LoginSign Up
← Back to all sparks
P

Proton Bridge

COMMS
Velocity2.5

Encrypted email bridge connecting Proton Mail to desktop email clients

proton.me/mail/bridge

Proton Bridge has re-accelerated, with a quality-and-security pass across error UX, FIDO2, and Go modernization.

maintenancesecurity-hardeningfido2imap-reliabilityerror-uxgo-modernization
Current state
After a long pause through mid-2025, Proton Bridge resumed steady releases in early 2026 and has now shipped four versions in five months (v3.22 through v3.25). The work is uniformly internal: friendlier error messages, a Go 1.26 toolchain bump, FIDO2 path fixes, IMAP robustness, certificate-chain validation tightening, and the March 2026 security-patch sweep. Visible user-facing additions are limited to MacOS26 icon support and quality-of-life polish.
Where it's heading
The product is in active maintenance mode rather than feature expansion. Investment is going into making the local sync layer more robust — mailbox conflict resolution, IMAP IDLE kill switch, vault retries on Linux — and the auth surface harder, with FIDO2 polish and TLS pin scoping. The arc reads as catching up on technical debt and shoring up security posture after a quieter year, not reshaping the product.
Prediction
Expect the v3.2x cadence to continue with similar bug-fix and security flavor: more Go toolchain work, incremental IMAP edge-case handling, and continued error-UX tightening. The release notes do not surface anything that would hint at a v4 reshape or a meaningful new capability in the near term.

Recent moves

  1. 27d ago

    Bridge Oberbaum v3.25.0

    A substantive maintenance release. The headline is a sweep of error-handling improvements — user-friendly NoSuchUser, full error-chain on failed updates, recipient address surfaced in errors — alongside a Go 1.26.2 toolchain bump, removed legacy updater and feature-flag cruft, and the March 2026 vulnerability patch set. Fits the post-2025 quality-and-security catch-up pattern rather than feature expansion.

    View source ↗
  2. 2mo ago

    Bridge Nescio v3.24.2

    Single change: bumping the base Go image to Debian Bullseye. Pure build infrastructure with no user-visible effect.

    View source ↗
  3. 2mo ago

    Bridge Nescio v3.24.1

    Hotfix that restores the pre-3.24 unlabel endpoint logic behind a feature flag — a rollback path for a recently-changed code path. No new behavior for users.

    View source ↗
  4. 3mo ago

    Bridge Nescio v3.24.0

    IMAP connection limiting lands as a builder option, plus a GODEBUG escape hatch for sub-1024-bit RSA keys, a new error-chain mapping package, message-building performance work, and a FIDO2 username display fix on Windows. Most lines are internal plumbing — the kind of work that lays groundwork for the stronger error UX that v3.25 then delivered.

    View source ↗
  5. 3mo ago

    Bridge Margit v3.23.1

    Targeted hotfix to RemoveFromMailbox so drafts moved to trash are no longer permanently deleted — a regression introduced in v3.23.0 that risked user data loss. Worth flagging despite the small line count.

    View source ↗
  6. 3mo ago

    Bridge Kanmon v3.21.2

    Certificate chain validation fix — pin checks are now scoped to leaf certificates only. Single-line release notes hide a meaningful security-correctness change in the TLS path connecting Bridge to Proton's servers, and it marks the point where the release cadence picked back up after the 2025 quiet period.

    View source ↗