Google today launched Chrome 50 for Windows, Mac, and Linux, adding the usual slew of developer features. You can update to the latest version now using the browser’s built-in silent updater, or download it directly from google.com/chrome.

Chrome is arguably more than a browser: With over 1 billion users, it’s a major platform that web developers have to consider. In fact, with its regular additions and changes, developers have to keep up to ensure they are taking advantage of everything available.

Before we get into what has been added, it’s worth pointing out what has been removed. As announced in November 2015, Chrome now no longer supports Windows XP, Windows Vista, OS X 10.6 Snow Leopard, OS X 10.7 Lion, nor OS X 10.8 Mountain Lion.

Google has been toying with notifications in Chrome for years. Chrome apps and extensions have supported push notifications on desktop since May 2010 (first added in Chrome 5). More recently, webpages gained the ability to send push notifications to users with the release of Chrome 42, the desktop notification center was removed in Chrome 47, and custom notification buttons were added in Chrome 48.

Now, Chrome 50 allows sites to include notification data payloads with their push messages. This eliminates the final server check — the initial version relied on service workers to proactively fetch the information for a notification from the server, leading to problems when there were multiple messages in flight or when the device was on a poor network connection. Push notification payloads, which are part of the Push API spec and already supported in Firefox, must be encrypted.

Sites can now also detect when a notification is closed by the user, resulting in better analytics and allowing for cross-device notification dismissal. Sites can also whether notifications alert the user with nothing, a vibration, or a sound. The look of notifications can also now be customized with timestamps and icons:

notification_kitty

Earlier this year, Google shared that Chrome now delivers more than 350 million push notifications every day. The company didn’t update this figure today.

Next up, Chrome 50 brings support for declarative preload. When there are resources needed to fully display a page, but Chrome doesn’t know about them until other resources load, developers can now use the “link rel=’preload'” attribute to specify resources that should be downloaded preemptively. This should reduce the time it takes to display content.

Other developer features in this release include:

Chrome 50 also includes 20 security fixes, of which Google chose to highlight the following:

  • [$7500][590275] High CVE-2016-1652: Universal XSS in extension bindings. Credit to anonymous.
  • [$5000][589792] High CVE-2016-1653: Out-of-bounds write in V8. Credit to Choongwoo Han.
  • [591785] Medium CVE-2016-1651: Out-of-bounds read in Pdfium JPEG2000 decoding. Credit to kdot working with HP’s Zero Day Initiative.
  • [$1500][589512] Medium CVE-2016-1654: Uninitialized memory read in media. Credit to Atte Kettunen of OUSPG.
  • [$1500][582008] Medium CVE-2016-1655: Use-after-free related to extensions. Credit to Rob Wu.
  • [$500][570750] Medium CVE-2016-1656: Android downloaded file path restriction bypass. Credit to Dzmitry Lukyanenko.
  • [$1000][567445] Medium CVE-2016-1657: Address bar spoofing. Credit to Luan Herrera.
  • [$500][573317] Low CVE-2016-1658: Potential leak of sensitive information to malicious extensions. Credit to Antonio Sanso (@asanso) of Adobe.
  • [602697] CVE-2015-1659: Various fixes from internal audits, fuzzing and other initiatives.

If you add all those up, you’ll see Google spent just $17,500 in bug bounties. The security fixes alone should be enough incentive for you to upgrade to Chrome 50.

Chrome 50 for Android and iOS are also on their way, but Google has not shared exactly when they will ship.