tbb-commits April 2023

tbb-commits@lists.torproject.org

1 participants
81 discussions

[Git][tpo/applications/tor-browser][tor-browser-102.10.0esr-12.5-1] fixup! Bug 41649: Create rebase and security backport gitlab issue templates
by Richard Pospesel (＠richard) 23 Apr '23

23 Apr '23

Richard Pospesel pushed to branch tor-browser-102.10.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: 0db7a4bd by Richard Pospesel at 2023-04-23T11:51:30+00:00 fixup! Bug 41649: Create rebase and security backport gitlab issue templates - - - - - 3 changed files: - .gitlab/issue_templates/Backport Android Security Fixes.md - .gitlab/issue_templates/Rebase Browser - Alpha.md - .gitlab/issue_templates/Rebase Browser - Stable.md Changes: ===================================== .gitlab/issue_templates/Backport Android Security Fixes.md ===================================== @@ -4,6 +4,7 @@ - example : `102.8.0` - `$(RR_VERSION)` : the Mozilla defined Rapid-Release version; Tor Browser for Android is based off of the `$(ESR_VERSION)`, but Mozilla's Firefox for Android is based off of the `$(RR_VERSION)` so we need to keep track of security vulnerabilities to backport from the monthly Rapid-Release train and our frozen ESR train. - example: `110` +- `$(PROJECT_NAME)` : the name of the browser project, either `base-browser` or `tor-browser` - `$(TOR_BROWSER_MAJOR)` : the Tor Browser major version - example : `12` - `$(TOR_BROWSER_MINOR)` : the Tor Browser minor version @@ -12,7 +13,7 @@ - example : `build1` </details> -**NOTE:** It is assumed the `tor-browser` rebase has already happened and there exists a `build1` build tag for both `base-browser` and `tor-browser` +**NOTE:** It is assumed the `tor-browser` rebase (stable and alpha) has already happened and there exists a `build1` build tags for both `base-browser` and `tor-browser` (stable and alpha) ### **Bookkeeping** @@ -36,26 +37,53 @@ - Create link to the CVE on [mozilla.org](https://www.mozilla.org/en-US/security/advisories/) - example: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-257… - Create link to the associated Bugzilla issues (found in the CVE description) - - Create a link to the relevant `gecko-dev`/other commit hashes which need to be backported OR a brief justification for why the fix does not need to be backported + - Create links to the relevant `gecko-dev`/other commit hashes which need to be backported OR a brief justification for why the fix does not need to be backported - To find the `gecko-dev` version of a `mozilla-central`, search for a unique string in the relevant `mozilla-central` commit message in the `gecko-dev/release` branch log. - **NOTE:** This process is unfortunately somewhat poorly defined/ad-hoc given the general variation in how Bugzilla issues are labeled and resolved. In general this is going to involve a bit of hunting to identify needed commits or determining whether or not the fix is relevant. +### CVEs + + ### **tor-browser** : https://gitlab.torproject.org/tpo/applications/tor-browser.git - [ ] Backport any Android-specific security fixes from Firefox rapid-release - - [ ] Sign/Tag commit: - - Tag : `tor-browser-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)` + - [ ] Backport patches to `tor-browser` stable branch + - [ ] Open MR + - [ ] Merge + - [ ] Rebase patches onto: + - [ ] `base-browser` stable + - [ ] `tor-browser` alpha + - [ ] `base-browser` alpha + - [ ] Sign/Tag commits: + - Tag : `$(PROJECT_NAME)-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)` - Message: `Tagging $(BUILD_N) for $(ESR_VERSION)-based alpha)` - - [ ] Push tag to `origin` + - [ ] `base-browser` stable + - [ ] `tor-browser` stable + - [ ] `base-browser` alpha + - [ ] `tor-browser` alpha + - [ ] Push tags to `origin` **OR** - [ ] No backports ### **application-services** : *TODO: we will need to setup a gitlab copy of this repo that we can apply security backports to if there are ever any security issues here* - [ ] Backport any Android-specific security fixes from Firefox rapid-release - - [ ] Sign/Tag commit: + - [ ] Backport patches to `application-services` stable branch + - [ ] Open MR + - [ ] Merge + - [ ] Rebase patches onto `application-services` alpha + - [ ] Sign/Tag commits: - Tag : `application-services-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)` - Message: `Tagging $(BUILD_N) for $(ESR_VERSION)-based alpha` - - [ ] Push tag to `origin` + - [ ] `application-services` stable + - [ ] `application-services` alpha + - [ ] Push tags to `origin` **OR** - [ ] No backports @@ -63,10 +91,16 @@ ### **android-components** : https://gitlab.torproject.org/tpo/applications/android-components.git - [ ] Backport any Android-specific security fixes from Firefox rapid-release - **NOTE**: Since November 2022, this repo has been merged with `fenix` into a singular `firefox-android` repo: https://github.com/mozilla-mobile/firefox-android. Any backport will require a patch rewrite to apply to our legacy `android-components` project. - - [ ] Sign/Tag commit: + - [ ] Backport patches to `android-components` stable branch + - [ ] Open MR + - [ ] Merge + - [ ] Rebase patches onto `android-components` alpha + - [ ] Sign/Tag commits: - Tag : `android-components-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)` - Message: `Tagging $(BUILD_N) for $(ESR_VERSION)-based alpha)` - - [ ] Push tag to `origin` + - [ ] `android-components` stable + - [ ] `android-components` alpha + - [ ] Push tags to `origin` **OR** - [ ] No backports @@ -74,15 +108,17 @@ ### **fenix** : https://gitlab.torproject.org/tpo/applications/fenix.git - [ ] Backport any Android-specific security fixes from Firefox rapid-release - **NOTE**: Since February 2023, this repo has been merged with `android-components` into a singular `firefox-android` repo: https://github.com/mozilla-mobile/firefox-android. Any backport will require a patch rewrite to apply to our legacy `fenix` project. - - [ ] Sign/Tag commit: + - [ ] Backport patches to `fenix` stable branch + - [ ] Open MR + - [ ] Merge + - [ ] Rebase patches onto `fenix` alpha + - [ ] Sign/Tag commits: - Tag : `tor-browser-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)` - Message: `Tagging $(BUILD_N) for $(ESR_VERSION)-based alpha)` - - [ ] Push tag to `origin` + - [ ] `fenix` stable + - [ ] `fenix` alpha + - [ ] Push tags to `origin` **OR** - [ ] No backports -### CVEs - - - /confidential ===================================== .gitlab/issue_templates/Rebase Browser - Alpha.md ===================================== @@ -27,14 +27,46 @@ - [ ] Link this issue to the appropriate [Release Prep](https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/is… issue. +### Update Branch Protection Rules + +- [ ] In [Repository Settings](https://gitlab.torproject.org/tpo/applications/tor-browser/-/sett…: + - [ ] Remove previous alpha `base-browser` and `tor-browser` branch protection rules (this will prevent pushing new changes to the branches being rebased) + - [ ] Create new `base-browser` and `tor-browser` branch protection rule: + - **Branch**: `*-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1*` + - example: `*-102.8.0esr-12.5-1*` + - **Allowed to merge**: `Maintainers` + - **Allowed to push and merge**: `Maintainers` + - **Allowed to force push**: `false` + +### **Create New Branches** + +- [ ] Create new alpha `base-browser` branch from Firefox mercurial tag (found during the stable rebase) + - branch name in the form: `base-browser-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1` + - example: `base-browser-102.8.0esr-12.5-1` +- [ ] Create new alpha `tor-browser` branch from Firefox mercurial tag + - branch name in the form: `tor-browser-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1` + - example: `tor-browser-102.8.0esr-12.5-1` +- [ ] Push new `base-browser` branch to `origin` +- [ ] Push new `tor-browser` branch to `origin` + ### **Rebase base-browser** -- [ ] Checkout a new branch for the `base-browser` rebase +- [ ] Checkout a new local branch for the `base-browser` rebase - example: `git branch base-browser-rebase FIREFOX_102_8_0esr_BUILD1` - [ ] Cherry-pick the previous `base-browser` commits up to `base-browser`'s `build1` tag onto new `base-browser` rebase branch - example: `git cherry-pick FIREFOX_102_7_0esr_BUILD1..base-browser-102.7.0esr-12.5-1-build1` - [ ] Rebase and autosquash these cherry-picked commits - example: `git rebase --autosquash --interactive FIREFOX_102_8_0esr_BUILD1 HEAD` + - [ ] **(Optional)** Patch reordering + - Relocate new `base-browser` patches in the patch-set to enforce this rough thematic ordering: + - **MOZILLA BACKPORTS** - official Firefox patches we have backported to our ESR branch: Android-specific security updates, critical bug fixes, worthwhile features, etc + - **MOZILLA REVERTS** - revert commits of official Firefox patches + - **UPLIFT CANDIDATES** - patches which stand on their own and should be uplifted to `mozilla-central` + - **BUILD CONFIGURATION** - tools/scripts, gitlab templates, etc + - **BROWSER CONFIGURATION** - branding, mozconfigs, preference overrides, etc + - **SECURITY PATCHES** - security improvements, hardening, etc + - **PRIVACY PATCHES** - fingerprinting, linkability, proxy bypass, etc + - **FEATURES** - new functionality: updater, UX, letterboxing, security level, add-on integration, etc - [ ] Cherry-pick remainder of patches after the `build1` tag - example: `git cherry-pick base-browser-102.7.0esr-12.5-1-build1 origin/base-browser-102.7.0esr-12.5-1` - [ ] Compare patch sets to ensure nothing *weird* happened during conflict resolution: @@ -61,15 +93,30 @@ - example: `git cherry-pick base-browser-102.7.0esr-12.5-1-build1..tor-browser-102.7.0esr-12.5-1-build1` - [ ] Rebase and autosquash these cherry-picked commits (from the last new `base-browser` commit to `HEAD`) - example: `git rebase --autosquash --interactive base-browser-102.8.0esr-12.5-1-build1 HEAD` + - [ ] **(Optional)** Patch reordering + - Relocate new `tor-browser` patches in the patch-set to enforce this rough thematic ordering: + - **BUILD CONFIGURATION** - tools/scripts, gitlab templates, etc + - **BROWSER CONFIGURATION** - branding, mozconfigs, preference overrides, etc + - **UPDATER PATCHES** - updater tweaks, signing keys, etc + - **SECURITY PATCHES** - non tor-dependent security improvements, hardening, etc + - **PRIVACY PATCHES** - non tor-dependent fingerprinting, linkability, proxy bypass, etc + - **FEAURES** - non tor-dependent features + - **TOR INTEGRATION** - legacy tor-launcher/torbutton, tor modules, bootstrapping, etc + - **TOR SECURITY PATCHES** - tor-specific security improvements + - **TOR PRIVACY PATCHES** - tor-specific privacy improvements + - **TOR FEATURES** - new tor-specific functionality: manual, onion-location, onion service client auth, etc - [ ] Cherry-pick remainder of patches after the last `buildN` tag - example: `git cherry-pick base-browser-102.7.0esr-12.5-1-build1..origin/tor-browser-102.7.0esr-12.5-1` +- [ ] Rebase and autosquash again (from the last new `base-browser` commit to `HEAD`), this time replacing all `fixup` and `squash` commands with `pick`. The goal here is to have all of the `fixup` and `squash` commits beside the commit which they modify. + - example: `git rebase --autosquash --interactive base-browser-102.8.0esr-12.5-1-build1 HEAD` + - **NOTE**: Do not allow `fixup` or `squash` commands here! - [ ] Compare patch sets to ensure nothing *weird* happened during conflict resolution: - [ ] diff of diffs: - Do the diff between `current_patchset.diff` and `rebased_patchset.diff` with your preferred difftool and look at differences on lines that starts with + or - - `git diff $(ESR_TAG_PREV)..$(BROWSER_BRANCH_PREV) > current_patchset.diff` - `git diff $(ESR_TAG)..$(BROWSER_BRANCH) > rebased_patchset.diff` - diff `current_patchset.diff` and `rebased_patchset.diff` - - If everything went correctly, the only lines which should differ should be the lines starting with `index abc123...def456` + - If everything went correctly, the only lines which should differ should be the lines starting with `index abc123...def456` (unless the previous `base-browser` branch includes changes not included in the previous `tor-browser` branch) - [ ] rangediff: `git range-diff $(ESR_TAG_PREV)..$(TOR_BROWSER_BRANCH_PREV) $(ESR_TAG)..HEAD` - example: `git range-dif FIREFOX_102_7_0esr_BUILD1..origin/tor-browser-102.7.0esr-12.5-1 FIREFOX_102_8_0esr_BUILD1..HEAD` - [ ] Open MR for the `tor-browser` rebase ===================================== .gitlab/issue_templates/Rebase Browser - Stable.md ===================================== @@ -25,6 +25,17 @@ - [ ] Link this issue to the appropriate [Release Prep](https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/is… issue. +### Update Branch Protection Rules + +- [ ] In [Repository Settings](https://gitlab.torproject.org/tpo/applications/tor-browser/-/sett…: + - [ ] Remove previous stable `base-browser` and `tor-browser` branch protection rules (this will prevent pushing new changes to the branches being rebased) + - [ ] Create new `base-browser` and `tor-browser` branch protection rule: + - **Branch**: `*-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1*` + - example: `*-102.8.0esr-12.0-1*` + - **Allowed to merge**: `Maintainers` + - **Allowed to push and merge**: `Maintainers` + - **Allowed to force push**: `false` + ### **Identify the Firefox Tagged Commit and Create New Branches** - [ ] Find the Firefox mercurial tag here : https://hg.mozilla.org/releases/mozilla-esr102/tags @@ -48,7 +59,7 @@ ### **Rebase base-browser** -- [ ] Checkout a new branch for the `base-browser` rebase +- [ ] Checkout a new local branch for the `base-browser` rebase - example: `git branch base-browser-rebase FIREFOX_102_8_0esr_BUILD1` - [ ] Cherry-pick the previous `base-browser` commits up to `base-browser`'s `build1` tag onto new `base-browser` rebase branch - example: `git cherry-pick FIREFOX_102_7_0esr_BUILD1..base-browser-102.7.0esr-12.0-1-build1` @@ -72,6 +83,7 @@ - Message : `Tagging build1 for $(ESR_VERSION)esr-based stable` - [ ] Push tag to `origin` + ### **Rebase tor-browser** - [ ] Checkout a new branch for the `tor-browser` rebase starting from the `base-browser` `build1` tag @@ -88,7 +100,7 @@ - `git diff $(ESR_TAG_PREV)..$(BROWSER_BRANCH_PREV) > current_patchset.diff` - `git diff $(ESR_TAG)..$(BROWSER_BRANCH) > rebased_patchset.diff` - diff `current_patchset.diff` and `rebased_patchset.diff` - - If everything went correctly, the only lines which should differ should be the lines starting with `index abc123...def456` + - If everything went correctly, the only lines which should differ should be the lines starting with `index abc123...def456` (unless the previous `base-browser` branch includes changes not included in the previous `tor-browser` branch) - [ ] rangediff: `git range-diff $(ESR_TAG_PREV)..$(TOR_BROWSER_BRANCH_PREV) $(ESR_TAG)..HEAD` - example: `git range-dif FIREFOX_102_7_0esr_BUILD1..origin/tor-browser-102.7.0esr-12.0-1 FIREFOX_102_8_0esr_BUILD1..HEAD` - [ ] Open MR for the `tor-browser` rebase @@ -97,4 +109,3 @@ - Tag : `tor-browser-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1-build1` - Message : `Tagging build1 for $(ESR_VERSION)esr-based stable` - [ ] Push tag to `origin` - View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/0db7a4b… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/0db7a4b… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-102.10.0esr-12.5-1] Bug 41728: Pin bridges.torproject.org domains to Let's Encrypt's root cert public key
by Richard Pospesel (＠richard) 20 Apr '23

20 Apr '23

Richard Pospesel pushed to branch tor-browser-102.10.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: 9b35dbeb by hackademix at 2023-04-20T20:11:22+00:00 Bug 41728: Pin bridges.torproject.org domains to Let's Encrypt's root cert public key - - - - - 1 changed file: - security/manager/ssl/StaticHPKPins.h Changes: ===================================== security/manager/ssl/StaticHPKPins.h ===================================== @@ -451,6 +451,14 @@ static const StaticFingerprints kPinset_tor = { kPinset_tor_Data }; +static const char* const kPinset_tor_browser_Data[] = { + kISRG_Root_X1Fingerprint, +}; +static const StaticFingerprints kPinset_tor_browser = { + sizeof(kPinset_tor_browser_Data) / sizeof(const char*), + kPinset_tor_browser_Data +}; + static const char* const kPinset_twitterCom_Data[] = { kGOOGLE_PIN_VeriSignClass2_G2Fingerprint, kGOOGLE_PIN_VeriSignClass3_G2Fingerprint, @@ -619,6 +627,7 @@ static const TransportSecurityPreload kPublicKeyPinningPreloadList[] = { { "blogger.com", true, false, false, -1, &kPinset_google_root_pems }, { "blogspot.com", true, false, false, -1, &kPinset_google_root_pems }, { "br.search.yahoo.com", false, true, false, -1, &kPinset_yahoo }, + { "bridges.torproject.org", false, false, false, -1, &kPinset_tor_browser }, { "bugs.chromium.org", true, false, false, -1, &kPinset_google_root_pems }, { "build.chromium.org", true, false, false, -1, &kPinset_google_root_pems }, { "business.facebook.com", true, false, false, -1, &kPinset_facebook }, View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/9b35dbe… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/9b35dbe… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-102.10.0esr-12.5-1] 4 commits: Bug 41736 - Customize toolbar for base-browser.
by Richard Pospesel (＠richard) 20 Apr '23

20 Apr '23

Richard Pospesel pushed to branch base-browser-102.10.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: ca768445 by Henry Wilkes at 2023-04-20T20:00:45+00:00 Bug 41736 - Customize toolbar for base-browser. - - - - - 1cc48456 by Henry Wilkes at 2023-04-20T20:00:45+00:00 fixup! Bug 40926: Implemented the New Identity feature Bug 41736 - Stop setting the browser.uiCustomization.state preference. - - - - - 4bea1315 by Henry Wilkes at 2023-04-20T20:00:46+00:00 fixup! Bug 40925: Implemented the Security Level component Bug 41736 - Stop setting the browser.uiCustomization.state preference. - - - - - 90750ca9 by Henry Wilkes at 2023-04-20T20:00:46+00:00 fixup! Firefox preference overrides. Bug 41736 - Stop setting the browser.uiCustomization.state preference. - - - - - 3 changed files: - browser/app/profile/001-base-profile.js - browser/components/customizableui/CustomizableUI.jsm - browser/components/extensions/parent/ext-browserAction.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -464,9 +464,6 @@ pref("intl.multilingual.downloadEnabled", false); // Disk activity: Disable storage.sync (tor-browser#41424) pref("webextensions.storage.sync.enabled", false); -// Toolbar layout -pref("browser.uiCustomization.state", "{\"placements\":{\"widget-overflow-fixed-list\":[],\"PersonalToolbar\":[\"personal-bookmarks\"],\"nav-bar\":[\"back-button\",\"forward-button\",\"stop-reload-button\",\"urlbar-container\",\"security-level-button\",\"new-identity-button\",\"downloads-button\"],\"TabsToolbar\":[\"tabbrowser-tabs\",\"new-tab-button\",\"alltabs-button\"],\"toolbar-menubar\":[\"menubar-items\"],\"PanelUI-contents\":[\"home-button\",\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"save-page-button\",\"print-button\",\"bookmarks-menu-button\",\"history-panelmenu\",\"find-button\",\"preferences-button\",\"add-ons-button\",\"developer-button\"],\"addon-bar\":[\"addonbar-closebutton\",\"status-bar\"]},\"seen\":[\"developer-button\"],\"dirtyAreaCache\":[\"PersonalToolbar\",\"nav-bar\",\"TabsToolbar\",\"toolbar-menubar\"],\"currentVersion\":14,\"newElementCount\":1}"); - // Enforce certificate pinning, see: https://bugs.torproject.org/16206 pref("security.cert_pinning.enforcement_level", 2); ===================================== browser/components/customizableui/CustomizableUI.jsm ===================================== @@ -65,6 +65,11 @@ const kSubviewEvents = ["ViewShowing", "ViewHiding"]; */ var kVersion = 17; +/** + * The current version for base browser. + */ +var kVersionBaseBrowser = 1; + /** * Buttons removed from built-ins by version they were removed. kVersion must be * bumped any time a new id is added to this. Use the button id as key, and @@ -218,6 +223,7 @@ var CustomizableUIInternal = { this._updateForNewVersion(); this._updateForNewProtonVersion(); this._markObsoleteBuiltinButtonsSeen(); + this._updateForBaseBrowser(); this.registerArea( CustomizableUI.AREA_FIXED_OVERFLOW_PANEL, @@ -236,10 +242,15 @@ var CustomizableUIInternal = { Services.policies.isAllowed("removeHomeButtonByDefault") ? null : "home-button", - "spring", + // Don't want springs either side of the urlbar. tor-browser#41736 "urlbar-container", - "spring", - "save-to-pocket-button", + // save-to-pocket-button is entirely disabled. See tor-browser#18886 and + // tor-browser#31602. + // Base-browser additions tor-browser#41736. If you want to add to, remove + // from, or rearrange this list, then bump the kVersionBaseBrowser and + // update existing saved states in _updateForBaseBrowser. + "security-level-button", + "new-identity-button", "downloads-button", AppConstants.MOZ_DEV_EDITION ? "developer-button" : null, "fxa-toolbar-menu-button", @@ -255,6 +266,10 @@ var CustomizableUIInternal = { }, true ); + // navbarPlacements does not match the initial default XHTML layout. + // Therefore we always need to rebuild the navbar area when + // registerToolbarNode is called. tor-browser#41736 + gDirtyAreaCache.add(CustomizableUI.AREA_NAVBAR); if (AppConstants.MENUBAR_CAN_AUTOHIDE) { this.registerArea( @@ -687,6 +702,104 @@ var CustomizableUIInternal = { } }, + _updateForBaseBrowser() { + if (!gSavedState) { + // Use the defaults. + return; + } + + const currentVersion = gSavedState.currentVersionBaseBrowser; + + if (currentVersion < 1) { + // NOTE: In base-browser/tor-browser version 12.5a5, and earlier, the + // toolbar was configured by setting the full JSON string for the default + // "browser.uiCustomization.state" preference value. The disadvantage is + // that we could not update this value in a way that existing users (who + // would have non-default preference values) would also get the desired + // change (e.g. for adding or removing a button). + // + // With tor-browser#41736 we want to switch to changing the toolbar + // dynamically like firefox. Therefore, this first version transfer simply + // gets the toolbar into the same state we wanted before, away from the + // default firefox state. + // + // If an existing user state aligned with the previous default + // "browser.uiCustomization.state" then this shouldn't visibly change + // anything. + // If a user explicitly customized the toolbar to go back to the firefox + // default, then this may undo those changes. + const navbarPlacements = + gSavedState.placements[CustomizableUI.AREA_NAVBAR]; + if (navbarPlacements) { + const getBeforeAfterUrlbar = () => { + // NOTE: The urlbar is non-removable from the navbar, so should have + // an index. + const index = navbarPlacements.indexOf("urlbar-container"); + let after = index + 1; + if ( + after < navbarPlacements.length && + navbarPlacements[after] === "search-container" + ) { + // Skip past the search-container. + after++; + } + return { before: index - 1, after }; + }; + + // Remove the urlbar springs either side of the urlbar. + const { before, after } = getBeforeAfterUrlbar(); + if ( + after < navbarPlacements.length && + this.matchingSpecials(navbarPlacements[after], "spring") + ) { + // Remove the spring after. + navbarPlacements.splice(after, 1); + // NOTE: The `before` index does not change. + } + if ( + before >= 0 && + this.matchingSpecials(navbarPlacements[before], "spring") + ) { + // Remove the spring before. + navbarPlacements.splice(before, 1); + } + + // Make sure the security-level-button and new-identity-button appears + // in the toolbar. + for (const id of ["new-identity-button", "security-level-button"]) { + let alreadyAdded = false; + for (const placements of Object.values(gSavedState.placements)) { + if (placements.includes(id)) { + alreadyAdded = true; + break; + } + } + if (alreadyAdded) { + continue; + } + + // Add to the nav-bar, after the urlbar-container. + // NOTE: We have already removed the spring after the urlbar. + navbarPlacements.splice(getBeforeAfterUrlbar().after, 0, id); + } + } + + // Remove save-to-pocket-button. See tor-browser#18886 and + // tor-browser#31602. + for (const placements of Object.values(gSavedState.placements)) { + let buttonIndex = placements.indexOf("save-to-pocket-button"); + if (buttonIndex != -1) { + placements.splice(buttonIndex, 1); + } + } + + // Remove unused fields that used to be part of + // "browser.uiCustomization.state". + delete gSavedState.placements["PanelUI-contents"]; + delete gSavedState.placements["addon-bar"]; + } + }, + _placeNewDefaultWidgetsInArea(aArea) { let futurePlacedWidgets = gFuturePlacements.get(aArea); let savedPlacements = @@ -2501,6 +2614,10 @@ var CustomizableUIInternal = { gSavedState.currentVersion = 0; } + if (!("currentVersionBaseBrowser" in gSavedState)) { + gSavedState.currentVersionBaseBrowser = 0; + } + gSeenWidgets = new Set(gSavedState.seen || []); gDirtyAreaCache = new Set(gSavedState.dirtyAreaCache || []); gNewElementCount = gSavedState.newElementCount || 0; @@ -2579,6 +2696,7 @@ var CustomizableUIInternal = { seen: gSeenWidgets, dirtyAreaCache: gDirtyAreaCache, currentVersion: kVersion, + currentVersionBaseBrowser: kVersionBaseBrowser, newElementCount: gNewElementCount, }; ===================================== browser/components/extensions/parent/ext-browserAction.js ===================================== @@ -193,6 +193,10 @@ this.browserAction = class extends ExtensionAPIPersistent { } build() { + // The extension ID for NoScript (WebExtension) + const isNoScript = + this.extension.id === "{73a6fe31-595d-460b-a920-fcc0f8843232}"; + let widget = CustomizableUI.createWidget({ id: this.id, viewId: this.viewId, @@ -200,7 +204,11 @@ this.browserAction = class extends ExtensionAPIPersistent { removable: true, label: this.action.getProperty(null, "title"), tooltiptext: this.action.getProperty(null, "title"), - defaultArea: browserAreas[this.action.getDefaultArea()], + // Do not want to add the NoScript extension to the toolbar by default. + // tor-browser#41736 + defaultArea: isNoScript + ? null + : browserAreas[this.action.getDefaultArea()], showInPrivateBrowsing: this.extension.privateBrowsingAllowed, // Don't attempt to load properties from the built-in widget string View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/fd31ee… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/fd31ee… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-102.10.0esr-12.5-1] 6 commits: Bug 41736 - Customize toolbar for base-browser.
by Richard Pospesel (＠richard) 20 Apr '23

20 Apr '23

Richard Pospesel pushed to branch tor-browser-102.10.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: 1ce930e3 by Henry Wilkes at 2023-04-20T20:03:08+00:00 Bug 41736 - Customize toolbar for base-browser. - - - - - d354800c by Henry Wilkes at 2023-04-20T20:03:08+00:00 fixup! Bug 40926: Implemented the New Identity feature Bug 41736 - Stop setting the browser.uiCustomization.state preference. - - - - - adacb2c3 by Henry Wilkes at 2023-04-20T20:03:08+00:00 fixup! Bug 40925: Implemented the Security Level component Bug 41736 - Stop setting the browser.uiCustomization.state preference. - - - - - 491718d1 by Henry Wilkes at 2023-04-20T20:03:08+00:00 fixup! Firefox preference overrides. Bug 41736 - Stop setting the browser.uiCustomization.state preference. - - - - - 352acb10 by Henry Wilkes at 2023-04-20T20:03:08+00:00 Bug 41736 - Customize toolbar for tor-browser. - - - - - 96796fa5 by Henry Wilkes at 2023-04-20T20:03:08+00:00 fixup! Bug 40562: Added Tor Browser preferences to 000-tor-browser.js Bug 41736 - Stop setting the browser.uiCustomization.state preference. - - - - - 4 changed files: - browser/app/profile/000-tor-browser.js - browser/app/profile/001-base-profile.js - browser/components/customizableui/CustomizableUI.jsm - browser/components/extensions/parent/ext-browserAction.js Changes: ===================================== browser/app/profile/000-tor-browser.js ===================================== @@ -30,8 +30,6 @@ pref("network.security.ports.banned", "", locked); pref("network.dns.disabled", true); // This should cover the #5741 patch for DNS leaks pref("network.http.max-persistent-connections-per-proxy", 256); -pref("browser.uiCustomization.state", "{\"placements\":{\"widget-overflow-fixed-list\":[],\"PersonalToolbar\":[\"personal-bookmarks\"],\"nav-bar\":[\"back-button\",\"forward-button\",\"stop-reload-button\",\"urlbar-container\",\"torbutton-button\",\"security-level-button\",\"new-identity-button\",\"downloads-button\"],\"TabsToolbar\":[\"tabbrowser-tabs\",\"new-tab-button\",\"alltabs-button\"],\"toolbar-menubar\":[\"menubar-items\"],\"PanelUI-contents\":[\"home-button\",\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"save-page-button\",\"print-button\",\"bookmarks-menu-button\",\"history-panelmenu\",\"find-button\",\"preferences-button\",\"add-ons-button\",\"developer-button\"],\"addon-bar\":[\"addonbar-closebutton\",\"status-bar\"]},\"seen\":[\"developer-button\",\"_73a6fe31-595d-460b-a920-fcc0f8843232_-browser-action\"],\"dirtyAreaCache\":[\"PersonalToolbar\",\"nav-bar\",\"TabsToolbar\",\"toolbar-menubar\"],\"currentVersion\":14,\"newElementCount\":1}"); - // Treat .onions as secure pref("dom.securecontext.allowlist_onions", true); ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -464,9 +464,6 @@ pref("intl.multilingual.downloadEnabled", false); // Disk activity: Disable storage.sync (tor-browser#41424) pref("webextensions.storage.sync.enabled", false); -// Toolbar layout -pref("browser.uiCustomization.state", "{\"placements\":{\"widget-overflow-fixed-list\":[],\"PersonalToolbar\":[\"personal-bookmarks\"],\"nav-bar\":[\"back-button\",\"forward-button\",\"stop-reload-button\",\"urlbar-container\",\"security-level-button\",\"new-identity-button\",\"downloads-button\"],\"TabsToolbar\":[\"tabbrowser-tabs\",\"new-tab-button\",\"alltabs-button\"],\"toolbar-menubar\":[\"menubar-items\"],\"PanelUI-contents\":[\"home-button\",\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"save-page-button\",\"print-button\",\"bookmarks-menu-button\",\"history-panelmenu\",\"find-button\",\"preferences-button\",\"add-ons-button\",\"developer-button\"],\"addon-bar\":[\"addonbar-closebutton\",\"status-bar\"]},\"seen\":[\"developer-button\"],\"dirtyAreaCache\":[\"PersonalToolbar\",\"nav-bar\",\"TabsToolbar\",\"toolbar-menubar\"],\"currentVersion\":14,\"newElementCount\":1}"); - // Enforce certificate pinning, see: https://bugs.torproject.org/16206 pref("security.cert_pinning.enforcement_level", 2); ===================================== browser/components/customizableui/CustomizableUI.jsm ===================================== @@ -65,6 +65,16 @@ const kSubviewEvents = ["ViewShowing", "ViewHiding"]; */ var kVersion = 17; +/** + * The current version for base browser. + */ +var kVersionBaseBrowser = 1; + +/** + * The current version for tor browser. + */ +var kVersionTorBrowser = 1; + /** * Buttons removed from built-ins by version they were removed. kVersion must be * bumped any time a new id is added to this. Use the button id as key, and @@ -218,6 +228,8 @@ var CustomizableUIInternal = { this._updateForNewVersion(); this._updateForNewProtonVersion(); this._markObsoleteBuiltinButtonsSeen(); + this._updateForBaseBrowser(); + this._updateForTorBrowser(); this.registerArea( CustomizableUI.AREA_FIXED_OVERFLOW_PANEL, @@ -236,10 +248,17 @@ var CustomizableUIInternal = { Services.policies.isAllowed("removeHomeButtonByDefault") ? null : "home-button", - "spring", + // Don't want springs either side of the urlbar. tor-browser#41736 "urlbar-container", - "spring", - "save-to-pocket-button", + // save-to-pocket-button is entirely disabled. See tor-browser#18886 and + // tor-browser#31602. + // Base-browser additions tor-browser#41736. If you want to add to, remove + // from, or rearrange this list, then bump the kVersionBaseBrowser and + // update existing saved states in _updateForBaseBrowser. + // Or if the change is only meant for tor-browser, bump kVersionTorBrowser + // instead and update the existing saved states in _updateForTorBrowser. + "security-level-button", + "new-identity-button", "downloads-button", AppConstants.MOZ_DEV_EDITION ? "developer-button" : null, "fxa-toolbar-menu-button", @@ -255,6 +274,10 @@ var CustomizableUIInternal = { }, true ); + // navbarPlacements does not match the initial default XHTML layout. + // Therefore we always need to rebuild the navbar area when + // registerToolbarNode is called. tor-browser#41736 + gDirtyAreaCache.add(CustomizableUI.AREA_NAVBAR); if (AppConstants.MENUBAR_CAN_AUTOHIDE) { this.registerArea( @@ -687,6 +710,123 @@ var CustomizableUIInternal = { } }, + _updateForBaseBrowser() { + if (!gSavedState) { + // Use the defaults. + return; + } + + const currentVersion = gSavedState.currentVersionBaseBrowser; + + if (currentVersion < 1) { + // NOTE: In base-browser/tor-browser version 12.5a5, and earlier, the + // toolbar was configured by setting the full JSON string for the default + // "browser.uiCustomization.state" preference value. The disadvantage is + // that we could not update this value in a way that existing users (who + // would have non-default preference values) would also get the desired + // change (e.g. for adding or removing a button). + // + // With tor-browser#41736 we want to switch to changing the toolbar + // dynamically like firefox. Therefore, this first version transfer simply + // gets the toolbar into the same state we wanted before, away from the + // default firefox state. + // + // If an existing user state aligned with the previous default + // "browser.uiCustomization.state" then this shouldn't visibly change + // anything. + // If a user explicitly customized the toolbar to go back to the firefox + // default, then this may undo those changes. + const navbarPlacements = + gSavedState.placements[CustomizableUI.AREA_NAVBAR]; + if (navbarPlacements) { + const getBeforeAfterUrlbar = () => { + // NOTE: The urlbar is non-removable from the navbar, so should have + // an index. + const index = navbarPlacements.indexOf("urlbar-container"); + let after = index + 1; + if ( + after < navbarPlacements.length && + navbarPlacements[after] === "search-container" + ) { + // Skip past the search-container. + after++; + } + return { before: index - 1, after }; + }; + + // Remove the urlbar springs either side of the urlbar. + const { before, after } = getBeforeAfterUrlbar(); + if ( + after < navbarPlacements.length && + this.matchingSpecials(navbarPlacements[after], "spring") + ) { + // Remove the spring after. + navbarPlacements.splice(after, 1); + // NOTE: The `before` index does not change. + } + if ( + before >= 0 && + this.matchingSpecials(navbarPlacements[before], "spring") + ) { + // Remove the spring before. + navbarPlacements.splice(before, 1); + } + + // Make sure the security-level-button and new-identity-button appears + // in the toolbar. + for (const id of ["new-identity-button", "security-level-button"]) { + let alreadyAdded = false; + for (const placements of Object.values(gSavedState.placements)) { + if (placements.includes(id)) { + alreadyAdded = true; + break; + } + } + if (alreadyAdded) { + continue; + } + + // Add to the nav-bar, after the urlbar-container. + // NOTE: We have already removed the spring after the urlbar. + navbarPlacements.splice(getBeforeAfterUrlbar().after, 0, id); + } + } + + // Remove save-to-pocket-button. See tor-browser#18886 and + // tor-browser#31602. + for (const placements of Object.values(gSavedState.placements)) { + let buttonIndex = placements.indexOf("save-to-pocket-button"); + if (buttonIndex != -1) { + placements.splice(buttonIndex, 1); + } + } + + // Remove unused fields that used to be part of + // "browser.uiCustomization.state". + delete gSavedState.placements["PanelUI-contents"]; + delete gSavedState.placements["addon-bar"]; + } + }, + + _updateForTorBrowser() { + if (!gSavedState) { + // Use the defaults. + return; + } + + const currentVersion = gSavedState.currentVersionTorBrowser; + + if (currentVersion < 1) { + // Remove torbutton-button, which no longer exists. + for (const placements of Object.values(gSavedState.placements)) { + let buttonIndex = placements.indexOf("torbutton-button"); + if (buttonIndex != -1) { + placements.splice(buttonIndex, 1); + } + } + } + }, + _placeNewDefaultWidgetsInArea(aArea) { let futurePlacedWidgets = gFuturePlacements.get(aArea); let savedPlacements = @@ -2501,6 +2641,14 @@ var CustomizableUIInternal = { gSavedState.currentVersion = 0; } + if (!("currentVersionBaseBrowser" in gSavedState)) { + gSavedState.currentVersionBaseBrowser = 0; + } + + if (!("currentVersionTorBrowser" in gSavedState)) { + gSavedState.currentVersionTorBrowser = 0; + } + gSeenWidgets = new Set(gSavedState.seen || []); gDirtyAreaCache = new Set(gSavedState.dirtyAreaCache || []); gNewElementCount = gSavedState.newElementCount || 0; @@ -2579,6 +2727,8 @@ var CustomizableUIInternal = { seen: gSeenWidgets, dirtyAreaCache: gDirtyAreaCache, currentVersion: kVersion, + currentVersionBaseBrowser: kVersionBaseBrowser, + currentVersionTorBrowser: kVersionTorBrowser, newElementCount: gNewElementCount, }; ===================================== browser/components/extensions/parent/ext-browserAction.js ===================================== @@ -193,6 +193,10 @@ this.browserAction = class extends ExtensionAPIPersistent { } build() { + // The extension ID for NoScript (WebExtension) + const isNoScript = + this.extension.id === "{73a6fe31-595d-460b-a920-fcc0f8843232}"; + let widget = CustomizableUI.createWidget({ id: this.id, viewId: this.viewId, @@ -200,7 +204,11 @@ this.browserAction = class extends ExtensionAPIPersistent { removable: true, label: this.action.getProperty(null, "title"), tooltiptext: this.action.getProperty(null, "title"), - defaultArea: browserAreas[this.action.getDefaultArea()], + // Do not want to add the NoScript extension to the toolbar by default. + // tor-browser#41736 + defaultArea: isNoScript + ? null + : browserAreas[this.action.getDefaultArea()], showInPrivateBrowsing: this.extension.privateBrowsingAllowed, // Don't attempt to load properties from the built-in widget string View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/4ae885… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/4ae885… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-update-responses][main] alpha: new version, 12.5a5
by boklm (＠boklm) 20 Apr '23

20 Apr '23

boklm pushed to branch main at The Tor Project / Applications / Tor Browser update responses Commits: f3488a32 by Nicolas Vigier at 2023-04-20T21:46:33+02:00 alpha: new version, 12.5a5 - - - - - 30 changed files: - update_3/alpha/.htaccess - − update_3/alpha/12.5a3-12.5a4-linux32-ALL.xml - − update_3/alpha/12.5a3-12.5a4-linux64-ALL.xml - − update_3/alpha/12.5a3-12.5a4-macos-ALL.xml - − update_3/alpha/12.5a3-12.5a4-win32-ALL.xml - − update_3/alpha/12.5a3-12.5a4-win64-ALL.xml - + update_3/alpha/12.5a4-12.5a5-linux32-ALL.xml - + update_3/alpha/12.5a4-12.5a5-linux64-ALL.xml - + update_3/alpha/12.5a4-12.5a5-macos-ALL.xml - + update_3/alpha/12.5a4-12.5a5-win32-ALL.xml - + update_3/alpha/12.5a4-12.5a5-win64-ALL.xml - − update_3/alpha/12.5a4-linux32-ALL.xml - − update_3/alpha/12.5a4-linux64-ALL.xml - − update_3/alpha/12.5a4-macos-ALL.xml - − update_3/alpha/12.5a4-win32-ALL.xml - − update_3/alpha/12.5a4-win64-ALL.xml - + update_3/alpha/12.5a5-linux32-ALL.xml - + update_3/alpha/12.5a5-linux64-ALL.xml - + update_3/alpha/12.5a5-macos-ALL.xml - + update_3/alpha/12.5a5-win32-ALL.xml - + update_3/alpha/12.5a5-win64-ALL.xml - update_3/alpha/download-android-aarch64.json - update_3/alpha/download-android-armv7.json - update_3/alpha/download-android-x86.json - update_3/alpha/download-android-x86_64.json - update_3/alpha/download-linux-i686.json - update_3/alpha/download-linux-x86_64.json - update_3/alpha/download-macos.json - update_3/alpha/download-windows-i686.json - update_3/alpha/download-windows-x86_64.json The diff was not included because it is too large. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-102.10.0esr-12.5-1] 2 commits: fixup! Bug 41417: Always prompt users to restart after changing language
by Pier Angelo Vendrame (＠pierov) 20 Apr '23

20 Apr '23

Pier Angelo Vendrame pushed to branch tor-browser-102.10.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: 7cf4e447 by Pier Angelo Vendrame at 2023-04-20T20:16:02+02:00 fixup! Bug 41417: Always prompt users to restart after changing language Bug 41738: Drop the patch to disable live reload Revert "Bug 41417: Always prompt users to restart after changing language" This reverts commit bad85a459ea24b34f3c09924c6d2b9f0bc750d88. - - - - - 4ae88530 by Pier Angelo Vendrame at 2023-04-20T20:16:02+02:00 fixup! Firefox preference overrides. Bug 41738: Drop the patch to disable live reload and use the pref - - - - - 2 changed files: - browser/app/profile/001-base-profile.js - browser/components/preferences/main.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -499,6 +499,10 @@ pref("browser.urlbar.suggest.topsites", false); // is only reported via telemetry (which is disabled). See tor-browser#40048. pref("corroborator.enabled", false); +// tor-browser#41417: do not allow live reload until we switch to Fluent and +// stop using .textContent. +pref("intl.multilingual.liveReload", false); + // Onboarding. pref("browser.onboarding.tourset-version", 5); pref("browser.onboarding.newtour", "welcome,privacy,tor-network-9.0,circuit-display,security,expect-differences,onion-services,learn-more"); ===================================== browser/components/preferences/main.js ===================================== @@ -1196,17 +1196,18 @@ var gMainPane = { gMainPane.recordBrowserLanguagesTelemetry("reorder"); switch (gMainPane.getLanguageSwitchTransitionType(newLocales)) { - // tor-browser#41417: Always prompt for the restart, until we switch to - // Fluent, since the current way we use to update languages does not allow - // live-reload. We could also call showConfirmLanguageChangeMessageBar in - // the official live-reload case, but the result is inconsistent and makes - // handling the locales-match case harder. case "requires-restart": - case "live-reload": // Prepare to change the locales, as they were different. gMainPane.showConfirmLanguageChangeMessageBar(newLocales); gMainPane.updatePrimaryBrowserLanguageUI(newLocales[0]); break; + case "live-reload": + Services.locale.requestedLocales = newLocales; + gMainPane.updatePrimaryBrowserLanguageUI( + Services.locale.appLocaleAsBCP47 + ); + gMainPane.hideConfirmLanguageChangeMessageBar(); + break; case "locales-match": // They matched, so we can reset the UI. gMainPane.updatePrimaryBrowserLanguageUI( @@ -1459,12 +1460,18 @@ var gMainPane = { } switch (gMainPane.getLanguageSwitchTransitionType(selected)) { - // tor-browser#41417: see onPrimaryBrowserLanguageMenuChange case "requires-restart": - case "live-reload": gMainPane.showConfirmLanguageChangeMessageBar(selected); gMainPane.updatePrimaryBrowserLanguageUI(selected[0]); break; + case "live-reload": + Services.locale.requestedLocales = selected; + + gMainPane.updatePrimaryBrowserLanguageUI( + Services.locale.appLocaleAsBCP47 + ); + gMainPane.hideConfirmLanguageChangeMessageBar(); + break; case "locales-match": // They matched, so we can reset the UI. gMainPane.updatePrimaryBrowserLanguageUI( View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/337dcb… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/337dcb… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Update Mullvad Browser release prep templates to include downstream package...
by Richard Pospesel (＠richard) 20 Apr '23

20 Apr '23

Richard Pospesel pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: b1b4bf77 by Richard Pospesel at 2023-04-20T17:53:16+00:00 Update Mullvad Browser release prep templates to include downstream package notification/maintenance - - - - - 1 changed file: - .gitlab/issue_templates/Release Prep - Mullvad Browser Stable.md Changes: ===================================== .gitlab/issue_templates/Release Prep - Mullvad Browser Stable.md ===================================== @@ -98,7 +98,7 @@ Mullvad Browser Stable lives in the various `maint-$(MULLVAD_BROWSER_MAJOR).$(MU </details> <details> - <summary>Communications</summary> + <summary>Downstream</summary> ### notify stakeholders @@ -107,9 +107,15 @@ Mullvad Browser Stable lives in the various `maint-$(MULLVAD_BROWSER_MAJOR).$(MU - [ ] New `mullvad-browser` project branch and tags - [ ] mullvad-browser-update-responses git hash - [ ] changelog +- [ ] Email downstream consumers: + - [ ] flathub package maintainer: proletarius101(a)protonmail.com + - [ ] arch package maintainer: bootctl(a)gmail.com -</details> +### merge requests +- [ ] homebrew: https://github.com/Homebrew/homebrew-cask/blob/master/Casks/mullvad-browser… + - **NOTE**: should just need to update the version to latest +</details> /label ~"Release Prep" View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/b… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/b… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 40818: Enable wasm target for rust
by Pier Angelo Vendrame (＠pierov) 20 Apr '23

20 Apr '23

Pier Angelo Vendrame pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: d86056dd by Cecylia Bocovich at 2023-04-20T13:11:22+00:00 Bug 40818: Enable wasm target for rust - - - - - 2 changed files: - projects/rust/build - projects/rust/config Changes: ===================================== projects/rust/build ===================================== @@ -6,6 +6,8 @@ tar -C /var/tmp/dist -xf [% c('input_files_by_name/cmake') %] export PATH="/var/tmp/dist/cmake/bin:$PATH" tar -C /var/tmp/dist -xf [% c('input_files_by_name/binutils') %] export PATH=/var/tmp/dist/binutils/bin:$PATH +tar -C /var/tmp/dist -xf [% c('input_files_by_name/ninja') %] +export PATH=/var/tmp/dist/ninja:$PATH tar -C /var/tmp/dist -xf [% c('input_files_by_name/rust_prebuilt') %] cd /var/tmp/dist/rust-[% c('version') %]-x86_64-unknown-linux-gnu ./install.sh --prefix=$distdir-rust-prebuilt @@ -52,6 +54,11 @@ mkdir /var/tmp/build tar -C /var/tmp/build -xf [% c('input_files_by_name/rust') %] cd /var/tmp/build/rustc-[% c('version') %]-src +# This is a workaround to get access to the libunwind header files. Our LLVM_CONFIG +# thinks that the llvm source root is at /var/tmp/dist/clang-source because that's +# where it was when clang was compiled. +ln -s "/var/tmp/build/rustc-[% c('version') %]-src/src/llvm-project" "/var/tmp/build/clang-source" + mkdir build cd build ../configure --prefix=$distdir --disable-docs --disable-compiler-docs [% c("var/configure_opt") %] ===================================== projects/rust/config ===================================== @@ -7,7 +7,7 @@ container: targets: android: var: - configure_opt: --enable-local-rust --enable-vendor --enable-extended --release-channel=stable --sysconfdir=etc --llvm-root=/var/tmp/dist/clang --set rust.jemalloc --target=x86_64-unknown-linux-gnu,armv7-linux-androideabi,thumbv7neon-linux-androideabi,aarch64-linux-android,i686-linux-android,x86_64-linux-android --set=target.armv7-linux-androideabi.cc=armv7a-linux-androideabi16-clang --set=target.armv7-linux-androideabi.ar=armv7a-linux-androideabi-ar --set=target.thumbv7neon-linux-androideabi.cc=armv7a-linux-androideabi16-clang --set=target.thumbv7neon-linux-androideabi.ar=armv7a-linux-androideabi-ar --set=target.aarch64-linux-android.cc=aarch64-linux-android21-clang --set=target.aarch64-linux-android.ar=aarch64-linux-android-ar --set=target.i686-linux-android.cc=i686-linux-android16-clang --set=target.i686-linux-android.ar=i686-linux-android-ar --set=target.x86_64-linux-android.cc=x86_64-linux-android21-clang --set=target.x86_64-linux-android.ar=x86_64-linux-android-ar + configure_opt: --enable-local-rust --enable-vendor --enable-extended --release-channel=stable --sysconfdir=etc --llvm-root=/var/tmp/dist/clang --set rust.jemalloc --target=x86_64-unknown-linux-gnu,armv7-linux-androideabi,thumbv7neon-linux-androideabi,aarch64-linux-android,i686-linux-android,x86_64-linux-android,wasm32-unknown-unknown --set=target.armv7-linux-androideabi.cc=armv7a-linux-androideabi16-clang --set=target.armv7-linux-androideabi.ar=armv7a-linux-androideabi-ar --set=target.thumbv7neon-linux-androideabi.cc=armv7a-linux-androideabi16-clang --set=target.thumbv7neon-linux-androideabi.ar=armv7a-linux-androideabi-ar --set=target.aarch64-linux-android.cc=aarch64-linux-android21-clang --set=target.aarch64-linux-android.ar=aarch64-linux-android-ar --set=target.i686-linux-android.cc=i686-linux-android16-clang --set=target.i686-linux-android.ar=i686-linux-android-ar --set=target.x86_64-linux-android.cc=x86_64-linux-android21-clang --set=target.x86_64-linux-android.ar=x86_64-linux-android-ar --set target.wasm32-unknown-unknown.linker=clang --set target.wasm32-unknown-unknown.ar=llvm-ar --set target.wasm32-unknown-unknown.ranlib=llvm-ranlib --set rust.lld=true linux: var: @@ -41,11 +41,11 @@ targets: # # Finally, we tell Rust to use some tools from LLVM, like the prebuilt # binaries do. - configure_opt: --enable-local-rust --enable-vendor --enable-extended --release-channel=stable --sysconfdir=etc --llvm-root=/var/tmp/dist/clang --set rust.jemalloc --target=x86_64-unknown-linux-gnu,i686-unknown-linux-gnu --set target.x86_64-unknown-linux-gnu.linker=clang --set target.x86_64-unknown-linux-gnu.ar=llvm-ar --set target.x86_64-unknown-linux-gnu.ranlib=llvm-ranlib --set target.i686-unknown-linux-gnu.linker=clang --set target.i686-unknown-linux-gnu.ar=llvm-ar --set target.i686-unknown-linux-gnu.ranlib=llvm-ranlib + configure_opt: --enable-local-rust --enable-vendor --enable-extended --release-channel=stable --sysconfdir=etc --llvm-root=/var/tmp/dist/clang --set rust.jemalloc --target=x86_64-unknown-linux-gnu,i686-unknown-linux-gnu,wasm32-unknown-unknown --set target.x86_64-unknown-linux-gnu.linker=clang --set target.x86_64-unknown-linux-gnu.ar=llvm-ar --set target.x86_64-unknown-linux-gnu.ranlib=llvm-ranlib --set target.i686-unknown-linux-gnu.linker=clang --set target.i686-unknown-linux-gnu.ar=llvm-ar --set target.i686-unknown-linux-gnu.ranlib=llvm-ranlib --set target.wasm32-unknown-unknown.linker=clang --set target.wasm32-unknown-unknown.ar=llvm-ar --set target.wasm32-unknown-unknown.ranlib=llvm-ranlib --set rust.lld=true macos: var: - configure_opt: --enable-local-rust --enable-vendor --enable-extended --release-channel=stable --sysconfdir=etc --llvm-root=/var/tmp/dist/macosx-toolchain/clang --set rust.jemalloc --target=x86_64-unknown-linux-gnu,[% c("var/build_target") %] --set=target.[% c("var/build_target") %].cc=[% c("var/build_target") %]-clang --set target.x86_64-unknown-linux-gnu.linker=clang --set target.x86_64-unknown-linux-gnu.ar=llvm-ar --set target.x86_64-unknown-linux-gnu.ranlib=llvm-ranlib + configure_opt: --enable-local-rust --enable-vendor --enable-extended --release-channel=stable --sysconfdir=etc --llvm-root=/var/tmp/dist/macosx-toolchain/clang --set rust.jemalloc --target=x86_64-unknown-linux-gnu,[% c("var/build_target") %],wasm32-unknown-unknown --set=target.[% c("var/build_target") %].cc=[% c("var/build_target") %]-clang --set target.x86_64-unknown-linux-gnu.linker=clang --set target.x86_64-unknown-linux-gnu.ar=llvm-ar --set target.x86_64-unknown-linux-gnu.ranlib=llvm-ranlib --set target.wasm32-unknown-unknown.linker=clang --set target.wasm32-unknown-unknown.ar=llvm-ar --set target.wasm32-unknown-unknown.ranlib=llvm-ranlib --set rust.lld=true arch_deps: - pkg-config @@ -53,7 +53,7 @@ targets: var: # See tor-browser-build#29320 compiler: mingw-w64 - configure_opt: --enable-local-rust --enable-vendor --enable-extended --release-channel=stable --sysconfdir=etc --llvm-root=/var/tmp/dist/clang --target=x86_64-unknown-linux-gnu,[% c("arch") %]-pc-windows-gnu --set target.x86_64-unknown-linux-gnu.linker=clang --set target.x86_64-unknown-linux-gnu.ar=llvm-ar --set target.x86_64-unknown-linux-gnu.ranlib=llvm-ranlib + configure_opt: --enable-local-rust --enable-vendor --enable-extended --release-channel=stable --sysconfdir=etc --llvm-root=/var/tmp/dist/clang --target=x86_64-unknown-linux-gnu,[% c("arch") %]-pc-windows-gnu,wasm32-unknown-unknown --set target.x86_64-unknown-linux-gnu.linker=clang --set target.x86_64-unknown-linux-gnu.ar=llvm-ar --set target.x86_64-unknown-linux-gnu.ranlib=llvm-ranlib --set target.wasm32-unknown-unknown.linker=clang --set target.wasm32-unknown-unknown.ar=llvm-ar --set target.wasm32-unknown-unknown.ranlib=llvm-ranlib --set rust.lld=true arch_deps: - pkg-config @@ -72,6 +72,8 @@ input_files: # libgcc, and the GNU/LLVM is a tier 3 platform supported only for x86_64). # macOS does not need Clang because it comes already with its compiler. enable: '[% c("var/linux") || c("var/android") || c("var/windows") %]' + - project: ninja + name: ninja - URL: 'https://static.rust-lang.org/dist/rustc-[% c("version") %]-src.tar.gz' name: rust sig_ext: asc View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/d… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/d… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new branch tor-browser-102.10.0esr-13.0-1
by Pier Angelo Vendrame (＠pierov) 20 Apr '23

20 Apr '23

Pier Angelo Vendrame pushed new branch tor-browser-102.10.0esr-13.0-1 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-102.10.0esr-12.5-1] fixup! Add TorStrings module for localization
by Pier Angelo Vendrame (＠pierov) 20 Apr '23

20 Apr '23

Pier Angelo Vendrame pushed to branch tor-browser-102.10.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: 337dcb91 by Henry Wilkes at 2023-04-20T09:21:20+00:00 fixup! Add TorStrings module for localization Bug 41714 - Add settings.bridgeShowFewer string. - - - - - 1 changed file: - toolkit/torbutton/chrome/locale/en-US/settings.properties Changes: ===================================== toolkit/torbutton/chrome/locale/en-US/settings.properties ===================================== @@ -46,6 +46,7 @@ settings.whatAreThese=What are these? settings.bridgeCopy=Copy Bridge Address settings.copied=Copied! settings.bridgeShowAll=Show All Bridges +settings.bridgeShowFewer=Show Fewer Bridges settings.allBridgesEnabled=Use current bridges settings.bridgeRemoveAll=Remove All Bridges settings.bridgeRemoveAllDialogTitle=Remove all bridges? View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/337dcb9… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/337dcb9… You're receiving this email because of your account on gitlab.torproject.org.

1 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

tbb-commits April 2023