Hi!
We just finished our weekly Tor Browser meeting. The chat log can be found at:
http://meetbot.debian.net/tor-meeting/2018/tor-meeting.2018-06-04-18.00.log....
The notes from our pad are:
Monday, June 4, 2018 Discussion: sysrqb: Do we want to use the 'status:' updates during the week like the network team? [GeKo: It seems we like this idea. Need to check with the network team to not mess with their status updates] sysrqb: General question: is there an update/timeline on the new tp.o website? [GeKo: not sure actually]
igt0: Last Week: - Updated #1459420 patch (HLS Player doesn't use the centralized Proxy Selector) - Still struggling with the Orfox crash, I also contacted Till from Mozilla (sysrqb: could you give a hand? yes) - Delivered my talk in the JSConfEU about fingerprinting techniques and mitigations. [GeKo: Are there slides/a recording available somewhere?] This Week: - More Orfox debugging - tweak Tor Button to make it work on mobile and initial mobile UI preparation (we need to think about what we can reuse)
mcs and brade: Last week: - Reviewed and tested rebased external helper app patch (part of #25543). - Fixed #26235 (Help menu does not open in Tor Browser nightlies based on ESR60). - Started working on #22074 (Review Firefox Developer Docs and Undocumented bugs since FF52esr). This week: - File a Bugzilla bug for #25909 (disable updater telemetry) - Continue with #22074 (Review Firefox Developer Docs and Undocumented bugs since FF52esr).
GeKo: Last week: - continued MAR signing key testing - finished macOS patches for new toolchain (including all the other components, not only firefox), nightlies should be available rather soon - made progress on the network review - reviews (#25859, #25650, #26204, #26235) - sent out 1:1 feedback scheduling mails This week: - finish MAR signing testing and come up with a plan for the changes we need for the next update and how we address them (#26050) - network review - more code reviews - help with the windows changes for esr60 - begin of the month admin stuff, ticket prioritization for next alpha - I'll be afk on 6/6
sukhe: Last Week:
- Worked on #26204, #25837, #26073, #26216 (in progress), #26205 (in
progress). Looked at Windows builds of Firefox 60ESR
- Rust build question: what's the purpose of prev_version? Is there a reason we are using the source tar and not the git?
I am asking because panic-abort.patch fails to apply for the Windows 32bit build.
I am building on top of master with https://github.com/azadi/tor-browser-build-1/tree/bug-26204
and https://gitweb.torproject.org/user/gk/tor-browser-build.git/commit/?h=bug_26... merged
[boklm: prev_version is the binary version we use for bootstrapping the build. panic-abort.patch was made on rust 1.25.0 and it seems it will need to be rebased on version 1.26.1.]
This week:
- Resume #26126, #26205, #26203 (Windows builds)
tjr - Ethan, Tim and Gary are back! Had their first couple days. Will sync up with them this week. (Arthur says: yay!) - Expect a Tor/Mozilla sync meeting to get scheduled after all-hands, probably late day Berlin time / early morning USA time - MinGW Work
- x64 Sandbox work: https://bugzilla.mozilla.org/show_bug.cgi?id=1461421
- x64 Sandbox with jemalloc: https://bugzilla.mozilla.org/show_bug.cgi?id=1466192
- Jacek will start on mingw-clang sometime soonish in https://bugzilla.mozilla.org/show_bug.cgi?id=mingw-clang and children
boklm: Last week: - reviewed #26204, #26249, #9711, #25832, #25894, #25554, #25548, #26195, #26003 - updated #25860 (Clean up OpenSSL's configure options for Windows) This week: - finish reviewing #24632 (Update macOS toolchain for ESR 60) - update HEASLR patch (#12968) and try to inspect the binary to check if we are good - start looking at #26050 and #26234 (update "watershed" for ESR60-based Tor Browser) - fill upstream binutils ticket for #26148 - continue work on some ansible roles for testsuite VMs setup (#26149)
pospeselr: Last week: - run without /proc patch uplift updates - seems like #23247 test failures were some intermittent issue with the ESR60 tryserver, rebased agains latest and test failures went away - localization approach of pulling strings from tor-button strings list won't work as is (due to string formatting specifiers)
- problem is modifying that first line which either shows:
- the various HTTPS and encryption properties (uses string formatters) OR
- scary connection not encrypted message (hard coded string)
- for onion https connections we would need to throw away the HTTPS info altogether and only display a constant 'onion encryption' message for the 1st line
- if anyone has thoughts on this I'm all ears
- started work on #26039 (<profiledir>/preferences/extension-overrides.js will not be loaded in ESR 60)
- took off Friday (and Monday was Holiday)
This week:
- finish up #26039 patch
sysrqb: - Last week: Monday was US holiday Continued work on TBA patches Looked at Orfox bug Began dogfooding nightly - This week: Rebasing and testting TBA patches on top of Arthur's Tor Browser patches (#26233) Looking at Orfox bug some more
arthuredelstein: - Last week: Finished a branch for #26233 (Rebase to Firefox 61) Started work on #14952 (HTTP2 audit and patch) - This week: Try to get a patch for review for #14952 Work on #25555 (optimistic socks) and #26128 (noscript/security slider, possibly in collaboration with sukhe)
Georg