Tor Browser Hardening (hardened malloc, firejail, apparmor) vs Web Fingerprint

• bubblewrap will be installed by default after upgrades.
• bubblewrap will also be installed by default in Whonix 15.0.0.7.1 (and above).

But not because any decision / change by Whonix.

bubblewrap is a dependency.

sudo apt dist-upgrade and even sudo apt dist-upgrade --no-install-recommends on Whonix-Gateway 15.0.0.4.9 will install bubblewrap. Technical reasons (dependency chain):

• libwebkit2gtk-4.0-37 depends on bubblewrap
• zenity depends on libwebkit2gtk-4.0-37
• msgcollector-gui depends on zenity
• tb-updater depends on msgcollector-gui (zenity progress bar, tb updater gui)
• whonixcheck (--gui) needs zenity (zenity progress bar)