November 2023 - tbb-commits - lists.torproject.org

[Git][tpo/applications/tor-browser] Pushed new tag tor-browser-115.4.0esr-13.0-1-build3
by richard (＠richard) 06 Nov '23

06 Nov '23

richard pushed new tag tor-browser-115.4.0esr-13.0-1-build3 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] 3 commits: Bug 41005: Unpack macOS bundle to /var/tmp instead of /tmp in rcodesign-notary-submit step
by richard (＠richard) 06 Nov '23

06 Nov '23

richard pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: a9429aa5 by Richard Pospesel at 2023-11-03T15:22:37+00:00 Bug 41005: Unpack macOS bundle to /var/tmp instead of /tmp in rcodesign-notary-submit step - - - - - 8ebcb6f6 by Richard Pospesel at 2023-11-03T15:24:19+00:00 Bug 41006: Fix typo in finished-signing-clean-linux signer - - - - - a565b18a by Richard Pospesel at 2023-11-03T15:25:24+00:00 Bug 41007: gatekeeper-bundling.sh refers to old .tar.gz archive - - - - - 3 changed files: - tools/signing/finished-signing-clean-linux-signer - tools/signing/gatekeeper-bundling.sh - tools/signing/rcodesign-notary-submit Changes: ===================================== tools/signing/finished-signing-clean-linux-signer ===================================== @@ -10,5 +10,5 @@ source "$script_dir/functions" var_is_defined ssh_host_linux_signer tbb_version ssh "$ssh_host_linux_signer" 'bash -s' << EOF - test -n "$tbb_version" && rm -Rfv ~/"$SIGNING_PROJECTNAME-$tbb_version ~/"$SIGNING_PROJECTNAME-$tbb_version-macos-signed" + test -n "$tbb_version" && rm -Rfv ~/"$SIGNING_PROJECTNAME-$tbb_version" ~/"$SIGNING_PROJECTNAME-$tbb_version-macos-signed" EOF ===================================== tools/signing/gatekeeper-bundling.sh ===================================== @@ -45,7 +45,7 @@ test -f "$libdmg_file" || \ "You can build it with:" \ " ./rbm/rbm build --target no_containers libdmg-hfsplus" \ "See var/deps in projects/libdmg-hfsplus/config for the list of build dependencies" -hfstools_file="$script_dir/../../out/hfsplus-tools/hfsplus-tools-540.1.linux3-81ff5b.tar.gz" +hfstools_file="$script_dir/../../out/hfsplus-tools/hfsplus-tools-540.1.linux3-2acaa4.tar.zst" test -f "$hfstools_file" || \ exit_error "$hfstools_file is missing." \ "You can build it with:" \ ===================================== tools/signing/rcodesign-notary-submit ===================================== @@ -14,7 +14,7 @@ test -f "$appstoreconnect_api_key_path" || \ "$script_dir/setup-rcodesign" -tmpdir=$(mktemp -d) +tmpdir=$(mktemp -d -p /var/tmp) trap "rm -Rf $tmpdir" EXIT Proj_Name=$(Project_Name) View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.4.0esr-13.5-1] fixup! Add TorStrings module for localization
by Pier Angelo Vendrame (＠pierov) 06 Nov '23

06 Nov '23

Pier Angelo Vendrame pushed to branch tor-browser-115.4.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 377d3eca by Henry Wilkes at 2023-11-02T12:18:32+00:00 fixup! Add TorStrings module for localization Bug 42221: Remove unused strings now that 13.0 is stable. - - - - - 6 changed files: - toolkit/torbutton/chrome/locale/en-US/aboutTBUpdate.dtd - toolkit/torbutton/chrome/locale/en-US/settings.properties - toolkit/torbutton/chrome/locale/en-US/torConnect.properties - toolkit/torbutton/chrome/locale/en-US/torbutton.dtd - toolkit/torbutton/chrome/locale/en-US/torbutton.properties - toolkit/torbutton/chrome/locale/en-US/torlauncher.properties Changes: ===================================== toolkit/torbutton/chrome/locale/en-US/aboutTBUpdate.dtd ===================================== @@ -7,9 +7,6 @@ <!ENTITY aboutTBUpdate.version "Version"> <!ENTITY aboutTBUpdate.releaseDate "Release Date"> <!ENTITY aboutTBUpdate.releaseNotes "Release Notes"> - - -<!ENTITY aboutTBUpdate.updated "Tor Browser has been updated.">  -<!ENTITY torbutton.circuit_display.new_circuit "New Circuit for this Site">  <!ENTITY torbutton.onionServices.authPrompt.tooltip "Open onion service client authentication prompt"> ===================================== toolkit/torbutton/chrome/locale/en-US/torbutton.properties ===================================== @@ -22,25 +22,6 @@ torbutton.circuit_display.region-guard-node = %S (guard) torbutton.circuit_display.new-circuit-guard-description = Your guard node may not change torbutton.circuit_display.new-circuit-bridge-description = Your bridge may not change -# Old circuit display strings used up to 12.0 - remove when 12.5 becomes stable: -torbutton.circuit_display.relay = Relay -torbutton.circuit_display.unknown_country = Unknown country -torbutton.circuit_display.guard = Guard -torbutton.circuit_display.guard_note = Your [Guard] node may not change. -torbutton.circuit_display.learn_more = Learn more -torbutton.circuit_display.click_to_copy = Click to Copy -torbutton.circuit_display.copied = Copied! -# end - -# External app blocker strings used up to 12.0 - TODO: remove when 12.5 becomes stable: -torbutton.popup.external.title = Download an external file type? -torbutton.popup.external.app = Tor Browser cannot display this file. You will need to open it with another application.\n\n -torbutton.popup.external.note = Some types of files can cause applications to connect to the Internet without using Tor.\n\n -torbutton.popup.external.suggest = To be safe, you should only open downloaded files while offline, or use a Tor Live CD such as Tails.\n -torbutton.popup.launch = Download file -torbutton.popup.cancel = Cancel -torbutton.popup.dontask = Automatically download files from now on - # Download pane warning torbutton.download.warning.title = Be careful opening downloads # %S will be a link to the Tails operating system website. With the content given by torbutton.download.warning.tails_brand_name @@ -131,18 +112,3 @@ profileProblemTitle=%S Profile Problem profileReadOnly=You cannot run %S from a read-only file system. Please copy %S to another location before trying to use it. profileReadOnlyMac=You cannot run %S from a read-only file system. Please copy %S to your Desktop or Applications folder before trying to use it. profileAccessDenied=%S does not have permission to access the profile. Please adjust your file system permissions and try again. - -# New identity warning -torbutton.popup.no_newnym = Torbutton cannot safely give you a new identity. It does not have access to the Tor Control Port.\n\nAre you running Tor Browser Bundle? - - -## Legacy - -# Preferences for mobile: these strings are still referenced, but we should -# check whether this feature is still used -torbutton.security_settings.menu.title = Security Settings - -# The notification that appears when maximizing the browser with letterboxing disabled -# TODO: This string is not needed as of 12.5a5, and has a replacement in Base Browser! -# To be removed when 12.0 will not need new updates. -torbutton.maximize_warning = Maximizing Tor Browser can allow websites to determine your monitor size, which can be used to track you. We recommend that you leave Tor Browser windows in their original default size. ===================================== toolkit/torbutton/chrome/locale/en-US/torlauncher.properties ===================================== @@ -59,7 +59,3 @@ torlauncher.bootstrapWarning.pt_missing=missing pluggable transport torlauncher.nsresult.NS_ERROR_NET_RESET=The connection to the server was lost. torlauncher.nsresult.NS_ERROR_CONNECTION_REFUSED=Could not connect to the server. torlauncher.nsresult.NS_ERROR_PROXY_CONNECTION_REFUSED=Could not connect to the proxy. - -## 12.5-only strings that can be removed once it goes EOL. - -torlauncher.tor_controlconn_failed=Could not connect to Tor control port. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/377d3ec… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/377d3ec… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-update-responses][main] alpha: new version, 13.5a1
by richard (＠richard) 02 Nov '23

02 Nov '23

richard pushed to branch main at The Tor Project / Applications / Tor Browser update responses Commits: f716473f by Richard Pospesel at 2023-11-02T19:52:51+00:00 alpha: new version, 13.5a1 - - - - - 30 changed files: - update_3/alpha/.htaccess - − update_3/alpha/13.0a3-13.0a6-linux-i686-ALL.xml - − update_3/alpha/13.0a3-13.0a6-linux-x86_64-ALL.xml - − update_3/alpha/13.0a3-13.0a6-macos-ALL.xml - − update_3/alpha/13.0a3-13.0a6-windows-i686-ALL.xml - − update_3/alpha/13.0a3-13.0a6-windows-x86_64-ALL.xml - − update_3/alpha/13.0a4-13.0a6-linux-i686-ALL.xml - − update_3/alpha/13.0a4-13.0a6-linux-x86_64-ALL.xml - − update_3/alpha/13.0a4-13.0a6-macos-ALL.xml - − update_3/alpha/13.0a4-13.0a6-windows-i686-ALL.xml - − update_3/alpha/13.0a4-13.0a6-windows-x86_64-ALL.xml - + update_3/alpha/13.0a4-13.5a1-linux-i686-ALL.xml - + update_3/alpha/13.0a4-13.5a1-linux-x86_64-ALL.xml - + update_3/alpha/13.0a4-13.5a1-macos-ALL.xml - + update_3/alpha/13.0a4-13.5a1-windows-i686-ALL.xml - + update_3/alpha/13.0a4-13.5a1-windows-x86_64-ALL.xml - − update_3/alpha/13.0a5-13.0a6-linux-i686-ALL.xml - − update_3/alpha/13.0a5-13.0a6-linux-x86_64-ALL.xml - − update_3/alpha/13.0a5-13.0a6-macos-ALL.xml - − update_3/alpha/13.0a5-13.0a6-windows-i686-ALL.xml - − update_3/alpha/13.0a5-13.0a6-windows-x86_64-ALL.xml - + update_3/alpha/13.0a5-13.5a1-linux-i686-ALL.xml - + update_3/alpha/13.0a5-13.5a1-linux-x86_64-ALL.xml - + update_3/alpha/13.0a5-13.5a1-macos-ALL.xml - + update_3/alpha/13.0a5-13.5a1-windows-i686-ALL.xml - + update_3/alpha/13.0a5-13.5a1-windows-x86_64-ALL.xml - + update_3/alpha/13.0a6-13.5a1-linux-i686-ALL.xml - + update_3/alpha/13.0a6-13.5a1-linux-x86_64-ALL.xml - + update_3/alpha/13.0a6-13.5a1-macos-ALL.xml - + update_3/alpha/13.0a6-13.5a1-windows-i686-ALL.xml The diff was not included because it is too large. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag mb-13.5a1-build1
by richard (＠richard) 02 Nov '23

02 Nov '23

richard pushed new tag mb-13.5a1-build1 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/mb-… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag tbb-13.5a1-build1
by richard (＠richard) 02 Nov '23

02 Nov '23

richard pushed new tag tbb-13.5a1-build1 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/tbb… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/torbrowser-launcher][AsciiWolf-metainfo-fix] Use a proper rDNS ID in AppStream metainfo
by asciiwolf (＠asciiwolf) 02 Nov '23

02 Nov '23

asciiwolf pushed to branch AsciiWolf-metainfo-fix at The Tor Project / Applications / torbrowser-launcher Commits: 34bdd4d0 by AsciiWolf at 2023-11-02T18:12:06+01:00 Use a proper rDNS ID in AppStream metainfo - - - - - 1 changed file: - share/metainfo/torbrowser.appdata.xml → share/metainfo/org.torproject.torbrowser-launcher.metainfo.xml Changes: ===================================== share/metainfo/torbrowser.appdata.xml → share/metainfo/org.torproject.torbrowser-launcher.metainfo.xml ===================================== @@ -1,7 +1,8 @@ <?xml version="1.0" encoding="UTF-8"?>  <component type="desktop-application"> - <id>torbrowser.desktop</id> + <id>org.torproject.torbrowser-launcher</id> + <launchable type="desktop-id">torbrowser.desktop</launchable> <metadata_license>CC0-1.0</metadata_license> <project_license>MIT</project_license> <name>Tor Browser Launcher</name> View it on GitLab: https://gitlab.torproject.org/tpo/applications/torbrowser-launcher/-/commit… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/torbrowser-launcher/-/commit… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 40978, 40981: Prepare Tor+Mullvad Browser Alpha 13.5a1
by richard (＠richard) 02 Nov '23

02 Nov '23

richard pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 9b98e5ac by Richard Pospesel at 2023-11-01T17:42:56+00:00 Bug 40978,40981: Prepare Tor+Mullvad Browser Alpha 13.5a1 - - - - - 10 changed files: - projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt - projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt - projects/browser/allowed_addons.json - projects/browser/config - projects/firefox/config - projects/geckoview/config - projects/go/config - projects/manual/config - projects/openssl/config - projects/translation/config Changes: ===================================== projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt ===================================== @@ -1,3 +1,202 @@ +Mullvad Browser 13.5a1 - November 01 2023 + * All Platforms + * Updated Firefox to 115.4.0esr + * Updated NoScript to 11.4.28 + * Bug 246: Add the last Mullvad Browser Extension (0.8.4) to 13.0 [mullvad-browser] + * Bug 42182: Default Search Engine Does Not Persist Through Shift to New Identity [tor-browser] + * Bug 42191: Backport security fixes (Android & wontfix) from Firefox 119 to 115.4 - based Tor Browser [tor-browser] + * Windows + macOS + * Bug 42154: Empty the clipboard on browser shutdown only if content comes from private browsing windows [tor-browser] + * Build System + * All Platforms + * Bug 40934: Remove $bundle_locales from signing scripts now that we're on ALL for everything [tor-browser-build] + * Bug 40982: Fix logging in tools/signing/do-all-signing [tor-browser-build] + * Bug 40983: Bump the various branches to 13.5 on main [tor-browser-build] + * Bug 40989: Add .nobackup files to reproducible and disposable directores [tor-browser-build] + * Windows + * Bug 40984: The PDBs for .exe are not included [tor-browser-build] + * macOS + * Bug 29815: Sign our macOS bundles on Linux [tor-browser-build] + +Mullvad Browser 13.0.1 - October 24 2023 + * All Platforms + * Updated Firefox to 115.4.0esr + * Bug 42182: Default Search Engine Does Not Persist Through Shift to New Identity [tor-browser] + * Bug 42185: Rebase stable browsers on top of 115.4.0esr [tor-browser] + * Bug 42191: Backport security fixes (Android & wontfix) from Firefox 119 to 115.4 - based Tor Browser [tor-browser] + * Build System + * Windows + Linux + * Bug 40991: Fix creation of downloads-windows-x86_64.json and downloads-linux-x86_64.json [tor-browser-build] + * Windows + * Bug 40984: The PDBs for .exe are not included [tor-browser-build] + +Mullvad Browser 13.0 - October 12 2023 + * All Platforms + * Updated Firefox to 115.3.1esr + * Bug 40050: FF103 Audit [tor-browser-spec] + * Bug 40051: FF104 Audit [tor-browser-spec] + * Bug 40052: FF105 Audit [tor-browser-spec] + * Bug 40053: FF106 Audit [tor-browser-spec] + * Bug 40054: FF107 Audit [tor-browser-spec] + * Bug 40055: FF108 Audit [tor-browser-spec] + * Bug 40056: FF109 Audit [tor-browser-spec] + * Bug 40057: FF110 Audit [tor-browser-spec] + * Bug 40058: FF111 Audit [tor-browser-spec] + * Bug 40059: FF112 Audit [tor-browser-spec] + * Bug 40060: FF113 Audit [tor-browser-spec] + * Bug 40061: FF114 Audit [tor-browser-spec] + * Bug 40062: FF115 Audit [tor-browser-spec] + * Bug 66: Localize Mullvad Browser [mullvad-browser] + * Bug 166: Enable built-in URL anti-tracking query parameters stripping [mullvad-browser] + * Bug 175: Change the default start window size from 1000x1000 [mullvad-browser] + * Bug 177: Change help links in `about:preferences` and menu [mullvad-browser] + * Bug 183: Rebase Mullvad Browser to Firefox 115 [mullvad-browser] + * Bug 195: Choose which locales to translate Mullvad Browser to [mullvad-browser] + * Bug 196: Enumerate Mullvad Browser-specific strings for localization [mullvad-browser] + * Bug 199: Mullvad Browser changes required to use Mullvad Browser-specific localization strings [mullvad-browser] + * Bug 208: Improve letterboxing's dimensions [mullvad-browser] + * Bug 211: Change "Mullvad Browser Home" to "New tab" [mullvad-browser] + * Bug 213: Add search engines to the default list [mullvad-browser] + * Bug 214: Enable cross-tab identity leak protection in "quiet" mode [mullvad-browser] + * Bug 215: Update re-adds manually removed default toolbar buttons [mullvad-browser] + * Bug 218: uBO and Mullvad Browser Extension hidden in unified extensions panel [mullvad-browser] + * Bug 220: "Firefox Suggest" string appears when search matches a bookmark [mullvad-browser] + * Bug 223: Trademarks in the about popup are not translated [mullvad-browser] + * Bug 226: First window after update should go to the user-friendly release page on GitHub [mullvad-browser] + * Bug 228: Remove popup asking for preferred language on websites [mullvad-browser] + * Bug 231: Fix the Security Level "read more" link in popup/settings panel [mullvad-browser] + * Bug 243: Make sure about:mullvadbrowser is treated as a new tab page [mullvad-browser] + * Bug 26277: When "Safest" setting is enabled searching using duckduckgo should always use the Non-Javascript site for searches [tor-browser] + * Bug 30556: Re-evaluate letterboxing dimension choices [tor-browser] + * Bug 33282: Increase the max width of new windows [tor-browser] + * Bug 33955: Selecting "Copy image" from menu leaks the source URL to the clipboard. This data is often dereferenced by other applications. [tor-browser] + * Bug 41327: Disable UrlbarProviderInterventions [tor-browser] + * Bug 41477: Review some extensions.* preferences [tor-browser] + * Bug 41496: Review 000-tor-browser.js and 001-base-profile.js for 115 [tor-browser] + * Bug 41528: Hard-coded English "based on Mozilla Firefox" appears in version in "About" dialog [tor-browser] + * Bug 41576: ESR115: ensure no remote calls for weather & addon suggestions [tor-browser] + * Bug 41581: ESR115: figure out extension pinning / unified Extensions [tor-browser] + * Bug 41642: Do not hide new PBM in the hamburger menu if auto PBM is not enabled [tor-browser] + * Bug 41675: Remove javascript.options.large_arraybuffers [tor-browser] + * Bug 41691: "Firefox Suggest" text appearing in UI [tor-browser] + * Bug 41727: WebRTC privacy-hardening settings [tor-browser] + * Bug 41739: Remove "Website appearance" [tor-browser] + * Bug 41740: ESR115: change devicePixelRatio spoof to 2 in alpha for testing [tor-browser] + * Bug 41752: Review changes done by Bug 41565 [tor-browser] + * Bug 41765: TTP-02-006 WP1: Information leaks via custom homepage (Low) [tor-browser] + * Bug 41774: Hide the new "Switching to a new device" help menu item [tor-browser] + * Bug 41791: Copying page contents also puts the source URL on the clipboard [tor-browser] + * Bug 41797: Lock RFP in release builds [tor-browser] + * Bug 41833: Reload extensions on new identity [tor-browser] + * Bug 41834: Hide "Can't Be Removed - learn more" menu line for uninstallable add-ons [tor-browser] + * Bug 41874: Visual & A11 regressions in add-on badges [tor-browser] + * Bug 41876: Remove Firefox View from title bar [tor-browser] + * Bug 41877: NoScript seems to be blocking by default in the first 115-based testbuild [tor-browser] + * Bug 41881: Developer tools/Network/New Request remembers requests [tor-browser] + * Bug 41903: The info icon on the language change prompt is not shown [tor-browser] + * Bug 41936: Review Mozilla 1770158: Use double-conversion library instead of dtoa for string-to-double conversion [tor-browser] + * Bug 41937: Review Mozilla 1780014: Add specific telemetry for conservative and first-try handshakes [tor-browser] + * Bug 41938: Review Mozilla 1769994: On systems with IPv6 preferred DNS resolution clients will fail to connect when "localhost" is used as host for the WebSocket server [tor-browser] + * Bug 41939: Review Mozilla 1728871: Support fetching data from Remote Setting [tor-browser] + * Bug 41940: Review Mozilla 1739348: When a filetype is set to "always ask" and the user makes a save/open choice in the dialog, we should not also open the downloads panel [tor-browser] + * Bug 41941: Review Mozilla 1775254: Improve Math.pow accuracy for large exponents [tor-browser] + * Bug 41943: Lock javascript.options.spectre.disable_for_isolated_content to false [tor-browser] + * Bug 41945: Review Mozilla 1783019: Add a cookie banner service to automatically handle website cookie banners [tor-browser] + * Bug 41946: Review Mozilla 1782579: Add a locale parameter to the text recognition API [tor-browser] + * Bug 41947: Review Mozilla 1779005: Broken since Firefox 102.0: no instant fallback to direct connection when proxy became unreachable while runtime [tor-browser] + * Bug 41949: Review Mozilla 1782578: Implement a context menu modal for text recognition [tor-browser] + * Bug 41950: Review Mozilla 1788668: Add the possibility to check that the clipboard contains some pdfjs stuff [tor-browser] + * Bug 41951: Review Mozilla 1790681: Enable separatePrivateDefault by default [tor-browser] + * Bug 41959: Review Mozilla 1795944: Remove descriptionheightworkaround [tor-browser] + * Bug 41961: Review Mozilla 1798868: Hide cookie banner handling UI by default [tor-browser] + * Bug 41969: Review Mozilla 1746983: Re-enable pingsender2 [tor-browser] + * Bug 41970: Review Mozilla 17909270: WebRTC bypasses Network settings & proxy.onRequest [tor-browser] + * Bug 41973: Custom wingpanels don't line up with their toolbar icons in 13.0 alpha [tor-browser] + * Bug 41981: Review Mozilla 1800675: Add about:preferences entry for cookie banner handling [tor-browser] + * Bug 41983: Review Mozilla 1770447: Create a reusable "support-link" widget [tor-browser] + * Bug 41984: Rename languageNotification.ftl to base-browser.ftl [tor-browser] + * Bug 42013: Review Mozilla 1834374: Do not call EmptyClipboard() in nsBaseClipboard destructor [tor-browser] + * Bug 42014: Review Mozilla 1832791: Implement a Remote Settings for the Quarantined Domains pref [tor-browser] + * Bug 42015: Review Mozilla 1830890: Keep a history window of WebRTC stats for about:webrtc [tor-browser] + * Bug 42019: Empty browser's clipboard on browser shutdown [tor-browser] + * Bug 42022: Prevent extension search engines from breaking the whole search system [tor-browser] + * Bug 42026: Disable cookie banner service and UI. [tor-browser] + * Bug 42027: Create a Base Browser version of migrateUI [tor-browser] + * Bug 42029: Defense-in-depth: disable non-proxied UDP WebRTC [tor-browser] + * Bug 42037: Disable about:firefoxview [tor-browser] + * Bug 42043: Disable gUM: media.devices.enumerate.legacy.enabled [tor-browser] + * Bug 42046: Remove XUL layout hacks from base browser [tor-browser] + * Bug 42050: Bring back Save As... dialog as default [tor-browser] + * Bug 42061: Move the alpha update channel creation to a commit on its own [tor-browser] + * Bug 42083: RemoteSecuritySettings.init throws error in console [tor-browser] + * Bug 42084: Race condition with language preferences may make spoof_english ineffective [tor-browser] + * Bug 42094: Disable `media.aboutwebrtc.hist.enabled` as security in-depth [tor-browser] + * Bug 42138: Disable apz.overscroll.enabled pref [tor-browser] + * Bug 42159: Responsive Design Mode not working correctly [tor-browser] + * Bug 42166: New identity dialog missing accessible name [tor-browser] + * Bug 42167: Make the preference auto-focus more reliable [tor-browser] + * Bug 40893: Update (Noto) fonts for 13.0 [tor-browser-build] + * Bug 40924: Customize MOZ_APP_REMOTINGNAME instead of passing --name and --class [tor-browser-build] + * Bug 40937: First window after update should go to the user-friendly release page on GitHub [tor-browser-build] + * Windows + * Bug 40737: Revert backout of Mozilla's fix for bug 1724777 [tor-browser] + * Bug 41798: Stop building private_browsing.exe on Windows [tor-browser] + * Bug 41806: Prevent Private Browsing start menu item to be added automatically [tor-browser] + * Bug 41942: Review Mozilla 1682520: Use the WER runtime exception module to catch early crashes [tor-browser] + * Bug 41944: Review Mozilla 1774083: Add Surrogate COM Server to handle native Windows notifications when Firefox is closed. [tor-browser] + * Bug 42008: Review Mozilla 1808146: Copying images from Pixiv and pasting them in certain programs is broken [tor-browser] + * Bug 42010: Review Mozilla 1810641: Enable overscroll on Windows on all channels [tor-browser] + * Bug 40930: Upate zlib to 1.3 after 13.0a3 [tor-browser-build] + * macOS + * Bug 41948: Review Mozilla 1782981: Hide the text recognition context menu if the macOS version doesn't support APIs [tor-browser] + * Bug 41982: Review Mozilla 1762392: Add Cocoa platform support for paste files [tor-browser] + * Bug 42057: Disable Platform text-recognition functionality [tor-browser] + * Bug 42147: Add browser.helperApps.deleteTempFileOnExit to our profile [tor-browser] + * Linux + * Bug 225: Right Click -> New Tab on link does nothing [mullvad-browser] + * Bug 41884: Linux: set browser.tabs.searchclipboardfor.middleclick to false [tor-browser] + * Bug 40576: Fontconfig warning: remove 'blank' configuration [tor-browser-build] + * Build System + * All Platforms + * Bug 180: Change the naming scheme of the installers at build time [mullvad-browser] + * Bug 197: Develop Crowdin to Gitlab translations repo pipeline [mullvad-browser] + * Bug 198: Enable localization for Mullvad Browser builds [mullvad-browser] + * Bug 31588: Be smarter about vendoring for Rust projects [tor-browser-build] + * Bug 40089: Clean up usage of get-moz-build-date script [tor-browser-build] + * Bug 40149: Remove patching of nightly update URL [tor-browser-build] + * Bug 40410: Get rid of python2 [tor-browser-build] + * Bug 40487: Bump Python version [tor-browser-build] + * Bug 40615: Consider adding a readme to the fonts directory [tor-browser-build] + * Bug 40802: Drop the patch for making WASI reproducible [tor-browser-build] + * Bug 40829: Review and standardize naming scheme for browser installer/package artifacts [tor-browser-build] + * Bug 40855: Update toolchains for Mozilla 115 [tor-browser-build] + * Bug 40868: Bump Rust to 1.69.0 [tor-browser-build] + * Bug 40880: The README doesn't include some dependencies needed for building incrementals [tor-browser-build] + * Bug 40886: Update README with instructions for Arch linux [tor-browser-build] + * Bug 40898: Add doc from tor-browser-spec/processes/ReleaseProcess to gitlab issue templates [tor-browser-build] + * Bug 40907: Sometimes debug information are not deterministic with Clang 16.0.4 [tor-browser-build] + * Bug 40916: Update updated_responses_config.yml to pull Mullvad incrementals from archive.torproject.org [tor-browser-build] + * Bug 40922: Use base-browser.ftl instead of languageNotification.ftl [tor-browser-build] + * Bug 40931: Fix incrementals after tor-browser-build#40829 [tor-browser-build] + * Bug 40932: Remove appname_bundle_android, appname_bundle_macos, appname_bundle_linux, appname_bundle_win32, appname_bundle_win64 from projects/release/update_responses_config.yml [tor-browser-build] + * Bug 40933: Fix generating incrementals between 12.5.x and 13.0 [tor-browser-build] + * Bug 40935: Fix fallout from build target rename in signing scripts [tor-browser-build] + * Bug 40942: Use the branch to build Base Browser [tor-browser-build] + * Bug 40944: After #40931, updates_responses is using incremental.mar files as if they were non-incremental mar files [tor-browser-build] + * Bug 40946: override_updater_url does not work for Mullvad Browser [tor-browser-build] + * Bug 40947: Remove migrate_langs from tools/signing/nightly/update-responses-base-config.yml [tor-browser-build] + * Bug 40956: Allow testing the updater also with release and alpha channel [tor-browser-build] + * Bug 40957: Expired subkey warning on Tor Browser GPG verification [tor-browser-build] + * Bug 40972: Handle Mullvad Browser in the changelog script and group entries by project [tor-browser-build] + * Windows + * Bug 41995: Generated headers on Windows aren't reproducible [tor-browser] + * Bug 40832: Unify mingw-w64-clang 32+64 bits [tor-browser-build] + * Bug 40940: Change position of the `install|portable` in the builds filenames [tor-browser-build] + * macOS + * Bug 40943: Update libdmg-hfsplus to include our uplifted patch [tor-browser-build] + * Linux + * Bug 40102: Move from Debian Jessie to Debian Stretch for our Linux builds [tor-browser-build] + Mullvadd Browser 13.0a6 - September 29 2023 * All Platforms * Updated uBlock Origin to 1.52.2 ===================================== projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt ===================================== @@ -1,3 +1,357 @@ +Tor Browser 13.5a1 - November 01 2023 + * All Platforms + * Updated OpenSSL to 3.0.12 + * Updated NoScript to 11.4.28 + * Bug 42191: Backport security fixes (Android & wontfix) from Firefox 119 to 115.4 - based Tor Browser [tor-browser] + * Bug 42204: Drop unused aboutTor.dtd [tor-browser] + * Bug 40975: libstdc++.so.6 is included twice in tor-browser [tor-browser-build] + * Windows + macOS + Linux + * Updated Firefox to 115.4.0esr + * Bug 41341: Fix style and position of "Always Prioritize Onions" wingpanel [tor-browser] + * Bug 42108: Tor Circuit button not shown if TLS handshake fails [tor-browser] + * Bug 42182: Default Search Engine Does Not Persist Through Shift to New Identity [tor-browser] + * Bug 42184: Setting "Homepage and new windows" ignores "Blank Page" value [tor-browser] + * Windows + macOS + * Bug 42154: Empty the clipboard on browser shutdown only if content comes from private browsing windows [tor-browser] + * Android + * Updated GeckoView to 115.4.0esr + * Bug 42201: Make the script sign all the channels for local builds [tor-browser] + * Bug 42222: Fix TorDomainIsolator initialization on Android [tor-browser] + * Build System + * All Platforms + * Update Go to 1.21.3 + * Bug 40852: Reproducible build of the the lox client library to wasm [tor-browser-build] + * Bug 40934: Remove $bundle_locales from signing scripts now that we're on ALL for everything [tor-browser-build] + * Bug 40976: Update download-unsigned-sha256sums-gpg-signatures-from-people-tpo to fetch from tb-build-02 and tb-build-03 [tor-browser-build] + * Bug 40982: Fix logging in tools/signing/do-all-signing [tor-browser-build] + * Bug 40983: Bump the various branches to 13.5 on main [tor-browser-build] + * Bug 40989: Add .nobackup files to reproducible and disposable directores [tor-browser-build] + * Bug 40062: Copy input directories to containers recursively [rbm] + * Windows + * Bug 40984: The PDBs for .exe are not included [tor-browser-build] + * macOS + * Bug 29815: Sign our macOS bundles on Linux [tor-browser-build] + * Linux + * Bug 40979: Add redirects from old Linux bundle filename to the new one [tor-browser-build] + +Tor Browser 13.0.2 - October 26 2023 + * Android + * Bump firefox-android commit to generate new version code to allow uploading to Google Play (see tor-browser-build#40992) + +Tor Browser 13.0.1 - October 24 2023 + * All Platforms + * Bug 42185: Rebase stable browsers on top of 115.4.0esr [tor-browser] + * Bug 42191: Backport security fixes (Android & wontfix) from Firefox 119 to 115.4 - based Tor Browser [tor-browser] + * Bug 40975: libstdc++.so.6 is included twice in tor-browser [tor-browser-build] + * Windows + macOS + Linux + * Updated Firefox to 115.4.0esr + * Bug 42182: Default Search Engine Does Not Persist Through Shift to New Identity [tor-browser] + * Android + * Updated GeckoView to 115.4.0esr + * Build System + * All Platforms + * Updated Go to 1.21.3 + * Bug 40976: Update download-unsigned-sha256sums-gpg-signatures-from-people-tpo to fetch from tb-build-02 and tb-build-03 [tor-browser-build] + * Bug 40062: Copy input directories to containers recursively [rbm] + * Windows + Linux + * Bug 40991: Fix creation of downloads-windows-x86_64.json and downloads-linux-x86_64.json [tor-browser-build] + * Windows + * Bug 40984: The PDBs for .exe are not included [tor-browser-build] + * Linux + * Bug 40979: Add redirects from old Linux bundle filename to the new one [tor-browser-build] + +Tor Browser 13.0 - October 12 2023 + * All Platforms + * Updated tor to 0.4.8.7 + * Updated OpenSSL to 3.0.11 + * Bug 40050: FF103 Audit [tor-browser-spec] + * Bug 40051: FF104 Audit [tor-browser-spec] + * Bug 40052: FF105 Audit [tor-browser-spec] + * Bug 40053: FF106 Audit [tor-browser-spec] + * Bug 40054: FF107 Audit [tor-browser-spec] + * Bug 40055: FF108 Audit [tor-browser-spec] + * Bug 40056: FF109 Audit [tor-browser-spec] + * Bug 40057: FF110 Audit [tor-browser-spec] + * Bug 40058: FF111 Audit [tor-browser-spec] + * Bug 40059: FF112 Audit [tor-browser-spec] + * Bug 40060: FF113 Audit [tor-browser-spec] + * Bug 40061: FF114 Audit [tor-browser-spec] + * Bug 40062: FF115 Audit [tor-browser-spec] + * Bug 26277: When "Safest" setting is enabled searching using duckduckgo should always use the Non-Javascript site for searches [tor-browser] + * Bug 40577: Add "suggest url" in DDG onion's manifest [tor-browser] + * Bug 40938: Migrate remaining torbutton functionality to tor-browser [tor-browser] + * Bug 41092: Enable tracking query parameters stripping [tor-browser] + * Bug 41327: Disable UrlbarProviderInterventions [tor-browser] + * Bug 41399: Update Mozilla's patch for Bug 1675054 to enable brotli encoding for HTTP onions as well [tor-browser] + * Bug 41477: Review some extensions.* preferences [tor-browser] + * Bug 41496: Review 000-tor-browser.js and 001-base-profile.js for 115 [tor-browser] + * Bug 41576: ESR115: ensure no remote calls for weather & addon suggestions [tor-browser] + * Bug 41605: Remove unused assets from torbutton (preferences-mobile.css) [tor-browser] + * Bug 41675: Remove javascript.options.large_arraybuffers [tor-browser] + * Bug 41727: WebRTC privacy-hardening settings [tor-browser] + * Bug 41740: ESR115: change devicePixelRatio spoof to 2 in alpha for testing [tor-browser] + * Bug 41752: Review changes done by Bug 41565 [tor-browser] + * Bug 41796: Rebase Tor Browser to Firefox 115 [tor-browser] + * Bug 41797: Lock RFP in release builds [tor-browser] + * Bug 41934: Websocket raises DOMException on http onions in 13.0a1 [tor-browser] + * Bug 41936: Review Mozilla 1770158: Use double-conversion library instead of dtoa for string-to-double conversion [tor-browser] + * Bug 41937: Review Mozilla 1780014: Add specific telemetry for conservative and first-try handshakes [tor-browser] + * Bug 41938: Review Mozilla 1769994: On systems with IPv6 preferred DNS resolution clients will fail to connect when "localhost" is used as host for the WebSocket server [tor-browser] + * Bug 41939: Review Mozilla 1728871: Support fetching data from Remote Setting [tor-browser] + * Bug 41941: Review Mozilla 1775254: Improve Math.pow accuracy for large exponents [tor-browser] + * Bug 41943: Lock javascript.options.spectre.disable_for_isolated_content to false [tor-browser] + * Bug 41945: Review Mozilla 1783019: Add a cookie banner service to automatically handle website cookie banners [tor-browser] + * Bug 41946: Review Mozilla 1782579: Add a locale parameter to the text recognition API [tor-browser] + * Bug 41947: Review Mozilla 1779005: Broken since Firefox 102.0: no instant fallback to direct connection when proxy became unreachable while runtime [tor-browser] + * Bug 41950: Review Mozilla 1788668: Add the possibility to check that the clipboard contains some pdfjs stuff [tor-browser] + * Bug 41951: Review Mozilla 1790681: Enable separatePrivateDefault by default [tor-browser] + * Bug 41959: Review Mozilla 1795944: Remove descriptionheightworkaround [tor-browser] + * Bug 41960: Review Mozilla 1797896: Proxy environment variables should be upper case / case insensitive [tor-browser] + * Bug 41961: Review Mozilla 1798868: Hide cookie banner handling UI by default [tor-browser] + * Bug 41969: Review Mozilla 1746983: Re-enable pingsender2 [tor-browser] + * Bug 41970: Review Mozilla 17909270: WebRTC bypasses Network settings & proxy.onRequest [tor-browser] + * Bug 41984: Rename languageNotification.ftl to base-browser.ftl [tor-browser] + * Bug 42013: Review Mozilla 1834374: Do not call EmptyClipboard() in nsBaseClipboard destructor [tor-browser] + * Bug 42014: Review Mozilla 1832791: Implement a Remote Settings for the Quarantined Domains pref [tor-browser] + * Bug 42015: Review Mozilla 1830890: Keep a history window of WebRTC stats for about:webrtc [tor-browser] + * Bug 42019: Empty browser's clipboard on browser shutdown [tor-browser] + * Bug 42026: Disable cookie banner service and UI. [tor-browser] + * Bug 42029: Defense-in-depth: disable non-proxied UDP WebRTC [tor-browser] + * Bug 42034: aboutTBUpdate.dtd is duplicated [tor-browser] + * Bug 42043: Disable gUM: media.devices.enumerate.legacy.enabled [tor-browser] + * Bug 42061: Move the alpha update channel creation to a commit on its own [tor-browser] + * Bug 42084: Race condition with language preferences may make spoof_english ineffective [tor-browser] + * Bug 42085: NEWNYM signal missing on Whonix [tor-browser] + * Bug 42094: Disable `media.aboutwebrtc.hist.enabled` as security in-depth [tor-browser] + * Bug 42120: Use foursquare as domain front for snowflake [tor-browser] + * Bug 40887: Update Webtunnel version to 38eb5505 [tor-browser-build] + * Windows + macOS + Linux + * Updated Firefox to 115.3.1esr + * Bug 30556: Re-evaluate letterboxing dimension choices [tor-browser] + * Bug 32328: Improve error recovery from the red screen of death [tor-browser] + * Bug 33282: Increase the max width of new windows [tor-browser] + * Bug 33955: Selecting "Copy image" from menu leaks the source URL to the clipboard. This data is often dereferenced by other applications. [tor-browser] + * Bug 40175: Connections in reader mode are not FPI [tor-browser] + * Bug 40982: Cleanup maps in tor-circuit-display [tor-browser] + * Bug 40983: Move not UI-related torbutton.js code to modules [tor-browser] + * Bug 41165: Crash with debug assertions enabled [tor-browser] + * Bug 41333: Modernize Tor Browser's new-tab page (about:tor) [tor-browser] + * Bug 41423: about:tor semantic and accessibility problems [tor-browser] + * Bug 41528: Hard-coded English "based on Mozilla Firefox" appears in version in "About" dialog [tor-browser] + * Bug 41581: ESR115: figure out extension pinning / unified Extensions [tor-browser] + * Bug 41639: Fix the wordmark (title and background) of the "About Tor Browser" window [tor-browser] + * Bug 41642: Do not hide new PBM in the hamburger menu if auto PBM is not enabled [tor-browser] + * Bug 41651: Use moz-toggle in connection preferences [tor-browser] + * Bug 41691: "Firefox Suggest" text appearing in UI [tor-browser] + * Bug 41717: Bookmark toolbar visibility on new tabs is not honored when new tab page is not about:blank [tor-browser] + * Bug 41739: Remove "Website appearance" [tor-browser] + * Bug 41741: Refactor the domain isolator and new circuit [tor-browser] + * Bug 41765: TTP-02-006 WP1: Information leaks via custom homepage (Low) [tor-browser] + * Bug 41766: TTP-02-001 WP1: XSS in TorConnect's captive portal (Info) [tor-browser] + * Bug 41771: Decide what to do for firefoxview [tor-browser] + * Bug 41774: Hide the new "Switching to a new device" help menu item [tor-browser] + * Bug 41791: Copying page contents also puts the source URL on the clipboard [tor-browser] + * Bug 41812: Review layout for XUL elements [tor-browser] + * Bug 41813: Look out for links missing underlines in ESR 115-based alphas [tor-browser] + * Bug 41821: Fix the proxy type in the proxy modal of about:preferences in 13.0 [tor-browser] + * Bug 41822: The default browser button came back on 115 [tor-browser] + * Bug 41833: Reload extensions on new identity [tor-browser] + * Bug 41834: Hide "Can't Be Removed - learn more" menu line for uninstallable add-ons [tor-browser] + * Bug 41842: Remove the old removal logics from Torbutton [tor-browser] + * Bug 41844: Stop using the control port directly [tor-browser] + * Bug 41845: Stop forcing (bad) pref values for non-PBM users [tor-browser] + * Bug 41852: Review the Tor Check Service UX [tor-browser] + * Bug 41864: TOR_CONTROL_HOST and TOR_SOCKS_HOST do not work as expected when the browser launches tor [tor-browser] + * Bug 41865: Use --text-color-deemphasized rather than --panel-description-color [tor-browser] + * Bug 41874: Visual & A11 regressions in add-on badges [tor-browser] + * Bug 41876: Remove Firefox View from title bar [tor-browser] + * Bug 41877: NoScript seems to be blocking by default in the first 115-based testbuild [tor-browser] + * Bug 41881: Developer tools/Network/New Request remembers requests [tor-browser] + * Bug 41886: Downloads drop-down panel has new-line/line-break between every word in the 'Be careful opening downloads' warning [tor-browser] + * Bug 41904: The log textarea doesn't resize anymore [tor-browser] + * Bug 41906: Hide about:preferences#privacy > DNS over HTTPS section [tor-browser] + * Bug 41907: The bootstrap is interrupted without any errors if the process becomes ready when already bootstrapping [tor-browser] + * Bug 41912: "Use Current Bridges" is shown for users even when there aren't any current bridges [tor-browser] + * Bug 41922: Unify the bridge line parsers [tor-browser] + * Bug 41923: The path normalization results in warnings [tor-browser] + * Bug 41924: Small refactors for TorProcess [tor-browser] + * Bug 41925: Remove the torbutton startup observer [tor-browser] + * Bug 41926: Refactor the control port client implementation [tor-browser] + * Bug 41931: Regression: new window leaks outer window [tor-browser] + * Bug 41935: Improve new window & letterboxing dimensions [tor-browser] + * Bug 41940: Review Mozilla 1739348: When a filetype is set to "always ask" and the user makes a save/open choice in the dialog, we should not also open the downloads panel [tor-browser] + * Bug 41949: Review Mozilla 1782578: Implement a context menu modal for text recognition [tor-browser] + * Bug 41954: Inputs in the request a bridge dialog are cut-off in 13.0 alpha [tor-browser] + * Bug 41957: Revert to Fx's default identity block style for internal pages [tor-browser] + * Bug 41958: Console error when closing tor browser with about:preferences open [tor-browser] + * Bug 41964: `emojiAnnotations` not defined in time in connection preferences [tor-browser] + * Bug 41965: TorConnect error when opening browser tools [tor-browser] + * Bug 41971: Update Tails URL in downloads warning [tor-browser] + * Bug 41973: Custom wingpanels don't line up with their toolbar icons in 13.0 alpha [tor-browser] + * Bug 41974: De-emphasized text in custom components is no longer gray in 13.0 alpha [tor-browser] + * Bug 41975: Downloads warning text too narrow in 13.0 alpha [tor-browser] + * Bug 41976: Bottom padding on collapsed bridge cards has increased in 13.0 alpha [tor-browser] + * Bug 41977: Hide the "Learn more" link in bridge cards [tor-browser] + * Bug 41980: Circuit display headline is misaligned in 13.0 alpha [tor-browser] + * Bug 41981: Review Mozilla 1800675: Add about:preferences entry for cookie banner handling [tor-browser] + * Bug 41983: Review Mozilla 1770447: Create a reusable "support-link" widget [tor-browser] + * Bug 41986: Fix the control port password handling [tor-browser] + * Bug 41994: CSS (and other assets) of some websites blocked in 13.0 alpha [tor-browser] + * Bug 42022: Prevent extension search engines from breaking the whole search system [tor-browser] + * Bug 42027: Create a Base Browser version of migrateUI [tor-browser] + * Bug 42037: Disable about:firefoxview [tor-browser] + * Bug 42041: TBB --allow-remote mixes up with plain Firefox [tor-browser] + * Bug 42045: Circuit panel overflows with long ipv6 addresses [tor-browser] + * Bug 42046: Remove XUL layout hacks from base browser [tor-browser] + * Bug 42047: Remove layout hacks from tor browser preferences [tor-browser] + * Bug 42050: Bring back Save As... dialog as default [tor-browser] + * Bug 42073: Add simplified onion pattern to the new homepage [tor-browser] + * Bug 42075: Fix link spacing and underline on new homepage [tor-browser] + * Bug 42079: TorConnect: handle switching from Bootstrapped to Configuring state [tor-browser] + * Bug 42083: RemoteSecuritySettings.init throws error in console [tor-browser] + * Bug 42091: Onion authorization prompt overflows [tor-browser] + * Bug 42092: Onion services key table display problems. [tor-browser] + * Bug 42098: Implement Windows installer icons [tor-browser] + * Bug 42100: Connect Assist dropdown text not centered [tor-browser] + * Bug 42102: TorProcess says the SOCKS port is not valid even though it is [tor-browser] + * Bug 42109: Onion services keys table has empty column headers. [tor-browser] + * Bug 42110: Add a utility module for shared UI methods needed for several tor browser components [tor-browser] + * Bug 42126: moat and connect assist broken for people who can't reach domain front [tor-browser] + * Bug 42129: Disable the Tor restart prompt if shouldStartAndOwnTor is false [tor-browser] + * Bug 42131: Tor Browser 13.0a5 does not track circuits created before Tor Browser started [tor-browser] + * Bug 42132: The new control port handling in Tor Browser 13 breaks a Tails security feature [tor-browser] + * Bug 42138: Disable apz.overscroll.enabled pref [tor-browser] + * Bug 42155: Drop the unused code for the old bridge removal warning [tor-browser] + * Bug 42159: Responsive Design Mode not working correctly [tor-browser] + * Bug 42160: Allow specifying a TOR_PROVIDER=none to configure only the proxy settings during the TorProviderBuilder initialization [tor-browser] + * Bug 42166: New identity dialog missing accessible name [tor-browser] + * Bug 42167: Make the preference auto-focus more reliable [tor-browser] + * Bug 40821: The update details URL is wrong in alphas [tor-browser-build] + * Bug 40893: Update (Noto) fonts for 13.0 [tor-browser-build] + * Bug 40924: Customize MOZ_APP_REMOTINGNAME instead of passing --name and --class [tor-browser-build] + * Bug 40938: Copy the new tor-browser.ftl file to the appropriate directory [tor-browser-build] + * Windows + Android + * Bug 40930: Upate zlib to 1.3 after 13.0a3 [tor-browser-build] + * Windows + * Bug 40737: Revert backout of Mozilla's fix for bug 1724777 [tor-browser] + * Bug 41658: Create new installer icons for Windows [tor-browser] + * Bug 41798: Stop building private_browsing.exe on Windows [tor-browser] + * Bug 41806: Prevent Private Browsing start menu item to be added automatically [tor-browser] + * Bug 41942: Review Mozilla 1682520: Use the WER runtime exception module to catch early crashes [tor-browser] + * Bug 41944: Review Mozilla 1774083: Add Surrogate COM Server to handle native Windows notifications when Firefox is closed. [tor-browser] + * Bug 42008: Review Mozilla 1808146: Copying images from Pixiv and pasting them in certain programs is broken [tor-browser] + * Bug 42010: Review Mozilla 1810641: Enable overscroll on Windows on all channels [tor-browser] + * Bug 42087: Implement Windows application icons [tor-browser] + * Bug 40954: Implement Windows installer icons [tor-browser-build] + * macOS + * Bug 41948: Review Mozilla 1782981: Hide the text recognition context menu if the macOS version doesn't support APIs [tor-browser] + * Bug 41955: Update macOS volume window background [tor-browser] + * Bug 41982: Review Mozilla 1762392: Add Cocoa platform support for paste files [tor-browser] + * Bug 42057: Disable Platform text-recognition functionality [tor-browser] + * Bug 42078: Implement MacOS application icons [tor-browser] + * Bug 42147: Add browser.helperApps.deleteTempFileOnExit to our profile [tor-browser] + * Linux + * Bug 41509: After update, KDE Plasma identifies Tor Browser Nightly window group as "firefox-nightly" [tor-browser] + * Bug 41884: Linux: set browser.tabs.searchclipboardfor.middleclick to false [tor-browser] + * Bug 42088: Implement Linux application icons [tor-browser] + * Bug 40576: Fontconfig warning: remove 'blank' configuration [tor-browser-build] + * Android + * Updated GeckoView to 115.3.1esr + * Bug 41878: firefox-mobile: refactor tor bootstrap off deleted onboarding path [tor-browser] + * Bug 41882: Update DuckDuckGo icons [tor-browser] + * Bug 41911: Firefox-Android tor bootstrap connect button css broken [tor-browser] + * Bug 41928: Backport Android-specific security fixes from Firefox 116 to ESR 102.14 / 115.1 - based Tor Browser [tor-browser] + * Bug 41972: Disable Firefox onboarding in 13.0 [tor-browser] + * Bug 41990: Review Mozilla 1811531: Add 'site' query parameter to Pocket sponsored stories request [tor-browser] + * Bug 41991: Review Mozilla 1812518: Allow a custom View for 3rd party downloads [tor-browser] + * Bug 41993: Review Mozilla 1810761: Add API for saving a PDF [tor-browser] + * Bug 41996: App includes com.google.android.gms.permission.AD_ID permission [tor-browser] + * Bug 41997: com.adjust.sdk.Adjust library enables AD_ID permission even though we aren't using it [tor-browser] + * Bug 41999: TB13.0a2 android: center text on connect button [tor-browser] + * Bug 42001: Hide 'Open links in external app' settings option and force defaults [tor-browser] + * Bug 42002: Review Mozilla 1809305: Allow user to copy an image to the clipboard [tor-browser] + * Bug 42003: Review Mozilla 1819431: Reimplement default browser notification with Nimbus Messaging equivalent [tor-browser] + * Bug 42004: Review Mozilla 1818015: Use a custom tab or the view we use for Sync onboarding for the Privacy button [tor-browser] + * Bug 42005: Review Mozilla 1816932: Add Maps to app links common sub domains [tor-browser] + * Bug 42006: Review Mozilla 1817726: Allow sharing current tab URL from Android's Recents (App Overview) screen. [tor-browser] + * Bug 42007: Review Mozilla 1805450: Allow users to submit site support requests in Fenix [tor-browser] + * Bug 42012: Review Mozilla 1810629: add an Android shortcut to go straight to the login and passwords page [tor-browser] + * Bug 42016: Review Mozilla 1832069: Implement Google Play Referrer Library to fetch referrer URL [tor-browser] + * Bug 42018: Rebase Firefox for Android to 115.2.1 [tor-browser] + * Bug 42023: Remove FF what's new from Android [tor-browser] + * Bug 42038: TBA Alpha - inscriptions Tor Browser Alpha and FireFox Browser simultaneously on the start screen [tor-browser] + * Bug 42074: YEC 2023 Takeover for Android Stable [tor-browser] + * Bug 42076: Theme is visible in options, but shouldn't be [tor-browser] + * Bug 42089: Disable the Cookie Banner Reduction site support requests (Mozilla 1805450) [tor-browser] + * Bug 42114: Disable Allow sharing current tab URL from Android's Recents screen in private browsing mode [tor-browser] + * Bug 42115: Enhanced Tracking Protection can still be enabled [tor-browser] + * Bug 42122: playstore console crashes: java.lang.NoSuchMethodError [tor-browser] + * Bug 42133: Remove "Total Cookie Protection" popup [tor-browser] + * Bug 42134: Remove Android icon shortcuts [tor-browser] + * Bug 42156: Screenshot allowing still blocks homescreen (android) [tor-browser] + * Bug 42157: Fix Help button URL [tor-browser] + * Bug 42165: Remove "Add to shortcuts" and "Remove from shortcuts" buttons [tor-browser] + * Bug 42158: Remove "Customize Homepage" button [tor-browser] + * Bug 40740: Tor Browser for Android's snowflake ClientTransportPlugin seems to be out of date [tor-browser-build] + * Bug 40919: Fix nimbus-fml reproducibility of 13.0a2-build1 [tor-browser-build] + * Bug 40941: Remove PT process options on Android [tor-browser-build] + * Build System + * All Platforms + * Updated Go to 1.21.1 + * Bug 42130: Add support for specifying the branch in `tb-dev rebase-on-default` [tor-browser] + * Bug 31588: Be smarter about vendoring for Rust projects [tor-browser-build] + * Bug 40089: Clean up usage of get-moz-build-date script [tor-browser-build] + * Bug 40410: Get rid of python2 [tor-browser-build] + * Bug 40487: Bump Python version [tor-browser-build] + * Bug 40741: Update browser and tor-android-service projects to pull data from pt_config.json [tor-browser-build] + * Bug 40802: Drop the patch for making WASI reproducible [tor-browser-build] + * Bug 40829: Review and standardize naming scheme for browser installer/package artifacts [tor-browser-build] + * Bug 40854: Update to OpenSSL 3.0 [tor-browser-build] + * Bug 40855: Update toolchains for Mozilla 115 [tor-browser-build] + * Bug 40868: Bump Rust to 1.69.0 [tor-browser-build] + * Bug 40880: The README doesn't include some dependencies needed for building incrementals [tor-browser-build] + * Bug 40886: Update README with instructions for Arch linux [tor-browser-build] + * Bug 40898: Add doc from tor-browser-spec/processes/ReleaseProcess to gitlab issue templates [tor-browser-build] + * Bug 40908: Enable the --enable-gpl config flag in tor to bring in PoW functionality [tor-browser-build] + * Bug 40929: Update go to 1.21 series after 13.0a3 [tor-browser-build] + * Bug 40932: Remove appname_bundle_android, appname_bundle_macos, appname_bundle_linux, appname_bundle_win32, appname_bundle_win64 from projects/release/update_responses_config.yml [tor-browser-build] + * Bug 40935: Fix fallout from build target rename in signing scripts [tor-browser-build] + * Bug 40948: Remove lyrebird-vendor sha256sum in nightly [tor-browser-build] + * Bug 40957: Expired subkey warning on Tor Browser GPG verification [tor-browser-build] + * Bug 40972: Handle Mullvad Browser in the changelog script and group entries by project [tor-browser-build] + * Windows + macOS + Linux + * Bug 41967: Add a Makefile recipe to create multi-lingual dev builds [tor-browser] + * Bug 40149: Remove patching of nightly update URL [tor-browser-build] + * Bug 40615: Consider adding a readme to the fonts directory [tor-browser-build] + * Bug 40907: Sometimes debug information are not deterministic with Clang 16.0.4 [tor-browser-build] + * Bug 40922: Use base-browser.ftl instead of languageNotification.ftl [tor-browser-build] + * Bug 40931: Fix incrementals after tor-browser-build#40829 [tor-browser-build] + * Bug 40933: Fix generating incrementals between 12.5.x and 13.0 [tor-browser-build] + * Bug 40942: Use the branch to build Base Browser [tor-browser-build] + * Bug 40944: After #40931, updates_responses is using incremental.mar files as if they were non-incremental mar files [tor-browser-build] + * Bug 40947: Remove migrate_langs from tools/signing/nightly/update-responses-base-config.yml [tor-browser-build] + * Bug 40956: Allow testing the updater also with release and alpha channel [tor-browser-build] + * Windows + * Bug 41995: Generated headers on Windows aren't reproducible [tor-browser] + * Bug 40832: Unify mingw-w64-clang 32+64 bits [tor-browser-build] + * Bug 40940: Change position of the `install|portable` in the builds filenames [tor-browser-build] + * macOS + * Bug 42035: Update tools/torbrowser/ scripts to support macOS dev environment [tor-browser] + * Bug 40943: Update libdmg-hfsplus to include our uplifted patch [tor-browser-build] + * Bug 40951: Firefox fails to build for macOS after tor-browser-build#40938 [tor-browser-build] + * Linux + * Bug 42071: tor-browser deployed format changed breaking fetch.sh [tor-browser] + * Bug 40102: Move from Debian Jessie to Debian Stretch for our Linux builds [tor-browser-build] + * Bug 40971: Stop shipping Linux i686 debug archive until we actually produce the symbols [tor-browser-build] + * Android + * Bug 41899: Use LLD for Android [tor-browser] + * Bug 40867: Create a RBM project for the unified Android repository [tor-browser-build] + * Bug 40917: Remove the uniffi-rs project [tor-browser-build] + * Bug 40918: The commit hash is still not displayed about:buildconfig on Android [tor-browser-build] + * Bug 40920: Non-deterministic generation of baseline.profm file in Android apks [tor-browser-build] + * Bug 40963: Tor Browesr 13.0 torbrowser-testbuild-android* targets fail to build [tor-browser-build] + * Bug 40974: firefox-android fails to build in release [tor-browser-build] + Tor Browser 13.0a6 - September 29 2023 * All Platforms * Updated tor to 0.4.8.7 ===================================== projects/browser/allowed_addons.json ===================================== @@ -17,7 +17,7 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/34/9734/13299734/13299734.pn…" } ], - "average_daily_users": 1015730, + "average_daily_users": 1041726, "categories": { "android": [ "experimental", @@ -31,7 +31,7 @@ "contributions_url": "https://opencollective.com/darkreader?utm_content=product-page-contribute&u…", "created": "2017-09-19T07:03:00Z", "current_version": { - "id": 5628331, + "id": 5631046, "compatibility": { "firefox": { "min": "54.0", @@ -42,7 +42,7 @@ "max": "*" } }, - "edit_url": "https://addons.mozilla.org/en-US/developers/addon/darkreader/versions/56283…", + "edit_url": "https://addons.mozilla.org/en-US/developers/addon/darkreader/versions/56310…", "is_strict_compatibility_enabled": false, "license": { "id": 22, @@ -53,22 +53,22 @@ "url": "http://www.opensource.org/license/mit" }, "release_notes": { - "en-US": "- UI improvements.\n- Users' fixes for websites." + "en-US": "- Fixed Site List (when some URL had a port).\n- Users' fixes for websites." }, - "reviewed": "2023-09-27T06:58:45Z", - "version": "4.9.66", + "reviewed": "2023-10-03T12:42:56Z", + "version": "4.9.67", "files": [ { - "id": 4172671, - "created": "2023-09-25T18:47:59Z", - "hash": "sha256:20b53356c36b0c76df614e2cb84e7ff3e1ab75b4fe2fd2bbca039026d018813f", + "id": 4175386, + "created": "2023-10-01T20:00:40Z", + "hash": "sha256:128a151f04af774463448fe1cdb944f6c5095fb17991f82d9aec3c8c4513308e", "is_restart_required": false, "is_webextension": true, "is_mozilla_signed_extension": false, "platform": "all", - "size": 675035, + "size": 675277, "status": "public", - "url": "https://addons.mozilla.org/firefox/downloads/file/4172671/darkreader-4.9.66…", + "url": "https://addons.mozilla.org/firefox/downloads/file/4175386/darkreader-4.9.67…", "permissions": [ "alarms", "contextMenus", @@ -146,7 +146,7 @@ }, "is_disabled": false, "is_experimental": false, - "last_updated": "2023-09-27T06:58:45Z", + "last_updated": "2023-10-03T12:42:56Z", "name": { "ar": "Dark Reader", "bn": "Dark Reader", @@ -221,10 +221,10 @@ "category": "recommended" }, "ratings": { - "average": 4.5529, - "bayesian_average": 4.551750086132407, - "count": 5167, - "text_count": 1630 + "average": 4.5559, + "bayesian_average": 4.554766761229173, + "count": 5217, + "text_count": 1637 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/darkreader/reviews/", "requires_payment": false, @@ -321,7 +321,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/darkreader/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/darkreader/versions/", - "weekly_downloads": 26198 + "weekly_downloads": 30232 }, "notes": null }, @@ -337,7 +337,7 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/56/7656/6937656/6937656.png?…" } ], - "average_daily_users": 257049, + "average_daily_users": 258282, "categories": { "android": [ "security-privacy" @@ -346,7 +346,7 @@ "privacy-security" ] }, - "contributions_url": "", + "contributions_url": "https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=decentraleyes…", "created": "2014-06-10T05:46:02Z", "current_version": { "id": 5613891, @@ -554,9 +554,9 @@ }, "ratings": { "average": 4.8129, - "bayesian_average": 4.808245170153086, - "count": 1363, - "text_count": 241 + "bayesian_average": 4.808231824095256, + "count": 1368, + "text_count": 242 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/reviews/", "requires_payment": false, @@ -641,7 +641,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/versions/", - "weekly_downloads": 3111 + "weekly_downloads": 4065 }, "notes": null }, @@ -657,7 +657,7 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/73/4073/5474073/5474073.png?…" } ], - "average_daily_users": 1118348, + "average_daily_users": 1153485, "categories": { "android": [ "security-privacy" @@ -1181,10 +1181,10 @@ "category": "recommended" }, "ratings": { - "average": 4.8005, - "bayesian_average": 4.797737875525005, - "count": 2291, - "text_count": 436 + "average": 4.7947, + "bayesian_average": 4.79198426686003, + "count": 2314, + "text_count": 440 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/reviews/", "requires_payment": false, @@ -1208,7 +1208,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/versions/", - "weekly_downloads": 18647 + "weekly_downloads": 31933 }, "notes": null }, @@ -1224,7 +1224,7 @@ "picture_url": null } ], - "average_daily_users": 6595621, + "average_daily_users": 6836836, "categories": { "android": [ "security-privacy" @@ -1389,7 +1389,7 @@ }, "is_disabled": false, "is_experimental": false, - "last_updated": "2023-09-25T15:47:17Z", + "last_updated": "2023-10-31T20:40:30Z", "name": { "ar": "uBlock Origin", "bg": "uBlock Origin", @@ -1534,10 +1534,10 @@ "category": "recommended" }, "ratings": { - "average": 4.783, - "bayesian_average": 4.782607382532181, - "count": 16057, - "text_count": 4165 + "average": 4.7832, + "bayesian_average": 4.782818039785372, + "count": 16415, + "text_count": 4271 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/reviews/", "requires_payment": false, @@ -1599,7 +1599,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/versions/", - "weekly_downloads": 144531 + "weekly_downloads": 263053 }, "notes": null }, @@ -1615,7 +1615,7 @@ "picture_url": null } ], - "average_daily_users": 170729, + "average_daily_users": 171309, "categories": { "android": [ "photos-media" @@ -1714,10 +1714,10 @@ "category": "recommended" }, "ratings": { - "average": 4.4899, - "bayesian_average": 4.484788968165164, - "count": 1141, - "text_count": 425 + "average": 4.49, + "bayesian_average": 4.484869455864706, + "count": 1145, + "text_count": 428 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/video-background-play-fix/re…", "requires_payment": false, @@ -1739,7 +1739,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/video-background-play-fix/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/video-background-play-fix/ve…", - "weekly_downloads": 320 + "weekly_downloads": 448 }, "notes": null }, @@ -1755,7 +1755,7 @@ "picture_url": null } ], - "average_daily_users": 86942, + "average_daily_users": 87055, "categories": { "android": [ "experimental", @@ -1893,7 +1893,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-possum/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-possum/versions/", - "weekly_downloads": 2292 + "weekly_downloads": 1989 }, "notes": null }, @@ -1909,7 +1909,7 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/64/9064/12929064/12929064.pn…" } ], - "average_daily_users": 268632, + "average_daily_users": 275348, "categories": { "android": [ "photos-media", @@ -1923,18 +1923,18 @@ "contributions_url": "https://www.paypal.com/donate?hosted_button_id=GLL4UNSNU6SQN&utm_content=pr…", "created": "2017-06-17T15:23:33Z", "current_version": { - "id": 5588477, + "id": 5634958, "compatibility": { "firefox": { "min": "91.0", "max": "*" }, "android": { - "min": "91.0", + "min": "113.0", "max": "*" } }, - "edit_url": "https://addons.mozilla.org/en-US/developers/addon/search_by_image/versions/…", + "edit_url": "https://addons.mozilla.org/en-US/developers/addon/search_by_image/versions/…", "is_strict_compatibility_enabled": false, "license": { "id": 6, @@ -1947,20 +1947,20 @@ "release_notes": { "en-US": "Learn more about this release from the <a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/d50855f24f77fa6f2614b9…" rel=\"nofollow\">changelog</a>." }, - "reviewed": "2023-07-06T11:07:12Z", - "version": "5.7.0", + "reviewed": "2023-10-11T19:12:27Z", + "version": "5.8.1", "files": [ { - "id": 4132819, - "created": "2023-07-02T12:35:20Z", - "hash": "sha256:9149335f16762c6d4f33ce39f036db763b8c4a3250f5e04e915b827da22a0eb1", + "id": 4179298, + "created": "2023-10-10T10:43:18Z", + "hash": "sha256:ce8b510ba1df4bb941a5a82001ec85e92b6a265701ae141a7e9c63df0155e7db", "is_restart_required": false, "is_webextension": true, "is_mozilla_signed_extension": false, "platform": "all", - "size": 1198456, + "size": 1205732, "status": "public", - "url": "https://addons.mozilla.org/firefox/downloads/file/4132819/search_by_image-5…", + "url": "https://addons.mozilla.org/firefox/downloads/file/4179298/search_by_image-5…", "permissions": [ "alarms", "clipboardRead", @@ -2002,7 +2002,7 @@ }, "is_disabled": false, "is_experimental": false, - "last_updated": "2023-07-06T11:07:12Z", + "last_updated": "2023-10-11T19:12:27Z", "name": { "en-US": "Search by Image" }, @@ -2128,10 +2128,10 @@ "category": "recommended" }, "ratings": { - "average": 4.6533, - "bayesian_average": 4.648688441384268, - "count": 1321, - "text_count": 255 + "average": 4.6525, + "bayesian_average": 4.647982629568954, + "count": 1341, + "text_count": 257 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/search_by_image/reviews/", "requires_payment": false, @@ -2152,7 +2152,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/search_by_image/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/search_by_image/versions/", - "weekly_downloads": 4242 + "weekly_downloads": 6201 }, "notes": null }, @@ -2175,7 +2175,7 @@ "picture_url": null } ], - "average_daily_users": 112240, + "average_daily_users": 114064, "categories": { "android": [ "other" @@ -2458,10 +2458,10 @@ "category": "recommended" }, "ratings": { - "average": 4.3746, - "bayesian_average": 4.370112364351098, - "count": 1260, - "text_count": 351 + "average": 4.3672, + "bayesian_average": 4.3627273427174105, + "count": 1269, + "text_count": 356 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/google-search-fixer/reviews/", "requires_payment": false, @@ -2481,7 +2481,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/google-search-fixer/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/google-search-fixer/versions/", - "weekly_downloads": 60 + "weekly_downloads": 34 }, "notes": null }, @@ -2497,7 +2497,7 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/43/0143/143/143.png?modified…" } ], - "average_daily_users": 306445, + "average_daily_users": 309249, "categories": { "android": [ "performance", @@ -2511,7 +2511,7 @@ "contributions_url": "https://www.paypal.com/donate/?hosted_button_id=9ERKTU5MBH4EW&utm_content=p…", "created": "2005-05-13T10:51:32Z", "current_version": { - "id": 5620645, + "id": 5634098, "compatibility": { "firefox": { "min": "59.0", @@ -2522,7 +2522,7 @@ "max": "*" } }, - "edit_url": "https://addons.mozilla.org/en-US/developers/addon/noscript/versions/5620645", + "edit_url": "https://addons.mozilla.org/en-US/developers/addon/noscript/versions/5634098", "is_strict_compatibility_enabled": false, "license": { "id": 13, @@ -2533,22 +2533,22 @@ "url": "http://www.gnu.org/licenses/gpl-2.0.html" }, "release_notes": { - "en-US": "v 11.4.27\n============================================================\nx [XSS] Better specificity of HTML elements preliminary\n checks\nx [XSS] Better specificity of potential fragmented injection\n through framework syntax detection (thanks Rom623, barbaz\n et al)\nx [nscl] RegExp.combo(): RegExp creation by combination for\n better readability and comments\nx [nscl] Replaced lib/sha256.js with web platform native\n implementation (thanks Martin for suggested patch)\nx [nscl] Fixed property/function mismatch (thanks Alex)\nx Fixed operators precedence issue #312 (thanks Alex)\nx [nscl] Prevent dead object access on BF cache (thanks\n jamhubub and mriehm)" + "en-US": "v 11.4.28\n============================================================\nx Prevent URL leaks from media placeholders (thanks NDevTK\n for report)\nx [nscl] Support for in-tree TLDs updates" }, - "reviewed": "2023-09-13T06:54:08Z", - "version": "11.4.27", + "reviewed": "2023-10-10T11:09:38Z", + "version": "11.4.28", "files": [ { - "id": 4164985, - "created": "2023-09-08T14:50:57Z", - "hash": "sha256:6b57d9afce663f801177b7492fe7f00967ee3e66b6351b2cf3ff2a6c3ca99637", + "id": 4178438, + "created": "2023-10-08T20:33:10Z", + "hash": "sha256:54d076b3226d454216117547f6441d2f95af3057d20f726e55d94b0f22573c14", "is_restart_required": false, "is_webextension": true, "is_mozilla_signed_extension": false, "platform": "all", - "size": 950105, + "size": 950895, "status": "public", - "url": "https://addons.mozilla.org/firefox/downloads/file/4164985/noscript-11.4.27.…", + "url": "https://addons.mozilla.org/firefox/downloads/file/4178438/noscript-11.4.28.…", "permissions": [ "contextMenus", "storage", @@ -2615,7 +2615,7 @@ }, "is_disabled": false, "is_experimental": false, - "last_updated": "2023-09-13T06:54:08Z", + "last_updated": "2023-10-19T21:15:36Z", "name": { "de": "NoScript", "el": "NoScript", @@ -2687,10 +2687,10 @@ "category": "recommended" }, "ratings": { - "average": 4.3975, - "bayesian_average": 4.39481198926411, - "count": 2118, - "text_count": 819 + "average": 4.3989, + "bayesian_average": 4.396241929512946, + "count": 2131, + "text_count": 825 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/noscript/reviews/", "requires_payment": false, @@ -2734,7 +2734,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/noscript/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/noscript/versions/", - "weekly_downloads": 7499 + "weekly_downloads": 11099 }, "notes": null }, @@ -2750,7 +2750,7 @@ "picture_url": null } ], - "average_daily_users": 153737, + "average_daily_users": 154031, "categories": { "android": [ "performance", @@ -2862,10 +2862,10 @@ "category": "recommended" }, "ratings": { - "average": 3.8896, - "bayesian_average": 3.8854127838445747, - "count": 1169, - "text_count": 420 + "average": 3.869, + "bayesian_average": 3.864863430682611, + "count": 1183, + "text_count": 428 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/youtube-high-definition/revi…", "requires_payment": false, @@ -2884,7 +2884,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/youtube-high-definition/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/youtube-high-definition/vers…", - "weekly_downloads": 1730 + "weekly_downloads": 2838 }, "notes": null } ===================================== projects/browser/config ===================================== @@ -88,9 +88,9 @@ input_files: enable: '[% ! c("var/android") %]' - filename: Bundle-Data enable: '[% ! c("var/android") %]' - - URL: https://addons.mozilla.org/firefox/downloads/file/4164985/noscript-11.4.27.… + - URL: https://addons.mozilla.org/firefox/downloads/file/4178438/noscript-11.4.28.… name: noscript - sha256sum: 6b57d9afce663f801177b7492fe7f00967ee3e66b6351b2cf3ff2a6c3ca99637 + sha256sum: 54d076b3226d454216117547f6441d2f95af3057d20f726e55d94b0f22573c14 - URL: https://addons.mozilla.org/firefox/downloads/file/4171020/ublock_origin-1.5… name: ublock-origin sha256sum: e8ee3f9d597a6d42db9d73fe87c1d521de340755fd8bfdd69e41623edfe096d6 ===================================== projects/firefox/config ===================================== @@ -18,7 +18,7 @@ var: firefox_version: '[% c("var/firefox_platform_version") %]esr' browser_series: '13.5' browser_branch: '[% c("var/browser_series") %]-1' - browser_build: 1 + browser_build: 2 branding_directory_prefix: 'tb' copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' nightly_updates_publish_dir: '[% c("var/nightly_updates_publish_dir_prefix") %]nightly-[% c("var/osname") %]' @@ -86,7 +86,6 @@ targets: mullvadbrowser: git_url: https://gitlab.torproject.org/tpo/applications/mullvad-browser.git var: - browser_build: 4 branding_directory_prefix: 'mb' gitlab_project: https://gitlab.torproject.org/tpo/applications/mullvad-browser updater_url: 'https://cdn.mullvad.net/browser/update_responses/update_1/' ===================================== projects/geckoview/config ===================================== @@ -16,7 +16,7 @@ container: var: geckoview_version: 115.4.0esr browser_branch: 13.5-1 - browser_build: 1 + browser_build: 2 copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' gitlab_project: https://gitlab.torproject.org/tpo/applications/tor-browser git_commit: '[% exec("git rev-parse HEAD") %]' ===================================== projects/go/config ===================================== @@ -1,5 +1,5 @@ # vim: filetype=yaml sw=2 -version: 1.21.1 +version: 1.21.3 filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' container: use_container: 1 @@ -119,7 +119,7 @@ input_files: enable: '[% ! c("var/linux") %]' - URL: 'https://golang.org/dl/go[% c("version") %].src.tar.gz' name: go - sha256sum: bfa36bf75e9a1e9cbbdb9abcf9d1707e479bd3a07880a8ae3564caee5711cb99 + sha256sum: 186f2b6f8c8b704e696821b09ab2041a5c1ee13dcbc3156a13adcf75931ee488 - project: go-bootstrap name: go-bootstrap target_replace: ===================================== projects/manual/config ===================================== @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 # To update, see doc/how-to-update-the-manual.txt # Remember to update also the package's hash, with the version! -version: 102408 +version: 112775 filename: 'manual-[% c("version") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' container: use_container: 1 @@ -21,8 +21,8 @@ var: input_files: - project: container-image - - URL: 'https://people.torproject.org/~richard/tbb_files/manual_[% c("version") %].zip' + - URL: 'https://build-sources.tbb.torproject.org/manual_[% c("version") %].zip' name: manual - sha256sum: f9c24f300f188276ee6ec7b8eb2f7e000ec49c9bb3651b4bd4468075885a9eef + sha256sum: 57c9c02f5209fdbcb333d902b7ec4bbec3bb08baf34cb97845cf55bc5bdcb744 - filename: packagemanual.py name: package_script ===================================== projects/openssl/config ===================================== @@ -1,5 +1,5 @@ # vim: filetype=yaml sw=2 -version: 3.0.11 +version: 3.0.12 filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' container: use_container: 1 @@ -33,4 +33,4 @@ input_files: - name: '[% c("var/compiler") %]' project: '[% c("var/compiler") %]' - URL: 'https://www.openssl.org/source/openssl-[% c("version") %].tar.gz' - sha256sum: b3425d3bb4a2218d0697eb41f7fc0cdede016ed19ca49d168b78e8d947887f55 + sha256sum: f93c9e8edde5e9166119de31755fc87b4aa34863662f67ddfcba14d0b6b69b61 ===================================== projects/translation/config ===================================== @@ -12,13 +12,13 @@ compress_tar: 'gz' steps: base-browser: base-browser: '[% INCLUDE build %]' - git_hash: 066d24af02663ecfbf181541acd4ebd0988499ef + git_hash: 8795469632fe36606cfdd89a4ff90dc4e94b7a83 targets: nightly: git_hash: 'base-browser' tor-browser: tor-browser: '[% INCLUDE build %]' - git_hash: 99856dfcaf4538a76980bb2e4666658ef2040cb0 + git_hash: 791740ded992dea01065a483d761225c30c93ecf targets: nightly: git_hash: 'tor-browser' @@ -32,7 +32,7 @@ steps: fenix: '[% INCLUDE build %]' # We need to bump the commit before releasing but just pointing to a branch # might cause too much rebuidling of the Firefox part. - git_hash: 51045186952e0eab228e4c887914beceaff76583 + git_hash: 546c1131528ab3af0c2300ac9b7ae2c6ca15a4f8 compress_tar: 'zst' targets: nightly: View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/9… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/9… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/torbrowser-launcher] Pushed new branch AsciiWolf-metainfo-fix
by asciiwolf (＠asciiwolf) 02 Nov '23

02 Nov '23

asciiwolf pushed new branch AsciiWolf-metainfo-fix at The Tor Project / Applications / torbrowser-launcher -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/torbrowser-launcher/-/tree/A… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser] Pushed new tag mullvad-browser-115.4.0esr-13.5-1-build2
by Pier Angelo Vendrame (＠pierov) 01 Nov '23

01 Nov '23

Pier Angelo Vendrame pushed new tag mullvad-browser-115.4.0esr-13.5-1-build2 at The Tor Project / Applications / Mullvad Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/mullv… You're receiving this email because of your account on gitlab.torproject.org.

1 0