New subject: Tor Browser team meeting notes, 7 May 2018

30 Apr 2018


      Hi all!
Here are the notes from our weekly Tor Browser meeting which we had
earlier today. The chat log can be found at
http://meetbot.debian.net/tor-meeting/2018/tor-meeting.2018-04-30-18.00.log....
and our pad items were:
Monday April 30, 2018
Discussion question(s):
    -igt0 asks: I know we have talked about accessibility before, about
mobile, how much we care right now? I am asking because of
    ticket #25902. Android accessibility services allow password
managers to listen for user events. e.g. typing a password in a login form.
    -Upcoming releases
    -What is our way forward with our extensions for ESR60? [sysrqb and
arthuredelstein will look next week into what is needed to get our
extensions integrated into a working ESR60 build]
mcs and brade:
  Last week:
    - Helped with triage of incoming tickets.
    - Continued rebasing Tor Browser updater patches for ESR60 (part of
#25543).
       - Tested on macOS.
    - Participated in the UX/Tor Browser "sync" meeting.
  This week:
    - Finish rebasing Tor Browser updater patches for ESR 60.
       - Test on Linux.
       - Test on Windows.
    - Monitor #25807 (Can not request bridges from torproject.org (App
Engine is broken for moat)).
igt0:
    Last week:
        - #25810: Backported few fixes affecting Orfox to
tor-browser-52.7.3esr-8.0-1.
        - #25974: Make sure Android Oreo(API level 26) autofill feature
is disabled (looks like it doesn't work on FF, i am trying to make
autofill to work on simulator to be 100% sure)
    This week:
        - Review and smoke test rebased Orfox patches branch.
        - Build  and test on android the rebased tor browser patches for
ESR60 to make sure we are not going to have problems in the alpha release.
tjr
 - Found and bypassed a crash bug for MinGW. Looking at two, maybe three
crashes currently.
   - 1) A crash in
https://searchfox.org/mozilla-central/source/nsprpub/pr/src/threads/prtpd.c#...
that happens on TC
   - 2) This assert:
https://searchfox.org/mozilla-central/source/layout/svg/nsSVGIntegrationUtil...
- Have been learning more about debugging symbol-less (in WinDBG).
Feel pretty comfortable identifying where I am in assembly (assuming
Debug asserts are present...) [GeKo: Do you feel you could write up what
you learned and, say, add this to the Hacking doc we have? I guess this
would help us a lot, too.]
    - Wrote it up at
https://trac.torproject.org/projects/tor/wiki/doc/TorBrowser/Hacking/Debuggi...
GeKo
  Last Week:
      - wrote a patch for the rustc cross-compilation for Windows
      - fixed the rustc cross-compilation for macOS (still need to
clean-up the patch for review)
      - helped with Sponsor4 reports (yes! those were still a thing!1!)
      - wrote/backported small patches for tor-launcher (getting Moat to
work again) and for tor-browser (fixes an off-by-one error)
      - started to  review the patch rebase for ESR 60
      - gave the circuit display patch (#24309) another round of testing
      - patch reviews/merges (#25898, #25458, #25810, #25973)
    This week:
      - finish up the rustc compilation patch for macOS
      - rebase review
      - update macOS toolchain
      - plan to take days off (5/1 and 5/3+5/4)
boklm:
    Last week:
        - patches for #25817 (add ansible roles for nightly builds) and
#25318 (adding email notification for nightly builds) are now ready for
review
        - installed some VMs for running the Tor Browser testsuite, and
started working on some ansible roles for the setup
        - worked on a patch for #25876 (Source release tarballs for Tor
Browser) to automate creation of source tarballs
        - worked on #25862 (Clean up wrapper script/CFLAGS and friends
mix on Windows) which is now ready for review
        - investigated the reproducibility issue with #16472 (binutils
update)
        - started reviewing #25894 (Get a rust cross-compiler for
Windows) and #25832 (Enable pthread support for mingw-w64)
    This week:
        - help with building the new releases
        - continue investigating issue with binutils update (#16472)
        - continue work on testsuite VMs setup
sysrqb:
    Last week:
        - Worked on TBA patch rebase (#25741)
        - Worked on updating Orfox's https-everywhere addon (#25603)
    This week:
        - Found -8.0-1 branch is busted when building Orfox, fixing now
(#25980)
        - Merge #25603 after we fix bustage
        - Continue testing #25741, put in needs-review
        - Start working on another TBA ticket
pospeselr:
    Last week:
        - Worked on #23247 (Communicating security expectations for
.onion), most of the way there but need to plumb down some logic
exposing mixed-mode info for .onion to work correctly
    This Week:
        - Finishing up #23247
        - Entertaining Shane this afternoon
        - Flying to the east coast to visit family Friday afternoon
arthuredelstein:
    Last week:
        - https://trac.torproject.org/25938 (backport 1334776)
        - Updated https://trac.torproject.org/25543 (Rebase Tor Browser
patches for ESR60)
        - Revised patch for https://trac.torproject.org/24309 (Activity
4.1: Improve how circuits are displayed to the user)
        - Revised patch for https://trac.torproject.org/22343 (Save
as... in the context menu results in using the catch-all circuit); will
post after more testing
        - Did more cspace calculations for
https://trac.torproject.org/25575 (Server space request for hosting Tor
Browser downloads) updated by arthuredelstein
This week:
- Try to get a preliminary desktop build working for TBB/ESR60
- Continue revising https://trac.torproject.org/25543 branch
- Permissions patch revision:
https://bugzilla.mozilla.org/show_bug.cgi?id=1330467
Georg

Tor Browser team meeting notes, 30 April 2018