- tbb-commits - lists.torproject.org

[Git][tpo/applications/mullvad-browser] Pushed new tag base-browser-128.5.0esr-14.5-1-build1
by Pier Angelo Vendrame (＠pierov) 21 Nov '24

21 Nov '24

Pier Angelo Vendrame pushed new tag base-browser-128.5.0esr-14.5-1-build1 at The Tor Project / Applications / Mullvad Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/base-… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag base-browser-128.5.0esr-14.5-1-build1
by Pier Angelo Vendrame (＠pierov) 21 Nov '24

21 Nov '24

Pier Angelo Vendrame pushed new tag base-browser-128.5.0esr-14.5-1-build1 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/base-brow… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new branch base-browser-128.5.0esr-14.5-1
by Pier Angelo Vendrame (＠pierov) 21 Nov '24

21 Nov '24

Pier Angelo Vendrame pushed new branch base-browser-128.5.0esr-14.5-1 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/base-brow… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] 4 commits: Bug 41266: Add the linux-aarch64 target to Firefox
by boklm (＠boklm) 21 Nov '24

21 Nov '24

boklm pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 3a0f6937 by NoisyCoil at 2024-11-21T11:04:34+01:00 Bug 41266: Add the linux-aarch64 target to Firefox - - - - - 2def046d by NoisyCoil at 2024-11-21T11:04:40+01:00 Bug 41266: Do not require SSE2 support on non-x86 targets in start-browser - - - - - 32a0ef3c by NoisyCoil at 2024-11-21T11:04:42+01:00 Bug 41266: Add the linux-aarch64 target to release and Makefile - - - - - 860ce1a5 by NoisyCoil at 2024-11-21T11:04:43+01:00 Bug 41266: Add linux-aarch64 to browser-all{,-desktop} if testbuild or nightly Also, add a 'browser-all-target' target to make this possible. Co-authored-by: Nicolas Vigier <boklm(a)torproject.org> - - - - - 7 changed files: - Makefile - projects/browser/RelativeLink/start-browser - projects/firefox/build - projects/firefox/config - projects/firefox/mozconfig - projects/release/build - projects/release/config Changes: ===================================== Makefile ===================================== @@ -36,6 +36,9 @@ torbrowser-release-linux-x86_64-asan: submodule-update torbrowser-release-linux-i686: submodule-update $(rbm) build release --target release --target browser-linux-i686 --target torbrowser +torbrowser-release-linux-aarch64: submodule-update + $(rbm) build release --target release --target browser-linux-aarch64 --target torbrowser + torbrowser-release-windows-i686: submodule-update $(rbm) build release --target release --target browser-windows-i686 --target torbrowser @@ -75,6 +78,9 @@ torbrowser-alpha-linux-x86_64: submodule-update torbrowser-alpha-linux-x86_64-asan: submodule-update $(rbm) build release --target alpha --target browser-linux-x86_64-asan --target torbrowser +torbrowser-alpha-linux-aarch64: submodule-update + $(rbm) build release --target alpha --target browser-linux-aarch64 --target torbrowser + torbrowser-alpha-linux-i686: submodule-update $(rbm) build release --target alpha --target browser-linux-i686 --target torbrowser @@ -117,6 +123,9 @@ torbrowser-nightly-linux-x86_64: submodule-update torbrowser-nightly-linux-x86_64-asan: submodule-update $(rbm) build release --target nightly --target browser-linux-x86_64-asan --target torbrowser +torbrowser-nightly-linux-aarch64: submodule-update + $(rbm) build release --target nightly --target browser-linux-aarch64 --target torbrowser + torbrowser-nightly-linux-i686: submodule-update $(rbm) build release --target nightly --target browser-linux-i686 --target torbrowser @@ -162,6 +171,9 @@ torbrowser-testbuild-linux-x86_64-asan: submodule-update torbrowser-testbuild-linux-i686: submodule-update $(rbm) build release --target testbuild --target browser-linux-i686 --target torbrowser +torbrowser-testbuild-linux-aarch64: submodule-update + $(rbm) build release --target testbuild --target browser-linux-aarch64 --target torbrowser + torbrowser-testbuild-windows-x86_64: submodule-update $(rbm) build release --target testbuild --target browser-windows-x86_64 --target torbrowser @@ -274,6 +286,9 @@ basebrowser-release-linux-x86_64-asan: submodule-update basebrowser-release-linux-i686: submodule-update $(rbm) build release --target release --target browser-linux-i686 --target basebrowser +basebrowser-release-linux-aarch64: submodule-update + $(rbm) build release --target release --target browser-linux-aarch64 --target basebrowser + basebrowser-release-windows-i686: submodule-update $(rbm) build release --target release --target browser-windows-i686 --target basebrowser @@ -316,6 +331,9 @@ basebrowser-alpha-linux-x86_64-asan: submodule-update basebrowser-alpha-linux-i686: submodule-update $(rbm) build release --target alpha --target browser-linux-i686 --target basebrowser +basebrowser-alpha-linux-aarch64: submodule-update + $(rbm) build release --target alpha --target browser-linux-aarch64 --target basebrowser + basebrowser-alpha-windows-i686: submodule-update $(rbm) build release --target alpha --target browser-windows-i686 --target basebrowser @@ -358,6 +376,9 @@ basebrowser-nightly-linux-x86_64-asan: submodule-update basebrowser-nightly-linux-i686: submodule-update $(rbm) build release --target nightly --target browser-linux-i686 --target basebrowser +basebrowser-nightly-linux-aarch64: submodule-update + $(rbm) build release --target nightly --target browser-linux-aarch64 --target basebrowser + basebrowser-nightly-windows-i686: submodule-update $(rbm) build release --target nightly --target browser-windows-i686 --target basebrowser @@ -400,6 +421,9 @@ basebrowser-testbuild-linux-x86_64-asan: submodule-update basebrowser-testbuild-linux-i686: submodule-update $(rbm) build release --target testbuild --target browser-linux-i686 --target basebrowser +basebrowser-testbuild-linux-aarch64: submodule-update + $(rbm) build release --target testbuild --target browser-linux-aarch64 --target basebrowser + basebrowser-testbuild-windows-x86_64: submodule-update $(rbm) build release --target testbuild --target browser-windows-x86_64 --target basebrowser @@ -440,6 +464,9 @@ mullvadbrowser-release-linux-x86_64: submodule-update mullvadbrowser-release-linux-x86_64-asan: submodule-update $(rbm) build release --target release --target browser-linux-x86_64-asan --target mullvadbrowser +mullvadbrowser-release-linux-aarch64: submodule-update + $(rbm) build release --target release --target browser-linux-aarch64 --target mullvadbrowser + mullvadbrowser-release-windows-x86_64: submodule-update $(rbm) build release --target release --target browser-windows-x86_64 --target mullvadbrowser @@ -461,6 +488,9 @@ mullvadbrowser-alpha-linux-x86_64: submodule-update mullvadbrowser-alpha-linux-x86_64-asan: submodule-update $(rbm) build release --target alpha --target browser-linux-x86_64-asan --target mullvadbrowser +mullvadbrowser-alpha-linux-aarch64: submodule-update + $(rbm) build release --target alpha --target browser-linux-aarch64 --target mullvadbrowser + mullvadbrowser-alpha-windows-x86_64: submodule-update $(rbm) build release --target alpha --target browser-windows-x86_64 --target mullvadbrowser @@ -482,6 +512,9 @@ mullvadbrowser-nightly-linux-x86_64: submodule-update mullvadbrowser-nightly-linux-x86_64-asan: submodule-update $(rbm) build release --target nightly --target browser-linux-x86_64-asan --target mullvadbrowser +mullvadbrowser-nightly-linux-aarch64: submodule-update + $(rbm) build release --target nightly --target browser-linux-aarch64 --target mullvadbrowser + mullvadbrowser-nightly-windows-x86_64: submodule-update $(rbm) build release --target nightly --target browser-windows-x86_64 --target mullvadbrowser @@ -503,6 +536,9 @@ mullvadbrowser-testbuild-linux-x86_64: submodule-update mullvadbrowser-testbuild-linux-x86_64-asan: submodule-update $(rbm) build release --target testbuild --target browser-linux-x86_64-asan --target mullvadbrowser +mullvadbrowser-testbuild-linux-aarch64: submodule-update + $(rbm) build release --target testbuild --target browser-linux-aarch64 --target mullvadbrowser + mullvadbrowser-testbuild-windows-x86_64: submodule-update $(rbm) build release --target testbuild --target browser-windows-x86_64 --target mullvadbrowser ===================================== projects/browser/RelativeLink/start-browser ===================================== @@ -87,10 +87,12 @@ if [ "`id -u`" -eq 0 ]; then exit 1 fi +[% IF c('var/linux-i686') || c('var/linux-x86_64') -%] if test -r /proc/cpuinfo && ! grep -q '^flags\s*:.* sse2' /proc/cpuinfo; then complain "[% c('var/Project_Name') %] requires a CPU with SSE2 support. Exiting." exit 1 fi +[% END -%] print_usage () { printf "\n[% c('var/Project_Name') %] Script Options\n" ===================================== projects/firefox/build ===================================== @@ -20,16 +20,21 @@ mkdir -p [% out_dir %] tar -C /var/tmp/dist -xf [% c('input_files_by_name/rust') %] tar -C /var/tmp/dist -xf [% c('input_files_by_name/cbindgen') %] -tar -C /var/tmp/dist -xf [% c('input_files_by_name/nasm') %] tar -C /var/tmp/dist -xf [% c('input_files_by_name/node') %] -export PATH="/var/tmp/dist/rust/bin:/var/tmp/dist/cbindgen:/var/tmp/dist/nasm/bin:/var/tmp/dist/node/bin:$PATH" +[% IF ! c("var/linux-aarch64") -%] + tar -C /var/tmp/dist -xf [% c('input_files_by_name/nasm') %] + export PATH="/var/tmp/dist/nasm/bin:$PATH" +[% END -%] +export PATH="/var/tmp/dist/rust/bin:/var/tmp/dist/cbindgen:/var/tmp/dist/node/bin:$PATH" [% IF c("var/linux") -%] tar -C /var/tmp/dist -xf [% c('input_files_by_name/clang') %] tar -C /var/tmp/dist -xf [% c('input_files_by_name/python') %] export PATH="/var/tmp/dist/python/bin:$PATH" - tar -C /var/tmp/dist -xf $rootdir/[% c('input_files_by_name/binutils') %] - export PATH="/var/tmp/dist/binutils/bin:$PATH" + [% IF ! c("var/linux-cross") -%] + tar -C /var/tmp/dist -xf $rootdir/[% c('input_files_by_name/binutils') %] + export PATH="/var/tmp/dist/binutils/bin:$PATH" + [% END -%] # Use clang for everything on Linux now if we don't build with ASan. [% IF ! c("var/asan") -%] export PATH="/var/tmp/dist/clang/bin:$PATH" @@ -39,6 +44,8 @@ export PATH="/var/tmp/dist/rust/bin:/var/tmp/dist/cbindgen:/var/tmp/dist/nasm/bi # breakage in Rust code. It seems that environment variable is not passed # down properly in that case. Thus, we set it here in the build script. export PKG_CONFIG_PATH="${PKG_CONFIG_PATH}:/usr/lib/i386-linux-gnu/pkgconfig" + [% ELSIF c("var/linux-cross") -%] + export PKG_CONFIG_PATH="${PKG_CONFIG_PATH}:/usr/lib/[% c("var/crosstarget") %]/pkgconfig" [% END -%] [% END -%] @@ -296,14 +303,21 @@ cp -L obj-*/dist/bin/geckodriver* $distdir cd $distdir [% IF c("var/linux") -%] + [% IF c("var/linux-cross") -%] + CROSS_PREFIX=[% c("var/crosstarget") %]- + [% END -%] + + OBJCOPY="${CROSS_PREFIX}objcopy" + STRIP="${CROSS_PREFIX}strip" + mkdir -p $distdir/Debug/Browser # Strip and generate debuginfo for the firefox binary that we keep, all *.so # files, and the updater (see ticket #10126) for LIB in Browser/*.so "Browser/[% c('var/exe_name') %].real" [% IF c("var/updater_enabled") -%]Browser/updater[% END %] do - objcopy --only-keep-debug $LIB Debug/$LIB - strip $LIB - objcopy --add-gnu-debuglink=./Debug/$LIB $LIB + "$OBJCOPY" --only-keep-debug $LIB Debug/$LIB + "$STRIP" $LIB + "$OBJCOPY" --add-gnu-debuglink=./Debug/$LIB $LIB done [% END -%] @@ -328,15 +342,19 @@ END; %] [% IF c("var/linux") -%] - /var/tmp/dist/gcc/bin/g++ $rootdir/abicheck.cc -o Browser/abicheck -std=c++17 + /var/tmp/dist/gcc/bin/"${CROSS_PREFIX}g++" $rootdir/abicheck.cc -o Browser/abicheck -std=c++17 [% IF !c("var/tor-browser") -%] libdest=Browser/libstdc++ mkdir -p "$libdest" + libdir=[% c("var/libdir") %] + [% IF c("var/linux-cross") -%] + libdir="[% c("var/crosstarget") %]/$libdir" + [% END -%] # FIXME: tor-browser-build#40749 - cp /var/tmp/dist/gcc/[% c("var/libdir") %]/libstdc++.so.* "$libdest" + cp "/var/tmp/dist/gcc/$libdir/libstdc++.so."* "$libdest" [% IF c("var/asan") -%] - cp /var/tmp/dist/gcc/[% c("var/libdir") %]/libasan.so.* "$libdest" - cp /var/tmp/dist/gcc/[% c("var/libdir") %]/libubsan.so.* "$libdest" + cp "/var/tmp/dist/gcc/$libdir/libasan.so."* "$libdest" + cp "/var/tmp/dist/gcc/$libdir/libubsan.so."* "$libdest" [% END -%] [% END -%] [% END -%] ===================================== projects/firefox/config ===================================== @@ -143,6 +143,23 @@ targets: - libdrm-dev:i386 libdir: lib32 + linux-aarch64: + var: + arch_deps: + - libgtk2.0-dev:arm64 + - libgtk-3-dev:arm64 + - libdbus-glib-1-dev:arm64 + - libxt-dev:arm64 + # To pass configure since ESR 31 + - libpulse-dev:arm64 + # To pass configure since ESR 52 + - libx11-xcb-dev:arm64 + # To pass configure since ESR 102 + - libasound2-dev:arm64 + # To support Wayland mode + - libdrm-dev:arm64 + libdir: lib64 + macos: var: nightly_updates_publish_dir: '[% c("var/nightly_updates_publish_dir_prefix") %]nightly-macos' @@ -162,9 +179,10 @@ input_files: - project: container-image - name: '[% c("var/compiler") %]' project: '[% c("var/compiler") %]' + # Cross-binutils are already included in the cross-compiler - project: binutils name: binutils - enable: '[% c("var/linux") %]' + enable: '[% c("var/linux") && ! c("var/linux-cross") %]' - filename: fix-info-plist.py enable: '[% c("var/macos") %]' - filename: nsis-uninstall.patch @@ -183,6 +201,7 @@ input_files: name: node - project: nasm name: nasm + enable: '[% ! c("var/linux-aarch64") %]' - project: python name: python enable: '[% c("var/linux") %]' ===================================== projects/firefox/mozconfig ===================================== @@ -13,6 +13,10 @@ # set LDFLAGS for Full RELRO export LDFLAGS="-Wl,-z,relro -Wl,-z,now" + + [% IF c("var/linux-cross") -%] + export LDFLAGS="-L/var/tmp/dist/gcc/[% c("var/crosstarget") %]/lib $LDFLAGS" + [% END -%] [% END -%] [% IF c("var/windows") -%] ===================================== projects/release/build ===================================== @@ -37,6 +37,9 @@ mkdir -p "$destdir" [% IF c("var/browser-linux-x86_64") -%] mv [% c('input_files_by_name/linux-x86_64') %]/* "$destdir"/ [% END -%] +[% IF c("var/browser-linux-aarch64") -%] + mv [% c('input_files_by_name/linux-aarch64') %]/* "$destdir"/ +[% END -%] [% IF c("var/linux-packages") -%] mv [% c('input_files_by_name/deb-packages') %]/* "$destdir"/ mv [% c('input_files_by_name/rpm-packages') %]/* "$destdir"/ ===================================== projects/release/config ===================================== @@ -12,6 +12,7 @@ targets: browser-all: - browser-linux-x86_64 - browser-linux-i686 + - browser-linux-aarch64 - browser-windows-i686 - browser-windows-x86_64 - browser-macos @@ -20,13 +21,16 @@ targets: - browser-android-x86_64 - browser-android-aarch64 - browser-src + - browser-all-target browser-all-desktop: - browser-linux-x86_64 - browser-linux-i686 + - browser-linux-aarch64 - browser-windows-i686 - browser-windows-x86_64 - browser-macos - browser-src + - browser-all-target browser-all-android: - browser-android-armv7 - browser-android-x86 @@ -56,6 +60,10 @@ targets: var: browser-linux-i686: '[% c("var/browser_type") != "mullvadbrowser" %]' linux-packages: '[% c("var/mullvad-browser") || c("var/tor-browser-linux-packages") %]' + browser-linux-aarch64: + var: + browser-linux-aarch64: '[% ! c("var/browser-all-target") || c("var/testbuild") || c("var/nightly") %]' + linux-packages: 0 browser-windows-i686: var: browser-windows-i686: '[% c("var/browser_type") != "mullvadbrowser" %]' @@ -77,6 +85,9 @@ targets: browser-src-testbuild: var: browser-src: 1 + browser-all-target: + var: + browser-all-target: 1 notarget: - torbrowser @@ -189,6 +200,13 @@ input_files: - '[% c("var/build_target") %]' - '[% c("var/browser_type") %]-linux-i686' + - name: linux-aarch64 + project: browser + enable: '[% c("var/browser-linux-aarch64") %]' + target: + - '[% c("var/build_target") %]' + - '[% c("var/browser_type") %]-linux-aarch64' + - name: deb-packages project: linux-packages enable: '[% c("var/linux-packages") %]' View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag tor-browser-128.5.0esr-14.5-1-build1
by Pier Angelo Vendrame (＠pierov) 21 Nov '24

21 Nov '24

Pier Angelo Vendrame pushed new tag tor-browser-128.5.0esr-14.5-1-build1 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.5.0esr-14.5-1] 279 commits: Bug 1436226: Ignore user prefs and hardware support for media capabilities...
by Pier Angelo Vendrame (＠pierov) 21 Nov '24

21 Nov '24

Pier Angelo Vendrame pushed to branch tor-browser-128.5.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: c1861f53 by Fatih at 2024-11-19T17:22:04+01:00 Bug 1436226: Ignore user prefs and hardware support for media capabilities when RFPTarget::MediaCapabilities is enabled. r=tjr,media-playback-reviewers,padenot This patch mostly targeted Android, as media.mediasource.vp9.enabled is disabled on only Android and HW support takes precedence over pref, hence leaking HW support for VP9. However, we ended up modifying the patch to ignore prefs or HW support, fixing both possible user pref leak and HW support leak. Differential Revision: https://phabricator.services.mozilla.com/D221338 - - - - - a3e15ddf by stransky at 2024-11-19T17:22:05+01:00 Bug 1501744 [Linux] Fill PointerEvents on the Gtk backend r=emilio Patch author is tpxp <tpxp(a)live.fr> Differential Revision: https://phabricator.services.mozilla.com/D215201 - - - - - 18015192 by hackademix at 2024-11-19T17:53:28+01:00 Bug 1556002 - Update initial window size and letterboxing stepping. r=tjr Differential Revision: https://phabricator.services.mozilla.com/D226598 - - - - - ed5c7eb2 by Fatih at 2024-11-19T17:53:29+01:00 Bug 1607032: Spoof screen orientation and angle to primary values. r=tjr,geckoview-reviewers,owlish Differential Revision: https://phabricator.services.mozilla.com/D220904 - - - - - 9e61bfe6 by Henry Wilkes at 2024-11-19T17:53:29+01:00 Bug 1436462 - Use "Open in new private window" for bookmarks when in PBM. r=places-reviewers,mak This makes the bookmark menu consistent with the "File" and context menu when using private browsing mode. We also share the same hide item logic for these "open" items in one place in PlacesUIUtils so that they can be shared between the two consumers (regular bookmarks and managed bookmarks). This ensures that the "Open in container" item if hidden for managed bookmarks in a private window. Differential Revision: https://phabricator.services.mozilla.com/D220120 - - - - - ca5164a1 by Fatih at 2024-11-19T17:53:30+01:00 Bug 1834307: Change StaticPrefs::general_smoothScroll() calls with nsLayoutUtils::IsSmoothScrollingEnabled. r=tjr Differential Revision: https://phabricator.services.mozilla.com/D221363 - - - - - 2f3dd2ed by Fatih at 2024-11-19T17:53:30+01:00 Bug 1834307: Check RFPTarget::CSSPrefersReducedMotion in nsLayoutUtils::IsSmoothScrollingEnabled. r=tjr Differential Revision: https://phabricator.services.mozilla.com/D221364 - - - - - 3e97f3a7 by Roger Yang at 2024-11-19T17:53:30+01:00 Bug 1862537 - Do not try to go back when it's a initial load r=android-reviewers,harrisono, a=pascalc Differential Revision: https://phabricator.services.mozilla.com/D219782 - - - - - 95ef294a by Timothy Nikkel at 2024-11-19T17:53:31+01:00 Bug 1899180. If a channel is not nsIPrivateBrowsingChannel and has no load context, use the private browsing field from it's origin attributes. r=necko-reviewers,anti-tracking-reviewers,valentin If the channel is not a nsIPrivateBrowsingChannel, and it also has no load context (eg inside svg images) then we will over write a non-zero mPrivateBrowsingId on the OriginAttributes of the channel with 0, making NS_UsePrivateBrowsing return false for the channel. Differential Revision: https://phabricator.services.mozilla.com/D212083 - - - - - 9f58ef1a by pollymce at 2024-11-19T17:53:31+01:00 Bug 1902996 - Improve messaging for fullscreen notifications. r=android-reviewers,gl Instead of explaining to users that they are in fullscreen mode, which may be obvious, we explain how to get out of it :) Also use a Toast rather than a custom Dialog. Update Focus too. Fix lint errors. Differential Revision: https://phabricator.services.mozilla.com/D215782 - - - - - d8b96812 by Jon Coppeard at 2024-11-19T17:53:31+01:00 Bug 1904011 - Ignore finalized scripts when iterating code covarage tables r=iain Differential Revision: https://phabricator.services.mozilla.com/D214799 - - - - - 3b9faaf0 by rahulsainani at 2024-11-19T17:53:32+01:00 Bug 1906024 - Format download file names better a=diannaS Original Revision: https://phabricator.services.mozilla.com/D220559 Differential Revision: https://phabricator.services.mozilla.com/D222254 - - - - - cffb7356 by rahulsainani at 2024-11-19T17:53:32+01:00 Bug 1906024 - Format download file names a=diannaS Original Revision: https://phabricator.services.mozilla.com/D221771 Differential Revision: https://phabricator.services.mozilla.com/D222259 - - - - - c9b4b5ec by Arturo Mejia at 2024-11-19T17:53:33+01:00 Bug 1908344 - Improve prompts showing a=dmeehan - BP, tor-browser#43005 Original Revision: https://phabricator.services.mozilla.com/D216996 Differential Revision: https://phabricator.services.mozilla.com/D217718 - - - - - c543ea70 by Sam Foster at 2024-11-19T17:53:33+01:00 Bug 1909099 - Always clean up old session restore and sync log files. r=markh,sessionstore-reviewers,dao Differential Revision: https://phabricator.services.mozilla.com/D217520 - - - - - 38ef9aa8 by Nika Layzell at 2024-11-19T17:53:33+01:00 Bug 1911745 - Unify BrowsingContext flag coherency checks, r=mccr8 Previously these checks were largely diagnostic tools for finding bugs in other code as it evolves. This unifies the checks a bit more and makes them stronger for BrowsingContexts created over IPC, providing a place for more coherency checks to be added in the future. Differential Revision: https://phabricator.services.mozilla.com/D218860 - - - - - 1c694454 by Pier Angelo Vendrame at 2024-11-19T17:53:34+01:00 Bug 1918009 - Fix the RFP-spoofed User-Agent header. r=tjr The spoofed value of the HTTP user-agent header is not consistent with the value of navigator.userAgent on Windows, and this can lead to compatibility issues. Differential Revision: https://phabricator.services.mozilla.com/D223745 - - - - - 4eb6d5bb by Fatih at 2024-11-19T17:53:34+01:00 Bug 1918202: Spoof orientation based on screen size. r=tjr Differential Revision: https://phabricator.services.mozilla.com/D221863 - - - - - bc7ebde1 by Henry Wilkes at 2024-11-19T17:53:34+01:00 Bug 1919363 - Only show one app menu "new window" item in permanent private browsing. r=mconley We also update the browser_private_browsing_window.js test. The previous test was limited because it was referring to non-existent "appmenu_newNavigator" and "appmenu_newPrivateWindow". Differential Revision: https://phabricator.services.mozilla.com/D222507 - - - - - f817861e by Fatih at 2024-11-19T17:53:35+01:00 Bug 1922204: fixup square spoofed orientation. r=tjr Differential Revision: https://phabricator.services.mozilla.com/D224312 - - - - - 0d2dd437 by Pier Angelo Vendrame at 2024-11-19T17:53:35+01:00 Bug 1923264 - Discard unsupported updates in selectUpdate. r=bytesized,nalexander UpdateService.#selectUpdate currently chooses always the most recent update even when unsupported and an older but supported one is available. This commit makes #selectUpdate discard the unsupported update if a supported alternative is found. Differential Revision: https://phabricator.services.mozilla.com/D224905 - - - - - d3fcf352 by Henry Wilkes at 2024-11-19T17:53:36+01:00 Bug 41454: Move focus after calling openPreferences for a sub-category. Temporary fix until mozilla bug 1799153 gets a patch upstream. - - - - - e93211ca by Henry Wilkes at 2024-11-19T17:53:36+01:00 Bug 43072: Add aria label and description to moz-message-bar. Ensures that moz-message-bar, including notifications, are announced on Orca. This addresses upstream bugzilla bug 1895857 and should likely be replaced when it is fixed. - - - - - 30c7ed8d by Henry Wilkes at 2024-11-19T17:53:36+01:00 Bug 42739: Use the brand name for profile error messages. Some messages in profileSelection.properties use gAppData->name as variable inputs. However, gAppData->name is still "Firefox" for our base-browser builds, rather than the user-facing browser name. We swap these instances with the displayed brand name instead. - - - - - e045026a by hackademix at 2024-11-19T17:53:37+01:00 Bug 42194: Fix blank net error page on failed DNS resolution with active proxy. - - - - - 078390d9 by Henry Wilkes at 2024-11-19T17:53:37+01:00 Bug 41483: Remove the firefox override for appstrings.properties Remove this patch after upstream bugzilla bug 1790187 - - - - - 89433847 by hackademix at 2024-11-19T17:53:37+01:00 Bug 43101: Deep link to the startup security warning explanation. - - - - - 57b060ca by Marco Simonelli at 2024-11-19T17:53:38+01:00 Bug 41459: WebRTC fails to build under mingw (Part 1) - properly define NOMINMAX for just MSVC builds - - - - - 4e767947 by Marco Simonelli at 2024-11-19T17:53:38+01:00 Bug 41459: WebRTC fails to build under mingw (Part 2) - fixes required to build third_party/libwebrtc - - - - - b667f2aa by Marco Simonelli at 2024-11-19T17:53:38+01:00 Bug 41459: WebRTC fails to build under mingw (Part 3) - fixes required to build third_party/sipcc - - - - - 4fb7b9b1 by Marco Simonelli at 2024-11-19T17:53:39+01:00 Bug 41459: WebRTC fails to build under mingw (Part 4) - fixes requried to build netwerk/sctp - - - - - 636ba155 by Marco Simonelli at 2024-11-19T17:53:39+01:00 Bug 41459: WebRTC fails to build under mingw (Part 5) - fixes required to build dom/media/webrtc - - - - - 042fd42f by Marco Simonelli at 2024-11-19T17:53:40+01:00 Bug 41459: WebRTC fails to build under mingw (Part 6) - fixes required to build dom/media/systemservices - - - - - 5d1e3b05 by june wilde at 2024-11-19T17:53:40+01:00 Bug 42758: Fix WebRTC build errors. - - - - - d1cdc4c1 by hackademix at 2024-11-19T17:53:40+01:00 Bug 41854: Allow overriding download spam protection. - - - - - f926fd0e by hackademix at 2024-11-19T17:53:41+01:00 Bug 42832: Download spam prevention exemption for browser extensions. - - - - - f77269e3 by Pier Angelo Vendrame at 2024-11-19T17:53:41+01:00 Bug 42220: Allow for more file types to be forced-inline. Firefox allows to open some files in the browser without any confirmation, but this will result in a disk leak, because the file will be downloaded to the temporary directory first (and not deleted, in some cases). A preference allows PDFs to be opened without being downloaded to disk. So, we introduce a similar one to do the same for all the files that are set to be opened automatically in the browser. - - - - - 99c035e8 by hackademix at 2024-11-19T17:53:41+01:00 Bug 42835: Create an actor to filter file data transfers - - - - - 482e1388 by Beatriz Rizental at 2024-11-19T17:53:42+01:00 Bug 42728: Modify ./mach lint to skip unused linters - - - - - 8dbd457f by Gaba at 2024-11-19T17:53:42+01:00 Adding issue and merge request templates - - - - - aaaa0a99 by Henry Wilkes at 2024-11-19T17:53:42+01:00 fixup! Adding issue and merge request templates Bug 43262: Update QA desktop checklist to include testing saved keys and their preferences. - - - - - 18aa8efe by Morgan at 2024-11-19T17:53:43+01:00 fixup! Adding issue and merge request templates Bug 43295: Update MR templates - - - - - dde993ab by Richard Pospesel at 2024-11-19T17:53:43+01:00 Bug 42683: Create script to generate issue triage csv file from bugzilla query and git logs - - - - - 4c48cf6c by Beatriz Rizental at 2024-11-19T17:53:45+01:00 Add CI for Base Browser - - - - - fa4cc763 by Beatriz Rizental at 2024-11-19T17:53:46+01:00 fixup! Add CI for Base Browser Always use tor-browser repository as base for CI clones. This is fine, because both tor-browser and mullvad-browser repositories share most of their history. - - - - - 6556c8f2 by Beatriz Rizental at 2024-11-19T17:53:46+01:00 fixup! Add CI for Base Browser - - - - - af43db1b by Pier Angelo Vendrame at 2024-11-19T17:53:46+01:00 Base Browser's .mozconfigs. Bug 17858: Cannot create incremental MARs for hardened builds. Define HOST_CFLAGS, etc. to avoid compiling programs such as mbsdiff (which is part of mar-tools and is not distributed to end-users) with ASan. Bug 21849: Don't allow SSL key logging. Bug 25741 - TBA: Disable features at compile-time Define MOZ_ANDROID_NETWORK_STATE and MOZ_ANDROID_LOCATION Bug 27623 - Export MOZILLA_OFFICIAL during desktop builds This fixes a problem where some preferences had the wrong default value. Also see bug 27472 where we made a similar fix for Android. Bug 29859: Disable HLS support for now Bug 30463: Explicitly disable MOZ_TELEMETRY_REPORTING Bug 32493: Disable MOZ_SERVICES_HEALTHREPORT Bug 33734: Set MOZ_NORMANDY to False Bug 33851: Omit Parental Controls. Bug 40252: Add --enable-rust-simd to our tor-browser mozconfig files Bug 41584: Move some configuration options to base-browser level - - - - - 4413ee64 by Pier Angelo Vendrame at 2024-11-19T17:53:47+01:00 Tweaks to the build system Bug 40857: Modified the fat .aar creation file This is a workaround to build fat .aars with the compiling enviornment disabled. Mozilla does not use a similar configuration, but either runs a Firefox build and discards its output, or uses artifacts build. We might switch to artifact builds too, and drop this patch, or write a better one to upstream. But until then we need this patch. See also https://bugzilla.mozilla.org/show_bug.cgi?id=1763770. Bug 41458: Prevent `mach package-multi-locale` from actually creating a package macOS builds need some files to be moved around with ./mach package-multi-locale to create multi-locale packages. The required command isn't exposed through any other mach command. So, we patch package-multi-locale both to prevent it from failing when doing official builds and to detect any future changes on it. - - - - - a9389b67 by Pier Angelo Vendrame at 2024-11-19T17:53:47+01:00 Bug 29320: Replace the gnu target with gnullvm for Rust. - - - - - 8029ad35 by Pier Angelo Vendrame at 2024-11-19T17:53:47+01:00 Bug 42616: Remove VideoCaptureTest.kt. This is a workaround to fix the GeckoView build with WebRTC disabled. We should replace this workaround with a proper solution, that excludes this test when MOZ_WEBRTC is undefined/False. - - - - - 6486c2d7 by Pier Angelo Vendrame at 2024-11-19T17:53:48+01:00 Bug 41108: Remove privileged macOS installation from 102 - - - - - 09c0cc88 by Dan Ballard at 2024-11-19T17:53:48+01:00 Bug 41149: Re-enable DLL injection protection in all builds not just nightlies - - - - - 078dcba4 by Henry Wilkes at 2024-11-19T17:53:48+01:00 Bug 43092: Disable wayland by default in Base Browser. - - - - - 5846d0d8 by Matthew Finkel at 2024-11-19T17:53:49+01:00 Bug 24796: Comment out excess permissions from GeckoView The GeckoView AndroidManifest.xml is not preprocessed unlike Fennec's manifest, so we can't use the ifdef preprocessor guards around the permissions we do not want. Commenting the permissions is the next-best-thing. - - - - - f873140e by Matthew Finkel at 2024-11-19T17:53:49+01:00 Bug 28125: Prevent non-Necko network connections - - - - - 00105983 by Mike Perry at 2024-11-19T17:53:50+01:00 Bug 12974: Disable NTLM and Negotiate HTTP Auth The Mozilla bugs: https://bugzilla.mozilla.org/show_bug.cgi?id=1046421, https://bugzilla.mozilla.org/show_bug.cgi?id=1261591, tor-browser#27602 - - - - - 5f55f17d by cypherpunks1 at 2024-11-19T17:53:50+01:00 Bug 40717: Hide Windows SSO in settings - - - - - af6c3891 by Georg Koppen at 2024-11-19T17:53:50+01:00 Bug 16285: Exclude ClearKey system for now In the past the ClearKey system had not been compiled when specifying --disable-eme. But that changed and it is even bundled nowadays (see: Mozilla's bug 1300654). We don't want to ship it right now as the use case for it is not really visible while the code had security vulnerabilities in the past. - - - - - ec28adef by Kathy Brade at 2024-11-19T17:53:51+01:00 Bug 21431: Clean-up system extensions shipped in Firefox Only ship the pdfjs extension. - - - - - d01bcaae by Henry Wilkes at 2024-11-19T17:53:51+01:00 Bug 42831: Remove the shopping components. - - - - - df78f29c by Kathy Brade at 2024-11-19T17:53:51+01:00 Bug 33852: Clean up about:logins (LockWise) to avoid mentioning sync, etc. Hide elements on about:logins that mention sync, "Firefox LockWise", and Mozilla's LockWise mobile apps. Disable the "Create New Login" button when security.nocertdb is true. - - - - - f974da0d by Alex Catarineu at 2024-11-19T17:53:52+01:00 Bug 41457: Remove Mozilla permissions Bug 40025: Remove Mozilla add-on install permissions - - - - - 776ab6d3 by Kathy Brade at 2024-11-19T17:53:52+01:00 Bug 40002: Remove about:ion Firefox Ion (previously Firefox Pioneer) is an opt-in program in which people volunteer to participate in studies that collect detailed, sensitive data about how they use their browser. Bug 41662: Disable about:sync-logs Even though we disable sync by default with `identity.fxaccounts.enabled`, this about: page is still avilable. We could throw an exception on the constructor of the related component, but it would result only in an error in the console, without a visible "this address does not look right" error page. If we fix the issues with MOZ_SERVICES_SYNC, we can restore the component. - - - - - 7e6f06d2 by Morgan at 2024-11-19T17:53:53+01:00 Bug 42716: Disable unwanted about: pages - - - - - d42d6450 by Arthur Edelstein at 2024-11-19T17:53:53+01:00 Bug 26353: Prevent speculative connect that violated FPI. Connections were observed in the catch-all circuit when the user entered an https or http URL in the URL bar, or typed a search term. - - - - - dd4e6ed2 by Alex Catarineu at 2024-11-19T17:53:53+01:00 Bug 31740: Remove some unnecessary RemoteSettings instances More concretely, SearchService.jsm 'hijack-blocklists' and url-classifier-skip-urls. Avoid creating instance for 'anti-tracking-url-decoration'. If prefs are disabling their usage, avoid creating instances for 'cert-revocations' and 'intermediates'. Do not ship JSON dumps for collections we do not expect to need. For the ones in the 'main' bucket, this prevents them from being synced unnecessarily (the code in remote-settings does so for collections in the main bucket for which a dump or local data exists). For the collections in the other buckets, we just save some size by not shipping their dumps. We also clear the collections database on the v2 -> v3 migration. - - - - - 520a0fc8 by cypherpunks1 at 2024-11-19T17:53:54+01:00 Bug 41092: Add a RemoteSettings JSON dump for query-stripping - - - - - bd279c9d by cypherpunks1 at 2024-11-19T17:53:54+01:00 Bug 42730: Patch RemoteSettings to use only local dumps as a data source - - - - - 0678e2b6 by Pier Angelo Vendrame at 2024-11-19T17:53:54+01:00 Bug 41635: Disable the Normandy component Do not include Normandy at all whenever MOZ_NORMANDY is False. - - - - - cd697f2d by Georg Koppen at 2024-11-19T17:53:55+01:00 Bug 30541: Disable WebGL readPixel() for web content Related Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1428034 - - - - - 627cf6c2 by Alex Catarineu at 2024-11-19T17:53:55+01:00 Bug 28369: Stop shipping pingsender executable - - - - - 377d2346 by Henry Wilkes at 2024-11-19T17:53:55+01:00 Bug 42630: Disable LaterRun module. - - - - - a80883e8 by Pier Angelo Vendrame at 2024-11-19T17:53:56+01:00 Bug 41599: Always return an empty string as network ID Firefox computes an internal network ID used to detect network changes and act consequently (e.g., to improve WebSocket UX). However, there are a few ways to get this internal network ID, so we patch them out, to be sure any new code will not be able to use them and possibly link users. We also sent a patch to Mozilla to seed the internal network ID, to prevent any accidental leak in the future. Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1817756 - - - - - 4b57f93d by Pier Angelo Vendrame at 2024-11-19T17:53:56+01:00 Bug 42647: Make OS HTTP User-Agent OS spoofing configurable by pref This commits makes it possible to disable OS spoofing in the HTTP User-Agent header, to see if matching header and JS property improve usability. - - - - - 71f53de7 by Richard Pospesel at 2024-11-19T17:53:57+01:00 Bug 41327: Disable UrlbarProviderInterventions - - - - - 18569a80 by Richard Pospesel at 2024-11-19T17:53:57+01:00 Bug 42037: Disable about:firefoxview page - - - - - 5585ebc5 by Mike Perry at 2024-11-19T17:53:57+01:00 Firefox preference overrides. This hack directly includes our preference changes in omni.ja. Bug 18292: Staged updates fail on Windows Temporarily disable staged updates on Windows. Bug 18297: Use separate Noto JP,KR,SC,TC fonts Bug 23404: Add Noto Sans Buginese to the macOS whitelist Bug 23745: Set dom.indexedDB.enabled = true Bug 13575: Disable randomised Firefox HTTP cache decay user tests. (Fernando Fernandez Mancera <ffmancera(a)riseup.net>) Bug 17252: Enable session identifiers with FPI Session tickets and session identifiers were isolated by OriginAttributes, so we can re-enable them by allowing the default value (true) of "security.ssl.disable_session_identifiers". The pref "security.enable_tls_session_tickets" is obsolete (removed in https://bugzilla.mozilla.org/917049) Bug 14952: Enable http/2 and AltSvc In Firefox, SPDY/HTTP2 now uses Origin Attributes for isolation of connections, push streams, origin frames, etc. That means we get first-party isolation provided "privacy.firstparty.isolate" is true. So in this patch, we stop overriding "network.http.spdy.enabled" and "network.http.spdy.enabled.http2". Alternate Services also use Origin Attributes for isolation. So we stop overriding "network.http.altsvc.enabled" and "network.http.altsvc.oe" as well. (All 4 of the abovementioned "network.http.*" prefs adopt Firefox 60ESR's default value of true.) However, we want to disable HTTP/2 push for now, so we set "network.http.spdy.allow-push" to false. "network.http.spdy.enabled.http2draft" was removed in Bug 1132357. "network.http.sped.enabled.v2" was removed in Bug 912550. "network.http.sped.enabled.v3" was removed in Bug 1097944. "network.http.sped.enabled.v3-1" was removed in Bug 1248197. Bug 26114: addons.mozilla.org is not special * Don't expose navigator.mozAddonManager on any site * Don't block NoScript from modifying addons.mozilla.org or other sites Enable ReaderView mode again (#27281). Bug 29916: Make sure enterprise policies are disabled Bug 2874: Block Components.interfaces from content Bug 26146: Spoof HTTP User-Agent header for desktop platforms In Tor Browser 8.0, the OS was revealed in both the HTTP User-Agent header and to JavaScript code via navigator.userAgent. To avoid leaking the OS inside each HTTP request (which many web servers log), always use the Windows 7 OS value in the desktop User-Agent header. We continue to allow access to the actual OS via JavaScript, since doing so improves compatibility with web applications such as GitHub and Google Docs. Bug 12885: Windows Jump Lists fail for Tor Browser Jumplist entries are stored in a binary file in: %APPDATA%\\Microsoft\Windows\Recent\CustomDestinations\ and has a name in the form [a-f0-9]+.customDestinations-ms The hex at the front is unique per app, and is ultimately derived from something called the 'App User Model ID' (AUMID) via some unknown hashing method. The AUMID is provided as a key when programmatically creating, updating, and deleting a jumplist. The default behaviour in firefox is for the installer to define an AUMID for an app, and save it in the registry so that the jumplist data can be removed by the uninstaller. However, the Tor Browser does not set this (or any other) regkey during installation, so this codepath fails and the app's AUMID is left undefined. As a result the app's AUMID ends up being defined by windows, but unknowable by Tor Browser. This unknown AUMID is used to create and modify the jumplist, but the delete API requires that we provide the app's AUMID explicitly. Since we don't know what the AUMID is (since the expected regkey where it is normally stored does not exist) jumplist deletion will fail and we will leave behind a mostly empty customDestinations-ms file. The name of the file is derived from the binary path, so an enterprising person could reverse engineer how that hex name is calculated, and generate the name for Tor Browser's default Desktop installation path to determine whether a person had used Tor Browser in the past. The 'taskbar.grouping.useprofile' option that is enabled by this patch works around this AUMID problem by having firefox.exe create it's own AUMID based on the profile path (rather than looking for a regkey). This way, if a user goes in and enables and disables jumplist entries, the backing store is properly deleted. Unfortunately, all windows users currently have this file lurking in the above mentioned directory and this patch will not remove it since it was created with an unknown AUMID. However, another patch could be written which goes to that directory and deletes any item containing the 'Tor Browser' string. See bug 28996. Bug 30845: Make sure default themes and other internal extensions are enabled Bug 28896: Enable extensions in private browsing by default Bug 31065: Explicitly allow proxying localhost Bug 31598: Enable letterboxing Disable Presentation API everywhere Bug 21549 - Use Firefox's WASM default pref. It is disabled at safer security levels. Bug 32321: Disable Mozilla's MitM pings Bug 19890: Disable installation of system addons By setting the URL to "" we make sure that already installed system addons get deleted as well. Bug 22548: Firefox downgrades VP9 videos to VP8. On systems where H.264 is not available or no HWA, VP9 is preferred. But in Tor Browser 7.0 all youtube videos are degraded to VP8. This behaviour can be turned off by setting media.benchmark.vp9.threshold to 0. All clients will get better experience and lower traffic, beause TBB doesn't use "Use hardware acceleration when available". Bug 25741 - TBA: Add mobile-override of 000-tor-browser prefs Bug 16441: Suppress "Reset Tor Browser" prompt. Bug 29120: Use the in-memory media cache and increase its maximum size. Bug 33697: use old search config based on list.json Bug 33855: Ensure that site-specific browser mode is disabled. Bug 30682: Disable Intermediate CA Preloading. Bug 40061: Omit the Windows default browser agent from the build Bug 40322: Consider disabling network.connectivity-service.enabled Bug 40408: Disallow SVG Context Paint in all web content Bug 40308: Disable network partitioning until we evaluate dFPI Bug 40322: Consider disabling network.connectivity-service.enabled Bug 40383: Disable dom.enable_event_timing Bug 40423: Disable http/3 Bug 40177: Update prefs for Fx91esr Bug 40700: Disable addons and features recommendations Bug 40682: Disable network.proxy.allow_bypass Bug 40736: Disable third-party cookies in PBM Bug 19850: Enabled HTTPS-Only by default Bug 40912: Hide the screenshot menu Bug 41292: Disable moreFromMozilla in preferences page Bug 40057: Ensure the CSS4 system colors are not a fingerprinting vector Bug 24686: Set network.http.tailing.enabled to true Bug 40183: Disable TLS ciphersuites using SHA-1 Bug 40783: Review 000-tor-browser.js and 001-base-profile.js for 102 We reviewed all the preferences we set for 102, and remove a few old ones. See the description of that issue to see all the preferences we believed were still valid for 102, and some brief description for the reasons to keep them. - - - - - 7a6b8a27 by Pier Angelo Vendrame at 2024-11-19T17:53:58+01:00 fixup! Firefox preference overrides. Bug 42125: Set and lock privacy.resistFingerprinting.exemptedDomains. The rationale for locking this is consistency with RFP. Also, set privacy.resistFingerprinting.randomDataOnCanvasExtract as a countermesure to some wrong guides. - - - - - da7eaec3 by Pier Angelo Vendrame at 2024-11-19T17:53:58+01:00 fixup! Firefox preference overrides. Bug 43165: Disable Microsoft SSO on macOS. - - - - - 9f09a69c by Pier Angelo Vendrame at 2024-11-19T17:54:44+01:00 fixup! Firefox preference overrides. Remove our custom letterboxing size, since they are going to be also Firefox's default one after MozBug 1556002. - - - - - c74c934c by Pier Angelo Vendrame at 2024-11-19T17:54:49+01:00 Bug 41043: Hardcode the UI font on Linux The mechanism to choose the UI font does not play well with our fontconfig configuration. As a result, the final criterion to choose the font for the UI was its version. Since we hardcode Arimo as a default sans-serif on preferences, we use it also for the UI. FontConfig will fall back to some other font for scripts Arimo does not cover as expected (we tested with Japanese). Bug 43141: Hardcode system-ui to Arimo. - - - - - f70259bb by Pier Angelo Vendrame at 2024-11-19T17:54:49+01:00 amend! Bug 41043: Hardcode the UI font on Linux Bug 43140: Tighten up fonts on Linux. We ship a fontconfig configuration to esnure all Linux users have the same defaults and reduce the chances of fingerprinting. We used to add this file in tor-browser-build, but some users might skip it by using the browser executable without the wrapper script. Therefore, we decided to activate the file with the FontConfig API instead of the environment variables. Bug 41043: Hardcode the UI font on Linux The mechanism to choose the UI font does not play well with our fontconfig configuration. As a result, the final criterion to choose the font for the UI was its version. Since we hardcode Arimo as a default sans-serif on preferences, we use it also for the UI. FontConfig will fall back to some other font for scripts Arimo does not cover as expected (we tested with Japanese). Bug 43141: Hardcode system-ui to Arimo. - - - - - 2e4d21d3 by Pier Angelo Vendrame at 2024-11-19T17:54:50+01:00 Bug 41901: Hardcode normalized FontSubstitutes. Windows has a system to set font aliases through the registry. This allows some customization that could be used as a fingerprinting vector. Moreover, this mechanism is used by Windows itself, and different SKUs might have different default FontSubstitutes. - - - - - d12e7723 by Alex Catarineu at 2024-11-19T17:54:50+01:00 Bug 30605: Honor privacy.spoof_english in Android This checks `privacy.spoof_english` whenever `setLocales` is called from Fenix side and sets `intl.accept_languages` accordingly. Bug 40198: Expose privacy.spoof_english pref in GeckoView - - - - - 4bcb6e2d by Pier Angelo Vendrame at 2024-11-19T17:54:50+01:00 Bug 42562: Normalized the Accepted Languages on Android. The OS language might be outside the list of actually supported languages and it might leak the user's region. Therefore, we force the locale reported in Accept-Language to match one we support with translations, even when it means using a not exact region tag. - - - - - 9ade38a5 by Alex Catarineu at 2024-11-19T17:54:51+01:00 Bug 40171: Make WebRequest and GeckoWebExecutor First-Party aware - - - - - a9552521 by Pier Angelo Vendrame at 2024-11-19T17:54:51+01:00 fixup! Bug 40171: Make WebRequest and GeckoWebExecutor First-Party aware Lint with android-format. - - - - - 1ce49a1f by Alex Catarineu at 2024-11-19T17:54:51+01:00 Bug 26345: Hide tracking protection UI - - - - - 88d549f2 by Henry Wilkes at 2024-11-19T17:54:52+01:00 Bug 43109: Hide Firefox Relay from settings. This should remain disabled, see tor-browser#42814. - - - - - c1a0de17 by Henry Wilkes at 2024-11-19T17:54:52+01:00 Bug 42777: Hide Website Privacy Preferences. We hide the Website Privacy Preferences section, which controls the "global privacy control" (GPC) and "do not track" (DNT) settings. - - - - - 75cfa93e by Morgan at 2024-11-19T17:54:52+01:00 Bug 42070: Hide "Use smooth scrolling" from settings - - - - - 1fbf0ce9 by Arthur Edelstein at 2024-11-19T17:54:53+01:00 Bug 18905: Hide unwanted items from help menu Bug 25660: Remove the "New Private Window" option - - - - - a434d22f by Pier Angelo Vendrame at 2024-11-19T17:54:53+01:00 Bug 41739: Remove "Website appearance" from about:preferences. It is ignored because of RFP and it is confusing for users. - - - - - e5d237ba by Henry Wilkes at 2024-11-19T17:54:53+01:00 Bug 43117: Hide "Always underline links" from settings. - - - - - a7dd1215 by Pier Angelo Vendrame at 2024-11-19T17:54:54+01:00 Bug 42774: Always hide the third-pary certs UI. - - - - - 416e0c9e by Henry Wilkes at 2024-11-19T17:54:54+01:00 Bug 43118: Hide feature recommendation (CFR) settings. - - - - - dbdae505 by Pier Angelo Vendrame at 2024-11-19T17:54:54+01:00 Bug 9173: Change the default Firefox profile directory to be relative. This commit makes Firefox look for the default profile directory in a directory relative to the binary path. The directory can be specified through the --with-relative-data-dir. This is relative to the same directory as the firefox main binary for Linux and Windows. On macOS, we remove Contents/MacOS from it. Or, in other words, the directory is relative to the application bundle. This behavior can be overriden at runtime, by placing a file called system-install adjacent to the firefox main binary (also on macOS). - - - - - 361dc5d3 by Pier Angelo Vendrame at 2024-11-19T17:54:55+01:00 Bug 42773: Replace ~ with the original home. In Bug 93141, Mozilla started sending users to their home when they type ~ in the URL bar. On Linux, we change $HOME for various reason, therefore you would be redirected to the spoofed home directory when typing ~. So, we check if the original home directory is known, and use that, instead. - - - - - 84999c19 by Alex Catarineu at 2024-11-19T17:54:55+01:00 Bug 27604: Fix addon issues when moving the profile directory Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1429838 - - - - - e30d5450 by Mike Perry at 2024-11-19T17:54:56+01:00 Bug 13028: Prevent potential proxy bypass cases. It looks like these cases should only be invoked in the NSS command line tools, and not the browser, but I decided to patch them anyway because there literally is a maze of network function pointers being passed around, and it's very hard to tell if some random code might not pass in the proper proxied versions of the networking code here by accident. Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1433509 - - - - - 7de7f22f by Pier Angelo Vendrame at 2024-11-19T17:54:56+01:00 Bug 40309: Avoid using regional OS locales Avoid regional OS locales if the pref `intl.regional_prefs.use_os_locales` is false but RFP is enabled. - - - - - 39f99f69 by Matthew Finkel at 2024-11-19T17:54:56+01:00 Bug 40432: Prevent probing installed applications Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1711084 - - - - - e8711e88 by cypherpunks1 at 2024-11-19T17:54:57+01:00 Bug 33955: When copying an image only copy the image contents to the clipboard - - - - - bab407ff by cypherpunks1 at 2024-11-19T17:54:57+01:00 Bug 41791: Omit the source URL when copying page contents to the clipboard - - - - - d052d514 by hackademix at 2024-11-19T17:54:57+01:00 Bug 42288: Allow language spoofing in status messages. - - - - - 70b19528 by Pier Angelo Vendrame at 2024-11-19T17:54:58+01:00 Bug 43196: Remove the vendor name from media notifications on Linux. Firefox shows "vendor remoteName" as a title of the "... is playing media" notification on Linux. However, for our browser the remote name is enough, and prepending the vendor to it creates a string users usually never see. - - - - - d8643a5a by Pier Angelo Vendrame at 2024-11-19T17:54:58+01:00 Base Browser strings This commit adds all the strings needed by following Base Browser patches. - - - - - 977627d0 by Pier Angelo Vendrame at 2024-11-19T17:54:58+01:00 Bug 41369: Improve Firefox language settings for multi-lingual packages Change the language selector to be sorted by language code, rather than name, and to display the language code to the user. Bug 41372: Handle Japanese as a special case in preferences on macOS Japanese is treated in a special way on macOS. However, seeing the Japanese language tag could be confusing for users, and moreover the language name is not localized correctly like other langs. Bug 41378: Tell users that they can change their language at the first start With multi-lingual builds, Tor Browser matches the user's system language, but some users might want to change it. So, we tell them that it is possible, but only once. - - - - - a449031d by p13dz at 2024-11-19T17:54:59+01:00 Bug 40283: Workaround for the file upload bug - - - - - b6758e6a by Pier Angelo Vendrame at 2024-11-19T17:54:59+01:00 fixup! Bug 40283: Workaround for the file upload bug Lint with android-format. - - - - - d64ecb5c by hackademix at 2024-11-19T17:54:59+01:00 Bug 42019: Empty browser's clipboard on browser shutdown - - - - - 11f9b227 by hackademix at 2024-11-19T17:55:00+01:00 Bug 42084: Ensure English spoofing works even if preferences are set out of order. - - - - - 205864f1 by Pier Angelo Vendrame at 2024-11-19T17:55:00+01:00 Bug 41930: Remove the UI to customize accept_languages. - - - - - c0a6c1f0 by hackademix at 2024-11-19T17:55:00+01:00 Bug 41434: Letterboxing, preemptively apply margins in a global CSS rule to mitigate race conditions on newly created windows and tabs. - - - - - 90340c51 by hackademix at 2024-11-19T17:55:01+01:00 Bug 41434: Letterboxing, improve logging. - - - - - 77e001e9 by hackademix at 2024-11-19T17:55:03+01:00 Bug 31064: Letterboxing, exempt browser extensions. - - - - - 37fca51f by hackademix at 2024-11-19T17:55:03+01:00 Bug 32411: Letterboxing, exempt view-source: URIs. - - - - - e3532482 by hackademix at 2024-11-19T17:55:04+01:00 Bug 42574: Letterboxing, exempt pdf.js. - - - - - e6debe3c by hackademix at 2024-11-19T17:56:38+01:00 Bug 32308: Use direct browser sizing for letterboxing. Bug 30556: align letterboxing with 200x100 new win width stepping - - - - - 342f955a by Pier Angelo Vendrame at 2024-11-19T17:59:11+01:00 fixup! Bug 32308: Use direct browser sizing for letterboxing. Restore our changes after backporting MozBug 1556002. - - - - - 55cad064 by hackademix at 2024-11-19T17:59:15+01:00 Bug 41631: Prevent weird initial window dimensions caused by subpixel computations - - - - - 7816958e by hackademix at 2024-11-19T18:00:10+01:00 Bug 41918: Option to reuse last window size when letterboxing is enabled. - - - - - 5863c026 by hackademix at 2024-11-19T18:00:11+01:00 Bug 41916: Letterboxing preferences UI - - - - - 4bb363b9 by hackademix at 2024-11-19T18:00:53+01:00 Bug 41695: Warn on window maximization without letterboxing in RFPHelper module - - - - - 68b227e0 by hackademix at 2024-11-19T18:00:56+01:00 Bug 42443: Shrink window to match letterboxing size when the emtpy area is clicked. - - - - - c991e95e by Henry Wilkes at 2024-11-19T18:00:56+01:00 Bug 42528: Don't leak system scrollbar size on windows. - - - - - 1e4342dc by Henry Wilkes at 2024-11-19T18:00:56+01:00 Bug 31575: Disable Firefox Home (Activity Stream) Treat about:blank as the default home page and new tab page. Avoid loading AboutNewTab in BrowserGlue.sys.mjs in order to avoid several network requests that we do not need. Bug 41624: Disable about:pocket-* pages. Bug 40144: Redirect about:privatebrowsing to the user's home - - - - - 35ca6262 by Kathy Brade at 2024-11-19T18:00:57+01:00 Bug 4234: Use the Firefox Update Process for Base Browser. Windows: disable "runas" code path in updater (15201). Windows: avoid writing to the registry (16236). Also includes fixes for tickets 13047, 13301, 13356, 13594, 15406, 16014, 16909, 24476, and 25909. Also fix bug 27221: purge the startup cache if the Base Browser version changed (even if the Firefox version and build ID did not change), e.g., after a minor Base Browser update. Also fix 32616: Disable GetSecureOutputDirectoryPath() functionality. Bug 26048: potentially confusing "restart to update" message Within the update doorhanger, remove the misleading message that mentions that windows will be restored after an update is applied, and replace the "Restart and Restore" button label with an existing "Restart to update Tor Browser" string. Bug 28885: notify users that update is downloading Add a "Downloading Base Browser update" item which appears in the hamburger (app) menu while the update service is downloading a MAR file. Before this change, the browser did not indicate to the user that an update was in progress, which is especially confusing in Tor Browser because downloads often take some time. If the user clicks on the new menu item, the about dialog is opened to allow the user to see download progress. As part of this fix, the update service was changed to always show update-related messages in the hamburger menu, even if the update was started in the foreground via the about dialog or via the "Check for Tor Browser Update" toolbar menu item. This change is consistent with the Tor Browser goal of making sure users are informed about the update process. Removed #28885 parts of this patch which have been uplifted to Firefox. - - - - - 2017190b by Pier Angelo Vendrame at 2024-11-19T18:00:57+01:00 Bug 42061: Create an alpha update channel. - - - - - 5ed9db4e by Nicolas Vigier at 2024-11-19T18:00:58+01:00 Bug 41682: Add base-browser nightly mar signing key - - - - - 637fffe2 by Pier Angelo Vendrame at 2024-11-19T18:00:58+01:00 Bug 41603: Customize the creation of MOZ_SOURCE_URL MOZ_SOURCE_URL is created by combining MOZ_SOURCE_REPO and MOZ_SOURCE_CHANGESET. But the code takes for granted that it refers to a Hg instance, so it combines them as `$MOZ_SOURCE_REPO/rev/$MOZ_SOURCE_CHANGESET`. With this commit, we change this logic to combine them to create a URL that is valid for GitLab. $MOZ_SOURCE_CHANGESET needs to be a commit hash, not a branch or a tag. If that is needed, we could use /-/tree/, instead of /-/commit/. - - - - - 9914b81c by Pier Angelo Vendrame at 2024-11-19T18:00:58+01:00 Bug 41698: Reword the recommendation badges in about:addons Firefox strings use { -brand-product-name }. As a result, it seems that the fork is recommending extensions, whereas AMO curators are doing that. So, we replace the strings with custom ones that clarify that Mozilla is recommending them. We assign the strings with JS because our translation backend does not support Fluent attributes, yet, but once it does, we should switch to them, instead. Upstream bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1825033 - - - - - 6ded2255 by Pier Angelo Vendrame at 2024-11-19T18:00:59+01:00 Bug 42438: Tweaks to the migration wizard. Remove the items not compatible with our features (such as history) from the migration wizard. On Linux, allow to specify an alternative home directory, since we usually change $HOME in our startup script. - - - - - 84af2ab6 by Alex Catarineu at 2024-11-19T18:00:59+01:00 Bug 40069: Add helpers for message passing with extensions - - - - - e7b9438a by Matthew Finkel at 2024-11-19T18:00:59+01:00 Bug 41598: Prevent NoScript from being removed/disabled. Bug 40253: Explicitly allow NoScript in Private Browsing mode. - - - - - 097e97e3 by Henry Wilkes at 2024-11-19T18:01:00+01:00 Bug 41736: Hide NoScript extension's toolbar button by default. This hides it from both the toolbar and the unified extensions panel. We also hide the unified-extension-button if the panel would be empty: not including the NoScript button when it is hidden. As a result, this will be hidden by default until a user installs another extension (or shows the NoScript button and unpins it). - - - - - 8bbb8aeb by hackademix at 2024-11-19T18:01:00+01:00 Bug 41834: Hide "Can't Be Removed - learn more" menu line for uninstallable add-ons - - - - - 5f7a5e2e by Pier Angelo Vendrame at 2024-11-19T18:01:00+01:00 Bug 40925: Implemented the Security Level component This component adds a new Security Level toolbar button which visually indicates the current global security level via icon (as defined by the extensions.torbutton.security_slider pref), a drop-down hanger with a short description of the current security level, and a new section in the about:preferences#privacy page where users can change their current security level. In addition, the hanger and the preferences page will show a visual warning when the user has modified prefs associated with the security level and provide a one-click 'Restore Defaults' button to get the user back on recommended settings. Bug 40125: Expose Security Level pref in GeckoView - - - - - 8af3cab5 by Pier Angelo Vendrame at 2024-11-19T18:01:01+01:00 Bug 40926: Implemented the New Identity feature - - - - - 065db1ac by Henry Wilkes at 2024-11-19T18:01:01+01:00 Bug 41736: Customize toolbar for base-browser. - - - - - e76305ad by Pier Angelo Vendrame at 2024-11-19T18:01:01+01:00 Bug 42027: Base Browser migration procedures. This commit implmenents the the Base Browser's version of _migrateUI. - - - - - 370280dd by Henry Wilkes at 2024-11-19T18:01:02+01:00 Bug 42583: Modify moz-support-link for Base Browser. - - - - - bdb6606a by Henry Wilkes at 2024-11-19T18:01:02+01:00 Bug 42308: Create README for tor-browser. We drop the README.txt that comes from Mozilla Firefox and add README.md for tor-browser. - - - - - c0f06c75 by Richard Pospesel at 2024-11-19T18:01:02+01:00 Bug 41649: Create rebase and security backport gitlab issue templates - - - - - 945856bc by Beatriz Rizental at 2024-11-19T18:01:03+01:00 Add CI for Tor Browser - - - - - eaa4a40a by Henry Wilkes at 2024-11-19T18:01:03+01:00 fixup! Add CI for Tor Browser Bug 43272: Run translation CI whenever CI script changes. - - - - - e481302b by Beatriz Rizental at 2024-11-19T18:01:04+01:00 fixup! Add CI for Tor Browser Build and publish CI container images whenever they change. - - - - - c192927d by Beatriz Rizental at 2024-11-19T19:06:12+01:00 fixup! Add CI for Tor Browser Add missing dependency to CI base container. - - - - - c1202296 by Beatriz Rizental at 2024-11-19T19:24:48+01:00 fixup! Add CI for Tor Browser - - - - - f8dbf3cc by Richard Pospesel at 2024-11-19T19:24:49+01:00 Bug 41089: Add tor-browser build scripts + Makefile to tor-browser - - - - - 68175688 by Henry Wilkes at 2024-11-19T19:24:49+01:00 Bug 41803: Add some developer tools for working on tor-browser. - - - - - 3303dde5 by Kathy Brade at 2024-11-19T19:24:50+01:00 Bug 11641: Disable remoting by default. Unless the -osint command line flag is used, the browser now defaults to the equivalent of -no-remote. There is a new -allow-remote flag that may be used to restore the original (Firefox-like) default behavior. - - - - - f3461921 by Alex Catarineu at 2024-11-19T19:24:50+01:00 Add TorStrings module for localization - - - - - 407d459b by Henry Wilkes at 2024-11-19T19:24:50+01:00 fixup! Add TorStrings module for localization Bug 42739: Drop profile access error strings. - - - - - c42b579d by Henry Wilkes at 2024-11-19T19:24:51+01:00 fixup! Add TorStrings module for localization Bug 42186: Drop about:tbupdate. - - - - - 06f64599 by Henry Wilkes at 2024-11-19T19:24:51+01:00 Tor Browser strings This commit adds all the strings needed for Tor Browser patches. - - - - - 4114951e by Henry Wilkes at 2024-11-19T19:24:52+01:00 Tor Browser localization migration scripts. - - - - - c95a121e by Henry Wilkes at 2024-11-19T19:24:52+01:00 Bug 42305: Add script to combine translation files across versions. - - - - - 729a4f0d by Henry Wilkes at 2024-11-19T19:24:52+01:00 fixup! Bug 42305: Add script to combine translation files across versions. Bug 43272: Fix git fetch in translation CI script. - - - - - 7696e53d by Mike Perry at 2024-11-19T19:24:53+01:00 Bug 2176: Rebrand Firefox to TorBrowser See also Bugs #5194, #7187, #8115, #8219. This patch does some basic renaming of Firefox to TorBrowser. The rest of the branding is done by images and icons. Also fix bug 27905. Bug 25702: Update Tor Browser icon to follow design guidelines - Updated all of the branding in /browser/branding/official with new 'stable' icon series. - Updated /extensions/onboarding/content/img/tor-watermark.png with new icon and add the source svg in the same directory - Copied /browser/branding/official over /browser/branding/nightly and the new /browser/branding/alpha directories. Replaced content with 'nightly' and 'alpha' icon series. Updated VisualElements_70.png and VisualElements_150.png with updated icons in each branding directory (fixes #22654) - Updated firefox.VisualElementsManfiest.xml with updated colors in each branding directory - Added firefox.svg to each branding directory from which all the other icons are derived (apart from document.icns and document.ico) - Added default256.png and default512.png icons - Updated aboutTBUpdate.css to point to branding-aware icon128.png and removed original icon - Use the Tor Browser icon within devtools/client/themes/images/. Bug 30631: Blurry Tor Browser icon on macOS app switcher It would seem the png2icns tool does not generate correct icns files and so on macOS the larger icons were missing resulting in blurry icons in the OS chrome. Regenerated the padded icons in a macOS VM using iconutil. Bug 28196: preparations for using torbutton tor-browser-brand.ftl A small change to Fluent FileSource class is required so that we can register a new source without its supported locales being counted as available locales for the browser. Bug 31803: Replaced about:debugging logo with flat version Bug 21724: Make Firefox and Tor Browser distinct macOS apps When macOS opens a document or selects a default browser, it sometimes uses the CFBundleSignature. Changing from the Firefox MOZB signature to a different signature TORB allows macOS to distinguish between Firefox and Tor Browser. Bug 32092: Fix Tor Browser Support link in preferences For bug 40562, we moved onionPattern* from bug 27476 to here, as about:tor needs these files but it is included earlier. Bug 41278: Create Tor Browser styled pdf logo similar to the vanilla Firefox one Bug 42088: New application icons (used in-app and on linux). Bug 42087: New application icons (windows). - - - - - d1ae9633 by Henry Wilkes at 2024-11-19T19:24:53+01:00 Bug 43087: Add onion-pattern to be used on Tor pages. - - - - - fb2640f1 by hackademix at 2024-11-19T19:24:53+01:00 Bug 41917: Tor brand-specific styles. - - - - - 051839fb by Henry Wilkes at 2024-11-19T19:24:54+01:00 Bug 41817: tor-browser semantic colors. - - - - - 7c451413 by Henry Wilkes at 2024-11-19T19:24:54+01:00 Add purple tor version of the loading APNG. - - - - - 77911010 by Henry Wilkes at 2024-11-19T19:24:55+01:00 Bug 42583: Modify moz-support-link for Tor Browser. - - - - - 8cb9ee9c by sanketh at 2024-11-19T19:24:55+01:00 Bug 40209: Implement Basic Crypto Safety Adds a CryptoSafety actor which detects when you've copied a crypto address from a HTTP webpage and shows a warning. Closes #40209. Bug 40428: Fix string attribute names - - - - - 56e4fa7f by Mike Perry at 2024-11-19T19:24:55+01:00 TB3: Tor Browser's official .mozconfigs. Also: Add an --enable-tor-browser-data-outside-app-dir configure option Add --with-tor-browser-version configure option Bug 31457: disable per-installation profiles The dedicated profiles (per-installation) feature does not interact well with our bundled profiles on Linux and Windows, and it also causes multiple profiles to be created on macOS under TorBrowser-Data. Bug 31935: Disable profile downgrade protection. Since Tor Browser does not support more than one profile, disable the prompt and associated code that offers to create one when a version downgrade situation is detected. Add --enable-tor-browser-update build option Bug 40793: moved Tor configuration options from old-configure.in to moz.configure Bug 41584: Move some configuration options to base-browser level - - - - - 5f2b9eb3 by Henry Wilkes at 2024-11-19T19:24:56+01:00 Bug 41340: Enable TOR_BROWSER_NIGHTLY_BUILD features for dev and nightly builds tor-browser#41285: Enable fluent warnings. - - - - - 37d4d18a by Pier Angelo Vendrame at 2024-11-19T19:24:56+01:00 Bug 40562: Added Tor Browser preferences to 000-tor-browser.js Before reordering patches, we used to keep the Tor-related patches (torbutton and tor-launcher) at the beginning. After that issue, we decided to move them towards the end. In addition to that, we have decided to move Tor Browser-only preferences there, too, to make Base Browser-only fixups easier to apply. - - - - - a2271087 by Pier Angelo Vendrame at 2024-11-19T19:24:56+01:00 Bug 13252: Customize profile management on macOS On macOS we allow both portable mode and system installation. However, in the latter case, we customize Firefox's directories to match the hierarchy we use for the portable mode. Also, display an informative error message if the TorBrowser-Data directory cannot be created due to an "access denied" or a "read only volume" error. - - - - - f01b40a5 by Pier Angelo Vendrame at 2024-11-19T19:24:57+01:00 Bug 40933: Add tor-launcher functionality Bug 41926: Reimplement the control port - - - - - d59923b4 by Pier Angelo Vendrame at 2024-11-19T19:24:57+01:00 fixup! Bug 40933: Add tor-launcher functionality Make optional members in JSDoc comments more consistent with Firefox's codebase. - - - - - 8403e4f4 by Pier Angelo Vendrame at 2024-11-19T19:24:57+01:00 fixup! Bug 40933: Add tor-launcher functionality Bug 10439: Ask the the SOCKS port to the tor process. Allow specifying a negative port as TOR_SOCKS_PORT to let the tor process choose one for us. This does not play too well with DisableNetwork, which we use to start and stop the bootstrap, so we have to query the port every time we change this setting. Also, currently we use Firefox's preferences for SOCKS port. This prevents us from keeping a negative number saved in them. See also tor-browser#42062. - - - - - 69473a20 by Pier Angelo Vendrame at 2024-11-19T19:24:58+01:00 fixup! Bug 40933: Add tor-launcher functionality Bug 42714: Allow to optionally use a TCP listener on Android. - - - - - 4fa61f14 by Cecylia Bocovich at 2024-11-19T19:24:58+01:00 Lox integration - - - - - e373ca33 by Henry Wilkes at 2024-11-19T19:24:59+01:00 fixup! Lox integration Bug 42597: Fix `#updatePubkeys`. - - - - - ad5886ed by Henry Wilkes at 2024-11-19T19:24:59+01:00 fixup! Lox integration Bug 42597: Fix generateInvite. We make sure to call handle_issue_invite to convert the response from "issueinvite" into credentials. We also stop stringifying the lox credentials, which are already a string. - - - - - 9c5fcaa3 by Henry Wilkes at 2024-11-19T19:24:59+01:00 fixup! Lox integration Bug 42597: Made sure we're always using `JSON.parse(request).request` where `request` is generated by lox_wasm. - - - - - 26faf7b0 by Henry Wilkes at 2024-11-19T19:25:00+01:00 fixup! Lox integration Bug 42597: Move duplicate logic into `#makeRequest`. Moreover, we pass in the common fetch arguments into buildPostRequest and treat the return value as a string instead of a JSON object. - - - - - 09063635 by Henry Wilkes at 2024-11-19T19:25:00+01:00 fixup! Lox integration Bug 42597: Refactor error handling. A lot of the errors can be propagated to the caller. - - - - - c253c8c8 by Henry Wilkes at 2024-11-19T19:25:00+01:00 fixup! Lox integration Bug 42597: Add note for missing trusted invites. - - - - - 5686dd36 by Henry Wilkes at 2024-11-19T19:25:01+01:00 fixup! Lox integration Bug 42492: Ensure operations that change lox credentials do not overlap. Not linted to improve readability. - - - - - 43113cc4 by Henry Wilkes at 2024-11-19T19:25:01+01:00 fixup! Lox integration Bug 42492: Lint Lox.sys.mjs - - - - - 4cfffdb0 by Henry Wilkes at 2024-11-19T19:25:01+01:00 fixup! Lox integration Bug 41710: Switch from TorConnectState to TorConnectStage. - - - - - 02d02c30 by Richard Pospesel at 2024-11-19T19:25:02+01:00 Bug 40597: Implement TorSettings module - migrated in-page settings read/write implementation from about:preferences#tor to the TorSettings module - TorSettings initially loads settings from the tor daemon, and saves them to firefox prefs - TorSettings notifies observers when a setting has changed; currently only QuickStart notification is implemented for parity with previous preference notify logic in about:torconnect and about:preferences#tor - about:preferences#tor, and about:torconnect now read and write settings thorugh the TorSettings module - all tor settings live in the torbrowser.settings.* preference branch - removed unused pref modify permission for about:torconnect content page from AsyncPrefs.jsm Bug 40645: Migrate Moat APIs to Moat.jsm module - - - - - c3f48b32 by Pier Angelo Vendrame at 2024-11-19T19:25:02+01:00 fixup! Bug 40597: Implement TorSettings module Fix a couple of references to Moat in the generic DomainFrontedRequests module. - - - - - 342c3019 by Pier Angelo Vendrame at 2024-11-19T19:25:02+01:00 fixup! Bug 40597: Implement TorSettings module ch.asyncOpen is not a JS async function, so no need to await it. The async in the name means that the channel will call methods from a listener object that it takes as an argument when it receives data. - - - - - 0ef35f54 by Henry Wilkes at 2024-11-19T19:25:03+01:00 fixup! Bug 40597: Implement TorSettings module Bug 42597: Make buildPostRequest accept fetch arguments. This allows the request to buildPostRequest in the Lox module use the same arguments that would be passed to `fetch`. Also, return the text stream, rather than JSON. - - - - - 85c7a9f2 by Henry Wilkes at 2024-11-19T19:25:03+01:00 fixup! Bug 40597: Implement TorSettings module Bug 41710: Move bootstrapping attempts into a new class. We copy the logic from "BootstrappingState" and "AutoBootstrappingState" into "BootstrappingAttempt" and "AutoBootstrappingAttempt". The main difference is that we can do the following: ``` bootstrapAttempt = new BootstrapAttempt(); bootstrapResult = await bootstrapAttempt.run(); // ... bootstrapAttempt.cancel(); ``` rather than using the "StateCallback" class, which requires some complicated state management. Moreover, "AutoBootstrappingAttempt" will use "BootstrappingAttempt" for each of its attempts. So the logic for bootstrapping can be kept in one place. Some other changes: 1. Censorship simulation will no longer necessarily avoid the Moat calls, so these can be tested. 2. It would be possible to perform the internet test when auto-bootstrapping as well. 3. When auto-bootstrapping, if "Bootstrapping" produces an error other than a "BootstrapError", we can end it early. 4. No longer set TorConnect internals. 5. More fine-grained control over censorship simulation and offline simulation. - - - - - e5f61f87 by Henry Wilkes at 2024-11-19T19:25:08+01:00 fixup! Bug 40597: Implement TorSettings module Bug 41710: Remove StateCallback. - - - - - ae7f3218 by Henry Wilkes at 2024-11-19T19:25:09+01:00 fixup! Bug 40597: Implement TorSettings module Bug 41710: Return early from TorConnect.init if not enabled. - - - - - d8c5bca9 by Henry Wilkes at 2024-11-19T19:25:09+01:00 fixup! Bug 40597: Implement TorSettings module Bug 41710: Replace StateCallback in TorConnect. Instead of managing the abstract "State" we directly manager the user "Stage". We provide backward compatibility with the "State" for android and about:torconnect. Eventually this logic can be dropped from these endpoints and they can listen for changes in the "Stage" instead. The behaviour for about:torconnect is mostly the same as before, with some exceptions: 1. If the user sees the "Offline" state, and starts and cancels the bootstrap, they should return the to the "Offline" state, rather than "ConnectToTor". 2. Trying to start a bootstrap via the UI before the settings have loaded will do nothing. 3. Pressing a breadcrumb whilst bootstrapping will now also cancel the bootstrap. - - - - - cd38bbc8 by Henry Wilkes at 2024-11-19T19:25:10+01:00 fixup! Bug 40597: Implement TorSettings module Bug 41710: Switch TorConnect.openTorConnect to use new methods. - - - - - 85a770f8 by Henry Wilkes at 2024-11-19T19:25:10+01:00 fixup! Bug 40597: Implement TorSettings module Bug 41710: Remove unused TorConnect properties. - - - - - 4cb202b2 by Henry Wilkes at 2024-11-19T19:25:10+01:00 fixup! Bug 40597: Implement TorSettings module Bug 41710: Move viewTorLogs to TorConnectParent. - - - - - 9e53974e by Henry Wilkes at 2024-11-19T19:25:11+01:00 fixup! Bug 40597: Implement TorSettings module Bug 41710: Remove the beginBootstrap, beginAutoBootstrap, and cancelBootstrap methods. - - - - - 12a0e8c4 by Arthur Edelstein at 2024-11-19T19:25:11+01:00 Bug 3455: Add DomainIsolator, for isolating circuit by domain. Add an XPCOM component that registers a ProtocolProxyChannelFilter which sets the username/password for each web request according to url bar domain. Bug 9442: Add New Circuit button Bug 13766: Set a 10 minute circuit dirty timeout for the catch-all circ. Bug 19206: Include a 128 bit random tag as part of the domain isolator nonce. Bug 19206: Clear out the domain isolator state on `New Identity`. Bug 21201.2: Isolate by firstPartyDomain from OriginAttributes Bug 21745: Fix handling of catch-all circuit Bug 41741: Refactor the domain isolator and new circuit - - - - - d47ea9d8 by Henry Wilkes at 2024-11-19T19:25:11+01:00 Bug 41600: Add a tor circuit display panel. - - - - - 3080ad1a by Henry Wilkes at 2024-11-19T19:25:12+01:00 fixup! Bug 41600: Add a tor circuit display panel. Bug 43237: Tweak Tor circuit display panel for screen readers. - - - - - 28b9a966 by Pier Angelo Vendrame at 2024-11-19T19:25:12+01:00 Bug 42247: Android helpers for the TorProvider GeckoView is missing some API we use on desktop for the integration with the tor daemon, such as subprocess. Therefore, we need to implement them in Java and plumb the data back and forth between JS and Java. - - - - - 2ad9456f by Pier Angelo Vendrame at 2024-11-19T19:25:12+01:00 fixup! Bug 42247: Android helpers for the TorProvider Lint with android-format. - - - - - 34e48d53 by Pier Angelo Vendrame at 2024-11-19T19:25:13+01:00 fixup! Bug 42247: Android helpers for the TorProvider Bug 43232: Make the Android Meek transport easier to debug. - - - - - 50c56d7a by Pier Angelo Vendrame at 2024-11-19T19:25:13+01:00 fixup! Bug 42247: Android helpers for the TorProvider Bug 42714: Allow to optionally use a TCP listener on Android. - - - - - 0132c62e by Henry Wilkes at 2024-11-19T19:25:14+01:00 fixup! Bug 42247: Android helpers for the TorProvider Bug 41710: Switch Android to new TorConnect methods and add TODOs. - - - - - 2ba55dfe by hackademix at 2024-11-19T19:25:14+01:00 Bug 8324: Prevent DNS proxy bypasses caused by Drag&Drop Bug 41613: Skip Drang & Drop filtering for DNS-safe URLs - - - - - 644a2e72 by Matthew Finkel at 2024-11-19T19:25:14+01:00 Bug 25741: TBA: Disable GeckoNetworkManager The browser should not need information related to the network interface or network state, tor should take care of that. - - - - - 759a9a54 by Pier Angelo Vendrame at 2024-11-19T19:25:15+01:00 Bug 40807: Added QRCode.js to toolkit/modules - - - - - 137db331 by Richard Pospesel at 2024-11-19T19:25:15+01:00 Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection This patch adds a new about:preferences#connection page which allows modifying bridge, proxy, and firewall settings from within Tor Browser. All of the functionality present in tor-launcher's Network Configuration panel is present: - Setting built-in bridges - Requesting bridges from BridgeDB via moat - Using user-provided bridges - Configuring SOCKS4, SOCKS5, and HTTP/HTTPS proxies - Setting firewall ports - Viewing and Copying Tor's logs - The Networking Settings in General preferences has been removed Bug 40774: Update about:preferences page to match new UI designs - - - - - e21d0d5a by Henry Wilkes at 2024-11-19T19:25:15+01:00 fixup! Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection Bug 41710: Switch from TorConnect.state to TorConnect.stage. - - - - - 9156ef99 by Henry Wilkes at 2024-11-19T19:25:16+01:00 fixup! Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection Bug 43263: Update `spoof-button-disabled` buttons to use tabIndex=-1. Also remove aria-live="assertive" from role="alert" since it should already be implied by default. - - - - - 1d116fc3 by Richard Pospesel at 2024-11-19T19:25:16+01:00 Bug 27476: Implement about:torconnect captive portal within Tor Browser - implements new about:torconnect page as tor-launcher replacement - adds new torconnect component to browser - tor process management functionality remains implemented in tor-launcher through the TorProtocolService module - adds warning/error box to about:preferences#tor when not connected to tor Bug 40773: Update the about:torconnect frontend page to match additional UI flows. Bug 41608: Add a toolbar status button and a urlbar "Connect" button. - - - - - ebb89172 by Henry Wilkes at 2024-11-19T19:25:17+01:00 fixup! Bug 27476: Implement about:torconnect captive portal within Tor Browser Bug 42550 - Switch about:torconnect to use TorConnect.stage to control the shown stage and sync pages. Now TorConnect entirely controls which stage should be shown to the user, and "about:torconnect" simply relays the user actions up to TorConnect to handle. In particular, we stop sending out "torconnect:broadcast-user-action" to sync pages. We also show "Try Again" if the user cancels the first bootstrap attempt without an error. We also do not try and sync the selected region between pages. However all pages should still show the *actually* submitted region after a bootstrap fails. E.g. to confirm their location. We also allow the user to re-select "Automatic" when they use breadcrumbs to go back a stage. Also change gTorConnectTitlebarStatus and gTorConnectUrlbarButton to use TorConnectStage. - - - - - ac431edf by Henry Wilkes at 2024-11-19T19:25:17+01:00 fixup! Bug 27476: Implement about:torconnect captive portal within Tor Browser Bug 41710: Move viewTorLogs and openTorPreferences to TorConnectParent. - - - - - bb1358b6 by Henry Wilkes at 2024-11-19T19:25:17+01:00 fixup! Bug 27476: Implement about:torconnect captive portal within Tor Browser Bug 43294: Replace willDestroy with didDestroy. - - - - - 30f07f8d by Pier Angelo Vendrame at 2024-11-19T19:25:18+01:00 Temporary changes to about:torconnect for Android. We are planning of tempoorarily using about:torconnect on Android, until the native UX is ready. - - - - - e872eac8 by Henry Wilkes at 2024-11-19T19:25:18+01:00 fixup! Temporary changes to about:torconnect for Android. Bug 41710: Remove onSettingsRequested. TorConnect.openTorPreferences was removed. - - - - - 38c921db by Henry Wilkes at 2024-11-19T19:25:18+01:00 Bug 7494: Create local home page for TBB. Bug 41333: Update about:tor to new design. Including: + make the favicon match the branding icon. + make the location bar show a search icon. - - - - - 837a9d0e by Henry Wilkes at 2024-11-19T19:25:19+01:00 fixup! Bug 7494: Create local home page for TBB. Bug 42186: Move override page logic to about:tor commit. - - - - - 4525f10c by Henry Wilkes at 2024-11-19T19:25:19+01:00 fixup! Bug 7494: Create local home page for TBB. Bug 42802: Use :has selector to move the focus-visible styling for the search-input to its parent. No longer need to monitor the focus-visible condition using javascript. - - - - - a9fe8e98 by Pier Angelo Vendrame at 2024-11-19T19:25:20+01:00 Bug 41668: Tweaks to the Base Browser updater for Tor Browser This commit was once part of "Bug 4234: Use the Firefox Update Process for Tor Browser.". However, some parts of it were not needed for Base Browser and some derivative browsers. Therefore, we extracted from that commit the parts for Tor Browser legacy, and we add them back to the patch set with this commit. - - - - - d9b03b10 by Pier Angelo Vendrame at 2024-11-19T19:25:20+01:00 fixup! Bug 41668: Tweaks to the Base Browser updater for Tor Browser Bug 41786: Remove the add_if command we added for fontconfig. We do not need it anymore, as we had the watershed update and, in any case, we are movign the fonts.conf in tor-browser.git. - - - - - 8fd561e2 by Kathy Brade at 2024-11-19T19:25:20+01:00 Bug 12647: Support symlinks in the updater. - - - - - 19167a57 by Georg Koppen at 2024-11-19T19:25:21+01:00 Bug 32658: Create a new MAR signing key It's time for our rotation again: Move the backup key in the front position and add a new backup key. Bug 33803: Move our primary nightly MAR signing key to tor-browser Bug 33803: Add a secondary nightly MAR signing key - - - - - 4a1f12af by Pier Angelo Vendrame at 2024-11-19T19:25:21+01:00 Bug 42891: Set the bundled search engine for Tor Browser. After upstream changes between Firefox 115 and 128, we had to completely rework the way in which we define our search engines. This commit replaces the old "Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing". With that commit, we customized a list of addons IDs to ship as built-in search engines, but then upsteam moved to using only RemoteSettings. The configuration has many more fields, and it would be quite long to include it in the source code. Therefore, we use some local JSON files and load the settings from them. - - - - - 1b28170e by Alex Catarineu at 2024-11-19T19:25:21+01:00 Bug 40073: Disable remote Public Suffix List fetching In https://bugzilla.mozilla.org/show_bug.cgi?id=1563246 Firefox implemented fetching the Public Suffix List via RemoteSettings and replacing the default one at runtime, which we do not want. - - - - - a5619fe2 by Henry Wilkes at 2024-11-19T19:25:22+01:00 Bug 41906: Hide DNS over HTTPS preferences. - - - - - 6acc199d by Richard Pospesel at 2024-11-19T19:25:22+01:00 Bug 23247: Communicating security expectations for .onion Encrypting pages hosted on Onion Services with SSL/TLS is redundant (in terms of hiding content) as all traffic within the Tor network is already fully encrypted. Therefore, serving HTTP pages from an Onion Service is more or less fine. Prior to this patch, Tor Browser would mostly treat pages delivered via Onion Services as well as pages delivered in the ordinary fashion over the internet in the same way. This created some inconsistencies in behaviour and misinformation presented to the user relating to the security of pages delivered via Onion Services: - HTTP Onion Service pages did not have any 'lock' icon indicating the site was secure - HTTP Onion Service pages would be marked as unencrypted in the Page Info screen - Mixed-mode content restrictions did not apply to HTTP Onion Service pages embedding Non-Onion HTTP content This patch fixes the above issues, and also adds several new 'Onion' icons to the mix to indicate all of the various permutations of Onion Services hosted HTTP or HTTPS pages with HTTP or HTTPS content. Strings for Onion Service Page Info page are pulled from Torbutton's localization strings. - - - - - 79e77426 by Kathy Brade at 2024-11-19T19:25:22+01:00 Bug 30237: Add v3 onion services client authentication prompt When Tor informs the browser that client authentication is needed, temporarily load about:blank instead of about:neterror and prompt for the user's key. If a correctly formatted key is entered, use Tor's ONION_CLIENT_AUTH_ADD control port command to add the key (via Torbutton's control port module) and reload the page. If the user cancels the prompt, display the standard about:neterror "Unable to connect" page. This requires a small change to browser/actors/NetErrorChild.jsm to account for the fact that the docShell no longer has the failedChannel information. The failedChannel is used to extract TLS-related error info, which is not applicable in the case of a canceled .onion authentication prompt. Add a leaveOpen option to PopupNotifications.show so we can display error messages within the popup notification doorhanger without closing the prompt. Add support for onion services strings to the TorStrings module. Add support for Tor extended SOCKS errors (Tor proposal 304) to the socket transport and SOCKS layers. Improved display of all of these errors will be implemented as part of bug 30025. Also fixes bug 19757: Add a "Remember this key" checkbox to the client auth prompt. Add an "Onion Services Authentication" section within the about:preferences "Privacy & Security section" to allow viewing and removal of v3 onion client auth keys that have been stored on disk. Also fixes bug 19251: use enhanced error pages for onion service errors. - - - - - cf217cfb by Henry Wilkes at 2024-11-19T19:25:23+01:00 fixup! Bug 30237: Add v3 onion services client authentication prompt Bug 43262: The deleteAll command was attached to the wrong button. - - - - - 3dd52d87 by Henry Wilkes at 2024-11-19T19:25:25+01:00 fixup! Bug 30237: Add v3 onion services client authentication prompt Bug 43263: Add some alert semantics for onion site keys. Also use `spoof-button-disabled` to better manage focus for temporarily disabled buttons. - - - - - f3968986 by Alex Catarineu at 2024-11-19T19:25:25+01:00 Bug 21952: Implement Onion-Location Whenever a valid Onion-Location HTTP header (or corresponding HTML <meta> http-equiv attribute) is found in a document load, we either redirect to it (if the user opted-in via preference) or notify the presence of an onionsite alternative with a badge in the urlbar. - - - - - 26c82672 by Pier Angelo Vendrame at 2024-11-19T19:25:26+01:00 Bug 40458: Implement .tor.onion aliases We have enabled HTTPS-Only mode, therefore we do not need HTTPS-Everywhere anymore. However, we want to keep supporting .tor.onion aliases (especially for securedrop). Therefore, in this patch we implemented the parsing of HTTPS-Everywhere rulesets, and the redirect of .tor.onion domains. Actually, Tor Browser believes they are actual domains. We change them on the fly on the SOCKS proxy requests to resolve the domain, and on the code that verifies HTTPS certificates. - - - - - dafaa47c by Henry Wilkes at 2024-11-19T19:25:26+01:00 fixup! Bug 40458: Implement .tor.onion aliases Bug 43294: Replace willDestroy with didDestroy. - - - - - ac6afb69 by Pier Angelo Vendrame at 2024-11-19T19:25:26+01:00 Bug 11698: Incorporate Tor Browser Manual pages into Tor Browser This patch associates the about:manual page to a translated page that must be injected to browser/omni.ja after the build. The content must be placed in chrome/browser/content/browser/manual/, so that is then available at chrome://browser/content/manual/. We preferred giving absolute freedom to the web team, rather than having to change the patch in case of changes on the documentation. - - - - - d604b69c by Pier Angelo Vendrame at 2024-11-19T19:25:27+01:00 Bug 41435: Add a Tor Browser migration function For now this function only deletes old language packs for which we are already packaging the strings with the application. - - - - - 9cb0fe68 by Henry Wilkes at 2024-11-19T19:25:27+01:00 Bug 42110: Add TorUIUtils module for common tor component methods. - - - - - f0b6b513 by Dan Ballard at 2024-11-19T19:25:27+01:00 Bug 40701: Add security warning when downloading a file Shown in the downloads panel, about:downloads and places.xhtml. - - - - - 1378ba21 by Henry Wilkes at 2024-11-19T19:25:28+01:00 Bug 41736: Customize toolbar for tor-browser. - - - - - d6d44efa by hackademix at 2024-11-19T19:25:28+01:00 Bug 41728: Pin bridges.torproject.org domains to Let's Encrypt's root cert public key - - - - - 1a129356 by Henry Wilkes at 2024-11-19T19:25:29+01:00 Customize moz-toggle for tor-browser. - - - - - 648741db by Richard Pospesel at 2024-11-19T19:25:29+01:00 Bug 41822: Unconditionally disable default browser UX in about:preferences - - - - - dab2cff8 by Cecylia Bocovich at 2024-11-19T19:25:29+01:00 Temporary commit: manually place generated wasm files These files are built reproducibly using tor-browser-build: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_re… We're manually adding them here while working on the interface, but eventually these should be placed in the right location using tor-browser-build. - - - - - 3b96a00e by Matthew Finkel at 2024-11-19T19:25:30+01:00 Bug 40005: [android] Modify Default toolbar menu - - - - - 92a536dc by Alex Catarineu at 2024-11-19T19:25:30+01:00 Bug 40007: [android] Port external helper app prompting Together with the corresponding fenix patch, this allows all `startActivity` that may open external apps to be replaced by `TorUtils.startActivityPrompt`. - - - - - c0680823 by Alex Catarineu at 2024-11-19T19:25:30+01:00 Bug 40002: [android] Ensure system download manager is not used Bug 40075: Support scoped storage to enable downloads on API < 29 - in android-components!7, we blocked all usage of Scoped Storage in an attempt to block usage of Android's DownloadManager, which is known to cause proxy bypasses - as of Android API 29, downloads will not work without Scoped Storage, causing all downlaods to fail (see: fenix##40192) - here, we enable usage of scoped storage for API >= 29, but block calls to DownloadManager on API < 29 - - - - - 698e8993 by Alex Catarineu at 2024-11-19T19:25:31+01:00 Bug 40009: [android] Change the default search engines This matches the search engines from desktop, that is: DDG as the default, then YouTube, Google, DDGOnion, Startpage, Twitter, Wikipedia and Yahoo. Bug 40062: Update DuckDuckGo onion search plugin - - - - - 59ab2485 by Alex Catarineu at 2024-11-19T19:25:31+01:00 [android] Modify Addon support Bug 40011: Hide option for disallowing addons in private mode Bug 40016: Allow inheriting from AddonCollectionProvider This will allow implementing our own AddonsProvider in fenix. - - - - - e1f246d3 by Georg Koppen at 2024-11-19T19:25:31+01:00 Bug 40013: [android] Add option do overwrite timestamp in extension version - - - - - aa557897 by Alex Catarineu at 2024-11-19T19:25:32+01:00 Bug 40015: [android] Port padlock states for .onion services - - - - - ead1c835 by Matthew Finkel at 2024-11-19T19:25:32+01:00 [android] Modify Tracking Protection configuration Bug 40020: Disable third-party cookies Bug 40024: Disable tracking protection by default - - - - - d419843f by Matthew Finkel at 2024-11-19T19:25:33+01:00 Bug 40023: [android] Stop PrivateNotificationService - - - - - d58d68c3 by Matthew Finkel at 2024-11-19T19:25:33+01:00 [android] Add support for new GeckoView interfaces Bug 40006: Expose Security Level interface Bug 40019: Expose spoofEnglish pref Bug 34439: Isolate Icon loader on Android Bug 41394: Expose privacy.prioritizeonions.enabled to Android. - - - - - 83bb585e by Matthew Finkel at 2024-11-19T19:25:33+01:00 [android] Disable features and functionality Bug 33594: Disable data collection by default (Glean) Bug 40019: Adjust is disabled on Release when data collection is disabled Bug 34338: Disable the crash reporter Bug 40014: Neuter Google Advertising ID Bug 40018: Disable Push service Bug 40034: Disable PWA onboading Bug 40072: Disable Tracking Protection Bug 40061: Do not show "Send to device" in sharing menu Bug 40109: Reduce requested permissions Exclude LOCATION and NETWORK_STATE - - - - - 420face4 by Matthew Finkel at 2024-11-19T19:25:34+01:00 [android] Rename as Tor Browser Bug 40020: Change applicationId Bug 40020: Change app name Bug 40020: Change deeplink scheme Bug 40020: Change App icons Bug 40073: Use correct branding on About page Bug 40088: Use Tor Browser logo in migration screen - - - - - 949a5eaa by Georg Koppen at 2024-11-19T19:25:34+01:00 [android] Modify build system Bug 40083: Make locale ordering in BuildConfig deterministic Bug 40042: Add option do overwrite timestamp in extension version Bug 40059: Use MOZ_BUILD_DATE for versionCode At the same time we adapt MOZ_BUILD_DATE to our needs where it is actually used and not in tor-browser-build. This gives us more flexibility. See: tor-browser-build#40084. Bug 40067: Fix reproducibility issue in classes2.dex We make sure our MOZ_BUILD_DATE gets used as a source for showing date related information on the Fenix about page. Bug 40071: Show only supported locales Bug 40064: Use Gecko Beta for Nightly and Debug variants Bug 40123: Allow building the instrumented tests apks for variants other than debug This allows to specify the variant of the instrumented tests via a `testBuildType` gradle argument. It also applies a workaround for a R8 issue from https://issuetracker.google.com/issues/140851070. Bug 40143: Use deterministic date in Test apk The build config was using Date() when generating the Test apk's versionName. - - - - - 86e1d0b2 by Matthew Finkel at 2024-11-19T19:25:35+01:00 Bug 40185: [android] Use NimbusDisabled - - - - - b83d8404 by Matthew Finkel at 2024-11-19T19:25:35+01:00 [android] Add Tor integration and UI Bug 40001: Start Tor as part of the Fenix initialization Bug 40028: Implement Tor Service controller Bug 40028: Integrate Tor Controller into HomeFragment Bug 40028: Implement Tor connect and logger screens Bug 40028: Implement Tor Onboarding Bug 40028: Implement new home screen Bug 40028: Define bootstrapping events and Quick Start Bug 40041: Implement Tor Network Settings Bug 40041: Integrate Tor Network Settings Bug 40179: Show Snowflake bridge option on Release Bug 40176: Re-render Home fragment on resume Bug 41394: Implement a setting to always prioritize Onion sites. - - - - - 28ed7415 by Henry Wilkes at 2024-11-19T19:25:35+01:00 fixup! [android] Add Tor integration and UI Bug 41710: Remove onSettingsRequested. - - - - - 666815bd by Henry Wilkes at 2024-11-19T19:25:36+01:00 fixup! [android] Add Tor integration and UI Bug 41710: Fix onBootstrapProgress for new TorConnect. The bootstrap progress signal is now released every time the stage changes. - - - - - 10d069b4 by Alex Catarineu at 2024-11-19T19:25:36+01:00 [android] Modify UI/UX Bug 40015: Modify Home menu Bug 40016: Hide unwanted Settings Bug 40016: Modify Default toolbar menu Bug 40016: Add Donate settings button Bug 40016: Move Allow Screenshots under Advanced Bug 40016: Don't install WebCompat webext Bug 40016: Don't onboard Search Suggestions Bug 40094: Do not use MasterPasswordTipProvider in HomeFragment Bug 40095: Hide "Sign in to sync" in bookmarks Bug 40031: Hide Mozilla-specific items on About page Bug 40032: Set usesCleartextTraffic as false Bug 40063: Do not sort search engines alphabetically Bug 34378: Port external helper app prompting With the corresponding android-components patch, this allows all `startActivity` that may open external apps to be replaced by `TorUtils.startActivityPrompt`. Bug 34403: Disable Normal mode by default Bug 40087: Implement a switch for english locale spoofing Bug 40144: Hide Download Manager Bug 40141: Hide EME site permission Bug 40166: Hide "Normal" tab (again) and Sync tab in TabTray Bug 40167: Hide "Save to Collection" in menu Bug 40172: Find the Quit button Bug 40186: Hide Credit Cards in Settings Bug 40198: Spoof English toggle now overlaps with locale list - - - - - 43f8f6e6 by cypherpunks1 at 2024-11-19T19:25:36+01:00 fixup! [android] Modify UI/UX Bug 43241: Improve hiding non-private tab features on Android - - - - - 1bfc86e0 by cypherpunks1 at 2024-11-19T19:25:37+01:00 fixup! [android] Modify UI/UX Bug 43251: Enable tab suggestions and autocomplete for private tabs on Android - - - - - dc60c66d by hackademix at 2024-11-19T19:25:37+01:00 [android] Modify add-on support Bug 41160: One-time ultimate switch Tor Browser Android to HTTPS-Only. Bug 41159: Remove HTTPS-Everywhere extension from Tor Browser Android. Bug 41094: Enable HTTPS-Only Mode by default in Tor Browser Android. Turn shouldUseHttpsOnly's default to true. Bug 40225: Bundled extensions don't get updated with Android Tor Browser updates. Bug 40030: Install NoScript addon on startup. Also 40070: Consider storing the list of recommended addons This implements our own AddonsProvider, which loads the list of available addons from assets instead of fetching it from an endpoint. Also, we hide the uninstall button for builtin addons. Bug 40058: Hide option for disallowing addon in private mode - - - - - 95bc1441 by Dan Ballard at 2024-11-19T19:25:37+01:00 [android] Add Security Level UI Bug 40026: Implement Security Level settings Bug 40026: Integrate Security Level settings - - - - - 23ca18d2 by Dan Ballard at 2024-11-19T19:25:38+01:00 Bug 41972: [android] Disable mozilla onboarding - - - - - afb8540e by Dan Ballard at 2024-11-19T19:25:38+01:00 Bug 41878: [android] Add standalone Tor Bootstrap - - - - - 968c7231 by clairehurst at 2024-11-19T19:25:39+01:00 Bug 42089: [android] Remove ability to submit site support requests - - - - - 54a1e672 by clairehurst at 2024-11-19T19:25:39+01:00 [android] fixup! Modify UI/UX and Remove ability to submit site support requests - - - - - d1c759a1 by clairehurst at 2024-11-19T19:25:41+01:00 [android] Enable the connect assist experiments on alpha - - - - - d32f90c5 by Henry Wilkes at 2024-11-19T19:25:41+01:00 fixup! [android] Enable the connect assist experiments on alpha Bug 41710: Remove onSettingsRequested. - - - - - 9511236e by hackademix at 2024-11-19T19:25:41+01:00 Bug 42191: [android] Temporary StrictMode relaxation to clear the thumbnail cache. - - - - - 6e092339 by clairehurst at 2024-11-19T19:25:42+01:00 [android] Delete unused media - - - - - b3dd0f98 by clairehurst at 2024-11-19T19:25:42+01:00 Bug 42195: [android] Fix "Whats new URL" - - - - - 78f7257f by clairehurst at 2024-11-19T19:25:43+01:00 [android] Implement Android-native Connection Assist UI - - - - - 7583c3e7 by Pier Angelo Vendrame at 2024-11-19T19:25:43+01:00 Bug 42652: [android] Pass the list of supported languages to GeckoView. It will be used to prevent leaks about regional preferences. - - - - - 0aac2934 by Dan Ballard at 2024-11-19T19:25:43+01:00 Bug 42660: Disable ProxySelector.openConnectionWithProxy and NOPify CrashReporter.sendCrashReport - - - - - 5af953cb by Dan Ballard at 2024-11-19T19:25:44+01:00 Bug 43006: Disable RFP for Font Visibility on Android - - - - - 31d3d5e6 by Henry Wilkes at 2024-11-19T19:25:44+01:00 Bug 43098: Year End Campaign 2024. Implements YEC 2024 for about:tor. - - - - - 245cd26b by clairehurst at 2024-11-19T19:25:44+01:00 Bug 43099: 2024 YEC - - - - - 30 changed files: - .eslintignore - .gitignore - + .gitlab-ci.yml - + .gitlab/ci/containers/base/Containerfile - + .gitlab/ci/lint.yml - + .gitlab/ci/scripts/helpers.py - + .gitlab/ci/update-containers.yml - + .gitlab/ci/update-translations.yml - + .gitlab/issue_templates/Backport Android Security Fixes.md - + .gitlab/issue_templates/Emergency Security Issue.md - + .gitlab/issue_templates/QA - Android.md - + .gitlab/issue_templates/QA - Desktop.md - + .gitlab/issue_templates/Rebase Browser - Alpha.md - + .gitlab/issue_templates/Rebase Browser - Stable.md - + .gitlab/issue_templates/bug.md - + .gitlab/merge_request_templates/default.md - .prettierignore - + README.md - − README.txt - + browser/actors/CryptoSafetyChild.sys.mjs - + browser/actors/CryptoSafetyParent.sys.mjs - − browser/actors/RFPHelperChild.sys.mjs - − browser/actors/RFPHelperParent.sys.mjs - browser/actors/moz.build - browser/app/Makefile.in - browser/app/macbuild/Contents/Info.plist.in - browser/app/macbuild/Contents/MacOS-files.in - browser/app/moz.build - browser/app/permissions - + browser/app/profile/000-tor-browser.js The diff was not included because it is too large. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/0fd07c… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/0fd07c… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser] Pushed new branch mullvad-browser-128.5.0esr-14.0-1
by Pier Angelo Vendrame (＠pierov) 19 Nov '24

19 Nov '24

Pier Angelo Vendrame pushed new branch mullvad-browser-128.5.0esr-14.0-1 at The Tor Project / Applications / Mullvad Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/mullv… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser] Pushed new tag base-browser-128.5.0esr-14.0-1-build1
by Pier Angelo Vendrame (＠pierov) 19 Nov '24

19 Nov '24

Pier Angelo Vendrame pushed new tag base-browser-128.5.0esr-14.0-1-build1 at The Tor Project / Applications / Mullvad Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/base-… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag base-browser-128.5.0esr-14.0-1-build1
by Pier Angelo Vendrame (＠pierov) 19 Nov '24

19 Nov '24

Pier Angelo Vendrame pushed new tag base-browser-128.5.0esr-14.0-1-build1 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/base-brow… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new branch base-browser-128.5.0esr-14.0-1
by Pier Angelo Vendrame (＠pierov) 19 Nov '24

19 Nov '24

Pier Angelo Vendrame pushed new branch base-browser-128.5.0esr-14.0-1 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/base-brow… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag tor-browser-128.5.0esr-14.0-1-build1
by Pier Angelo Vendrame (＠pierov) 19 Nov '24

19 Nov '24

Pier Angelo Vendrame pushed new tag tor-browser-128.5.0esr-14.0-1-build1 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.5.0esr-14.0-1] 220 commits: Bug 1436226: Ignore user prefs and hardware support for media capabilities...
by morgan (＠morgan) 19 Nov '24

19 Nov '24

morgan pushed to branch tor-browser-128.5.0esr-14.0-1 at The Tor Project / Applications / Tor Browser Commits: d97645c6 by Fatih at 2024-11-19T17:01:35+01:00 Bug 1436226: Ignore user prefs and hardware support for media capabilities when RFPTarget::MediaCapabilities is enabled. r=tjr,media-playback-reviewers,padenot This patch mostly targeted Android, as media.mediasource.vp9.enabled is disabled on only Android and HW support takes precedence over pref, hence leaking HW support for VP9. However, we ended up modifying the patch to ignore prefs or HW support, fixing both possible user pref leak and HW support leak. Differential Revision: https://phabricator.services.mozilla.com/D221338 - - - - - 6fa32f5e by stransky at 2024-11-19T17:01:36+01:00 Bug 1501744 [Linux] Fill PointerEvents on the Gtk backend r=emilio Patch author is tpxp <tpxp(a)live.fr> Differential Revision: https://phabricator.services.mozilla.com/D215201 - - - - - 1c8857ea by Fatih at 2024-11-19T17:01:36+01:00 Bug 1607032: Spoof screen orientation and angle to primary values. r=tjr,geckoview-reviewers,owlish Differential Revision: https://phabricator.services.mozilla.com/D220904 - - - - - 9d829454 by Henry Wilkes at 2024-11-19T17:01:37+01:00 Bug 1436462 - Use "Open in new private window" for bookmarks when in PBM. r=places-reviewers,mak This makes the bookmark menu consistent with the "File" and context menu when using private browsing mode. We also share the same hide item logic for these "open" items in one place in PlacesUIUtils so that they can be shared between the two consumers (regular bookmarks and managed bookmarks). This ensures that the "Open in container" item if hidden for managed bookmarks in a private window. Differential Revision: https://phabricator.services.mozilla.com/D220120 - - - - - ee0a03b6 by Fatih at 2024-11-19T17:01:37+01:00 Bug 1834307: Change StaticPrefs::general_smoothScroll() calls with nsLayoutUtils::IsSmoothScrollingEnabled. r=tjr Differential Revision: https://phabricator.services.mozilla.com/D221363 - - - - - b1564c92 by Fatih at 2024-11-19T17:01:37+01:00 Bug 1834307: Check RFPTarget::CSSPrefersReducedMotion in nsLayoutUtils::IsSmoothScrollingEnabled. r=tjr Differential Revision: https://phabricator.services.mozilla.com/D221364 - - - - - 1d366f56 by Roger Yang at 2024-11-19T17:01:38+01:00 Bug 1862537 - Do not try to go back when it's a initial load r=android-reviewers,harrisono, a=pascalc Differential Revision: https://phabricator.services.mozilla.com/D219782 - - - - - e7e38e1d by Timothy Nikkel at 2024-11-19T17:01:38+01:00 Bug 1899180. If a channel is not nsIPrivateBrowsingChannel and has no load context, use the private browsing field from it's origin attributes. r=necko-reviewers,anti-tracking-reviewers,valentin If the channel is not a nsIPrivateBrowsingChannel, and it also has no load context (eg inside svg images) then we will over write a non-zero mPrivateBrowsingId on the OriginAttributes of the channel with 0, making NS_UsePrivateBrowsing return false for the channel. Differential Revision: https://phabricator.services.mozilla.com/D212083 - - - - - 4e8f40f3 by pollymce at 2024-11-19T17:01:39+01:00 Bug 1902996 - Improve messaging for fullscreen notifications. r=android-reviewers,gl Instead of explaining to users that they are in fullscreen mode, which may be obvious, we explain how to get out of it :) Also use a Toast rather than a custom Dialog. Update Focus too. Fix lint errors. Differential Revision: https://phabricator.services.mozilla.com/D215782 - - - - - f008c37f by Jon Coppeard at 2024-11-19T17:01:39+01:00 Bug 1904011 - Ignore finalized scripts when iterating code covarage tables r=iain Differential Revision: https://phabricator.services.mozilla.com/D214799 - - - - - 50394a00 by rahulsainani at 2024-11-19T17:01:39+01:00 Bug 1906024 - Format download file names better a=diannaS Original Revision: https://phabricator.services.mozilla.com/D220559 Differential Revision: https://phabricator.services.mozilla.com/D222254 - - - - - 3b8e50de by rahulsainani at 2024-11-19T17:01:40+01:00 Bug 1906024 - Format download file names a=diannaS Original Revision: https://phabricator.services.mozilla.com/D221771 Differential Revision: https://phabricator.services.mozilla.com/D222259 - - - - - f28f2dd1 by Arturo Mejia at 2024-11-19T17:01:40+01:00 Bug 1908344 - Improve prompts showing a=dmeehan - BP, tor-browser#43005 Original Revision: https://phabricator.services.mozilla.com/D216996 Differential Revision: https://phabricator.services.mozilla.com/D217718 - - - - - 3c850695 by Sam Foster at 2024-11-19T17:01:40+01:00 Bug 1909099 - Always clean up old session restore and sync log files. r=markh,sessionstore-reviewers,dao Differential Revision: https://phabricator.services.mozilla.com/D217520 - - - - - cc6f3043 by Nika Layzell at 2024-11-19T17:01:41+01:00 Bug 1911745 - Unify BrowsingContext flag coherency checks, r=mccr8 Previously these checks were largely diagnostic tools for finding bugs in other code as it evolves. This unifies the checks a bit more and makes them stronger for BrowsingContexts created over IPC, providing a place for more coherency checks to be added in the future. Differential Revision: https://phabricator.services.mozilla.com/D218860 - - - - - 189fd31f by Pier Angelo Vendrame at 2024-11-19T17:01:41+01:00 Bug 1918009 - Fix the RFP-spoofed User-Agent header. r=tjr The spoofed value of the HTTP user-agent header is not consistent with the value of navigator.userAgent on Windows, and this can lead to compatibility issues. Differential Revision: https://phabricator.services.mozilla.com/D223745 - - - - - 9ea7b35e by Fatih at 2024-11-19T17:01:41+01:00 Bug 1918202: Spoof orientation based on screen size. r=tjr Differential Revision: https://phabricator.services.mozilla.com/D221863 - - - - - 60c9accc by Henry Wilkes at 2024-11-19T17:01:42+01:00 Bug 1919363 - Only show one app menu "new window" item in permanent private browsing. r=mconley We also update the browser_private_browsing_window.js test. The previous test was limited because it was referring to non-existent "appmenu_newNavigator" and "appmenu_newPrivateWindow". Differential Revision: https://phabricator.services.mozilla.com/D222507 - - - - - ec7ec65c by Fatih at 2024-11-19T17:01:42+01:00 Bug 1922204: fixup square spoofed orientation. r=tjr Differential Revision: https://phabricator.services.mozilla.com/D224312 - - - - - 55f8b545 by Pier Angelo Vendrame at 2024-11-19T17:01:42+01:00 Bug 1923264 - Discard unsupported updates in selectUpdate. r=bytesized,nalexander UpdateService.#selectUpdate currently chooses always the most recent update even when unsupported and an older but supported one is available. This commit makes #selectUpdate discard the unsupported update if a supported alternative is found. Differential Revision: https://phabricator.services.mozilla.com/D224905 - - - - - 92427d7f by Henry Wilkes at 2024-11-19T17:01:43+01:00 Bug 41454: Move focus after calling openPreferences for a sub-category. Temporary fix until mozilla bug 1799153 gets a patch upstream. - - - - - 1a9cde39 by Henry Wilkes at 2024-11-19T17:01:43+01:00 Bug 43072: Add aria label and description to moz-message-bar. Ensures that moz-message-bar, including notifications, are announced on Orca. This addresses upstream bugzilla bug 1895857 and should likely be replaced when it is fixed. - - - - - 5c618de1 by hackademix at 2024-11-19T17:01:43+01:00 Bug 42194: Fix blank net error page on failed DNS resolution with active proxy. - - - - - 7edd8863 by Henry Wilkes at 2024-11-19T17:01:44+01:00 Bug 41483: Remove the firefox override for appstrings.properties Remove this patch after upstream bugzilla bug 1790187 - - - - - 7b928e40 by hackademix at 2024-11-19T17:01:44+01:00 Bug 43101: Deep link to the startup security warning explanation. - - - - - 980ef71c by Marco Simonelli at 2024-11-19T17:01:45+01:00 Bug 41459: WebRTC fails to build under mingw (Part 1) - properly define NOMINMAX for just MSVC builds - - - - - a6e8f504 by Marco Simonelli at 2024-11-19T17:01:45+01:00 Bug 41459: WebRTC fails to build under mingw (Part 2) - fixes required to build third_party/libwebrtc - - - - - e7187bc9 by Marco Simonelli at 2024-11-19T17:01:45+01:00 Bug 41459: WebRTC fails to build under mingw (Part 3) - fixes required to build third_party/sipcc - - - - - 64814f7f by Marco Simonelli at 2024-11-19T17:01:46+01:00 Bug 41459: WebRTC fails to build under mingw (Part 4) - fixes requried to build netwerk/sctp - - - - - 87997771 by Marco Simonelli at 2024-11-19T17:01:46+01:00 Bug 41459: WebRTC fails to build under mingw (Part 5) - fixes required to build dom/media/webrtc - - - - - a99157ee by Marco Simonelli at 2024-11-19T17:01:46+01:00 Bug 41459: WebRTC fails to build under mingw (Part 6) - fixes required to build dom/media/systemservices - - - - - b8d26f87 by june wilde at 2024-11-19T17:01:47+01:00 Bug 42758: Fix WebRTC build errors. - - - - - 3604e8ef by hackademix at 2024-11-19T17:01:47+01:00 Bug 41854: Allow overriding download spam protection. - - - - - 577827ec by hackademix at 2024-11-19T17:01:47+01:00 Bug 42832: Download spam prevention exemption for browser extensions. - - - - - 3f208ebb by Pier Angelo Vendrame at 2024-11-19T17:01:48+01:00 Bug 42220: Allow for more file types to be forced-inline. Firefox allows to open some files in the browser without any confirmation, but this will result in a disk leak, because the file will be downloaded to the temporary directory first (and not deleted, in some cases). A preference allows PDFs to be opened without being downloaded to disk. So, we introduce a similar one to do the same for all the files that are set to be opened automatically in the browser. - - - - - d4defa68 by hackademix at 2024-11-19T17:01:48+01:00 Bug 42835: Create an actor to filter file data transfers - - - - - 06fb35ed by Beatriz Rizental at 2024-11-19T17:01:48+01:00 Bug 42728: Modify ./mach lint to skip unused linters - - - - - 5d194eaf by Gaba at 2024-11-19T17:01:49+01:00 Adding issue and merge request templates - - - - - 95ca9e3e by Richard Pospesel at 2024-11-19T17:01:49+01:00 Bug 42683: Create script to generate issue triage csv file from bugzilla query and git logs - - - - - d1e539e9 by Beatriz Rizental at 2024-11-19T17:01:49+01:00 Add CI for Base Browser - - - - - 10e9c00d by Beatriz Rizental at 2024-11-19T17:01:50+01:00 fixup! Add CI for Base Browser Always use tor-browser repository as base for CI clones. This is fine, because both tor-browser and mullvad-browser repositories share most of their history. - - - - - c8982950 by Beatriz Rizental at 2024-11-19T17:01:50+01:00 fixup! Add CI for Base Browser - - - - - 7d23ea3a by Pier Angelo Vendrame at 2024-11-19T17:01:53+01:00 Base Browser's .mozconfigs. Bug 17858: Cannot create incremental MARs for hardened builds. Define HOST_CFLAGS, etc. to avoid compiling programs such as mbsdiff (which is part of mar-tools and is not distributed to end-users) with ASan. Bug 21849: Don't allow SSL key logging. Bug 25741 - TBA: Disable features at compile-time Define MOZ_ANDROID_NETWORK_STATE and MOZ_ANDROID_LOCATION Bug 27623 - Export MOZILLA_OFFICIAL during desktop builds This fixes a problem where some preferences had the wrong default value. Also see bug 27472 where we made a similar fix for Android. Bug 29859: Disable HLS support for now Bug 30463: Explicitly disable MOZ_TELEMETRY_REPORTING Bug 32493: Disable MOZ_SERVICES_HEALTHREPORT Bug 33734: Set MOZ_NORMANDY to False Bug 33851: Omit Parental Controls. Bug 40252: Add --enable-rust-simd to our tor-browser mozconfig files Bug 41584: Move some configuration options to base-browser level - - - - - c2ad33e0 by Pier Angelo Vendrame at 2024-11-19T17:01:53+01:00 Tweaks to the build system Bug 40857: Modified the fat .aar creation file This is a workaround to build fat .aars with the compiling enviornment disabled. Mozilla does not use a similar configuration, but either runs a Firefox build and discards its output, or uses artifacts build. We might switch to artifact builds too, and drop this patch, or write a better one to upstream. But until then we need this patch. See also https://bugzilla.mozilla.org/show_bug.cgi?id=1763770. Bug 41458: Prevent `mach package-multi-locale` from actually creating a package macOS builds need some files to be moved around with ./mach package-multi-locale to create multi-locale packages. The required command isn't exposed through any other mach command. So, we patch package-multi-locale both to prevent it from failing when doing official builds and to detect any future changes on it. - - - - - a7a32656 by Pier Angelo Vendrame at 2024-11-19T17:01:53+01:00 Bug 29320: Replace the gnu target with gnullvm for Rust. - - - - - e0926465 by Pier Angelo Vendrame at 2024-11-19T17:01:54+01:00 Bug 42616: Remove VideoCaptureTest.kt. This is a workaround to fix the GeckoView build with WebRTC disabled. We should replace this workaround with a proper solution, that excludes this test when MOZ_WEBRTC is undefined/False. - - - - - d7e637c0 by Pier Angelo Vendrame at 2024-11-19T17:01:54+01:00 Bug 41108: Remove privileged macOS installation from 102 - - - - - 20006d90 by Dan Ballard at 2024-11-19T17:01:54+01:00 Bug 41149: Re-enable DLL injection protection in all builds not just nightlies - - - - - bc529c2f by Henry Wilkes at 2024-11-19T17:01:55+01:00 Bug 43092: Disable wayland by default in Base Browser. - - - - - f03452de by Matthew Finkel at 2024-11-19T17:01:55+01:00 Bug 24796: Comment out excess permissions from GeckoView The GeckoView AndroidManifest.xml is not preprocessed unlike Fennec's manifest, so we can't use the ifdef preprocessor guards around the permissions we do not want. Commenting the permissions is the next-best-thing. - - - - - 00e6970b by Matthew Finkel at 2024-11-19T17:01:55+01:00 Bug 28125: Prevent non-Necko network connections - - - - - 3d6c510a by Mike Perry at 2024-11-19T17:01:56+01:00 Bug 12974: Disable NTLM and Negotiate HTTP Auth The Mozilla bugs: https://bugzilla.mozilla.org/show_bug.cgi?id=1046421, https://bugzilla.mozilla.org/show_bug.cgi?id=1261591, tor-browser#27602 - - - - - debe601a by cypherpunks1 at 2024-11-19T17:01:56+01:00 Bug 40717: Hide Windows SSO in settings - - - - - 81f70b53 by Georg Koppen at 2024-11-19T17:01:56+01:00 Bug 16285: Exclude ClearKey system for now In the past the ClearKey system had not been compiled when specifying --disable-eme. But that changed and it is even bundled nowadays (see: Mozilla's bug 1300654). We don't want to ship it right now as the use case for it is not really visible while the code had security vulnerabilities in the past. - - - - - 0512e72b by Kathy Brade at 2024-11-19T17:01:57+01:00 Bug 21431: Clean-up system extensions shipped in Firefox Only ship the pdfjs extension. - - - - - be92e636 by Henry Wilkes at 2024-11-19T17:01:57+01:00 Bug 42831: Remove the shopping components. - - - - - 757c08d9 by Kathy Brade at 2024-11-19T17:01:57+01:00 Bug 33852: Clean up about:logins (LockWise) to avoid mentioning sync, etc. Hide elements on about:logins that mention sync, "Firefox LockWise", and Mozilla's LockWise mobile apps. Disable the "Create New Login" button when security.nocertdb is true. - - - - - f965aa26 by Alex Catarineu at 2024-11-19T17:01:58+01:00 Bug 41457: Remove Mozilla permissions Bug 40025: Remove Mozilla add-on install permissions - - - - - 64b5b515 by Kathy Brade at 2024-11-19T17:01:58+01:00 Bug 40002: Remove about:ion Firefox Ion (previously Firefox Pioneer) is an opt-in program in which people volunteer to participate in studies that collect detailed, sensitive data about how they use their browser. Bug 41662: Disable about:sync-logs Even though we disable sync by default with `identity.fxaccounts.enabled`, this about: page is still avilable. We could throw an exception on the constructor of the related component, but it would result only in an error in the console, without a visible "this address does not look right" error page. If we fix the issues with MOZ_SERVICES_SYNC, we can restore the component. - - - - - 6ef1b78c by Morgan at 2024-11-19T17:01:59+01:00 Bug 42716: Disable unwanted about: pages - - - - - 90466f4f by Arthur Edelstein at 2024-11-19T17:01:59+01:00 Bug 26353: Prevent speculative connect that violated FPI. Connections were observed in the catch-all circuit when the user entered an https or http URL in the URL bar, or typed a search term. - - - - - 4c8df5ce by Alex Catarineu at 2024-11-19T17:01:59+01:00 Bug 31740: Remove some unnecessary RemoteSettings instances More concretely, SearchService.jsm 'hijack-blocklists' and url-classifier-skip-urls. Avoid creating instance for 'anti-tracking-url-decoration'. If prefs are disabling their usage, avoid creating instances for 'cert-revocations' and 'intermediates'. Do not ship JSON dumps for collections we do not expect to need. For the ones in the 'main' bucket, this prevents them from being synced unnecessarily (the code in remote-settings does so for collections in the main bucket for which a dump or local data exists). For the collections in the other buckets, we just save some size by not shipping their dumps. We also clear the collections database on the v2 -> v3 migration. - - - - - 9d03b691 by cypherpunks1 at 2024-11-19T17:02:00+01:00 Bug 41092: Add a RemoteSettings JSON dump for query-stripping - - - - - 212bc8d6 by cypherpunks1 at 2024-11-19T17:02:00+01:00 Bug 42730: Patch RemoteSettings to use only local dumps as a data source - - - - - d107b4f5 by Pier Angelo Vendrame at 2024-11-19T17:02:00+01:00 Bug 41635: Disable the Normandy component Do not include Normandy at all whenever MOZ_NORMANDY is False. - - - - - fcc611f4 by Georg Koppen at 2024-11-19T17:02:01+01:00 Bug 30541: Disable WebGL readPixel() for web content Related Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1428034 - - - - - 9e697423 by Alex Catarineu at 2024-11-19T17:02:01+01:00 Bug 28369: Stop shipping pingsender executable - - - - - d899f49f by Henry Wilkes at 2024-11-19T17:02:01+01:00 Bug 42630: Disable LaterRun module. - - - - - 7e7e2e25 by Pier Angelo Vendrame at 2024-11-19T17:02:02+01:00 Bug 41599: Always return an empty string as network ID Firefox computes an internal network ID used to detect network changes and act consequently (e.g., to improve WebSocket UX). However, there are a few ways to get this internal network ID, so we patch them out, to be sure any new code will not be able to use them and possibly link users. We also sent a patch to Mozilla to seed the internal network ID, to prevent any accidental leak in the future. Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1817756 - - - - - 6b85e74f by Pier Angelo Vendrame at 2024-11-19T17:02:02+01:00 Bug 42647: Make OS HTTP User-Agent OS spoofing configurable by pref This commits makes it possible to disable OS spoofing in the HTTP User-Agent header, to see if matching header and JS property improve usability. - - - - - b0887e1d by Richard Pospesel at 2024-11-19T17:02:02+01:00 Bug 41327: Disable UrlbarProviderInterventions - - - - - 182f0cd9 by Richard Pospesel at 2024-11-19T17:02:03+01:00 Bug 42037: Disable about:firefoxview page - - - - - 5e6217c9 by Mike Perry at 2024-11-19T17:02:03+01:00 Firefox preference overrides. This hack directly includes our preference changes in omni.ja. Bug 18292: Staged updates fail on Windows Temporarily disable staged updates on Windows. Bug 18297: Use separate Noto JP,KR,SC,TC fonts Bug 23404: Add Noto Sans Buginese to the macOS whitelist Bug 23745: Set dom.indexedDB.enabled = true Bug 13575: Disable randomised Firefox HTTP cache decay user tests. (Fernando Fernandez Mancera <ffmancera(a)riseup.net>) Bug 17252: Enable session identifiers with FPI Session tickets and session identifiers were isolated by OriginAttributes, so we can re-enable them by allowing the default value (true) of "security.ssl.disable_session_identifiers". The pref "security.enable_tls_session_tickets" is obsolete (removed in https://bugzilla.mozilla.org/917049) Bug 14952: Enable http/2 and AltSvc In Firefox, SPDY/HTTP2 now uses Origin Attributes for isolation of connections, push streams, origin frames, etc. That means we get first-party isolation provided "privacy.firstparty.isolate" is true. So in this patch, we stop overriding "network.http.spdy.enabled" and "network.http.spdy.enabled.http2". Alternate Services also use Origin Attributes for isolation. So we stop overriding "network.http.altsvc.enabled" and "network.http.altsvc.oe" as well. (All 4 of the abovementioned "network.http.*" prefs adopt Firefox 60ESR's default value of true.) However, we want to disable HTTP/2 push for now, so we set "network.http.spdy.allow-push" to false. "network.http.spdy.enabled.http2draft" was removed in Bug 1132357. "network.http.sped.enabled.v2" was removed in Bug 912550. "network.http.sped.enabled.v3" was removed in Bug 1097944. "network.http.sped.enabled.v3-1" was removed in Bug 1248197. Bug 26114: addons.mozilla.org is not special * Don't expose navigator.mozAddonManager on any site * Don't block NoScript from modifying addons.mozilla.org or other sites Enable ReaderView mode again (#27281). Bug 29916: Make sure enterprise policies are disabled Bug 2874: Block Components.interfaces from content Bug 26146: Spoof HTTP User-Agent header for desktop platforms In Tor Browser 8.0, the OS was revealed in both the HTTP User-Agent header and to JavaScript code via navigator.userAgent. To avoid leaking the OS inside each HTTP request (which many web servers log), always use the Windows 7 OS value in the desktop User-Agent header. We continue to allow access to the actual OS via JavaScript, since doing so improves compatibility with web applications such as GitHub and Google Docs. Bug 12885: Windows Jump Lists fail for Tor Browser Jumplist entries are stored in a binary file in: %APPDATA%\\Microsoft\Windows\Recent\CustomDestinations\ and has a name in the form [a-f0-9]+.customDestinations-ms The hex at the front is unique per app, and is ultimately derived from something called the 'App User Model ID' (AUMID) via some unknown hashing method. The AUMID is provided as a key when programmatically creating, updating, and deleting a jumplist. The default behaviour in firefox is for the installer to define an AUMID for an app, and save it in the registry so that the jumplist data can be removed by the uninstaller. However, the Tor Browser does not set this (or any other) regkey during installation, so this codepath fails and the app's AUMID is left undefined. As a result the app's AUMID ends up being defined by windows, but unknowable by Tor Browser. This unknown AUMID is used to create and modify the jumplist, but the delete API requires that we provide the app's AUMID explicitly. Since we don't know what the AUMID is (since the expected regkey where it is normally stored does not exist) jumplist deletion will fail and we will leave behind a mostly empty customDestinations-ms file. The name of the file is derived from the binary path, so an enterprising person could reverse engineer how that hex name is calculated, and generate the name for Tor Browser's default Desktop installation path to determine whether a person had used Tor Browser in the past. The 'taskbar.grouping.useprofile' option that is enabled by this patch works around this AUMID problem by having firefox.exe create it's own AUMID based on the profile path (rather than looking for a regkey). This way, if a user goes in and enables and disables jumplist entries, the backing store is properly deleted. Unfortunately, all windows users currently have this file lurking in the above mentioned directory and this patch will not remove it since it was created with an unknown AUMID. However, another patch could be written which goes to that directory and deletes any item containing the 'Tor Browser' string. See bug 28996. Bug 30845: Make sure default themes and other internal extensions are enabled Bug 28896: Enable extensions in private browsing by default Bug 31065: Explicitly allow proxying localhost Bug 31598: Enable letterboxing Disable Presentation API everywhere Bug 21549 - Use Firefox's WASM default pref. It is disabled at safer security levels. Bug 32321: Disable Mozilla's MitM pings Bug 19890: Disable installation of system addons By setting the URL to "" we make sure that already installed system addons get deleted as well. Bug 22548: Firefox downgrades VP9 videos to VP8. On systems where H.264 is not available or no HWA, VP9 is preferred. But in Tor Browser 7.0 all youtube videos are degraded to VP8. This behaviour can be turned off by setting media.benchmark.vp9.threshold to 0. All clients will get better experience and lower traffic, beause TBB doesn't use "Use hardware acceleration when available". Bug 25741 - TBA: Add mobile-override of 000-tor-browser prefs Bug 16441: Suppress "Reset Tor Browser" prompt. Bug 29120: Use the in-memory media cache and increase its maximum size. Bug 33697: use old search config based on list.json Bug 33855: Ensure that site-specific browser mode is disabled. Bug 30682: Disable Intermediate CA Preloading. Bug 40061: Omit the Windows default browser agent from the build Bug 40322: Consider disabling network.connectivity-service.enabled Bug 40408: Disallow SVG Context Paint in all web content Bug 40308: Disable network partitioning until we evaluate dFPI Bug 40322: Consider disabling network.connectivity-service.enabled Bug 40383: Disable dom.enable_event_timing Bug 40423: Disable http/3 Bug 40177: Update prefs for Fx91esr Bug 40700: Disable addons and features recommendations Bug 40682: Disable network.proxy.allow_bypass Bug 40736: Disable third-party cookies in PBM Bug 19850: Enabled HTTPS-Only by default Bug 40912: Hide the screenshot menu Bug 41292: Disable moreFromMozilla in preferences page Bug 40057: Ensure the CSS4 system colors are not a fingerprinting vector Bug 24686: Set network.http.tailing.enabled to true Bug 40183: Disable TLS ciphersuites using SHA-1 Bug 40783: Review 000-tor-browser.js and 001-base-profile.js for 102 We reviewed all the preferences we set for 102, and remove a few old ones. See the description of that issue to see all the preferences we believed were still valid for 102, and some brief description for the reasons to keep them. - - - - - f713cef0 by Pier Angelo Vendrame at 2024-11-19T17:02:03+01:00 fixup! Firefox preference overrides. Bug 43165: Disable Microsoft SSO on macOS. - - - - - c0757a1d by Pier Angelo Vendrame at 2024-11-19T17:02:04+01:00 Bug 41043: Hardcode the UI font on Linux The mechanism to choose the UI font does not play well with our fontconfig configuration. As a result, the final criterion to choose the font for the UI was its version. Since we hardcode Arimo as a default sans-serif on preferences, we use it also for the UI. FontConfig will fall back to some other font for scripts Arimo does not cover as expected (we tested with Japanese). Bug 43141: Hardcode system-ui to Arimo. - - - - - 2c8976ed by Pier Angelo Vendrame at 2024-11-19T17:02:04+01:00 Bug 41901: Hardcode normalized FontSubstitutes. Windows has a system to set font aliases through the registry. This allows some customization that could be used as a fingerprinting vector. Moreover, this mechanism is used by Windows itself, and different SKUs might have different default FontSubstitutes. - - - - - 2d409ae0 by Alex Catarineu at 2024-11-19T17:02:05+01:00 Bug 30605: Honor privacy.spoof_english in Android This checks `privacy.spoof_english` whenever `setLocales` is called from Fenix side and sets `intl.accept_languages` accordingly. Bug 40198: Expose privacy.spoof_english pref in GeckoView - - - - - a79359b6 by Pier Angelo Vendrame at 2024-11-19T17:02:05+01:00 Bug 42562: Normalized the Accepted Languages on Android. The OS language might be outside the list of actually supported languages and it might leak the user's region. Therefore, we force the locale reported in Accept-Language to match one we support with translations, even when it means using a not exact region tag. - - - - - eb4e94bb by Alex Catarineu at 2024-11-19T17:02:05+01:00 Bug 40171: Make WebRequest and GeckoWebExecutor First-Party aware - - - - - 53d3cd3b by Alex Catarineu at 2024-11-19T17:02:06+01:00 Bug 26345: Hide tracking protection UI - - - - - 01ab5234 by Henry Wilkes at 2024-11-19T17:02:06+01:00 Bug 43109: Hide Firefox Relay from settings. This should remain disabled, see tor-browser#42814. - - - - - 9fdaa069 by Henry Wilkes at 2024-11-19T17:02:06+01:00 Bug 42777: Hide Website Privacy Preferences. We hide the Website Privacy Preferences section, which controls the "global privacy control" (GPC) and "do not track" (DNT) settings. - - - - - afe28814 by Morgan at 2024-11-19T17:02:07+01:00 Bug 42070: Hide "Use smooth scrolling" from settings - - - - - 070a5274 by Arthur Edelstein at 2024-11-19T17:02:09+01:00 Bug 18905: Hide unwanted items from help menu Bug 25660: Remove the "New Private Window" option - - - - - a21f5099 by Pier Angelo Vendrame at 2024-11-19T17:02:09+01:00 Bug 41739: Remove "Website appearance" from about:preferences. It is ignored because of RFP and it is confusing for users. - - - - - 051d30f6 by Henry Wilkes at 2024-11-19T17:02:09+01:00 Bug 43117: Hide "Always underline links" from settings. - - - - - 73bdcd31 by Pier Angelo Vendrame at 2024-11-19T17:02:10+01:00 Bug 42774: Always hide the third-pary certs UI. - - - - - 58b0965f by Henry Wilkes at 2024-11-19T17:02:10+01:00 Bug 43118: Hide feature recommendation (CFR) settings. - - - - - 1448e4e3 by Pier Angelo Vendrame at 2024-11-19T17:02:10+01:00 Bug 9173: Change the default Firefox profile directory to be relative. This commit makes Firefox look for the default profile directory in a directory relative to the binary path. The directory can be specified through the --with-relative-data-dir. This is relative to the same directory as the firefox main binary for Linux and Windows. On macOS, we remove Contents/MacOS from it. Or, in other words, the directory is relative to the application bundle. This behavior can be overriden at runtime, by placing a file called system-install adjacent to the firefox main binary (also on macOS). - - - - - f79cd6d4 by Pier Angelo Vendrame at 2024-11-19T17:02:11+01:00 Bug 42773: Replace ~ with the original home. In Bug 93141, Mozilla started sending users to their home when they type ~ in the URL bar. On Linux, we change $HOME for various reason, therefore you would be redirected to the spoofed home directory when typing ~. So, we check if the original home directory is known, and use that, instead. - - - - - 7716e1a7 by Alex Catarineu at 2024-11-19T17:02:11+01:00 Bug 27604: Fix addon issues when moving the profile directory Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1429838 - - - - - 7e3f5c98 by Mike Perry at 2024-11-19T17:02:11+01:00 Bug 13028: Prevent potential proxy bypass cases. It looks like these cases should only be invoked in the NSS command line tools, and not the browser, but I decided to patch them anyway because there literally is a maze of network function pointers being passed around, and it's very hard to tell if some random code might not pass in the proper proxied versions of the networking code here by accident. Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1433509 - - - - - 47772b97 by Pier Angelo Vendrame at 2024-11-19T17:02:12+01:00 Bug 40309: Avoid using regional OS locales Avoid regional OS locales if the pref `intl.regional_prefs.use_os_locales` is false but RFP is enabled. - - - - - d8bcb8a9 by Matthew Finkel at 2024-11-19T17:02:12+01:00 Bug 40432: Prevent probing installed applications Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1711084 - - - - - e41ae0a5 by cypherpunks1 at 2024-11-19T17:02:12+01:00 Bug 33955: When copying an image only copy the image contents to the clipboard - - - - - 1ecaa985 by cypherpunks1 at 2024-11-19T17:02:13+01:00 Bug 41791: Omit the source URL when copying page contents to the clipboard - - - - - b616f7c2 by hackademix at 2024-11-19T17:02:13+01:00 Bug 42288: Allow language spoofing in status messages. - - - - - 7946a49c by Pier Angelo Vendrame at 2024-11-19T17:02:14+01:00 Bug 43196: Remove the vendor name from media notifications on Linux. Firefox shows "vendor remoteName" as a title of the "... is playing media" notification on Linux. However, for our browser the remote name is enough, and prepending the vendor to it creates a string users usually never see. - - - - - 240d50d5 by Pier Angelo Vendrame at 2024-11-19T17:02:14+01:00 Base Browser strings This commit adds all the strings needed by following Base Browser patches. - - - - - 83dcbc40 by Pier Angelo Vendrame at 2024-11-19T17:02:14+01:00 Bug 41369: Improve Firefox language settings for multi-lingual packages Change the language selector to be sorted by language code, rather than name, and to display the language code to the user. Bug 41372: Handle Japanese as a special case in preferences on macOS Japanese is treated in a special way on macOS. However, seeing the Japanese language tag could be confusing for users, and moreover the language name is not localized correctly like other langs. Bug 41378: Tell users that they can change their language at the first start With multi-lingual builds, Tor Browser matches the user's system language, but some users might want to change it. So, we tell them that it is possible, but only once. - - - - - 3a2d245f by p13dz at 2024-11-19T17:02:15+01:00 Bug 40283: Workaround for the file upload bug - - - - - 0b54b1bf by hackademix at 2024-11-19T17:02:15+01:00 Bug 42019: Empty browser's clipboard on browser shutdown - - - - - 97e42746 by hackademix at 2024-11-19T17:02:15+01:00 Bug 42084: Ensure English spoofing works even if preferences are set out of order. - - - - - 685ab3ca by Pier Angelo Vendrame at 2024-11-19T17:02:16+01:00 Bug 41930: Remove the UI to customize accept_languages. - - - - - a22afa4f by hackademix at 2024-11-19T17:02:16+01:00 Bug 41434: Letterboxing, preemptively apply margins in a global CSS rule to mitigate race conditions on newly created windows and tabs. - - - - - 1b0f217d by hackademix at 2024-11-19T17:02:16+01:00 Bug 41434: Letterboxing, improve logging. - - - - - da39ea42 by hackademix at 2024-11-19T17:02:17+01:00 Bug 31064: Letterboxing, exempt browser extensions. - - - - - e2bb0a42 by hackademix at 2024-11-19T17:02:17+01:00 Bug 32411: Letterboxing, exempt view-source: URIs. - - - - - f4b68076 by hackademix at 2024-11-19T17:02:17+01:00 Bug 42574: Letterboxing, exempt pdf.js. - - - - - b3e4731c by hackademix at 2024-11-19T17:02:18+01:00 Bug 32308: Use direct browser sizing for letterboxing. Bug 30556: align letterboxing with 200x100 new win width stepping - - - - - 1d7c8028 by hackademix at 2024-11-19T17:02:18+01:00 Bug 41631: Prevent weird initial window dimensions caused by subpixel computations - - - - - 9df2f097 by hackademix at 2024-11-19T17:02:18+01:00 Bug 41918: Option to reuse last window size when letterboxing is enabled. - - - - - d2c42e2a by hackademix at 2024-11-19T17:02:19+01:00 Bug 41916: Letterboxing preferences UI - - - - - b984842e by hackademix at 2024-11-19T17:02:19+01:00 Bug 41695: Warn on window maximization without letterboxing in RFPHelper module - - - - - 9c2f369d by hackademix at 2024-11-19T17:02:20+01:00 Bug 42443: Shrink window to match letterboxing size when the emtpy area is clicked. - - - - - a2cbd583 by Henry Wilkes at 2024-11-19T17:02:20+01:00 Bug 42528: Don't leak system scrollbar size on windows. - - - - - 067ad8ac by Henry Wilkes at 2024-11-19T17:02:20+01:00 Bug 31575: Disable Firefox Home (Activity Stream) Treat about:blank as the default home page and new tab page. Avoid loading AboutNewTab in BrowserGlue.sys.mjs in order to avoid several network requests that we do not need. Bug 41624: Disable about:pocket-* pages. Bug 40144: Redirect about:privatebrowsing to the user's home - - - - - 8eb9dce6 by Kathy Brade at 2024-11-19T17:02:21+01:00 Bug 4234: Use the Firefox Update Process for Base Browser. Windows: disable "runas" code path in updater (15201). Windows: avoid writing to the registry (16236). Also includes fixes for tickets 13047, 13301, 13356, 13594, 15406, 16014, 16909, 24476, and 25909. Also fix bug 27221: purge the startup cache if the Base Browser version changed (even if the Firefox version and build ID did not change), e.g., after a minor Base Browser update. Also fix 32616: Disable GetSecureOutputDirectoryPath() functionality. Bug 26048: potentially confusing "restart to update" message Within the update doorhanger, remove the misleading message that mentions that windows will be restored after an update is applied, and replace the "Restart and Restore" button label with an existing "Restart to update Tor Browser" string. Bug 28885: notify users that update is downloading Add a "Downloading Base Browser update" item which appears in the hamburger (app) menu while the update service is downloading a MAR file. Before this change, the browser did not indicate to the user that an update was in progress, which is especially confusing in Tor Browser because downloads often take some time. If the user clicks on the new menu item, the about dialog is opened to allow the user to see download progress. As part of this fix, the update service was changed to always show update-related messages in the hamburger menu, even if the update was started in the foreground via the about dialog or via the "Check for Tor Browser Update" toolbar menu item. This change is consistent with the Tor Browser goal of making sure users are informed about the update process. Removed #28885 parts of this patch which have been uplifted to Firefox. - - - - - 947e9671 by Pier Angelo Vendrame at 2024-11-19T17:02:21+01:00 Bug 42061: Create an alpha update channel. - - - - - ecb8fb1e by Nicolas Vigier at 2024-11-19T17:02:21+01:00 Bug 41682: Add base-browser nightly mar signing key - - - - - 0d576977 by Pier Angelo Vendrame at 2024-11-19T17:02:22+01:00 Bug 41603: Customize the creation of MOZ_SOURCE_URL MOZ_SOURCE_URL is created by combining MOZ_SOURCE_REPO and MOZ_SOURCE_CHANGESET. But the code takes for granted that it refers to a Hg instance, so it combines them as `$MOZ_SOURCE_REPO/rev/$MOZ_SOURCE_CHANGESET`. With this commit, we change this logic to combine them to create a URL that is valid for GitLab. $MOZ_SOURCE_CHANGESET needs to be a commit hash, not a branch or a tag. If that is needed, we could use /-/tree/, instead of /-/commit/. - - - - - 8b2acb72 by Pier Angelo Vendrame at 2024-11-19T17:02:22+01:00 Bug 41698: Reword the recommendation badges in about:addons Firefox strings use { -brand-product-name }. As a result, it seems that the fork is recommending extensions, whereas AMO curators are doing that. So, we replace the strings with custom ones that clarify that Mozilla is recommending them. We assign the strings with JS because our translation backend does not support Fluent attributes, yet, but once it does, we should switch to them, instead. Upstream bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1825033 - - - - - 79a58f77 by Pier Angelo Vendrame at 2024-11-19T17:02:22+01:00 Bug 42438: Tweaks to the migration wizard. Remove the items not compatible with our features (such as history) from the migration wizard. On Linux, allow to specify an alternative home directory, since we usually change $HOME in our startup script. - - - - - e5081b09 by Alex Catarineu at 2024-11-19T17:02:23+01:00 Bug 40069: Add helpers for message passing with extensions - - - - - db4fb824 by Matthew Finkel at 2024-11-19T17:02:25+01:00 Bug 41598: Prevent NoScript from being removed/disabled. Bug 40253: Explicitly allow NoScript in Private Browsing mode. - - - - - 19018a79 by Henry Wilkes at 2024-11-19T17:02:25+01:00 Bug 41736: Hide NoScript extension's toolbar button by default. This hides it from both the toolbar and the unified extensions panel. We also hide the unified-extension-button if the panel would be empty: not including the NoScript button when it is hidden. As a result, this will be hidden by default until a user installs another extension (or shows the NoScript button and unpins it). - - - - - ef942bb0 by hackademix at 2024-11-19T17:02:26+01:00 Bug 41834: Hide "Can't Be Removed - learn more" menu line for uninstallable add-ons - - - - - be362ef2 by Pier Angelo Vendrame at 2024-11-19T17:02:26+01:00 Bug 40925: Implemented the Security Level component This component adds a new Security Level toolbar button which visually indicates the current global security level via icon (as defined by the extensions.torbutton.security_slider pref), a drop-down hanger with a short description of the current security level, and a new section in the about:preferences#privacy page where users can change their current security level. In addition, the hanger and the preferences page will show a visual warning when the user has modified prefs associated with the security level and provide a one-click 'Restore Defaults' button to get the user back on recommended settings. Bug 40125: Expose Security Level pref in GeckoView - - - - - a958474e by Pier Angelo Vendrame at 2024-11-19T17:02:26+01:00 Bug 40926: Implemented the New Identity feature - - - - - 9e4185d2 by Henry Wilkes at 2024-11-19T17:02:27+01:00 Bug 41736: Customize toolbar for base-browser. - - - - - d13c8c3f by Pier Angelo Vendrame at 2024-11-19T17:02:27+01:00 Bug 42027: Base Browser migration procedures. This commit implmenents the the Base Browser's version of _migrateUI. - - - - - e17244fc by Henry Wilkes at 2024-11-19T17:02:27+01:00 Bug 42583: Modify moz-support-link for Base Browser. - - - - - e8001c86 by Henry Wilkes at 2024-11-19T17:02:28+01:00 Bug 42308: Create README for tor-browser. We drop the README.txt that comes from Mozilla Firefox and add README.md for tor-browser. - - - - - 948c3665 by Richard Pospesel at 2024-11-19T17:02:28+01:00 Bug 41649: Create rebase and security backport gitlab issue templates - - - - - c34c0d8a by Beatriz Rizental at 2024-11-19T17:02:29+01:00 Add CI for Tor Browser - - - - - a826e00b by Richard Pospesel at 2024-11-19T17:02:29+01:00 Bug 41089: Add tor-browser build scripts + Makefile to tor-browser - - - - - db5399a7 by Henry Wilkes at 2024-11-19T17:02:29+01:00 Bug 41803: Add some developer tools for working on tor-browser. - - - - - 1b64dddd by Kathy Brade at 2024-11-19T17:02:30+01:00 Bug 11641: Disable remoting by default. Unless the -osint command line flag is used, the browser now defaults to the equivalent of -no-remote. There is a new -allow-remote flag that may be used to restore the original (Firefox-like) default behavior. - - - - - 90169ce8 by Alex Catarineu at 2024-11-19T17:02:30+01:00 Add TorStrings module for localization - - - - - 51d3b826 by Henry Wilkes at 2024-11-19T17:02:30+01:00 Tor Browser strings This commit adds all the strings needed for Tor Browser patches. - - - - - 37291afe by Henry Wilkes at 2024-11-19T17:02:31+01:00 Tor Browser localization migration scripts. - - - - - bb1f3bcd by Henry Wilkes at 2024-11-19T17:02:31+01:00 Bug 42305: Add script to combine translation files across versions. - - - - - 06f3b60d by Mike Perry at 2024-11-19T17:02:31+01:00 Bug 2176: Rebrand Firefox to TorBrowser See also Bugs #5194, #7187, #8115, #8219. This patch does some basic renaming of Firefox to TorBrowser. The rest of the branding is done by images and icons. Also fix bug 27905. Bug 25702: Update Tor Browser icon to follow design guidelines - Updated all of the branding in /browser/branding/official with new 'stable' icon series. - Updated /extensions/onboarding/content/img/tor-watermark.png with new icon and add the source svg in the same directory - Copied /browser/branding/official over /browser/branding/nightly and the new /browser/branding/alpha directories. Replaced content with 'nightly' and 'alpha' icon series. Updated VisualElements_70.png and VisualElements_150.png with updated icons in each branding directory (fixes #22654) - Updated firefox.VisualElementsManfiest.xml with updated colors in each branding directory - Added firefox.svg to each branding directory from which all the other icons are derived (apart from document.icns and document.ico) - Added default256.png and default512.png icons - Updated aboutTBUpdate.css to point to branding-aware icon128.png and removed original icon - Use the Tor Browser icon within devtools/client/themes/images/. Bug 30631: Blurry Tor Browser icon on macOS app switcher It would seem the png2icns tool does not generate correct icns files and so on macOS the larger icons were missing resulting in blurry icons in the OS chrome. Regenerated the padded icons in a macOS VM using iconutil. Bug 28196: preparations for using torbutton tor-browser-brand.ftl A small change to Fluent FileSource class is required so that we can register a new source without its supported locales being counted as available locales for the browser. Bug 31803: Replaced about:debugging logo with flat version Bug 21724: Make Firefox and Tor Browser distinct macOS apps When macOS opens a document or selects a default browser, it sometimes uses the CFBundleSignature. Changing from the Firefox MOZB signature to a different signature TORB allows macOS to distinguish between Firefox and Tor Browser. Bug 32092: Fix Tor Browser Support link in preferences For bug 40562, we moved onionPattern* from bug 27476 to here, as about:tor needs these files but it is included earlier. Bug 41278: Create Tor Browser styled pdf logo similar to the vanilla Firefox one Bug 42088: New application icons (used in-app and on linux). Bug 42087: New application icons (windows). - - - - - 1752bfb5 by Henry Wilkes at 2024-11-19T17:02:32+01:00 Bug 43087: Add onion-pattern to be used on Tor pages. - - - - - c986d4d4 by hackademix at 2024-11-19T17:02:32+01:00 Bug 41917: Tor brand-specific styles. - - - - - 672435b2 by Henry Wilkes at 2024-11-19T17:02:32+01:00 Bug 41817: tor-browser semantic colors. - - - - - 0c143037 by Henry Wilkes at 2024-11-19T17:02:33+01:00 Add purple tor version of the loading APNG. - - - - - 8fe51d57 by Henry Wilkes at 2024-11-19T17:02:33+01:00 Bug 42583: Modify moz-support-link for Tor Browser. - - - - - 7c68e8bd by sanketh at 2024-11-19T17:02:33+01:00 Bug 40209: Implement Basic Crypto Safety Adds a CryptoSafety actor which detects when you've copied a crypto address from a HTTP webpage and shows a warning. Closes #40209. Bug 40428: Fix string attribute names - - - - - 52740a17 by Mike Perry at 2024-11-19T17:02:34+01:00 TB3: Tor Browser's official .mozconfigs. Also: Add an --enable-tor-browser-data-outside-app-dir configure option Add --with-tor-browser-version configure option Bug 31457: disable per-installation profiles The dedicated profiles (per-installation) feature does not interact well with our bundled profiles on Linux and Windows, and it also causes multiple profiles to be created on macOS under TorBrowser-Data. Bug 31935: Disable profile downgrade protection. Since Tor Browser does not support more than one profile, disable the prompt and associated code that offers to create one when a version downgrade situation is detected. Add --enable-tor-browser-update build option Bug 40793: moved Tor configuration options from old-configure.in to moz.configure Bug 41584: Move some configuration options to base-browser level - - - - - 47826755 by Henry Wilkes at 2024-11-19T17:02:34+01:00 Bug 41340: Enable TOR_BROWSER_NIGHTLY_BUILD features for dev and nightly builds tor-browser#41285: Enable fluent warnings. - - - - - 2d93d8a2 by Pier Angelo Vendrame at 2024-11-19T17:02:34+01:00 Bug 40562: Added Tor Browser preferences to 000-tor-browser.js Before reordering patches, we used to keep the Tor-related patches (torbutton and tor-launcher) at the beginning. After that issue, we decided to move them towards the end. In addition to that, we have decided to move Tor Browser-only preferences there, too, to make Base Browser-only fixups easier to apply. - - - - - 54d1a288 by Pier Angelo Vendrame at 2024-11-19T17:02:35+01:00 Bug 13252: Customize profile management on macOS On macOS we allow both portable mode and system installation. However, in the latter case, we customize Firefox's directories to match the hierarchy we use for the portable mode. Also, display an informative error message if the TorBrowser-Data directory cannot be created due to an "access denied" or a "read only volume" error. - - - - - 54c3bd86 by Pier Angelo Vendrame at 2024-11-19T17:02:35+01:00 Bug 40933: Add tor-launcher functionality Bug 41926: Reimplement the control port - - - - - 021d91e8 by Cecylia Bocovich at 2024-11-19T17:02:36+01:00 Lox integration - - - - - ba4f9edd by Richard Pospesel at 2024-11-19T17:02:36+01:00 Bug 40597: Implement TorSettings module - migrated in-page settings read/write implementation from about:preferences#tor to the TorSettings module - TorSettings initially loads settings from the tor daemon, and saves them to firefox prefs - TorSettings notifies observers when a setting has changed; currently only QuickStart notification is implemented for parity with previous preference notify logic in about:torconnect and about:preferences#tor - about:preferences#tor, and about:torconnect now read and write settings thorugh the TorSettings module - all tor settings live in the torbrowser.settings.* preference branch - removed unused pref modify permission for about:torconnect content page from AsyncPrefs.jsm Bug 40645: Migrate Moat APIs to Moat.jsm module - - - - - a5069fd3 by Arthur Edelstein at 2024-11-19T17:02:36+01:00 Bug 3455: Add DomainIsolator, for isolating circuit by domain. Add an XPCOM component that registers a ProtocolProxyChannelFilter which sets the username/password for each web request according to url bar domain. Bug 9442: Add New Circuit button Bug 13766: Set a 10 minute circuit dirty timeout for the catch-all circ. Bug 19206: Include a 128 bit random tag as part of the domain isolator nonce. Bug 19206: Clear out the domain isolator state on `New Identity`. Bug 21201.2: Isolate by firstPartyDomain from OriginAttributes Bug 21745: Fix handling of catch-all circuit Bug 41741: Refactor the domain isolator and new circuit - - - - - dfeede42 by Henry Wilkes at 2024-11-19T17:02:37+01:00 Bug 41600: Add a tor circuit display panel. - - - - - 394d6479 by Pier Angelo Vendrame at 2024-11-19T17:02:37+01:00 Bug 42247: Android helpers for the TorProvider GeckoView is missing some API we use on desktop for the integration with the tor daemon, such as subprocess. Therefore, we need to implement them in Java and plumb the data back and forth between JS and Java. - - - - - f35d69c1 by hackademix at 2024-11-19T17:02:37+01:00 Bug 8324: Prevent DNS proxy bypasses caused by Drag&Drop Bug 41613: Skip Drang & Drop filtering for DNS-safe URLs - - - - - 35e74651 by Matthew Finkel at 2024-11-19T17:02:38+01:00 Bug 25741: TBA: Disable GeckoNetworkManager The browser should not need information related to the network interface or network state, tor should take care of that. - - - - - 5bb241fd by Kathy Brade at 2024-11-19T17:02:38+01:00 Bug 14631: Improve profile access error messages. Instead of always reporting that the profile is locked, display specific messages for "access denied" and "read-only file system". To allow for localization, get profile-related error strings from Torbutton. Use app display name ("Tor Browser") in profile-related error alerts. - - - - - 63fddb4a by Pier Angelo Vendrame at 2024-11-19T17:02:38+01:00 Bug 40807: Added QRCode.js to toolkit/modules - - - - - a0b73242 by Richard Pospesel at 2024-11-19T17:02:39+01:00 Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection This patch adds a new about:preferences#connection page which allows modifying bridge, proxy, and firewall settings from within Tor Browser. All of the functionality present in tor-launcher's Network Configuration panel is present: - Setting built-in bridges - Requesting bridges from BridgeDB via moat - Using user-provided bridges - Configuring SOCKS4, SOCKS5, and HTTP/HTTPS proxies - Setting firewall ports - Viewing and Copying Tor's logs - The Networking Settings in General preferences has been removed Bug 40774: Update about:preferences page to match new UI designs - - - - - d956e51f by Richard Pospesel at 2024-11-19T17:02:39+01:00 Bug 27476: Implement about:torconnect captive portal within Tor Browser - implements new about:torconnect page as tor-launcher replacement - adds new torconnect component to browser - tor process management functionality remains implemented in tor-launcher through the TorProtocolService module - adds warning/error box to about:preferences#tor when not connected to tor Bug 40773: Update the about:torconnect frontend page to match additional UI flows. Bug 41608: Add a toolbar status button and a urlbar "Connect" button. - - - - - f7ae1b81 by Pier Angelo Vendrame at 2024-11-19T17:02:41+01:00 Temporary changes to about:torconnect for Android. We are planning of tempoorarily using about:torconnect on Android, until the native UX is ready. - - - - - 699f1aab by Henry Wilkes at 2024-11-19T17:02:42+01:00 Bug 7494: Create local home page for TBB. Bug 41333: Update about:tor to new design. Including: + make the favicon match the branding icon. + make the location bar show a search icon. - - - - - a68bf42d by Pier Angelo Vendrame at 2024-11-19T17:02:42+01:00 Bug 41668: Tweaks to the Base Browser updater for Tor Browser This commit was once part of "Bug 4234: Use the Firefox Update Process for Tor Browser.". However, some parts of it were not needed for Base Browser and some derivative browsers. Therefore, we extracted from that commit the parts for Tor Browser legacy, and we add them back to the patch set with this commit. - - - - - 7dd3d6da by Kathy Brade at 2024-11-19T17:02:42+01:00 Bug 12647: Support symlinks in the updater. - - - - - 9dad8f24 by Kathy Brade at 2024-11-19T17:02:43+01:00 Bug 16940: After update, load local change notes. Add an about:tbupdate page that displays the first section from TorBrowser/Docs/ChangeLog.txt and includes a link to the remote post-update page (typically our blog entry for the release). Always load about:tbupdate in a content process, but implement the code that reads the file system (changelog) in the chrome process for compatibility with future sandboxing efforts. Also fix bug 29440. Now about:tbupdate is styled as a fairly simple changelog page that is designed to be displayed via a link that is on about:tor. - - - - - 184b455d by Georg Koppen at 2024-11-19T17:02:43+01:00 Bug 32658: Create a new MAR signing key It's time for our rotation again: Move the backup key in the front position and add a new backup key. Bug 33803: Move our primary nightly MAR signing key to tor-browser Bug 33803: Add a secondary nightly MAR signing key - - - - - 9420e558 by Pier Angelo Vendrame at 2024-11-19T17:02:43+01:00 Bug 42891: Set the bundled search engine for Tor Browser. After upstream changes between Firefox 115 and 128, we had to completely rework the way in which we define our search engines. This commit replaces the old "Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing". With that commit, we customized a list of addons IDs to ship as built-in search engines, but then upsteam moved to using only RemoteSettings. The configuration has many more fields, and it would be quite long to include it in the source code. Therefore, we use some local JSON files and load the settings from them. - - - - - ef521b66 by Alex Catarineu at 2024-11-19T17:02:44+01:00 Bug 40073: Disable remote Public Suffix List fetching In https://bugzilla.mozilla.org/show_bug.cgi?id=1563246 Firefox implemented fetching the Public Suffix List via RemoteSettings and replacing the default one at runtime, which we do not want. - - - - - 8a19f965 by Henry Wilkes at 2024-11-19T17:02:44+01:00 Bug 41906: Hide DNS over HTTPS preferences. - - - - - 7a0f341c by Richard Pospesel at 2024-11-19T17:02:44+01:00 Bug 23247: Communicating security expectations for .onion Encrypting pages hosted on Onion Services with SSL/TLS is redundant (in terms of hiding content) as all traffic within the Tor network is already fully encrypted. Therefore, serving HTTP pages from an Onion Service is more or less fine. Prior to this patch, Tor Browser would mostly treat pages delivered via Onion Services as well as pages delivered in the ordinary fashion over the internet in the same way. This created some inconsistencies in behaviour and misinformation presented to the user relating to the security of pages delivered via Onion Services: - HTTP Onion Service pages did not have any 'lock' icon indicating the site was secure - HTTP Onion Service pages would be marked as unencrypted in the Page Info screen - Mixed-mode content restrictions did not apply to HTTP Onion Service pages embedding Non-Onion HTTP content This patch fixes the above issues, and also adds several new 'Onion' icons to the mix to indicate all of the various permutations of Onion Services hosted HTTP or HTTPS pages with HTTP or HTTPS content. Strings for Onion Service Page Info page are pulled from Torbutton's localization strings. - - - - - 8de6eb14 by Kathy Brade at 2024-11-19T17:02:45+01:00 Bug 30237: Add v3 onion services client authentication prompt When Tor informs the browser that client authentication is needed, temporarily load about:blank instead of about:neterror and prompt for the user's key. If a correctly formatted key is entered, use Tor's ONION_CLIENT_AUTH_ADD control port command to add the key (via Torbutton's control port module) and reload the page. If the user cancels the prompt, display the standard about:neterror "Unable to connect" page. This requires a small change to browser/actors/NetErrorChild.jsm to account for the fact that the docShell no longer has the failedChannel information. The failedChannel is used to extract TLS-related error info, which is not applicable in the case of a canceled .onion authentication prompt. Add a leaveOpen option to PopupNotifications.show so we can display error messages within the popup notification doorhanger without closing the prompt. Add support for onion services strings to the TorStrings module. Add support for Tor extended SOCKS errors (Tor proposal 304) to the socket transport and SOCKS layers. Improved display of all of these errors will be implemented as part of bug 30025. Also fixes bug 19757: Add a "Remember this key" checkbox to the client auth prompt. Add an "Onion Services Authentication" section within the about:preferences "Privacy & Security section" to allow viewing and removal of v3 onion client auth keys that have been stored on disk. Also fixes bug 19251: use enhanced error pages for onion service errors. - - - - - 65240f68 by Henry Wilkes at 2024-11-19T17:02:45+01:00 fixup! Bug 30237: Add v3 onion services client authentication prompt Bug 43262: The deleteAll command was attached to the wrong button. - - - - - 1c3b6f26 by Alex Catarineu at 2024-11-19T17:02:46+01:00 Bug 21952: Implement Onion-Location Whenever a valid Onion-Location HTTP header (or corresponding HTML <meta> http-equiv attribute) is found in a document load, we either redirect to it (if the user opted-in via preference) or notify the presence of an onionsite alternative with a badge in the urlbar. - - - - - 6beeef71 by Pier Angelo Vendrame at 2024-11-19T17:02:46+01:00 Bug 40458: Implement .tor.onion aliases We have enabled HTTPS-Only mode, therefore we do not need HTTPS-Everywhere anymore. However, we want to keep supporting .tor.onion aliases (especially for securedrop). Therefore, in this patch we implemented the parsing of HTTPS-Everywhere rulesets, and the redirect of .tor.onion domains. Actually, Tor Browser believes they are actual domains. We change them on the fly on the SOCKS proxy requests to resolve the domain, and on the code that verifies HTTPS certificates. - - - - - 46d7eee1 by Pier Angelo Vendrame at 2024-11-19T17:02:46+01:00 Bug 11698: Incorporate Tor Browser Manual pages into Tor Browser This patch associates the about:manual page to a translated page that must be injected to browser/omni.ja after the build. The content must be placed in chrome/browser/content/browser/manual/, so that is then available at chrome://browser/content/manual/. We preferred giving absolute freedom to the web team, rather than having to change the patch in case of changes on the documentation. - - - - - 184d4222 by Pier Angelo Vendrame at 2024-11-19T17:02:47+01:00 Bug 41435: Add a Tor Browser migration function For now this function only deletes old language packs for which we are already packaging the strings with the application. - - - - - 6a41f442 by Henry Wilkes at 2024-11-19T17:02:47+01:00 Bug 42110: Add TorUIUtils module for common tor component methods. - - - - - 0a9a8ad2 by Dan Ballard at 2024-11-19T17:02:47+01:00 Bug 40701: Add security warning when downloading a file Shown in the downloads panel, about:downloads and places.xhtml. - - - - - c82596c2 by Henry Wilkes at 2024-11-19T17:02:48+01:00 Bug 41736: Customize toolbar for tor-browser. - - - - - 68605983 by hackademix at 2024-11-19T17:02:48+01:00 Bug 41728: Pin bridges.torproject.org domains to Let's Encrypt's root cert public key - - - - - 4259df65 by Henry Wilkes at 2024-11-19T17:02:48+01:00 Customize moz-toggle for tor-browser. - - - - - 353df2c5 by Richard Pospesel at 2024-11-19T17:02:49+01:00 Bug 41822: Unconditionally disable default browser UX in about:preferences - - - - - 60002ce1 by Cecylia Bocovich at 2024-11-19T17:02:49+01:00 Temporary commit: manually place generated wasm files These files are built reproducibly using tor-browser-build: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_re… We're manually adding them here while working on the interface, but eventually these should be placed in the right location using tor-browser-build. - - - - - f6400c21 by Matthew Finkel at 2024-11-19T17:02:49+01:00 Bug 40005: [android] Modify Default toolbar menu - - - - - 612e749f by Alex Catarineu at 2024-11-19T17:02:50+01:00 Bug 40007: [android] Port external helper app prompting Together with the corresponding fenix patch, this allows all `startActivity` that may open external apps to be replaced by `TorUtils.startActivityPrompt`. - - - - - 7c50d80e by Alex Catarineu at 2024-11-19T17:02:50+01:00 Bug 40002: [android] Ensure system download manager is not used Bug 40075: Support scoped storage to enable downloads on API < 29 - in android-components!7, we blocked all usage of Scoped Storage in an attempt to block usage of Android's DownloadManager, which is known to cause proxy bypasses - as of Android API 29, downloads will not work without Scoped Storage, causing all downlaods to fail (see: fenix##40192) - here, we enable usage of scoped storage for API >= 29, but block calls to DownloadManager on API < 29 - - - - - baea69a4 by Alex Catarineu at 2024-11-19T17:02:50+01:00 Bug 40009: [android] Change the default search engines This matches the search engines from desktop, that is: DDG as the default, then YouTube, Google, DDGOnion, Startpage, Twitter, Wikipedia and Yahoo. Bug 40062: Update DuckDuckGo onion search plugin - - - - - 6211b88b by Alex Catarineu at 2024-11-19T17:02:51+01:00 [android] Modify Addon support Bug 40011: Hide option for disallowing addons in private mode Bug 40016: Allow inheriting from AddonCollectionProvider This will allow implementing our own AddonsProvider in fenix. - - - - - c7e6d9ed by Georg Koppen at 2024-11-19T17:02:51+01:00 Bug 40013: [android] Add option do overwrite timestamp in extension version - - - - - ce80a385 by Alex Catarineu at 2024-11-19T17:02:52+01:00 Bug 40015: [android] Port padlock states for .onion services - - - - - 27a99f1b by Matthew Finkel at 2024-11-19T17:02:52+01:00 [android] Modify Tracking Protection configuration Bug 40020: Disable third-party cookies Bug 40024: Disable tracking protection by default - - - - - de354da6 by Matthew Finkel at 2024-11-19T17:02:52+01:00 Bug 40023: [android] Stop PrivateNotificationService - - - - - 5bbeac99 by Matthew Finkel at 2024-11-19T17:02:53+01:00 [android] Add support for new GeckoView interfaces Bug 40006: Expose Security Level interface Bug 40019: Expose spoofEnglish pref Bug 34439: Isolate Icon loader on Android Bug 41394: Expose privacy.prioritizeonions.enabled to Android. - - - - - 529334e5 by Matthew Finkel at 2024-11-19T17:02:53+01:00 [android] Disable features and functionality Bug 33594: Disable data collection by default (Glean) Bug 40019: Adjust is disabled on Release when data collection is disabled Bug 34338: Disable the crash reporter Bug 40014: Neuter Google Advertising ID Bug 40018: Disable Push service Bug 40034: Disable PWA onboading Bug 40072: Disable Tracking Protection Bug 40061: Do not show "Send to device" in sharing menu Bug 40109: Reduce requested permissions Exclude LOCATION and NETWORK_STATE - - - - - 963bcf9d by Matthew Finkel at 2024-11-19T17:02:53+01:00 [android] Rename as Tor Browser Bug 40020: Change applicationId Bug 40020: Change app name Bug 40020: Change deeplink scheme Bug 40020: Change App icons Bug 40073: Use correct branding on About page Bug 40088: Use Tor Browser logo in migration screen - - - - - cc54028a by Georg Koppen at 2024-11-19T17:02:54+01:00 [android] Modify build system Bug 40083: Make locale ordering in BuildConfig deterministic Bug 40042: Add option do overwrite timestamp in extension version Bug 40059: Use MOZ_BUILD_DATE for versionCode At the same time we adapt MOZ_BUILD_DATE to our needs where it is actually used and not in tor-browser-build. This gives us more flexibility. See: tor-browser-build#40084. Bug 40067: Fix reproducibility issue in classes2.dex We make sure our MOZ_BUILD_DATE gets used as a source for showing date related information on the Fenix about page. Bug 40071: Show only supported locales Bug 40064: Use Gecko Beta for Nightly and Debug variants Bug 40123: Allow building the instrumented tests apks for variants other than debug This allows to specify the variant of the instrumented tests via a `testBuildType` gradle argument. It also applies a workaround for a R8 issue from https://issuetracker.google.com/issues/140851070. Bug 40143: Use deterministic date in Test apk The build config was using Date() when generating the Test apk's versionName. - - - - - 7a046f7d by Matthew Finkel at 2024-11-19T17:02:54+01:00 Bug 40185: [android] Use NimbusDisabled - - - - - fd4f0af5 by Matthew Finkel at 2024-11-19T17:02:54+01:00 [android] Add Tor integration and UI Bug 40001: Start Tor as part of the Fenix initialization Bug 40028: Implement Tor Service controller Bug 40028: Integrate Tor Controller into HomeFragment Bug 40028: Implement Tor connect and logger screens Bug 40028: Implement Tor Onboarding Bug 40028: Implement new home screen Bug 40028: Define bootstrapping events and Quick Start Bug 40041: Implement Tor Network Settings Bug 40041: Integrate Tor Network Settings Bug 40179: Show Snowflake bridge option on Release Bug 40176: Re-render Home fragment on resume Bug 41394: Implement a setting to always prioritize Onion sites. - - - - - f9ac62a0 by Alex Catarineu at 2024-11-19T17:02:55+01:00 [android] Modify UI/UX Bug 40015: Modify Home menu Bug 40016: Hide unwanted Settings Bug 40016: Modify Default toolbar menu Bug 40016: Add Donate settings button Bug 40016: Move Allow Screenshots under Advanced Bug 40016: Don't install WebCompat webext Bug 40016: Don't onboard Search Suggestions Bug 40094: Do not use MasterPasswordTipProvider in HomeFragment Bug 40095: Hide "Sign in to sync" in bookmarks Bug 40031: Hide Mozilla-specific items on About page Bug 40032: Set usesCleartextTraffic as false Bug 40063: Do not sort search engines alphabetically Bug 34378: Port external helper app prompting With the corresponding android-components patch, this allows all `startActivity` that may open external apps to be replaced by `TorUtils.startActivityPrompt`. Bug 34403: Disable Normal mode by default Bug 40087: Implement a switch for english locale spoofing Bug 40144: Hide Download Manager Bug 40141: Hide EME site permission Bug 40166: Hide "Normal" tab (again) and Sync tab in TabTray Bug 40167: Hide "Save to Collection" in menu Bug 40172: Find the Quit button Bug 40186: Hide Credit Cards in Settings Bug 40198: Spoof English toggle now overlaps with locale list - - - - - 25a2de15 by hackademix at 2024-11-19T17:02:55+01:00 [android] Modify add-on support Bug 41160: One-time ultimate switch Tor Browser Android to HTTPS-Only. Bug 41159: Remove HTTPS-Everywhere extension from Tor Browser Android. Bug 41094: Enable HTTPS-Only Mode by default in Tor Browser Android. Turn shouldUseHttpsOnly's default to true. Bug 40225: Bundled extensions don't get updated with Android Tor Browser updates. Bug 40030: Install NoScript addon on startup. Also 40070: Consider storing the list of recommended addons This implements our own AddonsProvider, which loads the list of available addons from assets instead of fetching it from an endpoint. Also, we hide the uninstall button for builtin addons. Bug 40058: Hide option for disallowing addon in private mode - - - - - a3c2eeb3 by Dan Ballard at 2024-11-19T17:02:55+01:00 [android] Add Security Level UI Bug 40026: Implement Security Level settings Bug 40026: Integrate Security Level settings - - - - - da39d415 by Dan Ballard at 2024-11-19T17:02:57+01:00 Bug 41972: [android] Disable mozilla onboarding - - - - - c3860b91 by Dan Ballard at 2024-11-19T17:02:57+01:00 Bug 41878: [android] Add standalone Tor Bootstrap - - - - - 7c9b56b8 by clairehurst at 2024-11-19T17:02:58+01:00 Bug 42089: [android] Remove ability to submit site support requests - - - - - fb5f2f13 by clairehurst at 2024-11-19T17:02:58+01:00 [android] fixup! Modify UI/UX and Remove ability to submit site support requests - - - - - ccdc141b by clairehurst at 2024-11-19T17:02:58+01:00 [android] Enable the connect assist experiments on alpha - - - - - 6806148a by hackademix at 2024-11-19T17:02:59+01:00 Bug 42191: [android] Temporary StrictMode relaxation to clear the thumbnail cache. - - - - - 5468b399 by clairehurst at 2024-11-19T17:02:59+01:00 [android] Delete unused media - - - - - b9bb3eb5 by clairehurst at 2024-11-19T17:02:59+01:00 Bug 42195: [android] Fix "Whats new URL" - - - - - bfd6ce28 by clairehurst at 2024-11-19T17:03:00+01:00 [android] Implement Android-native Connection Assist UI - - - - - 78c48582 by Pier Angelo Vendrame at 2024-11-19T17:03:00+01:00 Bug 42652: [android] Pass the list of supported languages to GeckoView. It will be used to prevent leaks about regional preferences. - - - - - 8fbaa9fb by Dan Ballard at 2024-11-19T17:03:01+01:00 Bug 42660: Disable ProxySelector.openConnectionWithProxy and NOPify CrashReporter.sendCrashReport - - - - - 1c27b3da by Dan Ballard at 2024-11-19T17:03:01+01:00 Bug 43006: Disable RFP for Font Visibility on Android - - - - - 9d517204 by Henry Wilkes at 2024-11-19T17:03:01+01:00 Bug 43098: Year End Campaign 2024. Implements YEC 2024 for about:tor. - - - - - 2e843923 by clairehurst at 2024-11-19T20:46:51+00:00 Bug_43099: 2024 YEC - - - - - 30 changed files: - .eslintignore - .gitignore - + .gitlab-ci.yml - + .gitlab/ci/docker/base/Dockerfile - + .gitlab/ci/lint.yml - + .gitlab/ci/scripts/helpers.py - + .gitlab/ci/update-translations.yml - + .gitlab/issue_templates/Backport Android Security Fixes.md - + .gitlab/issue_templates/Emergency Security Issue.md - + .gitlab/issue_templates/QA - Android.md - + .gitlab/issue_templates/QA - Desktop.md - + .gitlab/issue_templates/Rebase Browser - Alpha.md - + .gitlab/issue_templates/Rebase Browser - Stable.md - + .gitlab/issue_templates/bug.md - + .gitlab/merge_request_templates/default.md - .prettierignore - + README.md - − README.txt - + browser/actors/AboutTBUpdateChild.sys.mjs - + browser/actors/AboutTBUpdateParent.sys.mjs - + browser/actors/CryptoSafetyChild.sys.mjs - + browser/actors/CryptoSafetyParent.sys.mjs - − browser/actors/RFPHelperChild.sys.mjs - − browser/actors/RFPHelperParent.sys.mjs - browser/actors/moz.build - browser/app/Makefile.in - browser/app/macbuild/Contents/Info.plist.in - browser/app/macbuild/Contents/MacOS-files.in - browser/app/moz.build - browser/app/permissions The diff was not included because it is too large. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/0fd07c… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/0fd07c… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 41305: Add bugzilla-audit spreadsheet generation script to tools directory
by morgan (＠morgan) 19 Nov '24

19 Nov '24

morgan pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 48741e0d by Morgan at 2024-11-19T19:50:42+00:00 Bug 41305: Add bugzilla-audit spreadsheet generation script to tools directory - - - - - 2 changed files: - tools/browser/README.md - + tools/browser/generate-bugzilla-triage-csv Changes: ===================================== tools/browser/README.md ===================================== @@ -1,5 +1,36 @@ # Tools +### generate-bugzilla-triage-csv + +This script generates a csv file (to be hosted on Google Sheets) which enumerates all of the Bugzilla issues resolved for a particular Firefox release as defined by Mozilla's bug-tracker AND the set of patches in a provided commit range. Each entry will include the Bugzilla issue title and a link which creates an issue in [tpo/applications/tor-browser](https://gitlab.torproject.org/tpo/application… for further review. + +This script should be invoked, the output written to a .csv file, and uploaded to a shared Google Sheets spreadsheet for team triage + review. + +#### Prerequisites + +- The user must create the following soft-links: + - `/tools/browser/torbrowser` -> `/path/to/local/tor-browser.git` + +#### Usage + +``` +Usage: ./tools/browser/generate-bugzilla-triage-csv <ff-version> <begin-commit> <end-commit> <gitlab-audit-issue> <reviewers...> + +ff-version rapid-release Firefox version to audit +begin-commit starting gecko-dev commit of this Firefox version +end-commit ending gecko-dev commit of this Firefox version +gitlab-audit-issue tor-browser GitLab issue number for this audit +reviewers... space-separated list of reviewers responsible for this audit +``` + +#### Examples + +Generates a spreadsheet derived from the Firefox 129 resolved issues and all commits between `FIREFOX_NIGHTLY_128_END` and `FIREFOX_NIGHTLY_129_END`. New issues will automatically link themslves to [tor-browser#43303](https://gitlab.torproject.org/tpo/applications/tor-brows…. The requested reviewers will be morgan, pierov, and henry. + +```bash +./tools/browser/generate-bugzilla-triage-csv 129 FIREFOX_NIGHTLY_128_END FIREFOX_NIGHTLY_129_END 43303 morgan pierov henry +``` + ### sign-tag This script gpg signs a git tag associated with a particular browser commit in the user's tor-browser.git or mullvad-browser.git repo. ===================================== tools/browser/generate-bugzilla-triage-csv ===================================== @@ -0,0 +1,243 @@ +#!/usr/bin/env bash + +# gitlab labels for review tickets +browser_label="15.0 stable" +esr_label="esr-140" + +# prints to stderr +function echoerr() { echo "$@" 1>&2; } + +script_dir=$(dirname "${BASH_ARGV0:-$0}") + +# help dialog +if [ "$#" -lt 5 ]; then + echoerr "Usage: $0 <ff-version> <begin-commit> <end-commit> <gitlab-audit-issue> <reviewers...>" + echoerr + echoerr "ff-version rapid-release Firefox version to audit" + echoerr "begin-commit starting gecko-dev commit of this Firefox version" + echoerr "end-commit ending gecko-dev commit of this Firefox version" + echoerr "gitlab-audit-issue tor-browser GitLab issue number for this audit" + echoerr "reviewers... space-separated list of reviewers responsible for this audit" + echoerr "" + echoerr "Example:" + echoerr "" + echoerr "$0 129 FIREFOX_NIGHTLY_128_END FIREFOX_NIGHTLY_129_END 43303 morgan pierov henry" + exit 1 +fi + +# exit on error +set -e + + +# Ensure various required tools are available +function check_exists() { + local cmd=$1 + if ! which ${cmd} > /dev/null ; then + echoerr "missing ${cmd} dependency" + exit 1 + fi +} + +check_exists git +check_exists jq +check_exists mktemp +check_exists perl +check_exists printf +check_exists sed +check_exists sort +check_exists touch +check_exists uniq +check_exists wget + +# Assign arguments to named variables +firefox_version=$1 +git_begin=$2 +git_end=$3 +audit_issue=$4 +reviewers="${@:5}" + +# Check valid Firefox version +if ! [[ "${firefox_version}" =~ ^[1-9][0-9]{2}$ ]]; then + echoerr "invalid Firefox version (probably)" + exit 1 +fi + +# Check valid Gitlab issue number +if ! [[ "${audit_issue}" =~ ^[1-9][0-9]{4}$ ]]; then + echoerr "invalid gitlab audit issue number (probably)" + exit 1 +fi + +# +# Encoding/Decoding Functions +# + +# escape " and \ +function json_escape() { + local input="$1" + echo "${input}" | sed 's/["\]/\\"/g' +} + + +# un-escape \" +function jq_unescape() { + local input="$1" + echo "${input}" | sed 's/\\"/"/g' +} + +# change quotes to double-quotes +function csv_escape() { + local input="$1" + echo "${input}" | sed 's/"/""/g' +} + +# we need to urlencode the strings used in the new issue link +function url_encode() { + local input="$1" + echo "${input}" | perl -MURI::Escape -wlne 'print uri_escape $_' +} + + +# +# Create temp json files +# +git_json=$(mktemp -t git-audit-${firefox_version}-XXXXXXXXXXX.json) +bugzilla_json=$(mktemp -t bugzilla-audit-${firefox_version}-XXXXXXXXXXX.json) +union_json=$(mktemp -t union-audit-${firefox_version}-XXXXXXXXXXX.json) +touch "${git_json}" +touch "${bugzilla_json}" +touch "${union_json}" + +function json_cleanup { + rm -f "${git_json}" + rm -f "${bugzilla_json}" + rm -f "${union_json}" + popd > /dev/null +} +pushd "${script_dir}/torbrowser" > /dev/null +trap json_cleanup EXIT + +# +# Generate Git Commit Triage List +# + +# Try and extract bug id and summary from git log +# Mozilla's commits are not always 100% consistently named, so this +# regex is a bit flexible to handle various inputs such as: +# "Bug 1234 -", "Bug 1234:", "Bug Bug 1234 -", "[Bug 1234] -", " bug 1234 -". +sed_extract_id_summary="s/^[[ ]*[bug –-]+ ([1-9][0-9]*)[]:\., –-]*(.*)\$/\\1 \\2/pI" + +# Generate a json array of objects in the same format as bugzilla: {component: string, id: number, summary: string} +printf "[\n" >> "${git_json}" + +first_object=true +git log --format='%s' $git_begin..$git_end \ +| sed -En "${sed_extract_id_summary}" \ +| sort -h \ +| uniq \ +| while IFS= read -r line; do + read -r id summary <<< "${line}" + summary=$(json_escape "${summary}") + + # json does not allow trailing commas + if [[ "${first_object}" = true ]]; then + first_object=false + else + printf ",\n" >> "${git_json}" + fi + + printf " { \"component\": \"Unknown\", \"id\": %s, \"summary\": \"%s\" }" ${id} "${summary}" >> "${git_json}" +done +printf "\n]\n" >> "${git_json}" + +# +# Download Bugzilla Triage List +# + +# search for: +# + Product is NOT "Thunderbird,Calander,Chat Core,MailNews Core" (&f1=product&n1=1&o1=anyexact&v1=Thunderbird%2CCalendar%2CChat%20Core%2CMailNews%20Core). AND +# + Target Milestone contains "${firefox_version}" (e.g. 115 Branch or Firefox 115) (&f2=target_milestone&o2=substring&v2=${firefox_version}). +# "&limit=0" shows all matching bugs. + +query_tail="&f1=product&n1=1&o1=anyexact&v1=Thunderbird%2CCalendar%2CChat%20Core%2CMailNews%20Core&f2=target_milestone&o2=substring&v2=${firefox_version}&limit=0" + +bugzilla_query="https://bugzilla.mozilla.org/buglist.cgi?${query_tail}" +bugzilla_json_query="https://bugzilla.mozilla.org/rest/bug?include_fields=id,component,summary${…" + +wget "${bugzilla_json_query}" -O ${bugzilla_json} + + +# +# Create Union of these two sets of issues +# + +# bugzilla array is actually on a root object: { bugs: [...] } +jq -s '[ (.[0].bugs)[], (.[1])[] ] | group_by(.id) | map(.[0])' "${bugzilla_json}" "${git_json}" > "${union_json}" + +# +# Generate Triage CSV +# + +echo "\"Review\",,\"Bugzilla Component\",\"Bugzilla Bug\"" + +jq '. | sort_by([.component, .id])[] | "\(.id)|\(.component)|\(.summary)"' ${union_json} \ +| while IFS='|' read -r id component summary; do + + # bugzilla info + id="${id:1}" + component="${component:0}" + summary="${summary:0:-1}" + summary=$(jq_unescape "${summary}") + # short summary for gitlab issue title + [[ ${#summary} -gt 80 ]] && summary_short="${summary:0:77}..." || summary_short="${summary}" + + # filter out some issue types that we never care about + skip_issue=false + + # skip `[wpt-sync] Sync PR` + if [[ "${summary}" =~ ^\[wpt-sync\]\ Sync\ PR.*$ ]]; then + skip_issue=true + # skip `Crash in [@` and variants + elif [[ "${summary}" =~ ^Crash[esin\ ]*\ \[\@.*$ ]]; then + skip_issue=true + # skip `Assertion failuire: ` + elif [[ "${summary}" =~ ^Assertion\ failure:\ .*$ ]]; then + skip_issue=true + # skip `Hit MOZ_CRASH` + elif [[ "${summary}" =~ ^Hit\ MOZ_CRASH.*$ ]]; then + skip_issue=true + fi + + if [[ "${skip_issue}" = true ]]; then + echoerr "Skipped Bugzilla ${id}: ${summary_short}" + else + csv_summary=$(csv_escape "${summary}") + csv_component=$(csv_escape "${component}") + + # parent issue + bugzilla_url="https://bugzilla.mozilla.org/show_bug.cgi?id=${id}" + # review issue title + new_issue_title=$(url_encode "Review Mozilla ${id}: ${summary_short}") + # review issue description + labeling (14.0 stable, FF128-esr, Next) + new_issue_description=$(url_encode "### Bugzilla: ${bugzilla_url}")%0A$(url_encode "/label ~\"${browser_label}\" ~\"${esr_label}\" ~\"Bugzilla Review\" ~Next")%0A$(url_encode "/relate tpo/applications/tor-browser#${audit_issue}")%0A%0A$(url_encode "")%0A + # url which create's new issue with title and description pre-populated + new_issue_url="https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/new?iss…" + + # this link will start the creation of a new gitlab issue to review + create_issue=$(csv_escape "=HYPERLINK(\"${new_issue_url}\", \"New Issue\")") + bugzilla_link=$(csv_escape "=HYPERLINK(\"${bugzilla_url}\", \"Bugzilla ${id}: ${csv_summary}\")") + + echo "FALSE,\"${create_issue}\",\"${csv_component}\",\"${bugzilla_link}\"," + fi +done + +echo +echo "\"Triaged by:\"" +for reviewer in $reviewers; do + reviewer=$(csv_escape "${reviewer}") + echo "\"FALSE\",\"${reviewer}\"" +done +echo + +bugzilla_query="=HYPERLINK(\"${bugzilla_query}\", \"Bugzilla query\")" +echo \"$(csv_escape "${bugzilla_query}")\" View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/4… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/4… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag base-browser-115.18.0esr-13.5-1-build1
by morgan (＠morgan) 19 Nov '24

19 Nov '24

morgan pushed new tag base-browser-115.18.0esr-13.5-1-build1 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/base-brow… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-115.18.0esr-13.5-1] 158 commits: Bug 1644383 - add mutexs to avoid data race. r=media-playback-reviewers,padenot
by morgan (＠morgan) 19 Nov '24

19 Nov '24

morgan pushed to branch base-browser-115.18.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: d77c777d by alwu at 2024-11-18T22:38:19+00:00 Bug 1644383 - add mutexs to avoid data race. r=media-playback-reviewers,padenot Differential Revision: https://phabricator.services.mozilla.com/D206943 - - - - - 69e67756 by Edgar Chen at 2024-11-18T22:38:20+00:00 Bug 1743329 - Handle ESC key to release pointer lock in parent process; r=smaug Differential Revision: https://phabricator.services.mozilla.com/D211621 - - - - - 63fdc986 by Edgar Chen at 2024-11-18T22:38:20+00:00 Bug 1743329 - Release pointer lock when xul popup is open; r=smaug,pbz Differential Revision: https://phabricator.services.mozilla.com/D211620 - - - - - 3b179bbc by Edgar Chen at 2024-11-18T22:38:20+00:00 Bug 1743329 - Use nsMenuPopupFrame in GetVisiblePopups(); r=smaug Differential Revision: https://phabricator.services.mozilla.com/D211619 A further change was needed in nsCaret.cpp, see https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests… - - - - - 4a70c06d by Otto Länd at 2024-11-18T22:38:21+00:00 Bug 1743329: apply code formatting via Lando # ignore-this-changeset - - - - - 63daf9e3 by Anna Weine at 2024-11-18T22:38:21+00:00 Bug 1760806 - WebCrypto: ECDH and ECDSA JWK import to check that the crv in params and crv in alg are the same r=keeler https://treeherder.mozilla.org/jobs?repo=try&revision=ed7936b105dea8e58… Differential Revision: https://phabricator.services.mozilla.com/D217273 - - - - - a826eee7 by Pier Angelo Vendrame at 2024-11-18T22:38:21+00:00 Bug 1787790: Normalize system fonts with RFP on. r=emilio System fonts can leak any user customization of system fonts, or user's locale (e.g., en-US and ja Windows have different system fonts). Also, Linux distributions/desktop environments set default fonts in different ways. Customization can be detected either with font metrics, the font allowed list is not enabled or the font is included in it, or with getComputedStyle, that leaks the name of the font that Firefox tries to apply. This patch try to prevent these leaks by using a generic "sans-serif" for all system fonts, except on macOS, where it uses "-apple-system", and on Android, where these fonts always use Roboto. Differential Revision: https://phabricator.services.mozilla.com/D163576 - - - - - 447b5f94 by Eitan Isaacson at 2024-11-18T22:38:21+00:00 Bug 1819160 - Map Android ids to doc/accessible id pairs. r=Jamie Differential Revision: https://phabricator.services.mozilla.com/D179737 - - - - - 80e21e0f by Fatih at 2024-11-18T22:38:22+00:00 Bug 1830629: Remove unnecessary checks for pdf.js for RFP. r=tjr resource:// is exempt from RFP, so we no longer need to check pdf.js specifically. Differential Revision: https://phabricator.services.mozilla.com/D209359 - - - - - f0331fed by Pier Angelo Vendrame at 2024-11-18T22:38:22+00:00 Bug 1832523 - Allow using NSS to sign and verify MAR signatures. r=application-update-reviewers,glandium,bytesized Allow using NSS for checking MAR signatures also in platforms where OS-native APIs are used by default, i.e., macOS and Windows. Differential Revision: https://phabricator.services.mozilla.com/D177743 - - - - - ed056406 by Pier Angelo Vendrame at 2024-11-18T22:38:22+00:00 Bug 1849129: Prevent exceptions caused by extensions from interrupting the SearchService initialization. r=search-reviewers,Standard8 Differential Revision: https://phabricator.services.mozilla.com/D186456 - - - - - 4c5fda0e by Emilio Cobos Álvarez at 2024-11-18T22:38:22+00:00 Bug 1853731 - Use html:img for message-bar-icon. r=Gijs,dao,settings-reviewers,desktop-theme-reviewers,sfoster Differential Revision: https://phabricator.services.mozilla.com/D188521 - - - - - aca7a0e9 by Pier Angelo Vendrame at 2024-11-18T22:38:22+00:00 Bug 1854117 - Sort the DLL blocklist flags. r=mossop,win-reviewers,gstoll Differential Revision: https://phabricator.services.mozilla.com/D188716 - - - - - 8d960294 by Eden Chuang at 2024-11-18T22:38:23+00:00 Bug 1738426 - Ignoring status 206 and vary header checking for opaque response in Cache API. r=asuth Differential Revision: https://phabricator.services.mozilla.com/D186431 - - - - - fd2973ae by edgul at 2024-11-18T22:38:23+00:00 Bug 1802057 - Block the following characters from use in the cookie name in the cookie string: 0x3B (semi-colon), 0x3D (equals), and 0x7F (del) r=dveditz,cookie-reviewers Differential Revision: https://phabricator.services.mozilla.com/D182373 - - - - - f3f41e46 by Kelsey Gilbert at 2024-11-18T22:38:23+00:00 Bug 1819497 - Don't race on static bool for initialization. r=gfx-reviewers,aosmond We could do non-racy static init here (e.g. with a static initializer self-calling-closure), but there doesn't seem to be a strong reason for this. Let's just use a switch and get robustness from -Werror=switch. Differential Revision: https://phabricator.services.mozilla.com/D188054 - - - - - f2f4e00f by Edgar Chen at 2024-11-18T22:38:23+00:00 Bug 1828259 - Close XUL popup when entering/exiting fullscreen; r=smaug Differential Revision: https://phabricator.services.mozilla.com/D209355 - - - - - 9aa5f854 by hackademix at 2024-11-18T22:38:24+00:00 Bug 1835987 - Change RFP-spoofed TZ to Atlantic/Reykjavik. r=tjr Atlantic/Reykjavik stays on UTC during all the year, but it is less likely to be blocked than plan UTC. Differential Revision: https://phabricator.services.mozilla.com/D212131 - - - - - 37d198ac by edgul at 2024-11-18T22:38:24+00:00 Bug 1879952 - Fix test expectations with samesite=lax turned on r=tschuster Differential Revision: https://phabricator.services.mozilla.com/D201639 - - - - - 04dc0574 by edgul at 2024-11-18T22:38:24+00:00 Bug 1844827 - Added checks for sub-document navigations from cross-site to same-site in third-party checks when setting a cookie. r=cookie-reviewers,valentin,bvandersloot a=RyanVM Differential Revision: https://phabricator.services.mozilla.com/D204074 - - - - - 66e97b4e by Ed at 2024-11-18T22:38:24+00:00 Bug 1844827 - Update the cookie test expectations for iframe samesite r=cookie-reviewers,valentin a=RyanVM Depends on D199770 Differential Revision: https://phabricator.services.mozilla.com/D199772 - - - - - 9e5d398f by Mark Banner at 2024-11-18T22:38:25+00:00 Bug 1845752. r=ckerschb Differential Revision: https://phabricator.services.mozilla.com/D186676 - - - - - d8b03339 by Pier Angelo Vendrame at 2024-11-18T22:38:25+00:00 Bug 1849186 - Add a preference not to expose the content title in the window title. r=Gijs,tabbrowser-reviewers,dao Differential Revision: https://phabricator.services.mozilla.com/D190496 - - - - - 64edcb52 by Bob Owen at 2024-11-18T22:38:25+00:00 Bug 1850072: Initialize RecordedDrawTargetCreation::mHasExistingData. r=jrmuizel This also specializes ElementStreamFormat for bool. Differential Revision: https://phabricator.services.mozilla.com/D187794 - - - - - 1969aa23 by Malte Juergens at 2024-11-18T22:38:25+00:00 Bug 1850200 - Add delay to HTTPS-Only "Continue to HTTPS Site" button r=freddyb Differential Revision: https://phabricator.services.mozilla.com/D187887 - - - - - a30b17aa by Henry Wilkes at 2024-11-18T22:38:26+00:00 Bug 1851618 - Allow removing packaged locales from requestedLocales. r=settings-reviewers,eemeli,Gijs We open up the UI to allow the user to remove locales from their requestedLocales list, except for the default locale. Differential Revision: https://phabricator.services.mozilla.com/D209930 - - - - - f222b466 by Andreas Pehrson at 2024-11-18T22:38:26+00:00 Bug 1851803 - Introduce SourceMediaTrack::mDirectDisabledMode. r=karlt Similar to MediaTrack::mDisabledMode, but this is for uses on the SourceMediaTrack producer thread. It is still signaled via a control message from the control thread to maintain order of operations, and is protected by the SourceMediaTrack mutex. Differential Revision: https://phabricator.services.mozilla.com/D187554 - - - - - 0fa929e1 by Pier Angelo Vendrame at 2024-11-18T22:38:26+00:00 Bug 1860020 - Remove the assertion on the value of toolkit.telemetry.enabled. r=KrisWright,chutten Bug 1444275 introduced an assertion on the parent process to check that the value of toolkit.telemetry.enabled is the expected one. However, this expected value could be different from the one set and locked e.g. in some forks. Therefore, the assertion prevented debug builds from working in these cases. Differential Revision: https://phabricator.services.mozilla.com/D195080 - - - - - 737cfa7d by Kagami Sascha Rosylight at 2024-11-18T22:38:26+00:00 Bug 1865238 - Use One UI Sans KR VF for Korean sans-serif font on Android r=jfkthame Per /etc/fonts.xml, there are now only two `<family lang="ko">` nodes there: * OneUISansKRVF series * SECCJK series (but no KR postfix anymore?) This patch uses One UI Sans KR VF as the replacement as this is newer and is a variable font (tested with https://codepen.io/SaschaNaz/pen/ExrdYXJ) Differential Revision: https://phabricator.services.mozilla.com/D195078 - - - - - 995d268a by Nuohan Li at 2024-11-18T22:38:27+00:00 Bug 1871109 - generateHash in Manifest.sys.mjs should use sha256 r=peterv, a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D204928 - - - - - b73b8737 by Tom Ritter at 2024-11-18T22:38:27+00:00 Bug 1873526: Refactor the restriction override list from a big if statement to a list r=KrisWright Differential Revision: https://phabricator.services.mozilla.com/D198081 - - - - - bf408cce by Nika Layzell at 2024-11-18T22:38:27+00:00 Bug 1875248 - Check for network error preventing ExternalHelperAppService before DONT_RETARGET, r=smaug This reverts the change from 30cde47f9364e5c7da78fd08fa8ab21737d22399, and instead re-orders the NS_ERROR_FILE_NOT_FOUND check before DONT_RETARGET. Testing suggests that a-download-click-404.html behaviour isn't impacted, and this improves the handling of this edge-case when doing process switching. Differential Revision: https://phabricator.services.mozilla.com/D202007 - - - - - 28967952 by Pier Angelo Vendrame at 2024-11-18T22:38:27+00:00 Bug 1875306 - Localize numbers in the underflow and overflow error messages. r=emilio Differential Revision: https://phabricator.services.mozilla.com/D198965 - - - - - b1565011 by Pier Angelo Vendrame at 2024-11-18T22:38:28+00:00 Bug 1875313 - Use en-US as a fallback when spoof English is enabled in ICUUtils. r=timhuang,tjr Differential Revision: https://phabricator.services.mozilla.com/D198967 - - - - - b1bf7333 by Julian Descottes at 2024-11-18T22:38:28+00:00 Bug 1880374 - Disable DNS prefetching if document nodePrincipal is systemPrincipal r=valentin Differential Revision: https://phabricator.services.mozilla.com/D210830 - - - - - e44149d6 by Pier Angelo Vendrame at 2024-11-18T22:38:28+00:00 Bug 1880988 - Apply spoof English to the default detail summary. r=emilio Differential Revision: https://phabricator.services.mozilla.com/D202203 - - - - - 8956ed1f by Nika Layzell at 2024-11-18T22:38:28+00:00 Bug 1881037 - Part 1: Stop showing unknown protocol error pages for web-triggered loads, r=smaug,necko-reviewers,kershaw, a=dsmith Differential Revision: https://phabricator.services.mozilla.com/D217495 - - - - - da8f7337 by Edgar Chen at 2024-11-18T22:38:29+00:00 Bug 1883396 - Exit fullscreen when two Escape keyup events occur in a short time; r=smaug Differential Revision: https://phabricator.services.mozilla.com/D209667 - - - - - cf9af725 by Fatih at 2024-11-18T22:38:29+00:00 Bug 1885101: Match screen and window properties with top window for ScreenRect, ScreenAvailRect and WindowOuterSize. r=timhuang,emilio This patch removes test_iframe.html. We remove it because the newly introduced test covers the tests done in that test. The reason for removing it in the first place is now that screen properties are inherited/spoofed xorigin, we get a 4px difference. The reasosn for 4px difference is the test runner runs tests in an iframe with a 2px border on each side. Differential Revision: https://phabricator.services.mozilla.com/D215509 - - - - - 86973e3f by Tom Ritter at 2024-11-18T22:38:29+00:00 Bug 1885258: Hidden fonts should obey the allow list r=jfkthame Differential Revision: https://phabricator.services.mozilla.com/D204571 - - - - - f74fd2c1 by Andreas Farre at 2024-11-18T22:38:29+00:00 Bug 1886222 - Start reload by calling reload in the parent. r=Gijs,canadahonk,smaug, a=dsmith (esr128->esr115 backport) Differential Revision: https://phabricator.services.mozilla.com/D211519 - - - - - 4ea4005f by Jonathan Kew at 2024-11-18T22:38:29+00:00 Bug 1886598 - Struct with Pointer member may not be memmove-able. r=gfx-reviewers,lsalzman Differential Revision: https://phabricator.services.mozilla.com/D206633 - - - - - e7ea118e by Jonathan Kew at 2024-11-18T22:38:30+00:00 Bug 1890204 - Ensure font entry's unitsPerEm and font extents are initialized when gfxFont is created. r=gfx-reviewers,lsalzman This means that by the time we potentially call GetFontExtents() when drawing, the extents fields are guaranteed to have been been initialized, and there's no risk of the (read-only) access here racing with setting them in UnitsPerEm(). Differential Revision: https://phabricator.services.mozilla.com/D206920 - - - - - 46a84067 by Kershaw Chang at 2024-11-18T22:38:30+00:00 Bug 1892449 - Set network.http.digest_auth_cnonce_length to 16, a=dmeehan Apparently, setting this value to 64 breaks some sites. We should use the same length as Chrome. Original Revision: https://phabricator.services.mozilla.com/D208103 Differential Revision: https://phabricator.services.mozilla.com/D208119 - - - - - d4866832 by cypherpunks1 at 2024-11-18T22:38:30+00:00 Bug 1892052 - Do not persist custom network requests on PBM. r=devtools-reviewers,bomsy,nchevobbe Differential Revision: https://phabricator.services.mozilla.com/D207762 - - - - - 1c54bbb6 by Jonathan Kew at 2024-11-18T22:38:30+00:00 Bug 1893891 - Clear mSharedBlobData if blob creation failed. a=dmeehan Original Revision: https://phabricator.services.mozilla.com/D208983 Differential Revision: https://phabricator.services.mozilla.com/D209209 - - - - - 72e1dcc1 by cypherpunks1 at 2024-11-18T22:38:31+00:00 Bug 1892046 - Add origin attributes to about:reader requests. r=reader-mode-reviewers,cmkm Differential Revision: https://phabricator.services.mozilla.com/D207759 - - - - - 6469b106 by Timothy Nikkel at 2024-11-18T22:38:31+00:00 Bug 1899180. If a channel is not nsIPrivateBrowsingChannel and has no load context, use the private browsing field from it's origin attributes. r=necko-reviewers,anti-tracking-reviewers,valentin If the channel is not a nsIPrivateBrowsingChannel, and it also has no load context (eg inside svg images) then we will over write a non-zero mPrivateBrowsingId on the OriginAttributes of the channel with 0, making NS_UsePrivateBrowsing return false for the channel. Differential Revision: https://phabricator.services.mozilla.com/D212083 - - - - - d172f9da by Jan de Mooij at 2024-11-18T22:38:31+00:00 Bug 1900523 - Don't use bailout data for JSJitToWasm frames. r=iain Differential Revision: https://phabricator.services.mozilla.com/D212554 - - - - - 2b528d87 by Jan de Mooij at 2024-11-18T22:38:31+00:00 Bug 1902983 - Don't use bailout data after iterating Wasm frames. a=RyanVM This is similar to bug 1900523, but the fix there was incomplete because the `JSJitToWasm` frame type is only used when we go through the Wasm JIT entry trampoline. Ion can also call Wasm functions directly and in that case the type will be `FrameType::Exit`. Original Revision: https://phabricator.services.mozilla.com/D214098 Differential Revision: https://phabricator.services.mozilla.com/D214375 - - - - - 7bbedc19 by Jon Coppeard at 2024-11-18T22:38:32+00:00 Bug 1904011 - Ignore finalized scripts when iterating code covarage tables r=iain Differential Revision: https://phabricator.services.mozilla.com/D214799 - - - - - 940137b9 by Kershaw Chang at 2024-11-18T22:38:32+00:00 Bug 1907726 - Make sure WebTransportSessionProxy::NotifyDatagramReceived is called after OnStopRequest, a=RyanVM The crash occurs because WebTransportSessionProxy::OnDatagramReceivedInternal is called before WebTransportSessionProxy::OnStopRequest. When this happens, WebTransportSessionProxy::mTarget is the main thread, so a task is dispatched to the main thread. This causes WebTransportSessionProxy::NotifyDatagramReceived to be called on the main thread. If WebTransportSessionProxy::NotifyDatagramReceived is invoked while WebTransportSessionProxy::mStopRequestCalled is true, it can lead to OnDatagramReceived being called on the main thread (instead of the socket thread), resulting in a crash. Original Revision: https://phabricator.services.mozilla.com/D220013 Differential Revision: https://phabricator.services.mozilla.com/D221661 - - - - - 3aabd138 by Sam Foster at 2024-11-18T22:38:32+00:00 Bug 1909099 - Always clean up old session restore and sync log files. r=markh,sessionstore-reviewers,dao Differential Revision: https://phabricator.services.mozilla.com/D217520 - - - - - abc44cfb by Nika Layzell at 2024-11-18T22:38:32+00:00 Bug 1911745 - Unify BrowsingContext flag coherency checks, r=mccr8 Previously these checks were largely diagnostic tools for finding bugs in other code as it evolves. This unifies the checks a bit more and makes them stronger for BrowsingContexts created over IPC, providing a place for more coherency checks to be added in the future. Differential Revision: https://phabricator.services.mozilla.com/D218860 - - - - - 95c8febf by Steve Fink at 2024-11-18T22:38:33+00:00 Bug 1912471 - Disallow deserializing structured clone buffers with transferables more than once r=iain, a=dsmith Differential Revision: https://phabricator.services.mozilla.com/D220644 - - - - - 7c50a944 by Emilio Cobos Álvarez at 2024-11-18T22:38:33+00:00 Bug 1914106 - Deal with insertRule edge-case. r=jwatt a=RyanVM When there's trailing garbage after an @import rule we throw, but we still trigger the load (that's not great but not trivial to change). Deal with that case before calling ImportRuleLoaded(). Differential Revision: https://phabricator.services.mozilla.com/D219783 - - - - - f284d74c by André Bargull at 2024-11-18T22:38:33+00:00 Bug 1915249: Add more nodiscard. a=RyanVM Original Revision: https://phabricator.services.mozilla.com/D220311 Differential Revision: https://phabricator.services.mozilla.com/D221663 - - - - - 0b7d2715 by Paul Zuehlcke at 2024-11-18T22:38:33+00:00 Bug 1916659, a=diannaS Original Revision: https://phabricator.services.mozilla.com/D222629 Differential Revision: https://phabricator.services.mozilla.com/D222934 - - - - - 38f31730 by Randell Jesup at 2024-11-18T22:40:46+00:00 Bug 1829029: clean up memory reporting for CacheFileIOManager r=necko-reviewers,valentin, a=RyanVM Differential Revision: https://phabricator.services.mozilla.com/D221350 - - - - - 620314fc by Valentin Gosu at 2024-11-18T22:40:46+00:00 Bug 1914521 - Make nsPartChannel inherit the content disposition of the multipart response a=RyanVM Original Revision: https://phabricator.services.mozilla.com/D223728 Differential Revision: https://phabricator.services.mozilla.com/D224288 - - - - - 149f7f02 by Andrew McCreight at 2024-11-18T22:40:47+00:00 Bug 1919809 - Always clear mArgumentStorage in Console's Unlink. a=RyanVM Original Revision: https://phabricator.services.mozilla.com/D222803 Differential Revision: https://phabricator.services.mozilla.com/D224384 - - - - - 8b95567c by Paul Zuehlcke at 2024-11-18T22:40:47+00:00 Bug 1920423, a=RyanVM Differential Revision: https://phabricator.services.mozilla.com/D224349 - - - - - b9a1e12e by Andrew McCreight at 2024-11-18T22:40:47+00:00 Bug 1923706 - Pass by value, not reference in CamerasChild::AllocateCapture. a=RyanVM Original Revision: https://phabricator.services.mozilla.com/D225121 Differential Revision: https://phabricator.services.mozilla.com/D225363 - - - - - 3e52cfd2 by Kagami Sascha Rosylight at 2024-11-18T22:40:47+00:00 Bug 1924154 - Disallow too small record a=RyanVM Original Revision: https://phabricator.services.mozilla.com/D225687 Differential Revision: https://phabricator.services.mozilla.com/D226147 - - - - - 1e9496ed by Henry Wilkes at 2024-11-18T22:40:48+00:00 Bug 41454: Move focus after calling openPreferences for a sub-category. Temporary fix until mozilla bug 1799153 gets a patch upstream. - - - - - 3c5e86a9 by hackademix at 2024-11-18T22:40:48+00:00 Bug 42194: Fix blank net error page on failed DNS resolution with active proxy. - - - - - 06b959d8 by Henry Wilkes at 2024-11-18T22:40:48+00:00 Bug 41483: Remove the firefox override for appstrings.properties Remove this patch after upstream bugzilla bug 1790187 - - - - - 23488349 by Marco Simonelli at 2024-11-18T22:40:48+00:00 Bug 41459: WebRTC fails to build under mingw (Part 1) - properly define NOMINMAX for just MSVC builds - - - - - 4470a707 by Marco Simonelli at 2024-11-18T22:40:49+00:00 Bug 41459: WebRTC fails to build under mingw (Part 2) - fixes required to build third_party/libwebrtc - - - - - 51d48e92 by Marco Simonelli at 2024-11-18T22:40:49+00:00 Bug 41459: WebRTC fails to build under mingw (Part 3) - fixes required to build third_party/sipcc - - - - - 34ab36bb by Marco Simonelli at 2024-11-18T22:40:49+00:00 Bug 41459: WebRTC fails to build under mingw (Part 4) - fixes requried to build netwerk/sctp - - - - - d2b61c86 by Marco Simonelli at 2024-11-18T22:40:50+00:00 Bug 41459: WebRTC fails to build under mingw (Part 5) - fixes required to build dom/media/webrtc - - - - - b3009024 by Marco Simonelli at 2024-11-18T22:40:50+00:00 Bug 41459: WebRTC fails to build under mingw (Part 6) - fixes required to build dom/media/systemservices - - - - - f6bd8d68 by hackademix at 2024-11-18T22:40:50+00:00 Bug 41854: Allow overriding download spam protection. - - - - - a23bde44 by hackademix at 2024-11-18T22:40:50+00:00 Bug 42835: Create an actor to filter file data transfers - - - - - 18b6c444 by Gaba at 2024-11-18T22:40:51+00:00 Adding issue and merge request templates - - - - - 4a698c6c by Pier Angelo Vendrame at 2024-11-18T22:40:51+00:00 Base Browser's .mozconfigs. Bug 17858: Cannot create incremental MARs for hardened builds. Define HOST_CFLAGS, etc. to avoid compiling programs such as mbsdiff (which is part of mar-tools and is not distributed to end-users) with ASan. Bug 21849: Don't allow SSL key logging. Bug 25741 - TBA: Disable features at compile-time Define MOZ_ANDROID_NETWORK_STATE and MOZ_ANDROID_LOCATION Bug 27623 - Export MOZILLA_OFFICIAL during desktop builds This fixes a problem where some preferences had the wrong default value. Also see bug 27472 where we made a similar fix for Android. Bug 29859: Disable HLS support for now Bug 30463: Explicitly disable MOZ_TELEMETRY_REPORTING Bug 32493: Disable MOZ_SERVICES_HEALTHREPORT Bug 33734: Set MOZ_NORMANDY to False Bug 33851: Omit Parental Controls. Bug 40252: Add --enable-rust-simd to our tor-browser mozconfig files Bug 41584: Move some configuration options to base-browser level - - - - - 3bb6e637 by Pier Angelo Vendrame at 2024-11-18T22:40:51+00:00 Tweaks to the build system Bug 40857: Modified the fat .aar creation file This is a workaround to build fat .aars with the compiling enviornment disabled. Mozilla does not use a similar configuration, but either runs a Firefox build and discards its output, or uses artifacts build. We might switch to artifact builds too, and drop this patch, or write a better one to upstream. But until then we need this patch. See also https://bugzilla.mozilla.org/show_bug.cgi?id=1763770. Bug 41458: Prevent `mach package-multi-locale` from actually creating a package macOS builds need some files to be moved around with ./mach package-multi-locale to create multi-locale packages. The required command isn't exposed through any other mach command. So, we patch package-multi-locale both to prevent it from failing when doing official builds and to detect any future changes on it. - - - - - ea188843 by Pier Angelo Vendrame at 2024-11-18T22:40:51+00:00 Bug 41108: Remove privileged macOS installation from 102 - - - - - 58756cc1 by Dan Ballard at 2024-11-18T22:40:52+00:00 Bug 41149: Re-enable DLL injection protection in all builds not just nightlies - - - - - 72f5bd43 by Matthew Finkel at 2024-11-18T22:40:52+00:00 Bug 24796: Comment out excess permissions from GeckoView The GeckoView AndroidManifest.xml is not preprocessed unlike Fennec's manifest, so we can't use the ifdef preprocessor guards around the permissions we do not want. Commenting the permissions is the next-best-thing. - - - - - 05504a87 by Matthew Finkel at 2024-11-18T22:40:52+00:00 Bug 28125: Prevent non-Necko network connections - - - - - 9a58081c by Mike Perry at 2024-11-18T22:40:52+00:00 Bug 12974: Disable NTLM and Negotiate HTTP Auth The Mozilla bugs: https://bugzilla.mozilla.org/show_bug.cgi?id=1046421, https://bugzilla.mozilla.org/show_bug.cgi?id=1261591, tor-browser#27602 - - - - - 9b5a8ee4 by Alex Catarineu at 2024-11-18T22:40:53+00:00 Bug 40166: Disable security.certerrors.mitm.auto_enable_enterprise_roots Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1768899 - - - - - 9776cde1 by Georg Koppen at 2024-11-18T22:40:53+00:00 Bug 16285: Exclude ClearKey system for now In the past the ClearKey system had not been compiled when specifying --disable-eme. But that changed and it is even bundled nowadays (see: Mozilla's bug 1300654). We don't want to ship it right now as the use case for it is not really visible while the code had security vulnerabilities in the past. - - - - - 63b039ac by Kathy Brade at 2024-11-18T22:40:53+00:00 Bug 21431: Clean-up system extensions shipped in Firefox Only ship the pdfjs extension. - - - - - 1653d747 by Kathy Brade at 2024-11-18T22:40:54+00:00 Bug 33852: Clean up about:logins (LockWise) to avoid mentioning sync, etc. Hide elements on about:logins that mention sync, "Firefox LockWise", and Mozilla's LockWise mobile apps. Disable the "Create New Login" button when security.nocertdb is true. - - - - - 31bda4c2 by Alex Catarineu at 2024-11-18T22:40:54+00:00 Bug 41457: Remove Mozilla permissions Bug 40025: Remove Mozilla add-on install permissions - - - - - c95baf96 by Kathy Brade at 2024-11-18T22:40:54+00:00 Bug 40002: Remove about:ion Firefox Ion (previously Firefox Pioneer) is an opt-in program in which people volunteer to participate in studies that collect detailed, sensitive data about how they use their browser. Bug 41662: Disable about:sync-logs Even though we disable sync by default with `identity.fxaccounts.enabled`, this about: page is still avilable. We could throw an exception on the constructor of the related component, but it would result only in an error in the console, without a visible "this address does not look right" error page. If we fix the issues with MOZ_SERVICES_SYNC, we can restore the component. - - - - - 60995bdb by Arthur Edelstein at 2024-11-18T22:40:54+00:00 Bug 26353: Prevent speculative connect that violated FPI. Connections were observed in the catch-all circuit when the user entered an https or http URL in the URL bar, or typed a search term. - - - - - a1a002fb by Alex Catarineu at 2024-11-18T22:40:55+00:00 Bug 31740: Remove some unnecessary RemoteSettings instances More concretely, SearchService.jsm 'hijack-blocklists' and url-classifier-skip-urls. Avoid creating instance for 'anti-tracking-url-decoration'. If prefs are disabling their usage, avoid creating instances for 'cert-revocations' and 'intermediates'. Do not ship JSON dumps for collections we do not expect to need. For the ones in the 'main' bucket, this prevents them from being synced unnecessarily (the code in remote-settings does so for collections in the main bucket for which a dump or local data exists). For the collections in the other buckets, we just save some size by not shipping their dumps. We also clear the collections database on the v2 -> v3 migration. - - - - - 201d298a by cypherpunks1 at 2024-11-18T22:40:55+00:00 Bug 41092: Add a RemoteSettings JSON dump for query-stripping - - - - - 2b3ada8f by Pier Angelo Vendrame at 2024-11-18T22:40:55+00:00 Bug 41635: Disable the Normandy component Do not include Normandy at all whenever MOZ_NORMANDY is False. - - - - - d89fef9c by Georg Koppen at 2024-11-18T22:40:55+00:00 Bug 30541: Disable WebGL readPixel() for web content Related Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1428034 - - - - - ca64576e by Alex Catarineu at 2024-11-18T22:40:56+00:00 Bug 28369: Stop shipping pingsender executable - - - - - 84ec4292 by cypherpunks1 at 2024-11-18T22:40:56+00:00 Bug 41568: Disable LaterRun - - - - - 13409c6b by cypherpunks1 at 2024-11-18T22:40:56+00:00 Bug 40717: Hide Windows SSO in settings - - - - - 15f749cf by Pier Angelo Vendrame at 2024-11-18T22:40:56+00:00 Bug 41599: Always return an empty string as network ID Firefox computes an internal network ID used to detect network changes and act consequently (e.g., to improve WebSocket UX). However, there are a few ways to get this internal network ID, so we patch them out, to be sure any new code will not be able to use them and possibly link users. We also sent a patch to Mozilla to seed the internal network ID, to prevent any accidental leak in the future. Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1817756 - - - - - 6720790e by Richard Pospesel at 2024-11-18T22:40:57+00:00 Bug 41327: Disable UrlbarProviderInterventions - - - - - 1df35455 by Richard Pospesel at 2024-11-18T22:40:57+00:00 Bug 42037: Disable about:firefoxview page - - - - - dddafc46 by Mike Perry at 2024-11-18T22:40:58+00:00 Firefox preference overrides. This hack directly includes our preference changes in omni.ja. Bug 18292: Staged updates fail on Windows Temporarily disable staged updates on Windows. Bug 18297: Use separate Noto JP,KR,SC,TC fonts Bug 23404: Add Noto Sans Buginese to the macOS whitelist Bug 23745: Set dom.indexedDB.enabled = true Bug 13575: Disable randomised Firefox HTTP cache decay user tests. (Fernando Fernandez Mancera <ffmancera(a)riseup.net>) Bug 17252: Enable session identifiers with FPI Session tickets and session identifiers were isolated by OriginAttributes, so we can re-enable them by allowing the default value (true) of "security.ssl.disable_session_identifiers". The pref "security.enable_tls_session_tickets" is obsolete (removed in https://bugzilla.mozilla.org/917049) Bug 14952: Enable http/2 and AltSvc In Firefox, SPDY/HTTP2 now uses Origin Attributes for isolation of connections, push streams, origin frames, etc. That means we get first-party isolation provided "privacy.firstparty.isolate" is true. So in this patch, we stop overriding "network.http.spdy.enabled" and "network.http.spdy.enabled.http2". Alternate Services also use Origin Attributes for isolation. So we stop overriding "network.http.altsvc.enabled" and "network.http.altsvc.oe" as well. (All 4 of the abovementioned "network.http.*" prefs adopt Firefox 60ESR's default value of true.) However, we want to disable HTTP/2 push for now, so we set "network.http.spdy.allow-push" to false. "network.http.spdy.enabled.http2draft" was removed in Bug 1132357. "network.http.sped.enabled.v2" was removed in Bug 912550. "network.http.sped.enabled.v3" was removed in Bug 1097944. "network.http.sped.enabled.v3-1" was removed in Bug 1248197. Bug 26114: addons.mozilla.org is not special * Don't expose navigator.mozAddonManager on any site * Don't block NoScript from modifying addons.mozilla.org or other sites Enable ReaderView mode again (#27281). Bug 29916: Make sure enterprise policies are disabled Bug 2874: Block Components.interfaces from content Bug 26146: Spoof HTTP User-Agent header for desktop platforms In Tor Browser 8.0, the OS was revealed in both the HTTP User-Agent header and to JavaScript code via navigator.userAgent. To avoid leaking the OS inside each HTTP request (which many web servers log), always use the Windows 7 OS value in the desktop User-Agent header. We continue to allow access to the actual OS via JavaScript, since doing so improves compatibility with web applications such as GitHub and Google Docs. Bug 12885: Windows Jump Lists fail for Tor Browser Jumplist entries are stored in a binary file in: %APPDATA%\\Microsoft\Windows\Recent\CustomDestinations\ and has a name in the form [a-f0-9]+.customDestinations-ms The hex at the front is unique per app, and is ultimately derived from something called the 'App User Model ID' (AUMID) via some unknown hashing method. The AUMID is provided as a key when programmatically creating, updating, and deleting a jumplist. The default behaviour in firefox is for the installer to define an AUMID for an app, and save it in the registry so that the jumplist data can be removed by the uninstaller. However, the Tor Browser does not set this (or any other) regkey during installation, so this codepath fails and the app's AUMID is left undefined. As a result the app's AUMID ends up being defined by windows, but unknowable by Tor Browser. This unknown AUMID is used to create and modify the jumplist, but the delete API requires that we provide the app's AUMID explicitly. Since we don't know what the AUMID is (since the expected regkey where it is normally stored does not exist) jumplist deletion will fail and we will leave behind a mostly empty customDestinations-ms file. The name of the file is derived from the binary path, so an enterprising person could reverse engineer how that hex name is calculated, and generate the name for Tor Browser's default Desktop installation path to determine whether a person had used Tor Browser in the past. The 'taskbar.grouping.useprofile' option that is enabled by this patch works around this AUMID problem by having firefox.exe create it's own AUMID based on the profile path (rather than looking for a regkey). This way, if a user goes in and enables and disables jumplist entries, the backing store is properly deleted. Unfortunately, all windows users currently have this file lurking in the above mentioned directory and this patch will not remove it since it was created with an unknown AUMID. However, another patch could be written which goes to that directory and deletes any item containing the 'Tor Browser' string. See bug 28996. Bug 30845: Make sure default themes and other internal extensions are enabled Bug 28896: Enable extensions in private browsing by default Bug 31065: Explicitly allow proxying localhost Bug 31598: Enable letterboxing Disable Presentation API everywhere Bug 21549 - Use Firefox's WASM default pref. It is disabled at safer security levels. Bug 32321: Disable Mozilla's MitM pings Bug 19890: Disable installation of system addons By setting the URL to "" we make sure that already installed system addons get deleted as well. Bug 22548: Firefox downgrades VP9 videos to VP8. On systems where H.264 is not available or no HWA, VP9 is preferred. But in Tor Browser 7.0 all youtube videos are degraded to VP8. This behaviour can be turned off by setting media.benchmark.vp9.threshold to 0. All clients will get better experience and lower traffic, beause TBB doesn't use "Use hardware acceleration when available". Bug 25741 - TBA: Add mobile-override of 000-tor-browser prefs Bug 16441: Suppress "Reset Tor Browser" prompt. Bug 29120: Use the in-memory media cache and increase its maximum size. Bug 33697: use old search config based on list.json Bug 33855: Ensure that site-specific browser mode is disabled. Bug 30682: Disable Intermediate CA Preloading. Bug 40061: Omit the Windows default browser agent from the build Bug 40322: Consider disabling network.connectivity-service.enabled Bug 40408: Disallow SVG Context Paint in all web content Bug 40308: Disable network partitioning until we evaluate dFPI Bug 40322: Consider disabling network.connectivity-service.enabled Bug 40383: Disable dom.enable_event_timing Bug 40423: Disable http/3 Bug 40177: Update prefs for Fx91esr Bug 40700: Disable addons and features recommendations Bug 40682: Disable network.proxy.allow_bypass Bug 40736: Disable third-party cookies in PBM Bug 19850: Enabled HTTPS-Only by default Bug 40912: Hide the screenshot menu Bug 41292: Disable moreFromMozilla in preferences page Bug 40057: Ensure the CSS4 system colors are not a fingerprinting vector Bug 24686: Set network.http.tailing.enabled to true Bug 40183: Disable TLS ciphersuites using SHA-1 Bug 40783: Review 000-tor-browser.js and 001-base-profile.js for 102 We reviewed all the preferences we set for 102, and remove a few old ones. See the description of that issue to see all the preferences we believed were still valid for 102, and some brief description for the reasons to keep them. - - - - - adcfca56 by Pier Angelo Vendrame at 2024-11-18T22:40:58+00:00 Bug 41043: Hardcode the UI font on Linux The mechanism to choose the UI font does not play well with our fontconfig configuration. As a result, the final criterion to choose the font for the UI was its version. Since we hardcode Arimo as a default sans-serif on preferences, we use it also for the UI. FontConfig will fall back to some other font for scripts Arimo does not cover as expected (we tested with Japanese). - - - - - ea7db40f by Pier Angelo Vendrame at 2024-11-18T22:40:58+00:00 Bug 41901: Hardcode normalized FontSubstitutes. Windows has a system to set font aliases through the registry. This allows some customization that could be used as a fingerprinting vector. Moreover, this mechanism is used by Windows itself, and different SKUs might have different default FontSubstitutes. - - - - - ffbb5b22 by Alex Catarineu at 2024-11-18T22:40:58+00:00 Bug 30605: Honor privacy.spoof_english in Android This checks `privacy.spoof_english` whenever `setLocales` is called from Fenix side and sets `intl.accept_languages` accordingly. Bug 40198: Expose privacy.spoof_english pref in GeckoView - - - - - d618fd93 by Pier Angelo Vendrame at 2024-11-18T22:40:59+00:00 Bug 42562: Normalized the Accepted Languages on Android. The OS language might be outside the list of actually supported languages and it might leak the user's region. Therefore, we force the locale reported in Accept-Language to match one we support with translations, even when it means using a not exact region tag. - - - - - 529ba148 by Alex Catarineu at 2024-11-18T22:40:59+00:00 Bug 40171: Make WebRequest and GeckoWebExecutor First-Party aware - - - - - e4ac78a2 by Alex Catarineu at 2024-11-18T22:40:59+00:00 Bug 26345: Hide tracking protection UI - - - - - 1e0e00ab by Pier Angelo Vendrame at 2024-11-18T22:40:59+00:00 Bug 9173: Change the default Firefox profile directory to be relative. This commit makes Firefox look for the default profile directory in a directory relative to the binary path. The directory can be specified through the --with-relative-data-dir. This is relative to the same directory as the firefox main binary for Linux and Windows. On macOS, we remove Contents/MacOS from it. Or, in other words, the directory is relative to the application bundle. This behavior can be overriden at runtime, by placing a file called system-install adjacent to the firefox main binary (also on macOS). - - - - - b932ec02 by Alex Catarineu at 2024-11-18T22:41:00+00:00 Bug 27604: Fix addon issues when moving the profile directory Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1429838 - - - - - 5bbb6527 by Mike Perry at 2024-11-18T22:41:00+00:00 Bug 13028: Prevent potential proxy bypass cases. It looks like these cases should only be invoked in the NSS command line tools, and not the browser, but I decided to patch them anyway because there literally is a maze of network function pointers being passed around, and it's very hard to tell if some random code might not pass in the proper proxied versions of the networking code here by accident. Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1433509 - - - - - a4c3577a by Pier Angelo Vendrame at 2024-11-18T22:41:00+00:00 Bug 40309: Avoid using regional OS locales Avoid regional OS locales if the pref `intl.regional_prefs.use_os_locales` is false but RFP is enabled. - - - - - 92bb969e by Matthew Finkel at 2024-11-18T22:41:01+00:00 Bug 40432: Prevent probing installed applications Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1711084 - - - - - 2fdfdcb0 by cypherpunks1 at 2024-11-18T22:41:01+00:00 Bug 33955: When copying an image only copy the image contents to the clipboard - - - - - 0e623616 by cypherpunks1 at 2024-11-18T22:41:01+00:00 Bug 41791: Omit the source URL when copying page contents to the clipboard - - - - - 5f2a1992 by hackademix at 2024-11-18T22:41:01+00:00 Bug 42288: Allow language spoofing in status messages. - - - - - 6a650855 by Richard Pospesel at 2024-11-18T22:41:02+00:00 Bug 41659: Add canonical color definitions to base-browser - - - - - ad432a95 by Pier Angelo Vendrame at 2024-11-18T22:41:02+00:00 Base Browser strings This commit adds all the strings needed by following Base Browser patches. - - - - - 92fb3399 by Pier Angelo Vendrame at 2024-11-18T22:41:02+00:00 Bug 41369: Improve Firefox language settings for multi-lingual packages Change the language selector to be sorted by language code, rather than name, and to display the language code to the user. Bug 41372: Handle Japanese as a special case in preferences on macOS Japanese is treated in a special way on macOS. However, seeing the Japanese language tag could be confusing for users, and moreover the language name is not localized correctly like other langs. Bug 41378: Tell users that they can change their language at the first start With multi-lingual builds, Tor Browser matches the user's system language, but some users might want to change it. So, we tell them that it is possible, but only once. - - - - - 073cae3a by p13dz at 2024-11-18T22:41:02+00:00 Bug 40283: Workaround for the file upload bug - - - - - cd4cfbd1 by Arthur Edelstein at 2024-11-18T22:41:03+00:00 Bug 18905: Hide unwanted items from help menu Bug 25660: Remove the "New Private Window" option - - - - - b815be40 by Pier Angelo Vendrame at 2024-11-18T22:41:03+00:00 Bug 41739: Remove "Website appearance" from about:preferences. It is ignored because of RFP and it is confusing for users. - - - - - 374bc274 by hackademix at 2024-11-18T22:41:04+00:00 Bug 42019: Empty browser's clipboard on browser shutdown - - - - - bb6081f0 by hackademix at 2024-11-18T22:41:04+00:00 Bug 42084: Ensure English spoofing works even if preferences are set out of order. - - - - - fd740ade by Pier Angelo Vendrame at 2024-11-18T22:41:04+00:00 Bug 41930: Remove the UI to customize accept_languages. - - - - - 360a74a0 by Pier Angelo Vendrame at 2024-11-18T22:41:04+00:00 Bug 42376: Pass the locale list when constructing l10n in datetimebox The datetime input is inconsistent with other inputs when using spoof English: its placeholder is not translated, unlike the default values and texts of all the other inputs. - - - - - 6fa46327 by Pier Angelo Vendrame at 2024-11-18T22:41:05+00:00 Bug 42428: Make RFP spoof the timezone of document.lastModified. - - - - - c1157d16 by Pier Angelo Vendrame at 2024-11-18T22:41:05+00:00 Bug 42472: Spoof timezone in XSLT. - - - - - beec0cd8 by hackademix at 2024-11-18T22:41:05+00:00 Bug 41434: Letterboxing, preemptively apply margins in a global CSS rule to mitigate race conditions on newly created windows and tabs. - - - - - 54266423 by hackademix at 2024-11-18T22:41:05+00:00 Bug 41434: Letterboxing, improve logging. - - - - - 26d6eb36 by hackademix at 2024-11-18T22:41:06+00:00 Bug 31064: Letterboxing, exempt browser extensions. - - - - - 85d576cf by hackademix at 2024-11-18T22:41:06+00:00 Bug 32411: Letterboxing, exempt view-source: URIs. - - - - - ef400340 by hackademix at 2024-11-18T22:41:06+00:00 Bug 42574: Letterboxing, exempt pdf.js. - - - - - d539c2b8 by hackademix at 2024-11-18T22:41:07+00:00 Bug 32308: Use direct browser sizing for letterboxing. Bug 30556: align letterboxing with 200x100 new win width stepping - - - - - 30802300 by hackademix at 2024-11-18T22:41:07+00:00 Bug 41631: Prevent weird initial window dimensions caused by subpixel computations - - - - - 202c42dd by hackademix at 2024-11-18T22:41:07+00:00 Bug 41918: Option to reuse last window size when letterboxing is enabled. - - - - - 70cfc91a by hackademix at 2024-11-18T22:41:07+00:00 Bug 41916: Letterboxing preferences UI - - - - - 8f6c0a4e by hackademix at 2024-11-18T22:41:08+00:00 Bug 41695: Warn on window maximization without letterboxing in RFPHelper module - - - - - e8f04fdf by hackademix at 2024-11-18T22:41:08+00:00 Bug 42443: Shrink window to match letterboxing size when the emtpy area is clicked. - - - - - 58ccb1aa by Henry Wilkes at 2024-11-18T22:41:08+00:00 Bug 42528: Don't leak system scrollbar size on windows. - - - - - aae2dfde by Henry Wilkes at 2024-11-18T22:41:09+00:00 Bug 31575: Disable Firefox Home (Activity Stream) Treat about:blank as the default home page and new tab page. Avoid loading AboutNewTab in BrowserGlue.sys.mjs in order to avoid several network requests that we do not need. Bug 41624: Disable about:pocket-* pages. Bug 40144: Redirect about:privatebrowsing to the user's home - - - - - 370afc02 by Kathy Brade at 2024-11-18T22:41:09+00:00 Bug 4234: Use the Firefox Update Process for Base Browser. Windows: disable "runas" code path in updater (15201). Windows: avoid writing to the registry (16236). Also includes fixes for tickets 13047, 13301, 13356, 13594, 15406, 16014, 16909, 24476, and 25909. Also fix bug 27221: purge the startup cache if the Base Browser version changed (even if the Firefox version and build ID did not change), e.g., after a minor Base Browser update. Also fix 32616: Disable GetSecureOutputDirectoryPath() functionality. Bug 26048: potentially confusing "restart to update" message Within the update doorhanger, remove the misleading message that mentions that windows will be restored after an update is applied, and replace the "Restart and Restore" button label with an existing "Restart to update Tor Browser" string. Bug 28885: notify users that update is downloading Add a "Downloading Base Browser update" item which appears in the hamburger (app) menu while the update service is downloading a MAR file. Before this change, the browser did not indicate to the user that an update was in progress, which is especially confusing in Tor Browser because downloads often take some time. If the user clicks on the new menu item, the about dialog is opened to allow the user to see download progress. As part of this fix, the update service was changed to always show update-related messages in the hamburger menu, even if the update was started in the foreground via the about dialog or via the "Check for Tor Browser Update" toolbar menu item. This change is consistent with the Tor Browser goal of making sure users are informed about the update process. Removed #28885 parts of this patch which have been uplifted to Firefox. - - - - - 70fdc03d by Pier Angelo Vendrame at 2024-11-18T22:41:09+00:00 Bug 42061: Create an alpha update channel. - - - - - f2a93d8f by Nicolas Vigier at 2024-11-18T22:41:10+00:00 Bug 41682: Add base-browser nightly mar signing key - - - - - a92a5f88 by Pier Angelo Vendrame at 2024-11-18T22:41:10+00:00 Bug 41603: Customize the creation of MOZ_SOURCE_URL MOZ_SOURCE_URL is created by combining MOZ_SOURCE_REPO and MOZ_SOURCE_CHANGESET. But the code takes for granted that it refers to a Hg instance, so it combines them as `$MOZ_SOURCE_REPO/rev/$MOZ_SOURCE_CHANGESET`. With this commit, we change this logic to combine them to create a URL that is valid for GitLab. $MOZ_SOURCE_CHANGESET needs to be a commit hash, not a branch or a tag. If that is needed, we could use /-/tree/, instead of /-/commit/. - - - - - d488a40e by Pier Angelo Vendrame at 2024-11-18T22:41:10+00:00 Bug 41698: Reword the recommendation badges in about:addons Firefox strings use { -brand-product-name }. As a result, it seems that the fork is recommending extensions, whereas AMO curators are doing that. So, we replace the strings with custom ones that clarify that Mozilla is recommending them. We assign the strings with JS because our translation backend does not support Fluent attributes, yet, but once it does, we should switch to them, instead. Upstream bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1825033 - - - - - 8680f268 by Pier Angelo Vendrame at 2024-11-18T22:41:10+00:00 Bug 42438: Tweaks to the migration wizard. Remove the items not compatible with our features (such as history) from the migration wizard. On Linux, allow to specify an alternative home directory, since we usually change $HOME in our startup script. - - - - - 530d30b4 by Alex Catarineu at 2024-11-18T22:41:11+00:00 Bug 40069: Add helpers for message passing with extensions - - - - - e42f7566 by Matthew Finkel at 2024-11-18T22:41:11+00:00 Bug 41598: Prevent NoScript from being removed/disabled. Bug 40253: Explicitly allow NoScript in Private Browsing mode. - - - - - d51963b3 by Henry Wilkes at 2024-11-18T22:41:11+00:00 Bug 41736: Hide NoScript extension's toolbar button by default. This hides it from both the toolbar and the unified extensions panel. We also hide the unified-extension-button if the panel would be empty: not including the NoScript button when it is hidden. As a result, this will be hidden by default until a user installs another extension (or shows the NoScript button and unpins it). - - - - - 542f44d0 by hackademix at 2024-11-18T22:41:11+00:00 Bug 41834: Hide "Can't Be Removed - learn more" menu line for uninstallable add-ons - - - - - 22d964a3 by Pier Angelo Vendrame at 2024-11-18T22:41:12+00:00 Bug 40925: Implemented the Security Level component This component adds a new Security Level toolbar button which visually indicates the current global security level via icon (as defined by the extensions.torbutton.security_slider pref), a drop-down hanger with a short description of the current security level, and a new section in the about:preferences#privacy page where users can change their current security level. In addition, the hanger and the preferences page will show a visual warning when the user has modified prefs associated with the security level and provide a one-click 'Restore Defaults' button to get the user back on recommended settings. Bug 40125: Expose Security Level pref in GeckoView - - - - - c96c732f by Pier Angelo Vendrame at 2024-11-18T22:41:12+00:00 Bug 40926: Implemented the New Identity feature - - - - - fd131c3a by Henry Wilkes at 2024-11-18T22:41:12+00:00 Bug 41736: Customize toolbar for base-browser. - - - - - eacffdfc by Pier Angelo Vendrame at 2024-11-18T22:41:13+00:00 Bug 42027: Base Browser migration procedures. This commit implmenents the the Base Browser's version of _migrateUI. - - - - - b8d5a35b by Henry Wilkes at 2024-11-18T22:41:13+00:00 Bug 42583: Modify moz-support-link for Base Browser. - - - - - 48d995d1 by Henry Wilkes at 2024-11-18T22:41:13+00:00 Bug 42347: Add a notification for dropped OS version support. - - - - - 281e9d9d by hackademix at 2024-11-18T22:41:13+00:00 Bug 42832: Download spam prevention exemption for browser extensions. - - - - - 2fb8e0ed by Pier Angelo Vendrame at 2024-11-18T22:41:14+00:00 Bug 42467: Make OS HTTP User-Agent OS spoofing configurable by pref This commits makes it possible to disable OS spoofing in the HTTP User-Agent header, to see if matching header and JS property improve usability. - - - - - 30 changed files: - .eslintignore - + .gitlab/issue_templates/Emergency Security Issue.md - + .gitlab/issue_templates/bug.md - + .gitlab/merge_request_templates/default.md - accessible/android/SessionAccessibility.cpp - accessible/android/SessionAccessibility.h - accessible/ipc/DocAccessibleParent.cpp - accessible/ipc/DocAccessibleParent.h - accessible/ipc/moz.build - browser/actors/BrowserTabChild.sys.mjs - − browser/actors/RFPHelperChild.sys.mjs - − browser/actors/RFPHelperParent.sys.mjs - browser/actors/moz.build - browser/app/Makefile.in - browser/app/macbuild/Contents/MacOS-files.in - browser/app/moz.build - browser/app/permissions - + browser/app/profile/001-base-profile.js - browser/app/profile/firefox.js - browser/base/content/aboutDialog-appUpdater.js - browser/base/content/aboutDialog.js - browser/base/content/aboutDialog.xhtml - browser/base/content/appmenu-viewcache.inc.xhtml - browser/base/content/browser-addons.js - browser/base/content/browser-context.inc - browser/base/content/browser-menubar.inc - browser/base/content/browser-safebrowsing.js - browser/base/content/browser-sets.inc - browser/base/content/browser-siteIdentity.js - browser/base/content/browser.css The diff was not included because it is too large. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/293d49… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/293d49… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag tor-browser-115.18.0esr-13.5-1-build1
by morgan (＠morgan) 19 Nov '24

19 Nov '24

morgan pushed new tag tor-browser-115.18.0esr-13.5-1-build1 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.18.0esr-13.5-1] 216 commits: Bug 1644383 - add mutexs to avoid data race. r=media-playback-reviewers,padenot
by morgan (＠morgan) 19 Nov '24

19 Nov '24

morgan pushed to branch tor-browser-115.18.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: d77c777d by alwu at 2024-11-18T22:38:19+00:00 Bug 1644383 - add mutexs to avoid data race. r=media-playback-reviewers,padenot Differential Revision: https://phabricator.services.mozilla.com/D206943 - - - - - 69e67756 by Edgar Chen at 2024-11-18T22:38:20+00:00 Bug 1743329 - Handle ESC key to release pointer lock in parent process; r=smaug Differential Revision: https://phabricator.services.mozilla.com/D211621 - - - - - 63fdc986 by Edgar Chen at 2024-11-18T22:38:20+00:00 Bug 1743329 - Release pointer lock when xul popup is open; r=smaug,pbz Differential Revision: https://phabricator.services.mozilla.com/D211620 - - - - - 3b179bbc by Edgar Chen at 2024-11-18T22:38:20+00:00 Bug 1743329 - Use nsMenuPopupFrame in GetVisiblePopups(); r=smaug Differential Revision: https://phabricator.services.mozilla.com/D211619 A further change was needed in nsCaret.cpp, see https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests… - - - - - 4a70c06d by Otto Länd at 2024-11-18T22:38:21+00:00 Bug 1743329: apply code formatting via Lando # ignore-this-changeset - - - - - 63daf9e3 by Anna Weine at 2024-11-18T22:38:21+00:00 Bug 1760806 - WebCrypto: ECDH and ECDSA JWK import to check that the crv in params and crv in alg are the same r=keeler https://treeherder.mozilla.org/jobs?repo=try&revision=ed7936b105dea8e58… Differential Revision: https://phabricator.services.mozilla.com/D217273 - - - - - a826eee7 by Pier Angelo Vendrame at 2024-11-18T22:38:21+00:00 Bug 1787790: Normalize system fonts with RFP on. r=emilio System fonts can leak any user customization of system fonts, or user's locale (e.g., en-US and ja Windows have different system fonts). Also, Linux distributions/desktop environments set default fonts in different ways. Customization can be detected either with font metrics, the font allowed list is not enabled or the font is included in it, or with getComputedStyle, that leaks the name of the font that Firefox tries to apply. This patch try to prevent these leaks by using a generic "sans-serif" for all system fonts, except on macOS, where it uses "-apple-system", and on Android, where these fonts always use Roboto. Differential Revision: https://phabricator.services.mozilla.com/D163576 - - - - - 447b5f94 by Eitan Isaacson at 2024-11-18T22:38:21+00:00 Bug 1819160 - Map Android ids to doc/accessible id pairs. r=Jamie Differential Revision: https://phabricator.services.mozilla.com/D179737 - - - - - 80e21e0f by Fatih at 2024-11-18T22:38:22+00:00 Bug 1830629: Remove unnecessary checks for pdf.js for RFP. r=tjr resource:// is exempt from RFP, so we no longer need to check pdf.js specifically. Differential Revision: https://phabricator.services.mozilla.com/D209359 - - - - - f0331fed by Pier Angelo Vendrame at 2024-11-18T22:38:22+00:00 Bug 1832523 - Allow using NSS to sign and verify MAR signatures. r=application-update-reviewers,glandium,bytesized Allow using NSS for checking MAR signatures also in platforms where OS-native APIs are used by default, i.e., macOS and Windows. Differential Revision: https://phabricator.services.mozilla.com/D177743 - - - - - ed056406 by Pier Angelo Vendrame at 2024-11-18T22:38:22+00:00 Bug 1849129: Prevent exceptions caused by extensions from interrupting the SearchService initialization. r=search-reviewers,Standard8 Differential Revision: https://phabricator.services.mozilla.com/D186456 - - - - - 4c5fda0e by Emilio Cobos Álvarez at 2024-11-18T22:38:22+00:00 Bug 1853731 - Use html:img for message-bar-icon. r=Gijs,dao,settings-reviewers,desktop-theme-reviewers,sfoster Differential Revision: https://phabricator.services.mozilla.com/D188521 - - - - - aca7a0e9 by Pier Angelo Vendrame at 2024-11-18T22:38:22+00:00 Bug 1854117 - Sort the DLL blocklist flags. r=mossop,win-reviewers,gstoll Differential Revision: https://phabricator.services.mozilla.com/D188716 - - - - - 8d960294 by Eden Chuang at 2024-11-18T22:38:23+00:00 Bug 1738426 - Ignoring status 206 and vary header checking for opaque response in Cache API. r=asuth Differential Revision: https://phabricator.services.mozilla.com/D186431 - - - - - fd2973ae by edgul at 2024-11-18T22:38:23+00:00 Bug 1802057 - Block the following characters from use in the cookie name in the cookie string: 0x3B (semi-colon), 0x3D (equals), and 0x7F (del) r=dveditz,cookie-reviewers Differential Revision: https://phabricator.services.mozilla.com/D182373 - - - - - f3f41e46 by Kelsey Gilbert at 2024-11-18T22:38:23+00:00 Bug 1819497 - Don't race on static bool for initialization. r=gfx-reviewers,aosmond We could do non-racy static init here (e.g. with a static initializer self-calling-closure), but there doesn't seem to be a strong reason for this. Let's just use a switch and get robustness from -Werror=switch. Differential Revision: https://phabricator.services.mozilla.com/D188054 - - - - - f2f4e00f by Edgar Chen at 2024-11-18T22:38:23+00:00 Bug 1828259 - Close XUL popup when entering/exiting fullscreen; r=smaug Differential Revision: https://phabricator.services.mozilla.com/D209355 - - - - - 9aa5f854 by hackademix at 2024-11-18T22:38:24+00:00 Bug 1835987 - Change RFP-spoofed TZ to Atlantic/Reykjavik. r=tjr Atlantic/Reykjavik stays on UTC during all the year, but it is less likely to be blocked than plan UTC. Differential Revision: https://phabricator.services.mozilla.com/D212131 - - - - - 37d198ac by edgul at 2024-11-18T22:38:24+00:00 Bug 1879952 - Fix test expectations with samesite=lax turned on r=tschuster Differential Revision: https://phabricator.services.mozilla.com/D201639 - - - - - 04dc0574 by edgul at 2024-11-18T22:38:24+00:00 Bug 1844827 - Added checks for sub-document navigations from cross-site to same-site in third-party checks when setting a cookie. r=cookie-reviewers,valentin,bvandersloot a=RyanVM Differential Revision: https://phabricator.services.mozilla.com/D204074 - - - - - 66e97b4e by Ed at 2024-11-18T22:38:24+00:00 Bug 1844827 - Update the cookie test expectations for iframe samesite r=cookie-reviewers,valentin a=RyanVM Depends on D199770 Differential Revision: https://phabricator.services.mozilla.com/D199772 - - - - - 9e5d398f by Mark Banner at 2024-11-18T22:38:25+00:00 Bug 1845752. r=ckerschb Differential Revision: https://phabricator.services.mozilla.com/D186676 - - - - - d8b03339 by Pier Angelo Vendrame at 2024-11-18T22:38:25+00:00 Bug 1849186 - Add a preference not to expose the content title in the window title. r=Gijs,tabbrowser-reviewers,dao Differential Revision: https://phabricator.services.mozilla.com/D190496 - - - - - 64edcb52 by Bob Owen at 2024-11-18T22:38:25+00:00 Bug 1850072: Initialize RecordedDrawTargetCreation::mHasExistingData. r=jrmuizel This also specializes ElementStreamFormat for bool. Differential Revision: https://phabricator.services.mozilla.com/D187794 - - - - - 1969aa23 by Malte Juergens at 2024-11-18T22:38:25+00:00 Bug 1850200 - Add delay to HTTPS-Only "Continue to HTTPS Site" button r=freddyb Differential Revision: https://phabricator.services.mozilla.com/D187887 - - - - - a30b17aa by Henry Wilkes at 2024-11-18T22:38:26+00:00 Bug 1851618 - Allow removing packaged locales from requestedLocales. r=settings-reviewers,eemeli,Gijs We open up the UI to allow the user to remove locales from their requestedLocales list, except for the default locale. Differential Revision: https://phabricator.services.mozilla.com/D209930 - - - - - f222b466 by Andreas Pehrson at 2024-11-18T22:38:26+00:00 Bug 1851803 - Introduce SourceMediaTrack::mDirectDisabledMode. r=karlt Similar to MediaTrack::mDisabledMode, but this is for uses on the SourceMediaTrack producer thread. It is still signaled via a control message from the control thread to maintain order of operations, and is protected by the SourceMediaTrack mutex. Differential Revision: https://phabricator.services.mozilla.com/D187554 - - - - - 0fa929e1 by Pier Angelo Vendrame at 2024-11-18T22:38:26+00:00 Bug 1860020 - Remove the assertion on the value of toolkit.telemetry.enabled. r=KrisWright,chutten Bug 1444275 introduced an assertion on the parent process to check that the value of toolkit.telemetry.enabled is the expected one. However, this expected value could be different from the one set and locked e.g. in some forks. Therefore, the assertion prevented debug builds from working in these cases. Differential Revision: https://phabricator.services.mozilla.com/D195080 - - - - - 737cfa7d by Kagami Sascha Rosylight at 2024-11-18T22:38:26+00:00 Bug 1865238 - Use One UI Sans KR VF for Korean sans-serif font on Android r=jfkthame Per /etc/fonts.xml, there are now only two `<family lang="ko">` nodes there: * OneUISansKRVF series * SECCJK series (but no KR postfix anymore?) This patch uses One UI Sans KR VF as the replacement as this is newer and is a variable font (tested with https://codepen.io/SaschaNaz/pen/ExrdYXJ) Differential Revision: https://phabricator.services.mozilla.com/D195078 - - - - - 995d268a by Nuohan Li at 2024-11-18T22:38:27+00:00 Bug 1871109 - generateHash in Manifest.sys.mjs should use sha256 r=peterv, a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D204928 - - - - - b73b8737 by Tom Ritter at 2024-11-18T22:38:27+00:00 Bug 1873526: Refactor the restriction override list from a big if statement to a list r=KrisWright Differential Revision: https://phabricator.services.mozilla.com/D198081 - - - - - bf408cce by Nika Layzell at 2024-11-18T22:38:27+00:00 Bug 1875248 - Check for network error preventing ExternalHelperAppService before DONT_RETARGET, r=smaug This reverts the change from 30cde47f9364e5c7da78fd08fa8ab21737d22399, and instead re-orders the NS_ERROR_FILE_NOT_FOUND check before DONT_RETARGET. Testing suggests that a-download-click-404.html behaviour isn't impacted, and this improves the handling of this edge-case when doing process switching. Differential Revision: https://phabricator.services.mozilla.com/D202007 - - - - - 28967952 by Pier Angelo Vendrame at 2024-11-18T22:38:27+00:00 Bug 1875306 - Localize numbers in the underflow and overflow error messages. r=emilio Differential Revision: https://phabricator.services.mozilla.com/D198965 - - - - - b1565011 by Pier Angelo Vendrame at 2024-11-18T22:38:28+00:00 Bug 1875313 - Use en-US as a fallback when spoof English is enabled in ICUUtils. r=timhuang,tjr Differential Revision: https://phabricator.services.mozilla.com/D198967 - - - - - b1bf7333 by Julian Descottes at 2024-11-18T22:38:28+00:00 Bug 1880374 - Disable DNS prefetching if document nodePrincipal is systemPrincipal r=valentin Differential Revision: https://phabricator.services.mozilla.com/D210830 - - - - - e44149d6 by Pier Angelo Vendrame at 2024-11-18T22:38:28+00:00 Bug 1880988 - Apply spoof English to the default detail summary. r=emilio Differential Revision: https://phabricator.services.mozilla.com/D202203 - - - - - 8956ed1f by Nika Layzell at 2024-11-18T22:38:28+00:00 Bug 1881037 - Part 1: Stop showing unknown protocol error pages for web-triggered loads, r=smaug,necko-reviewers,kershaw, a=dsmith Differential Revision: https://phabricator.services.mozilla.com/D217495 - - - - - da8f7337 by Edgar Chen at 2024-11-18T22:38:29+00:00 Bug 1883396 - Exit fullscreen when two Escape keyup events occur in a short time; r=smaug Differential Revision: https://phabricator.services.mozilla.com/D209667 - - - - - cf9af725 by Fatih at 2024-11-18T22:38:29+00:00 Bug 1885101: Match screen and window properties with top window for ScreenRect, ScreenAvailRect and WindowOuterSize. r=timhuang,emilio This patch removes test_iframe.html. We remove it because the newly introduced test covers the tests done in that test. The reason for removing it in the first place is now that screen properties are inherited/spoofed xorigin, we get a 4px difference. The reasosn for 4px difference is the test runner runs tests in an iframe with a 2px border on each side. Differential Revision: https://phabricator.services.mozilla.com/D215509 - - - - - 86973e3f by Tom Ritter at 2024-11-18T22:38:29+00:00 Bug 1885258: Hidden fonts should obey the allow list r=jfkthame Differential Revision: https://phabricator.services.mozilla.com/D204571 - - - - - f74fd2c1 by Andreas Farre at 2024-11-18T22:38:29+00:00 Bug 1886222 - Start reload by calling reload in the parent. r=Gijs,canadahonk,smaug, a=dsmith (esr128->esr115 backport) Differential Revision: https://phabricator.services.mozilla.com/D211519 - - - - - 4ea4005f by Jonathan Kew at 2024-11-18T22:38:29+00:00 Bug 1886598 - Struct with Pointer member may not be memmove-able. r=gfx-reviewers,lsalzman Differential Revision: https://phabricator.services.mozilla.com/D206633 - - - - - e7ea118e by Jonathan Kew at 2024-11-18T22:38:30+00:00 Bug 1890204 - Ensure font entry's unitsPerEm and font extents are initialized when gfxFont is created. r=gfx-reviewers,lsalzman This means that by the time we potentially call GetFontExtents() when drawing, the extents fields are guaranteed to have been been initialized, and there's no risk of the (read-only) access here racing with setting them in UnitsPerEm(). Differential Revision: https://phabricator.services.mozilla.com/D206920 - - - - - 46a84067 by Kershaw Chang at 2024-11-18T22:38:30+00:00 Bug 1892449 - Set network.http.digest_auth_cnonce_length to 16, a=dmeehan Apparently, setting this value to 64 breaks some sites. We should use the same length as Chrome. Original Revision: https://phabricator.services.mozilla.com/D208103 Differential Revision: https://phabricator.services.mozilla.com/D208119 - - - - - d4866832 by cypherpunks1 at 2024-11-18T22:38:30+00:00 Bug 1892052 - Do not persist custom network requests on PBM. r=devtools-reviewers,bomsy,nchevobbe Differential Revision: https://phabricator.services.mozilla.com/D207762 - - - - - 1c54bbb6 by Jonathan Kew at 2024-11-18T22:38:30+00:00 Bug 1893891 - Clear mSharedBlobData if blob creation failed. a=dmeehan Original Revision: https://phabricator.services.mozilla.com/D208983 Differential Revision: https://phabricator.services.mozilla.com/D209209 - - - - - 72e1dcc1 by cypherpunks1 at 2024-11-18T22:38:31+00:00 Bug 1892046 - Add origin attributes to about:reader requests. r=reader-mode-reviewers,cmkm Differential Revision: https://phabricator.services.mozilla.com/D207759 - - - - - 6469b106 by Timothy Nikkel at 2024-11-18T22:38:31+00:00 Bug 1899180. If a channel is not nsIPrivateBrowsingChannel and has no load context, use the private browsing field from it's origin attributes. r=necko-reviewers,anti-tracking-reviewers,valentin If the channel is not a nsIPrivateBrowsingChannel, and it also has no load context (eg inside svg images) then we will over write a non-zero mPrivateBrowsingId on the OriginAttributes of the channel with 0, making NS_UsePrivateBrowsing return false for the channel. Differential Revision: https://phabricator.services.mozilla.com/D212083 - - - - - d172f9da by Jan de Mooij at 2024-11-18T22:38:31+00:00 Bug 1900523 - Don't use bailout data for JSJitToWasm frames. r=iain Differential Revision: https://phabricator.services.mozilla.com/D212554 - - - - - 2b528d87 by Jan de Mooij at 2024-11-18T22:38:31+00:00 Bug 1902983 - Don't use bailout data after iterating Wasm frames. a=RyanVM This is similar to bug 1900523, but the fix there was incomplete because the `JSJitToWasm` frame type is only used when we go through the Wasm JIT entry trampoline. Ion can also call Wasm functions directly and in that case the type will be `FrameType::Exit`. Original Revision: https://phabricator.services.mozilla.com/D214098 Differential Revision: https://phabricator.services.mozilla.com/D214375 - - - - - 7bbedc19 by Jon Coppeard at 2024-11-18T22:38:32+00:00 Bug 1904011 - Ignore finalized scripts when iterating code covarage tables r=iain Differential Revision: https://phabricator.services.mozilla.com/D214799 - - - - - 940137b9 by Kershaw Chang at 2024-11-18T22:38:32+00:00 Bug 1907726 - Make sure WebTransportSessionProxy::NotifyDatagramReceived is called after OnStopRequest, a=RyanVM The crash occurs because WebTransportSessionProxy::OnDatagramReceivedInternal is called before WebTransportSessionProxy::OnStopRequest. When this happens, WebTransportSessionProxy::mTarget is the main thread, so a task is dispatched to the main thread. This causes WebTransportSessionProxy::NotifyDatagramReceived to be called on the main thread. If WebTransportSessionProxy::NotifyDatagramReceived is invoked while WebTransportSessionProxy::mStopRequestCalled is true, it can lead to OnDatagramReceived being called on the main thread (instead of the socket thread), resulting in a crash. Original Revision: https://phabricator.services.mozilla.com/D220013 Differential Revision: https://phabricator.services.mozilla.com/D221661 - - - - - 3aabd138 by Sam Foster at 2024-11-18T22:38:32+00:00 Bug 1909099 - Always clean up old session restore and sync log files. r=markh,sessionstore-reviewers,dao Differential Revision: https://phabricator.services.mozilla.com/D217520 - - - - - abc44cfb by Nika Layzell at 2024-11-18T22:38:32+00:00 Bug 1911745 - Unify BrowsingContext flag coherency checks, r=mccr8 Previously these checks were largely diagnostic tools for finding bugs in other code as it evolves. This unifies the checks a bit more and makes them stronger for BrowsingContexts created over IPC, providing a place for more coherency checks to be added in the future. Differential Revision: https://phabricator.services.mozilla.com/D218860 - - - - - 95c8febf by Steve Fink at 2024-11-18T22:38:33+00:00 Bug 1912471 - Disallow deserializing structured clone buffers with transferables more than once r=iain, a=dsmith Differential Revision: https://phabricator.services.mozilla.com/D220644 - - - - - 7c50a944 by Emilio Cobos Álvarez at 2024-11-18T22:38:33+00:00 Bug 1914106 - Deal with insertRule edge-case. r=jwatt a=RyanVM When there's trailing garbage after an @import rule we throw, but we still trigger the load (that's not great but not trivial to change). Deal with that case before calling ImportRuleLoaded(). Differential Revision: https://phabricator.services.mozilla.com/D219783 - - - - - f284d74c by André Bargull at 2024-11-18T22:38:33+00:00 Bug 1915249: Add more nodiscard. a=RyanVM Original Revision: https://phabricator.services.mozilla.com/D220311 Differential Revision: https://phabricator.services.mozilla.com/D221663 - - - - - 0b7d2715 by Paul Zuehlcke at 2024-11-18T22:38:33+00:00 Bug 1916659, a=diannaS Original Revision: https://phabricator.services.mozilla.com/D222629 Differential Revision: https://phabricator.services.mozilla.com/D222934 - - - - - 38f31730 by Randell Jesup at 2024-11-18T22:40:46+00:00 Bug 1829029: clean up memory reporting for CacheFileIOManager r=necko-reviewers,valentin, a=RyanVM Differential Revision: https://phabricator.services.mozilla.com/D221350 - - - - - 620314fc by Valentin Gosu at 2024-11-18T22:40:46+00:00 Bug 1914521 - Make nsPartChannel inherit the content disposition of the multipart response a=RyanVM Original Revision: https://phabricator.services.mozilla.com/D223728 Differential Revision: https://phabricator.services.mozilla.com/D224288 - - - - - 149f7f02 by Andrew McCreight at 2024-11-18T22:40:47+00:00 Bug 1919809 - Always clear mArgumentStorage in Console's Unlink. a=RyanVM Original Revision: https://phabricator.services.mozilla.com/D222803 Differential Revision: https://phabricator.services.mozilla.com/D224384 - - - - - 8b95567c by Paul Zuehlcke at 2024-11-18T22:40:47+00:00 Bug 1920423, a=RyanVM Differential Revision: https://phabricator.services.mozilla.com/D224349 - - - - - b9a1e12e by Andrew McCreight at 2024-11-18T22:40:47+00:00 Bug 1923706 - Pass by value, not reference in CamerasChild::AllocateCapture. a=RyanVM Original Revision: https://phabricator.services.mozilla.com/D225121 Differential Revision: https://phabricator.services.mozilla.com/D225363 - - - - - 3e52cfd2 by Kagami Sascha Rosylight at 2024-11-18T22:40:47+00:00 Bug 1924154 - Disallow too small record a=RyanVM Original Revision: https://phabricator.services.mozilla.com/D225687 Differential Revision: https://phabricator.services.mozilla.com/D226147 - - - - - 1e9496ed by Henry Wilkes at 2024-11-18T22:40:48+00:00 Bug 41454: Move focus after calling openPreferences for a sub-category. Temporary fix until mozilla bug 1799153 gets a patch upstream. - - - - - 3c5e86a9 by hackademix at 2024-11-18T22:40:48+00:00 Bug 42194: Fix blank net error page on failed DNS resolution with active proxy. - - - - - 06b959d8 by Henry Wilkes at 2024-11-18T22:40:48+00:00 Bug 41483: Remove the firefox override for appstrings.properties Remove this patch after upstream bugzilla bug 1790187 - - - - - 23488349 by Marco Simonelli at 2024-11-18T22:40:48+00:00 Bug 41459: WebRTC fails to build under mingw (Part 1) - properly define NOMINMAX for just MSVC builds - - - - - 4470a707 by Marco Simonelli at 2024-11-18T22:40:49+00:00 Bug 41459: WebRTC fails to build under mingw (Part 2) - fixes required to build third_party/libwebrtc - - - - - 51d48e92 by Marco Simonelli at 2024-11-18T22:40:49+00:00 Bug 41459: WebRTC fails to build under mingw (Part 3) - fixes required to build third_party/sipcc - - - - - 34ab36bb by Marco Simonelli at 2024-11-18T22:40:49+00:00 Bug 41459: WebRTC fails to build under mingw (Part 4) - fixes requried to build netwerk/sctp - - - - - d2b61c86 by Marco Simonelli at 2024-11-18T22:40:50+00:00 Bug 41459: WebRTC fails to build under mingw (Part 5) - fixes required to build dom/media/webrtc - - - - - b3009024 by Marco Simonelli at 2024-11-18T22:40:50+00:00 Bug 41459: WebRTC fails to build under mingw (Part 6) - fixes required to build dom/media/systemservices - - - - - f6bd8d68 by hackademix at 2024-11-18T22:40:50+00:00 Bug 41854: Allow overriding download spam protection. - - - - - a23bde44 by hackademix at 2024-11-18T22:40:50+00:00 Bug 42835: Create an actor to filter file data transfers - - - - - 18b6c444 by Gaba at 2024-11-18T22:40:51+00:00 Adding issue and merge request templates - - - - - 4a698c6c by Pier Angelo Vendrame at 2024-11-18T22:40:51+00:00 Base Browser's .mozconfigs. Bug 17858: Cannot create incremental MARs for hardened builds. Define HOST_CFLAGS, etc. to avoid compiling programs such as mbsdiff (which is part of mar-tools and is not distributed to end-users) with ASan. Bug 21849: Don't allow SSL key logging. Bug 25741 - TBA: Disable features at compile-time Define MOZ_ANDROID_NETWORK_STATE and MOZ_ANDROID_LOCATION Bug 27623 - Export MOZILLA_OFFICIAL during desktop builds This fixes a problem where some preferences had the wrong default value. Also see bug 27472 where we made a similar fix for Android. Bug 29859: Disable HLS support for now Bug 30463: Explicitly disable MOZ_TELEMETRY_REPORTING Bug 32493: Disable MOZ_SERVICES_HEALTHREPORT Bug 33734: Set MOZ_NORMANDY to False Bug 33851: Omit Parental Controls. Bug 40252: Add --enable-rust-simd to our tor-browser mozconfig files Bug 41584: Move some configuration options to base-browser level - - - - - 3bb6e637 by Pier Angelo Vendrame at 2024-11-18T22:40:51+00:00 Tweaks to the build system Bug 40857: Modified the fat .aar creation file This is a workaround to build fat .aars with the compiling enviornment disabled. Mozilla does not use a similar configuration, but either runs a Firefox build and discards its output, or uses artifacts build. We might switch to artifact builds too, and drop this patch, or write a better one to upstream. But until then we need this patch. See also https://bugzilla.mozilla.org/show_bug.cgi?id=1763770. Bug 41458: Prevent `mach package-multi-locale` from actually creating a package macOS builds need some files to be moved around with ./mach package-multi-locale to create multi-locale packages. The required command isn't exposed through any other mach command. So, we patch package-multi-locale both to prevent it from failing when doing official builds and to detect any future changes on it. - - - - - ea188843 by Pier Angelo Vendrame at 2024-11-18T22:40:51+00:00 Bug 41108: Remove privileged macOS installation from 102 - - - - - 58756cc1 by Dan Ballard at 2024-11-18T22:40:52+00:00 Bug 41149: Re-enable DLL injection protection in all builds not just nightlies - - - - - 72f5bd43 by Matthew Finkel at 2024-11-18T22:40:52+00:00 Bug 24796: Comment out excess permissions from GeckoView The GeckoView AndroidManifest.xml is not preprocessed unlike Fennec's manifest, so we can't use the ifdef preprocessor guards around the permissions we do not want. Commenting the permissions is the next-best-thing. - - - - - 05504a87 by Matthew Finkel at 2024-11-18T22:40:52+00:00 Bug 28125: Prevent non-Necko network connections - - - - - 9a58081c by Mike Perry at 2024-11-18T22:40:52+00:00 Bug 12974: Disable NTLM and Negotiate HTTP Auth The Mozilla bugs: https://bugzilla.mozilla.org/show_bug.cgi?id=1046421, https://bugzilla.mozilla.org/show_bug.cgi?id=1261591, tor-browser#27602 - - - - - 9b5a8ee4 by Alex Catarineu at 2024-11-18T22:40:53+00:00 Bug 40166: Disable security.certerrors.mitm.auto_enable_enterprise_roots Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1768899 - - - - - 9776cde1 by Georg Koppen at 2024-11-18T22:40:53+00:00 Bug 16285: Exclude ClearKey system for now In the past the ClearKey system had not been compiled when specifying --disable-eme. But that changed and it is even bundled nowadays (see: Mozilla's bug 1300654). We don't want to ship it right now as the use case for it is not really visible while the code had security vulnerabilities in the past. - - - - - 63b039ac by Kathy Brade at 2024-11-18T22:40:53+00:00 Bug 21431: Clean-up system extensions shipped in Firefox Only ship the pdfjs extension. - - - - - 1653d747 by Kathy Brade at 2024-11-18T22:40:54+00:00 Bug 33852: Clean up about:logins (LockWise) to avoid mentioning sync, etc. Hide elements on about:logins that mention sync, "Firefox LockWise", and Mozilla's LockWise mobile apps. Disable the "Create New Login" button when security.nocertdb is true. - - - - - 31bda4c2 by Alex Catarineu at 2024-11-18T22:40:54+00:00 Bug 41457: Remove Mozilla permissions Bug 40025: Remove Mozilla add-on install permissions - - - - - c95baf96 by Kathy Brade at 2024-11-18T22:40:54+00:00 Bug 40002: Remove about:ion Firefox Ion (previously Firefox Pioneer) is an opt-in program in which people volunteer to participate in studies that collect detailed, sensitive data about how they use their browser. Bug 41662: Disable about:sync-logs Even though we disable sync by default with `identity.fxaccounts.enabled`, this about: page is still avilable. We could throw an exception on the constructor of the related component, but it would result only in an error in the console, without a visible "this address does not look right" error page. If we fix the issues with MOZ_SERVICES_SYNC, we can restore the component. - - - - - 60995bdb by Arthur Edelstein at 2024-11-18T22:40:54+00:00 Bug 26353: Prevent speculative connect that violated FPI. Connections were observed in the catch-all circuit when the user entered an https or http URL in the URL bar, or typed a search term. - - - - - a1a002fb by Alex Catarineu at 2024-11-18T22:40:55+00:00 Bug 31740: Remove some unnecessary RemoteSettings instances More concretely, SearchService.jsm 'hijack-blocklists' and url-classifier-skip-urls. Avoid creating instance for 'anti-tracking-url-decoration'. If prefs are disabling their usage, avoid creating instances for 'cert-revocations' and 'intermediates'. Do not ship JSON dumps for collections we do not expect to need. For the ones in the 'main' bucket, this prevents them from being synced unnecessarily (the code in remote-settings does so for collections in the main bucket for which a dump or local data exists). For the collections in the other buckets, we just save some size by not shipping their dumps. We also clear the collections database on the v2 -> v3 migration. - - - - - 201d298a by cypherpunks1 at 2024-11-18T22:40:55+00:00 Bug 41092: Add a RemoteSettings JSON dump for query-stripping - - - - - 2b3ada8f by Pier Angelo Vendrame at 2024-11-18T22:40:55+00:00 Bug 41635: Disable the Normandy component Do not include Normandy at all whenever MOZ_NORMANDY is False. - - - - - d89fef9c by Georg Koppen at 2024-11-18T22:40:55+00:00 Bug 30541: Disable WebGL readPixel() for web content Related Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1428034 - - - - - ca64576e by Alex Catarineu at 2024-11-18T22:40:56+00:00 Bug 28369: Stop shipping pingsender executable - - - - - 84ec4292 by cypherpunks1 at 2024-11-18T22:40:56+00:00 Bug 41568: Disable LaterRun - - - - - 13409c6b by cypherpunks1 at 2024-11-18T22:40:56+00:00 Bug 40717: Hide Windows SSO in settings - - - - - 15f749cf by Pier Angelo Vendrame at 2024-11-18T22:40:56+00:00 Bug 41599: Always return an empty string as network ID Firefox computes an internal network ID used to detect network changes and act consequently (e.g., to improve WebSocket UX). However, there are a few ways to get this internal network ID, so we patch them out, to be sure any new code will not be able to use them and possibly link users. We also sent a patch to Mozilla to seed the internal network ID, to prevent any accidental leak in the future. Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1817756 - - - - - 6720790e by Richard Pospesel at 2024-11-18T22:40:57+00:00 Bug 41327: Disable UrlbarProviderInterventions - - - - - 1df35455 by Richard Pospesel at 2024-11-18T22:40:57+00:00 Bug 42037: Disable about:firefoxview page - - - - - dddafc46 by Mike Perry at 2024-11-18T22:40:58+00:00 Firefox preference overrides. This hack directly includes our preference changes in omni.ja. Bug 18292: Staged updates fail on Windows Temporarily disable staged updates on Windows. Bug 18297: Use separate Noto JP,KR,SC,TC fonts Bug 23404: Add Noto Sans Buginese to the macOS whitelist Bug 23745: Set dom.indexedDB.enabled = true Bug 13575: Disable randomised Firefox HTTP cache decay user tests. (Fernando Fernandez Mancera <ffmancera(a)riseup.net>) Bug 17252: Enable session identifiers with FPI Session tickets and session identifiers were isolated by OriginAttributes, so we can re-enable them by allowing the default value (true) of "security.ssl.disable_session_identifiers". The pref "security.enable_tls_session_tickets" is obsolete (removed in https://bugzilla.mozilla.org/917049) Bug 14952: Enable http/2 and AltSvc In Firefox, SPDY/HTTP2 now uses Origin Attributes for isolation of connections, push streams, origin frames, etc. That means we get first-party isolation provided "privacy.firstparty.isolate" is true. So in this patch, we stop overriding "network.http.spdy.enabled" and "network.http.spdy.enabled.http2". Alternate Services also use Origin Attributes for isolation. So we stop overriding "network.http.altsvc.enabled" and "network.http.altsvc.oe" as well. (All 4 of the abovementioned "network.http.*" prefs adopt Firefox 60ESR's default value of true.) However, we want to disable HTTP/2 push for now, so we set "network.http.spdy.allow-push" to false. "network.http.spdy.enabled.http2draft" was removed in Bug 1132357. "network.http.sped.enabled.v2" was removed in Bug 912550. "network.http.sped.enabled.v3" was removed in Bug 1097944. "network.http.sped.enabled.v3-1" was removed in Bug 1248197. Bug 26114: addons.mozilla.org is not special * Don't expose navigator.mozAddonManager on any site * Don't block NoScript from modifying addons.mozilla.org or other sites Enable ReaderView mode again (#27281). Bug 29916: Make sure enterprise policies are disabled Bug 2874: Block Components.interfaces from content Bug 26146: Spoof HTTP User-Agent header for desktop platforms In Tor Browser 8.0, the OS was revealed in both the HTTP User-Agent header and to JavaScript code via navigator.userAgent. To avoid leaking the OS inside each HTTP request (which many web servers log), always use the Windows 7 OS value in the desktop User-Agent header. We continue to allow access to the actual OS via JavaScript, since doing so improves compatibility with web applications such as GitHub and Google Docs. Bug 12885: Windows Jump Lists fail for Tor Browser Jumplist entries are stored in a binary file in: %APPDATA%\\Microsoft\Windows\Recent\CustomDestinations\ and has a name in the form [a-f0-9]+.customDestinations-ms The hex at the front is unique per app, and is ultimately derived from something called the 'App User Model ID' (AUMID) via some unknown hashing method. The AUMID is provided as a key when programmatically creating, updating, and deleting a jumplist. The default behaviour in firefox is for the installer to define an AUMID for an app, and save it in the registry so that the jumplist data can be removed by the uninstaller. However, the Tor Browser does not set this (or any other) regkey during installation, so this codepath fails and the app's AUMID is left undefined. As a result the app's AUMID ends up being defined by windows, but unknowable by Tor Browser. This unknown AUMID is used to create and modify the jumplist, but the delete API requires that we provide the app's AUMID explicitly. Since we don't know what the AUMID is (since the expected regkey where it is normally stored does not exist) jumplist deletion will fail and we will leave behind a mostly empty customDestinations-ms file. The name of the file is derived from the binary path, so an enterprising person could reverse engineer how that hex name is calculated, and generate the name for Tor Browser's default Desktop installation path to determine whether a person had used Tor Browser in the past. The 'taskbar.grouping.useprofile' option that is enabled by this patch works around this AUMID problem by having firefox.exe create it's own AUMID based on the profile path (rather than looking for a regkey). This way, if a user goes in and enables and disables jumplist entries, the backing store is properly deleted. Unfortunately, all windows users currently have this file lurking in the above mentioned directory and this patch will not remove it since it was created with an unknown AUMID. However, another patch could be written which goes to that directory and deletes any item containing the 'Tor Browser' string. See bug 28996. Bug 30845: Make sure default themes and other internal extensions are enabled Bug 28896: Enable extensions in private browsing by default Bug 31065: Explicitly allow proxying localhost Bug 31598: Enable letterboxing Disable Presentation API everywhere Bug 21549 - Use Firefox's WASM default pref. It is disabled at safer security levels. Bug 32321: Disable Mozilla's MitM pings Bug 19890: Disable installation of system addons By setting the URL to "" we make sure that already installed system addons get deleted as well. Bug 22548: Firefox downgrades VP9 videos to VP8. On systems where H.264 is not available or no HWA, VP9 is preferred. But in Tor Browser 7.0 all youtube videos are degraded to VP8. This behaviour can be turned off by setting media.benchmark.vp9.threshold to 0. All clients will get better experience and lower traffic, beause TBB doesn't use "Use hardware acceleration when available". Bug 25741 - TBA: Add mobile-override of 000-tor-browser prefs Bug 16441: Suppress "Reset Tor Browser" prompt. Bug 29120: Use the in-memory media cache and increase its maximum size. Bug 33697: use old search config based on list.json Bug 33855: Ensure that site-specific browser mode is disabled. Bug 30682: Disable Intermediate CA Preloading. Bug 40061: Omit the Windows default browser agent from the build Bug 40322: Consider disabling network.connectivity-service.enabled Bug 40408: Disallow SVG Context Paint in all web content Bug 40308: Disable network partitioning until we evaluate dFPI Bug 40322: Consider disabling network.connectivity-service.enabled Bug 40383: Disable dom.enable_event_timing Bug 40423: Disable http/3 Bug 40177: Update prefs for Fx91esr Bug 40700: Disable addons and features recommendations Bug 40682: Disable network.proxy.allow_bypass Bug 40736: Disable third-party cookies in PBM Bug 19850: Enabled HTTPS-Only by default Bug 40912: Hide the screenshot menu Bug 41292: Disable moreFromMozilla in preferences page Bug 40057: Ensure the CSS4 system colors are not a fingerprinting vector Bug 24686: Set network.http.tailing.enabled to true Bug 40183: Disable TLS ciphersuites using SHA-1 Bug 40783: Review 000-tor-browser.js and 001-base-profile.js for 102 We reviewed all the preferences we set for 102, and remove a few old ones. See the description of that issue to see all the preferences we believed were still valid for 102, and some brief description for the reasons to keep them. - - - - - adcfca56 by Pier Angelo Vendrame at 2024-11-18T22:40:58+00:00 Bug 41043: Hardcode the UI font on Linux The mechanism to choose the UI font does not play well with our fontconfig configuration. As a result, the final criterion to choose the font for the UI was its version. Since we hardcode Arimo as a default sans-serif on preferences, we use it also for the UI. FontConfig will fall back to some other font for scripts Arimo does not cover as expected (we tested with Japanese). - - - - - ea7db40f by Pier Angelo Vendrame at 2024-11-18T22:40:58+00:00 Bug 41901: Hardcode normalized FontSubstitutes. Windows has a system to set font aliases through the registry. This allows some customization that could be used as a fingerprinting vector. Moreover, this mechanism is used by Windows itself, and different SKUs might have different default FontSubstitutes. - - - - - ffbb5b22 by Alex Catarineu at 2024-11-18T22:40:58+00:00 Bug 30605: Honor privacy.spoof_english in Android This checks `privacy.spoof_english` whenever `setLocales` is called from Fenix side and sets `intl.accept_languages` accordingly. Bug 40198: Expose privacy.spoof_english pref in GeckoView - - - - - d618fd93 by Pier Angelo Vendrame at 2024-11-18T22:40:59+00:00 Bug 42562: Normalized the Accepted Languages on Android. The OS language might be outside the list of actually supported languages and it might leak the user's region. Therefore, we force the locale reported in Accept-Language to match one we support with translations, even when it means using a not exact region tag. - - - - - 529ba148 by Alex Catarineu at 2024-11-18T22:40:59+00:00 Bug 40171: Make WebRequest and GeckoWebExecutor First-Party aware - - - - - e4ac78a2 by Alex Catarineu at 2024-11-18T22:40:59+00:00 Bug 26345: Hide tracking protection UI - - - - - 1e0e00ab by Pier Angelo Vendrame at 2024-11-18T22:40:59+00:00 Bug 9173: Change the default Firefox profile directory to be relative. This commit makes Firefox look for the default profile directory in a directory relative to the binary path. The directory can be specified through the --with-relative-data-dir. This is relative to the same directory as the firefox main binary for Linux and Windows. On macOS, we remove Contents/MacOS from it. Or, in other words, the directory is relative to the application bundle. This behavior can be overriden at runtime, by placing a file called system-install adjacent to the firefox main binary (also on macOS). - - - - - b932ec02 by Alex Catarineu at 2024-11-18T22:41:00+00:00 Bug 27604: Fix addon issues when moving the profile directory Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1429838 - - - - - 5bbb6527 by Mike Perry at 2024-11-18T22:41:00+00:00 Bug 13028: Prevent potential proxy bypass cases. It looks like these cases should only be invoked in the NSS command line tools, and not the browser, but I decided to patch them anyway because there literally is a maze of network function pointers being passed around, and it's very hard to tell if some random code might not pass in the proper proxied versions of the networking code here by accident. Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1433509 - - - - - a4c3577a by Pier Angelo Vendrame at 2024-11-18T22:41:00+00:00 Bug 40309: Avoid using regional OS locales Avoid regional OS locales if the pref `intl.regional_prefs.use_os_locales` is false but RFP is enabled. - - - - - 92bb969e by Matthew Finkel at 2024-11-18T22:41:01+00:00 Bug 40432: Prevent probing installed applications Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1711084 - - - - - 2fdfdcb0 by cypherpunks1 at 2024-11-18T22:41:01+00:00 Bug 33955: When copying an image only copy the image contents to the clipboard - - - - - 0e623616 by cypherpunks1 at 2024-11-18T22:41:01+00:00 Bug 41791: Omit the source URL when copying page contents to the clipboard - - - - - 5f2a1992 by hackademix at 2024-11-18T22:41:01+00:00 Bug 42288: Allow language spoofing in status messages. - - - - - 6a650855 by Richard Pospesel at 2024-11-18T22:41:02+00:00 Bug 41659: Add canonical color definitions to base-browser - - - - - ad432a95 by Pier Angelo Vendrame at 2024-11-18T22:41:02+00:00 Base Browser strings This commit adds all the strings needed by following Base Browser patches. - - - - - 92fb3399 by Pier Angelo Vendrame at 2024-11-18T22:41:02+00:00 Bug 41369: Improve Firefox language settings for multi-lingual packages Change the language selector to be sorted by language code, rather than name, and to display the language code to the user. Bug 41372: Handle Japanese as a special case in preferences on macOS Japanese is treated in a special way on macOS. However, seeing the Japanese language tag could be confusing for users, and moreover the language name is not localized correctly like other langs. Bug 41378: Tell users that they can change their language at the first start With multi-lingual builds, Tor Browser matches the user's system language, but some users might want to change it. So, we tell them that it is possible, but only once. - - - - - 073cae3a by p13dz at 2024-11-18T22:41:02+00:00 Bug 40283: Workaround for the file upload bug - - - - - cd4cfbd1 by Arthur Edelstein at 2024-11-18T22:41:03+00:00 Bug 18905: Hide unwanted items from help menu Bug 25660: Remove the "New Private Window" option - - - - - b815be40 by Pier Angelo Vendrame at 2024-11-18T22:41:03+00:00 Bug 41739: Remove "Website appearance" from about:preferences. It is ignored because of RFP and it is confusing for users. - - - - - 374bc274 by hackademix at 2024-11-18T22:41:04+00:00 Bug 42019: Empty browser's clipboard on browser shutdown - - - - - bb6081f0 by hackademix at 2024-11-18T22:41:04+00:00 Bug 42084: Ensure English spoofing works even if preferences are set out of order. - - - - - fd740ade by Pier Angelo Vendrame at 2024-11-18T22:41:04+00:00 Bug 41930: Remove the UI to customize accept_languages. - - - - - 360a74a0 by Pier Angelo Vendrame at 2024-11-18T22:41:04+00:00 Bug 42376: Pass the locale list when constructing l10n in datetimebox The datetime input is inconsistent with other inputs when using spoof English: its placeholder is not translated, unlike the default values and texts of all the other inputs. - - - - - 6fa46327 by Pier Angelo Vendrame at 2024-11-18T22:41:05+00:00 Bug 42428: Make RFP spoof the timezone of document.lastModified. - - - - - c1157d16 by Pier Angelo Vendrame at 2024-11-18T22:41:05+00:00 Bug 42472: Spoof timezone in XSLT. - - - - - beec0cd8 by hackademix at 2024-11-18T22:41:05+00:00 Bug 41434: Letterboxing, preemptively apply margins in a global CSS rule to mitigate race conditions on newly created windows and tabs. - - - - - 54266423 by hackademix at 2024-11-18T22:41:05+00:00 Bug 41434: Letterboxing, improve logging. - - - - - 26d6eb36 by hackademix at 2024-11-18T22:41:06+00:00 Bug 31064: Letterboxing, exempt browser extensions. - - - - - 85d576cf by hackademix at 2024-11-18T22:41:06+00:00 Bug 32411: Letterboxing, exempt view-source: URIs. - - - - - ef400340 by hackademix at 2024-11-18T22:41:06+00:00 Bug 42574: Letterboxing, exempt pdf.js. - - - - - d539c2b8 by hackademix at 2024-11-18T22:41:07+00:00 Bug 32308: Use direct browser sizing for letterboxing. Bug 30556: align letterboxing with 200x100 new win width stepping - - - - - 30802300 by hackademix at 2024-11-18T22:41:07+00:00 Bug 41631: Prevent weird initial window dimensions caused by subpixel computations - - - - - 202c42dd by hackademix at 2024-11-18T22:41:07+00:00 Bug 41918: Option to reuse last window size when letterboxing is enabled. - - - - - 70cfc91a by hackademix at 2024-11-18T22:41:07+00:00 Bug 41916: Letterboxing preferences UI - - - - - 8f6c0a4e by hackademix at 2024-11-18T22:41:08+00:00 Bug 41695: Warn on window maximization without letterboxing in RFPHelper module - - - - - e8f04fdf by hackademix at 2024-11-18T22:41:08+00:00 Bug 42443: Shrink window to match letterboxing size when the emtpy area is clicked. - - - - - 58ccb1aa by Henry Wilkes at 2024-11-18T22:41:08+00:00 Bug 42528: Don't leak system scrollbar size on windows. - - - - - aae2dfde by Henry Wilkes at 2024-11-18T22:41:09+00:00 Bug 31575: Disable Firefox Home (Activity Stream) Treat about:blank as the default home page and new tab page. Avoid loading AboutNewTab in BrowserGlue.sys.mjs in order to avoid several network requests that we do not need. Bug 41624: Disable about:pocket-* pages. Bug 40144: Redirect about:privatebrowsing to the user's home - - - - - 370afc02 by Kathy Brade at 2024-11-18T22:41:09+00:00 Bug 4234: Use the Firefox Update Process for Base Browser. Windows: disable "runas" code path in updater (15201). Windows: avoid writing to the registry (16236). Also includes fixes for tickets 13047, 13301, 13356, 13594, 15406, 16014, 16909, 24476, and 25909. Also fix bug 27221: purge the startup cache if the Base Browser version changed (even if the Firefox version and build ID did not change), e.g., after a minor Base Browser update. Also fix 32616: Disable GetSecureOutputDirectoryPath() functionality. Bug 26048: potentially confusing "restart to update" message Within the update doorhanger, remove the misleading message that mentions that windows will be restored after an update is applied, and replace the "Restart and Restore" button label with an existing "Restart to update Tor Browser" string. Bug 28885: notify users that update is downloading Add a "Downloading Base Browser update" item which appears in the hamburger (app) menu while the update service is downloading a MAR file. Before this change, the browser did not indicate to the user that an update was in progress, which is especially confusing in Tor Browser because downloads often take some time. If the user clicks on the new menu item, the about dialog is opened to allow the user to see download progress. As part of this fix, the update service was changed to always show update-related messages in the hamburger menu, even if the update was started in the foreground via the about dialog or via the "Check for Tor Browser Update" toolbar menu item. This change is consistent with the Tor Browser goal of making sure users are informed about the update process. Removed #28885 parts of this patch which have been uplifted to Firefox. - - - - - 70fdc03d by Pier Angelo Vendrame at 2024-11-18T22:41:09+00:00 Bug 42061: Create an alpha update channel. - - - - - f2a93d8f by Nicolas Vigier at 2024-11-18T22:41:10+00:00 Bug 41682: Add base-browser nightly mar signing key - - - - - a92a5f88 by Pier Angelo Vendrame at 2024-11-18T22:41:10+00:00 Bug 41603: Customize the creation of MOZ_SOURCE_URL MOZ_SOURCE_URL is created by combining MOZ_SOURCE_REPO and MOZ_SOURCE_CHANGESET. But the code takes for granted that it refers to a Hg instance, so it combines them as `$MOZ_SOURCE_REPO/rev/$MOZ_SOURCE_CHANGESET`. With this commit, we change this logic to combine them to create a URL that is valid for GitLab. $MOZ_SOURCE_CHANGESET needs to be a commit hash, not a branch or a tag. If that is needed, we could use /-/tree/, instead of /-/commit/. - - - - - d488a40e by Pier Angelo Vendrame at 2024-11-18T22:41:10+00:00 Bug 41698: Reword the recommendation badges in about:addons Firefox strings use { -brand-product-name }. As a result, it seems that the fork is recommending extensions, whereas AMO curators are doing that. So, we replace the strings with custom ones that clarify that Mozilla is recommending them. We assign the strings with JS because our translation backend does not support Fluent attributes, yet, but once it does, we should switch to them, instead. Upstream bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1825033 - - - - - 8680f268 by Pier Angelo Vendrame at 2024-11-18T22:41:10+00:00 Bug 42438: Tweaks to the migration wizard. Remove the items not compatible with our features (such as history) from the migration wizard. On Linux, allow to specify an alternative home directory, since we usually change $HOME in our startup script. - - - - - 530d30b4 by Alex Catarineu at 2024-11-18T22:41:11+00:00 Bug 40069: Add helpers for message passing with extensions - - - - - e42f7566 by Matthew Finkel at 2024-11-18T22:41:11+00:00 Bug 41598: Prevent NoScript from being removed/disabled. Bug 40253: Explicitly allow NoScript in Private Browsing mode. - - - - - d51963b3 by Henry Wilkes at 2024-11-18T22:41:11+00:00 Bug 41736: Hide NoScript extension's toolbar button by default. This hides it from both the toolbar and the unified extensions panel. We also hide the unified-extension-button if the panel would be empty: not including the NoScript button when it is hidden. As a result, this will be hidden by default until a user installs another extension (or shows the NoScript button and unpins it). - - - - - 542f44d0 by hackademix at 2024-11-18T22:41:11+00:00 Bug 41834: Hide "Can't Be Removed - learn more" menu line for uninstallable add-ons - - - - - 22d964a3 by Pier Angelo Vendrame at 2024-11-18T22:41:12+00:00 Bug 40925: Implemented the Security Level component This component adds a new Security Level toolbar button which visually indicates the current global security level via icon (as defined by the extensions.torbutton.security_slider pref), a drop-down hanger with a short description of the current security level, and a new section in the about:preferences#privacy page where users can change their current security level. In addition, the hanger and the preferences page will show a visual warning when the user has modified prefs associated with the security level and provide a one-click 'Restore Defaults' button to get the user back on recommended settings. Bug 40125: Expose Security Level pref in GeckoView - - - - - c96c732f by Pier Angelo Vendrame at 2024-11-18T22:41:12+00:00 Bug 40926: Implemented the New Identity feature - - - - - fd131c3a by Henry Wilkes at 2024-11-18T22:41:12+00:00 Bug 41736: Customize toolbar for base-browser. - - - - - eacffdfc by Pier Angelo Vendrame at 2024-11-18T22:41:13+00:00 Bug 42027: Base Browser migration procedures. This commit implmenents the the Base Browser's version of _migrateUI. - - - - - b8d5a35b by Henry Wilkes at 2024-11-18T22:41:13+00:00 Bug 42583: Modify moz-support-link for Base Browser. - - - - - 48d995d1 by Henry Wilkes at 2024-11-18T22:41:13+00:00 Bug 42347: Add a notification for dropped OS version support. - - - - - 281e9d9d by hackademix at 2024-11-18T22:41:13+00:00 Bug 42832: Download spam prevention exemption for browser extensions. - - - - - 2fb8e0ed by Pier Angelo Vendrame at 2024-11-18T22:41:14+00:00 Bug 42467: Make OS HTTP User-Agent OS spoofing configurable by pref This commits makes it possible to disable OS spoofing in the HTTP User-Agent header, to see if matching header and JS property improve usability. - - - - - 41c36c2f by Henry Wilkes at 2024-11-18T22:41:14+00:00 Bug 42308: Create README for tor-browser. We drop the README.txt that comes from Mozilla Firefox and add README.md for tor-browser. - - - - - f60a24e2 by Richard Pospesel at 2024-11-18T22:41:14+00:00 Bug 41649: Create rebase and security backport gitlab issue templates - - - - - 50194216 by Beatriz Rizental at 2024-11-18T22:41:15+00:00 Add CI for Tor Browser - - - - - 7317318a by Richard Pospesel at 2024-11-18T22:41:15+00:00 Bug 41089: Add tor-browser build scripts + Makefile to tor-browser - - - - - 10da9541 by Henry Wilkes at 2024-11-18T22:41:15+00:00 Bug 41803: Add some developer tools for working on tor-browser. - - - - - bd22c4ca by Kathy Brade at 2024-11-18T22:41:15+00:00 Bug 11641: Disable remoting by default. Unless the -osint command line flag is used, the browser now defaults to the equivalent of -no-remote. There is a new -allow-remote flag that may be used to restore the original (Firefox-like) default behavior. - - - - - 0e4ed64e by Alex Catarineu at 2024-11-18T22:41:16+00:00 Add TorStrings module for localization - - - - - 0d377585 by Henry Wilkes at 2024-11-18T22:41:16+00:00 Tor Browser strings This commit adds all the strings needed for Tor Browser patches. - - - - - 2a8f5d94 by Henry Wilkes at 2024-11-18T22:41:16+00:00 Tor Browser localization migration scripts. - - - - - fd2a6fba by Henry Wilkes at 2024-11-18T22:41:16+00:00 Bug 42305: Add script to combine translation files across versions. - - - - - 5c9eadb4 by Mike Perry at 2024-11-18T22:41:17+00:00 Bug 2176: Rebrand Firefox to TorBrowser See also Bugs #5194, #7187, #8115, #8219. This patch does some basic renaming of Firefox to TorBrowser. The rest of the branding is done by images and icons. Also fix bug 27905. Bug 25702: Update Tor Browser icon to follow design guidelines - Updated all of the branding in /browser/branding/official with new 'stable' icon series. - Updated /extensions/onboarding/content/img/tor-watermark.png with new icon and add the source svg in the same directory - Copied /browser/branding/official over /browser/branding/nightly and the new /browser/branding/alpha directories. Replaced content with 'nightly' and 'alpha' icon series. Updated VisualElements_70.png and VisualElements_150.png with updated icons in each branding directory (fixes #22654) - Updated firefox.VisualElementsManfiest.xml with updated colors in each branding directory - Added firefox.svg to each branding directory from which all the other icons are derived (apart from document.icns and document.ico) - Added default256.png and default512.png icons - Updated aboutTBUpdate.css to point to branding-aware icon128.png and removed original icon - Use the Tor Browser icon within devtools/client/themes/images/. Bug 30631: Blurry Tor Browser icon on macOS app switcher It would seem the png2icns tool does not generate correct icns files and so on macOS the larger icons were missing resulting in blurry icons in the OS chrome. Regenerated the padded icons in a macOS VM using iconutil. Bug 28196: preparations for using torbutton tor-browser-brand.ftl A small change to Fluent FileSource class is required so that we can register a new source without its supported locales being counted as available locales for the browser. Bug 31803: Replaced about:debugging logo with flat version Bug 21724: Make Firefox and Tor Browser distinct macOS apps When macOS opens a document or selects a default browser, it sometimes uses the CFBundleSignature. Changing from the Firefox MOZB signature to a different signature TORB allows macOS to distinguish between Firefox and Tor Browser. Bug 32092: Fix Tor Browser Support link in preferences For bug 40562, we moved onionPattern* from bug 27476 to here, as about:tor needs these files but it is included earlier. Bug 41278: Create Tor Browser styled pdf logo similar to the vanilla Firefox one Bug 42088: New application icons (used in-app and on linux). Bug 42087: New application icons (windows). - - - - - 842f9a31 by Henry Wilkes at 2024-11-18T22:41:17+00:00 Bug 42583: Modify moz-support-link for Tor Browser. - - - - - d17c31d4 by hackademix at 2024-11-18T22:41:17+00:00 Bug 41917: Tor brand-specific styles. - - - - - 5cb93f3b by Henry Wilkes at 2024-11-18T22:41:18+00:00 Add purple tor version of the loading APNG. - - - - - 85c865b9 by sanketh at 2024-11-18T22:41:18+00:00 Bug 40209: Implement Basic Crypto Safety Adds a CryptoSafety actor which detects when you've copied a crypto address from a HTTP webpage and shows a warning. Closes #40209. Bug 40428: Fix string attribute names - - - - - cfb36917 by Mike Perry at 2024-11-18T22:41:18+00:00 TB3: Tor Browser's official .mozconfigs. Also: Add an --enable-tor-browser-data-outside-app-dir configure option Add --with-tor-browser-version configure option Bug 31457: disable per-installation profiles The dedicated profiles (per-installation) feature does not interact well with our bundled profiles on Linux and Windows, and it also causes multiple profiles to be created on macOS under TorBrowser-Data. Bug 31935: Disable profile downgrade protection. Since Tor Browser does not support more than one profile, disable the prompt and associated code that offers to create one when a version downgrade situation is detected. Add --enable-tor-browser-update build option Bug 40793: moved Tor configuration options from old-configure.in to moz.configure Bug 41584: Move some configuration options to base-browser level - - - - - c2707dad by Henry Wilkes at 2024-11-18T22:41:18+00:00 Bug 41340: Enable TOR_BROWSER_NIGHTLY_BUILD features for dev and nightly builds tor-browser#41285: Enable fluent warnings. - - - - - dd7e2729 by Pier Angelo Vendrame at 2024-11-18T22:41:19+00:00 Bug 40562: Added Tor Browser preferences to 000-tor-browser.js Before reordering patches, we used to keep the Tor-related patches (torbutton and tor-launcher) at the beginning. After that issue, we decided to move them towards the end. In addition to that, we have decided to move Tor Browser-only preferences there, too, to make Base Browser-only fixups easier to apply. - - - - - a716d8f9 by Pier Angelo Vendrame at 2024-11-18T22:41:19+00:00 Bug 13252: Customize profile management on macOS On macOS we allow both portable mode and system installation. However, in the latter case, we customize Firefox's directories to match the hierarchy we use for the portable mode. Also, display an informative error message if the TorBrowser-Data directory cannot be created due to an "access denied" or a "read only volume" error. - - - - - a19c9092 by Pier Angelo Vendrame at 2024-11-18T22:41:19+00:00 Bug 40933: Add tor-launcher functionality Bug 41926: Reimplement the control port - - - - - 2896b345 by Cecylia Bocovich at 2024-11-18T22:41:20+00:00 Lox integration - - - - - 545e83f8 by Richard Pospesel at 2024-11-18T22:41:20+00:00 Bug 40597: Implement TorSettings module - migrated in-page settings read/write implementation from about:preferences#tor to the TorSettings module - TorSettings initially loads settings from the tor daemon, and saves them to firefox prefs - TorSettings notifies observers when a setting has changed; currently only QuickStart notification is implemented for parity with previous preference notify logic in about:torconnect and about:preferences#tor - about:preferences#tor, and about:torconnect now read and write settings thorugh the TorSettings module - all tor settings live in the torbrowser.settings.* preference branch - removed unused pref modify permission for about:torconnect content page from AsyncPrefs.jsm Bug 40645: Migrate Moat APIs to Moat.jsm module - - - - - 3464f46f by Arthur Edelstein at 2024-11-18T22:41:21+00:00 Bug 3455: Add DomainIsolator, for isolating circuit by domain. Add an XPCOM component that registers a ProtocolProxyChannelFilter which sets the username/password for each web request according to url bar domain. Bug 9442: Add New Circuit button Bug 13766: Set a 10 minute circuit dirty timeout for the catch-all circ. Bug 19206: Include a 128 bit random tag as part of the domain isolator nonce. Bug 19206: Clear out the domain isolator state on `New Identity`. Bug 21201.2: Isolate by firstPartyDomain from OriginAttributes Bug 21745: Fix handling of catch-all circuit Bug 41741: Refactor the domain isolator and new circuit - - - - - dd2acbe4 by Henry Wilkes at 2024-11-18T22:41:21+00:00 Bug 41600: Add a tor circuit display panel. - - - - - 964769a7 by Pier Angelo Vendrame at 2024-11-18T22:41:21+00:00 Bug 42247: Android helpers for the TorProvider GeckoView is missing some API we use on desktop for the integration with the tor daemon, such as subprocess. Therefore, we need to implement them in Java and plumb the data back and forth between JS and Java. - - - - - 619a1e40 by hackademix at 2024-11-18T22:41:21+00:00 Bug 8324: Prevent DNS proxy bypasses caused by Drag&Drop Bug 41613: Skip Drang & Drop filtering for DNS-safe URLs - - - - - 3195fd40 by Amogh Pradeep at 2024-11-18T22:41:22+00:00 Orfox: Centralized proxy applied to AbstractCommunicator and BaseResources. See Bug 1357997 for partial uplift. Also: Bug 28051 - Use our Orbot for proxying our connections Bug 31144 - ESR68 Network Code Review - - - - - bd518285 by Matthew Finkel at 2024-11-18T22:41:22+00:00 Bug 25741: TBA: Disable GeckoNetworkManager The browser should not need information related to the network interface or network state, tor should take care of that. - - - - - 10dbc72e by Kathy Brade at 2024-11-18T22:41:22+00:00 Bug 14631: Improve profile access error messages. Instead of always reporting that the profile is locked, display specific messages for "access denied" and "read-only file system". To allow for localization, get profile-related error strings from Torbutton. Use app display name ("Tor Browser") in profile-related error alerts. - - - - - 684c28a0 by Pier Angelo Vendrame at 2024-11-18T22:41:22+00:00 Bug 40807: Added QRCode.js to toolkit/modules - - - - - 2111a5b3 by Richard Pospesel at 2024-11-18T22:41:23+00:00 Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection This patch adds a new about:preferences#connection page which allows modifying bridge, proxy, and firewall settings from within Tor Browser. All of the functionality present in tor-launcher's Network Configuration panel is present: - Setting built-in bridges - Requesting bridges from BridgeDB via moat - Using user-provided bridges - Configuring SOCKS4, SOCKS5, and HTTP/HTTPS proxies - Setting firewall ports - Viewing and Copying Tor's logs - The Networking Settings in General preferences has been removed Bug 40774: Update about:preferences page to match new UI designs - - - - - 4a54ae43 by Richard Pospesel at 2024-11-18T22:41:23+00:00 Bug 27476: Implement about:torconnect captive portal within Tor Browser - implements new about:torconnect page as tor-launcher replacement - adds new torconnect component to browser - tor process management functionality remains implemented in tor-launcher through the TorProtocolService module - adds warning/error box to about:preferences#tor when not connected to tor Bug 40773: Update the about:torconnect frontend page to match additional UI flows. Bug 41608: Add a toolbar status button and a urlbar "Connect" button. - - - - - dd37acdc by Pier Angelo Vendrame at 2024-11-18T22:41:23+00:00 Temporary changes to about:torconnect for Android. We are planning of tempoorarily using about:torconnect on Android, until the native UX is ready. - - - - - 0fb1578a by Henry Wilkes at 2024-11-18T22:41:23+00:00 Bug 7494: Create local home page for TBB. Bug 41333: Update about:tor to new design. Including: + make the favicon match the branding icon. + make the location bar show a search icon. - - - - - ea2e3b65 by Arthur Edelstein at 2024-11-18T22:41:24+00:00 Bug 12620: TorBrowser regression tests Regression tests for Bug #2950: Make Permissions Manager memory-only Regression tests for TB4: Tor Browser's Firefox preference overrides. Note: many more functional tests could be made here Regression tests for #2874: Block Components.interfaces from content Bug 18923: Add a script to run all Tor Browser specific tests Regression tests for Bug #16441: Suppress "Reset Tor Browser" prompt. - - - - - 44e712ba by Pier Angelo Vendrame at 2024-11-18T22:41:24+00:00 Bug 41668: Tweaks to the Base Browser updater for Tor Browser This commit was once part of "Bug 4234: Use the Firefox Update Process for Tor Browser.". However, some parts of it were not needed for Base Browser and some derivative browsers. Therefore, we extracted from that commit the parts for Tor Browser legacy, and we add them back to the patch set with this commit. - - - - - df6c7032 by Kathy Brade at 2024-11-18T22:41:24+00:00 Bug 12647: Support symlinks in the updater. - - - - - b9703fb7 by Kathy Brade at 2024-11-18T22:42:39+00:00 Bug 16940: After update, load local change notes. Add an about:tbupdate page that displays the first section from TorBrowser/Docs/ChangeLog.txt and includes a link to the remote post-update page (typically our blog entry for the release). Always load about:tbupdate in a content process, but implement the code that reads the file system (changelog) in the chrome process for compatibility with future sandboxing efforts. Also fix bug 29440. Now about:tbupdate is styled as a fairly simple changelog page that is designed to be displayed via a link that is on about:tor. - - - - - ea88c9be by Georg Koppen at 2024-11-18T22:42:39+00:00 Bug 32658: Create a new MAR signing key It's time for our rotation again: Move the backup key in the front position and add a new backup key. Bug 33803: Move our primary nightly MAR signing key to tor-browser Bug 33803: Add a secondary nightly MAR signing key - - - - - 3b6a5bce by Mike Perry at 2024-11-18T22:42:40+00:00 Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing eBay and Amazon don't treat Tor users very well. Accounts often get locked and payments reversed. Also: Bug 16322: Update DuckDuckGo search engine We are replacing the clearnet URL with an onion service one (thanks to a patch by a cypherpunk) and are removing the duplicated DDG search engine. Duplicating DDG happend due to bug 1061736 where Mozilla included DDG itself into Firefox. Interestingly, this caused breaking the DDG search if JavaScript is disabled as the Mozilla engine, which gets loaded earlier, does not use the html version of the search page. Moreover, the Mozilla engine tracked where the users were searching from by adding a respective parameter to the search query. We got rid of that feature as well. Also: This fixes bug 20809: the DuckDuckGo team has changed its server-side code in a way that lets users with JavaScript enabled use the default landing page while those without JavaScript available get redirected directly to the non-JS page. We adapt the search engine URLs accordingly. Also fixes bug 29798 by making sure we only specify the Google search engine we actually ship an .xml file for. Also regression tests. squash! Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing Bug 40494: Update Startpage search provider squash! Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing Bug 40438: Add Blockchair as a search engine Bug 33342: Avoid disconnect search addon error after removal. We removed the addon in #32767, but it was still being loaded from addonStartup.json.lz4 and throwing an error on startup because its resource: location is not available anymore. - - - - - c196188a by Alex Catarineu at 2024-11-18T22:42:40+00:00 Bug 40073: Disable remote Public Suffix List fetching In https://bugzilla.mozilla.org/show_bug.cgi?id=1563246 Firefox implemented fetching the Public Suffix List via RemoteSettings and replacing the default one at runtime, which we do not want. - - - - - 120372d3 by Henry Wilkes at 2024-11-18T22:42:40+00:00 Bug 41906: Hide DNS over HTTPS preferences. - - - - - ec54382e by Richard Pospesel at 2024-11-18T22:42:40+00:00 Bug 23247: Communicating security expectations for .onion Encrypting pages hosted on Onion Services with SSL/TLS is redundant (in terms of hiding content) as all traffic within the Tor network is already fully encrypted. Therefore, serving HTTP pages from an Onion Service is more or less fine. Prior to this patch, Tor Browser would mostly treat pages delivered via Onion Services as well as pages delivered in the ordinary fashion over the internet in the same way. This created some inconsistencies in behaviour and misinformation presented to the user relating to the security of pages delivered via Onion Services: - HTTP Onion Service pages did not have any 'lock' icon indicating the site was secure - HTTP Onion Service pages would be marked as unencrypted in the Page Info screen - Mixed-mode content restrictions did not apply to HTTP Onion Service pages embedding Non-Onion HTTP content This patch fixes the above issues, and also adds several new 'Onion' icons to the mix to indicate all of the various permutations of Onion Services hosted HTTP or HTTPS pages with HTTP or HTTPS content. Strings for Onion Service Page Info page are pulled from Torbutton's localization strings. - - - - - 65fb9e8d by Kathy Brade at 2024-11-18T22:42:41+00:00 Bug 30237: Add v3 onion services client authentication prompt When Tor informs the browser that client authentication is needed, temporarily load about:blank instead of about:neterror and prompt for the user's key. If a correctly formatted key is entered, use Tor's ONION_CLIENT_AUTH_ADD control port command to add the key (via Torbutton's control port module) and reload the page. If the user cancels the prompt, display the standard about:neterror "Unable to connect" page. This requires a small change to browser/actors/NetErrorChild.jsm to account for the fact that the docShell no longer has the failedChannel information. The failedChannel is used to extract TLS-related error info, which is not applicable in the case of a canceled .onion authentication prompt. Add a leaveOpen option to PopupNotifications.show so we can display error messages within the popup notification doorhanger without closing the prompt. Add support for onion services strings to the TorStrings module. Add support for Tor extended SOCKS errors (Tor proposal 304) to the socket transport and SOCKS layers. Improved display of all of these errors will be implemented as part of bug 30025. Also fixes bug 19757: Add a "Remember this key" checkbox to the client auth prompt. Add an "Onion Services Authentication" section within the about:preferences "Privacy & Security section" to allow viewing and removal of v3 onion client auth keys that have been stored on disk. Also fixes bug 19251: use enhanced error pages for onion service errors. - - - - - 808c45fd by Alex Catarineu at 2024-11-18T22:42:41+00:00 Bug 21952: Implement Onion-Location Whenever a valid Onion-Location HTTP header (or corresponding HTML <meta> http-equiv attribute) is found in a document load, we either redirect to it (if the user opted-in via preference) or notify the presence of an onionsite alternative with a badge in the urlbar. - - - - - cbb904c0 by Pier Angelo Vendrame at 2024-11-18T22:42:41+00:00 Bug 40458: Implement .tor.onion aliases We have enabled HTTPS-Only mode, therefore we do not need HTTPS-Everywhere anymore. However, we want to keep supporting .tor.onion aliases (especially for securedrop). Therefore, in this patch we implemented the parsing of HTTPS-Everywhere rulesets, and the redirect of .tor.onion domains. Actually, Tor Browser believes they are actual domains. We change them on the fly on the SOCKS proxy requests to resolve the domain, and on the code that verifies HTTPS certificates. - - - - - 6a70d139 by Pier Angelo Vendrame at 2024-11-18T22:42:41+00:00 Bug 11698: Incorporate Tor Browser Manual pages into Tor Browser This patch associates the about:manual page to a translated page that must be injected to browser/omni.ja after the build. The content must be placed in chrome/browser/content/browser/manual/, so that is then available at chrome://browser/content/manual/. We preferred giving absolute freedom to the web team, rather than having to change the patch in case of changes on the documentation. - - - - - d3e59587 by Pier Angelo Vendrame at 2024-11-18T22:42:42+00:00 Bug 41435: Add a Tor Browser migration function For now this function only deletes old language packs for which we are already packaging the strings with the application. - - - - - 8a6632bd by Henry Wilkes at 2024-11-18T22:42:42+00:00 Bug 42110: Add TorUIUtils module for common tor component methods. - - - - - fdf3ed55 by Dan Ballard at 2024-11-18T22:42:42+00:00 Bug 40701: Add security warning when downloading a file Shown in the downloads panel, about:downloads and places.xhtml. - - - - - c7539319 by Henry Wilkes at 2024-11-18T22:42:42+00:00 Bug 41736: Customize toolbar for tor-browser. - - - - - 3b8347d5 by hackademix at 2024-11-18T22:42:43+00:00 Bug 41728: Pin bridges.torproject.org domains to Let's Encrypt's root cert public key - - - - - 7ac7ac7c by Henry Wilkes at 2024-11-18T22:42:43+00:00 Customize moz-toggle for tor-browser. - - - - - c3f4671c by Richard Pospesel at 2024-11-18T22:42:43+00:00 Bug 41822: Unconditionally disable default browser UX in about:preferences - - - - - a23f1fe4 by Cecylia Bocovich at 2024-11-18T22:42:44+00:00 Temporary commit: manually place generated wasm files These files are built reproducibly using tor-browser-build: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_re… We're manually adding them here while working on the interface, but eventually these should be placed in the right location using tor-browser-build. - - - - - cb9c699d by Henry Wilkes at 2024-11-18T22:42:44+00:00 TEMPORARY: Copy torbrowser_strings.xml to the 13.5 branch. NOTE: Only needed for the `tor-browser` `13.5` branches. Bug 42480: Make sure the torbrowser_strings.xml file is in the 13.5 branch for the tor-browser `update-translations` CI. The file should otherwise remain unused for the 13.5 branch. File was copied from https://gitlab.torproject.org/tpo/translation/-/blob/f27eda6d10a4585a8402c5… - - - - - e41197ab by Henry Wilkes at 2024-11-18T22:42:44+00:00 Bug 43125: Extend the 13.5 EOL expiry date for tor-browser. - - - - - 75c944d8 by Henry Wilkes at 2024-11-18T22:42:45+00:00 Bug 43098: Year End Campaign 2024. Implements YEC 2024 for about:tor. - - - - - 30 changed files: - .eslintignore - .gitignore - + .gitlab-ci.yml - + .gitlab/ci/update-translations.yml - + .gitlab/issue_templates/Backport Android Security Fixes.md - + .gitlab/issue_templates/Emergency Security Issue.md - + .gitlab/issue_templates/Rebase Browser - Alpha.md - + .gitlab/issue_templates/Rebase Browser - Stable.md - + .gitlab/issue_templates/bug.md - + .gitlab/merge_request_templates/default.md - + README.md - − README.txt - accessible/android/SessionAccessibility.cpp - accessible/android/SessionAccessibility.h - accessible/ipc/DocAccessibleParent.cpp - accessible/ipc/DocAccessibleParent.h - accessible/ipc/moz.build - + browser/actors/AboutTBUpdateChild.jsm - + browser/actors/AboutTBUpdateParent.jsm - browser/actors/BrowserTabChild.sys.mjs - + browser/actors/CryptoSafetyChild.jsm - + browser/actors/CryptoSafetyParent.jsm - − browser/actors/RFPHelperChild.sys.mjs - − browser/actors/RFPHelperParent.sys.mjs - browser/actors/moz.build - browser/app/Makefile.in - browser/app/macbuild/Contents/Info.plist.in - browser/app/macbuild/Contents/MacOS-files.in - browser/app/moz.build - browser/app/permissions The diff was not included because it is too large. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/293d49… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/293d49… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag tbb-13.5.10-build1
by morgan (＠morgan) 19 Nov '24

19 Nov '24

morgan pushed new tag tbb-13.5.10-build1 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/tbb… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-13.5] 2 commits: Add .gitignore to tools/browser
by morgan (＠morgan) 19 Nov '24

19 Nov '24

morgan pushed to branch maint-13.5 at The Tor Project / Applications / tor-browser-build Commits: bba63971 by Morgan at 2024-11-18T23:22:21+00:00 Add .gitignore to tools/browser - - - - - f5268dd0 by Morgan at 2024-11-19T18:26:02+00:00 Bug 41287: Prepare Tor Browser Legacy 13.5.10 - - - - - 7 changed files: - projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt - projects/browser/config - projects/firefox/config - projects/manual/config - projects/translation/config - rbm.conf - + tools/browser/.gitignore Changes: ===================================== projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt ===================================== @@ -1,3 +1,19 @@ +Tor Browser 13.5.10 - November 18 2024 + * All Platforms + * Updated Firefox to 115.18.0esr + * Updated NoScript to 11.5.2 + * Bug 32668: NoScript default whitelist re-appears on clicking NoScript Options / Reset [tor-browser] + * Bug 43257: NoScript-blocked content placeholders causing slow downs [tor-browser] + * Bug 43258: NoScript Lifecycle error on extension updates [tor-browser] + * Bug 43302: Rebase Tor Browser Legacy onto 115.18.0esr [tor-browser] + * Build System + * All Platforms + * Bug 41286: Update the deploy update scripts to optinally take an override hash [tor-browser-build] + * Bug 41289: Fix single-browser in relprep.py [tor-browser-build] + * Bug 41290: Remove android signing in maint-13.5 branch [tor-browser-build] + * Bug 41300: Add bea, clairehurst, and jwilde to tb_builders [tor-browser-build] + * Bug 41303: Remove Android and Linux targets from browser-all and browser-all-desktop targets in release project [tor-browser-build] + Tor Browser 13.5.9 - October 28 2024 * Windows + macOS + Linux * Updated Tor to 0.4.8.13 ===================================== projects/browser/config ===================================== @@ -104,9 +104,9 @@ input_files: enable: '[% ! c("var/android") %]' - filename: Bundle-Data enable: '[% ! c("var/android") %]' - - URL: https://addons.mozilla.org/firefox/downloads/file/4363712/noscript-11.4.42.… + - URL: https://addons.mozilla.org/firefox/downloads/file/4379558/noscript-11.5.2.x… name: noscript - sha256sum: fd2d420afd93829bb6fe30ec6f8ba926d3d54d7583b8bbd822053b8cd13c0472 + sha256sum: 460aaa6484bf8422415dfe08260e8536866e3731ed5b8b7913cf4b7b1333493a - URL: https://addons.mozilla.org/firefox/downloads/file/4359936/ublock_origin-1.6… name: ublock-origin sha256sum: e2cda9b2a1b0a7f6e5ef0da9f87f28df52f8560587ba2e51a3003121cfb81600 ===================================== projects/firefox/config ===================================== @@ -14,12 +14,12 @@ container: use_container: 1 var: - firefox_platform_version: 115.17.0 + firefox_platform_version: 115.18.0 firefox_version: '[% c("var/firefox_platform_version") %]esr' browser_series: '13.5' browser_rebase: 1 browser_branch: '[% c("var/browser_series") %]-[% c("var/browser_rebase") %]' - browser_build: 2 + browser_build: 1 branding_directory_prefix: 'tb' copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' nightly_updates_publish_dir: '[% c("var/nightly_updates_publish_dir_prefix") %]nightly-[% c("var/osname") %]' ===================================== projects/manual/config ===================================== @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 # To update, see doc/how-to-update-the-manual.txt # Remember to update also the package's hash, with the version! -version: 215922 +version: 222718 filename: 'manual-[% c("version") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' container: use_container: 1 @@ -23,6 +23,6 @@ input_files: - project: container-image - URL: 'https://build-sources.tbb.torproject.org/manual_[% c("version") %].zip' name: manual - sha256sum: b5ed703f54d52e9f197320f3698e936d585a3fed23cc4f9fbf59edce2869f885 + sha256sum: 051174ba012fa2241e865cc604658a0af116d3bbf9d02474025277fff1b34636 - filename: packagemanual.py name: package_script ===================================== projects/translation/config ===================================== @@ -12,13 +12,13 @@ compress_tar: 'gz' steps: base-browser: base-browser: '[% INCLUDE build %]' - git_hash: 3b1be2065b54939ed019d94174f137847bcf3c66 + git_hash: caa431bbea1a76d7ad61eeda94086a1513762605 targets: nightly: git_hash: 'base-browser' tor-browser: tor-browser: '[% INCLUDE build %]' - git_hash: 64ab8361ee87846e46736bd18b12c1dfcd77fe75 + git_hash: 432f09bba30aa67804744ea507f410368ae1571e targets: nightly: git_hash: 'tor-browser' @@ -32,7 +32,7 @@ steps: fenix: '[% INCLUDE build %]' # We need to bump the commit before releasing but just pointing to a branch # might cause too much rebuidling of the Firefox part. - git_hash: 08dbd4e2bb128e2c30941dfeb7800582589f3a21 + git_hash: ce3012f552fdbe0168b710dc75827b7f0a01adf4 compress_tar: 'zst' targets: nightly: ===================================== rbm.conf ===================================== @@ -73,20 +73,18 @@ buildconf: git_signtag_opt: '-s' var: - torbrowser_version: '13.5.9' - torbrowser_build: 'build2' + torbrowser_version: '13.5.10' + torbrowser_build: 'build1' # This should be the date of when the build is started. For the build # to be reproducible, browser_release_date should always be in the past. - browser_release_date: '2024/10/24 16:02:53' + browser_release_date: '2024/11/18 23:09:19' browser_release_date_timestamp: '[% USE date; date.format(c("var/browser_release_date"), "%s") %]' updater_enabled: 1 build_mar: 1 torbrowser_incremental_from: + - 13.5.9 # 13.5.8 was Android-only - 13.5.7 - - 13.5.6 - - '[% IF c("var/tor-browser") %]13.5.5[% END %]' - - '[% IF c("var/mullvad-browser") %]13.5.3[% END %]' mar_channel_id: '[% c("var/projectname") %]-torproject-[% c("var/channel") %]' # By default, we sort the list of installed packages. This allows sharing ===================================== tools/browser/.gitignore ===================================== @@ -0,0 +1,3 @@ +basebrowser +mullvadbrowser +torbrowser View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.4.0esr-14.5-1] fixup! Add CI for Tor Browser
by Pier Angelo Vendrame (＠pierov) 19 Nov '24

19 Nov '24

Pier Angelo Vendrame pushed to branch tor-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: 4dbb3744 by Beatriz Rizental at 2024-11-19T19:18:28+01:00 fixup! Add CI for Tor Browser - - - - - 2 changed files: - .gitlab-ci.yml - .gitlab/ci/update-containers.yml Changes: ===================================== .gitlab-ci.yml ===================================== @@ -1,6 +1,6 @@ stages: - - lint - update-container-images + - lint - update-translations variables: ===================================== .gitlab/ci/update-containers.yml ===================================== @@ -13,3 +13,4 @@ build-base-image: - if: ($CI_COMMIT_BRANCH && $CI_COMMIT_REF_PROTECTED == 'true' && $CI_PROJECT_NAMESPACE == 'tpo/applications') changes: - '.gitlab/ci/containers/base/Containerfile' + - '.gitlab-ci.yml' View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/4dbb374… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/4dbb374… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.4.0esr-14.5-1] fixup! Add CI for Tor Browser
by Pier Angelo Vendrame (＠pierov) 19 Nov '24

19 Nov '24

Pier Angelo Vendrame pushed to branch tor-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: e4f6dd28 by Beatriz Rizental at 2024-11-19T18:56:38+01:00 fixup! Add CI for Tor Browser Add missing dependency to CI base container. - - - - - 1 changed file: - .gitlab/ci/containers/base/Containerfile Changes: ===================================== .gitlab/ci/containers/base/Containerfile ===================================== @@ -23,6 +23,7 @@ RUN apt-get update && apt-get install -y \ libxi-dev \ libxrandr-dev \ libxtst-dev \ + make \ m4 \ mercurial \ nasm \ View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/e4f6dd2… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/e4f6dd2… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new branch tor-browser-128.5.0esr-14.5-1
by Pier Angelo Vendrame (＠pierov) 19 Nov '24

19 Nov '24

Pier Angelo Vendrame pushed new branch tor-browser-128.5.0esr-14.5-1 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new branch tor-browser-128.5.0esr-14.0-1
by Pier Angelo Vendrame (＠pierov) 19 Nov '24

19 Nov '24

Pier Angelo Vendrame pushed new branch tor-browser-128.5.0esr-14.0-1 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser] Pushed new tag FIREFOX_128_5_0esr_BUILD1
by Pier Angelo Vendrame (＠pierov) 19 Nov '24

19 Nov '24

Pier Angelo Vendrame pushed new tag FIREFOX_128_5_0esr_BUILD1 at The Tor Project / Applications / Mullvad Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/FIREF… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag FIREFOX_128_5_0esr_BUILD1
by Pier Angelo Vendrame (＠pierov) 19 Nov '24

19 Nov '24

Pier Angelo Vendrame pushed new tag FIREFOX_128_5_0esr_BUILD1 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/FIREFOX_1… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag FIREFOX_115_18_0esr_BUILD1
by morgan (＠morgan) 18 Nov '24

18 Nov '24

morgan pushed new tag FIREFOX_115_18_0esr_BUILD1 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/FIREFOX_1… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new branch base-browser-115.18.0esr-13.5-1
by morgan (＠morgan) 18 Nov '24

18 Nov '24

morgan pushed new branch base-browser-115.18.0esr-13.5-1 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/base-brow… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new branch tor-browser-115.18.0esr-13.5-1
by morgan (＠morgan) 18 Nov '24

18 Nov '24

morgan pushed new branch tor-browser-115.18.0esr-13.5-1 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Update release prep issue templates
by morgan (＠morgan) 18 Nov '24

18 Nov '24

morgan pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 4c1be3be by Morgan at 2024-11-18T22:17:10+00:00 Update release prep issue templates - added directions on using the ./tools/browser/sign-tag script - removed some extraneous checkboxes - made Run: directives consistent - fixed some typos - - - - - 5 changed files: - .gitlab/issue_templates/Release Prep - Mullvad Browser Alpha.md - .gitlab/issue_templates/Release Prep - Mullvad Browser Stable.md - .gitlab/issue_templates/Release Prep - Tor Browser Alpha.md - .gitlab/issue_templates/Release Prep - Tor Browser Legacy.md - .gitlab/issue_templates/Release Prep - Tor Browser Stable.md Changes: ===================================== .gitlab/issue_templates/Release Prep - Mullvad Browser Alpha.md ===================================== @@ -41,13 +41,17 @@ - [ ] Tag `mullvad-browser` commit: - **example**: `mullvad-browser-128.4.0esr-14.5-1-build1` + - Run: + ```bash + ./tools/browser/sign-tag.mullvadbrowser alpha ${BUILD_N} + ``` ### tor-browser-build: https://gitlab.torproject.org/tpo/applications/tor-browser-build.git Mullvad Browser Alpha (and Nightly) are on the `main` branch - [ ] Changelog bookkeeping: - - [ ] Ensure all commits to `mullvad-browser` and `tor-browser-build` for this release have an associated issue linked to this release preparation issue - - [ ] Ensure each issue has a platform (~Windows, ~MacOS, ~Linux, ~Desktop, ~"All Platforms") and potentially ~"Build System" labels + - Ensure all commits to `mullvad-browser` and `tor-browser-build` for this release have an associated issue linked to this release preparation issue + - Ensure each issue has a platform (~Windows, ~MacOS, ~Linux, ~Desktop, ~"All Platforms") and potentially ~"Build System" labels - [ ] Create a release preparation branch from the `main` branch - [ ] Run release preparation script: - **NOTE**: You can omit the `--mullvad-browser` argument if this is for a joint Tor and Mullvad Browser release @@ -71,24 +75,24 @@ Mullvad Browser Alpha (and Nightly) are on the `main` branch - [ ] `steps/base-browser/git_hash`: updated with `HEAD` commit of project's `base-browser` branch - [ ] `steps/mullvad-browser/git_hash`: updated with `HEAD` commit of project's `mullvad-browser` branch - [ ] ***(Optional)*** `projects/browser/config`: - - [ ] NoScript: https://addons.mozilla.org/en-US/firefox/addon/noscript + - [ ] ***(Optional)*** NoScript: https://addons.mozilla.org/en-US/firefox/addon/noscript - [ ] `URL` updated - **⚠️ WARNING**: If preparing the release manually, updating the version number in the url is not sufficient, as each version has a random unique id in the download url - [ ] `sha256sum` updated - - [ ] uBlock-origin: https://addons.mozilla.org/en-US/firefox/addon/ublock-origin + - [ ] ***(Optional)*** uBlock-origin: https://addons.mozilla.org/en-US/firefox/addon/ublock-origin - [ ] `URL` updated - **⚠️ WARNING**: If preparing the release manually, updating the version number in the url is not sufficient, as each version has a random unique id in the download url - [ ] `sha256sum` updated - - [ ] Mullvad Browser extension: https://github.com/mullvad/browser-extension/releases + - [ ] ***(Optional)*** Mullvad Browser extension: https://github.com/mullvad/browser-extension/releases - [ ] `URL` updated - [ ] `sha256sum` updated - [ ] `ChangeLog-MB.txt`: ensure correctness - - [ ] Browser name correct - - [ ] Release date correct - - [ ] No Android updates - - [ ] All issues added under correct platform - - [ ] ESR updates correct - - [ ] Component updates correct + - Browser name correct + - Release date correct + - No Android updates + - All issues added under correct platform + - ESR updates correct + - Component updates correct - [ ] Open MR with above changes, using the template for release preparations - **NOTE**: target the `main` branch - [ ] Merge @@ -99,13 +103,13 @@ Mullvad Browser Alpha (and Nightly) are on the `main` branch - ma1 - morgan - pierov - - [ ] Run: + - Run: ```bash make mullvadbrowser-signtag-alpha ``` - - [ ] Push tag to `upstream` +- [ ] Push tag to `upstream` - [ ] Build the tag: - - [ ] Run: + - Run: ```bash make mullvadbrowser-alpha && make mullvadbrowser-incrementals-alpha ``` @@ -113,8 +117,8 @@ Mullvad Browser Alpha (and Nightly) are on the `main` branch - [ ] Local developer machine - [ ] Submit build request to Mullvad infrastructure: - **NOTE** this requires a devmole authentication token - - **NOTE** this also requires you be connected to a Swedish Mulvad VPN exit - - [ ] Run: + - **NOTE** this also requires you be connected to Gothenburg Mulvad VPN exit `se-got-wg-101` + - Run: ```bash make mullvadbrowser-kick-devmole-build ``` @@ -148,7 +152,7 @@ Mullvad Browser Alpha (and Nightly) are on the `main` branch - `tbb_version_type`: either `alpha` for alpha releases or `release` for stable releases - [ ] On `${STAGING_SERVER}` in a separate `screen` session, ensure tor daemon is running with SOCKS5 proxy on the default port 9050 - [ ] On `${STAGING_SERVER}` in a separate `screen` session, run do-all-signing script: - - [ ] Run: + - Run: ```bash cd tor-browser-build/tools/signing/ && ./do-all-signing.mullvadbrowser ``` @@ -162,7 +166,7 @@ Mullvad Browser Alpha (and Nightly) are on the `main` branch ### website - [ ] On `staticiforme.torproject.org`, remove old release and publish new: - [ ] `/srv/dist-master.torproject.org/htdocs/mullvadbrowser` - - [ ] Run: + - Run: ```bash static-update-component dist.torproject.org ``` @@ -200,7 +204,7 @@ Mullvad Browser Alpha (and Nightly) are on the `main` branch - Mullvad support alias: support(a)mullvadvpn.net - Rui Hildt: rui(a)mullvad.net ``` - support(a)mullvadvpn.net rui(a)mullvad.net + support(a)mullvadvpn.net, rui(a)mullvad.net, ``` - **Subject** ``` @@ -228,7 +232,7 @@ Mullvad Browser Alpha (and Nightly) are on the `main` branch - arch package maintainer: bootctl(a)gmail.com - nixOS package maintainer: dev(a)felschr.com ``` - proletarius101(a)protonmail.com bootctl(a)gmail.com dev(a)felschr.com + proletarius101(a)protonmail.com, bootctl(a)gmail.com, dev(a)felschr.com, ``` - **Subject** ``` ===================================== .gitlab/issue_templates/Release Prep - Mullvad Browser Stable.md ===================================== @@ -41,13 +41,17 @@ - [ ] Tag `mullvad-browser` commit: - **example**: `mullvad-browser-128.3.0esr-14.0-1-build1` + - Run: + ```bash + ./tools/browser/sign-tag.mullvadbrowser stable ${BUILD_N} + ``` ### tor-browser-build: https://gitlab.torproject.org/tpo/applications/tor-browser-build.git Mullvad Browser Stable is on the `maint-${MULLVAD_BROWSER_MAJOR}.${MULLVAD_BROWSER_MINOR}` branch - [ ] Changelog bookkeeping: - - [ ] Ensure all commits to `mullvad-browser` and `tor-browser-build` for this release have an associated issue linked to this release preparation issue - - [ ] Ensure each issue has a platform (~Windows, ~MacOS, ~Linux, ~Desktop, ~"All Platforms") and potentially ~"Build System" labels + - Ensure all commits to `mullvad-browser` and `tor-browser-build` for this release have an associated issue linked to this release preparation issue + - Ensure each issue has a platform (~Windows, ~MacOS, ~Linux, ~Desktop, ~"All Platforms") and potentially ~"Build System" labels - [ ] Create a release preparation branch from the current `maint-XX.Y` branch - [ ] Run release preparation script: - **NOTE**: You can omit the `--mullvad-browser` argument if this is for a joint Tor and Mullvad Browser release @@ -71,24 +75,24 @@ Mullvad Browser Stable is on the `maint-${MULLVAD_BROWSER_MAJOR}.${MULLVAD_BROWS - [ ] `steps/base-browser/git_hash`: updated with `HEAD` commit of project's `base-browser` branch - [ ] `steps/mullvad-browser/git_hash`: updated with `HEAD` commit of project's `mullvad-browser` branch - [ ] ***(Optional)*** `projects/browser/config`: - - [ ] NoScript: https://addons.mozilla.org/en-US/firefox/addon/noscript + - [ ] ***(Optional)*** NoScript: https://addons.mozilla.org/en-US/firefox/addon/noscript - [ ] `URL` updated - **⚠️ WARNING**: If preparing the release manually, updating the version number in the url is not sufficient, as each version has a random unique id in the download url - [ ] `sha256sum` updated - - [ ] uBlock-origin: https://addons.mozilla.org/en-US/firefox/addon/ublock-origin + - [ ] ***(Optional)*** uBlock-origin: https://addons.mozilla.org/en-US/firefox/addon/ublock-origin - [ ] `URL` updated - **⚠️ WARNING**: If preparing the release manually, updating the version number in the url is not sufficient, as each version has a random unique id in the download url - [ ] `sha256sum` updated - - [ ] Mullvad Browser extension: https://github.com/mullvad/browser-extension/releases + - [ ] ***(Optional)*** Mullvad Browser extension: https://github.com/mullvad/browser-extension/releases - [ ] `URL` updated - [ ] `sha256sum` updated - [ ] `ChangeLog-MB.txt`: ensure correctness - - [ ] Browser name correct - - [ ] Release date correct - - [ ] No Android updates - - [ ] All issues added under correct platform - - [ ] ESR updates correct - - [ ] Component updates correct + - Browser name correct + - Release date correct + - No Android updates + - All issues added under correct platform + - ESR updates correct + - Component updates correct - [ ] Open MR with above changes, using the template for release preparations - **NOTE**: target the `maint-14.0` branch - [ ] Merge @@ -99,22 +103,22 @@ Mullvad Browser Stable is on the `maint-${MULLVAD_BROWSER_MAJOR}.${MULLVAD_BROWS - ma1 - morgan - pierov - - [ ] Run: + - Run: ```bash make mullvadbrowser-signtag-release ``` - - [ ] Push tag to `upstream` +- [ ] Push tag to `upstream` - [ ] Build the tag: - - [ ] Run: + - Run: ```bash make mullvadbrowser-release && make mullvadbrowser-incrementals-release ``` - - [ ] Tor Project build machine - - [ ] Local developer machine + - Tor Project build machine + - Local developer machine - [ ] Submit build request to Mullvad infrastructure: - **NOTE** this requires a devmole authentication token - - **NOTE** this also requires you be connected to a Swedish Mulvad VPN exit - - [ ] Run: + - **NOTE** this also requires you be connected to Gothenburg Mulvad VPN exit `se-got-wg-101` + - Run: ```bash make mullvadbrowser-kick-devmole-build ``` @@ -148,7 +152,7 @@ Mullvad Browser Stable is on the `maint-${MULLVAD_BROWSER_MAJOR}.${MULLVAD_BROWS - `tbb_version_type`: either `alpha` for alpha releases or `release` for stable releases - [ ] On `${STAGING_SERVER}` in a separate `screen` session, ensure tor daemon is running with SOCKS5 proxy on the default port 9050 - [ ] On `${STAGING_SERVER}` in a separate `screen` session, run do-all-signing script: - - [ ] Run: + - Run: ```bash cd tor-browser-build/tools/signing/ && ./do-all-signing.mullvadbrowser ``` @@ -162,7 +166,7 @@ Mullvad Browser Stable is on the `maint-${MULLVAD_BROWSER_MAJOR}.${MULLVAD_BROWS ### website - [ ] On `staticiforme.torproject.org`, remove old release and publish new: - [ ] `/srv/dist-master.torproject.org/htdocs/mullvadbrowser` - - [ ] Run: + - Run: ```bash static-update-component dist.torproject.org ``` @@ -200,7 +204,7 @@ Mullvad Browser Stable is on the `maint-${MULLVAD_BROWSER_MAJOR}.${MULLVAD_BROWS - Mullvad support alias: support(a)mullvadvpn.net - Rui Hildt: rui(a)mullvad.net ``` - support(a)mullvadvpn.net rui(a)mullvad.net + support(a)mullvadvpn.net, rui(a)mullvad.net ``` - **Subject** ``` @@ -227,7 +231,7 @@ Mullvad Browser Stable is on the `maint-${MULLVAD_BROWSER_MAJOR}.${MULLVAD_BROWS - arch package maintainer: bootctl(a)gmail.com - nixOS package maintainer: dev(a)felschr.com ``` - proletarius101(a)protonmail.com bootctl(a)gmail.com dev(a)felschr.com + proletarius101(a)protonmail.com, bootctl(a)gmail.com, dev(a)felschr.com, ``` - **Subject** ``` ===================================== .gitlab/issue_templates/Release Prep - Tor Browser Alpha.md ===================================== @@ -41,13 +41,17 @@ - [ ] Tag `tor-browser` in tor-browser.git - **example**: `tor-browser-128.4.0esr-14.5-1-build1` + - Run: + ```bash + ./tools/browser/sign-tag.torbrowser alpha ${BUILD_N} + ``` ### tor-browser-build: https://gitlab.torproject.org/tpo/applications/tor-browser-build.git Tor Browser Alpha (and Nightly) are on the `main` branch - [ ] Changelog bookkeeping: - - [ ] Ensure all commits to `tor-browser` and `tor-browser-build` for this release have an associated issue linked to this release preparation issue - - [ ] Ensure each issue has a platform (~Windows, ~MacOS, ~Linux, ~Android, ~Desktop, ~"All Platforms") and potentially ~"Build System" labels + - Ensure all commits to `tor-browser` and `tor-browser-build` for this release have an associated issue linked to this release preparation issue + - Ensure each issue has a platform (~Windows, ~MacOS, ~Linux, ~Android, ~Desktop, ~"All Platforms") and potentially ~"Build System" labels - [ ] Create a release preparation branch from the `main` branch - [ ] Run release preparation script: - **NOTE**: You can omit the `--tor-browser` argument if this is for a jointt Tor and Mullvad Browser release @@ -75,7 +79,7 @@ Tor Browser Alpha (and Nightly) are on the `main` branch - [ ] `steps/tor-browser/git_hash`: updated with `HEAD` commit of project's `tor-browser` branch - [ ] `steps/fenix/git_hash`: updated with `HEAD` commit of project's `fenix-torbrowserstringsxml` branch - [ ] ***(Optional)*** `projects/browser/config`: - - [ ] NoScript: https://addons.mozilla.org/en-US/firefox/addon/noscript + - [ ] ***(Optional)*** NoScript: https://addons.mozilla.org/en-US/firefox/addon/noscript - [ ] `URL` updated - **⚠️ WARNING**: If preparing the release manually, updating the version number in the url is not sufficient, as each version has a random unique id in the download url - [ ] `sha256sum` updated @@ -101,18 +105,18 @@ Tor Browser Alpha (and Nightly) are on the `main` branch - [ ] `input_files/shasum` for `manual`: updated to manual hash - [ ] Upload the downloaded `manual_${PIPELINEID}.zip` file to `tb-build-02.torproject.org` - [ ] Deploy to `tb-builder`'s `public_html` directory: - - [ ] Run: + - Run: ```bash sudo -u tb-builder cp manual_${PIPELINEID}.zip ~tb-builder/public_html/. ``` - `sudo` documentation for TPO machines: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/doc/accounts#changingres… - [ ] `ChangeLog-TBB.txt`: ensure correctness - - [ ] Browser name correct - - [ ] Release date correct - - [ ] No Android updates on a desktop-only release and vice-versa - - [ ] All issues added under correct platform - - [ ] ESR updates correct - - [ ] Component updates correct + - Browser name correct + - Release date correct + - No Android updates on a desktop-only release and vice-versa + - All issues added under correct platform + - ESR updates correct + - Component updates correct - [ ] Open MR with above changes, using the template for release preparations - **NOTE**: target the `main` branch - [ ] Merge @@ -123,13 +127,13 @@ Tor Browser Alpha (and Nightly) are on the `main` branch - ma1 - morgan - pierov - - [ ] Run: + - Run: ```bash make torbrowser-signtag-alpha ``` - - [ ] Push tag to `upstream` +- [ ] Push tag to `upstream` - [ ] Build the tag: - - [ ] Run: + - Run: ```bash make torbrowser-alpha && make torbrowser-incrementals-alpha ``` @@ -137,8 +141,8 @@ Tor Browser Alpha (and Nightly) are on the `main` branch - [ ] Local developer machine - [ ] Submit build request to Mullvad infrastructure: - **NOTE** this requires a devmole authentication token - - **NOTE** this also requires you be connected to a Swedish Mulvad VPN exit - - [ ] Run: + - **NOTE** this also requires you be connected to Gothenburg Mulvad VPN exit `se-got-wg-101` + - Run: ```bash make torbrowser-kick-devmole-build ``` @@ -160,9 +164,14 @@ Tor Browser Alpha (and Nightly) are on the `main` branch - **⚠️ WARNING**: Do not deploy yet! ### blog: https://gitlab.torproject.org/tpo/web/blog.git - - [ ] Run `tools/signing/create-blog-post` which should create the new blog post from a template (edit set-config.blog to set you local blog directory) - - [ ] Note any ESR update - - [ ] Thank any users which have contributed patches + - [ ] Generate release blog post + - Run: + ```bash + ./tools/signing/create-blog-post.torbrowser + ``` + - **NOTE** this script creates the new blog post from a template (edit `./tools/signing/set-config.blog` to set you local blog directory) + - [ ] **(Optional)** Note any ESR update + - [ ] **(Optional)** Thank any users which have contributed patches - [ ] **(Optional)** Draft any additional sections for new features which need testing, known issues, etc - [ ] Push to origin as new branch and open MR - [ ] Review @@ -198,7 +207,7 @@ Tor Browser Alpha (and Nightly) are on the `main` branch - `tbb_version_type`: either `alpha` for alpha releases or `release` for stable releases - [ ] On `${STAGING_SERVER}` in a separate `screen` session, ensure tor daemon is running with SOCKS5 proxy on the default port 9050 - [ ] On `${STAGING_SERVER}` in a separate `screen` session, run do-all-signing script: - - [ ] Run: + - Run: ```bash cd tor-browser-build/tools/signing/ && ./do-all-signing.torbrowser ``` @@ -244,14 +253,14 @@ popd ### website - [ ] On `staticiforme.torproject.org`, static update components: - - [ ] Run: + - Run: ```bash static-update-component cdn.torproject.org && static-update-component dist.torproject.org ``` - [ ] Deploy `tor-website` MR - [ ] Deploy `tor-blog` MR - [ ] On `staticiforme.torproject.org`, enable update responses: - - [ ] Run: + - Run: ```bash sudo -u tb-release ./deploy_update_responses-alpha.sh ``` @@ -259,7 +268,7 @@ popd - **NOTE**: Skip this step if we need to hold on to older versions for some reason (for example, this is an Andoid or Desktop-only release, or if we need to hold back installers in favor of build-to-build updates if there are signing issues, etc) - [ ] `/srv/cdn-master.torproject.org/htdocs/aus1/torbrowser` - [ ] `/srv/dist-master.torproject.org/htdocs/torbrowser` - - [ ] Run: + - Run: ```bash static-update-component cdn.torproject.org && static-update-component dist.torproject.org ``` @@ -314,7 +323,7 @@ popd - torbrowser-launcher: mail(a)asciiwolf.com  - Anti-Censorship: meskio(a)torproject.org  ``` - tails-dev(a)boum.org nathan(a)guardianproject.info freebsd(a)sysctl.cz caspar(a)schutijser.com mail(a)asciiwolf.com meskio(a)torproject.org + tails-dev(a)boum.org, nathan(a)guardianproject.info, freebsd(a)sysctl.cz, caspar(a)schutijser.com, mail(a)asciiwolf.com, meskio(a)torproject.org, ``` - **Subject** ``` ===================================== .gitlab/issue_templates/Release Prep - Tor Browser Legacy.md ===================================== @@ -40,13 +40,17 @@ - [ ] Tag `tor-browser` in tor-browser.git - **example**: `tor-browser-115.17.0esr-13.5-1-build1` + - Run: + ```bash + ./tools/browser/sign-tag.torbrowser legacy ${BUILD_N} + ``` ### tor-browser-build: https://gitlab.torproject.org/tpo/applications/tor-browser-build.git Tor Browser Legacy is on the `maint-13.5` branch - [ ] Changelog bookkeeping: - - [ ] Ensure all commits to `tor-browser` and `tor-browser-build` for this release have an associated issue linked to this release preparation issue - - [ ] Ensure each issue has a platform (~Windows, ~MacOS, ~Desktop, ~"All Platforms") and potentially ~"Build System" labels + - Ensure all commits to `tor-browser` and `tor-browser-build` for this release have an associated issue linked to this release preparation issue + - Ensure each issue has a platform (~Windows, ~MacOS, ~Desktop, ~"All Platforms") and potentially ~"Build System" labels - [ ] Create a release preparation branch from the `maint-13.5` branch - [ ] Run release preparation script: - **⚠️ WARNING**: You may need to manually update the `firefox/config` file's `browser_build` field if `tor-browser.git` has not yet been tagged (e.g. if security backports have not yet been merged and tagged) @@ -69,7 +73,7 @@ Tor Browser Legacy is on the `maint-13.5` branch - [ ] `steps/base-browser/git_hash`: updated with `HEAD` commit of project's `base-browser` branch - [ ] `steps/tor-browser/git_hash`: updated with `HEAD` commit of project's `tor-browser` branch - [ ] ***(Optional)*** `projects/browser/config`: - - [ ] NoScript: https://addons.mozilla.org/en-US/firefox/addon/noscript + - [ ] ***(Optional)*** NoScript: https://addons.mozilla.org/en-US/firefox/addon/noscript - [ ] `URL` updated - **⚠️ WARNING**: If preparing the release manually, updating the version number in the url is not sufficient, as each version has a random unique id in the download url - [ ] `sha256sum` updated @@ -94,18 +98,18 @@ Tor Browser Legacy is on the `maint-13.5` branch - [ ] `input_files/shasum` for `manual`: updated to manual hash - [ ] Upload the downloaded `manual_${PIPELINEID}.zip` file to `tb-build-02.torproject.org` - [ ] Deploy to `tb-builder`'s `public_html` directory: - - [ ] Run: + - Run: ```bash sudo -u tb-builder cp manual_${PIPELINEID}.zip ~tb-builder/public_html/. ``` - `sudo` documentation for TPO machines: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/doc/accounts#changingres… - [ ] `ChangeLog-TBB.txt`: ensure correctness - - [ ] Browser name correct - - [ ] Release date correct - - [ ] No Android updates - - [ ] All issues added under correct platform - - [ ] ESR updates correct - - [ ] Component updates correct + - Browser name correct + - Release date correct + - No Android updates + - All issues added under correct platform + - ESR updates correct + - Component updates correct - [ ] Open MR with above changes, using the template for release preparations - **NOTE**: target the `maint-13.5` branch - [ ] Merge @@ -116,13 +120,13 @@ Tor Browser Legacy is on the `maint-13.5` branch - ma1 - morgan - pierov - - [ ] Run: + - Run: ```bash make torbrowser-signtag-release ``` - - [ ] Push tag to `upstream` +- [ ] Push tag to `upstream` - [ ] Build the tag: - - [ ] Run: + - Run: ```bash make torbrowser-release && make torbrowser-incrementals-release ``` @@ -130,8 +134,8 @@ Tor Browser Legacy is on the `maint-13.5` branch - [ ] Local developer machine - [ ] Submit build request to Mullvad infrastructure: - **NOTE** this requires a devmole authentication token - - **NOTE** this also requires you be connected to a Swedish Mulvad VPN exit - - [ ] Run: + - **NOTE** this also requires you be connected to Gothenburg Mulvad VPN exit `se-got-wg-101` + - Run: ```bash make torbrowser-kick-devmole-build ``` @@ -142,9 +146,14 @@ Tor Browser Legacy is on the `maint-13.5` branch <summary>Website</summary> ### blog: https://gitlab.torproject.org/tpo/web/blog.git - - [ ] Run `tools/signing/create-blog-post` which should create the new blog post from a template (edit set-config.blog to set you local blog directory) - - [ ] Note any ESR update - - [ ] Thank any users which have contributed patches + - [ ] Generate release blog post + - Run: + ```bash + ./tools/signing/create-blog-post.torbrowser + ``` + - **NOTE** this script creates the new blog post from a template (edit `./tools/signing/set-config.blog` to set you local blog directory) + - [ ] **(Optional)** Note any ESR update + - [ ] **(Optional)** Thank any users which have contributed patches - [ ] **(Optional)** Draft any additional sections for new features which need testing, known issues, etc - [ ] Push to origin as new branch and open MR - [ ] Review @@ -178,7 +187,7 @@ Tor Browser Legacy is on the `maint-13.5` branch - `tbb_version_type`: either `alpha` for alpha releases or `release` for stable releases - [ ] On `${STAGING_SERVER}` in a separate `screen` session, ensure tor daemon is running with SOCKS5 proxy on the default port 9050 - [ ] On `${STAGING_SERVER}` in a separate `screen` session, run do-all-signing script: - - [ ] Run: + - Run: ```bash cd tor-browser-build/tools/signing/ && ./do-all-signing.torbrowser ``` @@ -224,7 +233,7 @@ popd ### website - [ ] On `staticiforme.torproject.org`, static update components: - - [ ] Run: + - Run: ```bash static-update-component cdn.torproject.org && static-update-component dist.torproject.org ``` @@ -233,7 +242,7 @@ popd - **NOTE**: Skip this step if we need to hold on to older versions for some reason (for example, this is an Andoid or Desktop-only release, or if we need to hold back installers in favor of build-to-build updates if there are signing issues, etc) - [ ] `/srv/cdn-master.torproject.org/htdocs/aus1/torbrowser` - [ ] `/srv/dist-master.torproject.org/htdocs/torbrowser` - - [ ] Run: + - Run: ```bash static-update-component cdn.torproject.org && static-update-component dist.torproject.org ``` @@ -247,12 +256,12 @@ popd - [ ] `var/torbrowser_legacy_platform_version`: update to `${ESR_VERSION}` - **NOTE** this is ESR version for the legacy branch, not the 14.0 branch - [ ] Generate update responses: - - [ ] Run: + - Run: ```bash make torbrowser-update_responses-release ``` - [ ] Commit new update responses to tor-browser-update-responses.git: - - [ ] Run: + - Run: ```bash updaterespdir=/path/to/tor-browser-update-responses.git cp torbrowser/release/update-responses/update-responses-release-${TOR_BROWSER_VERSION}.tar "$updaterespdir" ===================================== .gitlab/issue_templates/Release Prep - Tor Browser Stable.md ===================================== @@ -41,13 +41,17 @@ - [ ] Tag `tor-browser` in tor-browser.git - **example**: `tor-browser-128.4.0esr-14.0-1-build1` + - Run: + ```bash + ./tools/browser/sign-tag.torbrowser stable ${BUILD_N} + ``` ### tor-browser-build: https://gitlab.torproject.org/tpo/applications/tor-browser-build.git Tor Browser Stable is on the `maint-${TOR_BROWSER_MAJOR}.${TOR_BROWSER_MINOR}` branch - [ ] Changelog bookkeeping: - - [ ] Ensure all commits to `tor-browser` and `tor-browser-build` for this release have an associated issue linked to this release preparation issue - - [ ] Ensure each issue has a platform (~Windows, ~MacOS, ~Linux, ~Android, ~Desktop, ~"All Platforms") and potentially ~"Build System" labels + - Ensure all commits to `tor-browser` and `tor-browser-build` for this release have an associated issue linked to this release preparation issue + - Ensure each issue has a platform (~Windows, ~MacOS, ~Linux, ~Android, ~Desktop, ~"All Platforms") and potentially ~"Build System" labels - [ ] Create a release preparation branch from the current `maint-XX.Y` branch - [ ] Run release preparation script: - **NOTE**: You can omit the `--tor-browser` argument if this is for a joint Tor and Mullvad Browser release @@ -64,9 +68,9 @@ Tor Browser Stable is on the `maint-${TOR_BROWSER_MAJOR}.${TOR_BROWSER_MINOR}` b - [ ] ***(Desktop Only)*** `var/torbrowser_incremental_from`: updated to previous Desktop version - **NOTE**: We try to build incrementals for the previous 3 desktop versions - **⚠️ WARNING**: Really *actually* make sure this is the previous Desktop version or else the `make torbrowser-incrementals-*` step will fail -- [ ] `projects/firefox/config` - - [ ] `browser_build`: updated to match `tor-browser` tag - - [ ] ***(Optional)*** `var/firefox_platform_version`: updated to latest `${ESR_VERSION}` if rebased + - [ ] `projects/firefox/config` + - [ ] `browser_build`: updated to match `tor-browser` tag + - [ ] ***(Optional)*** `var/firefox_platform_version`: updated to latest `${ESR_VERSION}` if rebased - [ ] `projects/geckoview/config` - [ ] `browser_build`: updated to match `tor-browser` tag - [ ] ***(Optional)*** `var/firefox_platform_version`: updated to latest `${ESR_VERSION}` if rebased @@ -75,7 +79,7 @@ Tor Browser Stable is on the `maint-${TOR_BROWSER_MAJOR}.${TOR_BROWSER_MINOR}` b - [ ] `steps/tor-browser/git_hash`: updated with `HEAD` commit of project's `tor-browser` branch - [ ] `steps/fenix/git_hash`: updated with `HEAD` commit of project's `fenix-torbrowserstringsxml` branch - [ ] ***(Optional)*** `projects/browser/config`: - - [ ] NoScript: https://addons.mozilla.org/en-US/firefox/addon/noscript + - [ ] ***(Optional)*** NoScript: https://addons.mozilla.org/en-US/firefox/addon/noscript - [ ] `URL` updated - **⚠️ WARNING**: If preparing the release manually, updating the version number in the url is not sufficient, as each version has a random unique id in the download url - [ ] `sha256sum` updated @@ -101,18 +105,18 @@ Tor Browser Stable is on the `maint-${TOR_BROWSER_MAJOR}.${TOR_BROWSER_MINOR}` b - [ ] `input_files/shasum` for `manual`: updated to manual hash - [ ] Upload the downloaded `manual_${PIPELINEID}.zip` file to `tb-build-02.torproject.org` - [ ] Deploy to `tb-builder`'s `public_html` directory: - - [ ] Run: + - Run: ```bash sudo -u tb-builder cp manual_${PIPELINEID}.zip ~tb-builder/public_html/. ``` - `sudo` documentation for TPO machines: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/doc/accounts#changingres… - [ ] `ChangeLog-TBB.txt`: ensure correctness - - [ ] Browser name correct - - [ ] Release date correct - - [ ] No Android updates on a desktop-only release and vice-versa - - [ ] All issues added under correct platform - - [ ] ESR updates correct - - [ ] Component updates correct + - Browser name correct + - Release date correct + - No Android updates on a desktop-only release and vice-versa + - All issues added under correct platform + - ESR updates correct + - Component updates correct - [ ] Open MR with above changes, using the template for release preparations - **NOTE**: target the `maint-14.0` branch - [ ] Merge @@ -123,22 +127,22 @@ Tor Browser Stable is on the `maint-${TOR_BROWSER_MAJOR}.${TOR_BROWSER_MINOR}` b - ma1 - morgan - pierov - - [ ] Run: + - Run: ```bash make torbrowser-signtag-release ``` - - [ ] Push tag to `upstream` +- [ ] Push tag to `upstream` - [ ] Build the tag: - - [ ] Run: + - Run: ```bash make torbrowser-release && make torbrowser-incrementals-release ``` - - [ ] Tor Project build machine - - [ ] Local developer machine + - Tor Project build machine + - Local developer machine - [ ] Submit build request to Mullvad infrastructure: - **NOTE** this requires a devmole authentication token - - **NOTE** this also requires you be connected to a Swedish Mulvad VPN exit - - [ ] Run: + - **NOTE** this also requires you be connected to Gothenburg Mulvad VPN exit `se-got-wg-101` + - Run: ```bash make torbrowser-kick-devmole-build ``` @@ -160,9 +164,14 @@ Tor Browser Stable is on the `maint-${TOR_BROWSER_MAJOR}.${TOR_BROWSER_MINOR}` b - **⚠️ WARNING**: Do not deploy yet! ### blog: https://gitlab.torproject.org/tpo/web/blog.git - - [ ] Run `tools/signing/create-blog-post` which should create the new blog post from a template (edit set-config.blog to set you local blog directory) - - [ ] Note any ESR update - - [ ] Thank any users which have contributed patches + - [ ] Generate release blog post + - Run: + ```bash + ./tools/signing/create-blog-post.torbrowser + ``` + - **NOTE** this script creates the new blog post from a template (edit `./tools/signing/set-config.blog` to set you local blog directory) + - [ ] **(Optional)** Note any ESR update + - [ ] **(Optional)** Thank any users which have contributed patches - [ ] **(Optional)** Draft any additional sections for new features which need testing, known issues, etc - [ ] Push to origin as new branch and open MR - [ ] Review @@ -201,7 +210,7 @@ Tor Browser Stable is on the `maint-${TOR_BROWSER_MAJOR}.${TOR_BROWSER_MINOR}` b - `tbb_version_type`: either `alpha` for alpha releases or `release` for stable releases - [ ] On `${STAGING_SERVER}` in a separate `screen` session, ensure tor daemon is running with SOCKS5 proxy on the default port 9050 - [ ] On `${STAGING_SERVER}` in a separate `screen` session, run do-all-signing script: - - [ ] Run: + - Run: ```bash cd tor-browser-build/tools/signing/ && ./do-all-signing.torbrowser ``` @@ -247,14 +256,14 @@ popd ### website - [ ] On `staticiforme.torproject.org`, static update components: - - [ ] Run: + - Run: ```bash static-update-component cdn.torproject.org && static-update-component dist.torproject.org ``` - [ ] Deploy `tor-website` MR - [ ] Deploy `tor-blog` MR - [ ] On `staticiforme.torproject.org`, enable update responses: - - [ ] Run: + - Run: ```bash sudo -u tb-release ./deploy_update_responses-release.sh ``` @@ -262,7 +271,7 @@ popd - **NOTE**: Skip this step if we need to hold on to older versions for some reason (for example, this is an Andoid or Desktop-only release, or if we need to hold back installers in favor of build-to-build updates if there are signing issues, etc) - [ ] `/srv/cdn-master.torproject.org/htdocs/aus1/torbrowser` - [ ] `/srv/dist-master.torproject.org/htdocs/torbrowser` - - [ ] Run: + - Run: ```bash static-update-component cdn.torproject.org && static-update-component dist.torproject.org ``` @@ -317,7 +326,7 @@ popd - torbrowser-launcher: mail(a)asciiwolf.com  - Anti-Censorship: meskio(a)torproject.org  ``` - tails-dev(a)boum.org nathan(a)guardianproject.info freebsd(a)sysctl.cz caspar(a)schutijser.com mail(a)asciiwolf.com meskio(a)torproject.org + tails-dev(a)boum.org, nathan(a)guardianproject.info, freebsd(a)sysctl.cz, caspar(a)schutijser.com, mail(a)asciiwolf.com, meskio(a)torproject.org, ``` - **Subject** ``` View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/4… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/4… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-13.5] Bug 41300: Add bea, clairehurst, and jwilde to tb_builders
by morgan (＠morgan) 18 Nov '24

18 Nov '24

morgan pushed to branch maint-13.5 at The Tor Project / Applications / tor-browser-build Commits: a5003c49 by Morgan at 2024-11-18T21:54:33+00:00 Bug 41300: Add bea, clairehurst, and jwilde to tb_builders - - - - - 1 changed file: - tools/signing/set-config Changes: ===================================== tools/signing/set-config ===================================== @@ -42,5 +42,5 @@ faketime_path=/usr/lib/x86_64-linux-gnu/faketime/libfaketime.so.1 test -z "${NON_INTERACTIVE:-}" || rsync_progress="--progress" rsync_options="-avH ${rsync_progress:-} ${DRY_RUN:-}" -tb_builders='boklm dan henry ma1 pierov richard' +tb_builders='bea boklm clairehurst dan henry jwilde ma1 morgan pierov' wrappers_dir=/signing/tor-browser-build/tools/signing/wrappers View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/a… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/a… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-14.0] Bug 41300: Add bea, clairehurst, and jwilde to tb_builders
by morgan (＠morgan) 18 Nov '24

18 Nov '24

morgan pushed to branch maint-14.0 at The Tor Project / Applications / tor-browser-build Commits: 08319a10 by Morgan at 2024-11-18T21:53:04+00:00 Bug 41300: Add bea, clairehurst, and jwilde to tb_builders - - - - - 1 changed file: - tools/signing/set-config Changes: ===================================== tools/signing/set-config ===================================== @@ -42,5 +42,5 @@ faketime_path=/usr/lib/x86_64-linux-gnu/faketime/libfaketime.so.1 test -z "${NON_INTERACTIVE:-}" || rsync_progress="--progress" rsync_options="-avH ${rsync_progress:-} ${DRY_RUN:-}" -tb_builders='boklm dan henry ma1 morgan pierov' +tb_builders='bea boklm clairehurst dan henry jwilde ma1 morgan pierov' wrappers_dir=/signing/tor-browser-build/tools/signing/wrappers View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/0… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/0… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 41300: Add bea, clairehurst, and jwilde to tb_builders
by morgan (＠morgan) 18 Nov '24

18 Nov '24

morgan pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 1de8a0a5 by Morgan at 2024-11-18T21:27:37+00:00 Bug 41300: Add bea, clairehurst, and jwilde to tb_builders - - - - - 1 changed file: - tools/signing/set-config Changes: ===================================== tools/signing/set-config ===================================== @@ -42,5 +42,5 @@ faketime_path=/usr/lib/x86_64-linux-gnu/faketime/libfaketime.so.1 test -z "${NON_INTERACTIVE:-}" || rsync_progress="--progress" rsync_options="-avH ${rsync_progress:-} ${DRY_RUN:-}" -tb_builders='boklm dan henry ma1 morgan pierov' +tb_builders='bea boklm clairehurst dan henry jwilde ma1 morgan pierov' wrappers_dir=/signing/tor-browser-build/tools/signing/wrappers View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/1… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/1… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 41304: Add a browser commit tag+signing script
by morgan (＠morgan) 18 Nov '24

18 Nov '24

morgan pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 4cc42848 by Morgan at 2024-11-18T21:20:39+00:00 Bug 41304: Add a browser commit tag+signing script - - - - - 6 changed files: - + tools/browser/.gitignore - + tools/browser/README.md - + tools/browser/sign-tag - + tools/browser/sign-tag.basebrowser - + tools/browser/sign-tag.mullvadbrowser - + tools/browser/sign-tag.torbrowser Changes: ===================================== tools/browser/.gitignore ===================================== @@ -0,0 +1,3 @@ +basebrowser +torbrowser +mullvadbrowser ===================================== tools/browser/README.md ===================================== @@ -0,0 +1,65 @@ +# Tools + +### sign-tag + +This script gpg signs a git tag associated with a particular browser commit in the user's tor-browser.git or mullvad-browser.git repo. + +#### Prerequisites + +- The user must create the following soft-links: + - `/tools/browser/basebrowser` -> `/path/to/local/tor-browser.git` + - `/tools/browser/mullvadbrowser` -> `/path/to/local/mullvad-browser.git` + - `/tools/browser/torbrowser` -> `/path/to/local/tor-browser.git` +- The user must first checkout the relevant branch of the commit we are tagging + - This is needed to extract the ESR version, branch-number, and browser name + +#### Usage + +``` +usage: ./tools/browser/sign-tag.<browser> <channel> <build-number> [commit] + +browser one of basebrowser, torbrowser, or mullvadbrowser +channel the release channel of the commit to sign (e.g. alpha, stable, + or legacy) +build-number the build number portion of a browser build tag (e.g. build2) +commit optional git commit, HEAD is used if argument not present +``` + +#### Examples +Invoke the relevant soft-link'd version of this script to sign a particular browser. The trailing commit argument is optional and if not present, the browser branch's `HEAD` will be tagged+signed. + + - ##### `base-browser-128.4.0esr-14.5-1-build1` + After checking out `base-browser-128.4.0esr-14.5-1` branch in linked tor-browser.git + ```bash + ./sign-tag.basebrowser alpha build1 24e628c1fd3f0593e23334acf55dc81909c30099 + ``` + **output**: + ``` + Tag commit 24e628c1fd3f in base-browser-128.4.0esr-14.5-1 + tag: base-browser-128.4.0esr-14.5-1-build1 + message: Tagging build1 for 128.4.0esr-based alpha + ``` + + - ##### `tor-browser-115.17.0esr-13.5-1-build2` + After checking out `tor-browser-115.17.0esr-13.5-1` branch in linked tor-browser.git + ```bash + ./sign-tag.torbrowser legacy build2 8e9e58fe400291f20be5712d057ad0b5fc4d70c1 + ``` + **output**: + ``` + Tag commit 8e9e58fe4002 in tor-browser-115.17.0esr-13.5-1 + tag: tor-browser-115.17.0esr-13.5-1-build2 + message: Tagging build2 for 115.17.0esr-based legacy + ``` + + - ##### `mullvad-browser-128.4.0esr-14.0-1-build2` + After checking out `mullvad-browser-128.4.0esr-14.0-1` branch in linked mullvad-browser.git + ```bash + ./sign-tag.mullvadbrowser stable build2 385aa0559a90a258ed6613527ff3e117dfa5ae5b + ``` + **output**: + ``` + Tag commit 385aa0559a90 in mullvad-browser-128.4.0esr-14.0-1 + tag: mullvad-browser-128.4.0esr-14.0-1-build2 + message: Tagging build2 for 128.4.0esr-based stable + ``` \ No newline at end of file ===================================== tools/browser/sign-tag ===================================== @@ -0,0 +1,115 @@ +#!/usr/bin/env bash + +# See README.md for usage instructions. + +# terminate on error +set -e + +# Check if at least two arguments are provided +if [ "$#" -lt 2 ]; then + echo "Usage: $0 channel build-number [commit]" + exit 1 +fi + +script_name=$(basename "${BASH_ARGV0:-$0}") +script_dir=$(dirname "${BASH_ARGV0:-$0}") +browser=$(echo "$script_name" | perl -pe 's/^[^\.]+\.//') + +case "${browser}" in + basebrowser | torbrowser | mullvadbrowser) + # go down to browser directory + pushd ${script_dir}/${browser} > /dev/null + # and exit on script termination + trap "popd > /dev/null" EXIT + ;; + *) + echo -n "unrecognized browser: '${browser}'" + exit 1 + ;; +esac + +# +# Branch name validation and extract components from branch name needed for tag +# and message +# + +branch_name=$(git rev-parse --abbrev-ref HEAD) +if [[ $branch_name =~ ^([a-z]+-browser)-([1-9][0-9]+\.[0-9]+\.[0-9]+esr)-([1-9][0-9]*\.[05])-([1-9]).*$ ]]; then + project="${BASH_REMATCH[1]}" + esr="${BASH_REMATCH[2]}" + version="${BASH_REMATCH[3]}" + branch_number="${BASH_REMATCH[4]}" +else + echo "This script must be run from an official browser branch. For example 'base-browser-128.4.0esr-14.0-1'" + exit 1 +fi + +# +# Verify the detected browser matches the name of the current branch +# +case "${browser}" in + basebrowser) + valid_project="base-browser" + ;; + torbrowser) + valid_project="tor-browser" + ;; + mullvadbrowser) + valid_project="mullvad-browser" + ;; +esac + +if ! [[ "${project}" == "${valid_project}" ]]; then + echo "Invalid branch \"${branch_name}\". Must be a \"${valid_project}\" branch" + exit 1 +fi + +# +# Assign arguments to variables +# +channel=$1 +build_number=$2 +commit=$(git rev-parse --short ${3:-HEAD}) + +# +# Validate arguments +# + +# channel validation +if [[ "${project}" == "mullvad-browser" ]]; then + valid_channels=("alpha" "stable") +else + valid_channels=("alpha" "stable" "legacy") +fi +channel_valid=false +for value in "${valid_channels[@]}"; do + if [[ "${channel}" == "${value}" ]]; then + channel_valid=true + break + fi +done + +if ! $channel_valid; then + echo "Invalid channel name \"${channel}\". Must be one of: ${valid_channels[*]}" + exit 1 +fi + +# build number validation +if ! [[ "${build_number}" =~ ^build[1-9][0-9]*$ ]]; then + echo "Invalid build number \"${build_number}\". Must be in the format \"build[1-9][0-9]*\"" + exit 1 +fi + +# +# Sign and tag the specified git commit +# + +tag="${project}-${esr}-${version}-${branch_number}-${build_number}" +message="Tagging ${build_number} for ${esr}-based ${channel}" + + +echo "Tag commit ${commit} in ${branch_name}" +echo " tag: ${tag}" +echo " message: ${message}" + +git tag -s "${tag}" "${commit}" -m "${message}" ===================================== tools/browser/sign-tag.basebrowser ===================================== @@ -0,0 +1 @@ +sign-tag \ No newline at end of file ===================================== tools/browser/sign-tag.mullvadbrowser ===================================== @@ -0,0 +1 @@ +sign-tag \ No newline at end of file ===================================== tools/browser/sign-tag.torbrowser ===================================== @@ -0,0 +1 @@ +sign-tag \ No newline at end of file View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/4… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/4… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.4.0esr-14.5-1] fixup! Bug 7494: Create local home page for TBB.
by morgan (＠morgan) 18 Nov '24

18 Nov '24

morgan pushed to branch tor-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: f8cf9f0a by Henry Wilkes at 2024-11-18T12:10:15+00:00 fixup! Bug 7494: Create local home page for TBB. Bug 42802: Use :has selector to move the focus-visible styling for the search-input to its parent. No longer need to monitor the focus-visible condition using javascript. - - - - - 2 changed files: - browser/components/abouttor/content/aboutTor.css - browser/components/abouttor/content/aboutTor.js Changes: ===================================== browser/components/abouttor/content/aboutTor.css ===================================== @@ -122,7 +122,7 @@ body:not(.show-tor-check) #tor-check { border-color: var(--in-content-box-border-color); } -#search-form.search-input-focus-visible { +#search-form:has(#search-input:focus-visible) { outline: var(--focus-outline); } @@ -209,13 +209,13 @@ body:not(.show-tor-check) #tor-check { border-color: transparent; } - #search-form.search-input-focus-visible { + #search-form:has(#search-input:focus-visible) { /* Use a light-themed inner-border to contrast with the dark-themed * focus outline. */ border-color: var(--tor-focus-outline-color-light); } - #search-form.onionized-search:not(.search-input-focus-visible) { + #search-form.onionized-search:has(#search-input:not(:focus-visible)) { box-shadow: 0 4px 40px #9400ff66, 0 4px 16px #9400ff33; } ===================================== browser/components/abouttor/content/aboutTor.js ===================================== @@ -52,18 +52,6 @@ const SearchWidget = { }, { capture: true } ); - - // Focus styling on form. - const searchInput = document.getElementById("search-input"); - const updateInputFocus = () => { - this.searchForm.classList.toggle( - "search-input-focus-visible", - searchInput.matches(":focus-visible") - ); - }; - updateInputFocus(); - searchInput.addEventListener("focus", updateInputFocus); - searchInput.addEventListener("blur", updateInputFocus); }, _updateOnionize() { View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/f8cf9f0… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/f8cf9f0… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 41306,41307: Resolve templates before sorting and making unique container deps
by boklm (＠boklm) 18 Nov '24

18 Nov '24

boklm pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 9727a2cd by NoisyCoil at 2024-11-18T17:27:59+01:00 Bug 41306,41307: Resolve templates before sorting and making unique container deps - - - - - 1 changed file: - projects/container-image/config Changes: ===================================== projects/container-image/config ===================================== @@ -53,16 +53,20 @@ pre: | IF pc(c('origin_project'), 'var/arch_deps', { step => c('origin_step') }); CALL deps.import(pc(c('origin_project'), 'var/arch_deps', { step => c('origin_step') })); END; - IF deps.size; - IF pc(c('origin_project'), 'var/sort_deps', { step => c('origin_step') }); - deps = deps.sort; + res_deps = []; + FOREACH pkg IN deps; + SET res_pkg = tmpl(pkg); + IF res_pkg; + res_deps.push(res_pkg); END; - FOREACH pkg IN deps; - SET p = tmpl(pkg); - IF p; - GET c('install_package', { pkg_name => p }); - GET "\n"; - END; + END; + IF pc(c('origin_project'), 'var/sort_deps', { step => c('origin_step') }); + res_deps = res_deps.sort.unique; + END; + IF res_deps.size; + FOREACH pkg IN res_deps; + GET c('install_package', { pkg_name => pkg }); + GET "\n"; END; END; -%] View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/9… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/9… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 41298: Remove `--detach` parameter from .desktop files
by boklm (＠boklm) 18 Nov '24

18 Nov '24

boklm pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 8d74923f by Nicolas Vigier at 2024-11-18T16:32:56+01:00 Bug 41298: Remove `--detach` parameter from .desktop files - - - - - 3 changed files: - projects/browser/RelativeLink/start-browser - projects/browser/RelativeLink/start-browser.desktop - projects/linux-packages/browser.desktop.in Changes: ===================================== projects/browser/RelativeLink/start-browser ===================================== @@ -242,7 +242,7 @@ if test -z "$system_install"; then sed -i -e "s,^Name=.*,Name=[% c('var/Project_Name') %],g" ../start-[% c('var/project-name') %].desktop sed -i -e "s,^Icon=.*,Icon=$PWD/browser/chrome/icons/default/default128.png,g" ../start-[% c('var/project-name') %].desktop sed -i -e "s,^Icon=.*,Icon=$PWD/browser/chrome/icons/default/default128.png,g" start-[% c('var/project-name') %].desktop - sed -i -e "s,^Exec=.*,Exec=sh -c '\"$PWD/start-[% c('var/project-name') %]\" --detach || ([ ! -x \"$PWD/start-[% c('var/project-name') %]\" ] \&\& \"\$(dirname \"\$*\")\"/Browser/start-[% c('var/project-name') %] --detach)' dummy %k,g" ../start-[% c('var/project-name') %].desktop + sed -i -e "s,^Exec=.*,Exec=sh -c '\"$PWD/start-[% c('var/project-name') %]\" || ([ ! -x \"$PWD/start-[% c('var/project-name') %]\" ] \&\& \"\$(dirname \"\$*\")\"/Browser/start-[% c('var/project-name') %])' dummy %k,g" ../start-[% c('var/project-name') %].desktop if [ "$register_desktop_app" -eq 1 ]; then mkdir -p "$HOME/.local/share/applications/" ===================================== projects/browser/RelativeLink/start-browser.desktop ===================================== @@ -28,7 +28,7 @@ Name=[% c("var/Project_Name") %] Setup GenericName=Web Browser Comment=[% c("var/Project_Name") %] is +1 for privacy and −1 for mass surveillance Categories=Network;WebBrowser;Security; -Exec=sh -c '"$(dirname "$*")"/Browser/start-[% c("var/project-name") %] --detach || ([ ! -x "$(dirname "$*")"/Browser/start-[% c("var/project-name") %] ] && "$(dirname "$*")"/start-[% c("var/project-name") %] --detach)' dummy %k +Exec=sh -c '"$(dirname "$*")"/Browser/start-[% c("var/project-name") %] || ([ ! -x "$(dirname "$*")"/Browser/start-[% c("var/project-name") %] ] && "$(dirname "$*")"/start-[% c("var/project-name") %])' dummy %k X-[% c("var/ProjectName") %]-ExecShell=./Browser/start-[% c("var/project-name") %] --detach Icon=web-browser StartupWMClass=[% c("var/display_name") %] ===================================== projects/linux-packages/browser.desktop.in ===================================== @@ -5,7 +5,7 @@ Name=[% c("var/Project_Name") %] GenericName=Web Browser Comment=[% c("var/system_pkg/pkg_description") %] Categories=Network;WebBrowser; -Exec=/[% c("var/system_pkg/install_path") %]/start-[% c("var/project-name") %] --detach %u +Exec=/[% c("var/system_pkg/install_path") %]/start-[% c("var/project-name") %] %u Icon=[% c("var/system_pkg/pkg_name") %] StartupWMClass=[% c("var/display_name") %] [% IF ! c("var/tor-browser") -%] View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/8… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/8… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.4.0esr-14.5-1] fixup! Add CI for Tor Browser
by Pier Angelo Vendrame (＠pierov) 18 Nov '24

18 Nov '24

Pier Angelo Vendrame pushed to branch tor-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: d347a3d8 by Beatriz Rizental at 2024-11-18T10:20:18+01:00 fixup! Add CI for Tor Browser Build and publish CI container images whenever they change. - - - - - 4 changed files: - .gitlab-ci.yml - + .gitlab/ci/containers/base/Containerfile - − .gitlab/ci/docker/base/Dockerfile - + .gitlab/ci/update-containers.yml Changes: ===================================== .gitlab-ci.yml ===================================== @@ -1,5 +1,6 @@ stages: - lint + - update-container-images - update-translations variables: @@ -8,4 +9,5 @@ variables: include: - local: '.gitlab/ci/lint.yml' + - local: '.gitlab/ci/update-containers.yml' - local: '.gitlab/ci/update-translations.yml' ===================================== .gitlab/ci/containers/base/Containerfile ===================================== @@ -0,0 +1,48 @@ +# This image is published in containers.torproject.org/tpo/applications/tor-browser/base +# +# Whenever there are changes to this file, +# they are autopublished on merge to the tpo/applications/tor-browser repository. +# +# The image is updated roughly once a monce when the tor-browser repository is rebased. + +FROM containers.torproject.org/tpo/tpa/base-images/python:bookworm + +RUN apt-get update && apt-get install -y \ + clang \ + curl \ + git \ + libasound2-dev \ + libdbus-glib-1-dev \ + libgtk-3-dev \ + libpango1.0-dev \ + libpulse-dev \ + libx11-xcb-dev \ + libxcomposite-dev \ + libxcursor-dev \ + libxdamage-dev \ + libxi-dev \ + libxrandr-dev \ + libxtst-dev \ + m4 \ + mercurial \ + nasm \ + pkgconf \ + unzip \ + xz-utils \ + wget && \ + apt-get clean && \ + rm -rf /var/lib/apt/lists/* + +WORKDIR /app + +COPY taskcluster/docker/recipes/install-node.sh ./install-node.sh +RUN chmod +x install-node.sh +RUN ./install-node.sh +RUN rm ./install-node.sh + +COPY taskcluster/kinds/fetch/toolchains.yml ./toolchains.yml +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain $(grep -oP 'rust-\K[0-9.]+(?=:)' ./toolchains.yml) +RUN $HOME/.cargo/bin/cargo install cbindgen --version $(grep -oP 'cbindgen-\K[0-9.]+(?=:)' ./toolchains.yml) +RUN rm ./toolchains.yml + +CMD ["/bin/bash"] ===================================== .gitlab/ci/docker/base/Dockerfile deleted ===================================== @@ -1,69 +0,0 @@ -FROM debian:latest - -# Base image which includes all* dependencies checked by ./mach configure. -# -# * Actually not all dependencies. WASM sandboxed depencies were left out for now. -# This installs all dependencies checked by `./mach configure --without-wasm-sandboxed-libraries`. -# -# # Building and publishing -# -# Whenever this file changes, the updated Docker image must be built and published _manually_ to -# the tor-browser container registry (https://gitlab.torproject.org/tpo/applications/tor-browser/container_regist…) -# -# This image copies a script from the taskcluster/ folder, which requires it -# to be built from a folder which is a parent of the taskcluster/ folder. -# -# To build, run: -# -# ```bash -# docker build \ -# -f <PATH_TO_DOCKERFILE> \ -# -t <REGISTRY_URL>/<IMAGE_NAME>:<IMAGE_TAG> -# . -# ``` -# -# For example, when building from the root of this repository to the main tor-browser repository -# and assuming image name to be "base" and tag "latest" -- which is the current terminology: -# -# ```bash -# docker build \ -# -f .gitlab/ci/docker/Dockerfile \ -# -t containers.torproject.org/tpo/applications/tor-browser/base:latest -# . -# ``` - -RUN apt-get update && apt-get install -y \ - clang \ - curl \ - git \ - libasound2-dev \ - libdbus-glib-1-dev \ - libgtk-3-dev \ - libpango1.0-dev \ - libpulse-dev \ - libx11-xcb-dev \ - libxcomposite-dev \ - libxcursor-dev \ - libxdamage-dev \ - libxi-dev \ - libxrandr-dev \ - libxtst-dev \ - m4 \ - mercurial \ - nasm \ - pkg-config \ - python3 \ - python3-pip \ - unzip \ - wget - -COPY taskcluster/docker/recipes/install-node.sh /scripts/install-node.sh -RUN chmod +x /scripts/install-node.sh -RUN /scripts/install-node.sh - -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y -RUN $HOME/.cargo/bin/cargo install cbindgen - -WORKDIR /app - -CMD ["/bin/bash"] ===================================== .gitlab/ci/update-containers.yml ===================================== @@ -0,0 +1,15 @@ +build-base-image: + stage: update-container-images + interruptible: true + image: containers.torproject.org/tpo/tpa/base-images/podman:bookworm + script: + - export TAG="${CI_REGISTRY_IMAGE}/base:latest" + - podman login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY + - podman build --layers=false $IMAGE -t ${TAG} -f .gitlab/ci/containers/base/Containerfile . + - | + echo -e "\e[33mPushing new image to registry as ${TAG}\e[0m" + podman push ${TAG} + rules: + - if: ($CI_COMMIT_BRANCH && $CI_COMMIT_REF_PROTECTED == 'true' && $CI_PROJECT_NAMESPACE == 'tpo/applications') + changes: + - '.gitlab/ci/containers/base/Containerfile' View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/d347a3d… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/d347a3d… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-13.5] Bug 41303: Remove Android and Linux targets from browser-all and...
by morgan (＠morgan) 14 Nov '24

14 Nov '24

morgan pushed to branch maint-13.5 at The Tor Project / Applications / tor-browser-build Commits: d382eb5b by Morgan at 2024-11-13T20:44:36+00:00 Bug 41303: Remove Android and Linux targets from browser-all and browser-all-desktop targets in release project - - - - - 1 changed file: - projects/release/config Changes: ===================================== projects/release/config ===================================== @@ -10,19 +10,11 @@ var: targets: browser-all: - - browser-linux-x86_64 - - browser-linux-i686 - browser-windows-i686 - browser-windows-x86_64 - browser-macos - - browser-android-armv7 - - browser-android-x86 - - browser-android-x86_64 - - browser-android-aarch64 - browser-src browser-all-desktop: - - browser-linux-x86_64 - - browser-linux-i686 - browser-windows-i686 - browser-windows-x86_64 - browser-macos View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/d… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/d… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser-update-responses][main] release: new version, 14.0
by morgan (＠morgan) 14 Nov '24

14 Nov '24

morgan pushed to branch main at The Tor Project / Applications / mullvad-browser-update-responses Commits: d5f60e4a by Morgan at 2024-11-14T05:05:25+00:00 release: new version, 14.0 - - - - - 29 changed files: - update_1/release/.htaccess - − update_1/release/13.5.3-13.5.9-linux-x86_64-ALL.xml - − update_1/release/13.5.3-13.5.9-macos-ALL.xml - − update_1/release/13.5.3-13.5.9-windows-x86_64-ALL.xml - − update_1/release/13.5.6-13.5.9-linux-x86_64-ALL.xml - − update_1/release/13.5.6-13.5.9-macos-ALL.xml - − update_1/release/13.5.6-13.5.9-windows-x86_64-ALL.xml - + update_1/release/13.5.6-14.0-linux-x86_64-ALL.xml - + update_1/release/13.5.6-14.0-macos-ALL.xml - + update_1/release/13.5.6-14.0-windows-x86_64-ALL.xml - − update_1/release/13.5.7-13.5.9-linux-x86_64-ALL.xml - − update_1/release/13.5.7-13.5.9-macos-ALL.xml - − update_1/release/13.5.7-13.5.9-windows-x86_64-ALL.xml - + update_1/release/13.5.7-14.0-linux-x86_64-ALL.xml - + update_1/release/13.5.7-14.0-macos-ALL.xml - + update_1/release/13.5.7-14.0-windows-x86_64-ALL.xml - + update_1/release/13.5.9-14.0-linux-x86_64-ALL.xml - + update_1/release/13.5.9-14.0-macos-ALL.xml - + update_1/release/13.5.9-14.0-windows-x86_64-ALL.xml - − update_1/release/13.5.9-linux-x86_64-ALL.xml - − update_1/release/13.5.9-macos-ALL.xml - − update_1/release/13.5.9-windows-x86_64-ALL.xml - + update_1/release/14.0-linux-x86_64-ALL.xml - + update_1/release/14.0-macos-ALL.xml - + update_1/release/14.0-windows-x86_64-ALL.xml - update_1/release/download-linux-x86_64.json - update_1/release/download-macos.json - update_1/release/download-windows-x86_64.json - update_1/release/downloads.json Changes: ===================================== update_1/release/.htaccess ===================================== @@ -1,22 +1,22 @@ RewriteEngine On -RewriteRule ^[^/]+/13.5.9/ no-update.xml [last] -RewriteRule ^Linux_x86_64-gcc3/13.5.3/ALL 13.5.3-13.5.9-linux-x86_64-ALL.xml [last] -RewriteRule ^Linux_x86_64-gcc3/13.5.6/ALL 13.5.6-13.5.9-linux-x86_64-ALL.xml [last] -RewriteRule ^Linux_x86_64-gcc3/13.5.7/ALL 13.5.7-13.5.9-linux-x86_64-ALL.xml [last] -RewriteRule ^Linux_x86_64-gcc3/[^/]+/ALL 13.5.9-linux-x86_64-ALL.xml [last] -RewriteRule ^Linux_x86_64-gcc3/ 13.5.9-linux-x86_64-ALL.xml [last] -RewriteRule ^Darwin_x86_64-gcc3/13.5.3/ALL 13.5.3-13.5.9-macos-ALL.xml [last] -RewriteRule ^Darwin_x86_64-gcc3/13.5.6/ALL 13.5.6-13.5.9-macos-ALL.xml [last] -RewriteRule ^Darwin_x86_64-gcc3/13.5.7/ALL 13.5.7-13.5.9-macos-ALL.xml [last] -RewriteRule ^Darwin_x86_64-gcc3/[^/]+/ALL 13.5.9-macos-ALL.xml [last] -RewriteRule ^Darwin_x86_64-gcc3/ 13.5.9-macos-ALL.xml [last] -RewriteRule ^Darwin_aarch64-gcc3/13.5.3/ALL 13.5.3-13.5.9-macos-ALL.xml [last] -RewriteRule ^Darwin_aarch64-gcc3/13.5.6/ALL 13.5.6-13.5.9-macos-ALL.xml [last] -RewriteRule ^Darwin_aarch64-gcc3/13.5.7/ALL 13.5.7-13.5.9-macos-ALL.xml [last] -RewriteRule ^Darwin_aarch64-gcc3/[^/]+/ALL 13.5.9-macos-ALL.xml [last] -RewriteRule ^Darwin_aarch64-gcc3/ 13.5.9-macos-ALL.xml [last] -RewriteRule ^WINNT_x86_64-gcc3-x64/13.5.3/ALL 13.5.3-13.5.9-windows-x86_64-ALL.xml [last] -RewriteRule ^WINNT_x86_64-gcc3-x64/13.5.6/ALL 13.5.6-13.5.9-windows-x86_64-ALL.xml [last] -RewriteRule ^WINNT_x86_64-gcc3-x64/13.5.7/ALL 13.5.7-13.5.9-windows-x86_64-ALL.xml [last] -RewriteRule ^WINNT_x86_64-gcc3-x64/[^/]+/ALL 13.5.9-windows-x86_64-ALL.xml [last] -RewriteRule ^WINNT_x86_64-gcc3-x64/ 13.5.9-windows-x86_64-ALL.xml [last] +RewriteRule ^[^/]+/14.0/ no-update.xml [last] +RewriteRule ^Linux_x86_64-gcc3/13.5.6/ALL 13.5.6-14.0-linux-x86_64-ALL.xml [last] +RewriteRule ^Linux_x86_64-gcc3/13.5.7/ALL 13.5.7-14.0-linux-x86_64-ALL.xml [last] +RewriteRule ^Linux_x86_64-gcc3/13.5.9/ALL 13.5.9-14.0-linux-x86_64-ALL.xml [last] +RewriteRule ^Linux_x86_64-gcc3/[^/]+/ALL 14.0-linux-x86_64-ALL.xml [last] +RewriteRule ^Linux_x86_64-gcc3/ 14.0-linux-x86_64-ALL.xml [last] +RewriteRule ^Darwin_x86_64-gcc3/13.5.6/ALL 13.5.6-14.0-macos-ALL.xml [last] +RewriteRule ^Darwin_x86_64-gcc3/13.5.7/ALL 13.5.7-14.0-macos-ALL.xml [last] +RewriteRule ^Darwin_x86_64-gcc3/13.5.9/ALL 13.5.9-14.0-macos-ALL.xml [last] +RewriteRule ^Darwin_x86_64-gcc3/[^/]+/ALL 14.0-macos-ALL.xml [last] +RewriteRule ^Darwin_x86_64-gcc3/ 14.0-macos-ALL.xml [last] +RewriteRule ^Darwin_aarch64-gcc3/13.5.6/ALL 13.5.6-14.0-macos-ALL.xml [last] +RewriteRule ^Darwin_aarch64-gcc3/13.5.7/ALL 13.5.7-14.0-macos-ALL.xml [last] +RewriteRule ^Darwin_aarch64-gcc3/13.5.9/ALL 13.5.9-14.0-macos-ALL.xml [last] +RewriteRule ^Darwin_aarch64-gcc3/[^/]+/ALL 14.0-macos-ALL.xml [last] +RewriteRule ^Darwin_aarch64-gcc3/ 14.0-macos-ALL.xml [last] +RewriteRule ^WINNT_x86_64-gcc3-x64/13.5.6/ALL 13.5.6-14.0-windows-x86_64-ALL.xml [last] +RewriteRule ^WINNT_x86_64-gcc3-x64/13.5.7/ALL 13.5.7-14.0-windows-x86_64-ALL.xml [last] +RewriteRule ^WINNT_x86_64-gcc3-x64/13.5.9/ALL 13.5.9-14.0-windows-x86_64-ALL.xml [last] +RewriteRule ^WINNT_x86_64-gcc3-x64/[^/]+/ALL 14.0-windows-x86_64-ALL.xml [last] +RewriteRule ^WINNT_x86_64-gcc3-x64/ 14.0-windows-x86_64-ALL.xml [last] ===================================== update_1/release/13.5.3-13.5.9-linux-x86_64-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="13.5.9" appVersion="13.5.9" platformVersion="115.17.0" buildID="20241024160253" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5.9" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5.9" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/13.5.9/mullvad-browser-linux-x86_64-13.5.9_…" hashFunction="SHA512" hashValue="0509bb4cd1b2d46f36d4a050ef8ad3448efd2abdbd2846c72d0549a71e797dc0d2cfe5b053d3fa2c597b563e269235c783311523f8003f216beae30809a84be0" size="108579271" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/13.5.9/mullvad-browser-linux-x86_64--13.5.3…" hashFunction="SHA512" hashValue="57a75211b726faa79df5452e88ef6fac26dd93565ac9ebe4f837727db93265b403f1b35ff29d994305d4847d2c3b28f85d3a3527114fcede43d7b874e4a8081e" size="9201740" type="partial"></patch></update></updates> ===================================== update_1/release/13.5.3-13.5.9-macos-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="13.5.9" appVersion="13.5.9" platformVersion="115.17.0" buildID="20241024160253" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5.9" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5.9" minSupportedOSVersion="16.0.0"><patch URL="https://cdn.mullvad.net/browser/13.5.9/mullvad-browser-macos-13.5.9_ALL.mar" hashFunction="SHA512" hashValue="447d4ecfa1672522e2ab715d3efa75dd733608fab2fd62238f976da31c9c7735534b98f0e59485635be5bc982f7f9a863ed9074a1857f1597f88a38875fcbc18" size="115980975" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/13.5.9/mullvad-browser-macos--13.5.3-13.5.9…" hashFunction="SHA512" hashValue="7ce187e66e46af2ad0cc6406691d922c034cabd31429671bbe04739b7ecabe4efee3435327418059c42669395af95a837727f7ff94840532ad07d6ab0f29bfc5" size="12323083" type="partial"></patch></update></updates> ===================================== update_1/release/13.5.3-13.5.9-windows-x86_64-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="13.5.9" appVersion="13.5.9" platformVersion="115.17.0" buildID="20241024160253" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5.9" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5.9" minSupportedOSVersion="6.1" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/13.5.9/mullvad-browser-windows-x86_64-13.5.…" hashFunction="SHA512" hashValue="c77fb5c8ceca6c3a64dd721627fdb927750cda0d89b35d4fc2ad8dbe93e1dc5979aa17587084345d48a9ff91871bb28078a97adc180e3bc527bf531a36a65b92" size="90216412" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/13.5.9/mullvad-browser-windows-x86_64--13.5…" hashFunction="SHA512" hashValue="48089f449eaff0db27c25d9714021911976e0affe96e8d4ab85dd0bc274b8f927326570fceff56f1dec88359f8bb599d82e144c70acac94242cbfd6b6ddc769f" size="8574548" type="partial"></patch></update></updates> ===================================== update_1/release/13.5.6-13.5.9-linux-x86_64-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="13.5.9" appVersion="13.5.9" platformVersion="115.17.0" buildID="20241024160253" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5.9" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5.9" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/13.5.9/mullvad-browser-linux-x86_64-13.5.9_…" hashFunction="SHA512" hashValue="0509bb4cd1b2d46f36d4a050ef8ad3448efd2abdbd2846c72d0549a71e797dc0d2cfe5b053d3fa2c597b563e269235c783311523f8003f216beae30809a84be0" size="108579271" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/13.5.9/mullvad-browser-linux-x86_64--13.5.6…" hashFunction="SHA512" hashValue="a453255224f041ad901d6c190c122d80a259c18132397eaa0818bf09e064385ef046c442f917d71ce451f43625fd8be52390d99fece3157f7dac2caa4718f68d" size="7875260" type="partial"></patch></update></updates> ===================================== update_1/release/13.5.6-13.5.9-macos-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="13.5.9" appVersion="13.5.9" platformVersion="115.17.0" buildID="20241024160253" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5.9" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5.9" minSupportedOSVersion="16.0.0"><patch URL="https://cdn.mullvad.net/browser/13.5.9/mullvad-browser-macos-13.5.9_ALL.mar" hashFunction="SHA512" hashValue="447d4ecfa1672522e2ab715d3efa75dd733608fab2fd62238f976da31c9c7735534b98f0e59485635be5bc982f7f9a863ed9074a1857f1597f88a38875fcbc18" size="115980975" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/13.5.9/mullvad-browser-macos--13.5.6-13.5.9…" hashFunction="SHA512" hashValue="d216180c8a02cef44fe48206b365e22768789989a378e72b725d480942de15d2175f424c153d181e92773acfa7b8efe69d9c9c2209bf028f660a1e7bdba726db" size="11713215" type="partial"></patch></update></updates> ===================================== update_1/release/13.5.6-13.5.9-windows-x86_64-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="13.5.9" appVersion="13.5.9" platformVersion="115.17.0" buildID="20241024160253" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5.9" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5.9" minSupportedOSVersion="6.1" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/13.5.9/mullvad-browser-windows-x86_64-13.5.…" hashFunction="SHA512" hashValue="c77fb5c8ceca6c3a64dd721627fdb927750cda0d89b35d4fc2ad8dbe93e1dc5979aa17587084345d48a9ff91871bb28078a97adc180e3bc527bf531a36a65b92" size="90216412" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/13.5.9/mullvad-browser-windows-x86_64--13.5…" hashFunction="SHA512" hashValue="cc20bd3e5b9c95d83ea88b1b07d32712b0140e044bdf498cfa5e06341d54e79de4ab30f08f944bea264c617965bcd7c287a6a78769f221b5358cb2f7c2ce2188" size="7936520" type="partial"></patch></update></updates> ===================================== update_1/release/13.5.6-14.0-linux-x86_64-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.0" appVersion="14.0" platformVersion="128.4.0" buildID="20241112201621" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/14.0/mullvad-browser-linux-x86_64-14.0_ALL.…" size="114113237" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.0/mullvad-browser-linux-x86_64--13.5.6-1…" size="56476310" type="partial"></patch></update></updates> ===================================== update_1/release/13.5.6-14.0-macos-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.0" appVersion="14.0" platformVersion="128.4.0" buildID="20241112201621" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0" minSupportedOSVersion="19.0.0"><patch URL="https://cdn.mullvad.net/browser/14.0/mullvad-browser-macos-14.0_ALL.mar" size="129146988" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.0/mullvad-browser-macos--13.5.6-14.0_ALL…" size="91474239" type="partial"></patch></update></updates> ===================================== update_1/release/13.5.6-14.0-windows-x86_64-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.0" appVersion="14.0" platformVersion="128.4.0" buildID="20241112201621" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0" minSupportedOSVersion="10.0"><patch URL="https://cdn.mullvad.net/browser/14.0/mullvad-browser-windows-x86_64-14.0_AL…" size="97539568" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.0/mullvad-browser-windows-x86_64--13.5.6…" size="62236358" type="partial"></patch></update></updates> ===================================== update_1/release/13.5.7-13.5.9-linux-x86_64-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="13.5.9" appVersion="13.5.9" platformVersion="115.17.0" buildID="20241024160253" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5.9" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5.9" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/13.5.9/mullvad-browser-linux-x86_64-13.5.9_…" hashFunction="SHA512" hashValue="0509bb4cd1b2d46f36d4a050ef8ad3448efd2abdbd2846c72d0549a71e797dc0d2cfe5b053d3fa2c597b563e269235c783311523f8003f216beae30809a84be0" size="108579271" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/13.5.9/mullvad-browser-linux-x86_64--13.5.7…" hashFunction="SHA512" hashValue="30c3b27b8b74609f4e9422d0fa4f2aba3a96511914c6081cf240105312591b3becc1ea34159e577b28a9151ac87f2d347a6483d5de23641af0a9fe260c61f6bb" size="5392982" type="partial"></patch></update></updates> ===================================== update_1/release/13.5.7-13.5.9-macos-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="13.5.9" appVersion="13.5.9" platformVersion="115.17.0" buildID="20241024160253" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5.9" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5.9" minSupportedOSVersion="16.0.0"><patch URL="https://cdn.mullvad.net/browser/13.5.9/mullvad-browser-macos-13.5.9_ALL.mar" hashFunction="SHA512" hashValue="447d4ecfa1672522e2ab715d3efa75dd733608fab2fd62238f976da31c9c7735534b98f0e59485635be5bc982f7f9a863ed9074a1857f1597f88a38875fcbc18" size="115980975" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/13.5.9/mullvad-browser-macos--13.5.7-13.5.9…" hashFunction="SHA512" hashValue="8c8d06aeb231e341e50d7bed5895a6e6fae9dc2cb7672e569212903ac213f076bbd787a9384de1b7ad2e602288cd730af1256c97074fc9ed6299d36c2f9b850e" size="9011378" type="partial"></patch></update></updates> ===================================== update_1/release/13.5.7-13.5.9-windows-x86_64-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="13.5.9" appVersion="13.5.9" platformVersion="115.17.0" buildID="20241024160253" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5.9" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5.9" minSupportedOSVersion="6.1" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/13.5.9/mullvad-browser-windows-x86_64-13.5.…" hashFunction="SHA512" hashValue="c77fb5c8ceca6c3a64dd721627fdb927750cda0d89b35d4fc2ad8dbe93e1dc5979aa17587084345d48a9ff91871bb28078a97adc180e3bc527bf531a36a65b92" size="90216412" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/13.5.9/mullvad-browser-windows-x86_64--13.5…" hashFunction="SHA512" hashValue="0075162cb309eb7cca6f47e4d73c30741ab0b260f1b7973d6eb5859a8063d9edeb7d0eaa347af27c7ac38faa0a89cc4f12d81a18d381fc0d594d14b20cbd63ae" size="5310170" type="partial"></patch></update></updates> ===================================== update_1/release/13.5.7-14.0-linux-x86_64-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.0" appVersion="14.0" platformVersion="128.4.0" buildID="20241112201621" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/14.0/mullvad-browser-linux-x86_64-14.0_ALL.…" size="114113237" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.0/mullvad-browser-linux-x86_64--13.5.7-1…" size="53881916" type="partial"></patch></update></updates> ===================================== update_1/release/13.5.7-14.0-macos-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.0" appVersion="14.0" platformVersion="128.4.0" buildID="20241112201621" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0" minSupportedOSVersion="19.0.0"><patch URL="https://cdn.mullvad.net/browser/14.0/mullvad-browser-macos-14.0_ALL.mar" size="129146988" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.0/mullvad-browser-macos--13.5.7-14.0_ALL…" size="88881650" type="partial"></patch></update></updates> ===================================== update_1/release/13.5.7-14.0-windows-x86_64-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.0" appVersion="14.0" platformVersion="128.4.0" buildID="20241112201621" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0" minSupportedOSVersion="10.0"><patch URL="https://cdn.mullvad.net/browser/14.0/mullvad-browser-windows-x86_64-14.0_AL…" size="97539568" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.0/mullvad-browser-windows-x86_64--13.5.7…" size="59650020" type="partial"></patch></update></updates> ===================================== update_1/release/13.5.9-14.0-linux-x86_64-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.0" appVersion="14.0" platformVersion="128.4.0" buildID="20241112201621" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/14.0/mullvad-browser-linux-x86_64-14.0_ALL.…" size="114113237" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.0/mullvad-browser-linux-x86_64--13.5.9-1…" size="53591292" type="partial"></patch></update></updates> ===================================== update_1/release/13.5.9-14.0-macos-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.0" appVersion="14.0" platformVersion="128.4.0" buildID="20241112201621" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0" minSupportedOSVersion="19.0.0"><patch URL="https://cdn.mullvad.net/browser/14.0/mullvad-browser-macos-14.0_ALL.mar" size="129146988" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.0/mullvad-browser-macos--13.5.9-14.0_ALL…" size="88443480" type="partial"></patch></update></updates> ===================================== update_1/release/13.5.9-14.0-windows-x86_64-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.0" appVersion="14.0" platformVersion="128.4.0" buildID="20241112201621" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0" minSupportedOSVersion="10.0"><patch URL="https://cdn.mullvad.net/browser/14.0/mullvad-browser-windows-x86_64-14.0_AL…" size="97539568" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.0/mullvad-browser-windows-x86_64--13.5.9…" size="59349404" type="partial"></patch></update></updates> ===================================== update_1/release/13.5.9-linux-x86_64-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="13.5.9" appVersion="13.5.9" platformVersion="115.17.0" buildID="20241024160253" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5.9" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5.9" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/13.5.9/mullvad-browser-linux-x86_64-13.5.9_…" hashFunction="SHA512" hashValue="0509bb4cd1b2d46f36d4a050ef8ad3448efd2abdbd2846c72d0549a71e797dc0d2cfe5b053d3fa2c597b563e269235c783311523f8003f216beae30809a84be0" size="108579271" type="complete"></patch></update></updates> ===================================== update_1/release/13.5.9-macos-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="13.5.9" appVersion="13.5.9" platformVersion="115.17.0" buildID="20241024160253" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5.9" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5.9" minSupportedOSVersion="16.0.0"><patch URL="https://cdn.mullvad.net/browser/13.5.9/mullvad-browser-macos-13.5.9_ALL.mar" hashFunction="SHA512" hashValue="447d4ecfa1672522e2ab715d3efa75dd733608fab2fd62238f976da31c9c7735534b98f0e59485635be5bc982f7f9a863ed9074a1857f1597f88a38875fcbc18" size="115980975" type="complete"></patch></update></updates> ===================================== update_1/release/13.5.9-windows-x86_64-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="13.5.9" appVersion="13.5.9" platformVersion="115.17.0" buildID="20241024160253" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5.9" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5.9" minSupportedOSVersion="6.1" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/13.5.9/mullvad-browser-windows-x86_64-13.5.…" hashFunction="SHA512" hashValue="c77fb5c8ceca6c3a64dd721627fdb927750cda0d89b35d4fc2ad8dbe93e1dc5979aa17587084345d48a9ff91871bb28078a97adc180e3bc527bf531a36a65b92" size="90216412" type="complete"></patch></update></updates> ===================================== update_1/release/14.0-linux-x86_64-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.0" appVersion="14.0" platformVersion="128.4.0" buildID="20241112201621" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/14.0/mullvad-browser-linux-x86_64-14.0_ALL.…" size="114113237" type="complete"></patch></update></updates> ===================================== update_1/release/14.0-macos-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.0" appVersion="14.0" platformVersion="128.4.0" buildID="20241112201621" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0" minSupportedOSVersion="19.0.0"><patch URL="https://cdn.mullvad.net/browser/14.0/mullvad-browser-macos-14.0_ALL.mar" size="129146988" type="complete"></patch></update></updates> ===================================== update_1/release/14.0-windows-x86_64-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.0" appVersion="14.0" platformVersion="128.4.0" buildID="20241112201621" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0" minSupportedOSVersion="10.0"><patch URL="https://cdn.mullvad.net/browser/14.0/mullvad-browser-windows-x86_64-14.0_AL…" size="97539568" type="complete"></patch></update></updates> ===================================== update_1/release/download-linux-x86_64.json ===================================== @@ -1 +1 @@ -{"binary":"https://cdn.mullvad.net/browser/13.5.9/mullvad-browser-linux-x86_64-13.5.9.…","git_tag":"mb-13.5.9-build2","sig":"https://cdn.mullvad.net/browser/13.5.9/mullvad-browser-linux-x86_64-13.5.9.…","version":"13.5.9"} \ No newline at end of file +{"binary":"https://cdn.mullvad.net/browser/14.0/mullvad-browser-linux-x86_64-14.0.tar.…","git_tag":"mb-14.0-build2","sig":"https://cdn.mullvad.net/browser/14.0/mullvad-browser-linux-x86_64-14.0.tar.…","version":"14.0"} \ No newline at end of file ===================================== update_1/release/download-macos.json ===================================== @@ -1 +1 @@ -{"binary":"https://cdn.mullvad.net/browser/13.5.9/mullvad-browser-macos-13.5.9.dmg","git_tag":"mb-13.5.9-build2","sig":"https://cdn.mullvad.net/browser/13.5.9/mullvad-browser-macos-13.5.9.dmg.asc","version":"13.5.9"} \ No newline at end of file +{"binary":"https://cdn.mullvad.net/browser/14.0/mullvad-browser-macos-14.0.dmg","git_tag":"mb-14.0-build2","sig":"https://cdn.mullvad.net/browser/14.0/mullvad-browser-macos-14.0.dmg.asc","version":"14.0"} \ No newline at end of file ===================================== update_1/release/download-windows-x86_64.json ===================================== @@ -1 +1 @@ -{"binary":"https://cdn.mullvad.net/browser/13.5.9/mullvad-browser-windows-x86_64-13.5.…","git_tag":"mb-13.5.9-build2","sig":"https://cdn.mullvad.net/browser/13.5.9/mullvad-browser-windows-x86_64-13.5.…","version":"13.5.9"} \ No newline at end of file +{"binary":"https://cdn.mullvad.net/browser/14.0/mullvad-browser-windows-x86_64-14.0.exe","git_tag":"mb-14.0-build2","sig":"https://cdn.mullvad.net/browser/14.0/mullvad-browser-windows-x86_64-14.0.ex…","version":"14.0"} \ No newline at end of file ===================================== update_1/release/downloads.json ===================================== @@ -1 +1 @@ -{"downloads":{"linux-x86_64":{"ALL":{"binary":"https://cdn.mullvad.net/browser/13.5.9/mullvad-browser-linux-x86_64-13.5.9.…","sig":"https://cdn.mullvad.net/browser/13.5.9/mullvad-browser-linux-x86_64-13.5.9.…"}},"macos":{"ALL":{"binary":"https://cdn.mullvad.net/browser/13.5.9/mullvad-browser-macos-13.5.9.dmg","sig":"https://cdn.mullvad.net/browser/13.5.9/mullvad-browser-macos-13.5.9.dmg.asc"}},"win64":{"ALL":{"binary":"https://cdn.mullvad.net/browser/13.5.9/mullvad-browser-windows-x86_64-13.5.…","sig":"https://cdn.mullvad.net/browser/13.5.9/mullvad-browser-windows-x86_64-13.5.…"}}},"tag":"mb-13.5.9-build2","version":"13.5.9"} \ No newline at end of file +{"downloads":{"linux-x86_64":{"ALL":{"binary":"https://cdn.mullvad.net/browser/14.0/mullvad-browser-linux-x86_64-14.0.tar.…","sig":"https://cdn.mullvad.net/browser/14.0/mullvad-browser-linux-x86_64-14.0.tar.…"}},"macos":{"ALL":{"binary":"https://cdn.mullvad.net/browser/14.0/mullvad-browser-macos-14.0.dmg","sig":"https://cdn.mullvad.net/browser/14.0/mullvad-browser-macos-14.0.dmg.asc"}},"win64":{"ALL":{"binary":"https://cdn.mullvad.net/browser/14.0/mullvad-browser-windows-x86_64-14.0.exe","sig":"https://cdn.mullvad.net/browser/14.0/mullvad-browser-windows-x86_64-14.0.ex…"}}},"tag":"mb-14.0-build2","version":"14.0"} \ No newline at end of file View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser-update-respo… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser-update-respo… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 43295: Update MR templates
by morgan (＠morgan) 14 Nov '24

14 Nov '24

morgan pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 4dd16b8c by Morgan at 2024-11-14T02:21:36+00:00 Bug 43295: Update MR templates - - - - - 2 changed files: - .gitlab/merge_request_templates/default.md - .gitlab/merge_request_templates/relprep.md Changes: ===================================== .gitlab/merge_request_templates/default.md ===================================== @@ -2,18 +2,34 @@  -### Related Issues +### Issues + +#### Resolves +- tor-browser-build#xxxxx - tor-browser#xxxxx - mullvad-browser#xxxxx + +#### Related - tor-browser-build#xxxxx +- tor-browser#xxxxx +- mullvad-browser#xxxxx + +### Merging + + + +#### Target Branches + - [ ] **`main`**: esr128-14.5 + - [ ] **`maint-14.0`**: esr128-14.0 + - [ ] **`maint-13.5`**: esr115-13.5 ### Backporting #### Timeline +- [ ] **No Backport (preferred)**: patchset for the next major stable - [ ] **Immediate**: patchset needed as soon as possible - [ ] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport - [ ] **Eventually**: patchset that needs to be verified in alpha before backport -- [ ] **No Backport (preferred)**: patchset for the next major stable #### (Optional) Justification - [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc @@ -50,7 +66,7 @@ - **windows** : jwilde, morgan - **misc/other** : morgan, pierov -### Change Description +#### Change Description  ===================================== .gitlab/merge_request_templates/relprep.md ===================================== @@ -1,9 +1,19 @@ -## Related Issues +## Release Prep +### Issues + +#### Resolves + +- tor-browser-build#xxxxx - tor-browser-build#xxxxx + +#### Related + - tor-browser-build#xxxxx +- tor-browser#xxxxx +- mullvad-browser#xxxxx -## Self-review + reviewer's template +### Self-review + reviewer's template - [ ] `rbm.conf` updates: - [ ] `var/torbrowser_version` @@ -15,12 +25,12 @@ - [ ] Tag updates: - [ ] [Firefox](https://gitlab.torproject.org/tpo/applications/tor-browser/-/tags) - [ ] Geckoview - should match Firefox - - Tags might be speculative in the release preparation: i.e., they might not exist yet. + - **NOTE**: Tags might be speculative in the release preparation: i.e., they might not exist yet. - [ ] Addon updates: - [ ] [NoScript](https://addons.mozilla.org/en-US/firefox/addon/noscript/) - [ ] [uBlock Origin](https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/) (Mullvad Browser only) - [ ] [Mullvad Browser Extension](https://github.com/mullvad/browser-extension/releases) (Mullvad Browser only) - - For AMO extension (NoScript and uBlock), updating the version in the URL is not enough, check that also a numeric ID from the URL has changed + - ⚠️ **IMPORTANT**: For AMO extension (NoScript and uBlock), updating the version in the URL is not enough, check that also a numeric ID from the URL has changed - [ ] Tor and dependencies updates (Tor Browser only) - [ ] [Tor](https://gitlab.torproject.org/tpo/core/tor/-/tags) - [ ] [OpenSSL](https://www.openssl.org/source/): we stay on the latest LTS channel (currently 3.0.x) @@ -39,11 +49,11 @@ - If you find errors such as platform or category (build system) please adjust the issue label accordingly - You can run `tools/relprep.py --only-changelogs --date $date $version` to update only the changelogs -## Review +### Review -### Request Reviewer +#### Request Reviewer - [ ] Request review from a release engineer: boklm, dan, ma1, morgan, pierov -### Change Description +#### Change Description View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/4… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/4… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-128.4.0esr-14.5-1] 3 commits: fixup! MB 188: Customize Gitlab Issue and Merge templates
by morgan (＠morgan) 14 Nov '24

14 Nov '24

morgan pushed to branch mullvad-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Mullvad Browser Commits: 8d27898b by Morgan at 2024-11-14T02:01:24+00:00 fixup! MB 188: Customize Gitlab Issue and Merge templates - - - - - 35c0859d by Morgan at 2024-11-14T02:01:43+00:00 fixup! Adding issue and merge request templates Bug 43295: Update MR templates - - - - - 5c8645ae by Morgan at 2024-11-14T02:04:59+00:00 fixup! MB 188: Customize Gitlab Issue and Merge templates Bug 43295: Update MR templates - - - - - 4 changed files: - .gitlab/issue_templates/Emergency Security Issue.md - − .gitlab/issue_templates/Rebase Browser - Alpha.md - − .gitlab/issue_templates/Rebase Browser - Stable.md - .gitlab/merge_request_templates/default.md Changes: ===================================== .gitlab/issue_templates/Emergency Security Issue.md ===================================== @@ -18,7 +18,9 @@ ### Type of Issue: What are we dealing with? - [ ] Security (sandbox escape, remote code execution, etc) -- [ ] Cross-Site Linkability (correlating sessions across websites) +- [ ] Proxy Bypass (traffic contents becoming MITM'able) +- [ ] De-Anonymization (otherwise identifying which website a user is visiting) +- [ ] Cross-Site Linkability (correlating sessions across circuits and websites) - [ ] Disk Leak (persisting session information to disk) - [ ] Other (please explain) @@ -34,11 +36,16 @@ - [ ] **richard** : signing, release - [ ] **thorin** : fingerprinting - [ ] Other Engineering Teams + - [ ] Networking (**ahf**, **dgoulet**) + - [ ] Anti-Censorship (**meskio**, **cohosh**) - [ ] UX (**donuts**) - [ ] TPA (**anarcat**, **lavamind**) - [ ] External Tor Partners - - [ ] Mozilla (**tjr**) - - [ ] Mullvad (**ruihildt**) + - [ ] Mozilla + - [ ] Mullvad + - [ ] Brave + - [ ] Guardian Project (Orbot, Onion Browser) + - [ ] Tails - [ ] Other (please list) ### Urgency: When do we need to act? @@ -65,7 +72,6 @@ Sometimes fixes have side-effects: users lose their data, roadmaps need to be ad - [ ] Start an initial email thread with the following people: - [ ] **bella** - - [ ] **ruihildt**, **support(a)mullvadvpn.net** - [ ] Relevant Applications Developers - [ ] **(Optional)** **micah** - if there are considerations or asks outside the Applications Team @@ -78,7 +84,6 @@ Sometimes fixes have side-effects: users lose their data, roadmaps need to be ad /cc @ma1 /cc @micah /cc @richard -/cc @ruihildt /confidential ===================================== .gitlab/issue_templates/Rebase Browser - Alpha.md deleted ===================================== @@ -1,83 +0,0 @@ -**NOTE:** All examples in this template reference the rebase from 102.7.0esr to 102.8.0esr - -<details> - <summary>Explanation of Variables</summary> - -- `$(ESR_VERSION)`: the Mozilla defined ESR version, used in various places for building mullvad-browser tags, labels, etc - - **Example**: `102.8.0` -- `$(ESR_TAG)`: the Mozilla defined hg (Mercurial) tag associated with `$(ESR_VERSION)` - - **Example**: `FIREFOX_102_8_0esr_RELEASE` -- `$(BROWSER_MAJOR)`: the browser major version - - **Example**: `12` -- `$(BROWSER_MINOR)`: the browser minor version - - **Example**: either `0` or `5`; Alpha's is always `(Stable + 5) % 10` -- `$(BASE_BROWSER_BRANCH)`: the full name of the current `base-browser` branch - - **Example**: `base-browser-102.8.0esr-12.5-1` -- `$(BASE_BROWSER_BRANCH_PREV)`: the full name of the previous `base-browser` branch - - **Example**: `base-browser-102.7.0esr-12.5-1` -- `$(BASE_BROWSER_BRANCH_TAG)`: the `base-browser` build tag used as base commit for `mullvad-browser` - - **Example**: `base-browser-102.8.0esr-12.5-1-build1` -- `$(BASE_BROWSER_BRANCH_PREV_TAG)`: the `base-browser` build tag used as base commit for the previous `mullvad-browser` - - **Example**: `base-browser-102.7.0esr-12.5-1-build1` -- `$(MULLVAD_BROWSER_BRANCH)`: the full name of the current `mullvad-browser` branch - - **Example**: `mullvad-browser-102.8.0esr-12.5-1` -- `$(MULLVAD_BROWSER_BRANCH_PREV)`: the full name of the previous `mullvad-browser` branch - - **Example**: `mullvad-browser-102.7.0esr-12.5-1` -</details> - -**NOTE:** It is assumed that we've already rebased and tagged `base-browser` alpha and that we've already rebased `mullvad-browser` stable - -### **Bookkeeping** - -- [ ] Link this issue to the appropriate [Release Prep](https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/is… issue. - -### Update Branch Protection Rules - -- [ ] In [Repository Settings](https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/…: - - [ ] Remove previous alpha `mullvad-browser` branch protection rules (this will prevent pushing new changes to the branches being rebased) - - [ ] Create new `mullvad-browser` branch protection rule: - - **Branch**: `mullvad-browser-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1*` - - **Example**: `mullvad-browser-102.8.0esr-12.5-1*` - - **Allowed to merge**: `Maintainers` - - **Allowed to push and merge**: `Maintainers` - - **Allowed to force push**: `false` - -### **Create and Push New Branch** - -- [ ] Create new alpha `mullvad-browser` branch from this ESR's alpha `base-browser` tag - - Branch name in the form: `mullvad-browser-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1` - - **Example**: `git branch mullvad-browser-102.8.0esr-12.5-1 base-browser-102.8.0esr-12.5-1-build1` -- [ ] Push new `mullvad-browser` branch to `upstream` -- [ ] Push `base-browser` tag to `upstream` - -### **Rebase tor-browser** - -- [ ] Checkout a new local branch for the `mullvad-browser` rebase - - **Example**: `git branch mullvad-browser-rebase upstream/mullvad-browser-102.8.0esr-12.5-1` -- [ ] `mullvad-browser` rebase - - [ ] Cherry-pick the previous `mullvad-browser` branch's commit range up to the last `mullvad-browser` `build1` tag - - **Example**: `git cherry-pick base-browser-102.7.0esr-12.5-1-build1..mullvad-browser-102.7.0esr-12.5-1-build1` - - [ ] Rebase and autosquash these newly cherry-picked commits - - **Example**: `git rebase --autosquash --interactive upstream/mullvad-browser-102.8.0esr-12.5-1` - - [ ] Cherry-pick remainder of patches after the last `mullvad-browser` `buildN` tag - - **Example**: `git cherry-pick mullvad-browser-102.7.0esr-12.5-1-build1..upstream/mulvad-browser-102.7.0esr-12.5-1` - - [ ] Rebase and autosquash again, this time replacing all `fixup` and `squash` commands with `pick`. The goal here is to have all of the `fixup` and `squash` commits beside the commit which they modify, but kept un-squashed for easy debugging/bisecting. - - **Example**: `git rebase --autosquash --interactive upstream/mullvad-browser-102.8.0esr-12.5-1` -- [ ] Compare patch sets to ensure nothing *weird* happened during conflict resolution: - - [ ] diff of diffs: - - Do the diff between `current_patchset.diff` and `rebased_patchset.diff` with your preferred difftool and look at differences on lines that starts with + or - - - `git diff $(BASE_BROWSER_BRANCH_PREV_TAG)..$(MULLVAD_BROWSER_BRANCH_PREV) > current_patchset.diff` - - `git diff $(BASE_BROWSER_BRANCH_TAG)..HEAD > rebased_patchset.diff` - - diff `current_patchset.diff` and `rebased_patchset.diff` - - If everything went correctly, the only lines which should differ should be the lines starting with `index abc123...def456` (unless the previous `base-browser` branch includes changes not included in the previous `mullvad-browser` branch) - - [ ] rangediff: `git range-diff $(BASE_BROWSER_BRANCH_PREV_TAG)..$(MULLVAD_BROWSER_BRANCH_PREV) $(BASE_BROWSER_BRANCH_TAG)..HEAD` - - **Example**: `git range-diff base-browser-102.7.0esr-12.5-1-build1..upstream/mullvad-browser-102.7.0esr-12.5-1 base-browser-102.8.0esr-12.5-1-build1..HEAD` -- [ ] Open MR for the `mullvad-browser` rebase -- [ ] Merge - -### **Sign and Tag** - -- [ ] Sign/Tag `HEAD` of the merged `mullvad-browser` branch: - - **Tag**: `mullvad-browser-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1-build1` - - **Message**: `Tagging build1 for $(ESR_VERSION)esr-based stable` - - [ ] Push tag to `upstream` ===================================== .gitlab/issue_templates/Rebase Browser - Stable.md deleted ===================================== @@ -1,84 +0,0 @@ -**NOTE:** All examples in this template reference the rebase from 102.7.0esr to 102.8.0esr - -<details> - <summary>Explanation of Variables</summary> - -- `$(ESR_VERSION)`: the Mozilla defined ESR version, used in various places for building mullvad-browser tags, labels, etc - - **Example**: `102.8.0` -- `$(ESR_TAG)`: the Mozilla defined hg (Mercurial) tag associated with `$(ESR_VERSION)` - - **Example**: `FIREFOX_102_8_0esr_RELEASE` -- `$(BROWSER_MAJOR)`: the browser major version - - **Example**: `12` -- `$(BROWSER_MINOR)`: the browser minor version - - **Example**: either `0` or `5`; Alpha's is always `(Stable + 5) % 10` -- `$(BASE_BROWSER_BRANCH)`: the full name of the current `base-browser` branch - - **Example**: `base-browser-102.8.0esr-12.0-1` -- `$(BASE_BROWSER_BRANCH_PREV)`: the full name of the previous `base-browser` branch - - **Example**: `base-browser-102.7.0esr-12.0-1` -- `$(BASE_BROWSER_BRANCH_TAG)`: the `base-browser` build tag used as base commit for `mullvad-browser` - - **Example**: `base-browser-102.8.0esr-12.0-1-build1` -- `$(BASE_BROWSER_BRANCH_PREV_TAG)`: the `base-browser` build tag used as base commit for the previous `mullvad-browser` - - **Example**: `base-browser-102.7.0esr-12.0-1-build1` -- `$(MULLVAD_BROWSER_BRANCH)`: the full name of the current `mullvad-browser` branch - - **Example**: `mullvad-browser-102.8.0esr-12.0-1` -- `$(MULLVAD_BROWSER_BRANCH_PREV)`: the full name of the previous `mullvad-browser` branch - - **Example**: `mullvad-browser-102.7.0esr-12.0-1` -</details> - -**NOTE:** It is assumed that we've already rebased and tagged `base-browser` stable - -### **Bookkeeping** - -- [ ] Link this issue to the appropriate [Release Prep](https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/is… issue. - -### Update Branch Protection Rules - -- [ ] In [Repository Settings](https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/…: - - [ ] Remove previous stable `mullvad-browser` branch protection rules (this will prevent pushing new changes to the branches being rebased) - - [ ] Create new `mullvad-browser` branch protection rule: - - **Branch**: `mullvad-browser-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1*` - - **Example**: `mullvad-browser-102.8.0esr-12.0-1*` - - **Allowed to merge**: `Maintainers` - - **Allowed to push and merge**: `Maintainers` - - **Allowed to force push**: `false` - -### **Create and Push New Branch** - -- [ ] Create new stable `mullvad-browser` branch from this ESR's stable `base-browser` tag - - Branch name in the form: `mullvad-browser-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1` - - **Example**: `git branch mullvad-browser-102.8.0esr-12.0-1 base-browser-102.8.0esr-12.0-1-build1` -- [ ] Push new `mullvad-browser` branch to `upstream` -- [ ] Push `base-browser` tag to `upstream` -- [ ] Push `$(ESR_TAG)` to `upstream` - -### **Rebase mullvad-browser** - -- [ ] Checkout a new local branch for the `mullvad-browser` rebase - - **Example**: `git branch mullvad-browser-rebase upstream/mullvad-browser-102.8.0esr-12.0-1` -- [ ] `mullvad-browser` rebase - - [ ] Cherry-pick the previous `mullvad-browser` branch's commit range up to the last `mullvad-browser` `build1` tag - - **Example**: `git cherry-pick base-browser-102.7.0esr-12.0-1-build1..mullvad-browser-102.7.0esr-12.0-1-build1` - - [ ] Rebase and autosquash these newly cherry-picked commits - - **Example**: `git rebase --autosquash --interactive upstream/mullvad-browser-102.8.0esr-12.0-1` - - [ ] Cherry-pick remainder of patches after the last `mullvad-browser` `buildN` tag - - **Example**: `git cherry-pick mullvad-browser-102.7.0esr-12.0-1-build1..upstream/mullvad-browser-102.7.0esr-12.0-1` - - [ ] Rebase and autosquash again, this time replacing all `fixup` and `squash` commands with `pick`. The goal here is to have all of the `fixup` and `squash` commits beside the commit which they modify, but kept un-squashed for easy debugging/bisecting. - - **Example**: `git rebase --autosquash --interactive upstream/mullvad-browser-102.8.0esr-12.0-1` -- [ ] Compare patch sets to ensure nothing *weird* happened during conflict resolution: - - [ ] diff of diffs: - - Do the diff between `current_patchset.diff` and `rebased_patchset.diff` with your preferred difftool and look at differences on lines that starts with + or - - - `git diff $(BASE_BROWSER_BRANCH_PREV_TAG)..$(MULLVAD_BROWSER_BRANCH_PREV) > current_patchset.diff` - - `git diff $(BASE_BROWSER_BRANCH_TAG)..HEAD > rebased_patchset.diff` - - diff `current_patchset.diff` and `rebased_patchset.diff` - - If everything went correctly, the only lines which should differ should be the lines starting with `index abc123...def456` (unless the previous `base-browser` branch includes changes not included in the previous `mullvad-browser` branch) - - [ ] rangediff: `git range-diff $(BASE_BROWSER_BRANCH_PREV_TAG)..$(MULLVAD_BROWSER_BRANCH_PREV) $(BASE_BROWSER_BRANCH_TAG)..HEAD` - - **Example**: `git range-diff base-browser-102.7.0esr-12.0-1-build1..upstream/mullvad-browser-102.7.0esr-12.5-1 base-browser-102.8.0esr-12.5-1-build1..HEAD` -- [ ] Open MR for the `mullvad-browser` rebase -- [ ] Merge - -### **Sign and Tag** - -- [ ] Sign/Tag `HEAD` of the merged `mullvad-browser` branch: - - **Tag**: `mullvad-browser-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1-build1` - - **Message**: `Tagging build1 for $(ESR_VERSION)esr-based stable` - - [ ] Push tag to `upstream` ===================================== .gitlab/merge_request_templates/default.md ===================================== @@ -2,18 +2,41 @@  -### Related Issues +### Issues + +#### Resolves +- mullvad-browser#xxxxx - tor-browser#xxxxx +- tor-browser-build#xxxxx + +#### Related + - mullvad-browser#xxxxx +- tor-browser#xxxxx - tor-browser-build#xxxxx +### Merging + + + +#### Target Branches + +- [ ] **`mullvad-browser`** - `!fixups` to `mullvad-browser`-specific commits, new features, security backports +- [ ] **`base-browser`** *and* **`tor-browser`** - `!fixups` to `base-browser`-specific commits or new features to be shared with `tor-browser` + - ⚠️ **IMPORTANT**: Please list the `base-browser`-specific commits which need to be cherry-picked to the `base-browser` and `tor-browser` branches here + +#### Target Channels + +- [ ] **Alpha**: esr128-14.5 +- [ ] **Stable**: esr128-14.0 + ### Backporting #### Timeline +- [ ] **No Backport (preferred)**: patchset for the next major stable - [ ] **Immediate**: patchset needed as soon as possible - [ ] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport - [ ] **Eventually**: patchset that needs to be verified in alpha before backport -- [ ] **No Backport (preferred)**: patchset for the next major stable #### (Optional) Justification - [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc @@ -23,11 +46,6 @@ - [ ] **Localization**: typos and other localization changes that should be also in the release branch - [ ] **Other**: please explain -### Merging -- [ ] Merge to `mullvad-browser` - `!fixups` to `mullvad-browser`-specific commits, new features, security backports -- [ ] Merge to `base-browser` -`!fixups` to `base-browser`-specific commits, new features to be shared with `tor-browser` - - **NOTE**: if your changeset includes patches to both `base-browser` and `mullvad-browser` please clearly label in the change description which commits should be cherry-picked to `base-browser` after merging - ### Issue Tracking - [ ] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort… for changelog generation @@ -36,7 +54,7 @@ #### Request Reviewer - [ ] Request review from an applications developer depending on modified system: - - **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since gitlab only allows 1 reviewer) + - **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since Gitlab only allows 1 reviewer) - **accessibility** : henry - **android** : clairehurst, dan - **build system** : boklm @@ -44,21 +62,22 @@ - **firefox internals (XUL/JS/XPCOM)** : jwilde, ma1 - **fonts** : pierov - **frontend (implementation)** : henry - - **frontend (review)** : donuts, richard + - **frontend (review)** : donuts, morgan - **localization** : henry, pierov - **macOS** : clairehurst, dan - **nightly builds** : boklm - - **rebases/release-prep** : dan, ma1, pierov, richard + - **rebases/release-prep** : dan, ma1, pierov, morgan - **security** : jwilde, ma1 - - **signing** : boklm, richard + - **signing** : boklm, morgan - **updater** : pierov - - **windows** : jwilde, richard - - **misc/other** : pierov, richard + - **windows** : jwilde, morgan + - **misc/other** : pierov, morgan #### Change Description  + #### How Tested  View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/b5… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/b5… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.4.0esr-14.5-1] fixup! Adding issue and merge request templates
by morgan (＠morgan) 14 Nov '24

14 Nov '24

morgan pushed to branch tor-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: 38620b67 by Morgan at 2024-11-14T01:57:48+00:00 fixup! Adding issue and merge request templates Bug 43295: Update MR templates - - - - - 1 changed file: - .gitlab/merge_request_templates/default.md Changes: ===================================== .gitlab/merge_request_templates/default.md ===================================== @@ -2,18 +2,42 @@  -### Related Issues +### Issues + +#### Resolves - tor-browser#xxxxx - mullvad-browser#xxxxx - tor-browser-build#xxxxx +#### Related + +- tor-browser#xxxxx +- mullvad-browser#xxxxx +- tor-browser-build#xxxxx + +### Merging + + + +#### Target Branches + +- [ ] **`tor-browser`** - `!fixups` to `tor-browser`-specific commits, new features, security backports +- [ ] **`base-browser`** *and* **`mullvad-browser`** - `!fixups` to `base-browser`-specific commits, new features to be shared with `mullvad-browser`, and security backports + - ⚠️ **IMPORTANT**: Please list the `base-browser`-specific commits which need to be cherry-picked to the `base-browser` and `mullvad-browser` branches here + +#### Target Channels + +- [ ] **Alpha**: esr128-14.5 +- [ ] **Stable**: esr128-14.0 +- [ ] **Legacy**: esr115-13.5 + ### Backporting #### Timeline +- [ ] **No Backport (preferred)**: patchset for the next major stable - [ ] **Immediate**: patchset needed as soon as possible - [ ] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport - [ ] **Eventually**: patchset that needs to be verified in alpha before backport -- [ ] **No Backport (preferred)**: patchset for the next major stable #### (Optional) Justification - [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc @@ -24,11 +48,6 @@ - [ ] **Localization**: typos and other localization changes that should be also in the release branch - [ ] **Other**: please explain -### Merging -- [ ] Merge to `tor-browser` - `!fixups` to `tor-browser`-specific commits, new features, security backports -- [ ] Merge to `base-browser` - `!fixups` to `base-browser`-specific commits, new features to be shared with `mullvad-browser`, and security backports - - **NOTE**: if your changeset includes patches to both `base-browser` and `tor-browser` please clearly label in the change description which commits should be cherry-picked to `base-browser` after merging - ### Issue Tracking - [ ] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort… for changelog generation @@ -37,7 +56,7 @@ #### Request Reviewer - [ ] Request review from an applications developer depending on modified system: - - **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since gitlab only allows 1 reviewer) + - **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since Gitlab only allows 1 reviewer) - **accessibility** : henry - **android** : clairehurst, dan - **build system** : boklm @@ -45,21 +64,22 @@ - **firefox internals (XUL/JS/XPCOM)** : jwilde, ma1 - **fonts** : pierov - **frontend (implementation)** : henry - - **frontend (review)** : donuts, richard + - **frontend (review)** : donuts, morgan - **localization** : henry, pierov - **macOS** : clairehurst, dan - **nightly builds** : boklm - - **rebases/release-prep** : dan, ma1, pierov, richard + - **rebases/release-prep** : dan, ma1, pierov, morgan - **security** : jwilde, ma1 - - **signing** : boklm, richard + - **signing** : boklm, morgan - **updater** : pierov - - **windows** : jwilde, richard - - **misc/other** : pierov, richard + - **windows** : jwilde, morgan + - **misc/other** : pierov, morgan #### Change Description  + #### How Tested  View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/38620b6… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/38620b6… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-128.4.0esr-14.5-1] fixup! Adding issue and merge request templates
by morgan (＠morgan) 14 Nov '24

14 Nov '24

morgan pushed to branch base-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: 56ffe58d by Morgan at 2024-11-14T01:56:46+00:00 fixup! Adding issue and merge request templates Bug 43295: Update MR templates - - - - - 1 changed file: - .gitlab/merge_request_templates/default.md Changes: ===================================== .gitlab/merge_request_templates/default.md ===================================== @@ -2,18 +2,42 @@  -### Related Issues +### Issues + +#### Resolves - tor-browser#xxxxx - mullvad-browser#xxxxx - tor-browser-build#xxxxx +#### Related + +- tor-browser#xxxxx +- mullvad-browser#xxxxx +- tor-browser-build#xxxxx + +### Merging + + + +#### Target Branches + +- [ ] **`tor-browser`** - `!fixups` to `tor-browser`-specific commits, new features, security backports +- [ ] **`base-browser`** *and* **`mullvad-browser`** - `!fixups` to `base-browser`-specific commits, new features to be shared with `mullvad-browser`, and security backports + - ⚠️ **IMPORTANT**: Please list the `base-browser`-specific commits which need to be cherry-picked to the `base-browser` and `mullvad-browser` branches here + +#### Target Channels + +- [ ] **Alpha**: esr128-14.5 +- [ ] **Stable**: esr128-14.0 +- [ ] **Legacy**: esr115-13.5 + ### Backporting #### Timeline +- [ ] **No Backport (preferred)**: patchset for the next major stable - [ ] **Immediate**: patchset needed as soon as possible - [ ] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport - [ ] **Eventually**: patchset that needs to be verified in alpha before backport -- [ ] **No Backport (preferred)**: patchset for the next major stable #### (Optional) Justification - [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc @@ -24,11 +48,6 @@ - [ ] **Localization**: typos and other localization changes that should be also in the release branch - [ ] **Other**: please explain -### Merging -- [ ] Merge to `tor-browser` - `!fixups` to `tor-browser`-specific commits, new features, security backports -- [ ] Merge to `base-browser` - `!fixups` to `base-browser`-specific commits, new features to be shared with `mullvad-browser`, and security backports - - **NOTE**: if your changeset includes patches to both `base-browser` and `tor-browser` please clearly label in the change description which commits should be cherry-picked to `base-browser` after merging - ### Issue Tracking - [ ] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort… for changelog generation @@ -37,7 +56,7 @@ #### Request Reviewer - [ ] Request review from an applications developer depending on modified system: - - **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since gitlab only allows 1 reviewer) + - **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since Gitlab only allows 1 reviewer) - **accessibility** : henry - **android** : clairehurst, dan - **build system** : boklm @@ -45,21 +64,22 @@ - **firefox internals (XUL/JS/XPCOM)** : jwilde, ma1 - **fonts** : pierov - **frontend (implementation)** : henry - - **frontend (review)** : donuts, richard + - **frontend (review)** : donuts, morgan - **localization** : henry, pierov - **macOS** : clairehurst, dan - **nightly builds** : boklm - - **rebases/release-prep** : dan, ma1, pierov, richard + - **rebases/release-prep** : dan, ma1, pierov, morgan - **security** : jwilde, ma1 - - **signing** : boklm, richard + - **signing** : boklm, morgan - **updater** : pierov - - **windows** : jwilde, richard - - **misc/other** : pierov, richard + - **windows** : jwilde, morgan + - **misc/other** : pierov, morgan #### Change Description  + #### How Tested  View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/56ffe58… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/56ffe58… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag mb-14.0-build2
by morgan (＠morgan) 14 Nov '24

14 Nov '24

morgan pushed new tag mb-14.0-build2 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/mb-… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-14.0] 2 commits: Bug 41291: Enable mingw changes for WebRTC unconditionally
by morgan (＠morgan) 14 Nov '24

14 Nov '24

morgan pushed to branch maint-14.0 at The Tor Project / Applications / tor-browser-build Commits: a6600db7 by Morgan at 2024-11-14T00:08:29+00:00 Bug 41291: Enable mingw changes for WebRTC unconditionally - - - - - 2272e06e by Morgan at 2024-11-14T00:09:41+00:00 Bug 41299: Mullvad Browser 14.0 build2 - - - - - 3 changed files: - projects/mingw-w64-clang/build - projects/mingw-w64-clang/config - rbm.conf Changes: ===================================== projects/mingw-w64-clang/build ===================================== @@ -89,9 +89,7 @@ EOF patch -p1 < "$rootdir/mingw-dispatchqueue.patch" patch -p1 < "$rootdir/mingw-ts_sd.patch" patch -p1 < "$rootdir/mingw-composition.patch" - [% IF !c("var/release") %] - patch -p1 < "$rootdir/mingw-webrtc.patch" - [% END %] + patch -p1 < "$rootdir/mingw-webrtc.patch" cd $builddir/mingw-w64-clang/mingw-w64-headers mkdir build && cd build ===================================== projects/mingw-w64-clang/config ===================================== @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 filename: '[% project %]-[% c("version") %]-[% pc("llvm-project", "version") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' git_url: https://git.code.sf.net/p/mingw-w64/mingw-w64 -git_hash: '[% IF c("var/release") %]cd4cf9b279f8fb0815f8b9665d3cea60a30290bc[% ELSE %]4ef04b0a7f7a20735de2f58b5c0496fcb4c7d191[% END -%]' +git_hash: '4ef04b0a7f7a20735de2f58b5c0496fcb4c7d191' version: '[% c("abbrev") %]' container: use_container: 1 @@ -36,4 +36,3 @@ input_files: - filename: mingw-ts_sd.patch - filename: mingw-composition.patch - filename: mingw-webrtc.patch - enable: '[% !c("var/release") %]' \ No newline at end of file ===================================== rbm.conf ===================================== @@ -74,7 +74,7 @@ buildconf: var: torbrowser_version: '[% IF c("var/tor-browser") %]14.0.2[% ELSE %]14.0[% END %]' - torbrowser_build: 'build1' + torbrowser_build: 'build2' # This should be the date of when the build is started. For the build # to be reproducible, browser_release_date should always be in the past. browser_release_date: '2024/11/12 20:16:21' View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.4.0esr-14.5-1] fixup! Bug 41600: Add a tor circuit display panel.
by morgan (＠morgan) 13 Nov '24

13 Nov '24

morgan pushed to branch tor-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: facc9a28 by Henry Wilkes at 2024-11-13T20:06:19+00:00 fixup! Bug 41600: Add a tor circuit display panel. Bug 43237: Tweak Tor circuit display panel for screen readers. - - - - - 3 changed files: - browser/components/torcircuit/content/torCircuitPanel.css - browser/components/torcircuit/content/torCircuitPanel.inc.xhtml - browser/components/torcircuit/content/torCircuitPanel.js Changes: ===================================== browser/components/torcircuit/content/torCircuitPanel.css ===================================== @@ -182,6 +182,6 @@ margin: 0; } -.tor-circuit-button label.tor-circuit-button-description { +.tor-circuit-button .tor-circuit-button-description { margin-block-start: var(--space-xsmall); } ===================================== browser/components/torcircuit/content/torCircuitPanel.inc.xhtml ===================================== @@ -3,18 +3,20 @@ aria-labelledby="tor-circuit-heading" type="arrow" orient="vertical" - class="cui-widget-panel panel-no-padding" - tabindex="0"> + class="cui-widget-panel panel-no-padding">  - <vbox id="tor-circuit-panel-document" - role="document"> +  + <vbox id="tor-circuit-panel-document" role="document" tabindex="0"> <vbox class="panel-header"> <html:h1 id="tor-circuit-heading"></html:h1> <html:div id="tor-circuit-alias" hidden="hidden"> @@ -75,10 +77,12 @@ class="toolbarbutton-text" data-l10n-id="tor-circuit-panel-new-button" /> - <label +  + <html:span id="tor-circuit-new-circuit-description" class="tor-circuit-button-description" - /> + ></html:span> </vbox> </toolbarbutton> </vbox> ===================================== browser/components/torcircuit/content/torCircuitPanel.js ===================================== @@ -61,6 +61,7 @@ var gTorCircuitPanel = { this.panel = document.getElementById("tor-circuit-panel"); this._panelElements = { + doc: document.getElementById("tor-circuit-panel-document"), heading: document.getElementById("tor-circuit-heading"), alias: document.getElementById("tor-circuit-alias"), aliasLabel: document.getElementById("tor-circuit-alias-label"), @@ -138,13 +139,18 @@ var gTorCircuitPanel = { this._updateCircuitPanel(); }); - // Set the initial focus to the panel element itself, which has been made a - // focusable target. Similar to dialogs, or webextension-popup-browser. + // Set the initial focus to the panel document itself, which has been made a + // focusable target. Similar to webextension-popup-browser. + // Switching to a document should prompt screen readers to enter "browse + // mode" and allow the user to navigate the dialog content. + // NOTE: We could set the focus to the first focusable child within the + // document, but this would usually be the "New circuit" button, which would + // skip over the rest of the document content. this.panel.addEventListener("popupshown", event => { if (event.target !== this.panel) { return; } - this.panel.focus(); + this._panelElements.doc.focus(); }); // this.toolbarButton follows "identity-button" markup, so is a <xul:box> View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/facc9a2… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/facc9a2… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.4.0esr-14.5-1] 2 commits: fixup! Bug 30237: Add v3 onion services client authentication prompt
by morgan (＠morgan) 13 Nov '24

13 Nov '24

morgan pushed to branch tor-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: a83dddb9 by Henry Wilkes at 2024-11-13T19:54:08+00:00 fixup! Bug 30237: Add v3 onion services client authentication prompt Bug 43263: Add some alert semantics for onion site keys. Also use `spoof-button-disabled` to better manage focus for temporarily disabled buttons. - - - - - 2073c1fa by Henry Wilkes at 2024-11-13T19:54:08+00:00 fixup! Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection Bug 43263: Update `spoof-button-disabled` buttons to use tabIndex=-1. Also remove aria-live="assertive" from role="alert" since it should already be implied by default. - - - - - 10 changed files: - browser/components/onionservices/content/authPopup.inc.xhtml - browser/components/onionservices/content/authPreferences.css - browser/components/onionservices/content/authPrompt.js - browser/components/onionservices/content/savedKeysDialog.js - browser/components/onionservices/content/savedKeysDialog.xhtml - browser/components/torpreferences/content/connectionPane.js - browser/components/torpreferences/content/loxInviteDialog.js - browser/components/torpreferences/content/provideBridgeDialog.js - browser/components/torpreferences/content/provideBridgeDialog.xhtml - browser/components/torpreferences/content/torPreferences.css Changes: ===================================== browser/components/onionservices/content/authPopup.inc.xhtml ===================================== @@ -11,12 +11,27 @@ data-l10n-id="onion-site-authentication-prompt-learn-more" /> <html:div> +  <html:input id="tor-clientauth-notification-key" type="password" data-l10n-id="onion-site-authentication-prompt-key-input" + aria-errormessage="tor-clientauth-warning" /> - <html:div id="tor-clientauth-warning"></html:div> + <html:div + id="tor-clientauth-warning" + role="alert" + aria-labelledby="tor-clientauth-warning-text" + > +  + <html:span id="tor-clientauth-warning-text"></html:span> + </html:div> <checkbox id="tor-clientauth-persistkey-checkbox" data-l10n-id="onion-site-authentication-prompt-remember-checkbox" ===================================== browser/components/onionservices/content/authPreferences.css ===================================== @@ -23,3 +23,15 @@ -moz-context-properties: fill; fill: var(--in-content-warning-icon-color); } + +/* Make a button appear disabled, whilst still allowing it to keep keyboard + * focus. + * Duplicate of rule in torPreferences.css. + * TODO: Replace with moz-button when it handles this for us. See + * tor-browser#43275. */ +button.spoof-button-disabled { + /* Borrow the :disabled rule from common-shared.css */ + opacity: 0.4; + /* Also ensure it does not get hover or active styling. */ + pointer-events: none; +} ===================================== browser/components/onionservices/content/authPrompt.js ===================================== @@ -32,6 +32,8 @@ var OnionAuthPrompt = { /** * The currently shown details in the prompt. + * + * @type {?PromptDetails} */ _shownDetails: null, @@ -264,16 +266,18 @@ var OnionAuthPrompt = { */ _showWarning(warningMessageId) { this._logger.debug(`Showing warning: ${warningMessageId}`); + if (warningMessageId) { - document.l10n.setAttributes(this._warningEl, warningMessageId); + document.l10n.setAttributes(this._warningTextEl, warningMessageId); this._warningEl.removeAttribute("hidden"); this._keyInput.classList.add("invalid"); + this._keyInput.setAttribute("aria-invalid", "true"); } else { - // Clean up. - this._warningEl.removeAttribute("data-l10n-id"); - this._warningEl.textContent = ""; + this._warningTextEl.removeAttribute("data-l10n-id"); + this._warningTextEl.textContent = ""; this._warningEl.setAttribute("hidden", "true"); this._keyInput.classList.remove("invalid"); + this._keyInput.removeAttribute("aria-invalid"); } }, @@ -344,6 +348,9 @@ var OnionAuthPrompt = { "tor-clientauth-persistkey-checkbox" ); this._warningEl = document.getElementById("tor-clientauth-warning"); + this._warningTextEl = document.getElementById( + "tor-clientauth-warning-text" + ); this._descriptionEl = document.getElementById( "tor-clientauth-notification-desc" ); ===================================== browser/components/onionservices/content/savedKeysDialog.js ===================================== @@ -14,6 +14,20 @@ var gOnionServicesSavedKeysDialog = { return this._busyCount > 0; }, + /** + * Whether the "remove selected" button is disabled. + * + * @type {boolean} + */ + _removeSelectedDisabled: true, + + /** + * Whether the "remove all" button is disabled. + * + * @type {boolean} + */ + _removeAllDisabled: true, + async _deleteSelectedKeys() { this._showError(null); this._withBusy(async () => { @@ -36,6 +50,15 @@ var gOnionServicesSavedKeysDialog = { for (let i = indexesToDelete.length - 1; i >= 0; --i) { await this._deleteOneKey(provider, indexesToDelete[i]); } + // If successful and the user focus is still on the buttons move focus + // to the table with the updated state. We do this before calling + // _updateButtonState and potentially making the buttons disabled. + if ( + this._removeButton.contains(document.activeElement) || + this._removeAllButton.contains(document.activeElement) + ) { + this._tree.focus(); + } } catch (e) { console.error("Removing a saved key failed", e); this._showError( @@ -51,10 +74,37 @@ var gOnionServicesSavedKeysDialog = { await this._deleteSelectedKeys(); }, + /** + * Show the given button as being disabled or enabled. + * + * @param {Button} button - The button to change. + * @param {boolean} disable - Whether to show the button as disabled or + * enabled. + */ + _disableButton(button, disable) { + // If we are disabled we show the button as disabled, and we also remove it + // from the tab focus cycle using `tabIndex = -1`. + // This is similar to using the `disabled` attribute, except that + // `tabIndex = -1` still allows the button to be focusable. I.e. not part of + // the focus cycle but can *keep* existing focus when the button becomes + // disabled to avoid loosing focus to the top of the dialog. + // TODO: Replace with moz-button when it handles this for us. See + // tor-browser#43275. + button.classList.toggle("spoof-button-disabled", disable); + button.tabIndex = disable ? -1 : 0; + if (disable) { + this._removeButton.setAttribute("aria-disabled", "true"); + } else { + this._removeButton.removeAttribute("aria-disabled"); + } + }, + _updateButtonsState() { const haveSelection = this._tree.view.selection.getRangeCount() > 0; - this._removeButton.disabled = this._isBusy || !haveSelection; - this._removeAllButton.disabled = this._isBusy || this.rowCount === 0; + this._removeSelectedDisabled = this._isBusy || !haveSelection; + this._removeAllDisabled = this._isBusy || this.rowCount === 0; + this._disableButton(this._removeButton, this._removeSelectedDisabled); + this._disableButton(this._removeAllButton, this._removeAllDisabled); }, // Private functions. @@ -79,12 +129,18 @@ var gOnionServicesSavedKeysDialog = { "onionservices-savedkeys-remove" ); this._removeButton.addEventListener("click", () => { + if (this._removeSelectedDisabled) { + return; + } this._deleteSelectedKeys(); }); this._removeAllButton = document.getElementById( "onionservices-savedkeys-removeall" ); this._removeAllButton.addEventListener("click", () => { + if (this._removeAllDisabled) { + return; + } this._deleteAllKeys(); }); ===================================== browser/components/onionservices/content/savedKeysDialog.xhtml ===================================== @@ -49,7 +49,11 @@ </treecols> <treechildren /> </tree> - <hbox id="onionservices-savedkeys-errorContainer" align="center"> + <hbox + id="onionservices-savedkeys-errorContainer" + align="center" + role="alert" + > <image id="onionservices-savedkeys-errorIcon" /> <description id="onionservices-savedkeys-errorMessage" flex="1" /> </hbox> @@ -57,7 +61,6 @@ <hbox id="onionservices-savedkeys-buttons"> <html:button id="onionservices-savedkeys-remove" - disabled="true" data-l10n-id="onion-site-saved-keys-dialog-remove-button" ></html:button> <html:button ===================================== browser/components/torpreferences/content/connectionPane.js ===================================== @@ -2354,8 +2354,11 @@ const gNetworkStatus = { this._internetTestDisabled = true; // We use "aria-disabled" rather than the "disabled" attribute so that the // button can remain focusable during the test. + // TODO: Replace with moz-button when it handles this for us. See + // tor-browser#43275. this._internetTestButton.setAttribute("aria-disabled", "true"); this._internetTestButton.classList.add("spoof-button-disabled"); + this._internetTestButton.tabIndex = -1; try { this._updateInternetStatus("testing"); const mrpc = new MoatRPC(); @@ -2376,6 +2379,7 @@ const gNetworkStatus = { } finally { this._internetTestButton.removeAttribute("aria-disabled"); this._internetTestButton.classList.remove("spoof-button-disabled"); + this._internetTestButton.tabIndex = 0; this._internetTestDisabled = false; } }, ===================================== browser/components/torpreferences/content/loxInviteDialog.js ===================================== @@ -255,15 +255,11 @@ const gLoxInvites = { // When generating we use "aria-disabled" rather than the "disabled" // attribute so that the button can remain focusable whilst we generate // invites. - // NOTE: When we generate the invite the focus will move to the invite list, - // so it should be safe to make the button non-focusable in this case. - const spoofDisabled = this._generating; - this._generateButton.disabled = disabled && !spoofDisabled; - this._generateButton.classList.toggle( - "spoof-button-disabled", - spoofDisabled - ); - if (spoofDisabled) { + // TODO: Replace with moz-button when it handles this for us. See + // tor-browser#43275. + this._generateButton.classList.toggle("spoof-button-disabled", disabled); + this._generateButton.tabIndex = disabled ? -1 : 0; + if (disabled) { this._generateButton.setAttribute("aria-disabled", "true"); } else { this._generateButton.removeAttribute("aria-disabled"); ===================================== browser/components/torpreferences/content/provideBridgeDialog.js ===================================== @@ -215,7 +215,10 @@ const gProvideBridgeDialog = { this._acceptDisabled = disabled; // Spoof the button to look and act as if it is disabled, but still allow // keyboard focus so the user can sit on this button whilst we are loading. + // TODO: Replace with moz-button when it handles this for us. See + // tor-browser#43275. this._acceptButton.classList.toggle("spoof-button-disabled", disabled); + this._acceptButton.tabIndex = disabled ? -1 : 0; if (disabled) { this._acceptButton.setAttribute("aria-disabled", "true"); } else { ===================================== browser/components/torpreferences/content/provideBridgeDialog.xhtml ===================================== @@ -55,7 +55,6 @@ <html:span id="user-provide-bridge-error-message" role="alert" - aria-live="assertive" ></html:span> <img id="user-provide-bridge-loading-icon" ===================================== browser/components/torpreferences/content/torPreferences.css ===================================== @@ -6,7 +6,9 @@ } /* Make a button appear disabled, whilst still allowing it to keep keyboard - * focus. */ + * focus. + * TODO: Replace with moz-button when it handles this for us. See + * tor-browser#43275. */ button.spoof-button-disabled { /* Borrow the :disabled rule from common-shared.css */ opacity: 0.4; View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/b66037… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/b66037… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-128.4.0esr-14.5-1] fixup! Firefox preference overrides.
by morgan (＠morgan) 13 Nov '24

13 Nov '24

morgan pushed to branch mullvad-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Mullvad Browser Commits: b518f02a by Pier Angelo Vendrame at 2024-11-13T19:50:58+00:00 fixup! Firefox preference overrides. Bug 43165: Disable Microsoft SSO on macOS. - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -455,6 +455,9 @@ pref("network.http.referer.defaultPolicy.pbmode", 2); pref("network.http.referer.XOriginTrimmingPolicy", 2); // Bug 17228: Force trim referer to scheme+host+port in cross-origin requests // Bug 40463: Disable Windows SSO pref("network.http.windows-sso.enabled", false, locked); +// Bug 43165: Disable Microsoft SSO on macOS +pref("network.http.microsoft-entra-sso.enabled", false); +pref("network.microsoft-sso-authority-list", ""); // tor-browser#40424 pref("pdfjs.enableScripting", false); #if MOZ_UPDATE_CHANNEL == release View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/b51… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/b51… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-128.4.0esr-14.0-1] fixup! Firefox preference overrides.
by morgan (＠morgan) 13 Nov '24

13 Nov '24

morgan pushed to branch mullvad-browser-128.4.0esr-14.0-1 at The Tor Project / Applications / Mullvad Browser Commits: 3850c827 by Pier Angelo Vendrame at 2024-11-13T19:50:20+00:00 fixup! Firefox preference overrides. Bug 43165: Disable Microsoft SSO on macOS. - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -447,6 +447,9 @@ pref("network.http.referer.defaultPolicy.pbmode", 2); pref("network.http.referer.XOriginTrimmingPolicy", 2); // Bug 17228: Force trim referer to scheme+host+port in cross-origin requests // Bug 40463: Disable Windows SSO pref("network.http.windows-sso.enabled", false, locked); +// Bug 43165: Disable Microsoft SSO on macOS +pref("network.http.microsoft-entra-sso.enabled", false); +pref("network.microsoft-sso-authority-list", ""); // tor-browser#40424 pref("pdfjs.enableScripting", false); #if MOZ_UPDATE_CHANNEL == release View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/385… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/385… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.4.0esr-14.0-1] fixup! Firefox preference overrides.
by morgan (＠morgan) 13 Nov '24

13 Nov '24

morgan pushed to branch tor-browser-128.4.0esr-14.0-1 at The Tor Project / Applications / Tor Browser Commits: 47f93bf5 by Pier Angelo Vendrame at 2024-11-13T19:48:31+00:00 fixup! Firefox preference overrides. Bug 43165: Disable Microsoft SSO on macOS. - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -447,6 +447,9 @@ pref("network.http.referer.defaultPolicy.pbmode", 2); pref("network.http.referer.XOriginTrimmingPolicy", 2); // Bug 17228: Force trim referer to scheme+host+port in cross-origin requests // Bug 40463: Disable Windows SSO pref("network.http.windows-sso.enabled", false, locked); +// Bug 43165: Disable Microsoft SSO on macOS +pref("network.http.microsoft-entra-sso.enabled", false); +pref("network.microsoft-sso-authority-list", ""); // tor-browser#40424 pref("pdfjs.enableScripting", false); #if MOZ_UPDATE_CHANNEL == release View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/47f93bf… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/47f93bf… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-128.4.0esr-14.0-1] fixup! Firefox preference overrides.
by morgan (＠morgan) 13 Nov '24

13 Nov '24

morgan pushed to branch base-browser-128.4.0esr-14.0-1 at The Tor Project / Applications / Tor Browser Commits: ccf8f463 by Pier Angelo Vendrame at 2024-11-13T19:49:07+00:00 fixup! Firefox preference overrides. Bug 43165: Disable Microsoft SSO on macOS. - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -447,6 +447,9 @@ pref("network.http.referer.defaultPolicy.pbmode", 2); pref("network.http.referer.XOriginTrimmingPolicy", 2); // Bug 17228: Force trim referer to scheme+host+port in cross-origin requests // Bug 40463: Disable Windows SSO pref("network.http.windows-sso.enabled", false, locked); +// Bug 43165: Disable Microsoft SSO on macOS +pref("network.http.microsoft-entra-sso.enabled", false); +pref("network.microsoft-sso-authority-list", ""); // tor-browser#40424 pref("pdfjs.enableScripting", false); #if MOZ_UPDATE_CHANNEL == release View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/ccf8f46… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/ccf8f46… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-128.4.0esr-14.5-1] fixup! Firefox preference overrides.
by morgan (＠morgan) 13 Nov '24

13 Nov '24

morgan pushed to branch base-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: 729f901e by Pier Angelo Vendrame at 2024-11-13T19:47:49+00:00 fixup! Firefox preference overrides. Bug 43165: Disable Microsoft SSO on macOS. - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -455,6 +455,9 @@ pref("network.http.referer.defaultPolicy.pbmode", 2); pref("network.http.referer.XOriginTrimmingPolicy", 2); // Bug 17228: Force trim referer to scheme+host+port in cross-origin requests // Bug 40463: Disable Windows SSO pref("network.http.windows-sso.enabled", false, locked); +// Bug 43165: Disable Microsoft SSO on macOS +pref("network.http.microsoft-entra-sso.enabled", false); +pref("network.microsoft-sso-authority-list", ""); // tor-browser#40424 pref("pdfjs.enableScripting", false); #if MOZ_UPDATE_CHANNEL == release View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/729f901… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/729f901… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.4.0esr-14.5-1] fixup! Firefox preference overrides.
by morgan (＠morgan) 13 Nov '24

13 Nov '24

morgan pushed to branch tor-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: b66037f7 by Pier Angelo Vendrame at 2024-11-13T19:41:55+00:00 fixup! Firefox preference overrides. Bug 43165: Disable Microsoft SSO on macOS. - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -452,6 +452,9 @@ pref("network.http.referer.defaultPolicy.pbmode", 2); pref("network.http.referer.XOriginTrimmingPolicy", 2); // Bug 17228: Force trim referer to scheme+host+port in cross-origin requests // Bug 40463: Disable Windows SSO pref("network.http.windows-sso.enabled", false, locked); +// Bug 43165: Disable Microsoft SSO on macOS +pref("network.http.microsoft-entra-sso.enabled", false); +pref("network.microsoft-sso-authority-list", ""); // tor-browser#40424 pref("pdfjs.enableScripting", false); #if MOZ_UPDATE_CHANNEL == release View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/b66037f… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/b66037f… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag mb-14.0-build1
by morgan (＠morgan) 13 Nov '24

13 Nov '24

morgan pushed new tag mb-14.0-build1 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/mb-… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-14.0] Bug 41299: Prepare Mullvad Browser 14.0
by morgan (＠morgan) 13 Nov '24

13 Nov '24

morgan pushed to branch maint-14.0 at The Tor Project / Applications / tor-browser-build Commits: 0665c022 by Morgan at 2024-11-13T18:48:38+00:00 Bug 41299: Prepare Mullvad Browser 14.0 - - - - - 4 changed files: - projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt - projects/browser/config - projects/firefox/config - rbm.conf Changes: ===================================== projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt ===================================== @@ -1,3 +1,114 @@ +Mullvad Browser 14.0 - November 13 2024 + * All Platforms + * Updated Firefox to 128.4.0esr + * Updated NoScript to 11.5.2 + * Updated Mullvad Browser Extension to 0.9.3 + * Bug 328: Provide search engine icons [mullvad-browser] + * Bug 329: Remove the Security Levels icon from the toolbar [mullvad-browser] + * Bug 344: set media.navigator.enabled = true [mullvad-browser] + * Bug 349: Tidy up mullvad Fluent files [mullvad-browser] + * Bug 30543: compat: make spoofed orientation reflect spoofed screen dimensions [1607032 + 1918202] [tor-browser] + * Bug 30862: 10ms time precision via EXSLT date-time function [tor-browser] + * Bug 32668: NoScript default whitelist re-appears on clicking NoScript Options / Reset [tor-browser] + * Bug 40147: Re-enable Picture-in-Picture mode [tor-browser] + * Bug 41309: Re-enable screenshots component [tor-browser] + * Bug 41817: Add more color aliases that take dark mode into account [tor-browser] + * Bug 42070: Backport Bugzilla 1834307 and hide smooth-scroll UX [tor-browser] + * Bug 42255: pdfjs.disabled used to be part of RFP until Bug 1838415; lock pref to false in stable [tor-browser] + * Bug 42356: Review 000-tor-browser.js and 001-base-profile.js for 128 [tor-browser] + * Bug 42362: "New window" missing from File menu [tor-browser] + * Bug 42596: Several console errors: Console.maxLogLevelPref used with a non-existing pref: [tor-browser] + * Bug 42601: Check Bug 1894779: Allow font-face urls to be resource:// urls and relax CORS for resource:// URLs [tor-browser] + * Bug 42603: Remove safebrowsing URLs [tor-browser] + * Bug 42611: Set clipboard.imageAsFile.enabled to false [tor-browser] + * Bug 42617: Restore the HTML form on DDG when using safest in 128 [tor-browser] + * Bug 42630: Review LaterRun in 128 [tor-browser] + * Bug 42640: Disable Firefox Flame button due to unknown interactions with New Identity [tor-browser] + * Bug 42641: Move from panel-footer class to moz-button-group [tor-browser] + * Bug 42644: toolbar rules in panelUI-shared.css are unneccessary [tor-browser] + * Bug 42646: Remove migrations for security.certerrors.mitm.auto_enable_enterprise_roots [tor-browser] + * Bug 42647: "Switching to a new device" regressed on 128 [tor-browser] + * Bug 42653: The Neterror page has a checkbox to report iframe origin errors to TPO [tor-browser] + * Bug 42665: Drop "Learn More" spacing [tor-browser] + * Bug 42667: Add description-deemphasized class to our additions to about:preferences [tor-browser] + * Bug 42679: Use a more robust approach to hide the "tracking protection" urlbar button [tor-browser] + * Bug 42683: Create script to generate issue triage csv's from bugzilla query and git scraping [tor-browser] + * Bug 42684: Disable network prefetch [tor-browser] + * Bug 42685: compat: ESR128: enable textmetrics [tor-browser] + * Bug 42687: Disable Privacy-Preserving Attribution [tor-browser] + * Bug 42699: Drop level="top" attribute from panels [tor-browser] + * Bug 42704: Drop the badged="true" attribute from security level button [tor-browser] + * Bug 42705: Update our preferences to account for new line height [tor-browser] + * Bug 42718: Remove the firefox-view button from UI, even when always-on private-browsing mode is disabled [tor-browser] + * Bug 42730: Make RemoteSettings use only local dumps [tor-browser] + * Bug 42735: Disable recent search suggestions [tor-browser] + * Bug 42740: Stop trying to hide "Restore previous session" [tor-browser] + * Bug 42742: Inconsistent use of "New private window" vs "New window" [tor-browser] + * Bug 42745: Remove some residuals from update scripts [tor-browser] + * Bug 42764: Unconditionally disable find-bar transition animation [tor-browser] + * Bug 42777: Remove 'Website Privacy Preferences' and ensure sensible default prefs [tor-browser] + * Bug 42814: Opt out from Firefox relay by default. [tor-browser] + * Bug 42831: Remove the shopping components [tor-browser] + * Bug 42867: Disable contentRelevancy component [tor-browser] + * Bug 42872: Disable translations until audited and solved the UX problems [tor-browser] + * Bug 43054: check bounceTrackingProtection in PB mode does not persist to disk [tor-browser] + * Bug 43072: moz-message-bar does not get announced on Orca screen-reader [tor-browser] + * Bug 43083: Backport fix for Mozilla 1436462 [tor-browser] + * Bug 43103: Verify whether an update is unsupported before choosing one [tor-browser] + * Bug 43109: Remove mention of Firefox Relay from settings [tor-browser] + * Bug 43117: Hide 'Always underline links' option [tor-browser] + * Bug 43134: Backport Bugzilla 1436226 Hardcode VP8/VP9 [tor-browser] + * Bug 43144: Ensure non-privacy browsing also sets the GPC header [tor-browser] + * Bug 43163: Disable offscreen canvas until verified it is not fingerprintable [tor-browser] + * Bug 43164: Prevent search-bar from being auto-hidden when not used for awhile [tor-browser] + * Bug 43178: Audit fingerprinting overrides (MozBug 1834274) [tor-browser] + * Bug 43184: Backport Bugzilla 1922294: RFP: fixup square spoofed orientation [tor-browser] + * Bug 43197: Disable automatic exception for HTTPS-First [tor-browser] + * Bug 43209: UI freezes when clipboard is empty after screen lock [tor-browser] + * Bug 43217: Fullscreen videos have rounded letterboxing corners [tor-browser] + * Bug 43257: NoScript-blocked content placeholders causing slow downs [tor-browser] + * Bug 43258: NoScript Lifecycle error on extension updates [tor-browser] + * Bug 41248: Check and update bundled font versions [tor-browser-build] + * Windows + macOS + * Bug 43021: Revert the OS deprecation notification introduced in #42347 [tor-browser] + * Windows + * Bug 43051: windows: remove UI for "open Tor Browser automatically when computer starts" [tor-browser] + * macOS + * Bug 42494: mac: add Arial Black and Arial Narrow to allowlist [tor-browser] + * Linux + * Bug 42773: Replace ~ with the original HOME [tor-browser] + * Bug 43092: Disable Wayland by default in 14.0 [tor-browser] + * Bug 43101: Security features warning links to Firefox installation support page with incomplete info [tor-browser] + * Bug 43141: Hardcode Arimo as a system-ui font [tor-browser] + * Bug 43196: Remove the vendor name from the "is playing media" notification on Linux [tor-browser] + * Bug 41237: Add some aliases to our Linux font config for compatibility [tor-browser-build] + * Build System + * All Platforms + * Bug 43157: Move tb-dev to base-browser [tor-browser] + * Bug 41096: Set SOURCE_DATE_EPOCH in the default env variables [tor-browser-build] + * Bug 41155: Update toolchains for ESR128 [tor-browser-build] + * Bug 41156: Split the Rust configuration options [tor-browser-build] + * Bug 41176: Update list of people with github commit access in MB issue templates [tor-browser-build] + * Bug 41188: Upgrade binutils to 2.41 [tor-browser-build] + * Bug 41236: Remove binutils when not needed [tor-browser-build] + * Bug 41256: tools/signing/upload-update_responses-to-staticiforme should regenerate update-responses when it already exists [tor-browser-build] + * Bug 41259: Skip versions which don't set incremental_from when generating incrementals [tor-browser-build] + * Bug 41260: Don't set legacy version for Mullvad Browser [tor-browser-build] + * Bug 41274: Improve fetch_changelogs.py for major releases [tor-browser-build] + * Bug 41279: Add @pierov and @ma1 as new signers [tor-browser-build] + * Bug 41289: Fix single-browser in relprep.py [tor-browser-build] + * Windows + macOS + * Bug 41197: Modify update-responses to prevent upgrades on unsupported Windows and macOS versions [tor-browser-build] + * Windows + * Bug 29318: Drop mingw-w64/gcc toolchain [tor-browser-build] + * Bug 29320: Use mingw-w64/clang toolchain to build Rust [tor-browser-build] + * Bug 41296: Implement missing Windows headers required for building cross-compiling WebRTC with mingw [tor-browser-build] + * Linux + * Bug 41013: Add a README to each project [tor-browser-build] + * Bug 41222: link_old_mar_filenames still referenced in torbrowser-incrementals-{release,alpha}-unsigned [tor-browser-build] + * Bug 41243: Add own apparmor profile to deb package [tor-browser-build] + * Bug 41282: Add SSL to our custom Python for MozBug 1924022 [tor-browser-build] + Mullvad Browser 14.0a10 - November 01 2024 * All Platforms * Updated Firefox to 128.4.0esr ===================================== projects/browser/config ===================================== @@ -115,9 +115,9 @@ input_files: name: ublock-origin sha256sum: e2cda9b2a1b0a7f6e5ef0da9f87f28df52f8560587ba2e51a3003121cfb81600 enable: '[% c("var/mullvad-browser") %]' - - URL: https://cdn.mullvad.net/browser-extension/0.9.0/mullvad-browser-extension-0… + - URL: https://cdn.mullvad.net/browser-extension/0.9.3/mullvad-browser-extension-0… name: mullvad-extension - sha256sum: 65bf235aa1015054ae0a54a40c5a663e67fe1d0f0799e7b4726f98cccc7f3eab + sha256sum: fc6bc7c850adf8845fec15b7ea06324f65f843155e2cc5dbd8719e34436512af enable: '[% c("var/mullvad-browser") %]' - filename: 'gtk3-settings.ini' enable: '[% c("var/linux") %]' ===================================== projects/firefox/config ===================================== @@ -107,6 +107,7 @@ targets: gitlab_project: https://gitlab.torproject.org/tpo/applications/mullvad-browser updater_url: 'https://cdn.mullvad.net/browser/update_responses/update_1/' nightly_updates_publish_dir_prefix: mullvadbrowser- + browser_build: 2 linux-x86_64: var: ===================================== rbm.conf ===================================== @@ -73,21 +73,20 @@ buildconf: git_signtag_opt: '-s' var: - torbrowser_version: '[% IF c("var/tor-browser") %]14.0.2[% ELSE %]14.0a10[% END %]' + torbrowser_version: '[% IF c("var/tor-browser") %]14.0.2[% ELSE %]14.0[% END %]' torbrowser_build: 'build1' # This should be the date of when the build is started. For the build # to be reproducible, browser_release_date should always be in the past. - browser_release_date: '2024/11/12 18:50:24' + browser_release_date: '2024/11/12 20:16:21' browser_release_date_timestamp: '[% USE date; date.format(c("var/browser_release_date"), "%s") %]' updater_enabled: 1 build_mar: 1 torbrowser_incremental_from: - - '[% IF c("var/mullvad-browser") %]14.0a9[% END %]' - - '[% IF c("var/mullvad-browser") %]14.0a8[% END %]' - - '[% IF c("var/mullvad-browser") %]14.0a7[% END %]' - '[% IF c("var/tor-browser") %]14.0.1[% END %]' - '[% IF c("var/tor-browser") %]14.0[% END %]' - - '[% IF c("var/tor-browser") %]13.5.7[% END %]' + - '[% IF c("var/mullvad-browser") %]13.5.9[% END %]' + - '13.5.7' + - '[% IF c("var/mullvad-browser") %]13.5.6[% END %]' mar_channel_id: '[% c("var/projectname") %]-torproject-[% c("var/channel") %]' torbrowser_legacy_version: 13.5.9 View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/0… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/0… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-14.0] Bug 41299: Prepare Mullvad Browser 14.0.2
by morgan (＠morgan) 13 Nov '24

13 Nov '24

morgan pushed to branch maint-14.0 at The Tor Project / Applications / tor-browser-build Commits: fd194a5d by Morgan at 2024-11-13T18:08:55+00:00 Bug 41299: Prepare Mullvad Browser 14.0.2 - - - - - 4 changed files: - projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt - projects/browser/config - projects/firefox/config - rbm.conf Changes: ===================================== projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt ===================================== @@ -1,3 +1,114 @@ +Mullvad Browser 14.0 - November 13 2024 + * All Platforms + * Updated Firefox to 128.4.0esr + * Updated NoScript to 11.5.2 + * Updated Mullvad Browser Extension to 0.9.3 + * Bug 328: Provide search engine icons [mullvad-browser] + * Bug 329: Remove the Security Levels icon from the toolbar [mullvad-browser] + * Bug 344: set media.navigator.enabled = true [mullvad-browser] + * Bug 349: Tidy up mullvad Fluent files [mullvad-browser] + * Bug 30543: compat: make spoofed orientation reflect spoofed screen dimensions [1607032 + 1918202] [tor-browser] + * Bug 30862: 10ms time precision via EXSLT date-time function [tor-browser] + * Bug 32668: NoScript default whitelist re-appears on clicking NoScript Options / Reset [tor-browser] + * Bug 40147: Re-enable Picture-in-Picture mode [tor-browser] + * Bug 41309: Re-enable screenshots component [tor-browser] + * Bug 41817: Add more color aliases that take dark mode into account [tor-browser] + * Bug 42070: Backport Bugzilla 1834307 and hide smooth-scroll UX [tor-browser] + * Bug 42255: pdfjs.disabled used to be part of RFP until Bug 1838415; lock pref to false in stable [tor-browser] + * Bug 42356: Review 000-tor-browser.js and 001-base-profile.js for 128 [tor-browser] + * Bug 42362: "New window" missing from File menu [tor-browser] + * Bug 42596: Several console errors: Console.maxLogLevelPref used with a non-existing pref: [tor-browser] + * Bug 42601: Check Bug 1894779: Allow font-face urls to be resource:// urls and relax CORS for resource:// URLs [tor-browser] + * Bug 42603: Remove safebrowsing URLs [tor-browser] + * Bug 42611: Set clipboard.imageAsFile.enabled to false [tor-browser] + * Bug 42617: Restore the HTML form on DDG when using safest in 128 [tor-browser] + * Bug 42630: Review LaterRun in 128 [tor-browser] + * Bug 42640: Disable Firefox Flame button due to unknown interactions with New Identity [tor-browser] + * Bug 42641: Move from panel-footer class to moz-button-group [tor-browser] + * Bug 42644: toolbar rules in panelUI-shared.css are unneccessary [tor-browser] + * Bug 42646: Remove migrations for security.certerrors.mitm.auto_enable_enterprise_roots [tor-browser] + * Bug 42647: "Switching to a new device" regressed on 128 [tor-browser] + * Bug 42653: The Neterror page has a checkbox to report iframe origin errors to TPO [tor-browser] + * Bug 42665: Drop "Learn More" spacing [tor-browser] + * Bug 42667: Add description-deemphasized class to our additions to about:preferences [tor-browser] + * Bug 42679: Use a more robust approach to hide the "tracking protection" urlbar button [tor-browser] + * Bug 42683: Create script to generate issue triage csv's from bugzilla query and git scraping [tor-browser] + * Bug 42684: Disable network prefetch [tor-browser] + * Bug 42685: compat: ESR128: enable textmetrics [tor-browser] + * Bug 42687: Disable Privacy-Preserving Attribution [tor-browser] + * Bug 42699: Drop level="top" attribute from panels [tor-browser] + * Bug 42704: Drop the badged="true" attribute from security level button [tor-browser] + * Bug 42705: Update our preferences to account for new line height [tor-browser] + * Bug 42718: Remove the firefox-view button from UI, even when always-on private-browsing mode is disabled [tor-browser] + * Bug 42730: Make RemoteSettings use only local dumps [tor-browser] + * Bug 42735: Disable recent search suggestions [tor-browser] + * Bug 42740: Stop trying to hide "Restore previous session" [tor-browser] + * Bug 42742: Inconsistent use of "New private window" vs "New window" [tor-browser] + * Bug 42745: Remove some residuals from update scripts [tor-browser] + * Bug 42764: Unconditionally disable find-bar transition animation [tor-browser] + * Bug 42777: Remove 'Website Privacy Preferences' and ensure sensible default prefs [tor-browser] + * Bug 42814: Opt out from Firefox relay by default. [tor-browser] + * Bug 42831: Remove the shopping components [tor-browser] + * Bug 42867: Disable contentRelevancy component [tor-browser] + * Bug 42872: Disable translations until audited and solved the UX problems [tor-browser] + * Bug 43054: check bounceTrackingProtection in PB mode does not persist to disk [tor-browser] + * Bug 43072: moz-message-bar does not get announced on Orca screen-reader [tor-browser] + * Bug 43083: Backport fix for Mozilla 1436462 [tor-browser] + * Bug 43103: Verify whether an update is unsupported before choosing one [tor-browser] + * Bug 43109: Remove mention of Firefox Relay from settings [tor-browser] + * Bug 43117: Hide 'Always underline links' option [tor-browser] + * Bug 43134: Backport Bugzilla 1436226 Hardcode VP8/VP9 [tor-browser] + * Bug 43144: Ensure non-privacy browsing also sets the GPC header [tor-browser] + * Bug 43163: Disable offscreen canvas until verified it is not fingerprintable [tor-browser] + * Bug 43164: Prevent search-bar from being auto-hidden when not used for awhile [tor-browser] + * Bug 43178: Audit fingerprinting overrides (MozBug 1834274) [tor-browser] + * Bug 43184: Backport Bugzilla 1922294: RFP: fixup square spoofed orientation [tor-browser] + * Bug 43197: Disable automatic exception for HTTPS-First [tor-browser] + * Bug 43209: UI freezes when clipboard is empty after screen lock [tor-browser] + * Bug 43217: Fullscreen videos have rounded letterboxing corners [tor-browser] + * Bug 43257: NoScript-blocked content placeholders causing slow downs [tor-browser] + * Bug 43258: NoScript Lifecycle error on extension updates [tor-browser] + * Bug 41248: Check and update bundled font versions [tor-browser-build] + * Windows + macOS + * Bug 43021: Revert the OS deprecation notification introduced in #42347 [tor-browser] + * Windows + * Bug 43051: windows: remove UI for "open Tor Browser automatically when computer starts" [tor-browser] + * macOS + * Bug 42494: mac: add Arial Black and Arial Narrow to allowlist [tor-browser] + * Linux + * Bug 42773: Replace ~ with the original HOME [tor-browser] + * Bug 43092: Disable Wayland by default in 14.0 [tor-browser] + * Bug 43101: Security features warning links to Firefox installation support page with incomplete info [tor-browser] + * Bug 43141: Hardcode Arimo as a system-ui font [tor-browser] + * Bug 43196: Remove the vendor name from the "is playing media" notification on Linux [tor-browser] + * Bug 41237: Add some aliases to our Linux font config for compatibility [tor-browser-build] + * Build System + * All Platforms + * Bug 43157: Move tb-dev to base-browser [tor-browser] + * Bug 41096: Set SOURCE_DATE_EPOCH in the default env variables [tor-browser-build] + * Bug 41155: Update toolchains for ESR128 [tor-browser-build] + * Bug 41156: Split the Rust configuration options [tor-browser-build] + * Bug 41176: Update list of people with github commit access in MB issue templates [tor-browser-build] + * Bug 41188: Upgrade binutils to 2.41 [tor-browser-build] + * Bug 41236: Remove binutils when not needed [tor-browser-build] + * Bug 41256: tools/signing/upload-update_responses-to-staticiforme should regenerate update-responses when it already exists [tor-browser-build] + * Bug 41259: Skip versions which don't set incremental_from when generating incrementals [tor-browser-build] + * Bug 41260: Don't set legacy version for Mullvad Browser [tor-browser-build] + * Bug 41274: Improve fetch_changelogs.py for major releases [tor-browser-build] + * Bug 41279: Add @pierov and @ma1 as new signers [tor-browser-build] + * Bug 41289: Fix single-browser in relprep.py [tor-browser-build] + * Windows + macOS + * Bug 41197: Modify update-responses to prevent upgrades on unsupported Windows and macOS versions [tor-browser-build] + * Windows + * Bug 29318: Drop mingw-w64/gcc toolchain [tor-browser-build] + * Bug 29320: Use mingw-w64/clang toolchain to build Rust [tor-browser-build] + * Bug 41296: Implement missing Windows headers required for building cross-compiling WebRTC with mingw [tor-browser-build] + * Linux + * Bug 41013: Add a README to each project [tor-browser-build] + * Bug 41222: link_old_mar_filenames still referenced in torbrowser-incrementals-{release,alpha}-unsigned [tor-browser-build] + * Bug 41243: Add own apparmor profile to deb package [tor-browser-build] + * Bug 41282: Add SSL to our custom Python for MozBug 1924022 [tor-browser-build] + Mullvad Browser 14.0a10 - November 01 2024 * All Platforms * Updated Firefox to 128.4.0esr ===================================== projects/browser/config ===================================== @@ -115,9 +115,9 @@ input_files: name: ublock-origin sha256sum: e2cda9b2a1b0a7f6e5ef0da9f87f28df52f8560587ba2e51a3003121cfb81600 enable: '[% c("var/mullvad-browser") %]' - - URL: https://cdn.mullvad.net/browser-extension/0.9.0/mullvad-browser-extension-0… + - URL: https://cdn.mullvad.net/browser-extension/0.9.3/mullvad-browser-extension-0… name: mullvad-extension - sha256sum: 65bf235aa1015054ae0a54a40c5a663e67fe1d0f0799e7b4726f98cccc7f3eab + sha256sum: fc6bc7c850adf8845fec15b7ea06324f65f843155e2cc5dbd8719e34436512af enable: '[% c("var/mullvad-browser") %]' - filename: 'gtk3-settings.ini' enable: '[% c("var/linux") %]' ===================================== projects/firefox/config ===================================== @@ -107,6 +107,7 @@ targets: gitlab_project: https://gitlab.torproject.org/tpo/applications/mullvad-browser updater_url: 'https://cdn.mullvad.net/browser/update_responses/update_1/' nightly_updates_publish_dir_prefix: mullvadbrowser- + browser_build: 2 linux-x86_64: var: ===================================== rbm.conf ===================================== @@ -73,21 +73,20 @@ buildconf: git_signtag_opt: '-s' var: - torbrowser_version: '[% IF c("var/tor-browser") %]14.0.2[% ELSE %]14.0a10[% END %]' + torbrowser_version: '[% IF c("var/tor-browser") %]14.0.2[% ELSE %]14.0[% END %]' torbrowser_build: 'build1' # This should be the date of when the build is started. For the build # to be reproducible, browser_release_date should always be in the past. - browser_release_date: '2024/11/12 18:50:24' + browser_release_date: '2024/11/12 20:16:21' browser_release_date_timestamp: '[% USE date; date.format(c("var/browser_release_date"), "%s") %]' updater_enabled: 1 build_mar: 1 torbrowser_incremental_from: - - '[% IF c("var/mullvad-browser") %]14.0a9[% END %]' - - '[% IF c("var/mullvad-browser") %]14.0a8[% END %]' - - '[% IF c("var/mullvad-browser") %]14.0a7[% END %]' - '[% IF c("var/tor-browser") %]14.0.1[% END %]' - '[% IF c("var/tor-browser") %]14.0[% END %]' - - '[% IF c("var/tor-browser") %]13.5.7[% END %]' + - '[% IF c("var/mullvad-browser") %]13.5.9[% END %]' + - '13.5.7' + - '[% IF c("var/mullvad-browser") %]13.5.6[% END %]' mar_channel_id: '[% c("var/projectname") %]-torproject-[% c("var/channel") %]' torbrowser_legacy_version: 13.5.9 View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/f… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/f… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-update-responses][main] release: new version, 14.0.2
by morgan (＠morgan) 13 Nov '24

13 Nov '24

morgan pushed to branch main at The Tor Project / Applications / Tor Browser update responses Commits: 1d015e75 by Morgan at 2024-11-13T17:55:05+00:00 release: new version, 14.0.2 - - - - - 30 changed files: - update_3/release/.htaccess - update_3/release/13.5.5-14.0.1+13.5.9-linux-i686-ALL.xml → update_3/release/13.5.5-14.0.2+13.5.9-linux-i686-ALL.xml - update_3/release/13.5.5-14.0.1+13.5.9-linux-x86_64-ALL.xml → update_3/release/13.5.5-14.0.2+13.5.9-linux-x86_64-ALL.xml - update_3/release/13.5.5-14.0.1+13.5.9-macos-ALL.xml → update_3/release/13.5.5-14.0.2+13.5.9-macos-ALL.xml - update_3/release/13.5.5-14.0.1+13.5.9-windows-i686-ALL.xml → update_3/release/13.5.5-14.0.2+13.5.9-windows-i686-ALL.xml - update_3/release/13.5.5-14.0.1+13.5.9-windows-x86_64-ALL.xml → update_3/release/13.5.5-14.0.2+13.5.9-windows-x86_64-ALL.xml - update_3/release/13.5.6-14.0.1+13.5.9-linux-i686-ALL.xml → update_3/release/13.5.6-14.0.2+13.5.9-linux-i686-ALL.xml - update_3/release/13.5.6-14.0.1+13.5.9-linux-x86_64-ALL.xml → update_3/release/13.5.6-14.0.2+13.5.9-linux-x86_64-ALL.xml - update_3/release/13.5.6-14.0.1+13.5.9-macos-ALL.xml → update_3/release/13.5.6-14.0.2+13.5.9-macos-ALL.xml - update_3/release/13.5.6-14.0.1+13.5.9-windows-i686-ALL.xml → update_3/release/13.5.6-14.0.2+13.5.9-windows-i686-ALL.xml - update_3/release/13.5.6-14.0.1+13.5.9-windows-x86_64-ALL.xml → update_3/release/13.5.6-14.0.2+13.5.9-windows-x86_64-ALL.xml - update_3/release/13.5.7-14.0.1+13.5.9-linux-i686-ALL.xml → update_3/release/13.5.7-14.0.2+13.5.9-linux-i686-ALL.xml - update_3/release/13.5.7-14.0.1+13.5.9-linux-x86_64-ALL.xml → update_3/release/13.5.7-14.0.2+13.5.9-linux-x86_64-ALL.xml - update_3/release/13.5.7-14.0.1+13.5.9-macos-ALL.xml → update_3/release/13.5.7-14.0.2+13.5.9-macos-ALL.xml - update_3/release/13.5.7-14.0.1+13.5.9-windows-i686-ALL.xml → update_3/release/13.5.7-14.0.2+13.5.9-windows-i686-ALL.xml - update_3/release/13.5.7-14.0.1+13.5.9-windows-x86_64-ALL.xml → update_3/release/13.5.7-14.0.2+13.5.9-windows-x86_64-ALL.xml - update_3/release/14.0-14.0.1+13.5.9-linux-i686-ALL.xml → update_3/release/14.0-14.0.2+13.5.9-linux-i686-ALL.xml - update_3/release/14.0-14.0.1+13.5.9-linux-x86_64-ALL.xml → update_3/release/14.0-14.0.2+13.5.9-linux-x86_64-ALL.xml - update_3/release/14.0-14.0.1+13.5.9-macos-ALL.xml → update_3/release/14.0-14.0.2+13.5.9-macos-ALL.xml - update_3/release/14.0-14.0.1+13.5.9-windows-i686-ALL.xml → update_3/release/14.0-14.0.2+13.5.9-windows-i686-ALL.xml - update_3/release/14.0-14.0.1+13.5.9-windows-x86_64-ALL.xml → update_3/release/14.0-14.0.2+13.5.9-windows-x86_64-ALL.xml - + update_3/release/14.0.1-14.0.2+13.5.9-linux-i686-ALL.xml - + update_3/release/14.0.1-14.0.2+13.5.9-linux-x86_64-ALL.xml - + update_3/release/14.0.1-14.0.2+13.5.9-macos-ALL.xml - + update_3/release/14.0.1-14.0.2+13.5.9-windows-i686-ALL.xml - + update_3/release/14.0.1-14.0.2+13.5.9-windows-x86_64-ALL.xml - update_3/release/14.0.1+13.5.9-linux-i686-ALL.xml → update_3/release/14.0.2+13.5.9-linux-i686-ALL.xml - update_3/release/14.0.1+13.5.9-linux-x86_64-ALL.xml → update_3/release/14.0.2+13.5.9-linux-x86_64-ALL.xml - update_3/release/14.0.1+13.5.9-macos-ALL.xml → update_3/release/14.0.2+13.5.9-macos-ALL.xml - update_3/release/14.0.1+13.5.9-windows-i686-ALL.xml → update_3/release/14.0.2+13.5.9-windows-i686-ALL.xml The diff was not included because it is too large. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.4.0esr-14.5-1] 2 commits: fixup! Bug 40458: Implement .tor.onion aliases
by Pier Angelo Vendrame (＠pierov) 13 Nov '24

13 Nov '24

Pier Angelo Vendrame pushed to branch tor-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: 2ec9bfd0 by Henry Wilkes at 2024-11-13T16:42:16+00:00 fixup! Bug 40458: Implement .tor.onion aliases Bug 43294: Replace willDestroy with didDestroy. - - - - - 1d5bf97c by Henry Wilkes at 2024-11-13T16:42:46+00:00 fixup! Bug 27476: Implement about:torconnect captive portal within Tor Browser Bug 43294: Replace willDestroy with didDestroy. - - - - - 2 changed files: - browser/components/rulesets/RulesetsParent.sys.mjs - toolkit/components/torconnect/TorConnectParent.sys.mjs Changes: ===================================== browser/components/rulesets/RulesetsParent.sys.mjs ===================================== @@ -30,7 +30,7 @@ export class RulesetsParent extends JSWindowActorParent { ); } - willDestroy() { + didDestroy() { Services.obs.removeObserver( this.observer, OnionAliasStoreTopics.ChannelsChanged ===================================== toolkit/components/torconnect/TorConnectParent.sys.mjs ===================================== @@ -77,7 +77,7 @@ export class TorConnectParent extends JSWindowActorParent { ); } - willDestroy() { + didDestroy() { Services.obs.removeObserver( this.torConnectObserver, TorConnectTopics.StageChange View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/1f6fc0… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/1f6fc0… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.4.0esr-14.5-1] 17 commits: fixup! Bug 40597: Implement TorSettings module
by Pier Angelo Vendrame (＠pierov) 13 Nov '24

13 Nov '24

Pier Angelo Vendrame pushed to branch tor-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: 8fee92cd by Henry Wilkes at 2024-11-13T08:23:22+00:00 fixup! Bug 40597: Implement TorSettings module Bug 41710: Move bootstrapping attempts into a new class. We copy the logic from "BootstrappingState" and "AutoBootstrappingState" into "BootstrappingAttempt" and "AutoBootstrappingAttempt". The main difference is that we can do the following: ``` bootstrapAttempt = new BootstrapAttempt(); bootstrapResult = await bootstrapAttempt.run(); // ... bootstrapAttempt.cancel(); ``` rather than using the "StateCallback" class, which requires some complicated state management. Moreover, "AutoBootstrappingAttempt" will use "BootstrappingAttempt" for each of its attempts. So the logic for bootstrapping can be kept in one place. Some other changes: 1. Censorship simulation will no longer necessarily avoid the Moat calls, so these can be tested. 2. It would be possible to perform the internet test when auto-bootstrapping as well. 3. When auto-bootstrapping, if "Bootstrapping" produces an error other than a "BootstrapError", we can end it early. 4. No longer set TorConnect internals. 5. More fine-grained control over censorship simulation and offline simulation. - - - - - 1086febd by Henry Wilkes at 2024-11-13T08:23:22+00:00 fixup! Bug 40597: Implement TorSettings module Bug 41710: Remove StateCallback. - - - - - 55d915e5 by Henry Wilkes at 2024-11-13T08:23:22+00:00 fixup! Bug 40597: Implement TorSettings module Bug 41710: Return early from TorConnect.init if not enabled. - - - - - 802af522 by Henry Wilkes at 2024-11-13T08:23:22+00:00 fixup! Bug 40597: Implement TorSettings module Bug 41710: Replace StateCallback in TorConnect. Instead of managing the abstract "State" we directly manager the user "Stage". We provide backward compatibility with the "State" for android and about:torconnect. Eventually this logic can be dropped from these endpoints and they can listen for changes in the "Stage" instead. The behaviour for about:torconnect is mostly the same as before, with some exceptions: 1. If the user sees the "Offline" state, and starts and cancels the bootstrap, they should return the to the "Offline" state, rather than "ConnectToTor". 2. Trying to start a bootstrap via the UI before the settings have loaded will do nothing. 3. Pressing a breadcrumb whilst bootstrapping will now also cancel the bootstrap. - - - - - cc17defe by Henry Wilkes at 2024-11-13T08:23:22+00:00 fixup! Bug 27476: Implement about:torconnect captive portal within Tor Browser Bug 42550 - Switch about:torconnect to use TorConnect.stage to control the shown stage and sync pages. Now TorConnect entirely controls which stage should be shown to the user, and "about:torconnect" simply relays the user actions up to TorConnect to handle. In particular, we stop sending out "torconnect:broadcast-user-action" to sync pages. We also show "Try Again" if the user cancels the first bootstrap attempt without an error. We also do not try and sync the selected region between pages. However all pages should still show the *actually* submitted region after a bootstrap fails. E.g. to confirm their location. We also allow the user to re-select "Automatic" when they use breadcrumbs to go back a stage. Also change gTorConnectTitlebarStatus and gTorConnectUrlbarButton to use TorConnectStage. - - - - - 771381c5 by Henry Wilkes at 2024-11-13T08:23:22+00:00 fixup! Bug 40597: Implement TorSettings module Bug 41710: Switch TorConnect.openTorConnect to use new methods. - - - - - fafc6ff3 by Henry Wilkes at 2024-11-13T08:23:22+00:00 fixup! Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection Bug 41710: Switch from TorConnect.state to TorConnect.stage. - - - - - 2ddd2029 by Henry Wilkes at 2024-11-13T08:23:22+00:00 fixup! Bug 40597: Implement TorSettings module Bug 41710: Remove unused TorConnect properties. - - - - - 3a27b920 by Henry Wilkes at 2024-11-13T08:23:22+00:00 fixup! Bug 42247: Android helpers for the TorProvider Bug 41710: Switch Android to new TorConnect methods and add TODOs. - - - - - 4aa64ccc by Henry Wilkes at 2024-11-13T08:23:22+00:00 fixup! Lox integration Bug 41710: Switch from TorConnectState to TorConnectStage. - - - - - 56837486 by Henry Wilkes at 2024-11-13T08:23:22+00:00 fixup! Bug 27476: Implement about:torconnect captive portal within Tor Browser Bug 41710: Move viewTorLogs and openTorPreferences to TorConnectParent. - - - - - ebe8a652 by Henry Wilkes at 2024-11-13T08:23:22+00:00 fixup! Bug 40597: Implement TorSettings module Bug 41710: Move viewTorLogs to TorConnectParent. - - - - - 8f95d948 by Henry Wilkes at 2024-11-13T08:23:22+00:00 fixup! [android] Enable the connect assist experiments on alpha Bug 41710: Remove onSettingsRequested. - - - - - bba68db8 by Henry Wilkes at 2024-11-13T08:23:22+00:00 fixup! [android] Add Tor integration and UI Bug 41710: Remove onSettingsRequested. - - - - - a6be0160 by Henry Wilkes at 2024-11-13T08:23:22+00:00 fixup! Temporary changes to about:torconnect for Android. Bug 41710: Remove onSettingsRequested. TorConnect.openTorPreferences was removed. - - - - - be125ecd by Henry Wilkes at 2024-11-13T08:23:22+00:00 fixup! Bug 40597: Implement TorSettings module Bug 41710: Remove the beginBootstrap, beginAutoBootstrap, and cancelBootstrap methods. - - - - - 1f6fc087 by Henry Wilkes at 2024-11-13T08:23:22+00:00 fixup! [android] Add Tor integration and UI Bug 41710: Fix onBootstrapProgress for new TorConnect. The bootstrap progress signal is now released every time the stage changes. - - - - - 18 changed files: - browser/base/content/browser.js - browser/base/content/browser.js.globals - browser/components/torpreferences/content/builtinBridgeDialog.js - browser/components/torpreferences/content/connectionPane.js - browser/components/torpreferences/content/provideBridgeDialog.js - browser/components/torpreferences/content/requestBridgeDialog.js - mobile/android/fenix/app/src/main/java/org/mozilla/fenix/HomeActivity.kt - mobile/android/fenix/app/src/main/java/org/mozilla/fenix/tor/TorControllerGV.kt - mobile/android/geckoview/src/main/java/org/mozilla/geckoview/TorIntegrationAndroid.java - toolkit/components/lox/Lox.sys.mjs - toolkit/components/torconnect/TorConnectChild.sys.mjs - toolkit/components/torconnect/TorConnectParent.sys.mjs - toolkit/components/torconnect/content/aboutTorConnect.js - toolkit/components/torconnect/content/torConnectTitlebarStatus.js - toolkit/components/torconnect/content/torConnectUrlbarButton.js - toolkit/modules/RemotePageAccessManager.sys.mjs - toolkit/modules/TorAndroidIntegration.sys.mjs - toolkit/modules/TorConnect.sys.mjs Changes: ===================================== browser/base/content/browser.js ===================================== @@ -85,7 +85,7 @@ ChromeUtils.defineESModuleGetters(this, { TelemetryEnvironment: "resource://gre/modules/TelemetryEnvironment.sys.mjs", TorDomainIsolator: "resource://gre/modules/TorDomainIsolator.sys.mjs", TorConnect: "resource://gre/modules/TorConnect.sys.mjs", - TorConnectState: "resource://gre/modules/TorConnect.sys.mjs", + TorConnectStage: "resource://gre/modules/TorConnect.sys.mjs", TorConnectTopics: "resource://gre/modules/TorConnect.sys.mjs", TorUIUtils: "resource:///modules/TorUIUtils.sys.mjs", TranslationsParent: "resource://gre/actors/TranslationsParent.sys.mjs", ===================================== browser/base/content/browser.js.globals ===================================== @@ -276,7 +276,7 @@ "TorDomainIsolator", "gTorCircuitPanel", "TorConnect", - "TorConnectState", + "TorConnectStage", "TorConnectTopics", "gTorConnectUrlbarButton", "gTorConnectTitlebarStatus", ===================================== browser/components/torpreferences/content/builtinBridgeDialog.js ===================================== @@ -79,14 +79,14 @@ const gBuiltinBridgeDialog = { this._acceptButton = dialog.getButton("accept"); - Services.obs.addObserver(this, TorConnectTopics.StateChange); + Services.obs.addObserver(this, TorConnectTopics.StageChange); this.onSelectChange(); this.onAcceptStateChange(); }, uninit() { - Services.obs.removeObserver(this, TorConnectTopics.StateChange); + Services.obs.removeObserver(this, TorConnectTopics.StageChange); }, onSelectChange() { @@ -107,7 +107,7 @@ const gBuiltinBridgeDialog = { observe(subject, topic) { switch (topic) { - case TorConnectTopics.StateChange: + case TorConnectTopics.StageChange: this.onAcceptStateChange(); break; } ===================================== browser/components/torpreferences/content/connectionPane.js ===================================== @@ -22,7 +22,7 @@ const { TorProviderBuilder, TorProviderTopics } = ChromeUtils.importESModule( "resource://gre/modules/TorProviderBuilder.sys.mjs" ); -const { TorConnect, TorConnectTopics, TorConnectState, TorCensorshipLevel } = +const { TorConnect, TorConnectTopics, TorConnectStage, TorCensorshipLevel } = ChromeUtils.importESModule("resource://gre/modules/TorConnect.sys.mjs"); const { MoatRPC } = ChromeUtils.importESModule( @@ -2195,18 +2195,7 @@ const gBridgeSettings = { // Start Bootstrapping, which should use the configured bridges. // NOTE: We do this regardless of any previous TorConnect Error. - if (TorConnect.canBeginBootstrap) { - TorConnect.beginBootstrap(); - } - // Open "about:torconnect". - // FIXME: If there has been a previous bootstrapping error then - // "about:torconnect" will be trying to get the user to use - // AutoBootstrapping. It is not set up to handle a forced direct - // entry to plain Bootstrapping from this dialog so the UI will - // not be aligned. In particular the - // AboutTorConnect.uiState.bootstrapCause will be aligned to - // whatever was shown previously in "about:torconnect" instead. - TorConnect.openTorConnect(); + TorConnect.openTorConnect({ beginBootstrapping: "hard" }); }); }, // closedCallback should be called after gSubDialog has already @@ -2322,27 +2311,27 @@ const gNetworkStatus = { "network-status-tor-connect-button" ); this._torConnectButton.addEventListener("click", () => { - TorConnect.openTorConnect({ beginBootstrap: true }); + TorConnect.openTorConnect({ beginBootstrapping: "soft" }); }); this._updateInternetStatus("unknown"); this._updateTorConnectionStatus(); - Services.obs.addObserver(this, TorConnectTopics.StateChange); + Services.obs.addObserver(this, TorConnectTopics.StageChange); }, /** * Un-initialize the area. */ uninit() { - Services.obs.removeObserver(this, TorConnectTopics.StateChange); + Services.obs.removeObserver(this, TorConnectTopics.StageChange); }, observe(subject, topic) { switch (topic) { // triggered when tor connect state changes and we may // need to update the messagebox - case TorConnectTopics.StateChange: { + case TorConnectTopics.StageChange: { this._updateTorConnectionStatus(); break; } @@ -2433,7 +2422,8 @@ const gNetworkStatus = { const buttonHadFocus = this._torConnectButton.contains( document.activeElement ); - const isBootstrapped = TorConnect.state === TorConnectState.Bootstrapped; + const isBootstrapped = + TorConnect.stageName === TorConnectStage.Bootstrapped; const isBlocked = !isBootstrapped && TorConnect.potentiallyBlocked; let l10nId; if (isBootstrapped) { @@ -2527,7 +2517,8 @@ const gConnectionPane = (function () { ); chooseForMe.addEventListener("command", () => { TorConnect.openTorConnect({ - beginAutoBootstrap: location.value, + beginBootstrapping: "hard", + regionCode: location.value, }); }); this._populateLocations = () => { @@ -2558,7 +2549,7 @@ const gConnectionPane = (function () { locationEntries.append(...items); }; locationEntries.append( - createItem("", TorStrings.settings.bridgeLocationAutomatic) + createItem("automatic", TorStrings.settings.bridgeLocationAutomatic) ); if (TorConnect.countryCodes.length) { locationEntries.append( @@ -2607,7 +2598,7 @@ const gConnectionPane = (function () { this.onViewTorLogs(); }); - Services.obs.addObserver(this, TorConnectTopics.StateChange); + Services.obs.addObserver(this, TorConnectTopics.StageChange); }, init() { @@ -2629,7 +2620,7 @@ const gConnectionPane = (function () { // unregister our observer topics Services.obs.removeObserver(this, TorSettingsTopics.SettingsChanged); - Services.obs.removeObserver(this, TorConnectTopics.StateChange); + Services.obs.removeObserver(this, TorConnectTopics.StageChange); }, // whether the page should be present in about:preferences @@ -2653,7 +2644,7 @@ const gConnectionPane = (function () { } // triggered when tor connect state changes and we may // need to update the messagebox - case TorConnectTopics.StateChange: { + case TorConnectTopics.StageChange: { this._showAutoconfiguration(); break; } ===================================== browser/components/torpreferences/content/provideBridgeDialog.js ===================================== @@ -128,14 +128,14 @@ const gProvideBridgeDialog = { this.onDialogAccept(event) ); - Services.obs.addObserver(this, TorConnectTopics.StateChange); + Services.obs.addObserver(this, TorConnectTopics.StageChange); this.setPage("entry"); this.checkValue(); }, uninit() { - Services.obs.removeObserver(this, TorConnectTopics.StateChange); + Services.obs.removeObserver(this, TorConnectTopics.StageChange); }, /** @@ -512,7 +512,7 @@ const gProvideBridgeDialog = { observe(subject, topic) { switch (topic) { - case TorConnectTopics.StateChange: + case TorConnectTopics.StageChange: this.onAcceptStateChange(); break; } ===================================== browser/components/torpreferences/content/requestBridgeDialog.js ===================================== @@ -91,14 +91,14 @@ const gRequestBridgeDialog = { selectors.incorrectCaptchaHbox ); - Services.obs.addObserver(this, TorConnectTopics.StateChange); + Services.obs.addObserver(this, TorConnectTopics.StageChange); this.onAcceptStateChange(); }, uninit() { BridgeDB.close(); // Unregister our observer topics. - Services.obs.removeObserver(this, TorConnectTopics.StateChange); + Services.obs.removeObserver(this, TorConnectTopics.StageChange); }, onAcceptStateChange() { @@ -113,7 +113,7 @@ const gRequestBridgeDialog = { observe(subject, topic) { switch (topic) { - case TorConnectTopics.StateChange: + case TorConnectTopics.StageChange: this.onAcceptStateChange(); break; } ===================================== mobile/android/fenix/app/src/main/java/org/mozilla/fenix/HomeActivity.kt ===================================== @@ -1438,7 +1438,4 @@ open class HomeActivity : LocaleAwareAppCompatActivity(), NavHostActivity, TorIn navHost.navController.navigate(NavGraphDirections.actionStartupHome()) } override fun onBootstrapError(code: String?, message: String?, phase: String?, reason: String?) = Unit - override fun onSettingsRequested() { - navHost.navController.navigate(NavGraphDirections.actionGlobalSettingsFragment()) - } } ===================================== mobile/android/fenix/app/src/main/java/org/mozilla/fenix/tor/TorControllerGV.kt ===================================== @@ -332,20 +332,28 @@ class TorControllerGV( // TorEventsBootstrapStateChangeListener override fun onBootstrapProgress(progress: Double, hasWarnings: Boolean) { Log.d(TAG, "onBootstrapProgress($progress, $hasWarnings)") + // TODO: onBootstrapProgress should only be used to change the shown + // bootstrap percentage or a Tor log option during a "Bootstrapping" + // stage. + // The progress value should not be used to change the `lastKnownStatus` + // value or determine if a bootstrap has started or completed. The + // TorConnectStage should be used instead. if (progress == 100.0) { lastKnownStatus = TorConnectState.Bootstrapped wasTorBootstrapped = true onTorConnected() - } else { - lastKnownStatus = TorConnectState.Bootstrapping + } else if (lastKnownStatus == TorConnectState.Bootstrapping) { onTorConnecting() - } onTorStatusUpdate("", lastKnownStatus.toTorStatus().status, progress) } // TorEventsBootstrapStateChangeListener override fun onBootstrapComplete() { + // TODO: There should be no need to respond to the BootstrapComplete + // event if we are already handling TorConnectStage.Bootstrapped. + // In particular, `lastKnownStatus` and onTorConnected should be set in + // response to a change in TorConnectStage instead. lastKnownStatus = TorConnectState.Bootstrapped this.onTorConnected() } @@ -354,9 +362,4 @@ class TorControllerGV( override fun onBootstrapError(code: String?, message: String?, phase: String?, reason: String?) { lastKnownError = TorError(code ?: "", message ?: "", phase ?: "", reason ?: "") } - - // TorEventsBootstrapStateChangeListener - override fun onSettingsRequested() { - // noop - } } ===================================== mobile/android/geckoview/src/main/java/org/mozilla/geckoview/TorIntegrationAndroid.java ===================================== @@ -44,7 +44,6 @@ public class TorIntegrationAndroid implements BundleEventListener { private static final String EVENT_TOR_LOGS = "GeckoView:Tor:Logs"; private static final String EVENT_SETTINGS_READY = "GeckoView:Tor:SettingsReady"; private static final String EVENT_SETTINGS_CHANGED = "GeckoView:Tor:SettingsChanged"; - private static final String EVENT_SETTINGS_OPEN = "GeckoView:Tor:OpenSettings"; // Events we emit private static final String EVENT_SETTINGS_GET = "GeckoView:Tor:SettingsGet"; @@ -118,8 +117,7 @@ public class TorIntegrationAndroid implements BundleEventListener { EVENT_CONNECT_ERROR, EVENT_BOOTSTRAP_PROGRESS, EVENT_BOOTSTRAP_COMPLETE, - EVENT_TOR_LOGS, - EVENT_SETTINGS_OPEN); + EVENT_TOR_LOGS); } @Override // BundleEventListener @@ -176,10 +174,6 @@ public class TorIntegrationAndroid implements BundleEventListener { for (TorLogListener listener : mLogListeners) { listener.onLog(type, msg); } - } else if (EVENT_SETTINGS_OPEN.equals(event)) { - for (BootstrapStateChangeListener listener : mBootstrapStateListeners) { - listener.onSettingsRequested(); - } } } @@ -641,8 +635,6 @@ public class TorIntegrationAndroid implements BundleEventListener { void onBootstrapComplete(); void onBootstrapError(String code, String message, String phase, String reason); - - void onSettingsRequested(); } public interface TorLogListener { ===================================== toolkit/components/lox/Lox.sys.mjs ===================================== @@ -23,7 +23,7 @@ ChromeUtils.defineESModuleGetters(lazy, { DomainFrontRequestResponseError: "resource://gre/modules/DomainFrontedRequests.sys.mjs", TorConnect: "resource://gre/modules/TorConnect.sys.mjs", - TorConnectState: "resource://gre/modules/TorConnect.sys.mjs", + TorConnectStage: "resource://gre/modules/TorConnect.sys.mjs", TorSettings: "resource://gre/modules/TorSettings.sys.mjs", TorSettingsTopics: "resource://gre/modules/TorSettings.sys.mjs", TorBridgeSource: "resource://gre/modules/TorSettings.sys.mjs", @@ -1049,7 +1049,7 @@ class LoxImpl { const method = "POST"; const contentType = "application/vnd.api+json"; - if (lazy.TorConnect.state === lazy.TorConnectState.Bootstrapped) { + if (lazy.TorConnect.stageName === lazy.TorConnectStage.Bootstrapped) { let request; try { request = await fetch(url, { ===================================== toolkit/components/torconnect/TorConnectChild.sys.mjs ===================================== @@ -77,7 +77,7 @@ export class TorConnectChild extends RemotePageChild { receiveMessage(message) { super.receiveMessage(message); - if (message.name === "torconnect:state-change") { + if (message.name === "torconnect:stage-change") { this.#maybeRedirect(); } } ===================================== toolkit/components/torconnect/TorConnectParent.sys.mjs ===================================== @@ -2,29 +2,20 @@ import { TorStrings } from "resource://gre/modules/TorStrings.sys.mjs"; import { - InternetStatus, TorConnect, TorConnectTopics, - TorConnectState, } from "resource://gre/modules/TorConnect.sys.mjs"; import { TorSettings, TorSettingsTopics, } from "resource://gre/modules/TorSettings.sys.mjs"; -const BroadcastTopic = "about-torconnect:broadcast"; - const lazy = {}; ChromeUtils.defineESModuleGetters(lazy, { HomePage: "resource:///modules/HomePage.sys.jsm", }); -const log = console.createInstance({ - maxLogLevel: "Warn", - prefix: "TorConnectParent", -}); - /* This object is basically a marshalling interface between the TorConnect module and a particular about:torconnect page @@ -40,31 +31,6 @@ export class TorConnectParent extends JSWindowActorParent { const self = this; - this.state = { - State: TorConnect.state, - StateChanged: false, - PreviousState: TorConnectState.Initial, - ErrorCode: TorConnect.errorCode, - ErrorDetails: TorConnect.errorDetails, - BootstrapProgress: TorConnect.bootstrapProgress, - InternetStatus: TorConnect.internetStatus, - DetectedLocation: TorConnect.detectedLocation, - ShowViewLog: TorConnect.logHasWarningOrError, - HasEverFailed: TorConnect.hasEverFailed, - UIState: TorConnect.uiState, - }; - - // Workaround for a race condition, but we should fix it asap. - // about:torconnect is loaded before TorSettings is actually initialized. - // The getter might throw and the page not loaded correctly as a result. - // Silence any warning for now, but we should really fix it. - // See also tor-browser#41921. - try { - this.state.QuickStartEnabled = TorSettings.quickstart.enabled; - } catch (e) { - this.state.QuickStartEnabled = false; - } - // JSWindowActiveParent derived objects cannot observe directly, so create a // member object to do our observing for us. // @@ -72,103 +38,54 @@ export class TorConnectParent extends JSWindowActorParent { // module, and maintains a state object which we pass down to our // about:torconnect page, which uses the state object to update its UI. this.torConnectObserver = { - observe(aSubject, aTopic) { - let obj = aSubject?.wrappedJSObject; - - // Update our state struct based on received torconnect topics and - // forward on to aboutTorConnect.js. - self.state.StateChanged = false; - switch (aTopic) { - case TorConnectTopics.StateChange: { - self.state.PreviousState = self.state.State; - self.state.State = obj.state; - self.state.StateChanged = true; - // Clear any previous error information if we are bootstrapping. - if (self.state.State === TorConnectState.Bootstrapping) { - self.state.ErrorCode = null; - self.state.ErrorDetails = null; - } - self.state.BootstrapProgress = TorConnect.bootstrapProgress; - self.state.ShowViewLog = TorConnect.logHasWarningOrError; - self.state.HasEverFailed = TorConnect.hasEverFailed; - break; - } - case TorConnectTopics.BootstrapProgress: { - self.state.BootstrapProgress = obj.progress; - self.state.ShowViewLog = obj.hasWarnings; - break; - } - case TorConnectTopics.BootstrapComplete: { - // noop + observe(subject, topic) { + const obj = subject?.wrappedJSObject; + switch (topic) { + case TorConnectTopics.StageChange: + self.sendAsyncMessage("torconnect:stage-change", obj); break; - } - case TorConnectTopics.Error: { - self.state.ErrorCode = obj.code; - self.state.ErrorDetails = obj; - self.state.InternetStatus = TorConnect.internetStatus; - self.state.DetectedLocation = TorConnect.detectedLocation; - self.state.ShowViewLog = true; + case TorConnectTopics.BootstrapProgress: + self.sendAsyncMessage("torconnect:bootstrap-progress", obj); break; - } - case TorSettingsTopics.Ready: { - if ( - self.state.QuickStartEnabled !== TorSettings.quickstart.enabled - ) { - self.state.QuickStartEnabled = TorSettings.quickstart.enabled; - } else { - return; + case TorSettingsTopics.SettingsChanged: + if (!obj.changes.includes("quickstart.enabled")) { + break; } + // eslint-disable-next-lined no-fallthrough + case TorSettingsTopics.Ready: + self.sendAsyncMessage( + "torconnect:quickstart-changed", + TorSettings.quickstart.enabled + ); break; - } - case TorSettingsTopics.SettingsChanged: { - if ( - aSubject.wrappedJSObject.changes.includes("quickstart.enabled") - ) { - self.state.QuickStartEnabled = TorSettings.quickstart.enabled; - } else { - // this isn't a setting torconnect cares about - return; - } - break; - } - default: { - log.warn(`TorConnect: unhandled observe topic '${aTopic}'`); - } } - - self.sendAsyncMessage("torconnect:state-change", self.state); }, }; - // Observe all of the torconnect:.* topics. - for (const key in TorConnectTopics) { - const topic = TorConnectTopics[key]; - Services.obs.addObserver(this.torConnectObserver, topic); - } + Services.obs.addObserver( + this.torConnectObserver, + TorConnectTopics.StageChange + ); + Services.obs.addObserver( + this.torConnectObserver, + TorConnectTopics.BootstrapProgress + ); Services.obs.addObserver(this.torConnectObserver, TorSettingsTopics.Ready); Services.obs.addObserver( this.torConnectObserver, TorSettingsTopics.SettingsChanged ); - - this.userActionObserver = { - observe(aSubject) { - let obj = aSubject?.wrappedJSObject; - if (obj) { - obj.connState = self.state; - self.sendAsyncMessage("torconnect:user-action", obj); - } - }, - }; - Services.obs.addObserver(this.userActionObserver, BroadcastTopic); } willDestroy() { - // Stop observing all of our torconnect:.* topics. - for (const key in TorConnectTopics) { - const topic = TorConnectTopics[key]; - Services.obs.removeObserver(this.torConnectObserver, topic); - } + Services.obs.removeObserver( + this.torConnectObserver, + TorConnectTopics.StageChange + ); + Services.obs.removeObserver( + this.torConnectObserver, + TorConnectTopics.BootstrapProgress + ); Services.obs.removeObserver( this.torConnectObserver, TorSettingsTopics.Ready @@ -177,7 +94,6 @@ export class TorConnectParent extends JSWindowActorParent { this.torConnectObserver, TorSettingsTopics.SettingsChanged ); - Services.obs.removeObserver(this.userActionObserver, BroadcastTopic); } async receiveMessage(message) { @@ -192,48 +108,57 @@ export class TorConnectParent extends JSWindowActorParent { TorSettings.saveToPrefs().applySettings(); break; case "torconnect:open-tor-preferences": - TorConnect.openTorPreferences(); - break; - case "torconnect:cancel-bootstrap": - TorConnect.cancelBootstrap(); - break; - case "torconnect:begin-bootstrap": - TorConnect.beginBootstrap(); - break; - case "torconnect:begin-autobootstrap": - TorConnect.beginAutoBootstrap(message.data); + this.browsingContext.top.embedderElement.ownerGlobal.openPreferences( + "connection" + ); break; case "torconnect:view-tor-logs": - TorConnect.viewTorLogs(); + this.browsingContext.top.embedderElement.ownerGlobal.openPreferences( + "connection-viewlogs" + ); break; case "torconnect:restart": Services.startup.quit( Ci.nsIAppStartup.eRestart | Ci.nsIAppStartup.eAttemptQuit ); break; - case "torconnect:set-ui-state": - TorConnect.uiState = message.data; - this.state.UIState = TorConnect.uiState; + case "torconnect:start-again": + TorConnect.startAgain(); + break; + case "torconnect:choose-region": + TorConnect.chooseRegion(); + break; + case "torconnect:begin-bootstrapping": + TorConnect.beginBootstrapping(message.data.regionCode); break; - case "torconnect:broadcast-user-action": - Services.obs.notifyObservers(message.data, BroadcastTopic); + case "torconnect:cancel-bootstrapping": + TorConnect.cancelBootstrapping(); break; - case "torconnect:get-init-args": + case "torconnect:get-init-args": { // Called on AboutTorConnect.init(), pass down all state data it needs // to init. - // pretend this is a state transition on init - // so we always get fresh UI - this.state.StateChanged = true; - this.state.UIState = TorConnect.uiState; + let quickstartEnabled = false; + + // Workaround for a race condition, but we should fix it asap. + // about:torconnect is loaded before TorSettings is actually initialized. + // The getter might throw and the page not loaded correctly as a result. + // Silence any warning for now, but we should really fix it. + // See also tor-browser#41921. + try { + quickstartEnabled = TorSettings.quickstart.enabled; + } catch (e) { + // Do not throw. + } + return { TorStrings, - TorConnectState, - InternetStatus, Direction: Services.locale.isAppLocaleRTL ? "rtl" : "ltr", - State: this.state, CountryNames: TorConnect.countryNames, + stage: TorConnect.stage, + quickstartEnabled, }; + } case "torconnect:get-country-codes": return TorConnect.getCountryCodes(); } ===================================== toolkit/components/torconnect/content/aboutTorConnect.js ===================================== @@ -7,8 +7,6 @@ // populated in AboutTorConnect.init() let TorStrings = {}; -let TorConnectState = {}; -let InternetStatus = {}; const UIStates = Object.freeze({ ConnectToTor: "ConnectToTor", @@ -135,53 +133,23 @@ class AboutTorConnect { tryBridgeButton: document.querySelector(this.selectors.buttons.tryBridge), }); - uiState = { - currentState: UIStates.ConnectToTor, - allowAutomaticLocation: true, - selectedLocation: "automatic", - bootstrapCause: UIStates.ConnectToTor, - }; + selectedLocation; + shownStage = null; locations = {}; - constructor() { - this.uiStates = Object.freeze( - Object.fromEntries([ - [UIStates.ConnectToTor, this.showConnectToTor.bind(this)], - [UIStates.Offline, this.showOffline.bind(this)], - [UIStates.ConnectionAssist, this.showConnectionAssistant.bind(this)], - [UIStates.CouldNotLocate, this.showCouldNotLocate.bind(this)], - [UIStates.LocationConfirm, this.showLocationConfirmation.bind(this)], - [UIStates.FinalError, this.showFinalError.bind(this)], - ]) - ); - } - - beginBootstrap() { - RPMSendAsyncMessage("torconnect:begin-bootstrap"); - } - - beginAutoBootstrap(countryCode) { - if (countryCode === "automatic") { - countryCode = ""; - } - RPMSendAsyncMessage("torconnect:begin-autobootstrap", countryCode); + beginBootstrapping() { + RPMSendAsyncMessage("torconnect:begin-bootstrapping", {}); } - cancelBootstrap() { - RPMSendAsyncMessage("torconnect:cancel-bootstrap"); - } - - transitionUIState(nextState, connState) { - if (nextState !== this.uiState.currentState) { - this.uiState.currentState = nextState; - this.saveUIState(); - } - this.uiStates[nextState](connState); + beginAutoBootstrapping(regionCode) { + RPMSendAsyncMessage("torconnect:begin-bootstrapping", { + regionCode, + }); } - saveUIState() { - RPMSendAsyncMessage("torconnect:set-ui-state", this.uiState); + cancelBootstrapping() { + RPMSendAsyncMessage("torconnect:cancel-bootstrapping"); } /* @@ -305,19 +273,6 @@ class AboutTorConnect { this.elements.longContentText.append(...args); } - setProgress(description, visible, percent) { - this.elements.progressDescription.textContent = description; - if (visible) { - this.show(this.elements.progressMeter); - this.elements.progressMeter.style.setProperty( - "--progress-percent", - `${percent}%` - ); - } else { - this.hide(this.elements.progressMeter); - } - } - setBreadcrumbsStatus(connectToTor, connectionAssist, tryBridge) { this.elements.breadcrumbContainer.classList.remove("hidden"); const elems = [ @@ -362,22 +317,17 @@ class AboutTorConnect { return TorStrings.torConnect.bootstrapStatus[status] ?? status; } - getMaybeLocalizedError(state) { - if (!state?.ErrorCode) { - return ""; - } - switch (state.ErrorCode) { + getMaybeLocalizedError(error) { + switch (error.code) { case "Offline": return TorStrings.torConnect.offline; case "BootstrapError": { - const details = state.ErrorDetails?.cause; - if (!details?.phase || !details?.reason) { + if (!error.phase || !error.reason) { return TorStrings.torConnect.torBootstrapFailed; } - let status = this.getLocalizedStatus(details.phase); + let status = this.getLocalizedStatus(error.phase); const reason = - TorStrings.torConnect.bootstrapWarning[details.reason] ?? - details.reason; + TorStrings.torConnect.bootstrapWarning[error.reason] ?? error.reason; return TorStrings.torConnect.bootstrapFailedDetails .replace("%1$S", status) .replace("%2$S", reason); @@ -392,13 +342,10 @@ class AboutTorConnect { // A standard JS error, or something for which we do probably do not // have a translation. Returning the original message is the best we can // do. - return state.ErrorDetails.message; + return error.message; default: - console.warn( - `Unknown error code: ${state.ErrorCode}`, - state.ErrorDetails - ); - return state.ErrorDetails?.message ?? state.ErrorCode; + console.warn(`Unknown error code: ${error.code}`, error); + return error.message || error.code; } } @@ -406,109 +353,119 @@ class AboutTorConnect { These methods update the UI based on the current TorConnect state */ - updateUI(state) { - // calls update_$state() - this[`update_${state.State}`](state); - this.elements.quickstartToggle.pressed = state.QuickStartEnabled; - } + updateStage(stage) { + if (stage.name === this.shownStage) { + return; + } - /* Per-state updates */ + this.shownStage = stage.name; + this.selectedLocation = stage.defaultRegion; - update_Initial(state) { - this.showConnectToTor(state); - } + let showProgress = false; + let showLog = false; + switch (stage.name) { + case "Disabled": + console.error("Should not be open when TorConnect is disabled"); + break; + case "Loading": + case "Start": + // Loading is not currnetly handled, treat the same as "Start", but UI + // will be unresponsive. + this.showStart(stage.tryAgain, stage.potentiallyBlocked); + break; + case "Bootstrapping": + showProgress = true; + this.showBootstrapping(stage.bootstrapTrigger, stage.tryAgain); + break; + case "Offline": + showLog = true; + this.showOffline(); + break; + case "ChooseRegion": + showLog = true; + this.showChooseRegion(stage.error); + break; + case "RegionNotFound": + showLog = true; + this.showRegionNotFound(); + break; + case "ConfirmRegion": + showLog = true; + this.showConfirmRegion(stage.error); + break; + case "FinalError": + showLog = true; + this.showFinalError(stage.error); + break; + case "Bootstrapped": + showProgress = true; + this.showBootstrapped(); + break; + default: + console.error(`Unknown stage ${stage.name}`); + break; + } - update_Configuring(state) { - if ( - state.StateChanged && - (state.PreviousState === TorConnectState.Bootstrapping || - state.PreviousState === TorConnectState.AutoBootstrapping) - ) { - // The bootstrap has been cancelled - this.transitionUIState(this.uiState.bootstrapCause, state); + if (showProgress) { + this.show(this.elements.progressMeter); + } else { + this.hide(this.elements.progressMeter); } - } - update_AutoBootstrapping(state) { - this.showBootstrapping(state); - } + this.updateBootstrappingStatus(stage.bootstrappingStatus); - update_Bootstrapping(state) { - this.showBootstrapping(state); + if (showLog) { + this.show(this.elements.viewLogButton); + } else { + this.hide(this.elements.viewLogButton); + } } - update_Error(state) { - if (!state.StateChanged) { - return; - } - if (state.InternetStatus === InternetStatus.Offline) { - this.transitionUIState(UIStates.Offline, state); - } else if (state.PreviousState === TorConnectState.Bootstrapping) { - this.transitionUIState(UIStates.ConnectionAssist, state); - } else if (state.PreviousState === TorConnectState.AutoBootstrapping) { - if (this.uiState.bootstrapCause === UIStates.ConnectionAssist) { - if (this.getLocation() === "automatic") { - this.uiState.allowAutomaticLocation = false; - if (!state.DetectedLocation) { - this.transitionUIState(UIStates.CouldNotLocate, state); - return; - } - // Change the location only here, to avoid overriding any user change/ - // insisting with the detected location - this.setLocation(state.DetectedLocation); - } - this.transitionUIState(UIStates.LocationConfirm, state); - } else { - this.transitionUIState(UIStates.FinalError, state); - } - } else { - console.error( - "We received an error starting from an unexpected state", - state - ); + updateBootstrappingStatus(data) { + this.elements.progressMeter.style.setProperty( + "--progress-percent", + `${data.progress}%` + ); + if (this.shownStage === "Bootstrapping" && data.hasWarning) { + // When bootstrapping starts, we hide the log button, but we re-show it if + // we get a warning. + this.show(this.elements.viewLogButton); } } - update_Bootstrapped(_state) { - const showProgressbar = true; + updateQuickstart(enabled) { + this.elements.quickstartToggle.pressed = enabled; + } + showBootstrapped() { this.setTitle(TorStrings.torConnect.torConnected, ""); this.setLongText(TorStrings.settings.torPreferencesDescription); - this.setProgress("", showProgressbar, 100); + this.elements.progressDescription.textContent = ""; this.hideButtons(); } - update_Disabled(_state) { - // TODO: we should probably have some UX here if a user goes to about:torconnect when - // it isn't in use (eg using tor-launcher or system tor) - } - - showConnectToTor(state) { + showStart(tryAgain, potentiallyBlocked) { this.setTitle(TorStrings.torConnect.torConnect, ""); this.setLongText(TorStrings.settings.torPreferencesDescription); - this.setProgress("", false); - this.hide(this.elements.viewLogButton); + this.elements.progressDescription.textContent = ""; this.hideButtons(); this.show(this.elements.quickstartContainer); this.show(this.elements.configureButton); this.show(this.elements.connectButton, true); - if (state?.StateChanged) { - this.elements.connectButton.focus(); + this.elements.connectButton.focus(); + if (tryAgain) { + this.elements.connectButton.textContent = TorStrings.torConnect.tryAgain; } - if (state?.HasEverFailed) { + if (potentiallyBlocked) { this.setBreadcrumbsStatus( BreadcrumbStatus.Active, BreadcrumbStatus.Default, BreadcrumbStatus.Disabled ); - this.elements.connectButton.textContent = TorStrings.torConnect.tryAgain; } - this.uiState.bootstrapCause = UIStates.ConnectToTor; - this.saveUIState(); } - showBootstrapping(state) { - const showProgressbar = true; + showBootstrapping(trigger, tryAgain) { let title = ""; let description = ""; const breadcrumbs = [ @@ -516,128 +473,114 @@ class AboutTorConnect { BreadcrumbStatus.Disabled, BreadcrumbStatus.Disabled, ]; - switch (this.uiState.bootstrapCause) { - case UIStates.ConnectToTor: + switch (trigger) { + case "Start": + case "Offline": breadcrumbs[0] = BreadcrumbStatus.Active; - title = state.HasEverFailed + title = tryAgain ? TorStrings.torConnect.tryAgain : TorStrings.torConnect.torConnecting; description = TorStrings.settings.torPreferencesDescription; break; - case UIStates.ConnectionAssist: + case "ChooseRegion": breadcrumbs[2] = BreadcrumbStatus.Active; title = TorStrings.torConnect.tryingBridge; description = TorStrings.torConnect.assistDescription; break; - case UIStates.CouldNotLocate: + case "RegionNotFound": breadcrumbs[2] = BreadcrumbStatus.Active; title = TorStrings.torConnect.tryingBridgeAgain; description = TorStrings.torConnect.errorLocationDescription; break; - case UIStates.LocationConfirm: + case "ConfirmRegion": breadcrumbs[2] = BreadcrumbStatus.Active; title = TorStrings.torConnect.tryingBridgeAgain; description = TorStrings.torConnect.isLocationCorrectDescription; break; + default: + console.warn("Unrecognized bootstrap trigger", trigger); + break; } this.setTitle(title, ""); this.showConfigureConnectionLink(description); - this.setProgress("", showProgressbar, state.BootstrapProgress); - if (state.HasEverFailed) { + this.elements.progressDescription.textContent = ""; + if (tryAgain) { this.setBreadcrumbsStatus(...breadcrumbs); } else { this.hideBreadcrumbs(); } this.hideButtons(); - if (state.ShowViewLog) { - this.show(this.elements.viewLogButton); - } else { - this.hide(this.elements.viewLogButton); - } this.show(this.elements.cancelButton); - if (state.StateChanged) { - this.elements.cancelButton.focus(); - } + this.elements.cancelButton.focus(); } - showOffline(state) { + showOffline() { this.setTitle(TorStrings.torConnect.noInternet, "offline"); this.setLongText(TorStrings.torConnect.noInternetDescription); - this.setProgress(this.getMaybeLocalizedError(state), false); + this.elements.progressDescription.textContent = + TorStrings.torConnect.offline; this.setBreadcrumbsStatus( BreadcrumbStatus.Default, BreadcrumbStatus.Active, BreadcrumbStatus.Hidden ); - this.show(this.elements.viewLogButton); this.hideButtons(); this.show(this.elements.configureButton); this.show(this.elements.connectButton, true); this.elements.connectButton.textContent = TorStrings.torConnect.tryAgain; } - showConnectionAssistant(state) { + showChooseRegion(error) { this.setTitle(TorStrings.torConnect.couldNotConnect, "assist"); this.showConfigureConnectionLink(TorStrings.torConnect.assistDescription); - this.setProgress(this.getMaybeLocalizedError(state), false); + this.elements.progressDescription.textContent = + this.getMaybeLocalizedError(error); this.setBreadcrumbsStatus( BreadcrumbStatus.Default, BreadcrumbStatus.Active, BreadcrumbStatus.Disabled ); - this.showLocationForm(false, TorStrings.torConnect.tryBridge); - if (state?.StateChanged) { - this.elements.tryBridgeButton.focus(); - } - this.uiState.bootstrapCause = UIStates.ConnectionAssist; - this.saveUIState(); + this.showLocationForm(true, TorStrings.torConnect.tryBridge); + this.elements.tryBridgeButton.focus(); } - showCouldNotLocate(state) { - this.uiState.allowAutomaticLocation = false; + showRegionNotFound() { this.setTitle(TorStrings.torConnect.errorLocation, "location"); this.showConfigureConnectionLink( TorStrings.torConnect.errorLocationDescription ); - this.setProgress(TorStrings.torConnect.cannotDetermineCountry, false); + this.elements.progressDescription.textContent = + TorStrings.torConnect.cannotDetermineCountry; this.setBreadcrumbsStatus( BreadcrumbStatus.Default, BreadcrumbStatus.Active, BreadcrumbStatus.Disabled ); - this.show(this.elements.viewLogButton); - this.showLocationForm(true, TorStrings.torConnect.tryBridge); - if (state.StateChanged) { - this.elements.tryBridgeButton.focus(); - } - this.uiState.bootstrapCause = UIStates.CouldNotLocate; - this.saveUIState(); + this.showLocationForm(false, TorStrings.torConnect.tryBridge); + this.elements.tryBridgeButton.focus(); } - showLocationConfirmation(state) { + showConfirmRegion(error) { this.setTitle(TorStrings.torConnect.isLocationCorrect, "location"); this.showConfigureConnectionLink( TorStrings.torConnect.isLocationCorrectDescription ); - this.setProgress(this.getMaybeLocalizedError(state), false); + this.elements.progressDescription.textContent = + this.getMaybeLocalizedError(error); this.setBreadcrumbsStatus( BreadcrumbStatus.Default, BreadcrumbStatus.Default, BreadcrumbStatus.Active ); - this.show(this.elements.viewLogButton); - this.showLocationForm(true, TorStrings.torConnect.tryAgain); - if (state.StateChanged) { - this.elements.tryBridgeButton.focus(); - } - this.uiState.bootstrapCause = UIStates.LocationConfirm; - this.saveUIState(); + this.showLocationForm(false, TorStrings.torConnect.tryAgain); + this.elements.tryBridgeButton.focus(); } - showFinalError(state) { + showFinalError(error) { this.setTitle(TorStrings.torConnect.finalError, "final"); this.setLongText(TorStrings.torConnect.finalErrorDescription); - this.setProgress(this.getMaybeLocalizedError(state), false); + this.elements.progressDescription.textContent = + this.getMaybeLocalizedError(error); this.setBreadcrumbsStatus( BreadcrumbStatus.Default, BreadcrumbStatus.Default, @@ -665,7 +608,7 @@ class AboutTorConnect { } } - showLocationForm(isError, buttonLabel) { + showLocationForm(isChoose, buttonLabel) { this.hideButtons(); RPMSendQuery("torconnect:get-country-codes").then(codes => { if (codes && codes.length) { @@ -674,7 +617,7 @@ class AboutTorConnect { } }); let firstOpt = this.elements.locationDropdownSelect.options[0]; - if (this.uiState.allowAutomaticLocation) { + if (isChoose) { firstOpt.value = "automatic"; firstOpt.textContent = TorStrings.torConnect.automatic; } else { @@ -685,7 +628,7 @@ class AboutTorConnect { this.validateLocation(); this.show(this.elements.locationDropdownLabel); this.show(this.elements.locationDropdown); - this.elements.locationDropdownLabel.classList.toggle("error", isError); + this.elements.locationDropdownLabel.classList.toggle("error", !isChoose); this.show(this.elements.tryBridgeButton, true); if (buttonLabel !== undefined) { this.elements.tryBridgeButton.textContent = buttonLabel; @@ -697,12 +640,8 @@ class AboutTorConnect { return this.elements.locationDropdownSelect.options[selectedIndex].value; } - setLocation(code) { - if (!code) { - code = this.uiState.selectedLocation; - } else { - this.uiState.selectedLocation = code; - } + setLocation() { + const code = this.selectedLocation; if (this.getLocation() === code) { return; } @@ -726,13 +665,7 @@ class AboutTorConnect { document.documentElement.setAttribute("dir", direction); this.elements.connectToTorLink.addEventListener("click", () => { - if (this.uiState.currentState === UIStates.ConnectToTor) { - return; - } - this.transitionUIState(UIStates.ConnectToTor, null); - RPMSendAsyncMessage("torconnect:broadcast-user-action", { - uiState: UIStates.ConnectToTor, - }); + RPMSendAsyncMessage("torconnect:start-again"); }); this.elements.connectToTorLabel.textContent = TorStrings.torConnect.torConnect; @@ -747,10 +680,7 @@ class AboutTorConnect { ) { return; } - this.transitionUIState(UIStates.ConnectionAssist, null); - RPMSendAsyncMessage("torconnect:broadcast-user-action", { - uiState: UIStates.ConnectionAssist, - }); + RPMSendAsyncMessage("torconnect:choose-region"); }); this.elements.connectionAssistLabel.textContent = TorStrings.torConnect.breadcrumbAssist; @@ -786,23 +716,18 @@ class AboutTorConnect { this.elements.cancelButton.textContent = TorStrings.torConnect.cancel; this.elements.cancelButton.addEventListener("click", () => { - this.cancelBootstrap(); + this.cancelBootstrapping(); }); this.elements.connectButton.textContent = TorStrings.torConnect.torConnectButton; this.elements.connectButton.addEventListener("click", () => { - this.beginBootstrap(); + this.beginBootstrapping(); }); this.populateLocations(); this.elements.locationDropdownSelect.addEventListener("change", () => { - this.uiState.selectedLocation = this.getLocation(); - this.saveUIState(); this.validateLocation(); - RPMSendAsyncMessage("torconnect:broadcast-user-action", { - location: this.uiState.selectedLocation, - }); }); this.elements.locationDropdownLabel.textContent = @@ -811,10 +736,8 @@ class AboutTorConnect { this.elements.tryBridgeButton.textContent = TorStrings.torConnect.tryBridge; this.elements.tryBridgeButton.addEventListener("click", () => { const value = this.getLocation(); - if (value === "automatic") { - this.beginAutoBootstrap(); - } else { - this.beginAutoBootstrap(value); + if (value) { + this.beginAutoBootstrapping(value); } }); @@ -846,17 +769,14 @@ class AboutTorConnect { initObservers() { // TorConnectParent feeds us state blobs to we use to update our UI - RPMAddMessageListener("torconnect:state-change", ({ data }) => { - this.updateUI(data); + RPMAddMessageListener("torconnect:stage-change", ({ data }) => { + this.updateStage(data); }); - RPMAddMessageListener("torconnect:user-action", ({ data }) => { - if (data.location) { - this.uiState.selectedLocation = data.location; - this.setLocation(); - } - if (data.uiState !== undefined) { - this.transitionUIState(data.uiState, data.connState); - } + RPMAddMessageListener("torconnect:bootstrap-progress", ({ data }) => { + this.updateBootstrappingStatus(data); + }); + RPMAddMessageListener("torconnect:quickstart-change", ({ data }) => { + this.updateQuickstart(data); }); } @@ -866,7 +786,7 @@ class AboutTorConnect { // integers, so we must resort to a string compare here :( // see https://developer.mozilla.org/en-US/docs/Web/API/KeyboardEvent/code for relevant documentation if (evt.code === "Escape") { - this.cancelBootstrap(); + this.cancelBootstrapping(); } }; } @@ -876,23 +796,14 @@ class AboutTorConnect { // various constants TorStrings = Object.freeze(args.TorStrings); - TorConnectState = Object.freeze(args.TorConnectState); - InternetStatus = Object.freeze(args.InternetStatus); this.locations = args.CountryNames; this.initElements(args.Direction); this.initObservers(); this.initKeyboardShortcuts(); - if (Object.keys(args.State.UIState).length) { - this.uiState = args.State.UIState; - } else { - args.State.UIState = this.uiState; - this.saveUIState(); - } - this.uiStates[this.uiState.currentState](args.State); - // populate UI based on current state - this.updateUI(args.State); + this.updateStage(args.stage); + this.updateQuickstart(args.quickstartEnabled); } } ===================================== toolkit/components/torconnect/content/torConnectTitlebarStatus.js ===================================== @@ -38,7 +38,7 @@ var gTorConnectTitlebarStatus = { // The title also acts as an accessible name for the role="status". this.node.setAttribute("title", this._strings.titlebarStatusName); - this._observeTopic = TorConnectTopics.StateChange; + this._observeTopic = TorConnectTopics.StageChange; this._stateListener = { observe: (subject, topic) => { if (topic !== this._observeTopic) { @@ -66,17 +66,16 @@ var gTorConnectTitlebarStatus = { let textId; let connected = false; let potentiallyBlocked = false; - switch (TorConnect.state) { - case TorConnectState.Disabled: + switch (TorConnect.stageName) { + case TorConnectStage.Disabled: // Hide immediately. this.node.hidden = true; return; - case TorConnectState.Bootstrapped: + case TorConnectStage.Bootstrapped: textId = "titlebarStatusConnected"; connected = true; break; - case TorConnectState.Bootstrapping: - case TorConnectState.AutoBootstrapping: + case TorConnectStage.Bootstrapping: textId = "titlebarStatusConnecting"; break; default: ===================================== toolkit/components/torconnect/content/torConnectUrlbarButton.js ===================================== @@ -55,13 +55,13 @@ var gTorConnectUrlbarButton = { this.connect(); }); - this._observeTopic = TorConnectTopics.StateChange; + this._observeTopic = TorConnectTopics.StageChange; this._stateListener = { observe: (subject, topic) => { if (topic !== this._observeTopic) { return; } - this._torConnectStateChanged(); + this._torConnectStageChanged(); }, }; Services.obs.addObserver(this._stateListener, this._observeTopic); @@ -84,7 +84,7 @@ var gTorConnectUrlbarButton = { // switching selected browser. gBrowser.addProgressListener(this._locationListener); - this._torConnectStateChanged(); + this._torConnectStageChanged(); }, /** @@ -105,17 +105,17 @@ var gTorConnectUrlbarButton = { * Begin the tor connection bootstrapping process. */ connect() { - TorConnect.openTorConnect({ beginBootstrap: true }); + TorConnect.openTorConnect({ beginBootstrapping: "soft" }); }, /** - * Callback for when the TorConnect state changes. + * Callback for when the TorConnect stage changes. */ - _torConnectStateChanged() { - if (TorConnect.state === TorConnectState.Disabled) { + _torConnectStageChanged() { + if (TorConnect.stageName === TorConnectStage.Disabled) { // NOTE: We do not uninit early when we reach the - // TorConnectState.Bootstrapped state because we can still leave the - // Bootstrapped state if the tor process exists early and needs a restart. + // TorConnectStage.Bootstrapped stage because we can still leave the + // Bootstrapped stage if the tor process exists early and needs a restart. this.uninit(); return; } ===================================== toolkit/modules/RemotePageAccessManager.sys.mjs ===================================== @@ -239,19 +239,19 @@ export let RemotePageAccessManager = { }, "about:torconnect": { RPMAddMessageListener: [ - "torconnect:state-change", - "torconnect:user-action", + "torconnect:stage-change", + "torconnect:bootstrap-progress", + "torconnect:quickstart-change", ], RPMSendAsyncMessage: [ "torconnect:open-tor-preferences", - "torconnect:begin-bootstrap", - "torconnect:begin-autobootstrap", - "torconnect:cancel-bootstrap", + "torconnect:begin-bootstrapping", + "torconnect:cancel-bootstrapping", "torconnect:set-quickstart", "torconnect:view-tor-logs", "torconnect:restart", - "torconnect:set-ui-state", - "torconnect:broadcast-user-action", + "torconnect:start-again", + "torconnect:choose-region", ], RPMSendQuery: [ "torconnect:get-init-args", ===================================== toolkit/modules/TorAndroidIntegration.sys.mjs ===================================== @@ -83,6 +83,7 @@ class TorAndroidIntegrationImpl { observe(subj, topic) { switch (topic) { + // TODO: Replace with StageChange. case lazy.TorConnectTopics.StateChange: lazy.EventDispatcher.instance.sendRequest({ type: EmittedEvents.connectStateChanged, @@ -101,6 +102,7 @@ class TorAndroidIntegrationImpl { type: EmittedEvents.bootstrapComplete, }); break; + // TODO: Replace with StageChange stage.error. case lazy.TorConnectTopics.Error: lazy.EventDispatcher.instance.sendRequest({ type: EmittedEvents.connectError, @@ -159,17 +161,23 @@ class TorAndroidIntegrationImpl { await lazy.TorSettings.saveToPrefs(); break; case ListenedEvents.bootstrapBegin: - lazy.TorConnect.beginBootstrap(); + lazy.TorConnect.beginBootstrapping(); break; case ListenedEvents.bootstrapBeginAuto: - lazy.TorConnect.beginAutoBootstrap(data.countryCode); + // TODO: The countryCode should be set to "automatic" by the caller + // rather than `null`, so we can just pass in `data.countryCode` + // directly. + lazy.TorConnect.beginBootstrapping(data.countryCode || "automatic"); break; case ListenedEvents.bootstrapCancel: - lazy.TorConnect.cancelBootstrap(); + lazy.TorConnect.cancelBootstrapping(); break; + // TODO: Replace with TorConnect.stage. case ListenedEvents.bootstrapGetState: callback?.onSuccess(lazy.TorConnect.state); return; + // TODO: Expose TorConnect.startAgain() to allow users to begin + // from the start again. } callback?.onSuccess(); } catch (e) { ===================================== toolkit/modules/TorConnect.sys.mjs ===================================== @@ -8,7 +8,6 @@ const lazy = {}; ChromeUtils.defineESModuleGetters(lazy, { BrowserWindowTracker: "resource:///modules/BrowserWindowTracker.sys.mjs", - EventDispatcher: "resource://gre/modules/Messaging.sys.mjs", MoatRPC: "resource://gre/modules/Moat.sys.mjs", TorBootstrapRequest: "resource://gre/modules/TorBootstrapRequest.sys.mjs", TorProviderBuilder: "resource://gre/modules/TorProviderBuilder.sys.mjs", @@ -79,240 +78,181 @@ ChromeUtils.defineLazyGetter(lazy, "logger", () => }) ); -/* - TorConnect State Transitions - - ┌─────────┐ ┌────────┐ - │ ▼ ▼ │ - │ ┌──────────────────────────────────────────────────────────┐ │ - ┌─┼────── │ Error │ ◀───┐ │ - │ │ └──────────────────────────────────────────────────────────┘ │ │ - │ │ ▲ │ │ - │ │ │ │ │ - │ │ │ │ │ - │ │ ┌───────────────────────┐ ┌──────────┐ │ │ - │ │ ┌──── │ Initial │ ────────────────────▶ │ Disabled │ │ │ - │ │ │ └───────────────────────┘ └──────────┘ │ │ - │ │ │ │ │ │ - │ │ │ │ beginBootstrap() │ │ - │ │ │ ▼ │ │ - │ │ │ ┌──────────────────────────────────────────────────────────┐ │ │ - │ │ │ │ Bootstrapping │ ────┘ │ - │ │ │ └──────────────────────────────────────────────────────────┘ │ - │ │ │ │ ▲ │ │ - │ │ │ │ cancelBootstrap() │ beginBootstrap() └────┐ │ - │ │ │ ▼ │ │ │ - │ │ │ ┌──────────────────────────────────────────────────────────┐ │ │ - │ │ └───▶ │ │ ─┼────┘ - │ │ │ │ │ - │ │ │ │ │ - │ │ │ Configuring │ │ - │ │ │ │ │ - │ │ │ │ │ - └─┼─────▶ │ │ │ - │ └──────────────────────────────────────────────────────────┘ │ - │ │ ▲ ▲ │ - │ │ beginAutoBootstrap() │ cancelBootstrap() │ │ - │ ▼ │ │ │ - │ ┌───────────────────────┐ │ │ │ - └────── │ AutoBootstrapping │ ─┘ │ │ - └───────────────────────┘ │ │ - │ │ │ - │ ┌────────────────────────────────┘ │ - ▼ │ │ - ┌───────────────────────┐ │ - │ Bootstrapped │ ◀───────────────────────────────────┘ - └───────────────────────┘ -*/ - /* Topics Notified by the TorConnect module */ export const TorConnectTopics = Object.freeze({ + StageChange: "torconnect:stage-change", + // TODO: Remove torconnect:state-change when pages have switched to stage. StateChange: "torconnect:state-change", BootstrapProgress: "torconnect:bootstrap-progress", BootstrapComplete: "torconnect:bootstrap-complete", + // TODO: Remove torconnect:error when pages have switched to stage. Error: "torconnect:error", }); -// The StateCallback is the base class to implement the various states. -// All states should extend it and implement a `run` function, which can -// optionally be async, and define an array of valid transitions. -// The parent class will handle everything else, including the transition to -// other states when the run function is complete etc... -// A system is also provided to allow this function to early-out. The runner -// should check the transitioning getter when appropriate and return. -// In addition to that, a state can implement a transitionRequested callback, -// which can be used in conjunction with a mechanism like Promise.race. -// This allows to handle, for example, users' requests to cancel a bootstrap -// attempt. -// A state can optionally define a cleanup function, that will be run in all -// cases before transitioning to the next state. -class StateCallback { - #state; - #promise; - #transitioning = false; - - constructor(stateName) { - this.#state = stateName; - } - - async begin(...args) { - lazy.logger.trace(`Entering ${this.#state} state`); - // Make sure we always have an actual promise. - try { - this.#promise = Promise.resolve(this.run(...args)); - } catch (err) { - this.#promise = Promise.reject(err); - } - try { - // If the callback throws, transition to error as soon as possible. - await this.#promise; - lazy.logger.info(`${this.#state}'s run is done`); - } catch (err) { - if (this.transitioning) { - lazy.logger.error( - `A transition from ${ - this.#state - } is already happening, silencing this exception.`, - err - ); - return; - } - lazy.logger.error( - `${this.#state}'s run threw, transitioning to the Error state.`, - err - ); - this.changeState(TorConnectState.Error, err); - } - } - - async end(nextState) { - lazy.logger.trace( - `Ending state ${this.#state} (to transition to ${nextState})` - ); - - if (this.#transitioning) { - // Should we check turn this into an error? - // It will make dealing with the error state harder. - lazy.logger.warn("this.#transitioning is already true."); - } - - // Signal we should bail out ASAP. - this.#transitioning = true; - if (this.transitionRequested) { - this.transitionRequested(); - } - - lazy.logger.debug( - `Waiting for the ${ - this.#state - }'s callback to return before the transition.` - ); - try { - await this.#promise; - } finally { - lazy.logger.debug(`Calling ${this.#state}'s cleanup, if implemented.`); - if (this.cleanup) { - try { - await this.cleanup(nextState); - lazy.logger.debug(`${this.#state}'s cleanup function done.`); - } catch (e) { - lazy.logger.warn(`${this.#state}'s cleanup function threw.`, e); - } - } - } - } - - changeState(stateName, ...args) { - TorConnect._changeState(stateName, ...args); - } - - get transitioning() { - return this.#transitioning; - } - - get state() { - return this.#state; - } -} - -// async method to sleep for a given amount of time -const debugSleep = async ms => { - return new Promise(resolve => { - setTimeout(resolve, ms); - }); -}; - -class InitialState extends StateCallback { - allowedTransitions = Object.freeze([ - TorConnectState.Disabled, - TorConnectState.Bootstrapping, - TorConnectState.Configuring, - TorConnectState.Error, - ]); - - constructor() { - super(TorConnectState.Initial); - } - - run() { - // TODO: Block this transition until we successfully build a TorProvider. - } -} - -class ConfiguringState extends StateCallback { - allowedTransitions = Object.freeze([ - TorConnectState.AutoBootstrapping, - TorConnectState.Bootstrapping, - TorConnectState.Error, - ]); - - constructor() { - super(TorConnectState.Configuring); - } - - run() { - TorConnect._bootstrapProgress = 0; - } -} - -class BootstrappingState extends StateCallback { +/** + * @callback ProgressCallback + * + * @param {integer} progress - The progress percent. + */ +/** + * @typedef {object} BootstrapOptions + * + * Options for a bootstrap attempt. + * + * @property {boolean} [options.simulateCensorship] - Whether to simulate a + * failing bootstrap. + * @property {integer} [options.simulateDelay] - The delay in microseconds to + * apply to simulated bootstraps. + * @property {object} [options.simulateMoatResponse] - Simulate a Moat response + * for circumvention settings. Should include a "settings" property, and + * optionally a "country" property. You may add a "simulateCensorship" + * property to some of the settings to make only their bootstrap attempts + * fail. + * @property {boolean} [options.testInternet] - Whether to also test the + * internet connection. + * @property {boolean} [options.simulateOffline] - Whether to simulate an + * offline test result. This will not cause the bootstrap to fail. + * @property {string} [options.regionCode] - The region code to use to fetch + * auto-bootstrap settings, or "automatic" to automatically choose the region. + */ +/** + * @typedef {object} BootstrapResult + * + * The result of a bootstrap attempt. + * + * @property {string} [result] - The bootstrap result. + * @property {Error} [error] - An error from the attempt. + */ +/** + * @callback ResolveBootstrap + * + * Resolve a bootstrap attempt. + * + * @param {BootstrapResult} - The result, or error. + */ + +/** + * Each instance can be used to attempt one bootstrapping. + */ +class BootstrapAttempt { + /** + * The ongoing bootstrap request. + * + * @type {?TorBootstrapRequest} + */ #bootstrap = null; + /** + * The error returned by the bootstrap request, if any. + * + * @type {?Error} + */ #bootstrapError = null; + /** + * The ongoing internet test, if any. + * + * @type {?InternetTest} + */ #internetTest = null; + /** + * The method to call to complete the `run` promise. + * + * @type {?ResolveBootstrap} + */ + #resolveRun = null; + /** + * Whether the `run` promise has been, or is about to be, resolved. + * + * @type {boolean} + */ + #resolved = false; + /** + * Whether a cancel request has been started. + * + * @type {boolean} + */ #cancelled = false; - allowedTransitions = Object.freeze([ - TorConnectState.Configuring, - TorConnectState.Bootstrapped, - TorConnectState.Error, - ]); + /** + * Run a bootstrap attempt. + * + * @param {ProgressCallback} progressCallback - The callback to invoke with + * the bootstrap progress. + * @param {BootstrapOptions} options - Options to apply to the bootstrap. + * + * @return {Promise<string, Error>} - The result of the bootstrap. + */ + run(progressCallback, options) { + const { promise, resolve, reject } = Promise.withResolvers(); + this.#resolveRun = arg => { + if (this.#resolved) { + // Already been called once. + if (arg.error) { + lazy.logger.error("Delayed bootstrap error", arg.error); + } + return; + } + this.#resolved = true; + try { + // Should be ok to call this twice in the case where we "cancel" the + // bootstrap. + this.#internetTest?.cancel(); + } catch (error) { + lazy.logger.error("Unexpected error in bootstrap cleanup", error); + } + if (arg.error) { + reject(arg.error); + } else { + resolve(arg.result); + } + }; + try { + this.#runInternal(progressCallback, options); + } catch (error) { + this.#resolveRun({ error }); + } - constructor() { - super(TorConnectState.Bootstrapping); + return promise; } - async run() { - if (await this.#simulateCensorship()) { - return; + /** + * Run the attempt. + * + * @param {ProgressCallback} progressCallback - The callback to invoke with + * the bootstrap progress. + * @param {BootstrapOptions} options - Options to apply to the bootstrap. + */ + #runInternal(progressCallback, options) { + if (options.simulateCensorship) { + // Create a fake request. + this.#bootstrap = { + _timeout: 0, + bootstrap() { + this._timeout = setTimeout(() => { + const err = new Error("Censorship simulation"); + err.phase = "conn"; + err.reason = "noroute"; + this.onbootstraperror(err); + }, options.simulateDelay || 0); + }, + cancel() { + clearTimeout(this._timeout); + }, + }; + } else { + this.#bootstrap = new lazy.TorBootstrapRequest(); } - this.#bootstrap = new lazy.TorBootstrapRequest(); - this.#bootstrap.onbootstrapstatus = (progress, status) => { - TorConnect._updateBootstrapProgress(progress, status); + this.#bootstrap.onbootstrapstatus = (progress, _status) => { + if (!this.#resolved) { + progressCallback(progress); + } }; this.#bootstrap.onbootstrapcomplete = () => { - this.#internetTest.cancel(); - this.changeState(TorConnectState.Bootstrapped); + this.#resolveRun({ result: "complete" }); }; this.#bootstrap.onbootstraperror = error => { - if (this.#cancelled) { - // We ignore this error since it occurred after cancelling (by the - // user). We assume the error is just a side effect of the cancelling. - // E.g. If the cancelling is triggered late in the process, we get - // "Building circuits: Establishing a Tor circuit failed". - // TODO: Maybe move this logic deeper in the process to know when to - // filter out such errors triggered by cancelling. - lazy.logger.warn("Post-cancel error.", error); + if (this.#bootstrapError) { + lazy.logger.warn("Another bootstrap error", error); return; } // We have to wait for the Internet test to finish before sending the @@ -320,30 +260,40 @@ class BootstrappingState extends StateCallback { this.#bootstrapError = error; this.#maybeTransitionToError(); }; - - this.#internetTest = new InternetTest(); - this.#internetTest.onResult = status => { - TorConnect._internetStatus = status; - this.#maybeTransitionToError(); - }; - this.#internetTest.onError = () => { - this.#maybeTransitionToError(); - }; + if (options.testInternet) { + this.#internetTest = new InternetTest(options.simulateOffline); + this.#internetTest.onResult = () => { + this.#maybeTransitionToError(); + }; + this.#internetTest.onError = () => { + this.#maybeTransitionToError(); + }; + } this.#bootstrap.bootstrap(); } - async cleanup(nextState) { - if (nextState === TorConnectState.Configuring) { - // stop bootstrap process if user cancelled - this.#cancelled = true; - this.#internetTest?.cancel(); - await this.#bootstrap?.cancel(); + /** + * Callback for when we get a new bootstrap error or a change in the internet + * status. + */ + #maybeTransitionToError() { + if (this.#resolved || this.#cancelled) { + if (this.#bootstrapError) { + // We ignore this error since it occurred after cancelling (by the + // user), or we have already resolved. We assume the error is just a + // side effect of the cancelling. + // E.g. If the cancelling is triggered late in the process, we get + // "Building circuits: Establishing a Tor circuit failed". + // TODO: Maybe move this logic deeper in the process to know when to + // filter out such errors triggered by cancelling. + lazy.logger.warn("Post-complete error.", this.#bootstrapError); + } + return; } - } - #maybeTransitionToError() { if ( + this.#internetTest && this.#internetTest.status === InternetStatus.Unknown && this.#internetTest.error === null && this.#internetTest.enabled @@ -355,356 +305,394 @@ class BootstrappingState extends StateCallback { // us again. return; } - // Do not transition to the offline error until we are sure that also the - // bootstrap failed, in case Moat is down but the bootstrap can proceed - // anyway. + // Do not transition to "offline" until we are sure that also the bootstrap + // failed, in case Moat is down but the bootstrap can proceed anyway. if (!this.#bootstrapError) { return; } - if (this.#internetTest.status === InternetStatus.Offline) { - this.changeState( - TorConnectState.Error, - new TorConnectError(TorConnectError.Offline) - ); - } else { - // Give priority to the bootstrap error, in case the Internet test fails - TorConnect._hasBootstrapEverFailed = true; - this.changeState( - TorConnectState.Error, - new TorConnectError( - TorConnectError.BootstrapError, + if (this.#internetTest?.status === InternetStatus.Offline) { + if (this.#bootstrapError) { + lazy.logger.info( + "Ignoring bootstrap error since offline.", this.#bootstrapError - ) - ); - } - } - - async #simulateCensorship() { - // debug hook to simulate censorship preventing bootstrapping - const censorshipLevel = Services.prefs.getIntPref( - TorConnectPrefs.censorship_level, - 0 - ); - if (censorshipLevel <= 0) { - return false; - } - - await debugSleep(1500); - if (this.transitioning) { - // Already left this state. - return true; + ); + } + this.#resolveRun({ result: "offline" }); + return; } - TorConnect._hasBootstrapEverFailed = true; - if (censorshipLevel === 2) { - const codes = Object.keys(TorConnect._countryNames); - TorConnect._detectedLocation = - codes[Math.floor(Math.random() * codes.length)]; - } - const err = new Error("Censorship simulation"); - err.phase = "conn"; - err.reason = "noroute"; - this.changeState( - TorConnectState.Error, - new TorConnectError(TorConnectError.BootstrapError, err) - ); - return true; - } -} - -class AutoBootstrappingState extends StateCallback { - #moat; - #settings; - #changedSettings = false; - #transitionPromise; - #transitionResolve; - - allowedTransitions = Object.freeze([ - TorConnectState.Configuring, - TorConnectState.Bootstrapped, - TorConnectState.Error, - ]); - - constructor() { - super(TorConnectState.AutoBootstrapping); - this.#transitionPromise = new Promise(resolve => { - this.#transitionResolve = resolve; + this.#resolveRun({ + error: new TorConnectError( + TorConnectError.BootstrapError, + this.#bootstrapError + ), }); } - async run(countryCode) { - if (await this.#simulateCensorship(countryCode)) { - return; - } - await this.#initMoat(); - if (this.transitioning) { + /** + * Cancel the bootstrap attempt. + */ + async cancel() { + if (this.#cancelled) { + lazy.logger.warn( + "Cancelled bootstrap after it has already been cancelled" + ); return; } - await this.#fetchSettings(countryCode); - if (this.transitioning) { + this.#cancelled = true; + if (this.#resolved) { + lazy.logger.warn("Cancelled bootstrap after it has already resolved"); return; } - await this.#trySettings(); + // Wait until after bootstrap.cancel returns before we resolve with + // cancelled. In particular, there is a small chance that the bootstrap + // completes, in which case we want to be able to resolve with a success + // instead. + this.#internetTest?.cancel(); + await this.#bootstrap?.cancel(); + this.#resolveRun({ result: "cancelled" }); } +} +/** + * Each instance can be used to attempt one auto-bootstrapping sequence. + */ +class AutoBootstrapAttempt { /** - * Simulate a censorship event, if needed. + * The current bootstrap attempt, if any. * - * @param {string} countryCode The country code passed to the state - * @returns {Promise<boolean>} true if we are simulating the censorship and - * the bootstrap should stop immediately, or false if the bootstrap should - * continue normally. + * @type {?BootstrapAttempt} */ - async #simulateCensorship(countryCode) { - const censorshipLevel = Services.prefs.getIntPref( - TorConnectPrefs.censorship_level, - 0 - ); - if (censorshipLevel <= 0) { - return false; - } + #bootstrapAttempt = null; + /** + * The method to call to complete the `run` promise. + * + * @type {?ResolveBootstrap} + */ + #resolveRun = null; + /** + * Whether the `run` promise has been, or is about to be, resolved. + * + * @type {boolean} + */ + #resolved = false; + /** + * Whether a cancel request has been started. + * + * @type {boolean} + */ + #cancelled = false; + /** + * The method to call when the cancelled value is set to true. + * + * @type {?Function} + */ + #resolveCancelled = null; + /** + * A promise that resolves when the cancelled value is set to true. We can use + * this with Promise.race to end early when the user cancels. + * + * @type {?Promise} + */ + #cancelledPromise = null; + /** + * The found settings from Moat. + * + * @type {?object[]} + */ + #settings = null; + /** + * The last settings that have been applied to the TorProvider, if any. + * + * @type {?object} + */ + #changedSetting = null; + /** + * The detected region code returned by Moat, if any. + * + * @type {?string} + */ + detectedRegion = null; - // Very severe censorship: always fail even after manually selecting - // location specific settings. - if (censorshipLevel === 3) { - await debugSleep(2500); - if (!this.transitioning) { - this.changeState( - TorConnectState.Error, - new TorConnectError(TorConnectError.AllSettingsFailed) - ); + /** + * Run an auto-bootstrap attempt. + * + * @param {ProgressCallback} progressCallback - The callback to invoke with + * the bootstrap progress. + * @param {BootstrapOptions} options - Options to apply to the bootstrap. + * + * @return {Promise<string, Error>} - The result of the bootstrap. + */ + run(progressCallback, options) { + const { promise, resolve, reject } = Promise.withResolvers(); + + this.#resolveRun = async arg => { + if (this.#resolved) { + // Already been called once. + if (arg.error) { + lazy.logger.error("Delayed auto-bootstrap error", arg.error); + } + return; } - return true; - } - - // Severe censorship: only fail after auto selecting, but succeed after - // manually selecting a country. - if (censorshipLevel === 2 && !countryCode) { - await debugSleep(2500); - if (!this.transitioning) { - this.changeState( - TorConnectState.Error, - new TorConnectError(TorConnectError.CannotDetermineCountry) - ); + this.#resolved = true; + try { + // Run cleanup before we resolve the promise to ensure two instances + // of AutoBootstrapAttempt are not trying to change the settings at + // the same time. + if (this.#changedSetting) { + if (arg.result === "complete") { + // Persist the current settings to preferences. + lazy.TorSettings.setSettings(this.#changedSetting); + lazy.TorSettings.saveToPrefs(); + } // else, applySettings will restore the current settings. + await lazy.TorSettings.applySettings(); + } + } catch (error) { + lazy.logger.error("Unexpected error in auto-bootstrap cleanup", error); } - return true; - } + if (arg.error) { + reject(arg.error); + } else { + resolve(arg.result); + } + }; - return false; - } + ({ promise: this.#cancelledPromise, resolve: this.#resolveCancelled } = + Promise.withResolvers()); - /** - * Initialize the MoatRPC to communicate with the backend. - */ - async #initMoat() { - this.#moat = new lazy.MoatRPC(); - // We need to wait Moat's initialization even when we are requested to - // transition to another state to be sure its uninit will have its intended - // effect. So, do not use Promise.race here. - await this.#moat.init(); + this.#runInternal(progressCallback, options).catch(error => { + this.#resolveRun({ error }); + }); + + return promise; } /** - * Lookup user's potential censorship circumvention settings from Moat - * service. + * Run the attempt. + * + * Note, this is an async method, but should *not* be awaited by the `run` + * method. + * + * @param {ProgressCallback} progressCallback - The callback to invoke with + * the bootstrap progress. + * @param {BootstrapOptions} options - Options to apply to the bootstrap. */ - async #fetchSettings(countryCode) { - // For now, throw any errors we receive from the backend, except when it was - // unable to detect user's country/region. - // If we use specialized error objects, we could pass the original errors to - // them. - const maybeSettings = await Promise.race([ - this.#moat.circumvention_settings( - [...lazy.TorSettings.builtinBridgeTypes, "vanilla"], - countryCode - ), - // This might set maybeSettings to undefined. - this.#transitionPromise, - ]); - if (maybeSettings?.country) { - TorConnect._detectedLocation = maybeSettings.country; - } - - if (maybeSettings?.settings && maybeSettings.settings.length) { - this.#settings = maybeSettings.settings; - } else if (!this.transitioning) { - // Keep consistency with the other call. - this.#settings = await Promise.race([ - this.#moat.circumvention_defaults([ - ...lazy.TorSettings.builtinBridgeTypes, - "vanilla", - ]), - // This might set this.#settings to undefined. - this.#transitionPromise, - ]); + async #runInternal(progressCallback, options) { + await this.#fetchSettings(options); + if (this.#cancelled || this.#resolved) { + return; } - if (!this.#settings?.length && !this.transitioning) { - if (!TorConnect._detectedLocation) { - // unable to determine country - throw new TorConnectError(TorConnectError.CannotDetermineCountry); - } else { - // no settings available for country - throw new TorConnectError(TorConnectError.NoSettingsForCountry); - } + if (!this.#settings?.length) { + this.#resolveRun({ + error: new TorConnectError( + options.regionCode === "automatic" && !this.detectedRegion + ? TorConnectError.CannotDetermineCountry + : TorConnectError.NoSettingsForCountry + ), + }); } - } - /** - * Try to apply the settings we fetched. - */ - async #trySettings() { - // Otherwise, apply each of our settings and try to bootstrap with each. + // Apply each of our settings and try to bootstrap with each. for (const [index, currentSetting] of this.#settings.entries()) { - if (this.transitioning) { - break; - } - lazy.logger.info( `Attempting Bootstrap with configuration ${index + 1}/${ this.#settings.length }` ); - // Send the new settings directly to the provider. We will save them only - // if the bootstrap succeeds. - // FIXME: We should somehow signal TorSettings users that we have set - // custom settings, and they should not apply theirs until we are done - // with trying ours. - // Otherwise, the new settings provided by the user while we were - // bootstrapping could be the ones that cause the bootstrap to succeed, - // but we overwrite them (unless we backup the original settings, and then - // save our new settings only if they have not changed). - // Another idea (maybe easier to implement) is to disable the settings - // UI while *any* bootstrap is going on. - // This is also documented in tor-browser#41921. - const provider = await lazy.TorProviderBuilder.build(); - this.#changedSettings = true; - // We need to merge with old settings, in case the user is using a proxy - // or is behind a firewall. - await provider.writeSettings({ - ...lazy.TorSettings.getSettings(), - ...currentSetting, - }); - - // Build out our bootstrap request. - const bootstrap = new lazy.TorBootstrapRequest(); - bootstrap.onbootstrapstatus = (progress, status) => { - TorConnect._updateBootstrapProgress(progress, status); - }; - bootstrap.onbootstraperror = error => { - lazy.logger.error("Auto-Bootstrap error", error); - }; + await this.#trySetting(currentSetting, progressCallback, options); - // Begin the bootstrap. - const success = await Promise.race([ - bootstrap.bootstrap(), - this.#transitionPromise, - ]); - // Either the bootstrap request has finished, or a transition (caused by - // an error or by user's cancelation) started. - // However, we cannot be already transitioning in case of success, so if - // we are we should cancel the current bootstrap. - // With the current TorProvider, this will set DisableNetwork=1 again, - // which is what the user wanted if they canceled. - if (this.transitioning) { - if (success) { - lazy.logger.warn( - "We were already transitioning after a success, we were not expecting this." - ); - } - bootstrap.cancel(); - return; - } - if (success) { - // Persist the current settings to preferences. - lazy.TorSettings.setSettings(currentSetting); - lazy.TorSettings.saveToPrefs(); - // Do not await `applySettings`. Otherwise this opens up a window of - // time where the user can still "Cancel" the bootstrap. - // We are calling `applySettings` just to be on the safe side, but the - // settings we are passing now should be exactly the same we already - // passed earlier. - lazy.TorSettings.applySettings().catch(e => - lazy.logger.error("TorSettings.applySettings threw unexpectedly.", e) - ); - this.changeState(TorConnectState.Bootstrapped); + if (this.#cancelled || this.#resolved) { return; } } - // Only explicitly change state here if something else has not transitioned - // us. - if (!this.transitioning) { - throw new TorConnectError(TorConnectError.AllSettingsFailed); - } - } - - transitionRequested() { - this.#transitionResolve(); + this.#resolveRun({ + error: new TorConnectError(TorConnectError.AllSettingsFailed), + }); } - async cleanup(nextState) { - // No need to await. - this.#moat?.uninit(); - this.#moat = null; + /** + * Lookup user's potential censorship circumvention settings from Moat + * service. + * + * @param {BootstrapOptions} options - Options to apply to the bootstrap. + */ + async #fetchSettings(options) { + if (options.simulateMoatResponse) { + await Promise.race([ + new Promise(res => setTimeout(res, options.simulateDelay || 0)), + this.#cancelledPromise, + ]); - if (this.#changedSettings && nextState !== TorConnectState.Bootstrapped) { - try { - await lazy.TorSettings.applySettings(); - } catch (e) { - // We cannot do much if the original settings were bad or - // if the connection closed, so just report it in the - // console. - lazy.logger.warn("Failed to restore original settings.", e); + if (this.#cancelled || this.#resolved) { + return; } + + this.detectedRegion = options.simulateMoatResponse.country || null; + this.#settings = options.simulateMoatResponse.settings ?? null; + + return; } - } -} -class BootstrappedState extends StateCallback { - // We may need to leave the bootstrapped state if the tor daemon - // exits (if it is restarted, we will have to bootstrap again). - allowedTransitions = Object.freeze([TorConnectState.Configuring]); + const moat = new lazy.MoatRPC(); + try { + // We need to wait Moat's initialization even when we are requested to + // transition to another state to be sure its uninit will have its + // intended effect. So, do not use Promise.race here. + await moat.init(); - constructor() { - super(TorConnectState.Bootstrapped); - } + if (this.#cancelled || this.#resolved) { + return; + } - run() { - // Notify observers of bootstrap completion. - Services.obs.notifyObservers(null, TorConnectTopics.BootstrapComplete); + // For now, throw any errors we receive from the backend, except when it + // was unable to detect user's country/region. + // If we use specialized error objects, we could pass the original errors + // to them. + const maybeSettings = await Promise.race([ + moat.circumvention_settings( + [...lazy.TorSettings.builtinBridgeTypes, "vanilla"], + options.regionCode === "automatic" ? null : options.regionCode + ), + // This might set maybeSettings to undefined. + this.#cancelledPromise, + ]); + if (this.#cancelled || this.#resolved) { + return; + } + + this.detectedRegion = maybeSettings?.country || null; + + if (maybeSettings?.settings?.length) { + this.#settings = maybeSettings.settings; + } else { + // Keep consistency with the other call. + this.#settings = await Promise.race([ + moat.circumvention_defaults([ + ...lazy.TorSettings.builtinBridgeTypes, + "vanilla", + ]), + // This might set this.#settings to undefined. + this.#cancelledPromise, + ]); + } + } finally { + // Do not await the uninit. + moat.uninit(); + } } -} -class ErrorState extends StateCallback { - allowedTransitions = Object.freeze([TorConnectState.Configuring]); + /** + * Try to apply the settings we fetched. + * + * @param {object} setting - The setting to try. + * @param {ProgressCallback} progressCallback - The callback to invoke with + * the bootstrap progress. + * @param {BootstrapOptions} options - Options to apply to the bootstrap. + */ + async #trySetting(setting, progressCallback, options) { + if (this.#cancelled || this.#resolved) { + return; + } - static #hasEverHappened = false; + if (options.simulateMoatResponse && setting.simulateCensorship) { + // Move the simulateCensorship option to the options for the next + // BootstrapAttempt. + setting = structuredClone(setting); + delete setting.simulateCensorship; + options = { ...options, simulateCensorship: true }; + } - constructor() { - super(TorConnectState.Error); - ErrorState.#hasEverHappened = true; - } + // Send the new settings directly to the provider. We will save them only + // if the bootstrap succeeds. + // FIXME: We should somehow signal TorSettings users that we have set + // custom settings, and they should not apply theirs until we are done + // with trying ours. + // Otherwise, the new settings provided by the user while we were + // bootstrapping could be the ones that cause the bootstrap to succeed, + // but we overwrite them (unless we backup the original settings, and then + // save our new settings only if they have not changed). + // Another idea (maybe easier to implement) is to disable the settings + // UI while *any* bootstrap is going on. + // This is also documented in tor-browser#41921. + const provider = await lazy.TorProviderBuilder.build(); + this.#changedSetting = setting; + // We need to merge with old settings, in case the user is using a proxy + // or is behind a firewall. + await provider.writeSettings({ + ...lazy.TorSettings.getSettings(), + ...setting, + }); - run(_error) { - this.changeState(TorConnectState.Configuring); - } + if (this.#cancelled || this.#resolved) { + return; + } - static get hasEverHappened() { - return ErrorState.#hasEverHappened; - } -} + let result; + try { + this.#bootstrapAttempt = new BootstrapAttempt(); + // At this stage, cancelling AutoBootstrap will also cancel this + // bootstrapAttempt. + result = await this.#bootstrapAttempt.run(progressCallback, options); + } catch (error) { + // Only re-try with the next settings *if* we have a BootstrapError. + // Other errors will end this auto-bootstrap attempt entirely. + if ( + error instanceof TorConnectError && + error.code === TorConnectError.BootstrapError + ) { + lazy.logger.info("TorConnect setting failed", setting, error); + // Try with the next settings. + // NOTE: We do not restore the user settings in between these runs. + // Instead we wait for #resolveRun callback to do so. + // This means there is a window of time where the setting is applied, but + // no bootstrap is running. + return; + } + // Pass error up. + throw error; + } finally { + this.#bootstrapAttempt = null; + } -class DisabledState extends StateCallback { - // Trap state: no way to leave the Disabled state. - allowedTransitions = Object.freeze([]); + if (this.#cancelled || this.#resolved) { + return; + } - constructor() { - super(TorConnectState.Disabled); + // Pass the BootstrapAttempt result up. + this.#resolveRun({ result }); } - async run() { - lazy.logger.debug("Entered the disabled state."); + /** + * Cancel the bootstrap attempt. + */ + async cancel() { + if (this.#cancelled) { + lazy.logger.warn( + "Cancelled auto-bootstrap after it has already been cancelled" + ); + return; + } + this.#cancelled = true; + this.#resolveCancelled(); + if (this.#resolved) { + lazy.logger.warn( + "Cancelled auto-bootstrap after it has already resolved" + ); + return; + } + + // Wait until after bootstrap.cancel returns before we resolve with + // cancelled. In particular, there is a small chance that the bootstrap + // completes, in which case we want to be able to resolve with a success + // instead. + if (this.#bootstrapAttempt) { + this.#bootstrapAttempt.cancel(); + await this.#bootstrapAttempt; + } + // In case no bootstrap is running, we resolve with "cancelled". + this.#resolveRun({ result: "cancelled" }); } } @@ -721,8 +709,11 @@ class InternetTest { #pending = false; #canceled = false; #timeout = 0; + #simulateOffline = false; + + constructor(simulateOffline) { + this.#simulateOffline = simulateOffline; - constructor() { this.#enabled = Services.prefs.getBoolPref( TorConnectPrefs.allow_internet_test, true @@ -752,6 +743,19 @@ class InternetTest { this.#canceled = false; lazy.logger.info("Starting the Internet test"); + + if (this.#simulateOffline) { + await new Promise(res => setTimeout(res, 500)); + + this.#status = InternetStatus.Offline; + + if (this.#canceled) { + return; + } + this.onResult(this.#status); + return; + } + const mrpc = new lazy.MoatRPC(); try { await mrpc.init(); @@ -792,27 +796,173 @@ class InternetTest { return this.#status; } - get error() { - return this.#error; - } + get error() { + return this.#error; + } + + get enabled() { + return this.#enabled; + } + + // We randomize the Internet test timeout to make fingerprinting it harder, at + // least a little bit... + #timeoutRand() { + const offset = 30000; + const randRange = 5000; + return offset + randRange * (Math.random() * 2 - 1); + } +} + +export const TorConnectStage = Object.freeze({ + Disabled: "Disabled", + Loading: "Loading", + Start: "Start", + Bootstrapping: "Bootstrapping", + Offline: "Offline", + ChooseRegion: "ChooseRegion", + RegionNotFound: "RegionNotFound", + ConfirmRegion: "ConfirmRegion", + FinalError: "FinalError", + Bootstrapped: "Bootstrapped", +}); + +/** + * @typedef {object} ConnectStage + * + * A summary of the user stage. + * + * @property {string} name - The name of the stage. + * @property {string} defaultRegion - The default region to show in the UI. + * @property {?string} bootstrapTrigger - The TorConnectStage prior to this + * bootstrap attempt. Only set during the "Bootstrapping" stage. + * @property {?BootstrapError} error - The last bootstrapping error. + * @property {boolean} tryAgain - Whether a bootstrap attempt has failed, so + * that a normal bootstrap should be shown as "Try Again" instead of + * "Connect". NOTE: to be removed when about:torconnect no longer uses + * breadcrumbs. + * @property {boolean} potentiallyBlocked - Whether bootstrapping has ever + * failed, not including being cancelled or being offline. I.e. whether we + * have reached an error stage at some point before being bootstrapped. + * @property {BootstrappingStatus} bootstrappingStatus - The current + * bootstrapping status. + */ + +/** + * @typedef {object} BootstrappingStatus + * + * The status of a bootstrap. + * + * @property {number} progress - The percent progress. + * @property {boolean} hasWarning - Whether this bootstrap has a warning in the + * Tor log. + */ + +/** + * @typedef {object} BootstrapError + * + * Details about the error that caused bootstrapping to fail. + * + * @property {string} code - The error code type. + * @property {string} message - The error message. + * @property {?string} phase - The bootstrapping phase that failed. + * @property {?string} reason - The bootstrapping failure reason. + */ + +export const TorConnect = { + /** + * Default bootstrap options for simulation. + * + * @type {BootstrapOptions} + */ + simulateBootstrapOptions: {}, + + /** + * The name of the current stage the user is in. + * + * @type {string} + */ + _stageName: TorConnectStage.Loading, + + get stageName() { + return this._stageName; + }, + + /** + * The stage that triggered bootstrapping. + * + * @type {?string} + */ + _bootstrapTrigger: null, + + /** + * The alternative stage that we should move to after bootstrapping completes. + * + * @type {?string} + */ + _requestedStage: null, + + /** + * The default region to show in the UI for auto-bootstrapping. + * + * @type {string} + */ + _defaultRegion: "automatic", + + /** + * The current bootstrap attempt, if any. + * + * @type {?(BootstrapAttempt|AutoBootstrapAttempt)} + */ + _bootstrapAttempt: null, + + /** + * The bootstrap error that was last generated. + * + * @type {?TorConnectError} + */ + _errorDetails: null, + + /** + * Whether a bootstrap attempt has failed, so that a normal bootstrap should + * be shown as "Try Again" instead of "Connect". + * + * @type {boolean} + */ + // TODO: Drop tryAgain when we remove breadcrumbs and use "Start again" + // instead. + _tryAgain: false, - get enabled() { - return this.#enabled; - } + /** + * Whether bootstrapping has ever returned an error. + * + * @type {boolean} + */ + _potentiallyBlocked: false, - // We randomize the Internet test timeout to make fingerprinting it harder, at - // least a little bit... - #timeoutRand() { - const offset = 30000; - const randRange = 5000; - return offset + randRange * (Math.random() * 2 - 1); - } -} + /** + * Get a summary of the current user stage. + * + * @type {ConnectStage} + */ + get stage() { + return { + name: this._stageName, + defaultRegion: this._defaultRegion, + bootstrapTrigger: this._bootstrapTrigger, + error: this._errorDetails + ? { + code: this._errorDetails.code, + message: String(this._errorDetails.message ?? ""), + phase: this._errorDetails.cause?.phase ?? null, + reason: this._errorDetails.cause?.reason ?? null, + } + : null, + tryAgain: this._tryAgain, + potentiallyBlocked: this._potentiallyBlocked, + bootstrappingStatus: structuredClone(this._bootstrappingStatus), + }; + }, -export const TorConnect = { - _stateHandler: new InitialState(), - _bootstrapProgress: 0, - _internetStatus: InternetStatus.Unknown, // list of country codes Moat has settings for _countryCodes: [], _countryNames: Object.freeze( @@ -826,109 +976,28 @@ export const TorConnect = { return codesNames; })() ), - _detectedLocation: "", - _errorCode: null, - _errorDetails: null, - _logHasWarningOrError: false, - _hasBootstrapEverFailed: false, - _transitionPromise: null, // This is used as a helper to make the state of about:torconnect persistent // during a session, but TorConnect does not use this data at all. _uiState: {}, - _stateCallbacks: Object.freeze( - new Map([ - // Initial is never transitioned to - [TorConnectState.Initial, InitialState], - [TorConnectState.Configuring, ConfiguringState], - [TorConnectState.Bootstrapping, BootstrappingState], - [TorConnectState.AutoBootstrapping, AutoBootstrappingState], - [TorConnectState.Bootstrapped, BootstrappedState], - [TorConnectState.Error, ErrorState], - [TorConnectState.Disabled, DisabledState], - ]) - ), - - _makeState(state) { - const klass = this._stateCallbacks.get(state); - if (!klass) { - throw new Error(`${state} is not a valid state.`); - } - return new klass(); - }, - - async _changeState(newState, ...args) { - if (this._stateHandler.transitioning) { - // Avoid an exception to prevent it to be propagated to the original - // begin call. - lazy.logger.warn("Already transitioning"); - return; - } - const prevState = this._stateHandler; - - // ensure this is a valid state transition - if (!prevState.allowedTransitions.includes(newState)) { - throw Error( - `TorConnect: Attempted invalid state transition from ${prevState.state} to ${newState}` - ); - } - - lazy.logger.trace( - `Try transitioning from ${prevState.state} to ${newState}`, - args - ); - try { - await prevState.end(newState); - } catch (e) { - // We take for granted that the begin of this state will call us again, - // to request the transition to the error state. - if (newState !== TorConnectState.Error) { - lazy.logger.debug( - `Refusing the transition from ${prevState.state} to ${newState} because the previous state threw.` - ); - return; - } - } - - // Set our new state first so that state transitions can themselves - // trigger a state transition. - this._stateHandler = this._makeState(newState); - - // Error signal needs to be sent out before we enter the Error state. - // Expected on android `onBootstrapError` to set lastKnownError. - // Expected in about:torconnect to set the error codes and internet status - // *before* the StateChange signal. - if (newState === TorConnectState.Error) { - let error = args[0]; - if (!(error instanceof TorConnectError)) { - error = new TorConnectError(TorConnectError.ExternalError, error); - } - TorConnect._errorCode = error.code; - TorConnect._errorDetails = error; - lazy.logger.error(`Entering error state (${error.code})`, error); - - Services.obs.notifyObservers(error, TorConnectTopics.Error); - } - - Services.obs.notifyObservers( - { state: newState }, - TorConnectTopics.StateChange - ); - this._stateHandler.begin(...args); + /** + * The status of the most recent bootstrap attempt. + * + * @type {BootstrappingStatus} + */ + _bootstrappingStatus: { + progress: 0, + hasWarning: false, }, - _updateBootstrapProgress(progress, status) { - this._bootstrapProgress = progress; - - lazy.logger.info( - `Bootstrapping ${this._bootstrapProgress}% complete (${status})` - ); + /** + * Notify the bootstrap progress. + */ + _notifyBootstrapProgress() { + lazy.logger.debug("BootstrappingStatus", this._bootstrappingStatus); Services.obs.notifyObservers( - { - progress: TorConnect._bootstrapProgress, - hasWarnings: TorConnect._logHasWarningOrError, - }, + this._bootstrappingStatus, TorConnectTopics.BootstrapProgress ); }, @@ -936,62 +1005,54 @@ export const TorConnect = { // init should be called by TorStartupService init() { lazy.logger.debug("TorConnect.init()"); - this._stateHandler.begin(); if (!this.enabled) { // Disabled - this._changeState(TorConnectState.Disabled); - } else { - let observeTopic = addTopic => { - Services.obs.addObserver(this, addTopic); - lazy.logger.debug(`Observing topic '${addTopic}'`); - }; + this._setStage(TorConnectStage.Disabled); + return; + } - // Wait for TorSettings, as we will need it. - // We will wait for a TorProvider only after TorSettings is ready, - // because the TorProviderBuilder initialization might not have finished - // at this point, and TorSettings initialization is a prerequisite for - // having a provider. - // So, we prefer initializing TorConnect as soon as possible, so that - // the UI will be able to detect it is in the Initializing state and act - // consequently. - lazy.TorSettings.initializedPromise.then(() => - this._settingsInitialized() - ); + let observeTopic = addTopic => { + Services.obs.addObserver(this, addTopic); + lazy.logger.debug(`Observing topic '${addTopic}'`); + }; - // register the Tor topics we always care about - observeTopic(lazy.TorProviderTopics.ProcessExited); - observeTopic(lazy.TorProviderTopics.HasWarnOrErr); - } + // Wait for TorSettings, as we will need it. + // We will wait for a TorProvider only after TorSettings is ready, + // because the TorProviderBuilder initialization might not have finished + // at this point, and TorSettings initialization is a prerequisite for + // having a provider. + // So, we prefer initializing TorConnect as soon as possible, so that + // the UI will be able to detect it is in the Initializing state and act + // consequently. + lazy.TorSettings.initializedPromise.then(() => this._settingsInitialized()); + + // register the Tor topics we always care about + observeTopic(lazy.TorProviderTopics.ProcessExited); + observeTopic(lazy.TorProviderTopics.HasWarnOrErr); }, async observe(subject, topic) { lazy.logger.debug(`Observed ${topic}`); switch (topic) { - case lazy.TorProviderTopics.HasWarnOrErr: { - this._logHasWarningOrError = true; + case lazy.TorProviderTopics.HasWarnOrErr: + if (this._bootstrappingStatus.hasWarning) { + // No change. + return; + } + if (this._stageName === "Bootstrapping") { + this._bootstrappingStatus.hasWarning = true; + this._notifyBootstrapProgress(); + } break; - } - case lazy.TorProviderTopics.ProcessExited: { + case lazy.TorProviderTopics.ProcessExited: + lazy.logger.info("Starting again since the tor process exited"); // Treat a failure as a possibly broken configuration. // So, prevent quickstart at the next start. Services.prefs.setBoolPref(TorLauncherPrefs.prompt_at_startup, true); - switch (this.state) { - case TorConnectState.Bootstrapping: - case TorConnectState.AutoBootstrapping: - case TorConnectState.Bootstrapped: - // If we are in the bootstrap or auto bootstrap, we could go - // through the error phase (and eventually we might do it, if some - // transition calls fail). However, this would start the - // connection assist, so we go directly to configuring. - // FIXME: Find a better way to handle this. - this._changeState(TorConnectState.Configuring); - break; - // Other states naturally resolve in configuration. - } + this._makeStageRequest(TorConnectStage.Start, true); break; - } default: // ignore break; @@ -1003,29 +1064,47 @@ export const TorConnect = { // daemon when it exits (tor-browser#21053, tor-browser#41921). await lazy.TorProviderBuilder.build(); - // tor-browser#41907: This is only a workaround to avoid users being - // bounced back to the initial panel without any explanation. - // Longer term we should disable the clickable elements, or find a UX - // to prevent this from happening (e.g., allow buttons to be clicked, - // but show an intermediate starting state, or a message that tor is - // starting while the butons are disabled, etc...). - // Notice that currently the initial state does not do anything. - // Instead of just waiting, we could move this code in its callback. - // See also tor-browser#41921. - if (this.state !== TorConnectState.Initial) { - lazy.logger.warn( - "The TorProvider was built after the state had already changed." - ); - return; - } lazy.logger.debug("The TorProvider is ready, changing state."); + // NOTE: If the tor process exits before this point, then + // shouldQuickStart would be `false`. + // NOTE: At this point, _requestedStage should still be `null`. + this._setStage(TorConnectStage.Start); if (this.shouldQuickStart) { // Quickstart - this._changeState(TorConnectState.Bootstrapping); - } else { - // Configuring - this._changeState(TorConnectState.Configuring); + this.beginBootstrapping(); + } + }, + + /** + * Set the user stage. + * + * @param {string} name - The name of the stage to move to. + */ + _setStage(name) { + if (this._bootstrapAttempt) { + throw new Error(`Trying to set the stage to ${name} during a bootstrap`); + } + + lazy.logger.info(`Entering stage ${name}`); + const prevState = this.state; + this._stageName = name; + this._bootstrappingStatus.hasWarning = false; + this._bootstrappingStatus.progress = + name === TorConnectStage.Bootstrapped ? 100 : 0; + + Services.obs.notifyObservers(this.stage, TorConnectTopics.StageChange); + + // TODO: Remove when all pages have switched to stage. + const newState = this.state; + if (prevState !== newState) { + Services.obs.notifyObservers( + { state: newState }, + TorConnectTopics.StateChange + ); } + + // Update the progress after the stage has changed. + this._notifyBootstrapProgress(); }, /* @@ -1049,33 +1128,41 @@ export const TorConnect = { return ( this.enabled && // if we have succesfully bootstraped, then no need to show TorConnect - this.state !== TorConnectState.Bootstrapped + this._stageName !== TorConnectStage.Bootstrapped ); }, /** - * Whether bootstrapping can currently begin. + * Whether we are in a stage that can lead into the Bootstrapping stage. I.e. + * whether we can make a "normal" or "auto" bootstrapping request. * - * The value may change with TorConnectTopics.StateChanged. + * The value may change with TorConnectTopics.StageChanged. * * @param {boolean} */ get canBeginBootstrap() { - return this._stateHandler.allowedTransitions.includes( - TorConnectState.Bootstrapping + return ( + this._stageName === TorConnectStage.Start || + this._stageName === TorConnectStage.Offline || + this._stageName === TorConnectStage.ChooseRegion || + this._stageName === TorConnectStage.RegionNotFound || + this._stageName === TorConnectStage.ConfirmRegion ); }, /** - * Whether auto-bootstrapping can currently begin. + * Whether we are in an error stage that can lead into the Bootstrapping + * stage. I.e. whether we can make an "auto" bootstrapping request. * - * The value may change with TorConnectTopics.StateChanged. + * The value may change with TorConnectTopics.StageChanged. * * @param {boolean} */ get canBeginAutoBootstrap() { - return this._stateHandler.allowedTransitions.includes( - TorConnectState.AutoBootstrapping + return ( + this._stageName === TorConnectStage.ChooseRegion || + this._stageName === TorConnectStage.RegionNotFound || + this._stageName === TorConnectStage.ConfirmRegion ); }, @@ -1088,16 +1175,39 @@ export const TorConnect = { ); }, + // TODO: Remove when all pages have switched to "stage". get state() { - return this._stateHandler.state; - }, - - get bootstrapProgress() { - return this._bootstrapProgress; - }, - - get internetStatus() { - return this._internetStatus; + // There is no "Error" stage, but about:torconnect relies on receiving the + // Error state to update its display. So we temporarily set the stage for a + // StateChange signal. + if (this._isErrorState) { + return TorConnectState.Error; + } + switch (this._stageName) { + case TorConnectStage.Disabled: + return TorConnectState.Disabled; + case TorConnectStage.Loading: + return TorConnectState.Initial; + case TorConnectStage.Start: + case TorConnectStage.Offline: + case TorConnectStage.ChooseRegion: + case TorConnectStage.RegionNotFound: + case TorConnectStage.ConfirmRegion: + case TorConnectStage.FinalError: + return TorConnectState.Configuring; + case TorConnectStage.Bootstrapping: + if ( + this._bootstrapTrigger === TorConnectStage.Start || + this._bootstrapTrigger === TorConnectStage.Offline + ) { + return TorConnectState.Bootstrapping; + } + return TorConnectState.AutoBootstrapping; + case TorConnectStage.Bootstrapped: + return TorConnectState.Bootstrapped; + } + lazy.logger.error(`Unknown state at stage ${this._stageName}`); + return null; }, get countryCodes() { @@ -1108,92 +1218,414 @@ export const TorConnect = { return this._countryNames; }, - get detectedLocation() { - return this._detectedLocation; + /** + * Whether the Bootstrapping process has ever failed, not including being + * cancelled or being offline. + * + * The value may change with TorConnectTopics.StageChanged. + * + * @type {boolean} + */ + get potentiallyBlocked() { + return this._potentiallyBlocked; }, - get errorCode() { - return this._errorCode; + /** + * Ensure that we are not disabled. + */ + _ensureEnabled() { + if (!this.enabled || this._stageName === TorConnectStage.Disabled) { + throw new Error("Unexpected Disabled stage for user method"); + } }, - get errorDetails() { - return this._errorDetails; - }, + /** + * Signal an error to listeners. + * + * @param {Error} error - The error. + */ + _signalError(error) { + // TODO: Replace this method with _setError without any signalling when + // pages have switched to stage. + // Currently it simulates the old behaviour for about:torconnect. + lazy.logger.debug("Signalling error", error); + + if (!(error instanceof TorConnectError)) { + error = new TorConnectError(TorConnectError.ExternalError, error); + } + this._errorDetails = error; - get logHasWarningOrError() { - return this._logHasWarningOrError; + // Temporarily set an error state for listeners. + // We send the Error signal before the "StateChange" signal. + // Expected on android `onBootstrapError` to set lastKnownError. + // Expected in about:torconnect to set the error codes and internet status + // *before* the StateChange signal. + this._isErrorState = true; + Services.obs.notifyObservers(error, TorConnectTopics.Error); + Services.obs.notifyObservers( + { state: this.state }, + TorConnectTopics.StateChange + ); + this._isErrorState = false; }, /** - * Whether we have ever entered the Error state. + * Add simulation options to the bootstrap request. * - * @type {boolean} + * @param {BootstrapOptions} bootstrapOptions - The options to add to. + * @param {string} [regionCode] - The region code being used. */ - get hasEverFailed() { - return ErrorState.hasEverHappened; + _addSimulateOptions(bootstrapOptions, regionCode) { + if (this.simulateBootstrapOptions.simulateCensorship) { + bootstrapOptions.simulateCensorship = true; + } + if (this.simulateBootstrapOptions.simulateDelay) { + bootstrapOptions.simulateDelay = + this.simulateBootstrapOptions.simulateDelay; + } + if (this.simulateBootstrapOptions.simulateOffline) { + bootstrapOptions.simulateOffline = true; + } + if (this.simulateBootstrapOptions.simulateMoatResponse) { + bootstrapOptions.simulateMoatResponse = + this.simulateBootstrapOptions.simulateMoatResponse; + } + + const censorshipLevel = Services.prefs.getIntPref( + TorConnectPrefs.censorship_level, + 0 + ); + if (censorshipLevel > 0 && !bootstrapOptions.simulateDelay) { + bootstrapOptions.simulateDelay = 1500; + } + if (censorshipLevel === 1) { + // Bootstrap fails, but auto-bootstrap does not. + if (!regionCode) { + bootstrapOptions.simulateCensorship = true; + } + } else if (censorshipLevel === 2) { + // Bootstrap fails. Auto-bootstrap fails with ConfirmRegion when using + // auto-detect region, but succeeds otherwise. + if (!regionCode) { + bootstrapOptions.simulateCensorship = true; + } + if (regionCode === "automatic") { + bootstrapOptions.simulateCensorship = true; + bootstrapOptions.simulateMoatResponse = { + country: "fi", + settings: [{}, {}], + }; + } + } else if (censorshipLevel === 3) { + // Bootstrap and auto-bootstrap fail. + bootstrapOptions.simulateCensorship = true; + bootstrapOptions.simulateMoatResponse = { + country: null, + settings: [], + }; + } }, /** - * Whether the Bootstrapping process has ever failed, not including when it - * failed due to not being connected to the internet. + * Confirm that a bootstrapping can take place, and whether the given values + * are valid. * - * This does not include a failure in AutoBootstrapping. + * @param {string} [regionCode] - The region code passed in. * - * @type {boolean} + * @return {boolean} whether bootstrapping can proceed. */ - get potentiallyBlocked() { - return this._hasBootstrapEverFailed; - }, + _confirmBootstrapping(regionCode) { + this._ensureEnabled(); + + if (this._bootstrapAttempt) { + lazy.logger.warn( + "Already have an ongoing bootstrap attempt." + + ` Ignoring request with ${regionCode}.` + ); + return false; + } + + const currentStage = this._stageName; + + if (regionCode) { + if (!this.canBeginAutoBootstrap) { + lazy.logger.warn( + `Cannot begin auto bootstrap in stage ${currentStage}` + ); + return false; + } + if ( + regionCode === "automatic" && + currentStage !== TorConnectStage.ChooseRegion + ) { + lazy.logger.warn("Auto bootstrap is missing an explicit regionCode"); + return false; + } + return true; + } + + if (!this.canBeginBootstrap) { + lazy.logger.warn(`Cannot begin bootstrap in stage ${currentStage}`); + return false; + } + if (this.canBeginAutoBootstrap) { + // Only expect "auto" bootstraps to be triggered when in an error stage. + lazy.logger.warn( + `Expected a regionCode to bootstrap in stage ${currentStage}` + ); + return false; + } - get uiState() { - return this._uiState; + return true; }, - set uiState(newState) { - this._uiState = newState; + + /** + * Begin a bootstrap attempt. + * + * @param {string} [regionCode] - An optional region code string to use, or + * "automatic" to automatically determine the region. If given, will start + * an auto-bootstrap attempt. + */ + async beginBootstrapping(regionCode) { + lazy.logger.debug("TorConnect.beginBootstrapping()"); + + if (!this._confirmBootstrapping(regionCode)) { + return; + } + + const beginStage = this._stageName; + const bootstrapOptions = { regionCode }; + const bootstrapAttempt = regionCode + ? new AutoBootstrapAttempt() + : new BootstrapAttempt(); + + if (!regionCode) { + // Only test internet for the first bootstrap attempt. + // TODO: Remove this since we do not have user consent. tor-browser#42605. + bootstrapOptions.testInternet = true; + } + + this._addSimulateOptions(bootstrapOptions, regionCode); + + // NOTE: The only `await` in this method is for `bootstrapAttempt.run`. + // Moreover, we returned early if `_bootstrapAttempt` was non-`null`. + // Therefore, the method is effectively "locked" by `_bootstrapAttempt`, so + // there should only ever be one caller at a time. + + if (regionCode) { + // Set the default to what the user chose. + this._defaultRegion = regionCode; + } else { + // Reset the default region to show in the UI. + this._defaultRegion = "automatic"; + } + this._requestedStage = null; + this._bootstrapTrigger = beginStage; + this._setStage(TorConnectStage.Bootstrapping); + this._bootstrapAttempt = bootstrapAttempt; + + let error = null; + let result = null; + try { + result = await bootstrapAttempt.run(progress => { + this._bootstrappingStatus.progress = progress; + lazy.logger.info(`Bootstrapping ${progress}% complete`); + this._notifyBootstrapProgress(); + }, bootstrapOptions); + } catch (err) { + error = err; + } + + const requestedStage = this._requestedStage; + this._requestedStage = null; + this._bootstrapTrigger = null; + this._bootstrapAttempt = null; + + if (bootstrapAttempt.detectedRegion) { + this._defaultRegion = bootstrapAttempt.detectedRegion; + } + + if (result === "complete") { + // Reset tryAgain, potentiallyBlocked and errorDetails in case the tor + // process exists later on. + this._tryAgain = false; + this._potentiallyBlocked = false; + this._errorDetails = null; + + if (requestedStage) { + lazy.logger.warn( + `Ignoring ${requestedStage} request since we are bootstrapped` + ); + } + this._setStage(TorConnectStage.Bootstrapped); + Services.obs.notifyObservers(null, TorConnectTopics.BootstrapComplete); + return; + } + + if (requestedStage) { + lazy.logger.debug("Ignoring bootstrap result", result, error); + this._setStage(requestedStage); + return; + } + + if ( + result === "offline" && + (beginStage === TorConnectStage.Start || + beginStage === TorConnectStage.Offline) + ) { + this._tryAgain = true; + this._signalError(new TorConnectError(TorConnectError.Offline)); + + this._setStage(TorConnectStage.Offline); + return; + } + + if (error) { + lazy.logger.info("Bootstrap attempt error", error); + + this._tryAgain = true; + this._potentiallyBlocked = true; + + this._signalError(error); + + switch (beginStage) { + case TorConnectStage.Start: + case TorConnectStage.Offline: + this._setStage(TorConnectStage.ChooseRegion); + return; + case TorConnectStage.ChooseRegion: + // TODO: Uncomment for behaviour in tor-browser#42550. + /* + if (regionCode !== "automatic") { + // Not automatic. Go straight to the final error. + this._setStage(TorConnectStage.FinalError); + return; + } + */ + if (regionCode !== "automatic" || bootstrapAttempt.detectedRegion) { + this._setStage(TorConnectStage.ConfirmRegion); + return; + } + this._setStage(TorConnectStage.RegionNotFound); + return; + } + this._setStage(TorConnectStage.FinalError); + return; + } + + // Bootstrap was cancelled. + if (result !== "cancelled") { + lazy.logger.error(`Unexpected bootstrap result`, result); + } + + // TODO: Remove this Offline hack when pages use "stage". + if (beginStage === TorConnectStage.Offline) { + // Re-send the "Offline" error to push the pages back to "Offline". + this._signalError(new TorConnectError(TorConnectError.Offline)); + } + + // Return to the previous stage. + this._setStage(beginStage); }, - /* - These functions allow external consumers to tell TorConnect to transition states + /** + * Cancel an ongoing bootstrap attempt. */ + cancelBootstrapping() { + lazy.logger.debug("TorConnect.cancelBootstrapping()"); + + this._ensureEnabled(); + + if (!this._bootstrapAttempt) { + lazy.logger.warn("No bootstrap attempt to cancel"); + return; + } - beginBootstrap() { - lazy.logger.debug("TorConnect.beginBootstrap()"); - this._changeState(TorConnectState.Bootstrapping); + this._bootstrapAttempt.cancel(); }, - cancelBootstrap() { - lazy.logger.debug("TorConnect.cancelBootstrap()"); + /** + * Request the transition to the given stage. + * + * If we are bootstrapping, it will be cancelled and the stage will be + * transitioned to when it resolves. Otherwise, we will switch to the stage + * immediately. + * + * @param {string} stage - The stage to request. + * @param {boolean} [overideBootstrapped=false] - Whether the request can + * override the "Bootstrapped" stage. + */ + _makeStageRequest(stage, overrideBootstrapped = false) { + lazy.logger.debug(`Request for stage ${stage}`); + + this._ensureEnabled(); + + if (stage === this._stageName) { + lazy.logger.info(`Ignoring request for current stage ${stage}`); + return; + } if ( - this.state !== TorConnectState.AutoBootstrapping && - this.state !== TorConnectState.Bootstrapping + !overrideBootstrapped && + this._stageName === TorConnectStage.Bootstrapped ) { + lazy.logger.warn(`Cannot move to ${stage} when bootstrapped`); + return; + } + if (this._stageName === TorConnectStage.Loading) { + if (stage === TorConnectStage.Start) { + // Will transition to "Start" stage when loading completes. + lazy.logger.info("Still in the Loading stage"); + } else { + lazy.logger.warn(`Cannot move to ${stage} when Loading`); + } + return; + } + + if (!this._bootstrapAttempt) { + // Transition immediately. + this._setStage(stage); + return; + } + + if (this._requestedStage === stage) { + lazy.logger.info(`Already requesting stage ${stage}`); + return; + } + if (this._requestedStage) { lazy.logger.warn( - `Cannot cancel bootstrapping in the ${this.state} state` + `Overriding request for ${this._requestedStage} with ${stage}` ); - return; } - this._changeState(TorConnectState.Configuring); + // Move to stage *after* bootstrap completes. + this._requestedStage = stage; + this._bootstrapAttempt?.cancel(); }, - beginAutoBootstrap(countryCode) { - lazy.logger.debug("TorConnect.beginAutoBootstrap()"); - this._changeState(TorConnectState.AutoBootstrapping, countryCode); + /** + * Restart the TorConnect stage to the start. + */ + startAgain() { + this._makeStageRequest(TorConnectStage.Start); }, - /* - Further external commands and helper methods + /** + * Set the stage to be "ChooseRegion". */ - openTorPreferences() { - if (lazy.TorLauncherUtil.isAndroid) { - lazy.EventDispatcher.instance.sendRequest({ - type: "GeckoView:Tor:OpenSettings", - }); + chooseRegion() { + if (!this._potentiallyBlocked) { + lazy.logger.error("chooseRegion request before getting an error"); return; } - const win = lazy.BrowserWindowTracker.getTopWindow(); - win.switchToTabHavingURI("about:preferences#connection", true); + // NOTE: The ChooseRegion stage needs _errorDetails to be displayed in + // about:torconnect. The _potentiallyBlocked condition should be + // sufficient to ensure this. + this._makeStageRequest(TorConnectStage.ChooseRegion); }, + /* + Further external commands and helper methods + */ + /** * Open the "about:torconnect" tab. * @@ -1204,10 +1636,11 @@ export const TorConnect = { * potentially blocked. * * @param {object} [options] - extra options. - * @property {boolean} [options.beginBootstrap=false] - Whether to try and - * begin Bootstrapping. - * @property {string} [options.beginAutoBootstrap] - The location to use to - * begin AutoBootstrapping, if possible. + * @property {"soft"|"hard"} [options.beginBootstrapping] - Whether to try and + * begin bootstrapping. "soft" will only trigger the bootstrap if we are not + * `potentiallyBlocked`. "hard" will try begin the bootstrap regardless. + * @property {string} [options.regionCode] - A region to pass in for + * auto-bootstrapping. */ openTorConnect(options) { // FIXME: Should we move this to the about:torconnect actor? @@ -1215,25 +1648,23 @@ export const TorConnect = { win.switchToTabHavingURI("about:torconnect", true, { ignoreQueryString: true, }); - if ( - options?.beginBootstrap && - this.canBeginBootstrap && - !this.potentiallyBlocked - ) { - this.beginBootstrap(); + + if (!options?.beginBootstrapping || !this.canBeginBootstrap) { + return; } - // options.beginAutoBootstrap can be an empty string. - if ( - options?.beginAutoBootstrap !== undefined && - this.canBeginAutoBootstrap - ) { - this.beginAutoBootstrap(options.beginAutoBootstrap); + + if (options.beginBootstrapping === "hard") { + if (this.canBeginAutoBootstrap && !options.regionCode) { + // Treat as an addition startAgain request to first move back to the + // "Start" stage before bootstrapping. + this.startAgain(); + } + } else if (this.potentiallyBlocked) { + // Do not trigger the bootstrap if we have ever had an error. + return; } - }, - viewTorLogs() { - const win = lazy.BrowserWindowTracker.getTopWindow(); - win.switchToTabHavingURI("about:preferences#connection-viewlogs", true); + this.beginBootstrapping(options.regionCode); }, async getCountryCodes() { View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/bb3cd9… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/bb3cd9… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-128.4.0esr-14.0-1] 2 commits: Bug 373 - reenable webrtc builds
by Pier Angelo Vendrame (＠pierov) 13 Nov '24

13 Nov '24

Pier Angelo Vendrame pushed to branch mullvad-browser-128.4.0esr-14.0-1 at The Tor Project / Applications / Mullvad Browser Commits: ce9c6700 by june wilde at 2024-10-31T20:58:36+00:00 Bug 373 - reenable webrtc builds - - - - - 385aa055 by june wilde at 2024-10-31T20:58:36+00:00 fixup! MB 320: Temporarily disable WebRTC and WDBA on Windows. - - - - - 4 changed files: - mozconfig-windows-x86_64 - third_party/libwebrtc/modules/desktop_capture/win/wgc_capture_session.cc - third_party/libwebrtc/modules/desktop_capture/win/wgc_capturer_win.cc - third_party/libwebrtc/modules/desktop_capture/win/wgc_capturer_win.h Changes: ===================================== mozconfig-windows-x86_64 ===================================== @@ -23,5 +23,4 @@ ac_add_options --disable-notification-server ac_add_options --disable-eme # tor-browser#320: Temporarily disable until we resolve the mingw problems. -ac_add_options --disable-webrtc ac_add_options --disable-default-browser-agent ===================================== third_party/libwebrtc/modules/desktop_capture/win/wgc_capture_session.cc ===================================== @@ -10,9 +10,9 @@ #include "modules/desktop_capture/win/wgc_capture_session.h" -#include <DispatcherQueue.h> +#include <dispatcherqueue.h> #include <windows.graphics.capture.interop.h> -#include <windows.graphics.directX.direct3d11.interop.h> +#include <windows.graphics.directx.direct3d11.interop.h> #include <windows.graphics.h> #include <wrl/client.h> #include <wrl/event.h> @@ -181,9 +181,7 @@ HRESULT WgcCaptureSession::StartCapture(const DesktopCaptureOptions& options) { if (!options.prefer_cursor_embedded()) { ComPtr<ABI::Windows::Graphics::Capture::IGraphicsCaptureSession2> session2; - if (SUCCEEDED(session_->QueryInterface( - ABI::Windows::Graphics::Capture::IID_IGraphicsCaptureSession2, - &session2))) { + if (SUCCEEDED(session_->QueryInterface(IID_PPV_ARGS(&session2)))) { session2->put_IsCursorCaptureEnabled(false); } } @@ -367,7 +365,7 @@ HRESULT WgcCaptureSession::ProcessFrame() { return hr; } - ComPtr<Windows::Graphics::DirectX::Direct3D11::IDirect3DDxgiInterfaceAccess> + ComPtr<ABI::Windows::Graphics::DirectX::Direct3D11::IDirect3DDxgiInterfaceAccess> direct3DDxgiInterfaceAccess; hr = d3d_surface->QueryInterface(IID_PPV_ARGS(&direct3DDxgiInterfaceAccess)); if (FAILED(hr)) { ===================================== third_party/libwebrtc/modules/desktop_capture/win/wgc_capturer_win.cc ===================================== @@ -10,7 +10,7 @@ #include "modules/desktop_capture/win/wgc_capturer_win.h" -#include <DispatcherQueue.h> +#include <dispatcherqueue.h> #include <windows.foundation.metadata.h> #include <windows.graphics.capture.h> ===================================== third_party/libwebrtc/modules/desktop_capture/win/wgc_capturer_win.h ===================================== @@ -11,7 +11,7 @@ #ifndef MODULES_DESKTOP_CAPTURE_WIN_WGC_CAPTURER_WIN_H_ #define MODULES_DESKTOP_CAPTURE_WIN_WGC_CAPTURER_WIN_H_ -#include <DispatcherQueue.h> +#include <dispatcherqueue.h> #include <d3d11.h> #include <wrl/client.h> View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/57… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/57… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-128.4.0esr-14.0-1] 2 commits: Bug 373 - reenable webrtc builds
by Pier Angelo Vendrame (＠pierov) 13 Nov '24

13 Nov '24

Pier Angelo Vendrame pushed to branch mullvad-browser-128.4.0esr-14.0-1 at The Tor Project / Applications / Mullvad Browser Commits: b1fdb17f by june wilde at 2024-11-13T08:51:01+01:00 Bug 373 - reenable webrtc builds - - - - - 573d0e51 by june wilde at 2024-11-13T08:51:07+01:00 fixup! MB 320: Temporarily disable WebRTC and WDBA on Windows. - - - - - 4 changed files: - mozconfig-windows-x86_64 - third_party/libwebrtc/modules/desktop_capture/win/wgc_capture_session.cc - third_party/libwebrtc/modules/desktop_capture/win/wgc_capturer_win.cc - third_party/libwebrtc/modules/desktop_capture/win/wgc_capturer_win.h Changes: ===================================== mozconfig-windows-x86_64 ===================================== @@ -23,5 +23,4 @@ ac_add_options --disable-notification-server ac_add_options --disable-eme # tor-browser#320: Temporarily disable until we resolve the mingw problems. -ac_add_options --disable-webrtc ac_add_options --disable-default-browser-agent ===================================== third_party/libwebrtc/modules/desktop_capture/win/wgc_capture_session.cc ===================================== @@ -10,9 +10,9 @@ #include "modules/desktop_capture/win/wgc_capture_session.h" -#include <DispatcherQueue.h> +#include <dispatcherqueue.h> #include <windows.graphics.capture.interop.h> -#include <windows.graphics.directX.direct3d11.interop.h> +#include <windows.graphics.directx.direct3d11.interop.h> #include <windows.graphics.h> #include <wrl/client.h> #include <wrl/event.h> @@ -181,9 +181,7 @@ HRESULT WgcCaptureSession::StartCapture(const DesktopCaptureOptions& options) { if (!options.prefer_cursor_embedded()) { ComPtr<ABI::Windows::Graphics::Capture::IGraphicsCaptureSession2> session2; - if (SUCCEEDED(session_->QueryInterface( - ABI::Windows::Graphics::Capture::IID_IGraphicsCaptureSession2, - &session2))) { + if (SUCCEEDED(session_->QueryInterface(IID_PPV_ARGS(&session2)))) { session2->put_IsCursorCaptureEnabled(false); } } @@ -367,7 +365,7 @@ HRESULT WgcCaptureSession::ProcessFrame() { return hr; } - ComPtr<Windows::Graphics::DirectX::Direct3D11::IDirect3DDxgiInterfaceAccess> + ComPtr<ABI::Windows::Graphics::DirectX::Direct3D11::IDirect3DDxgiInterfaceAccess> direct3DDxgiInterfaceAccess; hr = d3d_surface->QueryInterface(IID_PPV_ARGS(&direct3DDxgiInterfaceAccess)); if (FAILED(hr)) { ===================================== third_party/libwebrtc/modules/desktop_capture/win/wgc_capturer_win.cc ===================================== @@ -10,7 +10,7 @@ #include "modules/desktop_capture/win/wgc_capturer_win.h" -#include <DispatcherQueue.h> +#include <dispatcherqueue.h> #include <windows.foundation.metadata.h> #include <windows.graphics.capture.h> ===================================== third_party/libwebrtc/modules/desktop_capture/win/wgc_capturer_win.h ===================================== @@ -11,7 +11,7 @@ #ifndef MODULES_DESKTOP_CAPTURE_WIN_WGC_CAPTURER_WIN_H_ #define MODULES_DESKTOP_CAPTURE_WIN_WGC_CAPTURER_WIN_H_ -#include <DispatcherQueue.h> +#include <dispatcherqueue.h> #include <d3d11.h> #include <wrl/client.h> View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/00… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/00… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.4.0esr-14.5-1] 4 commits: fixup! Bug 40933: Add tor-launcher functionality
by Pier Angelo Vendrame (＠pierov) 13 Nov '24

13 Nov '24

Pier Angelo Vendrame pushed to branch tor-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: 82705e37 by Pier Angelo Vendrame at 2024-11-12T17:32:04+01:00 fixup! Bug 40933: Add tor-launcher functionality Make optional members in JSDoc comments more consistent with Firefox's codebase. - - - - - 163c91b6 by Pier Angelo Vendrame at 2024-11-12T17:32:05+01:00 fixup! Bug 40933: Add tor-launcher functionality Bug 10439: Ask the the SOCKS port to the tor process. Allow specifying a negative port as TOR_SOCKS_PORT to let the tor process choose one for us. This does not play too well with DisableNetwork, which we use to start and stop the bootstrap, so we have to query the port every time we change this setting. Also, currently we use Firefox's preferences for SOCKS port. This prevents us from keeping a negative number saved in them. See also tor-browser#42062. - - - - - f7e4e221 by Pier Angelo Vendrame at 2024-11-12T17:32:06+01:00 fixup! Bug 40933: Add tor-launcher functionality Bug 42714: Allow to optionally use a TCP listener on Android. - - - - - bb3cd92e by Pier Angelo Vendrame at 2024-11-12T17:32:06+01:00 fixup! Bug 42247: Android helpers for the TorProvider Bug 42714: Allow to optionally use a TCP listener on Android. - - - - - 6 changed files: - mobile/android/geckoview/src/main/java/org/mozilla/geckoview/TorIntegrationAndroid.java - toolkit/components/tor-launcher/TorControlPort.sys.mjs - toolkit/components/tor-launcher/TorLauncherUtil.sys.mjs - toolkit/components/tor-launcher/TorProcess.sys.mjs - toolkit/components/tor-launcher/TorProcessAndroid.sys.mjs - toolkit/components/tor-launcher/TorProvider.sys.mjs Changes: ===================================== mobile/android/geckoview/src/main/java/org/mozilla/geckoview/TorIntegrationAndroid.java ===================================== @@ -220,12 +220,18 @@ public class TorIntegrationAndroid implements BundleEventListener { if (previousProcess != null) { Log.w(TAG, "We still have a running process: " + previousProcess.getHandle()); } - mTorProcess = new TorProcess(handle); + + boolean tcpSocks = message.getBoolean("tcpSocks", false); + mTorProcess = new TorProcess(handle, tcpSocks); GeckoBundle bundle = new GeckoBundle(3); bundle.putString("controlPortPath", mIpcDirectory + CONTROL_PORT_FILE); - bundle.putString("socksPath", mIpcDirectory + SOCKS_FILE); bundle.putString("cookieFilePath", mIpcDirectory + COOKIE_AUTH_FILE); + if (tcpSocks) { + bundle.putInt("socksPort", 0); + } else { + bundle.putString("socksPath", mIpcDirectory + SOCKS_FILE); + } callback.sendSuccess(bundle); } @@ -254,10 +260,12 @@ public class TorIntegrationAndroid implements BundleEventListener { private static final String EVENT_TOR_START_FAILED = "GeckoView:Tor:TorStartFailed"; private static final String EVENT_TOR_EXITED = "GeckoView:Tor:TorExited"; private final String mHandle; + private final boolean mTcpSocks; private Process mProcess = null; - TorProcess(String handle) { + TorProcess(String handle, boolean tcpSocks) { mHandle = handle; + mTcpSocks = tcpSocks; setName("tor-process-" + handle); start(); } @@ -273,8 +281,13 @@ public class TorIntegrationAndroid implements BundleEventListener { args.add("1"); args.add("+__ControlPort"); args.add("unix:" + ipcDir + CONTROL_PORT_FILE); + final String socksFlags = " IPv6Traffic PreferIPv6 KeepAliveIsolateSOCKSAuth"; args.add("+__SocksPort"); - args.add("unix:" + ipcDir + SOCKS_FILE + " IPv6Traffic PreferIPv6 KeepAliveIsolateSOCKSAuth"); + args.add("unix:" + ipcDir + SOCKS_FILE + socksFlags); + if (mTcpSocks) { + args.add("+__SocksPort"); + args.add("auto " + socksFlags); + } args.add("CookieAuthentication"); args.add("1"); args.add("CookieAuthFile"); ===================================== toolkit/components/tor-launcher/TorControlPort.sys.mjs ===================================== @@ -298,6 +298,12 @@ class AsyncSocket { * @property {string} [options] Optional options passed to the binary (only for * exec) */ +/** + * @typedef {object} SocksListener + * @property {string} [ipcPath] path to a Unix socket to use for an IPC proxy + * @property {string} [host] The host to connect for a TCP proxy + * @property {number} [port] The port number to use for a TCP proxy + */ /** * @typedef {object} OnionAuthKeyInfo * @property {string} address The address of the onion service @@ -746,6 +752,32 @@ export class TorController { return this.#getInfo(`ip-to-country/${ip}`); } + /** + * Ask tor which ports it is listening to for SOCKS connections. + * + * @returns {Promise<SocksListener[]>} An array of addresses. It might be + * empty (e.g., when DisableNetwork is set) + */ + async getSocksListeners() { + const listeners = await this.#getInfo("net/listeners/socks"); + return Array.from( + listeners.matchAll(/\s*("(?:[^"\\]|\\.)*"|\S+)\s*/g), + m => { + const listener = TorParsers.unescapeString(m[1]); + if (listener.startsWith("unix:/")) { + return { ipcPath: listener.substring(5) }; + } + const idx = listener.lastIndexOf(":"); + const host = listener.substring(0, idx); + const port = parseInt(listener.substring(idx + 1)); + if (isNaN(port) || port <= 0 || port > 65535 || !host || !port) { + throw new Error(`Could not parse the SOCKS listener ${listener}.`); + } + return { host, port }; + } + ); + } + /** * Ask Tor a list of circuits. * ===================================== toolkit/components/tor-launcher/TorLauncherUtil.sys.mjs ===================================== @@ -449,7 +449,7 @@ export const TorLauncherUtil = Object.freeze({ * If network.proxy.socks contains a file: URL, a default value of * "127.0.0.1" is used instead. * If the network.proxy.socks_port value is not valid (outside the - * (0; 65535] range), a default value of 9150 is used instead. + * (0; 65535] range), we will let the tor daemon choose a port. * * The SOCKS configuration will not influence the launch of a tor daemon and * the configuration of the control port in any way. @@ -458,13 +458,6 @@ export const TorLauncherUtil = Object.freeze({ * This also applies to TOR_TRANSPROXY (at least for now): tor will be * launched with its defaults. * - * TODO: add a preference to ignore the current configuration, and let tor - * listen on any free port. Then, the browser will prompt the daemon the port - * to use through the control port (even though this is quite dangerous at the - * moment, because with network disabled tor will disable also the SOCKS - * listeners, so it means that we will have to check it every time we change - * the network status). - * * @returns {SocksSettings} */ getPreferredSocksConfiguration() { @@ -491,7 +484,7 @@ export const TorLauncherUtil = Object.freeze({ } if (Services.env.exists("TOR_SOCKS_PORT")) { const port = parseInt(Services.env.get("TOR_SOCKS_PORT"), 10); - if (Number.isInteger(port) && port > 0 && port <= 65535) { + if (Number.isInteger(port) && port >= 0 && port <= 65535) { socksPortInfo.port = port; useIPC = false; } @@ -522,20 +515,32 @@ export const TorLauncherUtil = Object.freeze({ socksPortInfo.host = socksAddrHasHost ? socksAddr : "127.0.0.1"; } - if (!socksPortInfo.port) { + if (socksPortInfo.port === undefined) { let socksPort = Services.prefs.getIntPref( "network.proxy.socks_port", - 0 + 9150 ); - // This pref is set as 0 by default in Firefox, use 9150 if we get 0. - socksPortInfo.port = - socksPort > 0 && socksPort <= 65535 ? socksPort : 9150; + if (socksPort > 0 && socksPort <= 65535) { + socksPortInfo.port = socksPort; + } else { + // Automatic port number, we have to query tor over the control port + // every time we change DisableNetwork. + socksPortInfo.port = 0; + } } } return socksPortInfo; }, + /** + * Apply our proxy configuration to the browser. + * + * Currently, we try to configure the Tor daemon to match the browser's + * configuration, but this might change in the future (tor-browser#42062). + * + * @param {SocksSettings} socksPortInfo The configuration to apply + */ setProxyConfiguration(socksPortInfo) { if (socksPortInfo.transproxy) { Services.prefs.setBoolPref("network.proxy.socks_remote_dns", false); @@ -556,7 +561,7 @@ export const TorLauncherUtil = Object.freeze({ if (socksPortInfo.host) { Services.prefs.setCharPref("network.proxy.socks", socksPortInfo.host); } - if (socksPortInfo.port) { + if (socksPortInfo.port > 0 && socksPortInfo.port <= 65535) { Services.prefs.setIntPref( "network.proxy.socks_port", socksPortInfo.port ===================================== toolkit/components/tor-launcher/TorProcess.sys.mjs ===================================== @@ -53,13 +53,16 @@ export class TorProcess { throw new Error("Unauthenticated control port is not supported"); } - const checkPort = port => + const checkPort = (port, allowZero) => port === undefined || - (Number.isInteger(port) && port > 0 && port < 65535); - if (!checkPort(controlSettings?.port)) { + (Number.isInteger(port) && + port < 65535 && + (port > 0 || (allowZero && port === 0))); + if (!checkPort(controlSettings?.port, false)) { throw new Error("Invalid control port"); } - if (!checkPort(socksSettings.port)) { + // Port 0 for SOCKS means automatic port. + if (!checkPort(socksSettings.port, true)) { throw new Error("Invalid port specified for the SOCKS port"); } @@ -296,10 +299,12 @@ export class TorProcess { let socksPortArg; if (this.#socksSettings.ipcFile) { socksPortArg = this.#socksSettings.ipcFile; - } else if (this.#socksSettings.port != 0) { + } else if (this.#socksSettings.port > 0) { socksPortArg = this.#socksSettings.host ? `${this.#socksSettings.host}:${this.#socksSettings.port}` : this.#socksSettings.port.toString(); + } else { + socksPortArg = "auto"; } if (socksPortArg) { const socksPortFlags = Services.prefs.getCharPref( ===================================== toolkit/components/tor-launcher/TorProcessAndroid.sys.mjs ===================================== @@ -77,6 +77,10 @@ export class TorProcessAndroid { config = await lazy.EventDispatcher.instance.sendRequestForResult({ type: TorOutgoingEvents.start, handle: this.#processHandle, + tcpSocks: Services.prefs.getBoolPref( + "extensions.torlauncher.socks_port_use_tcp", + false + ), }); logger.debug("Sent the start event."); } catch (e) { ===================================== toolkit/components/tor-launcher/TorProvider.sys.mjs ===================================== @@ -27,23 +27,23 @@ const logger = console.createInstance({ * @typedef {object} ControlPortSettings An object with the settings to use for * the control port. All the entries are optional, but an authentication * mechanism and a communication method must be specified. - * @property {Uint8Array=} password The clear text password as an array of + * @property {Uint8Array} [password] The clear text password as an array of * bytes. It must always be defined, unless cookieFilePath is - * @property {string=} cookieFilePath The path to the cookie file to use for + * @property {string} [cookieFilePath] The path to the cookie file to use for * authentication - * @property {nsIFile=} ipcFile The nsIFile object with the path to a Unix + * @property {nsIFile} [ipcFile] The nsIFile object with the path to a Unix * socket to use for control socket - * @property {string=} host The host to connect for a TCP control port - * @property {number=} port The port number to use for a TCP control port + * @property {string} [host] The host to connect for a TCP control port + * @property {number} [port] The port number to use for a TCP control port */ /** * @typedef {object} SocksSettings An object that includes the proxy settings to * be configured in the browser. - * @property {boolean=} transproxy If true, no proxy is configured - * @property {nsIFile=} ipcFile The nsIFile object with the path to a Unix + * @property {boolean} [transproxy] If true, no proxy is configured + * @property {nsIFile} [ipcFile] The nsIFile object with the path to a Unix * socket to use for an IPC proxy - * @property {string=} host The host to connect for a TCP proxy - * @property {number=} port The port number to use for a TCP proxy + * @property {string} [host] The host to connect for a TCP proxy + * @property {number} [port] The port number to use for a TCP proxy */ /** * @typedef {object} LogEntry An object with a log message @@ -345,6 +345,25 @@ export class TorProvider { */ async connect() { await this.#controller.setNetworkEnabled(true); + if (this.#socksSettings.port === 0) { + // Enablign/disabling network resets also the SOCKS listener. + // So, every time we do it, we need to update the browser's configuration + // to use the updated port. + const settings = structuredClone(this.#socksSettings); + for (const listener of await this.#controller.getSocksListeners()) { + // When set to automatic port, ignore any IPC listener, as the intention + // was to use TCP. + if (listener.ipcPath) { + continue; + } + // The tor daemon can have any number of SOCKS listeners (see SocksPort + // in man 1 tor). We take for granted that any TCP one will work for us. + settings.host = listener.host; + settings.port = listener.port; + break; + } + TorLauncherUtil.setProxyConfiguration(settings); + } this.#lastWarning = {}; this.retrieveBootstrapStatus(); } @@ -569,14 +588,24 @@ export class TorProvider { logger.debug("Trying to start the tor process."); const res = await this.#torProcess.start(); if (TorLauncherUtil.isAndroid) { + logger.debug("Configuration from TorProcessAndriod", res); this.#controlPortSettings = { ipcFile: new lazy.FileUtils.File(res.controlPortPath), cookieFilePath: res.cookieFilePath, }; this.#socksSettings = { transproxy: false, - ipcFile: new lazy.FileUtils.File(res.socksPath), }; + if (res.socksPath) { + this.#socksSettings.ipcFile = new lazy.FileUtils.File(res.socksPath); + } else if (res.socksPort !== undefined) { + this.#socksSettings.host = res.socksHost ?? "127.0.0.1"; + this.#socksSettings.port = res.socksPort; + } else { + throw new Error( + "TorProcessAndroid did not return a valid SOCKS configuration." + ); + } } logger.info("Started a tor process"); } View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/d4097f… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/d4097f… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag tbb-14.0.2-build1
by morgan (＠morgan) 12 Nov '24

12 Nov '24

morgan pushed new tag tbb-14.0.2-build1 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/tbb… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-14.0] Bug 41293: Prepare Tor Browser 14.0.2
by morgan (＠morgan) 12 Nov '24

12 Nov '24

morgan pushed to branch maint-14.0 at The Tor Project / Applications / tor-browser-build Commits: ca00f0c4 by Morgan at 2024-11-12T19:23:44+00:00 Bug 41293: Prepare Tor Browser 14.0.2 - - - - - 8 changed files: - projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt - projects/browser/config - projects/firefox/config - projects/geckoview/config - projects/go/config - projects/manual/config - projects/translation/config - rbm.conf Changes: ===================================== projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt ===================================== @@ -1,3 +1,19 @@ +Tor Browser 14.0.2 - November 12 2024 + * All Platforms + * Updated NoScript to 11.5.2 + * Bug 43257: NoScript-blocked content placeholders causing slow downs [tor-browser] + * Windows + macOS + Linux + * Bug 32668: NoScript default whitelist re-appears on clicking NoScript Options / Reset [tor-browser] + * Bug 43258: NoScript Lifecycle error on extension updates [tor-browser] + * Bug 43262: Onion keys dialog. "Remove" removes all keys, "Remove all" does nothing. [tor-browser] + * macOS + * Bug 43245: TB14 on macOS crashing when visiting some onionsites [tor-browser] + * Build System + * All Platforms + * Updated Go to 1.22.9 + * Windows + macOS + Linux + * Bug 41286: Update the deploy update scripts to optinally take an override hash [tor-browser-build] + Tor Browser 14.0.1 - October 29 2024 * All Platforms * Updated Tor to 0.4.8.13 ===================================== projects/browser/config ===================================== @@ -108,9 +108,9 @@ input_files: enable: '[% ! c("var/android") %]' - filename: Bundle-Data enable: '[% ! c("var/android") %]' - - URL: https://addons.mozilla.org/firefox/downloads/file/4377088/noscript-11.5.0.x… + - URL: https://addons.mozilla.org/firefox/downloads/file/4379558/noscript-11.5.2.x… name: noscript - sha256sum: 999244c7be75e58fe16cb2880711013ca079822da1dab65e7eb375c1faf5baad + sha256sum: 460aaa6484bf8422415dfe08260e8536866e3731ed5b8b7913cf4b7b1333493a - URL: https://addons.mozilla.org/firefox/downloads/file/4359936/ublock_origin-1.6… name: ublock-origin sha256sum: e2cda9b2a1b0a7f6e5ef0da9f87f28df52f8560587ba2e51a3003121cfb81600 ===================================== projects/firefox/config ===================================== @@ -19,7 +19,7 @@ var: browser_series: '14.0' browser_rebase: 1 browser_branch: '[% c("var/browser_series") %]-[% c("var/browser_rebase") %]' - browser_build: 2 + browser_build: 3 branding_directory_prefix: 'tb' copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' nightly_updates_publish_dir: '[% c("var/nightly_updates_publish_dir_prefix") %]nightly-[% c("var/osname") %]' ===================================== projects/geckoview/config ===================================== @@ -21,7 +21,7 @@ var: browser_series: '14.0' browser_rebase: 1 browser_branch: '[% c("var/browser_series") %]-[% c("var/browser_rebase") %]' - browser_build: 2 + browser_build: 3 copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' gitlab_project: https://gitlab.torproject.org/tpo/applications/tor-browser git_commit: '[% exec("git rev-parse HEAD") %]' ===================================== projects/go/config ===================================== @@ -1,5 +1,5 @@ # vim: filetype=yaml sw=2 -version: '1.22.8' +version: '1.22.9' filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' container: use_container: 1 @@ -126,7 +126,7 @@ input_files: enable: '[% ! c("var/linux") %]' - URL: 'https://go.dev/dl/go[% c("version") %].src.tar.gz' name: go - sha256sum: df12c23ebf19dea0f4bf46a22cbeda4a3eca6f474f318390ce774974278440b8 + sha256sum: e81a362f51aee2125722b018e46714e6a055a1954283414c0f937e737013db22 - project: go-bootstrap name: go-bootstrap target_replace: ===================================== projects/manual/config ===================================== @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 # To update, see doc/how-to-update-the-manual.txt # Remember to update also the package's hash, with the version! -version: 215922 +version: 222718 filename: 'manual-[% c("version") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' container: use_container: 1 @@ -23,6 +23,6 @@ input_files: - project: container-image - URL: 'https://build-sources.tbb.torproject.org/manual_[% c("version") %].zip' name: manual - sha256sum: b5ed703f54d52e9f197320f3698e936d585a3fed23cc4f9fbf59edce2869f885 + sha256sum: 051174ba012fa2241e865cc604658a0af116d3bbf9d02474025277fff1b34636 - filename: packagemanual.py name: package_script ===================================== projects/translation/config ===================================== @@ -12,13 +12,13 @@ compress_tar: 'gz' steps: base-browser: base-browser: '[% INCLUDE build %]' - git_hash: f7c77f129447921ec1490f5f401ee27e474b932a + git_hash: 5a074e0814015db3c2edbf63ff8e9d1f552900aa targets: nightly: git_hash: 'base-browser' tor-browser: tor-browser: '[% INCLUDE build %]' - git_hash: ba63bd165f3fd4bdd472815c9761413d4671cfb7 + git_hash: 7276d3d2ad0319c3d3762047226da7ee104d1d42 targets: nightly: git_hash: 'tor-browser' @@ -32,7 +32,7 @@ steps: fenix: '[% INCLUDE build %]' # We need to bump the commit before releasing but just pointing to a branch # might cause too much rebuidling of the Firefox part. - git_hash: 60f82208b8a0a95e91fdb4dcefe8d394c17f64ba + git_hash: f7a877d66205f33e3cf33e717384b504a374039e compress_tar: 'zst' targets: nightly: ===================================== rbm.conf ===================================== @@ -73,11 +73,11 @@ buildconf: git_signtag_opt: '-s' var: - torbrowser_version: '[% IF c("var/tor-browser") %]14.0.1[% ELSE %]14.0a10[% END %]' + torbrowser_version: '[% IF c("var/tor-browser") %]14.0.2[% ELSE %]14.0a10[% END %]' torbrowser_build: 'build1' # This should be the date of when the build is started. For the build # to be reproducible, browser_release_date should always be in the past. - browser_release_date: '2024/10/31 19:43:38' + browser_release_date: '2024/11/12 18:50:24' browser_release_date_timestamp: '[% USE date; date.format(c("var/browser_release_date"), "%s") %]' updater_enabled: 1 build_mar: 1 @@ -85,6 +85,7 @@ var: - '[% IF c("var/mullvad-browser") %]14.0a9[% END %]' - '[% IF c("var/mullvad-browser") %]14.0a8[% END %]' - '[% IF c("var/mullvad-browser") %]14.0a7[% END %]' + - '[% IF c("var/tor-browser") %]14.0.1[% END %]' - '[% IF c("var/tor-browser") %]14.0[% END %]' - '[% IF c("var/tor-browser") %]13.5.7[% END %]' mar_channel_id: '[% c("var/projectname") %]-torproject-[% c("var/channel") %]' View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/c… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/c… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag tor-browser-128.4.0esr-14.0-1-build3
by morgan (＠morgan) 12 Nov '24

12 Nov '24

morgan pushed new tag tor-browser-128.4.0esr-14.0-1-build3 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.4.0esr-14.5-1] 2 commits: fixup! Lox integration
by Pier Angelo Vendrame (＠pierov) 12 Nov '24

12 Nov '24

Pier Angelo Vendrame pushed to branch tor-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: eb5aaf7e by Henry Wilkes at 2024-11-12T15:43:54+00:00 fixup! Lox integration Bug 42492: Ensure operations that change lox credentials do not overlap. Not linted to improve readability. - - - - - d4097f9c by Henry Wilkes at 2024-11-12T15:45:39+00:00 fixup! Lox integration Bug 42492: Lint Lox.sys.mjs - - - - - 1 changed file: - toolkit/components/lox/Lox.sys.mjs Changes: ===================================== toolkit/components/lox/Lox.sys.mjs ===================================== @@ -144,9 +144,9 @@ class LoxImpl { /** * The latest credentials for a given lox id. * - * @type {Object<string, string>} + * @type {Map<string, string>} */ - #credentials = {}; + #credentials = new Map(); /** * The list of accumulated blockage or upgrade events. * @@ -257,25 +257,73 @@ class LoxImpl { } /** - * Change some existing credentials for an ID to a new value. + * Stores a promise for the last task that was performed to change + * credentials for a given lox ID. This promise completes when the task + * completes and it is safe to perform a new action on the credentials. + * + * This essentially acts as a lock on the credential, so that only one task + * acts on the credentials at any given time. See tor-browser#42492. + * + * @type {Map<string, Promise>} + */ + #credentialsTasks = new Map(); + + /** + * Attempt to change some existing credentials for an ID to a new value. + * + * Each call for the same lox ID must await the previous call. As such, this + * should *never* be called recursively. * * @param {string} loxId - The ID to change the credentials for. - * @param {string} newCredentials - The new credentials to set. + * @param {Function} task - The task that performs the change in credentials. + * The method is given the current credentials. It should either return the + * new credentials as a string, or null if the credentials should not + * change, or throw an error which will fall through to the caller. + * + * @returns {?string} - The credentials returned by the task, if any. */ - #changeCredentials(loxId, newCredentials) { - // FIXME: Several async methods want to update the credentials, but they - // might race and conflict with each. tor-browser#42492 - if (!newCredentials) { - // Avoid overwriting and losing our current credentials. - throw new LoxError(`Empty credentials being set for ${loxId}`); + async #changeCredentials(loxId, task) { + // Read and replace #credentialsTasks before we do any async operations. + // I.e. this is effectively atomic read and replace. + const prevTask = this.#credentialsTasks.get(loxId); + let taskComplete; + this.#credentialsTasks.set( + loxId, + new Promise(res => { + taskComplete = res; + }) + ); + + // Wait for any previous task to complete first, to avoid making conflicting + // changes to the credentials. See tor-browser#42492. + // prevTask is either undefined or a promise that should not throw. + await prevTask; + + // Future calls now await us. + + const cred = this.#getCredentials(loxId); + let newCred = null; + try { + // This task may throw, in which case we do not set new credentials. + newCred = await task(cred); + if (newCred) { + this.#credentials.set(loxId, newCred); + // Store the new credentials. + this.#store(); + lazy.logger.debug("Changed credentials"); + } + } finally { + // Stop awaiting us. + taskComplete(); } - if (!this.#credentials[loxId]) { - // Unexpected, but we still want to save the value to storage. - lazy.logger.warn(`Lox ID ${loxId} is missing existing credentials`); + + if (!newCred) { + return null; } - this.#credentials[loxId] = newCredentials; - this.#store(); + // Let listeners know we have new credentials. We do this *after* calling + // taskComplete to avoid a recursive call to await this.#changeCredentials, + // which would cause us to hang. // NOTE: In principle we could determine within this module whether the // bridges, remaining invites, or next unlock changes in value when @@ -289,6 +337,8 @@ class LoxImpl { // Let UI know about changes. Services.obs.notifyObservers(null, LoxTopics.UpdateRemainingInvites); Services.obs.notifyObservers(null, LoxTopics.UpdateNextUnlock); + + return newCred; } /** @@ -299,7 +349,7 @@ class LoxImpl { * @returns {string} - The credentials. */ #getCredentials(loxId) { - const cred = loxId ? this.#credentials[loxId] : undefined; + const cred = loxId ? this.#credentials.get(loxId) : undefined; if (!cred) { throw new LoxError(`No credentials for ${loxId}`); } @@ -376,7 +426,7 @@ class LoxImpl { Services.prefs.setStringPref(LoxSettingsPrefs.constants, this.#constants); Services.prefs.setStringPref( LoxSettingsPrefs.credentials, - JSON.stringify(this.#credentials) + JSON.stringify(Object.fromEntries(this.#credentials)) ); Services.prefs.setStringPref( LoxSettingsPrefs.invites, @@ -390,7 +440,7 @@ class LoxImpl { #load() { const cred = Services.prefs.getStringPref(LoxSettingsPrefs.credentials, ""); - this.#credentials = cred ? JSON.parse(cred) : {}; + this.#credentials = new Map(cred ? Object.entries(JSON.parse(cred)) : []); const invites = Services.prefs.getStringPref(LoxSettingsPrefs.invites, ""); this.#invites = invites ? JSON.parse(invites) : []; const events = Services.prefs.getStringPref(LoxSettingsPrefs.events, ""); @@ -421,17 +471,15 @@ class LoxImpl { if (prevKeys !== null) { // check if the lox pubkeys have changed and update the lox // credentials if so. - // - // The UpdateCredOption rust struct serializes to "req" rather than - // "request". - const { updated, req: request } = JSON.parse( - lazy.check_lox_pubkeys_update( - pubKeys, - prevKeys, - this.#getCredentials(this.#activeLoxId) - ) - ); - if (updated) { + await this.#changeCredentials(this.#activeLoxId, async cred => { + // The UpdateCredOption rust struct serializes to "req" rather than + // "request". + const { updated, req: request } = JSON.parse( + lazy.check_lox_pubkeys_update(pubKeys, prevKeys, cred) + ); + if (!updated) { + return null; + } // Try update credentials. // NOTE: This should be re-callable if any step fails. // TODO: Verify this. @@ -444,9 +492,8 @@ class LoxImpl { // is refactored to send repeat responses: // https://gitlab.torproject.org/tpo/anti-censorship/lox/-/issues/74) let response = await this.#makeRequest("updatecred", request); - let cred = lazy.handle_update_cred(request, response, pubKeys); - this.#changeCredentials(this.#activeLoxId, cred); - } + return lazy.handle_update_cred(request, response, pubKeys); + }); } // If we arrive here we haven't had other errors before, we can actually // store the new public key. @@ -648,7 +695,7 @@ class LoxImpl { this.#pubKeyPromise = null; this.#encTablePromise = null; this.#constantsPromise = null; - this.#credentials = {}; + this.#credentials = new Map(); this.#events = []; if (this.#backgroundInterval) { clearInterval(this.#backgroundInterval); @@ -712,9 +759,9 @@ class LoxImpl { let loxId; do { loxId = this.#genLoxId(); - } while (Object.hasOwn(this.#credentials, loxId)); + } while (this.#credentials.has(loxId)); // Set new credentials. - this.#credentials[loxId] = cred; + this.#credentials.set(loxId, cred); this.#store(); return loxId; } @@ -760,21 +807,17 @@ class LoxImpl { if (level < 1) { throw new LoxError(`Cannot generate invites at level ${level}`); } - let request = lazy.issue_invite( - this.#getCredentials(loxId), - this.#encTable, - this.#pubKeys - ); - let response = await this.#makeRequest("issueinvite", request); - // TODO: Do we ever expect handle_issue_invite to fail (beyond - // implementation bugs)? - // TODO: What happens if #pubkeys for `issue_invite` differs from the value - // when calling `handle_issue_invite`? Should we cache the value at the - // start of this method? - let cred = lazy.handle_issue_invite(request, response, this.#pubKeys); - // Store the new credentials as a priority. - this.#changeCredentials(loxId, cred); + const cred = await this.#changeCredentials(loxId, async cred => { + let request = lazy.issue_invite(cred, this.#encTable, this.#pubKeys); + let response = await this.#makeRequest("issueinvite", request); + // TODO: Do we ever expect handle_issue_invite to fail (beyond + // implementation bugs)? + // TODO: What happens if #pubkeys for `issue_invite` differs from the value + // when calling `handle_issue_invite`? Should we cache the value at the + // start of this method? + return lazy.handle_issue_invite(request, response, this.#pubKeys); + }); const invite = lazy.prepare_invite(cred); this.#invites.push(invite); @@ -804,35 +847,26 @@ class LoxImpl { } async #blockageMigration(loxId) { - let request; - try { - request = lazy.check_blockage(this.#getCredentials(loxId), this.#pubKeys); - } catch { - lazy.logger.log("Not ready for blockage migration"); - return false; - } - let response = await this.#makeRequest("checkblockage", request); - // NOTE: If a later method fails, we should be ok to re-call "checkblockage" - // from the Lox authority. So there shouldn't be any adverse side effects to - // loosing migrationCred. - // TODO: Confirm this is safe to lose. - const migrationCred = lazy.handle_check_blockage( - this.#getCredentials(loxId), - response - ); - request = lazy.blockage_migration( - this.#getCredentials(loxId), - migrationCred, - this.#pubKeys - ); - response = await this.#makeRequest("blockagemigration", request); - const cred = lazy.handle_blockage_migration( - this.#getCredentials(loxId), - response, - this.#pubKeys + return Boolean( + await this.#changeCredentials(loxId, async cred => { + let request; + try { + request = lazy.check_blockage(cred, this.#pubKeys); + } catch { + lazy.logger.log("Not ready for blockage migration"); + return null; + } + let response = await this.#makeRequest("checkblockage", request); + // NOTE: If a later method fails, we should be ok to re-call "checkblockage" + // from the Lox authority. So there shouldn't be any adverse side effects to + // loosing migrationCred. + // TODO: Confirm this is safe to lose. + const migrationCred = lazy.handle_check_blockage(cred, response); + request = lazy.blockage_migration(cred, migrationCred, this.#pubKeys); + response = await this.#makeRequest("blockagemigration", request); + return lazy.handle_blockage_migration(cred, response, this.#pubKeys); + }) ); - this.#changeCredentials(loxId, cred); - return true; } /** @@ -850,25 +884,26 @@ class LoxImpl { // attempt trust promotion instead return this.#trustMigration(loxId); } - let request = lazy.level_up( - this.#getCredentials(loxId), - this.#encTable, - this.#pubKeys + return Boolean( + await this.#changeCredentials(loxId, async cred => { + let request = lazy.level_up(cred, this.#encTable, this.#pubKeys); + let response; + try { + response = await this.#makeRequest("levelup", request); + } catch (error) { + if ( + error instanceof LoxError && + error.code === LoxError.ErrorResponse + ) { + // Not an error. + lazy.logger.debug("Not ready for level up", error); + return null; + } + throw error; + } + return lazy.handle_level_up(request, response, this.#pubKeys); + }) ); - let response; - try { - response = await this.#makeRequest("levelup", request); - } catch (error) { - if (error instanceof LoxError && error.code === LoxError.ErrorResponse) { - // Not an error. - lazy.logger.debug("Not ready for level up", error); - return false; - } - throw error; - } - const cred = lazy.handle_level_up(request, response, this.#pubKeys); - this.#changeCredentials(loxId, cred); - return true; } /** @@ -884,42 +919,37 @@ class LoxImpl { this.#getPubKeys(); return false; } - let request; - try { - request = lazy.trust_promotion( - this.#getCredentials(loxId), - this.#pubKeys - ); - } catch (err) { - // This function is called routinely during the background tasks without - // previous checks on whether an upgrade is possible, so it is expected to - // fail with a certain frequency. Therefore, do not relay the error to the - // caller and just log the message for debugging. - lazy.logger.debug("Not ready to upgrade", err); - return false; - } + return Boolean( + await this.#changeCredentials(loxId, async cred => { + let request; + try { + request = lazy.trust_promotion(cred, this.#pubKeys); + } catch (err) { + // This function is called routinely during the background tasks without + // previous checks on whether an upgrade is possible, so it is expected to + // fail with a certain frequency. Therefore, do not relay the error to the + // caller and just log the message for debugging. + lazy.logger.debug("Not ready to upgrade", err); + return null; + } - let response = await this.#makeRequest("trustpromo", request); - // FIXME: Store response to "trustpromo" in case handle_trust_promotion - // or "trustmig" fails. The Lox authority will not accept a re-request - // to "trustpromo" with the same credentials. - let promoCred = lazy.handle_trust_promotion(request, response); - lazy.logger.debug("Formatted promotion cred: ", promoCred); - - request = lazy.trust_migration( - this.#getCredentials(loxId), - promoCred, - this.#pubKeys + let response = await this.#makeRequest("trustpromo", request); + // FIXME: Store response to "trustpromo" in case handle_trust_promotion + // or "trustmig" fails. The Lox authority will not accept a re-request + // to "trustpromo" with the same credentials. + let promoCred = lazy.handle_trust_promotion(request, response); + lazy.logger.debug("Formatted promotion cred: ", promoCred); + + request = lazy.trust_migration(cred, promoCred, this.#pubKeys); + response = await this.#makeRequest("trustmig", request); + lazy.logger.debug("Got new credential: ", response); + + // FIXME: Store response to "trustmig" in case handle_trust_migration + // fails. The Lox authority will not accept a re-request to "trustmig" with + // the same credentials. + return lazy.handle_trust_migration(request, response); + }) ); - response = await this.#makeRequest("trustmig", request); - lazy.logger.debug("Got new credential: ", response); - - // FIXME: Store response to "trustmig" in case handle_trust_migration - // fails. The Lox authority will not accept a re-request to "trustmig" with - // the same credentials. - let cred = lazy.handle_trust_migration(request, response); - this.#changeCredentials(loxId, cred); - return true; } /** View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/8a4eb9… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/8a4eb9… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/torbrowser-launcher][main] Allow the Wayland Proxy to run
by boklm (＠boklm) 07 Nov '24

07 Nov '24

boklm pushed to branch main at The Tor Project / Applications / torbrowser-launcher Commits: 63962618 by anonym at 2024-11-07T10:07:22+01:00 Allow the Wayland Proxy to run Details: https://mastransky.wordpress.com/2023/12/22/wayland-proxy-load-balancer/ - - - - - 1 changed file: - apparmor/torbrowser.Browser.firefox Changes: ===================================== apparmor/torbrowser.Browser.firefox ===================================== @@ -137,6 +137,11 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} { # Required for Wayland display protocol support owner /dev/shm/wayland.mozilla.ipc.[0-9]* rw, + # The Wayland Proxy prevents certain types of Wayland issues from + # crashing the client application. Details: + # https://mastransky.wordpress.com/2023/12/22/wayland-proxy-load-balancer/ + owner @{run}/user/[0-9]*/wayland-proxy-@{pid} rw, + # Silence denial logs about permissions we don't need deny @{HOME}/.cache/fontconfig/ rw, deny @{HOME}/.cache/fontconfig/** rw, View it on GitLab: https://gitlab.torproject.org/tpo/applications/torbrowser-launcher/-/commit… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/torbrowser-launcher/-/commit… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser-update-responses][main] alpha: new version, 14.0a10
by morgan (＠morgan) 01 Nov '24

01 Nov '24

morgan pushed to branch main at The Tor Project / Applications / mullvad-browser-update-responses Commits: 00b72352 by Morgan at 2024-11-01T16:55:50+00:00 alpha: new version, 14.0a10 - - - - - 29 changed files: - update_1/alpha/.htaccess - + update_1/alpha/14.0a10-linux-x86_64-ALL.xml - + update_1/alpha/14.0a10-macos-ALL.xml - + update_1/alpha/14.0a10-windows-x86_64-ALL.xml - − update_1/alpha/14.0a6-14.0a9-linux-x86_64-ALL.xml - − update_1/alpha/14.0a6-14.0a9-macos-ALL.xml - − update_1/alpha/14.0a6-14.0a9-windows-x86_64-ALL.xml - + update_1/alpha/14.0a7-14.0a10-linux-x86_64-ALL.xml - + update_1/alpha/14.0a7-14.0a10-macos-ALL.xml - + update_1/alpha/14.0a7-14.0a10-windows-x86_64-ALL.xml - − update_1/alpha/14.0a7-14.0a9-linux-x86_64-ALL.xml - − update_1/alpha/14.0a7-14.0a9-macos-ALL.xml - − update_1/alpha/14.0a7-14.0a9-windows-x86_64-ALL.xml - + update_1/alpha/14.0a8-14.0a10-linux-x86_64-ALL.xml - + update_1/alpha/14.0a8-14.0a10-macos-ALL.xml - + update_1/alpha/14.0a8-14.0a10-windows-x86_64-ALL.xml - − update_1/alpha/14.0a8-14.0a9-linux-x86_64-ALL.xml - − update_1/alpha/14.0a8-14.0a9-macos-ALL.xml - − update_1/alpha/14.0a8-14.0a9-windows-x86_64-ALL.xml - + update_1/alpha/14.0a9-14.0a10-linux-x86_64-ALL.xml - + update_1/alpha/14.0a9-14.0a10-macos-ALL.xml - + update_1/alpha/14.0a9-14.0a10-windows-x86_64-ALL.xml - − update_1/alpha/14.0a9-linux-x86_64-ALL.xml - − update_1/alpha/14.0a9-macos-ALL.xml - − update_1/alpha/14.0a9-windows-x86_64-ALL.xml - update_1/alpha/download-linux-x86_64.json - update_1/alpha/download-macos.json - update_1/alpha/download-windows-x86_64.json - update_1/alpha/downloads.json Changes: ===================================== update_1/alpha/.htaccess ===================================== @@ -1,22 +1,22 @@ RewriteEngine On -RewriteRule ^[^/]+/14.0a9/ no-update.xml [last] -RewriteRule ^Linux_x86_64-gcc3/14.0a6/ALL 14.0a6-14.0a9-linux-x86_64-ALL.xml [last] -RewriteRule ^Linux_x86_64-gcc3/14.0a7/ALL 14.0a7-14.0a9-linux-x86_64-ALL.xml [last] -RewriteRule ^Linux_x86_64-gcc3/14.0a8/ALL 14.0a8-14.0a9-linux-x86_64-ALL.xml [last] -RewriteRule ^Linux_x86_64-gcc3/[^/]+/ALL 14.0a9-linux-x86_64-ALL.xml [last] -RewriteRule ^Linux_x86_64-gcc3/ 14.0a9-linux-x86_64-ALL.xml [last] -RewriteRule ^Darwin_x86_64-gcc3/14.0a6/ALL 14.0a6-14.0a9-macos-ALL.xml [last] -RewriteRule ^Darwin_x86_64-gcc3/14.0a7/ALL 14.0a7-14.0a9-macos-ALL.xml [last] -RewriteRule ^Darwin_x86_64-gcc3/14.0a8/ALL 14.0a8-14.0a9-macos-ALL.xml [last] -RewriteRule ^Darwin_x86_64-gcc3/[^/]+/ALL 14.0a9-macos-ALL.xml [last] -RewriteRule ^Darwin_x86_64-gcc3/ 14.0a9-macos-ALL.xml [last] -RewriteRule ^Darwin_aarch64-gcc3/14.0a6/ALL 14.0a6-14.0a9-macos-ALL.xml [last] -RewriteRule ^Darwin_aarch64-gcc3/14.0a7/ALL 14.0a7-14.0a9-macos-ALL.xml [last] -RewriteRule ^Darwin_aarch64-gcc3/14.0a8/ALL 14.0a8-14.0a9-macos-ALL.xml [last] -RewriteRule ^Darwin_aarch64-gcc3/[^/]+/ALL 14.0a9-macos-ALL.xml [last] -RewriteRule ^Darwin_aarch64-gcc3/ 14.0a9-macos-ALL.xml [last] -RewriteRule ^WINNT_x86_64-gcc3-x64/14.0a6/ALL 14.0a6-14.0a9-windows-x86_64-ALL.xml [last] -RewriteRule ^WINNT_x86_64-gcc3-x64/14.0a7/ALL 14.0a7-14.0a9-windows-x86_64-ALL.xml [last] -RewriteRule ^WINNT_x86_64-gcc3-x64/14.0a8/ALL 14.0a8-14.0a9-windows-x86_64-ALL.xml [last] -RewriteRule ^WINNT_x86_64-gcc3-x64/[^/]+/ALL 14.0a9-windows-x86_64-ALL.xml [last] -RewriteRule ^WINNT_x86_64-gcc3-x64/ 14.0a9-windows-x86_64-ALL.xml [last] +RewriteRule ^[^/]+/14.0a10/ no-update.xml [last] +RewriteRule ^Linux_x86_64-gcc3/14.0a7/ALL 14.0a7-14.0a10-linux-x86_64-ALL.xml [last] +RewriteRule ^Linux_x86_64-gcc3/14.0a8/ALL 14.0a8-14.0a10-linux-x86_64-ALL.xml [last] +RewriteRule ^Linux_x86_64-gcc3/14.0a9/ALL 14.0a9-14.0a10-linux-x86_64-ALL.xml [last] +RewriteRule ^Linux_x86_64-gcc3/[^/]+/ALL 14.0a10-linux-x86_64-ALL.xml [last] +RewriteRule ^Linux_x86_64-gcc3/ 14.0a10-linux-x86_64-ALL.xml [last] +RewriteRule ^Darwin_x86_64-gcc3/14.0a7/ALL 14.0a7-14.0a10-macos-ALL.xml [last] +RewriteRule ^Darwin_x86_64-gcc3/14.0a8/ALL 14.0a8-14.0a10-macos-ALL.xml [last] +RewriteRule ^Darwin_x86_64-gcc3/14.0a9/ALL 14.0a9-14.0a10-macos-ALL.xml [last] +RewriteRule ^Darwin_x86_64-gcc3/[^/]+/ALL 14.0a10-macos-ALL.xml [last] +RewriteRule ^Darwin_x86_64-gcc3/ 14.0a10-macos-ALL.xml [last] +RewriteRule ^Darwin_aarch64-gcc3/14.0a7/ALL 14.0a7-14.0a10-macos-ALL.xml [last] +RewriteRule ^Darwin_aarch64-gcc3/14.0a8/ALL 14.0a8-14.0a10-macos-ALL.xml [last] +RewriteRule ^Darwin_aarch64-gcc3/14.0a9/ALL 14.0a9-14.0a10-macos-ALL.xml [last] +RewriteRule ^Darwin_aarch64-gcc3/[^/]+/ALL 14.0a10-macos-ALL.xml [last] +RewriteRule ^Darwin_aarch64-gcc3/ 14.0a10-macos-ALL.xml [last] +RewriteRule ^WINNT_x86_64-gcc3-x64/14.0a7/ALL 14.0a7-14.0a10-windows-x86_64-ALL.xml [last] +RewriteRule ^WINNT_x86_64-gcc3-x64/14.0a8/ALL 14.0a8-14.0a10-windows-x86_64-ALL.xml [last] +RewriteRule ^WINNT_x86_64-gcc3-x64/14.0a9/ALL 14.0a9-14.0a10-windows-x86_64-ALL.xml [last] +RewriteRule ^WINNT_x86_64-gcc3-x64/[^/]+/ALL 14.0a10-windows-x86_64-ALL.xml [last] +RewriteRule ^WINNT_x86_64-gcc3-x64/ 14.0a10-windows-x86_64-ALL.xml [last] ===================================== update_1/alpha/14.0a10-linux-x86_64-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.0a10" appVersion="14.0a10" platformVersion="128.4.0" buildID="20241031194338" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0a10" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0a10" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/14.0a10/mullvad-browser-linux-x86_64-14.0a1…" size="114129405" type="complete"></patch></update></updates> ===================================== update_1/alpha/14.0a10-macos-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.0a10" appVersion="14.0a10" platformVersion="128.4.0" buildID="20241031194338" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0a10" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0a10" minSupportedOSVersion="19.0.0"><patch URL="https://cdn.mullvad.net/browser/14.0a10/mullvad-browser-macos-14.0a10_ALL.m…" size="129200778" type="complete"></patch></update></updates> ===================================== update_1/alpha/14.0a10-windows-x86_64-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.0a10" appVersion="14.0a10" platformVersion="128.4.0" buildID="20241031194338" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0a10" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0a10" minSupportedOSVersion="10.0"><patch URL="https://cdn.mullvad.net/browser/14.0a10/mullvad-browser-windows-x86_64-14.0…" size="97553244" type="complete"></patch></update></updates> ===================================== update_1/alpha/14.0a6-14.0a9-linux-x86_64-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="14.0a9" appVersion="14.0a9" platformVersion="128.3.0" buildID="20241008203309" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0a9" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0a9" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/14.0a9/mullvad-browser-linux-x86_64-14.0a9_…" size="114019445" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.0a9/mullvad-browser-linux-x86_64--14.0a6…" size="9429081" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.0a6-14.0a9-macos-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="14.0a9" appVersion="14.0a9" platformVersion="128.3.0" buildID="20241008203309" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0a9" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0a9" minSupportedOSVersion="19.0.0"><patch URL="https://cdn.mullvad.net/browser/14.0a9/mullvad-browser-macos-14.0a9_ALL.mar" size="129063226" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.0a9/mullvad-browser-macos--14.0a6-14.0a9…" size="14397074" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.0a6-14.0a9-windows-x86_64-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="14.0a9" appVersion="14.0a9" platformVersion="128.3.0" buildID="20241008203309" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0a9" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0a9" minSupportedOSVersion="10.0"><patch URL="https://cdn.mullvad.net/browser/14.0a9/mullvad-browser-windows-x86_64-14.0a…" size="95007704" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.0a9/mullvad-browser-windows-x86_64--14.0…" size="9768332" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.0a7-14.0a10-linux-x86_64-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.0a10" appVersion="14.0a10" platformVersion="128.4.0" buildID="20241031194338" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0a10" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0a10" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/14.0a10/mullvad-browser-linux-x86_64-14.0a1…" size="114129405" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.0a10/mullvad-browser-linux-x86_64--14.0a…" size="10956214" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.0a7-14.0a10-macos-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.0a10" appVersion="14.0a10" platformVersion="128.4.0" buildID="20241031194338" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0a10" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0a10" minSupportedOSVersion="19.0.0"><patch URL="https://cdn.mullvad.net/browser/14.0a10/mullvad-browser-macos-14.0a10_ALL.m…" size="129200778" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.0a10/mullvad-browser-macos--14.0a7-14.0a…" size="16734321" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.0a7-14.0a10-windows-x86_64-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.0a10" appVersion="14.0a10" platformVersion="128.4.0" buildID="20241031194338" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0a10" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0a10" minSupportedOSVersion="10.0"><patch URL="https://cdn.mullvad.net/browser/14.0a10/mullvad-browser-windows-x86_64-14.0…" size="97553244" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.0a10/mullvad-browser-windows-x86_64--14.…" size="15099219" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.0a7-14.0a9-linux-x86_64-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="14.0a9" appVersion="14.0a9" platformVersion="128.3.0" buildID="20241008203309" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0a9" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0a9" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/14.0a9/mullvad-browser-linux-x86_64-14.0a9_…" size="114019445" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.0a9/mullvad-browser-linux-x86_64--14.0a7…" size="6282441" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.0a7-14.0a9-macos-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="14.0a9" appVersion="14.0a9" platformVersion="128.3.0" buildID="20241008203309" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0a9" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0a9" minSupportedOSVersion="19.0.0"><patch URL="https://cdn.mullvad.net/browser/14.0a9/mullvad-browser-macos-14.0a9_ALL.mar" size="129063226" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.0a9/mullvad-browser-macos--14.0a7-14.0a9…" size="9540109" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.0a7-14.0a9-windows-x86_64-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="14.0a9" appVersion="14.0a9" platformVersion="128.3.0" buildID="20241008203309" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0a9" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0a9" minSupportedOSVersion="10.0"><patch URL="https://cdn.mullvad.net/browser/14.0a9/mullvad-browser-windows-x86_64-14.0a…" size="95007704" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.0a9/mullvad-browser-windows-x86_64--14.0…" size="5978110" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.0a8-14.0a10-linux-x86_64-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.0a10" appVersion="14.0a10" platformVersion="128.4.0" buildID="20241031194338" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0a10" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0a10" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/14.0a10/mullvad-browser-linux-x86_64-14.0a1…" size="114129405" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.0a10/mullvad-browser-linux-x86_64--14.0a…" size="8395504" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.0a8-14.0a10-macos-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.0a10" appVersion="14.0a10" platformVersion="128.4.0" buildID="20241031194338" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0a10" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0a10" minSupportedOSVersion="19.0.0"><patch URL="https://cdn.mullvad.net/browser/14.0a10/mullvad-browser-macos-14.0a10_ALL.m…" size="129200778" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.0a10/mullvad-browser-macos--14.0a8-14.0a…" size="14072348" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.0a8-14.0a10-windows-x86_64-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.0a10" appVersion="14.0a10" platformVersion="128.4.0" buildID="20241031194338" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0a10" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0a10" minSupportedOSVersion="10.0"><patch URL="https://cdn.mullvad.net/browser/14.0a10/mullvad-browser-windows-x86_64-14.0…" size="97553244" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.0a10/mullvad-browser-windows-x86_64--14.…" size="12468369" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.0a8-14.0a9-linux-x86_64-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="14.0a9" appVersion="14.0a9" platformVersion="128.3.0" buildID="20241008203309" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0a9" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0a9" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/14.0a9/mullvad-browser-linux-x86_64-14.0a9_…" size="114019445" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.0a9/mullvad-browser-linux-x86_64--14.0a8…" size="3392543" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.0a8-14.0a9-macos-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="14.0a9" appVersion="14.0a9" platformVersion="128.3.0" buildID="20241008203309" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0a9" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0a9" minSupportedOSVersion="19.0.0"><patch URL="https://cdn.mullvad.net/browser/14.0a9/mullvad-browser-macos-14.0a9_ALL.mar" size="129063226" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.0a9/mullvad-browser-macos--14.0a8-14.0a9…" size="6508272" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.0a8-14.0a9-windows-x86_64-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="14.0a9" appVersion="14.0a9" platformVersion="128.3.0" buildID="20241008203309" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0a9" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0a9" minSupportedOSVersion="10.0"><patch URL="https://cdn.mullvad.net/browser/14.0a9/mullvad-browser-windows-x86_64-14.0a…" size="95007704" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.0a9/mullvad-browser-windows-x86_64--14.0…" size="3304804" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.0a9-14.0a10-linux-x86_64-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.0a10" appVersion="14.0a10" platformVersion="128.4.0" buildID="20241031194338" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0a10" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0a10" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/14.0a10/mullvad-browser-linux-x86_64-14.0a1…" size="114129405" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.0a10/mullvad-browser-linux-x86_64--14.0a…" size="8388128" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.0a9-14.0a10-macos-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.0a10" appVersion="14.0a10" platformVersion="128.4.0" buildID="20241031194338" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0a10" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0a10" minSupportedOSVersion="19.0.0"><patch URL="https://cdn.mullvad.net/browser/14.0a10/mullvad-browser-macos-14.0a10_ALL.m…" size="129200778" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.0a10/mullvad-browser-macos--14.0a9-14.0a…" size="14067444" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.0a9-14.0a10-windows-x86_64-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.0a10" appVersion="14.0a10" platformVersion="128.4.0" buildID="20241031194338" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0a10" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0a10" minSupportedOSVersion="10.0"><patch URL="https://cdn.mullvad.net/browser/14.0a10/mullvad-browser-windows-x86_64-14.0…" size="97553244" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.0a10/mullvad-browser-windows-x86_64--14.…" size="12458073" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.0a9-linux-x86_64-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="14.0a9" appVersion="14.0a9" platformVersion="128.3.0" buildID="20241008203309" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0a9" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0a9" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/14.0a9/mullvad-browser-linux-x86_64-14.0a9_…" size="114019445" type="complete"></patch></update></updates> ===================================== update_1/alpha/14.0a9-macos-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="14.0a9" appVersion="14.0a9" platformVersion="128.3.0" buildID="20241008203309" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0a9" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0a9" minSupportedOSVersion="19.0.0"><patch URL="https://cdn.mullvad.net/browser/14.0a9/mullvad-browser-macos-14.0a9_ALL.mar" size="129063226" type="complete"></patch></update></updates> ===================================== update_1/alpha/14.0a9-windows-x86_64-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="14.0a9" appVersion="14.0a9" platformVersion="128.3.0" buildID="20241008203309" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.0a9" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.0a9" minSupportedOSVersion="10.0"><patch URL="https://cdn.mullvad.net/browser/14.0a9/mullvad-browser-windows-x86_64-14.0a…" size="95007704" type="complete"></patch></update></updates> ===================================== update_1/alpha/download-linux-x86_64.json ===================================== @@ -1 +1 @@ -{"binary":"https://cdn.mullvad.net/browser/14.0a9/mullvad-browser-linux-x86_64-14.0a9.…","git_tag":"mb-14.0a9-build1","sig":"https://cdn.mullvad.net/browser/14.0a9/mullvad-browser-linux-x86_64-14.0a9.…","version":"14.0a9"} \ No newline at end of file +{"binary":"https://cdn.mullvad.net/browser/14.0a10/mullvad-browser-linux-x86_64-14.0a1…","git_tag":"mb-14.0a10-build1","sig":"https://cdn.mullvad.net/browser/14.0a10/mullvad-browser-linux-x86_64-14.0a1…","version":"14.0a10"} \ No newline at end of file ===================================== update_1/alpha/download-macos.json ===================================== @@ -1 +1 @@ -{"binary":"https://cdn.mullvad.net/browser/14.0a9/mullvad-browser-macos-14.0a9.dmg","git_tag":"mb-14.0a9-build1","sig":"https://cdn.mullvad.net/browser/14.0a9/mullvad-browser-macos-14.0a9.dmg.asc","version":"14.0a9"} \ No newline at end of file +{"binary":"https://cdn.mullvad.net/browser/14.0a10/mullvad-browser-macos-14.0a10.dmg","git_tag":"mb-14.0a10-build1","sig":"https://cdn.mullvad.net/browser/14.0a10/mullvad-browser-macos-14.0a10.dmg.a…","version":"14.0a10"} \ No newline at end of file ===================================== update_1/alpha/download-windows-x86_64.json ===================================== @@ -1 +1 @@ -{"binary":"https://cdn.mullvad.net/browser/14.0a9/mullvad-browser-windows-x86_64-14.0a…","git_tag":"mb-14.0a9-build1","sig":"https://cdn.mullvad.net/browser/14.0a9/mullvad-browser-windows-x86_64-14.0a…","version":"14.0a9"} \ No newline at end of file +{"binary":"https://cdn.mullvad.net/browser/14.0a10/mullvad-browser-windows-x86_64-14.0…","git_tag":"mb-14.0a10-build1","sig":"https://cdn.mullvad.net/browser/14.0a10/mullvad-browser-windows-x86_64-14.0…","version":"14.0a10"} \ No newline at end of file ===================================== update_1/alpha/downloads.json ===================================== @@ -1 +1 @@ -{"downloads":{"linux-x86_64":{"ALL":{"binary":"https://cdn.mullvad.net/browser/14.0a9/mullvad-browser-linux-x86_64-14.0a9.…","sig":"https://cdn.mullvad.net/browser/14.0a9/mullvad-browser-linux-x86_64-14.0a9.…"}},"macos":{"ALL":{"binary":"https://cdn.mullvad.net/browser/14.0a9/mullvad-browser-macos-14.0a9.dmg","sig":"https://cdn.mullvad.net/browser/14.0a9/mullvad-browser-macos-14.0a9.dmg.asc"}},"win64":{"ALL":{"binary":"https://cdn.mullvad.net/browser/14.0a9/mullvad-browser-windows-x86_64-14.0a…","sig":"https://cdn.mullvad.net/browser/14.0a9/mullvad-browser-windows-x86_64-14.0a…"}}},"tag":"mb-14.0a9-build1","version":"14.0a9"} \ No newline at end of file +{"downloads":{"linux-x86_64":{"ALL":{"binary":"https://cdn.mullvad.net/browser/14.0a10/mullvad-browser-linux-x86_64-14.0a1…","sig":"https://cdn.mullvad.net/browser/14.0a10/mullvad-browser-linux-x86_64-14.0a1…"}},"macos":{"ALL":{"binary":"https://cdn.mullvad.net/browser/14.0a10/mullvad-browser-macos-14.0a10.dmg","sig":"https://cdn.mullvad.net/browser/14.0a10/mullvad-browser-macos-14.0a10.dmg.a…"}},"win64":{"ALL":{"binary":"https://cdn.mullvad.net/browser/14.0a10/mullvad-browser-windows-x86_64-14.0…","sig":"https://cdn.mullvad.net/browser/14.0a10/mullvad-browser-windows-x86_64-14.0…"}}},"tag":"mb-14.0a10-build1","version":"14.0a10"} \ No newline at end of file View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser-update-respo… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser-update-respo… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.4.0esr-14.5-1] 4 commits: dropme! Bug 32308: Use direct browser sizing for letterboxing.
by Pier Angelo Vendrame (＠pierov) 01 Nov '24

01 Nov '24

Pier Angelo Vendrame pushed to branch tor-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: 385447ad by Pier Angelo Vendrame at 2024-10-31T19:10:50+01:00 dropme! Bug 32308: Use direct browser sizing for letterboxing. Revert a couple of lines to make the backport easier. - - - - - 4a33efb7 by hackademix at 2024-10-31T19:10:51+01:00 Bug 1556002 - Update initial window size and letterboxing stepping. r=tjr Differential Revision: https://phabricator.services.mozilla.com/D226598 - - - - - 036aaa05 by Pier Angelo Vendrame at 2024-10-31T19:13:04+01:00 fixup! Bug 32308: Use direct browser sizing for letterboxing. Restore our changes after backporting MozBug 1556002. - - - - - 8a4eb9d3 by Pier Angelo Vendrame at 2024-10-31T19:13:50+01:00 fixup! Firefox preference overrides. Remove our custom letterboxing size, since they are going to be also Firefox's default one after MozBug 1556002. - - - - - 6 changed files: - browser/app/profile/001-base-profile.js - browser/components/resistfingerprinting/test/browser/browser_dynamical_window_rounding.js - browser/components/resistfingerprinting/test/browser/browser_roundedWindow_open_max_inner.js - browser/components/resistfingerprinting/test/browser/head.js - modules/libpref/init/StaticPrefList.yaml - toolkit/components/resistfingerprinting/RFPHelper.sys.mjs Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -445,9 +445,6 @@ pref("privacy.resistFingerprinting.letterboxing.gradient", true); pref("privacy.resistFingerprinting.letterboxing.rememberSize", false); // tor-browser#41695: how many warnings we show if user closes them without restoring the window size pref("privacy.resistFingerprinting.resizeWarnings", 3); -// tor-browser#33282: new windows start at 1400x900 when there's enough screen space, otherwise down by 200x100 blocks -pref("privacy.window.maxInnerWidth", 1400); -pref("privacy.window.maxInnerHeight", 900); // Enforce Network Information API as disabled pref("dom.netinfo.enabled", false); pref("network.http.referer.defaultPolicy", 2); // Bug 32948: Make referer behavior consistent regardless of private browing mode status ===================================== browser/components/resistfingerprinting/test/browser/browser_dynamical_window_rounding.js ===================================== @@ -53,8 +53,8 @@ function checkForDefaultSetting( aRealHeight ) { // We can get the rounded size by subtracting twice the margin. - let targetWidth = aRealWidth - 2 * RFPHelper.steppedRange(aRealWidth); - let targetHeight = aRealHeight - 2 * RFPHelper.steppedRange(aRealHeight); + let targetWidth = aRealWidth - 2 * RFPHelper.steppedSize(aRealWidth, true); + let targetHeight = aRealHeight - 2 * RFPHelper.steppedSize(aRealHeight); // This platform-specific code is explained in the large comment below. if (getPlatform() != "linux") { ===================================== browser/components/resistfingerprinting/test/browser/browser_roundedWindow_open_max_inner.js ===================================== @@ -4,23 +4,26 @@ * maximum values. */ +let targetWidth = Services.prefs.getIntPref("privacy.window.maxInnerWidth"); +let targetHeight = Services.prefs.getIntPref("privacy.window.maxInnerHeight"); + OpenTest.run([ { - settingWidth: 1025, - settingHeight: 1050, - targetWidth: 1000, - targetHeight: 1000, + settingWidth: targetWidth + 25, + settingHeight: targetHeight + 50, + targetWidth, + targetHeight, }, { settingWidth: 9999, settingHeight: 9999, - targetWidth: 1000, - targetHeight: 1000, + targetWidth, + targetHeight, }, { - settingWidth: 999, - settingHeight: 999, - targetWidth: 1000, - targetHeight: 1000, + settingWidth: targetWidth - 1, + settingHeight: targetHeight - 1, + targetWidth, + targetHeight, }, ]); ===================================== browser/components/resistfingerprinting/test/browser/head.js ===================================== @@ -306,19 +306,28 @@ async function calcMaximumAvailSize(aChromeWidth, aChromeHeight) { let availWidth = window.screen.availWidth; let availHeight = window.screen.availHeight; - // Ideally, we would round the window size as 1000x1000. But the available - // screen space might not suffice. So, we decide the size according to the - // available screen size. - let availContentWidth = Math.min(1000, availWidth - chromeUIWidth); + // Ideally, we would round the window size as + // privacy.window.maxInnerWidth x privacy.window.maxInnerHeight. But the + // available screen space might not suffice. So, we decide the size according + // to the available screen size. + let maxInnerWidth = Services.prefs.getIntPref("privacy.window.maxInnerWidth"); + let maxInnerHeight = Services.prefs.getIntPref( + "privacy.window.maxInnerHeight" + ); + + let availContentWidth = Math.min(maxInnerWidth, availWidth - chromeUIWidth); let availContentHeight; // If it is GTK window, we would consider the system decorations when we // calculating avail content height since the system decorations won't be // reported when we get available screen dimensions. if (AppConstants.MOZ_WIDGET_GTK) { - availContentHeight = Math.min(1000, -40 + availHeight - chromeUIHeight); + availContentHeight = Math.min( + maxInnerHeight, + -40 + availHeight - chromeUIHeight + ); } else { - availContentHeight = Math.min(1000, availHeight - chromeUIHeight); + availContentHeight = Math.min(maxInnerHeight, availHeight - chromeUIHeight); } // Rounded the desire size to the nearest 200x100. ===================================== modules/libpref/init/StaticPrefList.yaml ===================================== @@ -14352,12 +14352,12 @@ - name: privacy.window.maxInnerWidth type: int32_t - value: 1000 + value: 1400 mirror: always - name: privacy.window.maxInnerHeight type: int32_t - value: 1000 + value: 900 mirror: always - name: privacy.sanitize.useOldClearHistoryDialog ===================================== toolkit/components/resistfingerprinting/RFPHelper.sys.mjs ===================================== @@ -522,14 +522,14 @@ class _RFPHelper { /** * Given a width or height, rounds it with the proper stepping. */ - steppedSize(aDimension, isWidth = false) { + steppedSize(aDimension, aIsWidth = false) { let stepping; if (aDimension <= 50) { return 0; } else if (aDimension <= 500) { stepping = 50; } else if (aDimension <= 1600) { - stepping = isWidth ? 200 : 100; + stepping = aIsWidth ? 200 : 100; } else { stepping = 200; } View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/3f690c… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/3f690c… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag mb-14.0a10-build1
by morgan (＠morgan) 31 Oct '24

31 Oct '24

morgan pushed new tag mb-14.0a10-build1 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/mb-… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-14.0] 3 commits: Bug 41291 - Bump and patch mingw-w64-clang
by morgan (＠morgan) 31 Oct '24

31 Oct '24

morgan pushed to branch maint-14.0 at The Tor Project / Applications / tor-browser-build Commits: 94f1da7f by june wilde at 2024-10-31T19:18:40+00:00 Bug 41291 - Bump and patch mingw-w64-clang - - - - - 60286499 by Morgan at 2024-10-31T19:34:02+00:00 Bug 41291: Only enable WebRTC mingw changes for alpha build in the maint-14.0 branch - Revert this patch once Mullvad Browser 14.0 reaches stable - - - - - f9e2c4dd by Morgan at 2024-10-31T20:02:16+00:00 Bug 41263: Prepare Mullvad Browser Alpha 14.0a10 - - - - - 8 changed files: - projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt - projects/browser/config - projects/firefox/config - projects/mingw-w64-clang/build - projects/mingw-w64-clang/config - + projects/mingw-w64-clang/mingw-webrtc.patch - projects/translation/config - rbm.conf Changes: ===================================== projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt ===================================== @@ -1,3 +1,40 @@ +Mullvad Browser 14.0a10 - November 01 2024 + * All Platforms + * Updated Firefox to 128.4.0esr + * Updated NoScript to 11.5.0 + * Bug 42356: Review 000-tor-browser.js and 001-base-profile.js for 128 [tor-browser] + * Bug 43134: Backport Bugzilla 1436226 Hardcode VP8/VP9 [tor-browser] + * Bug 43174: Issue with custom home page on local filesystem [tor-browser] + * Bug 43184: Backport Bugzilla 1922294: RFP: fixup square spoofed orientation [tor-browser] + * Bug 43209: UI freezes when clipboard is empty after screen lock [tor-browser] + * Bug 43217: Fullscreen videos have rounded letterboxing corners [tor-browser] + * Bug 43240: Backport security fixes from Firefox 132 [tor-browser] + * Windows + * Bug 373: Re-enable WebRTC for Windows builds [mullvad-browser] + * Linux + * Bug 43101: Security features warning links to Firefox installation support page with incomplete info [tor-browser] + * Bug 43196: Remove the vendor name from the "is playing media" notification on Linux [tor-browser] + * Build System + * All Platforms + * Bug 41273: relprep.py: bump Firefox and GV to a (yet) non-existing tag when the last one does not match HEAD [tor-browser-build] + * Bug 41274: Improve fetch_changelogs.py for major releases [tor-browser-build] + * Bug 41279: Add @pierov and @ma1 as new signers [tor-browser-build] + * Bug 41289: Fix single-browser in relprep.py [tor-browser-build] + * Windows + * Bug 41296: Implement missing Windows headers required for building cross-compiling WebRTC with mingw [tor-browser-build] + * Linux + * Bug 41243: Add own apparmor profile to deb package [tor-browser-build] + * Bug 41282: Add SSL to our custom Python for MozBug 1924022 [tor-browser-build] + +Mullvad Browser 13.5.9 - October 28 2024 + * All Platforms + * Updated Firefox to 115.17.0esr + * Updated NoScript to 11.4.42 + * Bug 43174: Issue with custom home page on local filesystem [tor-browser] + * Bug 43207: Backport Mozbug 1886222 [tor-browser] + * Bug 43240: Backport security fixes from Firefox 132 [tor-browser] + * Bug 41273: relprep.py: bump Firefox and GV to a (yet) non-existing tag when the last one does not match HEAD [tor-browser-build] + Mullvad Browser 14.0a9 - October 08 2024 * All Platforms * Bug 43197: Disable automatic exception for HTTPS-First [tor-browser] ===================================== projects/browser/config ===================================== @@ -108,9 +108,9 @@ input_files: enable: '[% ! c("var/android") %]' - filename: Bundle-Data enable: '[% ! c("var/android") %]' - - URL: https://addons.mozilla.org/firefox/downloads/file/4363712/noscript-11.4.42.… + - URL: https://addons.mozilla.org/firefox/downloads/file/4377088/noscript-11.5.0.x… name: noscript - sha256sum: fd2d420afd93829bb6fe30ec6f8ba926d3d54d7583b8bbd822053b8cd13c0472 + sha256sum: 999244c7be75e58fe16cb2880711013ca079822da1dab65e7eb375c1faf5baad - URL: https://addons.mozilla.org/firefox/downloads/file/4359936/ublock_origin-1.6… name: ublock-origin sha256sum: e2cda9b2a1b0a7f6e5ef0da9f87f28df52f8560587ba2e51a3003121cfb81600 ===================================== projects/firefox/config ===================================== @@ -107,7 +107,6 @@ targets: gitlab_project: https://gitlab.torproject.org/tpo/applications/mullvad-browser updater_url: 'https://cdn.mullvad.net/browser/update_responses/update_1/' nightly_updates_publish_dir_prefix: mullvadbrowser- - browser_build: 1 linux-x86_64: var: ===================================== projects/mingw-w64-clang/build ===================================== @@ -89,6 +89,9 @@ EOF patch -p1 < "$rootdir/mingw-dispatchqueue.patch" patch -p1 < "$rootdir/mingw-ts_sd.patch" patch -p1 < "$rootdir/mingw-composition.patch" + [% IF !c("var/release") %] + patch -p1 < "$rootdir/mingw-webrtc.patch" + [% END %] cd $builddir/mingw-w64-clang/mingw-w64-headers mkdir build && cd build ===================================== projects/mingw-w64-clang/config ===================================== @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 filename: '[% project %]-[% c("version") %]-[% pc("llvm-project", "version") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' git_url: https://git.code.sf.net/p/mingw-w64/mingw-w64 -git_hash: cd4cf9b279f8fb0815f8b9665d3cea60a30290bc +git_hash: '[% IF c("var/release") %]cd4cf9b279f8fb0815f8b9665d3cea60a30290bc[% ELSE %]4ef04b0a7f7a20735de2f58b5c0496fcb4c7d191[% END -%]' version: '[% c("abbrev") %]' container: use_container: 1 @@ -35,3 +35,5 @@ input_files: - filename: mingw-dispatchqueue.patch - filename: mingw-ts_sd.patch - filename: mingw-composition.patch + - filename: mingw-webrtc.patch + enable: '[% !c("var/release") %]' \ No newline at end of file ===================================== projects/mingw-w64-clang/mingw-webrtc.patch ===================================== @@ -0,0 +1,1727 @@ +diff --git a/mingw-w64-headers/include/weakreference.h b/mingw-w64-headers/include/weakreference.h +new file mode 100644 +index 000000000..9776dd194 +--- /dev/null ++++ b/mingw-w64-headers/include/weakreference.h +@@ -0,0 +1,218 @@ ++/*** Autogenerated by WIDL 8.0 from include/weakreference.idl - Do not edit ***/ ++ ++#ifdef _WIN32 ++#ifndef __REQUIRED_RPCNDR_H_VERSION__ ++#define __REQUIRED_RPCNDR_H_VERSION__ 475 ++#endif ++#include <rpc.h> ++#include <rpcndr.h> ++#endif ++ ++#ifndef COM_NO_WINDOWS_H ++#include <windows.h> ++#include <ole2.h> ++#endif ++ ++#ifndef __weakreference_h__ ++#define __weakreference_h__ ++ ++#ifndef __WIDL_INLINE ++#if defined(__cplusplus) || defined(_MSC_VER) ++#define __WIDL_INLINE inline ++#elif defined(__GNUC__) ++#define __WIDL_INLINE __inline__ ++#endif ++#endif ++ ++/* Forward declarations */ ++ ++#ifndef __IWeakReference_FWD_DEFINED__ ++#define __IWeakReference_FWD_DEFINED__ ++typedef interface IWeakReference IWeakReference; ++#ifdef __cplusplus ++interface IWeakReference; ++#endif /* __cplusplus */ ++#endif ++ ++#ifndef __IWeakReferenceSource_FWD_DEFINED__ ++#define __IWeakReferenceSource_FWD_DEFINED__ ++typedef interface IWeakReferenceSource IWeakReferenceSource; ++#ifdef __cplusplus ++interface IWeakReferenceSource; ++#endif /* __cplusplus */ ++#endif ++ ++/* Headers for imported files */ ++ ++#include <inspectable.h> ++ ++#ifdef __cplusplus ++extern "C" { ++#endif ++ ++/***************************************************************************** ++ * IWeakReference interface ++ */ ++#ifndef __IWeakReference_INTERFACE_DEFINED__ ++#define __IWeakReference_INTERFACE_DEFINED__ ++ ++DEFINE_GUID(IID_IWeakReference, 0x00000037, 0x0000, 0x0000, 0xc0,0x00, 0x00,0x00,0x00,0x00,0x00,0x46); ++#if defined(__cplusplus) && !defined(CINTERFACE) ++MIDL_INTERFACE("00000037-0000-0000-c000-000000000046") ++IWeakReference : public IUnknown ++{ ++ virtual HRESULT STDMETHODCALLTYPE Resolve( ++ REFIID riid, ++ IInspectable **objectReference) = 0; ++ ++}; ++#ifdef __CRT_UUID_DECL ++__CRT_UUID_DECL(IWeakReference, 0x00000037, 0x0000, 0x0000, 0xc0,0x00, 0x00,0x00,0x00,0x00,0x00,0x46) ++#endif ++#else ++typedef struct IWeakReferenceVtbl { ++ BEGIN_INTERFACE ++ ++ /*** IUnknown methods ***/ ++ HRESULT (STDMETHODCALLTYPE *QueryInterface)( ++ IWeakReference *This, ++ REFIID riid, ++ void **ppvObject); ++ ++ ULONG (STDMETHODCALLTYPE *AddRef)( ++ IWeakReference *This); ++ ++ ULONG (STDMETHODCALLTYPE *Release)( ++ IWeakReference *This); ++ ++ /*** IWeakReference methods ***/ ++ HRESULT (STDMETHODCALLTYPE *Resolve)( ++ IWeakReference *This, ++ REFIID riid, ++ IInspectable **objectReference); ++ ++ END_INTERFACE ++} IWeakReferenceVtbl; ++ ++interface IWeakReference { ++ CONST_VTBL IWeakReferenceVtbl* lpVtbl; ++}; ++ ++#ifdef COBJMACROS ++#ifndef WIDL_C_INLINE_WRAPPERS ++/*** IUnknown methods ***/ ++#define IWeakReference_QueryInterface(This,riid,ppvObject) (This)->lpVtbl->QueryInterface(This,riid,ppvObject) ++#define IWeakReference_AddRef(This) (This)->lpVtbl->AddRef(This) ++#define IWeakReference_Release(This) (This)->lpVtbl->Release(This) ++/*** IWeakReference methods ***/ ++#define IWeakReference_Resolve(This,riid,objectReference) (This)->lpVtbl->Resolve(This,riid,objectReference) ++#else ++/*** IUnknown methods ***/ ++static __WIDL_INLINE HRESULT IWeakReference_QueryInterface(IWeakReference* This,REFIID riid,void **ppvObject) { ++ return This->lpVtbl->QueryInterface(This,riid,ppvObject); ++} ++static __WIDL_INLINE ULONG IWeakReference_AddRef(IWeakReference* This) { ++ return This->lpVtbl->AddRef(This); ++} ++static __WIDL_INLINE ULONG IWeakReference_Release(IWeakReference* This) { ++ return This->lpVtbl->Release(This); ++} ++/*** IWeakReference methods ***/ ++static __WIDL_INLINE HRESULT IWeakReference_Resolve(IWeakReference* This,REFIID riid,IInspectable **objectReference) { ++ return This->lpVtbl->Resolve(This,riid,objectReference); ++} ++#endif ++#endif ++ ++#endif ++ ++ ++#endif /* __IWeakReference_INTERFACE_DEFINED__ */ ++ ++/***************************************************************************** ++ * IWeakReferenceSource interface ++ */ ++#ifndef __IWeakReferenceSource_INTERFACE_DEFINED__ ++#define __IWeakReferenceSource_INTERFACE_DEFINED__ ++ ++DEFINE_GUID(IID_IWeakReferenceSource, 0x00000038, 0x0000, 0x0000, 0xc0,0x00, 0x00,0x00,0x00,0x00,0x00,0x46); ++#if defined(__cplusplus) && !defined(CINTERFACE) ++MIDL_INTERFACE("00000038-0000-0000-c000-000000000046") ++IWeakReferenceSource : public IUnknown ++{ ++ virtual HRESULT STDMETHODCALLTYPE GetWeakReference( ++ IWeakReference **weakReference) = 0; ++ ++}; ++#ifdef __CRT_UUID_DECL ++__CRT_UUID_DECL(IWeakReferenceSource, 0x00000038, 0x0000, 0x0000, 0xc0,0x00, 0x00,0x00,0x00,0x00,0x00,0x46) ++#endif ++#else ++typedef struct IWeakReferenceSourceVtbl { ++ BEGIN_INTERFACE ++ ++ /*** IUnknown methods ***/ ++ HRESULT (STDMETHODCALLTYPE *QueryInterface)( ++ IWeakReferenceSource *This, ++ REFIID riid, ++ void **ppvObject); ++ ++ ULONG (STDMETHODCALLTYPE *AddRef)( ++ IWeakReferenceSource *This); ++ ++ ULONG (STDMETHODCALLTYPE *Release)( ++ IWeakReferenceSource *This); ++ ++ /*** IWeakReferenceSource methods ***/ ++ HRESULT (STDMETHODCALLTYPE *GetWeakReference)( ++ IWeakReferenceSource *This, ++ IWeakReference **weakReference); ++ ++ END_INTERFACE ++} IWeakReferenceSourceVtbl; ++ ++interface IWeakReferenceSource { ++ CONST_VTBL IWeakReferenceSourceVtbl* lpVtbl; ++}; ++ ++#ifdef COBJMACROS ++#ifndef WIDL_C_INLINE_WRAPPERS ++/*** IUnknown methods ***/ ++#define IWeakReferenceSource_QueryInterface(This,riid,ppvObject) (This)->lpVtbl->QueryInterface(This,riid,ppvObject) ++#define IWeakReferenceSource_AddRef(This) (This)->lpVtbl->AddRef(This) ++#define IWeakReferenceSource_Release(This) (This)->lpVtbl->Release(This) ++/*** IWeakReferenceSource methods ***/ ++#define IWeakReferenceSource_GetWeakReference(This,weakReference) (This)->lpVtbl->GetWeakReference(This,weakReference) ++#else ++/*** IUnknown methods ***/ ++static __WIDL_INLINE HRESULT IWeakReferenceSource_QueryInterface(IWeakReferenceSource* This,REFIID riid,void **ppvObject) { ++ return This->lpVtbl->QueryInterface(This,riid,ppvObject); ++} ++static __WIDL_INLINE ULONG IWeakReferenceSource_AddRef(IWeakReferenceSource* This) { ++ return This->lpVtbl->AddRef(This); ++} ++static __WIDL_INLINE ULONG IWeakReferenceSource_Release(IWeakReferenceSource* This) { ++ return This->lpVtbl->Release(This); ++} ++/*** IWeakReferenceSource methods ***/ ++static __WIDL_INLINE HRESULT IWeakReferenceSource_GetWeakReference(IWeakReferenceSource* This,IWeakReference **weakReference) { ++ return This->lpVtbl->GetWeakReference(This,weakReference); ++} ++#endif ++#endif ++ ++#endif ++ ++ ++#endif /* __IWeakReferenceSource_INTERFACE_DEFINED__ */ ++ ++/* Begin additional prototypes for all interfaces */ ++ ++ ++/* End additional prototypes */ ++ ++#ifdef __cplusplus ++} ++#endif ++ ++#endif /* __weakreference_h__ */ +diff --git a/mingw-w64-headers/include/weakreference.idl b/mingw-w64-headers/include/weakreference.idl +new file mode 100644 +index 000000000..037fce859 +--- /dev/null ++++ b/mingw-w64-headers/include/weakreference.idl +@@ -0,0 +1,28 @@ ++import "inspectable.idl"; ++ ++[object, uuid(00000037-0000-0000-C000-000000000046), pointer_default (unique)] ++interface IWeakReference: IUnknown ++{ ++// cpp_quote("#if (_MSC_VER >= 1600) && defined(__cplusplus) && !defined(CINTERFACE)") ++// cpp_quote(" EXTERN_C const IID IID_IWeakReference;") ++// cpp_quote(" extern \"C++\"") ++// cpp_quote(" {") ++// cpp_quote(" MIDL_INTERFACE(\"00000037-0000-0000-C000-000000000046\")") ++// cpp_quote(" IWeakReference : public IUnknown {") ++// cpp_quote(" public:") ++// cpp_quote(" virtual HRESULT STDMETHODCALLTYPE Resolve(REFIID riid, IInspectable **objectReference) = 0;") ++// cpp_quote("") ++// cpp_quote(" template <typename T>") ++// cpp_quote(" HRESULT Resolve(T** objectReference) {") ++// cpp_quote(" return 0;") ++// cpp_quote(" }") ++// cpp_quote(" };") ++// cpp_quote(" } // extern C++") ++// cpp_quote("#else") ++ HRESULT Resolve([in] REFIID riid, [out, retval, iid_is(riid)] IInspectable **objectReference); ++} ++ ++[object, uuid(00000038-0000-0000-C000-000000000046), pointer_default (unique)] ++interface IWeakReferenceSource : IUnknown { ++ HRESULT GetWeakReference([out, retval] IWeakReference **weakReference); ++} +diff --git a/mingw-w64-headers/include/windows.graphics.capture.h b/mingw-w64-headers/include/windows.graphics.capture.h +index 203b0f034..4a0c0b546 100644 +--- a/mingw-w64-headers/include/windows.graphics.capture.h ++++ b/mingw-w64-headers/include/windows.graphics.capture.h +@@ -902,7 +902,7 @@ namespace ABI { + { + virtual HRESULT STDMETHODCALLTYPE Recreate( + ABI::Windows::Graphics::DirectX::Direct3D11::IDirect3DDevice *device, +- enum DirectXPixelFormat pixel_format, ++ enum DirectX::DirectXPixelFormat pixel_format, + INT32 number_of_buffers, + struct SizeInt32 size) = 0; + +@@ -1100,7 +1100,7 @@ namespace ABI { + { + virtual HRESULT STDMETHODCALLTYPE Create( + ABI::Windows::Graphics::DirectX::Direct3D11::IDirect3DDevice *device, +- enum DirectXPixelFormat pixel_format, ++ enum DirectX::DirectXPixelFormat pixel_format, + INT32 number_of_buffers, + struct SizeInt32 size, + ABI::Windows::Graphics::Capture::IDirect3D11CaptureFramePool **result) = 0; +@@ -1236,7 +1236,7 @@ namespace ABI { + { + virtual HRESULT STDMETHODCALLTYPE CreateFreeThreaded( + ABI::Windows::Graphics::DirectX::Direct3D11::IDirect3DDevice *device, +- enum DirectXPixelFormat pixel_format, ++ enum DirectX::DirectXPixelFormat pixel_format, + INT32 number_of_buffers, + struct SizeInt32 size, + ABI::Windows::Graphics::Capture::IDirect3D11CaptureFramePool **result) = 0; +diff --git a/mingw-w64-headers/include/windows.graphics.directx.direct3d11.interop.h b/mingw-w64-headers/include/windows.graphics.directx.direct3d11.interop.h +new file mode 100644 +index 000000000..7b66f7d16 +--- /dev/null ++++ b/mingw-w64-headers/include/windows.graphics.directx.direct3d11.interop.h +@@ -0,0 +1,164 @@ ++/*** Autogenerated by WIDL 8.0 from include/windows.graphics.directx.direct3d11.interop.idl - Do not edit ***/ ++ ++#ifdef _WIN32 ++#ifndef __REQUIRED_RPCNDR_H_VERSION__ ++#define __REQUIRED_RPCNDR_H_VERSION__ 475 ++#endif ++#include <rpc.h> ++#include <rpcndr.h> ++#endif ++ ++#ifndef COM_NO_WINDOWS_H ++#include <windows.h> ++#include <ole2.h> ++#endif ++ ++#ifndef __windows_graphics_directx_direct3d11_interop_h__ ++#define __windows_graphics_directx_direct3d11_interop_h__ ++ ++#ifndef __WIDL_INLINE ++#if defined(__cplusplus) || defined(_MSC_VER) ++#define __WIDL_INLINE inline ++#elif defined(__GNUC__) ++#define __WIDL_INLINE __inline__ ++#endif ++#endif ++ ++/* Forward declarations */ ++ ++#ifndef ____x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess_FWD_DEFINED__ ++#define ____x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess_FWD_DEFINED__ ++typedef interface __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess; ++#ifdef __cplusplus ++#define __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess ABI::Windows::Graphics::DirectX::Direct3D11::IDirect3DDxgiInterfaceAccess ++namespace ABI { ++ namespace Windows { ++ namespace Graphics { ++ namespace DirectX { ++ namespace Direct3D11 { ++ interface IDirect3DDxgiInterfaceAccess; ++ } ++ } ++ } ++ } ++} ++#endif /* __cplusplus */ ++#endif ++ ++/* Headers for imported files */ ++ ++#include <windows.graphics.directx.direct3d11.h> ++ ++#ifdef __cplusplus ++extern "C" { ++#endif ++ ++/***************************************************************************** ++ * IDirect3DDxgiInterfaceAccess interface ++ */ ++#ifndef ____x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess_INTERFACE_DEFINED__ ++#define ____x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess_INTERFACE_DEFINED__ ++ ++DEFINE_GUID(IID___x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess, 0xa9b3d012, 0x3df2, 0x4ee3, 0xb8,0xd1, 0x86,0x95,0xf4,0x57,0xd3,0xc1); ++#if defined(__cplusplus) && !defined(CINTERFACE) ++} /* extern "C" */ ++namespace ABI { ++ namespace Windows { ++ namespace Graphics { ++ namespace DirectX { ++ namespace Direct3D11 { ++ MIDL_INTERFACE("a9b3d012-3df2-4ee3-b8d1-8695f457d3c1") ++ IDirect3DDxgiInterfaceAccess : public IUnknown ++ { ++ virtual HRESULT STDMETHODCALLTYPE GetInterface( ++ REFIID iid, ++ void **object) = 0; ++ ++ }; ++ } ++ } ++ } ++ } ++} ++extern "C" { ++#ifdef __CRT_UUID_DECL ++__CRT_UUID_DECL(__x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess, 0xa9b3d012, 0x3df2, 0x4ee3, 0xb8,0xd1, 0x86,0x95,0xf4,0x57,0xd3,0xc1) ++#endif ++#else ++typedef struct __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccessVtbl { ++ BEGIN_INTERFACE ++ ++ /*** IUnknown methods ***/ ++ HRESULT (STDMETHODCALLTYPE *QueryInterface)( ++ __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess *This, ++ REFIID riid, ++ void **ppvObject); ++ ++ ULONG (STDMETHODCALLTYPE *AddRef)( ++ __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess *This); ++ ++ ULONG (STDMETHODCALLTYPE *Release)( ++ __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess *This); ++ ++ /*** IDirect3DDxgiInterfaceAccess methods ***/ ++ HRESULT (STDMETHODCALLTYPE *GetInterface)( ++ __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess *This, ++ REFIID iid, ++ void **object); ++ ++ END_INTERFACE ++} __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccessVtbl; ++ ++interface __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess { ++ CONST_VTBL __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccessVtbl* lpVtbl; ++}; ++ ++#ifdef COBJMACROS ++#ifndef WIDL_C_INLINE_WRAPPERS ++/*** IUnknown methods ***/ ++#define __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess_QueryInterface(This,riid,ppvObject) (This)->lpVtbl->QueryInterface(This,riid,ppvObject) ++#define __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess_AddRef(This) (This)->lpVtbl->AddRef(This) ++#define __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess_Release(This) (This)->lpVtbl->Release(This) ++/*** IDirect3DDxgiInterfaceAccess methods ***/ ++#define __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess_GetInterface(This,iid,object) (This)->lpVtbl->GetInterface(This,iid,object) ++#else ++/*** IUnknown methods ***/ ++static __WIDL_INLINE HRESULT __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess_QueryInterface(__x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess* This,REFIID riid,void **ppvObject) { ++ return This->lpVtbl->QueryInterface(This,riid,ppvObject); ++} ++static __WIDL_INLINE ULONG __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess_AddRef(__x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess* This) { ++ return This->lpVtbl->AddRef(This); ++} ++static __WIDL_INLINE ULONG __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess_Release(__x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess* This) { ++ return This->lpVtbl->Release(This); ++} ++/*** IDirect3DDxgiInterfaceAccess methods ***/ ++static __WIDL_INLINE HRESULT __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess_GetInterface(__x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess* This,REFIID iid,void **object) { ++ return This->lpVtbl->GetInterface(This,iid,object); ++} ++#endif ++#ifdef WIDL_using_Windows_Graphics_DirectX_Direct3D11 ++#define IID_IDirect3DDxgiInterfaceAccess IID___x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess ++#define IDirect3DDxgiInterfaceAccessVtbl __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccessVtbl ++#define IDirect3DDxgiInterfaceAccess __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess ++#define IDirect3DDxgiInterfaceAccess_QueryInterface __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess_QueryInterface ++#define IDirect3DDxgiInterfaceAccess_AddRef __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess_AddRef ++#define IDirect3DDxgiInterfaceAccess_Release __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess_Release ++#define IDirect3DDxgiInterfaceAccess_GetInterface __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess_GetInterface ++#endif /* WIDL_using_Windows_Graphics_DirectX_Direct3D11 */ ++#endif ++ ++#endif ++ ++#endif /* ____x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess_INTERFACE_DEFINED__ */ ++ ++/* Begin additional prototypes for all interfaces */ ++ ++ ++/* End additional prototypes */ ++ ++#ifdef __cplusplus ++} ++#endif ++ ++#endif /* __windows_graphics_directx_direct3d11_interop_h__ */ +diff --git a/mingw-w64-headers/include/windows.graphics.directx.direct3d11.interop.idl b/mingw-w64-headers/include/windows.graphics.directx.direct3d11.interop.idl +new file mode 100644 +index 000000000..51e2845ea +--- /dev/null ++++ b/mingw-w64-headers/include/windows.graphics.directx.direct3d11.interop.idl +@@ -0,0 +1,14 @@ ++#ifdef __WIDL__ ++#pragma winrt ns_prefix ++#endif ++ ++import "windows.graphics.directx.direct3d11.idl"; ++ ++namespace Windows.Graphics.DirectX.Direct3D11 { ++ [ ++ uuid(A9B3D012-3DF2-4EE3-B8D1-8695F457D3C1) ++ ] ++ interface IDirect3DDxgiInterfaceAccess : IUnknown { ++ HRESULT GetInterface([in] REFIID iid, [out, iid_is(iid)] void **object); ++ }; ++} +diff --git a/mingw-w64-headers/include/windows.ui.core.h b/mingw-w64-headers/include/windows.ui.core.h +index 5eb820b33..8a2e93ce4 100644 +--- a/mingw-w64-headers/include/windows.ui.core.h ++++ b/mingw-w64-headers/include/windows.ui.core.h +@@ -1602,7 +1602,7 @@ namespace ABI { + namespace Core { + struct CoreProximityEvaluation { + INT32 Score; +- struct Point AdjustedPoint; ++ struct Foundation::Point AdjustedPoint; + }; + } + } +@@ -2759,11 +2759,11 @@ namespace ABI { + ) = 0; + + virtual HRESULT STDMETHODCALLTYPE GetAsyncKeyState( +- enum VirtualKey key, ++ enum System::VirtualKey key, + enum CoreVirtualKeyStates *state) = 0; + + virtual HRESULT STDMETHODCALLTYPE GetKeyState( +- enum VirtualKey key, ++ enum System::VirtualKey key, + enum CoreVirtualKeyStates *state) = 0; + + virtual HRESULT STDMETHODCALLTYPE ReleasePointerCapture( +@@ -3491,7 +3491,7 @@ namespace ABI { + ICoreWindow2 : public IInspectable + { + virtual HRESULT STDMETHODCALLTYPE put_PointerPosition( +- struct Point value) = 0; ++ struct Foundation::Point value) = 0; + + }; + } +@@ -4605,7 +4605,7 @@ namespace ABI { + IKeyEventArgs : public IInspectable + { + virtual HRESULT STDMETHODCALLTYPE get_VirtualKey( +- enum VirtualKey *value) = 0; ++ enum System::VirtualKey *value) = 0; + + virtual HRESULT STDMETHODCALLTYPE get_KeyStatus( + struct CorePhysicalKeyStatus *value) = 0; +@@ -4876,7 +4876,7 @@ namespace ABI { + ABI::Windows::UI::Input::IPointerPoint **value) = 0; + + virtual HRESULT STDMETHODCALLTYPE get_KeyModifiers( +- enum VirtualKeyModifiers *value) = 0; ++ enum System::VirtualKeyModifiers *value) = 0; + + virtual HRESULT STDMETHODCALLTYPE GetIntermediatePoints( + ABI::Windows::Foundation::Collections::IVector<ABI::Windows::UI::Input::PointerPoint* > **value) = 0; +diff --git a/mingw-w64-headers/include/wrl/client.h b/mingw-w64-headers/include/wrl/client.h +index aeb886ea8..4fcadc7fc 100644 +--- a/mingw-w64-headers/include/wrl/client.h ++++ b/mingw-w64-headers/include/wrl/client.h +@@ -9,12 +9,15 @@ + + #include <stddef.h> + #include <unknwn.h> +-/* #include <weakreference.h> */ ++#include <weakreference.h> + #include <roapi.h> + + /* #include <wrl/def.h> */ + #include <wrl/internal.h> + ++#define WrlFinal final ++#define WrlSealed sealed ++ + namespace Microsoft { + namespace WRL { + namespace Details { +diff --git a/mingw-w64-headers/include/wrl/event.h b/mingw-w64-headers/include/wrl/event.h +new file mode 100644 +index 000000000..2e883e241 +--- /dev/null ++++ b/mingw-w64-headers/include/wrl/event.h +@@ -0,0 +1,368 @@ ++#ifndef _WRL_EVENT_H_ ++#define _WRL_EVENT_H_ ++ ++// #include <wrl/def.h> ++#include <wrl/internal.h> ++#include <wrl/client.h> ++#include <wrl/implements.h> ++#include <wrl/wrappers/corewrappers.h> ++#include <eventtoken.h> ++// #include <roerrorapi.h> ++ ++#include <pshpack8.h> ++ ++namespace Microsoft { ++ namespace WRL { ++ enum DelegateCheckMode { ++ NoCheck = 1 ++ }; ++ ++ template<DelegateCheckMode delegateCheckMode> struct DelegateTraits; ++ ++ template<> struct DelegateTraits<NoCheck> { ++ static HRESULT CheckReturn(HRESULT hr) { ++ return 0; ++ } ++ }; ++ ++ extern __declspec(selectany) const DelegateCheckMode DefaultDelegateCheckMode = NoCheck; ++ ++ enum InvokeMode { ++ StopOnFirstError = 1, ++ FireAll = 2, ++ }; ++ ++ template<InvokeMode invokeModeValue> struct InvokeModeOptions { ++ static const InvokeMode invokeMode = invokeModeValue; ++ }; ++ ++ template<InvokeMode invokeMode> struct InvokeTraits; ++ ++ template<typename TDelegateInterface, typename EventSourceOptions> ++ class EventSource; ++ ++ namespace Details { ++ template<typename TDelegateInterface> ++ void* GetDelegateBucketAssist(TDelegateInterface *pDelegate) { ++ return nullptr; ++ } ++ ++ template<typename TMemberFunction> struct ArgTraits { ++ static const int args = -1; ++ }; ++ ++ template<typename TDelegateInterface> ++ struct ArgTraits<HRESULT(STDMETHODCALLTYPE TDelegateInterface::*)(void)> { ++ static const int args = 0; ++ }; ++ ++ template<typename TDelegateInterface, typename TArg1> ++ struct ArgTraits<HRESULT(STDMETHODCALLTYPE TDelegateInterface::*)(TArg1)> { ++ static const int args = 1; ++ typedef TArg1 Arg1Type; ++ }; ++ ++ template<typename TDelegateInterface, typename TArg1, typename TArg2> ++ struct ArgTraits<HRESULT(STDMETHODCALLTYPE TDelegateInterface::*)(TArg1, TArg2)> ++ { ++ static const int args = 2; ++ typedef TArg1 Arg1Type; ++ typedef TArg2 Arg2Type; ++ }; ++ ++ template<typename TDelegateInterface, typename TArg1, typename TArg2, typename TArg3> ++ struct ArgTraits<HRESULT(STDMETHODCALLTYPE TDelegateInterface::*)(TArg1, TArg2, TArg3)> ++ { ++ static const int args = 3; ++ typedef TArg1 Arg1Type; ++ typedef TArg2 Arg2Type; ++ typedef TArg3 Arg3Type; ++ }; ++ ++ template<typename TDelegateInterface, typename TArg1, typename TArg2, typename TArg3, typename TArg4> ++ struct ArgTraits<HRESULT(STDMETHODCALLTYPE TDelegateInterface::*)(TArg1, TArg2, TArg3, TArg4)> ++ { ++ static const int args = 4; ++ typedef TArg1 Arg1Type; ++ typedef TArg2 Arg2Type; ++ typedef TArg3 Arg3Type; ++ typedef TArg4 Arg4Type; ++ }; ++ ++ template<typename TDelegateInterface, typename TArg1, typename TArg2, typename TArg3, typename TArg4, typename TArg5> ++ struct ArgTraits<HRESULT(STDMETHODCALLTYPE TDelegateInterface::*)(TArg1, TArg2, TArg3, TArg4, TArg5)> ++ { ++ static const int args = 5; ++ typedef TArg1 Arg1Type; ++ typedef TArg2 Arg2Type; ++ typedef TArg3 Arg3Type; ++ typedef TArg4 Arg4Type; ++ typedef TArg5 Arg5Type; ++ }; ++ ++ template<typename TDelegateInterface, typename TArg1, typename TArg2, typename TArg3, typename TArg4, typename TArg5, typename TArg6> ++ struct ArgTraits<HRESULT(STDMETHODCALLTYPE TDelegateInterface::*)(TArg1, TArg2, TArg3, TArg4, TArg5, TArg6)> ++ { ++ static const int args = 6; ++ typedef TArg1 Arg1Type; ++ typedef TArg2 Arg2Type; ++ typedef TArg3 Arg3Type; ++ typedef TArg4 Arg4Type; ++ typedef TArg5 Arg5Type; ++ typedef TArg6 Arg6Type; ++ }; ++ ++ template<typename TDelegateInterface, typename TArg1, typename TArg2, typename TArg3, typename TArg4, typename TArg5, typename TArg6, typename TArg7> ++ struct ArgTraits<HRESULT(STDMETHODCALLTYPE TDelegateInterface::*)(TArg1, TArg2, TArg3, TArg4, TArg5, TArg6, TArg7)> ++ { ++ static const int args = 7; ++ typedef TArg1 Arg1Type; ++ typedef TArg2 Arg2Type; ++ typedef TArg3 Arg3Type; ++ typedef TArg4 Arg4Type; ++ typedef TArg5 Arg5Type; ++ typedef TArg6 Arg6Type; ++ typedef TArg7 Arg7Type; ++ }; ++ ++ template<typename TDelegateInterface, typename TArg1, typename TArg2, typename TArg3, typename TArg4, typename TArg5, typename TArg6, typename TArg7, typename TArg8> ++ struct ArgTraits<HRESULT(STDMETHODCALLTYPE TDelegateInterface::*)(TArg1, TArg2, TArg3, TArg4, TArg5, TArg6, TArg7, TArg8)> ++ { ++ static const int args = 8; ++ typedef TArg1 Arg1Type; ++ typedef TArg2 Arg2Type; ++ typedef TArg3 Arg3Type; ++ typedef TArg4 Arg4Type; ++ typedef TArg5 Arg5Type; ++ typedef TArg6 Arg6Type; ++ typedef TArg7 Arg7Type; ++ typedef TArg8 Arg8Type; ++ }; ++ ++ template<typename TDelegateInterface, typename TArg1, typename TArg2, typename TArg3, typename TArg4, typename TArg5, typename TArg6, typename TArg7, typename TArg8, typename TArg9> ++ struct ArgTraits<HRESULT(STDMETHODCALLTYPE TDelegateInterface::*)(TArg1, TArg2, TArg3, TArg4, TArg5, TArg6, TArg7, TArg8, TArg9)> ++ { ++ static const int args = 9; ++ typedef TArg1 Arg1Type; ++ typedef TArg2 Arg2Type; ++ typedef TArg3 Arg3Type; ++ typedef TArg4 Arg4Type; ++ typedef TArg5 Arg5Type; ++ typedef TArg6 Arg6Type; ++ typedef TArg7 Arg7Type; ++ typedef TArg8 Arg8Type; ++ typedef TArg9 Arg9Type; ++ }; ++ ++ template<typename TDelegateInterface, bool isImplements = __is_base_of(ImplementsBase, TDelegateInterface)> ++ struct ArgTraitsHelper; ++ ++ template<typename TDelegateInterface> ++ struct ArgTraitsHelper<TDelegateInterface, false> ++ { ++ typedef decltype(&TDelegateInterface::Invoke) methodType; ++ typedef ArgTraits<methodType> Traits; ++ static const int args = Traits::args; ++ typedef TDelegateInterface Interface; ++ }; ++ ++ template<typename TDelegateInterface> ++ struct ArgTraitsHelper<TDelegateInterface, true> {}; ++ ++ template<typename TDelegateInterface> class DelegateArgTraits {}; ++ ++ template<typename TDelegateInterface, typename ...TArgs> ++ class DelegateArgTraits<HRESULT (STDMETHODCALLTYPE TDelegateInterface::*)(TArgs...)> ++ { ++ template<typename TCallback, DelegateCheckMode checkMode> ++ struct DelegateInvokeHelper WrlSealed : public ::Microsoft::WRL::RuntimeClass<RuntimeClassFlags<Delegate>, TDelegateInterface>, RemoveReference<TCallback>::Type { ++ DelegateInvokeHelper(TCallback&& callback) noexcept {} ++ ++ HRESULT STDMETHODCALLTYPE Invoke(TArgs... args) noexcept override { ++ return 0; ++ } ++ }; ++ ++ public: ++ template<typename TImplements, DelegateCheckMode checkMode = DefaultDelegateCheckMode, typename TLambda> ++ static ComPtr<TImplements> Callback(TLambda&& callback) noexcept { ++ ComPtr<TImplements> empty; ++ return empty; ++ } ++ }; ++ ++ template<typename TDelegateInterface, bool isImplements = __is_base_of(ImplementsBase, TDelegateInterface)> ++ struct DelegateArgTraitsHelper; ++ ++ template<typename TDelegateInterface> ++ struct DelegateArgTraitsHelper<TDelegateInterface, false> { ++ typedef TDelegateInterface Interface; ++ typedef DelegateArgTraits<decltype(&TDelegateInterface::Invoke)> Traits; ++ }; ++ ++ template<typename TDelegateInterface> ++ struct DelegateArgTraitsHelper<TDelegateInterface, true> {}; ++ ++ template<typename TDelegateInterface> ++ HRESULT CreateAgileHelper(TDelegateInterface* delegateInterface, TDelegateInterface** wrapper) { ++ return 0; ++ } ++ } ++ ++ template<typename TDelegateInterface, typename TLambda> ++ ComPtr<typename Details::DelegateArgTraitsHelper<TDelegateInterface>::Interface> Callback(TLambda&& callback) noexcept { ++ return 0; ++ } ++ ++ template<typename TDelegateInterface, typename TFunc> ++ ComPtr<typename Details::DelegateArgTraitsHelper<TDelegateInterface>::Interface> Callback(TFunc* callback) noexcept { ++ return 0; ++ }; ++ ++ template<typename TDelegateInterface, typename TCallbackObject, typename... TArgs> ++ ComPtr<typename Details::DelegateArgTraitsHelper<TDelegateInterface>::Interface> Callback(TCallbackObject *object, HRESULT(TCallbackObject::* method)(TArgs...)) noexcept { ++ return 0; ++ } ++ ++ template<typename TDelegateInterface> ++ HRESULT WeakReferenceCallback(IWeakReferenceSource* innerCallback, TDelegateInterface** callback) { ++ return 0; ++ } ++ ++ template<typename TDelegateInterface> ++ HRESULT WeakReferenceCallback(TDelegateInterface* innerCallback, TDelegateInterface** callback) { ++ return 0; ++ } ++ ++ template<typename T, typename TDelegateInterface, typename ...TArgs> ++ HRESULT WeakReferenceCallback(T* targetObject, HRESULT (T::*targetMethod)(TArgs... args), TDelegateInterface** callback) { ++ return 0; ++ } ++ ++ template<typename T, typename TDelegateInterface, typename ...TArgs> ++ HRESULT WeakReferenceCallback(T* targetObject, HRESULT(T::*targetMethod)(TArgs... args), ::Microsoft::WRL::Details::ComPtrRef< ::Microsoft::WRL::ComPtr<TDelegateInterface>> callback) { ++ return 0; ++ } ++ ++ namespace Details { ++ ++ class EventTargetArray WrlSealed : public ::Microsoft::WRL::RuntimeClass< ::Microsoft::WRL::RuntimeClassFlags<ClassicCom>, IUnknown > { ++ public: ++ EventTargetArray() noexcept {} ++ ++ HRESULT RuntimeClassInitialize(size_t items) noexcept { ++ return 0; ++ } ++ ++ ~EventTargetArray() noexcept ++ { ++ delete[] begin_; ++ delete[] bucketAssists_; ++ } ++ ++ ComPtr<IUnknown>* Begin() noexcept { ++ return nullptr; ++ } ++ ++ ComPtr<IUnknown>* End() noexcept { ++ return nullptr; ++ } ++ ++ void AddTail(IUnknown* element) noexcept { ++ } ++ ++ void AddTail(IUnknown* element, void *bucketAssist) noexcept { ++ } ++ ++ size_t Length() noexcept { ++ return 0; ++ } ++ ++ void **Begin_BucketAssists() { ++ return nullptr; ++ } ++ ++ void **End_BucketAssists() { ++ return nullptr; ++ } ++ ++ private: ++ ComPtr<IUnknown>* begin_; ++ ++ ComPtr<IUnknown>* end_; ++ ++ void **bucketAssists_; ++ }; ++ } ++ ++ template<> ++ struct InvokeTraits<FireAll> ++ { ++ template<typename TInvokeMethod, typename TDelegateInterface> ++ static HRESULT InvokeDelegates(TInvokeMethod invokeOne, Details::EventTargetArray *targetArray, EventSource<TDelegateInterface, InvokeModeOptions<FireAll>>* pEvent) { ++ return 0; ++ } ++ }; ++ ++ template<> ++ struct InvokeTraits<StopOnFirstError> ++ { ++ template<typename TInvokeMethod, typename TDelegateInterface> ++ static HRESULT InvokeDelegates(TInvokeMethod invokeOne, Details::EventTargetArray *targetArray, EventSource<TDelegateInterface, InvokeModeOptions<StopOnFirstError>>* pEvent) { ++ return 0; ++ } ++ }; ++ ++ template<typename TDelegateInterface, typename TEventSourceOptions> ++ class EventSource { ++ public: ++ EventSource() noexcept {} ++ ++ HRESULT Add(TDelegateInterface* delegateInterface, EventRegistrationToken* token) noexcept { ++ return 0; ++ } ++ ++ HRESULT Remove(EventRegistrationToken token) noexcept { ++ return 0; ++ } ++ ++ protected: ++ ++ HRESULT Add(TDelegateInterface* delegateInterface, void *bucketAssist, EventRegistrationToken* token) noexcept { ++ return 0; ++ } ++ ++ private: ++ ++ HRESULT AddInternal(TDelegateInterface* delegateInterface, void *bucketAssist, EventRegistrationToken* token) noexcept { ++ return 0; ++ } ++ ++ template <typename TInvokeMethod> ++ HRESULT DoInvoke(TInvokeMethod invokeOne) noexcept { ++ return 0; ++ } ++ ++ public: ++ template<typename ...TArgs> ++ HRESULT InvokeAll(TArgs... args) noexcept { ++ return 0; ++ } ++ ++ size_t GetSize() const noexcept { ++ return 0; ++ } ++ ++ protected: ++ ComPtr<Details::EventTargetArray> targets_; ++ ++ mutable Wrappers::SRWLock targetsPointerLock_; ++ ++ Wrappers::SRWLock addRemoveLock_; ++ }; ++ } ++} ++ ++#include <poppack.h> ++ ++#endif +diff --git a/mingw-w64-headers/include/wrl/implements.h b/mingw-w64-headers/include/wrl/implements.h +new file mode 100644 +index 000000000..9d5fe962f +--- /dev/null ++++ b/mingw-w64-headers/include/wrl/implements.h +@@ -0,0 +1,619 @@ ++#ifndef _WRL_IMPLEMENTS_H_ ++#define _WRL_IMPLEMENTS_H_ ++ ++#include <weakreference.h> ++ ++#include <wrl\client.h> ++ ++#include <pshpack8.h> ++ ++ ++namespace Microsoft { ++ namespace WRL { ++ template<typename T> ++ struct CloakedIid : T {}; ++ ++ enum RuntimeClassType { ++ WinRt = 0x0001, ++ ClassicCom = 0x0002, ++ WinRtClassicComMix = WinRt | ClassicCom, ++ InhibitWeakReference = 0x0004, ++ Delegate = ClassicCom, ++ InhibitFtmBase = 0x0008, ++ InhibitRoOriginateError = 0x0010 ++ }; ++ ++ template <unsigned int flags> ++ struct RuntimeClassFlags { ++ static const unsigned int value = flags; ++ }; ++ ++ namespace Details { ++ struct ImplementsBase {}; ++ } ++ ++ template<typename Derived, typename MixInType, bool hasImplements> ++ struct MixIn {}; ++ ++ template <typename FactoryInterface> ++ class ComposableBase {}; ++ ++ typedef RuntimeClassFlags<WinRt | InhibitWeakReference> InhibitWeakReferencePolicy; ++ ++ namespace Details { ++ ++ class Nil {}; ++ ++ class DontUseNewUseMake { ++ private: ++ void* operator new(size_t) throw() { ++ return nullptr; ++ } ++ ++ public: ++ void* operator new(size_t, void* placement) throw() { ++ return nullptr; ++ } ++ }; ++ ++ class RuntimeClassBase {}; ++ ++ template <unsigned int RuntimeClassTypeT> ++ class RuntimeClassBaseT : private RuntimeClassBase { ++ protected: ++ template<typename T> ++ static HRESULT AsIID(T* implements, REFIID riid, void **ppvObject) throw() { ++ return 0; ++ } ++ ++ template<typename T> ++ static HRESULT GetImplementedIIDS(T* implements, ULONG *iidCount, IID **iids) throw() { ++ return 0; ++ } ++ ++ public: ++ HRESULT RuntimeClassInitialize() throw() { ++ return 0; ++ } ++ }; ++ ++ class FtmBaseMarker {}; ++ ++ template <typename I, typename Base> ++ struct VerifyInheritanceHelper { ++ static void Verify() throw() {} ++ }; ++ ++ template <typename I> ++ struct VerifyInheritanceHelper<I, Nil> { ++ static void Verify() throw() {} ++ }; ++ } ++ ++ template <typename I0, typename I1, typename I2 = Details::Nil, typename I3 = Details::Nil, ++ typename I4 = Details::Nil, typename I5 = Details::Nil, typename I6 = Details::Nil, ++ typename I7 = Details::Nil, typename I8 = Details::Nil, typename I9 = Details::Nil> ++ struct ChainInterfaces : I0 ++ { ++ protected: ++ template<unsigned int ClassType> ++ static void Verify() throw() {} ++ ++ HRESULT CanCastTo(REFIID riid, void **ppv) throw() { ++ return 0; ++ } ++ ++ IUnknown* CastToUnknown() throw() { ++ return nullptr; ++ } ++ ++ static const unsigned long IidCount; ++ ++ static void FillArrayWithIid(unsigned long *index, IID* iids) throw() {} ++ }; ++ ++ template <typename DerivedType, typename BaseType, bool hasImplements, typename I1, typename I2, typename I3, ++ typename I4, typename I5, typename I6, ++ typename I7, typename I8, typename I9> ++ struct ChainInterfaces<MixIn<DerivedType, BaseType, hasImplements>, I1, I2, I3, I4, I5, I6, I7, I8, I9> ++ { ++ protected: ++ template<unsigned int ClassType> ++ static void Verify() throw() {} ++ ++ HRESULT CanCastTo(REFIID riid, void **ppv) throw() { ++ return 0; ++ } ++ ++ IUnknown* CastToUnknown() throw() { ++ return nullptr; ++ } ++ ++ static const unsigned long IidCount; ++ ++ static void FillArrayWithIid(unsigned long *index, IID* iids) throw() {} ++ }; ++ ++ namespace Details { ++ template <typename RuntimeClassFlagsT, bool doStrictCheck, typename ...TInterfaces> ++ struct __declspec(novtable) ImplementsHelper; ++ ++ template <typename RuntimeClassFlagsT, bool doStrictCheck, typename I0, typename ...TInterfaces> ++ struct __declspec(novtable) ImplementsHelper<RuntimeClassFlagsT, doStrictCheck, I0, TInterfaces...> : I0, ImplementsHelper<RuntimeClassFlagsT, true, TInterfaces...> { ++ protected: ++ template <unsigned int RuntimeClassTypeT> friend class Details::RuntimeClassBaseT; ++ ++ template <bool IsDelegateToClass> ++ HRESULT CanCastToHelper(REFIID riid, void **ppv, bool *pRefDelegated) throw(); ++ ++ template <> ++ HRESULT inline CanCastToHelper<true>(REFIID riid, void **ppv, bool *pRefDelegated) throw() { ++ return 0; ++ } ++ ++ template <> ++ HRESULT inline CanCastToHelper<false>(REFIID riid, void **ppv, bool *pRefDelegated) throw() { ++ return 0; ++ } ++ ++ HRESULT CanCastTo(REFIID riid, void **ppv, bool *pRefDelegated) throw() { ++ return 0; ++ } ++ ++ template <bool IsDelegateToClass> IUnknown* CastToUnknownHelper() throw(); ++ ++ template <> inline IUnknown* CastToUnknownHelper<true>() throw() { ++ return nullptr; ++ } ++ ++ template <> inline IUnknown* CastToUnknownHelper<false>() throw() { ++ return nullptr; ++ } ++ ++ IUnknown* CastToUnknown() throw() { ++ return nullptr; ++ } ++ ++ template <bool IsDelegateToClass> long GetIidCountHelper() throw(); ++ ++ template <> inline long GetIidCountHelper<true>() throw() { ++ return 0; ++ } ++ ++ template <> inline long GetIidCountHelper<false>() throw() { ++ return 0; ++ } ++ ++ unsigned long GetIidCount() throw() { ++ return 0; ++ } ++ ++ template <bool IsDelegateToClass> void FillArrayWithIidHelper(unsigned long *index, IID* iids) throw(); ++ ++ template <> inline void FillArrayWithIidHelper<true>(unsigned long *index, IID* iids) throw() {} ++ ++ template <> inline void FillArrayWithIidHelper<false>(unsigned long *index, IID* iids) throw() {} ++ ++ void FillArrayWithIid(unsigned long *index, IID* iids) throw() {} ++ }; ++ ++ template <typename RuntimeClassFlagsT, bool doStrictCheck, typename ...TInterfaces> ++ struct __declspec(novtable) ImplementsHelper<RuntimeClassFlagsT, doStrictCheck, Details::Nil, TInterfaces...> : ImplementsHelper<RuntimeClassFlagsT, doStrictCheck, TInterfaces...> { ++ protected: ++ template <unsigned int RuntimeClassTypeT> friend class Details::RuntimeClassBaseT; ++ ++ HRESULT CanCastTo(REFIID riid, void **ppv, bool * pRefDelegated) throw() { ++ return 0; ++ } ++ ++ unsigned long GetIidCount() throw() { ++ return 0; ++ } ++ ++ void FillArrayWithIid(unsigned long *index, IID* iids) throw() {} ++ }; ++ ++ template <typename RuntimeClassFlagsT, bool doStrictCheck> ++ struct __declspec(novtable) ImplementsHelper<RuntimeClassFlagsT, doStrictCheck> ++ { ++ protected: ++ template <unsigned int RuntimeClassTypeT> friend class Details::RuntimeClassBaseT; ++ ++ HRESULT CanCastTo(REFIID, void **, bool*) throw() { ++ return 0; ++ } ++ ++ unsigned long GetIidCount() throw() { ++ return 0; ++ } ++ ++ void FillArrayWithIid(unsigned long*, IID*) throw() {} ++ }; ++ ++ template <typename RuntimeClassFlagsT, bool doStrictCheck, typename I0, typename ...TInterfaces> ++ struct __declspec(novtable) ImplementsHelper<RuntimeClassFlagsT, doStrictCheck, CloakedIid<I0>, TInterfaces...> : ImplementsHelper<RuntimeClassFlagsT, doStrictCheck, I0>, ImplementsHelper<RuntimeClassFlagsT, true, TInterfaces...> { ++ protected: ++ template <unsigned int RuntimeClassTypeT> friend class Details::RuntimeClassBaseT; ++ ++ HRESULT CanCastTo(REFIID riid, void **ppv, bool *pRefDelegated) throw() { ++ return 0; ++ } ++ ++ IUnknown* CastToUnknown() throw() { ++ return 0; ++ } ++ ++ unsigned long GetIidCount() throw() { ++ return 0; ++ } ++ ++ void FillArrayWithIid(unsigned long *index, IID* iids) throw() {} ++ }; ++ ++ template <typename RuntimeClassFlagsT, bool doStrictCheck, typename C0, typename C1, typename C2, typename C3, typename C4, typename C5, typename C6, typename C7, typename C8, typename C9, typename ...TInterfaces> ++ struct __declspec(novtable) ImplementsHelper<RuntimeClassFlagsT, doStrictCheck, ChainInterfaces<C0, C1, C2, C3, C4, C5, C6, C7, C8, C9>, TInterfaces...> : ChainInterfaces<C0, C1, C2, C3, C4, C5, C6, C7, C8, C9>, ImplementsHelper<RuntimeClassFlagsT, true, TInterfaces...> { ++ protected: ++ template <unsigned int RuntimeClassTypeT> friend class Details::RuntimeClassBaseT; ++ ++ HRESULT CanCastTo(REFIID riid, void **ppv, bool *pRefDelegated) throw() { ++ return 0; ++ } ++ ++ IUnknown* CastToUnknown() throw() { ++ return nullptr; ++ } ++ ++ unsigned long GetIidCount() throw() { ++ return 0; ++ } ++ ++ void FillArrayWithIid(unsigned long *index, IID* iids) throw() {} ++ }; ++ ++ template <typename RuntimeClassFlagsT, typename DerivedType, typename BaseType, bool hasImplements, typename ...TInterfaces, bool doStrictCheck> ++ struct __declspec(novtable) ImplementsHelper<RuntimeClassFlagsT, doStrictCheck, MixIn<DerivedType, BaseType, hasImplements>, TInterfaces...> : ImplementsHelper<RuntimeClassFlagsT, true, TInterfaces...> { ++ protected: ++ template <unsigned int RuntimeClassTypeT> friend class Details::RuntimeClassBaseT; ++ ++ HRESULT CanCastTo(REFIID riid, void **ppv, bool *pRefDelegated) throw() { ++ return 0; ++ } ++ ++ IUnknown* CastToUnknown() throw() { ++ return nullptr; ++ } ++ ++ unsigned long GetIidCount() throw() { ++ return 0; ++ } ++ ++ void FillArrayWithIid(unsigned long *index, IID* iids) throw() {} ++ }; ++ ++ template <typename I0, typename ...> ++ struct AreAllNil { ++ static const bool value = false; ++ }; ++ ++ template <typename ...TInterfaces> ++ struct AreAllNil<Microsoft::WRL::Details::Nil, TInterfaces...> { ++ static const bool value = AreAllNil<TInterfaces...>::value; ++ }; ++ ++ template <> ++ struct AreAllNil<Microsoft::WRL::Details::Nil> { ++ static const bool value = true; ++ }; ++ ++ template <typename RuntimeClassFlagsT, typename FactoryInterface, bool doStrictCheck, typename ...TInterfaces> ++ struct __declspec(novtable) ImplementsHelper<RuntimeClassFlagsT, doStrictCheck, ComposableBase<FactoryInterface>, TInterfaces...> : ImplementsHelper<RuntimeClassFlagsT, true, ComposableBase<FactoryInterface>> { ++ protected: ++ template <unsigned int RuntimeClassTypeT> friend class Details::RuntimeClassBaseT; ++ ++ typedef ImplementsHelper<RuntimeClassFlagsT, true, ComposableBase<FactoryInterface>> Base; ++ ++ HRESULT CanCastTo(REFIID riid, void **ppv, bool *pRefDelegated) throw() { ++ return 0; ++ } ++ ++ IUnknown* CastToUnknown() throw() { ++ return 0; ++ } ++ ++ unsigned long GetIidCount() throw() { ++ return 0; ++ } ++ ++ void FillArrayWithIid(unsigned long *index, IID* iids) throw() {} ++ }; ++ ++ template <typename RuntimeClassFlagsT, typename FactoryInterface, bool doStrictCheck> ++ struct __declspec(novtable) ImplementsHelper<RuntimeClassFlagsT, doStrictCheck, ComposableBase<FactoryInterface>> { ++ protected: ++ template <unsigned int RuntimeClassTypeT> friend class Details::RuntimeClassBaseT; ++ ++ HRESULT CanCastTo(REFIID riid, void **ppv, bool *pRefDelegated) throw() { ++ return 0; ++ } ++ ++ IUnknown* CastToUnknown() throw() { ++ return nullptr; ++ } ++ ++ unsigned long GetIidCount() throw() { ++ return 0; ++ } ++ ++ void FillArrayWithIid(unsigned long *index, IID* iids) throw() {} ++ ++ ImplementsHelper() throw() {} ++ ++ ~ImplementsHelper() throw() {} ++ ++ public: ++ HRESULT SetComposableBasePointers(IInspectable* base, FactoryInterface* baseFactory) throw() { ++ return 0; ++ } ++ ++ ComPtr<IInspectable> GetComposableBase() throw() { ++ return composableBase_; ++ } ++ ++ ComPtr<FactoryInterface> GetComposableBaseFactory() throw() { ++ return composableBaseFactory_; ++ } ++ ++ private: ++ ComPtr<IInspectable> composableBase_; ++ ++ ComPtr<FactoryInterface> composableBaseFactory_; ++ ++ IID *iidsCached_; ++ ++ unsigned long iidCount_; ++ }; ++ ++ } ++ ++ template <typename I0, typename ...TInterfaces> ++ struct __declspec(novtable) Implements : Details::ImplementsHelper<RuntimeClassFlags<WinRt>, true, I0, TInterfaces...>, Details::ImplementsBase { ++ public: ++ typedef RuntimeClassFlags<WinRt> ClassFlags; ++ ++ typedef I0 FirstInterface; ++ ++ protected: ++ HRESULT CanCastTo(REFIID riid, void **ppv) throw() { ++ return 0; ++ } ++ ++ IUnknown* CastToUnknown() throw() { ++ return nullptr; ++ } ++ ++ unsigned long GetIidCount() throw() { ++ return 0; ++ } ++ ++ void FillArrayWithIid(unsigned long *index, IID* iids) throw() {} ++ }; ++ ++ template <int flags, typename I0, typename ...TInterfaces> ++ struct __declspec(novtable) Implements<RuntimeClassFlags<flags>, I0, TInterfaces...> : Details::ImplementsHelper<RuntimeClassFlags<flags>, true, I0, TInterfaces...>, Details::ImplementsBase { ++ public: ++ typedef RuntimeClassFlags<flags> ClassFlags; ++ ++ typedef I0 FirstInterface; ++ ++ protected: ++ HRESULT CanCastTo(REFIID riid, void **ppv) throw() { ++ return 0; ++ } ++ ++ IUnknown* CastToUnknown() throw() { ++ return nullptr; ++ } ++ ++ unsigned long GetIidCount() throw() { ++ return 0; ++ } ++ ++ void FillArrayWithIid(unsigned long *index, IID* iids) throw() {} ++ }; ++ ++ class FtmBase : public Implements< ::Microsoft::WRL::RuntimeClassFlags<WinRtClassicComMix>, ::Microsoft::WRL::CloakedIid< ::IMarshal> >, private ::Microsoft::WRL::Details::FtmBaseMarker { ++ protected: ++ template <typename RuntimeClassFlagsT, bool doStrictCheck, typename ...TInterfaces> friend struct Details::ImplementsHelper; ++ ++ HRESULT CanCastTo(REFIID riid, void **ppv) throw() { ++ return 0; ++ } ++ ++ public: ++ FtmBase() throw() {} ++ ++ STDMETHOD(GetUnmarshalClass)(REFIID riid, void *pv, DWORD dwDestContext, void *pvDestContext, DWORD mshlflags, CLSID *pCid) override { ++ return 0; ++ } ++ ++ STDMETHOD(GetMarshalSizeMax)(REFIID riid, void *pv, DWORD dwDestContext, void *pvDestContext, DWORD mshlflags, DWORD *pSize) override { ++ return 0; ++ } ++ ++ STDMETHOD(MarshalInterface)(IStream *pStm, REFIID riid, void *pv, DWORD dwDestContext, void *pvDestContext, DWORD mshlflags) override { ++ return 0; ++ } ++ ++ STDMETHOD(UnmarshalInterface)(IStream *pStm, REFIID riid, void **ppv) override { ++ return 0; ++ } ++ ++ STDMETHOD(ReleaseMarshalData)(IStream *pStm) override { ++ return 0; ++ } ++ ++ STDMETHOD(DisconnectObject)(DWORD dwReserved) override { ++ return 0; ++ } ++ ++ static HRESULT CreateGlobalInterfaceTable(IGlobalInterfaceTable **git) throw() { ++ return 0; ++ } ++ ++ ::Microsoft::WRL::ComPtr<IMarshal> marshaller_; ++ }; ++ ++ namespace Details { ++ #define DETAILS_RTCLASS_FLAGS_ARGUMENTS(RuntimeClassFlagsT) \ ++ RuntimeClassFlagsT, \ ++ (RuntimeClassFlagsT::value & InhibitWeakReference) == 0, \ ++ (RuntimeClassFlagsT::value & WinRt) == WinRt, \ ++ __WRL_IMPLEMENTS_FTM_BASE__(RuntimeClassFlagsT::value) \ ++ ++ template <class RuntimeClassFlagsT, bool implementsWeakReferenceSource, bool implementsInspectable, bool implementsFtmBase, typename ...TInterfaces> ++ class __declspec(novtable) RuntimeClassImpl; ++ ++ template <class RuntimeClassFlagsT, bool implementsWeakReferenceSource, bool implementsFtmBase, typename ...TInterfaces> ++ class __declspec(novtable) RuntimeClassImpl<RuntimeClassFlagsT, implementsWeakReferenceSource, false, implementsFtmBase, TInterfaces...> : public Details::ImplementsHelper<RuntimeClassFlagsT, false, TInterfaces...>, public RuntimeClassBaseT<RuntimeClassFlagsT::value>, protected RuntimeClassFlags<InhibitWeakReference>, public DontUseNewUseMake { ++ public: ++ typedef RuntimeClassFlagsT ClassFlags; ++ ++ STDMETHOD(QueryInterface)(REFIID riid, void **ppvObject) { ++ return 0; ++ } ++ ++ STDMETHOD_(ULONG, AddRef)() { ++ return 0; ++ } ++ ++ STDMETHOD_(ULONG, Release)() { ++ return 0; ++ } ++ ++ protected: ++ RuntimeClassImpl() throw() {} ++ ++ virtual ~RuntimeClassImpl() throw() {} ++ ++ unsigned long InternalAddRef() throw() { ++ return 0; ++ } ++ ++ unsigned long InternalRelease() throw() { ++ return 0; ++ } ++ ++ unsigned long GetRefCount() const throw() { ++ return 0; ++ } ++ ++ friend class WeakReferenceImpl; ++ ++ private: ++ volatile long refcount_; ++ }; ++ ++ template<typename I, bool isImplementsBased = __is_base_of(ImplementsBase, I)> ++ struct HasIInspectable; ++ ++ template<typename I> ++ struct HasIInspectable<I, false> { ++ static const bool isIInspectable; ++ }; ++ ++ template<typename I> ++ struct HasIInspectable<I, true> { ++ static const bool isIInspectable; ++ }; ++ ++ template<typename I0, bool isIInspectable = true> ++ struct IInspectableInjector; ++ ++ template<typename I0> ++ struct IInspectableInjector<I0, true> { ++ typedef Details::Nil InspectableIfNeeded; ++ }; ++ ++ template<typename I0> ++ struct IInspectableInjector<I0, false> { ++ typedef IInspectable InspectableIfNeeded; ++ }; ++ ++ template <class RuntimeClassFlagsT, typename I0, typename ...TInterfaces> ++ class __declspec(novtable) RuntimeClassImpl<RuntimeClassFlagsT, false, true, false, I0, TInterfaces...> : public Details::ImplementsHelper<RuntimeClassFlagsT, false, typename IInspectableInjector<I0>::InspectableIfNeeded, I0, TInterfaces...>, public RuntimeClassBaseT<RuntimeClassFlagsT::value>, protected RuntimeClassFlags<InhibitWeakReference>, public DontUseNewUseMake { ++ public: ++ typedef RuntimeClassFlagsT ClassFlags; ++ ++ STDMETHOD(QueryInterface)(REFIID riid, void **ppvObject) { ++ return 0; ++ } ++ ++ STDMETHOD_(ULONG, AddRef)() { ++ return 0; ++ } ++ ++ STDMETHOD_(ULONG, Release)() { ++ return 0; ++ } ++ ++ STDMETHOD(GetIids)(ULONG *iidCount, IID **iids) { ++ return 0; ++ } ++ ++ protected: ++ RuntimeClassImpl() throw() {} ++ ++ virtual ~RuntimeClassImpl() throw() {} ++ ++ unsigned long InternalAddRef() throw() { ++ return 0; ++ } ++ ++ unsigned long InternalRelease() throw() { ++ return 0; ++ } ++ ++ unsigned long GetRefCount() const throw() { ++ return 0; ++ } ++ ++ private: ++ volatile long refcount_; ++ }; ++ ++ template <class RuntimeClassFlagsT, typename I0, typename ...TInterfaces> ++ class __declspec(novtable) RuntimeClassImpl<RuntimeClassFlagsT, false, true, true, I0, TInterfaces...> : public RuntimeClassImpl<RuntimeClassFlagsT, false, true, false, I0, TInterfaces...> {}; ++ ++ template <class RuntimeClassFlagsT, typename I0, typename ...TInterfaces> ++ class __declspec(novtable) RuntimeClassImpl<RuntimeClassFlagsT, true, true, true, I0, TInterfaces...> : public RuntimeClassImpl<RuntimeClassFlagsT, true, true, false, I0, FtmBase, TInterfaces...> {}; ++ } ++ ++ template <typename ...TInterfaces> ++ class RuntimeClass : public Details::RuntimeClassImpl<DETAILS_RTCLASS_FLAGS_ARGUMENTS(RuntimeClassFlags<WinRt>), TInterfaces...> { ++ RuntimeClass(const RuntimeClass&); ++ ++ RuntimeClass& operator=(const RuntimeClass&); ++ ++ public: ++ RuntimeClass() throw() {} ++ ++ typedef RuntimeClass RuntimeClassT; ++ }; ++ ++ template <unsigned int classFlags, typename ...TInterfaces> ++ class RuntimeClass<RuntimeClassFlags<classFlags>, TInterfaces...> : public Details::RuntimeClassImpl<DETAILS_RTCLASS_FLAGS_ARGUMENTS(RuntimeClassFlags<classFlags>), TInterfaces...> { ++ RuntimeClass(const RuntimeClass&); ++ ++ RuntimeClass& operator=(const RuntimeClass&); ++ ++ public: ++ RuntimeClass() throw() {} ++ ++ typedef RuntimeClass RuntimeClassT; ++ }; ++ } ++} ++ ++#include <poppack.h> ++ ++#endif +diff --git a/mingw-w64-headers/include/wrl/internal.h b/mingw-w64-headers/include/wrl/internal.h +index 715ef74e3..dffa7153d 100644 +--- a/mingw-w64-headers/include/wrl/internal.h ++++ b/mingw-w64-headers/include/wrl/internal.h +@@ -7,6 +7,8 @@ + #ifndef _WRL_INTERNAL_H_ + #define _WRL_INTERNAL_H_ + ++#define __WRL_IMPLEMENTS_FTM_BASE__(flags) (false) ++ + #include <windows.h> + + namespace Microsoft { +@@ -29,6 +31,26 @@ namespace Microsoft { + struct EnableIf<true, T> { + typedef T type; + }; ++ ++ template<class T> ++ struct RemoveReference { ++ typedef T Type; ++ }; ++ ++ template<class T> ++ struct RemoveReference<T&> { ++ typedef T Type; ++ }; ++ ++ template<class T> ++ struct RemoveReference<T&&> { ++ typedef T Type; ++ }; ++ ++ template<class T> ++ inline typename RemoveReference<T>::Type&& Move(T&& arg) throw() { ++ return nullptr; ++ } + } + } + } +diff --git a/mingw-w64-headers/include/wrl/wrappers/corewrappers.h b/mingw-w64-headers/include/wrl/wrappers/corewrappers.h +index 221d9cc8f..4b15f43ec 100644 +--- a/mingw-w64-headers/include/wrl/wrappers/corewrappers.h ++++ b/mingw-w64-headers/include/wrl/wrappers/corewrappers.h +@@ -22,6 +22,129 @@ namespace Microsoft { + } + + namespace Wrappers { ++ namespace HandleTraits { ++ struct SRWLockSharedTraits { ++ typedef SRWLOCK* Type; ++ ++ inline static Type GetInvalidValue() throw() { ++ return nullptr; ++ } ++ ++ inline static void Unlock(Type srwlock) throw() {} ++ }; ++ ++ struct SRWLockExclusiveTraits { ++ typedef SRWLOCK* Type; ++ ++ inline static Type GetInvalidValue() throw() { ++ return nullptr; ++ } ++ ++ inline static void Unlock(Type srwlock) throw() {} ++ }; ++ } ++ ++ class SRWLock; ++ ++ namespace Details { ++ class SyncLockExclusive { ++ public: ++ SyncLockExclusive(SyncLockExclusive&& other) throw() {} ++ ++ SyncLockExclusive(const SyncLockExclusive&); ++ SyncLockExclusive& operator=(const SyncLockExclusive&); ++ ++ ~SyncLockExclusive() throw() {} ++ ++ void Unlock() throw() {} ++ ++ bool IsLocked() const throw() { ++ return 0; ++ } ++ ++ friend class Wrappers::SRWLock; ++ ++ protected: ++ explicit SyncLockExclusive(SRWLOCK* sync) throw() {} ++ ++ SRWLOCK* sync_; ++ ++ private: ++ void InternalUnlock() throw() {} ++ }; ++ ++ class SyncLockShared { ++ public: ++ SyncLockShared(SyncLockShared&& other) throw() {} ++ ++ SyncLockShared(const SyncLockShared&); ++ SyncLockShared& operator=(const SyncLockShared&); ++ ++ ~SyncLockShared() throw() {} ++ ++ void Unlock() throw() {} ++ ++ bool IsLocked() const throw() { ++ return 0; ++ } ++ ++ friend class Wrappers::SRWLock; ++ ++ protected: ++ explicit SyncLockShared(SRWLOCK* sync) throw() {} ++ ++ SRWLOCK* sync_; ++ ++ private: ++ void InternalUnlock() throw() {} ++ }; ++ } ++ ++ class SRWLock { ++ public: ++ SRWLock() throw() {} ++ ++ SRWLock(const SRWLock&) = delete; ++ SRWLock& operator=(const SRWLock&) = delete; ++ ++ ~SRWLock() throw() {} ++ ++ Details::SyncLockExclusive LockExclusive() throw() { ++ return Details::SyncLockExclusive(nullptr); ++ } ++ ++ static Details::SyncLockExclusive LockExclusive(SRWLOCK* lock) throw() { ++ return Details::SyncLockExclusive(nullptr); ++ } ++ ++ Details::SyncLockExclusive TryLockExclusive() throw() { ++ return Details::SyncLockExclusive(nullptr); ++ } ++ ++ static Details::SyncLockExclusive TryLockExclusive(SRWLOCK* lock) throw() { ++ return Details::SyncLockExclusive(nullptr); ++ } ++ ++ Details::SyncLockShared LockShared() throw() { ++ return Details::SyncLockShared(nullptr); ++ } ++ ++ static Details::SyncLockShared LockShared(SRWLOCK* lock) throw() { ++ return Details::SyncLockShared(nullptr); ++ } ++ ++ Details::SyncLockShared TryLockShared() throw() { ++ return Details::SyncLockShared(nullptr); ++ } ++ ++ static Details::SyncLockShared TryLockShared(SRWLOCK* lock) throw() { ++ return Details::SyncLockShared(nullptr); ++ } ++ ++ protected: ++ SRWLOCK SRWLock_; ++ }; ++ + class HStringReference { + private: + void Init(const wchar_t* str, unsigned int len) { ===================================== projects/translation/config ===================================== @@ -12,7 +12,7 @@ compress_tar: 'gz' steps: base-browser: base-browser: '[% INCLUDE build %]' - git_hash: 3b1be2065b54939ed019d94174f137847bcf3c66 + git_hash: f7c77f129447921ec1490f5f401ee27e474b932a targets: nightly: git_hash: 'base-browser' ===================================== rbm.conf ===================================== @@ -73,17 +73,20 @@ buildconf: git_signtag_opt: '-s' var: - torbrowser_version: '14.0.1' - torbrowser_build: 'build2' + torbrowser_version: '[% IF c("var/tor-browser") %]14.0.1[% ELSE %]14.0a10[% END %]' + torbrowser_build: 'build1' # This should be the date of when the build is started. For the build # to be reproducible, browser_release_date should always be in the past. - browser_release_date: '2024/10/28 09:00:00' + browser_release_date: '2024/10/31 19:43:38' browser_release_date_timestamp: '[% USE date; date.format(c("var/browser_release_date"), "%s") %]' updater_enabled: 1 build_mar: 1 torbrowser_incremental_from: + - '[% IF c("var/mullvad-browser") %]14.0a9[% END %]' + - '[% IF c("var/mullvad-browser") %]14.0a8[% END %]' + - '[% IF c("var/mullvad-browser") %]14.0a7[% END %]' - '[% IF c("var/tor-browser") %]14.0[% END %]' - - '13.5.7' + - '[% IF c("var/tor-browser") %]13.5.7[% END %]' mar_channel_id: '[% c("var/projectname") %]-torproject-[% c("var/channel") %]' torbrowser_legacy_version: 13.5.9 View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser] Pushed new tag mullvad-browser-128.4.0esr-14.0-1-build2
by morgan (＠morgan) 31 Oct '24

31 Oct '24

morgan pushed new tag mullvad-browser-128.4.0esr-14.0-1-build2 at The Tor Project / Applications / Mullvad Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/mullv… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-128.4.0esr-14.5-1] Bug 373 - reenable webrtc builds
by morgan (＠morgan) 31 Oct '24

31 Oct '24

morgan pushed to branch base-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: 173c563f by june wilde at 2024-10-31T20:56:39+00:00 Bug 373 - reenable webrtc builds - - - - - 3 changed files: - third_party/libwebrtc/modules/desktop_capture/win/wgc_capture_session.cc - third_party/libwebrtc/modules/desktop_capture/win/wgc_capturer_win.cc - third_party/libwebrtc/modules/desktop_capture/win/wgc_capturer_win.h Changes: ===================================== third_party/libwebrtc/modules/desktop_capture/win/wgc_capture_session.cc ===================================== @@ -10,9 +10,9 @@ #include "modules/desktop_capture/win/wgc_capture_session.h" -#include <DispatcherQueue.h> +#include <dispatcherqueue.h> #include <windows.graphics.capture.interop.h> -#include <windows.graphics.directX.direct3d11.interop.h> +#include <windows.graphics.directx.direct3d11.interop.h> #include <windows.graphics.h> #include <wrl/client.h> #include <wrl/event.h> @@ -181,9 +181,7 @@ HRESULT WgcCaptureSession::StartCapture(const DesktopCaptureOptions& options) { if (!options.prefer_cursor_embedded()) { ComPtr<ABI::Windows::Graphics::Capture::IGraphicsCaptureSession2> session2; - if (SUCCEEDED(session_->QueryInterface( - ABI::Windows::Graphics::Capture::IID_IGraphicsCaptureSession2, - &session2))) { + if (SUCCEEDED(session_->QueryInterface(IID_PPV_ARGS(&session2)))) { session2->put_IsCursorCaptureEnabled(false); } } @@ -367,7 +365,7 @@ HRESULT WgcCaptureSession::ProcessFrame() { return hr; } - ComPtr<Windows::Graphics::DirectX::Direct3D11::IDirect3DDxgiInterfaceAccess> + ComPtr<ABI::Windows::Graphics::DirectX::Direct3D11::IDirect3DDxgiInterfaceAccess> direct3DDxgiInterfaceAccess; hr = d3d_surface->QueryInterface(IID_PPV_ARGS(&direct3DDxgiInterfaceAccess)); if (FAILED(hr)) { ===================================== third_party/libwebrtc/modules/desktop_capture/win/wgc_capturer_win.cc ===================================== @@ -10,7 +10,7 @@ #include "modules/desktop_capture/win/wgc_capturer_win.h" -#include <DispatcherQueue.h> +#include <dispatcherqueue.h> #include <windows.foundation.metadata.h> #include <windows.graphics.capture.h> ===================================== third_party/libwebrtc/modules/desktop_capture/win/wgc_capturer_win.h ===================================== @@ -11,7 +11,7 @@ #ifndef MODULES_DESKTOP_CAPTURE_WIN_WGC_CAPTURER_WIN_H_ #define MODULES_DESKTOP_CAPTURE_WIN_WGC_CAPTURER_WIN_H_ -#include <DispatcherQueue.h> +#include <dispatcherqueue.h> #include <d3d11.h> #include <wrl/client.h> View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/173c563… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/173c563… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-128.4.0esr-14.0-1] Bug 373 - reenable webrtc builds
by morgan (＠morgan) 31 Oct '24

31 Oct '24

morgan pushed to branch base-browser-128.4.0esr-14.0-1 at The Tor Project / Applications / Tor Browser Commits: efcadd2e by june wilde at 2024-10-31T20:55:14+00:00 Bug 373 - reenable webrtc builds - - - - - 3 changed files: - third_party/libwebrtc/modules/desktop_capture/win/wgc_capture_session.cc - third_party/libwebrtc/modules/desktop_capture/win/wgc_capturer_win.cc - third_party/libwebrtc/modules/desktop_capture/win/wgc_capturer_win.h Changes: ===================================== third_party/libwebrtc/modules/desktop_capture/win/wgc_capture_session.cc ===================================== @@ -10,9 +10,9 @@ #include "modules/desktop_capture/win/wgc_capture_session.h" -#include <DispatcherQueue.h> +#include <dispatcherqueue.h> #include <windows.graphics.capture.interop.h> -#include <windows.graphics.directX.direct3d11.interop.h> +#include <windows.graphics.directx.direct3d11.interop.h> #include <windows.graphics.h> #include <wrl/client.h> #include <wrl/event.h> @@ -181,9 +181,7 @@ HRESULT WgcCaptureSession::StartCapture(const DesktopCaptureOptions& options) { if (!options.prefer_cursor_embedded()) { ComPtr<ABI::Windows::Graphics::Capture::IGraphicsCaptureSession2> session2; - if (SUCCEEDED(session_->QueryInterface( - ABI::Windows::Graphics::Capture::IID_IGraphicsCaptureSession2, - &session2))) { + if (SUCCEEDED(session_->QueryInterface(IID_PPV_ARGS(&session2)))) { session2->put_IsCursorCaptureEnabled(false); } } @@ -367,7 +365,7 @@ HRESULT WgcCaptureSession::ProcessFrame() { return hr; } - ComPtr<Windows::Graphics::DirectX::Direct3D11::IDirect3DDxgiInterfaceAccess> + ComPtr<ABI::Windows::Graphics::DirectX::Direct3D11::IDirect3DDxgiInterfaceAccess> direct3DDxgiInterfaceAccess; hr = d3d_surface->QueryInterface(IID_PPV_ARGS(&direct3DDxgiInterfaceAccess)); if (FAILED(hr)) { ===================================== third_party/libwebrtc/modules/desktop_capture/win/wgc_capturer_win.cc ===================================== @@ -10,7 +10,7 @@ #include "modules/desktop_capture/win/wgc_capturer_win.h" -#include <DispatcherQueue.h> +#include <dispatcherqueue.h> #include <windows.foundation.metadata.h> #include <windows.graphics.capture.h> ===================================== third_party/libwebrtc/modules/desktop_capture/win/wgc_capturer_win.h ===================================== @@ -11,7 +11,7 @@ #ifndef MODULES_DESKTOP_CAPTURE_WIN_WGC_CAPTURER_WIN_H_ #define MODULES_DESKTOP_CAPTURE_WIN_WGC_CAPTURER_WIN_H_ -#include <DispatcherQueue.h> +#include <dispatcherqueue.h> #include <d3d11.h> #include <wrl/client.h> View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/efcadd2… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/efcadd2… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-128.4.0esr-14.5-1] 2 commits: Bug 373 - reenable webrtc builds
by morgan (＠morgan) 31 Oct '24

31 Oct '24

morgan pushed to branch mullvad-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Mullvad Browser Commits: 4dc1a0a0 by june wilde at 2024-10-31T18:35:39+00:00 Bug 373 - reenable webrtc builds - - - - - 7e34aa7e by june wilde at 2024-10-31T18:35:39+00:00 fixup! MB 320: Temporarily disable WebRTC and WDBA on Windows. - - - - - 4 changed files: - mozconfig-windows-x86_64 - third_party/libwebrtc/modules/desktop_capture/win/wgc_capture_session.cc - third_party/libwebrtc/modules/desktop_capture/win/wgc_capturer_win.cc - third_party/libwebrtc/modules/desktop_capture/win/wgc_capturer_win.h Changes: ===================================== mozconfig-windows-x86_64 ===================================== @@ -23,5 +23,4 @@ ac_add_options --disable-notification-server ac_add_options --disable-eme # tor-browser#320: Temporarily disable until we resolve the mingw problems. -ac_add_options --disable-webrtc ac_add_options --disable-default-browser-agent ===================================== third_party/libwebrtc/modules/desktop_capture/win/wgc_capture_session.cc ===================================== @@ -10,9 +10,9 @@ #include "modules/desktop_capture/win/wgc_capture_session.h" -#include <DispatcherQueue.h> +#include <dispatcherqueue.h> #include <windows.graphics.capture.interop.h> -#include <windows.graphics.directX.direct3d11.interop.h> +#include <windows.graphics.directx.direct3d11.interop.h> #include <windows.graphics.h> #include <wrl/client.h> #include <wrl/event.h> @@ -181,9 +181,7 @@ HRESULT WgcCaptureSession::StartCapture(const DesktopCaptureOptions& options) { if (!options.prefer_cursor_embedded()) { ComPtr<ABI::Windows::Graphics::Capture::IGraphicsCaptureSession2> session2; - if (SUCCEEDED(session_->QueryInterface( - ABI::Windows::Graphics::Capture::IID_IGraphicsCaptureSession2, - &session2))) { + if (SUCCEEDED(session_->QueryInterface(IID_PPV_ARGS(&session2)))) { session2->put_IsCursorCaptureEnabled(false); } } @@ -367,7 +365,7 @@ HRESULT WgcCaptureSession::ProcessFrame() { return hr; } - ComPtr<Windows::Graphics::DirectX::Direct3D11::IDirect3DDxgiInterfaceAccess> + ComPtr<ABI::Windows::Graphics::DirectX::Direct3D11::IDirect3DDxgiInterfaceAccess> direct3DDxgiInterfaceAccess; hr = d3d_surface->QueryInterface(IID_PPV_ARGS(&direct3DDxgiInterfaceAccess)); if (FAILED(hr)) { ===================================== third_party/libwebrtc/modules/desktop_capture/win/wgc_capturer_win.cc ===================================== @@ -10,7 +10,7 @@ #include "modules/desktop_capture/win/wgc_capturer_win.h" -#include <DispatcherQueue.h> +#include <dispatcherqueue.h> #include <windows.foundation.metadata.h> #include <windows.graphics.capture.h> ===================================== third_party/libwebrtc/modules/desktop_capture/win/wgc_capturer_win.h ===================================== @@ -11,7 +11,7 @@ #ifndef MODULES_DESKTOP_CAPTURE_WIN_WGC_CAPTURER_WIN_H_ #define MODULES_DESKTOP_CAPTURE_WIN_WGC_CAPTURER_WIN_H_ -#include <DispatcherQueue.h> +#include <dispatcherqueue.h> #include <d3d11.h> #include <wrl/client.h> View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/60… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/60… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 41291 - Bump and patch mingw-w64-clang
by morgan (＠morgan) 31 Oct '24

31 Oct '24

morgan pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 0748806d by june wilde at 2024-10-31T18:22:38+00:00 Bug 41291 - Bump and patch mingw-w64-clang - - - - - 3 changed files: - projects/mingw-w64-clang/build - projects/mingw-w64-clang/config - + projects/mingw-w64-clang/mingw-webrtc.patch Changes: ===================================== projects/mingw-w64-clang/build ===================================== @@ -89,6 +89,7 @@ EOF patch -p1 < "$rootdir/mingw-dispatchqueue.patch" patch -p1 < "$rootdir/mingw-ts_sd.patch" patch -p1 < "$rootdir/mingw-composition.patch" + patch -p1 < "$rootdir/mingw-webrtc.patch" cd $builddir/mingw-w64-clang/mingw-w64-headers mkdir build && cd build ===================================== projects/mingw-w64-clang/config ===================================== @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 filename: '[% project %]-[% c("version") %]-[% pc("llvm-project", "version") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' git_url: https://git.code.sf.net/p/mingw-w64/mingw-w64 -git_hash: cd4cf9b279f8fb0815f8b9665d3cea60a30290bc +git_hash: 4ef04b0a7f7a20735de2f58b5c0496fcb4c7d191 version: '[% c("abbrev") %]' container: use_container: 1 @@ -35,3 +35,4 @@ input_files: - filename: mingw-dispatchqueue.patch - filename: mingw-ts_sd.patch - filename: mingw-composition.patch + - filename: mingw-webrtc.patch ===================================== projects/mingw-w64-clang/mingw-webrtc.patch ===================================== @@ -0,0 +1,1727 @@ +diff --git a/mingw-w64-headers/include/weakreference.h b/mingw-w64-headers/include/weakreference.h +new file mode 100644 +index 000000000..9776dd194 +--- /dev/null ++++ b/mingw-w64-headers/include/weakreference.h +@@ -0,0 +1,218 @@ ++/*** Autogenerated by WIDL 8.0 from include/weakreference.idl - Do not edit ***/ ++ ++#ifdef _WIN32 ++#ifndef __REQUIRED_RPCNDR_H_VERSION__ ++#define __REQUIRED_RPCNDR_H_VERSION__ 475 ++#endif ++#include <rpc.h> ++#include <rpcndr.h> ++#endif ++ ++#ifndef COM_NO_WINDOWS_H ++#include <windows.h> ++#include <ole2.h> ++#endif ++ ++#ifndef __weakreference_h__ ++#define __weakreference_h__ ++ ++#ifndef __WIDL_INLINE ++#if defined(__cplusplus) || defined(_MSC_VER) ++#define __WIDL_INLINE inline ++#elif defined(__GNUC__) ++#define __WIDL_INLINE __inline__ ++#endif ++#endif ++ ++/* Forward declarations */ ++ ++#ifndef __IWeakReference_FWD_DEFINED__ ++#define __IWeakReference_FWD_DEFINED__ ++typedef interface IWeakReference IWeakReference; ++#ifdef __cplusplus ++interface IWeakReference; ++#endif /* __cplusplus */ ++#endif ++ ++#ifndef __IWeakReferenceSource_FWD_DEFINED__ ++#define __IWeakReferenceSource_FWD_DEFINED__ ++typedef interface IWeakReferenceSource IWeakReferenceSource; ++#ifdef __cplusplus ++interface IWeakReferenceSource; ++#endif /* __cplusplus */ ++#endif ++ ++/* Headers for imported files */ ++ ++#include <inspectable.h> ++ ++#ifdef __cplusplus ++extern "C" { ++#endif ++ ++/***************************************************************************** ++ * IWeakReference interface ++ */ ++#ifndef __IWeakReference_INTERFACE_DEFINED__ ++#define __IWeakReference_INTERFACE_DEFINED__ ++ ++DEFINE_GUID(IID_IWeakReference, 0x00000037, 0x0000, 0x0000, 0xc0,0x00, 0x00,0x00,0x00,0x00,0x00,0x46); ++#if defined(__cplusplus) && !defined(CINTERFACE) ++MIDL_INTERFACE("00000037-0000-0000-c000-000000000046") ++IWeakReference : public IUnknown ++{ ++ virtual HRESULT STDMETHODCALLTYPE Resolve( ++ REFIID riid, ++ IInspectable **objectReference) = 0; ++ ++}; ++#ifdef __CRT_UUID_DECL ++__CRT_UUID_DECL(IWeakReference, 0x00000037, 0x0000, 0x0000, 0xc0,0x00, 0x00,0x00,0x00,0x00,0x00,0x46) ++#endif ++#else ++typedef struct IWeakReferenceVtbl { ++ BEGIN_INTERFACE ++ ++ /*** IUnknown methods ***/ ++ HRESULT (STDMETHODCALLTYPE *QueryInterface)( ++ IWeakReference *This, ++ REFIID riid, ++ void **ppvObject); ++ ++ ULONG (STDMETHODCALLTYPE *AddRef)( ++ IWeakReference *This); ++ ++ ULONG (STDMETHODCALLTYPE *Release)( ++ IWeakReference *This); ++ ++ /*** IWeakReference methods ***/ ++ HRESULT (STDMETHODCALLTYPE *Resolve)( ++ IWeakReference *This, ++ REFIID riid, ++ IInspectable **objectReference); ++ ++ END_INTERFACE ++} IWeakReferenceVtbl; ++ ++interface IWeakReference { ++ CONST_VTBL IWeakReferenceVtbl* lpVtbl; ++}; ++ ++#ifdef COBJMACROS ++#ifndef WIDL_C_INLINE_WRAPPERS ++/*** IUnknown methods ***/ ++#define IWeakReference_QueryInterface(This,riid,ppvObject) (This)->lpVtbl->QueryInterface(This,riid,ppvObject) ++#define IWeakReference_AddRef(This) (This)->lpVtbl->AddRef(This) ++#define IWeakReference_Release(This) (This)->lpVtbl->Release(This) ++/*** IWeakReference methods ***/ ++#define IWeakReference_Resolve(This,riid,objectReference) (This)->lpVtbl->Resolve(This,riid,objectReference) ++#else ++/*** IUnknown methods ***/ ++static __WIDL_INLINE HRESULT IWeakReference_QueryInterface(IWeakReference* This,REFIID riid,void **ppvObject) { ++ return This->lpVtbl->QueryInterface(This,riid,ppvObject); ++} ++static __WIDL_INLINE ULONG IWeakReference_AddRef(IWeakReference* This) { ++ return This->lpVtbl->AddRef(This); ++} ++static __WIDL_INLINE ULONG IWeakReference_Release(IWeakReference* This) { ++ return This->lpVtbl->Release(This); ++} ++/*** IWeakReference methods ***/ ++static __WIDL_INLINE HRESULT IWeakReference_Resolve(IWeakReference* This,REFIID riid,IInspectable **objectReference) { ++ return This->lpVtbl->Resolve(This,riid,objectReference); ++} ++#endif ++#endif ++ ++#endif ++ ++ ++#endif /* __IWeakReference_INTERFACE_DEFINED__ */ ++ ++/***************************************************************************** ++ * IWeakReferenceSource interface ++ */ ++#ifndef __IWeakReferenceSource_INTERFACE_DEFINED__ ++#define __IWeakReferenceSource_INTERFACE_DEFINED__ ++ ++DEFINE_GUID(IID_IWeakReferenceSource, 0x00000038, 0x0000, 0x0000, 0xc0,0x00, 0x00,0x00,0x00,0x00,0x00,0x46); ++#if defined(__cplusplus) && !defined(CINTERFACE) ++MIDL_INTERFACE("00000038-0000-0000-c000-000000000046") ++IWeakReferenceSource : public IUnknown ++{ ++ virtual HRESULT STDMETHODCALLTYPE GetWeakReference( ++ IWeakReference **weakReference) = 0; ++ ++}; ++#ifdef __CRT_UUID_DECL ++__CRT_UUID_DECL(IWeakReferenceSource, 0x00000038, 0x0000, 0x0000, 0xc0,0x00, 0x00,0x00,0x00,0x00,0x00,0x46) ++#endif ++#else ++typedef struct IWeakReferenceSourceVtbl { ++ BEGIN_INTERFACE ++ ++ /*** IUnknown methods ***/ ++ HRESULT (STDMETHODCALLTYPE *QueryInterface)( ++ IWeakReferenceSource *This, ++ REFIID riid, ++ void **ppvObject); ++ ++ ULONG (STDMETHODCALLTYPE *AddRef)( ++ IWeakReferenceSource *This); ++ ++ ULONG (STDMETHODCALLTYPE *Release)( ++ IWeakReferenceSource *This); ++ ++ /*** IWeakReferenceSource methods ***/ ++ HRESULT (STDMETHODCALLTYPE *GetWeakReference)( ++ IWeakReferenceSource *This, ++ IWeakReference **weakReference); ++ ++ END_INTERFACE ++} IWeakReferenceSourceVtbl; ++ ++interface IWeakReferenceSource { ++ CONST_VTBL IWeakReferenceSourceVtbl* lpVtbl; ++}; ++ ++#ifdef COBJMACROS ++#ifndef WIDL_C_INLINE_WRAPPERS ++/*** IUnknown methods ***/ ++#define IWeakReferenceSource_QueryInterface(This,riid,ppvObject) (This)->lpVtbl->QueryInterface(This,riid,ppvObject) ++#define IWeakReferenceSource_AddRef(This) (This)->lpVtbl->AddRef(This) ++#define IWeakReferenceSource_Release(This) (This)->lpVtbl->Release(This) ++/*** IWeakReferenceSource methods ***/ ++#define IWeakReferenceSource_GetWeakReference(This,weakReference) (This)->lpVtbl->GetWeakReference(This,weakReference) ++#else ++/*** IUnknown methods ***/ ++static __WIDL_INLINE HRESULT IWeakReferenceSource_QueryInterface(IWeakReferenceSource* This,REFIID riid,void **ppvObject) { ++ return This->lpVtbl->QueryInterface(This,riid,ppvObject); ++} ++static __WIDL_INLINE ULONG IWeakReferenceSource_AddRef(IWeakReferenceSource* This) { ++ return This->lpVtbl->AddRef(This); ++} ++static __WIDL_INLINE ULONG IWeakReferenceSource_Release(IWeakReferenceSource* This) { ++ return This->lpVtbl->Release(This); ++} ++/*** IWeakReferenceSource methods ***/ ++static __WIDL_INLINE HRESULT IWeakReferenceSource_GetWeakReference(IWeakReferenceSource* This,IWeakReference **weakReference) { ++ return This->lpVtbl->GetWeakReference(This,weakReference); ++} ++#endif ++#endif ++ ++#endif ++ ++ ++#endif /* __IWeakReferenceSource_INTERFACE_DEFINED__ */ ++ ++/* Begin additional prototypes for all interfaces */ ++ ++ ++/* End additional prototypes */ ++ ++#ifdef __cplusplus ++} ++#endif ++ ++#endif /* __weakreference_h__ */ +diff --git a/mingw-w64-headers/include/weakreference.idl b/mingw-w64-headers/include/weakreference.idl +new file mode 100644 +index 000000000..037fce859 +--- /dev/null ++++ b/mingw-w64-headers/include/weakreference.idl +@@ -0,0 +1,28 @@ ++import "inspectable.idl"; ++ ++[object, uuid(00000037-0000-0000-C000-000000000046), pointer_default (unique)] ++interface IWeakReference: IUnknown ++{ ++// cpp_quote("#if (_MSC_VER >= 1600) && defined(__cplusplus) && !defined(CINTERFACE)") ++// cpp_quote(" EXTERN_C const IID IID_IWeakReference;") ++// cpp_quote(" extern \"C++\"") ++// cpp_quote(" {") ++// cpp_quote(" MIDL_INTERFACE(\"00000037-0000-0000-C000-000000000046\")") ++// cpp_quote(" IWeakReference : public IUnknown {") ++// cpp_quote(" public:") ++// cpp_quote(" virtual HRESULT STDMETHODCALLTYPE Resolve(REFIID riid, IInspectable **objectReference) = 0;") ++// cpp_quote("") ++// cpp_quote(" template <typename T>") ++// cpp_quote(" HRESULT Resolve(T** objectReference) {") ++// cpp_quote(" return 0;") ++// cpp_quote(" }") ++// cpp_quote(" };") ++// cpp_quote(" } // extern C++") ++// cpp_quote("#else") ++ HRESULT Resolve([in] REFIID riid, [out, retval, iid_is(riid)] IInspectable **objectReference); ++} ++ ++[object, uuid(00000038-0000-0000-C000-000000000046), pointer_default (unique)] ++interface IWeakReferenceSource : IUnknown { ++ HRESULT GetWeakReference([out, retval] IWeakReference **weakReference); ++} +diff --git a/mingw-w64-headers/include/windows.graphics.capture.h b/mingw-w64-headers/include/windows.graphics.capture.h +index 203b0f034..4a0c0b546 100644 +--- a/mingw-w64-headers/include/windows.graphics.capture.h ++++ b/mingw-w64-headers/include/windows.graphics.capture.h +@@ -902,7 +902,7 @@ namespace ABI { + { + virtual HRESULT STDMETHODCALLTYPE Recreate( + ABI::Windows::Graphics::DirectX::Direct3D11::IDirect3DDevice *device, +- enum DirectXPixelFormat pixel_format, ++ enum DirectX::DirectXPixelFormat pixel_format, + INT32 number_of_buffers, + struct SizeInt32 size) = 0; + +@@ -1100,7 +1100,7 @@ namespace ABI { + { + virtual HRESULT STDMETHODCALLTYPE Create( + ABI::Windows::Graphics::DirectX::Direct3D11::IDirect3DDevice *device, +- enum DirectXPixelFormat pixel_format, ++ enum DirectX::DirectXPixelFormat pixel_format, + INT32 number_of_buffers, + struct SizeInt32 size, + ABI::Windows::Graphics::Capture::IDirect3D11CaptureFramePool **result) = 0; +@@ -1236,7 +1236,7 @@ namespace ABI { + { + virtual HRESULT STDMETHODCALLTYPE CreateFreeThreaded( + ABI::Windows::Graphics::DirectX::Direct3D11::IDirect3DDevice *device, +- enum DirectXPixelFormat pixel_format, ++ enum DirectX::DirectXPixelFormat pixel_format, + INT32 number_of_buffers, + struct SizeInt32 size, + ABI::Windows::Graphics::Capture::IDirect3D11CaptureFramePool **result) = 0; +diff --git a/mingw-w64-headers/include/windows.graphics.directx.direct3d11.interop.h b/mingw-w64-headers/include/windows.graphics.directx.direct3d11.interop.h +new file mode 100644 +index 000000000..7b66f7d16 +--- /dev/null ++++ b/mingw-w64-headers/include/windows.graphics.directx.direct3d11.interop.h +@@ -0,0 +1,164 @@ ++/*** Autogenerated by WIDL 8.0 from include/windows.graphics.directx.direct3d11.interop.idl - Do not edit ***/ ++ ++#ifdef _WIN32 ++#ifndef __REQUIRED_RPCNDR_H_VERSION__ ++#define __REQUIRED_RPCNDR_H_VERSION__ 475 ++#endif ++#include <rpc.h> ++#include <rpcndr.h> ++#endif ++ ++#ifndef COM_NO_WINDOWS_H ++#include <windows.h> ++#include <ole2.h> ++#endif ++ ++#ifndef __windows_graphics_directx_direct3d11_interop_h__ ++#define __windows_graphics_directx_direct3d11_interop_h__ ++ ++#ifndef __WIDL_INLINE ++#if defined(__cplusplus) || defined(_MSC_VER) ++#define __WIDL_INLINE inline ++#elif defined(__GNUC__) ++#define __WIDL_INLINE __inline__ ++#endif ++#endif ++ ++/* Forward declarations */ ++ ++#ifndef ____x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess_FWD_DEFINED__ ++#define ____x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess_FWD_DEFINED__ ++typedef interface __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess; ++#ifdef __cplusplus ++#define __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess ABI::Windows::Graphics::DirectX::Direct3D11::IDirect3DDxgiInterfaceAccess ++namespace ABI { ++ namespace Windows { ++ namespace Graphics { ++ namespace DirectX { ++ namespace Direct3D11 { ++ interface IDirect3DDxgiInterfaceAccess; ++ } ++ } ++ } ++ } ++} ++#endif /* __cplusplus */ ++#endif ++ ++/* Headers for imported files */ ++ ++#include <windows.graphics.directx.direct3d11.h> ++ ++#ifdef __cplusplus ++extern "C" { ++#endif ++ ++/***************************************************************************** ++ * IDirect3DDxgiInterfaceAccess interface ++ */ ++#ifndef ____x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess_INTERFACE_DEFINED__ ++#define ____x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess_INTERFACE_DEFINED__ ++ ++DEFINE_GUID(IID___x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess, 0xa9b3d012, 0x3df2, 0x4ee3, 0xb8,0xd1, 0x86,0x95,0xf4,0x57,0xd3,0xc1); ++#if defined(__cplusplus) && !defined(CINTERFACE) ++} /* extern "C" */ ++namespace ABI { ++ namespace Windows { ++ namespace Graphics { ++ namespace DirectX { ++ namespace Direct3D11 { ++ MIDL_INTERFACE("a9b3d012-3df2-4ee3-b8d1-8695f457d3c1") ++ IDirect3DDxgiInterfaceAccess : public IUnknown ++ { ++ virtual HRESULT STDMETHODCALLTYPE GetInterface( ++ REFIID iid, ++ void **object) = 0; ++ ++ }; ++ } ++ } ++ } ++ } ++} ++extern "C" { ++#ifdef __CRT_UUID_DECL ++__CRT_UUID_DECL(__x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess, 0xa9b3d012, 0x3df2, 0x4ee3, 0xb8,0xd1, 0x86,0x95,0xf4,0x57,0xd3,0xc1) ++#endif ++#else ++typedef struct __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccessVtbl { ++ BEGIN_INTERFACE ++ ++ /*** IUnknown methods ***/ ++ HRESULT (STDMETHODCALLTYPE *QueryInterface)( ++ __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess *This, ++ REFIID riid, ++ void **ppvObject); ++ ++ ULONG (STDMETHODCALLTYPE *AddRef)( ++ __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess *This); ++ ++ ULONG (STDMETHODCALLTYPE *Release)( ++ __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess *This); ++ ++ /*** IDirect3DDxgiInterfaceAccess methods ***/ ++ HRESULT (STDMETHODCALLTYPE *GetInterface)( ++ __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess *This, ++ REFIID iid, ++ void **object); ++ ++ END_INTERFACE ++} __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccessVtbl; ++ ++interface __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess { ++ CONST_VTBL __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccessVtbl* lpVtbl; ++}; ++ ++#ifdef COBJMACROS ++#ifndef WIDL_C_INLINE_WRAPPERS ++/*** IUnknown methods ***/ ++#define __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess_QueryInterface(This,riid,ppvObject) (This)->lpVtbl->QueryInterface(This,riid,ppvObject) ++#define __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess_AddRef(This) (This)->lpVtbl->AddRef(This) ++#define __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess_Release(This) (This)->lpVtbl->Release(This) ++/*** IDirect3DDxgiInterfaceAccess methods ***/ ++#define __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess_GetInterface(This,iid,object) (This)->lpVtbl->GetInterface(This,iid,object) ++#else ++/*** IUnknown methods ***/ ++static __WIDL_INLINE HRESULT __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess_QueryInterface(__x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess* This,REFIID riid,void **ppvObject) { ++ return This->lpVtbl->QueryInterface(This,riid,ppvObject); ++} ++static __WIDL_INLINE ULONG __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess_AddRef(__x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess* This) { ++ return This->lpVtbl->AddRef(This); ++} ++static __WIDL_INLINE ULONG __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess_Release(__x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess* This) { ++ return This->lpVtbl->Release(This); ++} ++/*** IDirect3DDxgiInterfaceAccess methods ***/ ++static __WIDL_INLINE HRESULT __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess_GetInterface(__x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess* This,REFIID iid,void **object) { ++ return This->lpVtbl->GetInterface(This,iid,object); ++} ++#endif ++#ifdef WIDL_using_Windows_Graphics_DirectX_Direct3D11 ++#define IID_IDirect3DDxgiInterfaceAccess IID___x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess ++#define IDirect3DDxgiInterfaceAccessVtbl __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccessVtbl ++#define IDirect3DDxgiInterfaceAccess __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess ++#define IDirect3DDxgiInterfaceAccess_QueryInterface __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess_QueryInterface ++#define IDirect3DDxgiInterfaceAccess_AddRef __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess_AddRef ++#define IDirect3DDxgiInterfaceAccess_Release __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess_Release ++#define IDirect3DDxgiInterfaceAccess_GetInterface __x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess_GetInterface ++#endif /* WIDL_using_Windows_Graphics_DirectX_Direct3D11 */ ++#endif ++ ++#endif ++ ++#endif /* ____x_ABI_CWindows_CGraphics_CDirectX_CDirect3D11_CIDirect3DDxgiInterfaceAccess_INTERFACE_DEFINED__ */ ++ ++/* Begin additional prototypes for all interfaces */ ++ ++ ++/* End additional prototypes */ ++ ++#ifdef __cplusplus ++} ++#endif ++ ++#endif /* __windows_graphics_directx_direct3d11_interop_h__ */ +diff --git a/mingw-w64-headers/include/windows.graphics.directx.direct3d11.interop.idl b/mingw-w64-headers/include/windows.graphics.directx.direct3d11.interop.idl +new file mode 100644 +index 000000000..51e2845ea +--- /dev/null ++++ b/mingw-w64-headers/include/windows.graphics.directx.direct3d11.interop.idl +@@ -0,0 +1,14 @@ ++#ifdef __WIDL__ ++#pragma winrt ns_prefix ++#endif ++ ++import "windows.graphics.directx.direct3d11.idl"; ++ ++namespace Windows.Graphics.DirectX.Direct3D11 { ++ [ ++ uuid(A9B3D012-3DF2-4EE3-B8D1-8695F457D3C1) ++ ] ++ interface IDirect3DDxgiInterfaceAccess : IUnknown { ++ HRESULT GetInterface([in] REFIID iid, [out, iid_is(iid)] void **object); ++ }; ++} +diff --git a/mingw-w64-headers/include/windows.ui.core.h b/mingw-w64-headers/include/windows.ui.core.h +index 5eb820b33..8a2e93ce4 100644 +--- a/mingw-w64-headers/include/windows.ui.core.h ++++ b/mingw-w64-headers/include/windows.ui.core.h +@@ -1602,7 +1602,7 @@ namespace ABI { + namespace Core { + struct CoreProximityEvaluation { + INT32 Score; +- struct Point AdjustedPoint; ++ struct Foundation::Point AdjustedPoint; + }; + } + } +@@ -2759,11 +2759,11 @@ namespace ABI { + ) = 0; + + virtual HRESULT STDMETHODCALLTYPE GetAsyncKeyState( +- enum VirtualKey key, ++ enum System::VirtualKey key, + enum CoreVirtualKeyStates *state) = 0; + + virtual HRESULT STDMETHODCALLTYPE GetKeyState( +- enum VirtualKey key, ++ enum System::VirtualKey key, + enum CoreVirtualKeyStates *state) = 0; + + virtual HRESULT STDMETHODCALLTYPE ReleasePointerCapture( +@@ -3491,7 +3491,7 @@ namespace ABI { + ICoreWindow2 : public IInspectable + { + virtual HRESULT STDMETHODCALLTYPE put_PointerPosition( +- struct Point value) = 0; ++ struct Foundation::Point value) = 0; + + }; + } +@@ -4605,7 +4605,7 @@ namespace ABI { + IKeyEventArgs : public IInspectable + { + virtual HRESULT STDMETHODCALLTYPE get_VirtualKey( +- enum VirtualKey *value) = 0; ++ enum System::VirtualKey *value) = 0; + + virtual HRESULT STDMETHODCALLTYPE get_KeyStatus( + struct CorePhysicalKeyStatus *value) = 0; +@@ -4876,7 +4876,7 @@ namespace ABI { + ABI::Windows::UI::Input::IPointerPoint **value) = 0; + + virtual HRESULT STDMETHODCALLTYPE get_KeyModifiers( +- enum VirtualKeyModifiers *value) = 0; ++ enum System::VirtualKeyModifiers *value) = 0; + + virtual HRESULT STDMETHODCALLTYPE GetIntermediatePoints( + ABI::Windows::Foundation::Collections::IVector<ABI::Windows::UI::Input::PointerPoint* > **value) = 0; +diff --git a/mingw-w64-headers/include/wrl/client.h b/mingw-w64-headers/include/wrl/client.h +index aeb886ea8..4fcadc7fc 100644 +--- a/mingw-w64-headers/include/wrl/client.h ++++ b/mingw-w64-headers/include/wrl/client.h +@@ -9,12 +9,15 @@ + + #include <stddef.h> + #include <unknwn.h> +-/* #include <weakreference.h> */ ++#include <weakreference.h> + #include <roapi.h> + + /* #include <wrl/def.h> */ + #include <wrl/internal.h> + ++#define WrlFinal final ++#define WrlSealed sealed ++ + namespace Microsoft { + namespace WRL { + namespace Details { +diff --git a/mingw-w64-headers/include/wrl/event.h b/mingw-w64-headers/include/wrl/event.h +new file mode 100644 +index 000000000..2e883e241 +--- /dev/null ++++ b/mingw-w64-headers/include/wrl/event.h +@@ -0,0 +1,368 @@ ++#ifndef _WRL_EVENT_H_ ++#define _WRL_EVENT_H_ ++ ++// #include <wrl/def.h> ++#include <wrl/internal.h> ++#include <wrl/client.h> ++#include <wrl/implements.h> ++#include <wrl/wrappers/corewrappers.h> ++#include <eventtoken.h> ++// #include <roerrorapi.h> ++ ++#include <pshpack8.h> ++ ++namespace Microsoft { ++ namespace WRL { ++ enum DelegateCheckMode { ++ NoCheck = 1 ++ }; ++ ++ template<DelegateCheckMode delegateCheckMode> struct DelegateTraits; ++ ++ template<> struct DelegateTraits<NoCheck> { ++ static HRESULT CheckReturn(HRESULT hr) { ++ return 0; ++ } ++ }; ++ ++ extern __declspec(selectany) const DelegateCheckMode DefaultDelegateCheckMode = NoCheck; ++ ++ enum InvokeMode { ++ StopOnFirstError = 1, ++ FireAll = 2, ++ }; ++ ++ template<InvokeMode invokeModeValue> struct InvokeModeOptions { ++ static const InvokeMode invokeMode = invokeModeValue; ++ }; ++ ++ template<InvokeMode invokeMode> struct InvokeTraits; ++ ++ template<typename TDelegateInterface, typename EventSourceOptions> ++ class EventSource; ++ ++ namespace Details { ++ template<typename TDelegateInterface> ++ void* GetDelegateBucketAssist(TDelegateInterface *pDelegate) { ++ return nullptr; ++ } ++ ++ template<typename TMemberFunction> struct ArgTraits { ++ static const int args = -1; ++ }; ++ ++ template<typename TDelegateInterface> ++ struct ArgTraits<HRESULT(STDMETHODCALLTYPE TDelegateInterface::*)(void)> { ++ static const int args = 0; ++ }; ++ ++ template<typename TDelegateInterface, typename TArg1> ++ struct ArgTraits<HRESULT(STDMETHODCALLTYPE TDelegateInterface::*)(TArg1)> { ++ static const int args = 1; ++ typedef TArg1 Arg1Type; ++ }; ++ ++ template<typename TDelegateInterface, typename TArg1, typename TArg2> ++ struct ArgTraits<HRESULT(STDMETHODCALLTYPE TDelegateInterface::*)(TArg1, TArg2)> ++ { ++ static const int args = 2; ++ typedef TArg1 Arg1Type; ++ typedef TArg2 Arg2Type; ++ }; ++ ++ template<typename TDelegateInterface, typename TArg1, typename TArg2, typename TArg3> ++ struct ArgTraits<HRESULT(STDMETHODCALLTYPE TDelegateInterface::*)(TArg1, TArg2, TArg3)> ++ { ++ static const int args = 3; ++ typedef TArg1 Arg1Type; ++ typedef TArg2 Arg2Type; ++ typedef TArg3 Arg3Type; ++ }; ++ ++ template<typename TDelegateInterface, typename TArg1, typename TArg2, typename TArg3, typename TArg4> ++ struct ArgTraits<HRESULT(STDMETHODCALLTYPE TDelegateInterface::*)(TArg1, TArg2, TArg3, TArg4)> ++ { ++ static const int args = 4; ++ typedef TArg1 Arg1Type; ++ typedef TArg2 Arg2Type; ++ typedef TArg3 Arg3Type; ++ typedef TArg4 Arg4Type; ++ }; ++ ++ template<typename TDelegateInterface, typename TArg1, typename TArg2, typename TArg3, typename TArg4, typename TArg5> ++ struct ArgTraits<HRESULT(STDMETHODCALLTYPE TDelegateInterface::*)(TArg1, TArg2, TArg3, TArg4, TArg5)> ++ { ++ static const int args = 5; ++ typedef TArg1 Arg1Type; ++ typedef TArg2 Arg2Type; ++ typedef TArg3 Arg3Type; ++ typedef TArg4 Arg4Type; ++ typedef TArg5 Arg5Type; ++ }; ++ ++ template<typename TDelegateInterface, typename TArg1, typename TArg2, typename TArg3, typename TArg4, typename TArg5, typename TArg6> ++ struct ArgTraits<HRESULT(STDMETHODCALLTYPE TDelegateInterface::*)(TArg1, TArg2, TArg3, TArg4, TArg5, TArg6)> ++ { ++ static const int args = 6; ++ typedef TArg1 Arg1Type; ++ typedef TArg2 Arg2Type; ++ typedef TArg3 Arg3Type; ++ typedef TArg4 Arg4Type; ++ typedef TArg5 Arg5Type; ++ typedef TArg6 Arg6Type; ++ }; ++ ++ template<typename TDelegateInterface, typename TArg1, typename TArg2, typename TArg3, typename TArg4, typename TArg5, typename TArg6, typename TArg7> ++ struct ArgTraits<HRESULT(STDMETHODCALLTYPE TDelegateInterface::*)(TArg1, TArg2, TArg3, TArg4, TArg5, TArg6, TArg7)> ++ { ++ static const int args = 7; ++ typedef TArg1 Arg1Type; ++ typedef TArg2 Arg2Type; ++ typedef TArg3 Arg3Type; ++ typedef TArg4 Arg4Type; ++ typedef TArg5 Arg5Type; ++ typedef TArg6 Arg6Type; ++ typedef TArg7 Arg7Type; ++ }; ++ ++ template<typename TDelegateInterface, typename TArg1, typename TArg2, typename TArg3, typename TArg4, typename TArg5, typename TArg6, typename TArg7, typename TArg8> ++ struct ArgTraits<HRESULT(STDMETHODCALLTYPE TDelegateInterface::*)(TArg1, TArg2, TArg3, TArg4, TArg5, TArg6, TArg7, TArg8)> ++ { ++ static const int args = 8; ++ typedef TArg1 Arg1Type; ++ typedef TArg2 Arg2Type; ++ typedef TArg3 Arg3Type; ++ typedef TArg4 Arg4Type; ++ typedef TArg5 Arg5Type; ++ typedef TArg6 Arg6Type; ++ typedef TArg7 Arg7Type; ++ typedef TArg8 Arg8Type; ++ }; ++ ++ template<typename TDelegateInterface, typename TArg1, typename TArg2, typename TArg3, typename TArg4, typename TArg5, typename TArg6, typename TArg7, typename TArg8, typename TArg9> ++ struct ArgTraits<HRESULT(STDMETHODCALLTYPE TDelegateInterface::*)(TArg1, TArg2, TArg3, TArg4, TArg5, TArg6, TArg7, TArg8, TArg9)> ++ { ++ static const int args = 9; ++ typedef TArg1 Arg1Type; ++ typedef TArg2 Arg2Type; ++ typedef TArg3 Arg3Type; ++ typedef TArg4 Arg4Type; ++ typedef TArg5 Arg5Type; ++ typedef TArg6 Arg6Type; ++ typedef TArg7 Arg7Type; ++ typedef TArg8 Arg8Type; ++ typedef TArg9 Arg9Type; ++ }; ++ ++ template<typename TDelegateInterface, bool isImplements = __is_base_of(ImplementsBase, TDelegateInterface)> ++ struct ArgTraitsHelper; ++ ++ template<typename TDelegateInterface> ++ struct ArgTraitsHelper<TDelegateInterface, false> ++ { ++ typedef decltype(&TDelegateInterface::Invoke) methodType; ++ typedef ArgTraits<methodType> Traits; ++ static const int args = Traits::args; ++ typedef TDelegateInterface Interface; ++ }; ++ ++ template<typename TDelegateInterface> ++ struct ArgTraitsHelper<TDelegateInterface, true> {}; ++ ++ template<typename TDelegateInterface> class DelegateArgTraits {}; ++ ++ template<typename TDelegateInterface, typename ...TArgs> ++ class DelegateArgTraits<HRESULT (STDMETHODCALLTYPE TDelegateInterface::*)(TArgs...)> ++ { ++ template<typename TCallback, DelegateCheckMode checkMode> ++ struct DelegateInvokeHelper WrlSealed : public ::Microsoft::WRL::RuntimeClass<RuntimeClassFlags<Delegate>, TDelegateInterface>, RemoveReference<TCallback>::Type { ++ DelegateInvokeHelper(TCallback&& callback) noexcept {} ++ ++ HRESULT STDMETHODCALLTYPE Invoke(TArgs... args) noexcept override { ++ return 0; ++ } ++ }; ++ ++ public: ++ template<typename TImplements, DelegateCheckMode checkMode = DefaultDelegateCheckMode, typename TLambda> ++ static ComPtr<TImplements> Callback(TLambda&& callback) noexcept { ++ ComPtr<TImplements> empty; ++ return empty; ++ } ++ }; ++ ++ template<typename TDelegateInterface, bool isImplements = __is_base_of(ImplementsBase, TDelegateInterface)> ++ struct DelegateArgTraitsHelper; ++ ++ template<typename TDelegateInterface> ++ struct DelegateArgTraitsHelper<TDelegateInterface, false> { ++ typedef TDelegateInterface Interface; ++ typedef DelegateArgTraits<decltype(&TDelegateInterface::Invoke)> Traits; ++ }; ++ ++ template<typename TDelegateInterface> ++ struct DelegateArgTraitsHelper<TDelegateInterface, true> {}; ++ ++ template<typename TDelegateInterface> ++ HRESULT CreateAgileHelper(TDelegateInterface* delegateInterface, TDelegateInterface** wrapper) { ++ return 0; ++ } ++ } ++ ++ template<typename TDelegateInterface, typename TLambda> ++ ComPtr<typename Details::DelegateArgTraitsHelper<TDelegateInterface>::Interface> Callback(TLambda&& callback) noexcept { ++ return 0; ++ } ++ ++ template<typename TDelegateInterface, typename TFunc> ++ ComPtr<typename Details::DelegateArgTraitsHelper<TDelegateInterface>::Interface> Callback(TFunc* callback) noexcept { ++ return 0; ++ }; ++ ++ template<typename TDelegateInterface, typename TCallbackObject, typename... TArgs> ++ ComPtr<typename Details::DelegateArgTraitsHelper<TDelegateInterface>::Interface> Callback(TCallbackObject *object, HRESULT(TCallbackObject::* method)(TArgs...)) noexcept { ++ return 0; ++ } ++ ++ template<typename TDelegateInterface> ++ HRESULT WeakReferenceCallback(IWeakReferenceSource* innerCallback, TDelegateInterface** callback) { ++ return 0; ++ } ++ ++ template<typename TDelegateInterface> ++ HRESULT WeakReferenceCallback(TDelegateInterface* innerCallback, TDelegateInterface** callback) { ++ return 0; ++ } ++ ++ template<typename T, typename TDelegateInterface, typename ...TArgs> ++ HRESULT WeakReferenceCallback(T* targetObject, HRESULT (T::*targetMethod)(TArgs... args), TDelegateInterface** callback) { ++ return 0; ++ } ++ ++ template<typename T, typename TDelegateInterface, typename ...TArgs> ++ HRESULT WeakReferenceCallback(T* targetObject, HRESULT(T::*targetMethod)(TArgs... args), ::Microsoft::WRL::Details::ComPtrRef< ::Microsoft::WRL::ComPtr<TDelegateInterface>> callback) { ++ return 0; ++ } ++ ++ namespace Details { ++ ++ class EventTargetArray WrlSealed : public ::Microsoft::WRL::RuntimeClass< ::Microsoft::WRL::RuntimeClassFlags<ClassicCom>, IUnknown > { ++ public: ++ EventTargetArray() noexcept {} ++ ++ HRESULT RuntimeClassInitialize(size_t items) noexcept { ++ return 0; ++ } ++ ++ ~EventTargetArray() noexcept ++ { ++ delete[] begin_; ++ delete[] bucketAssists_; ++ } ++ ++ ComPtr<IUnknown>* Begin() noexcept { ++ return nullptr; ++ } ++ ++ ComPtr<IUnknown>* End() noexcept { ++ return nullptr; ++ } ++ ++ void AddTail(IUnknown* element) noexcept { ++ } ++ ++ void AddTail(IUnknown* element, void *bucketAssist) noexcept { ++ } ++ ++ size_t Length() noexcept { ++ return 0; ++ } ++ ++ void **Begin_BucketAssists() { ++ return nullptr; ++ } ++ ++ void **End_BucketAssists() { ++ return nullptr; ++ } ++ ++ private: ++ ComPtr<IUnknown>* begin_; ++ ++ ComPtr<IUnknown>* end_; ++ ++ void **bucketAssists_; ++ }; ++ } ++ ++ template<> ++ struct InvokeTraits<FireAll> ++ { ++ template<typename TInvokeMethod, typename TDelegateInterface> ++ static HRESULT InvokeDelegates(TInvokeMethod invokeOne, Details::EventTargetArray *targetArray, EventSource<TDelegateInterface, InvokeModeOptions<FireAll>>* pEvent) { ++ return 0; ++ } ++ }; ++ ++ template<> ++ struct InvokeTraits<StopOnFirstError> ++ { ++ template<typename TInvokeMethod, typename TDelegateInterface> ++ static HRESULT InvokeDelegates(TInvokeMethod invokeOne, Details::EventTargetArray *targetArray, EventSource<TDelegateInterface, InvokeModeOptions<StopOnFirstError>>* pEvent) { ++ return 0; ++ } ++ }; ++ ++ template<typename TDelegateInterface, typename TEventSourceOptions> ++ class EventSource { ++ public: ++ EventSource() noexcept {} ++ ++ HRESULT Add(TDelegateInterface* delegateInterface, EventRegistrationToken* token) noexcept { ++ return 0; ++ } ++ ++ HRESULT Remove(EventRegistrationToken token) noexcept { ++ return 0; ++ } ++ ++ protected: ++ ++ HRESULT Add(TDelegateInterface* delegateInterface, void *bucketAssist, EventRegistrationToken* token) noexcept { ++ return 0; ++ } ++ ++ private: ++ ++ HRESULT AddInternal(TDelegateInterface* delegateInterface, void *bucketAssist, EventRegistrationToken* token) noexcept { ++ return 0; ++ } ++ ++ template <typename TInvokeMethod> ++ HRESULT DoInvoke(TInvokeMethod invokeOne) noexcept { ++ return 0; ++ } ++ ++ public: ++ template<typename ...TArgs> ++ HRESULT InvokeAll(TArgs... args) noexcept { ++ return 0; ++ } ++ ++ size_t GetSize() const noexcept { ++ return 0; ++ } ++ ++ protected: ++ ComPtr<Details::EventTargetArray> targets_; ++ ++ mutable Wrappers::SRWLock targetsPointerLock_; ++ ++ Wrappers::SRWLock addRemoveLock_; ++ }; ++ } ++} ++ ++#include <poppack.h> ++ ++#endif +diff --git a/mingw-w64-headers/include/wrl/implements.h b/mingw-w64-headers/include/wrl/implements.h +new file mode 100644 +index 000000000..9d5fe962f +--- /dev/null ++++ b/mingw-w64-headers/include/wrl/implements.h +@@ -0,0 +1,619 @@ ++#ifndef _WRL_IMPLEMENTS_H_ ++#define _WRL_IMPLEMENTS_H_ ++ ++#include <weakreference.h> ++ ++#include <wrl\client.h> ++ ++#include <pshpack8.h> ++ ++ ++namespace Microsoft { ++ namespace WRL { ++ template<typename T> ++ struct CloakedIid : T {}; ++ ++ enum RuntimeClassType { ++ WinRt = 0x0001, ++ ClassicCom = 0x0002, ++ WinRtClassicComMix = WinRt | ClassicCom, ++ InhibitWeakReference = 0x0004, ++ Delegate = ClassicCom, ++ InhibitFtmBase = 0x0008, ++ InhibitRoOriginateError = 0x0010 ++ }; ++ ++ template <unsigned int flags> ++ struct RuntimeClassFlags { ++ static const unsigned int value = flags; ++ }; ++ ++ namespace Details { ++ struct ImplementsBase {}; ++ } ++ ++ template<typename Derived, typename MixInType, bool hasImplements> ++ struct MixIn {}; ++ ++ template <typename FactoryInterface> ++ class ComposableBase {}; ++ ++ typedef RuntimeClassFlags<WinRt | InhibitWeakReference> InhibitWeakReferencePolicy; ++ ++ namespace Details { ++ ++ class Nil {}; ++ ++ class DontUseNewUseMake { ++ private: ++ void* operator new(size_t) throw() { ++ return nullptr; ++ } ++ ++ public: ++ void* operator new(size_t, void* placement) throw() { ++ return nullptr; ++ } ++ }; ++ ++ class RuntimeClassBase {}; ++ ++ template <unsigned int RuntimeClassTypeT> ++ class RuntimeClassBaseT : private RuntimeClassBase { ++ protected: ++ template<typename T> ++ static HRESULT AsIID(T* implements, REFIID riid, void **ppvObject) throw() { ++ return 0; ++ } ++ ++ template<typename T> ++ static HRESULT GetImplementedIIDS(T* implements, ULONG *iidCount, IID **iids) throw() { ++ return 0; ++ } ++ ++ public: ++ HRESULT RuntimeClassInitialize() throw() { ++ return 0; ++ } ++ }; ++ ++ class FtmBaseMarker {}; ++ ++ template <typename I, typename Base> ++ struct VerifyInheritanceHelper { ++ static void Verify() throw() {} ++ }; ++ ++ template <typename I> ++ struct VerifyInheritanceHelper<I, Nil> { ++ static void Verify() throw() {} ++ }; ++ } ++ ++ template <typename I0, typename I1, typename I2 = Details::Nil, typename I3 = Details::Nil, ++ typename I4 = Details::Nil, typename I5 = Details::Nil, typename I6 = Details::Nil, ++ typename I7 = Details::Nil, typename I8 = Details::Nil, typename I9 = Details::Nil> ++ struct ChainInterfaces : I0 ++ { ++ protected: ++ template<unsigned int ClassType> ++ static void Verify() throw() {} ++ ++ HRESULT CanCastTo(REFIID riid, void **ppv) throw() { ++ return 0; ++ } ++ ++ IUnknown* CastToUnknown() throw() { ++ return nullptr; ++ } ++ ++ static const unsigned long IidCount; ++ ++ static void FillArrayWithIid(unsigned long *index, IID* iids) throw() {} ++ }; ++ ++ template <typename DerivedType, typename BaseType, bool hasImplements, typename I1, typename I2, typename I3, ++ typename I4, typename I5, typename I6, ++ typename I7, typename I8, typename I9> ++ struct ChainInterfaces<MixIn<DerivedType, BaseType, hasImplements>, I1, I2, I3, I4, I5, I6, I7, I8, I9> ++ { ++ protected: ++ template<unsigned int ClassType> ++ static void Verify() throw() {} ++ ++ HRESULT CanCastTo(REFIID riid, void **ppv) throw() { ++ return 0; ++ } ++ ++ IUnknown* CastToUnknown() throw() { ++ return nullptr; ++ } ++ ++ static const unsigned long IidCount; ++ ++ static void FillArrayWithIid(unsigned long *index, IID* iids) throw() {} ++ }; ++ ++ namespace Details { ++ template <typename RuntimeClassFlagsT, bool doStrictCheck, typename ...TInterfaces> ++ struct __declspec(novtable) ImplementsHelper; ++ ++ template <typename RuntimeClassFlagsT, bool doStrictCheck, typename I0, typename ...TInterfaces> ++ struct __declspec(novtable) ImplementsHelper<RuntimeClassFlagsT, doStrictCheck, I0, TInterfaces...> : I0, ImplementsHelper<RuntimeClassFlagsT, true, TInterfaces...> { ++ protected: ++ template <unsigned int RuntimeClassTypeT> friend class Details::RuntimeClassBaseT; ++ ++ template <bool IsDelegateToClass> ++ HRESULT CanCastToHelper(REFIID riid, void **ppv, bool *pRefDelegated) throw(); ++ ++ template <> ++ HRESULT inline CanCastToHelper<true>(REFIID riid, void **ppv, bool *pRefDelegated) throw() { ++ return 0; ++ } ++ ++ template <> ++ HRESULT inline CanCastToHelper<false>(REFIID riid, void **ppv, bool *pRefDelegated) throw() { ++ return 0; ++ } ++ ++ HRESULT CanCastTo(REFIID riid, void **ppv, bool *pRefDelegated) throw() { ++ return 0; ++ } ++ ++ template <bool IsDelegateToClass> IUnknown* CastToUnknownHelper() throw(); ++ ++ template <> inline IUnknown* CastToUnknownHelper<true>() throw() { ++ return nullptr; ++ } ++ ++ template <> inline IUnknown* CastToUnknownHelper<false>() throw() { ++ return nullptr; ++ } ++ ++ IUnknown* CastToUnknown() throw() { ++ return nullptr; ++ } ++ ++ template <bool IsDelegateToClass> long GetIidCountHelper() throw(); ++ ++ template <> inline long GetIidCountHelper<true>() throw() { ++ return 0; ++ } ++ ++ template <> inline long GetIidCountHelper<false>() throw() { ++ return 0; ++ } ++ ++ unsigned long GetIidCount() throw() { ++ return 0; ++ } ++ ++ template <bool IsDelegateToClass> void FillArrayWithIidHelper(unsigned long *index, IID* iids) throw(); ++ ++ template <> inline void FillArrayWithIidHelper<true>(unsigned long *index, IID* iids) throw() {} ++ ++ template <> inline void FillArrayWithIidHelper<false>(unsigned long *index, IID* iids) throw() {} ++ ++ void FillArrayWithIid(unsigned long *index, IID* iids) throw() {} ++ }; ++ ++ template <typename RuntimeClassFlagsT, bool doStrictCheck, typename ...TInterfaces> ++ struct __declspec(novtable) ImplementsHelper<RuntimeClassFlagsT, doStrictCheck, Details::Nil, TInterfaces...> : ImplementsHelper<RuntimeClassFlagsT, doStrictCheck, TInterfaces...> { ++ protected: ++ template <unsigned int RuntimeClassTypeT> friend class Details::RuntimeClassBaseT; ++ ++ HRESULT CanCastTo(REFIID riid, void **ppv, bool * pRefDelegated) throw() { ++ return 0; ++ } ++ ++ unsigned long GetIidCount() throw() { ++ return 0; ++ } ++ ++ void FillArrayWithIid(unsigned long *index, IID* iids) throw() {} ++ }; ++ ++ template <typename RuntimeClassFlagsT, bool doStrictCheck> ++ struct __declspec(novtable) ImplementsHelper<RuntimeClassFlagsT, doStrictCheck> ++ { ++ protected: ++ template <unsigned int RuntimeClassTypeT> friend class Details::RuntimeClassBaseT; ++ ++ HRESULT CanCastTo(REFIID, void **, bool*) throw() { ++ return 0; ++ } ++ ++ unsigned long GetIidCount() throw() { ++ return 0; ++ } ++ ++ void FillArrayWithIid(unsigned long*, IID*) throw() {} ++ }; ++ ++ template <typename RuntimeClassFlagsT, bool doStrictCheck, typename I0, typename ...TInterfaces> ++ struct __declspec(novtable) ImplementsHelper<RuntimeClassFlagsT, doStrictCheck, CloakedIid<I0>, TInterfaces...> : ImplementsHelper<RuntimeClassFlagsT, doStrictCheck, I0>, ImplementsHelper<RuntimeClassFlagsT, true, TInterfaces...> { ++ protected: ++ template <unsigned int RuntimeClassTypeT> friend class Details::RuntimeClassBaseT; ++ ++ HRESULT CanCastTo(REFIID riid, void **ppv, bool *pRefDelegated) throw() { ++ return 0; ++ } ++ ++ IUnknown* CastToUnknown() throw() { ++ return 0; ++ } ++ ++ unsigned long GetIidCount() throw() { ++ return 0; ++ } ++ ++ void FillArrayWithIid(unsigned long *index, IID* iids) throw() {} ++ }; ++ ++ template <typename RuntimeClassFlagsT, bool doStrictCheck, typename C0, typename C1, typename C2, typename C3, typename C4, typename C5, typename C6, typename C7, typename C8, typename C9, typename ...TInterfaces> ++ struct __declspec(novtable) ImplementsHelper<RuntimeClassFlagsT, doStrictCheck, ChainInterfaces<C0, C1, C2, C3, C4, C5, C6, C7, C8, C9>, TInterfaces...> : ChainInterfaces<C0, C1, C2, C3, C4, C5, C6, C7, C8, C9>, ImplementsHelper<RuntimeClassFlagsT, true, TInterfaces...> { ++ protected: ++ template <unsigned int RuntimeClassTypeT> friend class Details::RuntimeClassBaseT; ++ ++ HRESULT CanCastTo(REFIID riid, void **ppv, bool *pRefDelegated) throw() { ++ return 0; ++ } ++ ++ IUnknown* CastToUnknown() throw() { ++ return nullptr; ++ } ++ ++ unsigned long GetIidCount() throw() { ++ return 0; ++ } ++ ++ void FillArrayWithIid(unsigned long *index, IID* iids) throw() {} ++ }; ++ ++ template <typename RuntimeClassFlagsT, typename DerivedType, typename BaseType, bool hasImplements, typename ...TInterfaces, bool doStrictCheck> ++ struct __declspec(novtable) ImplementsHelper<RuntimeClassFlagsT, doStrictCheck, MixIn<DerivedType, BaseType, hasImplements>, TInterfaces...> : ImplementsHelper<RuntimeClassFlagsT, true, TInterfaces...> { ++ protected: ++ template <unsigned int RuntimeClassTypeT> friend class Details::RuntimeClassBaseT; ++ ++ HRESULT CanCastTo(REFIID riid, void **ppv, bool *pRefDelegated) throw() { ++ return 0; ++ } ++ ++ IUnknown* CastToUnknown() throw() { ++ return nullptr; ++ } ++ ++ unsigned long GetIidCount() throw() { ++ return 0; ++ } ++ ++ void FillArrayWithIid(unsigned long *index, IID* iids) throw() {} ++ }; ++ ++ template <typename I0, typename ...> ++ struct AreAllNil { ++ static const bool value = false; ++ }; ++ ++ template <typename ...TInterfaces> ++ struct AreAllNil<Microsoft::WRL::Details::Nil, TInterfaces...> { ++ static const bool value = AreAllNil<TInterfaces...>::value; ++ }; ++ ++ template <> ++ struct AreAllNil<Microsoft::WRL::Details::Nil> { ++ static const bool value = true; ++ }; ++ ++ template <typename RuntimeClassFlagsT, typename FactoryInterface, bool doStrictCheck, typename ...TInterfaces> ++ struct __declspec(novtable) ImplementsHelper<RuntimeClassFlagsT, doStrictCheck, ComposableBase<FactoryInterface>, TInterfaces...> : ImplementsHelper<RuntimeClassFlagsT, true, ComposableBase<FactoryInterface>> { ++ protected: ++ template <unsigned int RuntimeClassTypeT> friend class Details::RuntimeClassBaseT; ++ ++ typedef ImplementsHelper<RuntimeClassFlagsT, true, ComposableBase<FactoryInterface>> Base; ++ ++ HRESULT CanCastTo(REFIID riid, void **ppv, bool *pRefDelegated) throw() { ++ return 0; ++ } ++ ++ IUnknown* CastToUnknown() throw() { ++ return 0; ++ } ++ ++ unsigned long GetIidCount() throw() { ++ return 0; ++ } ++ ++ void FillArrayWithIid(unsigned long *index, IID* iids) throw() {} ++ }; ++ ++ template <typename RuntimeClassFlagsT, typename FactoryInterface, bool doStrictCheck> ++ struct __declspec(novtable) ImplementsHelper<RuntimeClassFlagsT, doStrictCheck, ComposableBase<FactoryInterface>> { ++ protected: ++ template <unsigned int RuntimeClassTypeT> friend class Details::RuntimeClassBaseT; ++ ++ HRESULT CanCastTo(REFIID riid, void **ppv, bool *pRefDelegated) throw() { ++ return 0; ++ } ++ ++ IUnknown* CastToUnknown() throw() { ++ return nullptr; ++ } ++ ++ unsigned long GetIidCount() throw() { ++ return 0; ++ } ++ ++ void FillArrayWithIid(unsigned long *index, IID* iids) throw() {} ++ ++ ImplementsHelper() throw() {} ++ ++ ~ImplementsHelper() throw() {} ++ ++ public: ++ HRESULT SetComposableBasePointers(IInspectable* base, FactoryInterface* baseFactory) throw() { ++ return 0; ++ } ++ ++ ComPtr<IInspectable> GetComposableBase() throw() { ++ return composableBase_; ++ } ++ ++ ComPtr<FactoryInterface> GetComposableBaseFactory() throw() { ++ return composableBaseFactory_; ++ } ++ ++ private: ++ ComPtr<IInspectable> composableBase_; ++ ++ ComPtr<FactoryInterface> composableBaseFactory_; ++ ++ IID *iidsCached_; ++ ++ unsigned long iidCount_; ++ }; ++ ++ } ++ ++ template <typename I0, typename ...TInterfaces> ++ struct __declspec(novtable) Implements : Details::ImplementsHelper<RuntimeClassFlags<WinRt>, true, I0, TInterfaces...>, Details::ImplementsBase { ++ public: ++ typedef RuntimeClassFlags<WinRt> ClassFlags; ++ ++ typedef I0 FirstInterface; ++ ++ protected: ++ HRESULT CanCastTo(REFIID riid, void **ppv) throw() { ++ return 0; ++ } ++ ++ IUnknown* CastToUnknown() throw() { ++ return nullptr; ++ } ++ ++ unsigned long GetIidCount() throw() { ++ return 0; ++ } ++ ++ void FillArrayWithIid(unsigned long *index, IID* iids) throw() {} ++ }; ++ ++ template <int flags, typename I0, typename ...TInterfaces> ++ struct __declspec(novtable) Implements<RuntimeClassFlags<flags>, I0, TInterfaces...> : Details::ImplementsHelper<RuntimeClassFlags<flags>, true, I0, TInterfaces...>, Details::ImplementsBase { ++ public: ++ typedef RuntimeClassFlags<flags> ClassFlags; ++ ++ typedef I0 FirstInterface; ++ ++ protected: ++ HRESULT CanCastTo(REFIID riid, void **ppv) throw() { ++ return 0; ++ } ++ ++ IUnknown* CastToUnknown() throw() { ++ return nullptr; ++ } ++ ++ unsigned long GetIidCount() throw() { ++ return 0; ++ } ++ ++ void FillArrayWithIid(unsigned long *index, IID* iids) throw() {} ++ }; ++ ++ class FtmBase : public Implements< ::Microsoft::WRL::RuntimeClassFlags<WinRtClassicComMix>, ::Microsoft::WRL::CloakedIid< ::IMarshal> >, private ::Microsoft::WRL::Details::FtmBaseMarker { ++ protected: ++ template <typename RuntimeClassFlagsT, bool doStrictCheck, typename ...TInterfaces> friend struct Details::ImplementsHelper; ++ ++ HRESULT CanCastTo(REFIID riid, void **ppv) throw() { ++ return 0; ++ } ++ ++ public: ++ FtmBase() throw() {} ++ ++ STDMETHOD(GetUnmarshalClass)(REFIID riid, void *pv, DWORD dwDestContext, void *pvDestContext, DWORD mshlflags, CLSID *pCid) override { ++ return 0; ++ } ++ ++ STDMETHOD(GetMarshalSizeMax)(REFIID riid, void *pv, DWORD dwDestContext, void *pvDestContext, DWORD mshlflags, DWORD *pSize) override { ++ return 0; ++ } ++ ++ STDMETHOD(MarshalInterface)(IStream *pStm, REFIID riid, void *pv, DWORD dwDestContext, void *pvDestContext, DWORD mshlflags) override { ++ return 0; ++ } ++ ++ STDMETHOD(UnmarshalInterface)(IStream *pStm, REFIID riid, void **ppv) override { ++ return 0; ++ } ++ ++ STDMETHOD(ReleaseMarshalData)(IStream *pStm) override { ++ return 0; ++ } ++ ++ STDMETHOD(DisconnectObject)(DWORD dwReserved) override { ++ return 0; ++ } ++ ++ static HRESULT CreateGlobalInterfaceTable(IGlobalInterfaceTable **git) throw() { ++ return 0; ++ } ++ ++ ::Microsoft::WRL::ComPtr<IMarshal> marshaller_; ++ }; ++ ++ namespace Details { ++ #define DETAILS_RTCLASS_FLAGS_ARGUMENTS(RuntimeClassFlagsT) \ ++ RuntimeClassFlagsT, \ ++ (RuntimeClassFlagsT::value & InhibitWeakReference) == 0, \ ++ (RuntimeClassFlagsT::value & WinRt) == WinRt, \ ++ __WRL_IMPLEMENTS_FTM_BASE__(RuntimeClassFlagsT::value) \ ++ ++ template <class RuntimeClassFlagsT, bool implementsWeakReferenceSource, bool implementsInspectable, bool implementsFtmBase, typename ...TInterfaces> ++ class __declspec(novtable) RuntimeClassImpl; ++ ++ template <class RuntimeClassFlagsT, bool implementsWeakReferenceSource, bool implementsFtmBase, typename ...TInterfaces> ++ class __declspec(novtable) RuntimeClassImpl<RuntimeClassFlagsT, implementsWeakReferenceSource, false, implementsFtmBase, TInterfaces...> : public Details::ImplementsHelper<RuntimeClassFlagsT, false, TInterfaces...>, public RuntimeClassBaseT<RuntimeClassFlagsT::value>, protected RuntimeClassFlags<InhibitWeakReference>, public DontUseNewUseMake { ++ public: ++ typedef RuntimeClassFlagsT ClassFlags; ++ ++ STDMETHOD(QueryInterface)(REFIID riid, void **ppvObject) { ++ return 0; ++ } ++ ++ STDMETHOD_(ULONG, AddRef)() { ++ return 0; ++ } ++ ++ STDMETHOD_(ULONG, Release)() { ++ return 0; ++ } ++ ++ protected: ++ RuntimeClassImpl() throw() {} ++ ++ virtual ~RuntimeClassImpl() throw() {} ++ ++ unsigned long InternalAddRef() throw() { ++ return 0; ++ } ++ ++ unsigned long InternalRelease() throw() { ++ return 0; ++ } ++ ++ unsigned long GetRefCount() const throw() { ++ return 0; ++ } ++ ++ friend class WeakReferenceImpl; ++ ++ private: ++ volatile long refcount_; ++ }; ++ ++ template<typename I, bool isImplementsBased = __is_base_of(ImplementsBase, I)> ++ struct HasIInspectable; ++ ++ template<typename I> ++ struct HasIInspectable<I, false> { ++ static const bool isIInspectable; ++ }; ++ ++ template<typename I> ++ struct HasIInspectable<I, true> { ++ static const bool isIInspectable; ++ }; ++ ++ template<typename I0, bool isIInspectable = true> ++ struct IInspectableInjector; ++ ++ template<typename I0> ++ struct IInspectableInjector<I0, true> { ++ typedef Details::Nil InspectableIfNeeded; ++ }; ++ ++ template<typename I0> ++ struct IInspectableInjector<I0, false> { ++ typedef IInspectable InspectableIfNeeded; ++ }; ++ ++ template <class RuntimeClassFlagsT, typename I0, typename ...TInterfaces> ++ class __declspec(novtable) RuntimeClassImpl<RuntimeClassFlagsT, false, true, false, I0, TInterfaces...> : public Details::ImplementsHelper<RuntimeClassFlagsT, false, typename IInspectableInjector<I0>::InspectableIfNeeded, I0, TInterfaces...>, public RuntimeClassBaseT<RuntimeClassFlagsT::value>, protected RuntimeClassFlags<InhibitWeakReference>, public DontUseNewUseMake { ++ public: ++ typedef RuntimeClassFlagsT ClassFlags; ++ ++ STDMETHOD(QueryInterface)(REFIID riid, void **ppvObject) { ++ return 0; ++ } ++ ++ STDMETHOD_(ULONG, AddRef)() { ++ return 0; ++ } ++ ++ STDMETHOD_(ULONG, Release)() { ++ return 0; ++ } ++ ++ STDMETHOD(GetIids)(ULONG *iidCount, IID **iids) { ++ return 0; ++ } ++ ++ protected: ++ RuntimeClassImpl() throw() {} ++ ++ virtual ~RuntimeClassImpl() throw() {} ++ ++ unsigned long InternalAddRef() throw() { ++ return 0; ++ } ++ ++ unsigned long InternalRelease() throw() { ++ return 0; ++ } ++ ++ unsigned long GetRefCount() const throw() { ++ return 0; ++ } ++ ++ private: ++ volatile long refcount_; ++ }; ++ ++ template <class RuntimeClassFlagsT, typename I0, typename ...TInterfaces> ++ class __declspec(novtable) RuntimeClassImpl<RuntimeClassFlagsT, false, true, true, I0, TInterfaces...> : public RuntimeClassImpl<RuntimeClassFlagsT, false, true, false, I0, TInterfaces...> {}; ++ ++ template <class RuntimeClassFlagsT, typename I0, typename ...TInterfaces> ++ class __declspec(novtable) RuntimeClassImpl<RuntimeClassFlagsT, true, true, true, I0, TInterfaces...> : public RuntimeClassImpl<RuntimeClassFlagsT, true, true, false, I0, FtmBase, TInterfaces...> {}; ++ } ++ ++ template <typename ...TInterfaces> ++ class RuntimeClass : public Details::RuntimeClassImpl<DETAILS_RTCLASS_FLAGS_ARGUMENTS(RuntimeClassFlags<WinRt>), TInterfaces...> { ++ RuntimeClass(const RuntimeClass&); ++ ++ RuntimeClass& operator=(const RuntimeClass&); ++ ++ public: ++ RuntimeClass() throw() {} ++ ++ typedef RuntimeClass RuntimeClassT; ++ }; ++ ++ template <unsigned int classFlags, typename ...TInterfaces> ++ class RuntimeClass<RuntimeClassFlags<classFlags>, TInterfaces...> : public Details::RuntimeClassImpl<DETAILS_RTCLASS_FLAGS_ARGUMENTS(RuntimeClassFlags<classFlags>), TInterfaces...> { ++ RuntimeClass(const RuntimeClass&); ++ ++ RuntimeClass& operator=(const RuntimeClass&); ++ ++ public: ++ RuntimeClass() throw() {} ++ ++ typedef RuntimeClass RuntimeClassT; ++ }; ++ } ++} ++ ++#include <poppack.h> ++ ++#endif +diff --git a/mingw-w64-headers/include/wrl/internal.h b/mingw-w64-headers/include/wrl/internal.h +index 715ef74e3..dffa7153d 100644 +--- a/mingw-w64-headers/include/wrl/internal.h ++++ b/mingw-w64-headers/include/wrl/internal.h +@@ -7,6 +7,8 @@ + #ifndef _WRL_INTERNAL_H_ + #define _WRL_INTERNAL_H_ + ++#define __WRL_IMPLEMENTS_FTM_BASE__(flags) (false) ++ + #include <windows.h> + + namespace Microsoft { +@@ -29,6 +31,26 @@ namespace Microsoft { + struct EnableIf<true, T> { + typedef T type; + }; ++ ++ template<class T> ++ struct RemoveReference { ++ typedef T Type; ++ }; ++ ++ template<class T> ++ struct RemoveReference<T&> { ++ typedef T Type; ++ }; ++ ++ template<class T> ++ struct RemoveReference<T&&> { ++ typedef T Type; ++ }; ++ ++ template<class T> ++ inline typename RemoveReference<T>::Type&& Move(T&& arg) throw() { ++ return nullptr; ++ } + } + } + } +diff --git a/mingw-w64-headers/include/wrl/wrappers/corewrappers.h b/mingw-w64-headers/include/wrl/wrappers/corewrappers.h +index 221d9cc8f..4b15f43ec 100644 +--- a/mingw-w64-headers/include/wrl/wrappers/corewrappers.h ++++ b/mingw-w64-headers/include/wrl/wrappers/corewrappers.h +@@ -22,6 +22,129 @@ namespace Microsoft { + } + + namespace Wrappers { ++ namespace HandleTraits { ++ struct SRWLockSharedTraits { ++ typedef SRWLOCK* Type; ++ ++ inline static Type GetInvalidValue() throw() { ++ return nullptr; ++ } ++ ++ inline static void Unlock(Type srwlock) throw() {} ++ }; ++ ++ struct SRWLockExclusiveTraits { ++ typedef SRWLOCK* Type; ++ ++ inline static Type GetInvalidValue() throw() { ++ return nullptr; ++ } ++ ++ inline static void Unlock(Type srwlock) throw() {} ++ }; ++ } ++ ++ class SRWLock; ++ ++ namespace Details { ++ class SyncLockExclusive { ++ public: ++ SyncLockExclusive(SyncLockExclusive&& other) throw() {} ++ ++ SyncLockExclusive(const SyncLockExclusive&); ++ SyncLockExclusive& operator=(const SyncLockExclusive&); ++ ++ ~SyncLockExclusive() throw() {} ++ ++ void Unlock() throw() {} ++ ++ bool IsLocked() const throw() { ++ return 0; ++ } ++ ++ friend class Wrappers::SRWLock; ++ ++ protected: ++ explicit SyncLockExclusive(SRWLOCK* sync) throw() {} ++ ++ SRWLOCK* sync_; ++ ++ private: ++ void InternalUnlock() throw() {} ++ }; ++ ++ class SyncLockShared { ++ public: ++ SyncLockShared(SyncLockShared&& other) throw() {} ++ ++ SyncLockShared(const SyncLockShared&); ++ SyncLockShared& operator=(const SyncLockShared&); ++ ++ ~SyncLockShared() throw() {} ++ ++ void Unlock() throw() {} ++ ++ bool IsLocked() const throw() { ++ return 0; ++ } ++ ++ friend class Wrappers::SRWLock; ++ ++ protected: ++ explicit SyncLockShared(SRWLOCK* sync) throw() {} ++ ++ SRWLOCK* sync_; ++ ++ private: ++ void InternalUnlock() throw() {} ++ }; ++ } ++ ++ class SRWLock { ++ public: ++ SRWLock() throw() {} ++ ++ SRWLock(const SRWLock&) = delete; ++ SRWLock& operator=(const SRWLock&) = delete; ++ ++ ~SRWLock() throw() {} ++ ++ Details::SyncLockExclusive LockExclusive() throw() { ++ return Details::SyncLockExclusive(nullptr); ++ } ++ ++ static Details::SyncLockExclusive LockExclusive(SRWLOCK* lock) throw() { ++ return Details::SyncLockExclusive(nullptr); ++ } ++ ++ Details::SyncLockExclusive TryLockExclusive() throw() { ++ return Details::SyncLockExclusive(nullptr); ++ } ++ ++ static Details::SyncLockExclusive TryLockExclusive(SRWLOCK* lock) throw() { ++ return Details::SyncLockExclusive(nullptr); ++ } ++ ++ Details::SyncLockShared LockShared() throw() { ++ return Details::SyncLockShared(nullptr); ++ } ++ ++ static Details::SyncLockShared LockShared(SRWLOCK* lock) throw() { ++ return Details::SyncLockShared(nullptr); ++ } ++ ++ Details::SyncLockShared TryLockShared() throw() { ++ return Details::SyncLockShared(nullptr); ++ } ++ ++ static Details::SyncLockShared TryLockShared(SRWLOCK* lock) throw() { ++ return Details::SyncLockShared(nullptr); ++ } ++ ++ protected: ++ SRWLOCK SRWLock_; ++ }; ++ + class HStringReference { + private: + void Init(const wchar_t* str, unsigned int len) { View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/0… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/0… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-14.0] Bug 43245: Use separate entitlements for signing tor
by morgan (＠morgan) 31 Oct '24

31 Oct '24

morgan pushed to branch maint-14.0 at The Tor Project / Applications / tor-browser-build Commits: 4a836c67 by Nicolas Vigier at 2024-10-31T18:20:36+00:00 Bug 43245: Use separate entitlements for signing tor Use a separate entitlements file for signing the tor binary, with `com.apple.security.cs.allow-unsigned-executable-memory` enabled. - - - - - 2 changed files: - + tools/signing/macos-entitlements/tor.xml - tools/signing/wrappers/sign-rcodesign-128 Changes: ===================================== tools/signing/macos-entitlements/tor.xml ===================================== @@ -0,0 +1,17 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> + +<plist version="1.0"> + <dict> +  + <key>com.apple.security.cs.allow-unsigned-executable-memory</key><true/> + +  + <key>com.apple.security.cs.disable-library-validation</key><true/> + + <key>com.apple.security.cs.allow-jit</key><true/> + </dict> +</plist> ===================================== tools/signing/wrappers/sign-rcodesign-128 ===================================== @@ -82,6 +82,7 @@ $rcodesign sign \ --code-signature-flags Contents/Frameworks/ChannelPrefs.framework:runtime \ --code-signature-flags Contents/MacOS/plugin-container.app:runtime \ --code-signature-flags Contents/MacOS/media-plugin-helper.app:runtime \ + --entitlements-xml-path Contents/MacOS/Tor/tor:/signing/tor-browser-build/tools/signing/macos-entitlements/tor.xml \ --entitlements-xml-path Contents/MacOS/plugin-container.app:/signing/tor-browser-build/tools/signing/macos-entitlements/plugin-container.xml \ --entitlements-xml-path Contents/MacOS/media-plugin-helper.app:/signing/tor-browser-build/tools/signing/macos-entitlements/media-plugin-helper.xml \ --entitlements-xml-path /signing/tor-browser-build/tools/signing/macos-entitlements/firefox.browser.xml \ View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/4… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/4… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 43245: Use separate entitlements for signing tor
by morgan (＠morgan) 31 Oct '24

31 Oct '24

morgan pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: c4fb2737 by Nicolas Vigier at 2024-10-31T18:19:37+00:00 Bug 43245: Use separate entitlements for signing tor Use a separate entitlements file for signing the tor binary, with `com.apple.security.cs.allow-unsigned-executable-memory` enabled. - - - - - 2 changed files: - + tools/signing/macos-entitlements/tor.xml - tools/signing/wrappers/sign-rcodesign-128 Changes: ===================================== tools/signing/macos-entitlements/tor.xml ===================================== @@ -0,0 +1,17 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> + +<plist version="1.0"> + <dict> +  + <key>com.apple.security.cs.allow-unsigned-executable-memory</key><true/> + +  + <key>com.apple.security.cs.disable-library-validation</key><true/> + + <key>com.apple.security.cs.allow-jit</key><true/> + </dict> +</plist> ===================================== tools/signing/wrappers/sign-rcodesign-128 ===================================== @@ -82,6 +82,7 @@ $rcodesign sign \ --code-signature-flags Contents/Frameworks/ChannelPrefs.framework:runtime \ --code-signature-flags Contents/MacOS/plugin-container.app:runtime \ --code-signature-flags Contents/MacOS/media-plugin-helper.app:runtime \ + --entitlements-xml-path Contents/MacOS/Tor/tor:/signing/tor-browser-build/tools/signing/macos-entitlements/tor.xml \ --entitlements-xml-path Contents/MacOS/plugin-container.app:/signing/tor-browser-build/tools/signing/macos-entitlements/plugin-container.xml \ --entitlements-xml-path Contents/MacOS/media-plugin-helper.app:/signing/tor-browser-build/tools/signing/macos-entitlements/media-plugin-helper.xml \ --entitlements-xml-path /signing/tor-browser-build/tools/signing/macos-entitlements/firefox.browser.xml \ View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/c… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/c… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 41243: Use separate entitlements for signing tor
by morgan (＠morgan) 31 Oct '24

31 Oct '24

morgan pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 429a5220 by Nicolas Vigier at 2024-10-31T17:35:09+01:00 Bug 41243: Use separate entitlements for signing tor Use a separate entitlements file for signing the tor binary, with `com.apple.security.cs.allow-unsigned-executable-memory` enabled. - - - - - 2 changed files: - + tools/signing/macos-entitlements/tor.xml - tools/signing/wrappers/sign-rcodesign-128 Changes: ===================================== tools/signing/macos-entitlements/tor.xml ===================================== @@ -0,0 +1,17 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> + +<plist version="1.0"> + <dict> +  + <key>com.apple.security.cs.allow-unsigned-executable-memory</key><true/> + +  + <key>com.apple.security.cs.disable-library-validation</key><true/> + + <key>com.apple.security.cs.allow-jit</key><true/> + </dict> +</plist> ===================================== tools/signing/wrappers/sign-rcodesign-128 ===================================== @@ -82,6 +82,7 @@ $rcodesign sign \ --code-signature-flags Contents/Frameworks/ChannelPrefs.framework:runtime \ --code-signature-flags Contents/MacOS/plugin-container.app:runtime \ --code-signature-flags Contents/MacOS/media-plugin-helper.app:runtime \ + --entitlements-xml-path Contents/MacOS/Tor/tor:/signing/tor-browser-build/tools/signing/macos-entitlements/tor.xml \ --entitlements-xml-path Contents/MacOS/plugin-container.app:/signing/tor-browser-build/tools/signing/macos-entitlements/plugin-container.xml \ --entitlements-xml-path Contents/MacOS/media-plugin-helper.app:/signing/tor-browser-build/tools/signing/macos-entitlements/media-plugin-helper.xml \ --entitlements-xml-path /signing/tor-browser-build/tools/signing/macos-entitlements/firefox.browser.xml \ View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/4… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/4… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.4.0esr-14.5-1] 2 commits: fixup! Bug 42305: Add script to combine translation files across versions.
by Pier Angelo Vendrame (＠pierov) 31 Oct '24

31 Oct '24

Pier Angelo Vendrame pushed to branch tor-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: 7b61c406 by Henry Wilkes at 2024-10-31T10:32:12+00:00 fixup! Bug 42305: Add script to combine translation files across versions. Bug 43272: Fix git fetch in translation CI script. - - - - - 3f690c6b by Henry Wilkes at 2024-10-31T10:47:28+00:00 fixup! Add CI for Tor Browser Bug 43272: Run translation CI whenever CI script changes. - - - - - 2 changed files: - .gitlab/ci/update-translations.yml - tools/torbrowser/l10n/combine-translation-versions.py Changes: ===================================== .gitlab/ci/update-translations.yml ===================================== @@ -7,6 +7,9 @@ - "**/*.properties" - "**/*.dtd" - "**/*strings.xml" + - "**/update-translations.yml" + - "**/l10n/combine/combine.py" + - "**/l10n/combine-translation-versions.py" - if: $FORCE_UPDATE_TRANSLATIONS == "true" variables: TOR_BROWSER_COMBINED_FILES_JSON: "combined-translation-files.json" ===================================== tools/torbrowser/l10n/combine-translation-versions.py ===================================== @@ -145,7 +145,7 @@ class BrowserBranch: # Minimal fetch of non-HEAD branch to get the file paths. # Individual file blobs will be downloaded as needed. git_run( - ["fetch", "--depth=1", "--filter=blob:none", "origin", self._ref] + ["fetch", "--depth=1", "--filter=blob:none", "origin", self.name] ) self._file_paths = git_lines( ["ls-tree", "-r", "--format=%(path)", self._ref] @@ -178,7 +178,7 @@ def get_stable_branch( # Moreover, we *assume* that the branch with the most recent ESR version # with such a tag will be used in the *next* stable build in # tor-browser-build. - tag_glob = f"{compare_version.prefix}-*esr-*-*-build1" + tag_glob = f"{compare_version.prefix}-*-build1" # To speed up, only fetch the tags without blobs. git_run( @@ -188,10 +188,15 @@ def get_stable_branch( legacy_branches = [] stable_annotation_regex = re.compile(r"\bstable\b") legacy_annotation_regex = re.compile(r"\blegacy\b") + tag_pattern = re.compile( + rf"^{re.escape(compare_version.prefix)}-[^-]+esr-[^-]+-[^-]+-build1$" + ) for build_tag, annotation in ( line.split(" ", 1) for line in git_lines(["tag", "-n1", "--list", tag_glob]) ): + if not tag_pattern.match(build_tag): + continue is_stable = bool(stable_annotation_regex.search(annotation)) is_legacy = bool(legacy_annotation_regex.search(annotation)) if not is_stable and not is_legacy: View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/8dbd8d… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/8dbd8d… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/torbrowser-launcher][main] 2 commits: AppArmor: remove duplicate rule
by asciiwolf (＠asciiwolf) 31 Oct '24

31 Oct '24

asciiwolf pushed to branch main at The Tor Project / Applications / torbrowser-launcher Commits: 9f55ecec by intrigeri at 2024-10-15T11:17:37+00:00 AppArmor: remove duplicate rule We include the gnome abstraction, which itself includes the X abstraction, so at least in theory including the X abstraction explicitly should be a no-op. It looks like adding this line was done based on an incorrect assumption (that Lubuntu does not include the gnome abstraction), and even if that assumption were correct, adding this line would not fix the problem (because the parser would fail to compile the profile regardless). - https://gitlab.torproject.org/tpo/applications/torbrowser-launcher/-/merge_… - https://gitlab.torproject.org/tpo/applications/torbrowser-launcher/-/merge_… If there's ever evidence of a system where this line actually solves a problem, we can reconsider, and I'll be very curious to understand why. - - - - - a82c1a02 by asciiwolf at 2024-10-31T10:16:38+00:00 Merge branch 'remove-duplicate-rule' into 'main' AppArmor: remove duplicate rule See merge request tpo/applications/torbrowser-launcher!18 - - - - - 1 changed file: - apparmor/torbrowser.Browser.firefox Changes: ===================================== apparmor/torbrowser.Browser.firefox ===================================== @@ -12,7 +12,6 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} { #include <abstractions/opencl> #include if exists <abstractions/vulkan> #include if exists <abstractions/dbus-session> - #include if exists <abstractions/X> deny capability sys_ptrace, View it on GitLab: https://gitlab.torproject.org/tpo/applications/torbrowser-launcher/-/compar… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/torbrowser-launcher/-/compar… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.4.0esr-14.5-1] 7 commits: fixup! Lox integration
by Pier Angelo Vendrame (＠pierov) 31 Oct '24

31 Oct '24

Pier Angelo Vendrame pushed to branch tor-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: 5ebc9fc7 by Henry Wilkes at 2024-10-30T16:13:30+00:00 fixup! Lox integration Bug 42597: Fix `#updatePubkeys`. - - - - - 704133b3 by Henry Wilkes at 2024-10-30T16:13:31+00:00 fixup! Lox integration Bug 42597: Fix generateInvite. We make sure to call handle_issue_invite to convert the response from "issueinvite" into credentials. We also stop stringifying the lox credentials, which are already a string. - - - - - 27ec12e5 by Henry Wilkes at 2024-10-30T16:13:32+00:00 fixup! Lox integration Bug 42597: Made sure we're always using `JSON.parse(request).request` where `request` is generated by lox_wasm. - - - - - 8ca54076 by Henry Wilkes at 2024-10-30T16:24:48+00:00 fixup! Lox integration Bug 42597: Move duplicate logic into `#makeRequest`. Moreover, we pass in the common fetch arguments into buildPostRequest and treat the return value as a string instead of a JSON object. - - - - - d7c52d55 by Henry Wilkes at 2024-10-30T16:26:16+00:00 fixup! Lox integration Bug 42597: Refactor error handling. A lot of the errors can be propagated to the caller. - - - - - f08fc6e4 by Henry Wilkes at 2024-10-30T16:26:17+00:00 fixup! Bug 40597: Implement TorSettings module Bug 42597: Make buildPostRequest accept fetch arguments. This allows the request to buildPostRequest in the Lox module use the same arguments that would be passed to `fetch`. Also, return the text stream, rather than JSON. - - - - - 8dbd8dd6 by Henry Wilkes at 2024-10-30T16:26:18+00:00 fixup! Lox integration Bug 42597: Add note for missing trusted invites. - - - - - 3 changed files: - toolkit/components/lox/Lox.sys.mjs - toolkit/modules/DomainFrontedRequests.sys.mjs - toolkit/modules/Moat.sys.mjs Changes: ===================================== toolkit/components/lox/Lox.sys.mjs ===================================== @@ -37,6 +37,7 @@ XPCOMUtils.defineLazyModuleGetters(lazy, { set_panic_hook: "resource://gre/modules/lox_wasm.jsm", invitation_is_trusted: "resource://gre/modules/lox_wasm.jsm", issue_invite: "resource://gre/modules/lox_wasm.jsm", + handle_issue_invite: "resource://gre/modules/lox_wasm.jsm", prepare_invite: "resource://gre/modules/lox_wasm.jsm", get_invites_remaining: "resource://gre/modules/lox_wasm.jsm", get_trust_level: "resource://gre/modules/lox_wasm.jsm", @@ -91,6 +92,7 @@ const LoxSettingsPrefs = Object.freeze({ export class LoxError extends Error { static BadInvite = "BadInvite"; static LoxServerUnreachable = "LoxServerUnreachable"; + static ErrorResponse = "ErrorResponse"; /** * @param {string} message - The error message. @@ -408,89 +410,47 @@ class LoxImpl { } /** - * Update Lox credential after Lox key rotation - * Do not call directly, use #getPubKeys() instead to start the update only - * once + * Update Lox credential after Lox key rotation. * - * @param {string} prevkeys The public keys we are replacing + * Do not call directly, use #getPubKeys() instead to start the update only + * once. */ - async #updatePubkeys(prevkeys) { - let pubKeys; - try { - pubKeys = await this.#makeRequest("pubkeys", []); - } catch (error) { - lazy.logger.debug("Failed to get pubkeys", error); - // Make the next call try again. - this.#pubKeyPromise = null; - if (!this.#pubKeys) { - throw error; - } - return; - } + async #updatePubkeys() { + let pubKeys = await this.#makeRequest("pubkeys", null); const prevKeys = this.#pubKeys; if (prevKeys !== null) { // check if the lox pubkeys have changed and update the lox - // credentials if so - let lox_cred_req; - try { - lox_cred_req = JSON.parse( - lazy.check_lox_pubkeys_update( - JSON.stringify(pubKeys), - prevkeys, - this.#getCredentials(this.#activeLoxId) - ) - ); - } catch (error) { - lazy.logger.debug("Check lox pubkey update failed", error); - // Make the next call try again. - this.#pubKeyPromise = null; - return; - } - if (lox_cred_req.updated) { + // credentials if so. + // + // The UpdateCredOption rust struct serializes to "req" rather than + // "request". + const { updated, req: request } = JSON.parse( + lazy.check_lox_pubkeys_update( + pubKeys, + prevKeys, + this.#getCredentials(this.#activeLoxId) + ) + ); + if (updated) { + // Try update credentials. + // NOTE: This should be re-callable if any step fails. + // TODO: Verify this. lazy.logger.debug( `Lox pubkey updated, update Lox credential "${this.#activeLoxId}"` ); - let response; - try { - // TODO: If this call doesn't succeed due to a networking error, the Lox - // credential may be in an unusable state (spent but not updated) - // until this request can be completed successfully (and until Lox - // is refactored to send repeat responses: - // https://gitlab.torproject.org/tpo/anti-censorship/lox/-/issues/74) - response = await this.#makeRequest("updatecred", lox_cred_req.req); - } catch (error) { - lazy.logger.debug("Lox cred update failed.", error); - // Make the next call try again. - this.#pubKeyPromise = null; - return; - } - if (response.hasOwnProperty("error")) { - lazy.logger.error(response.error); - this.#pubKeyPromise = null; - lazy.logger.debug( - `Error response to Lox pubkey update request: "${response.error}", reverting to old pubkeys` - ); - return; - } - let cred; - try { - cred = lazy.handle_update_cred( - lox_cred_req.req, - JSON.stringify(response), - pubKeys - ); - } catch (error) { - lazy.logger.debug("Unable to handle updated Lox cred", error); - // Make the next call try again. - this.#pubKeyPromise = null; - return; - } + // TODO: If this call doesn't succeed due to a networking error, the Lox + // credential may be in an unusable state (spent but not updated) + // until this request can be completed successfully (and until Lox + // is refactored to send repeat responses: + // https://gitlab.torproject.org/tpo/anti-censorship/lox/-/issues/74) + let response = await this.#makeRequest("updatecred", request); + let cred = lazy.handle_update_cred(request, response, pubKeys); this.#changeCredentials(this.#activeLoxId, cred); } } // If we arrive here we haven't had other errors before, we can actually // store the new public key. - this.#pubKeys = JSON.stringify(pubKeys); + this.#pubKeys = pubKeys; this.#store(); } @@ -498,16 +458,24 @@ class LoxImpl { // FIXME: We are always refetching #pubKeys, #encTable and #constants once // per session, but they may change more frequently. tor-browser#42502 if (this.#pubKeyPromise === null) { - this.#pubKeyPromise = this.#updatePubkeys(); + this.#pubKeyPromise = this.#updatePubkeys().catch(error => { + lazy.logger.debug("Failed to update pubKeys", error); + // Try again with the next call. + this.#pubKeyPromise = null; + if (!this.#pubKeys) { + // Re-throw if we have no pubKeys value for the caller. + throw error; + } + }); } await this.#pubKeyPromise; } async #getEncTable() { if (this.#encTablePromise === null) { - this.#encTablePromise = this.#makeRequest("reachability", []) + this.#encTablePromise = this.#makeRequest("reachability", null) .then(encTable => { - this.#encTable = JSON.stringify(encTable); + this.#encTable = encTable; this.#store(); }) .catch(error => { @@ -526,10 +494,10 @@ class LoxImpl { async #getConstants() { if (this.#constantsPromise === null) { // Try to update first, but if that doesn't work fall back to stored data - this.#constantsPromise = this.#makeRequest("constants", []) + this.#constantsPromise = this.#makeRequest("constants", null) .then(constants => { const prevValue = this.#constants; - this.#constants = JSON.stringify(constants); + this.#constants = constants; this.#store(); if (prevValue !== this.#constants) { Services.obs.notifyObservers(null, LoxTopics.UpdateNextUnlock); @@ -579,7 +547,6 @@ class LoxImpl { */ async #backgroundTasks() { this.#assertInitialized(); - let addedEvent = false; // Only run background tasks for the active lox ID. const loxId = this.#activeLoxId; if (!loxId) { @@ -591,37 +558,39 @@ class LoxImpl { // this should catch key rotations (ideally some days) prior to the next // credential update await this.#getPubKeys(); + let levelup = false; try { - const levelup = await this.#attemptUpgrade(loxId); - if (levelup) { - const level = this.#getLevel(loxId); - const newEvent = { - type: "levelup", - newlevel: level, - }; - this.#events.push(newEvent); - this.#store(); - addedEvent = true; - } - } catch (err) { - lazy.logger.error(err); + levelup = await this.#attemptUpgrade(loxId); + } catch (error) { + lazy.logger.error(error); } + if (levelup) { + const level = this.#getLevel(loxId); + const newEvent = { + type: "levelup", + newlevel: level, + }; + this.#events.push(newEvent); + this.#store(); + } + + let leveldown = false; try { - const leveldown = await this.#blockageMigration(loxId); - if (leveldown) { - let level = this.#getLevel(loxId); - const newEvent = { - type: "blockage", - newlevel: level, - }; - this.#events.push(newEvent); - this.#store(); - addedEvent = true; - } - } catch (err) { - lazy.logger.error(err); + leveldown = await this.#blockageMigration(loxId); + } catch (error) { + lazy.logger.error(error); + } + if (leveldown) { + let level = this.#getLevel(loxId); + const newEvent = { + type: "blockage", + newlevel: level, + }; + this.#events.push(newEvent); + this.#store(); } - if (addedEvent) { + + if (levelup || leveldown) { Services.obs.notifyObservers(null, LoxTopics.UpdateEvents); } } @@ -708,7 +677,7 @@ class LoxImpl { // to issue open invitations for Lox bridges. async requestOpenInvite() { this.#assertInitialized(); - let invite = await this.#makeRequest("invite", []); + let invite = JSON.parse(await this.#makeRequest("invite", null)); lazy.logger.debug(invite); return invite; } @@ -725,23 +694,20 @@ class LoxImpl { // It's fine to get pubkey here without a delay since the user will not have a Lox // credential yet await this.#getPubKeys(); + // NOTE: We currently only handle "open invites". + // "trusted invites" are not yet supported. tor-browser#42974. let request = await lazy.open_invite(JSON.parse(invite).invite); - let response = await this.#makeRequest( - "openreq", - JSON.parse(request).request - ); - lazy.logger.debug("openreq response: ", response); - if (response.hasOwnProperty("error")) { - throw new LoxError( - `Error response to "openreq": ${response.error}`, - LoxError.BadInvite - ); + let response; + try { + response = await this.#makeRequest("openreq", request); + } catch (error) { + if (error instanceof LoxError && error.code === LoxError.ErrorResponse) { + throw new LoxError("Error response to openreq", LoxError.BadInvite); + } else { + throw error; + } } - let cred = lazy.handle_new_lox_credential( - request, - JSON.stringify(response), - this.#pubKeys - ); + let cred = lazy.handle_new_lox_credential(request, response, this.#pubKeys); // Generate an id that is not already in the #credentials map. let loxId; do { @@ -795,31 +761,32 @@ class LoxImpl { throw new LoxError(`Cannot generate invites at level ${level}`); } let request = lazy.issue_invite( - JSON.stringify(this.#getCredentials(loxId)), + this.#getCredentials(loxId), this.#encTable, this.#pubKeys ); - let response = await this.#makeRequest( - "issueinvite", - JSON.parse(request).request - ); - if (response.hasOwnProperty("error")) { - lazy.logger.error(response.error); - throw new LoxError(`Error response to "issueinvite": ${response.error}`); - } else { - const invite = lazy.prepare_invite(response); - this.#invites.push(invite); - // cap length of stored invites - if (this.#invites.len > 50) { - this.#invites.shift(); - } - this.#store(); - this.#changeCredentials(loxId, response); - Services.obs.notifyObservers(null, LoxTopics.NewInvite); - // Return a copy. - // Right now invite is just a string, but that might change in the future. - return structuredClone(invite); + let response = await this.#makeRequest("issueinvite", request); + // TODO: Do we ever expect handle_issue_invite to fail (beyond + // implementation bugs)? + // TODO: What happens if #pubkeys for `issue_invite` differs from the value + // when calling `handle_issue_invite`? Should we cache the value at the + // start of this method? + let cred = lazy.handle_issue_invite(request, response, this.#pubKeys); + + // Store the new credentials as a priority. + this.#changeCredentials(loxId, cred); + + const invite = lazy.prepare_invite(cred); + this.#invites.push(invite); + // cap length of stored invites + if (this.#invites.len > 50) { + this.#invites.shift(); } + this.#store(); + Services.obs.notifyObservers(null, LoxTopics.NewInvite); + // Return a copy. + // Right now invite is just a string, but that might change in the future. + return structuredClone(invite); } /** @@ -845,15 +812,13 @@ class LoxImpl { return false; } let response = await this.#makeRequest("checkblockage", request); - if (response.hasOwnProperty("error")) { - lazy.logger.error(response.error); - throw new LoxError( - `Error response to "checkblockage": ${response.error}` - ); - } + // NOTE: If a later method fails, we should be ok to re-call "checkblockage" + // from the Lox authority. So there shouldn't be any adverse side effects to + // loosing migrationCred. + // TODO: Confirm this is safe to lose. const migrationCred = lazy.handle_check_blockage( this.#getCredentials(loxId), - JSON.stringify(response) + response ); request = lazy.blockage_migration( this.#getCredentials(loxId), @@ -861,26 +826,21 @@ class LoxImpl { this.#pubKeys ); response = await this.#makeRequest("blockagemigration", request); - if (response.hasOwnProperty("error")) { - lazy.logger.error(response.error); - throw new LoxError( - `Error response to "blockagemigration": ${response.error}` - ); - } const cred = lazy.handle_blockage_migration( this.#getCredentials(loxId), - JSON.stringify(response), + response, this.#pubKeys ); this.#changeCredentials(loxId, cred); return true; } - /** Attempts to upgrade the currently saved Lox credential. - * If an upgrade is available, save an event in the event list. + /** + * Attempts to upgrade the currently saved Lox credential. + * If an upgrade is available, save an event in the event list. * - * @param {string} loxId Lox ID - * @returns {boolean} Whether a levelup event occurred. + * @param {string} loxId Lox ID + * @returns {boolean} Whether the credential was successfully migrated. */ async #attemptUpgrade(loxId) { await this.#getEncTable(); @@ -895,16 +855,18 @@ class LoxImpl { this.#encTable, this.#pubKeys ); - const response = await this.#makeRequest("levelup", request); - if (response.hasOwnProperty("error")) { - lazy.logger.error(response.error); - throw new LoxError(`Error response to "levelup": ${response.error}`); + let response; + try { + response = await this.#makeRequest("levelup", request); + } catch (error) { + if (error instanceof LoxError && error.code === LoxError.ErrorResponse) { + // Not an error. + lazy.logger.debug("Not ready for level up", error); + return false; + } + throw error; } - const cred = lazy.handle_level_up( - request, - JSON.stringify(response), - this.#pubKeys - ); + const cred = lazy.handle_level_up(request, response, this.#pubKeys); this.#changeCredentials(loxId, cred); return true; } @@ -922,76 +884,40 @@ class LoxImpl { this.#getPubKeys(); return false; } - let request, response; + let request; try { request = lazy.trust_promotion( this.#getCredentials(loxId), this.#pubKeys ); } catch (err) { + // This function is called routinely during the background tasks without + // previous checks on whether an upgrade is possible, so it is expected to + // fail with a certain frequency. Therefore, do not relay the error to the + // caller and just log the message for debugging. lazy.logger.debug("Not ready to upgrade", err); return false; } - try { - response = await this.#makeRequest( - "trustpromo", - JSON.parse(request).request - ); - } catch (err) { - lazy.logger.error("Failed trust promotion", err); - return false; - } - if (response.hasOwnProperty("error")) { - lazy.logger.error("Error response from trustpromo", response.error); - return false; - } - lazy.logger.debug("Got promotion cred", response, request); - let promoCred; - try { - promoCred = lazy.handle_trust_promotion( - request, - JSON.stringify(response) - ); - lazy.logger.debug("Formatted promotion cred"); - } catch (err) { - lazy.logger.error( - "Unable to handle trustpromo response properly", - response.error - ); - return false; - } - try { - request = lazy.trust_migration( - this.#getCredentials(loxId), - promoCred, - this.#pubKeys - ); - lazy.logger.debug("Formatted migration request"); - } catch (err) { - lazy.logger.error("Failed to generate trust migration request", err); - return false; - } - try { - response = await this.#makeRequest( - "trustmig", - JSON.parse(request).request - ); - } catch (err) { - lazy.logger.error("Failed trust migration", err); - return false; - } - if (response.hasOwnProperty("error")) { - lazy.logger.error("Error response from trustmig", response.error); - return false; - } - lazy.logger.debug("Got new credential"); - let cred; - try { - cred = lazy.handle_trust_migration(request, response); - } catch (err) { - lazy.logger.error("Failed to handle response from trustmig", err); - return false; - } + + let response = await this.#makeRequest("trustpromo", request); + // FIXME: Store response to "trustpromo" in case handle_trust_promotion + // or "trustmig" fails. The Lox authority will not accept a re-request + // to "trustpromo" with the same credentials. + let promoCred = lazy.handle_trust_promotion(request, response); + lazy.logger.debug("Formatted promotion cred: ", promoCred); + + request = lazy.trust_migration( + this.#getCredentials(loxId), + promoCred, + this.#pubKeys + ); + response = await this.#makeRequest("trustmig", request); + lazy.logger.debug("Got new credential: ", response); + + // FIXME: Store response to "trustmig" in case handle_trust_migration + // fails. The Lox authority will not accept a re-request to "trustmig" with + // the same credentials. + let cred = lazy.handle_trust_migration(request, response); this.#changeCredentials(loxId, cred); return true; } @@ -1079,38 +1005,47 @@ class LoxImpl { }; } - async #makeRequest(procedure, args) { + /** + * Fetch from the Lox authority. + * + * @param {string} procedure - The request endpoint. + * @param {string} body - The arguments to send in the body, if any. + * + * @returns {string} - The response body. + */ + async #fetch(procedure, body) { // TODO: Customize to for Lox - const serviceUrl = "https://lox.torproject.org"; - const url = `${serviceUrl}/${procedure}`; + const url = `https://lox.torproject.org/${procedure}`; + const method = "POST"; + const contentType = "application/vnd.api+json"; if (lazy.TorConnect.state === lazy.TorConnectState.Bootstrapped) { let request; try { request = await fetch(url, { - method: "POST", - headers: { - "Content-Type": "application/vnd.api+json", - }, - body: JSON.stringify(args), + method, + headers: { "Content-Type": contentType }, + body, }); } catch (error) { - lazy.logger.debug("fetch fail", url, args, error); + lazy.logger.debug("fetch fail", url, body, error); throw new LoxError( `fetch "${procedure}" from Lox authority failed: ${error?.message}`, LoxError.LoxServerUnreachable ); } if (!request.ok) { - lazy.logger.debug("fetch response", url, args, request); + lazy.logger.debug("fetch response", url, body, request); // Do not treat as a LoxServerUnreachable type. throw new LoxError( `Lox authority responded to "${procedure}" with ${request.status}: ${request.statusText}` ); } - return request.json(); + return request.text(); } + // TODO: Only make domain fronted requests with user permission. + // tor-browser#42606. if (this.#domainFrontedRequests === null) { this.#domainFrontedRequests = new Promise((resolve, reject) => { // TODO: Customize to the values for Lox @@ -1129,9 +1064,9 @@ class LoxImpl { } const builder = await this.#domainFrontedRequests; try { - return await builder.buildPostRequest(url, args); + return await builder.buildRequest(url, { method, contentType, body }); } catch (error) { - lazy.logger.debug("Domain front request fail", url, args, error); + lazy.logger.debug("Domain front request fail", url, body, error); if (error instanceof lazy.DomainFrontRequestNetworkError) { throw new LoxError( `Domain front fetch "${procedure}" from Lox authority failed: ${error?.message}`, @@ -1149,6 +1084,37 @@ class LoxImpl { ); } } + + /** + * Make a request to the lox authority, check for an error response, and + * convert it to a string. + * + * @param {string} procedure - The request endpoint. + * @param {?string} request - The request data, as a JSON string containing a + * "request" field. Or `null` to send no data. + * + * @returns {string} - The stringified JSON response. + */ + async #makeRequest(procedure, request) { + // Verify that the response is valid json, by parsing. + const jsonResponse = JSON.parse( + await this.#fetch( + procedure, + request ? JSON.stringify(JSON.parse(request).request) : "" + ) + ); + lazy.logger.debug(`${procedure} response:`, jsonResponse); + if (Object.hasOwn(jsonResponse, "error")) { + // TODO: Figure out if any of the "error" responses should be treated as + // an error. I.e. which of the procedures have soft failures and hard + // failures. + throw LoxError( + `Error response to ${procedure}: ${jsonResponse.error}`, + LoxError.ErrorResponse + ); + } + return JSON.stringify(jsonResponse); + } } export const Lox = new LoxImpl(); ===================================== toolkit/modules/DomainFrontedRequests.sys.mjs ===================================== @@ -523,34 +523,31 @@ export class DomainFrontRequestBuilder { } /** - * Make a POST request with a JSON body and a JSON response. + * Make a request. * - * @param {string} url The URL to load - * @param {object} args The arguments to send to the procedure. It will be - * serialized to JSON by this function and then set as POST body - * @returns {Promise<object>} A promise with the parsed response + * @param {string} url The URL to request. + * @param {object} args The arguments to send to the procedure. + * @param {string} args.method The request method. + * @param {string} args.body The request body. + * @param {string} args.contentType The "Content-Type" header to set. + * @returns {string} The response body. */ - async buildPostRequest(url, args) { + async buildRequest(url, args) { const ch = this.buildHttpHandler(url); - const argsJson = JSON.stringify(args); const inStream = Cc["@mozilla.org/io/string-input-stream;1"].createInstance( Ci.nsIStringInputStream ); - inStream.setData(argsJson, argsJson.length); + inStream.setData(args.body, args.body.length); const upChannel = ch.QueryInterface(Ci.nsIUploadChannel); - const contentType = "application/vnd.api+json"; - upChannel.setUploadStream(inStream, contentType, argsJson.length); - ch.requestMethod = "POST"; + upChannel.setUploadStream(inStream, args.contentType, args.body.length); + ch.requestMethod = args.method; // Make request const listener = new ResponseListener(); await ch.asyncOpen(listener, ch); // wait for response - const responseJSON = await listener.response(); - - // parse that JSON - return JSON.parse(responseJSON); + return listener.response(); } } ===================================== toolkit/modules/Moat.sys.mjs ===================================== @@ -108,7 +108,13 @@ export class MoatRPC { const procedureURIString = `${Services.prefs.getStringPref( TorLauncherPrefs.moat_service )}/${procedure}`; - return this.#requestBuilder.buildPostRequest(procedureURIString, args); + return JSON.parse( + await this.#requestBuilder.buildRequest(procedureURIString, { + method: "POST", + contentType: "application/vnd.api+json", + body: JSON.stringify(args), + }) + ); } async testInternetConnection() { View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/5e9deb… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/5e9deb… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-13.5] Bug 41286: Update the deploy update scripts to optinally take an override hash
by morgan (＠morgan) 30 Oct '24

30 Oct '24

morgan pushed to branch maint-13.5 at The Tor Project / Applications / tor-browser-build Commits: 7dfebb7a by Nicolas Vigier at 2024-10-30T18:36:12+00:00 Bug 41286: Update the deploy update scripts to optinally take an override hash - - - - - 1 changed file: - tools/signing/upload-update_responses-to-staticiforme Changes: ===================================== tools/signing/upload-update_responses-to-staticiforme ===================================== @@ -58,12 +58,20 @@ cat << EOF > "$deploy_script" #!/bin/bash set -e -echo "Deploying version $tbb_version" -echo "update_responses_commit: $update_responses_commit" +if test "\$#" -gt 1; then + echo >&2 "Wrong number of arguments" + exit 2 +fi + +commit=$update_responses_commit +test "\$#" -eq 1 && commit="\$1" + +test "\$#" -eq 0 && echo "Deploying version $tbb_version" +echo "update_responses_commit: \$commit" cd "$update_dir" git fetch -changed_files="\$(git diff --name-only HEAD $update_responses_commit)" +changed_files="\$(git diff --name-only HEAD \$commit)" if echo "\$changed_files" | grep -qv "$tbb_version_type" then echo >&2 "Error: checking out new update_response_commit will changes" @@ -75,7 +83,7 @@ then echo >&2 "See tor-browser-build#41168 for more details." exit 1 fi -git checkout "$update_responses_commit" +git checkout "\$commit" static-update-component aus1.torproject.org EOF View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/7… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/7… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-14.0] Bug 41286: Update the deploy update scripts to optinally take an override hash
by morgan (＠morgan) 30 Oct '24

30 Oct '24

morgan pushed to branch maint-14.0 at The Tor Project / Applications / tor-browser-build Commits: 5c1ddf37 by Nicolas Vigier at 2024-10-30T18:35:18+00:00 Bug 41286: Update the deploy update scripts to optinally take an override hash - - - - - 1 changed file: - tools/signing/upload-update_responses-to-staticiforme Changes: ===================================== tools/signing/upload-update_responses-to-staticiforme ===================================== @@ -55,12 +55,20 @@ cat << EOF > "$deploy_script" #!/bin/bash set -e -echo "Deploying version $tbb_version" -echo "update_responses_commit: $update_responses_commit" +if test "\$#" -gt 1; then + echo >&2 "Wrong number of arguments" + exit 2 +fi + +commit=$update_responses_commit +test "\$#" -eq 1 && commit="\$1" + +test "\$#" -eq 0 && echo "Deploying version $tbb_version" +echo "update_responses_commit: \$commit" cd "$update_dir" git fetch -changed_files="\$(git diff --name-only HEAD $update_responses_commit)" +changed_files="\$(git diff --name-only HEAD \$commit)" if echo "\$changed_files" | grep -qv "$tbb_version_type" then echo >&2 "Error: checking out new update_response_commit will changes" @@ -72,7 +80,7 @@ then echo >&2 "See tor-browser-build#41168 for more details." exit 1 fi -git checkout "$update_responses_commit" +git checkout "\$commit" static-update-component aus1.torproject.org EOF View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/5… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/5… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 41286: Update the deploy update scripts to optinally take an override hash
by morgan (＠morgan) 30 Oct '24

30 Oct '24

morgan pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 1c24b4a9 by Nicolas Vigier at 2024-10-30T17:48:34+01:00 Bug 41286: Update the deploy update scripts to optinally take an override hash - - - - - 2 changed files: - .gitlab/issue_templates/Release Prep - Tor Browser Legacy.md - tools/signing/upload-update_responses-to-staticiforme Changes: ===================================== .gitlab/issue_templates/Release Prep - Tor Browser Legacy.md ===================================== @@ -268,37 +268,9 @@ popd git show -s --format=%H ``` - On `staticiforme.torproject.org`, deploy new update responses: - - **NOTE**: for now this is a bit janky, we should somehow update the workflow to be a bit less hacky - - [ ] Edit an existing `deploy_update_responses-release.sh` script in your `HOME` directory with the newly pushed commit hash - - **example**: (hash: `d938943`) - ```bash - #!/bin/bash - set -e - - echo "Deploying version 14.0" - echo "update_responses_commit: d938943" - - cd "/srv/aus1-master.torproject.org/htdocs/torbrowser" - git fetch - changed_files="$(git diff --name-only HEAD d938943)" - if echo "$changed_files" | grep -qv "release" - then - echo >&2 "Error: checking out new update_response_commit will changes" - echo >&2 "some files outside of the release directory:" - echo "$changed_files" | grep -v "release" >&2 - echo >&2 "--" - echo >&2 "If this is really what you want to do, edit this script to" - echo >&2 "remove the line 'exit 1' and run it again." - echo >&2 "See tor-browser-build#41168 for more details." - exit 1 - fi - git checkout "d938943" - - static-update-component aus1.torproject.org - ``` - - [ ] Enable update responses: + - [ ] Enable update responses, passing the commit hash as argument (replace $commit): ```bash - sudo -u tb-release ./deploy_update_responses-release.sh + sudo -u tb-release ./deploy_update_responses-release.sh $commit ``` </details> ===================================== tools/signing/upload-update_responses-to-staticiforme ===================================== @@ -55,12 +55,20 @@ cat << EOF > "$deploy_script" #!/bin/bash set -e -echo "Deploying version $tbb_version" -echo "update_responses_commit: $update_responses_commit" +if test "\$#" -gt 1; then + echo >&2 "Wrong number of arguments" + exit 2 +fi + +commit=$update_responses_commit +test "\$#" -eq 1 && commit="\$1" + +test "\$#" -eq 0 && echo "Deploying version $tbb_version" +echo "update_responses_commit: \$commit" cd "$update_dir" git fetch -changed_files="\$(git diff --name-only HEAD $update_responses_commit)" +changed_files="\$(git diff --name-only HEAD \$commit)" if echo "\$changed_files" | grep -qv "$tbb_version_type" then echo >&2 "Error: checking out new update_response_commit will changes" @@ -72,7 +80,7 @@ then echo >&2 "See tor-browser-build#41168 for more details." exit 1 fi -git checkout "$update_responses_commit" +git checkout "\$commit" static-update-component aus1.torproject.org EOF View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/1… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/1… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-128.4.0esr-14.5-1] fixup! Adding issue and merge request templates
by Pier Angelo Vendrame (＠pierov) 30 Oct '24

30 Oct '24

Pier Angelo Vendrame pushed to branch mullvad-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Mullvad Browser Commits: 60885fba by Henry Wilkes at 2024-10-30T19:33:54+01:00 fixup! Adding issue and merge request templates Bug 43262: Update QA desktop checklist to include testing saved keys and their preferences. - - - - - 1 changed file: - .gitlab/issue_templates/QA - Desktop.md Changes: ===================================== .gitlab/issue_templates/QA - Desktop.md ===================================== @@ -135,6 +135,10 @@ Manual QA test check-list for major desktop releases. Please copy/paste form int - [ ] Onion-Location pill - [ ] Client authentication - You can create an ephemeral client-auth onion-service using [onion share](https://onionshare.org) + - [ ] Remember key option saves the key between sessions. + - [ ] Saved keys are viewable in preferences (privacy). + - [ ] Can remove individual keys. + - [ ] Can remove all keys at once. - [ ] Onion service errors - [ ] invalid onion: http://invalid.onion - [ ] onion offline: http://wfdn32ds656ycma5gvrh7duvdvxbg2ygzr3no3ijsya25qm6nnko4iqd.onion/ View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/608… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/608… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-128.4.0esr-14.5-1] fixup! Adding issue and merge request templates
by Pier Angelo Vendrame (＠pierov) 30 Oct '24

30 Oct '24

Pier Angelo Vendrame pushed to branch base-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: 8e61683d by Henry Wilkes at 2024-10-30T19:33:33+01:00 fixup! Adding issue and merge request templates Bug 43262: Update QA desktop checklist to include testing saved keys and their preferences. - - - - - 1 changed file: - .gitlab/issue_templates/QA - Desktop.md Changes: ===================================== .gitlab/issue_templates/QA - Desktop.md ===================================== @@ -135,6 +135,10 @@ Manual QA test check-list for major desktop releases. Please copy/paste form int - [ ] Onion-Location pill - [ ] Client authentication - You can create an ephemeral client-auth onion-service using [onion share](https://onionshare.org) + - [ ] Remember key option saves the key between sessions. + - [ ] Saved keys are viewable in preferences (privacy). + - [ ] Can remove individual keys. + - [ ] Can remove all keys at once. - [ ] Onion service errors - [ ] invalid onion: http://invalid.onion - [ ] onion offline: http://wfdn32ds656ycma5gvrh7duvdvxbg2ygzr3no3ijsya25qm6nnko4iqd.onion/ View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/8e61683… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/8e61683… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-14.0] Bug 41243: Add apparmor profile to deb package
by boklm (＠boklm) 30 Oct '24

30 Oct '24

boklm pushed to branch maint-14.0 at The Tor Project / Applications / tor-browser-build Commits: 6d8e1d6f by Nicolas Vigier at 2024-10-30T17:46:21+01:00 Bug 41243: Add apparmor profile to deb package - - - - - 4 changed files: - projects/linux-packages/config - + projects/linux-packages/debian/apparmor.in - projects/linux-packages/debian/control.in - projects/linux-packages/debian/rules.in Changes: ===================================== projects/linux-packages/config ===================================== @@ -36,6 +36,7 @@ targets: - dpkg-dev - debhelper - dh-exec + - dh-apparmor # Packages needed to generate dependencies for the deb package - linux-libc-dev - libasound2-dev @@ -148,6 +149,10 @@ input_files: enable: '[% c("var/build_deb_pkg") || c("var/build_rpm_pkg") %]' # Debian Package + - filename: debian/apparmor + content: "[% INCLUDE 'debian/apparmor.in' %]" + refresh_input: 1 + enable: '[% c("var/build_deb_pkg") %]' - filename: debian/changelog content: "[% INCLUDE 'debian/changelog.in' %]" refresh_input: 1 ===================================== projects/linux-packages/debian/apparmor.in ===================================== @@ -0,0 +1,14 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +# AppArmor policy for [% c("var/system_pkg/pkg_name") %] + +abi <abi/4.0>, +include <tunables/global> + +profile [% c("var/system_pkg/pkg_name") %] /[% c('var/system_pkg/install_path') %]/[% c("var/projectname") %].real flags=(unconfined) { + userns, + + # Site-specific additions and overrides. See local/README for details. + include if exists <local/[% c("var/system_pkg/pkg_name") %]> +} ===================================== projects/linux-packages/debian/control.in ===================================== @@ -2,7 +2,7 @@ Source: [% c("var/system_pkg/pkg_name") %] Maintainer: [% c("var/Project_Name") %] Developers <torbrowser(a)torproject.org> Priority: optional Section: web -Build-Depends: debhelper (>= 9) +Build-Depends: debhelper (>= 9), dh-apparmor Package: [% c("var/system_pkg/pkg_name") %] Architecture: [% c("var_p/system_pkg/deb_archs").join(" ") %] ===================================== projects/linux-packages/debian/rules.in ===================================== @@ -12,3 +12,8 @@ override_dh_strip: override_dh_shlibdeps: dh_shlibdeps -Xabicheck[% IF c("var/tor-browser") %] -l$(CURDIR)/debian/[% c("var/system_pkg/pkg_name") %]/[% c('var/system_pkg/install_path') %]/TorBrowser/Tor[% END %] + +override_dh_install: + mkdir -p debian/[% c("var/system_pkg/pkg_name") %]/etc/apparmor.d + cp debian/apparmor debian/[% c("var/system_pkg/pkg_name") %]/etc/apparmor.d/[% c("var/system_pkg/pkg_name") %] + dh_apparmor --profile-name=[% c("var/system_pkg/pkg_name") %] -p[% c("var/system_pkg/pkg_name") %] View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/6… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/6… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 41243: Add apparmor profile to deb package
by boklm (＠boklm) 30 Oct '24

30 Oct '24

boklm pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: ae68fd52 by Nicolas Vigier at 2024-10-30T17:43:34+01:00 Bug 41243: Add apparmor profile to deb package - - - - - 4 changed files: - projects/linux-packages/config - + projects/linux-packages/debian/apparmor.in - projects/linux-packages/debian/control.in - projects/linux-packages/debian/rules.in Changes: ===================================== projects/linux-packages/config ===================================== @@ -36,6 +36,7 @@ targets: - dpkg-dev - debhelper - dh-exec + - dh-apparmor # Packages needed to generate dependencies for the deb package - linux-libc-dev - libasound2-dev @@ -148,6 +149,10 @@ input_files: enable: '[% c("var/build_deb_pkg") || c("var/build_rpm_pkg") %]' # Debian Package + - filename: debian/apparmor + content: "[% INCLUDE 'debian/apparmor.in' %]" + refresh_input: 1 + enable: '[% c("var/build_deb_pkg") %]' - filename: debian/changelog content: "[% INCLUDE 'debian/changelog.in' %]" refresh_input: 1 ===================================== projects/linux-packages/debian/apparmor.in ===================================== @@ -0,0 +1,14 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +# AppArmor policy for [% c("var/system_pkg/pkg_name") %] + +abi <abi/4.0>, +include <tunables/global> + +profile [% c("var/system_pkg/pkg_name") %] /[% c('var/system_pkg/install_path') %]/[% c("var/projectname") %].real flags=(unconfined) { + userns, + + # Site-specific additions and overrides. See local/README for details. + include if exists <local/[% c("var/system_pkg/pkg_name") %]> +} ===================================== projects/linux-packages/debian/control.in ===================================== @@ -2,7 +2,7 @@ Source: [% c("var/system_pkg/pkg_name") %] Maintainer: [% c("var/Project_Name") %] Developers <torbrowser(a)torproject.org> Priority: optional Section: web -Build-Depends: debhelper (>= 9) +Build-Depends: debhelper (>= 9), dh-apparmor Package: [% c("var/system_pkg/pkg_name") %] Architecture: [% c("var_p/system_pkg/deb_archs").join(" ") %] ===================================== projects/linux-packages/debian/rules.in ===================================== @@ -12,3 +12,8 @@ override_dh_strip: override_dh_shlibdeps: dh_shlibdeps -Xabicheck[% IF c("var/tor-browser") %] -l$(CURDIR)/debian/[% c("var/system_pkg/pkg_name") %]/[% c('var/system_pkg/install_path') %]/TorBrowser/Tor[% END %] + +override_dh_install: + mkdir -p debian/[% c("var/system_pkg/pkg_name") %]/etc/apparmor.d + cp debian/apparmor debian/[% c("var/system_pkg/pkg_name") %]/etc/apparmor.d/[% c("var/system_pkg/pkg_name") %] + dh_apparmor --profile-name=[% c("var/system_pkg/pkg_name") %] -p[% c("var/system_pkg/pkg_name") %] View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/a… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/a… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 41288: Use exec_noco option when using exec
by boklm (＠boklm) 30 Oct '24

30 Oct '24

boklm pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: aefae00e by Nicolas Vigier at 2024-10-30T17:10:36+01:00 Bug 41288: Use exec_noco option when using exec Use the `exec_noco` option added in rbm#40006. - - - - - 2 changed files: - projects/firefox/config - projects/geckoview/config Changes: ===================================== projects/firefox/config ===================================== @@ -21,10 +21,10 @@ var: browser_branch: '[% c("var/browser_series") %]-[% c("var/browser_rebase") %]' browser_build: 1 branding_directory_prefix: 'tb' - copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' + copyright_year: '[% exec("git show -s --format=%ci" _ c("git_hash") _ "^{commit}", { exec_noco => 1 }).remove("-.*") %]' nightly_updates_publish_dir: '[% c("var/nightly_updates_publish_dir_prefix") %]nightly-[% c("var/osname") %]' gitlab_project: https://gitlab.torproject.org/tpo/applications/tor-browser - git_commit: '[% exec("git rev-parse HEAD") %]' + git_commit: '[% exec("git rev-parse " _ c("git_hash") _ "^{commit}", { exec_noco => 1 }) %]' deps: - build-essential - autoconf @@ -53,7 +53,7 @@ var: mv -f -- "$rezip_tmpdir/new.zip" [% c("rezip_file") %] rm -Rf "$rezip_tmpdir" - l10n-changesets: '[% exec("cat browser/locales/l10n-changesets.json") %]' + l10n-changesets: '[% exec("git --no-pager show " _ c("git_hash") _ ":browser/locales/l10n-changesets.json", { exec_noco => 1 }) %]' steps: src-tarballs: ===================================== projects/geckoview/config ===================================== @@ -22,9 +22,9 @@ var: browser_rebase: 1 browser_branch: '[% c("var/browser_series") %]-[% c("var/browser_rebase") %]' browser_build: 1 - copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' + copyright_year: '[% exec("git show -s --format=%ci" _ c("git_hash") _ "^{commit}", { exec_noco => 1 }).remove("-.*") %]' gitlab_project: https://gitlab.torproject.org/tpo/applications/tor-browser - git_commit: '[% exec("git rev-parse HEAD") %]' + git_commit: '[% exec("git rev-parse " _ c("git_hash") _ "^{commit}", { exec_noco => 1 }) %]' deps: - build-essential - autoconf @@ -41,7 +41,7 @@ var: glean_parser: 14.0.1 variant: beta has_l10n: '[% !c("var/testbuild") && !c("var/locales").empty %]' - l10n-changesets: '[% exec("cat browser/locales/l10n-changesets.json") %]' + l10n-changesets: '[% exec("git --no-pager show " _ c("git_hash") _ ":browser/locales/l10n-changesets.json", { exec_noco => 1 }) %]' targets: release: View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/a… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/a… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-128.4.0esr-14.5-1] Bug 42739: Use the brand name for profile error messages.
by Pier Angelo Vendrame (＠pierov) 30 Oct '24

30 Oct '24

Pier Angelo Vendrame pushed to branch mullvad-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Mullvad Browser Commits: 641655fa by Henry Wilkes at 2024-10-30T08:30:02+01:00 Bug 42739: Use the brand name for profile error messages. Some messages in profileSelection.properties use gAppData->name as variable inputs. However, gAppData->name is still "Firefox" for our base-browser builds, rather than the user-facing browser name. We swap these instances with the displayed brand name instead. - - - - - 2 changed files: - toolkit/xre/ProfileReset.cpp - toolkit/xre/nsAppRunner.cpp Changes: ===================================== toolkit/xre/ProfileReset.cpp ===================================== @@ -23,8 +23,8 @@ using namespace mozilla; -extern const XREAppData* gAppData; - +static const char kBrandProperties[] = + "chrome://branding/locale/brand.properties"; static const char kProfileProperties[] = "chrome://mozapps/locale/profile/profileSelection.properties"; @@ -49,12 +49,21 @@ nsresult ProfileResetCleanup(nsToolkitProfileService* aService, mozilla::components::StringBundle::Service(); if (!sbs) return NS_ERROR_FAILURE; + nsCOMPtr<nsIStringBundle> brandBundle; + Unused << sbs->CreateBundle(kBrandProperties, getter_AddRefs(brandBundle)); + if (!brandBundle) return NS_ERROR_FAILURE; + nsCOMPtr<nsIStringBundle> sb; Unused << sbs->CreateBundle(kProfileProperties, getter_AddRefs(sb)); if (!sb) return NS_ERROR_FAILURE; - NS_ConvertUTF8toUTF16 appName(gAppData->name); - AutoTArray<nsString, 2> params = {appName, appName}; + nsAutoString appName; + rv = brandBundle->GetStringFromName("brandShortName", appName); + if (NS_FAILED(rv)) return rv; + + AutoTArray<nsString, 2> params; + params.AppendElement(appName); + params.AppendElement(appName); nsAutoString resetBackupDirectoryName; ===================================== toolkit/xre/nsAppRunner.cpp ===================================== @@ -2597,6 +2597,8 @@ nsresult LaunchChild(bool aBlankCommandLine, bool aTryExec) { return NS_ERROR_LAUNCHED_CHILD_PROCESS; } +static const char kBrandProperties[] = + "chrome://branding/locale/brand.properties"; static const char kProfileProperties[] = "chrome://mozapps/locale/profile/profileSelection.properties"; @@ -2666,12 +2668,20 @@ static nsresult ProfileMissingDialog(nsINativeAppSupport* aNative) { mozilla::components::StringBundle::Service(); NS_ENSURE_TRUE(sbs, NS_ERROR_FAILURE); + nsCOMPtr<nsIStringBundle> brandBundle; + sbs->CreateBundle(kBrandProperties, getter_AddRefs(brandBundle)); + NS_ENSURE_TRUE_LOG(sbs, NS_ERROR_FAILURE); nsCOMPtr<nsIStringBundle> sb; sbs->CreateBundle(kProfileProperties, getter_AddRefs(sb)); NS_ENSURE_TRUE_LOG(sbs, NS_ERROR_FAILURE); - NS_ConvertUTF8toUTF16 appName(gAppData->name); - AutoTArray<nsString, 2> params = {appName, appName}; + nsAutoString appName; + rv = brandBundle->GetStringFromName("brandShortName", appName); + NS_ENSURE_SUCCESS(rv, NS_ERROR_ABORT); + + AutoTArray<nsString, 2> params; + params.AppendElement(appName); + params.AppendElement(appName); // profileMissing nsAutoString missingMessage; @@ -2733,12 +2743,21 @@ static ReturnAbortOnError ProfileLockedDialog(nsIFile* aProfileDir, mozilla::components::StringBundle::Service(); NS_ENSURE_TRUE(sbs, NS_ERROR_FAILURE); + nsCOMPtr<nsIStringBundle> brandBundle; + sbs->CreateBundle(kBrandProperties, getter_AddRefs(brandBundle)); + NS_ENSURE_TRUE_LOG(sbs, NS_ERROR_FAILURE); nsCOMPtr<nsIStringBundle> sb; sbs->CreateBundle(kProfileProperties, getter_AddRefs(sb)); NS_ENSURE_TRUE_LOG(sbs, NS_ERROR_FAILURE); - NS_ConvertUTF8toUTF16 appName(gAppData->name); - AutoTArray<nsString, 3> params = {appName, appName, appName}; + nsAutoString appName; + rv = brandBundle->GetStringFromName("brandShortName", appName); + NS_ENSURE_SUCCESS(rv, NS_ERROR_ABORT); + + AutoTArray<nsString, 3> params; + params.AppendElement(appName); + params.AppendElement(appName); + params.AppendElement(appName); nsAutoString killMessage; #ifndef XP_MACOSX View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/641… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/641… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.4.0esr-14.5-1] fixup! [android] Modify UI/UX
by morgan (＠morgan) 30 Oct '24

30 Oct '24

morgan pushed to branch tor-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: 5e9deb42 by cypherpunks1 at 2024-10-30T03:09:46+00:00 fixup! [android] Modify UI/UX Bug 43251: Enable tab suggestions and autocomplete for private tabs on Android - - - - - 3 changed files: - mobile/android/android-components/components/feature/awesomebar/src/main/java/mozilla/components/feature/awesomebar/provider/SessionAutocompleteProvider.kt - mobile/android/android-components/components/feature/awesomebar/src/main/java/mozilla/components/feature/awesomebar/provider/SessionSuggestionProvider.kt - mobile/android/fenix/app/src/main/java/org/mozilla/fenix/search/awesomebar/AwesomeBarView.kt Changes: ===================================== mobile/android/android-components/components/feature/awesomebar/src/main/java/mozilla/components/feature/awesomebar/provider/SessionAutocompleteProvider.kt ===================================== @@ -36,7 +36,7 @@ class SessionAutocompleteProvider( val tabUrl = store.state.tabs .firstOrNull { - !it.content.private && doesUrlStartsWithText(it.content.url, query) + /* !it.content.private && */ doesUrlStartsWithText(it.content.url, query) } ?.content?.url ?: return null ===================================== mobile/android/android-components/components/feature/awesomebar/src/main/java/mozilla/components/feature/awesomebar/provider/SessionSuggestionProvider.kt ===================================== @@ -54,7 +54,7 @@ class SessionSuggestionProvider( val suggestions = mutableListOf<AwesomeBar.Suggestion>() val iconRequests: List<Deferred<Icon>?> = distinctTabs.map { - icons?.loadIcon(IconRequest(url = it.content.url, waitOnNetworkLoad = false)) + icons?.loadIcon(IconRequest(url = it.content.url, isPrivate = it.content.private, waitOnNetworkLoad = false)) } val searchWords = searchText.split(" ") @@ -62,7 +62,7 @@ class SessionSuggestionProvider( if ( resultsUriFilter?.invoke(result.content.url.toUri()) != false && searchWords.all { result.contains(it) } && - !result.content.private && +// !result.content.private && shouldIncludeSelectedTab(state, result) ) { suggestions.add( ===================================== mobile/android/fenix/app/src/main/java/org/mozilla/fenix/search/awesomebar/AwesomeBarView.kt ===================================== @@ -328,12 +328,12 @@ class AwesomeBarView( } } - if (activity.browsingModeManager.mode == BrowsingMode.Normal && state.showAllSessionSuggestions) { + if (/* activity.browsingModeManager.mode == BrowsingMode.Normal && */ state.showAllSessionSuggestions) { // Unlike other providers, we don't exclude sponsored suggestions for open tabs. providersToAdd.add(getLocalTabsProvider()) } - if (activity.browsingModeManager.mode == BrowsingMode.Normal && state.showSessionSuggestionsForCurrentEngine) { + if (/* activity.browsingModeManager.mode == BrowsingMode.Normal && */ state.showSessionSuggestionsForCurrentEngine) { getFilterForCurrentEngineResults(state)?.let { providersToAdd.add(getLocalTabsProvider(it)) } View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/5e9deb4… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/5e9deb4… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.4.0esr-14.0-1] fixup! Bug 30237: Add v3 onion services client authentication prompt
by morgan (＠morgan) 29 Oct '24

29 Oct '24

morgan pushed to branch tor-browser-128.4.0esr-14.0-1 at The Tor Project / Applications / Tor Browser Commits: 0e310e03 by Henry Wilkes at 2024-10-29T21:43:51+00:00 fixup! Bug 30237: Add v3 onion services client authentication prompt Bug 43262: The deleteAll command was attached to the wrong button. - - - - - 1 changed file: - browser/components/onionservices/content/savedKeysDialog.js Changes: ===================================== browser/components/onionservices/content/savedKeysDialog.js ===================================== @@ -84,7 +84,7 @@ var gOnionServicesSavedKeysDialog = { this._removeAllButton = document.getElementById( "onionservices-savedkeys-removeall" ); - this._removeButton.addEventListener("click", () => { + this._removeAllButton.addEventListener("click", () => { this._deleteAllKeys(); }); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/0e310e0… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/0e310e0… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.4.0esr-14.5-1] fixup! Bug 30237: Add v3 onion services client authentication prompt
by morgan (＠morgan) 29 Oct '24

29 Oct '24

morgan pushed to branch tor-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: 63c0cb73 by Henry Wilkes at 2024-10-29T21:40:39+00:00 fixup! Bug 30237: Add v3 onion services client authentication prompt Bug 43262: The deleteAll command was attached to the wrong button. - - - - - 1 changed file: - browser/components/onionservices/content/savedKeysDialog.js Changes: ===================================== browser/components/onionservices/content/savedKeysDialog.js ===================================== @@ -84,7 +84,7 @@ var gOnionServicesSavedKeysDialog = { this._removeAllButton = document.getElementById( "onionservices-savedkeys-removeall" ); - this._removeButton.addEventListener("click", () => { + this._removeAllButton.addEventListener("click", () => { this._deleteAllKeys(); }); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/63c0cb7… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/63c0cb7… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.4.0esr-14.5-1] fixup! Adding issue and merge request templates
by morgan (＠morgan) 29 Oct '24

29 Oct '24

morgan pushed to branch tor-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: 35ef7d82 by Henry Wilkes at 2024-10-29T21:24:47+00:00 fixup! Adding issue and merge request templates Bug 43262: Update QA desktop checklist to include testing saved keys and their preferences. - - - - - 1 changed file: - .gitlab/issue_templates/QA - Desktop.md Changes: ===================================== .gitlab/issue_templates/QA - Desktop.md ===================================== @@ -135,6 +135,10 @@ Manual QA test check-list for major desktop releases. Please copy/paste form int - [ ] Onion-Location pill - [ ] Client authentication - You can create an ephemeral client-auth onion-service using [onion share](https://onionshare.org) + - [ ] Remember key option saves the key between sessions. + - [ ] Saved keys are viewable in preferences (privacy). + - [ ] Can remove individual keys. + - [ ] Can remove all keys at once. - [ ] Onion service errors - [ ] invalid onion: http://invalid.onion - [ ] onion offline: http://wfdn32ds656ycma5gvrh7duvdvxbg2ygzr3no3ijsya25qm6nnko4iqd.onion/ View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/35ef7d8… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/35ef7d8… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Update release prep issue templates (Tor Browser Legacy)
by morgan (＠morgan) 29 Oct '24

29 Oct '24

morgan pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 344327b6 by Nicolas Vigier at 2024-10-29T21:19:49+00:00 Update release prep issue templates (Tor Browser Legacy) Add missing step when manually deploying update responses for legacy-only release. - - - - - 1 changed file: - .gitlab/issue_templates/Release Prep - Tor Browser Legacy.md Changes: ===================================== .gitlab/issue_templates/Release Prep - Tor Browser Legacy.md ===================================== @@ -251,6 +251,22 @@ popd ```bash make torbrowser-update_responses-release ``` + - [ ] Commit new update responses to tor-browser-update-responses.git: + - [ ] Run: + ```bash + updaterespdir=/path/to/tor-browser-update-responses.git + cp torbrowser/release/update-responses/update-responses-release-${TOR_BROWSER_VERSION}.tar "$updaterespdir" + cd "$updaterespdir" + git pull + rm -Rf update_3/release + tar -C update_3 update-responses-release-${TOR_BROWSER_VERSION}.tar + rm update-responses-release-${TOR_BROWSER_VERSION}.tar + git add update_3/release + git commit -m "release: new version, ${TOR_BROWSER_VERSION}" + git push + # print the commit hash and copy past it for the next step + git show -s --format=%H + ``` - On `staticiforme.torproject.org`, deploy new update responses: - **NOTE**: for now this is a bit janky, we should somehow update the workflow to be a bit less hacky - [ ] Edit an existing `deploy_update_responses-release.sh` script in your `HOME` directory with the newly pushed commit hash View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/3… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/3… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.4.0esr-14.5-1] fixup! [android] Modify UI/UX
by morgan (＠morgan) 29 Oct '24

29 Oct '24

morgan pushed to branch tor-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: 474dd858 by cypherpunks1 at 2024-10-29T21:13:24+00:00 fixup! [android] Modify UI/UX Bug 43241: Improve hiding non-private tab features on Android - - - - - 3 changed files: - mobile/android/fenix/app/src/main/java/org/mozilla/fenix/components/toolbar/DefaultToolbarMenu.kt - mobile/android/fenix/app/src/main/java/org/mozilla/fenix/home/HomeMenu.kt - mobile/android/fenix/app/src/main/java/org/mozilla/fenix/settings/SettingsFragment.kt Changes: ===================================== mobile/android/fenix/app/src/main/java/org/mozilla/fenix/components/toolbar/DefaultToolbarMenu.kt ===================================== @@ -218,13 +218,13 @@ open class DefaultToolbarMenu( onItemTapped.invoke(ToolbarMenu.Item.NewTorCircuit) } - //private val historyItem = BrowserMenuImageText( - // context.getString(R.string.library_history), - // R.drawable.ic_history, - // primaryTextColor() - //) { - // onItemTapped.invoke(ToolbarMenu.Item.History) - //} + private val historyItem = BrowserMenuImageText( + context.getString(R.string.library_history), + R.drawable.ic_history, + primaryTextColor(), + ) { + onItemTapped.invoke(ToolbarMenu.Item.History) + } private val downloadsItem = BrowserMenuImageText( context.getString(R.string.library_downloads), @@ -419,7 +419,7 @@ open class DefaultToolbarMenu( newCircuitItem, BrowserMenuDivider(), bookmarksItem, - //historyItem, + if (context.settings().shouldDisableNormalMode) null else historyItem, downloadsItem, passwordsItem, extensionsItem, ===================================== mobile/android/fenix/app/src/main/java/org/mozilla/fenix/home/HomeMenu.kt ===================================== @@ -131,13 +131,13 @@ class HomeMenu( onItemTapped.invoke(Item.Bookmarks) } - // val historyItem = BrowserMenuImageText( - // context.getString(R.string.library_history), - // R.drawable.ic_history, - // primaryTextColor, - // ) { - // onItemTapped.invoke(Item.History) - // } + val historyItem = BrowserMenuImageText( + context.getString(R.string.library_history), + R.drawable.ic_history, + primaryTextColor, + ) { + onItemTapped.invoke(Item.History) + } val downloadsItem = BrowserMenuImageText( context.getString(R.string.library_downloads), @@ -228,7 +228,7 @@ class HomeMenu( val menuItems = listOfNotNull( bookmarksItem, - //historyItem, + if (context.settings().shouldDisableNormalMode) null else historyItem, downloadsItem, passwordsItem, // extensionsItem, ===================================== mobile/android/fenix/app/src/main/java/org/mozilla/fenix/settings/SettingsFragment.kt ===================================== @@ -251,9 +251,11 @@ class SettingsFragment : PreferenceFragmentCompat() { getString(R.string.delete_browsing_data_quit_off) } - val tabSettingsPreference = - requirePreference<Preference>(R.string.pref_key_tabs) - tabSettingsPreference.summary = context?.settings()?.getTabTimeoutString() + if (!settings.shouldDisableNormalMode) { + val tabSettingsPreference = + requirePreference<Preference>(R.string.pref_key_tabs) + tabSettingsPreference.summary = context?.settings()?.getTabTimeoutString() + } // val autofillPreference = requirePreference<Preference>(R.string.pref_key_credit_cards) // autofillPreference.title = if (settings.addressFeature) { View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/474dd85… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/474dd85… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.4.0esr-14.5-1] 3 commits: fixup! Bug 16940: After update, load local change notes.
by morgan (＠morgan) 29 Oct '24

29 Oct '24

morgan pushed to branch tor-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: 6d2b4add by Henry Wilkes at 2024-10-29T21:02:40+00:00 fixup! Bug 16940: After update, load local change notes. Bug 42186: Revert the entire commit. - - - - - 201d50e6 by Henry Wilkes at 2024-10-29T21:02:40+00:00 fixup! Add TorStrings module for localization Bug 42186: Drop about:tbupdate. - - - - - b4b207fa by Henry Wilkes at 2024-10-29T21:02:40+00:00 fixup! Bug 7494: Create local home page for TBB. Bug 42186: Move override page logic to about:tor commit. - - - - - 15 changed files: - − browser/actors/AboutTBUpdateChild.sys.mjs - − browser/actors/AboutTBUpdateParent.sys.mjs - browser/actors/moz.build - − browser/base/content/abouttbupdate/aboutTBUpdate.css - − browser/base/content/abouttbupdate/aboutTBUpdate.js - − browser/base/content/abouttbupdate/aboutTBUpdate.xhtml - browser/base/content/browser.js - browser/base/jar.mn - browser/components/BrowserContentHandler.sys.mjs - browser/components/BrowserGlue.sys.mjs - browser/components/about/AboutRedirector.cpp - browser/components/about/components.conf - toolkit/modules/RemotePageAccessManager.sys.mjs - − toolkit/torbutton/chrome/locale/en-US/aboutTBUpdate.dtd - toolkit/torbutton/jar.mn Changes: ===================================== browser/actors/AboutTBUpdateChild.sys.mjs deleted ===================================== @@ -1,8 +0,0 @@ -// Copyright (c) 2020, The Tor Project, Inc. -// See LICENSE for licensing information. -// -// vim: set sw=2 sts=2 ts=8 et syntax=javascript: - -import { RemotePageChild } from "resource://gre/actors/RemotePageChild.sys.mjs"; - -export class AboutTBUpdateChild extends RemotePageChild {} ===================================== browser/actors/AboutTBUpdateParent.sys.mjs deleted ===================================== @@ -1,128 +0,0 @@ -// Copyright (c) 2020, The Tor Project, Inc. -// See LICENSE for licensing information. -// -// vim: set sw=2 sts=2 ts=8 et syntax=javascript: - -import { AppConstants } from "resource://gre/modules/AppConstants.sys.mjs"; - -const kRequestUpdateMessageName = "FetchUpdateData"; - -/** - * This code provides services to the about:tbupdate page. Whenever - * about:tbupdate needs to do something chrome-privileged, it sends a - * message that's handled here. It is modeled after Mozilla's about:home - * implementation. - */ -export class AboutTBUpdateParent extends JSWindowActorParent { - async receiveMessage(aMessage) { - if (aMessage.name == kRequestUpdateMessageName) { - return this.getReleaseNoteInfo(); - } - return undefined; - } - - get moreInfoURL() { - try { - return Services.prefs.getCharPref("torbrowser.post_update.url"); - } catch (e) {} - - // Use the default URL as a fallback. - return Services.urlFormatter.formatURLPref("startup.homepage_override_url"); - } - - // Read the text from the beginning of the changelog file that is located - // at TorBrowser/Docs/ChangeLog.txt (or, - // TorBrowser.app/Contents/Resources/TorBrowser/Docs/ on macOS, to support - // Gatekeeper signing) and return an object that contains the following - // properties: - // version e.g., Tor Browser 8.5 - // releaseDate e.g., March 31 2019 - // releaseNotes details of changes (lines 2 - end of ChangeLog.txt) - // We attempt to parse the first line of ChangeLog.txt to extract the - // version and releaseDate. If parsing fails, we return the entire first - // line in version and omit releaseDate. - async getReleaseNoteInfo() { - let info = { moreInfoURL: this.moreInfoURL }; - - try { - // "XREExeF".parent is the directory that contains firefox, i.e., - // Browser/ or, TorBrowser.app/Contents/MacOS/ on macOS. - let f = Services.dirsvc.get("XREExeF", Ci.nsIFile).parent; - if (AppConstants.platform === "macosx") { - f = f.parent; - f.append("Resources"); - } - f.append("TorBrowser"); - f.append("Docs"); - f.append("ChangeLog.txt"); - - // NOTE: We load in the entire file, but only use the first few lines - // before the first blank line. - const logLines = (await IOUtils.readUTF8(f.path)) - .replace(/\n\r?\n.*/ms, "") - .split(/\n\r?/); - - // Read the first line to get the version and date. - // Assume everything after the last "-" is the date. - const firstLine = logLines.shift(); - const match = firstLine?.match(/(.*)-+(.*)/); - if (match) { - info.version = match[1].trim(); - info.releaseDate = match[2].trim(); - } else { - // No date. - info.version = firstLine?.trim(); - } - - // We want to read the rest of the release notes as a tree. Each entry - // will contain the text for that line. - // We choose a negative index for the top node of this tree to ensure no - // line will appear less indented. - const topEntry = { indent: -1, children: undefined }; - let prevEntry = topEntry; - - for (let line of logLines) { - const indent = line.match(/^ */)[0]; - line = line.trim(); - if (line.startsWith("*")) { - // Treat as a bullet point. - let entry = { - text: line.replace(/^\*\s/, ""), - indent: indent.length, - }; - let parentEntry; - if (entry.indent > prevEntry.indent) { - // A sub-list of the previous item. - prevEntry.children = []; - parentEntry = prevEntry; - } else { - // Same list or end of sub-list. - // Search for the first parent whose indent comes before ours. - parentEntry = prevEntry.parent; - while (entry.indent <= parentEntry.indent) { - parentEntry = parentEntry.parent; - } - } - entry.parent = parentEntry; - parentEntry.children.push(entry); - prevEntry = entry; - } else if (prevEntry === topEntry) { - // Unexpected, missing bullet point on first line. - // Place as its own bullet point instead, and set as prevEntry for the - // next loop. - prevEntry = { text: line, indent: indent.length, parent: topEntry }; - topEntry.children = [prevEntry]; - } else { - // Append to the previous bullet point. - prevEntry.text += ` ${line}`; - } - } - - info.releaseNotes = topEntry.children; - } catch (e) { - console.error(e); - } - - return info; - } -} ===================================== browser/actors/moz.build ===================================== @@ -90,9 +90,3 @@ FINAL_TARGET_FILES.actors += [ BROWSER_CHROME_MANIFESTS += [ "test/browser/browser.toml", ] - -if CONFIG["BASE_BROWSER_UPDATE"]: - FINAL_TARGET_FILES.actors += [ - "AboutTBUpdateChild.sys.mjs", - "AboutTBUpdateParent.sys.mjs", - ] ===================================== browser/base/content/abouttbupdate/aboutTBUpdate.css deleted ===================================== @@ -1,70 +0,0 @@ -/* - * Copyright (c) 2019, The Tor Project, Inc. - * See LICENSE for licensing information. - * - * vim: set sw=2 sts=2 ts=8 et syntax=css: - */ - -:root { - --abouttor-text-color: white; - --abouttor-bg-toron-color: #420C5D; -} - -body { - font-family: Helvetica, Arial, sans-serif; - color: var(--abouttor-text-color); - background-color: var(--abouttor-bg-toron-color); - margin-block: 40px; - margin-inline: 50px; - display: grid; - grid-template-columns: auto auto; - align-items: baseline; - gap: 40px 50px; -} - -body > *:not([hidden]) { - display: contents; -} - -.label-column { - grid-column: 1; -} - -.content { - grid-column: 2; -} - -.content.en-US-content { - font-family: monospace; - line-height: 1.4; -} - -.label-column, .content { - margin: 0; - padding: 0; - font-size: 1rem; - font-weight: normal; -} - -a { - color: inherit; -} - -.no-line-break { - white-space: nowrap; -} - -ul { - padding-inline: 1em 0; -} - -h3, h4 { - font-size: 1.1rem; - font-weight: bold; -} - -h3.build-system-heading { - font-size: 1.5rem; - font-weight: normal; - margin-block-start: 3em; -} ===================================== browser/base/content/abouttbupdate/aboutTBUpdate.js deleted ===================================== @@ -1,110 +0,0 @@ -// Copyright (c) 2020, The Tor Project, Inc. -// See LICENSE for licensing information. -// -// vim: set sw=2 sts=2 ts=8 et syntax=javascript: - -/* eslint-env mozilla/remote-page */ - -/** - * An object representing a bullet point in the release notes. - * - * typedef {Object} ReleaseBullet - * @property {string} text - The text for this bullet point. - * @property {?Array<ReleaseBullet>} children - A sub-list of bullet points. - */ - -/** - * Fill an element with the given list of release bullet points. - * - * @param {Element} container - The element to fill with bullet points. - * @param {Array<ReleaseBullet>} bulletPoints - The list of bullet points. - * @param {string} [childTag="h3"] - The element tag name to use for direct - * children. Initially, the children are h3 sub-headings. - */ -function fillReleaseNotes(container, bulletPoints, childTag = "h3") { - for (const { text, children } of bulletPoints) { - const childEl = document.createElement(childTag); - // Keep dashes like "[tor-browser]" on the same line by nowrapping the word. - for (const [index, part] of text.split(/(\S+-\S+)/).entries()) { - if (!part) { - continue; - } - const span = document.createElement("span"); - span.textContent = part; - span.classList.toggle("no-line-break", index % 2); - childEl.appendChild(span); - } - container.appendChild(childEl); - if (children) { - if (childTag == "h3" && text.toLowerCase() === "build system") { - // Special case: treat the "Build System" heading's children as - // sub-headings. - childEl.classList.add("build-system-heading"); - fillReleaseNotes(container, children, "h4"); - } else { - const listEl = document.createElement("ul"); - fillReleaseNotes(listEl, children, "li"); - if (childTag == "li") { - // Insert within the "li" element. - childEl.appendChild(listEl); - } else { - container.appendChild(listEl); - } - } - } - } -} - -/** - * Set the content for the specified container, or hide it if we have no - * content. - * - * @template C - * @param {string} containerId - The id for the container. - * @param {?C} content - The content for this container, or a falsey value if - * the container has no content. - * @param {function(contentEl: Elemenet, content: C)} [fillContent] - A function - * to fill the ".content" contentEl with the given 'content'. If unspecified, - * the 'content' will become the contentEl's textContent. - */ -function setContent(containerId, content, fillContent) { - const container = document.getElementById(containerId); - if (!content) { - container.hidden = true; - return; - } - const contentEl = container.querySelector(".content"); - // Release notes are only in English. - contentEl.setAttribute("lang", "en-US"); - contentEl.setAttribute("dir", "ltr"); - contentEl.classList.add("en-US-content"); - if (fillContent) { - fillContent(contentEl, content); - } else { - contentEl.textContent = content; - } -} - -/** - * Callback when we receive the update details. - * - * @param {Object} aData - The update details. - * @param {?string} aData.version - The update version. - * @param {?string} aData.releaseDate - The release date. - * @param {?string} aData.moreInfoURL - A URL for more info. - * @param {?Array<ReleaseBullet>} aData.releaseNotes - Release notes as bullet - * points. - */ -function onUpdate(aData) { - setContent("version-row", aData.version); - setContent("releasedate-row", aData.releaseDate); - setContent("releasenotes", aData.releaseNotes, fillReleaseNotes); - - if (aData.moreInfoURL) { - document.getElementById("infolink").setAttribute("href", aData.moreInfoURL); - } else { - document.getElementById("fullinfo").hidden = true; - } -} - -RPMSendQuery("FetchUpdateData").then(onUpdate); ===================================== browser/base/content/abouttbupdate/aboutTBUpdate.xhtml deleted ===================================== @@ -1,52 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> - -<!DOCTYPE html [ <!ENTITY % htmlDTD PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "DTD/xhtml1-strict.dtd"> -%htmlDTD; -<!ENTITY % tbUpdateDTD SYSTEM "chrome://browser/locale/aboutTBUpdate.dtd"> -%tbUpdateDTD; ]> - -<html xmlns="http://www.w3.org/1999/xhtml"> - <head> - <meta - http-equiv="Content-Security-Policy" - content="default-src chrome:; object-src 'none'" - /> - <title>&aboutTBUpdate.changelogTitle;</title> - <link - rel="stylesheet" - type="text/css" - href="chrome://browser/content/abouttbupdate/aboutTBUpdate.css" - /> - <script - src="chrome://browser/content/abouttbupdate/aboutTBUpdate.js" - type="text/javascript" - /> -  - <link rel="localization" href="branding/brand.ftl" /> - </head> - <body> -  - <div id="version-row"> - <span class="label-column">&aboutTBUpdate.version;</span> - <span class="content"></span> - </div> - <div id="releasedate-row"> - <span class="label-column">&aboutTBUpdate.releaseDate;</span> - <span class="content"></span> - </div> - <div id="fullinfo"> - <p class="content"> - &aboutTBUpdate.linkPrefix;<a id="infolink">&aboutTBUpdate.linkLabel;</a - >&aboutTBUpdate.linkSuffix; - </p> - </div> - <section id="releasenotes"> - <h2 class="label-column">&aboutTBUpdate.releaseNotes;</h2> - <div class="content"></div> - </section> - </body> -</html> ===================================== browser/base/content/browser.js ===================================== @@ -771,10 +771,6 @@ if (Services.prefs.getBoolPref("browser.profiles.enabled")) { gInitialPages.push("about:profilemanager"); } -if (AppConstants.BASE_BROWSER_UPDATE) { - gInitialPages.push("about:tbupdate"); -} - function isInitialPage(url) { if (!(url instanceof Ci.nsIURI)) { try { ===================================== browser/base/jar.mn ===================================== @@ -33,11 +33,6 @@ browser.jar: content/browser/aboutTabCrashed.css (content/aboutTabCrashed.css) content/browser/aboutTabCrashed.js (content/aboutTabCrashed.js) content/browser/aboutTabCrashed.xhtml (content/aboutTabCrashed.xhtml) -#ifdef BASE_BROWSER_UPDATE - content/browser/abouttbupdate/aboutTBUpdate.xhtml (content/abouttbupdate/aboutTBUpdate.xhtml) - content/browser/abouttbupdate/aboutTBUpdate.js (content/abouttbupdate/aboutTBUpdate.js) - content/browser/abouttbupdate/aboutTBUpdate.css (content/abouttbupdate/aboutTBUpdate.css) -#endif content/browser/blanktab.html (content/blanktab.html) content/browser/browser.css (content/browser.css) content/browser/browser.js (content/browser.js) ===================================== browser/components/BrowserContentHandler.sys.mjs ===================================== @@ -783,16 +783,6 @@ nsBrowserContentHandler.prototype = { // into account because that requires waiting for the session file // to be read. If a crash occurs after updating, before restarting, // we may open the startPage in addition to restoring the session. - // - // Tor Browser: Instead of opening the post-update "override page" - // directly, we ensure that about:tor will be opened in a special - // mode that notifies the user that their browser was updated. - // The about:tor page will provide a link to the override page - // where the user can learn more about the update, as well as a - // link to the Tor Browser changelog page (about:tbupdate). The - // override page URL comes from the openURL attribute within the - // updates.xml file or, if no showURL action is present, from the - // startup.homepage_override_url pref. willRestoreSession = lazy.SessionStartup.isAutomaticRestoreEnabled(); @@ -887,6 +877,13 @@ nsBrowserContentHandler.prototype = { old_forkVersion ); if (overridePage && AppConstants.BASE_BROWSER_UPDATE) { + // Tor Browser: Instead of opening the post-update "override page" + // directly, we ensure that about:tor will be opened, which should + // notify the user that their browser was updated. + // + // The overridePage comes from the openURL attribute within the + // updates.xml file or, if no showURL action is present, from the + // startup.homepage_override_url pref. Services.prefs.setCharPref( "torbrowser.post_update.url", overridePage ===================================== browser/components/BrowserGlue.sys.mjs ===================================== @@ -1022,21 +1022,6 @@ let JSWINDOWACTORS = { }, }; -if (AppConstants.BASE_BROWSER_UPDATE) { - JSWINDOWACTORS.AboutTBUpdate = { - parent: { - esModuleURI: "resource:///actors/AboutTBUpdateParent.sys.mjs", - }, - child: { - esModuleURI: "resource:///actors/AboutTBUpdateChild.sys.mjs", - events: { - DOMWindowCreated: { capture: true }, - }, - }, - matches: ["about:tbupdate"], - }; -} - ChromeUtils.defineLazyGetter( lazy, "WeaveService", ===================================== browser/components/about/AboutRedirector.cpp ===================================== @@ -166,13 +166,6 @@ static const RedirEntry kRedirMap[] = { nsIAboutModule::URI_MUST_LOAD_IN_CHILD | nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::URI_CAN_LOAD_IN_PRIVILEGEDABOUT_PROCESS | nsIAboutModule::HIDE_FROM_ABOUTABOUT}, -#ifdef BASE_BROWSER_UPDATE - {"tbupdate", "chrome://browser/content/abouttbupdate/aboutTBUpdate.xhtml", - nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | - nsIAboutModule::URI_MUST_LOAD_IN_CHILD | nsIAboutModule::ALLOW_SCRIPT | - nsIAboutModule::HIDE_FROM_ABOUTABOUT | - nsIAboutModule::IS_SECURE_CHROME_UI}, -#endif // The correct URI must be obtained by GetManualChromeURI {"manual", "about:blank", nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | ===================================== browser/components/about/components.conf ===================================== @@ -35,9 +35,6 @@ pages = [ 'welcomeback', ] -if defined('BASE_BROWSER_UPDATE'): - pages.append('tbupdate') - Classes = [ { 'cid': '{7e4bb6ad-2fc4-4dc6-89ef-23e8e5ccf980}', ===================================== toolkit/modules/RemotePageAccessManager.sys.mjs ===================================== @@ -237,9 +237,6 @@ export let RemotePageAccessManager = { RPMAddMessageListener: ["*"], RPMRemoveMessageListener: ["*"], }, - "about:tbupdate": { - RPMSendQuery: ["FetchUpdateData"], - }, "about:torconnect": { RPMAddMessageListener: [ "torconnect:state-change", ===================================== toolkit/torbutton/chrome/locale/en-US/aboutTBUpdate.dtd deleted ===================================== @@ -1,18 +0,0 @@ - - -<!ENTITY aboutTBUpdate.changelogTitle "Tor Browser Changelog"> -<!ENTITY aboutTBUpdate.version "Version"> -<!ENTITY aboutTBUpdate.releaseDate "Release Date"> -<!ENTITY aboutTBUpdate.releaseNotes "Release Notes"> - -<!ENTITY aboutTBUpdate.linkPrefix "For the most up-to-date information about this release, "> -<!ENTITY aboutTBUpdate.linkLabel "visit our website"> -<!ENTITY aboutTBUpdate.linkSuffix "."> ===================================== toolkit/torbutton/jar.mn ===================================== @@ -7,8 +7,5 @@ torbutton.jar: # browser branding % override chrome://branding/locale/brand.properties chrome://torbutton/locale/brand.properties -# Strings for the about:tbupdate page -% override chrome://browser/locale/aboutTBUpdate.dtd chrome://torbutton/locale/aboutTBUpdate.dtd - % locale torbutton en-US %locale/en-US/ locale/en-US/ (chrome/locale/en-US/*) View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/50cede… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/50cede… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-128.4.0esr-14.5-1] Bug 42739: Use the brand name for profile error messages.
by morgan (＠morgan) 29 Oct '24

29 Oct '24

morgan pushed to branch base-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: b64a2539 by Henry Wilkes at 2024-10-29T20:48:07+00:00 Bug 42739: Use the brand name for profile error messages. Some messages in profileSelection.properties use gAppData->name as variable inputs. However, gAppData->name is still "Firefox" for our base-browser builds, rather than the user-facing browser name. We swap these instances with the displayed brand name instead. - - - - - 2 changed files: - toolkit/xre/ProfileReset.cpp - toolkit/xre/nsAppRunner.cpp Changes: ===================================== toolkit/xre/ProfileReset.cpp ===================================== @@ -23,8 +23,8 @@ using namespace mozilla; -extern const XREAppData* gAppData; - +static const char kBrandProperties[] = + "chrome://branding/locale/brand.properties"; static const char kProfileProperties[] = "chrome://mozapps/locale/profile/profileSelection.properties"; @@ -49,12 +49,21 @@ nsresult ProfileResetCleanup(nsToolkitProfileService* aService, mozilla::components::StringBundle::Service(); if (!sbs) return NS_ERROR_FAILURE; + nsCOMPtr<nsIStringBundle> brandBundle; + Unused << sbs->CreateBundle(kBrandProperties, getter_AddRefs(brandBundle)); + if (!brandBundle) return NS_ERROR_FAILURE; + nsCOMPtr<nsIStringBundle> sb; Unused << sbs->CreateBundle(kProfileProperties, getter_AddRefs(sb)); if (!sb) return NS_ERROR_FAILURE; - NS_ConvertUTF8toUTF16 appName(gAppData->name); - AutoTArray<nsString, 2> params = {appName, appName}; + nsAutoString appName; + rv = brandBundle->GetStringFromName("brandShortName", appName); + if (NS_FAILED(rv)) return rv; + + AutoTArray<nsString, 2> params; + params.AppendElement(appName); + params.AppendElement(appName); nsAutoString resetBackupDirectoryName; ===================================== toolkit/xre/nsAppRunner.cpp ===================================== @@ -2597,6 +2597,8 @@ nsresult LaunchChild(bool aBlankCommandLine, bool aTryExec) { return NS_ERROR_LAUNCHED_CHILD_PROCESS; } +static const char kBrandProperties[] = + "chrome://branding/locale/brand.properties"; static const char kProfileProperties[] = "chrome://mozapps/locale/profile/profileSelection.properties"; @@ -2666,12 +2668,20 @@ static nsresult ProfileMissingDialog(nsINativeAppSupport* aNative) { mozilla::components::StringBundle::Service(); NS_ENSURE_TRUE(sbs, NS_ERROR_FAILURE); + nsCOMPtr<nsIStringBundle> brandBundle; + sbs->CreateBundle(kBrandProperties, getter_AddRefs(brandBundle)); + NS_ENSURE_TRUE_LOG(sbs, NS_ERROR_FAILURE); nsCOMPtr<nsIStringBundle> sb; sbs->CreateBundle(kProfileProperties, getter_AddRefs(sb)); NS_ENSURE_TRUE_LOG(sbs, NS_ERROR_FAILURE); - NS_ConvertUTF8toUTF16 appName(gAppData->name); - AutoTArray<nsString, 2> params = {appName, appName}; + nsAutoString appName; + rv = brandBundle->GetStringFromName("brandShortName", appName); + NS_ENSURE_SUCCESS(rv, NS_ERROR_ABORT); + + AutoTArray<nsString, 2> params; + params.AppendElement(appName); + params.AppendElement(appName); // profileMissing nsAutoString missingMessage; @@ -2733,12 +2743,21 @@ static ReturnAbortOnError ProfileLockedDialog(nsIFile* aProfileDir, mozilla::components::StringBundle::Service(); NS_ENSURE_TRUE(sbs, NS_ERROR_FAILURE); + nsCOMPtr<nsIStringBundle> brandBundle; + sbs->CreateBundle(kBrandProperties, getter_AddRefs(brandBundle)); + NS_ENSURE_TRUE_LOG(sbs, NS_ERROR_FAILURE); nsCOMPtr<nsIStringBundle> sb; sbs->CreateBundle(kProfileProperties, getter_AddRefs(sb)); NS_ENSURE_TRUE_LOG(sbs, NS_ERROR_FAILURE); - NS_ConvertUTF8toUTF16 appName(gAppData->name); - AutoTArray<nsString, 3> params = {appName, appName, appName}; + nsAutoString appName; + rv = brandBundle->GetStringFromName("brandShortName", appName); + NS_ENSURE_SUCCESS(rv, NS_ERROR_ABORT); + + AutoTArray<nsString, 3> params; + params.AppendElement(appName); + params.AppendElement(appName); + params.AppendElement(appName); nsAutoString killMessage; #ifndef XP_MACOSX View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/b64a253… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/b64a253… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.4.0esr-14.5-1] 3 commits: fixup! Bug 14631: Improve profile access error messages.
by morgan (＠morgan) 29 Oct '24

29 Oct '24

morgan pushed to branch tor-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: 1f0bfac8 by Henry Wilkes at 2024-10-29T20:11:45+00:00 fixup! Bug 14631: Improve profile access error messages. Bug 42739: Revert patch for "Improve profile access error messages." - - - - - 8cef0b28 by Henry Wilkes at 2024-10-29T20:11:45+00:00 fixup! Add TorStrings module for localization Bug 42739: Drop profile access error strings. - - - - - 50cede2a by Henry Wilkes at 2024-10-29T20:11:45+00:00 Bug 42739: Use the brand name for profile error messages. Some messages in profileSelection.properties use gAppData->name as variable inputs. However, gAppData->name is still "Firefox" for our base-browser builds, rather than the user-facing browser name. We swap these instances with the displayed brand name instead. - - - - - 6 changed files: - toolkit/locales/en-US/chrome/mozapps/profile/profileSelection.properties - toolkit/profile/nsToolkitProfileService.cpp - toolkit/profile/nsToolkitProfileService.h - − toolkit/torbutton/chrome/locale/en-US/torbutton.properties - toolkit/xre/ProfileReset.cpp - toolkit/xre/nsAppRunner.cpp Changes: ===================================== toolkit/locales/en-US/chrome/mozapps/profile/profileSelection.properties ===================================== @@ -12,11 +12,6 @@ restartMessageUnlocker=%S is already running, but is not responding. The old %S restartMessageNoUnlockerMac=A copy of %S is already open. Only one copy of %S can be open at a time. restartMessageUnlockerMac=A copy of %S is already open. The running copy of %S will quit in order to open this one. -# LOCALIZATION NOTE (profileProblemTitle, profileReadOnly, profileReadOnlyMac, profileAccessDenied): Messages displayed when the browser profile cannot be accessed or written to. %S is the application name. -profileProblemTitle=%S Profile Problem -profileReadOnly=You cannot run %S from a read-only file system. Please copy %S to another location before trying to use it. -profileReadOnlyMac=You cannot run %S from a read-only file system. Please copy %S to your Desktop or Applications folder before trying to use it. -profileAccessDenied=%S does not have permission to access the profile. Please adjust your file system permissions and try again. # Profile manager # LOCALIZATION NOTE (profileTooltip): First %S is the profile name, second %S is the path to the profile folder. profileTooltip=Profile: ‘%S’ — Path: ‘%S’ ===================================== toolkit/profile/nsToolkitProfileService.cpp ===================================== @@ -1261,10 +1261,9 @@ nsToolkitProfileService::SelectStartupProfile( } bool wasDefault; - ProfileStatus profileStatus; nsresult rv = SelectStartupProfile(&argc, argv.get(), aIsResetting, aRootDir, aLocalDir, - aProfile, aDidCreate, &wasDefault, profileStatus); + aProfile, aDidCreate, &wasDefault); // Since we were called outside of the normal startup path complete any // startup tasks. @@ -1299,8 +1298,7 @@ static void SaltProfileName(nsACString& aName); nsresult nsToolkitProfileService::SelectStartupProfile( int* aArgc, char* aArgv[], bool aIsResetting, nsIFile** aRootDir, nsIFile** aLocalDir, nsIToolkitProfile** aProfile, bool* aDidCreate, - bool* aWasDefaultSelection, ProfileStatus& aProfileStatus) { - aProfileStatus = PROFILE_STATUS_OK; + bool* aWasDefaultSelection) { if (mStartupProfileSelected) { return NS_ERROR_ALREADY_INITIALIZED; } @@ -1393,13 +1391,6 @@ nsresult nsToolkitProfileService::SelectStartupProfile( rv = XRE_GetFileFromPath(arg, getter_AddRefs(lf)); NS_ENSURE_SUCCESS(rv, rv); - aProfileStatus = CheckProfileWriteAccess(lf); - if (PROFILE_STATUS_OK != aProfileStatus) { - NS_ADDREF(*aRootDir = lf); - NS_ADDREF(*aLocalDir = lf); - return NS_ERROR_FAILURE; - } - // Make sure that the profile path exists and it's a directory. bool exists; rv = lf->Exists(&exists); @@ -2259,47 +2250,3 @@ nsresult XRE_GetFileFromPath(const char* aPath, nsIFile** aResult) { # error Platform-specific logic needed here. #endif } - -// Check for write permission to the profile directory by trying to create a -// new file (after ensuring that no file with the same name exists). -ProfileStatus nsToolkitProfileService::CheckProfileWriteAccess( - nsIFile* aProfileDir) { -#if defined(XP_UNIX) - constexpr auto writeTestFileName = u".parentwritetest"_ns; -#else - constexpr auto writeTestFileName = u"parent.writetest"_ns; -#endif - - nsCOMPtr<nsIFile> writeTestFile; - nsresult rv = aProfileDir->Clone(getter_AddRefs(writeTestFile)); - if (NS_SUCCEEDED(rv)) rv = writeTestFile->Append(writeTestFileName); - - if (NS_SUCCEEDED(rv)) { - bool doesExist = false; - rv = writeTestFile->Exists(&doesExist); - if (NS_SUCCEEDED(rv) && doesExist) rv = writeTestFile->Remove(true); - } - - if (NS_SUCCEEDED(rv)) { - rv = writeTestFile->Create(nsIFile::NORMAL_FILE_TYPE, 0666); - (void)writeTestFile->Remove(true); - } - - ProfileStatus status = - NS_SUCCEEDED(rv) ? PROFILE_STATUS_OK : PROFILE_STATUS_OTHER_ERROR; - if (NS_ERROR_FILE_ACCESS_DENIED == rv) - status = PROFILE_STATUS_ACCESS_DENIED; - else if (NS_ERROR_FILE_READ_ONLY == rv) - status = PROFILE_STATUS_READ_ONLY; - - return status; -} - -ProfileStatus nsToolkitProfileService::CheckProfileWriteAccess( - nsIToolkitProfile* aProfile) { - nsCOMPtr<nsIFile> profileDir; - nsresult rv = aProfile->GetRootDir(getter_AddRefs(profileDir)); - if (NS_FAILED(rv)) return PROFILE_STATUS_OTHER_ERROR; - - return CheckProfileWriteAccess(profileDir); -} ===================================== toolkit/profile/nsToolkitProfileService.h ===================================== @@ -17,14 +17,6 @@ #include "nsProfileLock.h" #include "nsINIParser.h" -enum ProfileStatus { - PROFILE_STATUS_OK, - PROFILE_STATUS_ACCESS_DENIED, - PROFILE_STATUS_READ_ONLY, - PROFILE_STATUS_IS_LOCKED, - PROFILE_STATUS_OTHER_ERROR -}; - class nsToolkitProfile final : public nsIToolkitProfile, public mozilla::LinkedListElement<RefPtr<nsToolkitProfile>> { @@ -81,13 +73,10 @@ class nsToolkitProfileService final : public nsIToolkitProfileService { nsresult SelectStartupProfile(int* aArgc, char* aArgv[], bool aIsResetting, nsIFile** aRootDir, nsIFile** aLocalDir, nsIToolkitProfile** aProfile, bool* aDidCreate, - bool* aWasDefaultSelection, - ProfileStatus& aProfileStatus); + bool* aWasDefaultSelection); nsresult CreateResetProfile(nsIToolkitProfile** aNewProfile); nsresult ApplyResetProfile(nsIToolkitProfile* aOldProfile); void CompleteStartup(); - static ProfileStatus CheckProfileWriteAccess(nsIToolkitProfile* aProfile); - static ProfileStatus CheckProfileWriteAccess(nsIFile* aProfileDir); private: friend class nsToolkitProfile; ===================================== toolkit/torbutton/chrome/locale/en-US/torbutton.properties deleted ===================================== @@ -1,11 +0,0 @@ -# Copyright (c) 2022, The Tor Project, Inc. -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. - -# Profile/startup error messages. -# LOCALIZATION NOTE: %S is the application name. -profileProblemTitle=%S Profile Problem -profileReadOnly=You cannot run %S from a read-only file system. Please copy %S to another location before trying to use it. -profileReadOnlyMac=You cannot run %S from a read-only file system. Please copy %S to your Desktop or Applications folder before trying to use it. -profileAccessDenied=%S does not have permission to access the profile. Please adjust your file system permissions and try again. ===================================== toolkit/xre/ProfileReset.cpp ===================================== @@ -23,8 +23,8 @@ using namespace mozilla; -extern const XREAppData* gAppData; - +static const char kBrandProperties[] = + "chrome://branding/locale/brand.properties"; static const char kProfileProperties[] = "chrome://mozapps/locale/profile/profileSelection.properties"; @@ -49,12 +49,21 @@ nsresult ProfileResetCleanup(nsToolkitProfileService* aService, mozilla::components::StringBundle::Service(); if (!sbs) return NS_ERROR_FAILURE; + nsCOMPtr<nsIStringBundle> brandBundle; + Unused << sbs->CreateBundle(kBrandProperties, getter_AddRefs(brandBundle)); + if (!brandBundle) return NS_ERROR_FAILURE; + nsCOMPtr<nsIStringBundle> sb; Unused << sbs->CreateBundle(kProfileProperties, getter_AddRefs(sb)); if (!sb) return NS_ERROR_FAILURE; - NS_ConvertUTF8toUTF16 appName(gAppData->name); - AutoTArray<nsString, 2> params = {appName, appName}; + nsAutoString appName; + rv = brandBundle->GetStringFromName("brandShortName", appName); + if (NS_FAILED(rv)) return rv; + + AutoTArray<nsString, 2> params; + params.AppendElement(appName); + params.AppendElement(appName); nsAutoString resetBackupDirectoryName; ===================================== toolkit/xre/nsAppRunner.cpp ===================================== @@ -2599,91 +2599,8 @@ nsresult LaunchChild(bool aBlankCommandLine, bool aTryExec) { return NS_ERROR_LAUNCHED_CHILD_PROCESS; } -static nsresult GetOverrideStringBundleForLocale(nsIStringBundleService* aSBS, - const char* aTorbuttonURI, - const char* aLocale, - nsIStringBundle** aResult) { - NS_ENSURE_ARG(aSBS); - NS_ENSURE_ARG(aTorbuttonURI); - NS_ENSURE_ARG(aLocale); - NS_ENSURE_ARG(aResult); - - const char* kFormatStr = - "jar:%s!/chrome/torbutton/locale/%s/torbutton.properties"; - nsPrintfCString strBundleURL(kFormatStr, aTorbuttonURI, aLocale); - nsresult rv = aSBS->CreateBundle(strBundleURL.get(), aResult); - NS_ENSURE_SUCCESS(rv, rv); - - // To ensure that we have a valid string bundle, try to retrieve a string - // that we know exists. - nsAutoString val; - rv = (*aResult)->GetStringFromName("profileProblemTitle", val); - if (!NS_SUCCEEDED(rv)) *aResult = nullptr; // No good. Discard it. - - return rv; -} - -static void GetOverrideStringBundle(nsIStringBundleService* aSBS, - nsIStringBundle** aResult) { - if (!aSBS || !aResult) return; - - *aResult = nullptr; - - // Build Torbutton file URI string by starting from GREDir. - RefPtr<nsXREDirProvider> dirProvider = nsXREDirProvider::GetSingleton(); - if (!dirProvider) return; - - nsCOMPtr<nsIFile> greDir = dirProvider->GetGREDir(); - if (!greDir) return; - - // Create file URI, extract as string, and append omni.ja relative path. - nsCOMPtr<nsIURI> uri; - nsAutoCString uriString; - if (NS_FAILED(NS_NewFileURI(getter_AddRefs(uri), greDir)) || - NS_FAILED(uri->GetSpec(uriString))) { - return; - } - - uriString.Append("omni.ja"); - - nsAutoCString userAgentLocale; - if (!NS_SUCCEEDED( - Preferences::GetCString("intl.locale.requested", userAgentLocale))) { - return; - } - - nsresult rv = GetOverrideStringBundleForLocale( - aSBS, uriString.get(), userAgentLocale.get(), aResult); - if (NS_FAILED(rv)) { - // Try again using base locale, e.g., "en" vs. "en-US". - int16_t offset = userAgentLocale.FindChar('-', 1); - if (offset > 0) { - nsAutoCString shortLocale(Substring(userAgentLocale, 0, offset)); - rv = GetOverrideStringBundleForLocale(aSBS, uriString.get(), - shortLocale.get(), aResult); - } - } -} - -static nsresult GetFormattedString(nsIStringBundle* aOverrideBundle, - nsIStringBundle* aMainBundle, - const char* aName, - const nsTArray<nsString>& aParams, - nsAString& aResult) { - NS_ENSURE_ARG(aName); - - nsresult rv = NS_ERROR_FAILURE; - if (aOverrideBundle) { - rv = aOverrideBundle->FormatStringFromName(aName, aParams, aResult); - } - - // If string was not found in override bundle, use main (browser) bundle. - if (NS_FAILED(rv) && aMainBundle) - rv = aMainBundle->FormatStringFromName(aName, aParams, aResult); - - return rv; -} - +static const char kBrandProperties[] = + "chrome://branding/locale/brand.properties"; static const char kProfileProperties[] = "chrome://mozapps/locale/profile/profileSelection.properties"; @@ -2753,12 +2670,20 @@ static nsresult ProfileMissingDialog(nsINativeAppSupport* aNative) { mozilla::components::StringBundle::Service(); NS_ENSURE_TRUE(sbs, NS_ERROR_FAILURE); + nsCOMPtr<nsIStringBundle> brandBundle; + sbs->CreateBundle(kBrandProperties, getter_AddRefs(brandBundle)); + NS_ENSURE_TRUE_LOG(sbs, NS_ERROR_FAILURE); nsCOMPtr<nsIStringBundle> sb; sbs->CreateBundle(kProfileProperties, getter_AddRefs(sb)); NS_ENSURE_TRUE_LOG(sbs, NS_ERROR_FAILURE); - NS_ConvertUTF8toUTF16 appName(MOZ_APP_DISPLAYNAME); - AutoTArray<nsString, 2> params = {appName, appName}; + nsAutoString appName; + rv = brandBundle->GetStringFromName("brandShortName", appName); + NS_ENSURE_SUCCESS(rv, NS_ERROR_ABORT); + + AutoTArray<nsString, 2> params; + params.AppendElement(appName); + params.AppendElement(appName); // profileMissing nsAutoString missingMessage; @@ -2782,12 +2707,11 @@ static nsresult ProfileMissingDialog(nsINativeAppSupport* aNative) { // If aUnlocker is NULL, it is also OK for the following arguments to be NULL: // aProfileDir, aProfileLocalDir, aResult. -static ReturnAbortOnError ProfileErrorDialog(nsIFile* aProfileDir, - nsIFile* aProfileLocalDir, - ProfileStatus aStatus, - nsIProfileUnlocker* aUnlocker, - nsINativeAppSupport* aNative, - nsIProfileLock** aResult) { +static ReturnAbortOnError ProfileLockedDialog(nsIFile* aProfileDir, + nsIFile* aProfileLocalDir, + nsIProfileUnlocker* aUnlocker, + nsINativeAppSupport* aNative, + nsIProfileLock** aResult) { nsresult rv; if (aProfileDir) { @@ -2821,43 +2745,37 @@ static ReturnAbortOnError ProfileErrorDialog(nsIFile* aProfileDir, mozilla::components::StringBundle::Service(); NS_ENSURE_TRUE(sbs, NS_ERROR_FAILURE); + nsCOMPtr<nsIStringBundle> brandBundle; + sbs->CreateBundle(kBrandProperties, getter_AddRefs(brandBundle)); + NS_ENSURE_TRUE_LOG(sbs, NS_ERROR_FAILURE); nsCOMPtr<nsIStringBundle> sb; sbs->CreateBundle(kProfileProperties, getter_AddRefs(sb)); NS_ENSURE_TRUE_LOG(sbs, NS_ERROR_FAILURE); - nsCOMPtr<nsIStringBundle> overrideSB; - GetOverrideStringBundle(sbs, getter_AddRefs(overrideSB)); + nsAutoString appName; + rv = brandBundle->GetStringFromName("brandShortName", appName); + NS_ENSURE_SUCCESS(rv, NS_ERROR_ABORT); - NS_ConvertUTF8toUTF16 appName(MOZ_APP_DISPLAYNAME); - AutoTArray<nsString, 3> params = {appName, appName, appName}; + AutoTArray<nsString, 3> params; + params.AppendElement(appName); + params.AppendElement(appName); + params.AppendElement(appName); nsAutoString killMessage; #ifndef XP_MACOSX - static const char kRestartUnlocker[] = "restartMessageUnlocker"; - static const char kRestartNoUnlocker[] = "restartMessageNoUnlocker2"; - static const char kReadOnly[] = "profileReadOnly"; + rv = sb->FormatStringFromName( + aUnlocker ? "restartMessageUnlocker" : "restartMessageNoUnlocker2", + params, killMessage); #else - static const char kRestartUnlocker[] = "restartMessageUnlockerMac"; - static const char kRestartNoUnlocker[] = "restartMessageNoUnlockerMac"; - static const char kReadOnly[] = "profileReadOnlyMac"; -#endif - static const char kAccessDenied[] = "profileAccessDenied"; - - const char* errorKey = aUnlocker ? kRestartUnlocker : kRestartNoUnlocker; - if (PROFILE_STATUS_READ_ONLY == aStatus) - errorKey = kReadOnly; - else if (PROFILE_STATUS_ACCESS_DENIED == aStatus) - errorKey = kAccessDenied; - rv = GetFormattedString(overrideSB, sb, errorKey, params, killMessage); + rv = sb->FormatStringFromName( + aUnlocker ? "restartMessageUnlockerMac" : "restartMessageNoUnlockerMac", + params, killMessage); +#endif NS_ENSURE_SUCCESS(rv, NS_ERROR_FAILURE); - const char* titleKey = ((PROFILE_STATUS_READ_ONLY == aStatus) || - (PROFILE_STATUS_ACCESS_DENIED == aStatus)) - ? "profileProblemTitle" - : "restartTitle"; params.SetLength(1); nsAutoString killTitle; - rv = sb->FormatStringFromName(titleKey, params, killTitle); + rv = sb->FormatStringFromName("restartTitle", params, killTitle); NS_ENSURE_SUCCESS(rv, NS_ERROR_FAILURE); #ifdef MOZ_BACKGROUNDTASKS @@ -3028,24 +2946,6 @@ static ReturnAbortOnError ShowProfileManager( return LaunchChild(false, true); } -#ifdef XP_MACOSX -static ProfileStatus CheckTorBrowserDataWriteAccess() { - // Check whether we can write to the directory that will contain - // TorBrowser-Data. - RefPtr<nsXREDirProvider> singleton = nsXREDirProvider::GetSingleton(); - if (!singleton) { - return PROFILE_STATUS_OTHER_ERROR; - } - nsCOMPtr<nsIFile> tbDataDir; - nsresult rv = singleton->GetTorBrowserUserDataDir(getter_AddRefs(tbDataDir)); - NS_ENSURE_SUCCESS(rv, PROFILE_STATUS_OTHER_ERROR); - nsCOMPtr<nsIFile> tbDataDirParent; - rv = tbDataDir->GetParent(getter_AddRefs(tbDataDirParent)); - NS_ENSURE_SUCCESS(rv, PROFILE_STATUS_OTHER_ERROR); - return nsToolkitProfileService::CheckProfileWriteAccess(tbDataDirParent); -} -#endif - static bool gDoMigration = false; static bool gDoProfileReset = false; static nsCOMPtr<nsIToolkitProfile> gResetOldProfile; @@ -3053,13 +2953,6 @@ static nsCOMPtr<nsIToolkitProfile> gResetOldProfile; static nsresult LockProfile(nsINativeAppSupport* aNative, nsIFile* aRootDir, nsIFile* aLocalDir, nsIToolkitProfile* aProfile, nsIProfileLock** aResult) { - ProfileStatus status = - (aProfile ? nsToolkitProfileService::CheckProfileWriteAccess(aProfile) - : nsToolkitProfileService::CheckProfileWriteAccess(aRootDir)); - if (PROFILE_STATUS_OK != status) - return ProfileErrorDialog(aRootDir, aLocalDir, status, nullptr, aNative, - aResult); - // If you close Firefox and very quickly reopen it, the old Firefox may // still be closing down. Rather than immediately showing the // "Firefox is running but is not responding" message, we spend a few @@ -3086,8 +2979,7 @@ static nsresult LockProfile(nsINativeAppSupport* aNative, nsIFile* aRootDir, } while (TimeStamp::Now() - start < TimeDuration::FromSeconds(kLockRetrySeconds)); - return ProfileErrorDialog(aRootDir, aLocalDir, PROFILE_STATUS_IS_LOCKED, - unlocker, aNative, aResult); + return ProfileLockedDialog(aRootDir, aLocalDir, unlocker, aNative, aResult); } // Pick a profile. We need to end up with a profile root dir, local dir and @@ -3102,8 +2994,7 @@ static nsresult LockProfile(nsINativeAppSupport* aNative, nsIFile* aRootDir, static nsresult SelectProfile(nsToolkitProfileService* aProfileSvc, nsINativeAppSupport* aNative, nsIFile** aRootDir, nsIFile** aLocalDir, nsIToolkitProfile** aProfile, - bool* aWasDefaultSelection, - nsIProfileLock** aResult) { + bool* aWasDefaultSelection) { StartupTimeline::Record(StartupTimeline::SELECT_PROFILE); nsresult rv; @@ -3141,14 +3032,9 @@ static nsresult SelectProfile(nsToolkitProfileService* aProfileSvc, // Ask the profile manager to select the profile directories to use. bool didCreate = false; - ProfileStatus profileStatus = PROFILE_STATUS_OK; - rv = aProfileSvc->SelectStartupProfile( - &gArgc, gArgv, gDoProfileReset, aRootDir, aLocalDir, aProfile, &didCreate, - aWasDefaultSelection, profileStatus); - if (PROFILE_STATUS_OK != profileStatus) { - return ProfileErrorDialog(*aRootDir, *aLocalDir, profileStatus, nullptr, - aNative, aResult); - } + rv = aProfileSvc->SelectStartupProfile(&gArgc, gArgv, gDoProfileReset, + aRootDir, aLocalDir, aProfile, + &didCreate, aWasDefaultSelection); if (rv == NS_ERROR_SHOW_PROFILE_MANAGER) { return ShowProfileManager(aProfileSvc, aNative); @@ -5062,19 +4948,6 @@ int XREMain::XRE_mainStartup(bool* aExitFlag) { mProfileSvc = NS_GetToolkitProfileService(); if (!mProfileSvc) { -#ifdef XP_MACOSX - // NS_NewToolkitProfileService() returns a generic NS_ERROR_FAILURE error - // if creation of the TorBrowser-Data directory fails due to access denied - // or because of a read-only disk volume. Do an extra check here to detect - // these errors so we can display an informative error message. - ProfileStatus status = CheckTorBrowserDataWriteAccess(); - if ((PROFILE_STATUS_ACCESS_DENIED == status) || - (PROFILE_STATUS_READ_ONLY == status)) { - ProfileErrorDialog(nullptr, nullptr, status, nullptr, mNativeApp, - nullptr); - return 1; - } -#endif // We failed to choose or create profile - notify user and quit ProfileMissingDialog(mNativeApp); return 1; @@ -5084,7 +4957,7 @@ int XREMain::XRE_mainStartup(bool* aExitFlag) { nsCOMPtr<nsIToolkitProfile> profile; rv = SelectProfile(mProfileSvc, mNativeApp, getter_AddRefs(mProfD), getter_AddRefs(mProfLD), getter_AddRefs(profile), - &wasDefaultSelection, getter_AddRefs(mProfileLock)); + &wasDefaultSelection); if (rv == NS_ERROR_LAUNCHED_CHILD_PROCESS || rv == NS_ERROR_ABORT) { *aExitFlag = true; return 0; View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/464b5a… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/464b5a… You're receiving this email because of your account on gitlab.torproject.org.

1 0