February 2023 - tbb-commits - lists.torproject.org

[Git][tpo/applications/tor-browser][tor-browser-102.8.0esr-12.0-1] fixup! Bug 31286: Implementation of bridge, proxy, and firewall settings in...
by Richard Pospesel (＠richard) 28 Feb '23

28 Feb '23

Richard Pospesel pushed to branch tor-browser-102.8.0esr-12.0-1 at The Tor Project / Applications / Tor Browser Commits: 0a12a547 by Richard Pospesel at 2023-02-28T19:53:01+00:00 fixup! Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection fixed substring calculation to get short name of locale for bridge emojii names - - - - - 1 changed file: - browser/components/torpreferences/content/connectionPane.js Changes: ===================================== browser/components/torpreferences/content/connectionPane.js ===================================== @@ -741,7 +741,7 @@ const gConnectionPane = (function() { const annotations = await res.json(); const bcp47 = Services.locale.appLocaleAsBCP47; const dash = bcp47.indexOf("-"); - const lang = dash !== -1 ? bcp47.substring(dash) : bcp47; + const lang = dash !== -1 ? bcp47.substring(0, dash) : bcp47; if (bcp47 in annotations) { emojiAnnotations = annotations[bcp47]; } else if (lang in annotations) { View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/0a12a54… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/0a12a54… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 40793: Add some metadata also to the Windows installer
by Pier Angelo Vendrame (＠pierov) 27 Feb '23

27 Feb '23

Pier Angelo Vendrame pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 8d0aeaff by Pier Angelo Vendrame at 2023-02-27T18:57:02+01:00 Bug 40793: Add some metadata also to the Windows installer - - - - - 2 changed files: - projects/browser/windows-installer.nsi - projects/firefox/config Changes: ===================================== projects/browser/windows-installer.nsi ===================================== @@ -45,6 +45,15 @@ !define UNINST_KEY "Software\Microsoft\Windows\CurrentVersion\Uninstall\[% c('var/ProjectName') %]" [% END -%] +;-------------------------------- +;Metadata + + VIProductVersion "[% pc("firefox", "var/browser_series") %].0.0" + VIAddVersionKey "ProductName" "[% c('var/Project_Name') %]" + VIAddVersionKey "ProductVersion" "[% c('var/torbrowser_version') %]" + VIAddVersionKey "FileDescription" "[% c('var/Project_Name') %][% IF system_install_mode -%] System[% END -%] Installer" + VIAddVersionKey "LegalCopyright" "© [% pc("firefox", "var/copyright_year") %] The Tor Project" + ;-------------------------------- ;Interface Configuration @@ -164,7 +173,9 @@ Section "[% c('var/Project_Name') %]" SecBrowser WriteRegStr HKLM "${UNINST_KEY}" "DisplayName" "[% c('var/Project_Name') %]" WriteRegStr HKLM "${UNINST_KEY}" "UninstallString" "$\"$INSTDIR\uninstall.exe$\"" WriteRegStr HKLM "${UNINST_KEY}" "QuietUninstallString" "$\"$INSTDIR\uninstall.exe$\" /S" + WriteRegStr HKLM "${UNINST_KEY}" "Publisher" "The Tor Project" WriteRegStr HKLM "${UNINST_KEY}" "DisplayIcon" "$\"$INSTDIR\[% c('var/exe_name') %].exe$\"" + WriteRegStr HKLM "${UNINST_KEY}" "DisplayVersion" "[% c('var/torbrowser_version') %]" WriteRegDWORD HKLM "${UNINST_KEY}" "NoModify" "1" WriteRegDWORD HKLM "${UNINST_KEY}" "NoRepair" "1" ${GetSize} "$INSTDIR" "/S=0K" $0 $1 $2 ===================================== projects/firefox/config ===================================== @@ -13,7 +13,8 @@ container: var: firefox_platform_version: 102.8.0 firefox_version: '[% c("var/firefox_platform_version") %]esr' - browser_branch: '12.5-1' + browser_series: '12.5' + browser_branch: '[% c("var/browser_series") %]-1' browser_build: 3 branding_directory_prefix: 'tb' copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/8… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/8… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-102.8.0esr-12.5-1] 2 commits: fixup! Add TorStrings module for localization
by Richard Pospesel (＠richard) 27 Feb '23

27 Feb '23

Richard Pospesel pushed to branch tor-browser-102.8.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: 63afd83c by Dan Ballard at 2023-02-27T14:55:03+00:00 fixup! Add TorStrings module for localization bug 41085: add new strings for bridge removal dialog - - - - - 6518ee5b by Dan Ballard at 2023-02-27T14:55:03+00:00 fixup! Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection bug 41085: move remove all bridges button and modernize dialoge to proton - - - - - 5 changed files: - browser/components/torpreferences/content/connectionPane.js - browser/components/torpreferences/content/connectionPane.xhtml - browser/components/torpreferences/content/torPreferences.css - browser/modules/TorStrings.jsm - toolkit/torbutton/chrome/locale/en-US/settings.properties Changes: ===================================== browser/components/torpreferences/content/connectionPane.js ===================================== @@ -117,9 +117,9 @@ const gConnectionPane = (function() { locationEntries: "#torPreferences-bridges-locationEntries", chooseForMe: "#torPreferences-bridges-buttonChooseBridgeForMe", currentHeader: "#torPreferences-currentBridges-header", - currentHeaderText: "#torPreferences-currentBridges-headerText", currentDescription: "#torPreferences-currentBridges-description", currentDescriptionText: "#torPreferences-currentBridges-descriptionText", + switchLabel: "#torPreferences-currentBridges-enableAll-label", switch: "#torPreferences-currentBridges-switch", cards: "#torPreferences-currentBridges-cards", cardTemplate: "#torPreferences-bridgeCard-template", @@ -426,10 +426,9 @@ const gConnectionPane = (function() { const bridgeHeader = prefpane.querySelector( selectors.bridges.currentHeader ); - bridgeHeader.querySelector( - selectors.bridges.currentHeaderText - ).textContent = TorStrings.settings.bridgeCurrent; - const bridgeSwitch = bridgeHeader.querySelector(selectors.bridges.switch); + bridgeHeader.textContent = TorStrings.settings.bridgeCurrent; + prefpane.querySelector(selectors.bridges.switchLabel).textContent = TorStrings.settings.allBridgesEnabled; + const bridgeSwitch = prefpane.querySelector(selectors.bridges.switch); bridgeSwitch.addEventListener("change", () => { TorSettings.bridges.enabled = bridgeSwitch.checked; TorSettings.saveToPrefs(); @@ -860,35 +859,32 @@ const gConnectionPane = (function() { } { - const overlay = prefpane.querySelector(selectors.bridges.removeOverlay); this._confirmBridgeRemoval = () => { - overlay.classList.remove("hidden"); - }; - const closeDialog = () => { - overlay.classList.add("hidden"); + const aParentWindow = Services.wm.getMostRecentWindow("navigator:browser"); + + const ps = Services.prompt; + const btnFlags = + ps.BUTTON_POS_0 * ps.BUTTON_TITLE_IS_STRING + + ps.BUTTON_POS_0_DEFAULT + + ps.BUTTON_POS_1 * ps.BUTTON_TITLE_CANCEL; + + const notUsed = { value: false }; + const btnIndex = ps.confirmEx( + aParentWindow, + TorStrings.settings.bridgeRemoveAllDialogTitle, + TorStrings.settings.bridgeRemoveAllDialogDescription, + btnFlags, + TorStrings.settings.remove, + null, + null, + null, + notUsed + ); + + if (btnIndex === 0) { + this.onRemoveAllBridges(); + } }; - overlay.addEventListener("click", closeDialog); - const modal = prefpane.querySelector(selectors.bridges.removeModal); - modal.addEventListener("click", e => { - e.stopPropagation(); - }); - const dismiss = prefpane.querySelector(selectors.bridges.removeDismiss); - dismiss.addEventListener("click", closeDialog); - const question = prefpane.querySelector( - selectors.bridges.removeQuestion - ); - question.textContent = TorStrings.settings.removeBridgesQuestion; - const warning = prefpane.querySelector(selectors.bridges.removeWarning); - warning.textContent = TorStrings.settings.removeBridgesWarning; - const confirm = prefpane.querySelector(selectors.bridges.removeConfirm); - confirm.setAttribute("label", TorStrings.settings.remove); - confirm.addEventListener("command", () => { - this.onRemoveAllBridges(); - closeDialog(); - }); - const cancel = prefpane.querySelector(selectors.bridges.removeCancel); - cancel.setAttribute("label", TorStrings.settings.cancel); - cancel.addEventListener("command", closeDialog); } // Advanced setup ===================================== browser/components/torpreferences/content/connectionPane.xhtml ===================================== @@ -91,12 +91,17 @@ <button id="torPreferences-bridges-buttonChooseBridgeForMe" class="primary"/> </hbox> <html:h2 id="torPreferences-currentBridges-header"> - <html:span id="torPreferences-currentBridges-headerText"/> - <html:input type="checkbox" id="torPreferences-currentBridges-switch" class="toggle-button"/> </html:h2> <description flex="1" id="torPreferences-currentBridges-description"> <html:span id="torPreferences-currentBridges-descriptionText"/> </description> + <hbox align="center"> + <html:input type="checkbox" id="torPreferences-currentBridges-switch" class="toggle-button"/> + <html:label id="torPreferences-currentBridges-enableAll-label" for="torPreferences-currentBridges-switch"> + </html:label> + <spacer flex="1"/> + <button id="torPreferences-currentBridges-removeAll"/> + </hbox> <menupopup id="torPreferences-bridgeCard-menu"/> <vbox id="torPreferences-bridgeCard-template" class="torPreferences-bridgeCard"> <hbox class="torPreferences-bridgeCard-heading"> @@ -133,7 +138,6 @@ <vbox id="torPreferences-currentBridges-cards"></vbox> <vbox align="center"> <button id="torPreferences-currentBridges-showAll"/> - <button id="torPreferences-currentBridges-removeAll" class="primary danger-button"/> </vbox> <html:h2 id="torPreferences-addBridge-header"></html:h2> <hbox align="center"> @@ -176,17 +180,4 @@ </hbox> </groupbox> -<html:div id="bridge-remove-overlay" class="hidden"> - <html:div id="bridge-remove-modal"> - <html:img id="bridge-remove-dismiss" src="chrome://global/skin/icons/close.svg"/> - <html:div id="bridge-remove-icon"/> - <html:p id="bridge-remove-question"/> - <html:p id="bridge-remove-warning"/> - <html:div id="bridge-remove-buttonbar"> - <button id="bridge-remove-cancel"/> - <button id="bridge-remove-confirm"/> - </html:div> - </html:div> -</html:div> - </html:template> ===================================== browser/components/torpreferences/content/torPreferences.css ===================================== @@ -187,6 +187,12 @@ html:dir(rtl) input[type="checkbox"].toggle-button::before { font-weight: 700; } +#torPreferences-currentBridges-enableAll-label { + /* Block display to work with parent's xul box layout. */ + display: block; + margin-inline: 6px; +} + /* Bridge cards */ :root { --bridgeCard-animation-time: 0.25s; ===================================== browser/modules/TorStrings.jsm ===================================== @@ -111,7 +111,10 @@ const Loader = { bridgeCopy: "Copy Bridge Address", copied: "Copied!", bridgeShowAll: "Show All Bridges", + allBridgesEnabled: "Use current bridges", bridgeRemoveAll: "Remove All Bridges", + bridgeRemoveAllDialogTitle: "Remove all bridges?", + bridgeRemoveAllDialogDescription: "If these bridges were received from torproject.org or added manually, this action cannot be undone", bridgeAdd: "Add a New Bridge", bridgeSelectBrowserBuiltin: "Choose from one of Tor Browser’s built-in bridges", ===================================== toolkit/torbutton/chrome/locale/en-US/settings.properties ===================================== @@ -43,7 +43,10 @@ settings.bridgeShare=Share this bridge using the QR code or by copying its addre settings.bridgeCopy=Copy Bridge Address settings.copied=Copied! settings.bridgeShowAll=Show All Bridges +settings.allBridgesEnabled=Use current bridges settings.bridgeRemoveAll=Remove All Bridges +settings.bridgeRemoveAllDialogTitle=Remove all bridges? +settings.bridgeRemoveAllDialogDescription=If these bridges were received from torproject.org or added manually, this action cannot be undone settings.bridgeAdd=Add a New Bridge settings.bridgeSelectBrowserBuiltin=Choose from one of Tor Browser’s built-in bridges settings.bridgeSelectBuiltin=Select a Built-In Bridge… View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/d81464… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/d81464… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-102.8.0esr-12.5-1] Bug 41635: Disable the Normandy component
by Richard Pospesel (＠richard) 27 Feb '23

27 Feb '23

Richard Pospesel pushed to branch base-browser-102.8.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: 21d60922 by Pier Angelo Vendrame at 2023-02-27T14:53:20+00:00 Bug 41635: Disable the Normandy component Do not include Normandy at all whenever MOZ_NORMANDY is False. - - - - - 2 changed files: - browser/components/BrowserGlue.jsm - toolkit/components/moz.build Changes: ===================================== browser/components/BrowserGlue.jsm ===================================== @@ -1934,7 +1934,13 @@ BrowserGlue.prototype = { () => PageDataService.uninit(), () => PageThumbs.uninit(), () => NewTabUtils.uninit(), - () => Normandy.uninit(), + + () => { + if (AppConstants.MOZ_NORMANDY) { + Normandy.uninit(); + } + }, + () => RFPHelper.uninit(), () => UpdateListener.reset(), ]; ===================================== toolkit/components/moz.build ===================================== @@ -123,7 +123,9 @@ if CONFIG["MOZ_WIDGET_TOOLKIT"] != "android": ] if CONFIG["MOZ_BUILD_APP"] == "browser": - DIRS += ["normandy", "messaging-system"] + if CONFIG["MOZ_NORMANDY"]: + DIRS += ["normandy"] + DIRS += ["messaging-system"] DIRS += ["nimbus"] View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/21d6092… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/21d6092… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-102.8.0esr-12.5-1] Bug 41635: Disable the Normandy component
by Richard Pospesel (＠richard) 27 Feb '23

27 Feb '23

Richard Pospesel pushed to branch tor-browser-102.8.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: d814648c by Pier Angelo Vendrame at 2023-02-27T14:09:58+00:00 Bug 41635: Disable the Normandy component Do not include Normandy at all whenever MOZ_NORMANDY is False. - - - - - 2 changed files: - browser/components/BrowserGlue.jsm - toolkit/components/moz.build Changes: ===================================== browser/components/BrowserGlue.jsm ===================================== @@ -2011,7 +2011,13 @@ BrowserGlue.prototype = { () => PageDataService.uninit(), () => PageThumbs.uninit(), () => NewTabUtils.uninit(), - () => Normandy.uninit(), + + () => { + if (AppConstants.MOZ_NORMANDY) { + Normandy.uninit(); + } + }, + () => RFPHelper.uninit(), () => UpdateListener.reset(), () => OnionAliasStore.uninit(), ===================================== toolkit/components/moz.build ===================================== @@ -124,7 +124,9 @@ if CONFIG["MOZ_WIDGET_TOOLKIT"] != "android": ] if CONFIG["MOZ_BUILD_APP"] == "browser": - DIRS += ["normandy", "messaging-system"] + if CONFIG["MOZ_NORMANDY"]: + DIRS += ["normandy"] + DIRS += ["messaging-system"] DIRS += ["nimbus"] View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/d814648… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/d814648… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-102.8.0esr-12.5-1] 2 commits: Revert "Bug 41629: Fix errors with MOZ_SERVICES_SYNC=False"
by Pier Angelo Vendrame (＠pierov) 27 Feb '23

27 Feb '23

Pier Angelo Vendrame pushed to branch base-browser-102.8.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: bc8fc896 by Richard Pospesel at 2023-02-27T09:47:57+01:00 Revert "Bug 41629: Fix errors with MOZ_SERVICES_SYNC=False" This reverts commit 8f61c9c0b06a1820caeb4683595cec98f0ad88b9. current implementation breaks about:preferences due to runtime errors - - - - - a4aaf6e6 by Richard Pospesel at 2023-02-27T09:48:26+01:00 Revert "fixup! Base Browser's .mozconfigs." This reverts commit 9ac0abfdd9f4bcb53841c40d3b42d34bec92b262. - - - - - 5 changed files: - browser/base/content/browser-sync.js - browser/components/BrowserGlue.jsm - browser/installer/package-manifest.in - browser/moz.configure - toolkit/modules/moz.build Changes: ===================================== browser/base/content/browser-sync.js ===================================== @@ -5,11 +5,7 @@ // This file is loaded into the browser window scope. /* eslint-env mozilla/browser-window */ -ChromeUtils.defineModuleGetter( - this, - "UIState", - "resource://services-sync/UIState.jsm" -); +const { UIState } = ChromeUtils.import("resource://services-sync/UIState.jsm"); ChromeUtils.defineModuleGetter( this, @@ -346,9 +342,7 @@ var gSync = { // once syncing completes (bug 1239042). _syncStartTime: 0, _syncAnimationTimer: 0, - _obs: AppConstants.MOZ_SERVICES_SYNC - ? ["weave:engine:sync:finish", "quit-application", UIState.ON_UPDATE] - : [], + _obs: ["weave:engine:sync:finish", "quit-application", UIState.ON_UPDATE], get log() { if (!this._log) { @@ -464,7 +458,7 @@ var gSync = { this._definePrefGetters(); - if (!AppConstants.MOZ_SERVICES_SYNC || !this.FXA_ENABLED) { + if (!this.FXA_ENABLED) { this.onFxaDisabled(); return; } @@ -1535,7 +1529,7 @@ var gSync = { // can lead to a empty label for 'Send To Device' Menu. this.init(); - if (!AppConstants.MOZ_SERVICES_SYNC || !this.FXA_ENABLED) { + if (!this.FXA_ENABLED) { // These items are hidden in onFxaDisabled(). No need to do anything. return; } @@ -1570,7 +1564,7 @@ var gSync = { // "Send Page to Device" and "Send Link to Device" menu items updateContentContextMenu(contextMenu) { - if (!AppConstants.MOZ_SERVICES_SYNC || !this.FXA_ENABLED) { + if (!this.FXA_ENABLED) { // These items are hidden by default. No need to do anything. return false; } ===================================== browser/components/BrowserGlue.jsm ===================================== @@ -718,10 +718,10 @@ let JSWINDOWACTORS = { }, }; -XPCOMUtils.defineLazyGetter(this, "WeaveService", () => - AppConstants.MOZ_SERVICES_SYNC - ? Cc["@mozilla.org/weave/service;1"].getService().wrappedJSObject - : null +XPCOMUtils.defineLazyGetter( + this, + "WeaveService", + () => Cc["@mozilla.org/weave/service;1"].getService().wrappedJSObject ); if (AppConstants.MOZ_CRASHREPORTER) { @@ -2690,7 +2690,7 @@ BrowserGlue.prototype = { // Schedule a sync (if enabled) after we've loaded { task: async () => { - if (WeaveService?.enabled) { + if (WeaveService.enabled) { await WeaveService.whenLoaded(); WeaveService.Weave.Service.scheduler.autoConnect(); } ===================================== browser/installer/package-manifest.in ===================================== @@ -179,17 +179,7 @@ @RESPATH@/browser/components/MacTouchBar.manifest @RESPATH@/browser/components/MacTouchBar.js #endif -; TODO: Remove this in ESR-115. -; If everything goes well, this patch will not be necessary in 115, because we -; have also an upstream bug. -; I suspect this is somehow incorrect, and that MOZ_SERVICES_SYNC is actually -; never defined for the makefile (it is not for Firefox 112, which builds -; correctly with MOZ_SERVICES_SYNC == False, even without this ifdef). -; But we are interested in disabling it, so using either this, or #if 0 would be -; fine for us. -#ifdef MOZ_SERVICES_SYNC @RESPATH@/components/SyncComponents.manifest -#endif @RESPATH@/components/servicesComponents.manifest @RESPATH@/components/servicesSettings.manifest @RESPATH@/components/cryptoComponents.manifest ===================================== browser/moz.configure ===================================== @@ -7,8 +7,7 @@ imply_option("MOZ_PLACES", True) # tor-browser#32493 imply_option("MOZ_SERVICES_HEALTHREPORT", False) -# tor-browser#41629 -imply_option("MOZ_SERVICES_SYNC", False) +imply_option("MOZ_SERVICES_SYNC", True) imply_option("MOZ_DEDICATED_PROFILES", True) imply_option("MOZ_BLOCK_PROFILE_DOWNGRADE", True) # tor-browser#33734 ===================================== toolkit/modules/moz.build ===================================== @@ -291,7 +291,6 @@ for var in ( for var in ( "MOZ_ALLOW_ADDON_SIDELOAD", "MOZ_BACKGROUNDTASKS", - "MOZ_SERVICES_SYNC", "MOZ_SYSTEM_NSS", "MOZ_SYSTEM_POLICIES", "MOZ_UNSIGNED_APP_SCOPE", View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/24aca1… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/24aca1… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-102.8.0esr-12.5-1] Revert "fixup! Base Browser's .mozconfigs."
by Richard Pospesel (＠richard) 25 Feb '23

25 Feb '23

Richard Pospesel pushed to branch tor-browser-102.8.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: 85b5aa49 by Richard Pospesel at 2023-02-25T12:39:13+00:00 Revert "fixup! Base Browser's .mozconfigs." This reverts commit 9ac0abfdd9f4bcb53841c40d3b42d34bec92b262. - - - - - 1 changed file: - browser/moz.configure Changes: ===================================== browser/moz.configure ===================================== @@ -7,8 +7,7 @@ imply_option("MOZ_PLACES", True) # tor-browser#32493 imply_option("MOZ_SERVICES_HEALTHREPORT", False) -# tor-browser#41629 -imply_option("MOZ_SERVICES_SYNC", False) +imply_option("MOZ_SERVICES_SYNC", True) imply_option("MOZ_DEDICATED_PROFILES", False) imply_option("MOZ_BLOCK_PROFILE_DOWNGRADE", False) # tor-browser#33734 View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/85b5aa4… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/85b5aa4… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-102.8.0esr-12.5-1] Revert "Bug 41629: Fix errors with MOZ_SERVICES_SYNC=False"
by Richard Pospesel (＠richard) 24 Feb '23

24 Feb '23

Richard Pospesel pushed to branch tor-browser-102.8.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: cc0c58ab by Richard Pospesel at 2023-02-24T11:29:13+00:00 Revert "Bug 41629: Fix errors with MOZ_SERVICES_SYNC=False" This reverts commit 8f61c9c0b06a1820caeb4683595cec98f0ad88b9. current implementation breaks about:preferences due to runtime errors - - - - - 4 changed files: - browser/base/content/browser-sync.js - browser/components/BrowserGlue.jsm - browser/installer/package-manifest.in - toolkit/modules/moz.build Changes: ===================================== browser/base/content/browser-sync.js ===================================== @@ -5,11 +5,7 @@ // This file is loaded into the browser window scope. /* eslint-env mozilla/browser-window */ -ChromeUtils.defineModuleGetter( - this, - "UIState", - "resource://services-sync/UIState.jsm" -); +const { UIState } = ChromeUtils.import("resource://services-sync/UIState.jsm"); ChromeUtils.defineModuleGetter( this, @@ -346,9 +342,7 @@ var gSync = { // once syncing completes (bug 1239042). _syncStartTime: 0, _syncAnimationTimer: 0, - _obs: AppConstants.MOZ_SERVICES_SYNC - ? ["weave:engine:sync:finish", "quit-application", UIState.ON_UPDATE] - : [], + _obs: ["weave:engine:sync:finish", "quit-application", UIState.ON_UPDATE], get log() { if (!this._log) { @@ -464,7 +458,7 @@ var gSync = { this._definePrefGetters(); - if (!AppConstants.MOZ_SERVICES_SYNC || !this.FXA_ENABLED) { + if (!this.FXA_ENABLED) { this.onFxaDisabled(); return; } @@ -1535,7 +1529,7 @@ var gSync = { // can lead to a empty label for 'Send To Device' Menu. this.init(); - if (!AppConstants.MOZ_SERVICES_SYNC || !this.FXA_ENABLED) { + if (!this.FXA_ENABLED) { // These items are hidden in onFxaDisabled(). No need to do anything. return; } @@ -1570,7 +1564,7 @@ var gSync = { // "Send Page to Device" and "Send Link to Device" menu items updateContentContextMenu(contextMenu) { - if (!AppConstants.MOZ_SERVICES_SYNC || !this.FXA_ENABLED) { + if (!this.FXA_ENABLED) { // These items are hidden by default. No need to do anything. return false; } ===================================== browser/components/BrowserGlue.jsm ===================================== @@ -791,10 +791,10 @@ if (AppConstants.TOR_BROWSER_UPDATE) { }; } -XPCOMUtils.defineLazyGetter(this, "WeaveService", () => - AppConstants.MOZ_SERVICES_SYNC - ? Cc["@mozilla.org/weave/service;1"].getService().wrappedJSObject - : null +XPCOMUtils.defineLazyGetter( + this, + "WeaveService", + () => Cc["@mozilla.org/weave/service;1"].getService().wrappedJSObject ); if (AppConstants.MOZ_CRASHREPORTER) { @@ -2795,7 +2795,7 @@ BrowserGlue.prototype = { // Schedule a sync (if enabled) after we've loaded { task: async () => { - if (WeaveService?.enabled) { + if (WeaveService.enabled) { await WeaveService.whenLoaded(); WeaveService.Weave.Service.scheduler.autoConnect(); } ===================================== browser/installer/package-manifest.in ===================================== @@ -181,17 +181,7 @@ @RESPATH@/browser/components/MacTouchBar.manifest @RESPATH@/browser/components/MacTouchBar.js #endif -; TODO: Remove this in ESR-115. -; If everything goes well, this patch will not be necessary in 115, because we -; have also an upstream bug. -; I suspect this is somehow incorrect, and that MOZ_SERVICES_SYNC is actually -; never defined for the makefile (it is not for Firefox 112, which builds -; correctly with MOZ_SERVICES_SYNC == False, even without this ifdef). -; But we are interested in disabling it, so using either this, or #if 0 would be -; fine for us. -#ifdef MOZ_SERVICES_SYNC @RESPATH@/components/SyncComponents.manifest -#endif @RESPATH@/components/servicesComponents.manifest @RESPATH@/components/servicesSettings.manifest @RESPATH@/components/cryptoComponents.manifest ===================================== toolkit/modules/moz.build ===================================== @@ -293,7 +293,6 @@ for var in ( for var in ( "MOZ_ALLOW_ADDON_SIDELOAD", "MOZ_BACKGROUNDTASKS", - "MOZ_SERVICES_SYNC", "MOZ_SYSTEM_NSS", "MOZ_SYSTEM_POLICIES", "MOZ_UNSIGNED_APP_SCOPE", View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/cc0c58a… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/cc0c58a… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 40795: Trim down tor-browser-build release prep issue templates
by Richard Pospesel (＠richard) 23 Feb '23

23 Feb '23

Richard Pospesel pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: e9dc91e5 by Richard Pospesel at 2023-02-23T18:41:12+00:00 Bug 40795: Trim down tor-browser-build release prep issue templates - - - - - 2 changed files: - .gitlab/issue_templates/Release Prep - Alpha.md - .gitlab/issue_templates/Release Prep - Stable.md Changes: ===================================== .gitlab/issue_templates/Release Prep - Alpha.md ===================================== @@ -5,8 +5,6 @@ - `$(STAGING_SERVER)` : the server the signer is using to to run the signing process - `$(ESR_VERSION)` : the Mozilla defined ESR version, used in various places for building tor-browser tags, labels, etc - example : `91.6.0` -- `$(RR_VERSION)` : the Mozilla defined Rapid-Release version; Tor Browser for Android is based off of the `$(ESR_VERSION)`, but Mozilla's Firefox for Android is based off of the `$(RR_VERSION)` so we need to keep track of security vulnerabilities to backport from the monthly Rapid-Release train and our frozen ESR train. - - example: `103` - `$(ESR_TAG)` : the Mozilla defined hg (Mercurial) tag associated with `$(ESR_VERSION)` - exmaple : `FIREFOX_91_7_0esr_BUILD2` - `$(ESR_TAG_PREV)` : the Mozilla defined hg (Mercurial) tag associated with the previous ESR version when rebasing (ie, the ESR version we are rebasing from) @@ -23,91 +21,12 @@ - if we have build failures unrelated to `tor-browser`, the `$(TOR_BROWSER_BUILD_N)` value will increase while the `$(BUILD_N)` will stay the same. - `$(TOR_BROWSER_VERSION)` : the published Tor Browser version - example : `11.5a6`, `11.0.7` -- `$(TOR_BROWSER_BRANCH)` : the full name of tor-browser branch - - typically of the form: `tor-browser-$(ESR_VERSION)esr-$(TOR_BROWSER_MAJOR).$(TOR-BROWSER_MINOR)-1` -- `$(TOR_BROWSER_BRANCH_PREV)` : the full name of the previous tor-browser branch (when rebasing) </details> -<details> - <summary>Android</summary> - -### **Security Vulnerabilities Backport** : https://www.mozilla.org/en-US/security/advisories/ -- **NOTE** : this work usually first occurs during the Tor Browser Stable release, so for alpha we typically only need to update the various `tor-browser-build` configs to point to the right release tags. -- [ ] Create tor-browser issue `Backport Android-specific Firefox $(RR_VERSION) to ESR $(ESR_VERSION)-based Tor Browser` - - [ ] Link new backport issue to this release prep issue -- [ ] Go through any `Security Vulnerabilities fixed in Firefox $(RR_VERSION)` (or similar) and create list of CVEs which affect Android that need to be a backported - - Potentially Affected Components: - - `firefox`/`geckoview` - - `application-services` - - `android-components` - - `fenix` - -### **application-services** ***(Optional)*** : *TODO: we need to setup a gitlab copy of this repo that we can apply security backports to* -- [ ] Backport any Android-specific security fixes from Firefox rapid-release -- [ ] Sign/Tag commit: - - Tag : `application-services-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)` - - Message: `Tagging $(BUILD_N) for $(ESR_VERSION)-based alpha` -- [ ] Push tag to `origin` - -### **android-components** ***(Optional)*** : https://gitlab.torproject.org/tpo/applications/android-components.git -- [ ] Backport any Android-specific security fixes from Firefox rapid-release -- [ ] Sign/Tag commit: - - Tag : `android-components-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)` - - Message: `Tagging $(BUILD_N) for $(ESR_VERSION)-based alpha)` -- [ ] Push tag to `origin` - -### **fenix** ***(Optional)*** : https://gitlab.torproject.org/tpo/applications/fenix.git -- [ ] Backport any Android-specific security fixes from Firefox rapid-release -- [ ] Sign/Tag commit: - - Tag : `tor-browser-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)` - - Message: `Tagging $(BUILD_N) for $(ESR_VERSION)-based alpha)` -- [ ] Push tag to `origin` - -</details> - -<details> - <summary>Shared</summary> - -### tor-browser: https://gitlab.torproject.org/tpo/applications/tor-browser.git -- [ ] ***(Optional)*** Backport any Android-specific security fixes from Firefox rapid-release -- [ ] ***(Optional, Chemspill)*** Backport security-fixes to both `tor-browser` and `base-browser` branches -- [ ] ***(Optional)*** Rebase to `$(ESR_VERSION)` - - [ ] Find the Firefox hg tag here : https://hg.mozilla.org/releases/mozilla-esr102/tags - - [ ] `$(ESR_TAG)` : `<INSERT_TAG_HERE>` - - [ ] Identify the hg patch associated with above hg tag, and find the equivalent `gecko-dev` git commit (search by commit message) - - [ ] `gecko-dev` commit : `<INSERT_COMMIT_HASH_HERE>` - - [ ] Sign/Tag `gecko-dev` commit : - - Tag : `$(ESR_TAG)` - - Message : `Hg tag $(ESR_TAG)` - - [ ] Create new `tor-browser` branch with the discovered `gecko-dev` commit as `HEAD` named: - - `tor-browser-$(ESR_VERSION)esr-$(TOR_BROWSER_MAJOR).$(TOR-BROWSER_MINOR)-1` - - [ ] Push new branches and esr tag to origin - - [ ] Rebase previous `tor-browser` patches onto the new `gecko-dev` branch - - [ ] Compare patch-sets (ensure nothing *weird* happened during rebase): - - [ ] rangediff: `git range-diff $(ESR_TAG_PREV)..$(TOR_BROWSER_BRANCH_PREV) $(ESR_TAG)..$(TOR_BROWSER_BRANCH)` - - [ ] diff of diffs: - - Do the diff between `current_patchset.diff` and `rebased_patchset.diff` with your preferred `$(DIFF_TOOL)` and look at differences on lines that starts with + or - - - [ ] `git diff $(ESR_TAG_PREV)..$(TOR_BROWSER_BRANCH_PREV) > current_patchset.diff` - - [ ] `git diff $(ESR_TAG)..$(TOR_BROWSER_BRANCH) > rebased_patchset.diff` - - [ ] `$(DIFF_TOOL) current_patchset.diff rebased_patchset.diff` - - [ ] Open MR for the rebase - - [ ] Merge -- [ ] Sign/Tag `tor-browser` commit : - - Tag : `tor-browser-$(ESR_VERSION)esr-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(FIREFOX_BUILD_N)` - - Message : `Tagging $(FIREFOX_BUILD_N) for $(ESR_VERSION)esr-based alpha` -- [ ] Create `base-browser` branch from rebased `tor-browser` branch named: - - `base-browser-$(ESR_VERSION)esr-$(TOR_BROWSER_MAJOR).$(TOR-BROWSER_MINOR)-1` - - **NOTE** : Currently we are using the `Bug 40926: Implemented the New Identity feature` commit as the final commit of `base-browser` before `tor-browser` -- [ ] Sign/Tag `base-browser` commit : - - Tag : `base-browser-$(ESR_VERSION)esr-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-build1` - - Message: `Tagging build1 for $(ESR_VERSION)esr-based alpha` -- [ ] Push tags to `origin` -- [ ] Update Gitlab Default Branch to new Alpha branch: https://gitlab.torproject.org/tpo/applications/tor-browser/-/settings/repos… - -</details> +**NOTE** It is assumed that the `tor-browser` rebase and security backport tasks have been completed <details> - <summary>Build</summary> + <summary>Build Updates</summary> ### tor-browser-build: https://gitlab.torproject.org/tpo/applications/tor-browser-build.git Tor Browser Alpha (and Nightly) are on the `main` branch @@ -115,9 +34,9 @@ Tor Browser Alpha (and Nightly) are on the `main` branch - [ ] Update `rbm.conf` - [ ] `var/torbrowser_version` : update to next version - [ ] `var/torbrowser_build` : update to `$(TOR_BROWSER_BUILD_N)` - - [ ] ***(Optional, Desktop)*** `var/torbrowser_incremental_from` : update to previous Desktop version - - [ ] **IMPORTANT**: Really *actually* make sure this is the previous Desktop version or else the `make incrementals-*` step will fail -- [ ] ***(Optional)*** Update Desktop-specific build configs + - [ ] ***(Desktop Only)***`var/torbrowser_incremental_from` : update to previous Desktop version + - **IMPORTANT**: Really *actually* make sure this is the previous Desktop version or else the `make incrementals-*` step will fail +- [ ] Update Desktop-specific build configs - [ ] Update `projects/firefox/config` - [ ] `git_hash` : update the `$(BUILD_N)` section to match `tor-browser` tag - [ ] ***(Optional)*** `var/firefox_platform_version` : update to latest `$(ESR_VERSION)` if rebased @@ -127,7 +46,7 @@ Tor Browser Alpha (and Nightly) are on the `main` branch - [ ] `steps/base-browser-fluent/git_hash` : update with `HEAD` commit of project's `basebrowser-newidentityftl` branch - [ ] `steps/tor-browser/git_hash` : update with `HEAD` commit of project's `tor-browser` branch - [ ] `steps/fenix/git_hash` : update with `HEAD` commit of project's `fenix-torbrowserstringsxml` branch -- [ ] ***(Optional)*** Update Android-specific build configs +- [ ] Update Android-specific build configs - [ ] ***(Optional)*** Update `projects/geckoview/config` - [ ] `git_hash` : update the `$(BUILD_N)` section to match `tor-browser` tag - [ ] ***(Optional)*** `var/geckoview_version` : update to latest `$(ESR_VERSION)` if rebased @@ -163,7 +82,7 @@ Tor Browser Alpha (and Nightly) are on the `main` branch - [ ] ***(Optional)*** Update `projects/go/config` - [ ] `version` : update go version - [ ] `input_files/sha256sum` for `go` : update sha256sum of archive (sha256 sums are displayed on the go download page) - - [ ] ***(Optional)*** Update the manual : https://gitlab.torproject.org/tpo/web/manual/-/jobs/ + - [ ] Update the manual : https://gitlab.torproject.org/tpo/web/manual/-/jobs/ - [ ] Download the `artifacts.zip` file from latest build stage row (download icon button on the right) - [ ] Rename it to `manual_$PIPELINEID.zip` - [ ] Upload it to people.tpo @@ -178,40 +97,62 @@ Tor Browser Alpha (and Nightly) are on the `main` branch - Make sure you have `requests` installed (e.g., `apt install python3-requests`) - The first time you run this script you will need to generate an access token; the script will guide you - [ ] Copy the output of the script to the beginning of `ChangeLog.txt` and adjust its output - - At the moment, the script does not create a _Build System_ section - If you used the issue number, you will need to write the Tor Browser version manually + - [ ] Include any version updates for: + - [ ] translations + - [ ] OpenSSL + - [ ] NoScript + - [ ] Go + - [ ] zlib + - [ ] Include any ESR rebase for Firefox and GeckoView - [ ] Open MR with above changes - [ ] Begin build on `$(BUILD_SERVER)` (fix any issues which come up and update MR) - [ ] Merge - [ ] Sign/Tag commit: `make signtag-alpha` - [ ] Push tag to `origin` + </details> <details> - <summary>Communications</summary> + <summary>Communications</summary> ### notify stakeholders + + <details> + <summary>email template</summary> + + Hello All, + + Unsigned Tor Browser $(TOR_BROWSER_VERSION) alpha candidate builds are now available for testing: + + - https://tb-build-05.torproject.org/~$(BUILDER)/builds/release/unsigned/$(TO… + + The full changelog can be found here: + + - https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/raw/main… + + </details> + - [ ] Email tor-qa mailing list: tor-qa(a)lists.torproject.org - - [ ] Provide links to unsigned builds on `$(BUILD_SERVER)` - - [ ] Note any new functionality which needs testing - - [ ] Link to any known issues -- [ ] Email downstream consumers: + - Additional information: + - [ ] Note any new functionality which needs testing + - [ ] Link to any known issues +- [ ] ***(Optional, only around build/packaging changes)*** Email downstream consumers: - Recipients: - - [ ] Tails dev mailing list: tails-dev(a)boum.org - - [ ] Guardian Project: nathan(a)guardianproject.info - - [ ] torbrowser-launcher: micah(a)micahflee.com - - [ ] FreeBSD port: freebsd(a)sysctl.cz  - - [ ] OpenBSD port: caspar(a)schutijser.com  - - [ ] Provide links to unsigned builds on `$(BUILD_SERVER)` + - Tails dev mailing list: tails-dev(a)boum.org + - Guardian Project: nathan(a)guardianproject.info + - torbrowser-launcher: micah(a)micahflee.com + - FreeBSD port: freebsd(a)sysctl.cz  + - OpenBSD port: caspar(a)schutijser.com  - [ ] Note any changes which may affect packaging/downstream integration - [ ] Email upstream stakeholders: - - [ ] ***(Optional, after ESR migration)*** Cloudflare: ask-research(a)cloudflare.com + - ***(Optional, after ESR migration)*** Cloudflare: ask-research(a)cloudflare.com - **NOTE** : We need to provide them with updated user agent string so they can update their internal machinery to prevent Tor Browser users from getting so many CAPTCHAs </details> <details> - <summary>Signing/Publishing</summary> + <summary>Signing</summary> ### signing + publishing - [ ] Ensure builders have matching builds @@ -242,26 +183,32 @@ Tor Browser Alpha (and Nightly) are on the `main` branch - **NOTE**: at this point the signed binaries should have been copied to `staticiforme` - [ ] Update `staticiforme.torproject.org`: - From `screen` session on `staticiforme.torproject.org`: + - [ ] Static update components : `static-update-component cdn.torproject.org && static-update-component dist.torproject.org` + - [ ] Enable update responses : `sudo -u tb-release ./deploy_update_responses-alpha.sh` - [ ] Remove old release data from following places: - **NOTE** : Skip this step if the current release is Android or Desktop *only* - [ ] `/srv/cdn-master.torproject.org/htdocs/aus1/torbrowser` - [ ] `/srv/dist-master.torproject.org/htdocs/torbrowser` - - [ ] Static update components : `static-update-component cdn.torproject.org && static-update-component dist.torproject.org` - - [ ] Enable update responses : `sudo -u tb-release ./deploy_update_responses-alpha.sh` + - [ ] Static update components (again) : `static-update-component cdn.torproject.org && static-update-component - [ ] Publish APKs to Google Play: - Log into https://play.google.com/apps/publish - Select `Tor Browser (Alpha)` app - - Navigate to `Release > Production` and click `Create new release` button - - [ ] Upload the `*.multi.apk` APKs - - [ ] Update Release Name to Tor Browser version number - - [ ] Update Release Notes + - Navigate to `Release > Production` and click `Create new release` button: + - Upload the `*.multi.apk` APKs + - Update Release Name to Tor Browser version number + - Update Release Notes - Next to 'Release notes', click `Copy from a previous release` - - [ ] Edit blog post url to point to most recent blog post + - Edit blog post url to point to most recent blog post - Save, review, and configure rollout percentage - [ ] 25% rollout when publishing a scheduled update - [ ] 100% rollout when publishing a security-driven release - [ ] Update rollout percentage to 100% after confirmed no major issues +</details> + +<details> + <summary>Publishing</summary> + ### website: https://gitlab.torproject.org/tpo/web/tpo.git - [ ] `databags/versions.ini` : Update the downloads versions - `torbrowser-stable/version` : sort of a catch-all for latest stable version ===================================== .gitlab/issue_templates/Release Prep - Stable.md ===================================== @@ -4,16 +4,16 @@ - `$(BUILD_SERVER)` : the server the main builder is using to build a tor-browser release - `$(STAGING_SERVER)` : the server the signer is using to to run the signing process - `$(ESR_VERSION)` : the Mozilla defined ESR version, used in various places for building tor-browser tags, labels, etc - - example : `91.6.0` -- `$(RR_VERSION)` : the Mozilla defined Rapid-Release version; Tor Browser for Android is based off of the `$(ESR_VERSION)`, but Mozilla's Firefox for Android is based off of the `$(RR_VERSION)` so we need to keep track of security vulnerabilities to backport from the monthly Rapid-Release train and our frozen ESR train. - - example: `103` + - example : `91.6.0` - `$(ESR_TAG)` : the Mozilla defined hg (Mercurial) tag associated with `$(ESR_VERSION)` - - exmaple : `FIREFOX_91_7_0esr_BUILD2` + - exmaple : `FIREFOX_91_7_0esr_BUILD2` - `$(ESR_TAG_PREV)` : the Mozilla defined hg (Mercurial) tag associated with the previous ESR version when rebasing (ie, the ESR version we are rebasing from) - `$(TOR_BROWSER_MAJOR)` : the Tor Browser major version - - example : `11` + - example : `11` - `$(TOR_BROWSER_MINOR)` : the Tor Browser minor version - - example : either `0` or `5`; Alpha's is always `(Stable + 5) % 10` + - example : either `0` or `5`; Alpha's is always `(Stable + 5) % 10` +- `$(TOR_BROWSER_VERSION)` : the Tor Browser version in the format + - example: `12.5a3`, `12.0.3` - `$(BUILD_N)` : a project's build revision within a its branch; this is separate from the `$(TOR_BROWSER_BUILD_N)` value; many of the Firefox-related projects have a `$(BUILD_N)` suffix and may differ between projects even when they contribute to the same build. - example : `build1` - `$(TOR_BROWSER_BUILD_N)` : the tor-browser build revision for a given Tor Browser release; used in tagging git commits @@ -23,89 +23,12 @@ - if we have build failures unrelated to `tor-browser`, the `$(TOR_BROWSER_BUILD_N)` value will increase while the `$(BUILD_N)` will stay the same. - `$(TOR_BROWSER_VERSION)` : the published Tor Browser version - example : `11.5a6`, `11.0.7` -- `$(TOR_BROWSER_BRANCH)` : the full name of tor-browser branch - - typically of the form: `tor-browser-$(ESR_VERSION)esr-$(TOR_BROWSER_MAJOR).$(TOR-BROWSER_MINOR)-1` -- `$(TOR_BROWSER_BRANCH_PREV)` : the full name of the previous tor-browser branch (when rebasing) </details> -<details> - <summary>Android</summary> - -### **Security Vulnerabilities Backport** : https://www.mozilla.org/en-US/security/advisories/ -- [ ] Create tor-browser issue `Backport Android-specific Firefox $(RR_VERSION) to ESR $(ESR_VERSION)-based Tor Browser` - - [ ] Link new backport issue to this release prep issue -- [ ] Go through any `Security Vulnerabilities fixed in Firefox $(RR_VERSION)` (or similar) and create list of CVEs which affect Android that need to be a backported - - Potentially Affected Components: - - `firefox`/`geckoview` - - `application-services` - - `android-components` - - `fenix` - -### **application-services** ***(Optional)*** : *TODO: we need to setup a gitlab copy of this repo that we can apply security backports to* -- [ ] Backport any Android-specific security fixes from Firefox rapid-release -- [ ] Sign/Tag commit: - - Tag : `application-services-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)` - - Message: `Tagging $(BUILD_N) for $(ESR_VERSION)-based stable` -- [ ] Push tag to `origin` - -### **android-components** ***(Optional)*** : https://gitlab.torproject.org/tpo/applications/android-components.git -- [ ] Backport any Android-specific security fixes from Firefox rapid-release -- [ ] Sign/Tag commit: - - Tag : `android-components-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)` - - Message: `Tagging $(BUILD_N) for $(ESR_VERSION)-based stable)` -- [ ] Push tag to `origin` - -### **fenix** ***(Optional)*** : https://gitlab.torproject.org/tpo/applications/fenix.git -- [ ] Backport any Android-specific security fixes from Firefox rapid-release -- [ ] Sign/Tag commit: - - Tag : `tor-browser-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)` - - Message: `Tagging $(BUILD_N) for $(ESR_VERSION)-based stable)` -- [ ] Push tag to `origin` - -</details> - -<details> - <summary>Shared</summary> - -### tor-browser: https://gitlab.torproject.org/tpo/applications/tor-browser.git -- [ ] ***(Optional)*** Backport any Android-specific security fixes from Firefox rapid-release -- [ ] ***(Optional, Chemspill)*** Backport security-fixes to both `tor-browser` and `base-browser` branches -- [ ] ***(Optional)*** Rebase to `$(ESR_VERSION)` - - [ ] Find the Firefox hg tag here : https://hg.mozilla.org/releases/mozilla-esr102/tags - - [ ] `$(ESR_TAG)` : `<INSERT_TAG_HERE>` - - [ ] Identify the hg patch associated with above hg tag, and find the equivalent `gecko-dev` git commit (search by commit message) - - [ ] `gecko-dev` commit : `<INSERT_COMMIT_HASH_HERE>` - - [ ] Sign/Tag `gecko-dev` commit : - - Tag : `$(ESR_TAG)` - - Message : `Hg tag $(ESR_TAG)` - - [ ] Create new `tor-browser` branch with the discovered `gecko-dev` commit as `HEAD` named: - - `tor-browser-$(ESR_VERSION)esr-$(TOR_BROWSER_MAJOR).$(TOR-BROWSER_MINOR)-1` - - [ ] Push new branches and esr tag to origin - - [ ] Rebase previous `tor-browser` patches onto the new `gecko-dev` branch - - [ ] Compare patch-sets (ensure nothing *weird* happened during rebase): - - [ ] rangediff: `git range-diff $(ESR_TAG_PREV)..$(TOR_BROWSER_BRANCH_PREV) $(ESR_TAG)..$(TOR_BROWSER_BRANCH)` - - [ ] diff of diffs: - - Do the diff between `current_patchset.diff` and `rebased_patchset.diff` with your preferred `$(DIFF_TOOL)` and look at differences on lines that starts with + or - - - [ ] `git diff $(ESR_TAG_PREV)..$(TOR_BROWSER_BRANCH_PREV) > current_patchset.diff` - - [ ] `git diff $(ESR_TAG)..$(TOR_BROWSER_BRANCH) > rebased_patchset.diff` - - [ ] `$(DIFF_TOOL) current_patchset.diff rebased_patchset.diff` - - [ ] Open MR for the rebase - - [ ] Merge -- [ ] Sign/Tag `tor-browser` commit : - - Tag : `tor-browser-$(ESR_VERSION)esr-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(FIREFOX_BUILD_N)` - - Message : `Tagging $(FIREFOX_BUILD_N) for $(ESR_VERSION)esr-based stable` -- [ ] Create `base-browser` branch from rebased `tor-browser` branch named: - - `base-browser-$(ESR_VERSION)esr-$(TOR_BROWSER_MAJOR).$(TOR-BROWSER_MINOR)-1` - - **NOTE** : Currently we are using the `Bug 40926: Implemented the New Identity feature` commit as the final commit of `base-browser` before `tor-browser` -- [ ] Sign/Tag `base-browser` commit: - - Tag : `base-browser-$(ESR_VERSION)esr-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-build1` - - Message: `Tagging build1 for $(ESR_VERSION)esr-based stable` -- [ ] Push tags to `origin` - -</details> +**NOTE** It is assumed that the `tor-browser` rebase and security backport tasks have been completed <details> - <summary>Build</summary> + <summary>Build Configs</summary> ### tor-browser-build: https://gitlab.torproject.org/tpo/applications/tor-browser-build.git Tor Browser Stable lives in the various `maint-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)` (and possibly more specific) branches @@ -113,9 +36,9 @@ Tor Browser Stable lives in the various `maint-$(TOR_BROWSER_MAJOR).$(TOR_BROWSE - [ ] Update `rbm.conf` - [ ] `var/torbrowser_version` : update to next version - [ ] `var/torbrowser_build` : update to `$(TOR_BROWSER_BUILD_N)` - - [ ] ***(Optional, Desktop)*** `var/torbrowser_incremental_from` : update to previous Desktop version - - [ ] **IMPORTANT**: Really *actually* make sure this is the previous Desktop version or else the `make incrementals-*` step will fail -- [ ] ***(Optional)*** Update Desktop-specific build configs + - [ ] ***(Desktop Only)***`var/torbrowser_incremental_from` : update to previous Desktop version + - **IMPORTANT**: Really *actually* make sure this is the previous Desktop version or else the `make incrementals-*` step will fail +- [ ] Update Desktop-specific build configs - [ ] Update `projects/firefox/config` - [ ] `git_hash` : update the `$(BUILD_N)` section to match `tor-browser` tag - [ ] ***(Optional)*** `var/firefox_platform_version` : update to latest `$(ESR_VERSION)` if rebased @@ -125,7 +48,7 @@ Tor Browser Stable lives in the various `maint-$(TOR_BROWSER_MAJOR).$(TOR_BROWSE - [ ] `steps/base-browser-fluent/git_hash` : update with `HEAD` commit of project's `basebrowser-newidentityftl` branch - [ ] `steps/tor-browser/git_hash` : update with `HEAD` commit of project's `tor-browser` branch - [ ] `steps/fenix/git_hash` : update with `HEAD` commit of project's `fenix-torbrowserstringsxml` branch -- [ ] ***(Optional)*** Update Android-specific build configs +- [ ] Update Android-specific build configs - [ ] ***(Optional)*** Update `projects/geckoview/config` - [ ] `git_hash` : update the `$(BUILD_N)` section to match `tor-browser` tag - [ ] ***(Optional)*** `var/geckoview_version` : update to latest `$(ESR_VERSION)` if rebased @@ -161,7 +84,7 @@ Tor Browser Stable lives in the various `maint-$(TOR_BROWSER_MAJOR).$(TOR_BROWSE - [ ] ***(Optional)*** Update `projects/go/config` - [ ] `version` : update go version - [ ] `input_files/sha256sum` for `go` : update sha256sum of archive (sha256 sums are displayed on the go download page) - - [ ] ***(Optional)*** Update the manual : https://gitlab.torproject.org/tpo/web/manual/-/jobs/ + - [ ] Update the manual : https://gitlab.torproject.org/tpo/web/manual/-/jobs/ - [ ] Download the `artifacts.zip` file from latest build stage row (download icon button on the right) - [ ] Rename it to `manual_$PIPELINEID.zip` - [ ] Upload it to people.tpo @@ -176,40 +99,62 @@ Tor Browser Stable lives in the various `maint-$(TOR_BROWSER_MAJOR).$(TOR_BROWSE - Make sure you have `requests` installed (e.g., `apt install python3-requests`) - The first time you run this script you will need to generate an access token; the script will guide you - [ ] Copy the output of the script to the beginning of `ChangeLog.txt` and adjust its output - - At the moment, the script does not create a _Build System_ section - If you used the issue number, you will need to write the Tor Browser version manually + - [ ] Include any version updates for: + - [ ] translations + - [ ] OpenSSL + - [ ] NoScript + - [ ] Go + - [ ] zlib + - [ ] Include any ESR rebase for Firefox and GeckoView - [ ] Open MR with above changes - [ ] Begin build on `$(BUILD_SERVER)` (and fix any issues which come up and update MR) - [ ] Merge - [ ] Sign/Tag commit: `make signtag-release` - [ ] Push tag to `origin` + </details> <details> - <summary>Communications</summary> + <summary>Communications</summary> ### notify stakeholders + + <details> + <summary>email template</summary> + + Hello All, + + Unsigned Tor Browser $(TOR_BROWSER_VERSION) release candidate builds are now available for testing: + + - https://tb-build-05.torproject.org/~$(BUILDER)/builds/release/unsigned/$(TO… + + The full changelog can be found here: + + - https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/raw/main… + + </details> + - [ ] Email tor-qa mailing list: tor-qa(a)lists.torproject.org - - [ ] Provide links to unsigned builds on `$(BUILD_SERVER)` - - [ ] Note any new functionality which needs testing - - [ ] Link to any known issues + - Additional information: + - [ ] Note any new functionality which needs testing + - [ ] Link to any known issues - [ ] Email downstream consumers: - Recipients: - - [ ] Tails dev mailing list: tails-dev(a)boum.org - - [ ] Guardian Project: nathan(a)guardianproject.info - - [ ] torbrowser-launcher: micah(a)micahflee.com - - [ ] FreeBSD port: freebsd(a)sysctl.cz  - - [ ] OpenBSD port: caspar(a)schutijser.com  - - [ ] Provide links to unsigned builds on `$(BUILD_SERVER)` + - Tails dev mailing list: tails-dev(a)boum.org + - Guardian Project: nathan(a)guardianproject.info + - torbrowser-launcher: micah(a)micahflee.com + - FreeBSD port: freebsd(a)sysctl.cz  + - OpenBSD port: caspar(a)schutijser.com  - [ ] Note any changes which may affect packaging/downstream integration - [ ] Email upstream stakeholders: - - [ ] ***(Optional, after ESR migration)*** Cloudflare: ask-research(a)cloudflare.com + - ***(Optional, after ESR migration)*** Cloudflare: ask-research(a)cloudflare.com - **NOTE** : We need to provide them with updated user agent string so they can update their internal machinery to prevent Tor Browser users from getting so many CAPTCHAs </details> <details> - <summary>Signing/Publishing</summary> + <summary>Signing</summary> ### signing + publishing - [ ] Ensure builders have matching builds @@ -240,26 +185,32 @@ Tor Browser Stable lives in the various `maint-$(TOR_BROWSER_MAJOR).$(TOR_BROWSE - **NOTE**: at this point the signed binaries should have been copied to `staticiforme` - [ ] Update `staticiforme.torproject.org`: - From `screen` session on `staticiforme.torproject.org`: + - [ ] Static update components : `static-update-component cdn.torproject.org && static-update-component dist.torproject.org` + - [ ] Enable update responses : `sudo -u tb-release ./deploy_update_responses-release.sh` - [ ] Remove old release data from following places: - **NOTE** : Skip this step if the current release is Android or Desktop *only* - [ ] `/srv/cdn-master.torproject.org/htdocs/aus1/torbrowser` - [ ] `/srv/dist-master.torproject.org/htdocs/torbrowser` - - [ ] Static update components : `static-update-component cdn.torproject.org && static-update-component dist.torproject.org` - - [ ] Enable update responses : `sudo -u tb-release ./deploy_update_responses-release.sh` +- [ ] Static update components (again) : `static-update-component cdn.torproject.org && static-update-component - [ ] Publish APKs to Google Play: - Log into https://play.google.com/apps/publish - Select `Tor Browser` app - - Navigate to `Release > Production` and click `Create new release` button - - [ ] Upload the `*.multi.apk` APKs - - [ ] Update Release Name to Tor Browser version number - - [ ] Update Release Notes + - Navigate to `Release > Production` and click `Create new release` button: + - Upload the `*.multi.apk` APKs + - Update Release Name to Tor Browser version number + - Update Release Notes - Next to 'Release notes', click `Copy from a previous release` - - [ ] Edit blog post url to point to most recent blog post + - Edit blog post url to point to most recent blog post - Save, review, and configure rollout percentage - [ ] 25% rollout when publishing a scheduled update - [ ] 100% rollout when publishing a security-driven release - [ ] Update rollout percentage to 100% after confirmed no major issues +</details> + +<details> + <summary>Publishing</summary> + ### website: https://gitlab.torproject.org/tpo/web/tpo.git - [ ] `databags/versions.ini` : Update the downloads versions - `torbrowser-stable/version` : sort of a catch-all for latest stable version @@ -296,4 +247,3 @@ Tor Browser Stable lives in the various `maint-$(TOR_BROWSER_MAJOR).$(TOR_BROWSE </details> /label ~"Release Prep" - View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/e… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/e… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-102.8.0esr-12.5-1] Bug 41649: Create rebase and security backport gitlab issue templates
by Richard Pospesel (＠richard) 23 Feb '23

23 Feb '23

Richard Pospesel pushed to branch tor-browser-102.8.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: 85c86696 by Richard Pospesel at 2023-02-23T18:40:14+00:00 Bug 41649: Create rebase and security backport gitlab issue templates - - - - - 3 changed files: - + .gitlab/issue_templates/Backport Android Security Fixes.md - + .gitlab/issue_templates/Rebase Browser - Alpha.md - + .gitlab/issue_templates/Rebase Browser - Stable.md Changes: ===================================== .gitlab/issue_templates/Backport Android Security Fixes.md ===================================== @@ -0,0 +1,88 @@ +<details> + <summary>Explanation of Variables</summary> +- `$(ESR_VERSION)` : the Mozilla defined ESR version, used in various places for building tor-browser tags, labels, etc + - example : `102.8.0` +- `$(RR_VERSION)` : the Mozilla defined Rapid-Release version; Tor Browser for Android is based off of the `$(ESR_VERSION)`, but Mozilla's Firefox for Android is based off of the `$(RR_VERSION)` so we need to keep track of security vulnerabilities to backport from the monthly Rapid-Release train and our frozen ESR train. + - example: `110` +- `$(TOR_BROWSER_MAJOR)` : the Tor Browser major version + - example : `12` +- `$(TOR_BROWSER_MINOR)` : the Tor Browser minor version + - example : either `0` or `5`; Alpha's is always `(Stable + 5) % 10` +- `$(BUILD_N)` : a project's build revision within a its branch; many of the Firefox-related projects have a `$(BUILD_N)` suffix and may differ between projects even when they contribute to the same build. + - example : `build1` +</details> + +**NOTE:** It is assumed the `tor-browser` rebase has already happened and there exists a `build1` build tag for both `base-browser` and `tor-browser` + +### **Bookkeeping** + +- [ ] Link this issue to the appropriate [Release Prep](https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/is… issues (stable and alpha). + +### **Security Vulnerabilities Report** : https://www.mozilla.org/en-US/security/advisories/ + +- Potentially Affected Components: + - `firefox`/`geckoview` : https://github.com/mozilla/gecko-dev + - `application-services` : https://github.com/mozilla/application-services + - `android-components` : https://github.com/mozilla-mobile/firefox-android + - `fenix` : https://github.com/mozilla-mobile/firefox-android + +**NOTE:** `android-components` and `fenix` used to have their own repos, but since November 2022 they have converged to a single `firefox-android` repo. Any backports will require manually porting patches over to our legacy repos. + +- [ ] Go through any `Security Vulnerabilities fixed in Firefox $(RR_VERSION)` (or similar) and create a candidate list of CVEs which potentially need to be backported in this issue: + - CVEs which are explicitly labeled as 'Android' only + - CVEs which are fixed in Rapid Release but not in ESR + - 'Memory safety bugs' fixed in Rapid Release but not in ESR +- [ ] Foreach issue: + - Create link to the CVE on [mozilla.org](https://www.mozilla.org/en-US/security/advisories/) + - example: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-257… + - Create link to the associated Bugzilla issues (found in the CVE description) + - Create a link to the relevant `gecko-dev`/other commit hashes which need to be backported OR a brief justification for why the fix does not need to be backported + - To find the `gecko-dev` version of a `mozilla-central`, search for a unique string in the relevant `mozilla-central` commit message in the `gecko-dev/release` branch log. + - **NOTE:** This process is unfortunately somewhat poorly defined/ad-hoc given the general variation in how Bugzilla issues are labeled and resolved. In general this is going to involve a bit of hunting to identify needed commits or determining whether or not the fix is relevant. + + +### **tor-browser** : https://gitlab.torproject.org/tpo/applications/tor-browser.git +- [ ] Backport any Android-specific security fixes from Firefox rapid-release + - [ ] Sign/Tag commit: + - Tag : `tor-browser-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)` + - Message: `Tagging $(BUILD_N) for $(ESR_VERSION)-based alpha)` + - [ ] Push tag to `origin` +**OR** +- [ ] No backports + +### **application-services** : *TODO: we will need to setup a gitlab copy of this repo that we can apply security backports to if there are ever any security issues here* +- [ ] Backport any Android-specific security fixes from Firefox rapid-release + - [ ] Sign/Tag commit: + - Tag : `application-services-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)` + - Message: `Tagging $(BUILD_N) for $(ESR_VERSION)-based alpha` + - [ ] Push tag to `origin` + **OR** +- [ ] No backports + + +### **android-components** : https://gitlab.torproject.org/tpo/applications/android-components.git +- [ ] Backport any Android-specific security fixes from Firefox rapid-release + - **NOTE**: Since November 2022, this repo has been merged with `fenix` into a singular `firefox-android` repo: https://github.com/mozilla-mobile/firefox-android. Any backport will require a patch rewrite to apply to our legacy `android-components` project. + - [ ] Sign/Tag commit: + - Tag : `android-components-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)` + - Message: `Tagging $(BUILD_N) for $(ESR_VERSION)-based alpha)` + - [ ] Push tag to `origin` +**OR** +- [ ] No backports + + +### **fenix** : https://gitlab.torproject.org/tpo/applications/fenix.git +- [ ] Backport any Android-specific security fixes from Firefox rapid-release + - **NOTE**: Since February 2023, this repo has been merged with `android-components` into a singular `firefox-android` repo: https://github.com/mozilla-mobile/firefox-android. Any backport will require a patch rewrite to apply to our legacy `fenix` project. + - [ ] Sign/Tag commit: + - Tag : `tor-browser-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)` + - Message: `Tagging $(BUILD_N) for $(ESR_VERSION)-based alpha)` + - [ ] Push tag to `origin` +**OR** +- [ ] No backports + +### CVEs + + + +/confidential ===================================== .gitlab/issue_templates/Rebase Browser - Alpha.md ===================================== @@ -0,0 +1,81 @@ +**NOTE:** All examples reference the rebase from 102.7.0esr to 102.8.0esr + +<details> + <summary>Explanation of Variables</summary> +- `$(ESR_VERSION)` : the Mozilla defined ESR version, used in various places for building tor-browser tags, labels, etc + - example : `102.8.0` +- `$(ESR_TAG)` : the Mozilla defined hg (Mercurial) tag associated with `$(ESR_VERSION)` + - example : `FIREFOX_102_8_0esr_RELEASE` +- `$(ESR_TAG_PREV)` : the Mozilla defined hg (Mercurial) tag associated with the previous ESR version when rebasing (ie, the ESR version we are rebasing from) +- `$(BROWSER_MAJOR)` : the browser major version + - example : `12` +- `$(BROWSER_MINOR)` : the browser minor version + - example : either `0` or `5`; Alpha's is always `(Stable + 5) % 10` +- `$(BASE_BROWSER_BRANCH)` : the full name of the current `base-browser` branch + - example: `base-browser-102.8.0esr-12.5-1` +- `$(BASE_BROWSER_BRANCH_PREV)` : the full name of the previous `base-browser` branch + - example: `base-browser-102.7.0esr-12.5-1` +- `$(TOR_BROWSER_BRANCH)` : the full name of the current `tor-browser` branch + - example: `tor-browser-102.8.0esr-12.5-1` +- `$(TOR_BROWSER_BRANCH_PREV)` : the full name of the previous `tor-browser` branch + - example: `tor-browser-102.7.0esr-12.5-1` +</details> + +**NOTE:** It is assumed that we've already identified the new esr branch during the tor-browser stable rebase + +### **Bookkeeping** + +- [ ] Link this issue to the appropriate [Release Prep](https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/is… issue. + +### **Rebase base-browser** + +- [ ] Checkout a new branch for the `base-browser` rebase + - example: `git branch base-browser-rebase FIREFOX_102_8_0esr_BUILD1` +- [ ] Cherry-pick the previous `base-browser` commits up to `base-browser`'s `build1` tag onto new `base-browser` rebase branch + - example: `git cherry-pick FIREFOX_102_7_0esr_BUILD1..base-browser-102.7.0esr-12.5-1-build1` +- [ ] Rebase and autosquash these cherry-picked commits + - example: `git rebase --autosquash --interactive FIREFOX_102_8_0esr_BUILD1 HEAD` +- [ ] Cherry-pick remainder of patches after the `build1` tag + - example: `git cherry-pick base-browser-102.7.0esr-12.5-1-build1 origin/base-browser-102.7.0esr-12.5-1` +- [ ] Compare patch sets to ensure nothing *weird* happened during conflict resolution: + - [ ] diff of diffs: + - Do the diff between `current_patchset.diff` and `rebased_patchset.diff` with your preferred difftool and look at differences on lines that starts with + or - + - `git diff $(ESR_TAG_PREV)..$(BASE_BROWSER_BRANCH_PREV) > current_patchset.diff` + - `git diff $(ESR_TAG)..$(BASE_BROWSER_BRANCH) > rebased_patchset.diff` + - diff `current_patchset.diff` and `rebased_patchset.diff` + - If everything went correctly, the only lines which should differ should be the lines starting with `index abc123...def456` + - [ ] rangediff: `git range-diff $(ESR_TAG_PREV)..$(BASE_BROWSER_BRANCH_PREV) $(ESR_TAG)..HEAD` + - example: `git range-dif FIREFOX_102_7_0esr_BUILD1..origin/base-browser-102.7.0esr-12.5-1 FIREFOX_102_8_0esr_BUILD1..HEAD` +- [ ] Open MR for the `base-browser` rebase +- [ ] Merge +- [ ] Sign/Tag HEAD of the merged new `base-browser` branch: + - Tag : `base-browser-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1-build1` + - Message : `Tagging build1 for $(ESR_VERSION)esr-based alpha` +- [ ] Push tag to `origin` + +### **Rebase tor-browser** + +- [ ] Checkout a new branch for the `tor-browser` rebase starting from the `base-browser` `build1` tag + - example: `git branch tor-browser-rebase base-browser-102.8.0esr-12.5-1-build1` +- [ ] Cherry-pick the previous `tor-browser` commits from `base-browser`'s previous `build1` tag up to `tor-browser`'s newest `buildN` tag (not necessarily `build1` if we have multiple build tags) + - example: `git cherry-pick base-browser-102.7.0esr-12.5-1-build1..tor-browser-102.7.0esr-12.5-1-build1` +- [ ] Rebase and autosquash these cherry-picked commits (from the last new `base-browser` commit to `HEAD`) + - example: `git rebase --autosquash --interactive base-browser-102.8.0esr-12.5-1-build1 HEAD` +- [ ] Cherry-pick remainder of patches after the last `buildN` tag + - example: `git cherry-pick base-browser-102.7.0esr-12.5-1-build1..origin/tor-browser-102.7.0esr-12.5-1` +- [ ] Compare patch sets to ensure nothing *weird* happened during conflict resolution: + - [ ] diff of diffs: + - Do the diff between `current_patchset.diff` and `rebased_patchset.diff` with your preferred difftool and look at differences on lines that starts with + or - + - `git diff $(ESR_TAG_PREV)..$(BROWSER_BRANCH_PREV) > current_patchset.diff` + - `git diff $(ESR_TAG)..$(BROWSER_BRANCH) > rebased_patchset.diff` + - diff `current_patchset.diff` and `rebased_patchset.diff` + - If everything went correctly, the only lines which should differ should be the lines starting with `index abc123...def456` + - [ ] rangediff: `git range-diff $(ESR_TAG_PREV)..$(TOR_BROWSER_BRANCH_PREV) $(ESR_TAG)..HEAD` + - example: `git range-dif FIREFOX_102_7_0esr_BUILD1..origin/tor-browser-102.7.0esr-12.5-1 FIREFOX_102_8_0esr_BUILD1..HEAD` +- [ ] Open MR for the `tor-browser` rebase +- [ ] Merge +- [ ] Sign/Tag HEAD of the merged new `tor-browser` branch: + - Tag : `tor-browser-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1-build1` + - Message : `Tagging build1 for $(ESR_VERSION)esr-based alpha` +- [ ] Push tag to `origin` + ===================================== .gitlab/issue_templates/Rebase Browser - Stable.md ===================================== @@ -0,0 +1,100 @@ +**NOTE:** All examples reference the rebase from 102.7.0esr to 102.8.0esr + +<details> + <summary>Explanation of variables</summary> +- `$(ESR_VERSION)` : the Mozilla defined ESR version, used in various places for building tor-browser tags, labels, etc + - example : `102.8.0` +- `$(ESR_TAG)` : the Mozilla defined hg (Mercurial) tag associated with `$(ESR_VERSION)` + - example : `FIREFOX_102_8_0esr_RELEASE` +- `$(ESR_TAG_PREV)` : the Mozilla defined hg (Mercurial) tag associated with the previous ESR version when rebasing (ie, the ESR version we are rebasing from) +- `$(BROWSER_MAJOR)` : the browser major version + - example : `12` +- `$(BROWSER_MINOR)` : the browser minor version + - example : either `0` or `5`; Alpha's is always `(Stable + 5) % 10` +- `$(BASE_BROWSER_BRANCH)` : the full name of the current `base-browser` branch + - example: `base-browser-102.8.0esr-12.0-1` +- `$(BASE_BROWSER_BRANCH_PREV)` : the full name of the previous `base-browser` branch + - example: `base-browser-102.7.0esr-12.0-1` +- `$(TOR_BROWSER_BRANCH)` : the full name of the current `tor-browser` branch + - example: `tor-browser-102.8.0esr-12.0-1` +- `$(TOR_BROWSER_BRANCH_PREV)` : the full name of the previous `tor-browser` branch + - example: `tor-browser-102.7.0esr-12.0-1` +</details> + +### **Bookkeeping** + +- [ ] Link this issue to the appropriate [Release Prep](https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/is… issue. + +### **Identify the Firefox Tagged Commit and Create New Branches** + +- [ ] Find the Firefox mercurial tag here : https://hg.mozilla.org/releases/mozilla-esr102/tags + - example: `FIREFOX_102_8_0esr_BUILD1` +- [ ] Find the analogous `gecko-dev` commit : https://github.com/mozilla/gecko-dev + - Search for unique string found in the mercurial commit in the `gecko-dev/esr102` branch + - example: 3a3a96c9eedd02296d6652dd50314fccbc5c4845 +- [ ] Sign and Tag `gecko-dev` commit + - Sign/Tag `gecko-dev` commit : + - Tag : `$(ESR_TAG)` + - Message : `Hg tag $(ESR_TAG)` +- [ ] Create new stable `base-browser` branch from tag + - branch name in the form: `base-browser-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1` + - example: `base-browser-102.8.0esr-12.0-1` +- [ ] Create new stable `tor-browser` branch from + - branch name in the form: `tor-browser-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1` + - example: `tor-browser-102.8.0esr-12.0-1` +- [ ] Push new `base-browser` branch to `origin` +- [ ] Push new `tor-browser` branch to `origin` +- [ ] Push new `$(ESR_TAG)` to `origin` + +### **Rebase base-browser** + +- [ ] Checkout a new branch for the `base-browser` rebase + - example: `git branch base-browser-rebase FIREFOX_102_8_0esr_BUILD1` +- [ ] Cherry-pick the previous `base-browser` commits up to `base-browser`'s `build1` tag onto new `base-browser` rebase branch + - example: `git cherry-pick FIREFOX_102_7_0esr_BUILD1..base-browser-102.7.0esr-12.0-1-build1` +- [ ] Rebase and autosquash these cherry-picked commits + - example: `git rebase --autosquash --interactive FIREFOX_102_8_0esr_BUILD1 HEAD` +- [ ] Cherry-pick remainder of patches after the `build1` tag + - example: `git cherry-pick base-browser-102.7.0esr-12.0-1-build1 origin/base-browser-102.7.0esr-12.0-1` +- [ ] Compare patch sets to ensure nothing *weird* happened during conflict resolution: + - [ ] diff of diffs: + - Do the diff between `current_patchset.diff` and `rebased_patchset.diff` with your preferred difftool and look at differences on lines that starts with + or - + - `git diff $(ESR_TAG_PREV)..$(BASE_BROWSER_BRANCH_PREV) > current_patchset.diff` + - `git diff $(ESR_TAG)..$(BASE_BROWSER_BRANCH) > rebased_patchset.diff` + - diff `current_patchset.diff` and `rebased_patchset.diff` + - If everything went correctly, the only lines which should differ should be the lines starting with `index abc123...def456` + - [ ] rangediff: `git range-diff $(ESR_TAG_PREV)..$(BASE_BROWSER_BRANCH_PREV) $(ESR_TAG)..HEAD` + - example: `git range-dif FIREFOX_102_7_0esr_BUILD1..origin/base-browser-102.7.0esr-12.0-1 FIREFOX_102_8_0esr_BUILD1..HEAD` +- [ ] Open MR for the `base-browser` rebase +- [ ] Merge +- [ ] Sign/Tag HEAD of the merged new `base-browser` branch: + - Tag : `base-browser-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1-build1` + - Message : `Tagging build1 for $(ESR_VERSION)esr-based stable` +- [ ] Push tag to `origin` + +### **Rebase tor-browser** + +- [ ] Checkout a new branch for the `tor-browser` rebase starting from the `base-browser` `build1` tag + - example: `git branch tor-browser-rebase base-browser-102.8.0esr-12.0-1-build1` +- [ ] Cherry-pick the previous `tor-browser` commits from `base-browser`'s previous `build1` tag up to `tor-browser`'s newest `buildN` tag (not necessarily `build1` if we have multiple build tags) + - example: `git cherry-pick base-browser-102.7.0esr-12.0-1-build1..tor-browser-102.7.0esr-12.0-1-build1` +- [ ] Rebase and autosquash these cherry-picked commits (from the last new `base-browser` commit to `HEAD`) + - example: `git rebase --autosquash --interactive base-browser-102.8.0esr-12.0-1-build1 HEAD` +- [ ] Cherry-pick remainder of patches after the last `buildN` tag + - example: `git cherry-pick base-browser-102.7.0esr-12.0-1-build1..origin/tor-browser-102.7.0esr-12.0-1` +- [ ] Compare patch sets to ensure nothing *weird* happened during conflict resolution: + - [ ] diff of diffs: + - Do the diff between `current_patchset.diff` and `rebased_patchset.diff` with your preferred difftool and look at differences on lines that starts with + or - + - `git diff $(ESR_TAG_PREV)..$(BROWSER_BRANCH_PREV) > current_patchset.diff` + - `git diff $(ESR_TAG)..$(BROWSER_BRANCH) > rebased_patchset.diff` + - diff `current_patchset.diff` and `rebased_patchset.diff` + - If everything went correctly, the only lines which should differ should be the lines starting with `index abc123...def456` + - [ ] rangediff: `git range-diff $(ESR_TAG_PREV)..$(TOR_BROWSER_BRANCH_PREV) $(ESR_TAG)..HEAD` + - example: `git range-dif FIREFOX_102_7_0esr_BUILD1..origin/tor-browser-102.7.0esr-12.0-1 FIREFOX_102_8_0esr_BUILD1..HEAD` +- [ ] Open MR for the `tor-browser` rebase +- [ ] Merge +- [ ] Sign/Tag HEAD of the merged new `tor-browser` branch: + - Tag : `tor-browser-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1-build1` + - Message : `Tagging build1 for $(ESR_VERSION)esr-based stable` +- [ ] Push tag to `origin` + View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/85c8669… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/85c8669… You're receiving this email because of your account on gitlab.torproject.org.

1 0