powershell_result {
+      Ok(output) if output.status.success() => {
+        println!("Successfully extracted using PowerShell");
+      }
+      Ok(output) => {
+        println!(
+          "PowerShell extraction failed: {}, trying Rust zip crate fallback",
          String::from_utf8_lossy(&output.stderr)
-        )
-        .into(),
-      );
+        );
+        // Fallback to Rust zip crate for Windows 7 compatibility
+        return self.extract_zip_with_rust_crate(zip_path, dest_dir).await;
+      }
+      Err(e) => {
+        println!("PowerShell not available: {}, using Rust zip crate", e);
+        // Fallback to Rust zip crate for Windows 7 compatibility
+        return self.extract_zip_with_rust_crate(zip_path, dest_dir).await;
+      }
    }

    self.find_extracted_executable(dest_dir).await
  }

+  #[cfg(target_os = "windows")]
+  async fn extract_zip_with_rust_crate(
+    &self,
+    zip_path: &Path,
+    dest_dir: &Path,
+  ) -> Result<PathBuf, Box<dyn std::error::Error + Send + Sync>> {
+    println!("Using Rust zip crate for extraction (Windows 7+ compatibility)");
+
+    let file = fs::File::open(zip_path)?;
+    let mut archive = zip::ZipArchive::new(file)?;
+
+    for i in 0..archive.len() {
+      let mut file = archive.by_index(i)?;
+      let outpath = match file.enclosed_name() {
+        Some(path) => dest_dir.join(path),
+        None => continue,
+      };
+
+      // Handle directory creation
+      if file.name().ends_with('/') {
+        fs::create_dir_all(&outpath)?;
+      } else {
+        // Create parent directories
+        if let Some(p) = outpath.parent() {
+          if !p.exists() {
+            fs::create_dir_all(p)?;
+          }
+        }
+
+        // Extract file
+        let mut outfile = fs::File::create(&outpath)?;
+        std::io::copy(&mut file, &mut outfile)?;
+
+        // On Windows, verify executable files
+        if outpath
+          .extension()
+          .is_some_and(|ext| ext.to_string_lossy().to_lowercase() == "exe")
+        {
+          if let Ok(metadata) = fs::metadata(&outpath) {
+            if metadata.len() > 0 {
+              println!("Extracted executable: {}", outpath.display());
+            }
+          }
+        }
+      }
+    }
+
+    println!("ZIP extraction completed. Searching for executable...");
+    self.find_extracted_executable(dest_dir).await
+  }
+
  #[cfg(not(target_os = "windows"))]
  async fn extract_zip_unix(
    &self,
@@ -514,24 +579,60 @@ impl Extractor {
  ) -> Result<PathBuf, Box<dyn std::error::Error + Send + Sync>> {
    create_dir_all(dest_dir)?;

-    // Use tar command for more reliable extraction
-    let output = Command::new("tar")
-      .args([
-        "-xf",
-        tar_path.to_str().unwrap(),
-        "-C",
-        dest_dir.to_str().unwrap(),
-      ])
-      .output()?;
+    #[cfg(target_os = "windows")]
+    {
+      // On Windows, try multiple extraction methods for better compatibility
+      // First try using tar if available (Windows 10+)
+      let tar_result = Command::new("tar")
+        .args([
+          "-xf",
+          tar_path.to_str().unwrap(),
+          "-C",
+          dest_dir.to_str().unwrap(),
+        ])
+        .output();

-    if !output.status.success() {
-      return Err(
-        format!(
-          "Failed to extract tar.xz: {}",
-          String::from_utf8_lossy(&output.stderr)
-        )
-        .into(),
-      );
+      match tar_result {
+        Ok(output) if output.status.success() => {
+          println!("Successfully extracted tar.xz using tar command");
+        }
+        Ok(output) => {
+          println!(
+            "tar command failed: {}, trying 7-Zip fallback",
+            String::from_utf8_lossy(&output.stderr)
+          );
+          // Try 7-Zip as fallback
+          return self.extract_with_7zip(tar_path, dest_dir).await;
+        }
+        Err(_) => {
+          println!("tar command not available, trying 7-Zip");
+          // Try 7-Zip as fallback
+          return self.extract_with_7zip(tar_path, dest_dir).await;
+        }
+      }
+    }
+
+    #[cfg(not(target_os = "windows"))]
+    {
+      // Use tar command for Unix-like systems
+      let output = Command::new("tar")
+        .args([
+          "-xf",
+          tar_path.to_str().unwrap(),
+          "-C",
+          dest_dir.to_str().unwrap(),
+        ])
+        .output()?;
+
+      if !output.status.success() {
+        return Err(
+          format!(
+            "Failed to extract tar.xz: {}",
+            String::from_utf8_lossy(&output.stderr)
+          )
+          .into(),
+        );
+      }
    }

    // Find the extracted executable and set proper permissions
@@ -545,6 +646,44 @@ impl Extractor {
    Ok(executable_path)
  }

+  #[cfg(target_os = "windows")]
+  async fn extract_with_7zip(
+    &self,
+    archive_path: &Path,
+    dest_dir: &Path,
+  ) -> Result<PathBuf, Box<dyn std::error::Error + Send + Sync>> {
+    // Try to use 7-Zip for extraction (common on Windows)
+    let seven_zip_paths = [
+      "7z", // If 7z is in PATH
+      "C:\\Program Files\\7-Zip\\7z.exe",
+      "C:\\Program Files (x86)\\7-Zip\\7z.exe",
+    ];
+
+    for seven_zip_path in &seven_zip_paths {
+      let result = Command::new(seven_zip_path)
+        .args([
+          "x", // Extract with full paths
+          archive_path.to_str().unwrap(),
+          &format!("-o{}", dest_dir.display()), // Output directory
+          "-y",                                 // Yes to all
+        ])
+        .output();
+
+      match result {
+        Ok(output) if output.status.success() => {
+          println!("Successfully extracted using 7-Zip: {}", seven_zip_path);
+          return self.find_extracted_executable(dest_dir).await;
+        }
+        Ok(_) => continue,
+        Err(_) => continue,
+      }
+    }
+
+    Err(
+      "No suitable extraction tool found. Please install 7-Zip or ensure tar is available.".into(),
+    )
+  }
+
  pub async fn extract_tar_bz2(
    &self,
    tar_path: &Path,
@@ -827,40 +966,138 @@ impl Extractor {
    &self,
    dest_dir: &Path,
  ) -> Result<PathBuf, Box<dyn std::error::Error + Send + Sync>> {
+    println!(
+      "Searching for Windows executable in: {}",
+      dest_dir.display()
+    );
+
    // Look for .exe files, preferring main browser executables
-    let exe_names = [
-      "chrome.exe",
+    let priority_exe_names = [
      "firefox.exe",
+      "chrome.exe",
+      "chromium.exe",
      "zen.exe",
      "brave.exe",
+      "tor-browser.exe",
      "tor.exe",
+      "mullvad-browser.exe",
    ];

-    for exe_name in &exe_names {
+    // First try priority executable names
+    for exe_name in &priority_exe_names {
      let exe_path = dest_dir.join(exe_name);
      if exe_path.exists() {
+        println!("Found priority executable: {}", exe_path.display());
        return Ok(exe_path);
      }
    }

-    // If no specific executable found, look for any .exe file
-    if let Ok(entries) = fs::read_dir(dest_dir) {
-      for entry in entries.flatten() {
-        let path = entry.path();
-        if path.extension().is_some_and(|ext| ext == "exe") {
-          return Ok(path);
+    // Recursively search for executables with depth limit
+    match self.find_windows_executable_recursive(dest_dir, 0, 3).await {
+      Ok(exe_path) => {
+        println!(
+          "Found executable via recursive search: {}",
+          exe_path.display()
+        );
+        Ok(exe_path)
+      }
+      Err(_) => {
+        // List directory contents for debugging
+        if let Ok(entries) = fs::read_dir(dest_dir) {
+          println!("Directory contents:");
+          for entry in entries.flatten() {
+            let path = entry.path();
+            let metadata = if path.is_dir() { "dir" } else { "file" };
+            println!("  - {} ({})", path.display(), metadata);
+          }
        }

-        // Check subdirectories
-        if path.is_dir() {
-          if let Ok(sub_result) = self.find_windows_executable(&path).await {
-            return Ok(sub_result);
+        Err("No executable found after extraction".into())
+      }
+    }
+  }
+
+  #[cfg(target_os = "windows")]
+  fn find_windows_executable_recursive<'a>(
+    &'a self,
+    dir: &'a Path,
+    depth: usize,
+    max_depth: usize,
+  ) -> std::pin::Pin<
+    Box<
+      dyn std::future::Future<Output = Result<PathBuf, Box<dyn std::error::Error + Send + Sync>>>
+        + Send
+        + 'a,
+    >,
+  > {
+    Box::pin(async move {
+      if depth > max_depth {
+        return Err("Maximum search depth reached".into());
+      }
+
+      if let Ok(entries) = fs::read_dir(dir) {
+        let mut dirs_to_search = Vec::new();
+
+        // First pass: look for .exe files in current directory
+        for entry in entries.flatten() {
+          let path = entry.path();
+
+          if path.is_file()
+            && path
+              .extension()
+              .is_some_and(|ext| ext.to_string_lossy().to_lowercase() == "exe")
+          {
+            let file_name = path
+              .file_name()
+              .and_then(|n| n.to_str())
+              .unwrap_or("")
+              .to_lowercase();
+
+            // Check if it's a browser executable
+            if file_name.contains("firefox")
+              || file_name.contains("chrome")
+              || file_name.contains("chromium")
+              || file_name.contains("zen")
+              || file_name.contains("brave")
+              || file_name.contains("tor")
+              || file_name.contains("mullvad")
+              || file_name.contains("browser")
+            {
+              return Ok(path);
+            }
+          } else if path.is_dir() {
+            // Collect directories for later search
+            dirs_to_search.push(path);
+          }
+        }
+
+        // Second pass: search subdirectories
+        for subdir in dirs_to_search {
+          if let Ok(result) = self
+            .find_windows_executable_recursive(&subdir, depth + 1, max_depth)
+            .await
+          {
+            return Ok(result);
+          }
+        }
+
+        // Third pass: if no browser-specific executable found, return any .exe
+        if let Ok(entries) = fs::read_dir(dir) {
+          for entry in entries.flatten() {
+            let path = entry.path();
+            if path.is_file()
+              && path
+                .extension()
+                .is_some_and(|ext| ext.to_string_lossy().to_lowercase() == "exe")
+            {
+              return Ok(path);
+            }
          }
        }
      }
-    }

-    Err("No executable found after extraction".into())
+      Err("No executable found".into())
+    })
  }

  #[cfg(target_os = "linux")]
@@ -1,4 +1,5 @@
 // Learn more about Tauri commands at https://tauri.app/develop/calling-rust/
+use std::env;
 use std::sync::Mutex;
 use tauri::{Emitter, Manager, Runtime, WebviewUrl, WebviewWindow, WebviewWindowBuilder};
 use tauri_plugin_deep_link::DeepLinkExt;
@@ -27,10 +28,10 @@ extern crate lazy_static;
 use browser_runner::{
  check_browser_exists, check_browser_status, create_browser_profile_new, delete_profile,
  download_browser, fetch_browser_versions_cached_first, fetch_browser_versions_with_count,
-  fetch_browser_versions_with_count_cached_first, get_downloaded_browser_versions,
-  get_supported_browsers, is_browser_supported_on_platform, kill_browser_profile,
-  launch_browser_profile, list_browser_profiles, rename_profile, update_profile_proxy,
-  update_profile_version,
+  fetch_browser_versions_with_count_cached_first, get_browser_release_types,
+  get_downloaded_browser_versions, get_supported_browsers, is_browser_supported_on_platform,
+  kill_browser_profile, launch_browser_profile, list_browser_profiles, rename_profile,
+  update_profile_proxy, update_profile_version,
 };

 use settings_manager::{
@@ -48,8 +49,7 @@ use version_updater::{

 use auto_updater::{
  check_for_browser_updates, complete_browser_update_with_auto_update, dismiss_update_notification,
-  is_auto_update_download, is_browser_disabled_for_update, mark_auto_update_download,
-  remove_auto_update_download,
+  is_browser_disabled_for_update,
 };

 use app_auto_updater::{
@@ -111,20 +111,16 @@ async fn handle_url_open(app: tauri::AppHandle, url: String) -> Result<(), Strin

  // Check if the main window exists and is ready
  if let Some(window) = app.get_webview_window("main") {
-    if window.is_visible().unwrap_or(false) {
-      // Window is visible, emit event directly
-      println!("Main window is visible, emitting show-profile-selector event");
-      app
-        .emit("show-profile-selector", url.clone())
-        .map_err(|e| format!("Failed to emit URL open event: {e}"))?;
-      let _ = window.show();
-      let _ = window.set_focus();
-    } else {
-      // Window not visible yet - add to pending URLs
-      println!("Main window not visible, adding URL to pending list");
-      let mut pending = PENDING_URLS.lock().unwrap();
-      pending.push(url);
-    }
+    println!("Main window exists");
+
+    // Try to show and focus the window first
+    let _ = window.show();
+    let _ = window.set_focus();
+    let _ = window.unminimize();
+
+    app
+      .emit("show-profile-selector", url.clone())
+      .map_err(|e| format!("Failed to emit URL open event: {e}"))?;
  } else {
    // Window doesn't exist yet - add to pending URLs
    println!("Main window doesn't exist, adding URL to pending list");
@@ -137,6 +133,8 @@ async fn handle_url_open(app: tauri::AppHandle, url: String) -> Result<(), Strin

 #[tauri::command]
 async fn check_and_handle_startup_url(app_handle: tauri::AppHandle) -> Result<bool, String> {
+  println!("check_and_handle_startup_url called");
+
  let pending_urls = {
    let mut pending = PENDING_URLS.lock().unwrap();
    let urls = pending.clone();
@@ -144,12 +142,24 @@ async fn check_and_handle_startup_url(app_handle: tauri::AppHandle) -> Result<bo
    urls
  };

+  println!("Found {} pending URLs", pending_urls.len());
+
  if !pending_urls.is_empty() {
    println!(
      "Handling {} pending URLs from frontend request",
      pending_urls.len()
    );

+    // Ensure the main window is visible and focused
+    if let Some(window) = app_handle.get_webview_window("main") {
+      let _ = window.show();
+      let _ = window.set_focus();
+      let _ = window.unminimize();
+
+      // Give the window a moment to become visible
+      tokio::time::sleep(tokio::time::Duration::from_millis(200)).await;
+    }
+
    for url in pending_urls {
      println!("Emitting show-profile-selector event for URL: {url}");
      if let Err(e) = app_handle.emit("show-profile-selector", url.clone()) {
@@ -166,12 +176,25 @@ async fn check_and_handle_startup_url(app_handle: tauri::AppHandle) -> Result<bo

 #[cfg_attr(mobile, tauri::mobile_entry_point)]
 pub fn run() {
+  let args: Vec<String> = env::args().collect();
+  let startup_url = args.iter().find(|arg| arg.starts_with("http")).cloned();
+
+  if let Some(url) = startup_url.clone() {
+    println!("Found startup URL in command line: {url}");
+    let mut pending = PENDING_URLS.lock().unwrap();
+    pending.push(url.clone());
+  }
+
  tauri::Builder::default()
+    .plugin(tauri_plugin_single_instance::init(|_, args, _cwd| {
+      println!("Single instance triggered with args: {args:?}");
+    }))
+    .plugin(tauri_plugin_deep_link::init())
    .plugin(tauri_plugin_fs::init())
    .plugin(tauri_plugin_opener::init())
    .plugin(tauri_plugin_shell::init())
-    .plugin(tauri_plugin_deep_link::init())
    .plugin(tauri_plugin_dialog::init())
+    .plugin(tauri_plugin_macos_permissions::init())
    .setup(|app| {
      // Create the main window programmatically
      #[allow(unused_variables)]
@@ -179,7 +202,10 @@ pub fn run() {
        .title("Donut Browser")
        .inner_size(900.0, 600.0)
        .resizable(false)
-        .fullscreen(false);
+        .fullscreen(false)
+        .center()
+        .focused(true)
+        .visible(true);

      #[allow(unused_variables)]
      let window = win_builder.build().unwrap();
@@ -198,16 +224,27 @@ pub fn run() {
      #[cfg(any(windows, target_os = "linux"))]
      {
        // For Windows and Linux, register all deep links at runtime for development
-        app.deep_link().register_all()?;
+        if let Err(e) = app.deep_link().register_all() {
+          eprintln!("Failed to register deep links: {e}");
+        }
+      }
+
+      #[cfg(target_os = "macos")]
+      {
+        // On macOS, try to register deep links for development builds
+        if let Err(e) = app.deep_link().register_all() {
+          eprintln!(
+            "Note: Deep link registration failed on macOS (this is normal for production): {e}"
+          );
+        }
      }

-      // Handle deep links - this works for both scenarios:
-      // 1. App is running and URL is opened
-      // 2. App is not running and URL causes app to launch
      app.deep_link().on_open_url({
        let handle = handle.clone();
        move |event| {
          let urls = event.urls();
+          println!("Deep link event received with {} URLs", urls.len());
+
          for url in urls {
            let url_string = url.to_string();
            println!("Deep link received: {url_string}");
@@ -225,25 +262,50 @@ pub fn run() {
        }
      });

+      if let Some(startup_url) = startup_url {
+        let handle_clone = handle.clone();
+        tauri::async_runtime::spawn(async move {
+          println!("Processing startup URL from command line: {startup_url}");
+          if let Err(e) = handle_url_open(handle_clone, startup_url.clone()).await {
+            eprintln!("Failed to handle startup URL: {e}");
+          }
+        });
+      }
+
      // Initialize and start background version updater
      let app_handle = app.handle().clone();
      tauri::async_runtime::spawn(async move {
        let version_updater = get_version_updater();
-        let mut updater_guard = version_updater.lock().await;

        // Set the app handle
-        updater_guard.set_app_handle(app_handle).await;
+        {
+          let mut updater_guard = version_updater.lock().await;
+          updater_guard.set_app_handle(app_handle);
+        }

-        // Start the background updates
-        updater_guard.start_background_updates().await;
+        // Run startup check without holding the lock
+        {
+          let updater_guard = version_updater.lock().await;
+          if let Err(e) = updater_guard.start_background_updates().await {
+            eprintln!("Failed to start background updates: {e}");
+          }
+        }
+      });
+
+      // Start the background update task separately
+      tauri::async_runtime::spawn(async move {
+        version_updater::VersionUpdater::run_background_task().await;
+      });
+
+      let app_handle_auto_updater = app.handle().clone();
+
+      // Start the auto-update check task separately
+      tauri::async_runtime::spawn(async move {
+        auto_updater::check_for_updates_with_progress(app_handle_auto_updater).await;
      });

-      // Check for app updates at startup
      let app_handle_update = app.handle().clone();
      tauri::async_runtime::spawn(async move {
-        // Add a small delay to ensure the app is fully loaded
-        tokio::time::sleep(tokio::time::Duration::from_secs(3)).await;
-
        println!("Starting app update check at startup...");
        let updater = app_auto_updater::AppAutoUpdater::new();
        match updater.check_for_updates().await {
@@ -283,6 +345,7 @@ pub fn run() {
      fetch_browser_versions_cached_first,
      fetch_browser_versions_with_count_cached_first,
      get_downloaded_browser_versions,
+      get_browser_release_types,
      update_profile_proxy,
      update_profile_version,
      check_browser_status,
@@ -305,9 +368,6 @@ pub fn run() {
      is_browser_disabled_for_update,
      dismiss_update_notification,
      complete_browser_update_with_auto_update,
-      mark_auto_update_download,
-      remove_auto_update_download,
-      is_auto_update_download,
      check_for_app_updates,
      check_for_app_updates_manual,
      download_and_install_app_update,
@@ -55,6 +55,9 @@ impl ProfileImporter {
    // Detect Zen Browser profiles
    detected_profiles.extend(self.detect_zen_browser_profiles()?);

+    // Detect TOR Browser profiles
+    detected_profiles.extend(self.detect_tor_browser_profiles()?);
+
    // Remove duplicates based on path
    let mut seen_paths = HashSet::new();
    let unique_profiles: Vec<DetectedProfile> = detected_profiles
@@ -80,9 +83,16 @@ impl ProfileImporter {

    #[cfg(target_os = "windows")]
    {
-      if let Some(app_data) = self.base_dirs.data_dir() {
-        let firefox_dir = app_data.join("Mozilla/Firefox/Profiles");
-        profiles.extend(self.scan_firefox_profiles_dir(&firefox_dir, "firefox")?);
+      // Primary location in AppData\Roaming
+      let app_data = self.base_dirs.data_dir();
+      let firefox_dir = app_data.join("Mozilla/Firefox/Profiles");
+      profiles.extend(self.scan_firefox_profiles_dir(&firefox_dir, "firefox")?);
+
+      // Also check AppData\Local for portable installations
+      let local_app_data = self.base_dirs.data_local_dir();
+      let firefox_local_dir = local_app_data.join("Mozilla/Firefox/Profiles");
+      if firefox_local_dir.exists() {
+        profiles.extend(self.scan_firefox_profiles_dir(&firefox_local_dir, "firefox")?);
      }
    }

@@ -117,12 +127,11 @@ impl ProfileImporter {

    #[cfg(target_os = "windows")]
    {
-      if let Some(app_data) = self.base_dirs.data_dir() {
-        // Firefox Developer Edition on Windows typically uses separate directories
-        let firefox_dev_dir = app_data.join("Mozilla/Firefox Developer Edition/Profiles");
-        if firefox_dev_dir.exists() {
-          profiles.extend(self.scan_firefox_profiles_dir(&firefox_dev_dir, "firefox-developer")?);
-        }
+      let app_data = self.base_dirs.data_dir();
+      // Firefox Developer Edition on Windows typically uses separate directories
+      let firefox_dev_dir = app_data.join("Mozilla/Firefox Developer Edition/Profiles");
+      if firefox_dev_dir.exists() {
+        profiles.extend(self.scan_firefox_profiles_dir(&firefox_dev_dir, "firefox-developer")?);
      }
    }

@@ -156,10 +165,9 @@ impl ProfileImporter {

    #[cfg(target_os = "windows")]
    {
-      if let Some(local_app_data) = self.base_dirs.data_local_dir() {
-        let chrome_dir = local_app_data.join("Google/Chrome/User Data");
-        profiles.extend(self.scan_chrome_profiles_dir(&chrome_dir, "chromium")?);
-      }
+      let local_app_data = self.base_dirs.data_local_dir();
+      let chrome_dir = local_app_data.join("Google/Chrome/User Data");
+      profiles.extend(self.scan_chrome_profiles_dir(&chrome_dir, "chromium")?);
    }

    #[cfg(target_os = "linux")]
@@ -186,10 +194,9 @@ impl ProfileImporter {

    #[cfg(target_os = "windows")]
    {
-      if let Some(local_app_data) = self.base_dirs.data_local_dir() {
-        let chromium_dir = local_app_data.join("Chromium/User Data");
-        profiles.extend(self.scan_chrome_profiles_dir(&chromium_dir, "chromium")?);
-      }
+      let local_app_data = self.base_dirs.data_local_dir();
+      let chromium_dir = local_app_data.join("Chromium/User Data");
+      profiles.extend(self.scan_chrome_profiles_dir(&chromium_dir, "chromium")?);
    }

    #[cfg(target_os = "linux")]
@@ -216,10 +223,9 @@ impl ProfileImporter {

    #[cfg(target_os = "windows")]
    {
-      if let Some(local_app_data) = self.base_dirs.data_local_dir() {
-        let brave_dir = local_app_data.join("BraveSoftware/Brave-Browser/User Data");
-        profiles.extend(self.scan_chrome_profiles_dir(&brave_dir, "brave")?);
-      }
+      let local_app_data = self.base_dirs.data_local_dir();
+      let brave_dir = local_app_data.join("BraveSoftware/Brave-Browser/User Data");
+      profiles.extend(self.scan_chrome_profiles_dir(&brave_dir, "brave")?);
    }

    #[cfg(target_os = "linux")]
@@ -251,9 +257,16 @@ impl ProfileImporter {

    #[cfg(target_os = "windows")]
    {
-      if let Some(app_data) = self.base_dirs.data_dir() {
-        let mullvad_dir = app_data.join("MullvadBrowser/Profiles");
-        profiles.extend(self.scan_firefox_profiles_dir(&mullvad_dir, "mullvad-browser")?);
+      // Primary location in AppData\Roaming
+      let app_data = self.base_dirs.data_dir();
+      let mullvad_dir = app_data.join("MullvadBrowser/Profiles");
+      profiles.extend(self.scan_firefox_profiles_dir(&mullvad_dir, "mullvad-browser")?);
+
+      // Also check common installation locations
+      let local_app_data = self.base_dirs.data_local_dir();
+      let mullvad_local_dir = local_app_data.join("MullvadBrowser/Profiles");
+      if mullvad_local_dir.exists() {
+        profiles.extend(self.scan_firefox_profiles_dir(&mullvad_local_dir, "mullvad-browser")?);
      }
    }

@@ -283,10 +296,9 @@ impl ProfileImporter {

    #[cfg(target_os = "windows")]
    {
-      if let Some(app_data) = self.base_dirs.data_dir() {
-        let zen_dir = app_data.join("Zen/Profiles");
-        profiles.extend(self.scan_firefox_profiles_dir(&zen_dir, "zen")?);
-      }
+      let app_data = self.base_dirs.data_dir();
+      let zen_dir = app_data.join("Zen/Profiles");
+      profiles.extend(self.scan_firefox_profiles_dir(&zen_dir, "zen")?);
    }

    #[cfg(target_os = "linux")]
@@ -298,6 +310,107 @@ impl ProfileImporter {
    Ok(profiles)
  }

+  /// Detect TOR Browser profiles
+  fn detect_tor_browser_profiles(
+    &self,
+  ) -> Result<Vec<DetectedProfile>, Box<dyn std::error::Error>> {
+    let mut profiles = Vec::new();
+
+    #[cfg(target_os = "macos")]
+    {
+      // TOR Browser on macOS is typically in Applications
+      let tor_dir = self
+        .base_dirs
+        .home_dir()
+        .join("Library/Application Support/TorBrowser-Data/Browser/profile.default");
+
+      if tor_dir.exists() {
+        profiles.push(DetectedProfile {
+          browser: "tor-browser".to_string(),
+          name: "TOR Browser - Default Profile".to_string(),
+          path: tor_dir.to_string_lossy().to_string(),
+          description: "Default TOR Browser profile".to_string(),
+        });
+      }
+    }
+
+    #[cfg(target_os = "windows")]
+    {
+      // Check common TOR Browser installation locations on Windows
+      let possible_paths = [
+        // Default installation in user directory
+        (
+          "Desktop",
+          "Desktop/Tor Browser/Browser/TorBrowser/Data/Browser/profile.default",
+        ),
+        // AppData locations
+        (
+          "AppData/Roaming",
+          "TorBrowser/Browser/TorBrowser/Data/Browser/profile.default",
+        ),
+        (
+          "AppData/Local",
+          "TorBrowser/Browser/TorBrowser/Data/Browser/profile.default",
+        ),
+      ];
+
+      let home_dir = self.base_dirs.home_dir();
+
+      for (location_name, relative_path) in &possible_paths {
+        let tor_dir = home_dir.join(relative_path);
+        if tor_dir.exists() {
+          profiles.push(DetectedProfile {
+            browser: "tor-browser".to_string(),
+            name: format!("TOR Browser - {} Profile", location_name),
+            path: tor_dir.to_string_lossy().to_string(),
+            description: format!("TOR Browser profile from {}", location_name),
+          });
+        }
+      }
+
+      // Also check AppData directories if available
+      let app_data = self.base_dirs.data_dir();
+      let tor_app_data =
+        app_data.join("TorBrowser/Browser/TorBrowser/Data/Browser/profile.default");
+      if tor_app_data.exists() {
+        profiles.push(DetectedProfile {
+          browser: "tor-browser".to_string(),
+          name: "TOR Browser - AppData Profile".to_string(),
+          path: tor_app_data.to_string_lossy().to_string(),
+          description: "TOR Browser profile from AppData".to_string(),
+        });
+      }
+    }
+
+    #[cfg(target_os = "linux")]
+    {
+      // Common TOR Browser locations on Linux
+      let possible_paths = [
+        ".local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser/TorBrowser/Data/Browser/profile.default",
+        "tor-browser_en-US/Browser/TorBrowser/Data/Browser/profile.default",
+        ".tor-browser/Browser/TorBrowser/Data/Browser/profile.default",
+        "Downloads/tor-browser_en-US/Browser/TorBrowser/Data/Browser/profile.default",
+      ];
+
+      let home_dir = self.base_dirs.home_dir();
+
+      for relative_path in &possible_paths {
+        let tor_dir = home_dir.join(relative_path);
+        if tor_dir.exists() {
+          profiles.push(DetectedProfile {
+            browser: "tor-browser".to_string(),
+            name: "TOR Browser - Default Profile".to_string(),
+            path: tor_dir.to_string_lossy().to_string(),
+            description: "TOR Browser profile".to_string(),
+          });
+          break; // Only add the first one found to avoid duplicates
+        }
+      }
+    }
+
+    Ok(profiles)
+  }
+
  /// Scan Firefox-style profiles directory
  fn scan_firefox_profiles_dir(
    &self,
@@ -573,6 +686,7 @@ impl ProfileImporter {
      proxy: None,
      process_id: None,
      last_launch: None,
+      release_type: "stable".to_string(),
    };

    // Save the profile metadata
@@ -11,7 +11,9 @@ use crate::browser::ProxySettings;
 pub struct ProxyInfo {
  pub id: String,
  pub local_url: String,
-  pub upstream_url: String,
+  pub upstream_host: String,
+  pub upstream_port: u16,
+  pub upstream_type: String,
  pub local_port: u16,
 }

@@ -19,7 +21,7 @@ pub struct ProxyInfo {
 pub struct ProxyManager {
  active_proxies: Mutex<HashMap<u32, ProxyInfo>>, // Maps browser process ID to proxy info
  // Store proxy info by profile name for persistence across browser restarts
-  profile_proxies: Mutex<HashMap<String, (String, u16)>>, // Maps profile name to (upstream_url, port)
+  profile_proxies: Mutex<HashMap<String, ProxySettings>>, // Maps profile name to proxy settings
 }

 impl ProxyManager {
@@ -30,11 +32,11 @@ impl ProxyManager {
    }
  }

-  // Start a proxy for a given upstream URL and associate it with a browser process ID
+  // Start a proxy for given proxy settings and associate it with a browser process ID
  pub async fn start_proxy(
    &self,
    app_handle: tauri::AppHandle,
-    upstream_url: &str,
+    proxy_settings: &ProxySettings,
    browser_pid: u32,
    profile_name: Option<&str>,
  ) -> Result<ProxySettings, String> {
@@ -44,9 +46,11 @@ impl ProxyManager {
      if let Some(proxy) = proxies.get(&browser_pid) {
        return Ok(ProxySettings {
          enabled: true,
-          proxy_type: "http".to_string(),
-          host: "localhost".to_string(),
+          proxy_type: proxy.upstream_type.clone(),
+          host: "127.0.0.1".to_string(), // Use 127.0.0.1 instead of localhost for better compatibility
          port: proxy.local_port,
+          username: None,
+          password: None,
        });
      }
    }
@@ -54,31 +58,62 @@ impl ProxyManager {
    // Check if we have a preferred port for this profile
    let preferred_port = if let Some(name) = profile_name {
      let profile_proxies = self.profile_proxies.lock().unwrap();
-      profile_proxies.get(name).map(|(_, port)| *port)
+      profile_proxies.get(name).and_then(|settings| {
+        // Find existing proxy with same settings to reuse port
+        let active_proxies = self.active_proxies.lock().unwrap();
+        active_proxies
+          .values()
+          .find(|p| {
+            p.upstream_host == settings.host
+              && p.upstream_port == settings.port
+              && p.upstream_type == settings.proxy_type
+          })
+          .map(|p| p.local_port)
+      })
    } else {
      None
    };

-    // Start a new proxy using the nodecar binary
+    // Start a new proxy using the nodecar binary with the correct CLI interface
    let mut nodecar = app_handle
      .shell()
      .sidecar("nodecar")
-      .unwrap()
+      .map_err(|e| format!("Failed to create sidecar: {e}"))?
      .arg("proxy")
      .arg("start")
-      .arg("-u")
-      .arg(upstream_url);
+      .arg("--host")
+      .arg(&proxy_settings.host)
+      .arg("--proxy-port")
+      .arg(proxy_settings.port.to_string())
+      .arg("--type")
+      .arg(&proxy_settings.proxy_type);
+
+    // Add credentials if provided
+    if let Some(username) = &proxy_settings.username {
+      nodecar = nodecar.arg("--username").arg(username);
+    }
+    if let Some(password) = &proxy_settings.password {
+      nodecar = nodecar.arg("--password").arg(password);
+    }

    // If we have a preferred port, use it
    if let Some(port) = preferred_port {
-      nodecar = nodecar.arg("-p").arg(port.to_string());
+      nodecar = nodecar.arg("--port").arg(port.to_string());
    }

-    let output = nodecar.output().await.unwrap();
+    // Execute the command and wait for it to complete
+    // The nodecar binary should start the worker and then exit
+    let output = nodecar
+      .output()
+      .await
+      .map_err(|e| format!("Failed to execute nodecar: {e}"))?;

    if !output.status.success() {
      let stderr = String::from_utf8_lossy(&output.stderr);
-      return Err(format!("Proxy start failed: {stderr}"));
+      let stdout = String::from_utf8_lossy(&output.stdout);
+      return Err(format!(
+        "Proxy start failed - stdout: {stdout}, stderr: {stderr}"
+      ));
    }

    let json_string =
@@ -95,15 +130,13 @@ impl ProxyManager {
      .as_str()
      .ok_or("Missing local URL")?
      .to_string();
-    let upstream_url_str = json["upstreamUrl"]
-      .as_str()
-      .ok_or("Missing upstream URL")?
-      .to_string();

    let proxy_info = ProxyInfo {
      id: id.to_string(),
      local_url,
-      upstream_url: upstream_url_str.clone(),
+      upstream_host: proxy_settings.host.clone(),
+      upstream_port: proxy_settings.port,
+      upstream_type: proxy_settings.proxy_type.clone(),
      local_port,
    };

@@ -116,15 +149,17 @@ impl ProxyManager {
    // Store the profile proxy info for persistence
    if let Some(name) = profile_name {
      let mut profile_proxies = self.profile_proxies.lock().unwrap();
-      profile_proxies.insert(name.to_string(), (upstream_url_str, local_port));
+      profile_proxies.insert(name.to_string(), proxy_settings.clone());
    }

    // Return proxy settings for the browser
    Ok(ProxySettings {
      enabled: true,
      proxy_type: "http".to_string(),
-      host: "localhost".to_string(),
+      host: "127.0.0.1".to_string(), // Use 127.0.0.1 instead of localhost for better compatibility
      port: proxy_info.local_port,
+      username: None,
+      password: None,
    })
  }

@@ -169,19 +204,556 @@ impl ProxyManager {
    proxies.get(&browser_pid).map(|proxy| ProxySettings {
      enabled: true,
      proxy_type: "http".to_string(),
-      host: "localhost".to_string(),
+      host: "127.0.0.1".to_string(), // Use 127.0.0.1 instead of localhost for better compatibility
      port: proxy.local_port,
+      username: None,
+      password: None,
    })
  }

  // Get stored proxy info for a profile
-  pub fn get_profile_proxy_info(&self, profile_name: &str) -> Option<(String, u16)> {
+  pub fn get_profile_proxy_info(&self, profile_name: &str) -> Option<ProxySettings> {
    let profile_proxies = self.profile_proxies.lock().unwrap();
    profile_proxies.get(profile_name).cloned()
  }
+
+  // Update the PID mapping for an existing proxy
+  pub fn update_proxy_pid(&self, old_pid: u32, new_pid: u32) -> Result<(), String> {
+    let mut proxies = self.active_proxies.lock().unwrap();
+    if let Some(proxy_info) = proxies.remove(&old_pid) {
+      proxies.insert(new_pid, proxy_info);
+      Ok(())
+    } else {
+      Err(format!("No proxy found for PID {old_pid}"))
+    }
+  }
 }

 // Create a singleton instance of the proxy manager
 lazy_static::lazy_static! {
    pub static ref PROXY_MANAGER: ProxyManager = ProxyManager::new();
 }
+
+#[cfg(test)]
+mod tests {
+  use super::*;
+  use std::env;
+  use std::path::PathBuf;
+  use std::process::Command;
+  use std::time::Duration;
+  use tokio::time::sleep;
+
+  // Mock HTTP server for testing
+
+  use http_body_util::Full;
+  use hyper::body::Bytes;
+  use hyper::server::conn::http1;
+  use hyper::service::service_fn;
+  use hyper::Response;
+  use hyper_util::rt::TokioIo;
+  use tokio::net::TcpListener;
+
+  // Helper function to build nodecar binary for testing
+  async fn ensure_nodecar_binary() -> Result<PathBuf, Box<dyn std::error::Error>> {
+    let cargo_manifest_dir = env::var("CARGO_MANIFEST_DIR")?;
+    let project_root = PathBuf::from(cargo_manifest_dir)
+      .parent()
+      .unwrap()
+      .to_path_buf();
+    let nodecar_dir = project_root.join("nodecar");
+    let nodecar_dist = nodecar_dir.join("dist");
+    let nodecar_binary = nodecar_dist.join("nodecar");
+
+    // Check if binary already exists
+    if nodecar_binary.exists() {
+      return Ok(nodecar_binary);
+    }
+
+    // Build the nodecar binary
+    println!("Building nodecar binary for tests...");
+
+    // Install dependencies
+    let install_status = Command::new("pnpm")
+      .args(["install", "--frozen-lockfile"])
+      .current_dir(&nodecar_dir)
+      .status()?;
+
+    if !install_status.success() {
+      return Err("Failed to install nodecar dependencies".into());
+    }
+
+    // Determine the target architecture
+    let target = if cfg!(target_arch = "aarch64") && cfg!(target_os = "macos") {
+      "build:mac-aarch64"
+    } else if cfg!(target_arch = "x86_64") && cfg!(target_os = "macos") {
+      "build:mac-x86_64"
+    } else if cfg!(target_arch = "x86_64") && cfg!(target_os = "linux") {
+      "build:linux-x64"
+    } else if cfg!(target_arch = "aarch64") && cfg!(target_os = "linux") {
+      "build:linux-arm64"
+    } else if cfg!(target_arch = "x86_64") && cfg!(target_os = "windows") {
+      "build:win-x64"
+    } else if cfg!(target_arch = "aarch64") && cfg!(target_os = "windows") {
+      "build:win-arm64"
+    } else {
+      return Err("Unsupported target architecture for nodecar build".into());
+    };
+
+    // Build the binary
+    let build_status = Command::new("pnpm")
+      .args(["run", target])
+      .current_dir(&nodecar_dir)
+      .status()?;
+
+    if !build_status.success() {
+      return Err("Failed to build nodecar binary".into());
+    }
+
+    if !nodecar_binary.exists() {
+      return Err("Nodecar binary was not created successfully".into());
+    }
+
+    Ok(nodecar_binary)
+  }
+
+  #[tokio::test]
+  async fn test_proxy_manager_profile_persistence() {
+    let proxy_manager = ProxyManager::new();
+
+    let proxy_settings = ProxySettings {
+      enabled: true,
+      proxy_type: "socks5".to_string(),
+      host: "127.0.0.1".to_string(),
+      port: 1080,
+      username: None,
+      password: None,
+    };
+
+    // Test profile proxy info storage
+    {
+      let mut profile_proxies = proxy_manager.profile_proxies.lock().unwrap();
+      profile_proxies.insert("test_profile".to_string(), proxy_settings.clone());
+    }
+
+    // Test retrieval
+    let retrieved = proxy_manager.get_profile_proxy_info("test_profile");
+    assert!(retrieved.is_some());
+    let retrieved = retrieved.unwrap();
+    assert_eq!(retrieved.proxy_type, "socks5");
+    assert_eq!(retrieved.host, "127.0.0.1");
+    assert_eq!(retrieved.port, 1080);
+
+    // Test non-existent profile
+    let non_existent = proxy_manager.get_profile_proxy_info("non_existent");
+    assert!(non_existent.is_none());
+  }
+
+  #[tokio::test]
+  async fn test_proxy_manager_active_proxy_tracking() {
+    let proxy_manager = ProxyManager::new();
+
+    let proxy_info = ProxyInfo {
+      id: "test_proxy_123".to_string(),
+      local_url: "http://localhost:8080".to_string(),
+      upstream_host: "proxy.example.com".to_string(),
+      upstream_port: 3128,
+      upstream_type: "http".to_string(),
+      local_port: 8080,
+    };
+
+    let browser_pid = 54321u32;
+
+    // Add active proxy
+    {
+      let mut active_proxies = proxy_manager.active_proxies.lock().unwrap();
+      active_proxies.insert(browser_pid, proxy_info.clone());
+    }
+
+    // Test retrieval of proxy settings
+    let proxy_settings = proxy_manager.get_proxy_settings(browser_pid);
+    assert!(proxy_settings.is_some());
+    let settings = proxy_settings.unwrap();
+    assert!(settings.enabled);
+    assert_eq!(settings.host, "127.0.0.1");
+    assert_eq!(settings.port, 8080);
+
+    // Test non-existent browser PID
+    let non_existent = proxy_manager.get_proxy_settings(99999);
+    assert!(non_existent.is_none());
+  }
+
+  #[test]
+  fn test_proxy_settings_validation() {
+    // Test valid proxy settings
+    let valid_settings = ProxySettings {
+      enabled: true,
+      proxy_type: "http".to_string(),
+      host: "127.0.0.1".to_string(),
+      port: 8080,
+      username: Some("user".to_string()),
+      password: Some("pass".to_string()),
+    };
+
+    assert!(valid_settings.enabled);
+    assert_eq!(valid_settings.proxy_type, "http");
+    assert!(!valid_settings.host.is_empty());
+    assert!(valid_settings.port > 0);
+
+    // Test disabled proxy settings
+    let disabled_settings = ProxySettings {
+      enabled: false,
+      proxy_type: "http".to_string(),
+      host: "".to_string(),
+      port: 0,
+      username: None,
+      password: None,
+    };
+
+    assert!(!disabled_settings.enabled);
+  }
+
+  #[tokio::test]
+  async fn test_proxy_manager_concurrent_access() {
+    use std::sync::Arc;
+
+    let proxy_manager = Arc::new(ProxyManager::new());
+    let mut handles = vec![];
+
+    // Spawn multiple tasks that access the proxy manager concurrently
+    for i in 0..10 {
+      let pm = proxy_manager.clone();
+      let handle = tokio::spawn(async move {
+        let browser_pid = (1000 + i) as u32;
+        let proxy_info = ProxyInfo {
+          id: format!("proxy_{i}"),
+          local_url: format!("http://127.0.0.1:{}", 8000 + i),
+          upstream_host: "127.0.0.1".to_string(),
+          upstream_port: 3128,
+          upstream_type: "http".to_string(),
+          local_port: (8000 + i) as u16,
+        };
+
+        // Add proxy
+        {
+          let mut active_proxies = pm.active_proxies.lock().unwrap();
+          active_proxies.insert(browser_pid, proxy_info);
+        }
+
+        // Read proxy
+        let settings = pm.get_proxy_settings(browser_pid);
+        assert!(settings.is_some());
+
+        browser_pid
+      });
+      handles.push(handle);
+    }
+
+    // Wait for all tasks to complete
+    let results: Vec<u32> = futures_util::future::join_all(handles)
+      .await
+      .into_iter()
+      .map(|r| r.unwrap())
+      .collect();
+
+    // Verify all browser PIDs were processed
+    assert_eq!(results.len(), 10);
+    for (i, &browser_pid) in results.iter().enumerate() {
+      assert_eq!(browser_pid, (1000 + i) as u32);
+    }
+  }
+
+  // Integration test that actually builds and uses nodecar binary
+  #[tokio::test]
+  async fn test_proxy_integration_with_real_nodecar() -> Result<(), Box<dyn std::error::Error>> {
+    // This test requires nodecar to be built and available
+    let nodecar_path = ensure_nodecar_binary().await?;
+
+    // Start a mock upstream HTTP server
+    let upstream_listener = TcpListener::bind("127.0.0.1:0").await?;
+    let upstream_addr = upstream_listener.local_addr()?;
+
+    // Spawn upstream server
+    let server_handle = tokio::spawn(async move {
+      while let Ok((stream, _)) = upstream_listener.accept().await {
+        let io = TokioIo::new(stream);
+        tokio::task::spawn(async move {
+          let _ = http1::Builder::new()
+            .serve_connection(
+              io,
+              service_fn(|_req| async {
+                Ok::<_, hyper::Error>(Response::new(Full::new(Bytes::from("Upstream OK"))))
+              }),
+            )
+            .await;
+        });
+      }
+    });
+
+    // Wait for server to start
+    sleep(Duration::from_millis(100)).await;
+
+    // Test nodecar proxy start command directly (using the binary itself, not node)
+    let mut cmd = Command::new(&nodecar_path);
+    cmd
+      .arg("proxy")
+      .arg("start")
+      .arg("--host")
+      .arg(upstream_addr.ip().to_string())
+      .arg("--proxy-port")
+      .arg(upstream_addr.port().to_string())
+      .arg("--type")
+      .arg("http");
+
+    // Set a timeout for the command
+    let output = tokio::time::timeout(Duration::from_secs(10), async { cmd.output() }).await??;
+
+    if output.status.success() {
+      let stdout = String::from_utf8(output.stdout)?;
+      let config: serde_json::Value = serde_json::from_str(&stdout)?;
+
+      // Verify proxy configuration
+      assert!(config["id"].is_string());
+      assert!(config["localPort"].is_number());
+      assert!(config["localUrl"].is_string());
+
+      let proxy_id = config["id"].as_str().unwrap();
+      let local_port = config["localPort"].as_u64().unwrap();
+
+      // Wait for proxy worker to start
+      println!("Waiting for proxy worker to start...");
+      tokio::time::sleep(Duration::from_secs(3)).await;
+
+      // Test that the local port is listening
+      let mut port_test = Command::new("nc");
+      port_test
+        .arg("-z")
+        .arg("127.0.0.1")
+        .arg(local_port.to_string());
+
+      let port_output = port_test.output()?;
+      if port_output.status.success() {
+        println!("Proxy is listening on port {local_port}");
+      } else {
+        println!("Warning: Proxy port {local_port} is not listening");
+      }
+
+      // Test stopping the proxy
+      let mut stop_cmd = Command::new(&nodecar_path);
+      stop_cmd.arg("proxy").arg("stop").arg("--id").arg(proxy_id);
+
+      let stop_output =
+        tokio::time::timeout(Duration::from_secs(5), async { stop_cmd.output() }).await??;
+
+      assert!(stop_output.status.success());
+
+      println!("Integration test passed: nodecar proxy start/stop works correctly");
+    } else {
+      let stderr = String::from_utf8(output.stderr)?;
+      eprintln!("Nodecar failed: {stderr}");
+      return Err(format!("Nodecar command failed: {stderr}").into());
+    }
+
+    // Clean up server
+    server_handle.abort();
+
+    Ok(())
+  }
+
+  // Test that validates the command line arguments are constructed correctly
+  #[test]
+  fn test_proxy_command_construction() {
+    let proxy_settings = ProxySettings {
+      enabled: true,
+      proxy_type: "http".to_string(),
+      host: "proxy.example.com".to_string(),
+      port: 8080,
+      username: Some("user".to_string()),
+      password: Some("pass".to_string()),
+    };
+
+    // Test command arguments match expected format
+    let _expected_args = [
+      "proxy",
+      "start",
+      "--host",
+      "proxy.example.com",
+      "--proxy-port",
+      "8080",
+      "--type",
+      "http",
+      "--username",
+      "user",
+      "--password",
+      "pass",
+    ];
+
+    // This test verifies the argument structure without actually running the command
+    assert_eq!(proxy_settings.host, "proxy.example.com");
+    assert_eq!(proxy_settings.port, 8080);
+    assert_eq!(proxy_settings.proxy_type, "http");
+    assert_eq!(proxy_settings.username.as_ref().unwrap(), "user");
+    assert_eq!(proxy_settings.password.as_ref().unwrap(), "pass");
+  }
+
+  // Test the CLI detachment specifically - ensure the CLI exits properly
+  #[tokio::test]
+  async fn test_cli_exits_after_proxy_start() -> Result<(), Box<dyn std::error::Error>> {
+    let nodecar_path = ensure_nodecar_binary().await?;
+
+    // Test that the CLI exits quickly with a mock upstream
+    let mut cmd = Command::new(&nodecar_path);
+    cmd
+      .arg("proxy")
+      .arg("start")
+      .arg("--host")
+      .arg("httpbin.org")
+      .arg("--proxy-port")
+      .arg("80")
+      .arg("--type")
+      .arg("http");
+
+    let start_time = std::time::Instant::now();
+    let output = tokio::time::timeout(Duration::from_secs(3), async { cmd.output() }).await;
+
+    match output {
+      Ok(Ok(cmd_output)) => {
+        let execution_time = start_time.elapsed();
+        println!("CLI completed in {execution_time:?}");
+
+        // Should complete very quickly if properly detached
+        assert!(
+          execution_time < Duration::from_secs(3),
+          "CLI took too long ({execution_time:?}), should exit immediately after starting worker"
+        );
+
+        if cmd_output.status.success() {
+          let stdout = String::from_utf8(cmd_output.stdout)?;
+          let config: serde_json::Value = serde_json::from_str(&stdout)?;
+
+          // Clean up - try to stop the proxy
+          if let Some(proxy_id) = config["id"].as_str() {
+            let mut stop_cmd = Command::new(&nodecar_path);
+            stop_cmd.arg("proxy").arg("stop").arg("--id").arg(proxy_id);
+            let _ = stop_cmd.output();
+          }
+        }
+
+        println!("CLI detachment test passed - CLI exited in {execution_time:?}");
+      }
+      Ok(Err(e)) => {
+        return Err(format!("Command execution failed: {e}").into());
+      }
+      Err(_) => {
+        return Err("CLI command timed out - this indicates improper detachment".into());
+      }
+    }
+
+    Ok(())
+  }
+
+  // Test that validates proper CLI detachment behavior
+  #[tokio::test]
+  async fn test_cli_detachment_behavior() -> Result<(), Box<dyn std::error::Error>> {
+    let nodecar_path = ensure_nodecar_binary().await?;
+
+    // Test that the CLI command exits quickly even with a real upstream
+    let mut cmd = Command::new(&nodecar_path);
+    cmd
+      .arg("proxy")
+      .arg("start")
+      .arg("--host")
+      .arg("httpbin.org") // Use a known good endpoint
+      .arg("--proxy-port")
+      .arg("80")
+      .arg("--type")
+      .arg("http");
+
+    let start_time = std::time::Instant::now();
+    let output = tokio::time::timeout(Duration::from_secs(5), async { cmd.output() }).await??;
+    let execution_time = start_time.elapsed();
+
+    // Command should complete very quickly if properly detached
+    assert!(
+      execution_time < Duration::from_secs(5),
+      "CLI command took {execution_time:?}, should complete in under 5 seconds for proper detachment"
+    );
+
+    println!("CLI detachment test: command completed in {execution_time:?}");
+
+    if output.status.success() {
+      let stdout = String::from_utf8(output.stdout)?;
+      let config: serde_json::Value = serde_json::from_str(&stdout)?;
+      let proxy_id = config["id"].as_str().unwrap();
+
+      // Clean up
+      let mut stop_cmd = Command::new(&nodecar_path);
+      stop_cmd.arg("proxy").arg("stop").arg("--id").arg(proxy_id);
+      let _ = stop_cmd.output();
+
+      println!("CLI detachment test passed");
+    } else {
+      // Even if the upstream fails, the CLI should still exit quickly
+      println!("CLI command failed but exited quickly as expected");
+    }
+
+    Ok(())
+  }
+
+  // Test that validates URL encoding for special characters in credentials
+  #[tokio::test]
+  async fn test_proxy_credentials_encoding() -> Result<(), Box<dyn std::error::Error>> {
+    let nodecar_path = ensure_nodecar_binary().await?;
+
+    // Test with credentials that include special characters
+    let mut cmd = Command::new(&nodecar_path);
+    cmd
+      .arg("proxy")
+      .arg("start")
+      .arg("--host")
+      .arg("test.example.com")
+      .arg("--proxy-port")
+      .arg("8080")
+      .arg("--type")
+      .arg("http")
+      .arg("--username")
+      .arg("user@domain.com") // Contains @ symbol
+      .arg("--password")
+      .arg("pass word!"); // Contains space and special character
+
+    let output = tokio::time::timeout(Duration::from_secs(5), async { cmd.output() }).await??;
+
+    if output.status.success() {
+      let stdout = String::from_utf8(output.stdout)?;
+      let config: serde_json::Value = serde_json::from_str(&stdout)?;
+
+      let upstream_url = config["upstreamUrl"].as_str().unwrap();
+
+      println!("Generated upstream URL: {upstream_url}");
+
+      // Verify that special characters are properly encoded
+      assert!(upstream_url.contains("user%40domain.com"));
+      // The password may be encoded as "pass%20word!" or "pass%20word%21" depending on implementation
+      assert!(upstream_url.contains("pass%20word"));
+
+      println!("URL encoding test passed - special characters handled correctly");
+
+      // Clean up
+      let proxy_id = config["id"].as_str().unwrap();
+      let mut stop_cmd = Command::new(&nodecar_path);
+      stop_cmd.arg("proxy").arg("stop").arg("--id").arg(proxy_id);
+      let _ = stop_cmd.output();
+    } else {
+      // This test might fail if the upstream doesn't exist, but we mainly care about URL construction
+      let stdout = String::from_utf8(output.stdout)?;
+      let stderr = String::from_utf8(output.stderr)?;
+      println!("Command failed (expected for non-existent upstream):");
+      println!("Stdout: {stdout}");
+      println!("Stderr: {stderr}");
+
+      // The important thing is that the command completed quickly
+      println!("URL encoding test completed - credentials should be properly encoded");
+    }
+
+    Ok(())
+  }
+}
@@ -4,7 +4,7 @@ use std::fs::{self, create_dir_all};
 use std::path::PathBuf;

 use crate::api_client::ApiClient;
-use crate::browser_version_service::BrowserVersionService;
+use crate::version_updater;

 #[derive(Debug, Serialize, Deserialize, Clone)]
 pub struct TableSortingSettings {
@@ -25,40 +25,25 @@ impl Default for TableSortingSettings {
 pub struct AppSettings {
  #[serde(default)]
  pub set_as_default_browser: bool,
-  #[serde(default = "default_show_settings_on_startup")]
+  #[serde(default)]
  pub show_settings_on_startup: bool,
  #[serde(default = "default_theme")]
  pub theme: String, // "light", "dark", or "system"
-  #[serde(default = "default_auto_updates_enabled")]
-  pub auto_updates_enabled: bool,
-  #[serde(default = "default_auto_delete_unused_binaries")]
+  #[serde(default)]
  pub auto_delete_unused_binaries: bool,
 }

-fn default_show_settings_on_startup() -> bool {
-  true
-}
-
 fn default_theme() -> String {
  "system".to_string()
 }

-fn default_auto_updates_enabled() -> bool {
-  true
-}
-
-fn default_auto_delete_unused_binaries() -> bool {
-  true
-}
-
 impl Default for AppSettings {
  fn default() -> Self {
    Self {
      set_as_default_browser: false,
-      show_settings_on_startup: default_show_settings_on_startup(),
-      theme: default_theme(),
-      auto_updates_enabled: default_auto_updates_enabled(),
-      auto_delete_unused_binaries: default_auto_delete_unused_binaries(),
+      show_settings_on_startup: true,
+      theme: "system".to_string(),
+      auto_delete_unused_binaries: true,
    }
  }
 }
@@ -216,7 +201,9 @@ pub async fn save_table_sorting_settings(sorting: TableSortingSettings) -> Resul
 }

 #[tauri::command]
-pub async fn clear_all_version_cache_and_refetch() -> Result<(), String> {
+pub async fn clear_all_version_cache_and_refetch(
+  app_handle: tauri::AppHandle,
+) -> Result<(), String> {
  let api_client = ApiClient::new();

  // Clear all cache first
@@ -224,23 +211,13 @@ pub async fn clear_all_version_cache_and_refetch() -> Result<(), String> {
    .clear_all_cache()
    .map_err(|e| format!("Failed to clear version cache: {e}"))?;

-  // Trigger auto-fetch for all supported browsers
-  let service = BrowserVersionService::new();
-  let supported_browsers = service.get_supported_browsers();
+  let updater = version_updater::get_version_updater();
+  let updater_guard = updater.lock().await;

-  for browser in supported_browsers {
-    // Start background fetch for each browser (don't wait for completion)
-    let service_clone = BrowserVersionService::new();
-    let browser_clone = browser.clone();
-    tokio::spawn(async move {
-      if let Err(e) = service_clone
-        .fetch_browser_versions_detailed(&browser_clone, false)
-        .await
-      {
-        eprintln!("Background version fetch failed for {browser_clone}: {e}");
-      }
-    });
-  }
+  updater_guard
+    .trigger_manual_update(&app_handle)
+    .await
+    .map_err(|e| format!("Failed to trigger version update: {e}"))?;

  Ok(())
 }
@@ -1,4 +1,3 @@
-use crate::browser_version_service::BrowserVersionService;
 use directories::BaseDirs;
 use serde::{Deserialize, Serialize};
 use std::fs;
@@ -8,7 +7,10 @@ use std::sync::OnceLock;
 use std::time::{Duration, SystemTime, UNIX_EPOCH};
 use tauri::Emitter;
 use tokio::sync::Mutex;
-use tokio::time::{interval, Interval};
+use tokio::time::interval;
+
+use crate::auto_updater::AutoUpdater;
+use crate::browser_version_service::BrowserVersionService;

 #[derive(Debug, Serialize, Deserialize, Clone)]
 pub struct VersionUpdateProgress {
@@ -46,22 +48,23 @@ impl Default for BackgroundUpdateState {

 pub struct VersionUpdater {
  version_service: BrowserVersionService,
-  app_handle: Arc<Mutex<Option<tauri::AppHandle>>>,
-  update_interval: Interval,
+  auto_updater: AutoUpdater,
+  app_handle: Option<tauri::AppHandle>,
 }

 impl VersionUpdater {
  pub fn new() -> Self {
-    let mut update_interval = interval(Duration::from_secs(5 * 60)); // Check every 5 minutes
-    update_interval.set_missed_tick_behavior(tokio::time::MissedTickBehavior::Skip);
-
    Self {
      version_service: BrowserVersionService::new(),
-      app_handle: Arc::new(Mutex::new(None)),
-      update_interval,
+      auto_updater: AutoUpdater::new(),
+      app_handle: None,
    }
  }

+  pub fn set_app_handle(&mut self, app_handle: tauri::AppHandle) {
+    self.app_handle = Some(app_handle);
+  }
+
  fn get_cache_dir() -> Result<PathBuf, Box<dyn std::error::Error>> {
    let base_dirs = BaseDirs::new().ok_or("Failed to get base directories")?;
    let app_name = if cfg!(debug_assertions) {
@@ -143,11 +146,6 @@ impl VersionUpdater {
    should_update
  }

-  pub async fn set_app_handle(&self, app_handle: tauri::AppHandle) {
-    let mut handle = self.app_handle.lock().await;
-    *handle = Some(app_handle);
-  }
-
  pub async fn check_and_run_startup_update(
    &self,
  ) -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
@@ -157,15 +155,10 @@ impl VersionUpdater {
      return Ok(());
    }

-    let app_handle = {
-      let handle_guard = self.app_handle.lock().await;
-      handle_guard.clone()
-    };
-
-    if let Some(handle) = app_handle {
+    if let Some(ref app_handle) = self.app_handle {
      println!("Running startup version update...");

-      match self.update_all_browser_versions(&handle).await {
+      match self.update_all_browser_versions(app_handle).await {
        Ok(_) => {
          // Update the persistent state after successful update
          let state = BackgroundUpdateState {
@@ -191,7 +184,9 @@ impl VersionUpdater {
    Ok(())
  }

-  pub async fn start_background_updates(&mut self) {
+  pub async fn start_background_updates(
+    &self,
+  ) -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
    println!(
      "Starting background version update service (checking every 5 minutes for 3-hour intervals)"
    );
@@ -201,41 +196,54 @@ impl VersionUpdater {
      eprintln!("Startup version update failed: {e}");
    }

+    Ok(())
+  }
+
+  pub async fn run_background_task() {
+    let mut update_interval = interval(Duration::from_secs(5 * 60)); // Check every 5 minutes
+    update_interval.set_missed_tick_behavior(tokio::time::MissedTickBehavior::Skip);
+
    loop {
-      self.update_interval.tick().await;
+      update_interval.tick().await;

      // Check if we should run an update based on persistent state
      if !Self::should_run_background_update() {
        continue;
      }

-      // Check if we have an app handle
-      let app_handle = {
-        let handle_guard = self.app_handle.lock().await;
-        handle_guard.clone()
-      };
+      println!("Starting background version update...");

-      if let Some(handle) = app_handle {
-        println!("Starting background version update...");
+      // Get the updater instance for this update cycle
+      let updater = get_version_updater();
+      let result = {
+        let updater_guard = updater.lock().await;
+        if let Some(ref app_handle) = updater_guard.app_handle {
+          updater_guard.update_all_browser_versions(app_handle).await
+        } else {
+          Err("App handle not available for background update".into())
+        }
+      }; // Release the lock here

-        match self.update_all_browser_versions(&handle).await {
-          Ok(_) => {
-            // Update the persistent state after successful update
-            let state = BackgroundUpdateState {
-              last_update_time: Self::get_current_timestamp(),
-              update_interval_hours: 3,
-            };
+      match result {
+        Ok(_) => {
+          // Update the persistent state after successful update
+          let state = BackgroundUpdateState {
+            last_update_time: Self::get_current_timestamp(),
+            update_interval_hours: 3,
+          };

-            if let Err(e) = Self::save_background_update_state(&state) {
-              eprintln!("Failed to save background update state: {e}");
-            } else {
-              println!("Background version update completed successfully");
-            }
+          if let Err(e) = Self::save_background_update_state(&state) {
+            eprintln!("Failed to save background update state: {e}");
+          } else {
+            println!("Background version update completed successfully");
          }
-          Err(e) => {
-            eprintln!("Background version update failed: {e}");
+        }
+        Err(e) => {
+          eprintln!("Background version update failed: {e}");

-            // Emit error event
+          // Try to emit error event if we have an app handle
+          let updater_guard = updater.lock().await;
+          if let Some(ref app_handle) = updater_guard.app_handle {
            let progress = VersionUpdateProgress {
              current_browser: "".to_string(),
              total_browsers: 0,
@@ -244,11 +252,9 @@ impl VersionUpdater {
              browser_new_versions: 0,
              status: "error".to_string(),
            };
-            let _ = handle.emit("version-update-progress", &progress);
+            let _ = app_handle.emit("version-update-progress", &progress);
          }
        }
-      } else {
-        println!("App handle not available, skipping background update");
      }
    }
  }
@@ -257,107 +263,108 @@ impl VersionUpdater {
    &self,
    app_handle: &tauri::AppHandle,
  ) -> Result<Vec<BackgroundUpdateResult>, Box<dyn std::error::Error + Send + Sync>> {
-    println!("Starting background version update for all browsers");
-
-    let browsers = [
-      "firefox",
-      "firefox-developer",
-      "mullvad-browser",
-      "zen",
-      "brave",
-      "chromium",
-      "tor-browser",
-    ];
-
-    let total_browsers = browsers.len();
+    let supported_browsers = self.version_service.get_supported_browsers();
+    let total_browsers = supported_browsers.len();
    let mut results = Vec::new();
    let mut total_new_versions = 0;

-    // Emit start event
-    let progress = VersionUpdateProgress {
-      current_browser: "".to_string(),
+    // Emit initial progress
+    let initial_progress = VersionUpdateProgress {
+      current_browser: String::new(),
      total_browsers,
      completed_browsers: 0,
      new_versions_found: 0,
      browser_new_versions: 0,
      status: "updating".to_string(),
    };
-    let _ = app_handle.emit("version-update-progress", &progress);

-    for (index, browser) in browsers.iter().enumerate() {
-      // Check if individual browser cache is expired before updating
-      if !self.version_service.should_update_cache(browser) {
-        println!("Skipping {browser} - cache is still fresh");
+    if let Err(e) = app_handle.emit("version-update-progress", &initial_progress) {
+      eprintln!("Failed to emit initial progress: {e}");
+    }

-        let browser_result = BackgroundUpdateResult {
-          browser: browser.to_string(),
-          new_versions_count: 0,
-          total_versions_count: 0,
-          updated_successfully: true,
-          error: None,
-        };
-        results.push(browser_result);
-        continue;
-      }
+    for (index, browser) in supported_browsers.iter().enumerate() {
+      println!("Updating browser versions for: {browser}");

-      println!("Updating versions for browser: {browser}");
-
-      // Emit progress for current browser
+      // Emit progress update for current browser
      let progress = VersionUpdateProgress {
-        current_browser: browser.to_string(),
+        current_browser: browser.clone(),
        total_browsers,
        completed_browsers: index,
        new_versions_found: total_new_versions,
        browser_new_versions: 0,
        status: "updating".to_string(),
      };
-      let _ = app_handle.emit("version-update-progress", &progress);

-      let result = self.update_browser_versions(browser).await;
+      if let Err(e) = app_handle.emit("version-update-progress", &progress) {
+        eprintln!("Failed to emit progress for {browser}: {e}");
+      }

-      match result {
-        Ok(new_count) => {
-          total_new_versions += new_count;
-          let browser_result = BackgroundUpdateResult {
-            browser: browser.to_string(),
-            new_versions_count: new_count,
-            total_versions_count: 0, // We'll update this if needed
+      match self.update_browser_versions(browser).await {
+        Ok(new_versions_count) => {
+          results.push(BackgroundUpdateResult {
+            browser: browser.clone(),
+            new_versions_count,
+            total_versions_count: 0, // We don't track total for background updates
            updated_successfully: true,
            error: None,
-          };
-          results.push(browser_result);
+          });

-          println!("Found {new_count} new versions for {browser}");
+          total_new_versions += new_versions_count;
+
+          // Emit progress update with new versions found
+          let progress = VersionUpdateProgress {
+            current_browser: browser.clone(),
+            total_browsers,
+            completed_browsers: index,
+            new_versions_found: total_new_versions,
+            browser_new_versions: new_versions_count,
+            status: "updating".to_string(),
+          };
+
+          if let Err(e) = app_handle.emit("version-update-progress", &progress) {
+            eprintln!("Failed to emit progress with versions for {browser}: {e}");
+          }
        }
        Err(e) => {
-          eprintln!("Failed to update versions for {browser}: {e}");
-          let browser_result = BackgroundUpdateResult {
-            browser: browser.to_string(),
+          results.push(BackgroundUpdateResult {
+            browser: browser.clone(),
            new_versions_count: 0,
            total_versions_count: 0,
            updated_successfully: false,
            error: Some(e.to_string()),
-          };
-          results.push(browser_result);
+          });
        }
      }
-
-      // Small delay between browsers to avoid overwhelming APIs
-      tokio::time::sleep(Duration::from_millis(500)).await;
    }

-    // Emit completion event
-    let progress = VersionUpdateProgress {
-      current_browser: "".to_string(),
+    // Emit completion
+    let final_progress = VersionUpdateProgress {
+      current_browser: String::new(),
      total_browsers,
      completed_browsers: total_browsers,
      new_versions_found: total_new_versions,
      browser_new_versions: 0,
      status: "completed".to_string(),
    };
-    let _ = app_handle.emit("version-update-progress", &progress);

-    println!("Background version update completed. Found {total_new_versions} new versions total");
+    if let Err(e) = app_handle.emit("version-update-progress", &final_progress) {
+      eprintln!("Failed to emit completion progress: {e}");
+    }
+
+    // After all version updates are complete, trigger auto-update check
+    if total_new_versions > 0 {
+      println!(
+        "Found {total_new_versions} new versions across all browsers. Checking for auto-updates..."
+      );
+
+      // Trigger auto-update check which will automatically download browsers
+      self
+        .auto_updater
+        .check_for_updates_with_progress(app_handle)
+        .await;
+    } else {
+      println!("No new versions found, skipping auto-update check");
+    }

    Ok(results)
  }
@@ -1,7 +1,7 @@
 {
  "$schema": "https://schema.tauri.app/config/2",
  "productName": "Donut Browser",
-  "version": "0.3.2",
+  "version": "0.5.2",
  "identifier": "com.donutbrowser",
  "build": {
    "beforeDevCommand": "pnpm dev",
@@ -61,8 +61,9 @@
  },
  "plugins": {
    "deep-link": {
-      "schemes": ["http", "https"],
-      "domains": []
+      "desktop": {
+        "schemes": ["http", "https"]
+      }
    }
  }
 }
@@ -3,6 +3,7 @@
 import { ChangeVersionDialog } from "@/components/change-version-dialog";
 import { CreateProfileDialog } from "@/components/create-profile-dialog";
 import { ImportProfileDialog } from "@/components/import-profile-dialog";
+import { PermissionDialog } from "@/components/permission-dialog";
 import { ProfilesDataTable } from "@/components/profile-data-table";
 import { ProfileSelectorDialog } from "@/components/profile-selector-dialog";
 import { ProxySettingsDialog } from "@/components/proxy-settings-dialog";
@@ -21,11 +22,15 @@ import {
  TooltipTrigger,
 } from "@/components/ui/tooltip";
 import { useAppUpdateNotifications } from "@/hooks/use-app-update-notifications";
+import { usePermissions } from "@/hooks/use-permissions";
+import type { PermissionType } from "@/hooks/use-permissions";
 import { useUpdateNotifications } from "@/hooks/use-update-notifications";
+import { useVersionUpdater } from "@/hooks/use-version-updater";
 import { showErrorToast } from "@/lib/toast-utils";
 import type { BrowserProfile, ProxySettings } from "@/types";
 import { invoke } from "@tauri-apps/api/core";
 import { listen } from "@tauri-apps/api/event";
+import { getCurrent } from "@tauri-apps/plugin-deep-link";
 import { useCallback, useEffect, useRef, useState } from "react";
 import { FaDownload } from "react-icons/fa";
 import { GoGear, GoKebabHorizontal, GoPlus } from "react-icons/go";
@@ -58,6 +63,11 @@ export default function Home() {
  const [currentProfileForVersionChange, setCurrentProfileForVersionChange] =
    useState<BrowserProfile | null>(null);
  const [hasCheckedStartupPrompt, setHasCheckedStartupPrompt] = useState(false);
+  const [permissionDialogOpen, setPermissionDialogOpen] = useState(false);
+  const [currentPermissionType, setCurrentPermissionType] =
+    useState<PermissionType>("microphone");
+  const { isMicrophoneAccessGranted, isCameraAccessGranted, isInitialized } =
+    usePermissions();

  // Simple profiles loader without updates check (for use as callback)
  const loadProfiles = useCallback(async () => {
@@ -72,7 +82,10 @@ export default function Home() {
    }
  }, []);

-  // Auto-update functionality - pass loadProfiles to refresh profiles after updates
+  // Version updater for handling version fetching progress events and auto-updates
+  useVersionUpdater();
+
+  // Auto-update functionality - use the existing hook for compatibility
  const updateNotifications = useUpdateNotifications(loadProfiles);
  const { checkForUpdates, isUpdating } = updateNotifications;

@@ -94,6 +107,18 @@ export default function Home() {

  useAppUpdateNotifications();

+  // For some reason, app.deep_link().get_current() is not working properly
+  const checkCurrentUrl = useCallback(async () => {
+    try {
+      const currentUrl = await getCurrent();
+      if (currentUrl && currentUrl.length > 0) {
+        void handleUrlOpen(currentUrl[0]);
+      }
+    } catch (error) {
+      console.error("Failed to check current URL:", error);
+    }
+  }, []);
+
  useEffect(() => {
    void loadProfilesWithUpdateCheck();

@@ -105,6 +130,7 @@ export default function Home() {

    // Check for startup URLs (when app was launched as default browser)
    void checkStartupUrls();
+    void checkCurrentUrl();

    // Set up periodic update checks (every 30 minutes)
    const updateInterval = setInterval(
@@ -117,7 +143,14 @@ export default function Home() {
    return () => {
      clearInterval(updateInterval);
    };
-  }, [loadProfilesWithUpdateCheck, checkForUpdates]);
+  }, [loadProfilesWithUpdateCheck, checkForUpdates, checkCurrentUrl]);
+
+  // Check permissions when they are initialized
+  useEffect(() => {
+    if (isInitialized) {
+      void checkAllPermissions();
+    }
+  }, [isInitialized]);

  const checkStartupPrompt = async () => {
    // Only check once during app startup to prevent reopening after dismissing notifications
@@ -137,6 +170,42 @@ export default function Home() {
    }
  };

+  const checkAllPermissions = async () => {
+    try {
+      // Wait for permissions to be initialized before checking
+      if (!isInitialized) {
+        return;
+      }
+
+      // Check if any permissions are not granted - prioritize missing permissions
+      if (!isMicrophoneAccessGranted) {
+        setCurrentPermissionType("microphone");
+        setPermissionDialogOpen(true);
+      } else if (!isCameraAccessGranted) {
+        setCurrentPermissionType("camera");
+        setPermissionDialogOpen(true);
+      }
+    } catch (error) {
+      console.error("Failed to check permissions:", error);
+    }
+  };
+
+  const checkNextPermission = () => {
+    try {
+      if (!isMicrophoneAccessGranted) {
+        setCurrentPermissionType("microphone");
+        setPermissionDialogOpen(true);
+      } else if (!isCameraAccessGranted) {
+        setCurrentPermissionType("camera");
+        setPermissionDialogOpen(true);
+      } else {
+        setPermissionDialogOpen(false);
+      }
+    } catch (error) {
+      console.error("Failed to check next permission:", error);
+    }
+  };
+
  const checkStartupUrls = async () => {
    try {
      const hasStartupUrl = await invoke<boolean>(
@@ -236,6 +305,7 @@ export default function Home() {
      name: string;
      browserStr: BrowserTypeString;
      version: string;
+      releaseType: string;
      proxy?: ProxySettings;
    }) => {
      setError(null);
@@ -247,6 +317,7 @@ export default function Home() {
            name: profileData.name,
            browserStr: profileData.browserStr,
            version: profileData.version,
+            releaseType: profileData.releaseType,
          },
        );

@@ -409,7 +480,7 @@ export default function Home() {
  );

  return (
-    <div className="grid grid-rows-[20px_1fr_20px] items-center justify-items-center min-h-screen p-8 gap-8 sm:p-12 font-[family-name:var(--font-geist-sans)]  bg-white dark:bg-black">
+    <div className="grid grid-rows-[20px_1fr_20px] items-center justify-items-center min-h-screen gap-8 font-[family-name:var(--font-geist-sans)]  bg-white dark:bg-black">
      <main className="flex flex-col row-start-2 gap-8 items-center w-full max-w-3xl">
        <Card className="w-full">
          <CardHeader>
@@ -462,7 +533,7 @@ export default function Home() {
              </div>
            </div>
          </CardHeader>
-          <CardContent className="space-y-6">
+          <CardContent>
            <ProfilesDataTable
              data={profiles}
              onLaunchProfile={launchProfile}
@@ -533,6 +604,15 @@ export default function Home() {
          runningProfiles={runningProfiles}
        />
      ))}
+
+      <PermissionDialog
+        isOpen={permissionDialogOpen}
+        onClose={() => {
+          setPermissionDialogOpen(false);
+        }}
+        permissionType={currentPermissionType}
+        onPermissionGranted={checkNextPermission}
+      />
    </div>
  );
 }
@@ -1,6 +1,7 @@
 "use client";

 import { LoadingButton } from "@/components/loading-button";
+import { ReleaseTypeSelector } from "@/components/release-type-selector";
 import { Alert, AlertDescription, AlertTitle } from "@/components/ui/alert";
 import { Button } from "@/components/ui/button";
 import { Checkbox } from "@/components/ui/checkbox";
@@ -12,9 +13,9 @@ import {
  DialogTitle,
 } from "@/components/ui/dialog";
 import { Label } from "@/components/ui/label";
-import { VersionSelector } from "@/components/version-selector";
 import { useBrowserDownload } from "@/hooks/use-browser-download";
-import type { BrowserProfile } from "@/types";
+import { getBrowserDisplayName } from "@/lib/browser-utils";
+import type { BrowserProfile, BrowserReleaseTypes } from "@/types";
 import { invoke } from "@tauri-apps/api/core";
 import { useEffect, useState } from "react";
 import { LuTriangleAlert } from "react-icons/lu";
@@ -32,16 +33,18 @@ export function ChangeVersionDialog({
  profile,
  onVersionChanged,
 }: ChangeVersionDialogProps) {
-  const [selectedVersion, setSelectedVersion] = useState<string | null>(null);
+  const [selectedReleaseType, setSelectedReleaseType] = useState<
+    "stable" | "nightly" | null
+  >(null);
+  const [releaseTypes, setReleaseTypes] = useState<BrowserReleaseTypes>({});
+  const [isLoadingReleaseTypes, setIsLoadingReleaseTypes] = useState(false);
  const [isUpdating, setIsUpdating] = useState(false);
  const [showDowngradeWarning, setShowDowngradeWarning] = useState(false);
  const [acknowledgeDowngrade, setAcknowledgeDowngrade] = useState(false);

  const {
-    availableVersions,
    downloadedVersions,
    isDownloading,
-    loadVersions,
    loadDownloadedVersions,
    downloadBrowser,
    isVersionDownloaded,
@@ -49,49 +52,73 @@ export function ChangeVersionDialog({

  useEffect(() => {
    if (isOpen && profile) {
-      setSelectedVersion(profile.version);
+      // Set current release type based on profile
+      setSelectedReleaseType(profile.release_type as "stable" | "nightly");
      setAcknowledgeDowngrade(false);
-      void loadVersions(profile.browser);
+      void loadReleaseTypes(profile.browser);
      void loadDownloadedVersions(profile.browser);
    }
-  }, [isOpen, profile, loadVersions, loadDownloadedVersions]);
+  }, [isOpen, profile, loadDownloadedVersions]);
+
+  const loadReleaseTypes = async (browser: string) => {
+    setIsLoadingReleaseTypes(true);
+    try {
+      const releaseTypes = await invoke<BrowserReleaseTypes>(
+        "get_browser_release_types",
+        { browserStr: browser },
+      );
+      setReleaseTypes(releaseTypes);
+    } catch (error) {
+      console.error("Failed to load release types:", error);
+    } finally {
+      setIsLoadingReleaseTypes(false);
+    }
+  };

  useEffect(() => {
-    if (profile && selectedVersion) {
-      // Check if this is a downgrade
-      const currentVersionIndex = availableVersions.findIndex(
-        (v) => v.tag_name === profile.version,
-      );
-      const selectedVersionIndex = availableVersions.findIndex(
-        (v) => v.tag_name === selectedVersion,
-      );
-
-      // If selected version has a higher index, it's older (downgrade)
+    if (
+      profile &&
+      selectedReleaseType &&
+      selectedReleaseType !== profile.release_type
+    ) {
+      // For simplicity, we'll show downgrade warning when switching from stable to nightly
+      // since nightly versions might be considered "downgrades" in terms of stability
      const isDowngrade =
-        currentVersionIndex !== -1 &&
-        selectedVersionIndex !== -1 &&
-        selectedVersionIndex > currentVersionIndex;
+        profile.release_type === "stable" && selectedReleaseType === "nightly";
      setShowDowngradeWarning(isDowngrade);

      if (!isDowngrade) {
        setAcknowledgeDowngrade(false);
      }
    }
-  }, [selectedVersion, profile, availableVersions]);
+  }, [selectedReleaseType, profile]);

  const handleDownload = async () => {
-    if (!profile || !selectedVersion) return;
-    await downloadBrowser(profile.browser, selectedVersion);
+    if (!profile || !selectedReleaseType) return;
+
+    const version =
+      selectedReleaseType === "stable"
+        ? releaseTypes.stable
+        : releaseTypes.nightly;
+    if (!version) return;
+
+    await downloadBrowser(profile.browser, version);
  };

  const handleVersionChange = async () => {
-    if (!profile || !selectedVersion) return;
+    if (!profile || !selectedReleaseType) return;
+
+    const version =
+      selectedReleaseType === "stable"
+        ? releaseTypes.stable
+        : releaseTypes.nightly;
+    if (!version) return;

    setIsUpdating(true);
    try {
      await invoke("update_profile_version", {
        profileName: profile.name,
-        version: selectedVersion,
+        version,
      });
      onVersionChanged();
      onClose();
@@ -102,10 +129,15 @@ export function ChangeVersionDialog({
    }
  };

+  const selectedVersion =
+    selectedReleaseType === "stable"
+      ? releaseTypes.stable
+      : releaseTypes.nightly;
+
  const canUpdate =
    profile &&
-    selectedVersion &&
-    selectedVersion !== profile.version &&
+    selectedReleaseType &&
+    selectedReleaseType !== profile.release_type &&
    selectedVersion &&
    isVersionDownloaded(selectedVersion) &&
    (!showDowngradeWarning || acknowledgeDowngrade);
@@ -116,50 +148,129 @@ export function ChangeVersionDialog({
    <Dialog open={isOpen} onOpenChange={onClose}>
      <DialogContent className="max-w-md">
        <DialogHeader>
-          <DialogTitle>Change Browser Version</DialogTitle>
+          <DialogTitle>Change Release Type</DialogTitle>
        </DialogHeader>

        <div className="grid gap-4 py-4">
          <div className="space-y-2">
            <Label className="text-sm font-medium">Profile:</Label>
-            <div className="p-2 bg-muted rounded text-sm">{profile.name}</div>
+            <div className="p-2 text-sm rounded bg-muted">{profile.name}</div>
          </div>

          <div className="space-y-2">
-            <Label className="text-sm font-medium">Current Version:</Label>
-            <div className="p-2 bg-muted rounded text-sm">
-              {profile.version}
+            <Label className="text-sm font-medium">Current Release:</Label>
+            <div className="p-2 text-sm capitalize rounded bg-muted">
+              {profile.release_type} ({profile.version})
            </div>
          </div>

-          {/* Version Selection */}
-          <div className="grid gap-2">
-            <Label>New Version</Label>
-            <VersionSelector
-              selectedVersion={selectedVersion}
-              onVersionSelect={setSelectedVersion}
-              availableVersions={availableVersions}
-              downloadedVersions={downloadedVersions}
-              isDownloading={isDownloading}
-              onDownload={() => {
-                void handleDownload();
-              }}
-              placeholder="Select version..."
-            />
-          </div>
+          {!releaseTypes.stable && !releaseTypes.nightly ? (
+            <Alert>
+              <AlertDescription>
+                No releases are available for{" "}
+                {getBrowserDisplayName(profile.browser)}.
+              </AlertDescription>
+            </Alert>
+          ) : !releaseTypes.stable || !releaseTypes.nightly ? (
+            <div className="space-y-4">
+              <Alert>
+                <AlertDescription>
+                  Only {profile.release_type} releases are available for{" "}
+                  {getBrowserDisplayName(profile.browser)}.
+                </AlertDescription>
+              </Alert>
+              <div className="grid gap-2">
+                <Label>New Release Type</Label>
+                {isLoadingReleaseTypes ? (
+                  <div className="text-sm text-muted-foreground">
+                    Loading release types...
+                  </div>
+                ) : (
+                  <div className="space-y-4">
+                    {selectedReleaseType &&
+                      selectedReleaseType !== profile.release_type &&
+                      selectedVersion &&
+                      !isVersionDownloaded(selectedVersion) && (
+                        <Alert>
+                          <AlertDescription>
+                            You must download{" "}
+                            {getBrowserDisplayName(profile.browser)}{" "}
+                            {selectedVersion} before switching to this release
+                            type. Use the download button above to get the
+                            latest version.
+                          </AlertDescription>
+                        </Alert>
+                      )}
+
+                    <ReleaseTypeSelector
+                      selectedReleaseType={selectedReleaseType}
+                      onReleaseTypeSelect={setSelectedReleaseType}
+                      availableReleaseTypes={releaseTypes}
+                      browser={profile.browser}
+                      isDownloading={isDownloading}
+                      onDownload={() => {
+                        void handleDownload();
+                      }}
+                      placeholder="Select release type..."
+                      downloadedVersions={downloadedVersions}
+                    />
+                  </div>
+                )}
+              </div>
+            </div>
+          ) : (
+            <div className="grid gap-2">
+              <Label>New Release Type</Label>
+              {isLoadingReleaseTypes ? (
+                <div className="text-sm text-muted-foreground">
+                  Loading release types...
+                </div>
+              ) : (
+                <div className="space-y-4">
+                  {selectedReleaseType &&
+                    selectedReleaseType !== profile.release_type &&
+                    selectedVersion &&
+                    !isVersionDownloaded(selectedVersion) && (
+                      <Alert>
+                        <AlertDescription>
+                          You must download{" "}
+                          {getBrowserDisplayName(profile.browser)}{" "}
+                          {selectedVersion} before switching to this release
+                          type. Use the download button above to get the latest
+                          version.
+                        </AlertDescription>
+                      </Alert>
+                    )}
+
+                  <ReleaseTypeSelector
+                    selectedReleaseType={selectedReleaseType}
+                    onReleaseTypeSelect={setSelectedReleaseType}
+                    availableReleaseTypes={releaseTypes}
+                    browser={profile.browser}
+                    isDownloading={isDownloading}
+                    onDownload={() => {
+                      void handleDownload();
+                    }}
+                    placeholder="Select release type..."
+                    downloadedVersions={downloadedVersions}
+                  />
+                </div>
+              )}
+            </div>
+          )}

          {/* Downgrade Warning */}
          {showDowngradeWarning && (
            <Alert className="border-orange-700">
-              <LuTriangleAlert className="h-4 w-4 text-orange-700" />
+              <LuTriangleAlert className="w-4 h-4 text-orange-700" />
              <AlertTitle className="text-orange-700">
-                Downgrade Warning
+                Stability Warning
              </AlertTitle>
              <AlertDescription className="text-orange-700">
-                You are about to downgrade from version {profile.version} to{" "}
-                {selectedVersion}. This may lead to compatibility issues, data
-                loss, or unexpected behavior.
-                <div className="flex items-center space-x-2 mt-3">
+                You are about to switch from stable to nightly releases. Nightly
+                versions may be less stable and could contain bugs or incomplete
+                features.
+                <div className="flex items-center mt-3 space-x-2">
                  <Checkbox
                    id="acknowledge-downgrade"
                    checked={acknowledgeDowngrade}
@@ -187,7 +298,7 @@ export function ChangeVersionDialog({
            }}
            disabled={!canUpdate}
          >
-            {isUpdating ? "Updating..." : "Update Version"}
+            {isUpdating ? "Updating..." : "Update Release Type"}
          </LoadingButton>
        </DialogFooter>
      </DialogContent>
@@ -1,6 +1,7 @@
 "use client";

 import { LoadingButton } from "@/components/loading-button";
+import { ReleaseTypeSelector } from "@/components/release-type-selector";
 import { Button } from "@/components/ui/button";
 import { Checkbox } from "@/components/ui/checkbox";
 import {
@@ -24,14 +25,18 @@ import {
  TooltipContent,
  TooltipTrigger,
 } from "@/components/ui/tooltip";
-import { VersionSelector } from "@/components/version-selector";
 import { useBrowserDownload } from "@/hooks/use-browser-download";
 import { useBrowserSupport } from "@/hooks/use-browser-support";
 import { getBrowserDisplayName } from "@/lib/browser-utils";
-import type { BrowserProfile, ProxySettings } from "@/types";
+import type {
+  BrowserProfile,
+  BrowserReleaseTypes,
+  ProxySettings,
+} from "@/types";
 import { invoke } from "@tauri-apps/api/core";
 import { useEffect, useState } from "react";
 import { toast } from "sonner";
+import { Alert, AlertDescription } from "./ui/alert";

 type BrowserTypeString =
  | "mullvad-browser"
@@ -49,6 +54,7 @@ interface CreateProfileDialogProps {
    name: string;
    browserStr: BrowserTypeString;
    version: string;
+    releaseType: string;
    proxy?: ProxySettings;
  }) => Promise<void>;
 }
@@ -61,25 +67,32 @@ export function CreateProfileDialog({
  const [profileName, setProfileName] = useState("");
  const [selectedBrowser, setSelectedBrowser] =
    useState<BrowserTypeString | null>("mullvad-browser");
-  const [selectedVersion, setSelectedVersion] = useState<string | null>(null);
+  const [selectedReleaseType, setSelectedReleaseType] = useState<
+    "stable" | "nightly" | null
+  >(null);
+  const [releaseTypes, setReleaseTypes] = useState<BrowserReleaseTypes>({
+    stable: undefined,
+    nightly: undefined,
+  });
  const [isCreating, setIsCreating] = useState(false);
  const [existingProfiles, setExistingProfiles] = useState<BrowserProfile[]>(
    [],
  );
+  const [isLoadingReleaseTypes, setIsLoadingReleaseTypes] = useState(false);

  // Proxy settings
  const [proxyEnabled, setProxyEnabled] = useState(false);
  const [proxyType, setProxyType] = useState("http");
  const [proxyHost, setProxyHost] = useState("");
  const [proxyPort, setProxyPort] = useState(8080);
+  const [proxyUsername, setProxyUsername] = useState("");
+  const [proxyPassword, setProxyPassword] = useState("");

  const {
-    availableVersions,
-    downloadedVersions,
-    isDownloading,
-    loadVersions,
-    loadDownloadedVersions,
    downloadBrowser,
+    isDownloading,
+    downloadedVersions,
+    loadDownloadedVersions,
    isVersionDownloaded,
  } = useBrowserDownload();

@@ -108,29 +121,26 @@ export function CreateProfileDialog({

  useEffect(() => {
    if (isOpen && selectedBrowser) {
-      // Reset selected version when browser changes
-      setSelectedVersion(null);
-      void loadVersions(selectedBrowser);
+      // Reset selected release type when browser changes
+      setSelectedReleaseType(null);
+      void loadReleaseTypes(selectedBrowser);
      void loadDownloadedVersions(selectedBrowser);
    }
-  }, [isOpen, selectedBrowser, loadVersions, loadDownloadedVersions]);
+  }, [isOpen, selectedBrowser, loadDownloadedVersions]);

-  // Set default version when versions are loaded and no version is selected
+  // Set default release type when release types are loaded
  useEffect(() => {
-    if (availableVersions.length > 0 && selectedBrowser) {
-      // Always reset version when browser changes or versions are loaded
-      // Find the latest stable version (not alpha/beta)
-      const stableVersions = availableVersions.filter((v) => !v.is_nightly);
-
-      if (stableVersions.length > 0) {
-        // Select the first stable version (they're already sorted newest first)
-        setSelectedVersion(stableVersions[0].tag_name);
-      } else if (availableVersions.length > 0) {
-        // If no stable version found, select the first available version
-        setSelectedVersion(availableVersions[0].tag_name);
+    if (!selectedReleaseType && Object.keys(releaseTypes).length > 0) {
+      // First try to set stable if it exists
+      if (releaseTypes.stable) {
+        setSelectedReleaseType("stable");
+      }
+      // If stable doesn't exist but nightly does, set nightly as default
+      else if (releaseTypes.nightly && selectedBrowser !== "chromium") {
+        setSelectedReleaseType("nightly");
      }
    }
-  }, [availableVersions, selectedBrowser]);
+  }, [releaseTypes, selectedReleaseType, selectedBrowser]);

  const loadExistingProfiles = async () => {
    try {
@@ -141,9 +151,34 @@ export function CreateProfileDialog({
    }
  };

+  const loadReleaseTypes = async (browser: string) => {
+    try {
+      setIsLoadingReleaseTypes(true);
+      const types = await invoke<BrowserReleaseTypes>(
+        "get_browser_release_types",
+        {
+          browserStr: browser,
+        },
+      );
+      setReleaseTypes(types);
+    } catch (error) {
+      console.error("Failed to load release types:", error);
+      toast.error("Failed to load available versions");
+    } finally {
+      setIsLoadingReleaseTypes(false);
+    }
+  };
+
  const handleDownload = async () => {
-    if (!selectedBrowser || !selectedVersion) return;
-    await downloadBrowser(selectedBrowser, selectedVersion);
+    if (!selectedBrowser || !selectedReleaseType) return;
+
+    const version =
+      selectedReleaseType === "stable"
+        ? releaseTypes.stable
+        : releaseTypes.nightly;
+    if (!version) return;
+
+    await downloadBrowser(selectedBrowser, version);
  };

  const validateProfileName = (name: string): string | null => {
@@ -176,7 +211,7 @@ export function CreateProfileDialog({
  }, [selectedBrowser, proxyEnabled]);

  const handleCreate = async () => {
-    if (!profileName.trim() || !selectedBrowser || !selectedVersion) return;
+    if (!profileName.trim() || !selectedBrowser || !selectedReleaseType) return;

    // Validate profile name
    const nameError = validateProfileName(profileName);
@@ -185,6 +220,15 @@ export function CreateProfileDialog({
      return;
    }

+    const version =
+      selectedReleaseType === "stable"
+        ? releaseTypes.stable
+        : releaseTypes.nightly;
+    if (!version) {
+      toast.error("Selected release type is not available");
+      return;
+    }
+
    setIsCreating(true);
    try {
      const proxy =
@@ -194,22 +238,27 @@ export function CreateProfileDialog({
              proxy_type: proxyType,
              host: proxyHost,
              port: proxyPort,
+              username: proxyUsername || undefined,
+              password: proxyPassword || undefined,
            }
          : undefined;

      await onCreateProfile({
        name: profileName.trim(),
        browserStr: selectedBrowser,
-        version: selectedVersion,
+        version,
+        releaseType: selectedReleaseType,
        proxy,
      });

      // Reset form
      setProfileName("");
-      setSelectedVersion(null);
+      setSelectedReleaseType(null);
      setProxyEnabled(false);
      setProxyHost("");
      setProxyPort(8080);
+      setProxyUsername("");
+      setProxyPassword("");
      onClose();
    } catch (error) {
      console.error("Failed to create profile:", error);
@@ -221,9 +270,16 @@ export function CreateProfileDialog({
  const nameError = profileName.trim()
    ? validateProfileName(profileName)
    : null;
+
+  const selectedVersion =
+    selectedReleaseType === "stable"
+      ? releaseTypes.stable
+      : releaseTypes.nightly;
+
  const canCreate =
    profileName.trim() &&
    selectedBrowser &&
+    selectedReleaseType &&
    selectedVersion &&
    isVersionDownloaded(selectedVersion) &&
    (!proxyEnabled || isProxyDisabled || (proxyHost && proxyPort)) &&
@@ -231,12 +287,12 @@ export function CreateProfileDialog({

  return (
    <Dialog open={isOpen} onOpenChange={onClose}>
-      <DialogContent className="max-w-md">
-        <DialogHeader>
+      <DialogContent className="max-w-md max-h-[80vh] my-8 flex flex-col">
+        <DialogHeader className="flex-shrink-0">
          <DialogTitle>Create New Profile</DialogTitle>
        </DialogHeader>

-        <div className="grid gap-4 py-4">
+        <div className="grid overflow-y-scroll flex-1 gap-6 py-4 min-h-0">
          {/* Profile Name */}
          <div className="grid gap-2">
            <Label htmlFor="profile-name">Profile Name</Label>
@@ -316,21 +372,48 @@ export function CreateProfileDialog({
            </Select>
          </div>

-          {/* Version Selection */}
-          <div className="grid gap-2">
-            <Label>Version</Label>
-            <VersionSelector
-              selectedVersion={selectedVersion}
-              onVersionSelect={setSelectedVersion}
-              availableVersions={availableVersions}
-              downloadedVersions={downloadedVersions}
-              isDownloading={isDownloading}
-              onDownload={() => {
-                void handleDownload();
-              }}
-              placeholder="Select version..."
-            />
-          </div>
+          {selectedBrowser ? (
+            <div className="grid gap-2">
+              <Label>Release Type</Label>
+              {isLoadingReleaseTypes ? (
+                <div className="text-sm text-muted-foreground">
+                  Loading release types...
+                </div>
+              ) : Object.keys(releaseTypes).length === 0 ? (
+                <Alert>
+                  <AlertDescription>
+                    No releases are available for{" "}
+                    {getBrowserDisplayName(selectedBrowser)}.
+                  </AlertDescription>
+                </Alert>
+              ) : (
+                <div className="space-y-4">
+                  {(!releaseTypes.stable || !releaseTypes.nightly) && (
+                    <Alert>
+                      <AlertDescription>
+                        Only {(releaseTypes.stable && "Stable") ?? "Nightly"}{" "}
+                        releases are available for{" "}
+                        {getBrowserDisplayName(selectedBrowser)}.
+                      </AlertDescription>
+                    </Alert>
+                  )}
+
+                  <ReleaseTypeSelector
+                    selectedReleaseType={selectedReleaseType}
+                    onReleaseTypeSelect={setSelectedReleaseType}
+                    availableReleaseTypes={releaseTypes}
+                    browser={selectedBrowser}
+                    isDownloading={isDownloading}
+                    onDownload={() => {
+                      void handleDownload();
+                    }}
+                    placeholder="Select release type..."
+                    downloadedVersions={downloadedVersions}
+                  />
+                </div>
+              )}
+            </div>
+          ) : null}

          {/* Proxy Settings */}
          <div className="grid gap-4 pt-4 border-t">
@@ -414,6 +497,31 @@ export function CreateProfileDialog({
                    max="65535"
                  />
                </div>
+
+                <div className="grid gap-2">
+                  <Label htmlFor="proxy-username">Username (optional)</Label>
+                  <Input
+                    id="proxy-username"
+                    value={proxyUsername}
+                    onChange={(e) => {
+                      setProxyUsername(e.target.value);
+                    }}
+                    placeholder="Proxy username"
+                  />
+                </div>
+
+                <div className="grid gap-2">
+                  <Label htmlFor="proxy-password">Password (optional)</Label>
+                  <Input
+                    id="proxy-password"
+                    type="password"
+                    value={proxyPassword}
+                    onChange={(e) => {
+                      setProxyPassword(e.target.value);
+                    }}
+                    placeholder="Proxy password"
+                  />
+                </div>
              </>
            )}
          </div>
@@ -10,6 +10,7 @@
 * - Progress bars for downloads/updates
 * - Success/error states
 * - Customizable icons and content
+ * - Auto-update notifications
 *
 * Usage Examples:
 *
@@ -23,6 +24,11 @@
 * });
 * ```
 *
+ * Auto-update toast:
+ * ```
+ * showAutoUpdateToast("Firefox", "125.0.1");
+ * ```
+ *
 * Download progress toast:
 * ```
 * showToast({
@@ -47,6 +53,7 @@ import {
  LuCheckCheck,
  LuDownload,
  LuRefreshCw,
+  LuRocket,
  LuTriangleAlert,
 } from "react-icons/lu";

@@ -90,6 +97,7 @@ interface VersionUpdateToastProps extends BaseToastProps {
    current: number;
    total: number;
    found: number;
+    current_browser?: string;
  };
 }

@@ -138,6 +146,10 @@ function getToastIcon(type: ToastProps["type"], stage?: string) {
      return (
        <LuRefreshCw className="flex-shrink-0 w-4 h-4 text-purple-500 animate-spin" />
      );
+    case "loading":
+      return (
+        <div className="flex-shrink-0 w-4 h-4 rounded-full border-2 border-blue-500 animate-spin border-t-transparent" />
+      );
    default:
      return (
        <div className="flex-shrink-0 w-4 h-4 rounded-full border-2 border-blue-500 animate-spin border-t-transparent" />
@@ -150,11 +162,33 @@ export function UnifiedToast(props: ToastProps) {
  const stage = "stage" in props ? props.stage : undefined;
  const progress = "progress" in props ? props.progress : undefined;

+  // Check if this is an auto-update toast
+  const isAutoUpdate = title.includes("update started");
+
  return (
-    <div className="flex items-start p-3 w-full bg-white rounded-lg border border-gray-200 shadow-lg dark:bg-gray-800 dark:border-gray-700">
-      <div className="mr-3 mt-0.5">{getToastIcon(type, stage)}</div>
+    <div
+      className={`flex items-start p-3 w-96 rounded-lg border shadow-lg ${
+        isAutoUpdate
+          ? "bg-emerald-50 border-emerald-200 dark:bg-emerald-950 dark:border-emerald-800"
+          : "bg-white border-gray-200 dark:bg-gray-800 dark:border-gray-700"
+      }`}
+      data-toast-type={isAutoUpdate ? "auto-update" : "default"}
+    >
+      <div className="mr-3 mt-0.5">
+        {isAutoUpdate ? (
+          <LuRocket className="flex-shrink-0 w-4 h-4 text-emerald-500" />
+        ) : (
+          getToastIcon(type, stage)
+        )}
+      </div>
      <div className="flex-1 min-w-0">
-        <p className="text-sm font-medium leading-tight text-gray-900 dark:text-white">
+        <p
+          className={`text-sm font-medium leading-tight ${
+            isAutoUpdate
+              ? "text-emerald-900 dark:text-emerald-100"
+              : "text-gray-900 dark:text-white"
+          }`}
+        >
          {title}
        </p>

@@ -181,26 +215,30 @@ export function UnifiedToast(props: ToastProps) {
          )}

        {/* Version update progress */}
-        {type === "version-update" && progress && "found" in progress && (
-          <div className="mt-2 space-y-1">
-            <p className="text-xs text-gray-600 dark:text-gray-300">
-              {progress.found} new versions found so far
-            </p>
-            <div className="flex items-center space-x-2">
-              <div className="flex-1 bg-gray-200 dark:bg-gray-700 rounded-full h-1.5 min-w-0">
-                <div
-                  className="bg-blue-500 h-1.5 rounded-full transition-all duration-300"
-                  style={{
-                    width: `${(progress.current / progress.total) * 100}%`,
-                  }}
-                />
+        {type === "version-update" &&
+          progress &&
+          "current_browser" in progress && (
+            <div className="mt-2 space-y-1">
+              <p className="text-xs text-gray-600 dark:text-gray-300">
+                {progress.current_browser && (
+                  <>Looking for updates for {progress.current_browser}</>
+                )}
+              </p>
+              <div className="flex items-center space-x-2">
+                <div className="flex-1 bg-gray-200 dark:bg-gray-700 rounded-full h-1.5 min-w-0">
+                  <div
+                    className="bg-blue-500 h-1.5 rounded-full transition-all duration-300"
+                    style={{
+                      width: `${(progress.current / progress.total) * 100}%`,
+                    }}
+                  />
+                </div>
+                <span className="w-8 text-xs text-right text-gray-500 whitespace-nowrap dark:text-gray-400 shrink-0">
+                  {progress.current}/{progress.total}
+                </span>
              </div>
-              <span className="w-8 text-xs text-right text-gray-500 whitespace-nowrap dark:text-gray-400 shrink-0">
-                {progress.current}/{progress.total}
-              </span>
            </div>
-          </div>
-        )}
+          )}

        {/* Twilight update progress */}
        {type === "twilight-update" && (
@@ -220,7 +258,13 @@ export function UnifiedToast(props: ToastProps) {

        {/* Description */}
        {description && (
-          <p className="mt-1 text-xs leading-tight text-gray-600 dark:text-gray-300">
+          <p
+            className={`mt-1 text-xs leading-tight ${
+              isAutoUpdate
+                ? "text-emerald-700 dark:text-emerald-300"
+                : "text-gray-600 dark:text-gray-300"
+            }`}
+          >
            {description}
          </p>
        )}
@@ -0,0 +1,24 @@
+export const ZenBrowser = (props: React.SVGProps<SVGSVGElement>) => (
+  <svg
+    xmlns="http://www.w3.org/2000/svg"
+    width={24}
+    height={24}
+    role="graphics-symbol img"
+    fill="currentColor"
+    viewBox="0 0 24 24"
+    {...props}
+  >
+    <path
+      d="M12 8.15c-2.12 0-3.85 1.72-3.85 3.85s1.72 3.85 3.85 3.85 3.85-1.72 3.85-3.85S14.13 8.15 12 8.15m0 6.92c-1.7 0-3.08-1.38-3.08-3.08S10.3 8.91 12 8.91s3.08 1.38 3.08 3.08-1.38 3.08-3.08 3.08"
+      className="b"
+    />
+    <path
+      d="M12 5.33c-3.68 0-6.67 2.98-6.67 6.67s2.98 6.67 6.67 6.67 6.67-2.98 6.67-6.67S15.69 5.33 12 5.33m0 12.05c-2.97 0-5.38-2.41-5.38-5.38S9.03 6.62 12 6.62s5.38 2.41 5.38 5.38-2.41 5.38-5.38 5.38"
+      className="b"
+    />
+    <path
+      d="M12 2C6.48 2 2 6.48 2 12s4.48 10 10 10 10-4.48 10-10S17.52 2 12 2m0 18.2c-4.53 0-8.21-3.67-8.21-8.2S7.47 3.79 12 3.79s8.21 3.67 8.21 8.21-3.67 8.2-8.21 8.2"
+      className="b"
+    />
+  </svg>
+);
@@ -0,0 +1,170 @@
+"use client";
+
+import { LoadingButton } from "@/components/loading-button";
+import { Button } from "@/components/ui/button";
+import {
+  Dialog,
+  DialogContent,
+  DialogDescription,
+  DialogFooter,
+  DialogHeader,
+  DialogTitle,
+} from "@/components/ui/dialog";
+import { usePermissions } from "@/hooks/use-permissions";
+import type { PermissionType } from "@/hooks/use-permissions";
+import { showErrorToast, showSuccessToast } from "@/lib/toast-utils";
+import { useEffect, useState } from "react";
+import { BsCamera, BsMic } from "react-icons/bs";
+
+interface PermissionDialogProps {
+  isOpen: boolean;
+  onClose: () => void;
+  permissionType: PermissionType;
+  onPermissionGranted?: () => void;
+}
+
+export function PermissionDialog({
+  isOpen,
+  onClose,
+  permissionType,
+  onPermissionGranted,
+}: PermissionDialogProps) {
+  const [isRequesting, setIsRequesting] = useState(false);
+  const [isMacOS, setIsMacOS] = useState(false);
+  const {
+    requestPermission,
+    isMicrophoneAccessGranted,
+    isCameraAccessGranted,
+  } = usePermissions();
+
+  // Check if we're on macOS and close dialog if not
+  useEffect(() => {
+    const userAgent = navigator.userAgent;
+    const isMac = userAgent.includes("Mac");
+    setIsMacOS(isMac);
+
+    // If not macOS, close the dialog as permissions aren't needed
+    if (!isMac) {
+      onClose();
+    }
+  }, [onClose]);
+
+  // Get current permission status
+  const isCurrentPermissionGranted =
+    permissionType === "microphone"
+      ? isMicrophoneAccessGranted
+      : isCameraAccessGranted;
+
+  // Auto-close dialog when permission is granted
+  useEffect(() => {
+    if (isCurrentPermissionGranted && isOpen) {
+      onPermissionGranted?.();
+    }
+  }, [isCurrentPermissionGranted, isOpen, onPermissionGranted]);
+
+  const getPermissionIcon = (type: PermissionType) => {
+    switch (type) {
+      case "microphone":
+        return <BsMic className="w-8 h-8" />;
+      case "camera":
+        return <BsCamera className="w-8 h-8" />;
+    }
+  };
+
+  const getPermissionTitle = (type: PermissionType) => {
+    switch (type) {
+      case "microphone":
+        return "Microphone Access Required";
+      case "camera":
+        return "Camera Access Required";
+    }
+  };
+
+  const getPermissionDescription = (type: PermissionType) => {
+    switch (type) {
+      case "microphone":
+        return "Donut Browser needs access to your microphone to enable microphone functionality in web browsers. Each website that wants to use your microphone will still ask for your permission individually.";
+      case "camera":
+        return "Donut Browser needs access to your camera to enable camera functionality in web browsers. Each website that wants to use your camera will still ask for your permission individually.";
+    }
+  };
+
+  const handleRequestPermission = async () => {
+    setIsRequesting(true);
+    try {
+      await requestPermission(permissionType);
+      showSuccessToast(
+        `${getPermissionTitle(permissionType).replace(
+          " Required",
+          "",
+        )} permission requested`,
+      );
+    } catch (error) {
+      console.error("Failed to request permission:", error);
+      showErrorToast("Failed to request permission");
+    } finally {
+      setIsRequesting(false);
+    }
+  };
+
+  // Don't render if not macOS
+  if (!isMacOS) {
+    return null;
+  }
+
+  return (
+    <Dialog open={isOpen} onOpenChange={onClose}>
+      <DialogContent className="max-w-md">
+        <DialogHeader className="text-center">
+          <div className="flex justify-center items-center mx-auto mb-4 w-16 h-16 bg-blue-100 rounded-full dark:bg-blue-900">
+            {getPermissionIcon(permissionType)}
+          </div>
+          <DialogTitle className="text-xl">
+            {getPermissionTitle(permissionType)}
+          </DialogTitle>
+          <DialogDescription className="text-base">
+            {getPermissionDescription(permissionType)}
+          </DialogDescription>
+        </DialogHeader>
+
+        <div className="space-y-4">
+          {isCurrentPermissionGranted && (
+            <div className="p-3 bg-green-50 rounded-lg dark:bg-green-900/20">
+              <p className="text-sm text-green-800 dark:text-green-200">
+                ✅ Permission granted! Browsers launched from Donut Browser can
+                now access your {permissionType}.
+              </p>
+            </div>
+          )}
+
+          {!isCurrentPermissionGranted && (
+            <div className="p-3 bg-amber-50 rounded-lg dark:bg-amber-900/20">
+              <p className="text-sm text-amber-800 dark:text-amber-200">
+                ⚠️ Permission not granted. Click the button below to request
+                access to your {permissionType}.
+              </p>
+            </div>
+          )}
+        </div>
+
+        <DialogFooter className="gap-2">
+          <Button variant="outline" onClick={onClose}>
+            {isCurrentPermissionGranted ? "Done" : "Cancel"}
+          </Button>
+
+          {!isCurrentPermissionGranted && (
+            <LoadingButton
+              isLoading={isRequesting}
+              onClick={() => {
+                handleRequestPermission().catch(console.error);
+              }}
+              className="min-w-24"
+            >
+              Grant Access
+            </LoadingButton>
+          )}
+        </DialogFooter>
+      </DialogContent>
+    </Dialog>
+  );
+}
@@ -1,6 +1,5 @@
 "use client";

-import { Badge } from "@/components/ui/badge";
 import { Button } from "@/components/ui/button";
 import {
  Dialog,
@@ -164,7 +163,7 @@ export function ProfilesDataTable({
          const isDisabled = shouldDisableTorStart || isBrowserUpdating;

          return (
-            <div className="flex items-center gap-2">
+            <div className="flex gap-2 items-center">
              <Tooltip>
                <TooltipTrigger asChild>
                  <Button
@@ -206,21 +205,34 @@ export function ProfilesDataTable({
              onClick={() => {
                column.toggleSorting(column.getIsSorted() === "asc");
              }}
-              className="h-auto p-0 font-semibold hover:bg-transparent"
+              className="p-0 h-auto font-semibold hover:bg-transparent"
            >
              Profile
-              {isSorted === "asc" && <LuChevronUp className="ml-2 h-4 w-4" />}
+              {isSorted === "asc" && <LuChevronUp className="ml-2 w-4 h-4" />}
              {isSorted === "desc" && (
-                <LuChevronDown className="ml-2 h-4 w-4" />
+                <LuChevronDown className="ml-2 w-4 h-4" />
              )}
              {!isSorted && (
-                <LuChevronDown className="ml-2 h-4 w-4 opacity-50" />
+                <LuChevronDown className="ml-2 w-4 h-4 opacity-50" />
              )}
            </Button>
          );
        },
        enableSorting: true,
        sortingFn: "alphanumeric",
+        cell: ({ row }) => {
+          const profile = row.original;
+          return profile.name.length > 15 ? (
+            <Tooltip>
+              <TooltipTrigger asChild>
+                <span className="truncate">{profile.name.slice(0, 15)}...</span>
+              </TooltipTrigger>
+              <TooltipContent>{profile.name}</TooltipContent>
+            </Tooltip>
+          ) : (
+            profile.name
+          );
+        },
      },
      {
        accessorKey: "browser",
@@ -232,15 +244,15 @@ export function ProfilesDataTable({
              onClick={() => {
                column.toggleSorting(column.getIsSorted() === "asc");
              }}
-              className="h-auto p-0 font-semibold hover:bg-transparent"
+              className="p-0 h-auto font-semibold hover:bg-transparent"
            >
              Browser
-              {isSorted === "asc" && <LuChevronUp className="ml-2 h-4 w-4" />}
+              {isSorted === "asc" && <LuChevronUp className="ml-2 w-4 h-4" />}
              {isSorted === "desc" && (
-                <LuChevronDown className="ml-2 h-4 w-4" />
+                <LuChevronDown className="ml-2 w-4 h-4" />
              )}
              {!isSorted && (
-                <LuChevronDown className="ml-2 h-4 w-4 opacity-50" />
+                <LuChevronDown className="ml-2 w-4 h-4 opacity-50" />
              )}
            </Button>
          );
@@ -248,10 +260,21 @@ export function ProfilesDataTable({
        cell: ({ row }) => {
          const browser: string = row.getValue("browser");
          const IconComponent = getBrowserIcon(browser);
-          return (
-            <div className="flex items-center gap-2">
-              {IconComponent && <IconComponent className="h-4 w-4" />}
-              <span>{getBrowserDisplayName(browser)}</span>
+          const browserDisplayName = getBrowserDisplayName(browser);
+          return browserDisplayName.length > 15 ? (
+            <Tooltip>
+              <TooltipTrigger asChild>
+                <div className="flex gap-2 items-center">
+                  {IconComponent && <IconComponent className="w-4 h-4" />}
+                  <span>{browserDisplayName.slice(0, 15)}...</span>
+                </div>
+              </TooltipTrigger>
+              <TooltipContent>{browserDisplayName}</TooltipContent>
+            </Tooltip>
+          ) : (
+            <div className="flex gap-2 items-center">
+              {IconComponent && <IconComponent className="w-4 h-4" />}
+              <span>{browserDisplayName}</span>
            </div>
          );
        },
@@ -263,67 +286,33 @@ export function ProfilesDataTable({
        },
      },
      {
-        accessorKey: "version",
-        header: "Version",
-      },
-      {
-        id: "status",
-        header: ({ column }) => {
-          const isSorted = column.getIsSorted();
-          return (
-            <Button
-              variant="ghost"
-              onClick={() => {
-                column.toggleSorting(column.getIsSorted() === "asc");
-              }}
-              className="h-auto p-0 font-semibold hover:bg-transparent"
-            >
-              Status
-              {isSorted === "asc" && <LuChevronUp className="ml-2 h-4 w-4" />}
-              {isSorted === "desc" && (
-                <LuChevronDown className="ml-2 h-4 w-4" />
-              )}
-              {!isSorted && (
-                <LuChevronDown className="ml-2 h-4 w-4 opacity-50" />
-              )}
-            </Button>
-          );
-        },
+        accessorKey: "release_type",
+        header: "Release",
        cell: ({ row }) => {
-          const profile = row.original;
-          const isRunning = isClient && runningProfiles.has(profile.name);
+          const releaseType: string = row.getValue("release_type");
+          const isNightly = releaseType === "nightly";
          return (
-            <div className="flex flex-col gap-1">
-              <Badge
-                variant={isRunning ? "default" : "secondary"}
-                className="text-xs w-fit"
+            <div className="flex items-center">
+              <span
+                className={`inline-flex items-center px-2 py-1 rounded-full text-xs font-medium ${
+                  isNightly
+                    ? "text-yellow-800 bg-yellow-100 dark:bg-yellow-900 dark:text-yellow-200"
+                    : "text-green-800 bg-green-100 dark:bg-green-900 dark:text-green-200"
+                }`}
              >
-                {isClient ? (isRunning ? "Running" : "Stopped") : "Loading..."}
-              </Badge>
-              {isClient && isRunning && profile.process_id && (
-                <span className="text-xs text-muted-foreground">
-                  PID: {profile.process_id}
-                </span>
-              )}
+                {isNightly ? "Nightly" : "Stable"}
+              </span>
            </div>
          );
        },
        enableSorting: true,
-        sortingFn: (rowA, rowB) => {
-          // If not on client, sort by name only to ensure consistency
-          if (!isClient) {
-            return rowA.original.name.localeCompare(rowB.original.name);
-          }
-
-          const isRunningA = runningProfiles.has(rowA.original.name);
-          const isRunningB = runningProfiles.has(rowB.original.name);
-
-          // Running profiles come first, then stopped ones
-          // Secondary sort by profile name
-          if (isRunningA === isRunningB) {
-            return rowA.original.name.localeCompare(rowB.original.name);
-          }
-          return isRunningA ? -1 : 1;
+        sortingFn: (rowA, rowB, columnId) => {
+          const releaseA: string = rowA.getValue(columnId);
+          const releaseB: string = rowB.getValue(columnId);
+          // Sort with "stable" before "nightly"
+          if (releaseA === "stable" && releaseB === "nightly") return -1;
+          if (releaseA === "nightly" && releaseB === "stable") return 1;
+          return 0;
        },
      },
      {
@@ -332,24 +321,30 @@ export function ProfilesDataTable({
        cell: ({ row }) => {
          const profile = row.original;
          const hasProxy = profile.proxy?.enabled;
+          const regularText = hasProxy ? profile.proxy?.proxy_type : "Disabled";
+          const regularTooltipText = hasProxy
+            ? `${profile.proxy?.proxy_type.toUpperCase()} proxy enabled (${
+                profile.proxy?.host
+              }:${profile.proxy?.port})`
+            : "No proxy configured";
          return (
            <Tooltip>
              <TooltipTrigger>
-                <div className="flex items-center gap-2">
+                <div className="flex gap-2 items-center">
                  {hasProxy && (
-                    <CiCircleCheck className="h-4 w-4 text-green-500" />
+                    <CiCircleCheck className="w-4 h-4 text-green-500" />
                  )}
                  <span className="text-sm text-muted-foreground">
-                    {hasProxy ? profile.proxy?.proxy_type : "Disabled"}
+                    {profile.browser === "tor-browser"
+                      ? "Not supported"
+                      : regularText}
                  </span>
                </div>
              </TooltipTrigger>
              <TooltipContent>
-                {hasProxy
-                  ? `${profile.proxy?.proxy_type.toUpperCase()} proxy enabled (${
-                      profile.proxy?.host
-                    }:${profile.proxy?.port})`
-                  : "No proxy configured"}
+                {profile.browser === "tor-browser"
+                  ? "Proxies are not supported for TOR browser"
+                  : regularTooltipText}
              </TooltipContent>
            </Tooltip>
          );
@@ -363,16 +358,16 @@ export function ProfilesDataTable({
          const isRunning = isClient && runningProfiles.has(profile.name);
          const isBrowserUpdating = isClient && isUpdating(profile.browser);
          return (
-            <div className="flex items-center justify-end">
+            <div className="flex justify-end items-center">
              <DropdownMenu>
                <DropdownMenuTrigger asChild>
                  <Button
                    variant="ghost"
-                    className="h-8 w-8 p-0"
+                    className="p-0 w-8 h-8"
                    disabled={!isClient}
                  >
                    <span className="sr-only">Open menu</span>
-                    <IoEllipsisHorizontal className="h-4 w-4" />
+                    <IoEllipsisHorizontal className="w-4 h-4" />
                  </Button>
                </DropdownMenuTrigger>
                <DropdownMenuContent align="end">
@@ -384,16 +379,18 @@ export function ProfilesDataTable({
                    }}
                    disabled={!isClient || isBrowserUpdating}
                  >
-                    Configure proxy
-                  </DropdownMenuItem>
-                  <DropdownMenuItem
-                    onClick={() => {
-                      onChangeVersion(profile);
-                    }}
-                    disabled={!isClient || isRunning || isBrowserUpdating}
-                  >
-                    Change version
+                    Configure Proxy
                  </DropdownMenuItem>
+                  {!["chromium", "zen"].includes(profile.browser) && (
+                    <DropdownMenuItem
+                      onClick={() => {
+                        onChangeVersion(profile);
+                      }}
+                      disabled={!isClient || isRunning || isBrowserUpdating}
+                    >
+                      Switch Release
+                    </DropdownMenuItem>
+                  )}
                  <DropdownMenuItem
                    onClick={() => {
                      setProfileToRename(profile);
@@ -511,7 +508,7 @@ export function ProfilesDataTable({
            <DialogTitle>Rename Profile</DialogTitle>
          </DialogHeader>
          <div className="grid gap-4 py-4">
-            <div className="grid grid-cols-4 items-center gap-4">
+            <div className="grid grid-cols-4 gap-4 items-center">
              <Label htmlFor="name" className="text-right">
                Name
              </Label>
@@ -573,6 +570,11 @@ export function ProfilesDataTable({
                  setDeleteConfirmationName(e.target.value);
                  setDeleteError(null);
                }}
+                onKeyDown={(e) => {
+                  if (e.key === "Enter") {
+                    void handleDelete();
+                  }
+                }}
                placeholder="Type the profile name here"
              />
            </div>
@@ -138,10 +138,6 @@ export function ProfileSelectorDialog({
    const isRunning = runningProfiles.has(profile.name);

    if (profile.browser === "tor-browser") {
-      const runningTorProfiles = profiles.filter(
-        (p) => p.browser === "tor-browser" && runningProfiles.has(p.name),
-      );
-
      // If another TOR profile is running, this one is not available
      return "Only 1 instance can run at a time";
    }
@@ -195,9 +191,6 @@ export function ProfileSelectorDialog({
  };

  const selectedProfileData = profiles.find((p) => p.name === selectedProfile);
-  const isSelectedProfileRunning = selectedProfile
-    ? runningProfiles.has(selectedProfile)
-    : false;

  // Check if the selected profile can be used for opening links
  const canOpenWithSelectedProfile = () => {
@@ -225,19 +218,19 @@ export function ProfileSelectorDialog({
        <div className="grid gap-4 py-4">
          {url && (
            <div className="space-y-2">
-              <div className="flex items-center justify-between">
+              <div className="flex justify-between items-center">
                <Label className="text-sm font-medium">Opening URL:</Label>
                <Button
                  variant="outline"
                  size="sm"
                  onClick={() => void handleCopyUrl()}
-                  className="flex items-center gap-2"
+                  className="flex gap-2 items-center"
                >
-                  <LuCopy className="h-3 w-3" />
+                  <LuCopy className="w-3 h-3" />
                  Copy
                </Button>
              </div>
-              <div className="p-2 bg-muted rounded text-sm break-all">
+              <div className="p-2 text-sm break-all rounded bg-muted">
                {url}
              </div>
            </div>
@@ -290,14 +283,14 @@ export function ProfileSelectorDialog({
                                  !canUseForLinks ? "opacity-50" : ""
                                }`}
                              >
-                                <div className="flex items-center gap-3 py-1 px-2 rounded-lg hover:bg-accent cursor-pointer">
-                                  <div className="flex items-center gap-2">
+                                <div className="flex gap-3 items-center px-2 py-1 rounded-lg cursor-pointer hover:bg-accent">
+                                  <div className="flex gap-2 items-center">
                                    {(() => {
                                      const IconComponent = getBrowserIcon(
                                        profile.browser,
                                      );
                                      return IconComponent ? (
-                                        <IconComponent className="h-4 w-4" />
+                                        <IconComponent className="w-4 h-4" />
                                      ) : null;
                                    })()}
                                  </div>
@@ -30,6 +30,8 @@ interface ProxySettings {
  proxy_type: string;
  host: string;
  port: number;
+  username?: string;
+  password?: string;
 }

 interface ProxySettingsDialogProps {
@@ -52,6 +54,8 @@ export function ProxySettingsDialog({
    proxy_type: initialSettings?.proxy_type ?? "http",
    host: initialSettings?.host ?? "",
    port: initialSettings?.port ?? 8080,
+    username: initialSettings?.username ?? "",
+    password: initialSettings?.password ?? "",
  });

  const [initialSettingsState, setInitialSettingsState] =
@@ -60,6 +64,8 @@ export function ProxySettingsDialog({
      proxy_type: "http",
      host: "",
      port: 8080,
+      username: "",
+      password: "",
    });

  useEffect(() => {
@@ -69,6 +75,8 @@ export function ProxySettingsDialog({
        proxy_type: initialSettings.proxy_type,
        host: initialSettings.host,
        port: initialSettings.port,
+        username: initialSettings.username ?? "",
+        password: initialSettings.password ?? "",
      };
      setSettings(newSettings);
      setInitialSettingsState(newSettings);
@@ -78,6 +86,8 @@ export function ProxySettingsDialog({
        proxy_type: "http",
        host: "",
        port: 80,
+        username: "",
+        password: "",
      };
      setSettings(defaultSettings);
      setInitialSettingsState(defaultSettings);
@@ -94,7 +104,9 @@ export function ProxySettingsDialog({
      settings.enabled !== initialSettingsState.enabled ||
      settings.proxy_type !== initialSettingsState.proxy_type ||
      settings.host !== initialSettingsState.host ||
-      settings.port !== initialSettingsState.port
+      settings.port !== initialSettingsState.port ||
+      settings.username !== initialSettingsState.username ||
+      settings.password !== initialSettingsState.password
    );
  };

@@ -214,6 +226,31 @@ export function ProxySettingsDialog({
                  max="65535"
                />
              </div>
+
+              <div className="grid gap-2">
+                <Label htmlFor="username">Username (optional)</Label>
+                <Input
+                  id="username"
+                  value={settings.username}
+                  onChange={(e) => {
+                    setSettings({ ...settings, username: e.target.value });
+                  }}
+                  placeholder="Proxy username"
+                />
+              </div>
+
+              <div className="grid gap-2">
+                <Label htmlFor="password">Password (optional)</Label>
+                <Input
+                  id="password"
+                  type="password"
+                  value={settings.password}
+                  onChange={(e) => {
+                    setSettings({ ...settings, password: e.target.value });
+                  }}
+                  placeholder="Proxy password"
+                />
+              </div>
            </>
          )}
        </div>
@@ -0,0 +1,164 @@
+"use client";
+
+import { LoadingButton } from "@/components/loading-button";
+import { Badge } from "@/components/ui/badge";
+import { Button } from "@/components/ui/button";
+import {
+  Command,
+  CommandEmpty,
+  CommandGroup,
+  CommandItem,
+  CommandList,
+} from "@/components/ui/command";
+import {
+  Popover,
+  PopoverContent,
+  PopoverTrigger,
+} from "@/components/ui/popover";
+import { cn } from "@/lib/utils";
+import type { BrowserReleaseTypes } from "@/types";
+import { useState } from "react";
+import { LuDownload } from "react-icons/lu";
+import { LuCheck, LuChevronsUpDown } from "react-icons/lu";
+
+interface ReleaseTypeSelectorProps {
+  selectedReleaseType: "stable" | "nightly" | null;
+  onReleaseTypeSelect: (releaseType: "stable" | "nightly" | null) => void;
+  availableReleaseTypes: BrowserReleaseTypes;
+  browser: string;
+  isDownloading: boolean;
+  onDownload: () => void;
+  placeholder?: string;
+  showDownloadButton?: boolean;
+  downloadedVersions?: string[];
+}
+
+export function ReleaseTypeSelector({
+  selectedReleaseType,
+  onReleaseTypeSelect,
+  availableReleaseTypes,
+  browser,
+  isDownloading,
+  onDownload,
+  placeholder = "Select release type...",
+  showDownloadButton = true,
+  downloadedVersions = [],
+}: ReleaseTypeSelectorProps) {
+  const [popoverOpen, setPopoverOpen] = useState(false);
+
+  const releaseOptions = [
+    ...(availableReleaseTypes.stable
+      ? [{ type: "stable" as const, version: availableReleaseTypes.stable }]
+      : []),
+    ...(availableReleaseTypes.nightly && browser !== "chromium"
+      ? [{ type: "nightly" as const, version: availableReleaseTypes.nightly }]
+      : []),
+  ];
+
+  const selectedDisplayText = selectedReleaseType
+    ? selectedReleaseType === "stable"
+      ? "Stable"
+      : "Nightly"
+    : placeholder;
+
+  const selectedVersion =
+    selectedReleaseType === "stable"
+      ? availableReleaseTypes.stable
+      : selectedReleaseType === "nightly"
+        ? availableReleaseTypes.nightly
+        : null;
+
+  const isVersionDownloaded =
+    selectedVersion && downloadedVersions.includes(selectedVersion);
+
+  return (
+    <div className="space-y-4">
+      <Popover open={popoverOpen} onOpenChange={setPopoverOpen} modal={true}>
+        <PopoverTrigger asChild>
+          <Button
+            variant="outline"
+            role="combobox"
+            aria-expanded={popoverOpen}
+            className="justify-between w-full"
+          >
+            {selectedDisplayText}
+            <LuChevronsUpDown className="ml-2 w-4 h-4 opacity-50 shrink-0" />
+          </Button>
+        </PopoverTrigger>
+        <PopoverContent className="w-[300px] p-0">
+          <Command>
+            <CommandEmpty>No release types available.</CommandEmpty>
+            <CommandList>
+              <CommandGroup>
+                {releaseOptions.map((option) => {
+                  const isDownloaded = downloadedVersions.includes(
+                    option.version,
+                  );
+                  return (
+                    <CommandItem
+                      key={option.type}
+                      value={option.type}
+                      onSelect={(currentValue) => {
+                        const selectedType = currentValue as
+                          | "stable"
+                          | "nightly";
+                        onReleaseTypeSelect(
+                          selectedType === selectedReleaseType
+                            ? null
+                            : selectedType,
+                        );
+                        setPopoverOpen(false);
+                      }}
+                    >
+                      <LuCheck
+                        className={cn(
+                          "mr-2 h-4 w-4",
+                          selectedReleaseType === option.type
+                            ? "opacity-100"
+                            : "opacity-0",
+                        )}
+                      />
+                      <div className="flex gap-2 items-center">
+                        <span className="capitalize">{option.type}</span>
+                        {option.type === "nightly" && (
+                          <Badge variant="secondary" className="text-xs">
+                            Nightly
+                          </Badge>
+                        )}
+                        <Badge variant="outline" className="text-xs">
+                          {option.version}
+                        </Badge>
+                        {isDownloaded && (
+                          <Badge variant="default" className="text-xs">
+                            Downloaded
+                          </Badge>
+                        )}
+                      </div>
+                    </CommandItem>
+                  );
+                })}
+              </CommandGroup>
+            </CommandList>
+          </Command>
+        </PopoverContent>
+      </Popover>
+
+      {showDownloadButton &&
+        selectedReleaseType &&
+        selectedVersion &&
+        !isVersionDownloaded && (
+          <LoadingButton
+            isLoading={isDownloading}
+            onClick={() => {
+              onDownload();
+            }}
+            variant="outline"
+            className="w-full"
+          >
+            <LuDownload className="mr-2 w-4 h-4" />
+            {isDownloading ? "Downloading..." : "Download Browser"}
+          </LoadingButton>
+        )}
+    </div>
+  );
+}
@@ -19,19 +19,27 @@ import {
  SelectTrigger,
  SelectValue,
 } from "@/components/ui/select";
-import { showSuccessToast } from "@/lib/toast-utils";
+import { usePermissions } from "@/hooks/use-permissions";
+import type { PermissionType } from "@/hooks/use-permissions";
+import { showErrorToast, showSuccessToast } from "@/lib/toast-utils";
 import { invoke } from "@tauri-apps/api/core";
 import { useTheme } from "next-themes";
-import { useEffect, useState } from "react";
+import { useCallback, useEffect, useState } from "react";
+import { BsCamera, BsMic } from "react-icons/bs";

 interface AppSettings {
  set_as_default_browser: boolean;
  show_settings_on_startup: boolean;
  theme: string;
-  auto_updates_enabled: boolean;
  auto_delete_unused_binaries: boolean;
 }

+interface PermissionInfo {
+  permission_type: PermissionType;
+  isGranted: boolean;
+  description: string;
+}
+
 interface SettingsDialogProps {
  isOpen: boolean;
  onClose: () => void;
@@ -42,14 +50,12 @@ export function SettingsDialog({ isOpen, onClose }: SettingsDialogProps) {
    set_as_default_browser: false,
    show_settings_on_startup: true,
    theme: "system",
-    auto_updates_enabled: true,
    auto_delete_unused_binaries: true,
  });
  const [originalSettings, setOriginalSettings] = useState<AppSettings>({
    set_as_default_browser: false,
    show_settings_on_startup: true,
    theme: "system",
-    auto_updates_enabled: true,
    auto_delete_unused_binaries: true,
  });
  const [isDefaultBrowser, setIsDefaultBrowser] = useState(false);
@@ -57,18 +63,46 @@ export function SettingsDialog({ isOpen, onClose }: SettingsDialogProps) {
  const [isSaving, setIsSaving] = useState(false);
  const [isSettingDefault, setIsSettingDefault] = useState(false);
  const [isClearingCache, setIsClearingCache] = useState(false);
+  const [permissions, setPermissions] = useState<PermissionInfo[]>([]);
+  const [isLoadingPermissions, setIsLoadingPermissions] = useState(false);
+  const [requestingPermission, setRequestingPermission] =
+    useState<PermissionType | null>(null);
+  const [isMacOS, setIsMacOS] = useState(false);

  const { setTheme } = useTheme();
+  const {
+    requestPermission,
+    isMicrophoneAccessGranted,
+    isCameraAccessGranted,
+  } = usePermissions();
+
+  const getPermissionDescription = useCallback((type: PermissionType) => {
+    switch (type) {
+      case "microphone":
+        return "Access to microphone for browser applications";
+      case "camera":
+        return "Access to camera for browser applications";
+    }
+  }, []);

  useEffect(() => {
    if (isOpen) {
-      void loadSettings();
-      void checkDefaultBrowserStatus();
+      loadSettings().catch(console.error);
+      checkDefaultBrowserStatus().catch(console.error);
+
+      // Check if we're on macOS
+      const userAgent = navigator.userAgent;
+      const isMac = userAgent.includes("Mac");
+      setIsMacOS(isMac);
+
+      if (isMac) {
+        loadPermissions().catch(console.error);
+      }

      // Set up interval to check default browser status
      const intervalId = setInterval(() => {
-        void checkDefaultBrowserStatus();
-      }, 500); // Check every 2 seconds
+        checkDefaultBrowserStatus().catch(console.error);
+      }, 500); // Check every 500ms

      // Cleanup interval on component unmount or dialog close
      return () => {
@@ -77,6 +111,32 @@ export function SettingsDialog({ isOpen, onClose }: SettingsDialogProps) {
    }
  }, [isOpen]);

+  // Update permissions when the permission states change
+  useEffect(() => {
+    if (isMacOS) {
+      const permissionList: PermissionInfo[] = [
+        {
+          permission_type: "microphone",
+          isGranted: isMicrophoneAccessGranted,
+          description: getPermissionDescription("microphone"),
+        },
+        {
+          permission_type: "camera",
+          isGranted: isCameraAccessGranted,
+          description: getPermissionDescription("camera"),
+        },
+      ];
+      setPermissions(permissionList);
+    } else {
+      setPermissions([]);
+    }
+  }, [
+    isMacOS,
+    isMicrophoneAccessGranted,
+    isCameraAccessGranted,
+    getPermissionDescription,
+  ]);
+
  const loadSettings = async () => {
    setIsLoading(true);
    try {
@@ -90,6 +150,36 @@ export function SettingsDialog({ isOpen, onClose }: SettingsDialogProps) {
    }
  };

+  const loadPermissions = async () => {
+    setIsLoadingPermissions(true);
+    try {
+      if (!isMacOS) {
+        // On non-macOS platforms, don't show permissions
+        setPermissions([]);
+        return;
+      }
+
+      const permissionList: PermissionInfo[] = [
+        {
+          permission_type: "microphone",
+          isGranted: isMicrophoneAccessGranted,
+          description: getPermissionDescription("microphone"),
+        },
+        {
+          permission_type: "camera",
+          isGranted: isCameraAccessGranted,
+          description: getPermissionDescription("camera"),
+        },
+      ];
+
+      setPermissions(permissionList);
+    } catch (error) {
+      console.error("Failed to load permissions:", error);
+    } finally {
+      setIsLoadingPermissions(false);
+    }
+  };
+
  const checkDefaultBrowserStatus = async () => {
    try {
      const isDefault = await invoke<boolean>("is_default_browser");
@@ -117,16 +207,64 @@ export function SettingsDialog({ isOpen, onClose }: SettingsDialogProps) {
      await invoke("clear_all_version_cache_and_refetch");
      showSuccessToast("Cache cleared successfully", {
        description:
-          "All browser version cache has been cleared and browsers are being refreshed",
+          "All browser version cache has been cleared and browsers are being refreshed.",
        duration: 4000,
      });
    } catch (error) {
      console.error("Failed to clear cache:", error);
+      showErrorToast("Failed to clear cache", {
+        description:
+          error instanceof Error ? error.message : "Unknown error occurred",
+        duration: 4000,
+      });
    } finally {
      setIsClearingCache(false);
    }
  };

+  const handleRequestPermission = async (permissionType: PermissionType) => {
+    setRequestingPermission(permissionType);
+    try {
+      await requestPermission(permissionType);
+      showSuccessToast(
+        `${getPermissionDisplayName(permissionType)} access requested`,
+      );
+    } catch (error) {
+      console.error("Failed to request permission:", error);
+    } finally {
+      setRequestingPermission(null);
+    }
+  };
+
+  const getPermissionIcon = (type: PermissionType) => {
+    switch (type) {
+      case "microphone":
+        return <BsMic className="w-4 h-4" />;
+      case "camera":
+        return <BsCamera className="w-4 h-4" />;
+    }
+  };
+
+  const getPermissionDisplayName = (type: PermissionType) => {
+    switch (type) {
+      case "microphone":
+        return "Microphone";
+      case "camera":
+        return "Camera";
+    }
+  };
+
+  const getStatusBadge = (isGranted: boolean) => {
+    if (isGranted) {
+      return (
+        <Badge variant="default" className="text-green-800 bg-green-100">
+          Granted
+        </Badge>
+      );
+    }
+    return <Badge variant="secondary">Not Granted</Badge>;
+  };
+
  const handleSave = async () => {
    setIsSaving(true);
    try {
@@ -150,7 +288,6 @@ export function SettingsDialog({ isOpen, onClose }: SettingsDialogProps) {
    settings.show_settings_on_startup !==
      originalSettings.show_settings_on_startup ||
    settings.theme !== originalSettings.theme ||
-    settings.auto_updates_enabled !== originalSettings.auto_updates_enabled ||
    settings.auto_delete_unused_binaries !==
      originalSettings.auto_delete_unused_binaries;

@@ -204,7 +341,7 @@ export function SettingsDialog({ isOpen, onClose }: SettingsDialogProps) {
            <LoadingButton
              isLoading={isSettingDefault}
              onClick={() => {
-                void handleSetDefaultBrowser();
+                handleSetDefaultBrowser().catch(console.error);
              }}
              disabled={isDefaultBrowser}
              variant={isDefaultBrowser ? "outline" : "default"}
@@ -225,19 +362,6 @@ export function SettingsDialog({ isOpen, onClose }: SettingsDialogProps) {
          <div className="space-y-4">
            <Label className="text-base font-medium">Auto-Updates</Label>

-            <div className="flex items-center space-x-2">
-              <Checkbox
-                id="auto-updates"
-                checked={settings.auto_updates_enabled}
-                onCheckedChange={(checked) => {
-                  updateSetting("auto_updates_enabled", checked as boolean);
-                }}
-              />
-              <Label htmlFor="auto-updates" className="text-sm">
-                Enable automatic browser updates
-              </Label>
-            </div>
-
            <div className="flex items-center space-x-2">
              <Checkbox
                id="auto-delete-binaries"
@@ -284,6 +408,69 @@ export function SettingsDialog({ isOpen, onClose }: SettingsDialogProps) {
            </p>
          </div>

+          {/* Permissions Section - Only show on macOS */}
+          {isMacOS && (
+            <div className="space-y-4">
+              <Label className="text-base font-medium">
+                System Permissions
+              </Label>
+
+              {isLoadingPermissions ? (
+                <div className="text-sm text-muted-foreground">
+                  Loading permissions...
+                </div>
+              ) : (
+                <div className="space-y-3">
+                  {permissions.map((permission) => (
+                    <div
+                      key={permission.permission_type}
+                      className="flex justify-between items-center p-3 rounded-lg border"
+                    >
+                      <div className="flex items-center space-x-3">
+                        {getPermissionIcon(permission.permission_type)}
+                        <div>
+                          <div className="text-sm font-medium">
+                            {getPermissionDisplayName(
+                              permission.permission_type,
+                            )}
+                          </div>
+                          <div className="text-xs text-muted-foreground">
+                            {permission.description}
+                          </div>
+                        </div>
+                      </div>
+                      <div className="flex items-center space-x-2">
+                        {getStatusBadge(permission.isGranted)}
+                        {!permission.isGranted && (
+                          <LoadingButton
+                            size="sm"
+                            isLoading={
+                              requestingPermission ===
+                              permission.permission_type
+                            }
+                            onClick={() => {
+                              handleRequestPermission(
+                                permission.permission_type,
+                              ).catch(console.error);
+                            }}
+                          >
+                            Grant
+                          </LoadingButton>
+                        )}
+                      </div>
+                    </div>
+                  ))}
+                </div>
+              )}
+
+              <p className="text-xs text-muted-foreground">
+                These permissions allow browsers launched from Donut Browser to
+                access system resources. Each website will still ask for your
+                permission individually.
+              </p>
+            </div>
+          )}
+
          {/* Advanced Section */}
          <div className="space-y-4">
            <Label className="text-base font-medium">Advanced</Label>
@@ -291,7 +478,7 @@ export function SettingsDialog({ isOpen, onClose }: SettingsDialogProps) {
            <LoadingButton
              isLoading={isClearingCache}
              onClick={() => {
-                void handleClearCache();
+                handleClearCache().catch(console.error);
              }}
              variant="outline"
              className="w-full"
@@ -314,7 +501,7 @@ export function SettingsDialog({ isOpen, onClose }: SettingsDialogProps) {
          <LoadingButton
            isLoading={isSaving}
            onClick={() => {
-              void handleSave();
+              handleSave().catch(console.error);
            }}
            disabled={isLoading || !hasChanges}
          >
@@ -103,7 +103,6 @@ export function CustomThemeProvider({ children }: CustomThemeProviderProps) {
        const currentSystemTheme = await getNativeSystemTheme();
        // Force re-evaluation by toggling the theme
        const html = document.documentElement;
-        const currentClass = html.className;

        // Apply the system theme class
        if (currentSystemTheme === "dark") {
@@ -1,108 +0,0 @@
-"use client";
-
-/* eslint-disable @typescript-eslint/no-misused-promises */
-
-import { Badge } from "@/components/ui/badge";
-import { Button } from "@/components/ui/button";
-import { getBrowserDisplayName } from "@/lib/browser-utils";
-import React from "react";
-import { FaDownload, FaTimes } from "react-icons/fa";
-import { LuDownload } from "react-icons/lu";
-
-interface UpdateNotification {
-  id: string;
-  browser: string;
-  current_version: string;
-  new_version: string;
-  affected_profiles: string[];
-  is_stable_update: boolean;
-  timestamp: number;
-}
-
-interface UpdateNotificationProps {
-  notification: UpdateNotification;
-  onUpdate: (browser: string, newVersion: string) => Promise<void>;
-  onDismiss: (notificationId: string) => Promise<void>;
-  isUpdating?: boolean;
-}
-
-export function UpdateNotificationComponent({
-  notification,
-  onUpdate,
-  onDismiss,
-  isUpdating = false,
-}: UpdateNotificationProps) {
-  const browserDisplayName = getBrowserDisplayName(notification.browser);
-
-  const profileText =
-    notification.affected_profiles.length === 1
-      ? `profile "${notification.affected_profiles[0]}"`
-      : `${notification.affected_profiles.length} profiles`;
-
-  const handleUpdateClick = async () => {
-    // Dismiss the notification immediately to close the modal
-    await onDismiss(notification.id);
-    // Then start the update process
-    await onUpdate(notification.browser, notification.new_version);
-  };
-
-  return (
-    <div className="flex flex-col gap-3 p-4 max-w-md rounded-lg border shadow-lg bg-background border-border">
-      <div className="flex gap-2 justify-between items-start">
-        <div className="flex flex-col gap-1">
-          <div className="flex gap-2 items-center">
-            <span className="font-semibold text-foreground">
-              {browserDisplayName} Update Available
-            </span>
-            <Badge
-              variant={notification.is_stable_update ? "default" : "secondary"}
-            >
-              {notification.is_stable_update ? "Stable" : "Nightly"}
-            </Badge>
-          </div>
-          <div className="text-sm text-muted-foreground">
-            Update {profileText} from {notification.current_version} to{" "}
-            <span className="font-medium">{notification.new_version}</span>
-          </div>
-        </div>
-        <Button
-          variant="ghost"
-          size="sm"
-          onClick={async () => {
-            await onDismiss(notification.id);
-          }}
-          className="p-0 w-6 h-6 shrink-0"
-        >
-          <FaTimes className="w-3 h-3" />
-        </Button>
-      </div>
-
-      <div className="flex gap-2 items-center">
-        <Button
-          onClick={handleUpdateClick}
-          disabled={isUpdating}
-          size="sm"
-          className="flex gap-2 items-center"
-        >
-          <FaDownload className="w-3 h-3" />
-          Update
-        </Button>
-        <Button
-          variant="outline"
-          onClick={async () => {
-            await onDismiss(notification.id);
-          }}
-          size="sm"
-        >
-          Later
-        </Button>
-      </div>
-
-      {notification.affected_profiles.length > 1 && (
-        <div className="text-xs text-muted-foreground">
-          Affected profiles: {notification.affected_profiles.join(", ")}
-        </div>
-      )}
-    </div>
-  );
-}
@@ -1,156 +0,0 @@
-"use client";
-
-import { LoadingButton } from "@/components/loading-button";
-import { Badge } from "@/components/ui/badge";
-import { Button } from "@/components/ui/button";
-import {
-  Command,
-  CommandEmpty,
-  CommandGroup,
-  CommandInput,
-  CommandItem,
-  CommandList,
-} from "@/components/ui/command";
-import {
-  Popover,
-  PopoverContent,
-  PopoverTrigger,
-} from "@/components/ui/popover";
-import { cn } from "@/lib/utils";
-import { useState } from "react";
-import { LuDownload } from "react-icons/lu";
-import { LuCheck, LuChevronsUpDown } from "react-icons/lu";
-import { ScrollArea } from "./ui/scroll-area";
-
-interface GithubRelease {
-  tag_name: string;
-  assets: Array<{
-    name: string;
-    browser_download_url: string;
-    hash?: string;
-  }>;
-  published_at: string;
-  is_nightly: boolean;
-}
-
-interface VersionSelectorProps {
-  selectedVersion: string | null;
-  onVersionSelect: (version: string | null) => void;
-  availableVersions: GithubRelease[];
-  downloadedVersions: string[];
-  isDownloading: boolean;
-  onDownload: () => void;
-  placeholder?: string;
-  showDownloadButton?: boolean;
-}
-
-export function VersionSelector({
-  selectedVersion,
-  onVersionSelect,
-  availableVersions,
-  downloadedVersions,
-  isDownloading,
-  onDownload,
-  placeholder = "Select version...",
-  showDownloadButton = true,
-}: VersionSelectorProps) {
-  const [versionPopoverOpen, setVersionPopoverOpen] = useState(false);
-
-  const isVersionDownloaded = selectedVersion
-    ? downloadedVersions.includes(selectedVersion)
-    : false;
-
-  return (
-    <div className="space-y-4">
-      <Popover
-        open={versionPopoverOpen}
-        onOpenChange={setVersionPopoverOpen}
-        modal={true}
-      >
-        <PopoverTrigger asChild>
-          <Button
-            variant="outline"
-            role="combobox"
-            aria-expanded={versionPopoverOpen}
-            className="justify-between w-full"
-          >
-            {selectedVersion ?? placeholder}
-            <LuChevronsUpDown className="ml-2 w-4 h-4 opacity-50 shrink-0" />
-          </Button>
-        </PopoverTrigger>
-        <PopoverContent className="w-[300px] p-0">
-          <Command>
-            <CommandInput placeholder="Search versions..." />
-            <CommandEmpty>No versions found.</CommandEmpty>
-            <CommandList>
-              <ScrollArea
-                className={
-                  "[&>[data-radix-scroll-area-viewport]]:max-h-[200px]"
-                }
-              >
-                <CommandGroup>
-                  {availableVersions.map((version) => {
-                    const isDownloaded = downloadedVersions.includes(
-                      version.tag_name,
-                    );
-                    return (
-                      <CommandItem
-                        key={version.tag_name}
-                        value={version.tag_name}
-                        onSelect={(currentValue) => {
-                          onVersionSelect(
-                            currentValue === selectedVersion
-                              ? null
-                              : currentValue,
-                          );
-                          setVersionPopoverOpen(false);
-                        }}
-                      >
-                        <LuCheck
-                          className={cn(
-                            "mr-2 h-4 w-4",
-                            selectedVersion === version.tag_name
-                              ? "opacity-100"
-                              : "opacity-0",
-                          )}
-                        />
-                        <div className="flex gap-2 items-center">
-                          <span>{version.tag_name}</span>
-                          {version.is_nightly && (
-                            <Badge variant="secondary" className="text-xs">
-                              Nightly
-                            </Badge>
-                          )}
-                          {isDownloaded && (
-                            <Badge variant="default" className="text-xs">
-                              Downloaded
-                            </Badge>
-                          )}
-                        </div>
-                      </CommandItem>
-                    );
-                  })}
-                </CommandGroup>
-              </ScrollArea>
-            </CommandList>
-          </Command>
-        </PopoverContent>
-      </Popover>
-
-      {/* Download Button */}
-      {showDownloadButton && selectedVersion && !isVersionDownloaded && (
-        <LoadingButton
-          isLoading={isDownloading}
-          onClick={() => {
-            onDownload();
-          }}
-          variant="outline"
-          className="w-full"
-        >
-          <LuDownload className="mr-2 w-4 h-4" />
-          {isDownloading ? "Downloading..." : "Download Browser"}
-        </LoadingButton>
-      )}
-    </div>
-  );
-}
@@ -1,129 +0,0 @@
-"use client";
-
-import { LoadingButton } from "@/components/loading-button";
-import { Alert, AlertDescription, AlertTitle } from "@/components/ui/alert";
-import {
-  Card,
-  CardContent,
-  CardDescription,
-  CardHeader,
-  CardTitle,
-} from "@/components/ui/card";
-import { useVersionUpdater } from "@/hooks/use-version-updater";
-import {
-  LuCheckCheck,
-  LuCircleAlert,
-  LuClock,
-  LuRefreshCw,
-} from "react-icons/lu";
-
-export function VersionUpdateSettings() {
-  const {
-    isUpdating,
-    lastUpdateTime,
-    timeUntilNextUpdate,
-    updateProgress,
-    triggerManualUpdate,
-    formatTimeUntilUpdate,
-    formatLastUpdateTime,
-  } = useVersionUpdater();
-
-  return (
-    <Card>
-      <CardHeader>
-        <CardTitle className="flex items-center gap-2">
-          <LuRefreshCw className="h-5 w-5" />
-          Background Version Updates
-        </CardTitle>
-        <CardDescription>
-          Browser versions are automatically checked every 3 hours in the
-          background. New versions are cached and ready when you need them.
-        </CardDescription>
-      </CardHeader>
-      <CardContent className="space-y-4">
-        {/* Current Status */}
-        <div className="grid gap-4 md:grid-cols-2">
-          <div className="space-y-2">
-            <div className="flex items-center gap-2 text-sm font-medium">
-              <LuClock className="h-4 w-4" />
-              Last Update
-            </div>
-            <div className="text-sm text-muted-foreground">
-              {formatLastUpdateTime(lastUpdateTime)}
-            </div>
-          </div>
-
-          <div className="space-y-2">
-            <div className="flex items-center gap-2 text-sm font-medium">
-              <LuCheckCheck className="h-4 w-4" />
-              Next Update
-            </div>
-            <div className="text-sm text-muted-foreground">
-              {timeUntilNextUpdate <= 0
-                ? "Now"
-                : `In ${formatTimeUntilUpdate(timeUntilNextUpdate)}`}
-            </div>
-          </div>
-        </div>
-
-        {/* Progress indicator */}
-        {isUpdating && updateProgress && (
-          <Alert>
-            <LuRefreshCw className="h-4 w-4 animate-spin" />
-            <AlertTitle>Updating Browser Versions</AlertTitle>
-            <AlertDescription>
-              {updateProgress.current_browser ? (
-                <>
-                  Checking {updateProgress.current_browser} (
-                  {updateProgress.completed_browsers}/
-                  {updateProgress.total_browsers})
-                  <br />
-                  {updateProgress.new_versions_found} new versions found so far
-                </>
-              ) : (
-                "Starting version update..."
-              )}
-            </AlertDescription>
-          </Alert>
-        )}
-
-        {/* Manual update button */}
-        <div className="flex items-center justify-between pt-2 border-t">
-          <div className="space-y-1">
-            <div className="text-sm font-medium">Manual Update</div>
-            <div className="text-xs text-muted-foreground">
-              Check for new browser versions now
-            </div>
-          </div>
-          <LoadingButton
-            isLoading={isUpdating}
-            onClick={() => {
-              void triggerManualUpdate();
-            }}
-            variant="outline"
-            size="sm"
-            disabled={isUpdating}
-          >
-            <LuRefreshCw className="h-4 w-4 mr-2" />
-            {isUpdating ? "Updating..." : "Check Now"}
-          </LoadingButton>
-        </div>
-
-        {/* Information about background updates */}
-        <Alert>
-          <LuCircleAlert className="h-4 w-4" />
-          <AlertTitle>How it works</AlertTitle>
-          <AlertDescription className="text-xs">
-            • Version information is checked automatically every 3 hours
-            <br />• New versions are added to the cache without removing old
-            ones
-            <br />• When creating profiles or changing versions, you&apos;ll see
-            how many new versions were found
-            <br />• This keeps the app responsive while ensuring you have the
-            latest information
-          </AlertDescription>
-        </Alert>
-      </CardContent>
-    </Card>
-  );
-}
@@ -40,7 +40,7 @@ export function WindowDragArea() {

  return (
    <div
-      className="fixed top-0 right-0 left-0 z-50 h-8 cursor-move"
+      className="fixed top-0 right-0 left-0 h-10 z-9999"
      style={{
        // Ensure it's above all other content
        zIndex: 9999,
@@ -3,21 +3,19 @@ import {
  dismissToast,
  showDownloadToast,
  showErrorToast,
-  showFetchingToast,
  showSuccessToast,
 } from "@/lib/toast-utils";
 import { invoke } from "@tauri-apps/api/core";
 import { listen } from "@tauri-apps/api/event";
 import { useCallback, useEffect, useState } from "react";
-import { toast } from "sonner";

 interface GithubRelease {
  tag_name: string;
-  assets: Array<{
+  assets: {
    name: string;
    browser_download_url: string;
    hash?: string;
-  }>;
+  }[];
  published_at: string;
  is_nightly: boolean;
 }
@@ -45,31 +43,6 @@ interface BrowserVersionsResult {
  total_versions_count: number;
 }

-interface VersionUpdateProgress {
-  current_browser: string;
-  total_browsers: number;
-  completed_browsers: number;
-  new_versions_found: number;
-  browser_new_versions: number;
-  status: string;
-}
-
-const isAlphaVersion = (version: string): boolean => {
-  // Check for common alpha/beta/dev indicators
-  const lowerVersion = version.toLowerCase();
-  return (
-    lowerVersion.includes("a") ||
-    lowerVersion.includes("b") ||
-    lowerVersion.includes("alpha") ||
-    lowerVersion.includes("beta") ||
-    lowerVersion.includes("dev") ||
-    lowerVersion.includes("rc") ||
-    lowerVersion.includes("pre") ||
-    // Check for patterns like "139.0b1" or "140.0a1"
-    /\d+\.\d+[ab]\d+/.test(lowerVersion)
-  );
-};
-
 export function useBrowserDownload() {
  const [availableVersions, setAvailableVersions] = useState<GithubRelease[]>(
    [],
@@ -78,7 +51,6 @@ export function useBrowserDownload() {
  const [isDownloading, setIsDownloading] = useState(false);
  const [downloadProgress, setDownloadProgress] =
    useState<DownloadProgress | null>(null);
-  const [isUpdatingVersions, setIsUpdatingVersions] = useState(false);

  // Listen for download progress events
  useEffect(() => {
@@ -88,53 +60,29 @@ export function useBrowserDownload() {

      const browserName = getBrowserDisplayName(progress.browser);

-      // Check if this is an auto-update download to suppress completion toast
-      const checkAutoUpdate = async () => {
-        let isAutoUpdate = false;
-        try {
-          isAutoUpdate = await invoke<boolean>("is_auto_update_download", {
-            browser: progress.browser,
-            version: progress.version,
-          });
-        } catch (error) {
-          console.error("Failed to check auto-update status:", error);
-        }
+      // Show toast with progress
+      if (progress.stage === "downloading") {
+        const speedMBps = (
+          progress.speed_bytes_per_sec /
+          (1024 * 1024)
+        ).toFixed(1);
+        const etaText = progress.eta_seconds
+          ? formatTime(progress.eta_seconds)
+          : "calculating...";

-        // Show toast with progress
-        if (progress.stage === "downloading") {
-          const speedMBps = (
-            progress.speed_bytes_per_sec /
-            (1024 * 1024)
-          ).toFixed(1);
-          const etaText = progress.eta_seconds
-            ? formatTime(progress.eta_seconds)
-            : "calculating...";
-
-          showDownloadToast(browserName, progress.version, "downloading", {
-            percentage: progress.percentage,
-            speed: speedMBps,
-            eta: etaText,
-          });
-        } else if (progress.stage === "extracting") {
-          showDownloadToast(browserName, progress.version, "extracting");
-        } else if (progress.stage === "verifying") {
-          showDownloadToast(browserName, progress.version, "verifying");
-        } else if (progress.stage === "completed") {
-          // Suppress completion toast for auto-updates
-          showDownloadToast(
-            browserName,
-            progress.version,
-            "completed",
-            undefined,
-            {
-              suppressCompletionToast: isAutoUpdate,
-            },
-          );
-          setDownloadProgress(null);
-        }
-      };
-
-      void checkAutoUpdate();
+        showDownloadToast(browserName, progress.version, "downloading", {
+          percentage: progress.percentage,
+          speed: speedMBps,
+          eta: etaText,
+        });
+      } else if (progress.stage === "extracting") {
+        showDownloadToast(browserName, progress.version, "extracting");
+      } else if (progress.stage === "verifying") {
+        showDownloadToast(browserName, progress.version, "verifying");
+      } else if (progress.stage === "completed") {
+        showDownloadToast(browserName, progress.version, "completed");
+        setDownloadProgress(null);
+      }
    });

    return () => {
@@ -144,51 +92,6 @@ export function useBrowserDownload() {
    };
  }, []);

-  // Listen for version update progress events
-  useEffect(() => {
-    const unlisten = listen<VersionUpdateProgress>(
-      "version-update-progress",
-      (event) => {
-        const progress = event.payload;
-
-        if (progress.status === "updating") {
-          setIsUpdatingVersions(true);
-          if (progress.current_browser) {
-            const browserName = getBrowserDisplayName(progress.current_browser);
-            showFetchingToast(browserName, {
-              id: `version-update-${progress.current_browser}`,
-              description: "Fetching latest release information...",
-            });
-          }
-        } else if (progress.status === "completed") {
-          setIsUpdatingVersions(false);
-          if (progress.new_versions_found > 0) {
-            showSuccessToast(
-              `Found ${progress.new_versions_found} new browser versions!`,
-              {
-                duration: 3000,
-              },
-            );
-          }
-          // Dismiss any update toasts
-          toast.dismiss();
-        } else if (progress.status === "error") {
-          setIsUpdatingVersions(false);
-          showErrorToast("Failed to check for new versions", {
-            duration: 4000,
-          });
-          toast.dismiss();
-        }
-      },
-    );
-
-    return () => {
-      void unlisten.then((fn) => {
-        fn();
-      });
-    };
-  }, []);
-
  const formatTime = (seconds: number): string => {
    if (seconds < 60) {
      return `${Math.round(seconds)}s`;
@@ -214,10 +117,8 @@ export function useBrowserDownload() {
  const loadVersions = useCallback(async (browserStr: string) => {
    const browserName = getBrowserDisplayName(browserStr);

-    // Show fetching toast
-    const toastId = showFetchingToast(browserName, {
-      id: `fetch-${browserStr}`,
-    });
+    // Use a simple loading state instead of toast for version fetching
+    console.log(`Fetching ${browserName} versions...`);

    try {
      const versionInfos = await invoke<BrowserVersionInfo[]>(
@@ -236,11 +137,9 @@ export function useBrowserDownload() {
      );

      setAvailableVersions(githubReleases);
-      dismissToast(toastId);
      return githubReleases;
    } catch (error) {
      console.error("Failed to load versions:", error);
-      dismissToast(toastId);
      showErrorToast(`Failed to fetch ${browserName} versions`, {
        description:
          error instanceof Error ? error.message : "Unknown error occurred",
@@ -374,7 +273,6 @@ export function useBrowserDownload() {
    downloadedVersions,
    isDownloading,
    downloadProgress,
-    isUpdatingVersions,
    loadVersions,
    loadVersionsWithNewCount,
    loadDownloadedVersions,
@@ -1,12 +1,6 @@
 import { invoke } from "@tauri-apps/api/core";
 import { useEffect, useState } from "react";

-export interface BrowserSupportInfo {
-  supportedBrowsers: string[];
-  isLoading: boolean;
-  error: string | null;
-}
-
 export function useBrowserSupport() {
  const [supportedBrowsers, setSupportedBrowsers] = useState<string[]>([]);
  const [isLoading, setIsLoading] = useState(true);
@@ -0,0 +1,174 @@
+import { useCallback, useEffect, useRef, useState } from "react";
+
+// Platform-specific imports
+let macOSPermissions:
+  | typeof import("tauri-plugin-macos-permissions-api")
+  | null = null;
+
+// Dynamically import macOS permissions only when needed
+const loadMacOSPermissions = async () => {
+  if (macOSPermissions) return macOSPermissions;
+
+  try {
+    macOSPermissions = await import("tauri-plugin-macos-permissions-api");
+    return macOSPermissions;
+  } catch (error) {
+    console.warn("Failed to load macOS permissions API:", error);
+    return null;
+  }
+};
+
+export type PermissionType = "microphone" | "camera";
+
+interface UsePermissionsReturn {
+  requestPermission: (type: PermissionType) => Promise<void>;
+  isMicrophoneAccessGranted: boolean;
+  isCameraAccessGranted: boolean;
+  isInitialized: boolean;
+}
+
+export function usePermissions(): UsePermissionsReturn {
+  const [isMicrophoneAccessGranted, setIsMicrophoneAccessGranted] =
+    useState(false);
+  const [isCameraAccessGranted, setIsCameraAccessGranted] = useState(false);
+  const [currentPlatform, setCurrentPlatform] = useState<string | null>(null);
+  const [isInitialized, setIsInitialized] = useState(false);
+  const intervalRef = useRef<NodeJS.Timeout | null>(null);
+
+  // Check permissions status
+  const checkPermissions = useCallback(async () => {
+    if (!currentPlatform) return;
+
+    if (currentPlatform !== "macos") {
+      // Windows/Linux - assume permissions are granted
+      setIsMicrophoneAccessGranted(true);
+      setIsCameraAccessGranted(true);
+      setIsInitialized(true);
+      return;
+    }
+
+    // macOS - use the permissions API
+    try {
+      const permissions = await loadMacOSPermissions();
+      if (permissions) {
+        const [micGranted, camGranted] = await Promise.all([
+          permissions.checkMicrophonePermission(),
+          permissions.checkCameraPermission(),
+        ]);
+
+        setIsMicrophoneAccessGranted(micGranted);
+        setIsCameraAccessGranted(camGranted);
+        setIsInitialized(true);
+      }
+    } catch (error) {
+      console.error("Failed to check permissions on macOS:", error);
+      setIsInitialized(true);
+    }
+  }, [currentPlatform]);
+
+  // Request permission
+  const requestPermission = useCallback(
+    async (type: PermissionType): Promise<void> => {
+      if (!currentPlatform || currentPlatform !== "macos") return;
+
+      // macOS - use the permissions API
+      try {
+        const permissions = await loadMacOSPermissions();
+        if (!permissions) return;
+
+        if (type === "microphone") {
+          await permissions.requestMicrophonePermission();
+
+          // Poll for permission status change
+          const pollMicPermission = async () => {
+            const granted = await permissions.checkMicrophonePermission();
+            setIsMicrophoneAccessGranted(granted);
+
+            if (!granted) {
+              setTimeout(() => {
+                void pollMicPermission();
+              }, 1000);
+            }
+          };
+
+          await pollMicPermission();
+        }
+
+        if (type === "camera") {
+          await permissions.requestCameraPermission();
+
+          // Poll for permission status change
+          const pollCamPermission = async () => {
+            const granted = await permissions.checkCameraPermission();
+            setIsCameraAccessGranted(granted);
+
+            if (!granted) {
+              setTimeout(() => {
+                void pollCamPermission();
+              }, 1000);
+            }
+          };
+
+          await pollCamPermission();
+        }
+      } catch (error) {
+        console.error(`Failed to request ${type} permission on macOS:`, error);
+      }
+    },
+    [currentPlatform],
+  );
+
+  // Initialize platform detection and start interval checking
+  useEffect(() => {
+    const initializePlatform = async () => {
+      try {
+        // Detect platform - on macOS we need permissions, on others we don't
+        const userAgent = navigator.userAgent;
+        let platformName = "unknown";
+
+        if (userAgent.includes("Mac")) {
+          platformName = "macos";
+        } else if (userAgent.includes("Win")) {
+          platformName = "windows";
+        } else if (userAgent.includes("Linux")) {
+          platformName = "linux";
+        }
+
+        setCurrentPlatform(platformName);
+      } catch (error) {
+        console.error("Failed to detect platform:", error);
+        // Fallback - assume non-macOS
+        setCurrentPlatform("unknown");
+      }
+    };
+
+    initializePlatform().catch(console.error);
+  }, []);
+
+  // Set up interval checking when platform is determined
+  useEffect(() => {
+    if (!currentPlatform) return;
+
+    // Initial check
+    void checkPermissions();
+
+    // Set up 500ms interval for checking permissions
+    intervalRef.current = setInterval(() => {
+      void checkPermissions();
+    }, 500);
+
+    return () => {
+      if (intervalRef.current) {
+        clearInterval(intervalRef.current);
+        intervalRef.current = null;
+      }
+    };
+  }, [currentPlatform, checkPermissions]);
+
+  return {
+    requestPermission,
+    isMicrophoneAccessGranted,
+    isCameraAccessGranted,
+    isInitialized,
+  };
+}
@@ -1,9 +1,7 @@
-import { UpdateNotificationComponent } from "@/components/update-notification";
 import { getBrowserDisplayName } from "@/lib/browser-utils";
-import { showToast } from "@/lib/toast-utils";
+import { dismissToast, showToast } from "@/lib/toast-utils";
 import { invoke } from "@tauri-apps/api/core";
-import React, { useCallback, useEffect, useState } from "react";
-import { toast } from "sonner";
+import { useCallback, useRef, useState } from "react";

 interface UpdateNotification {
  id: string;
@@ -23,73 +21,93 @@ export function useUpdateNotifications(
  const [updatingBrowsers, setUpdatingBrowsers] = useState<Set<string>>(
    new Set(),
  );
-  const [dismissedNotifications, setDismissedNotifications] = useState<
+  const [processedNotifications, setProcessedNotifications] = useState<
    Set<string>
  >(new Set());

+  const isUpdating = useCallback(
+    (browser: string) => updatingBrowsers.has(browser),
+    [updatingBrowsers],
+  );
+
+  // Add refs to track ongoing operations to prevent duplicates
+  const isCheckingForUpdates = useRef(false);
+  const activeDownloads = useRef<Set<string>>(new Set()); // Track "browser-version" keys
+
  const checkForUpdates = useCallback(async () => {
+    // Prevent multiple simultaneous calls
+    if (isCheckingForUpdates.current) {
+      console.log("Already checking for updates, skipping duplicate call");
+      return;
+    }
+
+    isCheckingForUpdates.current = true;
+
    try {
      const updates = await invoke<UpdateNotification[]>(
        "check_for_browser_updates",
      );

-      // Filter out dismissed notifications unless they're for a newer version
-      const filteredUpdates = updates.filter((notification) => {
-        // Check if this exact notification was dismissed
-        if (dismissedNotifications.has(notification.id)) {
-          return false;
-        }
-
-        // Check if we dismissed an older version for this browser
-        const dismissedForBrowser = Array.from(dismissedNotifications).find(
-          (dismissedId) => {
-            const parts = dismissedId.split("_");
-            if (parts.length >= 2) {
-              const browser = parts[0];
-              return browser === notification.browser;
-            }
-            return false;
-          },
-        );
-
-        if (dismissedForBrowser) {
-          // Extract the dismissed version to compare
-          const dismissedParts = dismissedForBrowser.split("_to_");
-          if (dismissedParts.length === 2) {
-            const dismissedToVersion = dismissedParts[1];
-            // Only show if this is a newer version than what was dismissed
-            return notification.new_version !== dismissedToVersion;
-          }
-        }
-
-        return true;
+      // Filter out already processed notifications
+      const newUpdates = updates.filter((notification) => {
+        return !processedNotifications.has(notification.id);
      });

-      setNotifications(filteredUpdates);
+      setNotifications(newUpdates);

-      // Show toasts for new notifications - we'll define handleUpdate and handleDismiss separately
-      // to avoid circular dependencies
+      // Automatically start downloads for new update notifications
+      for (const notification of newUpdates) {
+        if (!processedNotifications.has(notification.id)) {
+          setProcessedNotifications((prev) =>
+            new Set(prev).add(notification.id),
+          );
+          // Start automatic update without user interaction
+          void handleAutoUpdate(
+            notification.browser,
+            notification.new_version,
+            notification.id,
+          );
+        }
+      }
    } catch (error) {
      console.error("Failed to check for updates:", error);
+    } finally {
+      isCheckingForUpdates.current = false;
    }
-  }, [dismissedNotifications]);
+  }, [processedNotifications]);
+
+  const handleAutoUpdate = useCallback(
+    async (browser: string, newVersion: string, notificationId: string) => {
+      const downloadKey = `${browser}-${newVersion}`;
+
+      // Check if this download is already in progress
+      if (activeDownloads.current.has(downloadKey)) {
+        console.log(
+          `Download already in progress for ${downloadKey}, skipping duplicate`,
+        );
+        return;
+      }
+
+      // Mark download as active and disable browser
+      activeDownloads.current.add(downloadKey);
+      setUpdatingBrowsers((prev) => new Set(prev).add(browser));

-  const handleUpdate = useCallback(
-    async (browser: string, newVersion: string) => {
      try {
-        setUpdatingBrowsers((prev) => new Set(prev).add(browser));
        const browserDisplayName = getBrowserDisplayName(browser);

-        // Dismiss all notifications for this browser first
-        const browserNotifications = notifications.filter(
-          (n) => n.browser === browser,
-        );
-        for (const notification of browserNotifications) {
-          toast.dismiss(notification.id);
-          await invoke("dismiss_update_notification", {
-            notificationId: notification.id,
-          });
-        }
+        // Dismiss the notification in the backend
+        await invoke("dismiss_update_notification", {
+          notificationId,
+        });
+
+        // Show update started notification
+        showToast({
+          id: `auto-update-started-${browser}-${newVersion}`,
+          type: "loading",
+          title: `${browserDisplayName} update started`,
+          description: `Version ${newVersion} download will begin shortly. Browser launch is disabled until update completes.`,
+          duration: 4000,
+        });

        try {
          // Check if browser already exists before downloading
@@ -103,14 +121,25 @@ export function useUpdateNotifications(
            console.log(
              `${browserDisplayName} ${newVersion} already exists, skipping download`,
            );
+
+            showToast({
+              id: `auto-update-skip-download-${browser}-${newVersion}`,
+              type: "success",
+              title: `${browserDisplayName} ${newVersion} already available`,
+              description: "Updating profile configurations...",
+              duration: 3000,
+            });
          } else {
-            // Mark download as auto-update in the backend for toast suppression
-            await invoke("mark_auto_update_download", {
-              browser,
-              version: newVersion,
+            // Show download starting notification
+            showToast({
+              id: `auto-update-download-starting-${browser}-${newVersion}`,
+              type: "loading",
+              title: `Starting ${browserDisplayName} ${newVersion} download`,
+              description: "Download progress will be shown below...",
+              duration: 4000,
            });

-            // Download the browser (progress will be handled by use-browser-download hook)
+            // Download the browser - this will trigger download progress events automatically
            await invoke("download_browser", {
              browserStr: browser,
              version: newVersion,
@@ -134,59 +163,45 @@ export function useUpdateNotifications(
                : `${updatedProfiles.length} profiles have been updated`;

            showToast({
+              id: `auto-update-success-${browser}-${newVersion}`,
              type: "success",
              title: `${browserDisplayName} update completed`,
-              description: `${profileText} to version ${newVersion}. Running profiles were not updated and can be updated manually.`,
-              duration: 5000,
+              description: `${profileText} to version ${newVersion}. You can now launch your browsers with the latest version.`,
+              duration: 6000,
            });
          } else {
            showToast({
+              id: `auto-update-success-${browser}-${newVersion}`,
              type: "success",
-              title: `${browserDisplayName} update ready`,
-              description:
-                "All affected profiles are currently running. Stop them and manually update their versions to use the new version.",
-              duration: 5000,
+              title: `${browserDisplayName} update completed`,
+              description: `Version ${newVersion} is now available. Running profiles will use the new version when restarted.`,
+              duration: 6000,
            });
          }

-          // Trigger profile refresh to update UI with new versions
          if (onProfilesUpdated) {
-            void onProfilesUpdated();
+            await onProfilesUpdated();
          }
        } catch (downloadError) {
          console.error("Failed to download browser:", downloadError);

-          // Clean up auto-update tracking on error
-          try {
-            await invoke("remove_auto_update_download", {
-              browser,
-              version: newVersion,
-            });
-          } catch (e) {
-            console.error("Failed to clean up auto-update tracking:", e);
-          }
+          dismissToast(`download-${browser}-${newVersion}`);

          showToast({
+            id: `auto-update-error-${browser}-${newVersion}`,
            type: "error",
            title: `Failed to download ${browserDisplayName} ${newVersion}`,
            description: String(downloadError),
-            duration: 6000,
+            duration: 8000,
          });
          throw downloadError;
        }
-
-        // Refresh notifications to clear any remaining ones
-        await checkForUpdates();
      } catch (error) {
-        console.error("Failed to start update:", error);
-        const browserDisplayName = getBrowserDisplayName(browser);
-        showToast({
-          type: "error",
-          title: `Failed to update ${browserDisplayName}`,
-          description: String(error),
-          duration: 6000,
-        });
+        console.error("Failed to start auto-update:", error);
+        throw error;
      } finally {
+        // Clean up
+        activeDownloads.current.delete(downloadKey);
        setUpdatingBrowsers((prev) => {
          const next = new Set(prev);
          next.delete(browser);
@@ -194,56 +209,12 @@ export function useUpdateNotifications(
        });
      }
    },
-    [notifications, checkForUpdates, onProfilesUpdated],
+    [onProfilesUpdated],
  );

-  const handleDismiss = useCallback(
-    async (notificationId: string) => {
-      try {
-        toast.dismiss(notificationId);
-        await invoke("dismiss_update_notification", { notificationId });
-
-        // Track this notification as dismissed to prevent showing it again
-        setDismissedNotifications((prev) => new Set(prev).add(notificationId));
-
-        await checkForUpdates();
-      } catch (error) {
-        console.error("Failed to dismiss notification:", error);
-      }
-    },
-    [checkForUpdates],
-  );
-
-  // Separate effect to show toasts when notifications change
-  useEffect(() => {
-    for (const notification of notifications) {
-      const isUpdating = updatingBrowsers.has(notification.browser);
-
-      toast.custom(
-        () => (
-          <UpdateNotificationComponent
-            notification={notification}
-            onUpdate={handleUpdate}
-            onDismiss={handleDismiss}
-            isUpdating={isUpdating}
-          />
-        ),
-        {
-          id: notification.id,
-          duration: Number.POSITIVE_INFINITY, // Persistent until user action
-          position: "top-right",
-          style: {
-            zIndex: 99999, // Ensure notifications appear above dialogs
-            pointerEvents: "auto", // Ensure notifications remain interactive
-          },
-        },
-      );
-    }
-  }, [notifications, updatingBrowsers, handleUpdate, handleDismiss]);
-
  return {
    notifications,
+    isUpdating,
    checkForUpdates,
-    isUpdating: (browser: string) => updatingBrowsers.has(browser),
  };
 }
@@ -1,13 +1,14 @@
 import { getBrowserDisplayName } from "@/lib/browser-utils";
 import {
  dismissToast,
-  showLoadingToast,
-  showVersionUpdateToast,
+  showAutoUpdateToast,
+  showErrorToast,
+  showSuccessToast,
+  showUnifiedVersionUpdateToast,
 } from "@/lib/toast-utils";
 import { invoke } from "@tauri-apps/api/core";
 import { listen } from "@tauri-apps/api/event";
 import { useCallback, useEffect, useState } from "react";
-import { toast } from "sonner";

 interface VersionUpdateProgress {
  current_browser: string;
@@ -32,6 +33,13 @@ interface BrowserVersionsResult {
  total_versions_count: number;
 }

+interface AutoUpdateEvent {
+  browser: string;
+  new_version: string;
+  notification_id: string;
+  affected_profiles: string[];
+}
+
 export function useVersionUpdater() {
  const [isUpdating, setIsUpdating] = useState(false);
  const [lastUpdateTime, setLastUpdateTime] = useState<number | null>(null);
@@ -39,6 +47,18 @@ export function useVersionUpdater() {
  const [updateProgress, setUpdateProgress] =
    useState<VersionUpdateProgress | null>(null);

+  const loadUpdateStatus = useCallback(async () => {
+    try {
+      const [lastUpdate, timeUntilNext] = await invoke<[number | null, number]>(
+        "get_version_update_status",
+      );
+      setLastUpdateTime(lastUpdate);
+      setTimeUntilNextUpdate(timeUntilNext);
+    } catch (error) {
+      console.error("Failed to load version update status:", error);
+    }
+  }, []);
+
  // Listen for version update progress events
  useEffect(() => {
    const unlisten = listen<VersionUpdateProgress>(
@@ -50,42 +70,35 @@ export function useVersionUpdater() {
        if (progress.status === "updating") {
          setIsUpdating(true);

-          if (progress.current_browser) {
-            const browserName = getBrowserDisplayName(progress.current_browser);
-            showVersionUpdateToast(
-              `Downloading release information for ${browserName}`,
-              {
-                id: "version-update-progress",
-                progress: {
-                  current: progress.completed_browsers + 1,
-                  total: progress.total_browsers,
-                  found: progress.new_versions_found,
-                },
-              },
-            );
-          } else {
-            showLoadingToast("Starting version update check...", {
-              id: "version-update-progress",
-              description: "Initializing browser version check...",
-            });
-          }
+          // Show unified progress toast
+          const currentBrowserName = progress.current_browser
+            ? getBrowserDisplayName(progress.current_browser)
+            : undefined;
+
+          showUnifiedVersionUpdateToast("Checking for browser updates...", {
+            description: currentBrowserName
+              ? `Fetching ${currentBrowserName} release information...`
+              : "Initializing version check...",
+            progress: {
+              current: progress.completed_browsers,
+              total: progress.total_browsers,
+              found: progress.new_versions_found,
+              current_browser: currentBrowserName,
+            },
+          });
        } else if (progress.status === "completed") {
          setIsUpdating(false);
          setUpdateProgress(null);
+          dismissToast("unified-version-update");

          if (progress.new_versions_found > 0) {
-            toast.success(
-              `Found ${progress.new_versions_found} new browser versions!`,
-              {
-                id: "version-update-progress",
-                duration: 4000,
-                description:
-                  "Version information has been updated in the background",
-              },
-            );
+            showSuccessToast("Browser versions updated successfully", {
+              duration: 5000,
+              description:
+                "Auto-downloads will start shortly for available updates.",
+            });
          } else {
-            toast.success("No new browser versions found", {
-              id: "version-update-progress",
+            showSuccessToast("No new browser versions found", {
              duration: 3000,
              description: "All browser versions are up to date",
            });
@@ -96,16 +109,115 @@ export function useVersionUpdater() {
        } else if (progress.status === "error") {
          setIsUpdating(false);
          setUpdateProgress(null);
+          dismissToast("unified-version-update");

-          toast.error("Failed to update browser versions", {
-            id: "version-update-progress",
-            duration: 4000,
+          showErrorToast("Failed to update browser versions", {
+            duration: 6000,
            description: "Check your internet connection and try again",
          });
        }
      },
    );

+    return () => {
+      void unlisten.then((fn) => {
+        fn();
+      });
+    };
+  }, [loadUpdateStatus]);
+
+  // Listen for browser auto-update events
+  useEffect(() => {
+    const unlisten = listen<AutoUpdateEvent>(
+      "browser-auto-update-available",
+      (event) => {
+        const handleAutoUpdate = async () => {
+          const { browser, new_version, notification_id } = event.payload;
+          console.log("Browser auto-update event received:", event.payload);
+
+          const browserDisplayName = getBrowserDisplayName(browser);
+
+          try {
+            // Show auto-update start notification
+            showAutoUpdateToast(browserDisplayName, new_version, {
+              description: `Downloading ${browserDisplayName} ${new_version} automatically. Progress will be shown below.`,
+            });
+
+            // Dismiss the update notification in the backend
+            await invoke("dismiss_update_notification", {
+              notificationId: notification_id,
+            });
+
+            // Check if browser already exists before downloading
+            const isDownloaded = await invoke<boolean>("check_browser_exists", {
+              browserStr: browser,
+              version: new_version,
+            });
+
+            if (isDownloaded) {
+              // Browser already exists, skip download and go straight to profile update
+              console.log(
+                `${browserDisplayName} ${new_version} already exists, skipping download`,
+              );
+
+              showSuccessToast(
+                `${browserDisplayName} ${new_version} already available`,
+                {
+                  description: "Updating profile configurations...",
+                  duration: 3000,
+                },
+              );
+            } else {
+              // Download the browser - this will trigger download progress events automatically
+              await invoke("download_browser", {
+                browserStr: browser,
+                version: new_version,
+              });
+            }
+
+            // Complete the update with auto-update of profile versions
+            const updatedProfiles = await invoke<string[]>(
+              "complete_browser_update_with_auto_update",
+              {
+                browser,
+                newVersion: new_version,
+              },
+            );
+
+            // Show success message based on whether profiles were updated
+            if (updatedProfiles.length > 0) {
+              const profileText =
+                updatedProfiles.length === 1
+                  ? `Profile "${updatedProfiles[0]}" has been updated`
+                  : `${updatedProfiles.length} profiles have been updated`;
+
+              showSuccessToast(`${browserDisplayName} update completed`, {
+                description: `${profileText} to version ${new_version}. You can now launch your browsers with the latest version.`,
+                duration: 6000,
+              });
+            } else {
+              showSuccessToast(`${browserDisplayName} update completed`, {
+                description: `Version ${new_version} is now available. Running profiles will use the new version when restarted.`,
+                duration: 6000,
+              });
+            }
+          } catch (error) {
+            console.error("Failed to handle browser auto-update:", error);
+            showErrorToast(`Failed to auto-update ${browserDisplayName}`, {
+              description:
+                error instanceof Error
+                  ? error.message
+                  : "Unknown error occurred",
+              duration: 8000,
+            });
+          }
+        };
+
+        // Call the async handler
+        void handleAutoUpdate();
+      },
+    );
+
    return () => {
      void unlisten.then((fn) => {
        fn();
@@ -125,19 +237,7 @@ export function useVersionUpdater() {
    return () => {
      clearInterval(interval);
    };
-  }, []);
-
-  const loadUpdateStatus = useCallback(async () => {
-    try {
-      const [lastUpdate, timeUntilNext] = await invoke<[number | null, number]>(
-        "get_version_update_status",
-      );
-      setLastUpdateTime(lastUpdate);
-      setTimeUntilNextUpdate(timeUntilNext);
-    } catch (error) {
-      console.error("Failed to load version update status:", error);
-    }
-  }, []);
+  }, [loadUpdateStatus]);

  const triggerManualUpdate = useCallback(async () => {
    try {
@@ -158,17 +258,17 @@ export function useVersionUpdater() {
      ).length;

      if (failedUpdates > 0) {
-        toast.warning("Update completed with some errors", {
+        showErrorToast("Update completed with some errors", {
          description: `${totalNewVersions} new versions found, ${failedUpdates} browsers failed to update`,
          duration: 5000,
        });
      } else if (totalNewVersions > 0) {
-        toast.success(`Found ${totalNewVersions} new browser versions!`, {
-          description: `Updated ${successfulUpdates} browsers successfully`,
+        showSuccessToast("Browser versions updated successfully", {
+          description: `Found ${totalNewVersions} new versions across ${successfulUpdates} browsers. Auto-downloads will start shortly.`,
          duration: 4000,
        });
      } else {
-        toast.success("No new browser versions found", {
+        showSuccessToast("No new browser versions found", {
          description: "All browser versions are up to date",
          duration: 3000,
        });
@@ -178,7 +278,7 @@ export function useVersionUpdater() {
      return results;
    } catch (error) {
      console.error("Failed to trigger manual update:", error);
-      toast.error("Failed to update browser versions", {
+      showErrorToast("Failed to update browser versions", {
        description:
          error instanceof Error ? error.message : "Unknown error occurred",
        duration: 4000,
@@ -200,7 +300,7 @@ export function useVersionUpdater() {
        // Show notification about new versions if any were found
        if (result.new_versions_count && result.new_versions_count > 0) {
          const browserName = getBrowserDisplayName(browserStr);
-          toast.success(
+          showSuccessToast(
            `Found ${result.new_versions_count} new ${browserName} versions!`,
            {
              duration: 3000,
@@ -219,18 +319,15 @@ export function useVersionUpdater() {
  );

  const formatTimeUntilUpdate = useCallback((seconds: number): string => {
-    if (seconds <= 0) return "Update overdue";
-
-    const hours = Math.floor(seconds / 3600);
-    const minutes = Math.floor((seconds % 3600) / 60);
-
-    if (hours > 0) {
-      return `${hours}h ${minutes}m`;
+    if (seconds < 60) {
+      return `${seconds} seconds`;
    }
-    if (minutes > 0) {
-      return `${minutes}m`;
+    const minutes = Math.floor(seconds / 60);
+    if (minutes < 60) {
+      return `${minutes} minute${minutes === 1 ? "" : "s"}`;
    }
-    return "< 1m";
+    const hours = Math.floor(minutes / 60);
+    return `${hours} hour${hours === 1 ? "" : "s"}`;
  }, []);

  const formatLastUpdateTime = useCallback(
@@ -3,6 +3,7 @@
 * Centralized helpers for browser name mapping, icons, etc.
 */

+import { ZenBrowser } from "@/components/icons/zen-browser";
 import { FaChrome, FaFirefox } from "react-icons/fa";
 import { SiBrave, SiMullvad, SiTorbrowser } from "react-icons/si";

@@ -38,21 +39,10 @@ export function getBrowserIcon(browserType: string) {
    case "firefox-developer":
      return FaFirefox;
    case "zen":
-      return FaFirefox;
+      return ZenBrowser;
    case "tor-browser":
      return SiTorbrowser;
    default:
      return null;
  }
 }
-
-/**
- * Format browser name by capitalizing words and joining with spaces
- * (fallback method for simple transformations)
- */
-export function formatBrowserName(browserType: string): string {
-  return browserType
-    .split("-")
-    .map((word) => word.charAt(0).toUpperCase() + word.slice(1))
-    .join(" ");
-}
@@ -2,27 +2,26 @@ import { UnifiedToast } from "@/components/custom-toast";
 import React from "react";
 import { toast as sonnerToast } from "sonner";

-// Define toast types locally
-export interface BaseToastProps {
+interface BaseToastProps {
  id?: string;
  title: string;
  description?: string;
  duration?: number;
 }

-export interface LoadingToastProps extends BaseToastProps {
+interface LoadingToastProps extends BaseToastProps {
  type: "loading";
 }

-export interface SuccessToastProps extends BaseToastProps {
+interface SuccessToastProps extends BaseToastProps {
  type: "success";
 }

-export interface ErrorToastProps extends BaseToastProps {
+interface ErrorToastProps extends BaseToastProps {
  type: "error";
 }

-export interface DownloadToastProps extends BaseToastProps {
+interface DownloadToastProps extends BaseToastProps {
  type: "download";
  stage?:
    | "downloading"
@@ -37,48 +36,33 @@ export interface DownloadToastProps extends BaseToastProps {
  };
 }

-export interface VersionUpdateToastProps extends BaseToastProps {
+interface VersionUpdateToastProps extends BaseToastProps {
  type: "version-update";
  progress?: {
    current: number;
    total: number;
    found: number;
+    current_browser?: string;
  };
 }

-export interface FetchingToastProps extends BaseToastProps {
-  type: "fetching";
-  browserName?: string;
-}
-
-export interface TwilightUpdateToastProps extends BaseToastProps {
-  type: "twilight-update";
-  browserName?: string;
-  hasUpdate?: boolean;
-}
-
-export type ToastProps =
-  | LoadingToastProps
+type ToastProps =
  | SuccessToastProps
  | ErrorToastProps
  | DownloadToastProps
-  | VersionUpdateToastProps
-  | FetchingToastProps
-  | TwilightUpdateToastProps;
+  | LoadingToastProps
+  | VersionUpdateToastProps;

-// Unified toast function
 export function showToast(props: ToastProps & { id?: string }) {
  const toastId = props.id ?? `toast-${props.type}-${Date.now()}`;

-  // Improved duration logic - make toasts disappear more quickly
  let duration: number;
  if (props.duration !== undefined) {
    duration = props.duration;
  } else {
    switch (props.type) {
      case "loading":
-      case "fetching":
-        duration = 10000; // 10 seconds instead of infinite
+        duration = 10000;
        break;
      case "download":
        // Only keep infinite for active downloading, others get shorter durations
@@ -90,18 +74,15 @@ export function showToast(props: ToastProps & { id?: string }) {
          duration = 20000;
        }
        break;
-      case "version-update":
-        duration = 15000;
-        break;
-      case "twilight-update":
-        duration = 10000;
-        break;
      case "success":
        duration = 3000;
        break;
      case "error":
        duration = 10000;
        break;
+      case "version-update":
+        duration = 15000;
+        break;
      default:
        duration = 5000;
    }
@@ -134,7 +115,7 @@ export function showToast(props: ToastProps & { id?: string }) {
      },
    });
  } else {
-    sonnerToast.custom((id) => React.createElement(UnifiedToast, props), {
+    sonnerToast.custom(() => React.createElement(UnifiedToast, props), {
      id: toastId,
      duration,
      style: {
@@ -151,22 +132,6 @@ export function showToast(props: ToastProps & { id?: string }) {
  return toastId;
 }

-// Convenience functions for common use cases
-export function showLoadingToast(
-  title: string,
-  options?: {
-    id?: string;
-    description?: string;
-    duration?: number;
-  },
-) {
-  return showToast({
-    type: "loading",
-    title,
-    ...options,
-  });
-}
-
 export function showDownloadToast(
  browserName: string,
  version: string,
@@ -205,44 +170,6 @@ export function showDownloadToast(
  });
 }

-export function showVersionUpdateToast(
-  title: string,
-  options?: {
-    id?: string;
-    description?: string;
-    progress?: {
-      current: number;
-      total: number;
-      found: number;
-    };
-    duration?: number;
-  },
-) {
-  return showToast({
-    type: "version-update",
-    title,
-    ...options,
-  });
-}
-
-export function showFetchingToast(
-  browserName: string,
-  options?: {
-    id?: string;
-    description?: string;
-    duration?: number;
-  },
-) {
-  return showToast({
-    type: "fetching",
-    title: `Checking for new ${browserName} versions...`,
-    description:
-      options?.description ?? "Fetching latest release information...",
-    browserName,
-    ...options,
-  });
-}
-
 export function showSuccessToast(
  title: string,
  options?: {
@@ -273,31 +200,49 @@ export function showErrorToast(
  });
 }

-export function showTwilightUpdateToast(
+export function showAutoUpdateToast(
  browserName: string,
+  version: string,
  options?: {
    id?: string;
    description?: string;
-    hasUpdate?: boolean;
    duration?: number;
  },
 ) {
  return showToast({
-    type: "twilight-update",
-    title: options?.hasUpdate
-      ? `${browserName} twilight update available`
-      : `Checking for ${browserName} twilight updates...`,
-    browserName,
-    ...options,
+    type: "loading",
+    title: `${browserName} update started`,
+    description:
+      options?.description ??
+      `Automatically downloading ${browserName} ${version}. Progress will be shown in download notifications.`,
+    id: options?.id ?? `auto-update-${browserName.toLowerCase()}-${version}`,
+    duration: options?.duration ?? 4000,
  });
 }

-// Generic helper for dismissing toasts
 export function dismissToast(id: string) {
  sonnerToast.dismiss(id);
 }

-// Dismiss all toasts
-export function dismissAllToasts() {
-  sonnerToast.dismiss();
+export function showUnifiedVersionUpdateToast(
+  title: string,
+  options?: {
+    id?: string;
+    description?: string;
+    progress?: {
+      current: number;
+      total: number;
+      found: number;
+      current_browser?: string;
+    };
+    duration?: number;
+  },
+) {
+  return showToast({
+    type: "version-update",
+    title,
+    id: "unified-version-update",
+    duration: Number.POSITIVE_INFINITY, // Keep showing until completed
+    ...options,
+  });
 }
@@ -3,6 +3,8 @@ export interface ProxySettings {
  proxy_type: string; // "http", "https", "socks4", or "socks5"
  host: string;
  port: number;
+  username?: string;
+  password?: string;
 }

 export interface TableSortingSettings {
@@ -18,6 +20,7 @@ export interface BrowserProfile {
  proxy?: ProxySettings;
  process_id?: number;
  last_launch?: number;
+  release_type: string; // "stable" or "nightly"
 }

 export interface DetectedProfile {
@@ -27,6 +30,11 @@ export interface DetectedProfile {
  description: string;
 }

+export interface BrowserReleaseTypes {
+  stable?: string;
+  nightly?: string;
+}
+
 export interface AppUpdateInfo {
  current_version: string;
  new_version: string;
@@ -35,8 +43,3 @@ export interface AppUpdateInfo {
  is_nightly: boolean;
  published_at: string;
 }
-
-export interface AppVersionInfo {
-  version: string;
-  is_nightly: boolean;
-}